* Posts by gerdesj

522 posts • joined 15 Aug 2009

Page:

Samsung emits mobe charging monitor. For your 'active lifestyle'

gerdesj
Bronze badge
Pint

Nicely put

"This presumably refers to the kind of active lifestyle where you sit at your desk"

2
0

Ubuntu defibrillates 14.10 for one LAST patch

gerdesj
Bronze badge

Why on earth?

I think that beast in the photo is a Weta. We don't get those 'round 'ere (in the UKoGB&NI), boy.

It's a big bug but I doubt anyone is going to be adding Weta to Heartbleed, Melissa, Lovebug and pals.

2
0

MEGABOFFIN Stephen Hawking to rattle off answers online for MORE THAN A WEEK

gerdesj
Bronze badge

Re: I've always wondered....

"if the Graviton is the particle that carries gravitational energy, how does it escape the event horizon of a black hole"

As it is *the* particle that "carries gravitational energy" then by definition it is unlikely to *be* affected by the effect it causes. Otherwise it gets a bit complicated, where "it" is pretty much everything 8)

IOW, uninformed use of technical terms that neither of us really understands, can lead to spurious contradictions that an expert would consider a bit silly.

3
2

Jeep breach: Scared? You should be, it could be you next

gerdesj
Bronze badge
Devil

Re: My new car does something odd

You could be right but there are loads of other ways of matching up you to your mobile number.

For example, if you use Facebook or Google+, both of those are really, really keen for you to lodge your mobile number for "security reasons" - prove yourself to them, recovery codes etc. Nothing to do with linking you up. Chrome to Phone offers a similar hook up between your browser (and hence your PC and you) to your devices.

Even your home phone number provides a link to you, that after jumping an index or two via joined up big data will get your mobile number.

Combine that lot with GPS on your mobe plus bookmarks etc synching, bluetooth and wifi AP watching and you, along with the rest of us are pretty well pwned in a marketing sense.

2
0

Microsoft has RECORD quarter, in a BAD way - Sad Nad slashes phone biz

gerdesj
Bronze badge
Linux

Sigh

I still find these sorts of stories a bit odd. An organisation manages to flog an absolute shit load of stuff - mostly electrons, and be lightly vilified for it. If my little company managed to do half as well, I'd be pretty happy about it. Then again, I get to sleep at night without having to worry about shareholders baying for blood.

I only feel a slight pang (no I don't) in my quest to make MS's fortunes increasingly irrelevant to me and my firm.

11
3

Robot surgeons kill 144 patients, hurt 1,391, malfunction 8,061 times

gerdesj
Bronze badge
Pint

Re: Wot?

I've just tried: "medical term for foreign objects left inside patient" and got the same WP page as you 8)

I'm sure I remember a more snappy industrial euphemism that was mentioned in an article (probably New Scientist) I read a few years back.

I quite like URF: it emphasises "stupid mistake" in an onomatopoeic (blimey, five pints and two glasses of plonk and no wiggly red line) way.

In the aerospace (at least) world FOD or Foreign Object Debris is the equivalent term. What about extending it to this? No maybe not, that would be silly and deprive another cant* of an exclusive word.

Cheers

Jon

* https://en.wikipedia.org/wiki/Cant_(language)

3
0
gerdesj
Bronze badge

Wot?

How on earth can bits fall off a surgical standard robot? Hmmm, what standards?

I can't remember the term for leaving bits of equipment inside a patient but I'd imagine that bits of surgeon are unlikely to be included. I've certainly never heard of a surgeon's syrup or falsies being found later amongst the scissors, scalpels, swabs and whatever else is lying around that drops into the poor patient.

Sparks burning the patient? Mad.

7
1

WHOA! Windows 10 to be sold on USB drives – what a time to be alive

gerdesj
Bronze badge
Linux

"I think Windows 95 was the last time I got official media from Microsoft."

Me too. Since then I now use emerge, apt, yum, zypper, pacman and friends. Can't say I miss anything from my former life of grime.

9
5

Brit school software biz unchains lawyers after crappy security exposed

gerdesj
Bronze badge
Childcatcher

Re: @AC

"no, everyone's password was their student id used for tests!"

