* Posts by John

41 publicly visible posts • joined 31 Jan 2008

Spy boss damns government's culture of fear

John
Go

Let's talk shop

Good principles should translate into good practices - starting with Jacqui Smith.

Jacqui Smith is a clear and present danger to civil liberties and the British way of life; which she has done everything to erode and nothing to protect; so the most patriotic act she can do is to resign.

House key copied from photo

John
Paris Hilton

5" telephoto

That's seriously expensive, and not at all stealthy. Cheaper to kosh me and use putty to copy my key.

I prefer the keyless pizza entry system - deliver pizza, door opens.

Paris because she has nowhere to put her keys.

I'm very sorry, says gay health warning clergyman

John
Alien

Tats for the religious too?

Fine, I am A-OK with these kind of warnings, but we must be fair about it.

WARNING - RELIGION KILLS

WARNING - RELGION PROMOTES HATRED FEAR AND MURDER

So much for 'love they neighbour'.

Honestly I wouldn't mind the religious if they just weren't so god-damn annoying. Why don't they either grow a brain (c.f. critical thinking), or grow up (c.f. gods are invisible friends for grown ups).

It's bizarre that here in the 21st century bronze aged woo woo is still with us, arguably the proof that there is Extra Terrestrial Intelligence elsewhere in the cosmos is that they have NOT tried to contact us.

I wonder if some woo woo loving editor at el-Reg censors this?

'I can see dinosaurs from my back porch'

John
Stop

Teach both?

No. Fact and fallacy do not have equal weight. Teach the FACT of evolution through natural selection and the FACT of Geological processes in science. Teach the FICTION of creationsim in ... oh say ...Religious studies.

Note - Religious studies should be the study of religions, not indoctrination regarding <insert your preferred deity or deities here>.

Royal Society says goodbye to creationism row vicar

John
Stop

Easy answer.

If the question is off topic, or a departure from the curriculum then you don't answer it.

Under the age of 18 kids are learning to pass the exam, they're free to believe whatever the hell they like, but if they don't answer the question as per the curriculum then they will fail. End of.

Vehicle spy-cam data to be held for five years

John
Alert

So it's wholesale surveillance then.

I am not afraid of terrorists.

I am not afraid of paedophiles.

I am vaguely concerned about being hit by an uninsured driver, but not at any price.

I am afraid of those who trade my freedoms for their control; presenting it with moral justification is a sleezy marketing tactic worthy of the Taliban.

Must we wait to vote to vote these bozo's out, can't we just throw them out?

Can CDP render backup redundant?

John
Paris Hilton

An even dumber question...

I'll see your dumb question and raise it

"can you prove it?"

I remain skeptical but am open to evidence.

Paris because she's a mush-for-brain.

Google to ‘anonymize’ user IPs after 9 months

John
Stop

Obvious loophole ...

So if they give a 'feed' to <insert government agency of choice> within the 9 month period then the very people we should be wary of the most will have one thing I would rather they didn't.

And yes I am far more worried about gov't agencies than terrorists or paedophiles.

The former are are ubiquitous and armed with sweeping powers, the latter are rarer than rocking horse shit, and I've never seen one.

So perhaps I'm hiding something illegal? No I don't think so, but do you know every single law and offence both home and abroad? I certainly don't. What they don't know won't hurt me, and I don't need to fret about the details.

Oh and if you think 'common sense' will prevail, then you're not living in the UK mate. Anti-terrorism legislation is being used to harass dog owners.

Government kids database under fire, again

John
Stop

Oh when oh when oh when??

Ok that's it, enough.

Really.

I can't take anymore of this so-called government.

When will Gordon the Moron throw in the towel and give the electorate the chance to vote those bozos out!

Google remodels top secret money machine

John
Coat

User habits

I use Google primarily for search. A search returns links which I follow, and adverts which I don't (or if I do it's so extremely rare I don't even remember).

Isn't this the norm?

I know spammers can find a profit in only 50 responses to 9 billion spam in a single campaign, maybe the advertising financial model is also based on small crumbs?

Google releases open source browser

John
Stop

What about firefox?

Google are the financial backers behind Mozilla Firefox (via the inclusion of the Google search) so if we assume this gives them a controlling interest in that project, why the diversification in the portfolio?

UK spooks forced to hand Gitmo files to suspect's lawyers

John
Stop

Oh ffs

"A British spook from the Security Service (aka MI5, or SyS* as they seem nowadays to prefer to be known)"

Doubtful. MI5's remit is largely within the UK whereas MI6 is largely external and a.k.a. "Secret Intelligence Service" or "SIS". Be mindful that a trivial errors can undermine an entire argument, even if (big if) your major premise is correct.

This was a large monologue, and a bit of a walk about. Please consider including a pithy executive summary at the start, just one paragraph.

Fart-lighting youth in petrol can mishap

John
Joke

Arson

Say it out loud. Repeat until you get it.

yes yes - have coat will walk.

Wünderbra! German policewomen take 'Action Brassiere'

John
Go

And in winter...

..they'll make protective ear muffs too.

McAfee: Why we blacklisted SANS

John
Paris Hilton

Guilt by association?!

...is ok if there's causation or intent; otherwise it's dumb (Nate's hypothesis).

Greater transparency is needed from McAfee becuase their repsonse raises more questions than it answers.

So El Reg, don't let them off the hook, poke them again!

Paris because she'll poke anything....

English Channel defeats one-armed Frenchman

John
Coat

Round and round...

With only one arm, doesn't he swim in circles?

Yes yes, I'll get my coat...

UK data watchdog gives Google spycar fleet the greenlight

John
Stop

What about the originals?

What about the original unblurry data:

Where will it be stored?

How will be be handled?

By whom?

Backed up?

Retention period?

If outside of the EEA then what about safe-harbour?

What about Subject Access Requests?

How exactly does the complaint process work - must I provide photo proof and address that it's me? What happens to THAT data....

Was the ICO asleep on the job or what?

Oz man cracks one off while speeding in drug-packed car

John
Paris Hilton

What about the soundtrack?

Sex - check

Drugs - check

Rock & Roll - ?

Paris because

Sex - check ....

Security shocker: 75% of US bank websites have flaws

John
Stop

@ Some problems are solved..

Biometrics?! You must be kidding me.

Let's suppose that you have a perfect biometric system (never going to happen) the best result you can hope for is a change in the threat model.

Instead of stealing credentials for 'ID theft' they'll steal your finger, or hands, or your entire body for disposal after they've used it.

It gets worse, becuase this opens up other criminal revenue generating opportunities, maybe your kidney would be worth something on the open market, or corneas, or blood? [ed note - not me I'm a blind alcoholic, with universal recipient blood type]

So 'HELLO!' biometrics for pretty much anything are hopless, and once compromised unchangeable.

Stupid is as stupid does.

Brown pledges annual commons debate on surveillance

John
Stop

Brown = pillock

"Brown said that citizens were not alarmed by the government's demands for biometric data, saying this was proved by the fact that “many people now have laptops activated by finger-scans.”"

I am not alarmed that my laptop knows my fingerprint.

I might be alarmed if a thief stole my laptop...and my finger.

I would be alarmed if the Government knew my fingerprint.

I would be very alarmed if government officials left the details in the back of a cab, or on a train, or on a CD somewhere.

I would be extremely alarmed if someone with a candle and gummi bear started manufacturing my finger print overlay and selling them on ebay.

Mr Brown is a pillock without mandate from the electorate to govern, and the first chance we get, he will get the boot.

Dog collared with Cat-5 cable

John
Coat

Driver not found?

I just tried installing the dog in my car ...

yeah yeah, I'll get my coat...

Boffins: Roadrunner hypercomputer could drive a car

John
Paris Hilton

Don't loose your heads!

'Decapetaflop': (n) a malfunctioning guillotine.

My intelligence is worth at least a hundred sugar mice, but yours not so much.

Paris because it's Friday.

Breach disclosure laws have 'no effect' on identity theft

John
Stop

Duh that's because the laws aren't supposed to!

"There doesn't seem to be any evidence that the laws actually reduce identity theft"

Well it's a logical fallacy, namely absence of evidence is not evidence of absence (of efficacy), however let's assume they're correct ...

The breach disclosure laws were designed to promote two objectives

1) Tactical - Alert potential victims to be on their guard, more than usual.

2) Operational - Threaten the branding of a company to encourage them (and others) to invest in prevention solutions.

Arguably a reduction in ID theft could be considered strategic objective, but the enemy is not static and will adapt.

'Untraceable' phone fraudsters eye your credit card

John
Alert

If you're going out of town...

If you're travelling abroad, then call your card providers in advance. They will put a note on your account which ought to mean they don't auto-stop your cards on sighting 'suspicious transactions' from half a world away.

It'll save you a painful call to the bank where they ask questions WAY off the list

"what is the road next to the road you live?"

"where do you buy your groceries"

"what utilities do you pay with your card" (trick question - answer was none)

This courtesy of Morgan Stanley. I was a bit peeved at first, but fair enough in hindsight, which is now your foresight.

Happy travels!

McAfee 'Hacker Safe' cert sheds more cred

John

Cross purposes

I think there’s a cross-purpose (pun!) going on.

XSS can not attack a site, but rather can be leveraged to attack the user of a site. So really “Hacker Safe” is a company saying “We’re ok, but user beware”.

Of course the user does not know this.

Caveat Emptor, as true for the Romans as for us today.

Cloud computing hysteria paralyzed by bolt of reality

John
Paris Hilton

False dichotomy

It's not a question of 'Cloud yes or no', but rather 'yes' for those things which lend themselves well to cloudification (new word?) and 'no' to those that don't.

trivial examples.

Email filtering - yes

Corporate web filtering - yes

Printing - no, duh!

Paris because she lives on Cloud 9.

'Space gemstone' meteorite crashes at auction

John
Alien

Life Lessons

I own a coprolite sample and an pallasite sample, both bought for under 100USD.

The coprolite reminds me that shit happens, and has been happening for millions of years.

The fragment of pallasite reminds me that shit happens, and has been happening for billions of years.

Anyway they rock!

(yes yes... I'll get my coat)

PS If you're a young-earth creationsit theist - then fuck you you dumb shit, have a nice day. :)

Dogs reduce allergies in kids

John
Paris Hilton

@By Lars

So you want to sleep with a horse?

That might sting a little.

Paris because she would, if she could, the naughty little minx.

SanDisk warns that unsecured flash drives are coming to get you

John
Stop

It's worse than that... jim

I'd did a forensic recovery on one of my USB keys. I could recover file names going back 3 years, and file fragments going back 2 years, and recover just about anything from the past year.

Don't take my word for it:

Rich people try it for yourselves with Encase, poor people try it with The Penguin Sleuth Kit.

Gone...but not forgotten.

UK.biz flunks app security tests

John
Unhappy

Oh that's just bloody great that is

Given that Modern web servers are stuffed full of complicated applications, running multiple languages and interpreters all teetering on top complex OSes, in multi-tier architectures with multiple dependencies on remote services.

Who the feck (can we say fuck here?) can ever be sure of the configuration when any given combination is unique?! No, really, cmon don't bullpoop (can we say shit here?) me with your armchair design reviews and risk matrix. hummm?

Who the $expletive dare patch for fear of bringing the entire $expletive house of cards to the ground, and the business to it's knees? Go on brave little disposible techie, I dare ya!

But hey, it's all good :)

Spam filtering services throttle Gmail to fight spammers

John
Paris Hilton

@James Pickett AND @faces

"As for CAPTCHAS, has anyone tried using faces?"

At last, Paris can have a purpose.

Courts slam Blair's 'abject surrender' to Saudi prince

John
Pirate

@ arms trade

In a couple hundred years the arms trade will be viewed like we view the slave trade today.

But until then consider corruption par for that course and go about your business.

John
Thumb Up

@Steve

'I'll be making myself party leader [of None Of the Above Party]'

Count me in.

I'll be treasurer.

Coming up: the fingerprint-grabbing keylogger

John
Boffin

@MrMan Above

"People need to realise that Biometrics are not suitable for AUTHENTICATION or AUTHORISATION, they are suitable to some point for IDENTIFICATION but the access control should not be based solely on them."

Wrong.

Biometrics are near hopeless for IDENTIFICATION, which relies on the system searching a database of everything for a match, especially if the biometrics on record were not taken with consistent quality and attributes.

Biometrics are suitable for AUTHENTICATION only when compared against a known good reference data obtained previously, and associated with a given ID.

AUTHORISATION is a system decision following correct IDENTIFICATION & AUTHENTICATION, nothing what so ever with the biometric or the reader.

"The biggest issue with biometrics is that of revoking them if they get stolen..."

Correct.

How an app called WarmTouch nailed a grenade-stockpiling cyber extortionist

John
Stop

Bollocks! Anyone for a cup of tea?

This anecdote might support the testable hypothesis that terrorist profiling is valid.

Except it doesn't because terrorist profiling is woowoo.

1. Terrorism is like porn, you know it when you see it, but otherwise defies an incontroveritible definition. See art vs. porn, freedom fighter vs evil doer.

2. Terrorists form a tiny fraction of any population (even in Iraq) so any detection system will need an % accuracy to 5 decimal places (yes folks that's 99.99999%). See 'base-rate fallacy'.

3. Developed by people who believe Freud had something worthwhile to say. See 'ad-hominem', but I couldn't resist.

Your daily horoscope is probably more effective, or divination through tea-leaves. Hey, now there's a testable hypothesis, so I shall leave the reader to ponder the following:

Q. Which has the greater efficacy Warmtouch or Warmtea?

Choccy biccy anyone?

Apple lags MS in security response

John
Jobs Horns

Smell the Coffee Mr Jobs!

I love my Mac. But it should be obvious to Mr Jobs that the key selling points of the mac ease-of-use and productivity suites (in my case being iWorks, iLife, & Aperture) will be fundamentaly undermined WHEN that productivity is stolen, corrupted, or otherwise held hostage by hackers spawning malware.

Steve Jobs, if you want to send me and others back to Linux or worse (oh dear god) Windows, then keep going as you are, don't change a thing.

MoD loses 11,000 ID cards

John
Go

RE: SA80

"Unless they had an SA80 pointed in my direction in which case I don't think the ID would make one bit of difference as I hand over my ID _very slowly with no sudden movements and with my hands visible at all times_."

Unless it was raining, or freezing cold, or very sandy. In which case I'll take my chances and tell them to get stuffed.

The slight caveat is that it's the second round that jams, not the first.

UK government data protection is a shambles

John
Stop

Documentation to save the day? Whoohoo!

Not likely, the main cast and crew are people, processes and technology. A documented policy is a supporting role at best.

Underground tools foil generic virus detection

John
Paris Hilton

Re: Amanfrommars

That's no man, and it's not from mars either.

Paris for the same reason.

Human rights group pleads for condemned Saudi 'witch'

John
Stop

Woowoo I don't think so....

I know for a fact that she is innocent.

How can I be so sure?

No evidence exists that witchcraft can be used to cause impotence or have any other effect for that matter, indeed there is no evidence that witchcraft and other woowoo has any basis in fact.

Indeed there is a 1 million dollar (US) prize awaiting the first person who can.

Incidentally a similar argument could be made for Islam for their love of the sky god.

Sociologists: Studying engineering turns you into a terrorist

John
Stop

Profiling

Oh that's just perfect, really looking forward to this attribute being added to radical profiling.

So, in future if anyone asks you "what are you?" reply "I am a sociologist"

then add ... "can you spare me some change?"