* Posts by NiceCuppaTea

86 posts • joined 16 Jan 2018


Big Tech silent on data privacy in post-Roe America


Re: Swiss-Cheese Reassurances by Clue Co-CEOs

To make money.... duh

MPs charged with analysing Online Safety Bill say end-to-end encryption should be called out as 'specific risk factor'


Re: end-to-end encryption

They could try not being self serving bastards so that people dont want to conspire against them. Or is that asking too much?

UK Treasury and Bank of England starting to sound serious about 'Britcoin'


I can almost hear the big wigs at Crapita wringing their hands from here!

If my understanding of how digital currencies work is correct the basic way they all work is through the "owner" of a specific token signing a transfer request of that token to another user using their private key ( or one derived from it )???

What happens to all of these digital currencies when said encryption alogrithm is broken? Please dont tell me oh x y z algo is completely unbreakable because we have all seen "unbreakable" algos come and go in the past.

Im not sure of the specifics but say BTC is based on a ECDSA function to sign the tokens. When (not if) ECDSA gets broken does the whole ecosystem fall apart or is there a built in mechanism to change to a different cryptogrphic standard? Would that not invalidate all existing private keys (users wallets) and effectivly reset everyone to zero? if an encryption algo has been broken then how would you verify the new algo private key has been generated and belongs to the person who had the original now cracked key without a valid / known source signature? Where would the instruction to change algo come from as there is no central command and control?

Its all well and good having these risks present when its individuals and hedge funds cocking around with money but when a central government of an entire country embraces these risks it has a much wider ability to send a country into anarchy.

Hijacked, rampaging infrastructure will kill humans by 2025 – Gartner


So im gonna ask the obvious question.... Why are things that have the potential to hurt / kill etc etc. a large number of people connected to a network / accessible by people that would want to do such things?

Background checks?

Air gapping?

EncroChat hack case: RAM, bam... what? Data in transit is data at rest, rules UK Court of Appeal


I can never use data again

Some of our contracts at work state that data at rest must be encrypted. If RAM now counts as data at rest how am i supposed to ever decrypt/use that data without breaching contract?

New t-shirt slogan: 'My job was outsourced to an Indian company that moved it to Vietnam'


Those pesky indians

Those pesky indian call centre staff have obviously started to unionise and ask for enough money to feed themselves how dare they! Best see if we can exploit someone else!

UK competition watchdog fast-tracks investigation into mega-merger of O2 and Virgin Media


Viring media Positioning for 5G

Can see the why... when 5G rollout is completed who the hell will wnt fixed lines, either in business or residential? If i can pluck 1gbps out the air then wyh would i pay for a leased line?

European Space Agency will launch giant claw that drags space junk to its doom


Re: They should have gone with the James bond scoop design

Or even better, so we dont end up with more particulate matter in our air you know that we breathe and would quite like to not contain stuff that our bodies dont like, you could send them on a course to the sun. Doesnt matter if it take 400 years to get there or whatever, just put it on that course and forget about it.

UK regulator Ofcom to ban carriers from selling locked handsets to make dumping clingy networks even easier


Re: Wait, what?

I think they took "slowly slowly catchy monkey" too seriously

President Trump's H-1B visa crackdown wiped $100bn off market value of America's largest corps, top study finds


GDP and various economic outputs are a poor measure of a countries "success" and needs to be dropped asafp.

A better measure would be median income per capita minus median cost of living. Giving a more accurate view of "success" if success is defined as the quality of living for a countries inhabitants.

Yes there is the age old argument of money doesnt bring happiness but not being able to afford a roof and 3 square meals tends to make being happy more difficult.

How the tables have turned: Bloke says he trained facial recognition algorithm to identify police officers


Re: Portland

Omni Consumer Products gonna get that contract?

QUIC! IETF sets November deadline for last comments on TCP-killer spawned by Google and Cloudflare


Re: Faster loading web pages!

Dont forget video and audio, UDP is perfect for those. Dropped a frame or 1/4 of a word? resend it so you get a random frame/word out of sequence or "sod it the user wont even notice" Not to mention the added latency and bufferring required for sending ACK's of every packet leading to weird pauses in conversations.


Re: I don't get it

I think they are probably just dropping ACK from TCP with some sort of list of misseed stuff at the end.

TCP is typically Send Packet <-> ACK Packet

UDP is Send Packet -> Send Packet -> Send Packet dont care if you receive them.

had a quick read of the wiki and it seems QUIC processes data in the applicaiotn layer with an applicaiton ID as part of the data packet. With the applicaiton informing the server of anything that didnt make it to the client.

