Posts by smudge 984 publicly visible posts • joined 8 Aug 2008
It occured to the staff there that observers would be able to work out how many people were on shift at any one time, based on the size of the order
I once worked on a spooky project in a completely separate outbuilding on my company's premises. Physical access was restricted to those who worked on the project, plus a couple of specially-cleared cleaners.
A company administrator complained that we were using "far too much coffee for the number of people working in there!".
To which the reply was "You do not know - and have no need to know - how many people are working in here".
Speaking of a war, I don't want to rain on the researchers' parade but the basic concept here dates back at least to WW2.
You don't need to explain traffic analysis here. And anyway, most of your post is about what Bletchley Park called "gardening", which was more about attacking the crypto system than about traffic analysis.
From a quick glance at the paper itself, it seems that the novel things in the research are not traffic analysis itself, but:
1) attacks on a wide range of devices which use multiple different protocols
2) analyis and understanding of the aggregated information, to determine what is happening in the house - the person walking through the smart home is a simple example of this.
This is all facilitated and supported - and some of it is automated - by machine learning.
Difficult to see how your suggested "gardening" would work. I'm assuming that most IoT devices have fairly limited dialogue capabilities, and that opportunities of introducing a crib to enable a known-plaintext attack would be severely constrained.
...the proposed organization would be the sixth branch of the armed forces, sitting alongside the Army, Navy, Air Force, and so on.
So you don't know either! The first three cover land, sea and air. I can't see that there's much else. Do you have Military Moles? Teleportation Troops? Men Who Stare At Goats?
... but getting more serious, of course.
I guess it started with built-in sat navs. Logs where you have been. May have recorded what speed you were travelling at - hence the old advice to clear it fast if you are stopped by the cops. And how many people have entered their actual home address as "home"?
Then Bluetooth phone connectivity came along. And so on...
My BMW has a function to delete all user data. Says it can take 15 or 30 minutes - can't remember which. You've got to trust it, of course, and I don't know if it deletes everything that you would want deleted. But if it does what it says then it sounds good. As long as you remember to use it.
89 per cent of Brit households had internet access, a figure that was flat year-on-year – and one which may have the architects of the UK's universal service obligation scratching their heads about getting the last 10 per cent online.
I'm usually taking the mickey when I use that subject line, but here I'm not. Surely the figure will increase above 89% as the 70 and 80 year olds who have never used computers drop off their perches, and nearly everyone who is alive will have had some computer experience?
Another report on these ONS figures, in the Guardian, is trumpeting the fact that the number of folks over 65 who make online purchases has risen by 16% in the last 10 years. Uh yes - possibly because a decade ago these people were 10 years younger...
...and as I walked across the first boundary I held both arms out wide and clicked my fingers (the lights came on), across the second boundary (click! - lights) and into the third zone (fiat lux!).
We had a salesman who was often first into the office, purely so that he could experience the ego-trip of having the lights turn on as he walked the length of the office.
Bloody useless salesman he was, too :)
Twas ever thus. CESG, now part of the UK NCSC, is the UK government’s National Technical Authority for Information Assurance, providing advice on protecting information and systems. Other parts of GCHQ - I'm not familiar with their org chart - try to break the cyber and crypto security of comms and systems.
Similar to the NSA and their NCSC, in the USA.
... it had hired 1,800 people and moved 700 existing staffers into customer-facing roles.
So that's 2,500 people in new roles.
I find it hard to believe that that could have made matters anything other than much worse.
To paraphrase "The Mythical Man-Month" very loosely: "Chucking tons more resource at a mess will merely escalate it into a clusterf__k.".
I was going to say "there used to be" a mainframe security suite called "Top Secret". But I just checked, and am amazed to see that it still exists.
Anyway, legend has it that many support engineers have had everything bar the latex glove from security staff, when trying to exit spooky places with a set of manuals prominently displaying the product name.
There should also be a "strong contingent" of techies who were able to "get their hands dirty" with the nitty-gritty checking of spy agencies' systems.
Yeah, right. As if the spooks would let an outsider touch their systems. Even if they had the necessary stratospheric clearance, need-to-know would surely be used to deny access.
I believe you have this backwards. The option is offered to pay in the national currency of your card issuer instead of the local currency. The conversion is then done at a rate that makes even the gougiest bureau de change look generous. If your card provider stiffs you with a large overseas transaction fee I presume this is still levied. If you pay in the local currency the conversion is either done by mastercard/visa or your own card provider
For those of us in the UK, the advice is always to pay in the local currency, eg euros, when using a card abroad, to avoid being (excessively) shafted.
He has noticed a marked difference in how he is treated in foreign climes depending upon whether the person he is trying to communicate with believes him to be English or American. As soon as he admits to being English, he can see the sparkle in the other fellow's eyes fade into one of sympathy.
I believe it. I see people's faces light up with happiness when I answer "English?" with "No, Scottish!".
Back when BT occupied half of that tower block at the corner of Euston Rd and Hampstead Rd (assuming it's still there, haven't been to London for a few years now) it was rumoured that there was one more floor than accounted for by the number of buttons in the lift.
That's Euston Tower, and it's well known that MI5's local radio network was run from there. (Maybe still is - like you I haven't been that way for a while.) The 17th floor seems to be the one.
MI5 themselves used to be just across the road, at the top of Gower Street. They shared a wall with the National Union of Mineworkers. I often used to wonder just how many bugs were embedded in that wall.
Furthermore, the delay in Galileo caused by UK withdrawal could result in the UK's version being operational at roughly the same time – mid-2020s, according to Bebb.
Given the decades of development of Galileo, that can surely only be achieved by massive reuse of Galileo IPR?
I foresee legal battles.
Being built into toasters, fridges, light bulbs and sex toys right now :)
That last one's interesting. If the thing's already vibrating, would an incoming call be signalled by regular pulses of increased intensity?
"OhmyGod, yes, yes, YES!!! Errr, I mean.... Bagshot 1234, hello..."
What you missed was a short, well-stated summary of exactly what's wrong with key escrow or, indeed, any other form of back door..
You mean like "giving your private keys to someone else is not a good idea, and the baddies won't do it anyway"? The reason behind my "didn't bother reading this" comments is that I thought that every thinking person in the industry knew all that anyway.
Must be 20 or more years since I wrote my company's response to HMG's request for views on key escrow. I basically said what I said above, quoting the experts - mostly in the US - who had already said this.
I then went on a short holiday.
When I returned, the paper had been rewritten, by a salesman. It now said that we wholeheartedly welcomed HMG's proposal, and looked forward to the opportunity to work on their implementation, etc etc, ad nauseam.
I asked for only one change - removal of my name from the paper. Otherwise my reputation, amongst my peers, would have been shredded.
In fact, key escrow systems have been designed that would serve this purpose fairly well.
But that is NOT what they are talking about:
“There's been ideas around for decades that you should create some kind of key that law enforcement can get access to … that's not what we're proposing... "
Despite assertions to the contrary, it would be possible to make them reasonably secure against theft - at least as secure as could be done for any other data.
I stopped reading your comment at that point :)
How many people in the Space faring, aircraft carrier, nuclear nation that is India ?
About 1.35 billion. With an average annual income of $1,670 in 2016.
The population of the EU is around 510 million. With an average annual income in 2017 of $21,340. (Highest income - Denmark, $43,454. Lowest - Bulgaria, $5,700.)
I know which I'd rather trade with.
Doing what's best for the country despite leaving the EU. All government contracts should be done by UK companies unless its not possible
So you'd be OK with the many, many other countries for which De La Rue produces passports and banknotes taking those contracts elsewhere?
I used to work in information security. If I had been asked to do a general review of the security of a location, a ploy was to arrive at reception, and then ask - with some urgency - to go to the toilet. If they were inside the building from reception, this often got you admitted into the building without signing in, without a visitor's badge, and without an escort. FAIL!!!
Also highly revealing about a workplace is the signage displayed in office restrooms.
On a more sombre note, I will always remember, after a company merger, visiting the premises of the company we had merged with, shutting the toilet cubicle door, and discovering, on the back of it, a sign with information about the company's employee counselling services. I know it's quite common now, but this was the first time I had come across anything like that, and it did make me wonder what sort of company we had merged with.
The icon chose itself.
Wallis devised the bouncing principle by watching children skim stones off the surface of a pond.
And for those of you who play golf in Surrey, he tested models fired by catapult on the lake at what is now Silvermere GC.
One story I heard was that he got the idea for the bouncing bomb when he saw someone hit their tee-shot thin at the par 3 17th, and watched it skim across the water. Unfortunately for the story, the course didn't open until 1976...
I also heard that he was rowed out into the lake by his secretary, who was an Olympic rower. I've never checked up on that.
Pointing to the science pioneers like Isaac Newton, who is buried in Westminster Abbey, across the street from the conference venue, Rising observed that while we recognise science, we don't often practise it.
"For those who call themselves technical people, this is a strange way to make decisions," she said.
Oh dear. If she knew anything about Newton she'd have known that he was a deeply religious and superstitious man who dabbled in the occult, alchemy, prophecy, Biblical chronology and interpretation, Rosicrucianism....
Morgan added: "This is yet another addition to the litany of failures of banking IT systems. Potentially millions of customers could be affected by uncertainty and disruption.
"It simply isn't good enough to expose customers to IT failures, including delays in paying bills and an inability to access their own money.
"Warm words and platitudes will not suffice. TSB customers deserve to know what has happened, when normal services will resume, and how they can expect to be compensated.
Not defending TSB, of course, but for a politician and former Government minister to say all this, without a hint of embarrassment or self-awareness, just beggars belief. Does she know nothing of the Government's record in IT?
Does the term "Universal Credit" mean anything to you, Nicky? Because you have just described it in a nutshell.
These records are structured around a person’s contacts with the police...
However deletion from the PND will not lead to an automatic deletion from the local police system as there is no link back from PND to local systems.
It's not clear whether "these records" refers to the local records or the PND records.
However, there must be some structure and context around PND records. There must be identification of who the images are of, and probably why they are there, when they were created, and where they came from. Otherwise it's just a jumble of unlabelled images.
So there must be a link back - albeit an inefficient one - to local systems.
"Combining our enterprise businesses will allow us to strengthen the services and products we offer to businesses and sharpen our focus on customer service, through clear accountabilities and by introducing efficiencies."
Do I take it that "leveraging synergies across business units to be more than the sum of our parts" has gone the way of the dodo?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
