Feeds

* Posts by Allan George Dyer

1080 posts • joined 12 Jun 2009

Tito's Mars mission to use HUMAN WASTE as radiation shield

Allan George Dyer
Bronze badge
Alien

Sounds like the plot of many monster movies...

Take a rich biological environment, subject it to unusually high levels of radiation for an extended time.

Enter the naive honeymoon couple.

What could possibly go wrong?

10
0

Vint Cerf: 'The internet of things needs to be locked down'

Allan George Dyer
Bronze badge
Coat

Re: because the windows were left open

Note: WINDOWS BURGLAR SECURE is an option extra for AUTOMATIC HOME WINDOWS. The company is not responsible for unauthorised ingress or complete trashing of your home.

Confused by endless conflicting configuration screens? Get our ULTIMATE SECURE CONFIGURATOR and say goodbye to gaping security holes because of stupid configuration errors.

You know, there might be an endless market here...

0
0
Allan George Dyer
Bronze badge
Facepalm

Re: WTF?

The "personnel on station" are the end users. These are devices for home use, "tell your home to prepare as you drive, and it's comfortable, your favourite music is playing, and you meal is ready when you arrive". The only way these will get secured is if the manufacturers build in security as the default.

I suspect that the novelty of arriving home to a cacophony of pets disturbed by the sudden music who have eaten the toast again and an enormous electricity bill because the windows were left open will quickly wear off, but by then the devices manufacturers will have made their profit, and the devices will still be vulnerable when you are not using the features.

7
1

APT1, that scary cyber-Cold War gang: Not even China's best

Allan George Dyer
Bronze badge

Re: More critical reading is needed

@Kevin - did you talk to the network contacts in Chinese and Korean? Have you junked any Chinese or Korean spam? That might have been your reply.

0
0

Trekkies detect Spock's Vulcan homeworld ORBITING PLUTO

Allan George Dyer
Bronze badge
Headmaster

How old was Hagrid?

Hagrid claimed to have raised Fluffy from a pup, so Fluffy can't be an alias of Cerberus. Probably a relative.

I should get out more.

I like the idea of naming an astronomical body Kerberos. Fluffy should be reserved for a warm body that you can cuddle (as long as the music is playing).

0
0

Clarkson: 'I WILL find and KILL the spammers who hacked me'

Allan George Dyer
Bronze badge
Pirate

Re: I don't mind being compared by age...

@dcluley, it might have "worked as intended", but that is not the same as being a well-designed, secure system. Could a criminal set up a direct debit to a front company just using the same details? Could a criminal set up direct debits to a charity, then take the money from the charity because it is poorly administered (concentrating on its intended purpose)? How difficult is it to reclaim an "incorrect" payment? Do the banks care that their weak system allows their customers to be robbed?

0
0

Earth escapes asteroid flyby, boffins want lasers aimed at next one

Allan George Dyer
Bronze badge
Coat

You've got it wrong...

It's a laser pointer to attract the giant, interstellar cat to deal with the problem.

7
0

Traceroute reveals Star Wars Episode IV 'crawl' text

Allan George Dyer
Bronze badge
Megaphone

Re: <rant>An unused /24?!

Definitely, the internet needs a "<rant>" tag! I <rant>NEED</rant> a "<rant>" tag.

Incidentally, is there a style guide that specifies how to pluralise /29 while shouting?

2
0
Allan George Dyer
Bronze badge
Childcatcher

<rant>An unused /24?!

DOESN'T THIS RYAN WERBER KNOW THERE ARE DEPRIVED PEOPLE WHO NEED THAT /24? A /24 CAN PROVIDE 254 CHINESE PEASANTS WITH A VITAL CONNECTION TO POLITICALLY ACCEPTABLE PARTS OF THE WORLD, OR IT CAN BE SPLIT INTO /29s AND PROVIDE VALUABLE BUSINESS OPPORTUNITIES TO THIRTY TWO SMALL/MEDIUM ENTERPRISES STRUGGLING TO SEND OUT LOTTERY WIN NOTIFICATIONS AND LINKS TO FAKE BANK WEBSITES</rant>... oh, forget it...

19
0

Forget wireless power for phones - Korea's doing it for BUSES

Allan George Dyer
Bronze badge
Facepalm

Backups and bank cards...

Hopefully, all the banks will have changed to chip-and-pin before this is deployed.

The popularity of tape for transfers to off-site backup might suffer.

0
0

Curiosity photographs mysterious metal object on Martian rock

Allan George Dyer
Bronze badge
Alien

Wait for...

a martian emailing NASA, "thanks for finding my keys"

9
0

Study: Gay marriage support linked to pr0n consumption

Allan George Dyer
Bronze badge
Coat

Perhaps...

it shows that people who oppose gay marriage are more likely to lie about their porn usage?

9
0

Kickstarter project says open source can blast Death Star costs

Allan George Dyer
Bronze badge
Mushroom

But how much...

do you have to pledge for the right to aim it at the planet of your choice?

2
0

First video inside thinking fish's brain captured by boffins

Allan George Dyer
Bronze badge
Alert

Re: "...paramecium the size of a grain of rice"

Not very rice-shaped, the rice I eat doesn't have an oral groove. A 4mm paramecium is the the stuff of nightmares.

0
0

Blobs that swarm spark ‘it’s alive’ hypegasm

Allan George Dyer
Bronze badge
Coat

With a little more work...

they might prove the whole media and web 2.0 phenomenon is not only unintelligent but not the result of any living agent1. Something that has been suspected, but not proved.

(1) Including this post. I'm going, but there's no evidence I'll need that coat.

1
0

Worst broadband notspots in the UK named and shamed

Allan George Dyer
Bronze badge
Coat

Guilty confession...

I'm in Aberdeen, and I usually get 24Mbps or higher... up to 51Mbps occasionally, and some round here have a Gigabit connection, which might skew the statistics. That's Aberdeen, Hong Kong, in case you're wondering. Did they check more than the town's name when they took the measurements?

0
0

Naked intruder cracks one off in Florida rampage drama

Allan George Dyer
Bronze badge
Coat

Half man, half kangeroo?

"jump naked onto a Florida couple's roof" - or, as the later part of the article clarifies, he jumped off the roof... onto Mr. Land. Perhaps he thought that was a functional description, not a name?

1
0

Panasonic: We'll save Earth by turning CO2 INTO BOOZE

Allan George Dyer
Bronze badge
Black Helicopters

Re: Hmm...

No cognitive dissonance, the geological-timescale Carbon cycle is often mentioned, e.g. in @Kubla Cant's dragonfly comment above. However, I would suggest large, aerial carnivores would be a concern to parents of small children and pet-owners.

1
0

Backdoor root login found in Barracuda gear - and Barracuda is OK with this

Allan George Dyer
Bronze badge
Boffin

Re: ...firewall off port 22 completely.

Henry, Michael's remark is a good example of why, although /24 is "factually correct" and "shorter than Class C", it is less informative to people who are unfamiliar with networking jargon.

You are correct, but failing to communicate.

4
1

Squillions of bytes in one cup of DNA

Allan George Dyer
Bronze badge
Alien

Long-term reliability?

You store your lizard-based blueprints for your galactic-domination army on a convenient planet, but when you come back in 65 million years you find:

http://www.sphericalcow.org/index.php?p=3

Raptor 2.0

2
0
Allan George Dyer
Bronze badge
Coat

Why is there a mammoth carcass in the storeroom?

Don't worry, it's just the archive storage, I'll need your help tomorrow when we make a copy and take it off-site.

Bring a warm coat, and a map of the tundra.

4
0

'End of passwords' predictions are premature - Cambridge boffin

Allan George Dyer
Bronze badge
Coat

Re: Biometrics?

@FartingHippo - I'd agree with your counter-arguments, but I was talking about a laptop in the real world. Password strength isn't mandatory, it's at the discretion of the owner, who has just been told by the salesperson how fantastic the fingerprint scanning is. Vein scanners might be better, how many have you seen on laptops?

You're thankful that bolt-cutters would be the only realistic alternative for a crook? What do you keep on your laptop! I think passwords offer more flexibility against this level of attack. You can choose your level of resistance, based on the value of the protected data, and your assessment of the attacker... you can give up the password at any stage from "calling you rude names" to "here come the bolt-cutters" or beyond. As an additional advantage, you get to avoid the punishment by giving in. With a fingerprint scanner, the crook's fastest, easiest option is the bolt-cutters, so you loose the finger AND the data.

Sorry, that's getting away from the real world again. For most laptop buyers, a fingerprint scanner is a convenience for people who forget their password a lot, is likely to be used with a weak password backup, and a crook will either be stealing it for the hardware value, or will take the disc out to access the data direct because there's no full disc encryption.

0
0
Allan George Dyer
Bronze badge
Boffin

Re: Biometrics?

So, a laptop with a fingerprint scanner is less secure than one with just a password. The attacher can choose which method to attack, there is no protection from a poor password AND there is the opportunity to try a gummy finger cast or other false fingerprint method.

Making biometrics mandatory for all forms of password submission would be so bad. Don't get me wrong, biometrics is a useful form of authentication when used correctly. I've got an ID card with my thumbprint stored, and I can leave the country through an automatic gate by presenting it and my thumb. Very convenient. However, the gate is at a manned checkpoint. Someone with a fake thumb, or who tries to take the gate apart will be caught. Most places we use passwords do not have that sort of protection, so you cannot trust that the biometric reader is reporting correctly. For website authentication, the website owner doesn't even own the reader, so there is no control. BYOD is making the same true for office computing.

Salting and stronger hashes only protect users who choose strong passwords, starting an arms race is only marginally effective when so many users choose "password1" or "secret"

We need to move to PKI, then there is no problem with using the same certificate for multiple websites (or whatever) because the private key is never disclosed.

6
1

Ex-Doctor Who babe Karen Gillan touts dodgy diet pills in twit gaffe

Allan George Dyer
Bronze badge
Holmes

Re: if you want to lose weight

I think it was H G Wells, and he wore a lead belt and other weighty accessories to appear normal.

0
0

Unbelievably vast quasar cluster forces universe-sized rethink

Allan George Dyer
Bronze badge

Re: Space is big.

So he has returned to his original profession, though apparently not his partnership with Hotblack.

0
0

Swedish school puts Minecraft on the curriculum

Allan George Dyer
Bronze badge
Childcatcher

I think my kids will begin lobbying for emigration to Sweden.

3
0

Europe's cybercrime fighters get new digs... complete with Faraday room

Allan George Dyer
Bronze badge
Coat

Never heard of a Faraday Bag?

The one with the mesh-lined pockets, please.

1
0

Latest exoplanet discovery is a virtual CLONE of Earth

Allan George Dyer
Bronze badge
Alien

"Hang on, I thought we were first?" Re: How old is the star?

@toof4st - that sounds like the abandoned first draft of 2001 - A Space Odyssey . An ancient, mysterious technological artefact is found on the moon, it does nothing when discovered because it was created by an entirely extinct species, and nothing happens for the remainder of the film (in the book, an insane AI deletes all the research papers based on the artefact, because of a numeric overflow in the dates).

0
0
Allan George Dyer
Bronze badge
Holmes

Re: How old is the star?

"would have left an indelible mark somewhere" - really? The chances of an individual becoming fossilised are generally pretty small, and the same would be true of most of our technology. That iron oxide stain next to your newly discovered velociraptor fossil? Maybe it was driving a car. Maybe a large building could survive, but the Lighthouse of Alexandria didn't, and the Pyramids are looking a bit tatty after only a few thousand years. You could easily miss them if you're not looking in the right place.

5
0

Drop that can of sweet pop and grab a coffee - for your sanity's sake

Allan George Dyer
Bronze badge

Re: So...

Isn't Cthulhu a Monsanto product?

1
0

5,000 UK pubs get free Wi-Fi... and they're not even all in London

Allan George Dyer
Bronze badge
Pint

Re: Free as in "complimentary for paying customers"

I'd get you a pint, but I don't know who to give it to, your details are false...

1
0

Chinese Twitter Sina Weibo goes bilingual

Allan George Dyer
Bronze badge
Coat

Re: Oddly enough...

How private is a Twitter direct message? I don't think I'd want to rely on it for any communication I seriously needed to stay private. Unless it is end-to-end encrypted, it's like sending a postcard - probably no-one will bother to look.

Sorry, I should have added a "Joke Alert" to my second paragraph.

Who says the van is arriving from China? I'm sure Bradley Manning can explain how transferring documents, even in a private message, can get you into trouble in many places.

OK, that's a big jump, from a private tweet to loads of secret documents, but I think there is a continuous range. Whenever people do things online, they must consider the wider consequences, whether that is not getting a job interview because of student party photos, or getting arrested for treason, or finding disturbing "targeted advertising" appearing. When you post a private message in twitter, you are trusting that they actually follow their own privacy rules; they don't screw up; the company that buys them in 10 years doesn't decide to misuse the data; and so on...

Society depends on trust. The internet is changing trust in non-obvious ways. People need to be aware of that.

0
0
Allan George Dyer
Bronze badge
Black Helicopters

Re: Oddly enough...

Why would anyone worry about being monitored while micro-blogging? It's a public forum where you EXPECT people to listen to you! Next you'll be saying intelligence agencies shouldn't buy newspapers.

Though it'd be nice if they would actually be open about doing it... great for one-upping your friends, "I'm being followed by MOSSAD", "So what, I'm being followed by FSB and CIA".

There's a big difference between monitoring a public forum and the, sometimes related, arrival of an unmarked van in the middle of the night to take you on an unexpected holiday at a re-education camp (though China might be getting rid of re-education camps this year).

0
0

Boffins develop microwave weed-zapper

Allan George Dyer
Bronze badge

Deadly weapon!

OK, the power cable might be a bit limiting, but plenty of scope for in-the-heat-of the-moment manslaughter, or meticulously pre-planned homicide.

Also an open invitation to Darwin awards for anyone close enough ("it really warms you up if you stand here").

0
0

US nuke lab drops Chinese networking kit

Allan George Dyer
Bronze badge
Black Helicopters

Good idea...

Now, who do you buy network monitoring gear from? qui custodit custodes

But, overall I think they'll have a hard time finding a supplier that isn't owned by and doesn't employ citizens from all countries they might have a bit of a disagreement with during the lifetime of the kit.

If they are going to be properly paranoid, they should keep quiet about their suspicions, buy the kit, reverse engineer it, find the backdoors and use them for feeding disinformation.

1
0

Security bods rip off Microsoft's 'sticking plaster' IE bug fix

Allan George Dyer
Bronze badge
Alert

Re: A question to hackers or security people

"Full control" means administrator-level access, so, yes, they could launch an RDP session if they wanted to. I recall the old Back Orifice party trick... you could remotely eject the CD tray, great for awareness raising, not much use for a criminal.

Typically, an attacker would try to be unobtrusive, and would install something to further their ultimate purpose. If the attack can be automated, then it will be used in drive-by attacks to install botnet software for later sale as DoS or spamming zombies; if the attack is more involved, then maybe used in targeted attacks on high-value victims for installing keyloggers; or capturing webcam images for extortion; the possibilities are endless.

0
0

Browser makers rush to block fake Google.com security cert

Allan George Dyer
Bronze badge
Pirate

Suspicious...

Is anyone else thinking this might be an inside job? Fraudsters pay off employee, who either has another job lined up, or plans to let a colleague take the fall. The alternative is that fraudsters are routinely checking the certificates on every SSL website in the hope that one day a CA will make this serious blunder and they will be able to find a way to steal the key from the cert holder. Sure, they can automate the search, but why wait for a blunder when you can pay for one?

Secondly, are the fraudsters now kicking themselves for issuing a fake "*.google.com" cert? They could have kept themselves busy and well-funded on dozens of low-profile domain certs, maybe some obscure badly-run banks, but they got greedy and went for the big one.

0
0

Canadian astronaut warns William Shatner of life on Earth

Allan George Dyer
Bronze badge
Boffin

Re: "...damped by gravity..." ???

I don't know...

but it occurs to me that a string in gravity will always have a slight distortion downwards, so the forces on different parts of the string will be different. The ends will be under higher tension than the middle, because they are supporting the weight of the middle, changing how the string propagates the wave.

Take a skipping rope - held slack, it is difficult to get a (low frequency) wave from one end to the other. Pull it taught, and it can be plucked. Now, imagine a slack skipping rope extended until the tension at the ends from the weight is the same as the original taught skipping rope (yes, this is a very long rope). You can pluck one end, and the wave will propagate until it approaches the middle, where the tension is insufficient. The guitar string is a much less pronounced example of this effect.

To put it another way, the difference in tension is an impedance difference to the wave, and causes attenuation in the string affected by gravity.

Uh - does that sound right? Can I have this icon with a question-mark, meaning technical, and quite possibly bovine excrement?

3
0

This photo slide scanner costs €60... The bundled malware? That's free

Allan George Dyer
Bronze badge
Boffin

I've gone all nostalgic

It all comes back to me, the darkened sitting room, the awkward erection of the screen, fiddling with the projector, the focus all wrong... corrected. The satisfying clicks as the changer inserts each new slide on the click of the remote control (well.. the control on a 6 foot grey cable), the frustration of the big carousel jamming.

The joys of youth. Yes, the specs are rose-tinted.

1
0

Anti-virus products are rubbish, says Imperva

Allan George Dyer
Bronze badge

Flawed study?

Full disclosure: I sell anti-virus software and do a little research on viruses and related security areas.

I was surprised at the small sample set Imperva used - just 82 samples, collected from honey pots, google and hacker forums. Can this really reflect on effectiveness against the millions of malware samples known to exist?

In comparison, AV-Test uses two test sets in its Protection tests:

* All malicious files they discovered in the last 6 - 8 weeks: around 100,000 – 150,000 files.

* Extremely widespread malicious files they discovered in the last 6 – 8 weeks: around 2,000 – 2,500 files.

Looking at the full study, there is another surprise - Imperva do not do their own testing, they threw the samples at VirusTotal. VirusTotal is a useful website, but they are quite explicit that it is unsuitable for product testing. Imperva takes the short form of VirusTotal's advice, "not designed as a tool to perform antivirus comparative analyses", and counter it in their 'Limitations' section saying that they are not doing a comparison. They ignore the longer advice, that details why VirusTotal is unsuitable for both comparative and effectiveness testing.

Anti-virus testing is notoriously difficult, and competent researchers put a lot of work into making sure they use methodologies that will produce relevant, reliable results. Did Imperva?

13
0

Yes, hundreds upon hundreds of websites CAN all be wrong

Allan George Dyer
Bronze badge
Joke

Re: Obligatory XKCD cartoon...

I hope you realise that there's a badly-written "u", it should read, "Someone is wrung on the internet". It's a protest against unnecessary networking of laundries.

1
0

The amazing magical LED: Has it really been fifty years already?

Allan George Dyer
Bronze badge
Coat

I'm waiting for the black LED

Black is cool, black is the future. "Every time I press this black button on a black background, a black light lights up black to tell me I've done it!" (Thanks, Douglas)

1
0

Baby got .BAT: Old-school malware terrifies Iran with del *.*

Allan George Dyer
Bronze badge
Pint

Re: Wouldn't

Possibly recovered - if you happen to know someone who enjoyed doing those really large jigsaw puzzles, with names like "The World's Largest Jigsaw Puzzle" where all the pieces look the same. A moderately large, moderately fragmented disc with the File Table missing would be an excellent Christmas present for them.

Personally, I'd recommend imaging the disc and restoring from backup...

0
0

Perl programming language marks 25th birthday

Allan George Dyer
Bronze badge
Boffin

Only 25 years?

I'll swear I once saw a module in CPAN called Universe, the new method took arguments c, G, h, ε0, e and a boolean value for evolution. There was a warning that memory requirements often grew quickly.

0
0

Falling slinky displays slow-motion causality

Allan George Dyer
Bronze badge
Pint

Re: Seems overcomplicated

So Wile E Coyote has a very low spring constant?

5
0

Cassini spots Titan ‘mini-Nile’

Allan George Dyer
Bronze badge
Coat

It has a "resemblance to the river Nile"? Sure, but if they turn the photo 90&deg; clockwise, it's the spitting image of the Amazon.

0
0

Revealed: The Brit-built GRAVITY-powered light that costs $5

Allan George Dyer
Bronze badge

Re: Nice

But the gravity version is more portable than the spring version. You don't have to carry the weight around, you fill up the bag with soil, gravel, shrapnel or whatever else is around when you use it. The two are both useful in different circumstances.

1
1

Worldwide Gmail crash was due to Google Sync bug

Allan George Dyer
Bronze badge
Boffin

The choice is...

running round like a blue-arsed fly, fielding calls from your users and trying to get answers from your outsourcer about what happened and when it will be fixed

OR

running round like a blue-arsed fly, fielding calls from your users and trying to identify what died and fix it.

1
0

Another Apple maps desert death trap down under

Allan George Dyer
Bronze badge
Pirate

Re: All we need are some inbred cannibals living at down that road and we've got a B-movie!

What a coincidence, so am I. If you come to these coordinates, I'm sure you can make a contribution. The cast tells me they are looking forward to having you for dinner.

1
0

Linux kernel dumps 386 chip support

Allan George Dyer
Bronze badge
Coat

Re: 386?

You didn't start on the 4040, like me? To be fair, mine was a plastic DIP package, but the IO chip was ceramic.

I never tried running a *nix on it, and, IIRC, Linux never supported the 286 or earlier.

I only switched off my last 386SX in 2010, though that was running DOS.

0
0