* Posts by HieronymusBloggs

408 publicly visible posts • joined 27 Oct 2015


Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are – oh no, wait, it's Cisco again


Re: Keys

"Why won't you provide a reference about the 13th Century Chinese rockets?"

I assumed you knew how to use Google. My apologies.



Re: Keys

"I don't recall the Chinese sending rockets in space or landing on the Moon in the 13th Century, but maybe I missed it. Do you have a reference?"

"So the Nazis got their rockets from the 13th Century Chinese?"

At it again ST? Carry on.


Re: Keys

"fucking gave you the computer and rockets and jet engines"

The Chinese are generally regarded as the ones who fucking gave the world rockets, back in the 13th century.

(Not to mention that much of modern rocketry is based on the work of former Nazis).

Yet another UK.gov figure joins Amazon Web Services payroll


"never worked in cyber security at all in his entire career and is then Deputy Director of Cyber security at DCMS?"

This being government, that makes him eminently qualified for the job.

May Day! PM sacks UK Defence Secretary Gavin Williamson for Huawei 5G green-light 'leak'


Re: It wasn't him it was

"prefer mammallian something like Snowy"

Like Adolf's bring-to-work pet Blondi?

Oh dear. Secret Huawei enterprise router snoop 'backdoor' was Telnet service, sighs Vodafone


Re: "We all want to see hard proof—" No, we don't.

"Sez the AC guy who resorts to ad-hominem attacks by calling me a belligerent jerk"

AC here. I didn't call you a belligerent jerk, I said you communicate like one.



"That is the most insecure protocol in the history of insecure protocols."

Is that you, Donald?

Insane in the domain: Sea Turtle hackers pwn DNS orgs to dash web surfers on the rocks of phishing pages


Sea Turtles

"tricking employees into opening spear-phishing emails laden with malware"

Did they use shell code?

How'd your servers get that baby-smooth look? Dutch and Brit cool kids dunk Supermicro systems in synthetic oil



"The company uses mineral oil, which is much cheaper than proprietary dielectrics"

My computers use the cheapest dielectric of all (air) for cooling.

Brit founder of Windows leaks website BuildFeed, infosec bod spared jail over Microsoft hack


Hard time

"The two should be serving 15 to 20 in hard time prison."

Absolutely. It's not like they did something trivial, like shooting up a school. </sarcasm>

Ethiopian Airlines boss confirms suspect flight software was in use as Boeing 737 Max crashed


Re: This is beginning to look like the 'Volkswagen effect'

"Here in the UK...."

I was with you for the first part of your post, but you blew it when you made a UBC (Unsolicited Brexit Comment).

Spyware sneaks into 'million-ish' Asus PCs via poisoned software updates, says Kaspersky


Re: @Jack

"Did you try repainting it ? This offers increased protection since most of the computers are grey, silver or black."

I'm sure those targetted by this are now kicking themselves for leaving their computers the standard colour.

MAC addresses are potentially traceable, in case you didn't know.

Geiger counters are so last summer. Lasers can detect radioactive material too, y'know


Re: Wait, what?

"An electron is already charged and you can't increase its charge."

You're just being negative.

Brekkie TV host Lorraine Kelly wins IR35 ruling against HMRC, adds fuel to freelance techies' ire over tax reforms



"fuck off with your avoidance isn't evasion bullshit before you start"

So how long have you been working for HMRC?

PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted


Re: "basically operated by one volunteer in charge of a small team of volunteers"

"OpenBSD has the infamous Theo who lords it over his small team of trusted coders ? Or Linus on Linux ?"

"unless you speak fluent C++ (with a security specialisation to boot), you're still trusting "someone else" to deliver secure and reliable code"

My C++ reading skills aren't what I'd call fluent, but that doesn't stop me reading OpenBSD or Linux source code when I have to. Did you mean C?

Holy sh*tsnacks! Danger zone! Edinburgh Uni's Archer 2 super 'puter will cost a cool £79m


"He seems to have made a statement that MPs should compromise of Brexit that lead the Beeb at least to get so excited they more or less ignored anything else he said."



