* Posts by Lion

56 publicly visible posts • joined 1 Jul 2016


Scotiabank slammed for 'muppet-grade security' after internal source code and credentials spill onto open internet


A security breach, even when tens of millions have been exposed to possible exploitation, seems to not move the shock meter a single click any more. The known damage and the potential damage is treated as a mere notification. We have been numbed of our senses.

Canadians think highly of their banks, so I am not expecting front page headlines giving Scotiabank the WTF treatment or a run on the bank by its business clients and private account holders. The corporate suits are counting on this and they will spew out the usual PR to cover it. This complacency, if not checked now, will end in a world of hurt for the bank's customers. If the leaked data has been collected, it will be appraised and sold to miscreants, i.e. organised crime and rogue states. The grim reality is that the bank will probably escape with a small fine by the regulators. They can also keep lawsuits in the courts for decades. They accept responsibility for causing the leak, but they are never held absolutely accountable.

Microsoft breaks out checkbook, turns Hungarian 'bribe' charge into a mere 'settlement'


Criminal record

If an individual commits a criminal act and is found guilty or pleads guilty, they get punished and are slapped with a criminal record. If the offense was a repeat offense and/or there was more than one entity significantly harmed, the punishment is usually severe. As Microsoft did offend more than one entity, got caught and later admitted guilt, the fine (one can not send a company to prison) should have taken a sizable chunk out of their bottom line.

The question I'd like an answer to ... does Microsoft, the company now have a criminal record?

Memo to Microsoft: Windows 10 is broken, and the fixes can't wait

Thumb Down

now look what YOU made me do

Microsoft has now responded to the criticism. The have just announced the Security Update Validation Program. Unfortunately it will not be an in-house QA group that will be testing the software. It will be a corporate insiders program made up of volunteers approved by Microsoft representatives.

Microsoft is assuming that there is going to be a surge of volunteers (unpaid talent) from the IT community. The enterprise has a Jan 14, 2020 deadline looming so resources are tied up doing the migration from W7 to W10, adjusting to cloud services and managing financial processing. They also have to maintain their in house applications.

Microsoft likes to have its cake and eat it too, so they have taken a poor decision and turned it into an opportunity. Shift the responsibility to those who benefit the most from a stable environment. It is also apparent that they are counting on not being held accountable if the corporate insiders do not report all their findings. If there are borks in the future, it's your fault.

Microsoft Surface to die in 2019? Not while Redmond keeps making it, er, blush


Pigs are pink (er blush). Inside every blush pig is a hog (W10).

Actual control of Windows 10 updates (with a catch)... and more from Microsoft


Lowest of the low

The questions asked the MS employees and their responses on work/pay satisfaction ( re: CNBC link in the article) has only one question that references dealing with customers. It had the lowest of the lowest scores.

The question: Processes and procedures allow me to effectively meet my customers' needs .

The 47% and 49% (2015, 2016 respectively) is abysmal. However, it looks as though the company stepped up in 2017-2018 and things improved, however if is still only a few percentage points over 50%. .New technology and associated services can not be fully embraced unless MS resolves conflicts and creates meaningful protocols. The Cloud and AI business is a competitive space, so they had better, or their customers will get their needs met elsewhere.

What could Facebook possibly do next to reassure privacy fears? Yup – make a dating app


Alike rather than Like

I suppose if the FB members just date each other (and marry each other), FB can then be called a cult - if it is not already. They'll all start dressing alike.

Microsoft patches patch for Meltdown bug patch: Windows 7, Server 2008 rushed an emergency fix


The cheque is in the mail.

I hope that Swedish researcher gets a nice big fat bug bounty payout from Microsoft. Six figures would be appropriate. They will be super cheap bastards if they send anything less.

No apology from Microsoft though.

Today, Nadella rearranged the deck chairs and threw an executive overboard. He said he did a great job keeping Windows safe. His replacement will keep up the good work.

Patch LOSE-day: Microsoft secures servers of the world. By disconnecting them


It is like spitting into the wind

I thought those optional monthly previews are intended for those with a test environment to do a trial run on the upcoming monthly cumulative patches before the important and checked one gets sent out by windows update. Is it not being utilized for that?

Non-enterprise users are very unlikely to have test systems, so sending monthly previews to them is a temptation that they could do without.

Windows update set to automatically install is like spitting into the wind.

Windows Update is integral to WaaS.; this model is the future of Windows.

- The corporate vision, based on spitting into the wind.

Hate to ruin your day, but... Boffins cook up fresh Meltdown, Spectre CPU design flaw exploits



'Intel, the chipmaker most affected by these flaws, incidentally just announced an extension of its bug bounty program – just through the end of 2018 – covering side-channel vulnerabilities, with awards of up to $250,000.'...

