31 posts • joined 26 Oct 2009
Re: Well lets name them....
The 'them' we need to name is actually Adobe (and often Java)
It's not 'ads' but their buggy bloatware that's to blame. Perhaps they should be footing the ransom bills as the price for maintaining a de facto monopoly on browser-based video?
Using Adobe Flash, the malvertisements silently “pull in” malicious exploits from the FlashPack Exploit Kit. The exploits attack a vulnerability in the end-users’ browser and install CryptoWall 2.0 on end-users’ computer
Re: VB for children?
And the same people who are stupid enough to lose it really can be trusted to encrypt it properly, can't they?
Re: Borland's OWL was a much sensible approach than MFC
OWL was a bit worse than Delphi's framework (don't remember the name right now)
That would be the Visual Component Library (VCL) perhaps?
It it just me or is the general tone of this article (despite details stated to the contrary) along the lines of "Meet Charles Petzold - the man who reverse-engineered the Windows API"?
Or even ...
Windows 1.0 had tiled windows and I had a paragraph in my first chapter explaining why tiled windows were better than overlapping windows.
"Charles Petzold vindicates Windows 8"
It makes sense when you consider that Cisco's most recent security audit report found that 91 per cent of all web-based exploits in 2013 took advantage of Java vulnerabilities.
Errr ... as long as the OS on which it's running is ... (fill in appropriately)
I for one would welcome comments from authors of plugins for said OS as to why they could be difficult to secure
Denholm would like it
Spacestar ordering success story number three.
My tattoo got infected, so they've had to cut off my arm! I am getting a robot hand!
"The protocol HTTP is required for remote management .."
And local management is commonly done how exactly? Telnet?
Re: I'm sure they know what they're doing
Will you have to listen to an ad before your call is connected?
No need - they're NSA-funded
Researchers have not reverse [sic] Kronos to determine its capabilities.
Why? Not important enough to be arsed?
Win rdp server support
>>If you're just talking about your toy computers at home...
Well _any_ machine running Windows is more or less of a toy IMO, but as it happens, i was talking about other people's (more) toylike domestic machines
Win rdp server support
Only XP Pro afaik
>>What's wrong with "rdesktop", with or without a GUI?
You must move in exalted circles. The vast majority of Windows OS installs don't support rdp-as-server
I've had Chrome Remote Desktop on my Linux boxes for months now, so I'm wondering what's changed?
I decided I'd allow the de facto man-in-the-middle spying by the G man to make it easier to set up remoting to a Windows box as server. Problem was that it was pointless - last I looked it didn't support UAC so as soon as you had to do anything privileged, it was game over. Did they fix that?
Give it away
>>the Binux trolls couldn't resist trying to push their favourite operating system, an OS they can't give away<<
Tell you what, why don't YOU agree to give away every device in your possession that runs Linux? The sysadmins can take them with them on their project.
XP->Win 7 not usually an option on same hardware
It does not make sense to migrate a desktop system running XP into windows 7-8. For windows 7-8 you need a hardware upgrade with more memory, more cores, better graphics card bigger hard drive etc
Indeed, so what IS happening to the old hardware? Maybe Simon Sharwood can tell us?
goto is goto keyword of sloppy coders (potentially)
@ Paul J Turner
>>What's the difference?<<
The difference is that one goto was produced by a human and the other goto/jump was produced by a machine. The latter doesn't make mistakes.
goto is deprecated not because it's inherently bad but because it can encourage sloppy spaghetti code
How can you have a secure phone when you know nothing about its hardware?
Better to start with something like this maybe?
>>Just take Chrome off and put Linux on. Gets rid of all the google spyware.
Just take ChromeOS off and put a different Linux on. Gets rid of all the Google spyware thats software-based
The majority of these exploits apply to client Java deployments, and can only be exploited through untrusted Java Web Start applications, and untrusted applets.
Hmm. So that means *trusted* code can't use the vulns? That sounds counter-intuitive to say the least. What's more, Web Start apps and applets ordinarily can only become trusted by the user allowing them to run.
Are they rootable? Is IT rootable? If so, (i suppose depending on connectivity) i'm sure that would massively increase the interest value for us geeks
>>It uses a mixture of hardware and software lockdowns to keep out malware
For "to keep out malware", can we read "to keep the buyer from owning it"?
How it works
"It acknowledges packets on the wire (electrically) and then loses them into the void somewhere inside the firmware. "
Would that be firmware that is closed source by any chance? Either way, I find it strange that such a project has seen fit to accept the provision of closed source blobs.
>>Shylock uses a battery of tricks to escape detection by anti-virus scanners
But would possibly be detected by a little pattern matching against a Gutenberg edition of the works of one W. Shakespeare?
Which distro to pick is of course a concern but that's a separate issue. El Reg needs to come up with a policy on that
No mention of Linux
Surely it's not too much trouble to throw in a Live disk and tell us how this hardware fares with the Linux distro in question?
Perhaps if this trend of self-defensive demands for source code continues it might be useful to employ the term 'felching' in this, er... cleaner context?
No root login welcome
>>Windows machines for the vast majority of users should only be run in unprivileged mode, the authors also recommend<<
Best practice in Unix is to disallow root login. Is this even possible in Windows?
Of course, for most of its lifespan, root login has been the ahem... default in Windows and still is, though UAC has been shoehorned in at the last moment
Switch to BT as your ISP Stuart - they don't support IMAP for non-business customers - problem solved ;-)
Maybe stagnation of the app is a reflection of the stagnation of the protocols. Perhaps they should be looking at implementing different ones and simultaneously asserting an alternative nexus of control to the Benign Empire?
>>Technically correct, you can't run MS Office under it<<
Not even that is
- Breaking news: Google exec veep in terrifying SKY PLUNGE DRAMA
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Google CEO Larry Page gives Sundar Pichai keys to the kingdom
- Something for the Weekend, Sir? SKYPE has the HOTS for my NAKED WIFE