Thought the FBI were the only ones able to unlock encrypted phones? Pretty much every US cop can get the job done


Active Directory and Administrator passwords are tools, you let all your users have access to those? You know because your network might get broken into and they might need them to help defend the network.

Morgan Stanley hit with $60m penalty for failing to properly decommission old kit hosting 'wealth management' data


I guess a few grand for their own hard disk shredder is looking more like a wise investment now then. No subconractor, no problem. A PFY writing down serial numbers and chucking disks into a muncher is cheap by comparison eh?

UK govt advert encouraging re-skilling for cyber jobs implodes spectacularly


Im offened

That the Ad's all imply that im not "special" being in IT and that anyone can retrain to do my job. It implies that its a simple and easy process! Am i really that thick that its taken me 20 years to get to a poistion that 'swell paid and technical?

We don't need maintenance this often, surely? Pull it. Oh dear, the system's down


Re: How about nonpayment?

You mean issueing "trial software" with full funcitonality and if a valid license key isnt added (after invoice payment) it goes into bork mode? I think this is generally accepted in software!

Court hearing on election security is zoombombed on 9/11 anniversary with porn, swastikas, pics of WTC attacks


Re: What?

Third point fails miserably unfortunately.

I will agree your analogy is correct but it just doesnt apply.

What actually happened is more akin to someone leaving their door open with a fat ass sign outside saying "OPEN HOUSE, PUBLIC WELCOME".

The owner then subsequently giving everyone a paintbrush and a paint can then wondering why some joker decided to paint the kitchen bright pink with green dots whilst others did no painting at all and the acutal decorators stood to one side.

Nobody is saying that everyone needs to be a computer expert just that before letting people loose with tools that have the potential to cause fuckups they should have adequate knowledge and training associated with the tools they are using. Would you give a circular saw to random person with no carpentry training/experience and tell them to go build a shed?

'My wife tried to order some clothes tonight. When she logged in, she was in someone else's account ... Now someone's charged her card'


But it was delivered within sprint right?

Hey we delivered agile......

What would you prefer: Satellite-streamed cat GIFs – or a decent early warning of an asteroid apocalypse?


WHy bother looking at asteriods that will destory earth?

So the scenario is theres an asteroid thats going to hit the earth and destroy the whole thing only we cant see it because of all the cat GIF distribution satelites......

Who cares? If said asteroid was gonna hit theres nothing we can do to prevent it so why not spend our last few minutes in blissfull ignorance looking at cat gifs?

Thanks for the memories... now pay up or else: Maze ransomware crew claims to have hacked SK hynix, leaks '5% of stolen files'


Re: Recovery

We all talk of good backups but that only gets you access back to your data, it doesn't mitigate, in the least, the leak of the possibly-sensitive documents that have occurred from the theft.

Encrypt your data at rest!

US voting hardware maker's shock discovery: Security improves when you actually work with the community


Re: What he didn't say...

"Best way is some sort of chaos-monkey approach where you try and inject some totally crazy inputs and see if it gets elected"

Didnt they do that already on the last elections?

Hoverbikes, Hyperloops and sub-orbital hijinks: Yes, the '3rd, 4th and 5th Dimensions of Travel' are coming soon


Re: Nothing so simple

Isnt hyperloop just those tubes off futurama?

Microsoft brings WinUI to desktop apps: It's a landmark for Windows development, but it has taken far too long


Does this mean i will be able to access the integrated webcam from a win32 app without jumping through UWP hoops now? I hope it does because its PITA at the moment.

From attacked engineers to a crypto-loving preacher with a questionable CV: Yep, it's still very much 5G silly season


As long as it happens before my fixed rate mortgage deal ends and i can pay for my house for the same price as a mars bar im good with that :-)

Borklays soz for the ailing ATMs but won't say if fix involved a Microsoft invoice


"While some of the ATM machines were unhappy, The Register understands that the rest of the bank's services were tickety-boo. No unsupported Windows 7 here, no sir, although some branches stayed open a little longer for customers unable to use a borked hole-in-the-wall."

The the machine was almost s borked as this paragraph from the article. Almost as bad as saying PIN number. While some of the AutomatedTellerMachine machines were unhappy grrrrr

Don't be fooled, experts warn, America's anti-child-abuse EARN IT Act could burn encryption to the ground


Re: I don't have a problem with this

I think you mean damp squid, everyone knows its damp squid.

Crazy idea but hear us out... With robots taking people's jobs, can we rethink this whole working to survive thing?


Re: They toooock ewre joohbs!!!

Automation will push down the wages of people that still have jobs. At some tipping point, it will cause an economic collapse if nothing is done, as there will be such a big divide between those that have money and jobs and those that do not, that the industries will no longer need to produce anywhere near what they used to, as no one can afford to by any of it.

At which point it will become cheaper to get a person to do the work rather than invest in a robot.... if "Company A" now only has to make 500 widgets instead of 6 million because 500 is all they can sell then it would be cheaper to get a person to build the widgets than invest millions in an auto widget maker.

Guess the scales are just tipping more towards automation at the moment but there will come a tipping point where automation just isnt worth the investment.

He’s a pain in the ASCII to everybody. Now please acquit my sysadmin client over these CIA Vault 7 leaking charges


As a Juror i would not believe a single word the prosecution spouted.

I would expect that the events were probably as follows....

CIA realises they have been PWND because of lax security and the conversations goes.....

"We need to save face who can we stick this on, if congress finds out we are actually shit at security our budget will get cut"

"What about that guy that quit last month, the one thats a complete asshole?"

"yeah he will do, he runs a web server, set some bods putting a load of kiddie porn on it to help set up his image as a bastard in the media"

"righto boss"

"set some other people on coming up with a suitable complicated story to confuse a jury into convicting him"

"Already on it boss"

"ok tip off the FBI over the kiddie porn then we will also arrest him with our story about how hes magic and theres noone who could have stopped him unless we had more budget"

Astroboffins may have raged at Elon's emissions staining the sky, but all those satellites will be more boon than bother


Do they support IP V6?

Apple calls BS on FBI, AG: We're totally not dragging our feet in murder probe iPhone decryption. PS: No backdoors


Re: They are clearly hoping to push legislation for a backdoor

So, typically your iCloud is used for backups right.... in case your phone is destroyed / lost / broken, some of us use iDevices but dont want that manky iTunes on our computers right so the phone backs itself / photos etc up to the cloud. If the backup is encrypted with a key thats only present on the device then the backups become kinda useless in the typical recovery scenarios.

World's richest bloke battles Oz catastro-fire with incredible AU$1m donation (aka load of cheap greenwashing)


Anyone do an analysis of how much money Amazon isnt making in AU due to the fires?

If his donation brings the fires under control a day sooner than if he hadnt made the donation then im sure amazon.au will rake in at least an additional $1m.

Paying some nice tax deductable donation to be able to make more money from his operations in the area. Im sure if the cost benefit analysis matched up he would be more than happy to donate a few billion to stop the fires.

The Six Million Dollar Scam: London cops probe Travelex cyber-ransacking amid reports of £m ransomware demand, wide-open VPN server holes


The reason there is less malware for *nix is low adoption rates among the unwashed. Writing malware is a business, as a business you have to think of ROI.

If i write a nasty piece of code for *nix i will have the opportunity to infect and gain money from x% of the world, if i write for windows i will have the opportunity for X%

I'm pretty sure there are a massive ammount of *nix exclusive attack vectors that havnt been descovered or exploited simply because its not worth investing the time and effort involved in finding them.

I have no particular allegance to any OS but its simple economics.

We won't CU later: New Ofcom broadband proposals mull killing off old copper network


Re: Spare a copper?

When Borris promised more coppers I didnt think he meant digging them up!

Hate speech row: Fine or jail anyone who calls people boffins, geeks or eggheads, psychology nerd demands


Re: Speaking as a guy ...

Does it rhyme with shunt?


As my dear old mum used to say...

Sitcks and stones may break my bones but words can never hurt me... I wish more had had this knowledge imparted upon them, if you wanna be more current "words are wind"

Plus being a geek is far better than suffering constant ID-10-T errors Every time someone calls you a geek / egghead / whatever all you should hear is "you're smarter than i am"which is of course a compliment.

Apple sues iPhone CPU design ace after he quits to run data-center chip upstart Nuvia


Re: Another language

And now you both owe Apple £800 and a kidney as they filed the patent.


Dont forget you can also bankrupt a company via legal fees and a billion appeals processes. If they can't afford to defend themselves they must be guilty!

When you have an army of lawyers on permanent payroll you have to give them something to do.

UK tech freelancer numbers down for first time in 5 years since IR35 tax reforms hit public sector



You do realise that the taxation from ciggies more than paid for the the smokers costs to the NHS and then some right?

You also realise that people dieing earlier due to smoking saves money through not paying out pensions and old age care related expenses right?

Promise of £5bn for rural fibre prompts Openreach to reach for the trench-digging diamond cutter


Contention ratios FTW!

BT is also testing "remote nodes" – where fibre-optic cables can be built out from specially adapted existing green roadside cabinets. The specialised broadband-boosting equipment will enable it to "piggy-back" on the existing network.

So right now the people at the existing green box enjoy a good ammount of bandwidth as the existing cabinet backhaul was sized for the area it was serving, i can almost see the meeting now....

Bright spark beancounter : "Wouldnt it be cheaper to dig from that green box to the next one instead of laying a whole new cable".

Tech :. "the customers on the existing box will suffer with additional contention for the available bandwidth".

Lawyers : "We have a contention ratio built into our contracts, we only need to supply 1 20th of the speed we promised at peak times"

Middle manglement : "SOLD!"

The Pwn Star State: Nearly two dozen Texas towns targeted by tiresome ransomware


Re: So that's how they do it

If i were writing such malware i would embed a copy of my remote access code in every pdf file found during the recon phase, as we all know PDF's are a crackers wet dream with the amount of security vulnerabilities.

Maybe also embed myself in some services like print spooler to re-enable my remote access after the restores have taken place.

If a cracker has had access for any period of time then you have to assume your entire estate is compromised and take appropriate steps, this is why the fundamental security principals must be adhered to at all times.

Least privs to be able to do your job, firewalls should never be turned off even when only on the LAN, firewalls tuned to only allow things you are expecting, unused services turned off etc etc etc. In this day and age your LAN is only marginally safer than the internet and should be treated as such.

Truckers, prepare to lose your jobs as UPS buys into self-driving tech


I have a better idea, two words. Parcel Cannon

As above, why not make a Parcel Cannon (TM) instead, probably safer and a lot cooler? Surely with all the AI and weather data we can create a smart bomb like parcel delivery mechanism? Rail gun that shoots amazon packages anyone? With dedicated targets (the local deliery center) that have lasers for targeting. Anything with lasers is instantly cool in my book :-)

Low Barr: Don't give me that crap about security, just put the backdoors in the encryption, roars US Attorney General


Whats to stop the tech co's just upping and leaving the US if they dont want to install backdoors? The US doesnt own the internet and without a China like great firewall they cant stop their citizent using apps and services from other countries where encryption isnt banned. Sometimes the old ones are the best....Use a free email account, write a draft message, dont send it. The person you want to communicate with has access to the same account and just reads the draft. Mail is never sent anywhere, nothing to intercept. There are many many ways to talk without other knowing what you say and hardly any of them rely on technological encryption.

One that spring to mind is going old school and have a particular obscure book that you use for your encryption / decyrption 3 numbers to determine a word which equate to pagenumber, line number, word number. As long as both people have the same book then bobs your uncle, secure comms. You could even have multiple books and have a reserved number pattern or header which instructs the recipient to switch books / which book to use for decryption.

Braking bad? Van with £112m worth of crystal meth in back hits cop car at police station


Makes you wonder what the depth of the gene pool is in this guys family....

Given that the coppers didnt track him down for an hour you would have thought the first thing he would have done is hide the life sentence worth of drugs in the back of his van then get drunk and be "another piss head driver" better that and risk a fine / loss of license than whatever you get in AU for a shed load of crystal.

Weather forecasters are STILL banging on about 5G clashing with their sensors. As if climate change is a big deal


Re: Why. Just why?

Being able to pluck a few hundre megabit out of the air is a lot cheaper than having to lay proper telecoms infrastructure to remote homes and businesses. In one fell swoop at least the UK govt can hit their target of having "super fast broadband" available to the whole UK population by allowing mobile co's to put up a few more masts and sell 5G routers as static internet connections.

Parliament IT bods' fail sees server's naked OS exposed to world+dog


Re: Right click - Share C drive as read only...

Its actually quite easy to do.... no need to activly change file permissions, the fat finger path with a space plus using an account to run the IIS application/site that is a member of the default Users group would have the seen results. Easy mistake to make but still not forgivable...

What first attracted Ofcom boss Sharon White to the near-£1m salary offered by John Lewis Partnership?


Re: damp squib

I hope that was an IT crowd reference, if so i tip my hat :D

Salesforce? Salesfarce: Cloud giant in multi-hour meltdown after database blunder grants users access to all data


Hosting / Cloud providers don't learn from others mistakes (or even their own sometimes) even with a single tenant solution a tired/inattentive sysadmin can have devastating effects, i still shudder when i think of all the VPS instances that 123 reg nuked a few years ago whilst trying to delete inactive VM's

UK pr0n viewers plan to circumvent smut-block measures – survey


Re: There is a reason the UK government prefer rope for hanging themselves

They would pay Crapita 60 billion quid to do it for them.

Oxford startup magics up metamaterials for next-gen charging


Re: I have another theory

9. its difficult to continue using the device whilst its charging.



Biting the hand that feeds IT © 1998–2022