* Posts by Robin Bradshaw

301 posts • joined 26 Sep 2007

Page:

Scots denied Saltire emoji

Robin Bradshaw

Re: where does it end?

Big John the unicode consortium were way ahead of you and you can sponsor a character:

https://twitter.com/unicode/status/725729260137119744

I have no idea who Seth Madlon-Kay is but applaud his willingness to waste $100 for comedy

0
0

Modular phone Ara to finally launch

Robin Bradshaw
Trollface

Its android so you might be able to upgrade the hardware but you wont be able to update the OS

3
0

Apple bans benign iOS spyware detection, security info app

Robin Bradshaw

So they dropped the ban hammer on this app because

"your app may report inaccurate information which could mislead or confuse your users."

Yet a quick look at the app store finds horoscope apps

https://itunes.apple.com/us/app/full-horoscope-daily-prediction/id407729716?mt=8

or the modern equivalent of x-ray spectacles ordered from the back page of comics

https://itunes.apple.com/us/app/x-ray-cam/id434831157?mt=8

Apple are dicks

13
0

Are state-sponsored attackers poisoning the statistical well?

Robin Bradshaw

This somewhat presupposes Governments make decisions based on scientific data.

I haven't seen any evidence this is the case in the UK.

31
0

Anonymised search engine page found on 'kid-friendly' search site

Robin Bradshaw
FAIL

Never trust user input!

xss in the search box https://www.openbugbounty.org/incidents/138592/

1
0

Watch: SpaceX finally lands Falcon rocket on robo-barge in one piece

Robin Bradshaw

Re: Mice

Cats in zero-G on a military parabolic flight:

https://www.youtube.com/watch?v=O9XtK6R1QAk

4
0

Space archeologist discovers new evidence of Vikings invading America

Robin Bradshaw

Re: Space Archeology ?

Its not quite "space" archeology, but the UK airborne LIDAR dataset is close.

Here is stonehenge:

https://houseprices.io/lab/lidar/map?ref=SU122422

3
0

FAA's 'drone smash risk to aircraft' is plane crazy

Robin Bradshaw

Re: Drones are far more dangerous than birds, here's why...

5. Though experiment: If we can have drones in the air why can't we have drone cars that get given to kids as xmas presents and share the roads with us? Oh wait, that'd be a terrible idea..

Theres this new project google is working on that nobody has heard about yet, Self driving cars!!! yeah i know crazy right, i heard they might even have some demo hardware in a few years time.

So not so much as a thought experiment, more they just aren't on sale yet, give it time and they will be.

0
0

London cops hunt chimpanzee in top hat

Robin Bradshaw

If someone offered me that monstrosity of a stuffed chimp http://crappytaxidermy.com/ is the first place i would be contacting not the police.

Who the hell would pay money that? Id pay to have it taken away.

1
0

Brit firm unleashes drone-busting net cannon

Robin Bradshaw

Range of 100m

Lucky for them drones cant fly higher than 100m above the ground.

0
0

Outsourced Virgin Media techies botched this infosec bod's Poodle fix

Robin Bradshaw

Wait What??

So does this mean Virgin media saw all those fake Microsoft Support phone calls, decided that was a good business model and started doing their own version?

11
0

Hack the planet, er, Pentagon: US Dept of Defense puts bounties on bugs

Robin Bradshaw
Trollface

PLA Unit 61398 are going to make a mint in bountys.

Clearance shouldn't be too hard for them as they already have the OPM database. :)

0
1

No tit for tat, or should that be tat for tit ... Women selling stuff on eBay get lower bids

Robin Bradshaw

Re: Study?

Richard Jones 1, one possible reason for the lower bids than face value is gift cards are into the more shady end of stuff being sold on ebay, with a not unreasonable chance it was a card purchased with stolen credit card details then being auctioned to launder the money, so i imagine there is a reduction in perceived value for it being potentially iffy.

http://krebsonsecurity.com/2015/12/the-role-of-phony-returns-in-gift-card-fraud/

Their paper states one of the items they tracked were auctions for a new “Bulova 18K Gold 95G07 Wrist Watch for Women.” which makes me wonder if they tracked any auctions that didn't scream someone cashing out credit cards, buying a gold watch from the online tat bazaar the only thing your likely to end up with is green stains on your wrist when the lacquer comes off the brass.

