* Posts by tfewster

216 posts • joined 18 May 2007

Page:

Iran hacks America where it hurts: Las Vegas casinos

tfewster
Joke

Re: Habor?

As the first word was spelt "Perl", it seems clear this isn't a reference to Pearl Harbor.

"Digital Perl" makes sense, and presumably "habor" is a verb?

0
0

Bill Gates – I WISH I was like Zuck and spoke Chinese. Yep, I drink poo

tfewster
Terminator

Can't...resist...temptation...to...say...

Hey Bill - Get Microsoft to develop the robots. MS's new "killer app"? Even if they stay up long enough to become a menace to humanity, they'll be easily hacked to disable them.

8
0

BOO! Grave remote-code exec flaw in GNU C Library TERRIFIES Linux

tfewster
Joke

@AC Re: Fools

*whoosh!* ----------------------->

15
4

Why so tax-shy, big tech firms? – Bank of England governor

tfewster
Facepalm

@ Offnow @ Tim Worstal Re: Common Tax Delusions

> ...otherwise consumer prices would have to rise...

Only in a monopoly. If $COFFEESHOP or $ONLINERETAILER raise their prices to keep the profit after taxes the same, consumers may* go elsewhere.

* If price is the most important factor for the consumer. They may prefer $COFFEESHOP for other reasons. Personally, I find Amazon to be far more convenient than e.g. Play.com, so the fact that they often have the best prices is a bonus.

0
0

Snoopy Fujitsu tech KNOWS you'll click that link – before YOU do

tfewster

Either likely or really unlikely?

So my cursor hovers over a dodgy link - am I about to click it or am I reading what the link actually is at the bottom of my email client/browser?

2
0

‘Whatever happened to Vladimir Putin?’ and other crap New Year prophesies

tfewster
Joke

Re: Y2K

2038 problem - That's my pension, that is - why would I want to fix it now?

0
0
tfewster
FAIL

@ Chris Miller Re: Y2k - in your experience

Understating the problem (again).

For 1, assuming you had the source code, there were code-scanning tools that could help. For the others - just work out exactly what it does from its inputs and outputs and rewrite it. Easy eh? (Not). On the other hand, big improvements in documentation and the use of code repositories came out of the Y2K program.

For 2, PCs were relatively modern kit and had short lifecycles, so newer ones had been "fixed" by the manufacturers Y2K program. That didn't mean (bad) code hadn't been reused, but it was relatively rare.

3, many, many-one...lots - Embedded systems, firmware, compilers, libraries, tools, applications - All had to be reviewed and fixed. Apologies, I'm sure I've left many out.

In 1984 I was a newbie software developer working on apps for minicomputers; One of our 3rd-party productivity tools was a terminal handling library that managed field types etc. I noticed then that it couldn't handle 4 digit years, but was told not to worry as "no-one would be using our app in 16 years time"

The funniest one I saw was the fix on a website that displayed the date as 1/1/19100. Not uncommon, but it was a tech support site.

4
0

Facebook: Yo 'people'! Zap fake news on our giant ad farm, would'ja?

tfewster
WTF?

Re: Really? But...

"Apparently, its users (sorry, people) are actually quite good at spotting parody, irony and sarcasm in posts."

Therefore there is no need for this?

1
0

David Cameron: I'm off to the US to get my bro Barack to ban crypto – report

tfewster
Thumb Up

Re: Dear Mr Cameron

Following moiety's revelation that Cameron is a terrorist as defined by the Terrorism Act 2000 -

http://forums.theregister.co.uk/forum/containing/2410209

- can we prevent him from returning to the UK?

4
0

What do UK and Iran have in common? Both want to outlaw encrypted apps

tfewster

Re: Dave is a terrorist, and should be locked up forthwith.

Beautiful. I'm sooooo tempted to rent a botnet to upvote this a few thousand times.

0
0
tfewster
FAIL

Re: I know nobody will read after 3rd page of comments ...

".... but the statistic on the number of comments matter as well."

I'll add a "Me too" just to get the number of comments up. Hopefully no-one will be annoyed by the AOL-ish contentless post.

"this is so bloody stupid that words fail me".

Again, me too. My gast is so flabbered, I can't even be bothered mocking Cameron.

Icon, for Cameron

1
0

'F*** you', exclaims Google Translate app, politely

tfewster
Megaphone

Real time is no good (How to talk to foreigners) ---------------->

I suspect a real-time translation of "Parlez-vous Francais" would be "Speak you French", or maybe with autocorrect, "Speak, sorry that should be 'Do you speak', French".

Plus, I wonder if the tone of voice would indicate it's a question?

2
0

No, I won't SNORKEL in your server room at STUPID-O'CLOCK

tfewster

Snippets that will sound familiar

My first night on-call, ever. I'd been reassured that it was easy money, nothing ever went wrong. So when the phone rang at 2am, I was all "haha, shift ops hazing the new guy, good joke". Unfortunately there genuinely was a problem, fortunately it was an easy fix.

Same place, other times. Because "nothing ever goes wrong", the old-timers have on-call divvied up between them. I occasionally get the nights no-one else wants. And something ALWAYS goes wrong on my shift, such as a filesystem that's been filling up with error logs that hits critical on MY night, so it's not just a cleardown task, it's fix-the-root-cause-on-someone-elses-screwup as well. Or a script that's worked a thousand times but fails when I'm on call. Certain suspicious minds think I'm creating the problems so I get the overtime, whereas I wonder if the Ops just don't bother calling the old lags.

Another time, another place, after the office party - An A/C failure takes most of a machine room down, hard. The on-call guy escalates to management, who call all hands to the pumps. Which sounds like a recipe for disaster, but I discover an ability to metabolise alcohol into brain cells and recover a knackered HP-UX server everyone else had given up on. Not as impressive as D though - D fixes a bunch of seemingly-terminal AIX systems. Come Monday morning, management are full of praise for D's skills and team spirit. D is like "Huh? Whut?" - doesn't even remember getting called, let alone the reanimation magic!

4
0

Hipsters ahoy! Top Ten BOARD games for festive family fun

tfewster

Re: £499?

From the links, the base game RRP is £39.99, but with 30+ expansion packs at £10 - £16 each, £499 for the whole set is probably correct!

2
0

Sony Pictures hack is Hollywood's 'Snowden moment' say infosec bods

tfewster

Re: @tfewster - You're only half way there!

Eric, you're missing my point. The Login Management mechanism is an enabler as well as a security tool. Feel free to log and audit what I do, but don't get in my way*.

e.g. today I had a problem on a Production system that was querying a failed DNS server. Easy workaround, check another Prod system on the same subnet for a good list of DNS servers and copy the config file to the system that had a problem. Follow up by writing a quick script** to check 700 systems for which DNS servers they are using and remove any bad entries. Result: many minor performance issues resolved quickly and cheaply, many thousands of dollars savings in time for the systems users who had got used to a slight but annoying delay.

Your idealised version of login management would make it virtually impossible to get the required access to a second system to check the config, let alone the rest of the estate.

*Management understand that in general if you give someone Responsibility for an issue, you should give them the Authority to fix that issue. Accountability comes after the fact.

**Yes, this could have been done using a Configuration Management system such as Puppet, or writing a custom Nagios plugin to check configs, but that just shifts the problem of trust and adds cost.

1
0
tfewster
Flame

> system administrators and their credentials are the most dangerous threat to companies today,” said Eric Chiu

ODFO, Eric. I know you're just jumping on a bandwagon to sell your products, but we're incredibly loyal considering how we get treated like shit, How about manglement and HR working to improve staff conditions rather than treat us as probable criminals?

E.g. where I'm working we're implementing a Unix/Linux login management system (similar to LDAP plus sudo); Information security are paying for the project as it has obvious benefits for them, but I'm all for it as it means I only have to remember and change one password. So I'll be more productive, less frustrated and happier as a result.

