Feeds

* Posts by DRendar

285 posts • joined 15 Jan 2009

Page:

Microsoft welcomes CentOS Linux onto virtualized Windows

DRendar
Grenade

*Warning* Grammar error buffer overflow *Warning*

"When it comes to existing support agreements with Novell and Red Hat, Gupata said and when Microsoft's identified a customer's problem is not Microsoft related to Hyper-V the company's support people have it's handed the customer over to their Linux provider. "

So... many... errors.... Noooooooo.

*BOOM*

0
0

Hacker pwns police cruiser and lives to tell tale

DRendar
Flame

Sigh?

Funny that as I've commissioned dozens of Pen tests, and you are correct that you have to specify what you want them to test.

In this case it would have been...

"We've installed this video system in this test police car using this technology, which is accessed using a 3g modem over this network - These are the IP addreses - Please attempt: Unauthorised access to data, Unauthorised Access to configuration, remote manipulation of data, DoS vulnerabilities, attempt to break encryption, brute force passwords, list open ports etc etc etc"

Any Decent Pen test company will carry out an entire glut of tests on their own too. You don't have to specify everything down to the most minute detail of what they should test, otherwise what the hell is the point of paying an external company to do it for you?

A Pen test should have been carried out on this setup in a test environment BEFORE being deployed into real police Cars...

No one suggested that the PEN test would be the first step, or that the normal project flow not be followed... what have you been drinking?

Also, this can't possibly have been the real Pen test, as information gathered by Pen Testers is confidential - he would have been in breach of his contract to release the information in such a manner. Either that of the Contract written up for him will have been like swiss cheese.

1
0
DRendar
FAIL

LOL

Someone's going to get their arse FIRED.

Don't they carry out Pen Testing? I have to arrange pen testing if I put up a flat web server in a pre-secured DMZ... They didn't pen test a new Police Video system that would be used for evidence?

LMFAO

1
0

How I learned to stop worrying and love SSDs

DRendar
FAIL

Oh Dear

Benny Hill... Are you serious?

That is slapstick shite. Why when you mention British comedy do you people always jump to Benny Hill... You should be embarrassed.

0
0
DRendar
Badgers

Should have put the Joke Alert Icon on mate.

How else do the 'merkins know when you are kidding?

I am assuming it was a Yank who downvoted you - they seem to be the only people on the planet incapable of detecting satire!

0
0

PlayStation Network credit cards protected by encryption

DRendar
Boffin

The title is required, and must contain letters and/or digits.

Perhaps.

But we aren't generally referring to home users here.

Personally I was referring to people in office buildings who write down passwords and stick them to their monitors and keyboards etc. We had to fire a member of staff not too long ago for habitually writing down passwords, and leaving them in plain sight (in public areas!)

Also your solution of writing down passwords (and presumably usernames and site names too) doesn't help you when you aren't at home.

An encrypted password vault, for example on your mobile would be a far better solution.

If you also install remote shredding software you are protected even if your mobile is nicked too.

0
0
DRendar

Salt is better.

An easier, and more user friendly way, is to apply a system salt, user salt, then hash.

No way any rainbow table will be able to crack that, as you'd need a different table for each user.

eg (not a real example)

sha($password . 'Sa1tY@5' . md5($userid))

Your password doesn't need to be so long that way.

12 chars isn't too long in isolation, but when users need to remember 10-20 different passwords it becomes unwieldy, and in the end just encourages users to write passwords on post-its under keyboards, on monitors etc, or as the story suggests, use the same password for everything.

In addition, just repeatedly hashing a hash of a hash may seem more secure, but it still allows your entire table to (potentially) be broken with one rainbow table.

1
0

Lasers set to replace spark plugs in car engines

DRendar

eh?

I have owned several diesels, and various members of my family have owned lots of them for many years and I've never heard of a DPF failure.

However we all almost exclusively own VAG cars, so I don't know if that makes any difference.

My current car ('03 Golf PD Tdi) has done nearly 150,000miles and still runs like new - show me a petrol car that can claim the same.

Servicing Diesels is more expensive - granted, but even if you take into account the rediculous disparity in cost between petrol & diesel at the pump, the vastly higher efficiency still makes them far cheaper to run in the long run (so long as you do enough miles)

0
0

Citroën lifts lid on looming diesel hybrid

DRendar
Black Helicopters

Stealer Servicing

That's why.

Look at the Chevvy/Opal/Vauxhaull Volt/Ampera.

This WAS going to be exactly as you describe - Dino-Drive Generator which generated electricity to charge the batteries and/or feed the leccy motors. It would have been wonderful.

However they recently announced that the engine *WOULD* infact also be coupled directly to the drive system, which means gearboxes, clutches, planetary gears or some other method of applying physical force from the engine, plus all the synchronising hardware / software that would have not been necessary before.

I'm sure they had their reasons, but to me it was fekkin stupid (or was done to protect their Vehicle Servicing income / spare parts sales)

0
0

Shifty scripts on Santander site prompt security fears

DRendar

Quicker? Really?

Let's compare apples with apples eh?

1 if you use a card, then in many petrol stations now you can pay at the pump, thereby avoiding having to go into the booth, and join a hideously long queue at all.

2 if you go into the booth to pay, (and there's no queue) then it might be slightly quicker (takes me about 10-15 seconds) but you will have had to take the time and had the foresight to go to the bank/ATM first, in order to have that cash in your pocket in the first place, and how much longer does that take? 5 - 20 minutes?

So 5minutes to save maybe 10 seconds. Bravo!

That is unless you walk about with your wallet perpetually full of cash, in which case, you've got some balls on you - or too much money :-)

Personally I despise people who go to a pay-at-the-pump station, then dawdle off to the booth (and the queue) to pay, and I'm sat, finished and paid up, at the pump behind waiting to get out because they either didn't pull in close enough to the pump so I could get out, or the station is too narrow.

Grrrr!

1
2

James Cameron to amp up Avatar frame rate

DRendar
Thumb Up

@Oh stop Bitching

"If you want amazing plots, go read a book."

I could not agree more.. Some of my favourite books / book series have long arcing storylines that would be impossible to convey in a 2 hour movie, or even a series of movies. I read books for an engaging story, and films to be entertained for a couple of hours.

Occasionally you come across a fantastic film that ticks both boxes ("Fight Club" and "The Usual Suspects" spring to mind) but these are few and far between.

I actually thoroughly enjoyed Avatar - I even took my Dad & Step Mum to see it when they visited one time and they both stayed awake all the way through - which is a bloody astonishing feat let me tell you!! :-)

1
0

LG cries foul over rival's rank language

DRendar
Coffee/keyboard

New keyboard please!

New keyboard please!

0
0

Dell Inspiron Zino HD 410

DRendar
Boffin

Why?

Why?

0
0
DRendar
Linux

Cannot be purchased without windows.

An HTPC PC that is only sold bundled with Windows - what a waste.

Kind of like buying a car that you can only buy with £150 worth of bricks in the boot. Bricks which are illegal to resell.

Windows has NO place in an HTPC

Also - the CPU is massively overpowered for HTPC use and the GFX card doesn't support VDPAU - FAIL

1
1

Ford CEO talks up e-car future

DRendar
WTF?

The title is required, and must contain letters and/or digits.

"Ford would only say that the Energi will travel 500 miles on a full charge and full tank but not how that splits down between EV and ICE range and that both it and the Hybrid will use Li-ion batteries and a 2.0-litre Atkinson Cycle"

A TWO LITRE engine acting as a genny for a hybrid!? What a waste!

You don't need anything like that size of engine - you only have to look at the performance of one of their newer 1.25l engines to know that Ford - despite being an American company ARE capable of making small, powerful, efficient engines.

Why, in this that should be their flagship "Green (but usable) Car" would they put in a hulking monstrosity like that? Surely it must be to just attract the slack-jawed yanks who think that unless a car has a 3.0 Litre engine then it will be slow.

1
0

Firefox 4 squeezes onto phones

DRendar
Megaphone

DOLPHIN HD

Enough said - try it and I believe you'll like it - once you get past the garish green colour scheme.

Tabs, pinch zoom, doubletap zoom, gestures, loads of plugins.

I honestly don't know why it doesn't get any notice on tech websites.

2
0

Security shocker: Android apps send private data in clear

DRendar
Badgers

Easy Tiger!

Perhaps you should switch to decaf!

If you wanted to bring this to a wider audience you should have posted it somewhere people actually go - like Slashdot for example.

I totally agree that this is a major security issue, but it's hardly ground shaking.

Until very recently GMAIL only encrypted the logon credentials, and dumped you back to http once you were logged in. There is now an option to encrypt everything in the user settings, but most people won't know about it, and therefore all their email contents are there for the sniffing

Considering that people get password resets sent to their email accounts, this is a much bigger security issue than that of the calendar.

0
0

Apple 'greed' tax spreads beyond music, movies, magazines

DRendar
Headmaster

Correction

One providing access from everywhere EXCEPT iDevices

Where's my edit button?

0
0
DRendar
Jobs Horns

An Idea

An Idea,

Couldn't subscription services offer 2 levels of subscription through their sites - One providing access from everywhere iDevices (e.g. through their website, or from Android, Blackberry, Meego etc etc.) and a second allowing access also from iDevices, which is 43% more expensive.

They also put an apology on the website stating the reason for the 2-tired pricing model, and politely (and quite rightly) blaming apple for it.

This second priced option is the only option available through the In App Subscription service

In addition they can have an 'Upgrade' option to add iDevice access to the standard subscription.

If everyone did this then everyone would see what a bunch of thieving control freak bastards Apple really are.

0
1

HP rocks Redmond with webOS PC play

DRendar
Linux

The title is required, and must contain letters and/or digits.

"And since I have experimented with F/OSS and found it to be unreliable in document translation, I am compelled to meet the standards that my clients and suppliers follow - MS Office. Get back to me when that lack of OSS reliability has been overcome."

False - it is M$ who don't even follow their OWN standards, it is this that causes the (very rare) rendering anomalies. FOSS productivity packages in my experience are actually far more reliable, and enjoyable to use than Redmond's abortions. Particularly since that fucking awful ribbon that appeared in Office 2007

Besides - you cannot even guarantee that an M$ Office doc will render the same on two WinTel machines, especially if using different versions.

This is why PDF was developed, to ensure that any document you want to send electronically gets rendered exactly as the author intended. And Open/Libre etc Office have the export to PDF function built in to the file menu, something that you either have to pay for or hack into M$Office by way of a PDF printer.

As for the adobe packages, there are alternatives, but if you're suffering from vendor Lock-in that badly, just use Wine.

0
0

Motorola confirms Xoom tablet is Blighty-bound

DRendar
Grenade

Moto = Release and abandon

They will release this, then promise Android updates, and keep you waiting for months if not years for them - all this while no-doubt requiring signed ROMs so that other can't support them themselves.

This product will be great for about 6 moths, then you'll get left behind as new version after new version of Android is released, and Moto sit with their thumbs up their arses counting their money.

Won't touch another Moto Android product ever again until they remove the signed bootloaders.

Lying lazy bastards

0
0

O2 to raise broadband prices by up to 27%

DRendar
Happy

The title is required, and must contain letters and/or digits.

> Both Be and O2 use BT for backhaul. The network was apparently set up in the early days using BT's BES/WES service. Be just rents capacity.

Erm yeah, but no, not quite - a BT BES / WES circuit, is just that - a point to point circuit. When you purchase a (for example) 1Gig Circuit, you get a Fibre connection that will run at 1Gbps - exactly the same speed as if you'd laid the fibre yourself.

You are technically correct that BT 'Owns' the fibre, but it isn't a case of buying capacity in the same sense that BT resells ADSL. The BES/WES circuits are uncontended, which is the important bit, and BT has no say whatsoever about what data can run over the fibres.

I'm quite certain you knew that, but didn't want others to shun Be on the premise that it's just another Resold BT service.

I've been with Be for several years now and am very happy - Regularly get 2MiB/s download... that's right MEBIBYTES - roughly 16.7 Mbps

I'm more than a mile from my exchange too. It isn't cheap (£17.50 pm) but worth it in my opinion for the unrestricted downloads, great speed and a /29 subnet of static IPs.

0
0

Open source to bust up Cisco Borg collective?

DRendar
Boffin

(untitled)

As someone has previously stated, Cisco are innovators in the networking arena - HSRP came about LONG before the Industry Standard VRRP (in fact VRRP is BASED on HSRP) Plus almost every Cisco L3 device supports VRRP.

GLBP doesn't have an open standard alternative - but you can be sure that if/when one does become available Cisco will support it (and will probably be one of the first to do so)

ISL came about long before 802.1q and again - dot1Q is supported on every Cisco switch in existence. Noone uses ISL anymore.

IGRP came about because RIP was complete crap.

EIGRP is about the only proprietary routing protocol still in use, but that's primarily because its bloody good! If you did want to interoperate with non-Cisco gear then you would just use OSPF instead.

I don't agree *at all* that Cisco use proprietary protocols as a vendor lock-in mechanism - if that were the case then they wouldn't be on so many of the boards and panels that come up with the Industry Standards in the first place, and they wouldn't support the opposing protocols!!

Go visit BT or C&W or any ISP on the planet and and see how many of them don't use Cisco - you will be able to list them all on the back of a postage stamp - and this isn't due to protocol lock-in as they all use BGP!!

0
0
DRendar
Badgers

Be careful with 3Com

Be careful with 3Com

We (Very Large Public Sector Body) were a 3Com house 15 Years ago, then they just up-sticks saying that they were getting out of the networking market, and fucked off leaving everyone with an installed 3Com hardware base in the total lurch. No hardware replacements - no support nothing - fucking twats.

That's when we moved to Cisco, and while expensive it is bomb proof, and when you have a problem on your network that you need to identify, all the tools are there.

I recently helped a friend to troubleshoot an issue on his HP Procurve based network (granted I'm talking Switching now, as opposed to routing) The problem ended up being a misbehaving device that was using another device's MAC address. It took FOUR HOURS to identify the problem and track the bastard down because HP don't think it's important to report MAC FLIP events - something that even the cheapest Cisco switch would do.

Cisco may well be the BORG, and for many of their products I would prefer to stay away (Cisco Works in particular - yuck) but as far as core routing, switching and firewalling goes it will take some serious arguments to tempt us away.

0
0

Google algorithm change squashes code geek 'webspam'

DRendar
Go

Nothing wrong with EE

Not sure why people dislike experts exchange, just scroll to the bottom of the page - the "You must register to access the answer" is just there to deter the luddites I think.

I find MANY of my technical answers on EE and I've never paid them a penny.

By the way, for people who dislike all those bloody horrible comparison sites:

GIVE ME BACK MY GOOGLE http://www.gmbmg.com/

1
0
DRendar

The title is required, and must contain letters and/or digits.

Personally, I've only ever come across about 2 or 3 pages like that.

The VAST majority are like this:

http://www.experts-exchange.com/Programming/Languages/Java/Q_20676650.html

0
0
DRendar
Go

*YAWN*

Just scroll to the bottom!!!

1
1

Malawi poised to outlaw farting

DRendar
Flame

LOL

Queue much Southparkish Spontaneous Human Combustion!!!

2
1

PSP 2 'as powerful as PS3'

DRendar
Joke

As Powerful as a PS3

So the Arm Cortex-9 is as powerful as a CELL now is it?

Fuck me those ARM boffins have pulled their socks up haven't they?

0
0

Fujitsu hails first bio-mouse

DRendar
Stop

Info?

Optical? Laser? DPI? Buttons?

Come on!!

1
0

Aavara PCE122 HDMI extender

DRendar
WTF?

Erm....

"Suggested Price: £487 (sender/receiver pair), £262 (single sender or receiver)"

"Many of us would probably like to, but 50 metre HDMI cables tend to go for £300 apiece – not exactly what you'd describe as a cost-effective arrangement."

So you're suggesting saving £300 by spending nearly £500?

I realise the box has other benefits, but this is a bit of a daft comment isn't it?

0
0

Razer StarCraft II peripherals set

DRendar
Alert

£120 for a Keyboard!!!

Fuck

That

Shit

8
0

Ubuntu - yes, Ubuntu - poised for mobile melee

DRendar
Linux

Nonsense

"And Linux on mobile has the same issues Windows on mobile has. Both were never designed to run on such devices."

Nonsense - Linux is a Kernel - NOT an operating system. You can still have a fully functional Linux Distro running on a 486 with 16Meg of RAM. It won't be quick or pretty, but will work.

Modern smartphones, let alone tablets and NetTops have Hardware that surpasses this by orders of magnitude. Building a Linux Distro that runs smoothly on a 1Ghz ARM with 512Memory and 32Gig of storage (which is still quite conservative in this area) would be childsplay for many linux gurus.

Linux can be as big or as small as you like, Windows however cannot.

8
1

Sky to rejig EPG to push HD

DRendar
Grenade

Nice

Now can they please move channel 4 into 104 instead of S4C?

Just because I live in Wales doesn't mean I speak Welsh - I (like 90% of people in Wales) don't speak it, so shouldn't get it rammed down our throats - we should have the option of which C4 we get, instead of having to search through pages & pages of EPG to find it.

It's got better with the new HD EPG, but still a bit of a pain - BBC 1,2, ITV1, Ch4, Ch5 should all be on the first page (and Sky1 obviously)

0
0

Volvo demos automobile auto-pilot tech

DRendar
Boffin

The title is required, and must contain letters and/or digits.

Presumably your car is also looking at the road lines, and as for brakeing - a computer can do that much more reliably that you or me anyway... probably 50% or more of the space you need to leave from the car in front is for reaction time - time that a computer doesn't need.

I still agree that it's a fail (for now) though, as even if this tech was available in this country, the handwringers would still require you to be sat up and alert watching the road - no way they'd allow for you to sit there with a newspaper and a coffee!!!

0
0

Prisoners cannibalise mice for mobile power

DRendar
WTF?

Why don't they just set up Mobile Phone Jammers?

They can't be that expensive, certainly not compared to the cost of keeping the thieving little scrotes in there in the first place.

3
1

Samsung SH-B123 internal 12x BD-Rom drive

DRendar

You shouldn't have had to pay a restocking fee.

The item was not "sold as advertised" - therefore breaking the Sale of Goods act.

0
0

Lane Fox promises sub-£100 PCs

DRendar
Linux

WHICH DISTRO!?

Oh Christ, I can see it now. It's ASUS and their God-Awful EEEPC distro all over again.

They won't bundle a decent distro and they will all be flakey with crap support, we end up with an entire generation of people who think that "Linux" and not "Cobbled-Together-Remploy-Distro" is crap.

They then go to PC world where the monkeys look at it, scratch their heads and pronounce that they need a £600 upgrade to support Windows.

Fecking Brilliant.

For God's sake PLEASE don't do what ASUS did - bundle a REAL DISTRO!!!!

Won't Someone PLEASE think of the PENGUINS!!!!

1
0
DRendar
Linux

Eh?

I have multiple systems multibooting - WinXP + Ubu on a Laptop and Win7+Ubu on my desktop (Which has 3 HDDs)

The Desktop is also an NVidia Chipset with built in RAID.

My Server also runs SME Server 7 with 4 Identical Disks, also on NVidia Chipset.

I'm not sure what you're doing wrong but I've NEVER had an issue like you describe. The only way that any installer I've used would treat individual drives as a RAID array is if they already were a RAID array. Is your SATA mode set to RAID perchance?

7
0

Sainsbury's is abandoning tape

DRendar
Go

The title is required, and must contain letters and/or digits.

Considerably more reliable disks in RAID arrays, yes.

If a Tape fails you don't usually know until you come to do a restore, whereas RAID arrays can be monitored and if a disk fails or develops a fault it can be replaced without any loss of data integrity.

0
0

Google plugins force-feed open codec to IE and Safari

DRendar
Headmaster

Grammar Nazi

No:

I am pretty sure this is the most "closed" thing Google could HAVE done.

2
1

Motorola dual-core Android phone to pull off laptop trick?

DRendar
FAIL

If it were built by anyone else...

If it were built by anyone else I'd be a little excited, but as it's by Motorola, I'm not.

They are a bunch of lying sacks of shit, and once they've sold the units they won't release updates, and will probably require digitally signed ROMs like they do with all their current Android Phones.

The refuse to provide updated ROMs, and prevent anyone from doing it for them. Nice.

Milestone user here still waiting on 2.2 and Flash :-(

2
0

Vegas vid-poker hackjackpot bonanza duo face charges

DRendar
Go

Not Illegal

Except that card counting - in your head - is NOT illegal.

Those in prison must have been using some technological means to assist in the counting.

No way the guys should be found guilty.

1
0

Feds relax export curbs on open-source crypto

DRendar
Boffin

Cisco

Cisco are the same with their Routers and Switches - they ship without K9 images (and are therefore incapable of SSH)

The first thing we do is drop a K9 on every new router / switch we procure, then disable Telnet.

These stupid US export restrictions have probably been one of the major reasons why Telnet is still in use today, and has without a shadow of a doubt caused numerous security incidents due to lazy sys/network admins.

Maybe now manufacturers can start shipping all devices with SSH only, and resign telnet to the protocol graveyard where it should have gone over 10 years ago.

0
0

Philips 46PFL9705H Ambilight 46in LED 3D TV

DRendar
Joke

Composite not an issue

OMG! I would have to go out and pay 90p for a SCART -> RCA connector.

THOSE BASTARDS!

How dare they remove an outdated connection type, even if the picture quality it produces is complete shite, and every device that uses it that was ever shipped in this country comes with a SCART adapter.

They should knock at least £500 off the cost of the unit!

1
0

Nvidia forges ARM chip for PCs and servers

DRendar
Thumb Up

Sweet

Tiny little low powered XBMC machines with VDPAU support!

Spanking.

0
0

Microsoft 'maintenance' blocks Hotmail

DRendar
Badgers

Virtually no Ads

Even without Ad blockers there are virtually no Ads on Gmail, just a teeny tiny text banner above the archive, report spam etc buttons.

And if you cared about privacy you wouldn't use email. Full Stop.

emails are sent in plain text using the SMTP protocol... anyone in the middle, (Network Admins, Proxy Admins, ISPs, Government, spooks, gremlins, the boogy man etc) can capture your email and read it without any effort whatsoever.

And if you think Microsoft don't read your email you are kidding yourself.

Google may primarily be an advertising company, but I can honestly say, hand on heart that no google ad has ever pissed me off by taking up too much screen space, flashing, spinning or causing popups/popunders etc. etc. Go onto Hotmail, and all you can see is bloody gaudy flashy adverts everywhere - yuck.

If you want your emails to be private then you'd better set up your own mail server and start encrypting and digitally signing all your emails - of course you won't be able to send them to anyone as they won't know how to decrypt them.

1
0

Amazon slips out Microsoft's Windows 7 Family Pack kill date

DRendar
Gates Horns

@Eveready

Check your definitions - that isn't piracy - Piracy would be using a keygen or other method of installation without a license. At worst my friend has misused a license - nothing has been 'stolen', no money has changed hands, infact he paid a vast sum of money to get that MSDN subscription in the first place.

If Windows were reasonably priced then I would - grudgingly - pay for it.

<£50 would be a reasonable price and would still make M$ mind boggling sums of money. I refuse to pay £150+ for something that I don't even want anyway.

And for the record - all other software/games I pay for, I just refuse to pay protection money to the OS Mafia.

0
0

Cambridge boffins rebuff banking industry take down request

DRendar
Troll

Re: Err

Really?

I have (or had) accounts with HSBC, Capital One, MBNA, Alliance & Leicester and Halifax - none of them allowed non-alphanum characters in their VbV or MSC implementations. I think that's a pretty decent spread across the UK banking spectrum.

Granted I haven't used a couple of these for a while so they may have changed recently.

However this doesn't detract from the central premise of my comment - that these are not security improvements - they're methods of shifting blame from the banks to the consumers.

I presume that the upvoters were agreeing with this fact rather than what you obviously did and just reading the first paragraph and finding something to complain about.

The poster above replied in a decent manner - HIS implementation allowed non-alphanum - that's great. Your reply was just plain wrong.

Begone troll.

0
0

Page: