Feeds

* Posts by Smooth Newt

67 posts • joined 6 Jul 2009

Page:

In dot we trust: If you keep to this 124-page security rulebook, you can own yourname.trust

Smooth Newt

Re: The rest of the story

I expect banks will sign up in droves.

Many are keen to address the worries that lots of their customers have about online security. $100k a year isn't even small change for them, and you can imagine the hype they will use with it to reinforce their "your security is our priority" message.

It doesn't really matter whether .trust sites are more secure or not, only that the bank customers believe that they are.

0
0

Sophos to offshore American support operations

Smooth Newt
FAIL

"The mission of the Support organization is to delight partners and customers"

They sell computer security software, not floral displays, for Gawd's sake. It is like a flushing lavatory, I am never "delighted" by it now matter how well it works, just annoyed when it doesn't.

7
0

WHY did Sunday Mirror stoop to slurping selfies for smut sting?

Smooth Newt

Re: Urrrggghhhh

Slurp has a specific meaning in Perl; to read the entire contents of a file in a single operation into one scalar variable. As the first release of Perl was in 1987 perhaps the 1993 OED definition was already out of date.

3
0

UK banks hook themselves up to real-time cop data feed

Smooth Newt

BBA Financial Crime Alerts Service

Is this what people who don't work in marketing call an "electronic mailing list"?

0
0

Spies would need SUPER POWERS to tap undersea cables

Smooth Newt
Pint

Re: NSA couldn't possibly have spliced the undersea cables ...

Many difficult things become a lot easier with an $11 billion annual budget.

8
2

UK.gov lobs another fistful of change at SME infosec nightmares

Smooth Newt

Re: It never usually goes to the SMEs...

Probably wouldn't achieve much even if spent wisely. 4.9 million SMEs. 82p each.

0
0

DARPA-backed jetpack prototype built to make soldiers run faster

Smooth Newt

Re: DARPA has a budget problem: How to spend it fast enough

And when they are not using it, which is the other 99.9% of the time, they will be further bogged down with yet another piece of heavy kit.

4
0

2016: Robo-butlers, flying cars, and Google's internet Terminators hunting SHA-1 SSL certs

Smooth Newt
Thumb Up

About time too

There are just so many organisations out there with bullshit in their T&Cs about how keeping customer data secure is a top priority, and they are using SHA 1 certificates and no forward secrecy.

0
0

China is now 99.8% sure you're you, thanks to world's-best facial recognition wares

Smooth Newt
Trollface

The real test

But how effective is it with people who deliberately, and skillfully, change their appearance to confuse it?

Otherwise it is really just a nice toy, useful for targetted ads and making immigration ministers feel good about themselves, but hardly secure.

0
0

SHIP OF FAIL: How do we right capsized institutions we thought would NEVER go under?

Smooth Newt
Mushroom

Misplaced incentives

In many cases the problem is that the group which chooses to take the risks that eventually leads to the failure is not the same one that suffers the consequences. Hence the downside of failure for them is disproportionately small.

I bet those NASA managers wouldn't have been so relaxed about the reliability of the Shuttle if they were the ones who were going to fly on it.

11
0

What could possibly go wrong? Banks could provide ID assurance for Gov.UK – report

Smooth Newt
Thumb Up

Demonstrable integrity

Given the need for probity here, it would be prudent to exclude any company which has been punished for fraud or dishonesty within the last five years from having any part in the management or oversight of the scheme.

After all if their internal oversight processes are that bad then they shouldn't be allowed anywhere near this.

So which banks does that leave?

5
0

Firefox 32 moves to kill MITM attacks

Smooth Newt
Trollface

New CAs

Amongst the new root certificates added is one from this CA. If I can't even pronounce it then should I trust it?

CN = CA 沃通根证书

3
0

iCloud fiasco: 100 FAMOUS WOMEN exposed NUDE online

Smooth Newt
Facepalm

Doh

If you don't want your personal naked photos on the Internet, DON'T UPLOAD THEM!

Still if you are rich and famous at least you can count on a well-resourced investigation by US authorities.

3
0

Loss of unencrypted back-up disk costs UK prisons ministry £180K

Smooth Newt

Re: Misleading title....

It hasn't cost tax payers anything, except a few thousand pounds in pointless civil servant effort. The money was in the government coffers. It is still in the government coffers.

2
0
Smooth Newt

Re: Cocking up

They have to do something to show they care. Short of actually punishing anyone, or making the MoJ compensate the victims, which they don't have the powers to do.

Maybe they should be able to block any honours for MoJ senior civil servants for the next couple of years. Much more effective.

