* Posts by tiggity

2185 posts • joined 2 Oct 2015

Don't pay the ransom, mate. Don't even fix a price, say Australia's cyber security bods

tiggity Silver badge

Re: I agree with every word

"Any government that kicks its medical infrastructure to the curb and lets everyone's gran die isn't going to last long" .. er, the current crowd in the UK are doing just that and still have lots of supporters

Cops called to Singapore golf club after 'wrongdoers' use scripts to book popular timeslots

tiggity Silver badge

Re: Autofill

Indeed, most browsers have autofill (or addins that will do the job). Some forms I use a lot take me seconds to complete as it's all tab & autofill

QR-code based contact-tracing app brings 'defining moment' for UK’s 'world beating' test and trace system

tiggity Silver badge

QR code can fuck off

Too easy to hijack - print your own malicious QR code (e.g. to a site with adult content) & stick it over the legit QR code. More maliciously coudl send you to a website full of phone attacks to try and pown your phone.

Not a fan of QR codes as could take you to any website, you have no way of knowing, which is inherently risky.

Happily for me, I visit proper, independent pubs, where cash is king (my COVID precautions are taking lots of change so I can pay for drinks in exact coinage so no risk of handling contaminated received change - as a bonus, most pubs with beer gardens no need to enter, they send someone out to get your order). Not been in a pub with app use, but then I don't do spoons or other chains.

.. and obviously, the big security hole that is Bluetooth is disabled on my phone

Drone firm DJI promises 'local data mode' to fend off US government's mooted ban

tiggity Silver badge

State Aid

US govt claims to hate State Aid, but look at the cash spent on "military funding" and the the whole military industrial complex that developed - its essentially a back door way to pump vast amounts of cash into US companies.

They don't like DJI drones as they massively outperform any US equivalents on cost, so "security issues" are always a convenient excuse (a bit like TikTok attack, yes it sucked lots of data back to China,main concern was how quickly it had gained popularity & user numbers as US competitors such as FB, Instagram etc. suck lots of data back to the US - disclosure, I use none of them obviously)

Unexpected risks of using Apple ID: 'Sign in with Apple' will be blocked for Epic Games

tiggity Silver badge

Bad decision

Let Epic & Apple have their legal battles as much as they like.

Revoking the Apple related login at ludicrously short notice is bad for customers.

It mistakenly assumes

People check their emails almost daily.

People are in a position to check emails daily (e.g. someone on holiday, no access to their PC, shit reception so cannot get emails on their mobile)

Everyone will regard the "IMPORTANT" screaming email as legit and not some dodgy fishing attempt.

The Epic / Apple spat, should not be shafting customers - which this potentially can. Lets hope Epic put something in place so people who cannot change login method in time do not lose access (else I see legal action from customers flying toward Epic)

Disclosure - not an Apple user, not played an Epic game for probably a decade, so no skin in this game, just peeved that paying customers treated like irrelevant collateral damage by a big company

tiggity Silver badge
Happy

Re: Users will lose the ability to log into an Epic Games account via "Sign in with Apple"

.. this is (primarily) an IT related news site.

I go elsewhere for my 4 horsemen of the apocalypse style news

Bork, Beer and Breweries: Three of our favourite things

tiggity Silver badge

Sad omission

No mention in Tennents history summary of the Lager Lovelies.

Sexism at its finest / worst.

Scotsman story about it

Ireland unfriends Facebook: Oh Zucky Boy, the pipes, the pipes are closing…from glen to US, and through the EU-side

tiggity Silver badge

Re: About time too

That assumes you socialise with people on FB ....

None of my close friends on FB.

I know people who are, difficult to avoid knowing some FB users with high levels of FB usage around, but the FB users are more distant friends who do not know minutiae of my life (none of the FB users even know where I live as people I only meet meet socially, outside the home) - and with COVID restrictions the FB users know nothing about what I have been doing the last few months as been unable to meet with them).

Adobe Illustrator's open source rival Inkscape delivers v1.0.1 - with experimental Scribus PDF export

tiggity Silver badge

Re: Shooting themselves in the foot to save their hand

I upvoted that

However mimicking the market leader is not always good.

e.g. I use an open source competitor to Word, one of the things I like is that it does not have the ribbon and a generally far more easier to use menu system.

e.g. I used to use Firefox as my sole browser, but FireFox then decided to mimic chrome, remove / hide away a lot of useful functionality & essentially became a chrome clone. My usage reduced accordingly, the more chrome like it got, the less reason I had to use it instead of a chromium based browser. These days I use Opera more than FireFox (as better UI IMHO, and some useful features that I use quite often (e.g. changing image handling) easier to access than in FireFox)

Tech ambitions said to lie at heart of Britain’s bonkers crash-and-burn Brexit plan

tiggity Silver badge

I guess you disagree with his politics.....

At least Corbyn had compassion, honesty, integrity & a whole set of other attributes lacking in Johnson.

Try assessing politicians on what they actually say and do, not how the media presents them.

Full Disclosure - not a labour party member / aligned to Labour in any way (I vote Green as care about long term future, even though I won't be here to see it, not that my vote matters as live in an area which heavily votes Conservative) - but as someone not aligned to a "major" party, he came across as by far the most decent leader out of those on offer in England.

Apple to Epic: Sue me? No, sue you, pal!

tiggity Silver badge

Re: Monopolistic behaviour

Bear in mind apps can be "free", and then have lots of in app purchases (so devs such as Epic make cash)

If Apple took no commission on in app purchases they would get no income from "free" apps.

Everyone would make their apps free with in app purchases that went solely to the devs.

Not sure how much apple charge a dev a year (I have made android apps but not Apple ones), but assuming the 100 fee mentioned is correct, that's nothing to a big dev like Epic (especially when you think how many apps that covers, essentially huge loss for Apple on verifying every Epic app is "safe")

From my view as having done "one man band app development" (albeit Android) on occasion, google play store allowed me to distribute stuff, make money, if I did not use that then purchasers would have been very unlikely to find my app by other means

Australia starts second fight with Google, this time over whether app stores leak data, gouge devs, steal ideas and warp markets

tiggity Silver badge

Re: Depends on developer

At least you can sideload easily (alter a few security settings from typical defaults and good to go at your own risk) in Android, really not easy on an Apple device though, where vast majority forced to use Apple store only.

tiggity Silver badge

Depends on developer

If you are a small dev then app stores great as removes the heavy lifting of app distribution, update, marketing (to some extent) & payment (easy for e.g. a one man band to make a nasty error on payments if going it alone, having Apple or Google deal with financial stuff gives peace of mind).

If you are a big hitter like Epic, then its a PITA, as you have the experience and numbers to deal with distribution, payments etc.

No "scanning apps for nasties" will be foolproof (as always an ongoing arms race vs malware deployers), but the efforts Apple & Google make is better than nothing (in the same way that running anti virus software on a PC is generally is better than no anti virus) and will at least catch non cutting edge malware.

As a user I have found useful apps (that I would be unaware of otherwise) both by searching on app store, and also by app store recommendations.

So, trustworthy (to some degree) app stores are (IMHO) good for user and small dev but bad for major software houses (hence Epics legal shenanigans)

.. thus, like many things in life, its complicated & depends on viewpoint

Brexit border-line issues: Would you want to still be 'testing' software designed to stop Kent becoming a massive lorry park come 31 December?

tiggity Silver badge

Indeed

Will be nightmare for exporters

In theory a disaster for imports too, unless UK gov basically tell customers to ignore paperwork and let stuff in .. but importers will still need enough paperwork to get out of the continental Europe ports, so depends how helpful EU states are (and they have no incentive to be helpful)

tiggity Silver badge

Stockpile your popcorn

.. and whatever else you may want

Place your bets that there will be some hassles & it will all end in tears

When classes are online, how do you get out of school? Florida teen cuffed, charged after crashing cyber-lessons

tiggity Silver badge

Dismal system safeguards

No way a system should be susceptible to LOIC in this decade, its been around years & mitigations well known.

It's one of the (many, commonly used by malicious actors ) tools you should use to test your own internet facing systems to ensure they can deal with common attack techniques.

Google Chrome 85 to block ads that hog power, CPUs, network: Web ads giant will black-hole 0.3% of web ads

tiggity Silver badge

Farcical

Definition of heavy use - should be far, far lower.

Additionally, we are all aware of sites that are more ads than content, lots of small ads soon build up in terms of resources used so useless at addressing those scenarios.

What rhymes with 'boom' and is veritably raking it in thanks to the coronavirus pandemic?

tiggity Silver badge

Teams

Find it odd article was bigging up Teams. It uses up a mass of CPU just doing chat and voice calls, as well as using lots of bandwidth even when nothing is happening (far more than a reasonable person would expect from just background checking if any new messages etc).

HAte to imagine what happens with Teams on video (fortunately not had to do video on Teams).

Plenty of people I know have been forced onto Teams with COVID and absolutely hate it

In the frame with the Great MS Bakeoff: Microsoft sets out plans for Windows windows

tiggity Silver badge

Plus MS have a habit of creating new shiny and then scrapping it e.g. once upon a time it was all Silverlight is the next big thing ... look how that turned out.

A lot of people will stick with basic Win32 just because there's a good chance it will keep getting supported for a long time and is happy to run on any old windows..

Funny, that: Handy script for wiping directories is capable of wreaking havoc beyond a miscreant's wildest dreams

tiggity Silver badge

Re: My contribution ...

Proper off site backup strategies ....Which always depends on those in charges agreeing to it instead of saying too expensive....

What's 2 + 2? Personal info, sniffs Twitter: Anti-doxxing AI goes off the rails, bans tweets with numbers in them

tiggity Silver badge

they do not care

Until financial penalties get applied for an account being erroneously silenced, teh likes of twatter, FB etc. have no incentive to have accurate AI algorithms. False silencing costs them very little so they do not care.

Southern Water customers could view others' personal data by tweaking URL parameters

tiggity Silver badge

Legal action?

***** for even considering such a thing against a customer for doing that.

Given they were spaffing peoples personal data around (hello GDPR) if someone hand edited a URL

Frankly, whenever a URL has the look of having an ID in there somewhere, its essentially your duty to try "magic ID" variants of the URL just to make sure there are no data leaks - as if you can access someone elses data via URL tweaking then someone can access yours.

'My wife tried to order some clothes tonight. When she logged in, she was in someone else's account ... Now someone's charged her card'

tiggity Silver badge

Cache at your peril

Seen (and read about) caching go wrong so often.

Obv it can give a big performance improvement, but needs great care on how its setup (depending how your website(s) work) and an awful lot of proper multi user testing on a test system before doing it live.

Adobe yanks freebie Creative Cloud offer – now universities and colleges have to put up or shut up

tiggity Silver badge

Re: Good

Stumbling block to unis dropping adobe is that teaching staff will need to learn the alternative product, develop new teaching materials etc.

That takes time (and in most unis that's something the staff at the coalface don't have anymore - concept of staff development time / personal research has died at most unis (unless its something taht can be published as a paper to get uni a bit of citation rep))

The truth is, honest people need willpower to cheat, while cheaters need it to be honest

tiggity Silver badge

Re: I don't think they were measuring "honesty"

"Imagine a friend sends you a link to a website where you can illegally stream recently released movies for free. Would you decide to stream the movie which you otherwise would have paid for? "

A fine example of flawed assumptions. I watch movies on free to air TV or on an online subscription streaming service (only use 1 service, dislike fragmentation of the market (that encourages piracy), not going to subscribe to multiple services to cover all films I might want to see as too expensive, so just make do with 1 service ), years since I went to cinema / purchased blu-ray or DVD.

If something was not available via those would typically not see it, so the whole "which you otherwise would have paid for? " thing is a fallacy as it would be a straight question of would you like to see if you like this movie by watching it illegally?

tiggity Silver badge

Beat me to it - a bad example

Also lots of honest people will be against tax evasion, but less so about music "piracy" - given the frequently obscene prices charged for music then, unless you have lots of free cash, try before you buy makes sense - be it "piracy", listening on youtube or whatever

Relying on plain-text email is a 'barrier to entry' for kernel development, says Linux Foundation board member

tiggity Silver badge

Wish I could upvote more.

Be it opensource or working for a company, you have to fit in with processes in use.

Usually (not always, but there are in this case) there are reasons why particular methods are used.

As was implied above, plain text email as lowest common denominator available to just about any OS / hardware, works on dismal connectivity,plain text body is not a potential malware vector (unlike HTML mail) etc, etc.

The Viking Snowden: Denmark spy chief 'relieved of duty' after whistleblower reveals illegal snooping on citizens

tiggity Silver badge

" how do you protect the country if you cant spy and monitor everyone?"

How about by actually using intelligence?

You do not need to spy on / monitor the majority of people

Just that once the capability to do that arrives then the security services (of many countries) just cant resist doing it.

Plus priorities - e.g. in UK, historically huge amounts of resources wasted on (often ultra peaceful quakers) members of CAAT (campaign against the arms trade) who at worst cause a bit of inconvenience e.g. chain themselves to a fighter plane or whatever.

Meanwhile, after many terrorist attacks in the UK its so often mentioned that "the perpetrator was known to the security services" - great lot of good them being "known" did, its the people intent on murder you need to throw resources at, not peaceful protesters whos agenda you happen to hate (be it anti war, pro environment, anti fox hunting, whatever - FFS even throw lots of resources at the worthy but mostly harmless XR folk)

If you think Mozilla pushed a broken Firefox Android build, good news: It didn't. Bad news: It's working as intended

tiggity Silver badge

mobile following the desktop version

They kept messing with UI (for the worse), removing functionality & generally breaking stuff in desktop version so lots of users were driven away

Looks like they are following same model for android now

A bridge too far: Passengers on Sydney's new ferries would get 'their heads knocked off' on upper deck, say politicos

tiggity Silver badge

Re: Procedures don't work

That needs the obligatory HMHB track

https://www.youtube.com/watch?v=IofpJzYTwrI

(Tour Jacket with Detachable Sleeves)

This'll upset the Apple cart: 1,200 iOS apps downloaded 300 million times a month include 'ad fraud' code

tiggity Silver badge

Re: How did this slip through?

By the sounds of it the app makers took huge efforts to make it look legit by changing its behaviour when debugging tools etc used (see article)

App vetting will never be foolproof - its always a bit of an arms race.

.

Disclosure - not an iPhone user, not an apple famboi, just noting that security / app vetting is difficult

Pass that Brit guy with the right-hand drive: UK looking into legalising automated lane-keeping systems by 2021

tiggity Silver badge

contraflows

Will be fun if car trying to follow lane markings and driver inattentive

.. and lets face it, what would a UK motorway journey be without lots of contraflows

tiggity Silver badge

Re: re: Is this the final triumph of the middle lane hogger ?

To be fair speedos misread (and over estimate speed) so driver could think they were doing 50 not 45

Mine over estimates by approx 7 MPH at motorway speeds - based on comparing speed via GPS calculation vs speedo and so I typically if in a 50 camera zone, will be doing > 50 on speedo, but < 50 on GPS as not fully trusting GPS to the exact MPH

Plus if you dont have cruise control you tend to err on the slower side

Outage: Faulty UPS at data centre housing London Internet Exchange causes grief for ISPs and telcos alike

tiggity Silver badge

Re: Talk talk

Talk Talk business was down for lots of customers

Dido 'Queen of Carnage' Harding to lead UK's Institute for Health Protection because Test and Trace went so well

tiggity Silver badge

Talk Talk carrying on Dido tradition

Total loss of service for a lot of Talk Talk business (not residential) customers today, been going on for about 8 hours so far

Farewell to notches and hole-punches? ZTE expected to announce mobe with under-display camera next month

tiggity Silver badge

I would be happy with a no selfie phone

Rear camera can be useful on occasion in those times when you don't have a camera but need to record something

But if you're not in the selfie obsessed demographic then front camera not needed.

Wonder if there's any stats on how many people actually make regular, widespread use of selfie cameras

Australian regulator slams Google ‘misinformation’ in pay-for-news-fight

tiggity Silver badge

Charging is fine

Google can make commercial decision to make the data available (or not)

Trying to enforce Google make it available (and therefore pay) by legislation seems dubious.

I know Google market share is so large that its essentially a monopoly on web search, but I would guess less so on news as lots of people get news in other ways than search engines be it social media, news aggregators, RSS feeds, TV, radio, dead tree papers, direct visits to particular special interest news sites (e.g this Reg visit) etc.

Here in the UK, there are various new sources I avoid e.g. Daily Mail (I don't like their unabashed racism, nor its sidebar of shame that seems very misogynist though given its one of the most popular "news" websites plenty of others don't care) &I would be distinctly unhappy if similar legislation was introduced here so that the mail got cash from search companies.

tiggity Silver badge

Re: Nope

I don't use the "local" press websites because

a) Staff cuts, very little really local coverage (more just covering the general far larger region, with really "local" news a tiny percentage)

b) websites are an abomination of ads and unusable (unless various ad / script blockers used) - so either I avoid them with shields down or to make a visit bearable they get no cash as everything ad related blocked as I go in shields up

Don't bother much with dead tree version of local paper these days for reason A above

Norfolk's second-greatest cultural export set for return with 3-metre monument in honour of the Turkey Twizzler

tiggity Silver badge

Re: Mr Oliver not so tasty

@MrMerrymaker

TBF some pastes are OKish (e.g. Pataks)

Making your own can be expensive.

I used to live in a big city with easy walking access to a few Asian supermarkets, could get large amounts of ingredients cheap (and plenty of stuff fresh, always liked having fresh methi leaf as an option as very different to using the dried seeds)

When I moved to the sticks, the prices in shops for small amounts of ingredients was eye wateringly expensive (and a far more limited choice) so I do now "cheat" and use small amounts of paste as a base sauce ingredient (as well as adding other stuff) just to save a bit of cash & because it has flavour undertones of stuff I cannot get locally (e.g. tamarind)

.. Yes I know I should really look at sourcing decent sized amounts at a good price dried ingredients online so no need to say it!

Epic Games gets itself epically banned, launches epic Fortnite death match with Apple over App Store's epic 30% cut

tiggity Silver badge

All about the money

The app stores (Apple & Google) are useful for app creators as handles all the visibility / install / update side of things

For small creators, the payment system is great - you don't have to roll your own (with all the risk of something going wrong such as "cash" thefts) and if anything goes horribly wrong on payments Apple / Google sort out refunds etc as its system under their control. In return they take a hefty chunk, but you don't have cash handling risks

If you are a massive company like Epic then you have resources to do your own bulletproof payment system - so, unlike small creators, it's really a pain how much of your cash they skim off as you don't need that "safety net" of cash handling that is great for a lone dev... So, the likes of Epic really do not want Apple / Google taking such a big cut as they dont need the safety net of Apple / Google acting as financial handling safety net.

UK Home Office dishes out contracts to 999 control room vendors after wasting cash on network tech it abandoned

tiggity Silver badge

Re: Why is it the same suspects everytime

Indeed

Once worked for a small company that bid for gov project.

The software met the spec (and was in use by many customers as was a thing sold "off the shelf" and configurable for any particular specific customer requirements (obv not going into details as would make it identifiable)

Reason they were given for not getting contract was company too small and quite too low!

None of the other bidders had a working product either - ours was the only non vapourware product, and we had even done a demo based on existing a sample of gov data they had provided into our system so had proven everything worked.

Also wort h noting company I worked for did not offer any brown envelopes, days out at big sports events, future non exec role in the company etc. i.e. company ensured no possible whiff of inducement, bribe (which, in my jaundiced view, probably did not help)

Firefox maker Mozilla axes a quarter of its workforce, blames coronavirus, vows to 'develop new revenue streams'

tiggity Silver badge

That's what you get for trying to be a google clone

I used to have FF as my main browser.

UI changes that always made things worse (for me) and getting rid of functionality that used to be easy to do from main menu options (so I had to use plugins or tweak about config settings) irritated me, but I put up with it

That stopped when they moved to the chrome style plugins - (yes, I know various security / performance arguments for it) but a lot of the plugins I used a lot e.g. FireFTP needed low level functionality and could not really be retooled to work with new plugin model.

So I no longer had convenience of doing lots of things from browser, instead had to use separate apps and so lost main reason to bother with FF 100% of the time as no advantages.

Still use FF, but not exclusively.

UK data watchdog having a hard time making GDPR fines stick: Marriott scores another extension, BA prepares to pay 11% of £183m penalty threat

tiggity Silver badge

Re: Falling on sword time?

She has a CBE already - the cynic in me wonders if that may be linked to lack of going after companies.

The cynic in me also believes that if someone has accepted an honour then their partiality must be deemed suspect in such roles as they have fully succumbed to establishment assimilation.

'We stopped ransomware' boasts Blackbaud CEO. And by 'stopped' he means 'got insurance to pay off crooks'

tiggity Silver badge

Re: "Subset"?!

indeed

subset sounds quite weasel wordy in their usage

In the market for a second-hand phone? Check it's still supported by the vendor – almost a third sold are not

tiggity Silver badge

Re: Not supporting updates?

Indeed,

Once did an emergency purchase of a new cheapo android (existing phone expired) on holiday in UK so from a phone shop.

The phone never received any updates (this was a ZTE, and cannot recall its android version but it was a few behind "current" at the time).

Not an issue for me as when back home ordered a "proper" phone & emergency phone just used for calls & texts to family while on holiday so any security issues would not do much harm.

I'm sure this was not an isolated case, probably lots of "new" stuff in shops that's quite old and been gathering dust and is out of support (or manufacturers CBA to support)

AI assistants work perfectly in the UK – unless you're from Cardiff, Glasgow, Liverpool, Birmingham, Belfast...

tiggity Silver badge

Yet another reason

To not use them

Just in case the privacy issues were not sufficient

If you own one of these 45 Netgear devices, replace it: Kit maker won't patch vulnerable gear despite live proof-of-concept code

tiggity Silver badge

Re: EU directive 1999/44/EC

Indeed, most home consumers would expect to use a router until it breaks, you do not expect them to be short lifespan products.

Sueball locked, loaded and pointed at LinkedIn over iOS privacy naughtiness

tiggity Silver badge

iif clipboard read allowed without user OK

.. then people will use it

I thought a big selling point of the Apple walled garden was that it is locked dowm & apps are prevented from doing naughty stuff without user OK?

.. Not an Apple user, but its my perception of what I would expect if I purchased one - sacrificing some freedom / control for better security (hopefully!!)

Keep it Together, Microsoft: New mode for vid-chat app Teams reminds everyone why Zoom rules the roost

tiggity Silver badge

Energy

Together mode supports presenters who need to ‘read the room’ or get energy from attendees.”

get energy from attendees - was it designed by Colin Robinson?

Another anti-immigrant rant goes viral in America – and this time it's by a British, er, immigrant tech CEO

tiggity Silver badge

Re: adults pass it down to the children

I'm a UK citizen over 30 & can remember golly on jam but totally confused by your racist anatomy term reference

I can think of some religiously loaded terms (e.g. grace of god tendon for biceps brachii tendon as its just behind the big arm blood vessel often used for giving injections or taking blood - its a big hard tendon and it stops a clumsy needle wielder poking the needle deep into the arm when they misjudge the force required (typical learner error))

Maybe the term you describe is just one that's not used much in areas I have lived as plenty of slang quite localised.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020