* Posts by John H Woods

2124 posts • joined 14 Nov 2007

Cryptowall 4.0: Update makes world's worst ransomware worse still

John H Woods
Silver badge

Re: Straw poll...

I'm not sure I really know what I'm talking about here but how about "almost WORM" storage systems, where there is firm/hardware based version control and old versions can only be deleted when a hardware switch is engaged?

2
0

Let's get to the bottom of in-app purchases that go titsup

John H Woods
Silver badge

Re: Set Top Box - new acronym

And the space in the TV stand where it slots in is obviously the BUTT hole.

3
0

Top FBI lawyer: You win, we've given up on encryption backdoors

John H Woods
Silver badge

Re: Condescending git

"In most countries we live with typically a 10 to 100 times greater risk of being killed on the roads than by a murder" -- Paul Crawford

Well in the UK, road deaths have run at a rough average of 3k/yr since 2000 (although have dropped to just over half that in the last few years). In the same period terrorism has run at 5 per year (including the London 7/7 bombings). So you're talking more like 3-500 times greater risk for a road fatality. For heart disease and cancer we're talking about 150k each (forming about 60% of the annual death toll) --- these are 50,000 times more likely to get you than UK terrorism, which is right down there with the death toll from stinging insects.

20
0
John H Woods
Silver badge

UK cyber-spy law takes Snowden's revelations of mass surveillance – and sets them in stone

John H Woods
Silver badge

Re: I have said it once, I will say it AGAIN

@LucreLout the article is much longer than any instructions to sleeper agents would need to be. The problem with one time pad is, as with idiot code, the issue of key distribution. The thing about idiot code though, is that it doesn't even look like cipher text: a message saying that your friend is expecting triplets, but is still hoping for a home birth instead of going to a major hospital such as Reading and that the due date is April 23 may mean that you should attend a given meeting site / drop box at 16:23 on Tuesday and pick up some explosives.

4
0

'I posted winning race ticket in Facebook selfie ... and someone stole it!'

John H Woods
Silver badge

I've had to blur barcodes

in pictures posted by friends for concert tickets and the like ... of course they thought I was paranoid!

5
0

Licence to snoop: Ipso facto, crypto embargo? Draft Investigatory Powers bill lands

John H Woods
Silver badge

It was a

b̶r̶i̶g̶h̶t̶ ̶c̶o̶l̶d̶ ̶d̶a̶y̶ ̶i̶n̶ ̶A̶p̶r̶i̶l̶ grey wet day in November and the clocks were striking thirteen.

5
0

Music lovers move to block Phil Collins' rebirth

John H Woods
Silver badge

Re: Gated reverb is luvverly (especially with a bit of reverse)

"A decade best forgotten" -- Rich 11

I concur. Worst of all the 'eighties revival' has lasted longer than the bloody decade did originally!

6
9

Man hires 'court hacker' on Craigslist ... who turned out to be a cop

John H Woods
Silver badge

Why?

" Landis pleaded guilty to felony counts of computer trespass, tampering with public records, and unlawful use of a computer.

Why?"

I'd hazard a guess at Plea Bargaining" -- they probably threatened to charge him with Terrorism and lock him up for 8,000 years unless he pleaded guilty to offences he didn't commit. I suspect the motivation for the prosecution would be that 'intent' is harder to prove.

1
0

Hi, um, hello, US tech giants. Mind, um, mind adding backdoors to that crypto? – UK govt

John H Woods
Silver badge

Own Goal

Isn't this attempt at obtaining 'skeleton' crypto keys the best confirmation since Snowden that they cannot crack decent encryption?

2
0

E-mail crypto is as usable as it ever was, say boffins

John H Woods
Silver badge

Easiest method for occasional secure messages...

Text file (or whatever) mailed as an AES256 encrypted .zip; telephone friendly password (e.g. "all lower case, no spaces or punctuation, the electrifying sycophantic walks in clockwise circles") sent by voice or text.

0
0

Linus Torvalds fires off angry 'compiler-masturbation' rant

John H Woods
Silver badge

Wrong Jar?

Given the reception usually afforded to Linu{x|s} articles here, I was wondering if you'd chosen the wrong jar for the hero graphic (although I wish you'd drop these) -- maybe you meant this. I think it'd make a good icon ...

0
0

The only GOOD DRONE is a DEAD DRONE. Y'hear me, scumbags?!

John H Woods
Silver badge

Re: 40mm Glock

"That's about twice the diameter of a 10 bore shotgun" -- Tim99

Yeah, I think he's escalated to the clip-on grenade launcher!

6
0

Rosetta probe delivers jaw-to-the-floor find: Molecular oxygen

John H Woods
Silver badge

Re: Euphemism award

@Bleu, sorry for blowing a fuse, having some issues at the moment and suffering a severe sense of humour failure which I hope would be considered out of character. Apologies anyway.

0
0
John H Woods
Silver badge

Re: Euphemism award

Dear Supercillious Bleu

It is an understatement for "This is an extremely interesting result for everybody."

It is a euphemism for "FUCKING HELL, LOOK AT THIS!"

Sorry you were not able to grasp that, did you need the joke alert?

PS: I am not Little Mouse

0
1
John H Woods
Silver badge

Euphemism award

"We think this result is of interest beyond the cometary community" -- best euphemism we've seen for a few years, surely?

1
2

Cops use terror powers to lift BBC man's laptop after ISIS interview

John H Woods
Silver badge

Re: bullying ...

Sorry, Dan but it IS bullying (I can use CAPS too).

If I were in charge of an operation to exploit the journo's interviews to track jihadis, there is NO WAY I would have seized the laptop in a highly public way. It would be no problem to subvert it, with no-one being any the wiser. That could likely, as more jihadis trust the journo, lead me to even more targets.

You got it right (accidentally) when you sad "bad people ... need to find out the consequences" -- in other words that the confiscation of the laptop is effectively some form of summary extra-judicial punishment of which you approve. This is the truth of the matter, they are sending a message.

If you really believe that (a) they need the contents of the laptop and (b) that the only way they can get it is a highly public seizure, you are an even greater fool than your ridiculous posts suggest.

9
1
John H Woods
Silver badge
FAIL

Re: "Yes, go on kiddies, mod me down"

"Ad hominem - the usual response of the ..."

Oops, self refuting argument alert!

28
2
John H Woods
Silver badge

bullying ...

... if the security services were really interested in the contents of the laptop they'd have subverted it quietly; this is just about making a point. Conversely, if this is really counter-terrorism then heaven help us, it's a hopelessly incompetent approach.

24
0

Cyber cop: Snoopers' Charter tag is offensive. Maybe we need a 'yes to snooping' tickbox?

John H Woods
Silver badge

Re: If saving lives is the aim....

If you go back to 2000 (so including the 2005 July 7 bombings) you're looking about 5 UK deaths per year, around the same number due to stinging insects. Death to bees and wasps now!

7
0

Dad who shot 'snooping vid drone' out of the sky is cleared of charges

John H Woods
Silver badge

Re: Judge refused to view drone video or drone telemetry

"the judge refused to see the drone video or view the telemetry data both proving that the drone was above 200 feet" -- guyelec

If a shooter on the ground hit it with a shotgun round, it was almost certainly below 200 feet. Telemetry data and video, on the other hand, has no provenance - it could easily be from an earlier, higher altitude flypast or even a different drone.

[Edit: the original case report quotes the judge as saying that at least two witnesses report the drone flying below the tree line]

10
0

TalkTalk attack: UK digi minister recommends security badges for websites

John H Woods
Silver badge

"There has been some misinformation that the government are somehow against encryption," the minister said, without elaborating further.

Well, I'm not sure it's tactful for a minister to say that it was actually his prime minister who was responsible for the said misinformation, which is probably why he did not elaborate further.

[Edit: Back on topic, what's the point of a kitemark? You cannot purchase anything without giving payment details, so the advice is one of two things (a) people should use one-off payment (bitcoin?) for everything or (b) companies that cannot safeguard such information should be prosecuted.]

3
0

Lawyers harrumph at TalkTalk's 'no obligation to encrypt' blurt

John H Woods
Silver badge

Re: Agility

"Don't want people to see something? Simple: make the text colour the same as the background colour."

OMG I thought you were serious until I got there! Very nearly a whoosh moment -- looks like Poe's works with technical posts too!

1
0

You own the software, Feds tell Apple: you can unlock it

John H Woods
Silver badge

And in the UK...

... I think they could put the phone owner in prison for 2 years for not unlocking it ...

5
0

If MR ROBOT was realistic, he’d be in an Iron Maiden t-shirt and SMELL of WEE

John H Woods
Silver badge

Re: Say what you like about Hollywood Hackers

"I particularly love the ones who can stare at a screen of hex and infer something important for the plot from it (beyond 'oh look, a bunch of hex')"

Do you remember that "Are you smart enough to be at GCHQ?" test some time back -- that had giveaway hex 0xDEAD 0xBEEF if I remember correctly that hinted that you should run it through a VM?

0
0

TalkTalk attack: 'No legal obligation to encrypt customer bank details', says chief

John H Woods
Silver badge

Does there need to be an obligation to "encrypt" ?

"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."

--- UK Data Protection Act

In what way is that not an obligation to encrypt?

48
0

TalkTalk attackers stole 'incomplete' customer bank data, ISP confirms

John H Woods
Silver badge

Re: It is time for a PSA

"In which case dial 1471 or a friend's no. first to make sure the line has disconnected." -- Captain Badmouth

Not sure it's beyond the ability of a clever crim to fake the voice-synthesized response to 1471 -- I'd stick to calling a person whose voice (or whose response, e.g. "4As Taxis") you will recognise. Better still, use a mobile which cannot still be connected to the previous call.

I'm not sure why the calling party must hang up to disconnect the call on a landline, can this be fixed?

Can we start a campaign to make it illegal for outbound calling agents to ask security questions, and restrict them to giving names and/or reference numbers and a request to call back?

0
0
John H Woods
Silver badge

It is time for a PSA

(Public Service Announcement)

It won't be popular with some companies with bad practices but tough.

"Never, ever, give an agent any details on the phone when they have called you. You don't know who they are unless you are the one making the call to a number whose provenance you trust"

* it might be best to call that number from another phone - you cannot be sure the dial tone you hear is not being played to you by an attacker who has not actually hung up

7
0

So what's the internet community doing about the NSA cracking VPN, HTTPS encryption?

John H Woods
Silver badge
Pint

Re: Questions

"Pedant alert - having done all the nice mathsie bits, you kinda spoiled it by putting an exclamation mark on the end. (n! Factorial)" -- Velv

Ouch, yes. d'oh ... Have 568ml of beer on me ...

6
0
John H Woods
Silver badge

Re: Questions

"There are a finite number of prime numbers that use 2048 or less bit" -- Wade Burchette

Finite yes, but also ENORMOUS.

The number of primes less than x, pi(x), is approximated by x / (log x-1) or more roughly, but more conveniently, x / (log x). For 1024 bits, x = 2^1024 which is about 10^308.

pi( 2^1024) ~= 10^308 / 1024 ~= 10^305. As there are probably only about 10^80 atoms in the universe, give or take a power of 10, no such list can exist, even for primes of 1024 bits. For 2048 bits you'd be looking at > 10^600!

So although you have to use primes (otherwise the encryption wouldn't work), "the finiteness" of the number of primes is not a problem. But I thought it was a reasonable question, so if you do get any downvotes, they weren't from me :-)

52
0

Caption this: WIN a 6TB Western Digital Black hard drive with El Reg

John H Woods
Silver badge

You talkin' to me? You talkin' to me? You talkin' to me?

0
0

Drunk driver live-streams her slow journey home

John H Woods
Silver badge

"Tonight I'm the designated decoy"

LOL, but; in the UK at least I think you could be prosecuted for drunk driving on the basis of that statement. IANALBIPOOTI and I think that Accessories and Abettors Act (1861) still has a relevant provision in force (much of the Act has been superseded by the Criminal Law Act 1967) that states:

"Whosoever shall aid, abet, counsel, or procure the commission of any indictable offence, whether the same be an offence at common law or by virtue of any Act passed or to be passed, shall be liable to be tried, indicted, and punished as a principal offender."

0
0

Connected kettles boil over, spill Wi-Fi passwords over London

John H Woods
Silver badge

If you want to save time

one of these would probably be more convenient as well as £30 cheaper. Also the iKettle appears to be only 2.4kW --- have they deliberately reduced its power to extend the boiling time to make the remote switch-on functionality look a little bit more useful?

1
0

Sprint sprints away from no-throttle policy – punishes 'unlimited' network hoggers

John H Woods
Silver badge

@Ceiling Cat

Hi, thanks for the clarification - brain not working well at the moment. I guess I'd accept 23GB/mo as a mobile limit for everything except 'landline replacement' use where wired broadband is not available. I'm a pretty heavy mobile data user, but I've not been over about 12GB/mo since a fiber deployment took our local speed from under 2Mb/s to about 30. Nevertheless, I agree it should not be called 'unlimited'

1
0
John H Woods
Silver badge

"23Gb/month is very far from unlimited" -- moiety

Indeed. For some internet purposes it's quite restrictive - less than a dozen films ... some single Steam games are bigger than this - I think some may be approaching twice the size.

3
1

Weight, what? The perfect kilogram is nearly in Planck's grasp

John H Woods
Silver badge

Another problrem with the standard ...

... is that, being from 19th C. technology, who knows what's in it? I heard it had shrunk by about 50µg since its manufacture (my guess would be loss of about 1ml of H2 but it could be loss of surface greases)

1
0

Mold whine: Soylent superfood shipments stopped by spore scare

John H Woods
Silver badge

Not all molds are created equal...

... for instance, even in just Aspergillus species there's a big health & safety difference between those varieties which are aflatoxic and those which are not.

0
0

WIN a 6TB Western Digital Black hard drive with El Reg

John H Woods
Silver badge

Hey!

Where did the living room go?

0
0

Boffins: We know what KILLED the DINOS – and it wasn't just an asteroid

John H Woods
Silver badge

Re: the thing about space

"I remain to be convinced that an impact this small could have triggered the Traps" -- Alan Brown

Whilst I agree the impact was 'small' compared to other events (e.g. the P-T) it was still in the top five known Earth impacts; around 100 million megatons TNT.

For context, that's about about 20x the boom of that big chunk of SL-9 hitting Jupiter. It's about equivalent to 4,000 tonnes of matter->energy conversion or, if you want something more concrete, over ten thousand times the current global nuclear arsenal, which is over twenty million times the total explosive use of World War II (Hiroshima and Nagasaki were only 1% of the WWII explosive load).

2
0
John H Woods
Silver badge

Terminology:

(Correction suggestion sent).

"Tertiary" no longer has an official stratigraphic rank according to this pdf and the period immediately following the Cretaceous is the Paleogene, making the boundary in question the K-Pg. Doesn't sound as nice as KT but no point fighting it, unless you like Pluto-really-is-a-planet fights.

4
0

Lies from VW: 'Our staff acted criminally but board didn't know'

John H Woods
Silver badge

Re: We only found out about the problems in the last board meeting

"Any other talent is an o̶p̶t̶i̶o̶n̶a̶l̶ ̶e̶x̶t̶r̶a̶ actual disadvantage" FTFY

0
0

Boffins make brain-to-brain direct communication breakthrough

John H Woods
Silver badge

Re: Do we all experience this regularly?

"On this one occasion, I read a message from a friend, that related to a very important family incident that I was not aware of (and needed to be aware of).

The header was not unusual at all.

Why did I choose to do that with this one message out of thousands?"

Here's a possible rational explanation: in scanning the junk (a lot) more processing is happening than you think --- you are just not conscious of it. Something in the content jarred and the unconscious scan poked your consciousness and said, hey, read this one.

No telepathy involved; and none in the reported experiment either --- one makes ones brain do something distinct by deliberately focusing on a different stimulus, the signal is transmitted, and a stimulus is presented to the recipient, where the two stimuli that are possible are easily distinguished.

0
0

Robber loses heist case after 'evil twin' defence, gets 60 years

John H Woods
Silver badge

Re: It happens

"I was afraid the cops would get him confused with me and put me in jail for his crimes" -- ma1010

You're lucky. I look like bloody Anders Breivik.

0
0
John H Woods
Silver badge

Re: Not technically identical...

"[a] Even identical twins don't have identical DNA ... [b] there is a lot of random rearrangement ... [c] this isn't something that could be used in a legal case as it's a very specialised difference." -- Adam Trickett

[a] Yes, but for most practical (i.e. forensic) purposes it is, if not actually impossible, difficult to distinguish using the standard routine procedures -- unlike the fingerprints;

[b] I would dispute your use of 'a lot' --- you could detect copy number variants; possibly some epigenetic changes; possibly some age-related changes (more success likely with older twins) but it's likely you'd need more detailed tests than a standard 'genetic fingerprint';

[c] if it were important enough to genetically distinguish between 'identical' twins it would be possible; but if there was decent fingerprint evidence you wouldn't have to bother ... which was kind of my point.

3
0
John H Woods
Silver badge

"I thought the evil twin defence is a defence used by actual twins, where it is not possible to prove which twin committed the crime" -- SuccessCase

For identical twins, even though the DNA is the same, some other factors (e.g. fingerprints) are different.

2
2

Indianapolis man paints his ball every day – for FORTY YEARS

John H Woods
Silver badge

Re: Darwin Awards Equivalant

"No. It increases quadratic[al]ly, not exponentially." -- Phil Endecott

Apart from the spelling, this has got to be pedantic correction of the week.

4
0
John H Woods
Silver badge

Re: wha?

"Physio the rapist" -- Rich 11

Positively benign compared to "Psycho the rapist"

8
0

Forums