1514 posts • joined 11 Jun 2009
Let's not forget that all these scam emails flying around will probably hit more people running later versions of windows and those not running windows at all. And no doubt a significant number of those people will fall for it.
I've come across plenty of cases where people have clicked on links in scam emails and been infected or scammed even though the email didn't even apply to them.
So is it a good idea to build the security of your entire web operation around code written by four unpaid volunteers?
This isn't to criticize the volunteers, but those companies who are panicking now because they built their operations around this code and just assumed it would be secure.
A lot of people* sticking with XP are doing so because they are too tight to buy a new OS or a new PC or just too lazy to do anything about it. As such this advice means nothing to the majority of XP users.
Re: at best...
Ah, but the law also requires that the owner takes reasonable steps to maintain the goods in working order. If you bought a car and drove it without servicing until the cambelt snapped you would not have a claim against the manufacturer or retailer. I suspect that Juniper can sidestep this by saying that reasonable maintenance means keeping the software patched up to date.
Re: Computer Misuse Act
That would surely depend on whether evidence of intent is required for that offence to be proven.
Re: This is rather mean.
The thing is that routers like this should be maintained by proper technical bods and proper technical bods know how important it is to keep things patched up to date. The problem is that managers don't.
Management don't like the expense of paying for software upgrades and even when they are available free they don't like the expense of paying people to perform the upgrades. They don't like the idea of downtime in working hours, but they don't like the idea of paying for overtime to do the work OOH.
Then of course there are those managers who decided there was no need to pay for that expensive maintenance on all the network hardware. I knew one manager who decided he didn't need maintenance on a large estate of Cisco kit. He decided it would be much cheaper to get hardware replacement cover only. Of course he then started complaining when he needed an IOS upgrade for a 6500 and he no longer had access to the downloads he used to have. He wanted to know if the hardware support company could get him the IOS image. He started trying to blame his tech people when the supplier pointed out exactly what "hardware replacement only" means and how software cover would cost a lot more.
Managers are the biggest reason why there are so many routers, firewalls, switches and other network hardware out there running horribly outdated software.
Re: FAIL everywhere
"This is not unique to the IT industry."
Too right. For example, GM failed to build an ignition lock barrel that can cope with the weight of a bunch of keys safely. It's not an IT industry problem. Nor is it down to the bean counters. It's simply a lack of forethought. And that is just human nature.
Re: Are these customers blind, it is a Very Common exploit spam tactic to spoof retailers now!
"Like the article says "It is not clear how the fraudsters got customer details from CCL's database"."
Except if you read further up it isn't just CCL customers who received the email so the spammers didn't get customer details from CCL's database. What they actually did was get hold of a genuine dispatch note and spam lots of people with their scam.
I frequently get scam emails purporting to be from companies (often banks) with whom I have never dealt. It's not an uncommon tactic. Using legitimate looking dispatch note details is not something I've specifically come across before, but it's not a massive leap and would not require any breach of security in CCL's customer database.
Re: I got it,
When I read the story my first thought was "how do they know it only went to CCL customers?" and my second thought was "if it only went to CCL customers there must have been a data breach."
Well since it clearly didn't go only to CCL customers there was no data breach.
The author needs to do a little fact checking before submitting copy.
Re: He is just annoyed that they are texting ...
We all know that the pictures could equally depict people web browsing, playing games or indeed browsing/updating facebbok. However this twat thinks that he can con us into believing that these drivers are all texting simply because he doesn't want to be seen to be saying that facebook is bad in any way.
The point is that all phone use (including hands free) whole driving is potentially dangerous. Some idiots don't use their phones until they are driving. I saw a woman in the car park at work today walk to he car, get in, start the engine, fasten her belt, then get he phone out, dial and then drive off with the phone pressed to her ear. Why could she not make the call on the walk to the car? Why could she not make the call before she set off? Because for some people using a phone has become part of driving.
Something else have seen a lot of drivers doing is actually using their phone as a hand held satnav while driving. That's just plain weird, but I suspect some of the people in those pictures might be doing just that.
"He said they were taken as a passenger."
Maybe they were, but he's encouraging others to submit their own TWAT pictures. If he doesn't realise that this will be seen by some as encouragement to take photographs while driving then he's an idiot.
Re: What a surprise!
Well of course it was a ponzi scheme. What concerns me however is that it's amazing how many such schemes pop up with their creators seemingly believing the have a legitimate, sensible and workable business model.
Not saying that was necessarilly the case here...
Re: Tax on cryptocurrency
There are a lot more taxes than just VAT.
Re: Conflicting reports
Not only that, but it's can be very difficult to know what is and isn't classified. Could you remember decades after the fact which jobs and which bits of jobs you worked on were classified, so best bet would be to assume all of it was classified to avoid mistakes.
Anyhow the nature of NDAs is such that on every job you sign an NDA which says you will disclose nothing of what you learn or do on the job.
Re: At least 2 people deny it
"since it was in a public document they could use it even if we specifically told them not to."
That is true, but it doesn't mean that to do so wouldn't be actionable. Nor does it mean that in doing so regularly they wouldn't quickly gain a reputation for printing worthless nonsense.
Publish and be damned indeed.
Re: Conflicting reports
You haven't actually read either story have you? If you'd read the AP story you would know that he has explained the exchange with Newsweek. He says that what he was trying to tell Newsweek was that he wasn't involved in engineering anymore and could not discuss it due to contractual obligations. Papering over any cracks with the explanation that his grasp of the english language is not perfect.
Of course you could question that his english is not perfect after 55 years living in the USA, but I know people who were born in the UK but speak English only as a second language and quite badly at that.
You could ask why he answered a specific question about Bitcoin with a general answer regarding his career in engineering, but can we be sure that he said this in answer to a specific question about Bitcoin.
"Mr Nakano did you develop Bitcoin?"
"Never heard of it until a few weeks ago."
"But you did work on secret engineering projects for several years."
"I am no longer involved in that and I cannot discuss it,"
How hard is that for some hack to edit into:
"Mr Nakano did you develop Bitcoin?"
"I am no longer involved in that and I cannot discuss it,"
Re: "Public interest"
And of course if the public interest card doesn't cut it the journalist can always follow it up with the classic "acting in good faith" card that usually involves the "information received" subclause.
Apparently "acting in good faith" excuses almost anything (up to and including invading sovereign territory) just so long as you were "acting on information received". Notice the use of the word "received" rather than "solicited", "assumed" or "invented".
Re: This is interesting
That being the case how have so many Bitcoins been stolen? If there is such an audit trail then surely a stolen bitcoin is totally worthless?
Re: I think he's just afraid of the tax claim he'll get
If he's got $400M in the first place why does he not have the lifestyle to go with it?
30 minutes out of every six hours. So that's a maximum of five and a half hours without a break. I think we got that from europe. But on past form we're probably the only country who adheres to it.
I remember trying out all the guitar amps that Maplin sold back about 1988/89 then and not a one of them "worked fine" new. The tone of every one of them was awful. Sure most were cheaper than the Lead 12 Stack I bought in the end, but that sounded fantastic the Maplin kit didn't.
Those Maplin things were worse than the much cheaper things you could get from discount shops and mail order catalogues. Which sums up an awful lot of Maplin's stock. It's sheap and nasty stuff sold at an elevated price.
"This is the magical period during the working day that American psychologists call "personal time", British wage-slaves refer to as "lunch hour" and which only the French get right by making it last twice as long."
IMHO the French get it totally wrong. I was horrified that my new employer enforces a full hour's lunch break. I haven't had to take the full hour since about 1988. I'd much rather take half an our (legal minimum and all that) and get home half an hour earlier. Actually I'd rather take nothing other than drink and piss breaks and get home even earlier, but the law demands that I am given half an hour and must take it.
Even if you happen to work in town rather than an out of town "business park" wandering round the same old shops every day gets old after a few weeks. If you work, as I do, in a motorway-side business park you've killed all the time you're going to in buying and eating a sandwich and the rest is enforced web browsing, reading, or whatever. Time that could be much better spend if you weren't at work.
Lunch breaks of over 15 minutes? Waste of time. And in your case, money.
Even more annoying is the fact that working as I do about ten minutes from work the temptation is to come home at lunch time and thus spend twenty minutes travelling every lunch time.
Here's the thing: You'd have to be a complete idiot to turn down a free ten bucks. So guess what that makes Joe Drunk?
Except of course that he's not just an idiot, he's a snob too.
Re: DON'T tell your friends!
Why does nothing designed by lawyers make the slightest bit of sense?
How about just paying $10 to the first 5 million claimants? That would make a lot more sense.
Why $40M rather then the full $10M? Easy. No doubt some law firm will take $10M in administration fees, even though administering such a distribution would cost less than administering $10 each to 5 million claimants.
The biggest harm done by this price fixing was not to consumers buying the damn stuff, but from the damages involved in the mass theft of memory. The costs as a result including lost business, the cost of repairs and of course corporates clearing out memory suppliers thus probably pushing up prices a little more.
I recall one theft where an entire floor of a large office block was stripped of its memory. Every PC had been carefully opened, the screws laid on in neat rows on desks and the memory carefully removed. A very professional job. That one involved costs from lost business and of course the cost of replacing all that memory, but jobs like that were rare. More commonly we were called out to jobs where PCs had been ripped open with crow bars and memory modules ripped out damaging motherboards. The end result of this was usually that most of the PCs on such a job needed replacing. The stupid thing being that often in these jobs you could tell a lot of the modules had been damaged when they were removed, rendering them worthless. The apes doing these jobs often didn't even recognize the memory and ripped out other components that vaguely resembled memory. Those jobs were much more expensive and all because some dodgy buggers decided that fixing RAM prices was a good move.
Re: He's looking quite healthy...
Where you're from? The 1890s?
Seriously I can't think of an English speaking country where electrocuted still only means killed. Sure when it was coined back in the 19th century it was a contraction of electric execution, but it hasn't meant just that for a very long time indeed.
Careful? It's a risk of the job.
Re: He's looking quite healthy...
"He's looking quite healthy for someone who's been 'electrocuted'."
I've been electrocuted a few times and I look pretty healthy too. I've got two arms for a kick off.
Given your quotation marks I assume you think electrocuted means something other than what it really means.
Re: In case you missed the adverts
@Chris Fit the Fifth and Sixth were co-written by John Lloyd since in typical BBC style it took so long to commission the series Adams was also commissioned to write and edit Dr Who by the time they got that far into H2G2 and didn't have time to give 100% to both.
AFAIK Lloyd not only had no problems with the series being broadcast, but I could be wrong. However I do doubt that Lloyd could actually prevent broadcast if he wanted to. Repeat rights are usually written into writers and performers contracts. Famously Dave Allen had a one repeat clause written into his contract. Judging by Dave's output Lloyd has never had such a clause in his contracts.
Some of the stuff Lloyd worked on was replaced in the books, according to Adams because he wanted to go it alone and see what he could come up with. Some have, perhaps uncharitably, suggested that this is because he didn't want to share the royalties with Lloyd.
The only copyright issues I have ever been aware of in the UK was not in broadcast but CD releases and online availability. One episode, possibly, fit the third featured Marvin "humming like" Pink Floyd, the Beatles and somebody else. When it came to CD/Cassette release there was a royalties issue so the scene in question was cut from that episode. Also back about ten years ago when the Tertiary Phase was ready for broadcast those lovely people at Disney kicked up a fuss claiming that they owned the copyrights for the whole thing.
As I say I'm sure the first two series were repeated on radio in the late eighties if not early nineties. I also have a vague memory of them being broadcast or at least available online around about the time the tertiary phase was broadcast. I am, however, quite probably wrong about that as I possibly just listened to my recordings again.
Re: In case you missed the adverts
"And not a lot of people know this,"
Well not a lot of people apart from those who've read about it in books, magazine articles, various internet sites or heard about it in interviews. Or who actually listened to the series. Since the whole second series was apparently a hallucination it never really happened.
Anyhow I'm pretty sure the line was "put it there, and there, and there and there, woah!" suggesting that maybe that last "there" wasn't referring to an arm at all...
Re: In case you missed the adverts
Really? I'm sure it's less than thirty years since I last heard the original on radio.
Not that I'm bothered as the whole thing sits happilly on my media server for whenever I choose to listen to it. Probably a breach of copyright, but what the heck.
Just been to the linked page where the BBC describe it as an "Adaptation of Douglas Adams's cult science fiction comedy series". Eh? Do the BBC themselves not know that Adams originally wrote it as a radio series, sometimes only seconds before the actors read the lines? Or do the BBC employ teenage old interns to write their web content?
OK so it's good for drumming, but has it improved his ski-boxing?
"The British Pregnancy Advice Service didn’t realise their website was storing this information,"
But presumably somebody did. The person who coded the website perhaps. I wouldn't argue against the fine, it points out in no uncertain terms that ignorance is no excuse and that organizations need to be aware of the way their websites and other IT systems function. However I would also argue that if the organization itself didn't know then it must be true that an employee, contractor or supplier did know and they should be fined too.
"IANAL, but it seems to me there are too many laws criminalising specifc acts that are perfectly well covered under broader laws."
You are completely right. Legislators however like to be seen to be doing something. So they create laws that aren't needed. Take the specific law banning the use of mobile phones when driving. If you take a look at the road traffic act from before that law was passed you will find that it was already illegal to use a mobile phone when driving, but Westminster saw fit to pass the law.
The real problem with this sort of thing in a system of common law is that the more laws you create the more potential there is for loopholes where laws overlap. Yes I know they employ clever lawyers people to draft the laws in such a way that loopholes aren't created, but nobody can read the whole of the law and draft a new law into the whole of the law so that there are no unintended consequences. However it still happens and there are barristers who specialize in exposing these loopholes.
Strict liability offences are a half arsed way to get around this problem. They do not however sit well with a system of common law.
Re: He may not have the "right" as such..
"But since the law doesn't apply, what's to stop him? He's been basically given permission since there isn't a deterrent."
I can think of one deterrent, publicity. He may have won his case but he is now known locally, nationally and internationally as a sad pervert. Friends, familly, neighbours, workmates and total strangers know him as a perv. Doesn't matter what the law says that's what people think of him and how they will refer to him.
Well it certainly sounds like some form of sexual harassment to me.
Currency has always been an attempt at controlling the populace since the day it was invented, don't act all surprised/hurt when it happens.
If you truly don't like the system opt out - if you're part of the system you're part of the problem and low level moaning on internet forums won't change that. You could try barter or perhaps some non-government supported currency like, oooh I don't know, Bitcoin - that looks totally practical and trustworthy.
Re: Loan based crowdfunding sites?
"What's one of those then? I thought..."
@localzuk rather than posting what "you thought" why didn't you spend a moment on a search engine then you would have found out exactly what loan based crowdfunding sites were.
Did you post because you wanted to know what a loan based crowdfunding site was? Or did you post because you thought you knew more than the FCA?
" all they do is facilitate donations from you reaching someone asking for some money. In exchange for which those third parties may or may not promise to do / send things for / to you, but that's entirely between them and you, "
Which sounds to me like a way of Kickstarter avoiding or at least trying to avoid any liability.
It also reminds me of the way escort agencies avoid or at least try to avoid law on prostitution and pimping, they will tell you that all you are paying for is the escorts time and anything that occurs between the client and the escort is purely a personal arrangement between the client and escort and absolutely nothing to do with the agency.
Re: I don't think it's the biggest risk
"I think the sort of people who would make use of this sort of information are probably capable of getting access to the medical database directly"
On what evidence do you base that assertion?
"thats not really what i use HTTPS for, its protect the actual data i enter into forms"
That's because you're clever and you know what https is for, it's a good guess though that since you're a Register reader you work in IT or are an IT enthusiast. The problem is that there are a lot of people out there who are not at all IT savvy, but perhaps think they are. These people KNOW that https is secure and secret and trust it implicitly. They see the little https icon on their browser that tells them the site is secure and they automatically believe it.
Re: A deabte if they have endangerd him?
You're right they have put him in all sorts of danger and there's no debate about that at all. What will be interesting will be whether or not he decides to sue. Wouldn't be a good start to their relaunched print edition if this guy gets into them for a few million.
The worst bit about the story is not so much that they credit him with the invention of Bitcoin with very little credible evidence, it's that from that they make the leap to a personal fortune of $400M based on absolutely no evidence at all.
Re: " something people find of value,"
"Those who remortgaged their houses and bought in at $1200 because their thinking was that BC must go up by another order of magnitude or such." Are what's general known as complete idiots.
He's got $400M yet he lives in a pretty ordinary house in a pretty ordinary area? Makes perfect sense.
Basically when it comes to investigative journalism the new Newsweek seem to have no skills at all. They don't seem to have any hard evidence that links this guy to the creation of Bitcoin. All they've got is that he used to be in engineering and he shares a name with the alleged inventor. Well there you go, that clinches it.
Here's a thought. If this is down to just two DNS servers are dodgy why are ISPs not simply blocking access to those addresses?
Actually it would make sense if ISPs only allowed DNS requests from end users to go to their own DNS servers unless the user specifically requested it. It's hardly rocket surgery.
Read the story again. They bragged that they had taken down the Yorkshire Bank, not a bunch of phishers.
There's just so much to laugh at here.
There's the fact that they did it. Then there's the much funnier fact that they bragged about it. But the biggest laugh is that when it boils down to it these berks consider themselves more tech savvy than the rest of us, but got conned by a half arsed phishing scam that was years out of date.
FAIL just isn't a big enough word. We need a new one.
Re: Question is, why isn't Firefox adding WebP/WebM?
"I have already updated my website to serve WebP, and I set the alt-tag to highlight that missing images are a deficiency in the users browser, and that using Chrome or Opera is recommended."
Way to get people to like your site. Not.
Are you really so egotistical that you consider your site so important that people will change browsers just to look at it? Much more likely that they'll think "stuff you" and not bother with your site.
If you like WebP then by all means use it, but the smart way of doing things is to serve WebP to Chrome/Chromium browsers and do things the normal way for browsers that can't, rather than dictating to your users.
Funny thing is not so long ago it was Firefox that attracted saddos like you. No matter what browser I've used and whatever browser I've been told to use I have NEVER changed browsers just to view a website.
Once upon a time there was some quality original programming on the channel, but there has been a steady decline.
When I look at the budgets for the various BBC channels I just can't see where Three has been spending that much money compared to the rest.
The way Moms Demand Action (stupid name BTW) carry on you'd think it was otherwise impossible to buy firearms illegally. Every felon knows places where you can buy firearms illegally. There are also plenty of "legitimate" dealers who aren't averse to the odd under the counter sale.
Yes stopping this sort of trade can't be a bad thing, but I don't suppose it accounts for a significant portion of illegal firearms sales.
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Analysis Oh no, Joe: WinPhone users already griping over 8.1 mega-update
- Leaked pics show EMBIGGENED iPhone 6 screen
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- OK, we get the message, Microsoft: Windows Defender splats 1000s of WinXP, Server 2k3 PCs