313 posts • joined 31 Jul 2006
MS always bleeding edge ... not
First time I saw the concept of multiple workspace was early nineties, I think with the twm windows manager. I think, from memories, it was also available on SunOS 4 SUN workstation ...
So yeah, good job, MS for bringing those ideas in 2015 ...
"Still not ready for the desktop.
The very slight disagreement with this would be the word "still". I think XP was OK as a desktop, but all the rest after, including 7 has been utter bollocks as far as desktop goes.
Heck, I built a Win 7 VM a while ago, and it took me a stunning one week (day and night) to bring it up to current patching level ! One freaking week !
If you screw your mac's OS, it takes no time to restore from backup (yes, I know, a couple of bugs with Maverick as far as restore goes, but still), and only 1.5 day to install from scratch via internet (on a 2.5 Mbps link). And patching occurs only every 6 months or so, and they're bundled, not distributed into 100s of sets that take forever to download. Updating a Mac takes no time and a single reboot, while Windows is now a permanent download/reboot thing.
I still remember when this bloke brought me a Win 7 laptop not booted since 6 month as a tool for a jogging race. Upon plugging it to WIFI, 5 hours after, after everything was finished (on my Mac), it was still updating and was still unusable !
Redmond will need to change their OS update schema or they will loose even more to OS X and/or Linux.
Re: equips tinfoil hat
"Norton AV has been a disaster area since 2007. Uninstall it already. MSSE should be enough for anyone."
Not sure about the date, but indeed the darn thing has been shite for years. Too intrusive to OS, and not providing any significant cover.
Use avast, destroy anything bearing the Norton tag you can see ...
Re: No Excuse
"There really is no excuse for a webmaster not to have updated to a 2048bit certificate, it's not like we haven't been aware of this for the last 3 years.
All the major CAs have had big warnings plastered across their sites for a long long time."
Agree. And I also praise Mozilla for taking the lead of the cleanup of the smoking mess that is TLS CAs signoffs. They are doing it at the expense of pissing off the clueless, but ultimately securing communications of everyone. Hence, hats off to them.
" I bought a Netgear DGN-1000 a few years ago. Disabling WPS was disabled (if you see what I mean) and the company explicitly announced that they weren't going to issue a fix. (They expected owners to buy a newer model.) "
Pretty retarded indeed.
Solution is to buy only those routers that can install one of the popular freewares.
Re: UPnP, WPS, SNMP
"My router allows you to specify allowed internal and external UPnP port ranges - better than nothing?"
Barely. Security through obscurity. Let's hide the port which opens the firewall ...
And how is it hard, for someone who almost get the notion of port, to do any firewall config explicitly, rather than relying on UPnP ?
UPnP, WPS, SNMP
All switched off at first setup time, whatever router/firmware you use.
UPnP and WPS are security suicide tools and SNMP can be used as an attack mean if not implemented correctly and is in 99% of cases not used at all.
And you forgot one of the worst aspects: false positives on Win XP core libraries !
Geez, how much time this costed me for local neighbours that failed the "fix/ignore" button !
UK leaving the EU
I'm always baffled by the number of people supporting Cameron in leaving the EU and/or wielding the dangerous threat to do so, at the risk of having to do it for political reasons. Who cared a single second when he went berzerk on Junker election ?
After all, the UK is one of the few countries to still have a full sovereign currency in the EU: it can print money ad nauseam to start the economy again, so doesn't suffer from one of the sole EU problem.
Then, it seems unavoidable, to me, UK (minus Scotland) will leave the EU, so noisy was the spin around how it would make things better. This data protection ridicule posture and how no-one cares is one more syndrom that it will make everyone outside of UK happy.
End of the day, this will only kill UK exports to EU (yeah, no painful security/safety requirements anymore, china-style, only to be treated as the same rubbish).
I really hope Cameron gets to his senses again, so as to avoid the UK going down ...
"Apple won't use NFC because they don't hold the patent.
The patent for NFC payments is owned by Visa & Samsung <-- because this?"
Possibly. However, Apple is taking a risk in offering an "Apple-only" payment solution. Having the tablet OS and hardware by the same vendor has a lot of merit, but such is not the case of the phone manufacturer and payment provider. This is a problem as sellers will face 2 standards: Apple only or NFC based.
