Feeds

* Posts by Nuno trancoso

66 posts • joined 20 Oct 2007

Page:

Bad PUPPY: Undead Windows XP deposits fresh scamware on lawn

Nuno trancoso

Reminds me of my old boss, who is a PC repair shop owner, temporarily loosing his higher brain functions and putting his mobile number in a site that "had" a "crack" for an app he wanted. Then he confirmed the SMS.... In one fell swoop he had €20 less in the mobile and a zombified PC.

2
0

USA opposes 'Schengen cloud' Eurocentric routing plan

Nuno trancoso

Can't see what the fuss is about. The big boys quite surely already have servers in European space, it's just a matter of them making sure no Euro<>Euro comms ever leave the Euro part. Why would Uncle NSA be so pissed about Euro data not crossing over to any place they can tap it? Oh wait...

Then again, maybe people should just start using encryption instead of believing someone's (and insert whatever you want here) good intentions.

Heck, if everyone started using proper encryption, the noise would be so bad Uncle NSA would be driven to fallback into time honored targeted spying tactics instead of just slurping ludicrous amounts of data in the hope they catch something remotely useful.

(Congress might be happier too since targeted black ops must surely cost less than running their datacenters...)

20
1

Final Windows XP Patch Tuesday will plug Word RTF vuln

Nuno trancoso

Bug in Word. Haven't used since... Check!

Bug in Internet Explorer. Haven't since even before i haven't used... Check!

Bug in Publisher. Haven't used, period. Check!

If these are the kind of "vulnerabilities" XP is gonna have from now on, man, keep'em coming.

p.s. If you have a) still use Word b) still use IE and c) allow crap like Publisher on the boxes, you had it coming didn't you?

2
1

I QUIT: Mozilla's anti-gay-marriage Brendan Eich leaps out of door

Nuno trancoso

That someone got (subtly) forced out of his job/position not for his competence or lack of, but because of what beliefs he espouses is beyond the pale...

What amazes me is that the same lobby crying intolerance and throwing stones at the man are themselves (by logic reasoning) intolerant, since they can't accept the fact that he doesn't share their view. Tolerance goes both ways not just one.

Guess it's time for the devs to say fork it (bad pun) and head off to some new place more concerned about their products than what some lobby thinks of them.

Mozilla, a place where everyone's views are welcome, unless your views are different than ours (or some lobby, or some flavour of the week PC'ness, or anything not related to web browsers).

3
0

Forget sledgehammers – crooks can CRACK ATMs with a TEXT

Nuno trancoso

While everybody loves hating Windows, true point is, a USB port? And the ATM is configured to boot from it as default? What could possible be wrong with that line of thought...

Even keeping the USB port, a much better idea would have been to have a custom BIOS that checked for existence of a flash drive connected to said USB port and then, if one existed, read a key from it and used it to decrypt a boot image off a hidden partition into the system partition. Right key? ATM back to a clean start state. Wrong key? Bricked ATM in need of hauling to repair shop. Assumes a tamper proof HD/SSD setup.

The cynical in me thinks this is just a setup for plausible denial. Whomever did the ATM's was probably "persuaded" (at point blank) to make them "somewhat insecure", not bad enough they'd look guilty, just clueless. Eventually loosing face is far better than immediately loosing (parts of) head...

2
1

Windows 8 BREAKS ITSELF after system restores

Nuno trancoso

Ye know... Imaging (and restoring said images) is pretty old hat. So why is it that M$ couldn't get it right and ended up with the PoS named System Restore? Oh right, since most users have a one disk one partition setup, you couldn't go nuclear on that and plain restore the image or you'd nuke the user data too... So instead of forcing a os+apps/data split, they "developed" a new system that only seems to work when it comes to restoring malware back into the system.

M$ could sometimes GetItRightTM just by not trying so hard to come up with a revolutionary non round wheel...

1
0

Apple 'hid AUD$9 BILLION' from Australia alone: Report

Nuno trancoso

Re: It may not be illegal

People in need aren't Apple's primary, secondary or even tertiary market targets. So, any wonder they don't give two woots about them?

Don't be pissed that Apple does what it legally can do, be pissed that you (and mine) government(s) gave them the tools to do it. Be doubly pissed that they allow it to keep happening. And end up asking yourself WHY don't they just close the loopholes.

