* Posts by Ben Tasker

1040 posts • joined 23 Oct 2007

Page:

Norks: FBI's Sony Pictures' hacking allegations are 'groundless slander'

Ben Tasker
Silver badge

Re: Where does this daft expression "nation state" come from, anyway?

The term nation state implies sovereign backing. In much the same way we say Britain went to war, rather than members of the MoD went to war.

The latter is true, but sounds fucking stupid

The term nation state isn't exactly new either, it provides a distinction against the various other types of state. A quick Google will soon fill the gaps in your knowledge AC.

0
0
Ben Tasker
Silver badge

Re: I'm not taking the NORK Bait™.

Yup, and the media have seized upon it as it makes better headlines to have a nation state behind it.

I don't buy that it's the Norks either, and some of the 'evidence' doesn't exactly stack up. It's been claimed the attackers used DNS masking techniques to try and hide their origins. Tactic of an advanced nation based attacker that is not.....

0
0
Ben Tasker
Silver badge

The 'evidence' that's been disclosed is, uh, flimsy.

I'm not saying it can only be a false flag op, but there's something that doesnt feel right about the idea it was NK. From the messages that read like an English speaker trying to sound non-native to the fact NK would normally be trumpeting their 'victory' over the Western devils.

Frankly I'd find it easier to believe it's a /b/ prank than the Norks based on whats been made available so far.

0
0

UK air traffic bods deny they 'skimped' on IT investment after server mega-fail

Ben Tasker
Silver badge

To be fair, bugs do happen from time to time, and the latest kit isn't automatically the best kit for the job.

The unanswered question, though, is whether they could perhaps have avoided (or shortened) the outage through investment. I'd be surprised if they didn't have something to fail over to, though it wouldn't be the first time an organisation has decided that redundant == unnecessary cost.

6
1

Linux 'GRINCH' vuln is AWFUL. Except, er, maybe it isn't

Ben Tasker
Silver badge

Re: Brought to you by...

It is bollocks.

A user given a higher level of trust might be able to abuse that trust, go figure.

As physical access is required (if the same user tries via SSH, they'll be prompted to enter a password) it's something of a non-issue given the huge amount of pain that could be brought by anyone who gains physical access.

Be careful who you give higher privileges too, and be very careful about who you allow physical access to. Not an awful lot of news there.....

The OS-Sec mailing list was particularly scathing of this 'vuln', but as a side effect, someone looking into this did discover a real privilege escalation vuln - CVE-2014-9322 - so something good has come of it at least

10
0

NY premiere of The Interview cancelled after hackers' terrorist threats

Ben Tasker
Silver badge

Re: Actually...

@GBE

Except its no longer just the premiere - http://arstechnica.com/tech-policy/2014/12/sony-hackers-terror-threat-prompts-movie-chain-to-pass-on-the-interview/

El Reg, I'm dissapointed, it was on BBC news and still no sign here

1
0
Ben Tasker
Silver badge

Re: Down with this sort of thing.

Careful now.....

2
1

EU VAT law could kill THOUSANDS of online businesses

Ben Tasker
Silver badge

Re: This is entirely UNreasonable

There is a must register for the new rules - if you sell to an EU member state then theres no lower threshold of earnings. You can deregister from UK VAT but not from the new rules.

You don't _have_ to use the MOSS though. The EU is more than happy for you to instead register for VAT in any EU country you make sales to.

2
0
Ben Tasker
Silver badge

Re: This is entirely UNreasonable

HMRC did apparently push for a low earnings threshold, given we have one for usual VAT. Apparently, though, most EU countries don't have a threshold so there wasn't much appetite for it. The one-stop-shop is the solution that was used to make it easier.

It's easy to say ignore the rules, right up until you find you're unlucky enough to be being made an example of.

I could quite easily not declare some of my income, but whilst the probability of getting caught is low, the risk far outweighs the benefits. It also only takes upsetting one vindictive person for it to all start unravelling - ignoring the new rules is a foolhardy thing to do....

4
0
Ben Tasker
Silver badge

Re: This is entirely UNreasonable

Yup, though HMRC claim to have been telling people, the first I heard of it was a story on El Reg about the VAT MOSS site being criticised by GDS

The VAT payment system doesn't contain so much as a 'by the way'

5
0
Ben Tasker
Silver badge

Whilst I agree with you in principle, its currently unworkable for a number of smaller businesses.

I'm ceasing sale of digital downloads, not because it's impossible for me to comply (it isn't), but because it's simply not cost effective to comply. The time spent reconfiguring the shop to know, and apply, VAT for 28 different states is time that'd need to be taken from much more profitable work.

Similarly, the ongoing cost of completing yet another return again is the same - my schedule is rammed full, so its a case of spending time doing a return instead of charging an hourly rate.

Realistically, it's a tiny drop in the ocean, but the UK govt will now be getting less tax out of me as a result (the VAT may not have been payable, but the income tax was) and the other member states still get no more out of me.

Is me stopping digital downloads going to hit our GDP? Hell no, but it's not quite as black and white as you seem to think - there's a cost to compliance, and those who don't shut up shop will be passing it on to us as consumers.

Personally, though, I suspect the complaints from businesses will lead to the EU evaluating and deciding the best way to 'fix' the issue is harmonisation of VAT rates.

17
1

Sony to media: stop publishing our stolen stuff or we'll get nasty

Ben Tasker
Silver badge

Those CD's never made it to these shores, and in thwe US, it affected 10,000 CD's, the vast majority of which were recalled from stored before they even got to consumers.

So the chances are, 500 to 1000 CD's made it out into the wild....

Because they got caught...... Had they not (or had it taken longer) how many then?

Not, though, that I believe the employees should have to bear the brunt of that. I also very much doubt this is entirely, if at all, about that.

2
0

UK banks ill-prepared for return of the rabid POODLE

Ben Tasker
Silver badge

Re: Excellent work

Yup, I said the same to Natwest when I sent them the results of a quick analysis of their Internet Banking a month or two back (vested interest, as I'm a customer).

They were somewhat disinterested, especially given that it's not unreasonable to expect them to uphold high standards.

2
1

Plusnet could face DATA BREACH probe over SPAM HELL gripes

Ben Tasker
Silver badge

Re: Never really understood

As I understand it, that's not what's been breached/leaked here.

The addresses receiving spam are the addresses that were provided to Plusnet for their billing database (i.e. where they send 'new bill available' emails and the like). Some of those might be ISP provided mailboxes, but most (of the complainers) are not.

But yeah, agree with your point regarding ISP mailboxes

6
0

HORRIFIED Amazon retailers fear GOING BUST after 1p pricing cockup

Ben Tasker
Silver badge

Re: It's not just the pricing...

Had that a while back with Ebay, was selling an old phone and Ebay's catalogue description included that it had 'Wireless'

It didn't so I skipped the catalogue entry and wrote my own - also pinged support a quick email to let them know their catalogue template was wrong.

A week later I got an email saying my listing had been cancelled for failing to use the catalogue entry, so responded them telling them to fuck themselves and sold the phone (and everything else since) elsewhere.

24
0

Google vows: Earth will VANISH in 2015

Ben Tasker
Silver badge
Joke

Re: word change...

Insert any company you want. Doesn't matter how much it helps humanity, only the $$ matter.

In a post filled with variables, I was briefly left wondering why the PID mattered....

6
0

EU Google-bashing is making us look really bad, say Google bashers

Ben Tasker
Silver badge

yup, not so much "Don't bash Google" as "Oi, you're only supposed to be bashing Google, leave our search businesses out of it".

16
0

Batten down the patches: New vuln found in Docker container tech

Ben Tasker
Silver badge

Re: To be expected

There's a lot of excitement over Docker, but it does seem like they're letting some truly trivial vulnerabilities through the door, it's not exactly re-assuring.

3
0

Bong Ventures LLC: We've been cyberhacked

Ben Tasker
Silver badge

Thanks :)

Been up puking all night and needed something to put a smile back onto my face, definitely hit the spot

1
0

El Reg Redesign - leave your comment here.

Ben Tasker
Silver badge

Re: Oh boy

And now I realise I've commented on the article.... came in through the forums :)

One other observation - might just be me, but the image on this story - http://www.theregister.co.uk/2014/12/11/ripa_legislative_overhaul_experts/ looks like it's been overstretched to fit the space, which makes it even less useful than it was before.

1
0
Ben Tasker
Silver badge

Re: Hard on the eyes

Agreed, far too much white for me, it's giving me a headache.

For the record, I'm only 27, so it isn't and age thing.

1
0
Ben Tasker
Silver badge

Re: Oh boy

Holy crap, there's an article about the makeover? Hadn't even got that far down the front page before I headed for the forums to bitch about the new layout.

The homepage is unreadable for me, I spend a good proportion of my day looking at console's (black background, white text), such an extreme wash of white is really fecking uncomfortable.

If it hangs about, I'm going to have to get my news and my kicks elsewhere because I don't think I'll be able to read more than one article before I get a headache, certainly won't be able to keep my OCD happy by reading 'n' pages of comments afterwards.

2
0
Ben Tasker
Silver badge

Re: Can we have a switch please?

I second that request.

Looks fecking awful on my monitor, and I used to use the 'Most Commented'.

The front page feels like it's shouting at me, font's just too big and there seems to be a lot of space wasted.

The menus are bloody annoying too, every time I bring my mouse down from the address bar the things trigger

1
0

Assange's WikiLeaks: Give generously this Xmas – for STATUE of our DEAR LEADER

Ben Tasker
Silver badge

And just to try and hide the fact it's happened, they (whoever they are) neglect to tell us after the fact, so our beloved government look like complete and utter tits when it eventually comes out we've been paying to guard an embassy for 6 months after he's vanished.

Mind you, Assange disappearing like that would drive the conspiracy theorists nuts. Though, to be fair, he could choke to death on a peanut and someone somewhere would be looking for a link to the CIA

2
1
Ben Tasker
Silver badge

Re: Offensive

However... it appears that Julian may have had a hand in the actual theft. This issue was raised in Mannings Article 32 hearing. Note that the evidence was taken as fact, but never really debated during Manning's trial.

If this were true, then Julian was more than just an 'information broker' and would have reason to fear a US extradition.

Being (allegedly) complicit in the theft of state secrets is a far cry from being the person who puts their employment on the line by finding and disclosing that information.

Admittedly calling him just an information broker may have been an over-simplification on my part, but what I was getting at is that, aside from his own theatrics, hasn't made the same sacrifice that the other two have, and certainly hasn't been doing it on quite the same moral basis as Snowden.

2
1
Ben Tasker
Silver badge

Re: Standing on chairs??

Manning - sitting in prison because he trusted Assange and did a snarf of classified documents, with no real whistle blowing having occurred. (What crimes had he uncovered that the US Government has been charged with in International court? Hint: NONE. )

I've got to agree with this, but for a different reason than the one you gave.

What Manning did took personal sacrifice, but it wasn't whistle-blowing. He nabbed a huge stash of documents and released them to Wikileaks with little to no idea of what was in them, the fact that it highlighted anything was the result of luck and not judgement. Whistle-blowing is speaking up about something because you're morally opposed, not misusing your access to release anything and everything you can find and then getting lucky because there was something in there.

Snowden on the other hand, may have walked away with a veritable treasure trove of info, but he spoke up because he was morally opposed to something in particular, and released evidence to show what had been happening.

be prepared to put an end to having a normal life

Definitely the one assured outcome of whistle-blowing on the state. You can't guarantee that society will feel the same way as you about the behaviour you're highlighting, you definitely can't guarantee that change will happen, but you can 100% guarantee that the state will do what it can to make life very difficult for you

9
4
Ben Tasker
Silver badge

Re: Offensive

Was also my first thought, two of them have definitely made supreme personal sacrifices in pursuit of what they think is right. The other has voluntarily locked himself in a small building to avoid a police interview.

Even leaving that aside, Assange has simply been an information broker, and it's reasonably clear from early plans for Wikileaks that the intent was always that it'd be a profitable venture

5
1

GCHQ, police to team up to hunt down child abuse on the darknet

Ben Tasker
Silver badge

Re: Can't be too careful

Hate to say it, but yeah, I also feel incredibly uncomfortable if a strange kid comes up to me - especially if I'm alone.

