* Posts by tfewster

300 posts • joined 18 May 2007

Page:

US govt quietly tweaks rules to let cops, Feds hack computers anywhere, anytime

tfewster
Facepalm

> then who decides which situations qualify

Compensating controls, such as senior/circuit judges, rather than district ones? Preferably ones with a grasp of technology and a track record of butting heads with the FBI? They could give the set of qualified judges a catchy name, like "G[ood]-FISA"?

[*THUD* of landing back on Earth] Nurse, is it time to take my meds?

P.S. No disrespect to judges in general. I'm sure most of them are smart and have integrity.

P.P.S. I'm not saying I agree with this rule change, or assuming they haven't already thought about compensating controls, all I know is what was in the Reg article. The Proposed Amendment detail in the PDF isn't very clear to me!

3
0

Samsung's little black box will hot-wire your car to the internet. Eek!

tfewster
Stop

> By 2020, there will be [50% more cars ] on the road.

That seems unlikely, but it would negate the "bad driver detection" concern. You wouldn't be able to go more than 8mph anyway. But, on the bright side, there wouldn't be any accidents serious enough to cause an entire motorway to be closed, so it would be a _consistent_ 8mph

11
0

Terrified robots will take middle class jobs? Look in a mirror

tfewster

@Charles 9 re; "what do you do with the rejects?"

Not everyone gets to be an astronaut when they grow up.

http://despair.com/collections/demotivators/products/potential

0
0

BOFH: Thermo-electric funeral

tfewster
Thumb Up

Re: Or, as the Romans were supposed to have said...

Plan B: Use a hammer

Plan C: Use a sledgehammer

2
0

Sneaky Google KOs 'right to be forgotten' from search results

tfewster

Re: I think it's personal

Or, more generally: https://xkcd.com/979/

1
0

Censorship FTW! China bans Paris Hilton, minor Kardashians et al

tfewster
Joke

Censorship bad, m'kay?

If we didn't have a free press, how would we know that Kim has the greatest ass [Kanye West] in the world ?

On the other hand, I'd be happy if I never heard any more uninformed-opinions-treated-as-fact from celebutards like Woz

2
6

US government updates secure email guide for first time in a decade

tfewster

Re: Updated Secure e-mail Guide:

Oh no they aren't!

https://www.youtube.com/watch?v=sj6-LG5VpGk

AND there's a standard

https://www.ietf.org/rfc/rfc1149.txt

4
1

Adblock wins in court again – this time against German newspaper

tfewster

Re: Double-stacking

I've never felt the need to look for the "untick" option - The ABP defaults are fine for me. And the occasional context-relevant ad? I might actually be interested!

1
0

Six charged for 'hacking' lottery terminals to spew only winning tickets

tfewster
Facepalm

So, what's the charge?

If I left a pile of cash in the middle of the street, I could hardly complain if some of it went missing.

So if I implemented a "lottery" system (that I expected to make money out of) and someone successfully gamed it, I'd have even less to complain about.

Taking advantage of someones stupidity may be immoral, but it's not necessarily illegal.

11
4

Let’s re-invent small phones! Small screens! And rubber buttons!

tfewster
Facepalm

Re: Random buttons

> it's over-engineered and just another bit of pointless electronics to go wrong.

it's pointlessly over-engineered and pointlessly just another pointless bit of pointless electronics to go pointlessly wrong.

FTFY. About once every 5 years, I forget to check (because I NEVER leave it in gear) and start my car when the garage HAS left it in gear; It jerks forward 1" and the handbrake stops & stalls it. Mission accomplished. Unfortunately my wife's car doesn't pass this "What's the fucking point?" test.

Full disclosure, I bitched about pointless automatic chokes & gearboxes about 30 years ago - they're still pointless, but at least they work reliably now.

4
0

Met plod commissioner: Fraud victims should not be refunded by banks

tfewster
Facepalm

>Basically, people don't patch or install AV software because they don't think they'll be victims. Once they are, they'll still do nothing to prevent future losses.

FTFY

0
0

Met Police cancels £90m 999 call command-and-control gig

tfewster

Re: You have to wonder

> It would be usually best to find someone else who has a working set up, purchase their solution. The use the build time to match your processes as far as possible to their proven practice.

But...We're unique (Just like every other service that takes emergency calls and dispatches resources)! And our processes ARE the best practices (of all the organisations that do the same job as well as we do)! And we couldn't possibly reorganise to fit around a new system (as we're too busy constantly reorganising for political purposes)! And we couldn't retrain all our staff to use an intuitive, well tested, reliable, scalable system that saved them time immediately!

Been there, seen that, begrudged the waste of my tax money as my employer evaluated seven well known Hospital Information Systems and then decided to have the son of one of the Directards build them a bespoke system instead.

11
0

Swedish publishers plan summer ‘Block Party’ to thwart ad blockers

tfewster
Facepalm

@Grikath Re: They don't understand

I had no problem with that model. It might have delayed my user experience by a few seconds by having to turn multiple glossy pages to reach the articles - I might even have paused to look at a cool car shot or a gadget - and when I reached an article I wasn't blinded or deafened by some shitty Flashy overlay.

It seems advertisers have forgotten the first rule of their "art" - to attract attention. By seduction, not assault.

3
0

Polite, helpful? Stop it at once in the name of security

tfewster
Facepalm

Re: Security helpful...?

I feel your pain, but security tools CAN be helpful - e.g. login management/SSO to manage your userid across all the systems you need access to. InfoSec can grant/revoke access from a central point and you only have one password to change rather than waste a day every month going round all the servers. And InfoSec will get a budget to buy such tools, whereas the existing sysadmins won't, even if they write a business case for improved productivity.

I'm also quite happy for InfoSec to be able to audit my actions. So they can see it wasn't my properly planned change that broke the system, it was the dork who pushed a "quick fix" out an hour later.

3
0

Norman Conquest, King Edward, cyber pathogen and illegal gambling all emerge in Apple v FBI

tfewster
Facepalm

Law enforcement good, m'kay?

I'd love to see a demand from a Russian court to access POTUS's phone added to this list. And then watch the frantic back-pedalling as the TLA agencies realise that "lawful" is not binary.

8
1

These Chicago teens can't graduate until they learn some compsci

tfewster
Facepalm

Re: GIven the number of stories....

Awww, isn't that sweet? After all those years in IT, Vinyl-Junkie still has some optimism left that 1) A government-written curriculum might be relevant, 2) Lusers won't be lusers and 3) First-line support will ever be anything but the "Helldesk".

Bitter, moi?

2
0
tfewster
FAIL

Sweet localhost Chicago?

I think you meant "Sweet ~ Chicago?"

13
0

UK carrier Three in network-wide ad-block shock

tfewster
Thumb Up

nominative determinism

> Asia’s richest person Li Ka-shing

OK, I'm not the first to see it (459 hits for "nominative determinism li ka shing" on Google), but it's worth saying

5
0

Computer Science grads still finding it hard to get a job

tfewster
Headmaster

Re: It aint the skills stupid...

An upvote for the first paragraph, but I don't agree with the second - Schools spoon-feed youngsters the information they need, at University they find out how to think critically and learn on their own.

On the subject of communication skills: My professor dinged me for not commenting my code sufficiently. I later worked out that he actually meant not to name my variables "a" and "b"

Bloody teachers --->

6
0

UK taxpayers should foot £2bn or more to adopt Snoopers' Charter, says Inquiry

tfewster
Big Brother

Re: ICR

That would be reassuring, if true. But just knowing someone visited Facebook isn't useful, so the reality will be that the snoops will be recording that you visited www.facebook.com/MyLittleJihadist and Liked his rants. That page may not be of interest to the spooks now, but when they decide it's a target, they have a record of every UK visitor, no matter how innocent it was in the past.

P.S. A Western style bridle, of course! Other types are for weirdos

5
0

The monitor didn't work but the problem was between the user's ears

tfewster
Facepalm

Re: "Do not try this yourself."

I thought I'd trained myself to expect the unexpected, so you just KNOW how this tale will turn out: A customer in Inverness was having a server shipped in from a US supplier for a DR test; I checked with the customer and supplier exactly what they had provided, then headed north with spare 4-gangs, OS CDs, monitor, power leads etc. etc. I'd been misled before.