4
0
Smooth Newt
Meh

Doncha just love it

when one government department fines another. Provides work for civil servants in both departments. Sir Humphrey would be delighted.

The Monetary Penalty Notice pdf says "The data controller has sufficient financial resources to pay a monetary penalty up to the maximum without it causing undue financial hardship".

What is "financial hardship" for a government ministry? Not enough in the tin for rich tea biscuits with the coffee at meetings?

3
0

e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt

Smooth Newt

Re: Tears roll down my cheeks

"Although for 250 million squid, an entire department might find itself collecting P45s"

Since any sackings would be handled with the Government's customary efficiency, those P45 recipients would doubtless reap colossal rewards by suing for unfair dismissal.

2
0

Call girl injected Google exec with heroin, drank wine, left him to die – cops claim

Smooth Newt

Re: Ah.. a scandel in the finest traditions.

Doesn't "innocent until proven guilty" apply? Some commentators here seem to assume that charged = guilty.

10
2

Top Canadian court: Cops need warrant to get names from ISPs

Smooth Newt

Re: Paul Crawford No sympathy.

Why are they "so-called 'civil liberties' groups" and not just civil liberties groups?

What is a real civil liberty group?

Just curious on your take on this.

1
0

MIT boffins moot tsunami-proof floating nuke power plants

Smooth Newt

MIT boffins moot tsunami-proof floating nuke power plants

Nuclear powered ships move around severe weather. I can't see floating nuclear power stations doing that without having to unplug the electricity cable to the cities.

1
3

UK.gov chucks another £260m at MOOC-based cyber security training

Smooth Newt

What's wrong with a National Computer Security Strategy?

What's the difference between "cyber" and "computer", or is it just pointless jargon?

1
0

CyanogenMod Android firmware gains built-in SMS encryption

Smooth Newt

Re: y bother?

I walk to work so I don't see why you need a car.

Just because you won't personally benefit from this doesn't mean that no one will.

0
0

Reports: NSA has compromised most internet encryption

Smooth Newt

Re: Ah well...

This is surely more or less a simple substution code? English word for german soldier -> Navajo word for german soldier, plus a bit of Navajo grammar and glue. I think "decrypting" a novel language would not be that much of a challenge if it was used at all extensively since the actions that follow the message will quickly give clues to the language.

Encryption works partly because there is no correlation between the ciphertext of two messages, even if they say the same thing because different keys are used each time (there are protocols for securely agreeing new keys) and each ciphertext block is usually encrypted using the previous block as part of its input so even a repeat in the plaintext doesn't show up as a repeat in the ciphertext.

0
1

PRISM scandal: Brit spooks operated within the law, say politicos

Smooth Newt

Re: Timing

"From the evidence we have seen, we have concluded that this is unfounded." Looks like a bit of arse covering wiggle room there too. The ISC can later say "Oops we didn't see that bit of evidence."

0
0

UK treasury minister sticks up for HMRC in Google tax row

Smooth Newt
WTF?

Customer Relationship Managers?

They are supposed to be getting the taxes that are due, not running some golf club.

5
0

Osbo jacks up spending on spooks to keep us safe from TERROR

Smooth Newt

Re: What terrorists?

It has to be said that the spending on combatting Hitler's wehrmacht was a vastly bigger proportion of the GDP than the security services get now. That isn't to say that they aren't over-egging the terrorism threat and its plausible consequences now of course, or that spying on everyone is the most effective way of dealing with it.

0
0

UK sitting on top of at least 50 years of shale gas – report

Smooth Newt
Trollface

Department of Energy, and err Climate Change

This must be from the Department of Energy side of the Department of Energy & Climate Change since there is no mention of any anthropogenic climate change caused by converting all this gas to atmospheric carbon dioxide. I really wish they would split the DECC into two departments, rather than having one with such a severe split personality disorder.

7
0

Using encryption? That means the US spooks have you on file

Smooth Newt

Re: scare tactic

Me neither. So they store it. But they can't read it, at least until quantum computers are available. So what are they going to use it for. A source of random numbers?

5
1

NSA PRISM snoop-gate: Won't someone think of the children, wails Apple

Smooth Newt
Gimp

"we frequently reject such requests outright"

But not so often that we want to provide statistics on that?

1
0

Now you can use your phone instead of your wallet at the ATM, too

Smooth Newt
Thumb Down

And the point is?

You use your phone instead of your card. How is this different to sellotaping a contactless smart card to the back of your phone, apart from all the new imaginitive security flaws the "imagineers" have failed to imagine?