As much as that (hypothetical) kid might need help, the risk/benefit ratio of someone making wrong assumptions is just too high nowadays. If I was in a shop I might point them at a nearby staff member and say 'ask them', but the days of 'come with me and lets see if we can find your parents' are long gone.

The worst thing about it, is it'd be fucking awful if my littlun got lost and no-one helped because they were scared of being wrongly accused of something, and yet there's no way in hell I'd be able to blame them for that.

Frankly the sick twisted view society is taking where every single person is a threat is putting kids at greater risk IMHO, for every Pedo out there, there must be at least a 100 well meaning people who will no longer help a child in need because of the potential repercussions (let's face it, not like you're going to be given time to explain, is it?).

If someone is a known risk, we should deal with them, but being oversensitive does more harm than good (not least because a higher volume of wrongful accusations likely means the early accusations against those who _are_ a real risk don't get picked up as easily).

And whilst I'm on a slight rant, bundling cartoon drawings into the same class as the huge psychological harm done by real physical abuse is one of the most insensitive, sick and demented things I've seen the 'think-of-the-kids' brigade do. If you're concerned it's a slippery slope (rather than a 'safe' route to release), then fine, but making it 'equal' to pictures of real abuse only means that the predator might as well go all out if the punishment is along the same lines, thus feeding the very fucking system they're trying to stop.

I'm in a weird mood today......

11
0
Ben Tasker
Silver badge
Joke

Re: Its going to work

Cameron single handedly doing it? Christ people complain about Skys contention ratio, imagine the on the wire filtering system having a contention of 60000000:1

1
0
Ben Tasker
Silver badge

Re: Scope and Definition Creep

look at websense - brought in with the stated purpose of blocking child abuse material. Ran for a while like that, and then was misused by a court that felt as the infrasrructure was there copyright infringement should also be addressed.

I think the darknet already covers anything the pols dont like. Its already being portrayed as a haven for druggies, pedos and terrorists with no mention of the legitimate uses, so in the minds of the unwashed I suspect that "I use Tor" is probably an admission to some terrible stuff.

4
1
Ben Tasker
Silver badge

Yup, wonder if anyones told Cameron that the determined can use wget or similar anyway, bet theyd be delighted to be able to get a list of known content just by downloading Firefox (though to be fair URL hashes wont be that much use).

Often wonder when the pols talk about darknets, Tor is usually mentioned but are they planning on looking at Freenet too?

There's a lot of objectionable content there too, but the hosting model means it'd be near impossible for them to take it down.

1
0

One-click, net-modelled UK copyright hub comes a step closer

Ben Tasker
Silver badge

Re: Smells bad.

To be honest, to me the 'Copyright Hub' sounds more like the Government has decided to enter the Stock Image market to me.

There are, after all, already numerous sites you can go to and pay a fee to use an image under the creator's terms.

There are obviously some differences, but at a base level my limited reading on the Copyright Hub doesn't seem to differentiate it much in terms of the end result for the person wanting to use the work. And for those who claim "I only used it because it was too hard to find the creator" will probably continue using the same crappy excuse anyway.

0
0

The Great Unwatched: BBC hails glorious digital future for Three

Ben Tasker
Silver badge

Re: Erhmm.

Yup, to be honest, for all intents and purposes BBC Three was axed for me when they axed mongrels.

Occasionally I'll watch a bit of American Dad or Family Guy, but other than that I don't really see the loss.

2
0

Mighty Blighty filter tilter causes communications chaos

Ben Tasker
Silver badge

Re: Mission creep

Hmm, we've logged that you've been trying to circumvent the blocks. You do realise they're for your own protection? We can only assume you've been trying to look at kiddie porn. A white van will be along shortly.

They'd probably shit a brick if they analysed my outgoing traffic at home, 2 VPNs and a TOR connection established on a semi-permanent basis. One of the VPN's goes to an endpoint outside the UK - and it goes without saying that I control the VPN endpoints (rather than paying arandomprovider)

I've nothing to hide, but I also don't see any reason to let my ISP see every minute detail of the traffic I'm generating (there are also practical reasons for one of the VPN's - I don't have a static IP at home so allowing myself through various firewalls can be a pain).

There's likely not much you can do to stop the G Men looking at your traffic, but I'm buggered if BT and EE (my phone connects the VPN when not at home) are going to get a free peek too.

2
1

systemd row ends with Debian getting forked

Ben Tasker
Silver badge

Re: Production ready?

@John

Never said it wasn't important, but it's not exactly a resounding fucking endorsement of SystemD is it ;)

0
0
Ben Tasker
Silver badge

Re: Hasn't this happened already with Upstart?

@John

I'm a bit late seeing this reply, but;

I've read the documentation, and have been playing around with SystemD a lot, but for a lot of people the _default_ (which is what it'll be if you're using RHEL 7) is supposed to be relatively sane.

It's far from the only issue I have with systemd, and one of my biggest concerns is what future pain we're going to get from the somewhat cavalier fuck-you-all attitude taken by some of the systemd devs. If we're talking about supporting businesses on this thing, then I need to be sure we're not going to see the infamous pulseaudio approach of criticising the use-case rather than fixing the crappily thought out implementation.

0
0
Ben Tasker
Silver badge

Re: Production ready?

"The second part is the sheer amount of change. Change equals problems, bugs, and security issues. The homogenising effect of systemd on the Linux ecosystem is just one part of it."

Not just that, but (as with any change) you need to be damn sure that your sysadmin (whether that's you or someone else) is familiar enough with the SystemD way of doing things before letting it anywhere near production.

If something's gone horribly wrong, is the restoration of services going to be slowed by it being a SystemD based system (either because your Sysadmin isn't familiar enough with it, or because it turns out the SystemD guys hadn't considered your use a valid use-case).

Given the huge amount of change involved in SystemD, there's quite a lot to cover.

3
0
Ben Tasker
Silver badge

Re: @Ben Tasker

@foo

Was only replying to Hans' question about what benefits it's supposed to bring.

I completely agree with you, btw, it's more than possible to set Sysv init scripts up to avoid the sorts of issues that SystemD apparently saves us from. All it takes is a little bit of thought and planning.

3
0
Ben Tasker
Silver badge

Re: thowing out the baby with the bathwater

@Hans

It also allows for dependancy based booting (i.e. don't start x until the network's up) etc.

0
0
Ben Tasker
Silver badge

Re: Production ready?

"Forks like CentOS use it too, and haven't had any problems."

The major problem is, if and when issues do arise, you need to have faith that one or the other of the following is true

- The SystemD devs will recognise the issue and resolve it

- There's an exit strategy so that SystemD can be dumped

For a lot of people, it's very difficult to have faith in the former, and the latter is likely to become very difficult (hell, the reason Debian went with SystemD was the additional workload involved in not using it)

There have definitely been some issues in CentOS 7, I've experienced a few myself. I'm happy enough to play around with SystemD so that I get familiar with it, but it's going to be a very long time before I'm happy putting it anywhere near a production server, and option 1 above still needs addressing before that.

9
1
Ben Tasker
Silver badge

Re: Hasn't this happened already with Upstart?

@rtfazeberdee

So tell me, if I'm going to configure to log in text, what precisely is the point in me having journald running in the first place?

You're essentially arguing that it's OK for SystemD to use it's own (IMHO crappy) logging system because I can make it also pass onto rsyslog. journald is therefore completely redundant, so why would I want it on my system in the first place?

That aside though, even if you are planning on using journald's logs, configuring it to also spit out to rsyslog is a good idea. Anything that causes journald to exit uncleanly leads to log corruption, and the SystemD devs appear not to care

12
0

'We're having panic attacks' ... Sony staff and families now threatened in emails

Ben Tasker
Silver badge

Re: Cojones...

Yup, and people like that really piss me off for some reason, take this;

who had described Sony's entertainment businesses as "poorly managed" and "characterized by a complete lack of accountability and poor financial controls."

Poor management tends to cost us as the consumer more as the cost of producing is increased by the inefficiency. Except of course, these twats don't see it that way, they want the efficiency increase to produce higher profit margins (we were already paying that amount, so why lower prices?) and increase the share price for their eventual sell-out

4
0

Cops accessing journo sources with RIPA? Use your powers properly, moan MPs

Ben Tasker
Silver badge

Re: RIPA is obviously flat out unlawful and not a valid contract 'law'!

It's the same mindset that believes that a Statute is in fact an invitation (by the state) to each and every one of us to enter into a binding contract. Reject that contract and the law no longer applies to you (apparently), funnily enough it seems to be of most use (apart from the fact it fails) when attempting escape debts, fines etc.

A court summons is an invitation, the word 'must' in law actually means 'may'. In fact if a judge asks you whether you understand, it's apparently a sneaky way of getting you to accept the contract.

It's all bollocks, but can be quite amusing to look into - there are a few videos kicking about of 'Freemen' in court, with their behaviour getting the treatment it warrants.

2
0
Ben Tasker
Silver badge

Re: RIPA is obviously flat out unlawful and not a valid contract 'law'!

Good god, even El Reg is being infected by Freeman On The Land bollocks now...

Yup, there was a particularly amusing one in the comments of an Orlowski article the other day, sadly it seems a mod has deleted it now, but twas quite a verbose bit of twattery which made me chuckle

0
0

US govt tells ICANN: No accountability, no keys to the internet

Ben Tasker
Silver badge

Re: We don't need ICANN

Through a custom HOSTS file, or an external service like Google DNS/freedns/opendns, we just register any string of characters to resolve like any of the traditional ones. Others using the same service will enjoy the same IP resolution for that "pseudo" domain.

You can already do exactly that if you want, of course, most of the world won't ever stumble across anything you display, because they're using the 'normal' DNS, but there's absolutely nothing stopping your from standing up a DNS server that'll answer queries for .squigglyworm domains.

If you're happy for the users of your altnet to have to tinker with their hosts files, you don't even need to do that, but again that can already be done.

There's a reason why subdomains don't cost anything extra, though whether $30 a year is an overinflated price is obviously a completely different argument.

EDIT: Oh, and part of the reason the www. works is because we're all using the 'same DNS database'. That's definitely a good thing, though ICANN's behaviour with it does need to be monitored and controlled somehow, which was the thrust of the original article.

5
0

Whitehall at war: Govt’s webocrats trash vital digital VAT site

Ben Tasker
Silver badge

Re: The VAT site's been ****ed for weeks

Glad its not just me, used it the other day and found myself wondering whether someone had fucked up or if Id just repressed previous memories of having to do that.

Based on their track record, if GDS do ever get a hand in, we'll all be looking at fines when they accidentally make it impossible to file on time

2
0

Boffins challenge Internet of Things' lust for power

Ben Tasker
Silver badge

Re: Not one IoTa of difference

Yeah, funnily enough the amount of electricity used is not, and likely never will be my first concern about the IoT.

Never quite seen the difficulty with having a quick snout in the fridge if you know you're going to the shop...

2
0

Musicians sue UK.gov over 'zero pay' copyright fix

Ben Tasker
Silver badge

Re: Compensation?

Just a tip - if you're ever in front of the beak, don't expect them to agree with you ;)

Whether you like it or not, Parliament passes laws which they _can_ punish breaches of (so long as a sufficiently large proportion of the population abides by them - they can't punish us all). Copyright is just one of those laws.

What the muso's are asking for is farkin ridiculous (for reasons plenty of others have stated), but you've just made them look a comparatively normal IYDMMS

0
0

MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'

Ben Tasker
Silver badge

Re: Obviously govenment is just trying to pass the buck.

True, but why use TLS?

Once you've created a client that can do OTR, it's not that bit a step to have it use PGP instead ;)

0
0
Ben Tasker
Silver badge

Re: Obviously govenment is just trying to pass the buck.

No need for peer 2 peer, run it through facebook or Google Chat but use a client that adds a layer of crypto (so all FB/G see is base64 encoded ciphertext).

I already do exactly that routinely when discussing anything I wouldnt be happy publishing on the nightly news :)

0
0

Page:

Forums