5
1

THOUSANDS of UK.gov Win XP PCs to face April hacker storm... including boxes at TAXMAN, NHS

Nuno trancoso

Same FUD again from people with a too obvious agenda, ie market drones...

If OS XYZ stops getting support at day x, it wont make it more vulnerable than it was at day x-1, just that nothing will be fixed by the manufacturer after that date. On a similar note, OS ZYX, the successor to XYZ, doesn't become more secure after day x either.

Given that both XYZ and ZYX have been through several rounds of "fixing", one might argue that neither is really more (in)secure than the other. OTOH, XYZ been around (and abused) for a while longer, and it's "pool" of (exploitable) vulnerabilities has shrunk quite a bit. While ZYX's attack surface is quite "virgin" in comparison.

Malware writers also like to hunt "big game" as profit is directly proportional to numbers. OS FREEBIE and OS FRUITY have benefited from this for ages. Now, if a significant amount of punters move from XYZ to ZYX (or FRUITY or FREEBIE or CAKEY or something), said miscreants change targets, they always do and do it real fast.

Point in case, was there any 0day for 3.1 making the headlines these last, say... 10 years? You might just get away by being with something nobody gives two tweets about anymore..

2
0

Microsoft warns of post-April zero day hack bonanza on Windows XP

Nuno trancoso

Sigh...

Here we go again... Who gives a tweet? How many of the W7/W8 patches will translate to a all-Winblows landscape vulnerability? It's quite likely a small number. Of that small number, how many will allow rooting the box? Quite likely an even smaller number. And of those, how many will have impossible to close attack vectors that make patches a must and not a "if available"? Think you get the idea...

This whole "XP gonna die an horrible death" hammering is just driving the point home. The point that MS f'ed up badly with every OS since then and now they're getting desperate with a userbase that just WON'T "upgrade". It's not XP's fault for being too good as it isn't, it's just better than the crap they churned out to replace it...

p.s. to the *nix crowd, give up. That you might have a (technological) edge on the OS wars is debatable. That you aren't even a runner up on the application wars is a fact. Until you loose that delusional mindset that GIMP can replace PS and app XYZ can replace it's win/osx established industry standard replacement, you're going nowhere and doing the community a disservice...

1
2

Win XP alive and kicking despite 2014 kill switch (Don't ask about Win 8)

Nuno trancoso

Pfffffff

Get me a supported OS/distro that didn't get patches/fixes. Now get me one that didn't need patches/fixes by it's EOL. Failed? Of course you did...

Thus, logic implies that whether old or new it's gonna have flaws. It's not whether or not it has them that matters, it's whether or not it's a particular show stopper for your setup.

IF XP reaches EOL, i won't be any worse than i was the day before, because it either worked the day before or it didn't. EOL didn't bring anything new, just means there won't be more patches/fixes henceforth.

And me, like many others, won't go jumping through hoops just to have the "latest bling" for fashion's sake, time better spent using/maintaining our established app/hardware base.

Give me a critical/killer app that the old OS can't run and i'll start upgrading. Can't find one? Sod luck...

1
0

Intel demos real-time code compression for die shrinkage, power saving

Nuno trancoso

Hmmm

If this was some form of say UPX, then you'd have a small benefit on storage space saved, but your memory "energy footprint" would be the same as the executable would still take the same space once uncompressed.

But... if the exec is compressed once as it leaves storage>RAM and then dynamically uncompressed/compressed as the CPU fetches it (and maybe changes it), you'd have a smaller memory "energy footprint" than the original, assuming code would compress enough that the lower memory energy usage outweighed the energy the compression/decompression unit used.

As for blaming compilers, well, there are many a part of code a compiler simply can't take a guess at rewriting/optimizing. For example code that might never execute but that the compiler can't ignore because it might execute sometimes. A unit such as this actually works in that case because it doesn't need to make assumptions, it just packs/unpacks as needed.

0
0

Tokyo beak rules against Samsung in Apple 'bounce back' case

Nuno trancoso

Re: What?

Certainly not deserving of a patent either, maybe?

In case you can't grep it, making a UI element respond to an event is by no means an innovation. What's next, patent rounded icons? Oh, wait...

The sad part is that while Apple touts itself as an innovator, it amusingly overindulges itself on petty squabbles over trivialities that they patented not so much to protect same said "innovation" but for the leverage and chill effect it might have on it's competition.

Anyone still defending the patent system as it exists must be either the government or a lawyer. Both having an unspoken interest ($$$) in keeping the mess just as it is.

2
1

Obama's new cyber-security tactics finger corrupt staff, China

Nuno trancoso

Wish that for once the zealots would step off their high horses and remembered that while Winblows is by and large the ultimate security hole, they also have by and far the largest userbase. Move everyone off Wintel land and start watching *nix get the beating from catering to (l)users.

No matter how secure your OS/apps is, it won't stop pbcak, thus, will ultimately also fail.

Dully remember, just because you have thousands of eyes on the source doesn't mean the flaw didn't go unnoticed. "Prior art" of existing *nix exploits proves this to be correct.

Win, by being ubiquitous, has a target painted in it's forehead. Are you sure you wanna borrow that?

p.s. bad security practices are NOT OS dependent. If we all move to "system z", you can expect the "clowns in control" to mess that one too.

0
0

Firm moves to trademark 'Python' name out from under the language

Nuno trancoso
FAIL

Just another fine example of why (single) common words should never be allowed as trademarks/names.

It's 2013, one would have thought that by now it would be common sense that "blanket type" trademarks/patents was the root of all issues and that it's applicants should be thrown out the door (and fined) far faster than they managed to sneak in...

1
0

Samsung: Never mind Steve Jobs, let's snap off a piece of stylus biz

Nuno trancoso
Pint

Re: But seriously

Ever had to draw, as in "painting" in a graphics app as opposed to "drawing" in AutoCAD/etc with a mouse? Not fun, not intuitive, not functional. And given tablets potential as a drawing tablet, Samsung might be wanting to cash in on that for digital artists instead of assuming they'll find fingerpainting in Photoshop either amusing or productive.

On the UI matter, deliberately designing it so that it accommodates fat fingered people and "touch with fingers" is fair design, but it's also a waste of potential. Give users a choice between "lame ui for fingers" and "slick 4x+ more functional ui for stylus" and watch them pick up the pen like thingy.

Then again, might be that Apple is still buthurt over Palm given they got it oh so right were Apple royally messed. Palm had stylus>stylus is bad. Newblown had stylus too>stylus must be evil incarnated.

Beer salute to my late III. 2 AA's lasted a month+. Monochrome, ugly and 100% reliable until the touchscreen went south...

4
0

Unlucky for you: UK crypto-duo 'crack' HTTPS in Lucky 13 attack

Nuno trancoso

If memory serves me right, i've read about an ancient exploit that cracked passwords by timing how long it took the OS to reject them (they had to be checking char by char and rejecting at first bad).

One would think guys working on such up and above stuff like heavy crypto would consider reasonably measurable right/wrong response time as an attack vector...

Or maybe they thought faster message processing for BoastingRightsTM was more important than adding artificial jitter to make it safer...

1
0

Kill that Java plugin now! New 0-day exploit running wild online

Nuno trancoso

Re: can't resist

Dear sir, you have just made me spill my coffee...

I hereby salute you ^^

0
0

Bad news: PC slump worse than feared. Good news: It's Friday

Nuno trancoso

Don't need 'em either...

Think main problem is that we already have too much as is. My E7400 is old news, and i have it running at stock 2.8. That's a real change since it's the first time i've run stock on any box since my 1998 Cel300A@450.

If i think "upgrade", the image in my mind is HD's+RAM. And for that i can buy parts, no need to shift boxes.

Besides, where i live you fork out an extra €100-150 for a "name box" built out of lesser parts than you'd get built in a mom'n'pop store...

That 1st tier builders also like to install every lame PoS software they think you "might" want and then having to spend hours cleaning that crap out is just another good reason NOT to buy their wares.

1
0

Big Blue bigwig: Tiny processor knobs can't shrink forever

Nuno trancoso
Happy

Re: Platter size

You don't have 5 1/4 bays in your desktop? It's not even "news" as Quantum was doing it way back when.

http://en.wikipedia.org/wiki/Quantum_Bigfoot_%28hard_drive%29

They did it just because of the opposite thing, to provide the same storage space at lower density, but if you kept the density the same, the larger area would instantly translate to larger storage space. Given that the things were quite slim, at least those i had were just 1 platter 1/2 height, i'm quite willing to bet they could use at least a 2 platter full 5 1/4 height and squeeze a bit of storage space from the extra space.

Make it a 5.4k RPM one with 2/4TB and you have a willing buyer here, as i need more medium term storage without the cost of SSD and/or the power consumption and heating of the 7.2k+ jobbies.

0
0

Security mess sends Kiwi auction site titsup in two days

Nuno trancoso

Re: No they don't

Not smart to say the least. If your coder doesn't have a clue about security, he's not a coder, just a liability.

Not sure about your corner of the world, but where i'm at, it usually starts with user input not even being sanitized/validated, never mind exotic exploits...

A WAF does have it's merits, but if the whole web app was built from the ground up on idiotic assumptions and dimwit designs, it's about as good as steel plating your front door while leaving the windows wide open.

1
0

There is life after the death of Microsoft’s Windows 8 Start button

Nuno trancoso

Plan

Manage to get bosses help into evaluating Win8's "user readiness". Wait for the hissy fit and the "will NOT roll this out". Pat your yourself in your BOFH back and tick another item on the todo list.

@someguy that said IT people are awkward in that we hate change, dig head out. We just hate change that bring no benefits at all and instead brings (more) problems. Fixing what wasn't broken and finding solutions for problems that didn't exist is a waste of two resources already in short supply, time and money.

Time to bring Gates back and to show "the monkey" the door, me thinks...

6
0

Thanks ever so much Java, for that biz-wide rootkit infection

Nuno trancoso
Happy

@Trevor

Sure, it's not one size fits all, but it's a damn good argument for forcing world+dog to run their "real environments" on a virtual with the underlying host being something safe that just serves as a launcher to said virtual.

Push comes to shove, you bring the sucker down, mount it's drives on a clean (and loaded with "heavy artillery") special purpose virtual and proceed to happily clean the bugger.

Worst case scenario, you already have your backup (the old HD image files) and can just start transferring data files from the compromised virtual to a new clean one.

Back in the NT4 days, making ppl use virtuals for "daily use" would have been torture. Nowadays, any halfway recent box will handle it just fine.

Happy, cause that's what a small investment in extra RAM and HD's made me...

0
0

Firefox 14 encrypts Google search, but admen can still strip-search you

Nuno trancoso

Re: Hang on a tick...

Hmmm hmmm... Let me give you a small heads up.

If i wanted a car, i'd have searched for "car" and looked at the results. Same for everything else. So, if sitexyz doesn't have shit worth of content to show in real searches, the only thing your clients get from me is.... nothing.

Brain is trained to totally ignore any ad that slips through the blocks. And even if i notice it, 2nd stage kicks in telling me "ad, not important". That's what you people managed, a really epic achievement. Now people IGNORE ads. Even the important and meaningful ones.

So, all your client money is getting him is fattening YOUR wallet. It's doing next to nothing for him, well, except making him less wealthy of course.

If/when people do come around and not only start denying you referer data, but also start supplying you with JUNK referer data, your value will come down to what it really is, next to nothing.

Maybe then some of the advertising victims, i mean, clients, can stop squandering their greens and instead use it to top up what they constantly neglect, their sites real content.

Web will go on, it's just that you're gonna have to start doing some real work for your clients instead of just being a near zero value leech.

1
0

Zombie LulzSec brags of exposing loved-up privates

Nuno trancoso
Devil

Re: Did a 10-year old think of this FAIL?

As name implies, they're not hardcore hacktivists. It's for the lulz. Thus, it was a fair target, as it's bound to provide LOTS of pissed up people and proportional amount of lulz.

While the attitude might fall in better with the usual trolls, they both operate on the same basic principle. Pissing you off. And guess what. They scored again, by the amount of "i took the piss" comments.

I'd go for the "nasty" dating sites next. Boy, i'm sure THAT would get MILLIONS of pissed people worth of lulz worldwide :)

2
1

Commodore outs Linux-running Amiga Mini desktop

Nuno trancoso
FAIL

Re: Gave up reading at

Almost same here. Next time reviewer wants to take stabs at iconic things, at least get freaking facts straight.

The last REAL Amiga is the A4000 circa 1992. Apple hardware of said time would have been a Quadra 900.

As far as OS goes, comparing AOS3x to System 7, sigh, you'd have had to use both to understand how vastly inferior Apples junk was...

As far as HW goes, Amiga did get 060's from 3rd party that made the 040's in Quadras look like snails on valium. That's why many a "Mac lover" back then bought Amigas and jammed Shapeshifter/Fusion on them. That was virtualization beeing done back in the days... Also cheaper to buy a fully kitted Amiga and a "dead Mac to nick ROM from" than to buy Apples overpriced stuff.