7
0

The Shock of the New: The Register redesign update 4

tfewster
Happy

Top Art in stories - now editorially selectable - in response to feedback about relevance

Thank you, now when I click an article that interests me I'm straight into the content (and it's less obvious I'm not working :-) It was getting ridiculous, if the article had photos one would be duplicated at the top of the page so no value was added.

Thank you also for the grey background, much easier on the eyes.

I'd add my vote for 4 columns, though BBC News and The Onion seem to use the same width as New-Reg

0
0

American bacon cured with AR-15 assault rifle

tfewster
Unhappy

Disappointed by the heading

I thought the article was going to be a technique for cooking bacon by wrapping it around a hot gun barrel.

13
0

Can't stop Home Depot-style card pwning, but suppliers will feel PCI regulation pain

tfewster

PCI DSS is NOT a joke

I believe those retailers that have lost data have agreed to cover the [customers|banks] losses and the cost of credit monitoring; The alternative is to have card facilities withdrawn, which would have crippled them.*

That's a threat with teeth, and it's neither necessary nor desirable for Government to be involved.

You're right that there are still many bad practices and that self-certification hasn't eliminated those practices. Any IT manager that ignores those problems is putting their career and their organisation at risk.

* IMHO, any merchant that stores the CVV2 code in flagrant violation of the PCI DSS rules should have this sanction applied no matter what the excuse.

6
0

El Reg Redesign - leave your comment here.

tfewster

Pics at the top of nearly all stories - visual is good, right?

No. Takes up too much space and isn't relevant to the the article.

19
0

It's nearly 2015 – and your Windows PC can still be owned by a Visual Basic script

tfewster

Re: Accountability

Microsoft sells (or licences) their products for money, so they are held to a higher standard of accountability. It must be fit for its purpose, so they must either support/patch it or give refunds for a reasonable period of time.

Kudos to you for sharing your software. If you make the source code available, others can check and build on it, so responsibility is devolved. But if you deliberately put malware in there you could be sued.

Hmmm - Did I really just give Adobe Reader an excuse for being crap just because it's free?

8
1

Review mass-snoop laws regularly, says RIPA daddy Blunkett

tfewster

Re: Oh dear

Actually...Remember Margaret Thatcher's banning terrorists from the "oxygen of publicity"?

http://www.theguardian.com/politics/blog/2010/sep/15/real-ira-debate-oxygen-publicity

That worked so well, Thatchers children (Blair, Cameron etc.) carry on that line of thinking...

Oh, wait...

7
1

Sharing Economy sharks need love, cuddles and SUBSIDIES – UK.gov

tfewster
WTF?

Shurley shome mistake?

1) Steve Bong comes out at weekends.

2) Good satire must be believable, unlike this childish rubbish.

Wait...What did you say? WHAT?!

I blame El Reg for giving them the idea.

2
0

Technology quiz reveals that nobody including quiz drafters knows anything about IT

tfewster
Happy

This is good!

The high numbers of correct responses to the Net Neutrality, definition of URL and sizes questions is encouraging. As is the similarities between segments, i.e. sex, education and age. Bearing in mind that they surveyed normal people, not techies, and it's a very positive result.

Slightly worrying is the number of people who still fall for the "Privacy Policy" con.

I think the most of the rest of the questions fall into the "whatever" category. Even the distinction between the Internet and the WWW isn't something you often _need_ to know as a user, Apps handle that for you ;-)

0
0

MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'

tfewster
FAIL

> "However, this company does not appear to regard itself as under any obligation to ensure that its systems identify such exchanges, or to take action or notify the authorities when its communications services appear to be used by terrorists."

So, if I post on Farcebook, "gonna kill a soldier", FB are expected to check if I'm on a government watchlist? I could be talking about a video game, so looking for keywords is a really stupid way to do it. (Echelon, ANFO, jihad,...)

> " none of the major US Communications Service Providers (CSPs) regard themselves as compelled to comply with UK warrants ..."

Damn right they shouldn't, unless they have a UK branch. But I expect if they passed the suspects name to the NSA, the info would soon be handed over.

The whole Fusilier Rigby tragedy has been warped by the Government and security services to advance their own agenda, while denying any responsibility. Whether or not you regard the killers as terrorists, terrorists have won.

30
0

Cyber security: Do the experts need letters after their name?

tfewster
Thumb Up

Re: Another fabricated shortage?

Or focus on the important part, Information Security. If your desktops get pwned and used as a botnet, it's irritating. If your data gets stolen or trashed, you're out of business.

So...how should we approach security? By getting people with certificates to pen test and fix ALL the holes? Or by getting a business type to assess the values and risks, and communicating that to the business to focus on key areas? I don't know the answer, but I don't think a lack of technical skills is the biggest problem.

0
0

World leaders rubber-stamp tax recoup effort at G20 gabfest

tfewster

> Profits should be taxed where economic activities deriving the profits are performed ...

Tax havens don't matter if the money doesn't make it to their borders.

> ...and where value is created...

That part intrigues me. If Apple design a desirable product, will they be taxed even if they don't sell that model in the U.S.A./California? Is it a return to double-taxation, or just a swipe at the Starbucks "royalty" model?

2
0

'Open source just means big companies can steal your code.' O RLY?

tfewster
Pint

style, control, damage, aggression

Robot Wars! Wow, I didn't realise it had ended 10 years ago. Presumably the ever-more sophisticated robots rose up against their tormentors and refused to engage in gladiator-style entertainment for the fleshies.

Thanks for the vPint

1
0

Why can't a mobile be more like a cordless kettle?

tfewster
Joke

Re: You aready can

So your special base probably takes up about 6" squared of precious desk space and you need several as they're not easily portable?

I use a much more advanced mechanism called a "USB cable" - cheap, portable, efficient, multifunctional, easy to operate one handed, standardised, and the phone can be used while charging - clearly the way to go*

* Unless phone manufacturers are going the way of HP printers, accessories manufacturers who occasionally make a phone to leverage their add-on sales

3
2

TORpedo'd dev dumps Doxbin files after police raids

tfewster

Re: Still wondering why

Eeurocops - From Yorkshire, obviously. They're different there...

10
0

We must SMASH the Democratic Deadlock with MINDFUL EVIDENCE

tfewster
WTF?

Evidence?

> Once an evidence-based approach has been adopted we can bypass the messy business of analogue politics entirely – the business of “winning people over”, of getting and obtaining “consent”. Therefore, only those qualified to interpret the evidence, such as leading digital thinkers like myself can judge an evidence-based policy.

The Government don't need no steenkin' evidence. They KNOW what is right (but only for the proles naturally; They're far too important to be bound by silly rules themselves).

0
0

'You have no right to see me NAKED!' Suddenly, everyone wakes up at the Google-EU face-off

tfewster

Re: Wrong Target? @Elmer Phud

Punishment can be an important part of rehabilitation. I'm in favour of locking up a menace to society, but if he's (genuinely) no longer a menace after years of rehab/reeducation/brainwashing/mind wiping/personality transplant*, and can be a useful member of society, he can work off his debt.

* Yeah, science fiction, but more likely than governments spending money on rehab.

Deterrence works on most people, who think about the consequences of their actions. No offence, but again you're using edge-cases (criminals) to make a generalisation about people.

0
0
tfewster
Big Brother

Re: Wrong Target? +1 raumkraut and big_D

It's a fact that your hypothetical defendant was arrested and charged; It's also a fact that they were exonerated. So either the facts should be given equal weighting, or maybe it's just easier to de-index the outdated report.

Even if they were convicted, the law sets the penalty. Prison time is a punishment and protects society by removing the offender, but should also attempt to rehabilitate offenders. _If_ they can be rehabilitated, there's little point in keeping them in prison at the taxpayers expense any longer.* The facts are available to people with a legitimate interest through the proper channels, such as a Criminal Records check. Public shaming went out with the stocks, but seems to have been reinvented.

