* Posts by Diogenes8080

51 posts • joined 7 Jul 2020

Page:

Twilio customer data exposed after its staffers got phished

Diogenes8080

Re: Hmmm

And Brian Krebs put the boot in Twilio for lack of MFA nearly 2 years ago to the day:

https://krebsonsecurity.com/2020/08/sendgrid-under-siege-from-hacked-accounts/

The many derivatives of the CP/M operating system

Diogenes8080

Re: Concurrent CP/M and ICL 80286 hardware

MicroLAN. The hardware was full 10-base2 so in theory 10Mbit. I don't know if the cards were up for that, and with the DRS range it wasn't ever a question because the apps and consequent traffic were tiny.

Diogenes8080

Complete with Specialix paddles supporting up to 16 users on RS-232 to dumb terminals, I imagine.

As Comart was about the size of large microwave oven (but heavier), it would be left on an office side bench with the paddle trailing underneath. Needless to say, that became a complete rats' nest rather quickly.

Share your experience: How does your organization introduce new systems?

Diogenes8080

Re: The Weakest Link

The survey omits two favourites, "we've just bought them so go support their tech" (I wonder why the business was for sale in the first place?) and the truly worrying "we've just bought them for their tech". And that is without going through the "two CIOs enter, one CIO leaves" which normally accompanies mergers and, I hear, can be quite traumatic.

FTC carpet bombs industry with letters warning that fake reviews will be punished

Diogenes8080

Three word post

"falsely claiming an endorsement by a third party; misrepresenting that an endorser is an actual user, a current user, or a recent user; continuing to use an endorsement without good reason to believe that the endorser continues to subscribe to the views presented; misrepresenting that an endorsement represents the experience, views, or opinions of users or purported users; using an endorsement to make deceptive performance claims"

lying, or

"failing to disclose an unexpected material connection with an endorser; and misrepresenting that the experience of endorsers represents consumers' typical or ordinary experience."

cheating.

Nine floors underground, Oracle's Israel data centre can 'withstand a rocket, a missile or even a car bomb'

Diogenes8080

Re: Car bomb?

It isn't a proper continuity site unless it can withstand a near miss from a 1MT warhead.

US school districts blame Amazon for nationwide bus driver shortage

Diogenes8080

Re: Bus drivers...

I have it on good authority that the traditional solution is to keep a rabbit and a revolver in the glove box and to scream at the children as soon as they do anything out of line. Untidy hair completes the intimidating image.

UK Ministry of Defence apologises – again – after another major email blunder in Afghanistan

Diogenes8080

Re: "the Afghan Relocation and Assistance Policy (Arap) team"

Joking aside, that comment might frame the problem with the West's policy in Afghanistan over the last 15 years rather well.

Diogenes8080

Timing unclear

BBC story clarifies that Wallace was not aware of leak of 55 names when he announced disciplining of an official for the leak of 250+ names. However, it is not clear in what order those breaches occurred. It could still be the same chump responsible for both. Investigation of 250+ leak may have led to second discovery.

ARAP covers a problem that did not exist two months ago so was probably thrown together using whatever and whoever was available.

Am still not impressed by any mail system that accepts a very large number of recipients for a single message, regardless of address mode.

Thatcher-era ICL mainframe fingered for failure to pay out over £1bn in UK pensions

Diogenes8080

Pennywise and pound-simple

Makes you wonder if the "small group of specialists" was being progressively diverted to tackle a rising number of fraud cases, leading to a backlog of queries. They couldn't recruit more? Now the department owes GBP 1B, with an additional 15k cases reckoned untraceable and data on the deceased deleted after 4 years due to convenient data protection.

The oldest cases go back to 1985, so it sounds as if the problem really is procedural rather than due to a coding error. I suppose there is some excellent reason why on retirement the NICS record of a taxpayer could not just be copied over to the DWP in a "thats-all-folks" file. Give it the data and a VME box will happily chomp through a lot of complex rules, batch or interactive.

Microsoft Exchange Autodiscover protocol found leaking hundreds of thousands of credentials

Diogenes8080

The obvious

So how about a list of relevant Autodiscover domains that don't belong to Guardicore, and some idea of who owns them?