So, get your facts straight. The junk you're reviewing is some PC of sorts, whether it's good or bad is of no relevance to the Amiga line. Just slapping the brand on a box makes not said box an Amiga...

19
3

NASA lost 'full control' to hackers, pwned 13 times last year

Nuno trancoso
Pint

As usual...

Will only ever change if and when the media starts pumping titles like "XYZ security compromised. AGAIN. IT department says it's powerless cause higher ranked idiots won't let them do their jobs".

100:1 the media outlets won't ever have the dangling ones to pull this off, ie, shoveling blame where it's due.

Beer: Every time your old taskmaster for whom your policies where "right up there with the nazis" calls in and sheepishly begs for help after getting "pwned" again. He's gonna pay for it so might as well down it... Maybe more than one as there will surely be LOTS of "overtime".

1
0

Ten... gaming mice

Nuno trancoso
Mushroom

Marketroid drivel....

Same lameness as when Belkin replaced the definitely ugly and already shock full of useless "extras" n52 with the "new improved, powered by Razer" n52te. You got a better feeling keyb that was still stuck with the useless gimmicky bits but... oh, now you didn't have the godawesome macro software of the original. Out went something that could schedule several macros played together and "coded" from a decent UI in favor of a "one at a time" job with such a PITA "bling and flash" UI to "code" them in. Don't get me started on the drivers stability, it's so bad it's painful.

Do love my DeathAdder, but the wheel is biting the dust as the sensor/firmware fails to figure that a fluid spin in one direction that shows odd "ticks" in the other direction is just NOT happening. Funny enough, the old Logi MX500 has started doing the same after years (on another PC case you think it's the box...). Even my old (and dirt cheap) MS IM Optical wheel works better.

Might have to fish the Diamondback out of the junk pile, despite it being too small for my hands (and trust me, i have small hands...)and the side buttons being useless. At least the wheel/buttons work properly (for now).

Dream mouse: MS IM Optical wheel, DeathAdder size/shape, MX500 side buttons, Diamondback main buttons.

But to be bloody honest, next rodent will quite likely be a cheap MS/Logi one, at least i can throw it out the window and go get a new one moment he misbehaves. Up to my ears with "lot's of hype but didn't deliver" overpriced PoS "gamer mice".

0
0

US shuts down Canadian gambling site with Verisign's help

Nuno trancoso
FAIL

Just... really... i mean... seriously...

@AC-03:05

Uncle Sam's boys are consistent. They ALWAYS end up looking like brain dead muppets.

Mildly amusing as cowboys, pretty much useless for anything else.

15
0

How Zuck wields power over Facebook for a few hundred bucks

Nuno trancoso

You should get one too as you seem to live in a walled garden...

Violent crimes per year on global scale? In the tens/hundreds of thousands? Related to Failbook? Couple of dozens tops?

It's the same thing as plane crashes you know? When they fall, few hundreds die. But they don't fall all the time. Road related casualties are what? Thousands per day? Heck, road related deaths per year make most modern wars death toll look like small change.

Difference is, some stuff has "shock and awe" value, some is run on the mill... Most just ISN'T evening news / newspaper material...

But never let any real wold stuff get in the way of your favorite tabloid and/or crackhead guru of the week views of the world.

1
0

Robot rabbits take on Facebook, female orgasms

Nuno trancoso
Flame

Well...

Wonder how long till our demographics overlords come up with numbers on "vibrating time". Here's hoping the wabbit is USB powered...

Baffled at the seemingly lack of ergonomics on the said wabbit though. Or maybe i just cant see the right way to hold it...

p.s. Guess Apples content restrictions might be a safeguard, seeing that most their cult followers are a bunch of wankers to start with, no need to throw fuel at the fire is there...

2
0

Australia should head-hunt Michael Gove

Nuno trancoso
Coat

Wow...

I always thought i lived in a bassackwards backwater country, but seems we weren't the only ones to do the stupid CS move that followed the home/hobby computer>office computer stupidity. And while the "teaching Office is teaching nothing at all" isn't news, it's a whole different angle when politicians say it too...

Also, the argument that "the majority isn't interested" is a fallacy. They aren't interested in letters and spreadsheets either, they just deal with what get's thrown at them. Difference is, teaching how to dis(assemble) stuff and read/write basic (no pun) code might just do the trick of planting the seed of "independent thought" into them.

Then again, it's not in the gove's best interest to teach people how to think, is it...

5
0

Arcade emulator MAME slips under Apple radar

Nuno trancoso

Like this?

http://www.xgaming.com/store/category/arcade-joysticks-and-game-controllers/

No, no subliminal advertisement, just something i've lusted after ever since i was using MAME (and that was way back when my Amiga was still alive...).

The one with pockets too empty afford these beautiful toys... Used to have quarters but SF2 Tournament Edition was just too tempting...

0
0

Software bug fingered as cause of Aussie A330 plunge

Nuno trancoso
Pint

Sounds bad, really...

No matter what, the point is that the *ware (hard+soft) got coerced into doing a sudden dive. Twice.

Now, i'm not really into planes software, but common sense says that when all your input fails and/or goes inconsistent, you DON'T change "state". You go with last set of "sane input" you had before things went to hell.

These people do have a budget to test their systems with fuzzed data and watch how it behaves, right? We not talking the toaster industry here, where the worse that can happen is burnt bread...

Beer, cause that was about as much "testing budget" as i could get for many softs i wrote...

0
0

X-Men Origins: Wolverine pirate caged

Nuno trancoso

@TJ

IF i was into watching a totally bastardized version of some of my fave comic chars on film, i'd say the movie was ok.

I'm not.

Hollywood can do the visuals, but they lack the "soul" to get it right.

1
0

Adobe kills two actively exploited bugs in Reader

Nuno trancoso
Coat

@AC

Spot on. It's definitely a Windows problem and not a "ID10T using Admin account" problem.

One must infer that to think so, you actually also use a root account all day on your OS of choice.

Praise the lord that you can still feel smug despite that, because the odds of some malware of significance and magnitude ever landing on you are very small, because nobody will ever bother with the 0.5% out of the 5% that your tiny userbase represents.

Makes one wonder if besides being jealous of all the apps and games, the minority is now also jealous of our malware... Haters will hate it seems...

As for Adobe "fixing" things, well... hope is the carrot. Mine's the one with Foxit (until i find something smaller and faster and better, who says you can't have all three...).

1
0

Euro cops cuff 112 in paedophile network raids

Nuno trancoso

"You will have to go a long way to convince me that child abuse equates to murder."

Depending on type of abuse, it's probably worse than murder. The dead guy doesn't have to live with what happened does he?

For the worst offenders, save the taxpayers money and pop a cap in them.

(or feed them to the bears/sharks... double saving)

3
8

Swiss-based Balesio takes the knife to PDF files

Nuno trancoso

In some other news, pigs can't fly...

@Cliff

Storage is cheap, bandwidth (and not just the network one) isn't. A modern CPU will decompress a file in memory in far less time than it takes to pull a larger file from storage into memory. That's the reasoning behind moving flash>PCIE. Removing (or widening at least) the current bottleneck.

As for the matter at hand, it comes down to how much junk metadata the content creating app will jam into the PDF. Adobe apps are particularly nasty there, trust me, and compression will give you HUGE savings.

Stuff like CutePDF or PDFCreator have a much better time (and smaller output) because they get handed the "raw print data" stripped of all the junk. Compression will give some savings still, just not on a major scale.

0
0

SCADA vuln imperils critical infrastructure, feds warn

Nuno trancoso

And?

I'm no expert in these thingies, but while the multiple hardcoded account/password thing is at best mind boggling, i really don't get it why it's critical.

One would assume that while the devices are connected over a network, that network would be internal and isolated from "bad real world" as much as possible.

Thus, to gain access to a means to exploit these vulnerabilities, you'd have to go INSIDE the place. And if that happened, you already failed. The time it takes to tap the network, scan for devices, take control, and reprogram them is probably as much as it takes to blow the place sky high using conventional means.

Begs the question then, how many facilities went around and made the supposedly isolated (and operation critical) network a part of the general network to "make it easier". Or are they just worried because they now have to go about checking device integrity because it's not something noticeable as opposed to a explosive charge?

My 0.0002c on the former because being lazy and thinking about security after the failure is the norm not the exception.

2
4

WikiLeaks releases classified files on Guantánamo Bay

Nuno trancoso

Re: And?

I'm sure you're trying to be funny and all, but what you point out to is precisely what's wrong with this whole picture.

