From the links, the base game RRP is £39.99, but with 30+ expansion packs at £10 - £16 each, £499 for the whole set is probably correct!
203 posts • joined 18 May 2007
From the links, the base game RRP is £39.99, but with 30+ expansion packs at £10 - £16 each, £499 for the whole set is probably correct!
Eric, you're missing my point. The Login Management mechanism is an enabler as well as a security tool. Feel free to log and audit what I do, but don't get in my way*.
e.g. today I had a problem on a Production system that was querying a failed DNS server. Easy workaround, check another Prod system on the same subnet for a good list of DNS servers and copy the config file to the system that had a problem. Follow up by writing a quick script** to check 700 systems for which DNS servers they are using and remove any bad entries. Result: many minor performance issues resolved quickly and cheaply, many thousands of dollars savings in time for the systems users who had got used to a slight but annoying delay.
Your idealised version of login management would make it virtually impossible to get the required access to a second system to check the config, let alone the rest of the estate.
*Management understand that in general if you give someone Responsibility for an issue, you should give them the Authority to fix that issue. Accountability comes after the fact.
**Yes, this could have been done using a Configuration Management system such as Puppet, or writing a custom Nagios plugin to check configs, but that just shifts the problem of trust and adds cost.
> system administrators and their credentials are the most dangerous threat to companies today,” said Eric Chiu
ODFO, Eric. I know you're just jumping on a bandwagon to sell your products, but we're incredibly loyal considering how we get treated like shit, How about manglement and HR working to improve staff conditions rather than treat us as probable criminals?
E.g. where I'm working we're implementing a Unix/Linux login management system (similar to LDAP plus sudo); Information security are paying for the project as it has obvious benefits for them, but I'm all for it as it means I only have to remember and change one password. So I'll be more productive, less frustrated and happier as a result.
Thank you, now when I click an article that interests me I'm straight into the content (and it's less obvious I'm not working :-) It was getting ridiculous, if the article had photos one would be duplicated at the top of the page so no value was added.
Thank you also for the grey background, much easier on the eyes.
I'd add my vote for 4 columns, though BBC News and The Onion seem to use the same width as New-Reg
I thought the article was going to be a technique for cooking bacon by wrapping it around a hot gun barrel.
I believe those retailers that have lost data have agreed to cover the [customers|banks] losses and the cost of credit monitoring; The alternative is to have card facilities withdrawn, which would have crippled them.*
That's a threat with teeth, and it's neither necessary nor desirable for Government to be involved.
You're right that there are still many bad practices and that self-certification hasn't eliminated those practices. Any IT manager that ignores those problems is putting their career and their organisation at risk.
* IMHO, any merchant that stores the CVV2 code in flagrant violation of the PCI DSS rules should have this sanction applied no matter what the excuse.
No. Takes up too much space and isn't relevant to the the article.
Microsoft sells (or licences) their products for money, so they are held to a higher standard of accountability. It must be fit for its purpose, so they must either support/patch it or give refunds for a reasonable period of time.
Kudos to you for sharing your software. If you make the source code available, others can check and build on it, so responsibility is devolved. But if you deliberately put malware in there you could be sued.
Hmmm - Did I really just give Adobe Reader an excuse for being crap just because it's free?
Actually...Remember Margaret Thatcher's banning terrorists from the "oxygen of publicity"?
That worked so well, Thatchers children (Blair, Cameron etc.) carry on that line of thinking...
1) Steve Bong comes out at weekends.
2) Good satire must be believable, unlike this childish rubbish.
Wait...What did you say? WHAT?!
I blame El Reg for giving them the idea.
The high numbers of correct responses to the Net Neutrality, definition of URL and sizes questions is encouraging. As is the similarities between segments, i.e. sex, education and age. Bearing in mind that they surveyed normal people, not techies, and it's a very positive result.
I think the most of the rest of the questions fall into the "whatever" category. Even the distinction between the Internet and the WWW isn't something you often _need_ to know as a user, Apps handle that for you ;-)
> "However, this company does not appear to regard itself as under any obligation to ensure that its systems identify such exchanges, or to take action or notify the authorities when its communications services appear to be used by terrorists."
So, if I post on Farcebook, "gonna kill a soldier", FB are expected to check if I'm on a government watchlist? I could be talking about a video game, so looking for keywords is a really stupid way to do it. (Echelon, ANFO, jihad,...)
> " none of the major US Communications Service Providers (CSPs) regard themselves as compelled to comply with UK warrants ..."
Damn right they shouldn't, unless they have a UK branch. But I expect if they passed the suspects name to the NSA, the info would soon be handed over.
The whole Fusilier Rigby tragedy has been warped by the Government and security services to advance their own agenda, while denying any responsibility. Whether or not you regard the killers as terrorists, terrorists have won.
Or focus on the important part, Information Security. If your desktops get pwned and used as a botnet, it's irritating. If your data gets stolen or trashed, you're out of business.
So...how should we approach security? By getting people with certificates to pen test and fix ALL the holes? Or by getting a business type to assess the values and risks, and communicating that to the business to focus on key areas? I don't know the answer, but I don't think a lack of technical skills is the biggest problem.
> Profits should be taxed where economic activities deriving the profits are performed ...
Tax havens don't matter if the money doesn't make it to their borders.
> ...and where value is created...
That part intrigues me. If Apple design a desirable product, will they be taxed even if they don't sell that model in the U.S.A./California? Is it a return to double-taxation, or just a swipe at the Starbucks "royalty" model?
Robot Wars! Wow, I didn't realise it had ended 10 years ago. Presumably the ever-more sophisticated robots rose up against their tormentors and refused to engage in gladiator-style entertainment for the fleshies.
Thanks for the vPint
So your special base probably takes up about 6" squared of precious desk space and you need several as they're not easily portable?
I use a much more advanced mechanism called a "USB cable" - cheap, portable, efficient, multifunctional, easy to operate one handed, standardised, and the phone can be used while charging - clearly the way to go*
* Unless phone manufacturers are going the way of HP printers, accessories manufacturers who occasionally make a phone to leverage their add-on sales
Eeurocops - From Yorkshire, obviously. They're different there...
> Once an evidence-based approach has been adopted we can bypass the messy business of analogue politics entirely – the business of “winning people over”, of getting and obtaining “consent”. Therefore, only those qualified to interpret the evidence, such as leading digital thinkers like myself can judge an evidence-based policy.
The Government don't need no steenkin' evidence. They KNOW what is right (but only for the proles naturally; They're far too important to be bound by silly rules themselves).
Punishment can be an important part of rehabilitation. I'm in favour of locking up a menace to society, but if he's (genuinely) no longer a menace after years of rehab/reeducation/brainwashing/mind wiping/personality transplant*, and can be a useful member of society, he can work off his debt.
* Yeah, science fiction, but more likely than governments spending money on rehab.
Deterrence works on most people, who think about the consequences of their actions. No offence, but again you're using edge-cases (criminals) to make a generalisation about people.
It's a fact that your hypothetical defendant was arrested and charged; It's also a fact that they were exonerated. So either the facts should be given equal weighting, or maybe it's just easier to de-index the outdated report.
Even if they were convicted, the law sets the penalty. Prison time is a punishment and protects society by removing the offender, but should also attempt to rehabilitate offenders. _If_ they can be rehabilitated, there's little point in keeping them in prison at the taxpayers expense any longer.* The facts are available to people with a legitimate interest through the proper channels, such as a Criminal Records check. Public shaming went out with the stocks, but seems to have been reinvented.
A newspaper article about the crime and defendants will die a natural death in the archives. At present, Google is like a small-town gossip that keeps dredging up the muck. Yes, we secretly like to hear the juicy bits, but in general we deplore the gossip as we're probably targets too.
* Hindley, Brady, cop-killers, the recent case of an unrepentant teenager who killed a teacher - all edge cases, where deterrence (the need to be Seen To Be Sending the Right Message) may be more important than rehabilitation.
...which makes me so ANGRY...Oh no! Media inspired violence!
Yes, Mr Ward is talking about the UK. So Lewis is quite right to respond in that context.
Nice article from the NOAA, by the way. Record lows, eh? Cool!
It could be in the nature of a defensive patent, to prevent anyone else patenting it and withholding licenses. If Disney develop a working model and supply it to anyone on their Nice list for a peppercorn rent, they could hope to make their money back by increased movie sales.
Of course, anyone with enough money to fight this patent automatically gets add to the Nice list. and it's another line of attack against those on the Naughty list, such as torrent sites that use feedback and rankings. (So it would be a bad move to let it become a standard, or FRAND would apply).
...while investigators looked into possible threats...
What possible threats? That a device might be set to explode when it lost contact with its "home" network? Like when the plane was moved? Rendering a plane inoperable on the ground isn't like turning an airborne plane into a brick, but keeping the passengers on board seems to still be putting their lives at risk.
I suspect the biggest threat was that jokes could undermine the seriousness of the TSA and DHS (and their budgets).
...if you get value for money. A fake product for the price of a...fake product. No CC ripoff,
So what's the problem?
Oh, Apple are enabling/colluding with the counterfeiters (and probably raking off a % of data fees)? Yep, that's newsworthy.
T-Mobile CEO John Legere -
"On Ipad with@apple sim here is what u see..no @Verizon ,@ATT trying to lock u, @sprint with error page! @TMobile wins pic.twitter.com/z0jDZ9sRt5"
From the context, "Lpad" means "iPad". I know all the English words and carrier names. But as a whole, this doesn't seem like an adult communicating, and I don't usually ask eight-year-olds for purchasing recommendations.
I agree, spammers rank with plotters and paedophiles, and GCHQ must fight this scourge that affects me every single day
Does this count as a Data Breach rather than just an annoyance, as email addresses were disclosed? email addresses may not seem important, but could be used for phishing or invoice-fraud attacks.
A sternly worded letter from the ICO might prevent further sloppiness.
Thanks you, but actually patching servers is not the worst part of the problem - Testing and arranging service outages for Production systems is the killer :-( Fortunately the bash patching didn't need any outages, but testing and signoff for the change still took time and effort
...<Insert name of political party currently in power*>
* i.e. currently the focus of Civil "Service" propagandists about the paedorristcalypse that will follow if public servants aren't given everything they want.
When every public servant and politician [not necessarily the same thing] is on this database - Then I'll reconsider my opt-out
"Bristow expressed concerns that US and UK pullout from Afghanistan might lead to an increase in the volume of heroin reaching Britain’s streets."
We invaded a country and trashed the place, overthrew a government that had stamped out the opium trade, and then buggered off. No matter how good our motives and justification, we shouldn't be surprised at the anarchy that follows and that opium farming is a) possible and b) the only way some Afghans have of recouping their losses.
Not that I agreed with the Taliban, disagreed with the invasion, or approve of drugs. I'm just sayin', you stir up shit, don't be surprised what floats to the top.
Did Bristow have ANYTHING sensible to say? Or was it just "terrists bad, drugs bad, police good"?
No, apparently they've been "stolen" so the sleb doesn't have them any more. Or maybe Singer doesn't understand the law.
"Google knows that the images are hacked stolen property, private and confidential photos and videos unlawfully obtained and posted by pervert predators who are violating the victims' privacy rights and basic human decency by stealing and displaying confidential private photos and videos,"
Google should be charging the slebs for the advertising they're getting. I'd forgotten who Jennifer Lawrence was until this.
“Full encryption of communication and storage online will make life very easy for the criminals and terrorists and very difficult for law enforcement and law abiding citizens."
Really? How is my innocent, honest life made more difficult just because I use encryption? (Apart from having to remember yet another passphrase).
On the other hand, if I want to knock over a bank or make a bomb, will encryption really help me get a gun or chemicals?
One of the arguments for switching devices off during takeoff and landing was that passengers should pay attention to aircrew announcements (and not be holding potential projectiles in case of a bump).
Does paying €1-3 change the laws of physics?
bash is like a gun - powerful and dangerous, but fairly safe if kept in a locked cabinet ("Authentication"). If you leave it lying around or your kids get the keys to the cabinet, bypassing the safety mechanisms - Then you have a problem!
John Leyden, thank you for describing it as "vulnerability" or "flaw" rather than a bug in bash
As I see it, that's pretty much what "dotting in" or "sourcing" does. You're right that it's a feature.
The attack vectors like Apache/CGI that enable a shell without authentication? They're the bad guys. But if it's easier to block multiple attack vectors at the center by nerfing bash, the core OS guys can do that for you.
(i have no affiliation to any group, and am prepared to be "corrected" by both sides)
But there isn't a UK speed sign that says "70" or "60"; There's just "unrestricted", i.e. the national speed limit for that type of road, i.e. 60 on a single-lane, 70 on dual carriageway or motorway. Presumably there's a "Euro" setting for KM/H?
And it probably doesn't recognise temporary or variable speed overhead signs
And who needs a reminder of what gear they are in?
@ baseh and followups
You are not alone! Look up Deliberative Democracy: It addresses the question of professional "elite"* politicians v. "naive" masses, and I agree that education and good, balanced briefings on the topic to be debated are essential. We already use the technology, but petitions and Facebook groups tend to be very one sided at present.
We don't need a referendum on everything (See "The Rise and Rise of Michael Rimmer"), but I'd be willing to give up a few Bank Holidays to do "citizens" duty as needed.
My wife has just written her MA dissertation on Deliberative Democracy, and as chief proofreader, I've absorbed a little knowledge** ;-)
* See also the Dunning-Kruger effect
** Just enough to be dangerous. Disclaimer: My wife wouldn't necessarily agree with this post
> .. reputation for holding good stuff back if it’s not entirely happy with it
So they're happy about the bloated security nightmare that is Adobe Reader? A product worth less than its price tag.
El Reg diligently reports all ROTM sightings.
I see the synergy there - U2 are like the iPhone: Never all that good, and hyped way beyond their true current significance. Though I actually liked the iPhone 3 & 4 until Apple buggered up the maps and IOS went all Fisher-Price.
BTW: Miley Cyrarse? Kim Kardarshian?
"... that Autonomy's pre-acquisition hardware sales were done with the sole purpose of artificially inflating Autonomy's revenues."
" ...that HP's printer hardware sales were done with the sole purpose of artificially inflating HP's revenues." (As any fule know, HP is in the business of selling ink at a premium)
I can live with Windows for the desktop, as so much useful software only runs under Windows. An automatic reboot at 4am wouldn't be too much of an issue, as I only have to remember the half-dozen tasks I've been working on and left open. Probably even less of an issue for normal people.
But servers, whatever the OS, don't get patched & rebooted automatically if you value your job.
No contest. (Unless Chuck Norris is involved).
Ahh, stocktaking. I remember a few conversations from the days we had to do monthly inventory checks. And no cheating by using a checklist of existing assets! They all had to be done from scratch.
Me - "Can't we get rid of this box of obsolete PC cards with individual serial numbers on each card?"
Manager - "No, they're in the database, so we have to check them each month"
(Admins enter the hardwritten sheets into the computer and run a comparison with the DB)
Admin - "You're missing item ABC123O and have an item ABC1230 that doesn't exist"
Me - "They're the same item. You entered an O rather than a 0 when you originally created the DB record, so there should always be a discrepency. Unless one of us enters the serial number incorrectly at a monthly check.
Me - "As the company sells inventory management systems, including scanners and software, could we use our own products to help with stocktaking?"
Manager - "No, you make too many mistakes already and need to improve the accuracy of the stocktaking"
(This was the same manager who would lend stuff to customers and not bother to check it out of stock)
Eventually I wrote an MS Access DB and used a hand scanner and laptop borrowed from stock to create my own Stock DB, complete with label printing, scanning in and out, shipping lists and stocktaking comparisons. Monthly stocktake effort went from 10 man-days to 2 (One day to stocktake, 1 day to have the O vs 0 arguments. Though I reduced that by printing an "incorrect" label to stick on the item so I could give the Admins the serial number they wanted to see. [Unless they then mistyped it at the monthly data entry...])
Bing Engine ?
"side boob" is at least 35 years old, as I remember it from school.
I've also seen YOLO in the context "be careful, YOLO (No reload if you die etc.). "Live fast, die young, stay beautiful" is a little more compelling than merely being reckless "I just ordered £40 worth of Chinese food. But YOLO, right?"
I'm pleased to say I've never heard "adorbs". Long may I manage to avoid the yoof types who use such mutant monstrosities.
I guess you only use gas for heating, but the pipes still need to be maintained and staff kept on in Summer, so a standing charge is a reasonable principle - As long as they're not taking the piss. When UK suppliers listed the standing charge as a separate item it was easier to understand than "First X units charged at £££, then after that units are charged at ££" [Where (£££-££) *X = the hidden standing charge]
You're lucky you don't get hit with a "connection charge" and have to pay a deposit as a "new" customer!
Agreed, when I transferred away from TalkTalk (be nice - I signed up with Pipex Business!), I cancelled my DD the moment they sent me an incorrect invoice for the last few days - so they added on a "failed Direct Debit" charge.
After a few months of threats, I sent them an invoice for my time. They closed the case shortly after that.
Would anyone notice?
Seriously though, Stevie Graham had better have built some legitimate "network security analysis" functionality into his code. If it's just a hacking tool, I suspect The Law will be wanting a word.