* Posts by Diogenes8080

162 publicly visible posts • joined 7 Jul 2020

Page:

'Copilot will remember key details about you' for a 'catered to you' experience

Diogenes8080

We already have that each time some chump correspondent organisation's mailboxes get broken into.

Re $phishlink is as prevalent as always. Bonus points if the usual suspects just also happen to have a convenient personal sharing facility to host the initial landing page.

Mozilla is rolling Thundermail, a Gmail, Office 365 rival

Diogenes8080

The Bat would have been a victim of observational bias. If the only time you see Bat headers is when digging around malicious mail, you soon begin to think of it as malware.

Having said that, the careful admin constructs a non-intrusive test filter just to see who else is using The Bat. If all of the samples detected are malicious, what sort of bias is that?

Yes, it's a non-sequitur, but not one that causes the recipient organization any real problems if the test was of satisfactory duration.

OTF, which backs Tor, Let's Encrypt and more, sues to save its funding from Trump cuts

Diogenes8080

Re: The OTF funded tools to permit internet access without tracking or censorship

Well, if they don't even renew the registrations behind the basic infrastructure for those projects then that will be a huge opportunity for someone.

The passive aggression of connecting USB to PS/2

Diogenes8080

SCSI - a menace to goats and barnfowl...

VanHelsing ransomware emerges to put a stake through your Windows heart

Diogenes8080

As the AC says, malware programmed not to attack targets showing RU or associated localisation is now commonplace. All that would happen is the gang would cheerfully pocket your up-front payment. Due credit should however be given to researchers who publish IoCs and technical dissections of malware - they are making enemies.

The post-quantum cryptography apocalypse will be televised in 10 years, says UK's NCSC

Diogenes8080

Advances in cryptography and in the computing power required to break those cyphers are collectively predictable. We just don't know exactly when the tortoise will overtake the hare or vice versa. What is certain is that the encrypted data you send with the best cryptography today will be trivially decypherable X years in the future. What was not happening maybe 15 years ago and is happening to an uncertain degree today is the quantity of intercepted encrypted data being stashed away in the hope that it will prove useful in X years time.

Now let's see. Who is in a position to collect that data, bear the cost of its retention and derive the highest value from it when it is finally unlocked?

Time to ditch US tech for homegrown options, says Dutch parliament

Diogenes8080

Is Verity still writing? At least we have the occasional item from Simon.

FBI officially fingers North Korea for $1.5B Bybit crypto-burglary

Diogenes8080

Re: Undo

Supreme Leader, we have captured a colossal quantity of decadent fascist dream-coins! However, we cannot convert this into cheese tokens without causing their running-dog exchanges to fail! What shall we do?

Fools! Send more ransomware phishes so there are ample funds in the exchanges to buy more cheese!

Tech jobs are now white-collar trades that need apprentices, not a career crawl

Diogenes8080

Re: Please keep us in Brooks Brothers and yachts. Pleasssseee

I believe the good people of Birmingham (West Mids, not AL) are hard at work on that mission right now...

Mega council officers had no idea what they were buying ahead of Oracle fiasco

Diogenes8080

Re: Isn't Oracle at fault here, at least partially?

Originally the costs due to the equal pay dispute (and various administrations trying to dodge that bullet / kick the can down the road to the next administration) were supposed to be nine times the costs incurred by the Oracle project.

If the equal pay costs are lower, what proportion of the BCC black hole does the Oracle debacle now form?

Whatever the proportion, the actual money wasted would have bought a lot of what the county inhabitants are now having to do without.

And schools? Ah, throw each one a handful of A3s and let them sort it out for themselves. That software manages itself, right?

Odds of city-killer asteroid 2024 YR4 hitting Earth creep upward

Diogenes8080

Re: Opportunity?

I've tried two simulators and both say it would not land even if it intersects Earth's orbit. It's an 8MT airburst, even feeding in the upper size estimate and an iron composition. Another Tunguska nevertheless.

Capture would be something of a challenge. You need to slow an estimated 17kms down to a nominal orbital of 8kms and alter the course to drop it into a useful orbit, applying this force to an object of uncertain composition and structural strength. For an estimated 220 thousand tonne rock that's a lot of work for relatively little reward.

As Amazon takes over the Bond franchise, we submit our scripts for the next flick

Diogenes8080

Re: Wrong meglomaniacal squillionaire but

I'm sorry; are you suggesting that under any property ownership, James Bond would /not/ have endless nookie with the available Hollywood nookie served up on a scriptwriter's block? Have you not seen any of the films?

Hmm. That comment is open to interpretation. Perhaps a counterrevolution is in order, after all. I prefer not to think...

Diogenes8080

Take-down command

I assume that photoshop of Uncle Joe wearing a monocle and holding a white Persian cat is going to vanish under a hailstorm of take-downs by the new property rights owner.

Now where did I download that from...?

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

Diogenes8080

The article discussed lateral movement within an organisation. You would not necessarily be phished by an outsider - you could receive an invitation from someone you already deal with within your own tenancy.

Diogenes8080

Re: Oh, it's so much more convenient ....

I think the expression you are searching for is "That's all 'a got for ya, go'way now."

Democrats demand to know WTF is up with that DOGE server on OPM's network

Diogenes8080

Democrats. OPM. Ah, yes:

https://www.theregister.com/2015/06/25/opm_sackings_data_breach_breach/

Trump admin seeks to reclassify federal CIOs, opening door to political appointees

Diogenes8080

Re: Political appointees as CIOs - what could possibly go wrong?

And there was I thinking that the great 2015 breach of the OPM was due in part to a politically-appointed director who failed to implement US Inspector General recommendations:

https://www.theregister.com/2015/06/25/opm_sackings_data_breach_breach/

Placed in modern context there is some obvious flamebait I won't mention. [Lights blue touch-paper, retires behind concrete-faced earth berm]

Why UK Online Safety Act may not be safe for bloggers

Diogenes8080

I am the ghost of Demon past

So a UK company has to fend off shoals of hungry landsharks, but post the same content on a US web site and it is effectively unactionable (unless some vested interest such as a publisher is offended)?

BOFH: Printer's festive bips herald a merry mystery for the Boss's budget

Diogenes8080

You can make an RFID hoop big enough to drive a lorry through, if you need to. It will read lots of tags at the same time, too. It just depends on how industrial a decoder you want to pay for.

FBI issues warning as crooks ramp up emergency data request scams

Diogenes8080

Re: I think I see the problem

It does sound remarkably stupid, yes.

What's wrong with publishing a specimen warrant and the warrant template says "See this link for a list of government offices qualified to handle these warrants. Find the reference number on your warrant and ring the corresponding listed contact number to make contact with the investigating official. Contact no other party regarding this warrant."

Europe's largest local authority slammed for 'poorest' ERP rollout ever

Diogenes8080

Re: An orderly transition would seem sensible

Well, there's variations of the TSB scenario "we have to be off $oldSystem by $deadline because the licence / support cessation / my remuneration bonus says so".

Those joining the circus after the start of the performance will be confronted by existing player reputations shackled to the sunk cost fallacy.

Systems that complex are not turn-key; migration can take months of extra work and expense before the realisation dawns that flashy new system isn't really working or can't cope. Migrating back is politically unacceptable [read suicidal] so everyone keeps hoping that a little more effort (and a few more millions) will make everything right.

BOFH: Don't threaten us with a good time – ensure it

Diogenes8080

Re: Inn-sewer-ants

X-Clacks-overhead...

Criminals open DocuSign's Envelope API to make BEC special delivery

Diogenes8080

Re: Shouldn't DocuSign be checking this?

... creates^W steals, FTFtR. Though I am sure both are true.

https://trial.docusign.com "Try DocuSign free for 30 days. No credit card required". I don't see how that could possibly go wrong.

Make it right? Why not try legal liability for frauds conducted from a negligently-secured system? Most regulators who have not been captured should be in favour of that.

Yes, your network is down – you annoyed us so much we crashed it

Diogenes8080

a.s.r

No, no, no.

It's "grab them by their upstream and their hearts and minds will follow".

Biz hired, and fired, a fake North Korean IT worker – then the ransom demands began

Diogenes8080

WFNK

You can deliver a virtual desktop securely to any part of the planet, even on modest bandwidth. You do not need to give that worker anything other than type, click and see.

The earlier posters were nearer the mark.

Employing a worker sight unseen, and did we actually check the references we were given? Assume the qualifications and professional associations were from identity theft, so new hire X isn't really X at all.

Not segmenting our information? That's just sloppy, and usually results from understrength support. No-one pays any attention until something really valuable is stolen, then suddenly meat's back on the menu, boys!

"Customer Y demands [alternate insecure] product Y" - I feel your pain. Maybe sandbox, restrict and log? No, you CAN'T use it for everything!

Oh, and fake worker isn't doing much work? Then neither is their manager, or the manager is managing too much else. Who signed off on this character, anyway?

Disney kicks Slack to the curb, looks to Microsoft Teams for a happily ever after

Diogenes8080

Re: Teams is fine

"Tha's all I got for ye. Go away now."

Admins wonder if the cloud was such a good idea after all

Diogenes8080

Re: "Why didn't anyone ask the admin*?"

If you were a cloud advocate, we were the enemy - a pure and simple sales obstruction.

Transport for London confirms cyberattack, assures us all is well

Diogenes8080

Reconnoitring

MX:tfl.gov.uk = sundry Forcepoint / Blackspider

SPF:tfl.gov.uk = ditto, their own ASN, a host associated with training, some miscellaneous Rackspace and Exchange Online.

I think we can guess what's happened.

What a coincidence. Spyware makers, Russia's Cozy Bear seem to share same exploits

Diogenes8080

Lyudi Smayli

I have always maintained that at the individual level, the barrier between APT "Bears" and financially motivated "Spiders" is far more porous than many give credit for.

So if you are not locked up in a warm hut in Siberia with all the hardware and bandwidth you can eat (as opposed to being thrown into some brutal tuberculosis-raddled hell-hole) then there is nothing to stop you from engaging in some "private enterprise" in whatever free time you are granted. And if you are in the game, you know where the commercial players are advertising and that they pay well.

Naturally we see tactics and methods transferred between the two groups.

France charges Telegram CEO with multiple crimes

Diogenes8080

Re: "It looks like he didn't comply"

Lift capacity is one thing and CEP is another. Without soft landing, could SpaceX hit the 8th arrondissement?

Would the current inhabitants of the White House be that upset if the force de frappe double-glazed Texas in response?

Microsoft security tools questioned for treating employees as threats

Diogenes8080

Balancing act

No, the resolution of the conflict between privacy and employer interest is well established. The automatics do the checking for you, and if they say there is something wrong then you have due cause to go checking for yourself. If you can see that there is definitely something bad, that gets referred to management / HR.

Diogenes8080

Re: Bosses and 'mangle-ment'

I'm on my fifth proxy technology and have never been asked to exempt any tier of management from the governance applied to other staff. Some might have more access rights, but the logging is the same. On average, we spend more time worrying about senior management and sysadmins because there is scope for worse trouble if they are breached or go rogue.

Microsoft sends Windows Control Panel to tech graveyard

Diogenes8080

Raise

I see your short-specified Vista install and raise you Windows 98 SE with Active Desktop actively disintegrating.

Choose Your Own Adventure with Microsoft 365

Diogenes8080

You feed your budget to a grue.

It is still hungry.

UK tech pioneer Mike Lynch dead at 59

Diogenes8080

Contrariwise

Is it not a very strange and inexplicable coincidence that a waterspout should turn up just as there were sinister plots afoot to sink the boat ?

I'm assuming that we have incontrovertible evidence that there was a waterspout, and that beyond a little cloud seeding weather control remains firmly in the field of science fiction.

Is Lenovo a blind spot in US anti-China security measures?

Diogenes8080

Promise you won't smell no...

ITYM https://www.theregister.com/2015/02/19/superfish_lenovo_spyware/

That was for teh adz. Lenovo customers worried about the PLA one day deciding to weaponize their interest in Lenovo should consider whether they really want Lenovo Vantage installing updates direct from Lenovo when and how it pleases.

And yes, that bloatware finds its way into commercial builds too.

ICANN reserves .internal for private use at the DNS level

Diogenes8080

Re: "it is not certain setting aside .internal will improve anything"

It prevents any number of Onanists from registering it as a spurious public top-level domain with a compliant ICANN in order to extort money from those who already use it.

I assume that the usual suspects tried it on but ended up on an oompa-loompa hit squad. "It's not chocolate in that glass pipe!"

UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack

Diogenes8080

Re: Justice to come?

Also consider that after 2 years we have only arrived at the "You can start to argue the fine down" stage. By the time any penalty finally hits the Advanced books, the original directors / managers responsible for the operational state of affairs there will have moved on.

"A murderer was captured this morning and tried today. Tune in for the execution at six tonight. All net, all channels. Would you like to know more?"

Sneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secrets

Diogenes8080

slipping monopoly

Beware of that equation shifting for MacOs given the probable higher reward of successfully phishing a Mac user. The iCloud platform has also become more of a target / enabler in recent years.

US sends cybercriminals back to Russia in prisoner swap that freed WSJ journo, others

Diogenes8080

Spaghetti

I hate to break it to you, but "thievocracy" is a mash of Old English "theof" and Greek "kratos", the root words having drifted somewhat for modern usage. Either go with "government of thieves" or kleptocracy, which is perfectly well understood even by those who only know a few Greek loan words.

"Thievocracy" sounds like the product of a rather dim and guilt-ridden academic. It jars.

Ransomware infection cuts off blood supply to 250+ hospitals

Diogenes8080

Out of the generosity of their hearts?

Anyone able to explain to me what a not-for-profit is doing in a key point in the supply chain to the highly commercialised US healthcare sector?

Proofpoint phishing palaver plagues millions with 'perfectly spoofed' emails from IBM, Nike, Disney, others

Diogenes8080

Re: Insecure by default

That's a non sequitur. You invite discussion of acceptable content, but this scandal involved an egregious failure of message authentication.

Proof: if plain text was the only acceptable medium then organizations would communicate in that format (anyone remember telex?). These spoofs would still appear perfect in that format, and any client code that added a security preamble to the message would show that it had passed authentication checks. Transfer the funds, Ms Heisselippen!

Text-based attempts to commence BEC are still very commonplace. The plainer ones stand out because a colossal quantity of dross is accepted and even expected in messages, but level the field and they would remain perfectly effective.

I must admit that I had noticed this flow, deduced that the senders were M365 tenants and had assumed simple account breaches. For many, I doubt that the actual cause makes much difference.

DigiCert gives unlucky folks 24 hours to replace doomed certificates after code blunder

Diogenes8080

You have 20 seconds to comply

I had assumed that the real reason for swift compliance was that Google will throw them out of the marketplace at the first opportunity.

CrowdStrike blames a test software bug for that giant global mess it made

Diogenes8080

Re: It worked on my machine!

No, that plays to the Microsoft canard of blaming an open market for security software for the catastrophe. That is in turn a not-so-subtle return the position where MS grant themselves monopoly privileges when writing new software (because only they have complete access to the system APIs). We were arguing that one in the mid-90s.

I would point out that no Crowdstrike customer was deceived into installing the software, and I would expect that all of them fully accepted that they were granting significant system trust to Falcon. What no-one expected was the shocking lack of software quality that allowed a poorly written _data_ update to crash the software and the machines it ran on. Blaming an automatic content validation tool is no excuse; that approach would not prevent an attack by poisoning the data files after validation.

Crowdstrike need to fix that flaw before I would trust Falcon on my kit.

Forget security – Google's reCAPTCHA v2 is exploiting users for profit

Diogenes8080

Re: Just say no

He jesteth not.

The joke being that if your root file system needs fsck, it probably is.

CrowdStrike file update bricks Windows machines around the world

Diogenes8080

Re: Related?

Server options like iDrac, ILO et al exist for a reason.

For the humble workstation - you have various Intel vulnerabilities.

Once you have access to the crashed system, I understand that a simple wildcard delete and restart cures all. Am not a MobPunt customer so cannot confirm.

Diogenes8080

Re: Related?

Been there. Did that. Have the vendor T-shirt.

Strangely enough, they now have an arrangement whereby the clueful can designate a test group and release the software to that before deciding to release it to the entire estate.

Others say "we only deploy $newstuff to 10% of your estate" (so only 10% is fscked, and hopefully that does not include both of your solitary pair of DCs). Scream loudly enough and the other 90% shall be saved.

Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals

Diogenes8080

Re: Simply criminals

Assuming a fairly fluid boundary between financially-motivated and state-sponsored groups, this would allow them to accumulate brownie points with those providing the "krisha", or possibly with the frothing loon activists if there's normally little love lost there.

We need a volunteer to literally crawl over broken glass to fix this network

Diogenes8080

Re: my message to Your "oncall@register" has triggered your junk email

I remember when even in Outhouse Express (I am setting the bar pretty low here) ROT-13 was only quick mouse-click away.

Diogenes8080

Re: "I literally crawled over broken glass for this company."

At least you were not required to fight another tech on the lily pad with stripped network cable ends, dodging broken glass scattered on the surface of the pad itself whilst it rolled unpredictably around the exhibit.

Page: