* Posts by greenwood-IT

47 publicly visible posts • joined 25 May 2016

Microsoft likens MFA to 1960s seatbelts, buckles admins in yet keeps eject button


Please think of the techies

Everyone agrees that MFA is great for security.

However, spare a thought for the tech who often ends up with a buggered PC and needs to access the users system. Either the device is taken to a remote workshop or it's accessed remotely - but how do you then enter your clients fingerprint or text received on their phone? It may be more secure, but IT Support will suffer.

Batterygate bound for Blighty as UK court approves billion-dollar Apple compensation case


Re: make it hurt

Any fine needs to hurt the shareholders. Then the board of the company would listen, and consider the impact of their decisions before trying to screw over the customers.

How 'AI watermarking' system pushed by Microsoft and Adobe will and won't work


So, if I create a deep fake porn image of a politician, I need to register that fake (with the CR) on the Adobe Cloud. Then when I share it online, obviously with the metadata removed, it can be detected. That sounds like it's going to work, and I can't think of any way around that :-(

Also, if I grab a copy of an old photo of the Mona Lisa and upload it to the Adobe Cloud today, will that mark ALL global copies of the Mona Lisa as dodgy copies?

This is going to be so much fun.

Airport chaos as eGates down for the count across UK


Who are these people?

20 years ago, a small team developed software to deploy, upgrade and manage 2,000 servers, 50,000 PCs and 8,000 CAS machines. We upgraded every end point almost monthly and overnight.

Who is this company that's paid millions to upgrade 300 machines on a weekday between 9-5? Who manages this project, do they have any previous experience?

I'm 20 years out of date, but could probably still do a better job from my laptop sat in bed!

Vodafone claims first space-based 5G phone call – no modifications needed


5G why do we need it?

So satellites can pick up my 5G mobile signal in space... I'm just so glad I'm not paranoid. Although it does beg the question as to why my 5G signal is non existent at home, maybe I need to stand on the roof to get a bit closer?

UK government hands CityFibre £318M for rural broadband builds


Another "project"..

"Project gigabit" another project that will just die off before completion.

What happened to the "Universal Service Obligation", I still have clients stuck way below that threshold but ISPs are ignoring it.

What happened to 4G, I have clients who can't get it, and now are being told 3G is being turned off with no plans for 5G in the area.

Roll out within 12 months from a standing start - no chance. Trooli and giganet have been messing in my postcode for 3 years and it's still not fully available or working!

75% of that "investment" will go on paperwork anyway.

Microsoft Windows edges closer to SMB security signing fully required by default


Re: This will be exciting

I've yet to find any rented office printers that support anything other than SMB1.

SCAN TO FOLDER is going to require a small XP box in the corner - gotta love these security improvements.


c) additionally revenue for the extra cores they suggest as a solution.

Your code is slow and inefficient - solution, buy a faster machine. :-(

Online Safety Bill age checks? We won't do 'em, says Wikipedia


I should be a politition

How about we delay the age verification bill for a few years?

By that time, the children we're trying to protect will have grown up and be over 18. Problem solved :-)

Why are we removing responsibility from the parents? Supervision, discussion and Parental Control software does actually work. In comparison, look at the eScooter rental situation with children under 18 driving in the streets - how is the age verification via driving license working there?

Criminal records office yanks web portal offline amid 'cyber security incident'


Thoughts and Prayers

Rather than extract the data, it would be far more "fun" to add details to past Prime Ministers records :-) It's not always what you can take, but sometimes what you can give back to society :-)

Samsung reportedly leaked its own secrets through ChatGPT


The Reg has asked Samsung to confirm the details of this story

"The Reg has asked Samsung to confirm the details of this story, but had not received a response at the time of writing."

Come on guys, why not just ask ChatGPT what secrets it knows about Samsung?

OpenAI CEO warns that GPT-4 could be misused for nefarious purposes


Re: AI will create new jobs for artists and novel ways of producing music

I'd like to ask him how many musicians received any money from the event in question? They already got rid of the DJ.

Alert: Crims hijack these DrayTek routers to attack biz


I cancelled a Trooli fibre installation a couple of months ago as they insisted that they deploy and manage an obsolete 3900. I wonder what they are going to do now...

If your going to insist on only allowing the use of supplier kit, surely you'd provide something that's supported :-(

'Thousands' at Meta face layoffs this week


Re: I'm smarter...

How many of those "thousands" are actually fake employee accounts?

I bet most of them have the same staff ID card with a topless Russian woman on a motorbike as their photo - it's a FB thing.

UK tax authority nudges net 'influencers': You may owe us for those OnlyFans feet pics


Good news..

I keep being told by "influencers" that it's a "real job", so I'm guessing that if the government accepts it as a real job, and they pay taxes, then they may be right :-)

Interesting point about the $1,000 (?) from online activities, I'll have to check my Google and Amazon clickbait payments :-o

Cops chase Tesla driver 'dozing' with Autopilot on


So did the Tesla successfully evade Police?

Am I missing something? Why would a police car not just get in front of the Tesla and slow down? Surely the Tesla would see the slow moving traffic in front and stop (I really hope it would!), or did it mount the pavement and drive through the tables and chairs on the sidewalk like they do in so many American films?

I'm guessing California will now demand an SMS gateway so they can text Tesla a vehicle registration number and ZIP code, and have the vehicle self drive to the police pound :-)

Guess the most common password. Hint: We just told you


Re: What!?

If you are going to write it down, please add a date next to it or cross out the old ones. I must spend hours a week waiting for clients to flip through password books shouting out different passwords for the one login I need. Although I must admit, I enjoy trying to identify the pattern :-)

I had one client who's email address was something like xT5-4GHj!@bigemail.com and the password was Mable - I'm sure they were confused when they set it up!

Here's how 5 mobile banking apps put 300,000 users' digital fingerprints at risk


Same old same ild

This comes down to the old issue of logging into a system as "Administrator" rather than a restricted user. We all know it's wrong, but it makes coding, testing and support soooo much easier.

Everyone is rushing their development, and we know security & testing only ever finds problems and causes delays :-(

Keyless cars, what a great idea - security will be in version 2.

Philippines orders fraud probe after paying MacBook prices for slow Celeron laptops



Maybe it included a years Office 365 and McAfee for free :-)

Tweaks to IPv4 could free up 'hundreds of millions of addresses'


Re: first Vs last


Well I've stuck with a setup we developed for a 50,000 PC deployment with over 2000 sites. The router goes at .200 with clients on DHCP below, and "important stuff" on the higher numbers above. It does mean the first PC on site is .1, so names and IP addresses can match if you really want :-)

Chat soon.

Voyager 1 space probe producing ‘anomalous telemetry data’


Re: I'm smarter...

Ping -w 151200000

If voyger1 a .com, .space or .extraspace TLD?

AMD reveals an Epyc 50 flaws – 23 of them rated high severity. Intel has 25 bugs, too


Having these security bugs also means the kit will have a shorter life span. Who wants to run a processor with known security bugs, best to just replace it with a new one every 3-5 years. Everlasting lightbulb anyone?

Schools email marketing company told us to go away when we told them of exposed database creds, say infoseccers


Good luck with that argument..

"we do not hold any confidential information on any of our servers"

I understood name, email, job description, company and password were classed as personal and confidential. I'm pretty sure I can't just publish my list of contacts from my database on a web page - which is what they have basically done! ICO, do your job.

G7 countries outgun UK in worldwide broadband speed test


What about the other 15%...

Who comes up with this stuff?

So the target is to get "high speed" to 85% of the population. That means those who live in cities or already have decent infrastructure will get even fast broadband, while those 10million who live on the end of a bit of wet string in the country will be left behind, forgotten and ignored.

I bet the "Tax break" is targeted at new technology, ie, subsidised 5G or FTTP, rather than providing a reliable 50Mbps to home & business users via DSL or a strong 3G/4G signal.

Anyone seen the UK plans for how to run 6 office phones off of a 0.25Mbps ADSL link in 2025 when there's no mobile coverage in the area?

Thanks UK planners and Government regulations.

Remember the bloke who was told by Zen Internet to contact his MP about crap service? Yeah, it's still not fixed


"Please" leave us without a penalty..


It definitely sounds like an OpenReach issue - so you can see why ZEN want this guy to leave ASAP. Any future ISP will have the same issue, so he'd be far better staying with ZEN and insisting that based on the contract that he's been paying, THEY need to get it sorted.

I've had problems with BT recently (not naming the product), and after months of zero support, I started "abusing" every one of their adverts on Facebook - all done very politely by just pointing out how bad they were. Within a month of my campaign, I'd got a call from someone high up who asked "if I'd had problems?" :-) He's not put me in direct touch with someone technical who actually understands the product - almost a happy ending - it's still not working correctly, but they guy I'm talking too actually understands the problem and appears to be kicking arse and getting some progress.

This article, and a lot of public exposure of the issue will do more good than writing to your MP - in fact, despite my local MP having broadband and a website, he doesn't "do" email? :-( (he does do email, but only for his friends - not for his constituents!).

Chat soon.

Airline software super-bug: Flight loads miscalculated because women using 'Miss' were treated as children


Primary concern, really?

"The health and safety of our customers and crew is always our primary concern," a TUI spokesperson said.

Clearly their primary concern was getting cheaper software developed offshore and not fully testing it.

Out "thoughts and prayers" are with the non-UK developers and shareholders.

US national parks to be smothered under blanket of liquid-hot Magma. Yes, the open-source 5G software



Has anyone asked "why" you need 5G in the Forest? From my physics memory, wouldn't 4G provide more coverage with fewer masts, and also be cheaper?

Unless the touted benefit of being able to do virtual brain surgery over mobile relates to a specific surgeon planning a camping weekend?


Re: "vendor agnostic and free from lock-in"

There's also a lot of benefit in actually "owning" a version of the software on your system.

Looking at cloud based software, or software that auto updates when it feels like it can cause more problems than it fixes. A lot of the "managed" platforms get updated with features many clients don't actually want, most businesses also hate the way the software they use, updates outside their control thus causing support and training issues.

I had one medical client who was unable to print legally required labels from their 12 label printers across 3 sites last month - all because they had "auto update" turned on as their "security policy" requires them to install "official updates within 14 days". Look at the Android issues last month as another example of lack of control and how it impacts YOUR business.

You can have Microsoft Office for £7/month or a one off fee of £70 - what are you paying for? Most users already have Email and Cloud Storage, so why pay monthly? Nobody rents their TV, Video or Fridge any more do they?

Partial beer print horror as Microsoft's printer bug fix, er, doesn't



Well we have a legal requirement to print labels when we prescribe meds - and a dozen Dymo label printers all started missing life threatening details over the weekend.

The "patch" also included un-fixes for DNS and FTP, which also broke this week after the reboot.

Whoever wrote the security policy that said manufacturer released security fixes need to be applied within 14 days clearly never worked with Microsoft :-(

Baroness Dido Harding lifts the lid on the NHS's manual contact tracing performance: 'We contact them up to 10 times over a 36-hour period'


Damn numbers and facts.

Don't get me started on "r" numbers (I believe r is a short for RAND() as it's somewhere between 0 and 1)

Knowing that one person has reported positive, then surely knowing how many contacts they have had and how many of those became infected, would be a very accurate way of calculating a more accurate r value? It seems so bloody obvious compared with the current dozen committees who vote on a random number that they then seem to average before saying it's somewhere between 0.5 and 0.999 but less than 1.

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript


Re: I'm smarter...


Years ago (before ZIP, ARJ and LZW), I wrote a compression utility that would compress any data down to a single byte. Unfortunately I never managed to complete a working decompression method though. Maybe I should resurrect that code now - anyone got a working Vic-20 I can borrow?

WTF is Boeing on? Not just customer databases lying around on the web. 787 jetliner code, too, security bugs and all


Re: One Network to Rule Them All

So just having one maintenance system to monitor & manage all 3 networks? That there is exactly the problem, one system plugged into everything - that would be the target. Would it be so expensive and inconvenient to have a separate maintenance system for the public network?

More nodding dogs green-light terrible UK.gov pr0n age verification plans


Who you gonna trust

So the porn sites will now have to "subscribe" or "register" with a central body to verify visitor ages. The porn sites will also presumably have to invest in securing their site to handle this personal data, as well as comply with GDPR (will they have to keep a copy of the personal details?). I'm guessing this will just push the porn sites off of UK soil and beyond UK Government control.

"Free Porn" - site verified dirty by UK Government and clean by McAfee

I wonder if there will be a page on gov.uk with links to approved porn sites? That would seriously help with SEO :-)

London Gatwick Airport reopens but drone chaos perps still not found


Spare Drone Dome?

I do hope that that Drone Dome is a spare and hasn't been removed from it's job of protecting our military. I'd hate to think we are putting our servicemen and women at risk just so kids and see Santa in Lapland this Christmas.

A few reasons why cops didn't immediately shoot down London Gatwick airport drone menace



I seem to remember something about Nimrods tracking cars from dozens of miles away. Surely 30 years on a simple helicopter up high can track the drone to it's landing site? How about thermal imaging looking upwards? These things use a lot of power and need to be recharged regularly... by returning to the owner. The drone may well be streaming live video back to the pilot, listening in to that broadcast may give you clues as to where it's coming and going from. There seems to be a total lack of facts, photos and information on this. The police saying "we're confident we have it under control" when they seem to have done nothing doesn't boost confidence.

Suunto settles scary scuba screwup for $50m: 'Faulty' dive computer hardware and software put explorers in peril


Why run out of air?

Why would someone run out of air? Surely as part of your dive plan, you will have considered how much air you need, and arranged to take enough?

If I was planning a no-stop 30m dive, say 18mins, I know a 12l cylinder will be enough - if I'm 18mins into that dive and my gauge still shows a full cylinder, I wouldn't just stay there for another 18mins!!!! This person died due to blindly trusting the artificial brain rather that their own. What happened to the buddy in this situation? If this person ran out of air much quicker than the buddy, then perhaps they should not have been diving to 30m or have had a larger cylinder.

Anyway, seeing as they sell the same models globally, what are Suunto doing for the UK divers?

Marriott's Starwood hotels mega-hack: Half a BILLION guests' deets exposed over 4 years


It's ok...

It's ok, the hackers got the "communication preferences" data - I selected the "no email" option.

World's oldest URL – fragments 73,000 years old – discovered in cave


Who did that?


If they ever find out who did that "art", please let me know. Some toss pot did the same pattern on my car door last month and it can't be a coincidence :-( I'm in Hampshire.

Top Euro court: No, you can't steal images from other websites (too bad a school had to be sued to confirm this little fact)


Actually I've got almost exactly the same photo taken years ago, does that mean this photographer is "passing off" by copying my creative works? Total nightmare for "generic" images like this :-(

You know that silly fear about Alexa recording everything and leaking it online? It just happened


Registered Business Address is now private?


Love it, you have to turn on "Parental Control" to get privacy! How the world changes, I used to lie about being over 18 to see nude pictures, now I have to lie about being under 13 to get some privacy! :-)

Consent, datasets and avoiding a visit from the information commissioner


Records for removal requests

Seeing as one of the rules relates to data loss, what's the position in verifying and retaining records of removal requests?

If I have someones email address on a mailing list and they phone up and ask to be removed, do I need to request a written requests and a copy of their ID to verify this is in fact the correct person making the request? How long do I need to retain a copy of their driving license? What if they then request removal of the removal request????

Oh joy!

IBM bans all removable storage, for all staff, everywhere


Easy options

You're missing the easy answers;

1) If IBM engineers aren't allowed to use USB sticks, then they can just outsource the maintenance to a 3rd party who do use USB sticks - ie, me! :-)

2) They can always revert to CD's for installations and upgrades, most servers do still have CD drives.

3) They are going to ban laptops, cameras, wifi, email and internet access next, that will really help improve security :-)

Chat soon.

TSB's middleware nightmare: Execs grilled on Total Sh*tshow at Bank


Customers at fault?

Yep, ALL of my projects work perfectly and as intended... if you remove the middleware and stop those damn pesky customers from accessing it :-o

Nominet drains mug of tea, leans back, calmly explains how to make Whois GDPR-compliant


Registered Business Address is now private?

Physical shops and businesses legally have to provide a "registered address" on their websites and paperwork, so what;s the problem with having a registered address on a business domain registration - and making that publicly visible too?

If the registration is non-business, then keep the personal details secure - if it's a business, then make the information available to all for free.

As an IT businesses I regularly have to use WhoIS to try and locate who is controlling a domain name registered years beforehand. Last month I had to track down a guy who'd sold his business, which had then changed hands again, but he had forgotten to transfer the domain - this only came to light a week before renewal. Without access to the WhoIS information in this case, the businesses could have lost the domain name and had to re-brand.

Eight months after Equifax megahack, some Brits are only just being notified


GDPR Deadline...

Equifax better get a move on - if my notification of the hack arrives after May 25th I'll be up for 2% of their global revenue won't I? :-)

Black Horse Down: Lloyds Banking Group goes TITSUP*


Logically I'm more interested in the common link between these banks - they all have outages at the same time???

Are they all outsorced to the same partner, are they all in the same data centre, do they all run the same codebase? Perhaps even someone has attached the UK banking industry?

As many say, we will never get to hear the truth - it would make someone high up look bad and ruin their future earning potential (in an ideal/dream world).

In the 80s when I asked why senior managers had IBM PCs and lower grades had Zenith I was told "nobody ever got sacked for buying an IBM" - I'm guessing this rule still applies for cloud based services.

Hate Windows 10? Microsoft's given you 'Insider' powers anyway


Still biased...

It seems the Feedback App only works on Windows 10 - so anyone who's had a failed upgrade or has had to revert will be denied the ability to offer constructive criticism! :-)