996 posts • joined Thursday 15th March 2007 16:58 GMT
Yes it is funny they, of all people, should suggest this approach. You know, the same sort of thing in terms of filming in a cinema which they are trying to make a criminal, not civil, offence by means of the insidiously secret ACTA dealings...
Sense at last!
Dropping the whole DMCA would be better, but at least these key rulings make the point that what should matter is if you go on to break the law (e.g. whole sale copying), which of course is already illegal and you could be prosecuted for, and NOT if you are doing something to allow reasonable use of your *own* hardware and legally obtained media (e.g. snippets for criticism). Though in rather defined cases here.
Also interesting will be the implications of this for the likes of "DVD Jon", after all, if circumvention of a dongle is reasonable when you can no longer get it fixed/supported, why not if you cant get the industry to fix/support your OS?
A good point, unfortunately no one so far has been able to code an ad blocker that can stop stupid, big, invasive ads from those that are reasonable and relevant! If only...
I find El Reg's adverts to be OK, as flash is off most of the time in my browser (so no annoying movements), and they are actually relevant to my IT interests.
"The Siemens SIMATIC WinCC SCADA systems...use hard-coded admin username / password combinations that users are told not to change...changing Siemens' hard-coded password will crash vulnerable SCADA systems"
You could not make that up! Using Windows, with its Swiss cheese history of security holes, is bad enough, but actually designing a system where the #1 rule of security (Thou shall not use well known user/password that world+dog knows) is deliberately broken!
Siemens should be hauled over red hot coals for that one. Fail for Windows, and fail for the muppet approach to security on systems that are intended for critical applications.
Apologies to all for hijacking the comments on the design flaw in Windows, but I was just wanting to make the point that some of Unix/Linux's built-in protection is also being compromised, so not to laugh too loud.
I understand that CD and FAT/NTFS file systems just don't support the *nix security model, but I object to the "default unsafe" approach of allowing execution. This is the slippery slope to the problems of Windows being easy to run things unexpectedly.
With CDs you can edit the fstab entry to add 'noexec', but that still leaves them executable if copied. Also not so easy for USB sticks. But how often do you really need to execute from a CD, as opposed to installing a .deb file using the package manager?
And while it is true that you can't run a surprise as root so easily, but remember if the operational account is compromised on what is essentially a single-user system, it is not that far from being rooted.
So to return to the article, yes its piss-poor that loading an icon for a short-cut screws the system over, but as other have pointed out, that is one of the delights of having explorer built-in low down, and it seems not properly audited for holes. Again.
"he who pays most has greatest incentive to ensure the greatest efficiency of use" oh really?
More like they have the biggest profit to be made, and that is not always in the best UK public interest.
LINUX should not laugh - too much
@Chemist: While it is true that fully automatic running is not the LINUX norm, Ubuntu has an option which is on by default to offer to run software when you double click on it. For example a text file with 777 permissions gives you this sort of prompt:
'Do you want to run "rxlist.txt", or display its contents?'
At least the default action is 'Cancel' in this case, but I do worry about a dumbing-down of LINUX to meet the Windows users' low expectations. Hopefully we will not go any further down that path...
LINUX should not laugh
Usually I like to point out yet another reason to deride MS' security history, and this is quite a good example.
However, the LINUX case is almost as dumb! While UNIX has the 'execute' permission that limits a lot of simple attacks, why do LINUX distributions insist on mounting non-UNIX file systems (e.g. USB drive with FAT format) with '777' permission (i.e. everything is executable by default)?
There is no excuse for this in most cases, even a CD with software should be in a .deb file or similar. If someone dose not know how to copy to the appropriate place and chmod, they have no business installing/running stuff from an external drive!
For internal drives (such as my Windows partition) it is easy to add options to /etc/fstab so directories are 775 and files 664 so why can't they do it for automounted systems?
These companies who offer control systems to critical and/or safety critical applications do guarantee them I presume? You know, they have audited the software and hardware, and have the full backing of all suppliers to cover them for the consequences of flaws in the system?
If not, who was the muppet that OK'd the choice?
Last MS OS for me
I got the desktop w2k professional with my PC around 2001, replacing an older NT4 box. It is the last MS OS I have willingly paid for. It worked fine, and I saw no compelling reason for XP, in fact, the whole product activation aspect left a bad taste in my mouth.
Almost 8 years later, my PC failed with the 'bulging capacitors of death' and I turned it in to a VM and now run it under Ubuntu when needed. I can still dual boot, as I was able to install w2k on the new box (but it borked if I fitted 4GB memory, or by using a SATA DVD drive) but almost never do.
For me at least, that looks like the future where *I* control my own PC, and have no long-term worries of it being remotely broken by a lack of activation support, or hardware change.
Long long ago, when I were a student, if you were good enough to do a degree you got the costs covered and money to live on. The simple argument was that the UK benefited so much from your eduction (not least your higher life's worth of tax revenue) that it made sense. Degrees offered were by and large aimed at what the country needed.
Fast forward to a world where 50%, and not 5%, are getting a 'degree' and you see the costs are much higher and the benefit per student far, far, less. Universities are now business drive, and so offer the cheapest and most popular degrees for school leaver. Great idea that?
Along the way we lost the apprenticeship schemes and HNC/HND qualifications that were useful and worth having for a large proportion of the population. Another dumb move by politicians and poly/FE leaders.
Finally, for those who complain about the problems of non-degree holders being unable to string a sentence together, you might want to ask why school is not enough? At one time decent highers / A-levels were enough to get a decent non-specialist job. Why are they now looking for 'graduates' instead?
Why force universities to take poorly performing students because they cane from a poor school (a Labour hobby-horse) rather than FIXING THE DAMN SCHOOL SYSTEM?
Rant over, at least I don't teach any more.
Time to move on?
While there may be some critical Windows-only software that is a problem, most of the desktop and office stuff need not be MS at al;. As they no doubt have lots of XP licenses, why not LINUX for most and run a VM for a few?
And less of the brought-down-by-virus headlines as well.
Of course its a pain to change, a major one, but we are talking about hundreds of millions of pounds here. And going from XP to 7 is also a pain and re-training exercise for most non-el-reg readers.
Anyone fancy forming a company to offer that change-over assistance?
"she can't find anything, doesn't know how to launch programs" really? How did she cope with the big changes from XP to Vista/7 etc?
I don't use Macs (cost really) but my own experience of average user + Windows is they get shafted regularly. You pay your AV "protection money" and find it just does not work against Joe (or Jane) average who sooner or later tries to install something off t'Internet.
So wile I am a LINUX lover, I would say to anyone who has the money and wants a hassle-free computing life to consider a Mac.
Oh, and as for the reviewed machine only having 2GB of RAM, I run 2GB on my LINUX box without swap space and develop software, run VMs, etc and have not run out so far. Big deal?
I found Spotify to be very good, and the Windows client run just perfectly under WINE on Ubuntu 8.10, so I see this as a bit of a non-story. Yes native LINUX would be nice, but the sensible Windows API use results in an app you can use under an emulator just dandy.
I went for the Canon IXUS IS-95 for that reason, it still has an optical viewfinder for the odd very bright day use. It may not be 'current', but you can probably pick them up new for under £150 for a while. Generally a good camera, only downside (at the price/size) is the lack of a real manual mode.
We had a whole range of Electromagnetic Compatibility laws introduced in the 1990s to stop equipment from causing unacceptable degrees of interference to legitimate radio users. And when this kit comes along and pisses all over the radio bands what do Ofcom do?
Sweet f*ck all.
Why is that you wonder? Well because there is money involved, and Ofcom appear to have been bitten by the Thatcher view that making money off radio use trumps almost everything.
Why have they not prosecuted BT for their crap kit? I guess the same applies to Phorm fiasco where the big & wealthy businesses somehow get different rules applied...
Make sure you properly check the disk!
I have found a few older PCs with a couple of bad sectors on the HDD, so my advice is to always run chkdsk to do a full surface test as well. Yes, that is tedious, typically in the couple of hours range, but it can save hassle later! In fact, I would suggest a total scan once a year anyway.
If the NTFS drive has bad sectors, typically the Gparted tool will refuse to re-size as it a more dangerous thing to do.
With the Ubuntu live CD you can (usually) check the HDD SMART status using the System -> Administration -> Disk Utility but some older PCs can't report it, and quite a few have this feature disabled in BIOS (so go in and enable it if you can). The SMART results for a checked but bad sector disk will give you a hint as to whether the disk is truly dying (e.g. sector reallocation count over threshold) or if it was just a couple of bad sectors for whatever reason.
You can force ntfsresize to do it from the command line, but in this case you have better have a good backup anyway!
If you don't trust the HDD, then a new one is a very good idea, but if it is Windows' own files that are borked (see the Event Log in Windows after it reboots from running chkdsk), or if you have any suspicion that its malware infected, then a total wipe and complete Windows re-install is a good idea before attempting to dual boot once more.
If you/then have lost their Windows install/recover CD and don't care to fork out another £50 or so to Billy's empire,, then I guess it was time to go LINUX anyway...
@Re: Portable Hard Drives
"Of course they will" is NOT the same as "I tried them and they did", as we all know only too well!
Also missing from the review is details like the actual power consumption, and do they support SMART reporting. If you have them as a backup drive it kind of nice to have a health check, even though it is of limited ability in predicting catastrophic failures.
Also do any of the backup software have checksums on the archives, etc, so you can test the file's integrity without uncompressing/restoring the set?
In a physical attack there is an accepted principle of not being guilty of assault due to reasonable "self defence", I wonder at what point it becomes OK for a computer to retaliate against an attacker?
@Crash and Burn, Girl
Having had my fair share of dead disks in my time (and several from other people, mostly without backups of any sort) my first question is always "can my RAID card take them?"
Generally I use proper hardware RAID cards like the Areca ARC-1200 or ARC-1210 in spite of their cost because you can easily dual-boot windows and LINUX on the same disk set, which you can't do with fake & software RAID solutions.
Also the ARC-1210 allows periodic background (i.e. low priority) disk-scrubbing in RAID-5 mode which is a reassuring check that your disks are still OK for reading every sector of every disk. It would be nice if LINUX MD did the same without having to mess around.
@That's all fine and good
Windows 2000 is past sensible support, if you have not moved on its high time you were making plans to.
A lot of companies have the justification that *something* will break with a new browser, and it may be true but sooner or later you have to change. I prefer LINUX, but would say to anyone with a Windows-bases system that they should migrate to 7 soon.
Managers need to realise that software, wile it does not age in the conventional sense, has a finite useful life and you need always to be thinking 5-10 years ahead of what to do to make it work.
That might be a VM running old OS & applications, or it might be porting to new systems, etc. But you need to know what *you* will do to keep things running smoothly. Hell, in our organisation someone still has a business-critical application that runs on OS/2!
And what is wrong with having a 2nd browser for non-Intranet stuff? Can't your system administrators set up a software firewall to allow IE6 to access your local IP range only, and Firefox to access the test?
Plan, budget, test. Don't get caught out!
I like their analogy, but why don't they grow some balls and just formally dump IE6 support completely? That would force business users do do *something* to get out of their predicament.
One, incidentally, created by MS' non-standards and the business' dumb contracts that did not dictate multiple client testing in the first place...
Remember that w2k is past support now, XP almost end of life and in its case most sensible XP users will have upgraded to IE8 even if they use other browsers due to its deep routed security implications.
I have two lines of thought:
One is I really don't like Apple's attitude to user freedom, but again they have a small share and there is plenty of competition so the impact is far less than Microsoft. Usually it is MS I have a rant over (usually over abuse of their market dominance coupled with seriously dumb security at the core of their products) but to be fair they are much less restrictive than Apple.
This current spat is probably good in it might just make Adobe fix things and see the light, and also it might put off those mindless idiots who make web sites that can't be used without flash. So I am sitting back with some popcorn...
"Piracy is limiting IT innovation, job creation, local economic growth and is robbing governments of vital tax revenues"
Bollocks, given most of the software they are talking about (e.g. MS and Adobe I suspect by volume) is US based, I see little or no 'local economic growth' if they are paid or not.
And as for tax income, what exactly happens to the money not spent on pirated goods? Kept in a tin under the bed? Or maybe spent in that local economy?
Not that I believe in pirating software, if you don't want to pay MS, Adobe, etc then use one of the free alternatives. In most cases they are pretty good, and in doing so it helps promote interoperability, something that propitiatory suppliers tend to abuse for lock-in unless thet HAVE to cooperate to keep their market (or governments force them to).
Tux, let him shiver your timbers.
Worse than that, they are liable for any crimes such as bank robbery performed with the aid of their stolen (unlocked) car.
This is a really dumb verdict, not because people should protect their WiFi link, but due to the precedent that anyone taking advantage of insecurity is your fault. What of MS' can of worms security?Are you now liable if your PC is compromised? What if you have to use WEP due to older hardware, etc, and then it is broken due to its well known weakness, are you liable then?
The argument that no password = liability also kills all public wifi points as well, as they are open to anyone. Even if protected, how hard is it to buy a coffee with cash and then upload?
Stupid, stupid, stupid!
This is one thing I particularly hate about the way copyright laws are used/abused, it is the approach where by "assisting" infringement is easier to target in court rather than finding or prosecuting the person committing the crime, so go after services or users who are innocent themselves but who's services can be abused. Then ISP's etc, face big legal bills (which we end up paying) when they don't jump to the (often unreasonable) demands of copyright holders and their organisations.
Not for me
While I do think that Word (I have a copy of '97 but some bugs were not fixed even with the 2003 edition at work) is a bit better than OpenOffice in some ways, I don't see much use for this.
If you worry about document formatting for printing and emailing, then just use OO's Export as PDF feature, sorted!
Google docs would be ideal if you could have your own local server, but personally I am against most cloud-based services because:
(1) Your data is in someone else's hands, so you have to trust them
(2) That is under US (or other) laws
(3) That you can't usually migrate to another cloud supplier if they have problems.
(4) They are often useless if your link is down, or just way too slow.
Given OO is free, I would just put it on all machines, you can use something like dropbox or Ubuntu One should you want syncing between far off machines, and you still get the data locally accessible (though not synced) if your internet link is down.
You seem to ASSUME that a trial was possible, but probably not. In fact, the simple way out of this is to always allow a free X days trial before you buy, in that case there can be no complaints about functionality (unless its broken at the trial and a promised post-purchase fix never appears).
It is high time that software suppliers were held to *some* degree of responsibility for what they produce, for years the MS model of "push out product with gee-whiz features, then sell an upgrade to maybe fix some of the crap in it" has been the industry norm.
By default, ubuntu has no open ports to world+dog so the firewall is not needed. If you do install something that opens up ports (e.g. SSH daemon, samba or NFS share, etc) then you should turn on the firewall if exposed to the world
In most cases, you are not (as you are behind a home router's NAT) so again you can breath more easily. But if you are directly on a cable modem, or use VPN, or use a busy and untrusted WiFi, then you are probably open to some or all comers.
There is a simple 'gufw' graphical utility that you can install from the graphical package manager to do most of the firewall configuring with ease. Typically select 'default reject' and then enable just what you want, and for the IP address range(s) you want accessing it. It even helps by allowing you to name the service you want enabled (e.g. by 'ssh' rather than knowing it is port 22)
Unless you are really determined, just forget about directly doing ip chains...
And keep to sensibly strong passwords for such remote access, please?
@secure email is an oxymoron, dumbasses →
Very true, we really should have a secure alternative by now...
But, equally true is that inter-departmental emails would normally stay inside the network, and that would require a certain degree of "inside cooperation" to intercept and scan all of the data. Where as putting ALL email out to a 3rd party opens up EVERYTHING to interception and US-subpoenas. An important point if you are not a US university or business.
First question, why no ext3/4 format allowed, or did you just not check that? For a LINUX user you may want something that supports the OS' user and permission settings.
Second point about TrueCrypt you should mention as well as being free, is that you have to install it on the host computer, and that may not be possible if you are using this box to carry data from your machine to a 3rd party machine securely.
Also if you do get to install it on someone else's PC, and it has been rooted, then your pass phrase can be captured. With this box the pass code is never seen by the host computer, so it is far more flexible and secure than a software install on computers of questionable integrity. (OK, if the machine is rooted then they can get data once connected, but maybe not all of it, and not the key for attacking other machines of yours).
Still, while a good box, it is a tad expensive...
Er, so this company, with its research enter in China, would like you to run its software to probe everything visible in your network's (and presumably WiFi, etc) view of the world?
And what else might it do while worming its way round your most intimate computer zone?
Exactly. I wrote to my MP for Dundee West and guess what? He did not reply and did not attend the vote.
Whether you are on the P2P side or the fights-holders side of the debate, I would hope you can see that the DEB has been a travesty of legislation as it was rushed through without adequate scrutiny, and by MPs that in the whole know f*ck all about the ramifications of a number of the key points.
Best thing that could happen is a hang parliament (or Liberal victory - some chance) that results in fundamental changes to how law is made. No more 'party whip', an end to rushed-though legislation, and some method of ensuring that concerns voiced to MPs are actually considered for once.
...is the need for a fast/reliable connection at all times. I was on a train journey recently and it had a woefully slow WiFi due to the number using it, rendering most web apps useless. And I am too cheap to pay for a 3G dongle (which would still be flaky in a lot of areas/tunnel/etc).
Any such thin client must 'simply work' automatically with a flaky link, or it will fail. I do look forward though to the market reactions when it finally makes it :)
Only from a photon point of view, i.e. start of fibre to end of fibre. Any electronic switch/router/repeater needed for normal use has to be physically secured as it could be used to tamper/intercept data without detection.
So great for big organisations who need a secure point-to-point link between secured sites, but going nowhere for the majority of internet traffic.
Not helped by...
...the brain dead developers of the parcel force /mail web site that only works officially on windows and demands the pdf browser plug-in. Easier to take stuff to the local (or not so local these days) post office branch.
Already said are the two points:
(1) The users should have had a kicking for the problems they brought, and
(2) the administrator should have been kicked for not understanding and carefully testing such a potentially serious script before deploying it.
The issue of trust is, of course, important and any competent organisation of any significant size will have more than one good (technically & responsibly) person with the necessary knowledge to administer things, and most likely separated departments each with their own 'kingdom' of access rights.
Why push DAB where most people don't have one and don't care? A desperate attempt to make it happen in the face of public apathy and lack of compelling advantages? What about battery life, perhaps? Cost?
As pointed out, overseas visitors won't have a compatible one even if they bring it, and most people's mobile phones and MP3 players, etc, offer FM (maybe just AM). But going for a working system is way to easy...
The comment is true for graphics with sharp edges and uniform colours, but as you point out, not for photos.
Also confusingly there are other comment locations for this article, for example, at the conclusion page http://www.reghardware.co.uk/2010/03/26/grouptest_colour_laser_printers_verdict/
Maybe El Reg should keep the forum posts together in future?
@Can't dump Windows
Best solution - fix/replace them.
Practical solution - run a VM for XP/IE6 and have them set up so they are fire-walled from the outside world, and have USB ports & autorun disabled on all drive types.
Host system could be anything really, LINUX probably best choice, and it is used for email/web/etc if possible. Getting away from horrible version-sensitive spreadsheets and so one would also be a good idea, as then you have greater portability of office software.
@Can't dump Windows
Just to add the point that at some point you *will* have to dump IE6 as even MS desperately want rid of that bastard browser.
Just make sure the next contractors employed to implement anything are forced to do all acceptance testing on two *different* OS and browser combinations (e.g. win7 + IE8 and LINUX+ Firefox). That way you won't be soooo deep in the sh*i next time...
Glad to see this sort of comparison as a cheap laser printer has a number of advantages, most noticeably that they don't dry up if infrequently used. The large paper reserve, and resulting infrequency of filling, is also good if small children (or technically challenged people) use it as it minimises that opportunity for damage.
Also glad to see MacOS & LINUX support being discussed in each case! In my case I went for the slightly more expensive OKI C3600 as it has postscript support and "just works".
Finally, what of the yellow tracking dots? Following from http://www.seeingyellow.com/ you can see some EFF privacy tests.
'a bit of education to the users in basic threat avoidance "dont click on those viagra ads" '
That alone would do so much! I support my family & friends with LINUX now, and one individual who shall remain nameless downloads various .exe and tries to install them. Now he gets nowhere because (a) he has not got sudo privileges (his wife has), and (b) it is a LINUX system, doh!
He does not understand either of those points, which is why they have had no infestations since I switched them. But you can see how that fails for the general population who look after their OWN systems and still click on stuff...
If I go to buy a Dell Latitude L2100 it offers me XP as default, with the choice of linux with £24 reduction or Windows 7 at £17 more. So why can't he get the £41 back?
It is high time that the "MS tax" was a choice, not something that is forced on most PC purchases.
- Product Round-up Smartwatch face off: Pebble, MetaWatch and new hi-tech timepieces
- Geek's Guide to Britain BT Tower is just a relic? Wrong: It relays 18,000hrs of telly daily
- Geek's Guide to Britain The bunker at the end of the world - in Essex
- Review: Sony Xperia SP
- Dell's PC-on-a-stick landing in July: report