* Posts by Destroy All Monsters

13701 posts • joined 3 Jun 2008

Ten years after the Samy worm its discoverer's voice is lost in the din

Destroy All Monsters
Silver badge
Gimp

"Defence comes back to proper output encoding, and input validation."

Amen brother and"; DELETE FROM TABLE COMMENTS WHERE USER LIKE '%'

3
0

Kaspersky: Freemasons coded fake malware in the Bermuda Triangle

Destroy All Monsters
Silver badge
Alien

Re: Pure click-bait...I'm disgusted.

What did you expect? If you read between the lines and divide by the frequency of Foucault's Pendulum you will find that the Freemasons didn't ACTUALLY code fake malware in the Bermuda Triangle (because they are masons, not coders) but instead got them from relics found in a Mayan temple left by ancient astronauts, the location of which is shopped out on Google Maps.

We will now tune back to the discussion of several planes of Malaysian Airlines victims of P.U.T.I.N. and/or the hegemonistic faction of Reticulans.

6
0

China shutters 50 websites for spreading explosion 'rumours'

Destroy All Monsters
Silver badge
Trollface

Woah. Thank $DEITY for $REDACTED Freedom of the Press

Most of the media would have been dragged away, yipee-ka-yay style, over Fukushima...

2
2

I've seen Kaspersky slap his staff with a walrus penis – and even I doubt the false-positive claims

Destroy All Monsters
Silver badge
Windows

Re: The Participant Observer Problem

I'm no mathematician, I've not calculated the number of possible collisions, or the size of the file.

There would not be many collisions. That's the point of a hash.

The number of file versions is not going to get particularly astronomical even if Microsoft is involved. For whitelisting, it sounds like a sure proposal.

Size of the file is irrelevant. Actually I would chunk it and hash the chunks.

But the important point is that these files have internal structure. DLLs are not big blob. Hash the various parts or have more interesting ways of checking. Pretty sure this must be done anway.

2
1
Destroy All Monsters
Silver badge

Yup, makes absolutely no sense for me either.

3
0
Destroy All Monsters
Silver badge

Re: Not fishy at all

Google have also called out snakeoil vendors

Errmmm...... yeah. Oh well.

6
0
Destroy All Monsters
Silver badge
Big Brother

Nuland distributing cookies

Rather certain some TLAs of "the West" (and possibly some of "the P.U.T.I.N.") would be happy with Kaspersky a smoking ruin. There would be less discoveries of weaponized software that one couldn't smooth-talk away by a short visit of Agent Smith.

In other news, why is General Odierno now talking up "a sustained war with Russia" on russian soil?

9
0

EU clears UK to give £50m to SABRE space launcher engine

Destroy All Monsters
Silver badge
Facepalm

Re: Goof on the EU!!

The Entrepreneurial State

Not that shit again. I'm using that book as toilet paperrecycled it properly.

A state is ANYTHING but "entrepreneurial" BY ITS VERY NATURE OF THE PEOPLE WHO ARE MAKING UP THE DISCOMBOBULATED ORGANISATION.

It couldn't detect an opportunity if it bit it in the arse. Nepotism, colonization, vainglorious shit and the current thing à la mode are of course acceptable.

Yeah, it's "entrepreneurial" under the condition that infinite money can be allocated from the actually entrepreneurial side of the economy. And from time to time that side is killed off in a war or two.

She says big companies are unwilling to spend massive amounts of money in investment, but are happy to ride on the backs of government research and reap the rewards.

That dumb bitch should maybe check out how actual investment takes places.

1
3
Destroy All Monsters
Silver badge
Paris Hilton

R100 vs. R101

I can't find these EU forms? Where do I get them??

1
0

Verisign sues Google's new love-interest .XYZ for a second time

Destroy All Monsters
Silver badge
Gimp

I can't imagine who would NOT want to walk away from Verisign. Getting it in a contract that you MUST sure would be relaxing.

3
0

Kaspersky Lab denies tricking AV rivals into nuking harmless files

Destroy All Monsters
Silver badge
Paris Hilton

Somebody is talking fast here.

It is claimed Kaspersky engineers took harmless Windows operating system files, manipulated them to appear as though they contained malware, and uploaded them to VirusTotal. The aim was to deceive non-Kaspersky antivirus engines into treating those system files as dangerous

I fail to see how this is possible. If you "manipulate Windows operating system files", they no longer ARE Windows operating files. And how does this deceive other antivirus engines? Does one mark certain strings in those files and tell the other engines "if you see those strings, quarantine the file"? And they do it? In the age of polymorphic virus, no less?

If you start getting false positives on OS files, then you have a big problem, and it has nothing to do with someone poisoning your well. It's more along the lines of being lazy or not having the right conduit to Microsoft.

8
0

Larry Page was held back by Google execs from flooding world with new dot-word domains

Destroy All Monsters
Silver badge

Re: Why alphabet?

No

0
0
Destroy All Monsters
Silver badge
Gimp

Re: TLDs should have been abolished.

There is no technical reason or excuse for the end of domain names to be limited.

Please read the recent articles on El Reg about the moronocalypse.

2
0
Destroy All Monsters
Silver badge
Paris Hilton

Re: Oh dear

Are you the wife of $DEAR_DEPARTED, rebel leader of the somalian insurgent group of upper mallfuck, with 40'000'000 (FORTY MILLION US DOLLAR) in an undisclosed storage box?

1
0
Destroy All Monsters
Silver badge

Re: Oh dear

I'm hurredly off to reserve .moneygrab and blog about it in financial and IT publications. #moneygrab NOW!

2
0

Skills crisis? Not for long: More and more UK kids gain STEM quals

Destroy All Monsters
Silver badge

Re: A-Level results

The chance of the above happening are at Kim Dotcom levels.

1
0
Destroy All Monsters
Silver badge
Trollface

The Telegenic Snowden effect

"Mom, I want to UNDERSTAND this cryptography stuff!"

"Don't you rather want to become a laywer? Or get employed at GDS?"

"NOOOOooooo!"

4
0

Riddle solved: Do bears crap in the woods? No – they're stressing out over drones instead

Destroy All Monsters
Silver badge
Alien

The right to arm bears etc..

Well, ok. So you are being chased by a hovering UFO making noises generally ascribed to FUCKING MONSTER INSECTS OF THE CARBONIFER, so what's a honest-to-God mammal not reading "IEEE Spectrum" and rather certain that he's not currently on the Presidential Kill List going to do?

Probably act nonchalant and tweet about it...

5
0

Facebook hands hackers $100k for breaking browsers

Destroy All Monsters
Silver badge
Thumb Up

In this exercise, we re-inject type checking that should have been left there in the first place...

Very cool.

An important OOP feature is type casting that converts one object type to another. Type conversions play an important role in polymorphism. It allows a program to treat objects of one type as another so that the code can utilize certain general or specific features within the class hierarchy. Unlike other OOP languages—such as Java—that always verify the safety of a type conversion using runtime type information (RTTI), C++ offers two kinds of type conversions: static_cast, which verifies the correctness of conversion at compile time, and dynamic_cast, which verifies type safety at runtime using RTTI. static_cast is much more efficient because runtime type checking by dynamic_cast is an expensive operation (e.g., 90 times slower than static_cast on average). For this reason, many performance critical applications like web browsers, Chrome and Firefox in particular, prohibit dynamic_cast in their code and libraries, and strictly use static_cast. However, the performance benefit of static_cast comes with a security risk because information at compile time is by no means sufficient to fully verify the safety of type conversions. In particular, upcasting (casting a derived class to its parent class) is always safe, but downcasting (casting a parent class to one of its derived classes) may not be safe because the derived class may not be a subobject of a truly allocated object in downcasting. Unsafe downcasting is better known as bad-casting or type-confusion.

Yes, we are still in the Middle Ages of Coding, with barely adequate programming languages, EULAs, witches, "here be dragons" and mandragore sprinkled all over everywhere, and bad reflexes (performance >> security) are still prevalent. But we are slowly getting there.

4
0

Have an iPhone? Mac? Just about anything else Apple flogs? Patch now

Destroy All Monsters
Silver badge
Paris Hilton

Re: *raises snout

MBPr

Some kind of new STD?

8
0

CAUGHT: Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS

Destroy All Monsters
Silver badge

Re: FUCK CHINA!!!!

> Nuke 'em!!!!

Very inwise, grasshopper.

2
0
Destroy All Monsters
Silver badge
Trollface

Re: Linux v Windows

The reason the average user won't swap to Linux is the difficulty of finding drivers for their peripherals.

As opposed to here where you get drivers you didn't want for peripherals you didn't know you had delivered DIRECTLY FROM THE BIOS.

2
0
Destroy All Monsters
Silver badge
Mushroom

This is the year of the crapocalypse

LENOVO.... OUT!

Built into the firmware on the laptops' motherboard is a piece of code called the Lenovo Service Engine (LSE). If Windows 7 or 8 is installed, LSE is executed before Windows is launched.

Presumably, if Windows 10 is installed, YOU are executed before Windows is launched.

11
2

Huge explosion kills 44+ in China, blasts nearby supercomputer offline

Destroy All Monsters
Silver badge
WTF?

Re: Talk about risky locations..

Depending on the river flow, the build-up of water will take about 24-48 hours to reach the point that the dam rubble gives way, at which point the resulting flood sweeps chemical factory and noxious contents into the nearby city.

CALVIN STOP PLAYING

2
0
Destroy All Monsters
Silver badge

Efforts to search the premises and treat the injured are a priority

Should be "search for the premises"?

20
1

ZUCK OFF: Facebook nixes internship after student embarrasses firm

Destroy All Monsters
Silver badge
Big Brother

Re: Facebook, ethics????

Doing the ethical thing == Doing the thing you can get away with

(Also "Slavish following the law, in particular bad law", depending on context)

1
0
Destroy All Monsters
Silver badge
Paris Hilton

Re: Guess Zuck really is a boy genius!

Isn't the issue that he made freely available the tool to exploit the problem

I thought it was a feature?

Think of how much money the world could save on security if we just made it against terms and conditions, why did no one come up with this brilliant idea before Zuck?

I hate to tell you, but legislators perform this feat of high intelligence about every 48h.

4
2

Two weeks of Windows 10: Just how is Microsoft doing?

Destroy All Monsters
Silver badge

Re: Damned by faint praise

You know, there are actually people who think that Obama ordered the pullout from Iraq.

You can sell anything these days. Karl Rove was absolutely right.

2
2
Destroy All Monsters
Silver badge
Coat

Re: Bob Dole

And he was seen driving off with a productivity juggernaut!

0
1

Rise up against Oracle class stupidity and join the infosec strike

Destroy All Monsters
Silver badge
Mushroom

Re: Your vehement invective is pointless; there is only one fix for this malaise...

And the cause? The FSF, and OSS. Whilst Richard Stallman can not just exist; but live a lucrative and privileged lifestyle whilst commanding exorbitant fees on the international after-dinner speaker circuit; 97% of those contributing long hours in their evenings and weekends -- having completed a long and underpaid day job -- to OSS; are burning themselves out to produces the flawed and endlessly forked OSS products that allow Richard Stallman to live the high life.

Thank you fucking arsehole for dismissing work that may be done for fun and learning and not necessarily for profit (though some OSS work IS done for profit) and reducing it to the catchy "you are performing unpaid work for Stallman" meme. Congrats. You are the cancer.

If you want to understand what happens when creative works are distributed for free; ask a journalist; or a musician.

Journalists and musicians are not working for free (well, sometimes thy are, same thing really). They may be working in a branche that rewards mediocrity, works on bad model or in which it is hard to make a living but that is another problem entirely.

No-one forces you to use OSS of any quality level whatsoever. You are free to shell out maximum dollar for any software you like, for a quality level you can set. Only getting Windows from a company that has golden teeth of the X-Box kid but that disclaims reponsibility in an EULA? Tough. Then order bespoke. Not enough money? Sucks to be you.

Now Fuck Off And Die in an Orlowski thread.

11
1

Stop taking drug advice from Kim Kardashian on Twitter, sighs watchdog

Destroy All Monsters
Silver badge
Windows

The feel when!

Am I reading excerpts from "Stand on Zanzibar" again? Goddammit, John!!

0
0

FAIL: Windows 10 bulk patch produces INFINITE CRASH LOOP

Destroy All Monsters
Silver badge
Holmes

Re: Been there - Done that...

For someone with so much insight, pray tell us, which year will be "TYOL"

Does anyone really care? Just keep on *nixing.

I would post a SHIGGEDY-DIGGEDY Costanza reaction image if I could.

5
1
Destroy All Monsters
Silver badge

Re: good for you

And there lies the problem, multiple hardware platforms.

Removing dud users from the Registry helps

Implying this has anything at all to do with "multiple hardware platforms"

0
0

Mozilla-Microsoft spat latest: Firefox yanks Cortana away from Bing

Destroy All Monsters
Silver badge
Mushroom

I'm Mullah-levels of mad

Dear Microsoft.

Stop your shit. Stop it. Did you utter idiots look at "patch Tuesday"? Yes. That Tuesday. Are there any comments about forceful, uncalled-for upgrades to Windows 10? You know what I'm talking about. What's that you say? I need "WSUS"? I need "Mcrosoft inTune?" I need Microsoft Cruddy Directory of unwanted Complexity? Yes, that. The thing that needs a telephony directory by O'Reilly to be "explained". Do you nethermost dumbfucks think you are in a position to play games with your Cortina shit and forcefully collect user data per fas et nefas? STOP IT. Guess what's crawling onto my shitlist? Yes, Microsoft "Enterprise" (more like "play-doo" amirite?) solutions. I knew a few people who want to close the sale before end of year. We will see about that.

Did I mention that your helpdesk seems to be populated by people who are recuperating from crack addiction and have difficulty concentrating for 5 minutes? START INVESTING YOUR BILLIONS WISELY.

38
8

It's 2015, and someone can pwn Windows PCs by inserting a USB stick

Destroy All Monsters
Silver badge

It means it's from the same roll of toilet paper.

16
0

'WOMAN FOUND ON MARS' – now obvious men are from Venus

Destroy All Monsters
Silver badge

Re: Judi Dench

More like Chronicles of Reddit, amIrite?

0
0
Destroy All Monsters
Silver badge
Thumb Up

Alia on the Shield Wall?

FANTASTIC!

An excellent cover image for the next edition of Children of Dune!

0
0

Oracle pulls CSO's BONKERS anti-bug bounty and infosec rant

Destroy All Monsters
Silver badge
FAIL

I remember "Unbreakable Linux" from this club of gentle(wo)men

An appropriate frenchism: Fart Higher Than One's Arse

Common sense says to move away from official Java as fast as possible.

8
0

Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it

Destroy All Monsters
Silver badge
Alien

Re: We've got our FBI on you

Another software disaster as David Cameron hatched unobstructed.

2
1
Destroy All Monsters
Silver badge
Windows

Re: a ha ha ha ha ha :(

I throw myself into the dust as to your wisdom, Oh Anonymous Sage!

17
1

HTC caught storing fingerprints AS WORLD-READABLE CLEARTEXT

Destroy All Monsters
Silver badge

Re: I wonder how many people will be bitten by these biometric shenanigans

Biometrics seem a neat idea for security, but we don't know how to make good security on the Internet

Biometric data is your NAME.

What is your PASSWORD??

2
0

Beaming boffins feel the rhythm as neutrinos oscillate over 500 miles

Destroy All Monsters
Silver badge

Re: Speaking of Physics at school...

I wonder whether soldiers should be trained in the fine art of japanese sword wielding for these kinds of jobs.

2
0
Destroy All Monsters
Silver badge
Thumb Up

Re: Aiming the beam

The NuMI beamline then continues about 450 miles through Earth on toward the MINOS far detector in the Soudan mine in Minnesota. By the time the beam reaches the far detector, it is about 20 miles in diameter!

So .. atan(20/450) / (2*Pi) * 360 or about 2.6° of spread.

That's pretty shotgun!

Reminder that future muon colliders will blast out neutrino beams that will be a radiological hazard. I can't wait!

4
0
Destroy All Monsters
Silver badge
Holmes

specially-built Fermilab ... based in Ash River, Minnesota.

That would probably be "an annex of Fermilab", as Fermilab is known to have high probability of being found in Batavia, Illinois.

Plus:

The neutrino event had an energy of more than 2000 trillion electronvolts

Okay, that's like a chiuaua morphing into tibetan mastiff. How does one pump that much energy into a neutrino?

that will claim neutrinos have been detected beneath the Earth's crust

Naturally occurring neutrino emissions from radioactive decay? Yes we detect!

6
0

Hack a garage and the car inside with a child's toy and a few chips

Destroy All Monsters
Silver badge

Re: Too cheap to put in some crypto

To reiterate on the above comment

1) Put SoC with appropriate code and radio interface into door controller, all nicely hardened (but updateable via USB stick should a problem appear in any case)

2) This will cost $$$ but it's going to be "The Right Thing"

3) ???

4) PROHIBITIVE COST, MARKETING APOPLECTIC, BOSS BLOWS A GASKET, FIRED!

0
0
Destroy All Monsters
Silver badge
Holmes

Re: Too cheap to put in some crypto

You must be one of the "vision" guys.

0
1
Destroy All Monsters
Silver badge
Paris Hilton

Are you sure you are posting in the correct thread?

1
0

Update Firefox NOW to foil FILE-STEALING vulnerability exploit, warns Mozilla

Destroy All Monsters
Silver badge
Gimp

Fedora 20?

Argghhhh... no updates.

Stuck at 38.0.5.

meanwhile let's just disable it...

0
0
Destroy All Monsters
Silver badge
Holmes

Re: Sandboxing

Browsers ought to be 100% sandboxed.

Someone downvoted this?

Some people really need to be "marched to the door of the oven", to inappropriately cite Huckabee the Huckster.

0
0

Death to DRM, we'll kill it in a decade, chants EFF

Destroy All Monsters
Silver badge
Mushroom

Copyright meme peddling

As less and less people pay for stuff, you need more and more ways to protect content.

Stuff your whiney irrelevant "MUH CONTENTS" shit and keep it for an Orlo thread. (Hey wait, tons of studios are demanding money on the street because they are dying on the vine ... ? WOW, ACTUALLY NOT! Anyway ... )

We are talking about opening up things that MUST be inspected. Medical devices. Car MCUs. Voting machines. IoT crap. Network devices. That's what we are talking about. Not the "but I'm losing money on sales that never would have made anyway" talking point.

(Reminds me that I still have to hand over a few bucks to soma.fm)

12
0

Forums