That is an indication that they are aware that the current firmware fixes are deficient. It also tells me that their subsequent products will continue to be vulnerable if they do not redesign the chips. Intel have only released firmware fixes for Sky Lake and Kaby Lake systems and their remaining product line (all of it) is still being evaluated. A stopgap perhaps.

I certainly get the impression that everyone is being manipulated by Intel. Did they release their updates merely to console their strategic partners who have been left holding the bag? Also, Intel boldly announced that their product line will be free of meltown and spectre vulnerabilities by the end of 2018. That appears more hubris than fact.

If Intel is not being ethical in their response, they should be punished for it. Some big Cloud Providers have already suffered performance hits from Intel fixes and that could get even worse if more are required. Damage, large or small from potential exploits, will be the litmus test. The enterprise leases and the consumer buys their computing products, so there is a lot at stake. Trust is paramount.

BTW, Intel made 'The 2018 World’s Most Ethical Companies' chart, released by Ethisphere. To determine if a company is worth including on the list, Ethisphere calculates what is called an Ethics Quotient, which is an objective score that assesses each firm’s performance in five different categories, as it follows: ethics and compliance program (35 percent), corporate citizenship and responsibility (20 percent), culture of ethics (20 percent), governance (15 percent), and leadership, innovation and reputation (10 percent). Intel is in good company as Microsoft made the list as well.

No, Windows 10 hasn’t beaten Windows 7’s market share. Not for sure, anyway


Far from reality

Neither Netmarketshare or Statcounter can produce reliable or accurate results. The world wide usage numbers are dubious for several reasons. Stat companies have limited reach and at times they have no access in some countries, they can not access intranet usage, offline systems and they do not scan all networks . It is far from reality. Apple, Linux, Microsoft and Google Android do not issue market share statistics. OEMs release sales info (by device).

Microsoft has a website; developer.microsoft (apps and data trends) that releases stats based on user telemetry data. Interestingly, they have not released a report for the period, Feb 2017-2018. When Microsoft sponsor a convention or have a shareholders meeting, they reference the number of devices with an OS on board (includes everything from refrigerators to Xbox to desktops and systems on shelves not yet sold). Big numbers impress fanboys.

As consumers we know about product life cycles. We know that upgrading is 'advised' for support reasons. It is not as if the client/user is driving the demand. The manufacturers control both the availability of the hardware and software and it is usually predictable as to what is going to happen. There are occasional blips that shift time lines or upset expectations, These being mass freebie offerings, products that do not inspire or products that are later discovered to have major design faults.

Market share percentages do not represent satisfaction or dissatisfaction, it merely represents a product in use. I can love or hate the OS my employer provides me with. The vast number of OSs installed/used are in enterprises and governments. I think that is around 80% for Microsoft OSs.

In America, tech support conmen get a mild slap. In Blighty, scammers get the book thrown at them


Greed is baked in

These scumbags are predators. As with all predators they choose victims that are not their equal in strength. In other words, they want to come out of any and all encounters, unscathed and the winner. Scamming fits the profile. Their motivation is greed.

Fines are not deterrents. They are a mere financial setback. When a court sets the fine at a certain amount (probably representing what was stolen) and that can be negotiated down to a pittance, the criminal sees that as a one time increase to the cost of doing business. Profits are in the millions and most of it is hidden away in shell companies in tax free havens.

II prefer tagging the grunts.and jail time for the bosses. The tag needs to be worn around the neck, not on the ankle and 5 years jail time for every million stolen. I am not a proponent of hanging, flogging or electric chairs. Prison is hell for bottom feeders..

I firmly believe that a greedy person is never rehabilitated. Greed is baked in.

Leaky credit report biz face massive fines if US senators get their way


Lawmakers fail

As this law is focused primarily on the credit bureaus and the way they create consumer databases and sell services based on that data, the bill should have addressed the cost that gets passed onto the victims when a breach occurs. Fines do not pay the victims a red cent. The costs can be in the thousands.

Currently if the consumer has their data stolen, they are left with dealing with the consequences. Offering a 'free service' from the same company that lost the data in the first place, does not address the fact that harm has already been done and the costs that the individual must endure to clean up the mess. Also a victim has to prove that they have been harmed by the breach itself. Legal fees are not cheap.

I can see a need to impose a fine on the company for a data breach and that should cover the government's investigation and administration costs with an ongoing fund for legal costs. That will effect the company's bottom line, but it will be specific to the situation. As far as punishment and deterrents for he company's leadership, the lawmakers should have introduced a felony charge that can be associated with this type of corporate indifference. The execs will need to deal with the prospect of having a criminal record and possible jail time. That will influence their behavior, attitude and vigilance.