You'll be glad to know that the initial migration password I am setting on destination user accounts are md5sums calculated on a few bytes from (effectively) /dev/urandom, for each one. If the real source password doesn't sync and overwrite the random one then at least the account has a pretty decent password!

The default was to use the surname field!

1
0

RC4 crypto: Get RID of it already, say boffins

gerdesj
Bronze badge
Alert

Re: WPA or WPA2?

"While WPA2 with AES is safe at the moment, I can only recommend that solution for very small companies and homes. For the rest the only reasonable solution is to use WPA2 Enterprise (Radius authentication)."

SOHO is to whom I was addressing my comment.

Personally speaking I have four VLANs and SSIDs at home and I have RADIUS for LAN - me and the wife's laptops, PSK for "things", PSK for our "other devices", and Captive Portal tickets for "guests" (in a bowl in the kitchen). That is with three D Link APs (with management on another VLAN) and a pfSense router to link it all up. Oh and a slack handful of smart switches. Actually the pfSense is a CARP cluster of two nodes.

I have HA Proxy and Squid doing their stuff in both directions, Snort + probes and a whopping great logging system

Enterprise? - Pah! My SOHO is tin foil lined 8)

0
0
gerdesj
Bronze badge

Re: Are we ever likely to have

Your DVs seem a little unfair. That's a fair point you make on the face of it. However RSA, for example, is named after its inventors, via their initials. They get a little kudos every time it is mentioned.

0
0
gerdesj
Bronze badge
Alien

WPA or WPA2?

I've actually read the paper (OK: glazed after a few pages and skimmed the rest) I think I am right in saying that if you believe "This is only about WPA and I use WPA2, so I'm OK", then think again.

Wonder what I'm on about? Then read this:

http://www.howtogeek.com/167783/htg-explains-the-difference-between-wep-wpa-and-wpa2-wireless-encryption-and-why-it-matters/

Basically, you probably have only one option left on your wifi access point (AP) that provides even a modicum of security. It is WPA2 with a pre-shared key or PSK and AES for encryption. The 2 is important and the AES is important. Turn off the rest.

If you can, then segregate device types via VLANs. Drayteks for example can do this without you having to fiddle with a switch. One SSID for your LAN, one for mobes and other loosely trusted stuff and a third for IoT, tellies, X boxen and the like.

Finally, wrap yourself in tin foil 8)

3
0

Sixty-five THOUSAND Range Rovers recalled over DOOR software glitch

gerdesj
Bronze badge

Re: Car software

"Meanwhile, back down memory lane, I recall with fondness my '74 Datsun Z that you could see the ground under the front simply by opening the hood and looking past the engine - nearly all the way around"

I had a Mark 1 Fiesta (Popular Plus no less) off of the late 80's. You could see the ground from the driver's seat, just under the firewall (possibly a forerunner to TMG.) Salty rain in coastal Devon had a bit of an effect on un-galvanized cars. Actually it could have been galvanized but who'd know by the fetching paper doily effects in the bodywork.

0
0

Microsoft again offers free certification exams to failures

gerdesj
Bronze badge

Industrial Quali Quality

Wonder if these things are like the VCP? I passed v5 of VMWare's VCP based on my experience, skim reading the docs and a hour or so memorizing the config max/maxs.

I don't get the quali though: I didn't do an expensive course - WTF!

0
0

Shapps launches probe into Wikimedia UK over self-pluggery allegs

gerdesj
Bronze badge
Megaphone

Re: Having just accepted personal liability...

Gaz t'Journo: Responds to your comment and links to a previous article from el Reg which I have just re-read and followed up some of the links.

You: wave hands again, claim to have read from the source, claim a lack of bias and deep insights into teh issue.

Me: I'll stick with a well researched article with links from a professional.

3
4

Oxford Uni unearths 800-year-old document to seize domain names

gerdesj
Bronze badge
Paris Hilton

Re: Embedded names?

"Oxford University will shortly lose its domains to the Ford motor company"

That would be one hell of a typo - accidentally hitting ox before typing in "ford.com".

Besides, any area in England at least that has a whiff off water near it will sport a town/village/hamlet name suffixed with "ford" and no doubt one or two don't bother with a prefix. I think we can allow common sense to prevail and assume that Ford won't be trying to take on the academics.

2
0

Wow, another NSA leak: Network security code appears on GitHub

gerdesj
Bronze badge
Linux

Re: NSA?

"Install at your own risk."

I wear far more tin foil than you are ever likely to see in your lifetime but I am reading the source code at the moment as a background task and so far it looks fine. Unfortunately I can't do that for many systems that I have to hold my nose whilst managing them.

Have a look at their GitHub page. There are some pretty good docs on there and I am grateful to the US taxpayer for funding eg this:

https://www.nsa.gov/ia/_files/app/Spotting \

_the_Adversary_with_Windows_Event_Log_Monitoring.pdf

I'll take good advice wherever I find it.

12
0

UK politicos easily pwned on insecure Wi-Fi networks

gerdesj
Bronze badge
Linux

Re: Unfair

"This is why I never use public WiFi. "

There's nothing wrong with public wifi. However I will always use OpenVPN when connected and pass all traffic down it. Get your server to listen on 443/tcp and it looks like ordinary https to the router.

I also run a hand crafted set of firewall rules on my laptop and Squid + some extras and proxy myself (which isn't as painful as it might sound) when the VPN fails for whatever reason or is too slow.

Using your phone is good advice to give to non-techies though, so have a UV on me.

2
0

Hacking Team: Oh great, good job, guys ... now the TERRORISTS have our zero-day exploits

gerdesj
Bronze badge
Alien

As ye sow ...

"Among those who were said to have purchased the Hacking Team Remote Control System (RCS) spyware package were the authorities in Saudi Arabia, Sudan, Russia, and Honduras. The US government was also a customer."

... so ye shall reap

Cheers

Jon

PS The y above is really a thorne and pronounced "th" so ye is actually "thee".

21
0
gerdesj
Bronze badge
Linux

"patching" needs fixing

We all read articles like this and stroke our beards (or in my case wish I had any useful amount of hair above my neck line), nod appreciatively and look for the next patch window. This is bollocks: patching has to happen yesterday and be unobtrusive: end of.

The first step is removing the need for a reboot when patching. Why the hell does a word processor patch need a reboot? Oh, it doesn't: the only thing at the moment that needs a reboot is a kernel patch and that is being addressed.

Cool.

8
1

Crap crypto crackdown coming as FBI boss testifies to US Congress

gerdesj
Bronze badge

Spooks: *be* spooks

Don't whinge about strong encryption: it is useful for commerce and trade and hence helps to pay your salary.

* Banning encryption is akin to forcing people to shout rather than whisper to maintain a secure channel.

* Subverting it is also stupid and will come back to bite you, for <waves hands> reasons.

Why not fall back on the classic tools of the trade: Intelligence and intelligence. Don't forget, you still get to see the streams (OK: TOR makes that tricky) and can generate inferences - mmm metadata.

You will have me take what I perceive as decent encryption from your cold dead hands, should I get sufficiently riled (unless I can find a decent ali foil milliner)

For now: fuck off.

14
0

TfL to splash £400m on networking deal, despite GDS opposition

gerdesj
Bronze badge

"Spaffs", not: "splash".

FFS

0
0

Kali Linux 2.0 to launch at DEFCON 23

gerdesj
Bronze badge
Thumb Up

Re: Nice.

Hopefully a Metasploit set up that doesn't need rebuilding virtually every time you use it P)

For just the MS setup with the webby front end all set up and ready to go it is superb. Add in all the other stuff and it really is the dogs nadgers.

0
0
gerdesj
Bronze badge

Re: Based on systemd, so will work on ~10% of machines

Yet for me systemd based systems have started fine for everything I have waved it at. I have about 400 data points, including the desktop in front of me, which is a customer cast off. Judging by these entries in /etc/kernels:

-rw-r--r-- 1 root root 65915 Apr 15 2010 kernel-config-x86_64-2.6.32-gentoo-r1

-rw-r--r-- 1 root root 107477 Aug 22 2014 kernel-config-x86_64-3.15.5-gentoo

... it is getting on a bit, and could also do with an update 8)

1
1

More than 13,000 emails swiped in Edinburgh council cyber assault

gerdesj
Bronze badge
Paris Hilton

Re: Just Email?

Coincidentally an email recently left the premises with 13M address in the To: field.

0
0

Adam Smith was right about that invisible hand, you know

gerdesj
Bronze badge

This is possibly OT ...

I've just had a notification that mobile calls to Greece mobiles have pretty much tripled in price (at the wholesaler -> retailer/reseller level).

I'd be intrigued to find out how this comes about given that the mobile (cell) telcos are generally international in spread. Are they being charged more by termination costs in Greece or what?

We have a currently playing out study in economics: How are the theories stacking up?

Cheers

Jon

PS There are roughly 11M Greeks watching their economy tank in a pretty spectacular but unpleasant way. I hope that the powers that be eventually manage to find some way to make things easier for the average Greek on the street.

0
0

'The server broke and so did my back on the flight to fix it'

gerdesj
Bronze badge
Thumb Up

Respec'.

3
0

Reg hack survives world's longest commercial flight

gerdesj
Bronze badge
Childcatcher

Jets - pah, that's for softies

As a kiddie, I once flew Brize Norton (Oxfordshire) to RAF Akrotiri in southern Cyprus. That took a while in the back of a Hercules - 11 hours maybe. Rather more than the usual four courtesy of a VC10 (backwards facing seats!) or the BA or Cyprus Air commercial jobbies from Luton.

It's cold, but you got a blanket and a set of ear defenders - those four whirry things on the wings make quite a din. Oh and you sit sideways on a canvas seat. The toilet facilities do not include pissing out the back, which is a shame.

At least the staff (RAF crew) were lovely.

4
0

Facebook unveils SECRET logo furtle – in a TWEET

gerdesj
Bronze badge

Re: You have to wonder how much they spent

If I had to guess, I'd say something of the order of £50,000 - that does not include extras, that just gets you the logo and a report full of shit. I'm not joking.

8
0

Rosetta spots potholes IN SPAAACE: Someone call the galactic council

gerdesj
Bronze badge

Re: Calling the galactic council might be easier than calling Ealing council...

Yes, mate: I thoroughly understand how this is the right forum for a whinge about potholes.

There is a lump of rock that is so far away from here that it almost doesn't matter where "here" is. Despite that a mob from somewhere called the US (who haven't heard of Ealing - for shame) decided to send a little robotty thing to it. How the fuck it got there in one piece and still works, I'm not sure - good skills. The fact that they have any idea where it is and can get it to do stuff is (almost) beyond belief.

Here in Somerset, the roads are complete shite and you're correct: the council should pull their finger out and sort it.

0
6

Amazon just wrote a TLS crypto library in only 6,000 lines of C code

gerdesj
Bronze badge
Childcatcher

s2n != OpenSSL

s2n is a library that implements <stuff>. OpenSSL is an entire suite of apps and libraries that implements <lots of stuff>. They are not directly comparable.

For example I doubt that you will find a binary in s2n for generating an entire PKI thingie. How do you use it to create a CA, inter-CA and then various certs? No, it doesn't.

OpenSSL is not perfect but it has the benefit of having gone and is going through the mill and like all other systems, sub systems and apps has been found wanting and has patched flaws when found.

Apples != Physalis - shock.

(Sorry, forgot to include a suitable icon)

8
2

Linux Mint 17.2: If only all penguinista desktops were done this way

gerdesj
Bronze badge
Happy

"And there was me thinking that 17.1 was a good version to standardise a bunch of our customer's machines on. I haven't even finished rolling them all out yet :(

Ho hum, hopefully most of the package updates should keep coming for a while yet."

... and here's where I drop the fanboi pose and make a few suggestions: Don't rush to upgrade! You still get Ubuntu updates and also those that Mint themselves provide so you have a good, stable platform that will receive security updates to work with. Stick with what you have already and then plan for moving forwards.

Find examples of a few nightmare users - the one's with big mailboxes etc and clone their machines or P2V them to a virty system. If necessary you can always use rsync -rav to get a copy of a system out to another to play with whilst they are using it. You might like to learn Arch or Gentoo to learn the way to do this and get away with it, ie create a skeletal system, slap files on it and get it to boot. Practice upgrading and then job's a good 'un.

If the above is a little intimidating, it is probably a bit excessive. Make up a plan for an upgrade, try it, rinse, wash, repeat. However: remember there are loads of forums that will give you a hand. The Gentoo ones are generally pretty friendly to "foreigners" including Mint users, so don't restrict yourself to one lot.

5
0
gerdesj
Bronze badge
Linux

Re: Goodness.

You might like to compare the following workflows for updating my wife's laptop (say) compared to a Win updateathon:

$ssh me@wifeslaptop

$pacman -Syu

<hit a few keys and then ask her to reboot when she's ready or not bother mentioning it, it'll still work>

Start -> Run -> mstsc -> .... -> r click yellow thingie -> click on - well you know the drill here. Reboot and wait for some time

rdp back in. Fumble around to find out where the graphics driver and other vendor drivers are. Download, extract, install, try to avoid "extras". Curse Adobe, Oracle, and all other vendors for wanky installers. Several reboots

rdp back in. Run through apps installed and download updated versions or allow various update services to do their thing

rdp back in

Clean up extras that got through. Reset homepage(s) and spend some quality time in the registry especially HKLM and HKCU to review/remove the extra extras

To be fair, the Win update process is nothing compared to a Gentoo updateathon 8)

34
9
gerdesj
Bronze badge
Childcatcher

Re: Goodness.

"If ever proof were needed that this website is basically a Linux fansite then surely this is it."

Fansite? You're new 'round here, boy.

"If Windows 10 gets anything near this positive a review on this site next month - bias or not I'll show my arse in ASDA."

If Linux ever got the exposure on this site that Windows gets, then I'll kick your arse around Asda (Wal*mart)

28
2
gerdesj
Bronze badge
Linux

I've always had a soft spot for Minty

... although for some reason I stuck Arch on wifey's laptop when Win 7 pissed her and me off enough. I prefer a Gentoo experience but nowadays am grateful for a Core i7 + 16GB RAM on my lappy to crunch the code!

To everyone else who asks what to try on a personal machine, I recommend Mint and it keeps getting better. Time for a download and another KVM I think.

5
1
gerdesj
Bronze badge
Linux

Re: minty fresh....

"KdeConnect will notify you of things on your phone"

I discovered this thing a short while ago - amazing. Use your mobe to control your laptop's mouse when wired up to a big screen - instant pointer and a bit cool. It also mutes the speakers when a call comes in and other clever, thoughtful things.

6
1

'This ruling does nothing to change the facts' thunders Apple in latest price-fix appeal blow

gerdesj
Bronze badge

"Apple did not conspire to fix ebook pricing and this ruling does nothing to change the facts,"

Two courts say otherwise.

1
0

Microsoft's curious Sway comes to iPad and iPhone

gerdesj
Bronze badge

Re: Oh the silly names. My eyes! My eyes!

"echo Flick | sed s/i/u/ | sed s/l//"

Ahh, thought so. Incidentally I believe fikken and fokken (I think that's right) are implicated as potential roots for the English "fuck". No need for sed 8)

0
0
gerdesj
Bronze badge

Re: Oh the silly names. My eyes! My eyes!

My Dutch is a little rusty, please do enlighten us.

1
0

Generous EU Commish gives Google SIX MORE WEEKS to respond to antitrust charges

gerdesj
Bronze badge

"That's the creepy version of "Charlie and the chocolate factory", it's just WRONG."

Nope - it's appropriate for this piece, given it's about a creepy organization filled with Oompa-loompas.

2
0

Apple Music available on Sonos by end of this year

gerdesj
Bronze badge

Re: FU UK?

Sales tax is 0 - 9.45% in the US. VAT is 20% in the UK and already included. $10 + 1ish = 11USD, todays rate gets you about 7GBP.

Worst case in US: ~£7. Hmm, that seems fair.

0
0

LG's six-sided battery to take smart watches into new timezones

gerdesj
Bronze badge

Wot?

"The idea here is simple: smart watches are round-ish. Batteries today are usually rectangular. So by building a hexagonal battery (not a symmetrical hexagon, sadly) it becomes possible to pack extra power into a wearable."

I'm wearing a watch, it's not "smart". Unfortunately I have no idea what shape the battery (cell) is because I've never seen it. The watch is over 10 years old and I've never had to do more than be exposed to sunlight occasionally to charge it. It tells the time pretty well.

Cells in watches today are usually circular in one elevation and being three dimensional might be described as "cylindrical". The vanishingly small market of "smart" watches compared to "working" watches might like to dally with odd shaped cells (in 2D if that is their thing) but that is their business.

6
2

That man told me to stuff a ROLE up my USER ENTRY!

gerdesj
Bronze badge

Genious

"Don’t blame the ... : it is entirely the fault of senior departmental managers ... . These are people ... whose job description insists they should know fuck all about anything beyond cars and golf."

Dabsy, you have encapsulated a vast amount of what goes wrong in IT in a very pithy sentence which I have abbreviated somewhat above.

Cheers

Jon

1
0

Apple's iPhone 7 to come loaded with depth-sensing camera, supply chain spies claim

gerdesj
Bronze badge

Two cams?

To get a consensus you need three ...

1
1

We need to know about the Internet of Things, say US Senators

gerdesj
Bronze badge

Re: Smart TV

"For that matter, if it's not connected to an external network, how does it know there are " vital security updates" in the first place?"

It will still be connected to an external network: where do you think the pretty pictures and sound come from? Not all the bandwidth consumed by digital TV is content, some of it is guide data, Red Button stuff and other things like update signals.

Best wrap the telly with lots of aluminium foil and keep it in a Faraday cage, to be on the safe side 8)

0
0

Dyre banking VXers LOVE Mondays, Symantec says

gerdesj
Bronze badge
Linux

Re: Bloatware from Mountain View

"iptables -I INPUT -j DROP"

I hope you are sat at the console of your firewall/router mate, otherwise it's a long drive to the DC or a long walk down the cellar steps etc etc!

You could also:

# echo 0 > /proc/sys/net/ipv[46]/ip_forward

Other OSs are available.

0
0

Microsoft releases free Office apps for half of all Android phones

gerdesj
Bronze badge

Re: "30 OEMs to get them preloaded"

...

30 OEMs to get them preloaded

One MS to rule them all,

and in the darkness bind them.

13
6

Hey, Sand Hill Exchange. Shouting 'blockchain!' won't stop the Feds

gerdesj
Bronze badge

Re: "there's no way of selling a house you don't own to speculate on falling house prices"

"Can somebody explain why this is a real-world problem for normal people?"

Nope, you've stumbled into a discussion of economic theory that has already had unicorn shit, sorry - farts - invoked. At that point most of us must give up hope.

1
1

10 things you need to avoid SNAFUs in your data centre

gerdesj
Bronze badge

Re: Two slight modifications from a network guy

"make sure the switches support the method you use. " - Please Mr Network Guy, make sure you are stacking your switches and my bonding will work ... I do both (networks and systems) and I know exactly where you are coming from. It's even more "amusing" seeing people simply plugging multiple NICs into the same VLAN and expecting a magical speed up without bonding or worse only doing one end. Also that e on the end of Cat5e is important. On the other hand that a after Cat6 gives me flashbacks to things like Twinax.

I instantly (when I've found some scissors or whatever) cut the ends of any cables I find at Cat5 only and any missing/broken clips - it pisses me off to see cables hanging out or delivering awful performance. Sorry, I fill in an emergency change req, bollock the customer and then go in with the scissors.

0
0

SEC joins hunt for FIN4 attackers

gerdesj
Bronze badge

RLY?

"At that time, FireEye had been unable to establish di9rect [sic] evidence that the phishing attack had yielded information to run trades."

Perhaps more direct methods were used. When large amounts of money are available the baddies might not rely on emailed .pdfs and instead do boring old espionage or perhaps both together. People do daft things sometimes like open attachments. They are probably more likely to do that if the attractive operative that has got the mark pissed up claims it has their phone number and address details in it. The remote connection is established ...

0
0

Page:

Forums