Had they been real terrorists, trained, hardened, and fueled by extreme religious fervor they would have endured it all with only the prospect of "righteous retribution" to keep them going.

Given a "turnover rate" so big of so many going into depression and suicide it spells something else. Spells you detained "ordinary people" that have no means at all to cope with the situation.

@Matt Bryant

"other brown "foreigners""...

Care to explain wtf that means? Brown? Not people? It's guys like you that made mankind the PoS it became and to be bluntly honest, the only thing i think you lot are good for is to provide a cheap way to "close" Chernobyl, ie, dump the f'ing lot of you f'tards into the reactor until it's sealed under tons of charred bigot flesh.

11
0

Wikileaks video shows US gunfire on Reuters staff

Nuno trancoso

sheeshhh

Utter bollocks.

At least 5s before they actually shoot, the would be RPG can be seen to be a camera. They had the option to call it off, but FPS and cowboy mentality won. Shooting the evac was icing on the cake.

Pretty much bet the ground personnel was 100% "wtf went on here...".

Bad as it would be, investigation, court martial and kicked off would still be an easy get off for the shooters.

Covering the fsck up by their CO's is were it starts to stink real bad.

Hope the media goes hard on it. Might make other CO's think that covering up bad things gone real bad could be an option, but covering up utterly stupid "Rambo's" isn't.

7
0

Dodgy BitDefender update bricks systems

Nuno trancoso
FAIL

@BitDefender message

How about "stop apologizing and work on a fix"?

While Doc. Bontchev is right about the good files being several orders of magnitude more than the bad ones, core Windows files should be whitelisted against ANYTHING.

I mean, how hard can it be to keep track of Redmond's files and do a whitelist of them?

From last few years, every time a AV soft bricks boxes, it comes down to identifying Windows files as threats, so, what sort of catastrophic failure is it gonna take to get them on a whitelist?

And please dont use "resource usage" as an excuse, since the white list check only comes after a detection. Using a few more cycles per detection to avoid this sort of snafu is a drop of water on the ocean of resource waste that AV's already are.

0
0

It's official: Adobe Reader is world's most-exploited app

Nuno trancoso

Made my morning...

@Mal Adapted

You just made my morning :)

First thing ill do when i get to the office will be to tell the art guys we are ditching PS and going for GIMP, cause a) its free and b) they can change it.

That will make their morning too, and ill get some free beer as ty later in the noon for making them laugh a bit.

Maybe its time FOSStards awoke to reality. a) was passed on to clients and b) we don't need to change that which works (unlike some cr@p they got along w/ a ex M firm...).

Or, if i was in a foul "FOSStard shattering" mood, a) Its free cause no one would pay for that crap and b) you can change my crap all you want too, wont make it gold tough.

@A J Stiles

Might hold, but doesn't really. If said Fred in a shed could not learn PS for free, he'd have to pay a course to learn it, because the industry cant work with $50 garbage that disregards said industry's requirements or fails to meet their expectations or cant deliver in time, etc etc etc.

And given that Paint.NET actually beats the living s..t out of 99% of said $50 apps while being free, said $50 apps have a "browser situation". They didn't loose sales because the "monopoly" played dirty. They lost sales because they SUCKED.

Now, regarding previous paragraph, there's nothing stopping FOSS guys from coming out with a PS beating app, if only they get head out of @ss and start actually coding it instead of using the "GIMP is free" line.

0
0

Top security firm: Default Windows 7 less secure than Vista

Nuno trancoso
Pint

Troll or tard?

Pardon me, but imho the reason you provide your pass in (K)Ubuntu is that being a distro for the (m)asses they didnt feel comfy letting you have the root acc (Windows is a textbook case on not giving the (l)users the root/admin acc...).

Now, on a "Real Men TM" OS/Distro, you will be given the root/admin acc, because the people that made it have trust in you. They trust that if you ARE using the root/admin acc you have a (DAMN GOOD) reason to do it.

UAC or any other NannySecurityTM always lead to FAIL. Real security education is what you need, but no one preaches on that cause its not worth $$$.

And small wonder, Trend doesn't like that W7 isn't pushing the worthless AV sales. +1 M$, maybe one of these days (l)users will wake up and realize they can be safe wo/ using that cr@pware IF they practice "Safe HEX".

Beer, cause its a better use for cash than buying AV cr@pware...

1
1

Apple voids warranties over cigarette smoke, users say

Nuno trancoso
Paris Hilton

Hmmmm

Cant really see this picture... 15y fixing PC and i've seen all, from dust layers so thick it was solid to dead rats, from cola spill (yucky...) to pesticide (along w/ former roaches... (laptop FUBAR ofc)), but never tar layers.

Wonder what the smoking level need to be to build up actual tar layers of gooish icky stuff. Cause from my own boxes, mild smoking wont do it, at worst they build up dust.

Then again, this god forsaken hellhole i live in might be blessed w/ tar not sticking...

As for the Macjob, its appaling. Charging for parts+labor+mask+gloves is ok, refusing service isn't. Next on the list, REAL biohazard disposal crews will refuse service because of ... biohazards... This nanny society is going titsup, FAST.

PH, cause well, they always seem to be up...

0
0

Bloggers howl after conference snoops on 'secure' network

Nuno trancoso
FAIL

@andrewsmhay

While you might have a point that they breached your privacy, wouldn't that be case for say... 100% of illegitimate people trying to get your data? Think they care about legitimacy or law? Its why their CRIMINALS isn't it....

So, you got PWNED in a pretty trivial way. And instead of taking it as an opportunity to blog about "no such thing as secure when they have your wire" you went "cry mommy" and ruined your so professed "security expertise" profile in an epic way.

Any potential employer doing a google search will now find both names associated to "clueless" instead of "expert".

Bullet, meet foot.

0
0

PC tune-up software: does it really work?

Nuno trancoso

@alistair millington

"but most of the features XP has are needed"

If you really believe that, you might be interested in buying some property... in Pluto. Nice for vacations.

Really... cr@p like Indexing Service is pointless (would have been nice if done proper), System Restore was shite (aka broken imaging for the clueless (m)asses...). List goes on.

Quite bluntly, once you tried a nLite'ed XP w/ some power user toys thrown into the mix you REALLY start wondering whats wrong w/ the old workhorse that ppl actually moved on...

XP. No bling and why should i care...

0
0

10,000 Hotmail passwords mysteriously leaked to web

Nuno trancoso
Pirate

Just starting....

Did anyone think of the possible side effect?

If (there was a phishing/logging attack AND some accounts got pwned AND details were disclosed to public AND its all over the news)

{

Cue in even BIGGER phishing/logging attack. // Backed by 100x more ppl now genuinely scared because they read some new about something they dont have a clue about (or got told by someone even more clueless than them...

}

Boy oh boy, can i see next weeks headlines... "Millions pwned by phishing attack fueled by scaremongering and poor information".

0
0

Network Solutions breach exposed 500k card accounts

Nuno trancoso
FAIL

@AC

The reasoning is that if they make clients jump through one more hoop, they might loose either/both client/sale%. Thus, things remain as is...

What i think would be a better way, would be to FORCE them all to provide a REALLY SAFE process as alternative. That way anyone that cared more for safety could take a safe route, others the "fast and easy" way.

Anyway, just another nice example of how some bizz sector seem to be exempt of any checks at all...

0
0

Remote IT support tool hijacks customer webserver

Nuno trancoso
FAIL

Hmmmm....

Granted, for home PC's, its a nice piece, avoids many hassles. But for midsized places or production? Oh my...

Cant remember quite when, but id say it was 7y ago that i made it clear that any place i remoted to admin had a nice box (size not matter) running *nix. Router>Box's SSH port>Internal Network. Tunneling almost anything is a joy...

Random (but known ofc...) SSH port, 2048b key and my rather unfriendly password would make it a nice challenge to any script kidies around...

Ofc the potential for a SSH snafu was there, but in the end, id rather take my chances w/ that than trust something else...

Anyway, FAIL to TeamViewer for using a "reasonably popular" port and for the small mention of it in manual (check it, 2 lines worth and doesnt really state everything). FAIL to user too, for not checking out what DirectIn was and why on earth it would want to use UPnP to activate forwarding to port 80...

p.s. And yes, running Apache over Windoze on a production box really blows my mind... why on Earth...

0
0

Mozilla downplays risk from unpatched flaw

Nuno trancoso

@eJ2095

Was AmigaOS, Voyager sucked, IBrowse ftw :)

AS for the flaw, sure hope they're not taking a "sinks head in sand" posture... Flat out saying "CANT BE EXPLOITED" is a dangerous thing...

0
0

Page: