Posts by sitta_europea

"NSO Group told European lawmakers this week that "under 50" customers use its notorious Pegasus spyware...

In additional, NSO is investigating "over 20" customers that are allegedly misusing the software."

So... the customers are all misusing it?

"... Companies and individuals spent at least $43.3 billion between June 2016 and December 2022..."

Er...

I usually tell suppliers that if they want to use Yodel I'll buy it from someone else.

I sort of understand requests per second.

I sort of understand terabits per second.

I have no idea how to compare one with the other in the context of this report.

Please help.

It's the same when I tell Microsoft about criminals that are abusing their services.

They just ignore me.

I suppose that's why they're currently listed by Spamhaus as (and I guess I paraphrase here a bit, but not much) the second most criminal friendly ISP on the planet:

https://www.spamhaus.org/statistics/networks/

Remote mount?

When customers' PCs get compromised I get replies to email messages that I sent five years ago.

They're pretty easy to spot.

[quote]

Shane Huntley, director of Google's Threat Analysis Group (TAG), said ...

[/quote]

We just analyse. We don't actually do anything about it.

How else would you be getting Google emails from the United Nations and the World Bank, days after you've reported them to us?

https://www.spamhaus.org/sbl/listings/google.com

Single sign-on. I wonder if anybody's calculated how many billions of losses it's caused?

Is it the remnants of my covid-19 infection or did other people have trouble making sense of this article?

Really?

"Interpol: Policing model needs to change with cybercrime"

Have they only just worked that out?

If I get an email that even smells like it's from a bank I report it as a scam.

"Please note as well that in 2021, we acquired a level 1 PCI DSS (Payment Card Industry Data Security Standard) certification, the highest level, in terms of banking details."

I suppose this tells you most of what you need to know about the Payment Card Industry Data Security Standard.

"... (or 0.002 Little Boys)"

Please don't do that.

Time was when nobody would have called anything "GPT" because in French it means "I have farted".

This secret spy-chip stuff is pretty scary but it takes a lot of people to make a secret spy-chip, and a lot of people to build it into a system, and a lot of people to actually build and deploy code to use the things, and a lot of people who actually spend their working lives looking for it not to notice the unusual traffic.

If there was really a problem, then by now I'd have expected to see [b]somebody[/b] say in the Register's comments on the stories to have said "Yeah, I did this and that for them." or "I saw that, then, in these."

I've installed a lot of Supermicro systems, and I've seen a lot of unusual traffic sending keystrokes to China. But all of that traffic has been easily attributable to compromised Windows boxes - which are much easier to communicate with, and, I dare say, more numerous and accessible than any secret spy-chip. Plus you don't have to compromise any harware, all you have to do is wait until the MD starts the WiFi connection wizard on his new laptop.

Colour me unpersuaded until we see some real evidence.

You have accountants to thank for all this.

A long time ago I had extended correspondence with my MP and the Minister responsible for Trade and Industry about the problems I faced from Phoenixing.

For some years I was suing about one company per week for non-payment of bills issued by my small (partnership) business and I thought that this ought to be stopped - the directors of these fly-by-night companies never had the personal liability that I, as a partner in a firm, had for business debts.

The Minister was clear in his arguments that there was nothing wrong with the existing legal system and nothing needed to be done about it.

He might have had a point, because a year or two later he was sent to prison.

This sounds familiar.

[quote]

Employees who worked with company assets were told in 2000 that Jeff Skilling believed that business assets were an outdated means of company worth, and instead he wanted to build a company based on "intellectual assets".

[/quote]

In case you can't be bothered, the company in question was called 'Enron'.

Mass * Temperature => thrust.

Chemical processes => tens of thousands of degrees K at best.

Nuclear processes => tens of millions of degrees K minimum.

Kinda obvious what to do when you look at it like that.

"....Even getting a crewed spacecraft to the JWST's final location would be a challenge in itself."

If it were my money, I'd have be getting the first of those missions ready for some years now. And not with NASA.

Dear Joe,

You're talking to Big Businesses about security?

All you'll get from that bunch of shysters is what their accountants tell them to tell you will make them more money.

Mostly that will involve selling more and more toys and bandwidth to more an more punters who haven't a clue what they're doing.

That will mean more and more attacks bounced off more and more compromised installations. Think of it as the Kessler effect on the Internet.

For what all will agree are obvious reasons everyone's safety we don't let people fly - nor even drive - without a licence, and very probably insurance too.

If you want safety on the Internet, then at a minimum you need to introduce an Internet Licence.

You heard it here first.

The claim that this is one of the fastest asteroids yet discovered seems unsubstantiated, although the period of its orbit around the sun is indeed short.

By my calculations its average speed around the path of its orbit is in the region of 31km/s - about the same as that of the earth - and well short of that of many bodies in the solar system. Mercury for example clocks in at 48km/s, and sun-grazing comets can reach over 500km/s at perihelion.

Relative to the cosmic microwave background, the solar system toddles along at a sedate 600km/s.

"The bug finder said they had no luck in getting Razer's attention when trying to report these flaws, and after they put a zero-day exploit for the Powershell hole on Twitter, the manufacturer got in touch..."

About par for the course.

When did you stop beating your wife?

Been writing stuff in C since the late 1970s.

Never used calloc().

Any chance of a list of the affected product?

Thanks!

Until I read this article I didn't even know what version I was using. I probably use grep at least a hundred times a day but I'm still only on versions 2.27 (Debian Buster) to 3.3 (Raspbian).

People still use Exchange Server?

I'd be terrified if I thought there was even the slightest suspicion that I'd stolen that amount of money from that many criminals.

And I thought electric windows was a silly idea....

Well we can upgrade the running kernel without rebooting now.

All we need is to be able to downbrade it afterwards.

If it's still running...

It's taking us long enough to get a handle on where TCP breaks - or can be broken - and we're still working it.

I don't believe that throwing another lump of scented soap into the bathwater will help this baby at all.

I'll be very suprprised if the fine is paid.

More likely all that will happen is that another insolvency will be posted at Companies House, and another company will start up with the same assets. Again.

You mean, like, Windows?

Isn't Biden a Democrat?