Arriving on site, for once everything I needed was there! Enough power sockets, UK power leads, UK keyboard, colour-coded cables & labels so it was obvious how to connect everything. Instructions from the supplier. And a "tested" certificate & config sheet stuck onto the server, signed by the suppliers engineer who had set it up. These guys really knew how to take the stress out of DR.

I connected everything up, hit the power button and heard the "Bang!". Yep, the server had been tested all right...on a 110V supply And then someone else at the warehouse had packed it up with UK power leads. Not really my fault, but I was kicking myself for not checking.

Rang the supplier, prepared to grovel, but they were very apologetic; Checking the voltage selector was on their internal checklists, so not on the checklist they sent to the client. They could get a new PSU to me within 24 hours, but couldn't get an engineer for 3 days. No problem says I, I've always got my Torx screwdrivers with me, how hard can it be? So you just KNOW how this tale will turn out...

Actually, you're wrong this time. It was straightforward, though more complicated than changing a PCs PSU, and I even remembered to change the voltage selector this time. And the rest of the job was silky-smooth.

TL;DR Trust, but verify

5
0

You've seen things people wouldn't believe – so tell us your programming horrors

tfewster
Facepalm

> What are the other 11 steps?

There's probably a library of books and websites devoted to this, but in my experience:

Step 2: As noted by other commentards, leaving a comment saying "Kludge" or similar; Bonus points for pointing out situations where it will fail.

Step 3: A comment describing what you're actually trying to achieve; Best case, someone else will know how to fix it; Worst case, it will help you with Rubber Duck debugging. Nowadays I usually start by writing pseudocode anyway, so the comments are already in place.

Step 4: Review your assumptions: Will this code definitely be rewritten/replaced/binned before Y2K? Will it scale [so `if (a ~b)` doesn't come back to bite you when b > 9]?

(Step 1.5 should probably be "Don't call your variables 'a' and 'b' ")

Step 5:???

(Obligatory Step 6: PROFIT!!!)

5
0

Stop the music! Booby-trapped song carjacked vehicles – security prof

tfewster
Devil

Any song by System of a Down?

At least, it should be capable of blocking the low speed/non-critical/insecure network link; I really don't want my ABS disabled just because the network is busy handling a complex piece of music

Apropos, the Christine icon -------->

1
0

Four Boys' Own style World War Two heroes to fire your imagination

tfewster

Re: Cpl Waters

Obligatory: https://xkcd.com/705/

6
0

Discworld fans stake claim to element 117

tfewster
Thumb Up

Re: This petition...

Great! Magicians have calculated that million-to-one chances crop up nine times out of ten.

0
0

Boozing is unsafe at ‘any level’, thunders chief UK.gov quack

tfewster

Re: I don't drink

NO. We pay extra taxes into the system on our vices, so YOU owe US.

6
0

Japan unveils net-wielding police drones for air patrol

tfewster
Black Helicopters

Re: The video

Same here with the video starting in the middle. And I still couldn't work out why the prop-guards on the "target" didn't prevent the entanglement.

Even then, the probability of escalating from "a drone that might go out of control" to "a drone falling out of control" is approaching 1

1
0

Revenge porn 'king' Hunter Moore sent down for 2.5 years, fined $2k

tfewster

Re: Retrospective law?

Yes, you did misunderstand - He was convicted of hacking and "aggravated identity theft." It was another scumbag who was convicted under anti-revenge-porn law.

But on the wider point - Just because something isn't legislated against _yet_ doesn't make it OK if it harms people. I'm glad they found something to convict him of.

3
0

Report: VW execs 'knew' about fuel economy issues last year

tfewster
Devil

Re: I drove the Polo Blue Slumber

Not me, but someone posted "SlowMotion" (in a car review?) not so long ago.

They really should drop the "Blue", unless they're actually using AdBlue tech

1
1

Don't flip your lid: The Internet of Helmets has arrived

tfewster
Trollface

Not just heatstroke..

... could also be used to detect other undesirable situations, e.g. rapid cooling=death, unauthorised tea break or POETS day

Common result of not wearing your hard hat --->

2
0

Hi, um, hello, US tech giants. Mind, um, mind adding backdoors to that crypto? – UK govt

tfewster
Big Brother

Not that I'm condoning this ...

... but it seems to me that a simple solution for governments and Tech companies alike would be to set it up so only* governments can issue private keys to their citizens (and also be responsible for distributing public keys).

Crypto remains uncompromised, and your** government has a copy of your private key. Government can comfortably promote the use of encryption and save money on policing t'internets

* Yes, I know there will be a trade in "unauthorised" keys, but using one will immediately make you a person of interest to your nations security services.

** No need for the UK to pass it to the US authorities, as GCHQ can provide the clear-text if needed AND appropriate.

So what else am I missing?

1
30

'iOS 9 ate my mobile broadband plan'

tfewster
Facepalm

O2 in the UK are on the ball

I got a text warning me about the issue, and how to switch it off.

However, I'm not on IOS 9, so I don't have that problem (or that switch).

I DO have a switch to tell it not to Use Cellular Data to download updates either. Which it decided to ignore this month. How old is my version of IOS? Let's just say I decided not to update to crapple maps or Fisher-Price icons.

1
0

Hackers pop grease monkeys' laptops to disable Audi airbags

tfewster
Trollface

Look on the bright side...

... Audi drivers might drive more carefully if they thought their airbags had been disabled

18
1

Ad networks promise to do something about the awful adverts you're all blocking, like, real soon

tfewster
Joke

Shhh .. websites need the advertisers dollars. Don't burst the bubble!

2
0

Google, Facebook, Microsoft and buddies stick a bomb under hated CISA cyber-law

tfewster
Facepalm

CISA - pronounced "seizure"?

It seems Congress hasn't heard about the Safe Harbour kerfuffle, or doesn't care about the opinions of the USAs colonies on the European continent. It's like 1776 all over again.

19
0

NIST to sysadmins: clean up your SSH mess

tfewster
Facepalm

@DougS - Re: Key expiry

Agreed, I had a "WTF?" moment a while back when I realised a private key could be copied to another client and would be accepted by the target server in the same way as a cloned physical key. The 'from="list of permitted clients"' syntax in the authorized_keys file is still weak, poorly documented and little known.*

And trusted clients should be trustworthy themselves.

* I know you know this, but posting it explicitly to spread the word.

0
0

Will IT support please come to the ward immediately. Weeeee have a tricky problem

tfewster
Coffee/keyboard

Sorry, I'm not trained to handle biowaste ...

... but I'll supervise while you medics get stale piss all over you.

6
0

Eight things people forget when buying infrastructure

tfewster
Facepalm

Re: Racks come in more than one size

Back in '96 I learnt that an HP '19" rack' mounting shelf would not fit in a non-HP 19" rack - Length was fine, but width between the posts was both too narrow for the shelf and too wide for the bolts. Cue a visit to the DIY store for a hacksaw and some overlength bolts,

Oh, and re: "Serial connectivity is witchcraft" - knowing the pinouts, crossovers and ties for the port means you don't have to lug every cable variant around in your toolkit. A set of the commonest pre-made connector ends plus a breakout box and/or connector kit will amaze and astound t'kids of today. A DC engineer once called me a sad tosser for hoarding RS-232 bits, but had to grovel 10 years later when he needed a particular cable - I knocked one up in a couple of minutes :-)

2
0

Tech turned on its head: 'Dislike' button in Facebook, pay Snapchat $1 to defuse self-destructing sexy selfies

tfewster
Facepalm

Criticism is valuable

Maybe a thousand people like your post, but a million don't. You've just had a useful reality check.

(Feel free to downvote if you disagree - See title ;-)

13
1

Journos to be spared replacement by robots, BBC claims

tfewster
Facepalm

Bootnote

Yes, the BBC also had an article on robo-journalists...

http://www.bbc.co.uk/news/technology-34204052

0
0

Post-pub nosh neckfiller: Fancy a ham and cheese 'dry tree trunk' sarnie?

tfewster
Pint

Search for "asturian cider".

About 30 years ago, I figured out that the object of the "long pour" method of aerating the cider was to miss as much as possible, so there was less of the nasty stuff to drink. Pouring over your shoulder into a glass held behind your back looks even cooler, and achieves that goal even better. Unless, of course, you're playing drinking games where you pour for each other...

1
1

It's 2015 and miscreants are still trying to dupe you with fake BSoDs

tfewster
Thumb Up

Re: IF you experience one of these BSODS

Good joke, and it sort of serves to illustrate a serious point - numbers, especially premium rate numbers, should be attributable to someone traceable & responsible for their misuse. In particular, a premium rate number should NOT pay out immediately, and the telco should check there haven't been any complaints first, else the money should be held in case it (ALL) has to be repaid.

6
0

Well, what d'you know: Raising e-book prices doesn't raise sales

tfewster

Re: Auto Rip

> ."...text is much more costly and difficult to digitise than film or music."

But it's still a tiny part of the cost of publishing a book - If the original isn't available in a word processor document and you don't trust OCR to reliably read older texts, a copy-typist + a proofreader could probably convert a novel a day easily. Let's say $500-$1000 per book.

1
0

Ofcom issues stern warning over fake caller number ID scam

tfewster

Re: HSBC

A couple of times when HSBC called me, they had an authentication method for both sides, e.g. they would tell me my month of birth and ask me to confirm the date; Or tell me a standing order payee and ask me to confirm the amount.

I seem to recall I'd made a nuisance of myself before that by refusing to give info to a caller (allegedly) from my bank, so it was a big improvement (if still not perfect).

1
0

Boss hands dunce's cap to chap who turned off disk monitor

tfewster
FAIL

Reminds me of...

... a company I worked for - All the on-call staff moaned about being called up for pointless disk alerts, such as a database filesystem being 99% used - which was correct, the database tables had been sized to fill the filesystem, though the sparse tables themselves might be empty. When I asked one of them why they didn't do something about it, such as fixing the monitoring, he replied "But then I wouldn't get my callout payments"! Due to that sort of attitude, I didn't stay there long enough to be put on-call myself.

And, speaking of sparse files, how many people does it take to make a logic bomb?

- One Systems Programmer to insist his utility directory, /u, should be first in the search $PATH, as he had a custom version of tar that could handle sparse files correctly. OK-ish so far.

- One fat-fingered sysadmin to type "ls > pg" in the /u directory, instead of "ls | pg". Still not a problem, as the "pg" file is not executable.

- One zealous sysadmin to decide everything in /u should be made executable. Oops, the garbage "pg" file is now used instead of the system utility.

10
0

IT jargon is absolutely REAMED with sexual double-entendres

tfewster
Facepalm

Not a double-entendre, but a double-FAIL

My favourite error message evah, from a StorageWorks disk array with dual controllers

"07080000 The other controller crashed, so this one must crash too"

Uh...wait...what? Silly me, thinking dual controllers provided resilience!

9
0

US to rethink hacker tool export rules after mass freakout in security land

tfewster
Joke

Re: The pen is mightier than the sword.

I believe the military and terrorists use water as well! (I hear that MRE can't be classed as "food").

Yes, I know that the Wassenaar Arrangement is quite specific about what are "sensitive" dual-use items.

1
0

US State of Georgia sues 'terrorist' for publishing its own laws ... on the internet

tfewster

Re: Major change needed

> Deny the right to right to assert copyright in anything extruded from a state outfit.

Whoops. So all publicly funded research should be up for grabs for exploitation by commercial organisations without royalties? No thanks, if I've already paid for it once I don't want to have to pay a second time and I don't want damn freeloaders using it.

Which is where these two extremes meet - If Carl Malamud is profiting from republishing documents owned by the taxpayer that are _reasonably_ available to those taxpayers, he's scamming people.

> Without providing the publisher with the ability to recoup its costs for the development of these ... annotations, the State of Georgia will be required to either stop publishing the annotations altogether or pay for development of the annotations using state tax dollars.

If that statement from the State of Georgia is actually correct, that there is a (reasonable) cost to creating the content, then a charge to cover the costs seems reasonable.

0
12

2015 Fiat 500 fashionista, complete with facelift

tfewster
Flame

@45RPM Re: bijou playroom for use on the Queens highway.

I've come to loath Fiat 500s. Almost invariably doing 65 MPH in lane 3 of the motorway, with half a mile of clear road ahead of them and an empty middle lane. And when the middle lane ISN'T empty - their "overtaking" speed drops to 61 MPH

3
2

Hacked Hacking Team team – like everyone in security – read The Register

tfewster
Joke

Re: here's your thread

Not me, but I knew that one commentard worked for them - s/he was downvoting schadenfreude posts in the other thread!

4
0

Page:

Forums