2
0

Bomb hoax server hoster reportedly cuffed in France

Robin Bradshaw

Re: I don't get it

Because if they didn't they wouldn't get their cut of the money for all the fake microsoft support calls and sales spam calls.

13
0

Israeli drones and jet signals slurped by UK and US SIGINT teams

Robin Bradshaw

Why would you do this?

Why on an expensive drone or fighter would would you use analogue video with cut and rotate encryption? Is their next plan to upgrade the system to replace the h-sync with a 4MHz burst?

Surely in the 20+ years since this was state of the art they would have managed to drag their drones into the digital telemetry era, even the crap consumer ones from china are doing video over wifi now.

1
0

UK Home Sec wants Minority Report-style policing – using your slurped data

Robin Bradshaw

Re: That Minority Report reference...

If your relying on public transportation in the UK, your movement will already be severely restricted.

2
0

Hacks rebel after bosses secretly install motion sensors under desks

Robin Bradshaw

Did they do a teardown?

This OccupEye device has the whiff of half arsed internet-of-shit™ about it.

I wouldn't have been able to get any work done until i had fired up the sdr captured the transmissions, decoded the no doubt plaintext packet format and then bodged up something with an arduino and cheap chipcon radio to feed nonsense to the receivers. It would ruin my productivity.

everybody here, everybody gone, everybody here.......

If anyone has sniffed these devices do tell, id love to know if there is any security.

3
0

Forget anonymity, we can remember you wholesale with machine intel, hackers warned

Robin Bradshaw

Ctrl+C, Ctrl+V

stackoverflow is going to end up getting blamed for everything :)

39
0

'Phantom' menace threatens to down Xbox Live, PSN at Xmas

Robin Bradshaw

Its a ruse by the engineers at microsoft and sony to cover their arses when their networks inevitably slow to a crawl as everyone unwraps their new shiny console and tries to download the 6gigs of updates before they can play metalgearsofwarcraft 20

3
1

Child abuse image hash list shared with major web firms

Robin Bradshaw

Re: Hmm

"One final technical point. If the technology actually worked as advertised, why isn't it being exploited by people who could make profit from it?"

It is

http://www.theregister.co.uk/2015/09/09/i2600i_girds_loins_to_fight_off_copyright_troll/

0
0

Rap for wrap chaps in crap email trap: Chipotle HR used domain it had no control over

Robin Bradshaw

The tragic tale of foo :)

http://bar.com/

6
0

iPad data entry errors caused plane to strike runway during takeoff

Robin Bradshaw

Re: Read it back?

I would hope that if you entered a weight of 64,000 tons it would pop up a warning that you are supposed to be trying to fly a plane not a battleship :)

6
0

Lenovo stock: The channel iceberg is melting

Robin Bradshaw

Just an idea

Perhaps if they stopped installing malware on their machines they might sell a little better.

2
0

Vicious vandals violate voluminous Versailles vagina

Robin Bradshaw

Public art

Thats a bit high brow for my tastes.

Colin Furze's 16ft high jet powered farting arse was much better :)

https://www.youtube.com/watch?v=LMzAS9SsMBw

1
1

El Reg knocks a fiver off 16GB USB stick

Robin Bradshaw

Re: But ...

Nameless Dread i think the more important question is, what chipset do they use? Im hoping for Phison 2251-03 so i can put my own malware in it :)

https://github.com/adamcaudill/Psychson

0
0

Tired of IoT hype? Internet of SLUGS and SPIDERS is the reality

Robin Bradshaw

Re: Use all resources available

Slug on a hamster wheel: https://www.youtube.com/watch?v=T5gI1joaCxI

You wont be running a datacenter with the electrical output though.

0
0

China weaponizes its Great Firewall into the GREAT FIRE CANNON, menaces entire globe

Robin Bradshaw

Great cannon ping pong

I may have misunderstood but i was under the impression that if the developers at github had less scruples, they could have either setup a temporary 302 redirect to the largest video file on baidu they could find, or introduce their own ddos javascript to do the same in return to chinese site of their choice, it isnt that great of a cannon if your enemys can send your own weapon back at you.

Full respect to the devs at github for just using an alert() to halt the evil javascript and signal something was wrong to the end user, my first instinct would be to have a crack at flattening baidu.

8
0

I helped Amazon.com find an XSS hole and all I got was this lousy t-shirt

Robin Bradshaw

Re: Smaller Companies - Bugs

Peter 26 you mean like this, where the amazon xss was reported? :)

https://www.xssposed.org/

0
0

UK spaceport, phase two: Now where do we PUT the bleeding thing?

Robin Bradshaw

My extremely rough calculations using google earth suggest that if the spaceport was built in Hastings in east sussex we could drop all our spent first stages on Brussels, assuming they land about 160miles east of the launch site like the shuttle SRB's

16
1

You'll NEVER guess who has bought I Taught Taylor Swift How To Give Head dot-com

Robin Bradshaw

Re: MarkMonitorScrewedTaylorSwiftDotCom

Dont forget .horse

10
0

Turing notes found warming Bletchley Park's leaky ceilings

Robin Bradshaw

www.campus-party.eu i give up, whats that got to do with it?

0
0

Please use TWO HANDS to access AdultFriendFinder

Robin Bradshaw

Ill show you mine :)

http://gogle-analytics.com/

Typos in where you load scripts from is another possibility :)

If anyone wants to try to get todospelaeducacao/clubviaggi to fix their sites be my guest I failed miserably to contact them.

4
0

German minister fingered as hacker 'steals' her thumbprint from a PHOTO

Robin Bradshaw

English translation here

You can watch the talk with an English audio translation here:

The folks who do the videos at the CCC are awesome :)

https://www.youtube.com/watch?v=VVxL9ymiyAU

1
0

Google's whois results say it's a lousy smut searcher

Robin Bradshaw

Airing a grievance

http://bad.solutions/

Whois is not the only way to let the world know a company has annoyed you

4
1

ATTACK OF THE DRONES: ‘Nefarious’ private use rising, says top Blighty copper

Robin Bradshaw

Where can I get their magic batterys that allow more than about 15 mins of flight time and their fantastic propellers that allow flight without the model aircraft sounding like a million angry bees that make all this nefarious use practical?

A camera on a stick is a more realistic threat model for peering in upper floor windows, when are we going to see a house of lords committee on the threat posed by sticks and gaffer tape?

Could we not just go back to calling them model aircraft and stop worrying?

13
0

USB coding anarchy: Consider all sticks licked

Robin Bradshaw

Re: Hidden partitions

JohnB that is probably a U3 drive, its like that by design, the manufacturers website will probably have a U3 removal tool on their support site to turn it into a normal usb drive if you wish to do so.

2
0

VXers Shellshocking embedded BusyBox boxen

Robin Bradshaw

Re: Bash + Busybox

Flocke Kroes Im probably wrong but my understanding from the article is that they seem to be using one shellshock vulnerable device as a beachead from which to launch brute force login attacks against other devices on the same network as the shellshocked device, not that busybox itself is vulnerable.

I looked into the idea of pivoting from one device onto an internal network in a vaguely similar way using a web browser and javascript xmlhttprequests to spam shellshock payload onto the browsers internal lan: http://gogle-analytics.com/QNAP/ to demonstrate to a friend their device might not be safe.

1
0

Groupon flees from army of angry GNOMES: Trademark bid for 'Gnome' tab scrapped

Robin Bradshaw

Its probably for the best, if they had called it Gnome they would have been crushed by misdirected support calls.

1
0

Pro-ISIS script kiddies deface West Yorkshire egg-chasers' site

Robin Bradshaw

Next on 24: Nothing to do at the office

OMG the terror! Mobilise the troops and set the threat level to Purple Alert!

I can only hope for something this srs they have got Jack Bauer on the case.

3
1

UK smart meters arrive in 2020. Hackers have ALREADY found a flaw

Robin Bradshaw

https://www.usenix.org/system/files/conference/woot12/woot12-final24.pdf

How long do you think it will be until someone finds a baseband vuln that can be exploited over the air interface so you can drive down the street with a fake bts in the car messing with all the meters.

1
0

In a spin: Samsung accuses LG exec of washing machine SABOTAGE

Robin Bradshaw

If you can find them

Another washer that will take an absolute beating is ASEA, who i think have now been bought by ASKO, I can remember playing in the box it came in as a child and im 38 now and my parents are still using it, my dad had to fix it once and when he opened it it had the schematic included inside printed on waterproof paper.

I think they were also built under license by Maytag, but its been a long time so i have no idea what they are like now, but the fact they used induction motors so you didnt have to replace brushes is a big plus.

1
0

Hacker publishes tech support phone scammer slammer

Robin Bradshaw

http://www.itslenny.com/

Theres more than one way to skin a cat

1
0

Experimental hypersonic SUPERMISSILE destroyed 4 SECONDS after US launched it

Robin Bradshaw

Re: Anywhere in the world within 60 minutes?

You jest about thermonuclear snails but the UK considered nuclear chickens at one point ::)

http://en.wikipedia.org/wiki/Blue_Peacock

0
0

Beware of Greeks bearing spammy small omicrons, says Google

Robin Bradshaw

Use .co.uk to reduce your phishing risk :)

I cant think of a sensible way to prevent this other than maybe an option to have all non-ascii characters printed as inverted so it screams scammy url, thats the best i could come up with.

I just checked and llοydsbank.com ( xn--llydsbank-r1g.com ) and nаtwest.com ( xn--ntwest-3nf.com ) both appear to be available, the other uk banks i checked, Barclays and Santander appear to use a .co.uk domain which seems sensible since nominet doesn't support internationalised domain names.

0
0

China cracks down on instant messengers: Users must hand over REAL NAMES

Robin Bradshaw

"No country in the world allows dissemination of information of rumors, violence, cheating, sex and terrorism."

They have never read youtube comments then. :)

12
0

'POWER from AIR' backscatter tech now juices up Internet of Stuff Wi-Fi gizmos

Robin Bradshaw

The NSA beat them to it :)

http://leaksource.files.wordpress.com/2013/12/nsa-ant-surlyspawn.jpg

0
0

Plug and PREY: Hackers reprogram USB drives to silently infect PCs

Robin Bradshaw

USB Rubber Ducky

Whilst this is rewriting the code on an existing USB drive the attack vector they describe, a combined mass storage/HID keyboard usb stick, can be purchased here from hack5 the same people who brought you the wifi pineapple:

http://usbrubberducky.com/

If your interested in messing with USB thumb drives the software to reprogram them is reasonably easy to find but id reccomend only using it in a VM as it tends to come from strange chinese websites.

I found this talk incredibly helpfull in chasing down the software https://www.youtube.com/watch?v=ZdzTRkojzwU but never got beyond messing making my test drives appear as a combined CDrom/flash stick and giving the drives stupid names, im guessing with considerable effor the firmware in the flash tool could be disassembled and patched to do bad things.

1
0

Russia to SAP, Apple: Hand over source code to prove you're not spies

Robin Bradshaw

Custom russian silicon

I hope Russia does build its own CPU's but ill be most upset if they use 64 bit ARM, Id like to see a SETUN 2.0 because the world needs a ternary CPU :)

1
1

FRIKKIN' LASERS could REPLACE fibre-optic comms cables

Robin Bradshaw

Re: Didn't know about the relative time frames of pulse and survival of the light guide

Im sure i read once about trying to make a plasma channel using incredibly short pulses from a UV laser that became self focusing due to the physics.

However if it was achieved it wouldnt be used for anything as humanitarian as dissipating lightening (preventing a fair few wildfires) it would herald the era of Tom Swift's electric rifle and even more efficient warfare.

4
0

Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network

Robin Bradshaw

Re: I have to defend the police here...

@condiment and the moral of that story is the good Samaritan would have been better off if he had walked on by and let the kid get run over, its a wonderful society were building isn't it.

1
0

Page:

Forums