Shame on you, Doctor. :-)

Radio gaga: Techies fear EU directive to stop RF device tinkering will do more harm than good


Re: Gonna ask what may be a stoopid question here...

"Least effort for most effect would be banning all those shitty leaky powerline networking adaptors."

Upvote and beer.


Re: Industry Lobby

"Why would the industry lobby care? "

Because selling bug infested crap that can't be fixed, but needs continual replacement, makes them more money?


Re: What's the problem....

"My point is that we actually have reached the point where insecure devices can cause harm and destruction and we need to start thinking about that because there are billions of them out there."

Exactly. Allowing consumers to replace crap firmware is a way of dealing with that. Preventing them allows the problem to continue.

Liz Warren: I'll smash up Amazon, Google, and Facebook – if you elect me to the White House


Re: Good plan

"The young and hip moved on from FB to SC ions ago."

Do you have a particle of evidence for that?

Biker sues Google Fiber: I broke my leg, borked my ankle in trench dug to lay ad giant's pipe


Re: I did about 10 years on bikes.

"And never broke a leg"

40+ years here, legs (and other parts) still intact.


Re: 5mph!

"Any trials bike with a skilled rider."

Upvote for mentioning Mr Lampkin, but I did say "general purpose bike" :-)


Re: 5mph!

"almost textbook how not to design a general purpose bike"

Ok, you don't like Harleys. Can you recommend a general purpose bike which stays fully controllable when the front wheel drops into a ditch in the dark?

WannaCry-hero Hutchins' trial date set, Microsoft readies Google's Spectre V2 fix for Windows 10, Coinhive axed, and more


Re: We the Rabbits ...

"Seems there's something in the Constitution (the 6th Amendment) about the right to a speedy trial."

Only for US citizens.

UK's beloved RNGesus machine ERNIE goes quantum in 5th iteration


Re: Removing bias

"I still can't see why it is better than a noisy Zener diode, or a neon discharge tube"

Both of which could also be described as quantum tech.

Why are there never free power sockets when my Y-fronts need charging?


Re: International plugs

"I look forward to the day That Box emerges from the Large Stash Of Boxes."

In my experience this will not occur until at least the next time you move.


Bitcoin vs gold

"Whilst Bitcoin eats electricity, using gold instead has people digging mines"

The difference is that mining gold is usually profitable, but mining Bitcoins is only profitable if you steal someone else's electricity or live next to a hydro-electric power station.

Customer: We fancy changing a 25-year-old installation. C'mon, it's just one extra valve... Only wafer thin...


Re: Line editor without echo...

"If it had Vi then the command would have been 24 <space> d not 24 spaces then d."



Re: Line editor without echo...

"VIM is actually the chosen one"

Vim? Newfangled, fancy nonsense.

Linus Torvalds pulls pin, tosses in grenade: x86 won, forget about Arm in server CPUs, says Linux kernel supremo


Re: well done

"Er. I think you got the wrong wikipedia entry."

Or the wrong kind of mushrooms.

Amid polar vortex... Honeywell gets frosty reception after remote smart thermostat tech freezes up for a week


Re: IOT=Crap

"It is perfectly possible to have all these conveniences, to control your lights by voice or from a smartphone app, and all the other things, without the need to use the internet or someone else's server."

Upvote and pint.


Re: IOT=Crap

"we have IoT-based (not actually WiFi) lightbulbs and with appropriate rules set up they're damn useful for turning the lights on automatically as someone arrives home."

Why do you need the internet just to turn on the lights from outside your house?

Romford Station, smile! You're in London cops' final facial recog 'trial'


Re: so many concerns - about what?

"I'm not in London, I'm in THE US."

Which police department or 3-letter agency?

The D in SystemD stands for Danger, Will Robinson! Defanged exploit code for security holes now out in the wild


Re: The upside of open source

"is that you can put your money where your mouth is and write your own drop in replacement."

The real upside is that I don't have to write a drop in replacement and can simply revert to sysvinit, or use one of several other sanely designed init systems.

You like JavaScript! You really like it! Scripting lingo tops dev survey of programming languages


Re: It will not last ...

"Java may be on top of the heap today but it will be gone in five years."

The popularity of modern JVM based languages like Scala suggests you are wrong.


Not dead yet

"I can remember when FORTRAN and COBOL were the top languages"

The Fortran 2018 (ISO/IEC 1539-1:2018) standard was released a couple of months ago.

Many of the currently used maths libraries (eg. lapack) are still written in Fortran.

Is your kid looking at GCSE in computer science? It's exam-only from 2022 – Ofqual


Re: pffft, does it matter any more?

"Borland "Turbo" pascal on an RM Nimbus 80286@10Mhz (the three "fast" machines in the lab)"

Lab? Luxury! We had to work in a small shoebox in the middle of t'road!


Old skool

"Or you get a lecturer like we had in Uxbridge College in the 90s that knew all the old skool stuff but not the new. So was teaching us obsolete shit."

How much fundamental computer science is actually obsolete (as opposed to superficial stuff like the latest programming fad)? Much of it was formulated well before the 90s and is still relevant.

Nationwide UK court IT failure farce 'not the result of a cyber attack' – Justice Ministry


Re: wtf does not "freeing prisoners unlawfully" mean ?

"Ah, the last resort of the idiot wiht no valid response"

Well, you have to admit that someone casting aspersions on the "dumbness" of others in a post employing such badly mangled English has some amusement value.


Re: No local option

"Even though PCs have become really powerful"

They've always had the power to arrest people.


Re: wtf does not "freeing prisoners unlawfully" mean ?

"The defendant does not become a prisoner until convicted."

That's not strictly true. A suspect may be held in prison on remand while awaiting a trial. In serious cases this can be for months. The present debacle could cause a trial to be rescheduled, meaning further time spent in prison by a potentially innocent person.

Having AI assistants ruling our future lives? That's so sad. Alexa play Despacito


Re: F@$% the creapy stalker tech

"Exactly. If you don't like it, don't use it. Where is the problem?"

Having to avoid speaking when visiting relatives or friends who own one of these is quite irritating (as is listening to someone bellowing instructions at the device).

'It's like they took a rug and covered it up': Flight booking web app used by scores of airlines still vuln to attack – claim


What's the problem?

Only those highly skilled hackers who can read HTML source code will be able to exploit this.

Great, you've moved your website or app to HTTPS. How do you test it? Here's a tool to make local TLS certs painless


Re: But why is it so complicated?

"I just know they work, somehow, and make everything secure."

They don't make everything secure. They just make things a bit more secure than not having them. If you're going through a company proxy or public access point equipped with MITM software (eg. Bluecoat) the security is broken. This seems to get swept under the carpet in the current "HTTPS everywhere" craze. HTTPS is good, but don't be lulled into a false sense of security.


Re: Lol arcane knowledge of memory management

"As the tools get better"

Those tools don't write themselves.


Re: Lol arcane knowledge of memory management

"Nobody ever taught memory management to anyone."

You appear to be suffering from faulty memory management.

Ticketmaster tells customer it's not at fault for site's Magecart malware pwnage


Re: Java f'in script !

"the idea that client-side javascript is some form of easy way of doing exactly the same as server side javascript is ridiculous."

I'd say the idea of using server side javascript is ridiculous. If you're doing server side processing you'd presumably use a better language (because you can, unlike in a web browser).

Bloodhound SSC reaches the end of the road for want of £25m


Re: Waste

"Nothing new would be invented or learned."

By you, perhaps.

STIBP, collaborate and listen: Linus floats Linux kernel that 'fixes' Intel CPUs' Spectre slowdown


Re: He should hug off and mind his own business

"Somebody or something is attracted towards programming interfaces."

Interfaceophile? Show me your STDIN.