* Posts by Danny 2

306 posts • joined 6 Jul 2009

Page:

The UK's Investigatory Powers Act allows the State to tell lies in court

Danny 2
Bronze badge

Re: jury nullification

I read that when Russia ended serfdom then the peasants refused to convict anyone accused by the corrupt courts, but would then lynch the released prisoners they knew were bad. I'm not suggesting that.

If nothing else then if you want excused from jury duty then just wear a T Shirt saying 'jury nullification' on the first day. Mind you, a year ago I was thrown out a trial for 'wearing my jacket disrespectfully', and I was the accused.

0
0
Danny 2
Bronze badge

@Adam This is from US law but it still stems from the Magna Carta -

Jury Myths and Misconceptions: Can Jurors Be Punished for Jury Nullification Verdicts?

Each and every one of you has the mettle and moral fiber necessary to claim this power as your own and to wield it for your highest purpose when serving on a jury: upholding justice, including upholding it above law when the two are in conflict. Do not be deterred by people invoking the chimera of punishment for acting in good conscience and doing what is right.

9
0
Danny 2
Bronze badge

The principle of jury nullification basically means a jury decides what is legal, not a judge. A jury can refuse to convict even when told they have to - although nobody will tell a jury this.

20
0

Own goal for Scottish Football Association as fans sent phishy emails

Danny 2
Bronze badge

Too greedy

They might have got away with it if they'd asked for £17, they obviously don't know Scotland fans.

It's an own goal for the SFA but we're still ahead of Malta.

4
1

Icelandic Pirate Party asked to form government

Danny 2
Bronze badge

Re: Excellent!

Saga is cool, but I'm afraid she is Swedish. A great loss to Sys Admin.

3
0

Microsoft's nerd goggles will run on a toaster

Danny 2
Bronze badge

Dentists chairs killer app

I had root canal drilling today and as the orange specs were placed over my eyes I realised I'd far rather be watching playful kittens or even Playboy bunnies, rather than my dentist transformed into Donald Trump.

0
0

No super-kinky web smut please, we're British

Danny 2
Bronze badge

Re: Yep, that'll work

In 1958 even missionary was illegal in Britain - by definition you had to go to the colonies to do that. We used to reproduce asexually, by sharing a cup of tea then sitting on a toilet seat your spouse had just sat on. However until 1986 spanking leaving a mark wasn't just legal, it was mandatory,

8
0
Danny 2
Bronze badge

Re: First they came....

First they came for the Socialists, and I did not spank out

0
0

Scotland's Skyscanner sold to Chinese rival Ctrip in £1.4bn deal

Danny 2
Bronze badge

"The Edinburgh-based business"

The business based in the city formerly known as Edinburgh. Next week we are being renamed Garethwilliamsburgh.

And you mocked Scotland for having the unicorn as our national animal, but Skyscanner and Fanduel were real!

1
0

Computer forensics defuses FBI's Clinton email 'bombshell'

Danny 2
Bronze badge

General Petraeus, by then Director of the CIA. It's not in the Wikipedia page but seemingly the investigators faced fewer legal hurdles due to the fact the communication was in a shared folder rather than emailed communications.

2
0

Alleged hacker Lauri Love loses extradition case. Judge: Suicide safeguards in place

Danny 2
Bronze badge

Re: Suicide highly unlikely ...

Capital city.

3
0
Danny 2
Bronze badge

Re: This should be simple...

A British citzen committing a crime on British soil should be charged in the UK under English or Scottish law and if found guilty imprisoned here close to their family, in this case under the Computer Misuse Act 1990 with a maximum 10 year sentence. Anything less is a betrayal of soveriegnty.

If the yanks don't like that then they shouldn't keep their sensitive military systems easily available online from the UK.

I've met Love near Glasgow, he is not that technical. There must be dozens of less naive hackers still in those systems undetected.

5
1

Filmmaker Werner Herzog interviews Elon Musk for internet doco

Danny 2
Bronze badge

The Simpsons. His entire career was simply an apprenticeship for his greatest role as Walter Hotenhoffer.

Grandpa Simpson - What did you do during the war?

Walter Hotenhoffer - WWII? I wasn't born yet.

Grandpa Simpson - Funny how many Germans say that these days.

0
0

Brave idea: Ex Mozilla man punts Bitcoin adblocking browser

Danny 2
Bronze badge

Opt in rather than creep out

I block ad's on some of the sites I like and would like to support because the adverts creep me out by mining my posts. Targetted advertising is just scary and almost always incorrect. For my favourite sites I'd be happy to fill out a form saying, 'there are the things I actually buy, or may be interested in adverts about, don't send me any others and don't personalise any of them".

1
0

We want GCHQ-style spy powers to hack cybercrims, say police

Danny 2
Bronze badge

Re: Next, traffic wardens...

CCTV supposedly used to cut violent crime is already used to police parking violations. Councils and DWP little hitlers already do this too to cu down on dog poo, school admissions, rubbish bin abuses.

I was recently charged (wrongly) with a Breach of the Peace, over twenty months and with three days in jail, about fifteen court appearances, and several police raids/visits to my parents house. I realised fairly early on the police were going to their address soon after I'd arrived out of convenience, and must have been tracking my phone to save themselves a fifteen mile drive to my home. Later one of the officers interrogating me confirmed that inadvertently.

My case is utterly petty and minor but Police Scotland have also been doing the same stuff to journalists and other police officers. I got to talk candidly to a senior police officer about this sort of quasi-legal behaviour once and he was perfectly frank and unembarrassed, "What we can do, we will do". Meaning they will do anything they think they personally will not be prosecuted for.

And that is fair enough if they'd focus on serious criminals and terrorists, but they don't and they don't intend to.

13
1

Exploding Samsung Galaxy Note 7 phablets recalled immediately

Danny 2
Bronze badge

Guardian of the Galaxy

Hands up, who left their Galaxy Note7 on the Space X Falcon? Or who designed it as the communications device just because it had the word Galaxy in it?

4
0

'NSA' hack okshun woz writ by Inglish speeker trieing to hyde

Danny 2
Bronze badge

Re: The 'insider' theory

At one point it was part of my job to read log files to spot hacks. I must confess I am not sure I did it very well. My boss was better at it, but he always did it after the event. Once you know something has happened then it is relatively simple to look back for tell-tale signs. It was complicated by the fact we never got to choose what was logged, some invisible developer decided that months before without our input. So spotting it in real time requires pattern recognition skills that I doubt even Assange has. You stare at logs over and over and you can, sometimes, tell if something looks a bit different. If you are well slept and and not on 24 hour call out, and you didn't just have an argument with your girlfriend.

I used to be stuck between a yearly battle between Belgian and Dutch hacking conventions. These genius idiots weren't actual criminals as such, but they were trying their best to take us down for lolz. It was bloody annoying, and I had the best of support. As soon as they jabbed us, we'd get a direct patch from MS or whoever and have to install it organisation wide. You know how Space Invaders gets annoying after an hour or four? It was very tempting just to leave work, go to the convention and spike their drinks with LSD.

1
0
Danny 2
Bronze badge

Re: The 'insider' theory

Snowden used a CD marked "Lady Gaga"

That was Manning.

If you can get remote access to everything on a server then you can likely ammend the log files too. Various crypto gurus are already recommending we look to a post-cypto future where you assume you are hacked and concentrate on blocking exfiltration, either by DVD as you said or straight over the network.

2
0
Danny 2
Bronze badge

Short changed

I don't know if this is true or not but a commentator on another website said ten million Cisco shares were shorted in the weeks leading up to this story. I know El Reg pokes around in technical details but there might be a story in following the money.

1
0

Banking system SWIFT was anything but on security, ex-boss claims

Danny 2
Bronze badge

Re: swift .... really archaic

Well, it was either you or your bank who can be described as really archaic.

0
0
Danny 2
Bronze badge

Re: I interviewed there last year. . .

Culpepper. Aye, and I had a Virginian boss in the Netherlands who never liked the locals, and who in turn wasn't liked. That made him a bit paranoid too. I never met a single Indian there but I met many, many nationalities among my colleagues. Mostly western, mostly white, mostly male.

0
1
Danny 2
Bronze badge

Half the money that passes hands each day is transferred across the SWIFT network. You are quite correct that actual money doesn't travel across their network, only messages, but duh! A physical £50 note is only a message too.

SWIFT do provide secure communications to their users, in the same way the Bank of England/ Bank of Scotland RBS and Clydesbank provide secure £50 notes to their users. If you get mugged walking down the street or accept obviously fake £50 notes then you can't blame the currency. The weak point is the banks, aka between the chair and the keyboard.

0
0
Danny 2
Bronze badge

Re: Lack of trust

First, neither Linux or Windows is used on the main network.

Second, why on earth is SWIFTs self-signed root PKI cert a 'dodgy security practice'? It's entirely their network so outsourcing trust would be a vulnerability. Banks trust SWIFT for a good reason, they are unhackable. Other root certifiers are not.

4
0
Danny 2
Bronze badge

I'm guessing you were working at the Begian HQ. In the OPs centres there aren't any contractors and the canteen food is, well,not exceptionally good. Security though is tighter than anywhere else I've ever seen, certainly far, far tighter than banks which just aren't comparable. I take it you were a developer, you wouldn't have got within sniffing distance of the actual networks.

As 2nd line support (only four managerial levels lower than Schrank since they only have four levels) I wasn't allowed to touch the active machines I was supporting. I'd have to talk an operator in a secure area through it.

3
0

UK IT consultant subject to insane sex ban order mounts legal challenge

Danny 2
Bronze badge

Legal ordeal

I've just experienced 20 months of being charged with Breach of the Peace Section 38 ("a domestic"), only for the charges to be dropped earlier this week during the trial without me being allowed to say anything in court except "Not guilty". I've had to attend court at least 12 times, I eventually lost count. I've spent three days in jail on two occassions, my family suffered three police 'visits', I've chosen not to work or claim benefits during that period, and it's been hellish.

I will write it up and may post it here or at least link to it here because there are a few tech angles. First though I've got complaints to the police, the laywers and the prosecutors to write, in the hope of improving their awful performance rather than wanting vengeful disciplinary action.

I would've preferred a trial rather than a dismissal even though I had been told there was a good chance of being found guilty. I would far preferred if the prosecutors had accepted my initial offer to discuss the matter on record.

One of the things that came out of this is I asked and got to read my medical records, and they are appalling inaccurate and worringly demeaning. It's inhibited me from seeking medical help again, and I urge everyone here to ask to read through their own medical notes. Unrelated to my case I found suggestions that I was a heroin user when I attended hospital with cat bites - wtf?

As IT guys we recognise and laugh at our own professions incompetence, but in my experience we are far better at our jobs and more open about our failings than doctors or the judiciary who form 'closed ranks'.

By nature I don't have much sympathy for this guy the way he has conducted himself and has been portrayed in the media. Through bitter experience I'll hold my judgement on anyone I haven't shared a cell with.

15
0

Robo-buses join the traffic in Helsinki

Danny 2
Bronze badge

Child's play

Why automate while child labour works?

11-year-old boy steals bus, passengers don’t notice

0
0

Snowden says Russia ‘probably responsible’ for NSA hack

Danny 2
Bronze badge

“warning that someone can prove US responsibility for any attacks that originated from this malware server”. “This may be an effort to influence the calculus of decision-makers wondering how sharply to respond to the DNC hacks,”
Is he implying the DNC was hacked from the NSA malware servers?

0
0

Polish developer hacks Android rewards app for free beer

Danny 2
Bronze badge
Pint

Olympian

I read German gold medal winners at the Olympics get free beer for life, which must work against them winning at the following Olympics.

10
0

SWIFT moves on security in wake of hacking attacks

Danny 2
Bronze badge

Re: speedy

The money went to unregulated casinos in the Philippines. A local bank manager was caught leaving work with an armoured car full of cash, so that small portion of the money will presumably be returned. The rest of it went to upgrade the Chinese triads into quads.

2
0

Spied upon by GCHQ? You'll need proof before a court will hear you...

Danny 2
Bronze badge

Re: I'm Spartacus

We appreciate your expression of willingness to participate. Unfortunately, the claims in this case had to be filed by 4 December 2015. The reason is that the Investigatory Powers Tribunal found that unlawful GCHQ surveillance, on which these claims are based, became lawful as of 5 December 2014. Once a claim is filed, the Tribunal will only search GCHQ’s records for unlawful activity during the year before the claim was submitted. What this means is that a claim submitted on 14 September 2015 would lead to records being searched for the time period between 14 September 2014 and 5 December 2014. Claims submitted after 4 December 2015 would address surveillance by GCHQ that was deemed lawful by the Tribunal and therefore not subject to a search.

It's even more of a con than the article conveyed! Apologies to PI but no apologies to the IPT:

"If Sir Jimmy abused you in the you before you first complained, then we would certainly consider accepting your proof".

1
0
Danny 2
Bronze badge

Re: I'm Spartacus

I'm not one of the 663 but have strong and deep evidence I was spied upon, including but not limited to emails from a since exposed police infiltrator. I never applied to PI as I had no faith it would be taken seriously, but if it's being dismissed in this flippant manner then I perhaps should (reluctantly hold up my hand, sigh, and mumble "I'm Spartacus").

However, I'm still put off submitting a complaint as they are limiting it to the first ten cases, instead of the strongest ten, and I'm not sure if those ten have to be part of the six hundred and sixty three. Do you know if that is the case?

0
0

Inter-bank system SWIFT on security? User manual needs 'revamp’

Danny 2
Bronze badge

Re: Purpose-built systems are never secure

SWIFT originally refused to cut-off Iranian banks so the US threatened to arrest all it's employees and management. SWIFT complained to the Belgian government who shrugged. So how can an organisation follow Belgian national laws without the support of the Belgian government?

As for monitoring terrorist funding, can you name one organisation with an operations centre in the US that doesn't comply with a legal request from US authorities to track terrorists?

1
0
Danny 2
Bronze badge

Re: ~8 months ago, I interviewed with SWIFT. . . .

Your impression was incorrect. I'm working class, never went to Uni, and many of my colleagues were the same. It's probably the most meritocratic employer I've worked for, far better than any British employer. Only four seniority levels from bottom to top. There were a lot of white males, but no more so than other European IT organisations.

If you were competent for the role then you were maybe deemed a security risk, their background checking is a lot more in-depth than they you'd know.

0
0

Spying on you using fake social media profiles: One Scots council could

Danny 2
Bronze badge

Okay, my comment was deleted, fair enough. I think I made a good point fairly but I'll respect the referees decision.

Feel free to object (more) rationally when I now make tangential points relating to other Scots councils.

My current council is Edinburgh, and I regularly see councillors there being dropped off from 'Works' vans. They use council vehicles as private taxis, at a time they are charging workers for parking at work and laying off workers.

The council I worked for, if you reach Larkhall then you are there, had a lovely line in sectarianism. "What's green and doesn't move? A Catholic on the housing list", said the head of housing to he head of finance in my presence. Not really a joke since it was true.

Further west again, Glasgow City Council - sexual abuse, homophobia, sectarianism, graft, it'd be easier to list what they do correctly.

These people feel like they have 'tenure', that they are 'untouchable', and they act accordingly. I'm not right wing, probably you'd label me far-left, but you just don't get away with their sort of malfeasance in a corporation, unless you own the corporation.

1
0

This post has been deleted by a moderator

Danny 2
Bronze badge

Re: Nicola Sturgeon=Rosa Klebb

Mars bar. Batter. Oil.

I have seen them, they are real, but I've only seen foreign students eating them. We Scots regard them as different courses.

0
0
Danny 2
Bronze badge

Re: and people ask why I'm not on any (anti-)social media site?

"the less people knew about me the better"

Just over a decade ago you could search the internet for "Secret Project" + CV and get all the main engineers involved. They'd boast about it online, perhaps inadvertently through recruitment agencies.

In 2003 I found the main engineer behind the UK's '4 minute warning' of a nuclear attack. Brian Dreary. I wanted to trigger the warning, at least for high ranking officials, but I was persuaded by a wiser soul that was irresponsible and potentially dangerous.

For the record, at that time at least, the 'four minute warning' consisted of a pre-recorded telephone call to every British land-line, telling you Armageddon was imminent but not to panic. Guess whose voice they used to reassure us? Joanna Lumley!

Good choice. My plan was to either steal the recording or hire a voice impersonator, and call all the key folk just to panic them into heart attacks. I was talked out of that but I sort of wish I had.

1
0
Danny 2
Bronze badge

However Jim Lamond, head of council resources, told councillors during a cabinet meeting on Tuesday that using social media to investigate people did happen.

Since you are now monitoring this website, how about you explain your "We didn't do it, but if if we did do it, this is how we did it" OJ Simpson defence?

While you are at it, do you want to explain why council-tax payers money is used to promote and fund the singing career of one Rena Gertz?

"He who fights with monsters should look to it that he himself does not become a monster. And if you gaze long into an abyss, the abyss also gazes into you."

2
0

This post has been deleted by a moderator

Yet another SE Asia bank hit by a SWIFT credentials hack

Danny 2
Bronze badge

You have an inadvertent 'Swift' in there. They are a car company, a delivery company, and a sausage company, unrelated to SWIFT.

My first week at SWIFT. First day I noticed the building had curved edges, same as Air Traffic - to deflect truck-bombs. Everyone gets a full body scan to enter and leave, to make sure nothing as big as a CD or memory stick gets in or out. There is CCTV everywhere. There is an ashtray placed on your desk, because they know in advance you smoke. You are allowed to smoke everywhere, including certain server rooms, because there is a constant updraft of ventilation that Dyson must've designed. You are not allowed anywhere near the servers you support, you have to talk operations staff through whatever minor or vital thing you want to do. Your colleagues at lunch joke that they analyse your piss and shit in the toilet for drugs. Except they aren't joking, although out of hours cannabis is permitted. You find your flat has been broken into overnight, fairly often, just to check. The mice have fingerprint readers. You are told security is everyone's prime responsibility, but when you actually check on security, you are questioned by an internal security team about your motives. There is no internet access, but the intranet tells you stuff about your hometown that you never knew. You are repeatedly warned about all the ingenious Mafia phishing and more serious threats. Your colleagues are introduced to you as 'John, from British security' and 'Paul, from French security', and these are actual state officers seconded to the role doing coding and tech support. When you have a tech support question yourself, your call goes directly to one of the world's experts - millionaires are your help-desk. They try to imprison their staff with high wages, and give you a weekly back massage.

Outside of GCHQ and the NSA, it is the tightest security in the world. Of course their end terminals are the weakest link, that's not their responsibility. They tell an anecdote about when Saddam invaded Kuwait they dodged a bullet because the terminal there was in an unopened cupboard.

But blaming SWIFT for end point attacks is like blaming BT for phishing scams. They are tighter than a sheep's behind at an Aberdeen game.

4
2

Microsoft phone support contractors told to hang up after 15 minutes

Danny 2
Bronze badge

One down

I have read every tale of woe here, and though I am always amused I can always beat them from my own history of incompetence. I could write a short novel of comedic failures. The time I fixed a six month BT lease-line problem. The time I drove over my bag full of replacement video cards, and had to install them anyway. The obligatory rm -rf anecdote. The time I replaced a blind man's VDU without understanding why, only to stick my hand out excepting him to shake it.

In retrospect, most of my career was comedic. I once had a MS vice-president as my first line tech support though. You know you've made it when you have a millionaire at your beck and call.

10
1

We're calling it: World hits peak Namey McNameface

Danny 2
Bronze badge

Parsey McParseface

As Scottish granny's everywhere used to say, "Yer arse in parsely".

I think the English equivalent is, "I don't believe it!"

2
0

Meet the malware that screwed a Bangladeshi bank out of $81m

Danny 2
Bronze badge

Re: The software nasty was inserted into the SWIFT terminal

Why, since none of those were involved?

0
1
Danny 2
Bronze badge

Re: "...Why go for a billion??"

There were only five successful transactions, so 'very large' should remain an obvious red flag!

0
0
Danny 2
Bronze badge

It's not a vulnerability on the SWIFT side which is why they aren't footing the bill. Their network is more secure than any of my other previous employers, including Air Traffic Services. If they are culpable at all it is for allowing the Bangladesh Bank to join their network.

It seems suspcious that the Bangladesh Bank was seup using $10 second hand switches unable to isolate the SWIFT terminal, not just criminal incompetence and more likely a designed in vulnerability.

There were 36 fraudulent wire transfers, and only 5 were successful, so these were very high value transactions. Rizal Commercial Banking Corporation's branch manager Maia Santos Deguito took $427,000 from one of the laundery accounts in the Philipines, but the main criminals appear to be Chinese with a very good knowledge of SWIFT terminals and procedures.

0
0

Google-funded study concludes: Make DMCA even more Google-friendly

Danny 2
Bronze badge

Google Free since March 2016

Hiya El Reg,

In a fit of informed petulance I decided to dump Google last month. I jettisoned my Gmail account, or as I normally have to sign in here, my GoogleMail account ("Our records show you have been a member since 2007-04-11").

By chance I haven't cleared my cookies yet, because I don't want to ditch this esteemed (steaming?) magazine. So I updated my details here to change my email address, and as told "We've sent a verification email to" my old gmail address. Catch 22.

I'm the poor sod who has been on trial for BoP, since Drew gave me my bronze badge, and my trial date has been pushed back till sometime in summer - I'm basically Job. I 'm not asking for sympathy, I would however like a little help changing my email address here without having to sign in to google again. MyName@Protonmail.com or dot ch, preferably both.

I've suffered enough and that bronze badge is all I've got left. My cat died a week ago. My dad is getting a pacemaker fitted next week. Please don't make me re~register just because your automated log-in/ change-of-details process is slightly dafter than a Google April's fool. Or at least tell me which of these bloody cookies I have to preserve for eternity to keep my login here.

1
0

Confused by crypto? Here's what that password hashing stuff means in English

Danny 2
Bronze badge

Re: Chrome's "Pinning" doesn't appear to work

Steve Gibson has some nice freeware to check for that, if anyone is worried their employer is doing the same - Fingerprints

1
0

Pornography, violence and JG Ballard: High Rise, the 1970s' internet

Danny 2
Bronze badge

When I bought my first home in the late '80s , it came with an antique '30s Bakelite rotary phone worth several hundreds of pounds, and a 3 digit phone number. Within a year my 3 digit phone number had been replaced by a 10 digit phone number. Worse still, my guinea pigs got loose when I was at work and gnawed through the phone cord. British Telecom, in their infinite greed, immediately sent men to break into my home to replace that phone with a cheapo button-dial replacement, in their words so I wouldn't be inconvenienced. Effing thieves. If I'd have phoned for any other fault then they wouldn't have responded for months, but they knew they could reclaim the phone and sell it on.

I'm no fan of rip-off modern telco-companies, but you have to bear in mind that in those days British Telecom were a law unto themselves. One of the proudest achievements in my career was getting a written apology from British Telecom, after three months hard work on my part and no effort on their part. An airgun pellet in an over-head leased line would short the circuit in high winds, disrupting the network I was responsible for. British Telecom staff at the time were as unsympathetic as DWP staff are today.

"You don't have to be a misanthrope to work here, but it helps"

3
0
Danny 2
Bronze badge

Re: Ballard predicted Facebook

Your reference is the pornographic magazine Penthouse, and the reason for that is that it's publisher Bob Guccione married sci-fi freak Kathy Keeton. They then co-published the sublime Omni magazine. It also had typically sexist paintings of voluptuous fantasy characters, but I promise, as a 13 year old male I only read it for the articles.

7
0

A Logic Named Joe: The 1946 sci-fi short that nailed modern tech

Danny 2
Bronze badge

HG Wells invented the nuclear suitcase bomb in his 1914 novel The World Set Free, albeit it was more of an ever lasting firework.

More's 'Utopia' itself could be reimagined as a dystopia from the POV of one it's citizens.

I am hugely impressed with "A Logic Named Joe" and hope El Reg dig up more. Can I suggest "I have no mouth, but I must scream", which I thought of every day in the hell of tech support.

13
0

Page:

Forums