As usual, el reg dodged the real question
How will this hack affect house prices?
Posts by eLD
12 publicly visible posts • joined 21 Jun 2009
MailOnline pulls recipe site after innocent young cookbook DEFILED
Indestructible, badass rootkit BadBIOS: Is this tech world's Loch Ness Monster? VOTE NOW
Friday 1st November 2013 23:19 GMT
There was a chap at work who had a wig. Up until now, that was the least plausible thing I've ever seen in my life. Its just so stupid on so many levels. ASUS couldn't even reflash my BIOS without messing it up with the benefit of source code. What hope for something to have hundreds of BIOS patches, patches for affecting multiple OSes and all ready fit inside one BIOS.
NSA chief leaks info on data sharing tech: It's SharePoint
Saturday 20th July 2013 12:29 GMT
Unpopular opinion
I feel like I'm bucking the general trend here of the comments and about to be shot down. However, I actually agree with the NSA chap that the decision to use SharePoint was an extremely large reason for administrators being able to leak information.
I know nothing about SharePoint administration so I am expecting to be shot down in flames, but to have just a few basic thoughts on how I might design a security focused collaboration tool. I'd probably ensure that all the content was stored and served up encrypted. There would obviously be no need for someone with root on the machines serving content to be able to see the unencrypted content for backup or permission related issues. I'd probably delegate the actual job of decrypting the content that was being served up for particular user tokens to separate servers with more restricted access that only managed decryption and re-encryption of "resource {token} stored on source {token} being requested by {token}" to separate out and simplify the authentication job and limit the attack surface of what actually matters if it is compromised. I'd also probably split up keys storage into a number of different and disjoint fiefdoms under different control and use the academic research on byzantine generals problems to ensure that it required a majority of systems (and people) to be compromised before information was leaked beyond the intended targets.
The point I'm trying to make is that the design of a secure system for the NSA would seem to be very different to (my imagination of) a simple microsoft collaboration tool. It seems they were remiss in going for the easy option and not putting the possibility of spies at the heart of their IT policy. And thank god for that, now we know what we always suspected. :)
COLD FUSION is BACK with 'anomalous heat' claim
Amazon cloud knocked out by violent storms in Virginia
Sunday 1st July 2012 02:15 GMT
Yeah they've got the region "us-east" (virginia) availability zones a -> d. If only one zone in the region went down i don't see this as a real issue. There's a phrase involving eggs and baskets that springs to mind.
I cant see how this would drive people to move to other public clouds for reliability either. At least from the EC2 perspective, Amazon's cloud is failing in the way its advertised to fail. Again with Azure, unless T&Cs have changed since I last looked, you get no SLA unless you've got your stuff deployed in different azure reliability zones anyway.
NASA probe now closer than ANY OTHER spacecraft to Pluto
Banshee man dumps Novell for Skype duo
No new copters for Afghanistan troops
Online sync'n'store services
Monday 17th January 2011 13:08 GMT 
I wonder why no full backup
I wonder why none of them seem to encourage full backups. It seems quite a reasonable use. I've got a couple of TiB of data total, but I bet 95%+ of that is duplicated on other machines with the same old apps, games and pr0n as other people.
I'd be interested to know if any of them were smart enough to recognise that they already had the files you had somewhere (hash it?) on their cloud and not make you upload it if so. The only downsides I can see are:
1) They'd know what files you had, which dependant on how its done with uploads they wouldn't necessarily know.
2) It'd be harder to explain pricing to customers if they started charging for what the service cost rather than just per GiB. It presumably costs them next to nothing to store the same identical file as another 1000 customers have.
MoD battles copycat hackers
Windows 3.0 turns 20
Monday 24th May 2010 23:53 GMT 
Windows 3.0 32-bit ?
Actually it kindof was. Remember that stuff with enhanced mode for 386?
Windows 3.0 had a kernel that ran in 32-bit protected mode and ran 2 subsystems under there. Windows (16-bit) and DOS (also 16-bit). Ever wonder how you could run multiple dos boxes at once? It was pre-emptive multitasking even back then.
Still its all a bit academic given that all the apps were 16-bit cooperatively multitasked...
Biting the hand that feeds IT
