* Posts by AustinTX

134 posts • joined 15 Jul 2008

Page:

Wi-Fi baby heart monitor may have the worst IoT security of 2016

AustinTX

How adorably 1990's

"our data team"? You sure you don't want to capitalize those words to make them sound a tad more confident? You don't need a "Data Team", you need software developers, testers and at least a security consultant. I bet someone's flipping through their Rolodex for the number to that Chinese company who made the software for them...

9
0

Malware figures out it's running on VMs and refuses to execute

AustinTX

Re: Hide, hide, hide ...

A better Red Pill payload would be a marginally effective "real" payload which puts on a reasonable performance and distracts researchers for weeks or years. Probably been going on this way for years. Gewd Jorb, researchers!

0
0

BBC detector vans are back to spy on your home Wi-Fi – if you can believe it

AustinTX
Big Brother

Unique packet patterns

Live iplayer streams could be made identifiable by manipulating packet lengths. They would initially be set at a particular, unusual length. After a set interval, they would change to another. And another. It would be a unique pattern like a serial number. One even could sniff encrypted packets and simply measure them by size and note the pattern. This would tell the spy exactly what program was being watched.

I'd go with the Ethernet option, but the Faraday cage works, too. One might be able to confuse the spy by playing two separate iplayer streams at the same time.

8
0

Render crashing PCs back to their component silicon: They deserve it

AustinTX

Re: You forgot printers

Yes, all joking aside, some printer cartridges literally, actually DO have expiration dates built in. There's a whole community of folks working out ways to circumvent this. Printer mfgrs are/were actually pressing to make this sort of thing illegal too. The reason for the expiration? Benevolent, kind-hearted printer mfgrs simply want to ensure you have "the best possible experience" heh. Also, when the inkjet cartridge is officially "empty" there's still hundreds of pages worth of ink throughout the capillary tunnels within it. If petrol cost the same as printer ink, a fill-up would cost half a million dollars. What is printer ink? Dirty water.

5
0

Classic Shell, Audacity downloads infected with retro MBR nuke nasty

AustinTX

Re: Download Only From Sources You Can Trust

Aaaaargh! Have mercy, good people! Of COURSE it was sarcasty!

But I think it's hilarious how many people were unsure and actually downvoted!

4
0
AustinTX
Thumb Up

Download Only From Sources You Can Trust

This is yet another reason one should only download safe and signed applications from the Microsoft Online Store!

9
46

PC pioneer Gary Kildall's unpublished memoir revealed

AustinTX

Lobo Max-80

CP\M on a Lobo Systems Max-80 was a lot of fun. But the Max-80 also ran LDOS, which had the lion's share of available software. I remember reading about the BIOS debate in computer magazines. I think they were calling it something else still. The objection was that this in-between layer would double execution times because it had to make that standard call that made the proprietary call. Unthinkable! PCs were so slow back then that it was worth it to just make a custom version of the OS for each model.

1
0

Windows 10 still free, even the Anniversary Update, if you're crass

AustinTX

NOX

Dawg, I'm turning down WORK because I don't want to touch this turdstick! Windows 7 to10 migrations are an abomination.

6
4

Argos changes 150 easily guessed drop-off system passwords

AustinTX

Whole Foods Market

By inflexible policy, their passwords are all in the form of the day of the week, month and day on which it was last reset in the form of FRI0729. Every account created or reset today gets that password. The associate might change it, but probably won't.

2
0

Cyberpunks might not be crooks but they're really very rude

AustinTX

Very rude, huh?

Very rude, huh? Well, surely it's not the Canadians, then... Who's rude, let's think... Lookin' at YOU France!

3
0

If managing PCs is still hard, good luck patching 100,000 internet things

AustinTX

Re: Oh for Goodness Sake

Right, like that. But it needs to be baked into the SOHO routers now. I depend on a horde of ancient internet telephony devices, IP cameras, and other embedded gadgets around the house. For privacy, I have to manually enter their MAC addresses to block their Internet access. This could benefit from automation in the router. And IoT devices need access to at least one cloud service, so those would need a customized, limited hole poked in the firewall for them.

0
0
AustinTX

Re: Oh for Goodness Sake

Why make yourself more useful than the competitors when you can lobby to have yourself made mandatory? That's industry's answer to everything. Senator Greenbuck certainly agrees that those dangerous old lightswitches and outlets should be replaced with dandy new Patriot(tm) gear which sends a nice usage log back to the mfgr. No report app for you, though.

IoT is going to be a disaster unless laws are passed making sure the equipment is reusable after the original mfgr goes titsup. It would be wise if mfgrs were required to turn over mgmt of obsolete devices to 3rd-party long term support entities. We also need SOHO routers which can restrict IoT device's access to just specific destinations, blocking all Internet access by default.

1
1

Software bug costs Citigroup $7m after legit transactions mistaken for test data for 15 years

AustinTX

Re: If You Profit From Breaking The Law

This small cut of the profits is called "a fine" because it makes your illegal profit just fine.

8
0
AustinTX

Re: Interesting footnote

Ohh, ohhh, you and your fancy *extended* binary-coded decimal interchange code! I suppose you work entirely from the command-line? None of that silly realtime operating-system conversation operative environment?

0
0
AustinTX

If You Profit From Breaking The Law

If you profit from breaking the law, the government will demand a small cut of said profits.

It's too bad those "three strikes" laws don't apply to Corporate Persons.

2
0

Facebook deleted my post and made me confirm pics of my kids weren't sexually explicit

AustinTX

The "Real Names Only" fad

The "Real Names Only" fad that has taken over social media sites, some of which have technically retracted the policy while actually still enforcing it, is as bad as the autocensorship.

Being forced to use real names does NOT quell misbehavior. Crazies are still crazy and don't care if they get their account banned. A-list elites don't need to fear punishment for being hostile to other members. What "Real Names Only" does is associate more accurate identification of who it is that has said what. You can't make as much selling info about an anonymous accounts. The cops and the feds, who are this company's customers, want to know who a person is, as much as they want to know what sort of threat to authority they act like.

I've been a moderator/admin/sysop since the mid 80's. Being anonymous (using nicknames) is a non-issue. It protects member's privacy as well as their personal safety.

Sites like Nextdoor.com force everyone to use their real names, display their real addresses, and keeps all that info on public display even after you've quit, or worse, been banned for not fitting in with the clique. Despite this, the site claims to protect your "security" and "privacy". Yes, by forcing you to expose yourself. Any wag can sign up with a fake account and then download the big directory of names, addresses, and often emails and phone numbers. They get pics of the kids, their names, what their hobbies are (they probably have kit for that in the garage), and everything else the members write about in public.

And yeah, we do have a personal problem with Nextdoor. I wrote about it on ElReg last night here: http://forums.theregister.co.uk/forum/containing/2914926

6
1

In mourning for Nano, chap crafts 1k-loc text editor

AustinTX

Bahahahaha, I still use PICO daily!

1
0
AustinTX

Re: Libre liver bile

NAY, MON! No true Libre would do that!

Anyway, I used to have a disk full of 1-line LBASIC games I typed in from various magazines. I recall one was a scrolling racecar track.

0
0

White hat banned for revealing vulns in news sites used by London councillors

AustinTX

Re: Meet the tool of the Police State: Nextdoor.com

Yes, that's certainly an issue in our city, too. The neighborhood associations are dominated by really small, tight groups of 'old friends' who make no attempt to represent the actual neighborhood, and will attack anyone making an earnest attempt to join the decision making. The City Council pays way too much attention to what NA say, and take them at their word that they're speaking the neighborhood's opinion. There is some reform under development though.

Austin also has a "neighborhood council" (not a City bureau) which is sort of an umbrella org for all NA, but they've been assimilated by the same mindset. SO we have an alternate neighborhood council called "Friends of Austin Neighborhoods" and they likewise advocate folks launching alternate neighborhood associations.

I hesitated on that for a while, but then we went ahead and registered with the City. The truth is, things are so bad that we can't work within the system. Our neighborhood finally has a website, and news is posted daily instead of in the old NA's 6x-a-year self-praising tract sheet newsletter. We're aiming to be a nonprofit org so we can handle money to fund social events and give out grants.

Naturally, our old NA is shrieking mad at us. They had a good thing going where they literally did nothing as neighborhood leaders, but got to meet and have their important meetings and use their important titles when emailing and phoning the City. Our members ran for office in the old NA and the election was conducted as a flat-out sham to make our candidates loose. The funniest thing is how the old NA points at the mountain of work we've done and things we've accomplished, and try and draw it all up as unfair attacks on their own hard volunteer work. And what is it that they do? *shuffle feet* Uhm, next topic!

2
0
AustinTX
Big Brother

Meet the tool of the Police State: Nextdoor.com

A much bigger, meaner neighbournet.com:

Spreading across USA (and NL) like a cancer, Nextdoor disposed of our moderators and handed our online community to our hostile neighborhood association! Nextdoor's director is a very frightening person with a deliciously punchable-looking face.

https://www.dawsonneighborhood.org/dawsonaustin-on-nextdoor-seized-by-neighborhood-assn/

http://www.sitejabber.com/reviews/www.nextdoor.com

1
0

Alleged Brit hacker Lauri Love bailed amid US extradition battle lull

AustinTX
Holmes

Re: Crime and punishment

If I'm not mistaken, you can be dragged off to prison and beaten for saying a thing like that. Let's hope you have some money to pay back your prison room & board fees.

Could be a connection, but I'm being watched and can't speculate out loud.

0
0
AustinTX

It's a mystery to me

I don't know why my country makes a policy of setting out poorly-defended honeypots to catch British Aspies.... Perhaps they're transplanting their brains into drones?

12
0

Eat my reports! Bart ransomware slips into PCs via .zip'd JavaScript

AustinTX

It's Twenty Sixteen

...and opening a zip file still results in it's contents being executed automatically?

WTF

8
1

Beautiful model to explain the universe to physicists

AustinTX

I've always felt uncomfortable with this statement

And I sort of just figured out why:

"cosmologists make simple assumptions that the universe is homogenous and isotropic - that it looks the same in every direction regardless of the viewer’s position."

Given that observers will be scattered across the universe at great distances, and that no communication can take place faster than the speed of light, therefore each observer actually must be seeing a different universe than the others. Not just a matter of perspective, but they're seeing things now as others will see them at a very large offset in time to them.

They can't communicate their observations any faster than their peers will eventually see the changes for themselves. Even for all observers who co-incidentally make an observation of the same structures at the same time, no matter how distant, they each see a measurably different universe, most un-recognizably so. In fact, each observer will see the universe evolve differently because information catches up to them at different times than at any other spot.

This isn't just about an "observer principle" though, because forces in one part of the universe can't affect other parts of the universe any faster than an observer can see them. So it's analogous. Replace "observer" with "a star" or "a cloud of gas" which feels the effect of a combination of forces from all directions.

Literally, even if matter truly was distributed evenly across the universe, in one frame of time, it simply wouldn't look that way from any other points, where multiple, partial frames of time are visible simultaneously. This is cool; it opens up the possibility that many structures we think we see out there are illusions. The product of time delays in information reaching our position. Observers elsewhere may not see the same clumps and filaments, or even the same galaxies!

5
0

Medicos could be world's best security bypassers, study finds

AustinTX

Probably worse than you can imagine

Hospitals are always so short-staffed they can't even keep their records up to date or even refile them so doctors can see their patient's records. I've temped in several hospitals for this reason. One hospital had a decades-old mainframe terminal system which required an employee's badge to be inserted to function. Very nice, right? Would tell you who accessed what and when. Well, every one of these terminals, throughout the bld had a blank badge left stuck in it at all times since doctors were always losing their badges and they didn't want to make ones for the temps. When I got bored entering location codes for files, I could look up people I knew and see what they'd been in for and when along with all their personal identification.

1
1

Tor onion hardening will be tear-inducing for feds

AustinTX
Devil

Re: Run it as middlebox!

My take on this is that the exploit used by NSA employs javascript functions which ignore the browser & PC's firewall & redirects, or which launches core Windows services which also do this (more have come to light recently).

So it comprises a "little snitch" who reports directly to a resource that NSA can monitor, with some kind of unique identifier. Or, they can match you up just by measuring timing. Using exclusively Linux will probably protect, unless javascript is all it needs. The state-security threatening pedos (!!) probably all used Windows. Or Macs, for that matter... :D

1
0

Sysadmin 'fesses up to wrecking his former employer's IT systems

AustinTX

We need to use his name, Kezeor to refer to something in his honor

Sort of like "santorum" but in a complimentary way.

"Agilent was completely kezeor'd for four months"

I salute you, Mr. Kezeor!

1
0

One entire US spook base: Yours for $1m+

AustinTX
Alien

Re: Cult status

Haha, "clearly" we both came here to say something like this.

3
0

Oooooklahoma! Where the cops can stop and empty your bank cards – on just a hunch

AustinTX

@Alan Brown "People have also been convicted of DUI after being stopped walking along the footpath with car keys in their possession because they MIGHT use them to drive a car."

This is absolutely true. I was in a jury selection panel for exactly this. It's rolled under "Public Intoxication". A cop arrested a man who was walking down the sidewalk because *a witness* expressed the concern that this man would get in his car and drive drunk. The cop was his own "witness". It sounded like the man had simply been a tad surly when he was approached by Deputy Dawg. He had been drinking, but wasn't slobbering wasted. The man was literally being tried for a crime he hadn't committed. But could have. Just hope a cop doesn't pick YOU on the street for one of his fantasy scenarios.

I wasn't chosen for trial, probably because I asked too many questions.

11
0

Why everyone* hates Salesforce's Marc Benioff

AustinTX
Terminator

Re: More Baron Frankensteins-

Moar robot barons!

6
0

BOFH: What's your point, caller?

AustinTX

Re: Most fun I ever had on the phone

Oh if you work for an ISP, you get other ISP's customers calling all the time.

0
0
AustinTX
Facepalm

Re: Equipment? Never heard of it.

I briefly trialed a support position at, let's call it "Winger Nixderp" where I was given a cash register to use as my work PC. Yep, a refurbished touchscreen cash register running windows underneath the merchant app. Soft kbd and no mouse.

My voip application wasn't set up right, so my calls were dropped when I rang my co-workers or xferd calls. The co-workers quietly held a grudge for me walking up to them with questions, and I was about to be terminated for that (!!) when the mgr finally tried using my phone himself. With hard feelings exposed and bridges burned (not my fault) I let that 'career opportunity' go. A shame, since it was only 6 blocks from home.

1
0
AustinTX

Re: Gaffa tape

We call it "gaffer tape" because, well, the gaffer uses it.

2
0

Would YOU start a fire? TRAPPED in a new-build server farm

AustinTX

Re: Did you piss of Simon or the PFY?

You don't stick around when you pull the Halon lever.

3
0

Earth's core is younger than its crust surface

AustinTX
Coffee/keyboard

Unscientific Thought Experiment

One little idea I like to muse about from time to time is that perhaps black holes don't form under the collapse of stars, but rather form inside a star earlier in it's life, possibly even having been a seed which drew gasses together to form that star. Either way, it starts out and remains so small for so long, that the core's mass completely hides it. It may affect the sun's "engine" at some point, but the change is gradual. A tiny black hole has too little surface area to pull in very much matter and thus will grow very slowly - at first. An embedded black hole would slowly drain the star's mass, eventually crossing a threshold and suddenly heating it up quite a bit, causing it to puff up and expel material.

The mass of a star, starting with 1.4x the size of our own sun, is tied to the likelihood that a hole makes its appearance after supernova. A star that is too small simply never seems to produce a black hole, though it might reveal a neutron star, or just shrink and cool off. Imagine that it isn't simply pressure, but rather some other sort of stress on space-time which creates black holes.

The article talks about a tens-of-thousands of years difference between the age of the sun's core and it's outer layers. This obviously doesn't mean that we could travel back in time by burrowing into the sun's core somehow, but I wonder if, in cases like this, that there isn't some accumulated "frame drag" that goes on. A star that is too small just can't create enough strain to 'tear' space, but larger ones inevitably do. The mass of a star seems to be related to [the difference in age of the core of a star and it's outer layers] and [the likelihood it will collapse under enough pressure to form a black hole], for what we take to be unrelated reasons.

I propose that perhaps a black hole is actually produced by a kind of frame drag between the core and outside of massive objects like stars of sufficient size. The greater the mass, the quicker the frame drag accumulates. All else that we know about black holes is just what we observe once they become exposed, and behave like independent objects.

0
0

Palo Alto IDs another C&C-over-DNS attack

AustinTX
Boffin

Probably trivial to protect against

This 'attack' seems to rely on the malware using a DNS server of it's choice. Lots of SOHO routers have a feature to transparently grab outgoing SMTP and redirect it to a preferred one. Especially if those routers have "captive portal" (ala free hotspot) or "guest" features. It should be pretty simple to redirect all of the outgoing DNS traffic, too. In fact, the "for pay hotspots" have this feature by default. A legitimate DNS server will either reject or ignore the C&C strings.

0
0

Coders crack Oculus DRM in 24 hours, open door to mass piracy

AustinTX

Re: This whole thing pisses me off.

@John Bailey: I get your point, however it is self-evident that content providers would rather have control over their product than have a larger market.

5
6
AustinTX

Re: This whole thing pisses me off.

@PJF: I'm looking forward to the return of the Power Glove... which of course needs the latest computing hardware and a quarter billion lines of code to function, for some reason.

8
0
AustinTX

Re: This whole thing pisses me off.

@goldcd: Your beef is with the content providers who doubtless threatened to boycott Oculus.

0
30

Speaking in Tech: Uber and Lyft tell Austin: Hell no, we won't give you the finger

AustinTX
Megaphone

Lyft & Uber's still delivering passengers in Austin

Uber and Lyft are both apparently still delivering passengers in Austin. They simply pick them up outside, in the suburbs. Folks can try using Get Me to pick them up inside the city to take them back home. Uber Food, a delivery service, is still operating too. Your Get Me driver will probably also be an Uber/Lyft driver anyway.

Most Austinites who voted against Uber and Lyft weren't even customers. These were knee-jerk SPITE VOTES due to a deceptive campaign by the City of Austin to demonize the rideshare companies as "bullying the city" with "corporate threats", when actually, the City changed their terms after Uber & Lyft made agreements when they opened here for business.

Austinites are famous for voting against their own best interests because they're culturally vulnerable to fear, uncertainty and doubt (FUD) packaged as defending their right to choose. This only applies to certain "enemies" of course. People like to think themselves liberal here, but they have the southerner's "you can't tell me what to think" attitude which means they live and vote with such closed minds. It's an insult to them, to open a dialogue or try to educate.

Now, we've lost rideshare CHOICES and the corrupt taxi companies have their near-monopoly back. Hu-farking-rah.

That said, I don't think requiring fingerprints is too much to ask. I get fingerprinted for IT contracts. There are too few fingerprinting service offices here, though. I've driven to San Antonio to get fingerprinted because the local ones had no appointment slots! If I were a driver, I would pay for my own background check as long as my rideshare network refunded my money after a few months of active service.

Our public transportation isn't terrible, either, though I won't ride home during rush hour. Busses can be packed nightmarishly full. Also, despite a recent reorganization, busses still mainly just run along certain main roads and lots of the city is underserved. I bike whenever possible, though let me go on the record of saying that Austin's "bikeability" rating is an obscene farce. Motorists hate bikers, and the lay of the streets is very dangerous for biking. We do have a lot of bikers who don't obey traffic laws though.

0
1

Congress calls for change to NSA spying law

AustinTX

Even as a kid, I wondered why the rules were different for foreigners than it was for us. I mean, sure I understand that a visiting foreigner isn't entitled to request welfare and such, but then, our government was always so very eager to dispatch them without employing the time-honored system of justice we supposedly feel is superior to that of the rest of the world.

It seemed like the gov held an actual grudge against the American way of life and liberty, since they would circumvent it at any opportunity. The government demonstrates that it would prefer not to follow these laws, you see. In their heart of hearts, they don't feel it's the best way to do things. This is critically dangerous.

As a teen then, it was little surprise to learn that the USA keeps prisons and torture facilities in foreign countries on the theory that they're then not bound to follow our laws there. It seems that when one of our agents or officers steps off USA soil, they shrug of all of the laws of our land, except those which please them.

10
0
AustinTX

'no one has "ever demonstrated that a terrorist attack was stopped through Internet monitoring"'

Yah, sure they SAY there were those, uhm, 3-4 instances. They didn't say what they were, though. And they had to walk back that count, too.

5
0

ICANN knifes Africa's internet: New top-level domains terminated

AustinTX

Re: @Austix TX - why customers left those walled gardens

@DougS: Don't forget that when phone companies brought "web browsing" to cell phones, they fought hard to keep people in walled gardens too. The service providers hoped to make content providers and consumers alike pay, and make themselves the only way to come together. But, customers had already heard of "the Internet". Ultimately, it fell apart because it cost the providers far more to maintain the artificial restrictions than it benefited them. As I said, customers didn't like paying more for a restricted network than others were paying for open Internet.

0
0
AustinTX

Re: They CANNT (which people)

@veti: yes, and perhaps this is why Google hasn't made the plunge yet. People want more flexibility in domain names. Google wants us to give up domain names. Once their URL-shortener runs out of combinations, they may change their minds. More about that at:

https://mParuMlWQpk5UjfamngwCeFMSBTjQwiOlHrBvVbjRYSsK648NvaYgUr1NmsSzFSEkjIPCfwzp56kE1MMQuEfKmOfq4o2ogBhm9RpZ5U3P500WNTmQyueUxwTfSAvFuVMrgDdH5E70hK9TgOWIt3p5ejqIVS38Pdwccamb8I1JOV8xGYxmvrZpu40hxgFefdWpUwxvZreTp1Q3uXv4GIzR3O2De1ZJG5hpey5SV2pOIwQhhgtu3aMz2AWUDEuxXf93oAM

0
0
AustinTX

Re: @AustinTX, re: DNS.

See, an actual walled garden, by definition, doesn't let you visit places outside. But I welcome the good, old fashioned anti-aol nerdrage! :)

You should realize those "members only" sites didn't exist on the open Internet at all, but rather on the paid service's internal network. Charging corporations extra to reach a minuscule extra percentage of eyes, was never going to last. If someone is adding value to your service, they expect to be paid, not charged!

Furthermore, customers jumped ship from those old walled gardens because they didn't like being restricted AND charged for free content. In time, I think the same effect will kill ICANN. The fella posting earlier stated that his ISP uses google DNS by default. Those are the first steps. (So does my ISP, but then, I have Google Fiber, lol)

ICANN is the walled garden here. It may be a big garden, but they're a monopoly on domain names, and as long as that goes on, they'll be free to make any rule that benefits them and charge any amount they think they can get away with. For providing no real service.

What I'm proposing is a better, opt-in, more flexible and less-restricted "list" of sites that *includes* ICANN's. This is good, legal, and ICANN can't do a thing about it.

0
1
AustinTX

Re: They CANNT

@Terry.6: A good point. What carrot to hang from the stick? How not to become the new oppressor? Since this opens up a tremendous amount of new 'real estate', every organization, company and internet provider will be eager to secure their namesake. And, if they want to homestead their new domain name, make it a requirement that they use and promote the alt-DNS too.

The application could include a field to submit trademarks, so that anyone who later applies to register a name containing those phrases will be flagged for review. Impose a fee at cost. There would be a list of exceptions one can pick from a list, such as "I-hate-%domainname%" or "%domainname%-fansite" so bloggers can launch their free speech or parody site without delay.

I mean, you can lob gruesome obstacles at me all day, and I can post creative solutions back atcha. I've been thinking about this for years.

0
0
AustinTX

They CANNT

Isn't it clear that ICANN doesn't facilitate services? Instead, they charge big money to remove encumbrances. Seriously, we don't need this obscenely corrupt company any more!

It's insane to be charged money for the right to tack a dot and a reserved word onto the end of our web addresses. I wish an influential Internet company like Google, OpenDNS, or the like would implement their own non-ICANN domain registry. By that, we could register any 256-character string as a domain name the same way we used to register free subdomains. People need only configure their DNS server to one of these providers to enable an overlay of non-ICANN domains, which falls back to ICANN if there is no match. This does lower the bar to enabling certain misuses, but the current system hasn't exactly had much effect on spam, phishing and malware.

0
2

Edward Snowden sues Norway to prevent extradition

AustinTX

Re: It's a Trap!!!

Send someone incognito, with the implication that it's Snowden himself, just to see what hijinks ensue.

3
0

Sysadmin given Licence To Perve shows why you always get it in writing

AustinTX

SAID NO MANAGER EVER

“I'm apparently an idiot for yelling at this poor man for doing a job he have been ordered to do,” the manager said. “I will hereby leave and beg for his forgiveness.”

19
0

Page:

Forums