Posts by Rattus 19 posts • joined 11 Jun 2018
+1
well said
To everyone else, please stop and think for a moment.
I recognise that there is a lot of humour and mickey take going on in here, but please consider how what you say may affect others before you say it.
Whilst I wouldn't have have called for a lot of the changes being called for / made, it really doesn't hurt me to change the terminology that I use to make it less offensive to others. If by making these small changes we can make the whole industry even a little bit more inclusive and less hurtful that can only be a good thing.
From time to time I will make errors in naming, and whilst any offence will be unintentional I would hope that someone will point out my error so that I am able to correct it. As the FLOSS community says "patches welcome" :-)
/Rattus
As I understand it Enigma was never cracked.
Instead The Bombes were just an automated brute force attack. Reading the messages of the day required that the brute force attack completed before the key of the day was changed.
Don't get me wrong this was an amazing achievement.
Couple with a good understanding of the cypher meant that the possible permutations of cyphertext were magnitudes less than originally believed.
This meant that an brute force approach became feasible, but if I understand correctly this was still too slow.
It was only when a crib was introduced (trying likely message content) that brute forcing the key became a realistic proposition - much like a dictionary attach on today's passwords; the squishy meat-bags are the weakest link.
-----
As to does an enigma machine have worth toady?
Yes; providing it is part of a wider story. If it is just an item with no relationship to other items in a collection then no. much the same as any artefact.
As already pointed out by the vast majority of positive responses to a good, precise keyboard these are something that once you have you will never go back (pretty much the same for a decent mouse as well - spot the embedded engineer - I need to type AND I need to pointy clicky).
However there is a secondary function of a good keyboard - it should be heavy enough and solid enough to bludgeon 'collogues' about the head without breaking, it should be robust enough to place in the autoclave to sterilise afterwords....
... Just saying :-)
Just because an IoT device might run Linux it doesn't mean it is secure (or can be secured).
o Where in Linux is the ability to unpair a spotify account?
o Where does Linux stop a web app from providing sending text passwords?
o Where does Linux prevent an application from having hard coded back door passwords
o Where does Linux prevent idiocy?
s/Linux/Windows
s/Windows/AnyOs
"I've wondered how businesses can hire someone with no real work experience to lead complex efforts. I know the prevailing wisdom is that a manager can manage anything, but I have my doubts."
If you are incompetent the last thing you do is hire someone who might be good at management - Clearly you only employ someone who has done the same MBA as you have, therefore hiding your incompetence behind a wall of equally incompetent management below you, and thus an old boys network is formed....
"Physical security is increasingly overlooked in British national cybersecurity considerations."
If it is that important then perhaps national security shouldn't be left to companies who are motivated by profit and not protecting the national intrest (after all they can happily provide a sevice to whoever is in charge and pays the bills).
If we as a nation want this level of security perhaps we should nationalise the critical infrastructure?
I love the way that they are complaining that 95% coverage covers areas where people are not. How about just coverage where people are first?
I live between Cambridge and Ely in a village, the population at the 2011 Census was 6095 so clearly there are people here. Outdoor phone coverage is possible (-101 dBm according to my phone roughly "1 bar"). I am not complaining that we are hard done to here, this is a problem in most villages in the area (I suscpect this is true for the whole of the UK but can only confirm where I have traveled).
When you do have signal expect it to be "Emergancy calls only" because the cell site is massivly contended
Quite simply someone needs to get their priorities streight. Perhaps an independant signal strength monitoring (and capacity checking) is in order.... I am reminded of a story not long ago about someone doing just this in the US...
There are far to many people who call themselves designers who are not.
A good designer is an esentail part of the product development team
One example of a good designer is Molly...
Take a look at her talk at FOSDEM from a couple of weeks back.
She gets it...
https://fosdem.org/2019/schedule/event/designing_for_security/
Likewise those with interpersonal skills are capable of learning technical skills but fail to do so...
Occasionally I would like a manager or a HR droid to actually understand what it is we are talking about and perhaps, just maybe, they should take some time to understand us rather than just complaining that engineers are blunt, and unthinking. NO we just don't lie to you when we tell you something that is inconvenient to your sensibilities
"If none of your existing applications will work, why would you buy the new Mac?"
Hello?
This is apple we are talking about here. If Apple tell the Fanboz (and Girlz) to buy new software AND buy new hardware they will (and be happy to pay a premium for the plasure of it!)
The mobile phone industry pretty much from the beginning (of consumer phones at least) bundled in the phone with the contract, its only in the last generation of phones or so that most people haven't been desperate to replace the handset with something better^w^w^w^w shiny? Why is that? Could it be because mobile phone handsets are now a mature product - able to do what most people need and want them to do? In the last decade mobile phone operators have started to offer SIM only deals, where as the trend in most other industries is to try and run product as a service:
We don't buy cars any more - we lease them
We don't buy a bike - we rent them by the hour
We don't buy music any more - spotyify and friends
We don't buy software any more - we rent it as a service
We don't buy servers any more - we rent space in the cloud
Sure CAB are right to point out that purchasing a phone and airtime separately can be more cost effective, but if people are too damn lazey to work out the costs for themselves...
One last thought though, if we could all work out the true Total Cost Of <foo> and put a real value on non-tangibles would we be outsourcing everything?
Fingers are often faster thn synapses:-)
The solution?
molly-guard
Taken from packages.debian.org:
The package installs a shell script that overrides the existing shutdown/reboot/halt/poweroff/coldreboot/pm-hibernate/pm-suspend* commands and first runs a set of scripts, which all have to exit successfully, before molly-guard invokes the real command.
One of the scripts checks for existing SSH sessions. If any of the four commands are called interactively over an SSH session, the shell script prompts you to enter the name of the host you wish to shut down. This should adequately prevent you from accidental shutdowns and reboots.
molly-guard diverts the real binaries to /lib/molly-guard/. You can bypass molly-guard by running those binaries directly.
"private LPWA networks....accounted for 93 per cent of connections in 2017"
Not really surprising is it?
There are an awful lot of IoT nodes out there that only connect when they are in range of a 'gateway' node. And many more that 'mesh' together to aggregate through telco network using LTE, but just as likely to use a fixed line back haul.
Sure smart metering will deploy huge numbers of devices, but it is only one (or 2) per premiss (and if you have 2 meters the chances are they will share the back haul)
Anyone with half a whit will recognise that proportionately there will always be vastly more IoT devices than IoT devices utilising public mobile networks though an onboard LTE modem.
The telcos recognise this; however a 7% slice of the pie that is as big as and growing as fast as that of the , admittedly over hyped, IoT market is still serious £$€ (delete as applicable)
/Rattus
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2020
