Re: Act of Allah
The " should still be under warranty" part is also very funny.
Which company covers gunfire under warranty ?
500 posts • joined 31 Jul 2006
The " should still be under warranty" part is also very funny.
Which company covers gunfire under warranty ?
"Microsoft has announced that the free all-you-can-eat Windows 10 upgrade buffet will close forever on July 29, and that after that you'll have to pay for all the fun of its latest operating system."
So, now the malware vector has been quite effective (300 millions), we're now to see the payload this summer.
/get pop-corn ...
"OS/X? Like Apple never jerked anyone around?"
This is something I never figured out, using OS X for now 6 years.
Where exactly has Apple screwed their customers ? Yes, they sell HW+SW in a single package, and it's a closed eco-system. And yes, it's 2X more expensive than a HW malware-riddled Lenovo laptop.
But other than this, where have they mis-behaved ? I wish someone explains this mystery to me.
is it dramatically weakens the ones of security aware people, and also weakens the ones of complete utter tools:
- security aware people will have a complete random string, special chars, numbers, upper and lower case, no dictionnary word etc .... Forcing them to change it periodically will just make them force a common prefix and an incremental number after it, like in PASS01, PASS02, etc ... All of those with a very strong PASS. This is adding 0 security to those users and in fact decreases it, due to common prefix ... Retarded.
- tools will generally try any dictionnary word they know + any number and largely write it down in order to retain it. Very low security, and largely lower security than if you allowed them their first/last girlfriend/boyfriend name. Retarded.
All of this because of the argument of someone could have spotted the password above their shoulder, which rarely happens.
I've always found those policies very detrimental to security. And this multiplies with big corporations having multiple ID systems and varying pass change period.
Again, at the end, you end up putting them all in Excel.
"Was told by a German colleague that the nasty little critters also chew through brake pipes of your car in the time it takes you to get your shopping. Had actually seen one sneak under a car and emerge shortly afterwards (presumably laughing evilly to itself)."
This actually happens, with mice, and other critters, but only with car manufactured by utter morons that think it is a jolly good idea to have cable trays and other parts of the car, made out of cereals.
What can possibly go wrong ?
"Sounds like the first manager was a good one - alert to an issue and back peddling with good grace when shown that everything was OK."
Yeah, and one that I never encoutered in 20 years ! Good luck to Logan and his mate.
"Adobe said that the long-term goal was to make all of its software just use native code ..."
About f***ing time ! Why did they ever think it was a good idea otherwise ?
"he Mormon state had the highest proportion of grumble-flick subscribers in America"
"See what religion will do to you? Must think about creating one of my own, possibly with a pasta theme?"
It would be better to try to pass a bill in Utah to forbid the Mormon religion alltogether, to me.
"Remove the malware called Flash from your PCs and you are immune to the malware that uses Flash."
Problem is: many, far too many web sites require Flash as I'm writing this.
Removing Flash as I've done many moons ago means you're basically out of those sites.
That's ok, for me (IGN, man, why, fucking why ????), but could be more problematic for others ....
Thankfully, youtube made the wise move, months ago.
"Is there an English version of your post, split into sentences and making sense?"
And, shall I add, with punctuation enabled ?
Like, you know, "Shall we eat Grandma ?" versus "Shall we eat, Grandma ?".
Punctuation saves life.
"Blizzard closed the popular nostralius server for warcraft; basically it's a private server that runs the vanilla version of wow (or did) because Blizzard allowed private servers. Well they had over 20k people playing on there and bliss didn't like it . Could be this I reckon"
Of all the current theories, that's the most plausible. And even this one is a bit off, as those folks blatantly violated Blizzard's T&C.
Either that or they wanted to conceal something else, as the researcher pointed out.
Seriously, if you're an upset gamer, then f***ing DDOS EA for their toxic consumer practises, not Blizzard !
"If people adopted more modern methods of transacting cash (not specifically bitcoin, but anything that isnt a mag strip / number line / 4 digit pin protected plastic target there would be considerably less theft of this nature.
Credit cards and debit cards...now theres a cause of the problem. Anything that requires you to hand over more info than is necessary is a criminal construct in and of itself."
Totally agree. Every single person I know buys online with their real VISA number, which, in average, will only expire in 3 years ! Then, they're surprised at suspect activities on their account ...
And 100% reliable online paiements have been available for decades, like e-cards, that expire the next month, and only work for a given amount of money.
Oh, and the article could also mention, in the cybercriminal category, companies like sneaky bugger Amazon, who tried to charge 49 E on my account to renew, without asking or notification, my premium subscription. For weeks, I noticed one of my active cards was refusing this 49 E charge as it was exhausted on another transaction. Then, 4 weeks after, I received the only email on this matter: Amazon informed me premium was disabled, which was all good and well since I never wanted to renew.
"Seriously, I have the impression that I've been reading more or less the same patch notes since Y2K. A "remote execution vulnerability" in IE and Edge, wow, what a surprise. The exact same wording in two different patches on the same day for both Microsoft browsers - thank goodness Edge does not support ActiveX, I might have been made to think that Edge is just a rebadge of IE.
It's nice that MS is patching obviously, but it would be nicer if I didn't have the impression that, whatever the version, they're always patching the same issues from last decade."
I'm thankfull I'm apparently not the only one feeling this !
Apparently, this time, it's only IE 9,10,11 & 12 (Edge). Most of the other weeks, it's IE 6-12, like if, IE 12 code was IE 6 minus AcriveX ...
"Microsoft will disable Flash ads by default in new versions of its Edge browser."
Geez, MS in 2016 disabling ads because of Flash ... The situation of Flash seems largely beyond fixable !
"Mrs. Doyle: "Father Crilly, Pat wants to know if he can put his massive tool in my box.""
Was about to make the same comment. This Father Ted scene was awesome. The dude's wrench was absolutely massive. I don't think I've seen anything like this before.
Meantime, his son doesn't seem any better:
"Staffers told the home-town San Diego Union Tribune that Hunter's son had mistakenly borrowed the credit card to make a charge on the Steam service, and that subsequent payments were the result of "unauthorized" charges that Hunter has challenged in hopes of having reversed."
As a Steam user, I cannot even imagine spending 1.3 kUSD in Steam, in a 5 years period. AAA games are 50 $ at launch and so many promotion can you good games under 20 $ !
On the subject of filters, I recently stumbled across this company, which apparently does only dust filters for computers:
I've ordered 2 for my gaming machine, and they're absolutely top-notch ! Only problem is they ship from South-Africa which cost arms and legs.
Maybe for the sake of completeness, you may add certs can optionnally also be used to authenticate client users.
I know, almost nobody has ever used it, the only web site I've seen use it was the french online tax declaration web site, 10 years ago. But they removed it 3-4 years ago, probably because no-one was able to install a client cert on their browser :-)
"It’s like a car designer creating a feature that ejects all the wheels for maintenance, and then installing the button directly next to the on-off switch for the radio. Or designing a jet liner cockpit to include a big red button helpfully labelled Do Not Press – that’ll keep the Father Dougals away, won’t it?"
Ah ah ! Brilliant.
This actually reminded me of the day I discovered my Dell W7 work laptop had a keys combination, which would rotate the desktop by 90 degrees. This was when my cat triggered it by walking on the keyboard. Of course I never recorded the combination, and it took me a good 20 mins to recover the situation, since the darn rotation was persistent across reboots !
There are probably only 2 W7 users across the planet that have needed this a couple of times, yet someone thought it would a good idea to have a shortcut ! Mad.
"I'm not seeing it, and where are the facts to back up the claims in the article?"
Well, I certainly see it when I come to my farmer neighbour to troubleshoot his laptop, do the routine inoculation of "remember, I don't do W8 or W10, in case you buy a new laptop" and the other person, his provider in various farmer's good, exclaims "Ah, yes, I've heard W10 is awfull".
Neither of them have been in those column (or speak any english by the way), yet, they've heard of this. That is reputation: you know it's bad, even if you can't exactly say why.
MS, as this articile says, need really to do something. Word is spreading fast ...
"iPhone, Macbook, iPad & Work Desktop and sometimes a Home PC. Its not really that excessive. Its more a case of they don't make it easy to log out completely."
Yes, and add my 2015 model of Samsung TV which had skype, which I've been happy to use, on the previous model. Now, it's telling me Skype will no longer work ! Also add Android. That multiplatform aspect was really a neat functionality.
Now, that's all Windows 10 exclusive, which I really think is totally retarded. They really lost the plot at Redmond. Skype on multiple platforms was a good thing tm.
Restricting Skype to UWP is gonna kill this app.
"Lastly, was there EVER a good reason to embed macro functionality into documents ? I've been doing IT for 25+ years, and I have yet to see one . . ."
Well, you have a point. I can quite see why one may need macros in an complex XLS sheet, but Word and PPoint, seriously ? Why in $DEITY's name ?
"Microsoft Edge twice"
While Flash being hacked doesn't come as a surprise to anyone, as it's complete rubbish, Edge seems a bit of a surprise. Is it not meant to be the secure web browser IE never was ? I guess MS didn't get it right this time either, which is largely confirmed by every IE 5 to 11/Edge patches I see coming every week.
Yes, I have, despite every single idiot in this world and there are many, particularly in big corporations (Lenovo, Microsoft, many others, including some I've worked for).
For there are people ready to put their employment contract in the balance, in order to do what is right, for them, their employer, and their customers.
There's still hope.
I don't use Wine, but for Linux native games, I'm playing Borderlands 2, Wastelands 2 and XCOM 2.
"Those who require Windows are essentially screwed; enjoy the ride."
Yep, that's what I'm telling victims coming to me for support, equipped with W8 or W10.
"Recipients are further told by the hackers to disable or turn off their antivirus or firewall. If there are problems, the instructions continue, add the malware file to the exceptions list and try again. Or, you can temporarily turn off your anti-virus or firewall until the file has been downloaded, punters are advised."
Some people don't even require being explain this.
I only realised one of my friend's scary illiteracy with PC after upgrading it from W8 to W7, just to hear, 10 days after re-installation, that he downloaded a freeware from one of the usual malware fest (clubic, 01net etc ...), opening it, see some weird warning from the AV I'd installed, and ... promptly de-installing the AV in order to run the exe.
He was never able to boot, past that. Bang, second re-install + 2 hours of explaining a thing or too :-)
"I certainly hope so, because that would get Microsoft in all sorts of new problems due to a rather obvious conflict of interest."
Well, to be franck, in many countries, conflict of interest is not illegal, it's only bad for morality, which we've all concluded on, now.
Conflict of interest actually excellent for the revenue and profits line, like I'm reading every day in the press.
"It appears that there's a trend setting into the Updates. They're now burying their wares in non-system updates. It makes one wonder when they'll start fragmenting it and putting bits and pieces into Security Updates until the Beast is fully assembled on the sly. You'll think you've got it turned off, firewalled, locked down and wake up some morning to Win10 on your PC and there will be no smoking gun, no footprints, nothing to tell you how it got there."
I was thinking exactly the same: put 25% of the nagware in every update. I'd bet good money they'll be going this way very soon.
"They've carefully weaseled about how the new OS is to be paid for. By subscription? By ads? By selling your particulars to the highest bidders (more ads, of course)?"
I'd say subscription is on the way, by way of an update, which will mandate a Visa card be put on Windows, for it to boot. We'll see this summer in my opinion.
There'll certainly be ads as well, and of course anti-ads, plus some "specials" like proto-ransomware.
Oh yes, and paid security updates !
"The organisation learned of the hole when some of its volunteers started receiving emails offering them jobs. Those offers were sent by “a technical recruiting firm in Singapore” and volunteers wondered how the company had found their addresses."
In this case, not only have the emails been "exposed", they were also leaked. A bit more serious, then.
"One small upside is that the organisation says it doesn't store email addresses for kids under 13, the target market for the Hour of Code. So there's nothing there for hackers or recruiters to find."
How is that possible at all ? I registered to this service not long ago, and I absolutely were not presented with filling up my date of birth.
"Surely everyone uninstalls all the dubious vendor software "tools" & assorted crud that comes preinstalled on a PC anyway?"
Joe User is not doing that ever ... A high percentage of users I support are not even aware you can launch applications without an icon of app/document being on the desktop.
"Ballmer is also reported to have described the threat posed to Windows as having already passed. Reportedly speaking at a dinner event this week, Ballmer described the threat to Windows from Linux as now “in the rearview mirror”."
Yes, Pal, and I can really thank you for that, you've made it happen, baby !
First, the retarded UI and decisions for W8: make sure no-one else than MS could sell anything on W8. Great ! Gabe Newell lost the plot on this (http://www.neowin.net/news/valves-gabe-newell-calls-windows-8-this-giant-sadness), which gave birth to SteamOS, at a time where Linux gaming was a myth, and last month, Vulkan.
Now, we're in 2016, there are already some AAA games on SteamOS (XCOM 2, Borderlands 2, Talos Principle), and probably every single games being developped now is gonna be cross-platform !
And since games have been the only reason to have Windows in the first place, for personnal users, office tools being available for years on Linux, the only reason to keep Windows is now being eliminated.
So, yes, it's in the mirror, but 2 years onwards, it will have overtaken.
"The one who must have had a 50 a day habit. When they weren't out having a fag, they were in smelling like they had quite literally been smoke-cured. His clothing and skin had the properties of a pub ceiling in the 1970s; 20 coats of nicotine and tar that repealed water."
That reminds me of a certain closed office, where I was trying to stick labels on a PC, for asset management.
Turned out I couldn't: bloke was smoking like a complete madman, and the PC was literally yellow due to the amount of nicotin on the case ! Probably licking it would have killed me ! I washed my hands toroughly after this office :-)
It allows Mame get out of its previously fuzzy licence status.
It was needed, as many companies are now selling old games (Nintendo, Sony) again, and therefore, Mame was open for subponea.
Sorry for the loss of you feline companion. I have 3, here, and will certainly be devastated any time one of them goes ... My full condolences, here.
"You don't get points for ruining the UI in an attempt to remind people you exist. We just hate you a little more for wasting all our time on that crap."
I take it as an Microsoft grief, and I fully agree. I REALLY hate the whole "UI change" caused by just pretending a company exists ...
"What's important to remember is that computers don't matter. They are tools and nothing more. The software that runs on them, the hardware that comprises them ... it doesn't matter. It does the job or it doesn't. If it does the job at a price you can afford, great. That's really all you need to know and you can stop right there and get on with things.
If the computer or the software or the cloud or the service or the whatever doesn't do what you need it to do, doesn't do it easily enough, or doesn't do it for a price you can afford, then just walk away. Don't obsess over it. Don't "engage" with the vendor in an endless round of what-ifs, lies and broken promises."
I can't praise more this sort of thinking. It does your thing: OK, keep it. It doesn't do your thing: dump it.
For no obvious reason, very few people seem to follow this way of thinking, hence the slavery for Windows 10 ...
"I say nuke it from orbit."
Well, that's not so simple, even if World+Dog would agree it is desirable.
Basically, most of openssll's insanity (every single function is public) can have stuck to everything using it, so changing this with a clean API can and certainly will break a lot of thing.
It's well explained here: http://www.openbsd.org/papers/bsdcan14-libressl/ as the reason why the folks at openbsd decided on a fork.
"The failure in the SSL code is not the use of the code, but rather that it is blandly written with no apparent consistency with the rest of the source. Just a one time use of an idiom. That suggests almost zero care, and is deeply worrying as a pointer to the quality of the rest of the code."
I don't think this is the only problem with openssl.
As has been pointed out in http://www.openbsd.org/papers/bsdcan14-libressl/, by Bob Beck, a lot has to do with:
- every single function of the API is public. Crazy design if you want my opinion.
- the API assumes the OS provides nothing, no randomness, no calloc(), nothing, then goes on doing everything in a terrible way, all of this to be compatible with platforms long gone and forgotten
"And this is why you don't do it. The most important job source code has is to inform other programmers of your intent."
Amen to that. Best thing I've read in a while. Pity upvotes can't be multiplied. You have one anyway.
"PS I'm in the gotos are bad camp. Does it show?"
I've always been taught gotos are fundamentally wrong, and out of 5 years of C programming, I can't recall using a single one.
Functions are the way to organise program flow in C, and if you feel you need to goto, that just means you got your functions flow wrong and need to try again.
Openssl is a typical example of complete kludge code, with no organised program flow. It's just hacked, works by sheer luck, out of try and fail, and certainly not because anyone devised a clear program flow through C code.
... is how the militia guys (can't call them another way) are fucking off, once Police comes, without the slightest courage to confront the photographer vs. the Police. They even didn't discuss the case with Police !
Clearly, they know they're a bloody militia, without any stand against the law.
Freaking vermin, and bloody clueless too, since they allowed their ugly faces in youtube !
I'm gonna skip on the Windows 10 opinion, so much of it having been written.
But, I'm really asking myself why MS spent even a 2 liners' effort for W10 on PI3 ...
The PI being essentially an enthusiast only system (your grandpa, grandma, old grandaunt or whatever captive user that never envisaged others OSes than Windows were even possible in all Universes, is never gonna buy a PI), why is MS even bothering with W10 ?
I can only see 2 reasons: beyond speakable despair to get coverage, or the need to add one more slide to pointy-haired bosses pres about W10.
"Sometimes, twat tax MUST be added.."
Twat tax. Nice term I'm gonna use in the future. Upvote incoming.
"You could also have RCBOs, ELCBs, MCCBs etc in that equation as well."
Or you could have GEJKKD, or TDQX, or even mighty LKSPZ. But beware of GJQPAE ...
Really, why ?
Long after kingdom has come and all cows have returned home, will there be terrible bugs in this, affecting any platform, due to a memory allocator compatible with Win16, MPE 6, VMS 2 and probably ENIAC as well.
It needs to die, really, and be forgotten.
"The sales of printers fell even further than that of PCs in percentage terms. Are Linux, etc., users not buying printers either?
Or are people buying other brands of printers, just not HP printers, perhaps? I don't know... it's a question, not a comment."
They do, but not at the rate HP is expected. HP, for years, has devised, every time Windows N+1 comes, it's a box sale per user. This used to have some merit, because every single pre-10 version of Windows would necessitate amounts of ressources no previous HW could have.
Now, due to MS vision of Windows for phone, and also because MS decided to push 10 down everyone's throat, in order to monetize their data, this has changed and 10 runs on HW 7 or 8 are on.
Also, it seems HP has extended this reasoning to printers, which also had some merit, since those fuckwits had always made dead sure drivers of all their previous products wouldn't be available for N+1. Therefore, with N+1 came a new printer.
But the problem for this is other printers vendors are less retarded and think long term. For example, Canon still does drivers/utilities for OS X El Capitan for their products from last decade. example: utilities for my venerable MP600, which passed away last summer after 10 years of perfect service.
Guess which brand I chose for replacement ?
"If they need the info that bad then they should just rip out the SSD and brute force it. It's common for hard disks to be examined in this way so why does this need to be anything different"
Brute-forcing AES256: 2^255 iterations in average (assuming half of the total space will give the key).
Assuming 1ns time for one iteration (very very optimistic), that's more than 10^64 * 10^-9 s, therefore 10^55 s. One billion years being around 1/3 * 10 ^ 17s, you're looking at 3 * 10^38 billion years !
And if you have 1 billion CPUs, that only cut it to a lot longer than the univese will exist.
Good luck, here !
"... but even Switzerland had to become more transparent because its secret banking system was overused by criminals without enough controls."
Totally incorrect. The ONLY reason Switzerland had to relax bank transparency rules is taxes evasion, against which some european countries were mad at. France most notably.
For crimes, never had european judges any difficulties to access bank accounts.
"Because switching to say Android eliminated malware entirely. Oh, wait - I just got rooted by an SMS."
Well, at least with Android, malware comes as accidents. So there are mitigations.
With Windows, nowadays it comes, part of the operating system, therefore, there is REALLY no escape.
I'm sorry, but I really don't know how to protect users from the kernel booting up from their drive !
"It doesn't matter what Microsoft thinks. If intel, AMD and Nvidia all support it in their drivers, then it doesn't matter if Microsoft officially wants to support it. They already did it back when OpenGL wasn't what Microsoft wanted, and they are doing it now with Vulcan."
Exactly. Nvidia and AMD (also Intel) are running the show as far as 3D APIs and silicon go.
Since they've been able to assemble at Khronos, it means, to me, the API is gonna be the natural choice, onwards.
"You might get games and other graphical programs that can better utilise your graphics hardware without getting bottlenecked by the CPU."
Yep, and you'll progressively be able, if you're a gamer, to get rid of the shite from Redmond entirely, as game devs will have the choice for their 3D API: DX11/12 from MS (plus the whole malware stuff) or something that works on OS X/Linux/Windows. I think I know what many will choose.
Really the best news of the year !