* Posts by Frank Bitterlich

201 posts • joined 9 Nov 2007

Page:

Microsoft backports data slurp to Windows 7 and 8 via patches

Frank Bitterlich
Terminator

Newspeak...

"Customer experience" => Data grabbing

consent.exe => "No need for you to consent, it's all in the EULA."

"By applying this service, you can add benefits..." => "That's benefits for us, not for you, of course."

Hardcoding the host address: "Preventing us from siphoning you usage data? Ha ha, nice try."

The MS legal department must be bored, so they're trying to pick a fight with various data protection agencies.

15
0

Ads watchdog slams Mind Candy for upselling subscriptions to kids

Frank Bitterlich
Devil

Good to read that they are considering...

... to remove the word "now" from the ads. Now the world is safe again.

4
0

Směrť Špionam! BAN Windows 10, it SPIES too much, exclaim Russians

Frank Bitterlich
Coat

In Russia, ....

In America, you download operating system.

In Russia, operating system uploads you.

(Yeeees, I know, that one was predictable.)

8
0

Linux Foundation wants open source projects to show you their steenking badges

Frank Bitterlich
Alien

GPL == security?

... criteria being considered include whether the project is under an explicit open source license ...

OK, so choosing the right license will contribute to the security of my product?

Wow, I didn't know it was that easy...

2
0

Don't fight the cistern: Voda takes the plunge with plumbers’ parking app

Frank Bitterlich
Big Brother

Combine the useful with the creepy...

... as in "Combine an app that shows free parking spaces with a gadget that sniffs around in your car's data and your driving habits." None of the users will question whey these two things need to be combined or even understand that they are constantly being monitored.

I just wonder why the OBD-II gadget doesn't feature a CCTV camera and voice recorder.

4
0

Microsoft Edge web browser: A well-presented mea culpa

Frank Bitterlich
Big Brother

Re: "It's worth turning on the (potentially) privacy-invading Cortana for that feature alone."

The most interesting part:

"AutoSearch and Search Suggestions in Internet Explorer automatically sends the information you type into the browser address bar to your default search provider [...] as you type each character. In Microsoft Edge, this feature automatically sends this information to Bing even if you have selected another default search provider."

Why?

20
0

Did speeding American manhole cover beat Sputnik into space? Top boffin speaks to El Reg

Frank Bitterlich

Re: Sounds like a job for:

... or xkcd's "What If?" blog.

9
0

GCHQ: Security software? We'll soon see about THAT

Frank Bitterlich
Big Brother

The definition of "security"

So, some security agencies are trying to disable security software in order to keep us all secure (from whatever threat of the day may be). And some of these security software companies apparently don't need to be fought/hacked/persuaded for unclear (read: obvious) reasons.

Seems to me that there are a number of different definitions of "security" out there.

"I go down to Speaker's Corner I'm thunderstruck [...] Two men say they're Jesus – one of them must be wrong..."

6
0

Obama issues HTTPS-only order to US Federal sysadmins

Frank Bitterlich

Just to clarify one thing...

Ordering all federal website to use HTTPS does _not_ mean they want to ensure the users' privacy. It just means that since they have the data anyway (they're running the servers, after all), they just want to make sure that nobody _else_ gets to listen in too.

While still a good thing for users (and encouragement for other sites to go the same way), just don't be fooled into thinking that this will make your traffic more secure against official US snooping.

I know, for most readers of this comment this is obvious - but not for the general public. The just see the shiny lock icon or green address bar and think they're "safe."

1
2

Secure web? That'll cost you, thanks to Mozilla's HTTPS plan

Frank Bitterlich
FAIL

This site is best viewed...

... with any browser other than Firefox.

Will be fun to see these statements popping up again just like in the old days.

Oh, and good luck trying to upgrade all these appliances with their built-in webservers to support HTTPS.

13
1

'Logjam' crypto bug could be how the NSA cracked VPNs

Frank Bitterlich

"Export" grade...

See... and you thought prohibiting the export of <del>working</del> strong encryption in the 1990s would never pay off...

2
0

Security bods gagged using DMCA on eve of wireless key vuln reveal

Frank Bitterlich

Re: Man up

The DMCA is a rather large piece of regulation. It contains both the takedown notice mechanism (the Online Copyright Infringement Liability Limitation Act, which I guess is what you're referring to) and the WIPO Copyright and Performances and Phonograms Treaties Implemention Act, which makes it illegal (criminal) to circumvent copy-protection measures and such. There is no "DMCA order" involved here; it's just that the attorneys are threatening that what IOActive plans to do would be a criminal act.

That's the way I understand this whole issue.

8
1

Apple Watch WRISTJOB SHORTAGE: It's down to BAD VIBES

Frank Bitterlich
WTF?

Obsolete? Upgrade?

Looks like Apple didn't send a batch of free watches to The Reg or iFixit. That would explain the weird arguments like "not offering an upgrade program". What was the last watch you bought that comes with a way to "upgrade" it? Or which smartphone, even (other than upgrading the software)?

And sure, if you can't upgrade it, it must be "obsolete" in 10 years. "Unlike most watches", of course. Who makes that stuff up? Any digital watch technology is outdated after 10 years (oh, and mechanical watch technology too, btw.) Would you call a chronograph built 20 years ago "obsolete" and toss it into the trash? Because you can't "upgrade" it? OTOH, Apple's watch is more closely related to a smartphone than to a watch, and of course you can (hardware-)upgrade smartphones. Right?

Reg, your Apple-bashing is funny up to a certain point, but at some point it's enough already.

2
15

Dell System Detect update vulnerability exposed

Frank Bitterlich
Holmes

What's wrong with that?

What's wrong with that?

What is wrong with that is that the average Dell customer won't ever visit the Dell website and run the DSD.

Do I really want patches applied to my servers without a chance to review them?

Nope, but you want at least a notification that a patch is available that fixes a quite serious vuln without having to active look for updates.

10
1

BT Home Hub SIP backdoor blunder blamed for VoIP fraud

Frank Bitterlich
FAIL

Blame Game

I wonder why so much focus is put on the part that the router was meant for home use and not SMB. Would that have made a difference if it were a home network (not a few people use Asterisk PBX at home too) ? Yes, one difference: The SIP passwords would more likely have been "123456" instead of 256 bit.

Also, there are more than enough valid reasons to use SIP on the same subnet. One of them being that you might want to use software-based SIP clients.

To me, the router is broken. A firewall is not a firewall if it doesn't obey its configuration. And enabling UPnP funtionality when UPnP is off (if it is true that the router actively searched for a SIP device, then it's probably not really UPnP, but even more troubling), in my eyes, is "broken" too.

"Sure, Sir, that belt you just bought doesn't work, but it's you own fault that you didn't wear suspenders too."

11
1

EU creative collection agencies want YouTube et al to pay their wages

Frank Bitterlich

Re: Organised crime is in the wrong business

That is exactly what the collection agencies are asking themselves these days; they slowly become aware that they are not the only way any more for an author to earn money with their works. So, in order to protect their income and power, they lobby the MEPs to create a law that effectively disowns the artists by forcing them to sell their works exclusively through them.

And it looks like they'll win; after all, they're "protecting" the artists from "exploitation". That's so somple that every MEP and even "H-Dot" will understand that.

1
0

Storm gathers around CDN Cloudflare after doxxing allegations, Pirate Bay deal

Frank Bitterlich
Terminator

I wonder...

... how compatible it is with the DMCA rules to make a complainant accept arbitrary conditions in order to "accept" a complaint.

"By submitting this complaint, you agree to your SSN and credit card details being sold on a chinese black market website. And also, we sign you up to our newsletter."

2
0

Keyless vehicle theft suspects cuffed after key Met Police, er, 'lockdown'

Frank Bitterlich
Meh

Keyless Vehicle Theft...

This story has a less technical viewpoint than expected (for me at least). "Keyless Vehicle Theft" means theft without a key (which I'd guess covers at least 95% of all car thefts). Not necessarily a keyless car. While the Met police article links to another one on the methods of stealing keyless cars, I'd guess this is the exception rather than the rule.

So, read "keyless" as "jamming a screwdriver into the ignition lock" rather than "mad scientist cracks OBD encryption key using an abacus and duct tape" in most cases.

I still wonder how complicated it really is to forge wireless keys from the available data (via OBD).

4
0

IBM drops patent bomb on Priceline.com

Frank Bitterlich
Terminator

Re: Surprising

Yep... "Success Starts Here"...

"... and if you have finally succeeded, we'd like to have the money you have earned. Thank you."

0
0

Bitcoin trade biz MyCoin goes dark, investors fear $387 MEEELLION lost

Frank Bitterlich
WTF?

Does not compute...

Can anybody enlighten me on how anybody who has been on this planet for longer than six weeks would ever invest large sums of money into a Hong Kong-based sub-company of another company that has a "sole director" (who apparently does more successful business on Virgin Islands), promises extraordinary large gains, and that requires you to bring new marks into the game (sorry, "sign up new investors") in order to get your money back?

And how these people have made a fortune (apparently) while being that stupid? I mean, come one, they cannot *all* have inherited their wealth, can they? Lottery winners, maybe?

7
0

Download alert: Nearly ALL top 100 Android, iOS paid apps hacked

Frank Bitterlich
Childcatcher

Metrics?

I suspect that what they do is to scan the black app markets for anything malicious that uses the name or look of any of the top apps, and if they find one, voilá, "WhatsApp has been HACKED!!!111!!!"

Try to offset the actual number of malicious or really "hacked" instances of downloads to the total number of (legit) downloads of those top 100 apps, and come back when you have real numbers. Thank you.

I'll take that report for what it is: advertising disguised as a "press release."

15
2

Heatmiser digital thermostat users: For pity's sake, DON'T SWITCH ON the WI-FI

Frank Bitterlich
Alert

Re: Where are the crims?

Read the article again - it reveals the WiFi credentials.

1
0

Malware gets your Android blabbering to HACKERS

Frank Bitterlich

Zero permissions?

I admit that I'm clueless when it comes to Android, but can a "zero permissions" app really initiate a phone call? If that is the case, then this Speak'n'Steal attack appears to be not the only security problem...?

2
0

Voteware source code requester labelled 'vexatious'

Frank Bitterlich

"Freedom" of Information...

... funny what a name can do. Most "FOI" laws are actually the opposite - a means to prevent disclosure of information. It gives the public bodies a "tick all that apply" list of excuses on why it won't disclose anything. I wonder what judicial oversight is on this process; a potentially wrong election result vs. "commercial sensitivity" –– guess which one wins...

"This government was brought to you by ACME Inc."...

2
0

PEAK APPLE: Mystery upstart to hurl iLord from its throne 'by 2020'

Frank Bitterlich
Facepalm

Really? Again?

That would be the Apple Death Knell™ #65, right?

"In other news, Fred Wilson announces new startup that has something to do with the cloud and does think about data."

15
0

China funds devs to write smog-clearing vidcam code

Frank Bitterlich
WTF?

Visibility - WTF?

"...that if visibility is reduced to three metres, [...] even top end cameras couldn’t see beyond 10 metres."

No, dude. If the visibility is reduced to three metres, then top-end cameras can't see beyond 3 metres. That's what "visibility" means. OTOH cameras tend to be mounted a bit higher than eye level which sometimes improves visibility in smog a tiny bit.

But to me the idea of improving visibility by software sounds a bit like "24": "Can you zoom in a bit on that pre-recorded QVGA CCTV picture?" - "Sure, here it is, I've converted it to 4k resolution for you. Would you like me to switch on 3D?"

2
1

Azerbaijani election app announced winner before polls even opened

Frank Bitterlich
Thumb Up

Works as designed

A good voting app should show the results as soon as they have been determined. If the results have been <del>fixed</del> determined that early, why not let the public know... The OECD will be impressed with this level of transparency.

2
0

Airbus imagines suitcases that find themselves

Frank Bitterlich
Terminator

So just to make sure I get it right...

... the traveller is supposed to (a) pay a premium and (b) *list* the contents of their luggage (guys, looks like you need to add a few fields to the Passenger Name Record), and as a reward the airline won't lose your luggage. Or at least, they'll notice when they do.

"What a nice suitcase you have... would be a shame if anything happened to it, no? How about joining our new RFID-tagging program for a small fee, and we'll make sure nothing... "bad"... happens to your luggage...?"

0
0

Higgs data shows alternate reality will SWALLOW UNIVERSE

Frank Bitterlich
Alien

Some people think it has happened already...

... or are there other explanations for the fact that I actually had to browse to the _second_ page of comments to find the first Hitchhiker reference?

0
0

Tennessee bloke quits job over satanic wage slip

Frank Bitterlich
Trollface

Want to make this guy go mad?

Anybody want to mail him this URL?

http://www.google.com/search?q=Slonopas+666

He'll probably sue Google afterwards.

0
0

Data cop slap for Brit text pests

Frank Bitterlich
Facepalm

Some Math...

OK, if they really sent out up to 840k messages per day (which seems a bit high to me), let's assume they did on average 100k messages per day and operated this for, say, one year, roughly 200 days (without the weekends and such). That makes some 20 million illegal text messages. A fine of 440k makes the steep price of £0,000022 per message. This is probably less than 1% of what they paid their operator.

So that's what "new powers to levy heavy fines" means. That will teach them. They will probably never do this again.

0
0

Conmen swipe 100,000 Brits' sensitive info in UK.gov fraud bid

Frank Bitterlich
WTF?

No purpose?

So, "relevant authorities" said that "no purpose was served by notifying members". Oh, OK then. After all, they are authorities, and relevant. So they must know best. After all, who wants to know that crooks have lifted your debit card details and all kinds of personal info...

Unbelievable.

0
0

Windows Phone 8 has a secret feature which may activate at any time

Frank Bitterlich
Thumb Up

Great idea...

"... or record how someone connects manually for the benefit of other users."

I don't see what could go wrong with that technique... until one day a not-so-public, not-so-free Wifi AP somehowm manages to get onto their list of "Wifi Hotspots" and <del>snitches</del> records the login of some poor soul.

0
0

Iran X.25 terrorists actually BANKERS

Frank Bitterlich
Facepalm

Not the best "naming convention"?

Well, duh, it's called a "language", not "naming convention." Get yourself a Farsi dictionary, Mr. Kemp.

6
0

Feds charge US firm with smuggling illegal military tech to Russia

Frank Bitterlich
Big Brother

So, they were "stealing"...

.. the kit, not buying it, for export?

"The defendants tried to take advantage of America’s free markets to steal American technologies for the Russian government."

Well, the music industry has already tought us that "stealing" does not mean "take something away from someony without paying", but rather "buy something, pay for it, and then do something with it that the seller [or a third party] doesn't like." Looks like the DoJ likes this particular piece of newspeak.

Next up: Classify the purchase and smoking of Cuban cigars as "arson". Or, better yet, as "terrorism".

0
0

Defective PCB cleaner cans could inflict eye injury

Frank Bitterlich
Boffin

Messy affair

I once had a can (same stuff of a different brand) exploding due to corrosion on the bottom edge of the can (apparently caused by the leaked stuff slowly eating away on the can's paint.) Anyway, the artful pattern on the wallpaper in my living room was a thing to behold.

It happened at night, though, so my eyes are still fine. Anyway, since then I keep that can in a plastc bage when not in use, just to be sure.

0
0

Dropbox blames staffer's password reuse for spam flood breach

Frank Bitterlich
Thumb Up

Re: How about this for an idea

Sounds like a good idea. Make sure you tell the folks over at Dropbox...

1
0

Advertisers slam Microsoft over 'Do not track' decision

Frank Bitterlich
Big Brother

Wait a minute...