If the investigation determines harm has occurred, then the company is then responsible for covering the victim's financial costs. The company can not use their own service offerings for this.

The bill that these 2 Senators have produced is ridiculous. It is obvious that a court challenge would render it absurd. The company would be absolved of the fines and and the wrong doers would walk away unscathed.

Meltdown, Spectre bug patch slowdown gets real – and what you can do about it


Buying a refurbished PC anyone? There are going to be thousands of business grade PCs being replaced over the next two years due to the enterprise migration to W10. . Whereas in the past it has always been a nice place to scoop up a nice system for a decent price, the Meltdown and Spectre vulnerability is going to render these systems (especially those Intel and more than 5 years old), as 'toxic waste'.

It gets worse: Microsoft’s Spectre-fixer wrecks some AMD PCs


piggy piggy piggy

I read that a BIOS update is required to address the Spectre vulnerability. It can not be fixed in the OS.

Microsoft recommends the customer call their manufacturer for the BIOS update. Do pigs fly?

The Intel CEO should go to jail for what he knew and when he knew it. AND for selling a huge percentage of his Intel shares after he learned that the shit was about to hit the fan. Do pigs fly?

AMD and AMD customers should get a public apology from Microsoft for sending the meltdown patch to systems that did not require it. A full page ad in every newspaper (print and online). Do pigs fly?

Class action lawsuits filed on this matter should primarily benefit those computer owners who have systems that are more than 5 years old ($500 per system), not the lawyers. Flying Piggies LLP ?

Paradise Papers were not an inside job, says leaky offshore law firm


A Taxing decision

Paradise - A sunny place for shady people.

Who owns the decision to investigate the leaks from this hack and do something about it? Obviously the media has decided to wade through the information and expose any suspicious activity, but that will not be enough - been there, done that with the Panama Papers. The decision can only come from a government with titanium balls. The offshore tax account holder needs to hear that the tax man cometh this time with the equivalent of a Tsar Bomba in hand.

America's 2020 Census systems are a $15bn cyber-security tire fire


A much cheaper solution

A good deal of the information they need on the citizenry is available from Facebook, Google and Amazon. There is also Equifax that not only gathers all financial info, but also SSN and employment salaries on all adults still breathing or dead. If these data mining entities refuse to send the data to census bureau, hack them. There is an agency for that.

If all else fails, the dark web has all the info they need for a small fee.

Security pros' advice to consumers: 'We dunno, try 152 things'


Adviser and target group mismatch

An InfoSec Professional is required to develop breadth and depth throughout the information security domain, e.g. in physical security, business continuity and legal matters. They are best suited at advising sysadmins and business suits on the dangers of inadequate security procedures.

Non-tech savvy users are often frighten to make changes and rely on automated processes to keep their devices 'secure'. Advising them to change a default setting or run image backups is daunting. Being an informed user is different from being tech savvy - this camp usually finds someone with some tech savvy skills to help them secure their devices. The uniformed user will always be a menace to self and the rest of us as they ignore all advise.

The average informed user who has some tech skills would have been the better target for this survey. At least they would have the basics (password management, safe browsing, patching etc.) understood and already in place. The Infosec Pros on making this assumption could have then concentrated on more current and pressing security advise.

IRS tax bods tell Americans to chill out about Equifax


Status quo is the message

The usual response from any government agency is to quote statistics that shows them in a good light. They love percentages, e.g. improved by 20% or problems down by 20%. It sounds a lot better than using actual numbers, e.g. 50 million citizens were victims of tax fraud last year and this is down from 70 million the year before (these are not real numbers, I am just trying to make a point).

There is approximately 140 million tax payers in the US, and the breach at Equifax compromised 143.5 million. The IRS Commissioner did not use this as an opportunity to say that the status quo can no longer be maintained or tolerated. Instead he stated that citizens should assume that their private identifiers have been compromised and they need to deal with it as best they can. The public would have been better served to hear from the Commissioner that the IRS is championing major changes within Treasury to address the problems that have arisen from the latest and previous Equifax breaches.

It is more than likely that Treasury is waiting on Congress to compel them into action, so there was no opportunity lost here. The result is that the IRS keeps on feeding the hopper. Brilliant.

US Congress mulls first 'hack back' revenge law. And yup, you can guess what it'll let people do


The Lawmakers who introduced this Bill must be under the impression that all cyber criminals are bored millennials inhabiting suburban basements. They want to start an American 'civil war' in cyber space, to fix the misguided. The enemy is thy neighbor.

Meanwhile, a real cyber war has been underway for years, populated with sophisticated state actors, agents of chaos and organised crime. Vigilante counterattacks here and there will be met with either contempt, a vicious up the ante campaign or they will fuel the American cyber 'civil war' to their own advantage. My bet is on the latter.

UK Treasury Committee chairman calls on Equifax to answer for breach omnishambles


Pretty Please - oh please

The governments of Canada, Australia, UK and Brazil approached Equifax with kit gloves. In other words, they said 'Please, when you get around to it, let us know how many of our citizens are at risk' They would have waited without any sense or urgency if it had not been for this huge backlash from the public. Now they feel the need to nudge Equifax for answers, so they have followed up with a 'Pretty Please'.

Equifax is feeling a degree of pressure from the US government, but that is just a show. The curtain will fall in a few months and that will be the end of it. Lawmakers will not punish Equifax (no fines) or change the credit reporting industry anytime soon.

They care not for anybody beyond their borders.

Governments outside the US have allowed credit reporting bureaus to operate in the manner in which they do.They know how this breach happened. They know how Equifax responded to the breach. They know their citizens have been compromised. There is no need to wait for Equifax to respond with their letter writing campaign. Nothing should be stopping governments at this time, other than their indifference, from immediately producing stringent legislation to regulate this industry. - prioritize it and pass it. Follow up with a compensation calculation for victims and forward that to Equifax.

Equifax UK admits: 400,000 Brits caught up in mega-breach


Passing the buck

UK, Canada and Argentina are currently identified as having been 'possibly or 'probably' impacted by the breach. Followed by, 'as soon as we know for sure, everyone will be notified in writing'. Done and dusted as far as Equifax is concerned. Any time spent or incurred costs associated with what needs to be done next or to recover ones stolen identity will have been transferred to the consumer.

Don't count on compensation even if you become the target of identity theft. Class action suits get big payouts for lawyers and a paltry sum for those who can prove they have suffered losses. Revenge maybe, but negligible compensation.

The investigations will probably result in US fines and some minor regulations, but Equifax has cyber security insurance and an industry lobby behind them - expect watered down results. It is rare for Canada or the UK governments to levy fines for corporate wrong-doing, but hopefully they will consider revoking their corporate charter. If Equifax loses government permission to operate as a business in Canada and the UK, I think a lot of consumers will consider it justice serviced.


44m UK consumers on Equifax's books. How many pwned? Blighty eagerly awaits spex on the breach


The people's representatives - get a backbone

Governments should make a deal with the credit reporting companies that they can not refuse. As governments outside the USA rely primarily on fines in these situations, it would be appropriate for the fine to be in the billions of dollars, not hundreds of thousands. Law makers need to get a backbone and work across borders when cyber crimes are at the core of the issue. A few thousand dollars is not a deterrent and nor will it cover the damage it will do to the economy. The individual citizen impacted by security breaches never benefit from these fines. They are left to be victimized by criminals and have to bare the fallout and financial costs on their own.

Equifax will use the courts to shelter them from the fines, so the government(s) should offer them an out of court settlement (to appease the courts). Pay the fine or agree to all of the government's non-negotiable conditions that will be put in place clean up the mess they created.and meet new regulations for the industry. The fine will be incrementally reduced as each condition is met. The response to Equifax should make it clear that new laws and regulations that result from this breach will include criminal charges and mandatory jail time for company executives. Co-operate or face the consequences.

The agreement should be globally enforced. Under the FBI and Homeland Security, the USA could work with other countries to create a framework that would not allow private companies to drive the solution when cyber crime puts a country's economic stability at risk.

Apache Foundation rebuffs allegation it allowed Equifax attack


Shifting the goal posts

Apache was right to issue a statement to clarify their position and to answer the accusation make by Equifax. It may be in their best interest to not get into a verbal war with these turkeys and just issue one more statement saying that they would very much appreciate receiving a copy of the Equifax investigation as soon as it is completed. The software is part of the puzzle, but is not the story.

Equifax would prefer to shift the focus away from the questions that have arisen from the general public concerning the handling of the breach, the company's IT competence and the fact that a company for whom they are not customers can collect, store and use their private data for profit. Questions about 'consent' is putting this industry under the microscope. Law makers are feeling the heat, which basically means manufactured outrage for votes - as dangerous as a rabid animal.

Cyber criminals are not only greedy bastards, they also love chaos. Equifax is obliging on both counts.

WannaCry vanquisher Marcus Hutchins pleads not guilty to flogging banking trojan Kronos


I think they arrested Marcus in hopes of finding the co-defendant whose name is redacted in the indictment. That guy is not in custody and is supposedly from Wisconsin. It is more than likely that the other guy has a pile of evidence against him and the FBI wants him convicted.

It is possible that Marcus and the co-defendant had exchanged emails on Kronos - something that is common with hackers. Marcus did send out a tweet asking if anyone had access to the code. The other guy might be a black hat hacker known for profiting from malware or doing damage to US companies (like banks). They now have whatever Marcus knows on Kronos and what his involvement was.

Marcus says he is innocent of all charges and few people do that facing FBI felony charges - they usually go for a deal, innocent or guilty. His lawyer must see light at the end of the tunnel and is convinced that it is not an oncoming train.

70% of Windows 10 users are totally happy with our big telemetry slurp, beams Microsoft


The only Windows User Feedback Program that Microsoft pays any attention to, is in the Insider Program. As a participant of the Insider Program you are obligated to NOT turn off any telemetry. This program has 10 million fanboys. Considering that MS is their 'Dear Leader', it is more than likely that the positive feedback cited by Marisa Rogers came from this camp.

Consumers (est. 400 million) upgraded to W10 primarily from an OEM W7/8 Home or Pro pre-install. The additional 100 million after GWX probably bought new OEM hardware with W10 pre-installed. The OEM defaults were set on those systems to benefit MS (partnership agreements and all that). Windows is a closed system and even more so with W10. The Privacy configuration options range between 'all' and 'almost all', so user satisfaction feedback based on this is an insult to their customer base.

Memo to MS Rogers: PR is a weapon best used as a preemptive strike. It has a lot less impact when your lead ship is under the constant barrage of devastating salvos.

WannaCry-killer Marcus Hutchins denies Feds' malware claims


This is akin to treating a hornet's nest like a pinata. It can only end badly.

Browser trust test: Would you let Chrome block ads? Or Firefox share and encrypt files?


Food Fight

Everybody now has to purchase multiple gigs of bandwidth well beyond what is needed to perform computer maintenance, run applications or do some web surfing. The PC advertising model has significantly increased the user's operating costs to the benefit of the ISPs, Browser providers , Website owners and Operating Systems (Android, IOS and Windows 10). They are gobbling up a huge percentage of our usage allowance primarily for their benefit.

Adblockers help to control some of the gluttony. I hazard a guess that the Adblocker extensions are definitely a target in the browser world - their existence is at the pleasure of the browser provider. Google is maneuvering around this with caution. It would be a good thing if Google blocks overly intrusive and malware laced ads (kudos if they do it), but they are not going on a diet by any means. Their addiction to junk food is keeping them fat and happy.

Firefox in the hen house. Mozilla needs a Business-GPS that stops blurting out recalculating, recalculating, recalculating.

Microsoft: Get in, IT nerds, you're now using Insider builds and twice-annual Windows rollouts


Shifting sands

The OS usage number currently sits at 15 billion Windows PCs world wide. It is estimated that 26% (+,- 1%) of that number is Windows 10 (Jun 2017). Of those most are consumers.

Large corporations will have W10 PCs installed in pilot mode right now but the bulk of the organization will still be on W7 through to the end of 2019. IT worth it's salt never expects Utopia when it comes to migrations of this magnitude. The legacy applications will have to work well on the new hardware and W10. It is likely that they will have to build and test some application tweaks and hopefully not have any major rewrites. Even tweaks are going to be difficult on a base that resets itself every six months. Feature updates every 18 months will add more complexity and instability to the migration effort, not to mention what it will have on a full production environment. Shifting sands below the foundations make for shaky buildings.

The brown bags had better be the size of the ones they use in supermarkets. First to heavily breath into and then to place over one's head.

Speaking in Tech: What is a Windows 10 licence worth these days?


W10 delivers lopsided value

There are people who grabbed a W10 license using their existing W7 or W8 license during the GWX campaign and they immediately reverted back to W7/8. It was just to take advantage of a freebie. On having done so they were counted as a W10 user even though they have never used W10. That was very valuable to Microsoft as it inflated the W10 adoptee count. Assuming that these freebie grabbers will wait until W7/8 goes EOL to actually use W10, the bean counters will project that as a W7/8 decline and a W10 uptake. That is of huge value to Microsoft. It basically means that they get to exploit a single W10 license twice.

For the user, W10 delivers new function and there are improvements over previous versions. For that the license has value. However, it's worth is diminished by incessant data collection and the sordid usage of that data.

W10 delivers more worth, more usefulness and more importance to Microsoft than it does to the user. It is all way too one-sided.

SBU claims Russia was behind NotPetya


Most Wanted

Does the Ukraine have enemies other than Russia - have they managed to piss off Poland, Slovakia, Hungary, Romania, Moldova or Belarus that we have not heard anything about?

Though there may never be indisputable evidence that Russia (FSB) orchestrated the cyber attack(s), it has to be at the top of the list of suspects. The SBU can point the finger, make accusations and Russia denies it all. The actual coders are faceless, so there is no-one to take into custody and throw into prison.

Crimes have been committed. Since cyber war is a hostile act that can cripple a nation, we may eventually be looking at these crimes as 'war crimes'. Under that designation, the leaders are held to account.

Four Brits cuffed in multimillion-quid Windows tech support call scam probe


Spreading malware is what I do

I have never tried this response (a poster on a forum shared it) but I'd say it is a good one to try ...

The scammer stated that the person's computer was sending out malware.

- The potential victim replied, yes. That is what it does.

The scammer said it should not do that. He needs to have access to check it out.

- The reply was: Yes., I would be pleased to.share my files with you. After all, it is what I do.

The scammer hesitated and declined the generous offer. He immediately ended the call.

Microsoft recommends you ignore Microsoft-recommended update


Flailing Helplessly

The Windows Update Team must be down to one full time employee by now. This poor sod is the only one who knows how to and when to issue a patch. Yes, I know that is not true, but for all the fubars that have occurred since April 2015, you get the impression that they are flailing helplessly.

There was an entire build that got released by mistake, bogus OEM drivers that mysteriously appear, updates that break all manner of windows products and now an update that has not been fully validated. I am wondering if the Windows 10 patching scheme (and the W7/8 rollouts) have become so unwieldy that they have lost control of it all.

It also appears that it is not a priority to get the fixing, fixed.

Redmond puts wall around Windows 10 for Chinese government edition


Pirate copy anyone?

For decades XP and W7 was pirated in China and a legit copy was hard to come by (or keep). It is still that way. We in the West paid for it. Perhaps the tables will be turned now that China has the scrubbed down version that everybody else in the world would like to have. The West could be awash with pirated copies of the China Edition!

The obvious problem is that the China Edition will be calling the Beijing Mother-ship rather than Redmond's Death Star. The user will be getting notices that using a VPN carries the death penalty. There will be ads for this weeks chicken feet specials - I hear they are delicious.

In actual fact it is a good thing that China will be using legit W10 licenses. The rest of Asia will hopefully follow - not likely though. Eastern Europe, Russia and South America - nope, never.

Ransomware scum have already unleashed kill-switch-free WannaCry‬pt‪ variant


Peer creds

The scum are obviously in hiding - either on a luxury yacht on the Black Sea or in a basement somewhere. I'd hazard a guess it is the latter. There must be other scum in the same racket who know who the are. I wonder if they have earned any street creds for what they did?

- chaos (not really)

- financial bonanza (nope)

- media attention (big win)

- shit disturbing (yep - mostly stirred the NSA and Microsoft)

- rattle some chains (mostly IT departments)

- peer envy (I doubt it)

Their reward beyond the $30K they collected will be prison (blackmail and extortion are felonies).

Windows 10 S forces Bing, Edge on your kids. If you don't like it, get Win10 Pro – Microsoft


Manipulating demand

We are looking at this from what we would buy for our children rather than what our children would like to have and use. K-12 kids usually get what mummy and daddy buys for them, whereas university kids get to say what best suits their needs. If it were up to the kids, what would they say about W10 S and what it has to offer them?

We have kids in our family who have access to an x.86 desktop, but it is setup with Google as the search engine and the browsers are Chrome and Firefox. We have several x32 apps on the system, but the kids seldom use them. They have never seen Edge, IE or Bing .

Are the kids asking for Windows 10 and what it has to offer? School districts are not promoting whatever MS has on tap. The Education Departments are not referencing the Microsoft Store as having apps that should be included in the curriculum or used by students for study projects or homework. Teachers mostly see W7 systems if they see a Microsoft device (and most are sans IE and Bing).

Yes MS is trying to influence the market to position W10 S as the de facto education OS, but there is no demand for it. The kids, the schools and the governments are not driving the demand and neither are the parents. However with this announcement, parents and teachers are being manipulated, not influenced.

MS is driving the demand.

Stop us if you've heard this one before: IBM sheds more workers – this time, tech sales


Totally not hip

A hip employee : wears a hoodie, jeans with holes in the knees and a t-shirt with a picture of Elon Musk on it. Image is everything. You can get HIP from Harvard.

OK, so how are all these hip new hires going to relate to the non-hip management? The suit is going to require diversity training. Performance evaluations will have new ratings: 1= outstandingly hip, 2 = exceeds hip requirements, 3= meets hip requirements, 4 = not hip enough, 5 = totally not hip. And the non-hip managers get to determine this.

Ah yes, I remember my 35 years at IBM. I was never hip.

Windows 10 Creators Update: Clearing the mines with livestock (that's you by the way)


Bad Timing

Wow, patch Tuesday, April 11 will be the official release date. Isn't April 18th the tax return deadline in the USA? The perfect storm.

Your internet history on sale to highest bidder: US Congress votes to shred ISP privacy rules



Over several years of ISPs collecting and selling PI, everyone will eventually be profiled. Phones, gaming systems, TVs, computers and IOT devices slurping it all up. Politicians have these devices too, so their browsing history and life style choices will be stored and available to whomever wants to exploit it.. Tit for tat as they say.

I would not be surprised if future ISP service agreements state that you can not use any tools or services that prevent them from their legal access to customer data. . VPNs may face legal challenges. This was raised by a poster elsewhere and I think they have a point, so I decided to repeat it.

'Windows 10 destroyed our data!' Microsoft hauled into US court


Justice is the eventual loser

This article is about litigation. Do these plaintiffs have a case - does the law suit have merit? Will justice be served?

It is obvious that Microsoft has done significant damage with their coerced upgrade to Windows 10 on consumer's W7 and W8 systems. I say significant because the majority of consumers are not tech savvy which MS took advantage of. For this we have several examples where the user was tricked into accepting W10. An upgrade sent via a support service caught these users unaware and at a disadvantage. The recommended setting (default setting) for windows update is 'automatic download/install' , so these users were under the assumption that their purchased license (W7 or W8) was merely being maintained. MS counted on this misconception.

Microsoft delivered an OS upgrade through a support mechanism. This is what caused the damage. They may argue that it was a free offer to upgrade the user's system and it was clear that it was a new license agreement. This is going to be the crux of the suit - the user agreed to a new EULA. The W7 and W8 EULA only speaks to support as maintenance and support and does not reference the service as a delivery agent for the company's latest OS, free or not. When the user clicked 'I agree', when the W10 EULA was presented, the users were, in all their innocence, accepting an update that they believed to be merely maintenance. It was a ruse, and they fell for it.

I believe that MS can not win this case as a class action suit as there are a huge number of users who have horror stories regarding this GWX fiasco. The losses are immense and this law suit could be joined by a massive number of really pissed off users. The judge will ask the parties if they will settle and I think it is obvious that MS will say yes. MS will not be put in the position of publicly accepting wrong doing. The plaintiffs get their losses and lawyers get a payday. These few plaintiffs, though genuinely victimized, are pawns in a legal system that is bereft of morality and justice.

Ad men hope blocking has stalled as sites guilt users into switching off


Who is Freeloading ?

I get annoyed when I read about content sites objecting to ad blockers. They say it is because they have costs to cover and the user is a freeloader if they block the ads. Well, I have costs too - I pay for my telephone line and data plan. Telemarketers feel it is their right to use my telephone and advertisers use my bandwidth, but neither ever compensates me. These peddlers are freeloading.

I see that TV has not only increased its ad content, but it is now partnering with certain shows to include the sponsor's product in the show. I do not watch sitcoms, but today I read that Microsoft has partnered with ABC to include episodes that have their Surface Pro tablet written into to script. They are also the primary sponsor, so when the show breaks for an ad, it is for the Surface Pro (with the lead actor from the show in the ad), then back to the show continuing where they left off. It is called integrated marketing. The ultimate in freeloading.

Connected car in the second-hand lot? Don't buy it if you're not hack-savvy


Smart Lusers

What about a smart car that gets stolen? I guess they can be more easily located by an app. if you do not start disabling stuff. Then again the odds are high it is already in a chop shop or on a boat to some third world country. If my car got stolen I'd reset all that I could, asap. I would not expect law enforcement to have a process for a stolen smart car that is different from a non-smart car. I'd just ask for the police report for insurance purposes. Then there is the insurance company - liability clauses!!!

Who was the genius who determined that smart cars are a user benefit ? Seems the benefit got misplaced.

Zuckerberg thinks he's cyber-Jesus – and publishes a 6,000-word world-saving manifesto


I expect the vast majority of the 1.86 billion active FB members will not read the manifesto. Yes, I am stating the obvious.

The danger for Zuckerberg when he produces these statements of grandeur is that there are activist investors who have been eyeing FB for sometime and have lately suggested that he be removed as CEO. To combat these corporate raiders, FB changed their corporate governance rules to give founders and early investors greater voting control. Zuckerberg benefits from 10 votes for each share and currently controls just under 57 percent of the vote. He has even given himself the right to name his successor when he dies. The very definition of 'control freak'.

The content of this manifesto should really not come as a huge surprise. He is a caviar socialist living the capitalist's dream.

Big blues: IBM's remote-worker crackdown is company-wide, including its engineers


Unnecessary Stress

Thirty days to decide to either stay or leave is not very much time. There is so much to consider - rentals or home pricing in a new city, sale of existing home, cost of breaking a lease if one rents, schools for kids, financial situation, leaving friends, situation with elderly relatives, and the impact on life style. If you decide to leave, a new job might not be at hand within 30 days. Bills have to be paid.

Counting on a large numbers of older employees to quit is a bit of a misnomer. There are a huge number of people who have no savings and lots of debt. They are living on credit even though they have a well paying job, a house, car, boat, and other toys. These 50+ individuals know that getting a job equivalent or better to what they currently have is almost impossible even if they are highly qualified.

A workplace with a lot of pent up stress. Now that is a team with a common purpose.

Imagine a ChromeOS-style Windows 10 ... oh wait, there it is and it's called Windows Cloud


Late or too late

Yet another product/idea that Microsoft has decided to copy.

Always late to the party.

They are like the guest who shows up at your News Eve Party wearing a Halloween costume.

Flight 666 lands safely in HEL on Friday the 13th


For the Hell of it

The North American railway company known as TH&B. (The Toronto, Hamilton and Buffalo) Railway made several trips daily for 90 years. TH&B dubbed by some as the 'To Hell and Back' Railway company did not skip a single Friday 13th run. Considering the weather in this location. maybe there is proof that Hell does freeze over.

Trump's cyber-guru Giuliani runs ancient 'easily hackable website'


Insider only

From what I have read on this appointment, Giuliani's role is unofficial and undefined. The Prez-elect is one of those characters who needs to pad his inner circle with those he knows really well and trusts to a fault. His family and close friends are like his force field.

The Twumpster has shown a distrust and disdain for all US intelligent agency intel and has a penchant for conspiracy theories. I think Giuliani's responsibilities will be totally void of plugging security holes - he will probably focus on how the administration should react to countries and individuals that unleash cyber attacks on the US. There are government departments that will address industrial espionage and infrastructure vulnerability while Giuliani will probably be a mere filter for the Prez. on what the spy agencies conclude and recommend. Can't see him expert in any other advisory capacity.

Twas the week before Xmas ... not a creature was stirring – except Microsoft admitting its Windows 10 upgrade pop-up went 'too far'


A step too far ?

This is not an apology from this Executive. He is complaining about two weeks of hell for Microsoft. He did not acknowledge the impact it had on their customers. MS took over a month to remove that popup. The 'step too far' was beyond the dirty trick. Trust was at issue.

This Executive is the top Marketing guy so he is responsible for the brand. The brand was damaged by several steps too far with the GWX campaign. He was responsible for all those antics that angered Home users and small businesses.

There was no mea culpa. They were expecting no consequences for their bad behavior and this interview revealed that. MS knew what they were doing was wrong and expected to get away with it.

Ancient water found in Canada is two billion years old – giving hope to Mars colony dreamers


Time for a plug

This discovery will add to the knowledge base. Humans need water to survive no matter where they go. A trip to Mars is more about the technology that allows Humans to travel in space with the ultimate goal of reaching an Earth-like planet and setting up digs there. A colony on a hostile planet would require constant care packages from Earth, so it would be of limited benefit.

T.Boone Pickens said that 'water is the new oil'. He owns more water rights than anybody else in the world. He and his multi-billionaire cohorts have and are continuing to buy up water rights world wide at an unprecedented rate. Eventually, we will have to leave Earth, not to go boldly where no-one else has gone before, but because we will not be able to afford to buy water that is here.

Icelandic Pirate Party asked to form government


Liberal, Conservative, Socialist and Rhinos

Canada may be compelled to resurrect the Rhinoceros Party after this win in Iceland.

The Rhinoceros Party was a registered political party in Canada from the 1960s to the 1990s. Some members of the Rhino party would call themselves Marxist-Lennonist, which meant the term in reference to Groucho Marx and John Lennon.

Their platform had many campaign promises and here are just a few ...

They pledged to eliminate small businesses, and replace them with very small businesses, having less than one employee. Repealing the law of gravity. Providing higher education by building taller schools.

Obviously a party that was not 'serious' about governing, they did at times garner lots of votes. In some elections they beat either the Liberal or Conservative Party candidate in some ridings. They also declared victory after one election, claiming all candidates were Rhinoceroses, whether they knew or acknowledged it: thick-skinned, short-sighted, mean-tempered, etc.

Windows updates? Just trust us, says Microsoft executive


Nomenclature is everything

Renaming the recently announced patch bundles for Windows 7 and Windows 8 will no doubt improve the trust quotient. The updates are now officially 'quality' updates. Re: Security-only quality update and Security monthly quality rollup.