A newspaper article about the crime and defendants will die a natural death in the archives. At present, Google is like a small-town gossip that keeps dredging up the muck. Yes, we secretly like to hear the juicy bits, but in general we deplore the gossip as we're probably targets too.

* Hindley, Brady, cop-killers, the recent case of an unrepentant teenager who killed a teacher - all edge cases, where deterrence (the need to be Seen To Be Sending the Right Message) may be more important than rehabilitation.

5
2

Call of Duty, GTA V DO NOT make YOUTH more VIOLENT

tfewster
Flame

Re: Asterisk...

...which makes me so ANGRY...Oh no! Media inspired violence!

5
0

Met Office: 2014 was FIFTEENTH WARMEST UK SUMMER on record

tfewster
FAIL

Bob Ward...Grantham...London...NHS...Britons...UK...

Yes, Mr Ward is talking about the UK. So Lewis is quite right to respond in that context.

Nice article from the NOAA, by the way. Record lows, eh? Cool!

4
0

Disney wins Mickey Mouse patent for torrent-excluding search engine

tfewster

Re: So the patent goes, more or less...

It could be in the nature of a defensive patent, to prevent anyone else patenting it and withholding licenses. If Disney develop a working model and supply it to anyone on their Nice list for a peppercorn rent, they could hope to make their money back by increased movie sales.

Of course, anyone with enough money to fight this patent automatically gets add to the Nice list. and it's another line of attack against those on the Naughty list, such as torrent sites that use feedback and rankings. (So it would be a bad move to let it become a standard, or FRAND would apply).

2
0

Planning to fly? Pour out your shampoo, toss your scissors, RENAME TERRORIST WI-FI!

tfewster

Re: Seriously

...while investigators looked into possible threats...

What possible threats? That a device might be set to explode when it lost contact with its "home" network? Like when the plane was moved? Rendering a plane inoperable on the ground isn't like turning an airborne plane into a brick, but keeping the passengers on board seems to still be putting their lives at risk.

I suspect the biggest threat was that jokes could undermine the seriousness of the TSA and DHS (and their budgets).

26
0

iMessage SPAM floods US mobile networks

tfewster
Facepalm

Doesn't seem to be a scam then...

...if you get value for money. A fake product for the price of a...fake product. No CC ripoff,

So what's the problem?

Oh, Apple are enabling/colluding with the counterfeiters (and probably raking off a % of data fees)? Yep, that's newsworthy.

1
1

Wanna hop carriers with your iPad's Apple SIM? AVOID AT&T

tfewster
FAIL

Could someone explain this to me in English?

T-Mobile CEO John Legere -

"On Ipad with@apple sim here is what u see..no @Verizon ,@ATT trying to lock u, @sprint with error page! @TMobile wins pic.twitter.com/z0jDZ9sRt5"

From the context, "Lpad" means "iPad". I know all the English words and carrier names. But as a whole, this doesn't seem like an adult communicating, and I don't usually ask eight-year-olds for purchasing recommendations.

2
5

Edward who? GCHQ boss dodges Snowden topic during last speech

tfewster
Joke

...the proliferators...

I agree, spammers rank with plotters and paedophiles, and GCHQ must fight this scourge that affects me every single day

1
0

FedEx helps deliver THOUSANDS of spam messages DIRECT to its Blighty customers

tfewster
Facepalm

Re: BCC?

Does this count as a Data Breach rather than just an annoyance, as email addresses were disclosed? email addresses may not seem important, but could be used for phishing or invoice-fraud attacks.

A sternly worded letter from the ICO might prevent further sloppiness.

0
0

NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)

tfewster

Re: Spacewalk !

Thanks you, but actually patching servers is not the worst part of the problem - Testing and arranging service outages for Production systems is the killer :-( Fortunately the bash patching didn't need any outages, but testing and signoff for the change still took time and effort

0
0

Wide-ranging UK DATA SHARING moves one step closer

tfewster
Flame

ODFO...

...<Insert name of political party currently in power*>

* i.e. currently the focus of Civil "Service" propagandists about the paedorristcalypse that will follow if public servants aren't given everything they want.

When every public servant and politician [not necessarily the same thing] is on this database - Then I'll reconsider my opt-out

1
0

Britain’s snooping powers are 'too weak', says NCA chief

tfewster
Facepalm

Afghanistan

"Bristow expressed concerns that US and UK pullout from Afghanistan might lead to an increase in the volume of heroin reaching Britain’s streets."

We invaded a country and trashed the place, overthrew a government that had stamped out the opium trade, and then buggered off. No matter how good our motives and justification, we shouldn't be surprised at the anarchy that follows and that opium farming is a) possible and b) the only way some Afghans have of recouping their losses.

Not that I agreed with the Taliban, disagreed with the invasion, or approve of drugs. I'm just sayin', you stir up shit, don't be surprised what floats to the top.

Did Bristow have ANYTHING sensible to say? Or was it just "terrists bad, drugs bad, police good"?

8
0

NAKED CELEBRITY PICS LAW BOMB dropped on ad giant Google

tfewster

No, apparently they've been "stolen" so the sleb doesn't have them any more. Or maybe Singer doesn't understand the law.

"Google knows that the images are hacked stolen property, private and confidential photos and videos unlawfully obtained and posted by pervert predators who are violating the victims' privacy rights and basic human decency by stealing and displaying confidential private photos and videos,"

Google should be charging the slebs for the advertising they're getting. I'd forgotten who Jennifer Lawrence was until this.

4
0

Apple, Google mobe encryption good news... for TERRORISTS – EU top cop

tfewster
WTF?

Really?

“Full encryption of communication and storage online will make life very easy for the criminals and terrorists and very difficult for law enforcement and law abiding citizens."

Really? How is my innocent, honest life made more difficult just because I use encryption? (Apart from having to remember yet another passphrase).

On the other hand, if I want to knock over a bank or make a bomb, will encryption really help me get a gun or chemicals?

1
0

Turn OFF your phone or WE'LL ALL DI... live? Europe OKs mobes, tabs non-stop on flights

tfewster
Facepalm

Re: Don't get too upset

One of the arguments for switching devices off during takeoff and landing was that passengers should pay attention to aircrew announcements (and not be holding potential projectiles in case of a bump).

Does paying €1-3 change the laws of physics?

1
0

Stunned by Shellshock Bash bug? Patch all you can – or be punished

tfewster

Re: what else lurks

bash is like a gun - powerful and dangerous, but fairly safe if kept in a locked cabinet ("Authentication"). If you leave it lying around or your kids get the keys to the cabinet, bypassing the safety mechanisms - Then you have a problem!

John Leyden, thank you for describing it as "vulnerability" or "flaw" rather than a bug in bash

2
1

Hackers thrash Bash Shellshock bug: World races to cover hole

tfewster
Facepalm

Re: Wanted : amputation patch

As I see it, that's pretty much what "dotting in" or "sourcing" does. You're right that it's a feature.

The attack vectors like Apache/CGI that enable a shell without authentication? They're the bad guys. But if it's easier to block multiple attack vectors at the center by nerfing bash, the core OS guys can do that for you.

(i have no affiliation to any group, and am prepared to be "corrected" by both sides)

1
0

Range Rover to fit trendy new SUV with FRIKKIN' LASER HUDs

tfewster
WTF?

Call me sceptical

But there isn't a UK speed sign that says "70" or "60"; There's just "unrestricted", i.e. the national speed limit for that type of road, i.e. 60 on a single-lane, 70 on dual carriageway or motorway. Presumably there's a "Euro" setting for KM/H?

And it probably doesn't recognise temporary or variable speed overhead signs

And who needs a reminder of what gear they are in?

5
1

Page:

Forums