... did I read that right? "the advertising world would regulate itself and honor "Do not track", so long as browser manufacturers didn't make it a default setting"...?

In other words, when browser makers are starting to enable privacy by default, the ad industry sees that as a license to ignore user privacy preferences completely?

If you need any more reasons than that to enable DnT and privacy modes globally, you must be working at the Facebook HQ.

1
0

SETI experiment succeeds: fails to find aliens

Frank Bitterlich
Coat

Poor choice...

... to include the Parkes radiotelescope in that system. It's known to pick up terrestrial, umm, "interference"... for example, from handheld radios - as shown in the movie "The Dish".

0
0

Billion-dollar high-tech ghost town to run itself without humans

Frank Bitterlich
Go

Re: How long before they start offering vacations?

Westworld? No, rather Eureka! A town full of boffins testing the newest gadgets... Where can I apply?

0
0

Facebook defends support for CISPA monitoring bill

Frank Bitterlich
WTF?

Dear governments, ...

... can you please stop trying to get an "all access" pass to our data?

ACTA, SOPA, PIPA, RIPA, CISPA... can you *please* stop it, now?

Thanks,

Your People

0
0

Google finally secures gmail.de domain

Frank Bitterlich
Holmes

Some facts...

Giersch tried to register a trademark for "GMAIL" in Germany in July 2005; in October 2005 Google filed a protest citing "Identity of marks and G&S Likelihood of confusion Earlier sign & right to prohibit use of later TM under national law Earlier non registered TM & right to prohibit use of later TM under national law". He later withdrew the TM application.

I suspect that was the basis on which he lost the domain, as it would show that he knew about the existence of Google's trademark.

3
0
Frank Bitterlich
Alien

Re: gmail.de - why do they need it?

<yourname>@gmail.com (and, hopefully soon, @gmail.de) is a valid Google mail address (resolves to the same account as the corresponding @googlemail.com address).

Proven wrong :)

0
0

Matt Groening reveals location of Simpsons' Springfield

Frank Bitterlich
Meh

So, Shelbyville would be...

... Eugene, OR, then?

0
0

Iran preps Internet cutoff

Frank Bitterlich
Thumb Up

I love those propaganda phrases...

"Western colonialist media wannabes" - you can't make that stuff up.

0
0

Parents shocked by priestly PowerPoint pr0n

Frank Bitterlich
Gimp

Makes sense...

"... wrapped up by saying that the children get lots of money for their Holy Communion and should consider giving some of it to the church."

Sure, p0rn site subscriptions are expensive these days...

0
0

Commodore outs Linux-running Amiga Mini desktop

Frank Bitterlich
Coffee/keyboard

Priced like a high-end machine...

... and looking like some cheap Chinese knock-off Mac mini clone.

And the website looks like a flashback to the 1980s. Was half expecting the "Best viewed with Netscape Navigator and at least 256 colors" badge.

1
0

Queensland Police go war driving

Frank Bitterlich
WTF?

Good practice?

I hope that post was meant to be sarcastic.

On 2.4G use channel 13 if you can as it takes the WIFI off the Radar for older hardware.

Sure, as the bad guys are known to go wardriving using ten-year old laptops.

Add spaces to the key (I believe this extends time to dictionary brute force but is easy to remember).

If you have a key so simple that a space adds to the entrophy, better leave your network open. OTOH, if you see a van parking in front of your house and hear hysterical laughter coming from it, you know your network has just been pwned.

0
0

New iPad can't get its Wi-Fi up

Frank Bitterlich
Facepalm

Re: Apples just work...

... maybe slapping your hardware a little less would help...

10
2

The Facebook job test: Now interviewers want your logins

Frank Bitterlich
Thumb Up

Good idea, actually...

I like that idea. I'll ask the next candidate I have to interview for their Facebook creds. If they hand it over, the interview is over.

Because next time they're asked by someone else, they'll probably hand over the creds to their account on _my_ server.

4
0

Page:

Forums