* Posts by Mayhem

295 posts • joined 3 Feb 2009

Page:

Feeling a physical present: Ten summer games and gadgets

Mayhem

Re: How much?

So are you suggesting Lucy should be El Reg's official Page 3 girl now?

4
1

BOFH: Knitting bobble hats on the steps of the guillotine

Mayhem

Ayah

“No, because 'technology's changed so much in the time you’ve been away' – regardless of how short a time it was. Your role's disestablished and there's a new role, like ‘Technical Functional Support Co-ordinator’ or some crap like that, which they've shoehorned your replacement into, avoiding any legal entanglements.”

Well now, that brought back a few bad memories from the millennium, when a six week secondment turned into "you aren't suitable for the role any more".

Creative Dismissal is far too easy to get around these days.

14
0

New study into lack of women in Tech: It's NOT the men's fault

Mayhem

Re: How about construction then?

The mining companies did a *lot* of trials and analysis, and found that men in general are heavier on the throttle, which puts more wear on the tyres. Since the main cost associated with the big mining trucks is tyre wear, the hiring companies were instructed to pick the candidates with the lighter touch, which was predominantly the females in each intake. If you're only picking 3-5 candidates, and there are 60 applicants, even if only 10% are female, you'll get a lot more coming through the system.

Yes, a driver might earn $100,000/yr, but each tyre on a big caterpillar is currently costing between $90-150,000 and you need 6 on a truck.

Apparently underinflation also burns up to 15% of tyre life - it's something they *really* pay close attention to.

1
0

Microsoft's Windows 10 Torrent-U-Like updates GULP DOWN your precious bandwidth

Mayhem

Re: Torrent is as Torrent Does...

Yep, it'll certainly be interesting in Australasia, where the vast majority of connections are still data capped. Usually with $2/GB for bandwidth beyond that.

Microsoft really doesn't understand that not everywhere is permanently online yet.

Still, the p2p distribution could be good for small businesses, that tend to have half a dozen machines in a workgroup. Only one would need to physically download each update.

2
0

The Breakfast (Table) of Champions: Micro Machines

Mayhem

Turbo Tournament

Turbo Tournament was my go to drug, with the extra two ports built into the cart in case you didn't have a 4 way play adapter. Utter carnage in front of the TV.

My favourite tracks were the initial desk with the power drills blocking the track occasionally, and the awesome dragsters three laps around a toilet seat.

Plus you forgot to mention the best part of Head to Head racing ... the carefully timed nudge of the opposition to send them flying into a wall and rebounding backwards off the screen!

1
0

Bitcoin fixes a Greek problem – but not the Greek debt problem

Mayhem

Re: But will it work in real life?

Of course it will work - because there is no physical difference between a Greek Euro and a German Euro. There are problems with the exchange actually getting the Greek funds - with the limits to bank withdrawals the traditional suitcase full of cash has fallen out of favour - but the benefit of Bitcoin is that the Greek government isn't blocking trade in it yet, though it has implemented controls on exchange between Euro and foreign currencies within Greece.

As another commentator mentioned, the larger problem is having a foreign account to deposit the funds into, but that's what the Greek Diaspora is for.

There is probably a good income to be made in the short term by acting as a bitcoin broker for all those independently wealthy contractors that want to move their funds out of Greece - especially since you could turn it from a Greek Euro to a bitcoin and back into a German Euro via a cousin living in Bonn and it will only cost you commission...

0
0

Natural geothermal heat under Antarctic ice: 'Surprisingly HIGH'

Mayhem

Rockets for the win!

Yep, they're the ski equipped LC130s, usually operating out of McMurdo to the outlying stations.

They use the rocket packs when taking off from unprepared runways - usually icefields in the middle of nowhere to minimise crevasse risk.

If you're lucky when you fly south and the McMurdo ice runway is solid, it's a 5hr flight on a C17. If you're unlucky, its an 8hr flight on a C130, If you're really unlucky and the runway has softened, its a 10hr flight on the ski equipped ones to Williams Field.

All three flight options have a roughly 40% chance of having to abort and turn around if the weather is too bad to land by the time you get there. A friend did two 20hr loops in a row before finally landing back in 2005. He was utterly wrecked for two days after.

1
0

Hacked Hacking Team team – like everyone in security – read The Register

Mayhem

Re: Hubris.

I'm not sure whether to be impressed or depressed that Amanfrommars has a blog.

Mind you, it probably drags the average clarity and comprehensibility of the blogosphere up by a fractional percentage.

6
0

Wanna go all Gandalf – YOU SHALL NOT PASS – on Windows 10?

Mayhem

Re: Removing the KB is not the enough?

Don't need to remove the KB - just kill the GWX process, then rename the GWX folder in C:\Windows\system32 out of the way, which stops it running again.

We have a lot of small businesses that we support that have a handful of pcs in a workgroup and this nicely gets rid of the icon and halts the process.

0
0

Hey, Sand Hill Exchange. Shouting 'blockchain!' won't stop the Feds

Mayhem

Re: Yes, but...

What about if you post pictures of short cats?

6
0

Three things you need to break down those company silos

Mayhem

Re: Timely

Present a skinned version of the new platform to a few key users as a "new interface" to their existing setup, and their complaints about which bits aren't working will help narrow down their actual requirements.

Then a few weeks later after you've migrated the settings, swap the skin to the company wide one and show everyone the new improved system that does everything they want.

0
0
Mayhem

Re: Interesting logic about Open Source

You missed the point - Open Source wasn't the problem. Using a different set of software tools to the rest of the organisation was.

In that place and at that time, the company was using Office. Having one department out of many try and work against the tide was simply not a good investment for the company in time and effort.

Now say they had been looking at shifting the company from Office 2003 to 2007, where there was an expectation of a substantial amount of retraining involved. Then it might have been worth spinning up a small test project team to trial the equivalent Open Source product available at that time to see if the logistic and training burden was higher or lower under Open Source. You may also have a one off conversion investment in altering historical documents to work properly under the new system.

That's the time that money gets discussed, not in an ad-hoc way. The extra cost of licencing a single department is insignificant compared with the collected burden of administering a diverse ecosystem and the inefficient use of employee resources. It's the same reason executives have secretaries.

2
0

Confusion reigns as Bundestag malware clean-up staggers on

Mayhem

Re: Not my idea of fun

Jesus christ. From that article

The Duqu 2.0 malware platform was designed in a way that survives almost exclusively in memory of the infected systems, without need for persistence. To achieve this, the attackers infect servers with high uptime and then re-infect any machines in the domain that get disinfected by reboots. Surviving exclusively in memory while running kernel level code through exploits is a testimony to the technical prowess of the group. In essence, the attackers were confident enough they can survive within an entire network of compromised computers without relying on any persistence mechanism at all.

The reason why there is no persistence with Duqu 2.0 is probably because the attackers wanted to stay under the radar as much as possible. Most modern anti-APT technologies can pinpoint anomalies on the disk, such as rare drivers, unsigned programs or maliciously-acting programs. Additionally, a system where the malware survives reboot can be imaged and then analyzed thoroughly at a later time. With Duqu 2.0, forensic analysis of infected systems is extremely difficult – one needs to grab memory snapshots of infected machines and then identify the infection in memory

Yep, it pretty much can do anything to anything. I expect there are plugins for non-windows systems which can back infect everything - I can imagine infecting a switch and it will reinfect anything that connects. You literally need to shut down *everything* to get rid of it, and they know your credentials so can get back in and reinfect as soon as one of your machines touches the internet.

That is one scary piece of malware - the difference between angry script kiddies and State Espionage is profound.

3
0
Mayhem

Presumably they tried bringing up a clean segment of the network in isolation, and upon migrating the necessary data across the segment got reinfected. It sounds like they might be unable to locate the vector that the infection is spreading from.

Which must be a complete bastard of a thing to deal with, especially since a government lives and breathes on paperwork.

Flattening and rebuilding the network and applications is straightforward. Doing that while retaining the data is trickier, particularly if you don't know when the infection first arrived, so historical backups are likely to be contaminated.

19
0

Scientists love MacBooks (true) – but what about you?

Mayhem

Because they are pretty

I'm seeing a lot of adoption of iMacs in the reception space because they are pretty and don't need cables. Architects and Interior Designers LOVE them. And then they get Bootcamped to run Windows so the access control software can run.

They're pretty easy to support, you can basically treat them as windows clients, the only tricky bit is either networking or when you have to swap out a keyboard, in which case you need to boot back into OSX temporarily.

0
0

The Martian: Matt Damon sciences the sh*t out of the red planet

Mayhem

Re: Optimism?

The book reminded me a heck of a lot of Douglas Mawson's Home of the Blizzard, which features his survival in Antarctica after a disaster some 500km from their base,

He has a similar improvisational style, manufacturing what is needed to survive, and simply perservering through force of will, despite numerous setbacks.

Many reviews like this one complain that the subject never falls into despair, yet when you read a lot of first hand accounts of survival, very few actually do experience much despair. When they do, they certainly don't write about it - it just isn't something they waste energy on. Mawson has a quote I've never forgotten - upon pausing for a break in the sun one day because his feet hurt, he peels off his boots and socks and the soles of his feet come away with them. He writes Was there ever to be a day without some special disappointment? . He then dried them, bandaged them up, put his socks and boots back on and kept on walking - because there was no other option.

Weir's book is well researched and compelling entertainment. I'm very much looking forward to the movie.

3
0

My life under Estonia's digital government

Mayhem

Re: ID Card

My central point is that ID cards commonly issued on the continent of Europe, don't show residential address and as such are not the all in one master identity document they are frequently trumped up to be. As far as I can see, an ID card does nothing that an ordinary Passport cannot do

So you seem to be conflating Proof of Identity with Proof of Residence. Which are two different requirements. Recall the original Estonian system provides proof of identity for access to government services. Holding the card does “not entail full legal residency or citizenship or right of entry to Estonia.

Which means it isn't a Passport, which is a globally recognised legal travel document and proof of citizenship. It may be accepted as such within the EU, but legally it isn't.

What it does appear to do is allow an Estonian to avoid having to carry multiple valid legal documents for every service they use - in the UK that would be the equivalent of a drivers licence, student id, NHS number, NI number, banking two factor device, et cetera and only have to carry a single ID card.

Each department that interacts with the cardholder has a device that can talk to the card system, and the middleware on the card system can then talk to their own systems.

Since the banks and utilities also have access to the system, they don't need external proof of residence - the system itself knows where you live and work and the cardholder can approve that information being made available to the company asking.

The UK has the same idea, but every service relies on composite keys manufactured out of disparate information that the user has to pull together every time they need to establish something new. The Estonian ID system lets you do that once and never need to do it again.

The key difference is where the balance of power lies. In the current UK system, the individual continually has to prove themselves to the arms of the state, though combined the state has access to most information about the individual. In the Estonian system, the state formally knows everything about the individual, but the individual has control over who sees the information and under what conditions.

0
0
Mayhem

Re: ID Card

Most National ID cards that I have personally seen and I have seen most of them from the EU, don't even have the bearer's home address on it.

I would never want my proof of identity device to have my address on it. Otherwise every time you change address you need a new device. As someone who rents a flat, I've changed address four times in seven years. I replaced my drivers licence once, when I moved most recently, and then only because I lost the paper part of my licence.

A better question would be why opening a bank account requires proof of residence at all. Proof of identity, sure. But an address is a pointless exercise now that you are no longer associated with a specific branch for your services. Not to mention the trap it puts on poor people, who often have no fixed abode, but can't get one because they can't get bank accounts, et cetera.

Replacing disparate numbering systems, NHS, Driving licence, National Insurance, to name but a few, would be a large and costly undertaking at a time when most government departments are having their budgets slashed.

I think you missed the part about all government services being required to work together. Each can retain their own systems, identifiers and databases, they don't even need to alter anything internally. Each would simply need to provide an open EDI interface that the secured middleware layer can communicate with. The middleware layer handles the translation between departments. So you start with something straightforward, like the driving licence system. The middleware layer associates the pre-existing drivers licence number with the ID number you have created for the relevant individual and boom, they know they are talking about the same person. You can then add other government departments one at a time and confirm the interoperability. So your principle expense initially is in the middleware layer. Each additional service added is cheaper and cheaper, as the underlying platform is already there.

2
0
Mayhem

Re: ID Card

A National Insurance number is an identifier for an individual, but you can't actually prove that it is you - it doesn't have a photograph or name associated with it at a level that most departments can access.

A Passport or driving licence will prove your identity, but the document ID generally isn't linked to any other system so doesn't link you with your various government records outside of their specific responsibilities.

The reason for an ID card is to effectively supplement all the disparate other IDs you may possess and permit you to reference any service you are associated with without having to carry all your cards/documents. It should not supplant them - at least initially - you should be able to present any or all of them.

For example, European ID cards are accepted travel documents in the wider European area, but are not valid for global destinations like Africa or Asia where they need a passport.

The key point about the Estonian system is it enables universal proof of identity and storage of records while providing transparent proof of access and lack of tampering. THAT is unique in the European sphere today.

1
0
Mayhem

ID Card

The other key requirement for this process is a unique ID for every person, here in the form of a card and a USB stick.

Europeans are generally quite happy with carrying an ID. English people are pathologically opposed to the idea. The convenience and advantages are obvious, but it would still be a VERY hard sell in this country, even without the past history of Gordon Brown's little toy.

1
1

Taming the Thames – The place that plugged London's Great Stink

Mayhem

Re: If only

Not forgetting Celine Dion.

She's Canadian.

Yes, but she famously won Eurovision as a representative of Switzerland.

0
0

The rare metals debate: Only trace elements of sanity found

Mayhem

Re: Excuse me???

Typo.

And what every loon that wants to cry Ecodammerung upon our heads does is take the reserves numbers

Took me a minute too.

1
0

EU net neutrality could kneecap the Tories' opt-out pr0n filter plans

Mayhem

Re: @PeterGriffin

Much as I hate to put down the popcorn temporarily, there are a few points I want to comment on.

First is this wonderful comment from mr Anonymous Coward, who somehow misses the irony in tracking down someone's registration details because they take offense to what was said.

"You'll want to watch your baseless assertions regarding my fitness as a parent. Consider this your only warning. And no, it isn't a threat, it's a precursor to obtaining your registration details pending further action."

Second is the underlying idea A/C has that 6 year olds are not taught sex education because they are too young to understand it.

Of course 6 year olds are taught sex education. Education is a line, not a discrete lump. 6 year olds should be taught that running around in public with no trousers on or waving your willy at the rest of the class is bad. And that mummies have babies. They don't need to know details of specifics, but they do need a nice Lie to Children to answer the inevitable questions they ask. 8 year olds get more, and teens get the full boredom. I reckon they should get a proper instructional class by some jaded porn stars around the age of 15-16 - it would heavily cut the rates of teenage pregnancy and STDs, but apparently that is frowned upon.

At the end of the day, A/C is getting heavily worked up about a hearsay statistic that PeterGriffin has no citations for - the closest I've seen is an Alexa rating that puts Pornhub at #62 for all traffic - and then claiming that a Daily Mail style Think Of The Children means we should allow our government to compile a list of people who don't believe in protecting kids and/or have deviant tastes?

What, you think a Great Firewall will limit its scope? Governments always believe that people should be protected from themselves, the only difference between blue and red is the extent. And it's one heck of a slippery slope to start down, especially when Opt-In to filtering is the accepted norm in the west.

Opt-Out of default censorship reeks a little too strongly of China/North Korea to me, and I don't trust the government not to try and monetise it at some stage...

3
1

Land Rover's return: Last orders and leather seats for Defender nerds

Mayhem

Re: safety @Alan Brown

We had an ex-NZFS Series 2a for most of the 80s, still had all the speed limits for Kaingaroa, Kinleith etc printed on the firewall. Was still going well but struggled to pull our new trailer yacht so we got a SWB Series 3 instead with the bigger petrol engine and an LPG mod for cheaper running.

The Series 3 would never win any speed records thanks to the gearbox - it topped out somewhere around 110 but the needle would swing from 100-120 so you kinda had to guess. Sounded like a banshee on heat and was about as economical as a brick. But as a work vehicle for a marine environment it was brilliant - you could leave it parked for a week or three and not worry about rust. It pulled a 2.5 ton load without complaint and had the low range to get it in and out of the drink. The narrow wheels also sliced nicely through the slime on the boat ramps, so we pulled our share of weekend warriors out as well.

Aye, the electrics were notoriously bad, but trivial to rewire, and I never forgot someone slamming into the back at some traffic lights and all he did was clean the surface rust off my towball with his radiator. You also never had to worry about cold feet, that was what the firewall was for.

I do remember there being some kind of black market trade in halfshafts - we had both sides pinched out of the wheels at different times, and I always had a couple of spares rolled up under a seat along with a crown or two. Very odd, they weren't terribly expensive parts as they were basically a mechanical fuse.

Fond memories.

3
0

Viagra makes it HARD for malaria, bug-boffins discover

Mayhem

A good secondary use

Along with the existing one of moderating or preventing High Altitude Pulmonary Oedema, where you get fluid buildup in the lungs when mountaineering over 2500m.

A friend of mine was attempting a first ascent on a peak in the Himalaya a decade or so ago, and shocked hell out of the local pharmacist when he presented a prescription for six hundred tablets - it was the supply for his whole party for two months.

I'm not sure what her first thought was, but Sex Fiend had to be pretty high up there.

2
0

Mildly successful flying car crashes - in mildly successful test flight

Mayhem

Re: It may not sound very clever. But...

Not to mention that it is still a car - so long as it doesn't actually get stuck on a building, it can be towed or driven away quickly.

0
0

Australia cracks tech giants' tax dodge code

Mayhem

Re: Wait and see

Err... You want to tax _outgoings_ rather than profits?

Not quite.

What I'm saying is that for almost all countries, the current tax system for businesses was designed in a time when all businesses were local, and some exported or imported overseas.

Today most countries are being exploited by multinationals, that take advantage of legal fictions and loopholes to avoid paying what they should in the countries that they operate in. Starbucks. Google. Amazon. Apple. it really doesn't matter who, BigCorp is a good enough name.

The key is that they and their subsidiaries really are the same company, in spite of the legal fiction that they aren't. In that there is one overall management team that controls pricing and what is happening at every subsidiary, and has shareholders that it reports to. The subsidiaries usually only have one shareholder - the parent company.

And as someone else pointed out, if you or I tried this, we'd be held liable for every scrap of tax owed, but BigCorp gets away with it, because they have the money to buy the right politicians. Financial transfers to related entities attract tax. So do royalty payments. But the "Licence Fees" are allocated as expenses, so can be used to offset profits.

So what I say is the "licencing fees" that BigCorp(AU) pays to BigCorp should be taxed at the same rate that profits or royalty payments should have been - because they really are.

Take the rate Starbucks pays for beans, or Amazon pays Luxembourg for the use of the name in the UK. They are fake costs done for accountancy purposes and everyone knows it.

Being able to make an iThing for x and sell it for 500x is fine. Its when the company "sells" it internally to a subsidiary for 500x-1 that things go wrong. If BigCorp really is two separate companies, then the supplier should be able to sell your iThing at 200x wholesale to a competitor. If they aren't willing to compete, then the two entities are related, and should be taxed accordingly.

2
0
Mayhem

Re: Wait and see

Nonsense.

The problem is that the "market rate" is a polite fiction - BigCorp is a monopoly supplier of their products, so the "market rate" is set to whatever it needs to be to cost more than the profits generated. After all, every country is a different market right?

BigCorp Australia is a separate legal entity, which pays fees for the use of the name and rights to sell BigCorp products. So tax the fees when the money is remitted out of the country.

Say you then declare that the amount of tax owed is (wholesale price *15%) or whatever the tax rate is. This then instantly makes the BigCorp product 15% more expensive in your territory, as it is the customers who will pay. So some will parallel import BigCorp products if they are physical, paying import duties. Others will switch to MidCorp's almost as good but cheaper product. And BigCorp will either have less sales, or will reduce their charges to match MidCorp.

And your internal markets become properly competitive as all players are on the same base.

You don't have to ban international trade, you just have to change the laws to apply matching taxes on the flow of money as it leaves the country. And remove any taxes on the flows of money *entering* the country - you don't tax it twice.

It isn't like you're hurting the little guy here - anyone big enough to have legally independent subsidiaries in different tax territories is big enough to pay their fair dues, the trick is collecting it.

Despite what they say, they will not stop doing business in your country because of it - unless you happen to be tiny - because the money generated will outweigh the tax costs and the market *wants* them there.

1
2

Free markets aren't rubbish – in fact, they solve our rubbish woes

Mayhem

Re: When I was a kid

In Germany today there is a 25c deposit on all plastic drink bottles, which means a bunch of extremely efficient scavengers are permanently installed just outside Security in all the airports, gratefully taking your bottle off you before you go through. With an average of 150ppl per Easyjet flight, that's a lot of bottles coming through.

2
0

So how should we tax these BASTARD COMPANIES, then?

Mayhem

Re: "The things that actually seem to work in making the poor richer."

We don't have low wage poverty in the UK, not judging by the Living Wage we don't, we have tax poverty. And the answer to that is simple, stop bloody taxing poor people. And by doing so we instantly convert the minimum wage into the Living Wage.

Yep, that's one of the simplest and easiest changes for a government to do to raise the quality of life for everyone.

The basic personal allowance is £10600, the minimum wage is approx £11800.

That £1200 is a heck of a lot of cash at that level of income, which will be directly funnelled straight back into the economy via the Vimes boot theory of economics.

Make it a universal change, and every taxpayer benefits, as they have more disposable income, and the money is just as fake as the QE.

2
0

The data centre design that lets you cool down – and save electrons

Mayhem

Re: Fitted racks

How did they attach the servers to the wooden racks?

Are we talking wooden frames with metal inserts for traditional cage nuts, or pure timber?

I would have thought that the weight of a piece of equipment or laden shelf which only attaches at the front would cause undue stress on the frame.

0
0

Graphic designs: Six speedy 17-inch gaming laptops

Mayhem

Clevo laptops

The other trick if you are in the market for a gaming laptop - do it yourself.

Clevo is a Taiwanese company that specialises in designer laptops, that are rebadged and sold through OEM partners like Sager, Schenker or Eurocomm.

You can literally specify what hardware you want in the chassis size you like, and prices are surprisingly reasonable, probably due to the order and then they build it philosophy.

It is also a good source if you are looking for a high res matte screen on a business laptop, instead of the lousy glossy 1440x900 rubbish we tend to see today.

0
0

Welcome to the FUTURE: Maine cops pay Bitcoin ransom to end office hostage drama

Mayhem

The key is offline backups - ransomware can spread and corrupt your online ones, at which point you turn and go "why did we stop using tape again".

Fire, flood, theft - these all affect one site only, and a mirror set, hot site or live backup will quickly restore data.

Accidental deletion is usually reported relatively rapidly.

What this style of malware does is deliberate corruption of all your data, and if it happens at the end of the day just before your file sync kicks off ... you're screwed.

1
0

Australia finds $1 BEELLION to replace No-SQL DATABASE

Mayhem

While IBM *as a vendor* is out of the running, IBM *as a hardware platform* is a pretty strong contender because there will be a logical and reasonably well established migration path from the current hardware and database to wherever they want to go. The key part will be migrating all the customisations that have been put in place over decades, and *noone* will want to be writing them again from scratch.

I expect that one of the major domestic IBM shops will take on the work with their own experienced engineers, along with various warm bodies contracted in from around the world for specific expertise.

Upgrading a core system like this should be relatively straightforward, although I doubt that the people in charge have really thought out what they want done.

1
1

Can you recover your data if disaster strikes? Sure?

Mayhem

Version Control is really important too

As Bloakey mentions above, Cryptolocker and its ransomware ilk are getting increasingly common, bringing us full circle back to the destructive child viruses of the 90s, which would corrupt everything.

We recently redid our whole company backup solution, because while it provided wonderful protection against hardware failure, physical disaster, and accidental deletion, it noticeably wasn't good enough to 100% protect us against deliberate sabotage. And our daily/weekly/monthly backup times were set to be minimally disruptive to staff, which meant a problem that hit us on the last Thursday of a month if not spotted on Friday could be too late to recover from by Monday.

You need to make sure you have air gaps in your backup scheme, whether that be physical gaps of backing up to tape, or virtual gaps like changing the underlying platform to limit the spread.

Version control means you can effectively ignore the impact to roll back to before it hit.

Cryptowall spreads across any mapped network drive or attached USB drive, so if your servers are set with permanently mapped connections, it *will* use them. I know other variants will use commercial exploit kits to search for open shares and spread there. And while AV may run on servers, it probably isn't running on your NAS.

One of our clients got hit pretty badly a couple of weeks back, so it's something I'm very aware of at the moment.

1
0

Snowden dump details Canadian spies running false flag ops online

Mayhem

Re: They drink beer and whisky, just like us

Puerto Rico also has no voting rights, being full of alien races according to the law.

2
0

Ransomware holds schools hostage: 'Now give us Bitcoin worth $129k, er, $124k, wait ...'

Mayhem

One of our customers was hit with this last week

I'd expect the initial ransom was $500 in bitcoin - that is the standard message displayed by Cryptowall 3.0 which is a right bastard of a product.

Our antivirus caught it on the PC, so it only screwed the initial user's profile, but it does a basic network traversal using mapped drives, so completely bollixed the NAS shares which the user had full access to.Since it took them a couple of days to alert us that the infection had taken place, the weekly syncs had taken place and overwritten their secondary NAS as well.

(Edit: They only pay for ad hoc assistance, not for realtime monitoring. We set up protection against hardware failure, not across-the-board data corruption. Suprisingly the XP machines running NAV were left alone, only the w7 machines were targeted across the network)

Our customer only had a backup on USB from December, but were happy to work from that as most of their work is online.

However be aware - it will traverse mapped network drives, and that includes synced cloud folders like dropbox. Not every cloud provider supports versioning, especially for SMB users.

The ONLY safe mechanism against this attack is an offline copy of the data, which for small shops I would suggest at least every 3 months. And since they use commercial exploit kits to deliver the payload, it is very hard to completely defend against, even with IT knowledge.

It's a real change in risk profile, from accidental damage or hardware failure to deliberate trashing of the data. It's almost like the early DOS viruses again, which were designed to paralyse what was infected instead of spreading.

0
0

NZ used XKEYSCORE to spy on World Trade Org election emails

Mayhem

Unsurprising

To be fair to NZ, all of their internet traffic is monitored at the far end by either the US via Hawaii or Australia - they only have two significant undersea cables out of the country, and one primary terrestrial ring domestically.

It's really in their best interest to join the 5 eyes club as at least that way they can share in the monitoring.

Of course, this kind of underhanded trick is completely typical of how governments today act - and of course it is totally different to the governments in the past that all wanted to but didn't have the capability.

0
0

Is the DNS' security protocol a waste of everyone's time and money?

Mayhem

Re: DNS Sec isn't the problem

@Jamie

That makes more sense. I didn't realise it was that easy to replicate the ISP service - most DNS server howtos only relates to lookups on internal servers, not internet ones. I might look into spinning up a DNS server over the weekend then - up until the last round of poor performance I hadn't really thought about it - DNS is one of those fundamental things you only consider when it breaks.

As a better writeup on the situation than I can do from work, which put me on the path of figuring out why my youtube performance had gone down the toilet (again), have a read of

https://jackpearce.com/virgin-media-why-are-you-manipulating-my-traffic/

As best as can be determined, Virgin (and several other ISPs) are effectively proxying all Google services in the UK - most likely to reduce bandwidth costs for all parties concerned. Which is what I meant by ISPs diverting my traffic, and that I can understand - I'm technical enough to work around it, but the masses won't be. The problem is the CDNs are heavily congested, so the cure is worse than the disease for users.

The big issue I have is that there appears to be some form of agreement between GoogleDNS, OpenDNS and the ISPs to subvert what is marketed as open and reliable information into the same CDN networks that I'm using them to avoid.

0
0
Mayhem

Re: DNS Sec isn't the problem

I am not an expert in networking, however as I understand it, unless I set my recursive DNS server to generate my own cache of queries by using the primary authoritative sources for every request, then at some point I have to trust the information coming to me via intermediaries is legitimate.

And if I have to do that, then why bother replicating someone else's work unless I have to?

After all, the major peering networks need to have this information, and they have lots of people employed to ensure that it is correct. At the end of the day the situation always comes down to the cost/benefits of who should you trust.

What I object to in my example above is the unadvertised corruption of the DNS information being passed on to me by sources that are marketed as "trustworthy". My ISP diverting traffic to its own services is one thing - that is expected, and I can bypass it by specifying an external DNS source. Google DNS or OpenDNS diverting my traffic back to my ISP instead of to the public internet or to their own services is quite another. Especially since OpenDNS markets itself as a trusted independent supplier of DNS information, yet has clearly entered into commercial agreements with ISPs to support their traffic management.

5
0
Mayhem

DNS Sec isn't the problem

Legitimate tieups between ISPs, commercial suppliers and the DNS providers is.

For example, Virgin Media now masquerades as all Google services via their caching network, and both GoogleDNS and OpenDNS will point you at the cache servers instead of the real overseas addresses.

Which is fine, until Virgin cocks up their caching (again) and you can't watch a simple youtube video because it stutters constantly.

After chatting with one of their engineers, I now use Level3 as DNS provider, because at least they seem to be neutral and resolves addresses to their public IPs..They are also slightly more trustworthy than most other public free DNS providers.

6
0

UK spaceport, phase two: Now where do we PUT the bleeding thing?

Mayhem

Re: Where to put it?

I seem to recall Peter F Hamilton having floating runways anchored offshore in the Atlantic which had spaceflight capability. That would seem logical enough - and it means you can launch in any direction by just turning the ship around or sailing it south for equatorial launches.

Pykrete might be a plausible base, or just build it like a scaled up oil platform out of a number of segments.

0
0

Biltong, braais, being an 'IT bitch': A UK woman on working in Africa

Mayhem

Re: If I met a woman at a bar..

Heh, the big one for me was learning the difference between now, just now and now now.

Now now means as soon as I can, definitely today at least.

Just now means in the next day or so.

Now means eventually. Maybe. Possibly never.

"Sure, I'll do that now" literally meant it wasn't going to happen.

1
0

Crap mobile coverage costs UK biz £30m a week, reckons survey

Mayhem

Femtocells

They can do as much research as they like - unless someone manages to force a change through OFCOM, mobile repeaters are illegal in the UK except when provided by the mobile operators. Broad spectrum repeaters are completely banned.

Unless one happens to be the Olympics, which is the only instance of mast and network sharing between operators I can think of in recent history.

The Vodafone Suresignals are crap, as are most of the other equivalents unless one only needs to cover a small office of half a dozen employees. You can't easily use more than one nearby, because they don't hand calls between each other, so if you walk into stronger signal range of the next unit, your active call will drop.

We also looked into the serious commercial offerings from the operators - at an average of £5000 per year per access point, and the average building floor needing 6, it gets real expensive real fast. Fine if you happen to be backed by Arab oil wealth, for the rest of us though, not so much.

2
0

Bond villains lament as Wicked Lasers withdraw death ray

Mayhem

It's pretty obvious they've had to do this because more and more developed countries are cracking down on the sale of Class II and above lasers, so they simply can't sell them any more.

This way they can attempt to remove the automatic sales stigma of Wicked Lasers = Dangerous, which might have been useful in building the brand, but is now a hindrance internationally.

After all, few enough customers have the spare cash to splash on a fancy light with not many real practical uses.

3
0

GCHQ and Cable and Wireless teamed as Masters of the Internet™

Mayhem

Re: Ahhh

Exactly what I thought.

£5 says that a close inspection of the tax records revealed an unusually large entry from government accounts, which was buried asap.

2
0

Virgin Media struck dumb by NATIONWIDE packet loss balls-up

Mayhem

Google DNS in London

We had a weird issue last night - we completely lost access to anything Google related - bing worked fine, yahoo worked fine, but google.co.uk and google dns dropped off the net and we lost all packets routed via their networks.

Redirecting our router DNS to the automatic Virgin provided ones brought everything back up.

I plan to revert the change when I get in tonight, but it was probably related to this.

0
0

DAY ZERO, and COUNTING: EVIL 'UNICORN' all-Windows vuln - are YOU patched?

Mayhem

Re: Doesn't Affect Me

Ahh, you see, half the delight of the box was being able to source genuine parts, so an original 486, SB16, intel nic etc, which meant that almost every app has the correct drivers.

I did a dualboot with 3.11 to simplify copying files onto the drive, and then dos for the games.

The biggest headache, as anyone could have predicted, was memory management.

God it has been a LONG time since I had to remember half of that, and playing with EMM386 and QEMM reminded me why we were so glad to get rid of it.

Still, worth hanging onto for nostalgias sake.

1
0
Mayhem

Re: Doesn't Affect Me

I just recently reinstalled 3.11 to simplify getting networking up and running on an old dos box to fire up a few old games again.

Jeez, that was substantially harder than I expected - it is surprisingly difficult to create a DOS boot disk that is an older version than the one present on your system.

1
0

Virgin Media CUTS OFF weekend 'net surfers after embarrassing smut-filtering snafu

Mayhem

unfiltered web feeds

Well I have a range of 100mb circuits from Colt, Level3, TDK and Orange scattered around Europe, and all of them at some stage have passed on polite little notes from the relevant local RIAA affiliate to complain about guests downloading movies*. So it really doesn't matter what tier your ISP is, the Powers That Be will get to them in time.

*To be fair, they don't do anything else, just pass them on. We have a quiet chuckle, and pass them on in turn to the short term storage device aka Recycle Bin.

0
0

Page:

Forums