I used to get this nonsense when I used free as a provider, then switched to orange and now its consistent. And all the same line etc.
127 posts • joined 15 Mar 2017
Up yours, Europe! Our 100% prime British broadband is cheaper than yours... but also slower and a bit of a rip-off
Re: If only
I know France has equivalence and Free and other isp's claim not to cap or traffic shape, but I used to have a Free adsl line and on a good day it would manage 1Mb. And it used to have issues about 1-2 times a month, need the router power cycling every few days etc.
We kept raising a case, with Free sending engineers out who never turned up etc etc and blamed it on our rural location. Then we switched to Orange, same line, same termination at the property instant 10Mb, no traffic shaping bull and super reliable. The very few times we've had issues, they have been quick to help and when they cant get you back on that day you get a free 4g data sim and a loaner 4g modem while they sort it.
I had a awkward long wait in a chemists and a animated public chat with the police once when on a short contract in the UK.
My henious crime was that I had been instructed by my better half to stock up on teething gel for my toddler whilst in the UK and flying back home to France with it, and grabbing enough to last hopefully until he was past it. Apparently the usual target for buying lots of teething gel were junkies and I must have looked like one.
Even as they let me go, they were still being crappy about it. "You shouldn't buy these quantities, its not permitted". I'm not sure where the limit for buying 10 tubes of infant teething gel was defined but decided that life would be easier if I just nodded and said I knew for next time.
EU, ASEAN trade bloc plan closer digital ties that could make China's Belt and Road offering look rather boring
How the US attacked Huawei: Former CEO of DocuSign and Ariba turned diplomat Keith Krach tells his tale
Re: 2 months to go
Cisco already provides access to its codebase to select parties with a strong requirement to view it (and BT is on that list) and they build a version from the codebase and place it in escrow in case shenanigans should happen like they do with all their vendors. And Ive been told in the past the Cisco code compiles easier with a more reproducible result.
Perhaps you should stick to ranting about things you know about?
We want weaponised urban drones flying through your house, says UK defence ministry as it waves a fistful of banknotes
Is Little Timmy still enthralled by his Leapfrog tablet? Maybe check he hasn't sideloaded an unrestricted OS onto it
Well, if I bought my offspring a leapfrog, and they managed to root and sideload android onto it, I'd be super impressed and helping steer their path away from the darkside in future but inspiring them to learn more. I've done some mad pointless things, because I could, not because they made logical sense to a onlooker so hats off to the sideloaders.
I gave my son a pc for xmas and he wanted admin on windows & root on the linux side, and I told him he could have them when he could work out how to get them for himself. It shouldn't be too difficult a task as there's more I could have done to stop it than I have, but he's going to have to do some research first, I'll probably regret this when I find the heating controller running doom or something in a few years ;)
As if you needed another reason not to use Visual Studio, C++ extension for Visual Studio Code is live
I've got into using it for ruby of late because its fairly cross platform (albeit electron which I would prefer it to be native too) and compared to Rubymine (corporate choice) things feel really responsive. Now if only the debugger could step into child threads properly like Rubymine can when using remote ruby-debug-ide.
To put a finger in the air metric, there's 5000 files in the current project I have open in it and it seems to cope quite nicely. I use it on osx and linux.
Also I quite like to hook remote things in python using it, and xcode for php etc is nice and works ok. Ive never seen the platform.io issues etc yet, maybe theyre lying in wait for me later on.
For c++ usual habits are to use vim + gdb/cmd line stuff mostly with a dash of ghidra but I work so much in web stuff now I rarely do any now...
Critical vuln that lets miscreants hijack computers via Slack? *Sucks in air* We'll give you $1,750 for it
Re: He could have got double that on ebay
Actually a well known (legal) vuln brokerage tweeted out saying the next one someone finds in a similar manner to approach them & they would offer 10k for it. You don't have to join hackerone or the other bounty schemes to sell a vuln.
So, now slack can expect to get hit with 0 day disclosures and be part of well funded exploit buyers attack toolkits.
Silly Slack, and they come from this culture and 100% should have known how this works. I guess their huge market cap, turnover and resources didn't quite cover rewarding researchers so they don't go elsewhere with their findings. Their loss.
CREST exam cheat-sheet scandal: New temp chairman at UK infosec body as lawyers and ex-copper get involved
Very very annoying...
Its really annoying for me, because I am a holder of some CREST certs, and I did both when not attached to a larger company, the hard way, by studying independently and honing my craft (I'm not by day a windows bod so I had to pull up my socks on that side of the OS divide).
Now after all that work, I'm going to be in a interview and someone will see CREST on the cv and think "oh he'll be one of those ncc cheats" or it happens everywhere.
I hope CREST properly and fully crucify NCC in the name of all the honest people who did their certification.
Meanwhile I'm pretty glad I also took offsec certs, because a) they're fairly well known outside the UK in comparison to CREST, and b) their reputation isn't tarnished by this mess..
We're in a timeline where Dettol maker has to beg folks not to inject cleaning fluid into their veins. Thanks, Trump
BOFH: Gosh, IPv5? Why didn't I think of that? Say, how do you like the new windows in here? Take a look. Closer...
Hacker swipes customer list from controversial face-recog-for-Feds Clearview. Its reaction? 'A part of life'
Re: “Security is Clearview’s top priority"
"Security is Clearview's top priority",they just forgot to mention of their ip and algo's.
I interviewed for a c suite level security bod at a cloud startup, and the entire interview was geared to how I would protect the above for them, when I asked around the PII they held on the cloud of thousands of people's medical reports, nobody gave a flying fig about any aspect of it.
I declined the job, I never was cut out for taking more filthy lucre at the expense of taking pills to keep my conscience dormant.
How the US-China trade war is felt stateside: Xilinx trims workforce after lucrative Huawei sales pipe blocked
Google promises next week's cookie-crumbling Chrome 80 will only cause 'a very modest amount of breakage'
Re: What am I missing here?
samesite=none;secure just means the cookie has to have been transmitted over a secure channel (https) from the 3rd party server, therefore protecting it from snooping in transit.
I'm struggling also to see what huge leap making the bad cookie originate from a https server offers up to defeating various attacks in this case.
Also a value of none breaks older browers that won't rend the page as a result. Previously it had to be missing, lax or secure to be valid.
EA boots Linux gamers out of multiplayer Battlefield V, Penguinistas respond by demanding crippling boycott
Re: "EA still peddle games. Are they even relevant anymore?"
Only because of system bundles. I got a bundle ps4 a while back, because it was the cheapest option to get a spare console that could go online, the bundle included a download of fifa that to this day I have never bothered to claim.
Its like buying the windows machine bundle and installing linux on it day0, because it was 50 quid cheaper than buying the linux option because of subsidy & every secondhand shop you go in has multiple copies of fifa sitting unloved and unwanted.
Re: re: function key/control key
I've got a french keyboard (azerty) on my thinkpad, but its mapped to qwerty layout. Its great, nobody else can ever really get their heads round where things should be, unless they're touch typists used to qwerty layout. :)
to the article, I have been issued a macbook pro by the corporate overlords, and I hate it (the keyboard really sucks, the oversize hipster touchpad is crap, and when it comes to doing really low level stuff, its hard sometimes to wrest complete control of the underlying bluetooth/audio etc hardware to do stupid things in the name of research and have it work as a corporate build afterwards...). I much prefer my stinkpad, and use it in preference whenever its permitted...
Re: This requirement for paper bills/statements...
You ring EDF up, tell them the meter supply number on the tag and tell them you moved in, then they send you some forms to fill in and ask for some periphery evidence that you should have, and bingo, the bill arrives in the name of the new account holder. Magic. And if you don't do this, the account ceases and the electrons stop visiting you because the EDF peeps come and pull the main fuse outside the property if your still on bakelite meters and bits of twisted wires for fuses between poles nailed to a piece of wood era French electrics or turn the Linky off if you've been blessed with the snot avocado green box install.
The only real caveat is that for the bill to be proof of other things, it has to have been issued in the last 3 months, so its even sort of evidence that you still are at that property (or at least they'll know where to find you if they need to).
Now, if you need a NEW supply where there isn't a existing meter to take over, that's more fun and involves the dreaded consuel inspection. But I've done that too and its really just about making sure the install is safe and got a good ground, and conforms to wiring colours and specs etc.
Re: Signed documents
This was a legal thing way back. I wrote a LaTEX template once for a large bank in the UK, and it took the values filled in on a webform for a mortage application, and then presented a pre-filled in pdf to print out and sign and fax back.
I asked and was told that the signature carried different weight in the law because it was a "live signature".
If you got into home ownership misery from my work. Sorry. I just needed to pay my mortgage that month and works work :D
Re: This requirement for paper bills/statements...
Neither are you, having seen your posts on El Reg, please no, I'd like to keep a english channel's width away from you at minimum.
To op, In France you just need a edf bill, and everyone else accepts that. Edf will take money from anyone when they issue the account on proof of house ownership or proof you are renting the property and you won't get electricity without a edf connection. That's fact, not ranting from a fake news provider.
Re: They can pry the pitchfork from my cold dead hands before we allow one in...
It is actually easier than dealing with all that though. We have a second property down the road thats currently empty, and they put the card in the postbox which I empty every few months. Then they fitted that property with a transponder that can be read from outside, and now the person in the little van just parks up outside for a minute to read it.
This property has a linky, its powerline as others have said, had a good chat with the installer who turned out to know more than how to screw it in place about all sorts of interesting aspects and poke round with it out of curiosity.
I'd really like to get a spare one to go to town on properly though...
Re: This may solve my procrastination
You can use devuan etc as a good interim solution and just swap one or two of them to *bsd to get a feel for it. Its worth doing because there's a chance in future that upstream changes will force the systemd-free distro's into abandoning their resistance.
*bsd is actually pretty close a experience with the ports enabled, just the occasional thing slightly different. Flags, syntax etc, just enough to trip you up at first but not enough to be worth loosing sleep over. People see my laptop and don't even realize its bsd underneath.
If you have to have stuff that has a hard dependancy on a certain os/version for support, that's what virutal machines are for. Its a shame that my vm host now has linux vm's in amongst the more usual suspects but that's how life goes.
Allowlist, not whitelist. Blocklist, not blacklist. Goodbye, wtf. Microsoft scans Chromium code, lops off offensive words
Re: Programming and computers as a casualty
Personally I'm happy that bastard files haven't been renamed yet. I take great delight in indicating this to my son by handing him the one with the makers having etched "Flat Bastard" on the body near the tag.
To other poster, its gudgeon pin in engineering terms. A gudgeon is a small freshwater fish.
Insert historical comment about this being 2019 and no manufacturer hard codes the SAME default public/private keys into all their devices. Yet again.
I hope the baying mob that went after me on el reg's comment sections for suggesting this happens regular as clockwork in devices I test are by now, after multiple stories detailing this exact issue, actually starting to get just the tiniest of glimmers of a inkling of how completely clueless they were.
Take your pick: 0/1/* ... but beware – your click could tank an entire edition of a century-old newspaper
I had a much more minor incident, I was doing web and linuxy stuff for a more established consultant who resold my time out occasionally, and on this occasion he'd managed to sell me as capable of installing some line printers onto a Solaris based warehousing system, a operating system I made clear that I had no experience of to him at the time.
After goading and considerable prodding thought I'd very very cautiously give it a go, after telling Alan yet again I didn't know what I was doing really, and him insisting I tried anyway "as its not live yet anyway". So there's 4 temps furiously entering inventory data as fast as they can in four terminals to get the inventory system populated with the stock ready for the go live in two days time, and we arrived onsite mid afternoon and after a hour I had got a shell and felt about and installed the drivers by running the bundled shell scripts, but things weren't playing the game, so I decided one process called "printr" was the culprit and had to be shut down. It ignored a -HUP, so it got the big kill -9 shotgun, and that worked. Sadly I could tell it had because I heard the screams from around the room as a entire day's data entry went down the toilet as it cached all the data entries in ram until told to write it out, which they did at the end of each day. We fired it back up quick and it was devoid of entries...
On the plus side, at that point the printer started working perfectly, so I apologised profusely to the temps for ruining their work and made my exit. And the temps were paid hourly.
Re: snapd and systemd
This is linux, and its open source. Learn how to compile it from source.
Props if you then do more learning and make a package, even maybe submit it upstream or take over being the vlc maintainer, I'm sure the repo people would be thrilled to accept the later version as you won't be the only person in that same boat. All those packages on your device were already put together by people doing this very process...
You got a smart speaker but you're worried about privacy. First off, why'd you buy one? Secondly, check out Project Alias
Oh, I wish it could be Black Friday every day-aayyy, when the wallets start jingling but it's still a week till we're paiii-iid
Re: Meanwhile in western France...
To be fair, the ongoing gillets jaunes protest has meant most supermarket's have been deserted this week even in mid week. Especially when you get outside of Paris, it has been common to see a roundabout with gillet jaunes slowing traffic, although also as given outside of Paris most people seem to support this, its all very polite and controlled and just viewed as a minor thing that was brewing over years of the particular cause repeating itself ( Edouard Philippe completely ignoring vast swathes of the country outside of Paris who were most affected, who didn't want either this or the 80km limit etc).
What I'm *really* shocked at is to get this far down the comments and unless I'm blind, not seeing *anything* by ledswinger, phil o'sophical and all the other brexit troll's who usually inhabit these sections. Their handlers must be cutting back on the wage bills by only having them work in single time periods :-)
Alexa heard what you did last summer – and she knows what that was, too: AI recognizes activities from sound
"Quite, and the researchers saying 'this should all be doable locally as people don't really want to be spied on' is like saying 'Lions don't really want to hurt people' - but they have to eat, right?"
Sure, but put away your paranoia for a instant and remember this is CMU saying this, as in the people that developed CMU Sphinx, and pocket sphinx. Which today is about the best bet for a local only speech recognition system as your able to compile/build at home. For that they should be at least given a small amount of the benefit of the doubt that they were being sincere.
I should know, I've been making my own smart speaker that is local network only to control some local network only home automation devices and currently I have pocketsphinx running on a beaglebone black but have some tuning issues to overcome...
Of course amazon et all will pish all over their good priniciples and aims, but there's still a small chance to carve out out a niche for privacy respecting alternatives because of these guys/gals work.
Its associated with John Mcaffee, that should tell you all you need to know about its credentials.
My respect for John stems from the fact that he's so obviously hatstand and out there that nobody serious can take him seriously, yet, somehow, he still manages to find idiots who do.
Been following along with this on twitter, its been break time amusement for weeks.
I'd buy one, on two caveats, first that those synaptics buttons are hardware buttons, not emulated in the driver software. I still buy thinkpad's for that reason.
Secondly, I want you to buy one and throw it about first and see if its rugged enough for mobile usage. My one and only foray into big shiny luggable laptops was a asus, and 4 flights in it lost a third of its screen and the local asus dealer wouldn't honour its guarantee after I told him it happened on a flight in hold luggage (stupid attack of honesty), the way another repair guy explained it to me was they'd made the screen wider by adding a extra panel to the right on the standard one and joined it with fine wires. I still have it, it still only shows 2/3 of the screen but its regulated to doing vehicle stuff now, and we fit all the display mode on the working bit :-)
Sod it, I'll just buy another stinkpad for now. I can always fend off muggers with a blow from that in a emergency.
Re: And everybody this "Force" is set up to catch ...
Fraid not Jake, not any longer. A few years back and I was with you 100%. Now we're forced to use the term because its become widespread and nobody outside our little niche gets how cheesy it all is. A little bit of me dies inside each time I have to write "cyber security consultant" on something, because I started to get solicited for doorman roles for posh clubs when I used "Security Consultant" in the descriptive fields. I was considering writing (in)offensive security specialist, but not sure too many people would get the wry joke.
Its a bit like mr mimikatz (Benjamin Delpy) saying the problem in security is "security professionals" and how crap they all on on twitter, yeah there are some dead wood box tickers, but equally just because someone works in the field it isn't a given they're going to be that way.
Don't get me started on the pale male and stale meme crowd.
Generalizations are bad m'kay?
Re: Ha Jokes on Them
Don't you have to have leather trousers with no bum in them to have a wallet on a chain?
Personally I put my wallet and phone in the big inside pocket inside the jacket, then by the time you've fell off and burst the main zip and slid far enough further to drag it inside out and abrade the liner away, dropping your phone is the least of your worries. Also stops it getting too wet. Soggy money is no fun.
Define properly secured at the perimeter. And bear in mind I was reading a paper today about how to bypass the akamai waf during a exploitation (I'm a offensive security bod before the mob tries to lynch me). The point being, that info is freely available on the net if you know where to research and both sides of the game have it. If you've evaded the waf, your attack will look like normal web traffic anyway if you get it to dump out via the same web server as a response unless you set off a sensor getting it to throw a reverse shell via a port or similar.
Philip, yes if it leads to Debian doing what they refused to do at the time of systemD's adoption and take onboard the possibility to completely remove it for those who choose not to use it. Diversity in the ecosystem, choice, its all good.
s/allowed/currently\ allowed\ as\ a\ short\ term\ workaround/
Its a tiny but important linguistical difference.
I dont think "relaxed" is the correct term Ian in fact taken overall its somewhat disintegrous to state that to support the argument that one is equivalent to the other. In the reality of here and now, its a small dep and not used so in the interests of expediency its there as a known issue.
The difference then becomes (I believe) that Devuan is commited long term to eliminating this and is already working through the list of packages. I don't believe base Debian has the same commitment?
I have nothing against Debian apart from its decision to go to systemD, I've been dabbling with it since I got given a install cd at a show where I bought my first cd rom drive by Debian volunteers when running Slackware, but I currently have 5 installs of Devuan churning away since the project first released and 0 of Debian.
Re: Ads are OK. Data gathering behind my back is not.
Speak for yourself Jim, I've hosted content for free on my own servers since the late 90's, and not one single advert has ever appeared on any of the domains I'm responsible for, nor has anyone else ever paid a penny towards their upkeep.
I did it because I was interested in the subject and it was my way of paying a little back. That's the actual spirit of the earlier internet, not trying to monetarize everything with ad's or spam youtube with stupid clickbait crap videos just to get subscribers enough to get into earning enough to not have to actually work for a living alongside your passions.
Adverts, meh, if they *have* to be on a site, they better be obvious theyre adverts, and they better not be targetted or mr ghostery and captain adblock amongst others will be deployed. Of the very few that are honest and show relevant adverts I do even lift my adblocking solution.
Re: "At last! A valid use of a 'hacker in a hoodie' stereotype stock image"
Dan, easy, have a synergy km setup and a second keyboard on a kvm for early boot recovery, couple of different hardware/os's, one for browsing dodgy places during research, one set up as a compiler etc, keep them viewable so you can keep one eye on a long process while doing something else elsewhere. Throw in a 2nd kvm which goes out to my server room via a dedicated cable + kvm extender, and bingo, you have 6 screens and 3 keyboards. Though mostly two of them sit down the side of the desk out the damn way unless something goes wrong.
In my defence, I had to pay for all 6 of my 19" monitors, so that means I made the bracketry myself and cleared out the secondhand shop a few times. Short arms and deep pockets me...