This is one exploit that should be relatively easy to trace. At the very least it might shine some light on the practices of the domain registration industry.

Intuit branches out into email marketing by splashing $12bn on Mailchimp acquisition

Diogenes8080

Re: Yes, that's exactly what I need

Then drop the ranges indicated by https://mxtoolbox.com/SuperTool.aspx?action=mx%3amcsv.net&run=toolpage and remember that they will include all of the Mandrill space which is notionally transactional. In practice RSG's toleration for bulk from those blocks has varied over the years. Any commentards managing mailservers for others would be better advised to conditionally deliver (i.e. place in junk) with a prior policy announcement to recipients.

For those suggesting / requesting free services, my experience is that any sort of entry level / taster service will be abused.

In other news, Scurvy Monkey are renaming themselves. The damage to simian-themed poo-slinging brands appears to be irreparable. Did I just muddle that last sentence?

Council culture: Software test leads to absurd local planning SNAFU

Diogenes8080

Re: this process could cost the council £8,000 in taxpayer funds.

So the council received legal advice that a legal advisor would need to charge £8k of legal fees to reverse the inadvertent publication of test data. Unless the maligned system automatically poked records into other systems, I suspect that the council received advice from a local outside body.

Elizabeth Holmes' Theranos fraud trial begins: Defense claims all she did was fail – and that's not a crime

Diogenes8080

Re: "as owner of half the company's shares"

I am sure that somewhere I read that the real trick is knowing when to bail out of a scam, and to have an effective escape plan:

"Turn your back and walk away,

and live to graft another day."

Good news: There's a slightly increased chance of asteroid Bennu hitting Earth. Bad news: It's still really slight

Diogenes8080

Thar's gold in them thar astyroids

Half a kilometre of ice and pumice is hardly Earth-shattering (though still capable of wrecking a small nation).

https://impact.ese.ic.ac.uk/ImpactEarth/cgi-bin/crater.cgi, I went with 535m diameter, 1190 density and typical cometary velocity and theta.

By 2182 we may be looking at ways to hard-land it in an unpopulated area. Fresh water! Reverse global warming!

Now if NASA or any other agency really wants to push the CPU boat out, how about calculating the "billiards" scenario whereby one of these near-misses slingshots around either the Earth or the Moon?

Microsoft responds to PrintNightmare by making life that little bit harder for admins

Diogenes8080

Re: If only...

That would be PCL5e if driving the traditional herd of Heaving Packhorses in the corporate Windows space. To hell with whatever the badge says on the hardware.

Allowing end users to install some driver they found on the internet is hardly a recipe for system stability, is it? I don't know why some IT teams put up with it.

Salesperson, we want a standard driver. One that runs anything we are likely to order from your brochure. Here, we've ticked them for you. If anyone wants to call off anything else from your product range, speak to us first because accounts payable have /very/ strict instructions.

Naturally we're talking exclusivity. Here's an inventory giving you some idea of the size of the existing estate. Still interested? Good. Sign here, please, in blood.

I no longer have a burning hatred for Jewish people, says Googler now suddenly no longer at Google

Diogenes8080

He's only making things worse for himself!

I'll have two large flat ones and a bag of gravel, please!

UK arm of international charity the Salvation Army hit by ransomware attack

Diogenes8080

Re: dirty pool, dude

The lowest I heard of were a pack of data thieves who went after a Florida hospice, deliberately looking for the personal details of the recently deceased. That gave them the widest window for identify theft, with the bonus that the crime might never be discovered by the executors.

BOFH: Oh for Pete’s sake. Don’t make a spectacle of yourself

Diogenes8080

Test card J

For the benefit of readers outside the UK, this is a reference to the BBC test card transmission when a channel is not broadcasting:

https://en.wikipedia.org/wiki/Test_Card_F#testcardj

Japan assembles superteam of aircraft component manufacturers to build supersonic passenger plane

Diogenes8080

The sky was the colour of television, tuned to a dead channel

I want my JAL shuttle.

'Vast majority of people' are onside with a data grab they know next to nothing about, reckons UK health secretary

Diogenes8080

Contractually Secure

Would any of these prospective data consumers sign a contract saying "You accept full liability for any costs, fines or compensatory payments arising from public identification of any subject in this data"?

I thought so. Problem solved.

If they think they can get away with professing ignorance, add a few unique fictional records to each set so you know who leaked.

Google's diversity strat lead who said Jews have 'insatiable appetite for war' is no longer diversity strat lead

Diogenes8080

This being Google, one would hope that their HR team could run a search...

Why am I deluding myself?

Hang on a [sub-tropical linen plant-picking] minute, is there an Oompa Loompa song for this?

The policy of truth: As ransomware claims rise, what's a cyber insurer to do?

Diogenes8080

Rank pedantry

If they are incompetent, how is the situation deliberate? That would be malice...

But yes, paying ransoms is massively fuelling the fire, and taking funds away from correcting the faults that led to the opportunity in the first place.

Hit any beancounter budgeting for ransoms with the Colonial Pipeline case: the victims paid and the gang gave a valid decryption program that performed so slowly it was quicker to restore anyway.

South Korea's first fully indigenous rocket now on launch pad, ready for tests

Diogenes8080

Duplication of effort

I thought there were plenty of North Korean missiles that wanted to defect?

Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency

Diogenes8080

What security risk?

A breached Constant Contact account is only a security risk if it has any deliverability... which around here it doesn't.

Unlike Sendgrid and Mailchimp / Mandrill, there is no transactional meat shield that I was aware of.

Besides, I thought all of the respectable US agencies were with GovDelivery?

Hi, Congress. FTC here. It would be so wonderful if you could let us recover money stolen from victims by crooks

Diogenes8080

The House Always Wins

A money service bureau [bank] unknowingly accepts the business of a fraudster. The MSB takes its usual fees. The victims lose, but the MSB profits [unknowingly] from the crimes. The fraud is detected and the account is frozen. The MSB holds the funds until the allegations are proven and the moneys are returned to the victims or the allegations are disproven and the account unfrozen. This may take some time, during which the balance remains with the MSB. Stage 3 applies.

Oh Lord, won't you buy me a Mercedes-Benz? Detroit waits for my order, you'd better make amends

Diogenes8080

Re: Don't ask "is it plugged in"

You have learned the tao well, Grasshopper.

Sucks to be you, any aliens living anywhere near Proxima Centauri's record-smashing solar flare

Diogenes8080

Re: Proxima Centauri is a glimpse of our own future

Also see Inconstant Moon (story, not entire anthology) by same author, for a lesser blink.

Then Flare Time (Limits) for much lesser regular blinks.

Half of Q1's malware traffic observed by Sophos was TLS encrypted, hiding inside legit requests to legit services

Diogenes8080

Jolly Boating Weather

Possibly correct if your honeypot is in Chennai.

Elsewhere in the world, other nets are likely to figure. For botnets, Stiff's scurvy crew say CN 1st, IN 2nd and US 3rd: https://www.spamhaus.org/statistics/botnet-cc/

I am surprised the ratio of encrypted traffic is not higher. SSL is free, domains and hosting are cheap and no-one seems to think it is their problem if a fraudster tells lies when applying for any of these.

Microsoft 365 tries again at filtering swearing, bad behavior: Classifiers for seven languages offered

Diogenes8080

What fresh hell is this?

I will be interested to see what is finally offered, but:

US products are often notoriously US-centric but sold as-is to other English-speaking nations. Never mind about different cultural values and the resulting false positives; these dictionaries will miss a lot of unpleasant local vernacular that could potentially get your senders in trouble. If you work in healthcare, also beware these dictionaries picking up "clinically correct" expressions.

A lot of Eastern European profanity is, I understand, euphemistic and only profane in context. It would take a fairly impressive AI to get that right. Other languages may pose similar problems.

As other posters have pointed out, legal and HR teams often need to handle statements verbatim. You can typically exempt their mailboxes, but that leaves them unscreened and what about shared storage? In personal communication, what is acceptable amongst friends is not so acceptable from enemies and strangers. Again, it's a matter of context.

You have a hit. You, or an automated rule, tells the sender / author not to. It doesn't take long for that person to adopt obfuscation, after which you are in a labour-intensive and ultimately fruitless loop as the possible permutations spiral beyond your product limits. Alternatively you can drop / delete / quarantine the content and create a support burden there instead.

Thousands of taxpayers' personal details potentially exposed online through councils' debt-chasing texts

Diogenes8080

An honourable shortener

The case for URL shortening services in an era when a URL can be conveniently represented by a short hyperlinked word is indeed marginal. SMS is regrettably one case where it is justifiable, though the [redacted] responsible for the site mentioned in the article could have done better even so. I would be curious to know if misrepresentations were made to the councils in question, or whether IT project staff on the ground failed to read the small print or possibly even the large print written in friendly crayon colours. Capita, as always, remain the clerical omelette.

To judge the worth of a shortening service, see if it offers a convenient reverse service whereby the recipient can input a link and see what it would expand to.

Microsoft lines its UserVoice forums up against the wall, readies firing squad of '1st party solutions'

Diogenes8080

Muppet Show

I suspect that some of those are by posters farming for reputation. What is more depressing is when some of the more asinine suggestions are accepted as fixes, suggesting a degree of collusion or puppetry.

Dropbox absorbs DocSend to add analytics, secure links to document sharing

Diogenes8080

Dropbox market share

Fewer phishers and malware spammers using it as their document delivery platform of choice, perhaps?

These days it seems any free or free-to-trial resource will be abused, and many of the more obscure ones don't appear in the right classification of many security products.

McAfee to offload enterprise business for $4bn, focus on consumer security

Diogenes8080

Who gets the kids?

There appears to be a lack of detail (in the original press release, so we cannot blame El Reg) as to how the split will work. Presumably whatever laboratory capability McAfee have will go with the consumer business, and STG have no security capacity themselves with the singular exception of RSA. The nearest product they offer is a SIEM and that won't stand in for an endpoint solution.

"Until closing, McAfee will continue to conduct and operate the Enterprise business, while McAfee, STG, and the Enterprise business’ leadership team will partner to plan for a successful transition for the business, its employees, and its customers." That suggests to me that there is no plan as yet. A lot of McAfee enterprise customers must be worried.

European, US watchdogs approve Microsoft's $7.5bn deal to takeover video games publisher ZeniMax

Diogenes8080

Gibbage

"You appear to be firing a rocket launcher. Would you like help with that?"

or

"0x00000080" BFG_HARDWARE_FAILURE

Customer comment and contributions no more as Microsoft pulls the plug on Office 365 UserVoice forum

Diogenes8080

Well of Lost Souls

Uservoice was useful for seeing that a problem one had discovered was in fact general, that others were complaining about it and it had not been fixed since {yore}.

With its closure, the quality of Techcommunity may go down unless the moderation becomes highly partisan.

This would also be a blow for "Microsoft Product Support" if their remuneration depended on not forwarding irate customers to Microsoft proper.

The torture garden of Microsoft Exchange: Grant us the serenity to accept what they cannot EOL

Diogenes8080

Re: Situation normal for Microsoft

EXO message tracking will give you a quick response on anything up to 10 days ago. After that, you are in "post a request and we might get an answer today" territory - which is something you would do if you are looking for a long-standing problem, or want to know if the latest phish is from a regular correspondent.

Now if you were complaining that EXO message tracking is not real-time... which would be a near-impossible goal for any cloud solution, let alone something the size of O365. Even on-premises solutions normally have a latency of a minute or so. What annoys me about all of O365's tracking, exploring, hunting and scripting alternatives are that the results are variable, and do not say "this is up to 5 minutes ago", "up to an hour ago" or whether the results you are seeing are not in fact inclusive of the last day and a half.

Has Amazon finally gone cuckoo? Bezos' behemoth turns to crowdfunding for Alexa-powered timepiece

Diogenes8080

Wrong perspective

Build It is the product being launched here. The clock is test data, though I am surprised that Google did not lead with an item more likely to obtain overwhelming support. Possibly the intention is a negative result.

No phish for the likes of you, thank you very much! Google finds email villains are picky about demographics, country

Diogenes8080

Re: Too "safe" already?

Incorrect. An unaddressed spam problem will gradually rise to the point where the mailbox is unusable. I have taken over the administration of domains where the worst-case mailbox inflows were easily 80% junk if the more borderline grey mail was included.

Regarding the original article and phishing, I currently assist in the administration of a domain covering the UK, Eire and a number of other European nations. The anglophone nations appear to get more of their fair share of phishes, and can see threat patterns weeks, months or even a year before they appear in other linguospheres (if that's a word). Even other nations with a high proportion of english-speakers are left behind, and some of the phishes they do get... are in English.

Privacy campaigner flags concerns about Microsoft's creepy Productivity Score

Diogenes8080

Magic Quadrant

Take that thought a step further, Prof. Fox.

Given the management magic quadrant of benign/malignant vs competent/incompetent (after Adams?) how long will it take one quadrant to realise that there there /is/ an inverse correlation between these metrics and actual results? Better draft that response carefully: you are now only allowed 3 posts and 3 sent mails per day!

AWS admits to 'severely impaired' services in US-EAST-1, can't even post updates to Service Health Dashboard

Diogenes8080

History repeats itself

"Werner said we don't need a DR site for US-East-1 because we have multiple availability zones."

"If you work for VMware, Cisco or Apache leave the room."

https://youtube.com/watch?v=m3wrBFuGK2A

I wonder if a "defective storage bot" was to blame this time?

Let's go space truckin': 1970s probe Voyager 1 is now 14 billion miles from home

Diogenes8080

Re: Penultimate Space Power

That is because your mobile was not designed for a one-way trip to deep space.

Whether it deserves a one-way trip to deep space I leave to the commentators on Android, IOS and... another operating system.

Diogenes8080

Re: Deep Purple

15 minutes? My copies say the In Concert recording should be 21:46 and the Made In Japan recording (somewhat different and worth a listen nonetheless) should be 19:58.

Make every support ticket more urgent than everything else. Now who said that?

Forget your space-age IT security systems. It might just take a $1m bribe and a willing employee to be pwned

Diogenes8080

Attribution

Gaming was my first thought too - Reno is / was the registration of choice / necessity for a number of outfits?

However, see https://www.zippia.com/company/best-biggest-companies-in-reno-nv/ - there are a number of medicals there too.

Looking down the scale, isn't there also a certain ranch in Nevada? Be fscked if I can remember the name.

'My wife tried to order some clothes tonight. When she logged in, she was in someone else's account ... Now someone's charged her card'

Diogenes8080

Encouraging diligence

If the payment chain itself is not compromised but the merchant is slapping nonsense on customers' credit card accounts through auto-negligence, is the vampire PCI-DSS invoked?

This NSA, FBI security advisory has four words you never want to see together: Fancy Bear Linux rootkit

Diogenes8080

Re: Fancy Bear Linux rootkit

Wrong XKCD, comrade!

Try https://xkcd.com/424/

Only EU can help us, pleads Slack as it slings competition complaint against Microsoft Teams

Diogenes8080

Re: Same old MS

Thinking back to the browser wars, which ironically Microsoft appear to have finally lost with the adoption of Chromium "Edge", one of the arguments was that they were cross-subsidizing IE development with Office revenues.

Before that we had grumblings that Office enjoyed unfair access to the undocumented lower levels of Windows which its erstwhile competitors did not.

Microsoft pulls dust covers off Dataverse*: Low-code data access from Teams

Diogenes8080

Re: Anyone told Data Access Corp?

Someone tell Microsoft about Wikipedia: https://en.wikipedia.org/wiki/DataFlex

960 LinkedIn employees will be let go... If only there was some kind of 'social network for suits' to assist job hunts

Diogenes8080

I was under the impression the RFC requirement for an Abuse address had been deprecated.

Nominet shakes up system for expiring .uk domains, just happens to choose one that will make it £millions. Again

Diogenes8080

So there isn't any conflict of interest between being the auctioneer of expired domain names and running the dispute process?

Given the types of mischief that a previously-active domain can be used for, the non-profit solution would be to lock expired domains until such time as a new customer could make a good case for using an old name AND pass some sort of effective diligence. That would of course exclude 95% of the average registry's customer base.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022