* Posts by Ben Tasker

1173 posts • joined 23 Oct 2007

Page:

Security for those who know they can't win the security war

Ben Tasker
Silver badge

Re: I'm tired already just reading it

No good having a secure backup if you can't remember the 30-character password allowing you to mount your Truecrypt volume so you can enter your other 30-character password etc.

Agreed, particularly

Make sure that the encryption phrase used is strong and lengthy. I typically run to thirty characters including the whole range of non-alphanumeric ones.

I don't disagree that password strength is important, but it can also be extremely counter-productive.

In a previous job, unencrypted laptops being returned from abroad had to be escorted to ensure foreign eyes couldn't peruse any data that might be on there. Encrypted laptops could be sent unescorted (the particular encryption software/mechanism was mandated etc).

The reset procedure for a laptop that had been locked out by too many (>3 IIRC) tries of the decryption passphrase was to return it to base, a real PITA for everyone involved - especially if the user's posting was in the back-end of nowhere.

So, encrypted laptops started turning up, unescorted, with the encryption key written on a sticker just above the keyboard. In other words, for anyone laying hands on the kit, they effectively weren't encrypted and should have been escorted. Those stickers had, of course, materialised because the boys on the ground were fed up of having to return the laptop to the UK so regularly.

Had the decryption phrase been a bit more memorable, those stickers wouldn't have been needed, and the security - whilst technically weaker than with the longer phrase - would have been more robust.

So, personally, when dealing with real-world users, having an immemorable 30-char decryption phrase represents a weakening of security because the requirements it imposes on the user almost guarantees they'll find an insecure way to work around it.

0
0

Why is the smart home insecure? Because almost nobody cares

Ben Tasker
Silver badge

Fuck..... I thought you were being sarcastic with remote control deadbolts....

WTF thought that was a good idea? The whole point in a dead-bolt is you can only unlock them from the side you can physically access them from. If you're going to be able to open from the otherside, might as well just use a key-lock.........

0
0

French woman gets €800 a month for electromagnetic-field 'disability'

Ben Tasker
Silver badge
Joke

Re: Poor choice of words?

I hate seeing errors lingering on the site for 10 hours.

Simple solution: don't write bugs into the article...

0
1

High-heeled hacker builds pen-test kit into her skyscraper shoes

Ben Tasker
Silver badge

I think there should be a rule that anyone posting physical criticisms of people in an article should be required to accompany it with a recent photo of themself. Similarly dressed, for fairness.

I quite like that idea, but does it recurse?

I.e. if OP had included a picture of himself in heels and a tight dress, and I wanted to criticise his appearance would I need to go wardrobe raiding too?

Also, fair to say that if the missus caught me dressed like that, "I wanted to comment on a news article" probably wouldn't work as an excuse :D

It's an impressive little project, I can think of places I've been where it probably wouldn't work, but I can also think of quite a few where it would

5
0

Second Ashley Madison dump prompts more inside-job speculation

Ben Tasker
Silver badge

Re: Interesting concepts... but...

So, if SONY wasn't an insider attack, why would they think this hack is an insider? It's pure speculation, and the security guys says it is speculation. That they would keep the web-facing separate apparently wasn't done by SONY or the invaders somehow got access to the internal crap.

Or, perhaps they got to the juicy internal stuff first, and hidden amongst that data was an Excel spreadsheet containing all the credentials needed to then go on and compromise the site itself. Just because the data was leaked external first, doesn't mean that's the order it was obtained in.

10
0

Choke on it! Brit police squeeze pirate site advertising money trail

Ben Tasker
Silver badge

The intercepting of advertisements served on dodgy pirate sites has begun to choke their revenue by 70 per cent, according to the City of London police, vindicating the policy of following the “money trail”, rather than an individual infringer, said the police and trade groups.

To me, at least, that first sentence has a very different meaning to what the rest of the article describes. Based on that, I initially thought CoLP had spent out on some DPI kit and managed to get it onto ISPs networks.

I'd have had a major issue with that......