I don't see Apple winning this one.
Re: we are doomed
"Actually that pedal to the left is merely an interface to an electronic device - i.e. 'brake by wire' - for more and more vehicles on the roads. As are the shifter and shifter paddles, as have been most dashboard controls for years."
Not in my cars. All 3 pedals (yes, if you know how to drive, there are 3 of them) are mechanically connected to either a cable (clutch and accelerator) or pump (brake). Steering is mechanical as well.
There is no way I'm buying a car where any of those is electrical because I see the risks but not the gains. A mechanical or hydraulic device is always more reliable than an electrical system.
And yes, my most recent car is from 14 years ago, but still doing great.
"It's a gimmick anyway. Seriously, it's only use is for the fun of seeing peoples faces when I make my car do a retarded Herbie impression."
Actually, it's a gimmick NOW, but if desirable, they're gonna put more services on it, incrementally.
Of course, without checking what if the service is down, each step they go through ...
And one day, someone might get killed because of this.
" complete re-programming at the server end, and starting again from scratch ".
It seems still in 2014, people are performing a major upgrade on live systems used by customers, with no prior backup of any kind ...
I like the "complete re-programming" term most, either the lad was not totally fluent with IT or maybe ... they lost the apps binaries AND source as well ?
Re: firefox ESR updated too
You have my sympathy, even if I'm ready to let them a chance still.
For people that are looking "where the <BIP> is the about/update button" it is hidden in "new bizarre menu bar on the right"/"tiny interrogation mark button I never spotted before"/About Firefox.
"I have a bad feeling about this."
Same here, even worse than that ... Even episode 1's ridiculous pod racer looks better.
Really sounds, as others have pointed out, like an H2G2 thing, like the sofa that felt in the space time breach, just to en up in the middle of the Ashes cricket tournament ...
French TV those days
Like the article pinpointed correctly, France as well is invaded by US series/movies.
Nowadays, a full week of french free to air TV is:
- loads of US series (all of them, multiple times). Some you can't follow because they're broadcasted out of order by complete retards (Hello, NRJ12 ?).
- loads of US movies
- loads of reality TV (entire channels of it, like D8, NRJ12 M6, and others, about 1/3 of the full specter)
- the obligatory "plus belle la vie" french serie which really sucks
- some rare good french and interesting program (Arte)
- some never seen stuff in new channels (RMC disco)
That's it. I even watch UK FTA channels when I'm bored.
Re: Are these the SPARC or the T processors
"Whilst they look good on paper with loads of threads, we have found that for a heavily loaded
transactional systems, they perform like a dog."
That's because the Niagara series (T) has been designed for apps that are light on the communication bus (App servers, web servers, mais relays) and very parallel, not for heavy DB servers. For this, you should use other gear (Power 7 from IBM or M series from Oracle).
Re: So much better than original FW
Exactly, all of this.
Also, contrary to popular belief, this come with a full UI, and there is no real need to go command line even for advanced config*.
Nowadays, any time I need a router or WIFI AP, I just go to openwrt hardware list.
* one silly exception: no way to get the WIFI PSK from the UI, when connecting new stuff ...
"I remember those days, it was fine until it decided to eat its own database and I would wonder why no backup tapes were ejected (My fault for relying on the inbuilt database)."
I remember Arcserve as well. Was in 1999, on NT 4, and my first backup software (that is after Unix tar :-).
I've never heard of it after this, despite spending a long time in DC and storage ... I wonder what it became after this ...
Looking forward ...
To all the articles on security issues around those new IoT thingies.
And their consequences ...
"For this to work it will also need some way of getting software updates FOR THE LIFE OF THE CAR. This does not mean I need to buy a new car every time a new version of the OS is released."
Agree in the principle, but you used the undefined term "LIFE OF THE CAR", which, depending on company's business model can go anywhere between 5 and 20 years.
So this update for life would prove trivial to achieve for, say, f***ing Peugeot but quite more expensive for, say, Toyota or Kia (with their 7 years waranty, which is not even meant to cover the lifetime).
End of the day, that would biaise the market IMO, so to me, the conclusion is a level of automation in the car that would require an elaborated OS (windows/linux vs. Vxworks type of micro-kernel) is a bad idea.
Re: Mogpiss Monday Blues
Ah ah, actually, it's probably, from the study, still the same duration, except this very male cat is coming EACH TIME at your place for it, part of its territory domination game ...
Quite a pain in the a*** I reckon, but could be worse (like in your boots) ...
There is however a good use for this
"And if you happen to reach for the navigation console while the car is in motion," Davis notes, "Mobii will gently remind you that's a bad idea, requiring you to speak your destination instead."
Who would buy this for being bugged by a defective program, surely hardcoded not to be able to be de-activated like those numerous bipping systems warning you've not your belt on.
Not me !
There is however a single legit use: driver asleep detection. Will save your life if triggered, and the techno already works. It's not rocket science by the way, only a matter of closed eyes detection + timer ...
If you're giving a pres, you surely don't want a bsod like that poor Gates fella ...
Hence OS X
"What about the few sad folk still unable to avoid suffering from Vista, is that not still considered a supported OS?"
I think no, see http://support.microsoft.com/lifecycle/?p1=11734, if you don't have extended.
Different note, I'm baffled MS even still cares about 7 ...
Re: No they haven't
"And if they don't have a choice...?"
Hmmm, Doom ?
"Make the suppliers of IoT stuff pick up the bills for any breaches that happen, say 30 days, after they have been notified of a flaw/exploit.
I think you will find it amazing how that would focus their minds on having it secure and patchable from the start."
This would be the right approach. Except all vendors would cry foul and would force regulators to back off immediately. Such a liability has never been imposed to a vendor in the consumer market to date.
And we're talking potential life threatening liabilities here !
Re: No they haven't
"I got news for you. THAT HAPPENS EVERYWHERE. Microsoft's just the company with a big fat bullseye on it."
I agree it's not only ms, others in OSS and elsewhere get it wrong too.
If this is gonna be permanent, as you and me seem to believe it, then, as I said, the darn thing will collapse.
No-one will ever accept their supplies to be owned like their entertainment device is ..
No they haven't
“The lessons have already been learnt on modern OSes."
No, they haven't. Supposing Windows is part of the "modern" OSes (and I'd happily argue against this, but given its spread, let's assume yes), they haven't learnt a thing, otherwise they'd have rewritten IE long ago, after designing a proper security layer, and no flaw nor patch would ever exist, covering 6 major versions (http://www.theregister.co.uk/2014/04/27/oops_we_did_it_again_microsoft_warns_of_ie_zero_day/) for a period of now 13 years and counting.
Instead, they kept patching holes after holes, like drunken lemurs scooping water out of their sinking ship, forgetting to plug the big gaping hole first. Why is ActiveX still in W7 by the way ?
"The mitigation techniques are out there and secure development lifecycles are well documented. IoT developers have access to the answers, if end users force them to use them.”
Yes, the technology is here, but end users don't understand a thing, so can't force anything onto vendors. So they won't, and no-one else will, since only end-users have such an interest.
Furthermore, the NAT barrier is today artificially protecting most devices, as an encouragement for doing security wrong safely (from a vendor reputation standpoint). So this will add to the problem.
I personally think the whole thing will rapidly collapse under the impact of security flaws exploited by crooks, together with less than stellar added value, a bit like some electronic "solutions" in cars died under reliability issues for no added value (at least for the part of manufacturers that are still on the reliable cars market, again, customers don't understand a thing, and still a market for gadget cars exist).
I liked this article (http://www.theregister.co.uk/2014/06/17/internet_of_things_fridge_fantasy/) which by the way managed to kill the idea without even digging into some of the difficult aspects (like lapsing dates of food, liability in case of bugs, etc ...).
Re: Lost Files
Another one quite similar:
This sales admin young woman was only using a single tool, salesadm, and for convenience, there was a shortcut for it on the desktop. Every month, she accidentally removed the short cut, and called that "salesadm has disappeared". Each time the support lad would recreate the shortcut.
I don't think she ever realised one could launch programs via the start menu ...
Re: Goodbye windows
This has already happened.
Re: The question becomes, then...
"And actually it would be far easier for the NSA to try and subvert Open Source code via strategically placed development efforts than it would be to attack commercial software during the development process."
Actually, no, it's the exact reverse. Commercial SW can be subverted easily (couple of thousands bucks) contrary to open source which is open to public eyes.
Granted, openssl is such a smoking mess it didn't work for it, indeed.
Re: What about LibreCrypt?
"To use the "Libre" naming would make the intentions clearer and would borrow from the goodwill that LibreOffice created."
This. An also, with the fact hosting moves from the US of A to Switzerland, it would be a good punch in the face of Uncle Sam !
This screwed my week big time.
They really seem to have lots of issues with the controller ...
This is putting the whole ecosystem in jeopardy, as devs may stick to directx rather than opengl.
I really hope this is coming Q1 2015 otherwise I'll have to pay the Redmond tax again ...
"And he needs to do all this while maintaining a rather successful Windows business"
Well, good luck with this one. Win XP/7/8 are the same thing with only the GUI changing, people have become aware of this, and PC laptops and desktops are soon to be history. I see as much Windows future in this landscape as there was OSF/1 on X86.
Only junior sysadmins that can't do Linux will be the customer base of Windows servers, and that's not gonna make his numbers.
"PC gaming - gaming for people who like fixing broken crap."
When was the last time you fixed your _hardware_ ?
Let me fix it for you:
"Windows gaming - gaming for people who like fixing broken crap."
That's basically the whole point of a steambox.
Windows 8, really ?
I really hope they'll remove the Windows tax, as the whole point of the Steam boxes is exactly this: remove the middle-man.
I also would really like to know how this kind of boxes performs with Planetary Annihilation. The game is very demanding and it seems 8GB would be a minimum requirement to play with comfort.
Re: NAT has to go, no..
Very interesting post, mate, have an upvote.
It seems to me you're describing a TOR network on IPV6.
It really seems to me this could be the future ...
Re: NAT has to go, yes
"IPv6 is a fucking mess, designed by people who gave absolutely no consideration to security or privacy. People who were unable to see the positive (if unintended) consequences of how IPv4 had been put to use in the real world. There just aren't words suitable for publishing anywhere which can convey my absolute contempt for it."
I'll give you credit for 2 points:
- IPV6 designers gave no consideration for privacy. yes, indeed.
- They didn't give a shit about IPV4 -> V6 transition. yes, indeed, but some people woke up late on this (See RFC 6144)
However, I maintain the argument that it's not the network's responsibility to maintain a barrier between devices because device's developer have been completely careless on security.
If things have degenerated this way (and they have), then the end game must be that:
- device devs have to get their acts in order
- IP V6 has to be deployed
Re: NAT has to go, yes
I agree 100%, NAT has indeed its use for mergers with companies that just ... didn't bother.
This will unfortunately survive IPV4 and will of course be here in IPV6.
I was more speaking of consumer NAT used in every day box/router. Point noted.
NAT has to go, yes
I think, contrary to some, NAT has to go.
The problem is, NAT evolved from a terrible burden due to address exhaustion, to a security measure hiding internal hosts from the internet. This was NOT the intend !
As a result, yes, endpoint security has become freaking terrible, and removing NAT will expose the weak internal hosts.
However, in the grand scheme of things, the end game should really be:
- fully meshed network (all hosts communicated with all hosts of da net)
- security ensured by updated V6 firewalls (I'm sure we have already V6 FW that can stack rules on V6 nets and V6 hosts in the relevant manner, without having as many rules as hosts to be written)
Back on topic, indeed, another thing of V6 is each hosts may have a unique and persistent address. This RFC should address it. Provided each host cannot be uniquely identified by other endpoint problems (browser for example).
Still many years of work ...
Re: Just wondering ...
"I thought that they weren't allowed to store credit card numbers, never mind in plain text?"
Why would they not ? Any regulation ? Not.
So, of course, everyone is doing it, and of course in clear because it's easy. Don't be fooled by the fact you see stars and no number in the portal, it's just a front-end illusion, it's all clear in the DB behind). I've seen only few exceptions around my decade long of online purchase, for services that connect to real banks instead.
Just to name a few:
- Amazon is storing your CC numbers
- Steam as well
- Paypal as well
- 98 % of the french local online purchase sites
That's why you must NEVER put in your real CC number, and rely on special secure payment like E-visa.
Re: It won't be missed
"Whatever happened to them? I mean in the mid 90s they were to techos what sysinternals is today.
Speeddisk. Diskdoctor. Awesome batch file extensions. But now the best advice is to avoid their rubbish."
As usual, dumb corporate politics turning good tools into utter crap.
For those products not totally sabotaged technically (thinking of the ex Veritas suite, Veritas Cluster Suite, VxVM also), they've turned their pricing into such ridiculousness no-one could actually afford them. And this is even before the OS vendors actually and finally come with a solution (HPUX 11iV3 comes to mind, all previous versions being utter balls for storage mgmt ).
"Does anyone have any thoughts \ experience on android anti virus? Best programs etc?"
Yes, friend, and you named it in your post: Avast. Install Avast AV, and while you're at it, they have a backup SW which is not shite, contrary to all the ones I've tried, and also a very nice anti-theft.
I normally install all 3, no perf impact, works well AND detects malwares.
"Had to downgrade my wireless security at home, as the brand new Internet enabled TV I bought for my wife to watch in bed while convalescing only supports WEP!"
Even if it is completely appalling in 2014, I'm not that much astonished. Most consumers products don't give a crap about implementing basic security.
You have my sympathy.
Even Nintendo with their bugged first WiiU firmware failed to have any security working at launch. Not even WEP. Had to go to clear text !
"Basically, just because online content is free doesn’t mean it costs nothing. Mercenary I may be, but when I want to be charitable, I do charity, not business. What I’m sick of is being asked to work for nothing by someone who isn’t. "
Good point and very good article. Good laugh at the start with the blonde, BOFH quality I think ...
Just wanted to say I'm in vacation this week, so do I earn something for reading ?
Just kidding ...
Keep it up, and get paid !
So Long, Naughty pics ...
"It seems Snapchat – which never guaranteed that you could be sure your naughty pics were actually deleted – now operates on a policy of "deletion by default – you keep what you want, and we'll get rid of everything else!""
Maybe it's just my being an old 44 years old chap, but having spent the whole week in vacation with my 15 years old daughter, it never occurred to me she ever considered the service to *guarantee* your pics would be deleted.
She knows plain well the pics are gonna be binned *unless* you're screenshoting ...
Therefore, so long with the apparently long fantasied for "naughty pics".
Sorry El Reg :-)
Got caught recently in the Frankfurt security staff strike (http://www.reuters.com/article/2014/02/21/us-germany-airport-idUSBREA1K0XS20140221).
As I was in transit, contrary to the lucky others, I _had_ to go through.
This was 4 hours of waiting, pushing, being pushed, all while sweating to death.
The best part was not I arrived home with 8 hours delay over a normally 10 hours trip.
The best part was the completely insane cop who almost started a riot by relocating the back of a huge queue of people competing for a _single_ open security door, next to the front of the same queue, for the same f***ing door !
See, there was not really a queue, just a front, 30 people large for the same door, all pushing, that became a front 60 people large, with half of them "cheating" the queue.
Tons of insults, in german, to the insane copper, and some agressivity between the 2 fronts.
I think I still have the meaningless answer of the head of frankfurt airport after my complain.
Frankfurt = insecure airport. Don't go there.
Thank you for purchasing Windows 8.
We are sure you appreciated all of its features.
We want to assure you we took a lot of pleasure to screw you. We are looking forward for your forced purchase of our incoming product, Windows 9, due next year.
Re: I don't get it..
"> why expect a length parameter at all ? That is metadata that can be calculated quite trivially.
How? A socket connection is just a stream of octets, there are no record delimiters (except as provided by your own protocol).
And then you need to detect with partial data (eg. interruption on the network)."
A long time ago, XDR solved those problems. It just needs to be used.
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Infosec geniuses hack a Canon PRINTER and install DOOM
- Game Theory Half a BILLION in the making: Bungie's Destiny reviewed
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland