Re: Yes, but...
What about if you post pictures of short cats?
286 posts • joined 3 Feb 2009
What about if you post pictures of short cats?
Present a skinned version of the new platform to a few key users as a "new interface" to their existing setup, and their complaints about which bits aren't working will help narrow down their actual requirements.
Then a few weeks later after you've migrated the settings, swap the skin to the company wide one and show everyone the new improved system that does everything they want.
You missed the point - Open Source wasn't the problem. Using a different set of software tools to the rest of the organisation was.
In that place and at that time, the company was using Office. Having one department out of many try and work against the tide was simply not a good investment for the company in time and effort.
Now say they had been looking at shifting the company from Office 2003 to 2007, where there was an expectation of a substantial amount of retraining involved. Then it might have been worth spinning up a small test project team to trial the equivalent Open Source product available at that time to see if the logistic and training burden was higher or lower under Open Source. You may also have a one off conversion investment in altering historical documents to work properly under the new system.
That's the time that money gets discussed, not in an ad-hoc way. The extra cost of licencing a single department is insignificant compared with the collected burden of administering a diverse ecosystem and the inefficient use of employee resources. It's the same reason executives have secretaries.
Jesus christ. From that article
The Duqu 2.0 malware platform was designed in a way that survives almost exclusively in memory of the infected systems, without need for persistence. To achieve this, the attackers infect servers with high uptime and then re-infect any machines in the domain that get disinfected by reboots. Surviving exclusively in memory while running kernel level code through exploits is a testimony to the technical prowess of the group. In essence, the attackers were confident enough they can survive within an entire network of compromised computers without relying on any persistence mechanism at all.
The reason why there is no persistence with Duqu 2.0 is probably because the attackers wanted to stay under the radar as much as possible. Most modern anti-APT technologies can pinpoint anomalies on the disk, such as rare drivers, unsigned programs or maliciously-acting programs. Additionally, a system where the malware survives reboot can be imaged and then analyzed thoroughly at a later time. With Duqu 2.0, forensic analysis of infected systems is extremely difficult – one needs to grab memory snapshots of infected machines and then identify the infection in memory
Yep, it pretty much can do anything to anything. I expect there are plugins for non-windows systems which can back infect everything - I can imagine infecting a switch and it will reinfect anything that connects. You literally need to shut down *everything* to get rid of it, and they know your credentials so can get back in and reinfect as soon as one of your machines touches the internet.
That is one scary piece of malware - the difference between angry script kiddies and State Espionage is profound.
Presumably they tried bringing up a clean segment of the network in isolation, and upon migrating the necessary data across the segment got reinfected. It sounds like they might be unable to locate the vector that the infection is spreading from.
Which must be a complete bastard of a thing to deal with, especially since a government lives and breathes on paperwork.
Flattening and rebuilding the network and applications is straightforward. Doing that while retaining the data is trickier, particularly if you don't know when the infection first arrived, so historical backups are likely to be contaminated.
I'm seeing a lot of adoption of iMacs in the reception space because they are pretty and don't need cables. Architects and Interior Designers LOVE them. And then they get Bootcamped to run Windows so the access control software can run.
They're pretty easy to support, you can basically treat them as windows clients, the only tricky bit is either networking or when you have to swap out a keyboard, in which case you need to boot back into OSX temporarily.
The book reminded me a heck of a lot of Douglas Mawson's Home of the Blizzard, which features his survival in Antarctica after a disaster some 500km from their base,
He has a similar improvisational style, manufacturing what is needed to survive, and simply perservering through force of will, despite numerous setbacks.
Many reviews like this one complain that the subject never falls into despair, yet when you read a lot of first hand accounts of survival, very few actually do experience much despair. When they do, they certainly don't write about it - it just isn't something they waste energy on. Mawson has a quote I've never forgotten - upon pausing for a break in the sun one day because his feet hurt, he peels off his boots and socks and the soles of his feet come away with them. He writes Was there ever to be a day without some special disappointment? . He then dried them, bandaged them up, put his socks and boots back on and kept on walking - because there was no other option.
Weir's book is well researched and compelling entertainment. I'm very much looking forward to the movie.
My central point is that ID cards commonly issued on the continent of Europe, don't show residential address and as such are not the all in one master identity document they are frequently trumped up to be. As far as I can see, an ID card does nothing that an ordinary Passport cannot do
So you seem to be conflating Proof of Identity with Proof of Residence. Which are two different requirements. Recall the original Estonian system provides proof of identity for access to government services. Holding the card does “not entail full legal residency or citizenship or right of entry to Estonia.
Which means it isn't a Passport, which is a globally recognised legal travel document and proof of citizenship. It may be accepted as such within the EU, but legally it isn't.
What it does appear to do is allow an Estonian to avoid having to carry multiple valid legal documents for every service they use - in the UK that would be the equivalent of a drivers licence, student id, NHS number, NI number, banking two factor device, et cetera and only have to carry a single ID card.
Each department that interacts with the cardholder has a device that can talk to the card system, and the middleware on the card system can then talk to their own systems.
Since the banks and utilities also have access to the system, they don't need external proof of residence - the system itself knows where you live and work and the cardholder can approve that information being made available to the company asking.
The UK has the same idea, but every service relies on composite keys manufactured out of disparate information that the user has to pull together every time they need to establish something new. The Estonian ID system lets you do that once and never need to do it again.
The key difference is where the balance of power lies. In the current UK system, the individual continually has to prove themselves to the arms of the state, though combined the state has access to most information about the individual. In the Estonian system, the state formally knows everything about the individual, but the individual has control over who sees the information and under what conditions.
Most National ID cards that I have personally seen and I have seen most of them from the EU, don't even have the bearer's home address on it.
I would never want my proof of identity device to have my address on it. Otherwise every time you change address you need a new device. As someone who rents a flat, I've changed address four times in seven years. I replaced my drivers licence once, when I moved most recently, and then only because I lost the paper part of my licence.
A better question would be why opening a bank account requires proof of residence at all. Proof of identity, sure. But an address is a pointless exercise now that you are no longer associated with a specific branch for your services. Not to mention the trap it puts on poor people, who often have no fixed abode, but can't get one because they can't get bank accounts, et cetera.
Replacing disparate numbering systems, NHS, Driving licence, National Insurance, to name but a few, would be a large and costly undertaking at a time when most government departments are having their budgets slashed.
I think you missed the part about all government services being required to work together. Each can retain their own systems, identifiers and databases, they don't even need to alter anything internally. Each would simply need to provide an open EDI interface that the secured middleware layer can communicate with. The middleware layer handles the translation between departments. So you start with something straightforward, like the driving licence system. The middleware layer associates the pre-existing drivers licence number with the ID number you have created for the relevant individual and boom, they know they are talking about the same person. You can then add other government departments one at a time and confirm the interoperability. So your principle expense initially is in the middleware layer. Each additional service added is cheaper and cheaper, as the underlying platform is already there.
A National Insurance number is an identifier for an individual, but you can't actually prove that it is you - it doesn't have a photograph or name associated with it at a level that most departments can access.
A Passport or driving licence will prove your identity, but the document ID generally isn't linked to any other system so doesn't link you with your various government records outside of their specific responsibilities.
The reason for an ID card is to effectively supplement all the disparate other IDs you may possess and permit you to reference any service you are associated with without having to carry all your cards/documents. It should not supplant them - at least initially - you should be able to present any or all of them.
For example, European ID cards are accepted travel documents in the wider European area, but are not valid for global destinations like Africa or Asia where they need a passport.
The key point about the Estonian system is it enables universal proof of identity and storage of records while providing transparent proof of access and lack of tampering. THAT is unique in the European sphere today.
The other key requirement for this process is a unique ID for every person, here in the form of a card and a USB stick.
Europeans are generally quite happy with carrying an ID. English people are pathologically opposed to the idea. The convenience and advantages are obvious, but it would still be a VERY hard sell in this country, even without the past history of Gordon Brown's little toy.
Not forgetting Celine Dion.
Yes, but she famously won Eurovision as a representative of Switzerland.
And what every loon that wants to cry Ecodammerung upon our heads does is take the reserves numbers
Took me a minute too.
Much as I hate to put down the popcorn temporarily, there are a few points I want to comment on.
First is this wonderful comment from mr Anonymous Coward, who somehow misses the irony in tracking down someone's registration details because they take offense to what was said.
"You'll want to watch your baseless assertions regarding my fitness as a parent. Consider this your only warning. And no, it isn't a threat, it's a precursor to obtaining your registration details pending further action."
Second is the underlying idea A/C has that 6 year olds are not taught sex education because they are too young to understand it.
Of course 6 year olds are taught sex education. Education is a line, not a discrete lump. 6 year olds should be taught that running around in public with no trousers on or waving your willy at the rest of the class is bad. And that mummies have babies. They don't need to know details of specifics, but they do need a nice Lie to Children to answer the inevitable questions they ask. 8 year olds get more, and teens get the full boredom. I reckon they should get a proper instructional class by some jaded porn stars around the age of 15-16 - it would heavily cut the rates of teenage pregnancy and STDs, but apparently that is frowned upon.
At the end of the day, A/C is getting heavily worked up about a hearsay statistic that PeterGriffin has no citations for - the closest I've seen is an Alexa rating that puts Pornhub at #62 for all traffic - and then claiming that a Daily Mail style Think Of The Children means we should allow our government to compile a list of people who don't believe in protecting kids and/or have deviant tastes?
What, you think a Great Firewall will limit its scope? Governments always believe that people should be protected from themselves, the only difference between blue and red is the extent. And it's one heck of a slippery slope to start down, especially when Opt-In to filtering is the accepted norm in the west.
Opt-Out of default censorship reeks a little too strongly of China/North Korea to me, and I don't trust the government not to try and monetise it at some stage...
We had an ex-NZFS Series 2a for most of the 80s, still had all the speed limits for Kaingaroa, Kinleith etc printed on the firewall. Was still going well but struggled to pull our new trailer yacht so we got a SWB Series 3 instead with the bigger petrol engine and an LPG mod for cheaper running.
The Series 3 would never win any speed records thanks to the gearbox - it topped out somewhere around 110 but the needle would swing from 100-120 so you kinda had to guess. Sounded like a banshee on heat and was about as economical as a brick. But as a work vehicle for a marine environment it was brilliant - you could leave it parked for a week or three and not worry about rust. It pulled a 2.5 ton load without complaint and had the low range to get it in and out of the drink. The narrow wheels also sliced nicely through the slime on the boat ramps, so we pulled our share of weekend warriors out as well.
Aye, the electrics were notoriously bad, but trivial to rewire, and I never forgot someone slamming into the back at some traffic lights and all he did was clean the surface rust off my towball with his radiator. You also never had to worry about cold feet, that was what the firewall was for.
I do remember there being some kind of black market trade in halfshafts - we had both sides pinched out of the wheels at different times, and I always had a couple of spares rolled up under a seat along with a crown or two. Very odd, they weren't terribly expensive parts as they were basically a mechanical fuse.
Along with the existing one of moderating or preventing High Altitude Pulmonary Oedema, where you get fluid buildup in the lungs when mountaineering over 2500m.
A friend of mine was attempting a first ascent on a peak in the Himalaya a decade or so ago, and shocked hell out of the local pharmacist when he presented a prescription for six hundred tablets - it was the supply for his whole party for two months.
I'm not sure what her first thought was, but Sex Fiend had to be pretty high up there.
Not to mention that it is still a car - so long as it doesn't actually get stuck on a building, it can be towed or driven away quickly.
Err... You want to tax _outgoings_ rather than profits?
What I'm saying is that for almost all countries, the current tax system for businesses was designed in a time when all businesses were local, and some exported or imported overseas.
Today most countries are being exploited by multinationals, that take advantage of legal fictions and loopholes to avoid paying what they should in the countries that they operate in. Starbucks. Google. Amazon. Apple. it really doesn't matter who, BigCorp is a good enough name.
The key is that they and their subsidiaries really are the same company, in spite of the legal fiction that they aren't. In that there is one overall management team that controls pricing and what is happening at every subsidiary, and has shareholders that it reports to. The subsidiaries usually only have one shareholder - the parent company.
And as someone else pointed out, if you or I tried this, we'd be held liable for every scrap of tax owed, but BigCorp gets away with it, because they have the money to buy the right politicians. Financial transfers to related entities attract tax. So do royalty payments. But the "Licence Fees" are allocated as expenses, so can be used to offset profits.
So what I say is the "licencing fees" that BigCorp(AU) pays to BigCorp should be taxed at the same rate that profits or royalty payments should have been - because they really are.
Take the rate Starbucks pays for beans, or Amazon pays Luxembourg for the use of the name in the UK. They are fake costs done for accountancy purposes and everyone knows it.
Being able to make an iThing for x and sell it for 500x is fine. Its when the company "sells" it internally to a subsidiary for 500x-1 that things go wrong. If BigCorp really is two separate companies, then the supplier should be able to sell your iThing at 200x wholesale to a competitor. If they aren't willing to compete, then the two entities are related, and should be taxed accordingly.
The problem is that the "market rate" is a polite fiction - BigCorp is a monopoly supplier of their products, so the "market rate" is set to whatever it needs to be to cost more than the profits generated. After all, every country is a different market right?
BigCorp Australia is a separate legal entity, which pays fees for the use of the name and rights to sell BigCorp products. So tax the fees when the money is remitted out of the country.
Say you then declare that the amount of tax owed is (wholesale price *15%) or whatever the tax rate is. This then instantly makes the BigCorp product 15% more expensive in your territory, as it is the customers who will pay. So some will parallel import BigCorp products if they are physical, paying import duties. Others will switch to MidCorp's almost as good but cheaper product. And BigCorp will either have less sales, or will reduce their charges to match MidCorp.
And your internal markets become properly competitive as all players are on the same base.
You don't have to ban international trade, you just have to change the laws to apply matching taxes on the flow of money as it leaves the country. And remove any taxes on the flows of money *entering* the country - you don't tax it twice.
It isn't like you're hurting the little guy here - anyone big enough to have legally independent subsidiaries in different tax territories is big enough to pay their fair dues, the trick is collecting it.
Despite what they say, they will not stop doing business in your country because of it - unless you happen to be tiny - because the money generated will outweigh the tax costs and the market *wants* them there.
In Germany today there is a 25c deposit on all plastic drink bottles, which means a bunch of extremely efficient scavengers are permanently installed just outside Security in all the airports, gratefully taking your bottle off you before you go through. With an average of 150ppl per Easyjet flight, that's a lot of bottles coming through.
We don't have low wage poverty in the UK, not judging by the Living Wage we don't, we have tax poverty. And the answer to that is simple, stop bloody taxing poor people. And by doing so we instantly convert the minimum wage into the Living Wage.
Yep, that's one of the simplest and easiest changes for a government to do to raise the quality of life for everyone.
The basic personal allowance is £10600, the minimum wage is approx £11800.
That £1200 is a heck of a lot of cash at that level of income, which will be directly funnelled straight back into the economy via the Vimes boot theory of economics.
Make it a universal change, and every taxpayer benefits, as they have more disposable income, and the money is just as fake as the QE.
How did they attach the servers to the wooden racks?
Are we talking wooden frames with metal inserts for traditional cage nuts, or pure timber?
I would have thought that the weight of a piece of equipment or laden shelf which only attaches at the front would cause undue stress on the frame.
The other trick if you are in the market for a gaming laptop - do it yourself.
Clevo is a Taiwanese company that specialises in designer laptops, that are rebadged and sold through OEM partners like Sager, Schenker or Eurocomm.
You can literally specify what hardware you want in the chassis size you like, and prices are surprisingly reasonable, probably due to the order and then they build it philosophy.
It is also a good source if you are looking for a high res matte screen on a business laptop, instead of the lousy glossy 1440x900 rubbish we tend to see today.
The key is offline backups - ransomware can spread and corrupt your online ones, at which point you turn and go "why did we stop using tape again".
Fire, flood, theft - these all affect one site only, and a mirror set, hot site or live backup will quickly restore data.
Accidental deletion is usually reported relatively rapidly.
What this style of malware does is deliberate corruption of all your data, and if it happens at the end of the day just before your file sync kicks off ... you're screwed.
While IBM *as a vendor* is out of the running, IBM *as a hardware platform* is a pretty strong contender because there will be a logical and reasonably well established migration path from the current hardware and database to wherever they want to go. The key part will be migrating all the customisations that have been put in place over decades, and *noone* will want to be writing them again from scratch.
I expect that one of the major domestic IBM shops will take on the work with their own experienced engineers, along with various warm bodies contracted in from around the world for specific expertise.
Upgrading a core system like this should be relatively straightforward, although I doubt that the people in charge have really thought out what they want done.
As Bloakey mentions above, Cryptolocker and its ransomware ilk are getting increasingly common, bringing us full circle back to the destructive child viruses of the 90s, which would corrupt everything.
We recently redid our whole company backup solution, because while it provided wonderful protection against hardware failure, physical disaster, and accidental deletion, it noticeably wasn't good enough to 100% protect us against deliberate sabotage. And our daily/weekly/monthly backup times were set to be minimally disruptive to staff, which meant a problem that hit us on the last Thursday of a month if not spotted on Friday could be too late to recover from by Monday.
You need to make sure you have air gaps in your backup scheme, whether that be physical gaps of backing up to tape, or virtual gaps like changing the underlying platform to limit the spread.
Version control means you can effectively ignore the impact to roll back to before it hit.
Cryptowall spreads across any mapped network drive or attached USB drive, so if your servers are set with permanently mapped connections, it *will* use them. I know other variants will use commercial exploit kits to search for open shares and spread there. And while AV may run on servers, it probably isn't running on your NAS.
One of our clients got hit pretty badly a couple of weeks back, so it's something I'm very aware of at the moment.
Puerto Rico also has no voting rights, being full of alien races according to the law.
I'd expect the initial ransom was $500 in bitcoin - that is the standard message displayed by Cryptowall 3.0 which is a right bastard of a product.
Our antivirus caught it on the PC, so it only screwed the initial user's profile, but it does a basic network traversal using mapped drives, so completely bollixed the NAS shares which the user had full access to.Since it took them a couple of days to alert us that the infection had taken place, the weekly syncs had taken place and overwritten their secondary NAS as well.
(Edit: They only pay for ad hoc assistance, not for realtime monitoring. We set up protection against hardware failure, not across-the-board data corruption. Suprisingly the XP machines running NAV were left alone, only the w7 machines were targeted across the network)
Our customer only had a backup on USB from December, but were happy to work from that as most of their work is online.
However be aware - it will traverse mapped network drives, and that includes synced cloud folders like dropbox. Not every cloud provider supports versioning, especially for SMB users.
The ONLY safe mechanism against this attack is an offline copy of the data, which for small shops I would suggest at least every 3 months. And since they use commercial exploit kits to deliver the payload, it is very hard to completely defend against, even with IT knowledge.
It's a real change in risk profile, from accidental damage or hardware failure to deliberate trashing of the data. It's almost like the early DOS viruses again, which were designed to paralyse what was infected instead of spreading.
To be fair to NZ, all of their internet traffic is monitored at the far end by either the US via Hawaii or Australia - they only have two significant undersea cables out of the country, and one primary terrestrial ring domestically.
It's really in their best interest to join the 5 eyes club as at least that way they can share in the monitoring.
Of course, this kind of underhanded trick is completely typical of how governments today act - and of course it is totally different to the governments in the past that all wanted to but didn't have the capability.
That makes more sense. I didn't realise it was that easy to replicate the ISP service - most DNS server howtos only relates to lookups on internal servers, not internet ones. I might look into spinning up a DNS server over the weekend then - up until the last round of poor performance I hadn't really thought about it - DNS is one of those fundamental things you only consider when it breaks.
As a better writeup on the situation than I can do from work, which put me on the path of figuring out why my youtube performance had gone down the toilet (again), have a read of
As best as can be determined, Virgin (and several other ISPs) are effectively proxying all Google services in the UK - most likely to reduce bandwidth costs for all parties concerned. Which is what I meant by ISPs diverting my traffic, and that I can understand - I'm technical enough to work around it, but the masses won't be. The problem is the CDNs are heavily congested, so the cure is worse than the disease for users.
The big issue I have is that there appears to be some form of agreement between GoogleDNS, OpenDNS and the ISPs to subvert what is marketed as open and reliable information into the same CDN networks that I'm using them to avoid.
I am not an expert in networking, however as I understand it, unless I set my recursive DNS server to generate my own cache of queries by using the primary authoritative sources for every request, then at some point I have to trust the information coming to me via intermediaries is legitimate.
And if I have to do that, then why bother replicating someone else's work unless I have to?
After all, the major peering networks need to have this information, and they have lots of people employed to ensure that it is correct. At the end of the day the situation always comes down to the cost/benefits of who should you trust.
What I object to in my example above is the unadvertised corruption of the DNS information being passed on to me by sources that are marketed as "trustworthy". My ISP diverting traffic to its own services is one thing - that is expected, and I can bypass it by specifying an external DNS source. Google DNS or OpenDNS diverting my traffic back to my ISP instead of to the public internet or to their own services is quite another. Especially since OpenDNS markets itself as a trusted independent supplier of DNS information, yet has clearly entered into commercial agreements with ISPs to support their traffic management.
Legitimate tieups between ISPs, commercial suppliers and the DNS providers is.
For example, Virgin Media now masquerades as all Google services via their caching network, and both GoogleDNS and OpenDNS will point you at the cache servers instead of the real overseas addresses.
Which is fine, until Virgin cocks up their caching (again) and you can't watch a simple youtube video because it stutters constantly.
After chatting with one of their engineers, I now use Level3 as DNS provider, because at least they seem to be neutral and resolves addresses to their public IPs..They are also slightly more trustworthy than most other public free DNS providers.
I seem to recall Peter F Hamilton having floating runways anchored offshore in the Atlantic which had spaceflight capability. That would seem logical enough - and it means you can launch in any direction by just turning the ship around or sailing it south for equatorial launches.
Pykrete might be a plausible base, or just build it like a scaled up oil platform out of a number of segments.
Heh, the big one for me was learning the difference between now, just now and now now.
Now now means as soon as I can, definitely today at least.
Just now means in the next day or so.
Now means eventually. Maybe. Possibly never.
"Sure, I'll do that now" literally meant it wasn't going to happen.
They can do as much research as they like - unless someone manages to force a change through OFCOM, mobile repeaters are illegal in the UK except when provided by the mobile operators. Broad spectrum repeaters are completely banned.
Unless one happens to be the Olympics, which is the only instance of mast and network sharing between operators I can think of in recent history.
The Vodafone Suresignals are crap, as are most of the other equivalents unless one only needs to cover a small office of half a dozen employees. You can't easily use more than one nearby, because they don't hand calls between each other, so if you walk into stronger signal range of the next unit, your active call will drop.
We also looked into the serious commercial offerings from the operators - at an average of £5000 per year per access point, and the average building floor needing 6, it gets real expensive real fast. Fine if you happen to be backed by Arab oil wealth, for the rest of us though, not so much.
It's pretty obvious they've had to do this because more and more developed countries are cracking down on the sale of Class II and above lasers, so they simply can't sell them any more.
This way they can attempt to remove the automatic sales stigma of Wicked Lasers = Dangerous, which might have been useful in building the brand, but is now a hindrance internationally.
After all, few enough customers have the spare cash to splash on a fancy light with not many real practical uses.
Exactly what I thought.
£5 says that a close inspection of the tax records revealed an unusually large entry from government accounts, which was buried asap.
We had a weird issue last night - we completely lost access to anything Google related - bing worked fine, yahoo worked fine, but google.co.uk and google dns dropped off the net and we lost all packets routed via their networks.
Redirecting our router DNS to the automatic Virgin provided ones brought everything back up.
I plan to revert the change when I get in tonight, but it was probably related to this.
Ahh, you see, half the delight of the box was being able to source genuine parts, so an original 486, SB16, intel nic etc, which meant that almost every app has the correct drivers.
I did a dualboot with 3.11 to simplify copying files onto the drive, and then dos for the games.
The biggest headache, as anyone could have predicted, was memory management.
God it has been a LONG time since I had to remember half of that, and playing with EMM386 and QEMM reminded me why we were so glad to get rid of it.
Still, worth hanging onto for nostalgias sake.
I just recently reinstalled 3.11 to simplify getting networking up and running on an old dos box to fire up a few old games again.
Jeez, that was substantially harder than I expected - it is surprisingly difficult to create a DOS boot disk that is an older version than the one present on your system.
Well I have a range of 100mb circuits from Colt, Level3, TDK and Orange scattered around Europe, and all of them at some stage have passed on polite little notes from the relevant local RIAA affiliate to complain about guests downloading movies*. So it really doesn't matter what tier your ISP is, the Powers That Be will get to them in time.
*To be fair, they don't do anything else, just pass them on. We have a quiet chuckle, and pass them on in turn to the short term storage device aka Recycle Bin.
Don't be silly - they'll use power line networking. After all, noone complains about that sort of transmission.
Now, consider Psy. A classic one hit wonder. A bit like Chesney Hawkes. They delivered the goods briefly, without really having showing any previous form.
To be fair, Gangnam Style came off his sixth album, and he was regularly topping the charts domestically in South Korea. So while he is a one hit wonder internationally, I think the no previous form is a little harsh.
Kind of like a solid domestic league footballer having a stunner of a game in the champions league before breaking himself and being relegated.
Turns a very pretty shade of pink in fact
Typical english - gets sunburn the moment you put it outside!
Of course they get smaller when it is warm - they dry out and shrink!
A company that will go to the ends of the Earth for its people will find it can hire them for about 10% of the cost of Americans.
You must have been looking at a different brand of ATM to mine.
Mine definitely had no A/V - they basically booted a very stripped down Windows then went straight to the app. From memory it was all about the old tech - they didn't even support usb mice & keyboards, only PS2.
IIRC they only had 512Mb -1GB of ram - there wouldn't have been enough memory to run much else - every so often they'd lock up with a memory leak and the bank would need to flip the power switch for the whole unit. Thinking back, half of them were still Windows 95 too.
We would run occasionally run A/V on the unit, but only back at home base where we would be running diagnostics for the controller PC or replacing faulty components. Usually we would just yank and reimage the drive from master, guaranteed it would be clean.
I only dealt with the larger hole in the wall style or the big 1m2 4bin free standing ones though, not the little 2bin pocket atms you see today wedged in everywhere in the UK.
Bod is right - AV software is not installed as the machines aren't internet accessible, it is a private network between bank and terminals, and half the time it is via a dial up modem. Like any bank would trust a third party product *monitoring their system* without signoffs up the wazoo.
A standard ATM controlling PC is literally a swap out and replace component, any repair tech will have 2-3 in the boot of the car. The security guard standing next to you while you do it is expensive, so the faster you do the job the happier the bank is. You spend around 5 min running through the basic config and you're out of there. Often the cash bins are refilled at the same time since it saves paying for the security guy to come out twice, plus you probably spent 10min cleaning torn fragments of notes out of the distribution mechanisms as part of the spot check.
So I don't know about NCR machines like in the screenshot, but I do know that last time I was in one, the Wincor Nixdorf ran a version of XP embedded on their beetles - the ATMs used extremely primitive interfaces, so you needed ISA slots.
That being said - the upper part of the machine has a separate key to the lower cash bins, and access to it in the countries I was in required the tech to be met by a security guard from the cash company, who had access to the bins. Generally local bank staff didn't have access to either section, unless they were a particularly large branch who refilled their own bins.
The physical access is the key point - the malware users are most likely to have to have compromised a staff member somewhere along the line - we had a large keyring as the ATMs didn't have that many common keys. I don't remember if it was different per branch or machine, only that it was bloody heavy!
But once you have physical access to the inside, you don't even need malware to dispense from the bins. The internal software will let you do it. What they've done is managed to avoid the logging aspect of the system so that they can hit the same machines over again, and more importantly using a cheap mule from the front panel, which is usually locked down to a very small subset of functionality.
I'm pretty sure it will turn out to be a class of machines affected, and all they needed to do was suitable bribe or extort one of the support techs to install the malware as part of a regular checkup. It is almost always the human element that is the weak link, especially in countries like Mexico.
Please choose from the following list of reasons why you wish to be anonymous?
* abusive spouse
* illegal activity
* don't trust the man
* actually care about privacy
You have chosen Illegal Activity.
Please specify the type of illegal activity you are involved with
* immoral behaviour
You are now Anonymous. We will not provide any information to third parties about your activity.*
*except for governments and registered multinationals who might wish to do business with you.