As for the tactics they appear to have used, I'm not convinced public money, or a theoretically public resource (the City of London Police) should be involved in enforcing private interests, but it does sound like the approach they've taken is the least-bad way of doing things.

2
1

Don't fight the cistern: Voda takes the plunge with plumbers’ parking app

Ben Tasker
Silver badge

Re: "OBD-II port is mandatory on all cars sold since 1995"

My guess would be that it applied to all new models from that date, with an exemption for some period for models already on sale - that how a lot of regs like that tend to be.

It was mandatory from 2001 (petrol) and 2004 (diesel) on all newly manufactured cars (regardless of the age of the model range). It was fitted to some cars before that, other manufacturers (*cough* Citroen) used an OBD-II port as the physical interface, but didn't use spec-compliant protocols, so it looked like you could use your diagnostic computer when you couldn't.....

Definitely wasn't mandatory from 1995 though

0
0

So unfair! Teachers know what’s happening on students' fondleslabs

Ben Tasker
Silver badge

We had something similar on PC's when I was at school - they used Viglen Classlink IIRC.

The problem was, we figured out how to bypass the restrictions and run it ourselves, meaning we could monitor and take control of remote systems, including those controlling the interactive whiteboards that various departments had.

Caused a lot of trouble when someone (moi???) went porn-surfing on an interactive whiteboard in another (occupied) room whilst the teacher in that room panicked and didn't know how to stop/interrupt the session.

Not that I'm saying kids will always find a way to misuse monitoring software, of course.

14
0

Budget UHD TVs arrive – but were the 4Kasts worth listening to?

Ben Tasker
Silver badge

Re: Sky and UHD

Is there anything on TV anywhere in the world where seeing it in UHD in an average living room would actually make a difference to the viewer?

Almost certainly - start overcompressing the shit out of their HD channels, to make 4K look worth having, - will be enough for 90% of their subscribers to start going with 4K instead.

To be honest, I'm still not that convinced of the benefits of HD in some contexts. IIRC there was quite a thing about football matches being in HD, why? As long as you can see the players and the ball clearly, do you need to be able to identify individual blades of grass?

Movies in particular benefit though, and will likely benefit all the more so from 4K, and at least (unlike 3D) it'll apply across the whole movie rather than being used for the benefit of a 2 minute scene.

1
5

Apple's AirDrop abused by 'cyber-flashing' London train perv

Ben Tasker
Silver badge

Re: "Violated"

To know so little about how women operate in the world and what is a threat to them is worrying. You might think that the poor dears are fraidy-cats and not willing to have a laff, but men don't grow up in a culture of constant threat. Count how many girls and women have been raped and killed this year alone, compared to boys.

You seem to be under the impression that the rape of men isn't an issue (in terms of numbers). I'm assuming you meant men rather than boys specifically?

Taking the first hit in google (for the UK), 69,000 women and 9,000 men were raped a few years ago, _BUT_ there's a fairly pervasive theory (advanced by a woman, if that matters to you) that only in 1 in 10 male-on-male rapes are reported due to the social stigma.

Female on male rape, historically, hasn't been treated with anywhere near the same severity as male-on-female, so a reasonable number of victims either don't report, or get nowhere when they do report.

If you want to try and correct 'sexist' views, feel free, but making generalisations about rape rates simply makes you look an idiot - rape is an incredibly abusive act, whoever the victim, and comparing numbers does nothing but further dehumanize the victims.

There is no such thing as "it's just a cock pic" if the man and the woman are not in a relationship. It is always a threat. It doesn't have to mean that an attack is about to come, it just says, "I can rape you."

I think you're unfairly generalising here too. I know and have known women who would probably laugh this off just as some have been doing in the comments. I've also known blokes who would have been incredibly put out by receiving an unsolicited picture like this (whether cock or tits). People differ, simple as.

Not, mind you, that I'm saying it's ever appropriate to send something like that to someone you don't know.

The men who do not get this are seen by pretty much every woman as one of the men who will sens cock pics to women he doesn't know.

For the record, I disagree with most of the generalisations you've cast, but I'm definitely not one of the ones who'd think it was OK to send pics like that.

4
1
Ben Tasker
Silver badge

Re: Ho hum,

How else are companies supposed to push adverts to unsuspecting iPhone owners?

Given there have already been issues (on Android for example) with the bastard fucking stupid idea of loading and processing media without user interaction, how long before someone works out a way to use this to start popping phones? Think about the recent issues with Android automatically processing media in MMS messages, it's far from impossible that something similar could be achieved with this.

What's wrong with showing a filetype icon and saying "Picture received, open?" rather than silently processing the thing to show a preview? Granted a good number of the population would click 'Yes' either way, but at least it'd make it a little harder for you to silently get pwned without noticing that something slightly strange had happened.

12
1

Assange™ is 'upset' that he WON'T be prosecuted for rape, giggles lawyer

Ben Tasker
Silver badge

Just to add to your frustration (it certainly added to mine) with Assange. From the BBC news story

"There was no need for any of this. I am an innocent man. I haven't even been charged," said Mr Assange.

In a story about how the case was being dropped because they hadn't been able to interview him in time, and Sweden's requiring the suspect to be interviewed so charges can be brought. Of course he hasn't bloody been charged, because he's quite successfully evaded the step required before charges can be brought......

Although as he's voluntarily locked himself in a tiny embassy for years, "getting away with it" obviously isn't true.

The Ecquadorian ambassador has also, presumably, been getting a bit of come-uppance for sheltering him (he's a bail-jumper so regardless of your beliefs on the other charges, it seems a fair term).

9
1

CAUGHT: Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS

Ben Tasker
Silver badge

Re: When is a BIOS not a BIOS?

That would require someone in Government who even understands what the problem is... no hope in UK then.... they are just a bunch of ignorant oldies who's kids use the internet... and who themselves think that IT is something to do with Candy Crush (played on ipads during work time).

And the Police are all stupid.....

Generalising like that is incredibly dangerous, as it leads to deliberately underestimating a potential enemy/adversary. Yes, there are a lot of people in Politics and the Civil service that don't understand computers, just as the private sector is full of the same types of people, but working on the assumption that there's noone who understands is a bad idea.

You can be reasonably sure that the types employed by GCHQ do understand this, and the potential risks/benefits it presents (depending on what your aim is...), and if CESG or similar make a recommendation against using such kit, most departments will likely (at least half) bear that in mind.

10
0

ICANN chairman loses mind over his domain-name privacy shakeup

Ben Tasker
Silver badge

And all those who have faith in ICANN's ability to properly oversee IANA put their hands up......

Between various recent issues, including a compromise of their systems, ICANN seem to be a bit beseiged at the moment. It does seem, largely, a mess of their own making though.

I wasn't hot on the idea of passing (some/all) control over to the UN, or even to the IETF, but ICANN are doing a fantastic job of making that a better option

9
1

HTC caught storing fingerprints AS WORLD-READABLE CLEARTEXT

Ben Tasker
Silver badge

Re: Biometrics

Precisely, even when we're 100% certain we've got it right, authentication tokens need to be revokable and replaceable for when we find out we were wrong.

As others have said, biometrics have a good potential use as an identifier (i.e. a username) but really are bugger all use as a single authentication method.

As part of a two-factor authentication method, they have some merit from being less fiddly, more straightforward than a otp generator. With the massive drawback of being irreplaceable the second a manufacturer cocks up. The solution in that case would be to revert back to hardware tokens, so why waste time/money on biometrics in the first place? Not to mention what happens about getting other sites/services/suppliers to stop honouring your biometrics.

And that's taking a somewhat generous view of the possible worst case scenarios..... so yeah, not for me...m

0
0

A close shave: How to destroy your hard drives without burning down the data centre

Ben Tasker
Silver badge

Re: Lazy people's problems

It's not really a suitable solution if you care about being sure the data is actually gone/unreadable.

For the paranoid, the following are just a few examples of the possible issues that might lead to the data being recoverable

- NSA has cracked it (as you say - though unlikely on it's own)

- Manufacturer has fouled up the crypto implementation, so it's not as well encrypted as you thought

- Manufacturer has bollocksed up the key erase, so they key's still there if you know how to access it

There are probably a good number of other possibilities too, and whether they're applicable depends on how much you need to protect the data, and who might get hold of the drive.

Ultimately, if you want to be sure the data is gone, the only solution is the physical destruction of the drive. For most people, that probably is overkill, but ISE is a "should be good enough" solution rather than a cast-iron guarantee.

2
0
Ben Tasker
Silver badge

For (some?) metal platters you can quickly reduce them to a shapeless lump by applying the flame of a standard plumber's gas blowtorch. Haven't tried that with vitreous platters.

My preference - primarily because it's far more fun - is to use an Arc welder. If you're very careful about where you put the ground clamp and where you strike your arc you can have some (very, very brief) fun with the motors too. Occasionally you can get a chip to pop nicely as well, though obviously your main focus should be around the platters :)

1
0

All hail Ikabai-Sital! Destroyer of worlds and mender of toilets

Ben Tasker
Silver badge
Joke

Re: Reminds me of the old invoice adage

Are you, by any chance, a HP customer?

0
0

Major web template flaw lets miscreants break out of sandboxes

Ben Tasker
Silver badge

Re: Clueless security firm discovers the '90s

Yes and no, if you read the actual paper there's some interesting stuff in there. It's not quite as simple as "If you let people edit templates, they can run code", which let's face it, should be a given.

There's an example of a Wiki which attempts to sandbox you, but exposes a method that will allow you to save as the user currently viewing. So rather than simply entering your payload, you wrap it in a call to check if the user is an admin, and if they are silently save as them. Given that the point in a Wiki is generally that anyone can edit, that's a pretty big flaw.

There are a few other bits in there, and it's definitely worth a read. I'd agree the baseline is pretty much common sense, but it's still worth 5 mins of your day, if only to see just how easily some of the sandboxes can be escaped.

3
0

DNS chief and wannabe master-of-the-internet ICANN pwned… again

Ben Tasker
Silver badge

Re: Peachy.. just peachy...

At least they were using a decent hashing mechanism for passwords, though it does feel like that's about where their attention to security may have stopped.

IANA is currently on a seperate network, but how many here believe that would still be the case if/after ICANN win the contract (especially in the long-term).

On the upside, this time round, it's of a scale similar to this - https://xkcd.com/932/

3
0

Wordpress issues second urgent patch in two weeks

Ben Tasker
Silver badge

Re: At least WordPress' updating system is good...

Easy updating, to me, is a *major* selling point - some CMS'es I've seen are utterly appalling when it comes to updates, often requiring days (I'm not kidding) of work to upgrade them.

Unfortunately, even amongst those (like Wordpress and Joomla) with a decent update solution it's not always that cut and dried. There are 'web developers' out there who think nothing of hacking away at the core code in order to achieve their end result - happy client pays out for their new site and then finds the whole think breaks when they next update (or worse, are advised not to update because it'll break the site).

Obviously that's less of a risk if your build your own site, or use someone decent, but it happens often enough I figured it was worth mentioning. Some of the core hacks I've seen have been horrible, most have also been pointless in that it would have been no extra work to do them properly (i.e. without touching core code), the developer obviously just didn't know how.

The worst was a change to Joomla's authentication pages, it took me < 10 minutes to create an authentication plugin to achieve the same end, and without rendering 'protected' areas public at the next update. There's little worse than tidying up someone else's mess.

3
0

‘Secure’ criminal justice email system relies on obsolete protocols

Ben Tasker
Silver badge

The email system used by our criminal justice agencies to share information is secure and encrypted.

Responses like that irritate me. I got a similar response from TP-Link a little while back - I'm well aware it's encrypted, the clue that I know this probably lies in the fact I'm telling you it's possible to circumvent your encryption.

PR driven is definitely the right description, though you'd have hoped that even a PR Bot would realise "it's ok, it's encrypted" isn't a valid response when issues with your encryption mechanism are reported.

Doesn't overly surprise me they're still on RC4 though, being a public sector contract there's likely a steep charge for a "modernising" upgrade.

6
0

'White hats don't want to work for us' moans understaffed FBI

Ben Tasker
Silver badge

Re: Public sector it jobs

Yup, there tends to be one of two reasons for doing them

A) idealistic (e.g. serving my country)

B) No other choice (whether through proximity or some other reason, like pigeonholing yourself)

It's easy to see something like an FBI (or better GCHQ) role and romanticise it a bit (playing with cool potentially secret stuff), but whilst it may be true that you _might_ get to see and do stuff you couldn't in civvy street, we all need to put bread on the table, which, as a rule, is easier the more you earn.

11
1

And on that bombshell: Top Gear's Clarkson to reappear on Amazon

Ben Tasker
Silver badge

Re: Good news for us all !

I replied to individual comments, but my replies do not appear below those comments for some reason.

You've got a gold badge with 118 posts to your name and you've only just realised the comments section isn't threaded in that way?

I think most people knew it was a Clarkson quote (there being some fairly public upset at the time), but the fact it's a quote doesn't mean it's automatically not offensive/stupid for you to say it. There are plenty of things we can't say despite being able to point and say "But it was a quote".

From the way you addressed the moderators, I assume you weren't here in the good old days when the moderatrix was still about?

0
0
Ben Tasker
Silver badge
Stop

Re: Good news for us all !

And the idiots and children who like his racist ranting and incitements to murder-by-car can watch him on some obscure streaming channel. If they can work out how to get it.

You don't necessarily have to like his rants to enjoy the show. You can find them distasteful but still feel the overall entertainment of the rest of the show outweighs it. The world isn't black and white - though I don't doubt there are those who do like his rants in particular.

Some of the stuff he's said and done has edged towards appalling, but some of the upset is also somewhat questionable. There was upset about some comments he made about Liverpool (think this was in his column instead of TG) but the impression you got from the Liverpudlians interviewed was that they'd have pissed themselves laughing if he'd been talking about Blackpool, Hull or anywhere but Liverpool.

I'm not trying to defend his attitude or his comments themselves, but the whole point in free speech is he's got a right to say what he thinks (or pretends to think....) and in your comment you've cast a sweeping generalisation, which is exactly what some of the accusations against Clarkson boil down to.

Peoples humour differs, you might not like off-colour humour, whereas I might. If you find something offensive, I might still find it funny, and it doesn't automatically make me a mouth-breather. Whilst I can't expect a national broadcaster to air something just because I find it funny, neither do you have a right to expect them not to because you don't.

A disgrace that our national broadcaster chose cash over ethics for so long,

I think, in a broader sense, that's an entirely fair comment by the way, though I think the link between ethics and Top Gear depends entirely on your view of TG. Clarkson's behaviour may have been offensive at times, arguably racist at others, but unethical?

31
0
Ben Tasker
Silver badge

Re: Sorry, chaps

Depends on your point of view really, Sky TV is what £15 a month, or more if you want a decent selection. That's £180 a year.

Amazon Primeis £79 a year, so less than half.

Netflix is (I think) £6.99 a month, so slightly more expensive that Prime. IMO, Prime have got a better catalogue than Netflix too, though things change.

Of course, the major difference is, Sky will let you pay month by month whereas Amazon want the lot upfront, which (to me at least) does make it less attractive, but personally I wouldn't call it a lot of dosh in comparison to the competition.

I've a few other bugbears with Prime, but the overall cost isn't really one of them.

9
1

Google turns cookie monster on AdSense, DoubleClick clients

Ben Tasker
Silver badge
FAIL

Hey, neat idea! Do you mind if I steal and adapt it as "Hey, we're going to pollute the heck out of this planet - if you don't agree please don't use it: find a different one!"...?

That's a terrible analogy. A website setting cookies is equivalent to pouring oil into the sea and filling the atmosphere with carbon and methane? Really?

He's right, a website can set whatever they want, so long as they give you (the consumer/reader) the information required to decide whether you're willing to accept those terms. I agree the "we set x cookies, tough shit" style banners aren't quite in the spirit of the law, but then a banner that says "we set x cookies -> accept, deny" would be no different if the result of clicking "deny" was that you get redirected off the site - it'd be closer to the spirit of the law though.

There are altogether too many 3rd party services being called from pages nowadays IMO, but it's not just the cookies that are the issue, it's the overall behaviour of those parties. The argument should be about the behaviour and not a specific mechanism, if advertisers switched to using Local Storage instead of cookies, they'd bypass the law and still be capable of the same thing....

1
0
Ben Tasker
Silver badge

No, but you probably will care if Google decides they're not going to take the (potential) risk of serving ads on your site. If they decide the site isn't compliant with their policies, that's the logical outcome - though somehow I doubt Google are going to bother auditing in order to deliberately cut off some (albeit small) part of their revenue stream.

It's much more likely that they've sent out the notification so they can tell the commission they've pointed it out to publishers, and the responsibility therefore rests with the individual publishers.

2
0

Windows 10 in head-on crash with Nvidia drivers as world watches launch

Ben Tasker
Silver badge

Re: Driver Clashes

I think the point is, if Microsoft are going to force updates on people, they need to be damn sure those updates are not going to break any of the myriad of configurations out there.

When there's an ability to disable and vet updates (i.e. < Win 10), you've some scope for saying "95% of systems handle the updates fine", because the other 5% can disable automatic install and perform due diligence.

When you're insisting that updates install automatically, you have far less wriggleroom to be able to justify not making sure 99.999999% of systems won't get killed by your updates.

18
1
Ben Tasker
Silver badge

Re: Roaming

Presumably (I haven't checked) that depends on how you connect though right?

If you connect to your phone via Bluetooth/USB, all well and good, but presumably it hasn't a clue if you tend to put your phone into Wifi hotspot mode?

9
0

Email apparently from Home Office warns of emails apparently from Home Office

Ben Tasker
Silver badge

I had that rollercoaster feeling last week.

Brown envelope turns up along with a sense of dread

Contains letter saying I've overpaid by a fair bit, sense of delight

Realising that's the money I'd been sending to offset my _next_ return, sense of dissapointment

7
0

Hark, the Hacking Team angels sing, it’s not us who’ve actually sinned

Ben Tasker
Silver badge

Re: Dear hacking team

Especially with the "if it had been a media company".

Had the media's voicemail (don't like calling it phone hacking) scandal come out as a result of their systems getting compromised, I've a feeling people would have been just as upset

1
0

OpenSSH server open to almost unlimited password-guessing bug

Ben Tasker
Silver badge

Using fail2ban won't necessarily protect you.

A lot of iptables tutorials (and so by extension, sysadmins) will add something like the following at the top of their INPUT chain

-m state --state related,established -j accept

The nature of this bug means the attacker has 10,000 attempts without being disconnected.

Fail2ban will pick up on the log entries and add the source IP to its chain, but if the jump to that isn't until after the above their existing connection won't get cut off

11
0

Universal Pictures finds pirated Jurassic World on own localhost, fires off a DMCA takedown

Ben Tasker
Silver badge

 Reg readers will know, 127.0.0.1 is very often used as a computer's very own hostname. 

Actually I think most Reg readers will know that's bollocks. 'Localhost' is very often used as a computers very own hostname.

127.0.0.1 is an RFC1122 reserved loopback address (in fact the entire /8 is reserved for that) so if its used to address another system you're doing something wrong....

30
3

Joomla Helpdesk Pro remote code exec vulns lead to server pwnage

Ben Tasker
Silver badge

Joomla's Helpdesk Pro

Helpdesk Pro is an extension for Joomla, but isn't made by Joomla. It's made by a group called the Osssolutions team.

I know everyone does the same thing for Wordpress too, but its not helpful to report a vuln as being a vuln in a CMS when its actually a vuln in a 3rd party extension tbat the majority may never install.

Makes things a bit of a PITA when you're looking at old news stories whilst assessing new kit.

1
0

Cyber-security's dirty little secret: It's not as bad as you think

Ben Tasker
Silver badge

Re: Correlation, causation, and conclusions

Botnets are decreasing in abolute terms? Interesting. Botnets decreasing in relationship to aggregating personal computers numbers with devices/platforms that may, or may not have relevance to botnets? What does that mean? Anything?

It also appears to ignore the fact that higher value targets are seemingly being preferred when building/adding to a botnet.

Commandeering a few crappy PCs on crappy DSL connections vs commandeering a single server on a high-quality 10/100/1000 connection..... statistically, the botnet is smaller if you do the latter, but it's also far more capable for certain tasks.

0
0

Evil computers sense you’re in a hurry and mess with your head

Ben Tasker
Silver badge
Joke

Re: The Machines Have Already Won

Recently I had been stood in a slow checkout queue for a few minutes when an irate women demanded my place in it. She had apparently left her trolley in the aisle before the checkout while she went to get more things.

When in a weird mood, I've been known to become exceptionally helpful and help tidy the supermarket up a bit by moving any apparently abandoned trollies into one place. Especially ones near checkouts, after all that's your route out if there's a fire......

I say weird mood, the wife tends to phrase it more like "being a cunt". Tomatas/Tomatoes IMO

10
0

Tuesday, Wednesday break my heart. Thursday doesn't even start. Friday I'm in .love

Ben Tasker
Silver badge
Stop

While its advertising is amusing, it doesn't seem to have grasped internet domains, however: the company owns neither tubi.tv (its website is at tubitv.com) nor hooli.sucks. So close, yet so far.

So not really the best example that generic TLDs are gaining acceptance after all then?

3
0

CVS shutters photo website in credit-card hack attack scare

Ben Tasker
Silver badge

* A chemist in British English

English... just English... originated from England and all that....

I don't know why it irritates me, but it does. On the other hand, I remember reading (or being told) that US English was closer to the English language when the colonies were formed than ours is now, so either that side of the pond is has a less evolved language than us, or is more traditional :)

/tangent

Although it's not great they got boned, at least they've the decency to take the site offline whilst looking into it, rather than pretending it didn't happen and continuing to trade without knowing how vulnerable they might be

3
0

GOOGLE GMAIL ATE MY LINUX: Gobbled email enrages Torvalds

Ben Tasker
Silver badge

I've been seeing a lot of it as well, annoyingly combined with stuff that's obviously spam making it into my inbox.

I don't quite get how a thread I've replied in can get marked as spam, whilst "I'm a 21 years old, so I desire 2bang you" gets an A-OK.

17
1

Loan application data hacked, company responds: Meh, not our customers

Ben Tasker
Silver badge

Re: AFC Kredieten

Well AFC Kredieten must have a really low credibility rating if they thing the gutter is a good place.

Having just taken a look at their website and seen a Plesk default holding page, I think it's safe to say credibility is pretty low. Them using Plesk probably also answers 'how did they get in'.

9
0

Pan Am Games: Link to our website without permission and we'll sue

Ben Tasker
Silver badge

Re: Seems Fair

Or, what if I shorten it http://bit.ly/1r8EgyY. Am I in trouble, or is Bit.ly?

8
0

Brit teen who unleashed 'biggest ever distributed denial-of-service blast' walks free from court

Ben Tasker
Silver badge
Paris Hilton

Re: I know the type

> Sorry Gentlemen's club in the UK

Telling a judge you know them from a strip club might be uncomfortable..... might well have the desired effect though.

Gentleman's club is actually technically right, but most people think strip club nowadays. Better to say you know the judge from Golf

1
0

Ditch crappy landlines and start reading Twitter, 999 call centres told

Ben Tasker
Silver badge

The report, Contacting Emergency Services in the Digital Age, recommends the blue light services move away from landlines to smart phones, and from voice to data.

No it doesn't.

It says emergency services should be able to make use of the potential benefits smart phones (and TVs, vehicles etc) bring to the table. At no point does it recommend the existing voice capability be ditched, because that would be fucking stupid.

In the context of "how can we try and improve services/response" what they're saying makes sense once you understand the plan isn't to stop 999 calls from working.

11
0

Google helps Brit crims polish their image – but what about the innocent

Ben Tasker
Silver badge

Re: Rape victims not a great example

@Drewc

Those accused of rape aren't though. Someone has a false allegation made against them, ends up in the papers and forever has their name tarnished.

Though, to be fair, I don't believe the right to be forgotten is the way to fix this. For crimes that have a strong knee-kerk emotive link to them, the accused needs to be guaranteed anonynimity too (until the point of conviction).

8
0

Bitcoin, schmitcoin. Let's play piggyback on the blockchain

Ben Tasker
Silver badge

Re: The Real Story About The Bitcoin Blockchain

> I've gone from crazy to "a stretch". That's progress.

One argument simply being a stretch doesn't stop the theory from being crazy, though hyperbolic would likely have been a fairer original description.

> I assure you that a court would consider adding an official block to the blockchain to be a consideration passed from the miner to bitcoin in order to qualify for a prize.

I don't doubt you could find _a_ court who'd consider it, but realistically the court you'd ultimately need to convince in the US is the Supreme, and there's still the rest of the world to think about.

You could also argue that the blockchain is a community asset, and that in fact there isn't a sole entity acting as a lottery operator - not only does that make it harder to shut down, it's a little harder to prove that there's sufficient benefit to call it a lottery in the legal sense.

There's also the difficulty of how they'd manage the confiscation if it were to come to pass, but that's not something you'd consider when having the is/isn't argument.

I doubt the US govt would think twice if it brought them financial benefit, mind, so that's not to say it couldn't be made to fit

3
0
Ben Tasker
Silver badge

Re: The Real Story About The Bitcoin Blockchain

> The "consideration" clause is legally met once the miner adds the block which is a undeniable benefit to bitcoin.

Personally, I think that's a big stretch.

> The scam part comes because bitcoin has no limitation on the number of miners. If all had an equal chance it would be just a lottery. But with 50k winners and 325k losers during the effective lifetime of the gear, there is no equal chance for all.

So lets assume it is legally a lottery for a sec

Every block mined has an equal chance of getting the BTC.

Not every miner has an equal chance of course, if I spend out on a lot of kit that can hash at a huge rate then I've potentially got better odds in that I've got more entries. That's no different to if I buy £1000 lottery tickets, I've got more entries that you.

So, still not a scam

> All the rest is irrelevant details.

When you're claiming something is legal or illegal, there's very little that can be called an irrelevant detail

4
0
Ben Tasker
Silver badge

Re: The Real Story About The Bitcoin Blockchain

> It's not crazy, it's legally true

I'm perfectly happy to wait for a court to decide that, but I disagree with your interpretation:

As far as as chance and prize go, I'm not going to argue with you because I think mining meets that to some extent.

As for consideration:

You _may_ have a point if a miner has bought dedicated single-purpose hardware (i.e. an ASIC) specifically to mine, but there are also other options (though your ability to mine may be reduced). For example, if I buy a GPU and use that both to mine and to play with password hashes, does that constitute enough of a consideration to fall foul?

The electricity usage is a byproduct of the activity, and I think you'd struggle to call that significant effort given it's reasonably expected that if you're doing any kind of computation, it's going to need the leccy

Similarly, bandwidth usage is simply a byproduct

There's also a wide world outside the US (who I suspect would be the first, if anyone to go that route) so although US BTC acceptance could suffer following caselaw supporting your argument, it's going to take quite a while (if ever) for the rest of the world to follow suit.

Even if the above is wrong, you're still wrong. You _might_ have an argument that BTC is a lottery (though I disagree), but that's very different from a lottery scam. For a lottery scam, you'll first need to show that it's a lottery and then show the mal-intent - without that it'd just be a lottery.

2
0
Ben Tasker
Silver badge

Re: The Real Story About The Bitcoin Blockchain

Crypti does look interesting, but your comment comes across as hyperbolic. You've identified issues with BTC, and didn't need to take the leap of craziness into insisting that it's an illegal lottery scam. It harms your credibility.....

8
0

Britain beats back Argies over Falklands online land grab

Ben Tasker
Silver badge

Re: Local control

Presumably, if .fk were to be taken away (not that I think it would), the fallback would be precisely that...

0
0

Page:

Forums