What is it with the QR code crap anyway, why not just interrogate the phone for its SIM and IMEI. Actually why not just give people a little card they shove into the machine. They can keep it with their money. Or they can sellotape it to the back of their phone if it is contactless.

1
1

'Special relationship': Oracle bags UK.gov contract renewal

Smooth Newt

Re: so what happened?

But Oracle is a smaller business as far as the Government is concerned.

0
0

Carrier IQ VP: App on millions of phones not a privacy risk

Smooth Newt
Facepalm

Questions you should have asked

"We do also record the telephone numbers the SMSs are from and to."

Q. Do you think that the telephone numbers of the people that somone communicates with can be sensitive?

"One of the reasons for that is there's a huge amount of radio information that gets transmitted."

Q. Does this include data which could be used to track the user's location - for example the times and identities of the base stations the phone has been talking to, maybe the signal strength too?

"There are a sequence of key codes that can be typed by the user that cause the software to do things in the control center."

Q. What is the sequence of key codes that will turn the bloody thing off.

0
0

£1m 'Nobel prize of engineering' named after the Queen

Smooth Newt
Thumb Down

Pointless

There are already loads of awards for engineering. How many people have heard of the British Engineering Excellence Awards, the MacRobert Award or the James Watt International Gold Medal?

I doubt even a million quid is enough to get a decent headline outside of the trade press.

0
0

A tenth of Chinese farmland polluted by heavy metals

Smooth Newt
Boffin

Aqua regia...

...dissolves gold, the opposite of precipitation.

Could be worse - a common way of extracting gold is to dissolve it in a solution of sodium cyanide.

1
0

Japan develops powered armour suit for nuke workers

Smooth Newt
Facepalm

Don't need radiation proof armour

In a hazardous environment why would you want a person inside the suit at all - better to separate the sensors and the motors, and control it remotely.

1
0

Common brain parasite 'can affect host's actions'

Smooth Newt
Facepalm

Mess in non-public spaces

Children play in gardens too.

3
0

Top GCHQ spook warns of 'disturbing' levels of cyber-raids

Smooth Newt
Holmes

Cyber security

Glad to hear that the government are going to spend over half a billion pounds of our money on a new IT program. What could possibly go wrong?

3
0

Fake certificate attack targets Facebook users in Syria

Smooth Newt
Boffin

"Real" certificates next time

Surprised there isn't a Syrian Internet Network Information Center already registered by default as a CA in my browser. The Chinese are well ahead of the curve here but I think the others will soon catch up.

0
0

Antique Nimrod subhunters scrapped – THANK GOODNESS!

Smooth Newt
WTF?

Airliner Flight 322 hit a tree on takeoff at São Paulo, Brazil.

Hang on whilst my mind boggles.

0
0

Gov unveils plans to reduce employment tribunal claims

Smooth Newt
Flame

Great idea

They could reduce crime figures in the same way. Only people over, say 30, are allowed to report a crime and it costs them £1000 each time.

14
0

US Navy achieves '100 mile' hypersonic railgun test shot

Smooth Newt

Interference?

I wonder whether the electromagnetic radiation produced by switching all that current would interfere with the ship's radar and telecommunications.

1
0

MPs wake up to 21st century and internet

Smooth Newt
Thumb Down

And in another story

"I don't know of a Westminster hall debate that has ever changed anything."

says former minister Chris Mullin at a hearing a few days ago of the Commons public accounts committee. ( e.g. http://www.epolitix.com/latestnews/article-detail/newsarticle/ministers-engage-in-too-much-pointless-activity/ )

1
0

Unofficial fix brings temporary relief for critical Adobe vuln

Smooth Newt
Pint

Adobe Reader

Three weeks for a simple fix to critical, currently exploited patch seems like taking the piss.

But maybe Adobe have worked out that this type of problem doesn't actually affect their core business or their revenues.

After all it is not going to affect Adobe Acrobat Writer sales. The reader is just a loss leader, Adobe aren't actually going to make any money out of fixing it.

0
0

Eric Schmidt warns Berliners: 'We know where you are'

Smooth Newt
Flame

@A bit lame of the Germans...

Which particular part would that be? Oh yes, part of the generation now 80s and 90s. Just because someone's great-grandfather was a Nazi then it doesn't mean that they must be too.

0
0

German kiddies punted porn-projecting pens

Smooth Newt
Thumb Down

So where is the pornography?

If the images are like this, then why call it pornography? It's just a girl in a bikini.

0
0

USB stick with anti-terror training found outside police station

Smooth Newt
Thumb Down

Re: Yes and no

I think the Guildford Four or the Maguire Seven might disagree that the police did a "damn good job" during the time of the IRA.

0
2

Page: