Re: Relegated to the attic...
Oi! That's what I'm building from al the bits I've saved from my old machine.
Posts by Twanky
277 posts • joined 17 May 2017
Dutch Gateway store was kept udder wraps for centuries until refit dug up computing history
Police face-recog tech use in Welsh capital of Cardiff was unlawful – Court of Appeal
Wednesday 12th August 2020 06:39 GMT 
Great timing!
The courts may be seeking to apply the law on use of face recognition technology - but the timing sucks. What a wonderful time to be working in this area when world just became more interested in how many layers of mask one should wear.
Citizen! Over here! Straighten your mask. We could not read the QR code on it.
Transport for London asks Capita to fling Congestion Charge system into the cloud
First alligators, then dogs, now Basil Fawlty is trying to standardise social distancing measures
First rule of Ransomware Club is do not pay the ransom, but it looks like Carlson Wagonlit Travel didn't get the memo
Sunday 2nd August 2020 06:54 GMT
Not off-site (though that is a good idea too), but off-line backups. In the reported case the bad guys were able to spin up a VM in CWT's systems which means (should mean) highly privileged access. If CWT had off-line backups then perhaps the same privilege was used to bring them on-line and damage/delete them?
The above is speculation of course, but if bad guys have had highly privileged access to your systems then you can never be sure they really are your systems any more.
WTF is cloud-tethered compute? We're not sure either, but it just made a hype cycle for the first time
Tuesday 28th July 2020 06:13 GMT
Funding opex-capex balancing
Essentially cloud cost analysis and comparisons, to manage cloud costs and help to inform purchasing. Should get useful in no more than five years.
Or as my first bosses used to ask: 'You want to spend how much?? What do we get for that?'
Buzzword/bullshit bingo at its worst.
UKIP blackmail, data breach sueball allegations were groundless, rules High Court
China successfully launches Mars probe that packs an orbiter, lander, rover
Linux Mint 20 isn't exactly bursting with freshness but, hey, there's kernel 5.4 and it's a long-term support release
Thursday 2nd July 2020 08:01 GMT
Re: Upgrade ? No..
I've always created a new partition and installed the new version
Same here but always run multi-boot on my main laptop. By starting with a multi-boot system there's no need to 'create' any new partitions when you want to upgrade. Pick the OS partition you've decided to upgrade, delete it, install new OS, paste in (large) apt command to reinstall required packages - go for coffee. If you don't like the result boot one of your other partitions that you have maintained.
Obvious disadvantage is maintaining patch levels on multiple OS partitions.
In the unlikely event that the new OS damages your /home partition, restore from backup/snapshot/Nextcloud whatever.
The only time this has failed me was when the very rarely booted Windows OS self-updated (thanks) and stamped all over my partition table - took nearly half a day of fiddling before I gave up and swapped the disk to start again.
Macs, iPhones, iPads to get encrypted DNS – how'd you like them Apples?
Saturday 27th June 2020 10:41 GMT
Re: Better late than bleeding edge?
The problem is it can bypass private DNS servers.
For example, I use a pfsense firewall with DNS which then points to a pihole. This gives me split horizon DNS at the same time as keeping Facebook and the like off my inner networks. If a browser is configured to use DoH then this functionality is compromised.
Obviously what I'm describing is a small home rig but big boys' and girls' networks can be similarly compromised by a software upgrade of a browser.
Cloudflare may have promised to be virtuous and not prat-about with the DNS lookups - but I *want* to block or redirect lookups of certain malicious domains.
NASA mulls going all steam-punk with a fleet of jumping robots to explore Saturn and Jupiter's mysterious moons
CompSci student bitten by fox after feeding it McNuggets
Friday 26th June 2020 06:24 GMT
University authorities will attempt to reduce debris in the hope that trims campus rodent populations and causes foxes to move elsewhere of their own accord.
They're looking at the problem wrongly. The campus is littered with McD and other fast food outlets' rubbish and the rubbish attracts rodents and they attract foxes which bite the students. Seems to me that they'd do better to purge the campus of slovenly students.
In other news: Research finds Comp-Sci students tastier than McDonald's chicken nuggets.
Looking for a home off-world? Take your pick: Astroboffins estimate there are nearly 6bn Earth-likes in the Milky Way
Paging technology providers: £3m is on the table to replace archaic NHS comms network
Monday 22nd June 2020 18:02 GMT
Re: Pager the next generation...
Unfortunately:
Mandatory functionality includes secure messaging, image sharing, staff directory (links to the global NHS.net address book), and calls. While meeting a long compliance list, including patient safety regulations, suppliers are also requested to look at options in connecting the communication system to patient lists, task management systems, video calls, and ERP systems.
So instead of a belt clipped pager telling the doc to call in they get to carry an ipad-sized slab? Who the hell thought it was a good idea to replace a pager with something like this?
Also: £3m? Across how many sites?
Don't panic: An asteroid larger than the Empire State Building is flying past Earth this weekend but we're just fine
Boeing brings back the 737 Max but also lays off thousands
Mulled Chrome API shines light on long-neglected privacy gap: Sites can snoop on your find-in-page searches
Wednesday 27th May 2020 11:56 GMT
Re: Expectations
The book analogy doesn't quite work for me. As you point out, a major feature of a book is that it's on convenient sized pages so it can easily be handled and one page leads to the next. The only place I've seen hidden-until-you-reveal-it text in a book is when reading to my grandchildren when they were under five years old. A web page being analogous to a book page perhaps these are aimed at the under-five mentality too?
Wednesday 27th May 2020 11:03 GMT
Expectations
For example, if a portion of a webpage has been collapsed so the text is not visible, a find-in-page request would not work as expected.
Yes it would - the search wouldn't find the text, exactly as expected because it isn't there.
Where's the logic in hiding text on a web page and waiting for the user to expand it later - apart from slurping, obvs.
Twitter ticks off Trump with new 'Get the facts' alert on pair of fact-challenged tweets
BoJo buckles: UK govt to cut Huawei 5G kit use 'to zero by 2023' after pressure from Tory MPs, Uncle Sam
Sunday 24th May 2020 22:42 GMT
Re: sources comparing the welfare system
I think I understand - and thank you.
I am sure I could never work in an UBO as I find people difficult to interact with. I'm not 'on the spectrum' unless the spectrum is very wide but I'm not good with people.
I understand that the definition of 'welfare' has been changed over the years and that can make it difficult to compare numbers before and after the changes. Some of the changes are/were purported to achieve consistency of reporting across Europe - though it would not surprise me to find countries interpreting the rules to their best advantage.
The Attlee government started to bring in the findings of the Beveridge report and effectively codify what had been local government responsibilities before. On searching for numbers I found the https://www.ukpublicspending.co.uk website which says it draws from Government data. It suggests that in terms of % of GDP or inflation adjusted pounds the only administrations which did not increase welfare spending were Tony Blair's and Cameron/May. There certainly does not seem to be a consistent Labour vs Conservative tug-o-war over welfare... however that is defined.
I seem to have got us sidetracked - the article is about banning a particular company from being a key supplier... but I got triggered by a throwaway comment about 'destruction of the welfare state'.
Sunday 24th May 2020 11:00 GMT
Re: Build it here
OK. Oblivious here. Numbers?
Suggested examples - I don't know if any of these are true or not:
1) More people in need and spending the same amount or less - or not proportionately more?
2) Spending on the wrong sorts of welfare?
3) Wrong definition of welfare?
4) Can't trust the published numbers because <...>?
5) Spending on rich pensioners not poor workers (OK that's a refinement of 2)?
Also, noted: We've only had conservative governments since Jim Callaghan took over from Harold Wilson.
Cyber attack against UK power grid middleman Elexon sparks in-house IT recovery efforts
Spyware slinger NSO to Facebook: Pretty funny you're suing us in California when we have no US presence and use no American IT services...
Sunday 3rd May 2020 10:40 GMT
Re: Implications...
I didn't express myself very well. FB want the world to know that NSO are state level espionage criminals and therefore are not to be worried about by FBs main target groups. By throwing out accusations they distract from the fact that their system (and the platform it runs on) is vulnerable. Painting NSO as 'state level' (by getting them to use that as a defence) gives fake reassurance that nobody else - who maybe just wants to gather enough information to phish or intercept your bank or credit card account details or even just know when you'll be away on holiday - is doing anything similar.
FB don't want to hush this up. By making a noise in the couirts they want everyone to 'realise' that they've done everything they could to make their system safe but that the opposition was out of their league. Which is bollocks, of course.
NSO's technology exists. I have seen no evidence to suggest it is unique.
Sunday 3rd May 2020 10:25 GMT
Re: Class action suit?
Class action suit? These greasy f*cks just admitted, in court, that they sent mal-formatted WhatsApp messages to numerous devices, at which point they DID gain unauthorized access to those devices, violating CFAA each and every time.
From the article: 'NSO's spokesperson reiterated the claim that the biz does not operate its Pegasus software for its clients. And its legal filing says as much: "If Pegasus messages did pass through QuadraNet servers, they would have been sent by NSO’s customers, not NSO."'
Of course, there's a possibility they're fibbing, but no, they did not admit it in court.
Saturday 2nd May 2020 06:28 GMT
Implications...
- Pegassus spyware exists. It can be put on a smartphone to compromise the supposed privacy of Whatsapp messages.
- NSO have Pegassus so it is possible or even probable that other groups have something similar.
- Smartphones are therefore not suitable for highly private communications.
- FB are concerned that (more) people will keep private stuff off their smartphones which will damage their business model.
- If FB can show that NSO are criminals then they hope that most FB (and subsidiary) users will go back to trusting their systems.
Dell to unleash hybrid server/storage boxen that can run virtual machines
Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay
Monday 13th April 2020 07:01 GMT
Look on the bright side
From the article: When the company failed to pay the ransom by their March deadline, the gang – which tends to demand hundreds of thousands to millions of dollars to restore encrypted files – uploaded a selection of the documents to a website that remains online and publicly accessible.
At least Visser got some of the information back - and they didn't have to pay.
More seriously: They also got a clue as to how long the bad guys had been in their system; long enough to steal the data before encrypting it in place. At least, I hope they reacted and didn't allow the encrypted data to leave their system after the ransom demand. If I was running a ransomware racket, I'd want to take a close look at any data that the target was prepared to pay to get back.
Minister slams 5G coronavirus conspiracy theories as 'dangerous nonsense' after phone towers torched in UK
Monday 6th April 2020 07:51 GMT
'mobiles off at night'
hmm, not as daft as it sounds. I know people who can't change the sound settings on their phones - no matter how often they're shown how. They are the sort of people who turn their phones off so that they don't get woken up when the latest insincere 'we're here for you at these difficult times' e-mail from their bank or supermarket arrives in the wee small hours.
Edit: dammit. this was supposed to be a 'reply' to anthonyhegedus' post
Brit housing association blabs 3,500 folks' sexual orientation, ethnicity in email blunder
Cops charge prankster who 'corona-coughed' on aged officer and had it filmed
Thursday 26th March 2020 08:46 GMT
the relevant government minister falsely claimed it had been the victim of a distributed denial-of-service attack before reversing that stance within two hours.
It can be difficult to distinguish between a sudden surge of genuine users and a DDOS - they can both knock the service offline. I don't expect a government minister to be able to tell the difference. However, a minister making any definitive statement before the facts are in is being a prat and asking for worse trouble.
Thursday 26th March 2020 08:17 GMT
Re: Idiot
I agree he and his accomplice are idiots. Trouble is the world does not have capacity to treat every idiot as they deserve. For that matter it's probably just as well; knee-jerk reactions can be over-reactions.
I quite like that they charged this prat with 'stalking with intent to cause fear or physical harm' - good use of existing laws. It could have gone a lot worse for him if the cops had simply identified him on 'social' media (accidental, honest, we were short of staff at the time) and released him into the 'care' of the other idiots.
Crack police squad seeks help to flush out Australian toilet paper thieves
It's time to track people's smartphones to ensure they self-isolate during this global pandemic, says WHO boffin
The show Musk go on: Tesla defies Silicon Valley coronavirus lockdown order, keeps Fremont factory open
Saturday 21st March 2020 13:46 GMT
Re: Simple question
Old people, ask yourself, would I call an ambulance and take up a bed if I was dieing from it? If yes, then self isolate and take it seriously.
I know a couple of 'old people' (relatives of relatives) who are self-isolating. They're having stuff delivered and left outside their front door. They go out to get the boxes of stuff wearing rubber gloves and dust masks and wipe it down with disinfectant before bringing it inside. I don't know if they then wipe down the contents of their delivery boxes.
The poor sods are clearly terrified.
I can't imagine them surviving stress like this for 12 weeks as some have suggested might be necessary - let alone a year as some other politicos have been touting. This is no way to live a life.
Saturday 21st March 2020 13:06 GMT
Re: Yes, it can kill people, it's true.
If by Coordinated isolation you mean staying at home if you think you or your spouse/kids have got the bug and/or not visiting vulnerable people/elderly parents if Fred from the office has called in sick because of it then I'm with you. But then that's what happens among sensible folk pretty much every 'flu season.
Closing businesses, restaurants, theatres, and going out panic buying stuff is complete lunacy.
Looking on the bright side - at least there will be fewer deaths attributed to 'flu this year.
Just for clarity: Yes, it can kill people, it's true. If I catch it it might kill me - or my spouse. Life is precious - live it.
Surge in home working highlights Microsoft licensing issue: If you are not on subscription, working remotely is a premium feature
Firefox to burn FTP out of its browser, starting slowly in version 77 due in April
Dell publishes data centre cleaning guidance, suggests hiring pros to disinfect enterprise kit
The Reg produces exhibit A1: A UK court IT system running Windows XP
Wednesday 11th March 2020 11:26 GMT
Re: Is this as ususal software related?
"Sure, that's another £250k for a replacement instrument."
That sounds familiar. So to save the £250k, stick a small, dedicated firewall/proxy between the instrument and the rest of the network (even if it's a 'private' network not exposed to the Internet) and limit traffic to and from the instrument to the bare essentials. £1k tops and you never have to change the firewall rules because the instrument's requirements never change - because you never upgrade it. You will need to change/maintain the list of machines permitted to access it.
icon: is this isolated enough?
Have you ever seen one of these, son? Ricoh spins off 360° camera boffins to debut neuralyzer-shaped snapper
Wednesday 11th March 2020 06:49 GMT
slim, pen-sized package
Damned big pen. Reminds me of a freebie laser pointer/USB stick/pen I got years ago from the CheckPoint stand at a tech show - back in the day when handing out free USB sticks wasn't seen as so much of a security nightmare. Must dig that out again; I kept it because it was so... useful.
Check Point chap: Small firms don't invest in infosec then hope they won't get hacked. Spoiler alert: They get hacked
Tuesday 10th March 2020 07:06 GMT
Re: Insurance Risk Management?
Why should we look for a different insurance company? This one is willing to pay out even if we've made mistakes...
I recognise this attitude. Thing is: what's the betting that the apparently more lax and expensive insurer will baulk at paying out if the company has neglected basic security? Has your financials person read and understood the small print?
icon: staff might as well go home now...
