* Posts by Alistair

812 posts • joined 18 May 2007

Page:

Go phish your own staff: Dev builds open-source fool-testing tool

Alistair
Silver badge
Windows

Happening real time.

At least in a couple of companies this side of the pond, they are testing the end users. I'll be pointing a couple of folks at this.

I've been around long enough that I happen to know far too many folks in my current employer. Last campaign on this front I got a call from the SDir for security - I was the 1st to file the mail as a phishing attempt and one of only 6 in the company to handle it properly. (it might have had something to do with the fact that I was up at 3:30 am on a change)

I had to have a discussion with several of the folks I work with about *how* to handle crap like that. So -- even IT aware people can blow it.

As a sysadmin with command and control access to *far* too many pieces of hardware I'll point out that in my books, if you've opened a web URI from one of these emails, you need to be fired. End of line. I don't leave passwords lying around on *any* disk unless those are in an encrypted form, but the risks of getting hit with a keylogger, dataslurp, or in fact ANY virus are so substantial in the sysadmin case that I have no sympathies for someone on that front.

Its also why I try very hard not to use my windows VM for anything I don't *utterly* need to use it for.

1
1

Google to deep six dodgy download buttons

Alistair
Silver badge
Windows

really

I've become quite adept at noscript interpretation.

-> Google going after the dodgydownloadnow buttons is more than just a tad ironic. At sourceforge they seem to be served up by someone else, however if you chase both domain name and ip ranges, that be google tossing you crap downloads.

Not quite sure if this will clean things up - although the implication is that they'll let you *HIT* the button, but will toss the "ohnoes this be liers and tigers and bears territory" screen at you *after* you hit it.

2
0

Winning Underhand C Contest code silently tricks nuke inspectors

Alistair
Silver badge
Windows

Re: And then there is TheRealWorld[tm].

@jake

"End of line......"

FTFY.

<I'm dealing with a package called mCP today>

2
0

Masked men 'steal' £250k of smartphones from Exertis

Alistair
Silver badge
Windows

Do not understand these people

IMEI's anyone?

<< was wondering why the fraud system update was so large yesterday >>

9
0

'Dodgy Type-C USB cable fried my laptop!'

Alistair
Silver badge
Windows

Re: Human error

@RCarnegie:

Judging from the daily presence of either a peanut or a walnut on my front porch windowsill, I'd say that the squirrels are somewhat more reliable than the humans.

Not talking about the post office.......

0
0

'Hopelessly insecure’ Motorola CCTV cameras belatedly patched

Alistair
Silver badge
Windows

Not quite making sense of this:

Binatone manufactured a camera, branded as a Motorola product, and

"Hubble Connected has fully patched the vulnerability to ensure that the reported bug is addressed,” said Brendan Gibb, CISO at Hubble. “This firmware will be released on 2 February 2016 to all affected cameras."

*Hubble* updated the firmware, automagically?

*cough* Someone at Hubble has a new job with the (NSA/GCHQ/CCIS/spyagencyofchoice). Mind you if the security of the original code was as bad as described, perhaps not.

0
0

Uber rebrands to the sound of whalesong confusion

Alistair
Silver badge
Windows

Re: rates

@ Holleritho:

"Uber's millionaire owners want to peonise the drivers while putting 100% of the risk on them while trousering yet more billions?"

"Ubers VC controllers want to peonise the drivers while putting 100% of the risk on them while trousering yet more billions?"

FTFY.

You don't think that the *owners* actually have that much cash in hand do you?

0
0

BT blames 'faulty router' for mega outage. Did they try turning it off and on again?

Alistair
Silver badge
Windows

Re: 'Faulty Router'

@ VRH

or: someone left the spanning tree turned on. Whats border protection do again?

1
0

SAP pays $3.9m to settle Panama government bribery case

Alistair
Silver badge
Unhappy

Now, I'm no fan of SAP, or corrupt practices.

However, the fact of the matter is that The Reg needs to find someone, somewhere, qualified to edit. I now have a headache.

2
0

WordPress under attack by whack-a-mole ad-scam malware

Alistair
Silver badge
Windows

urrr:

WordPress. Javascript. Malware injections.

I think Adobe's Flash has a competitor.

7
1

Facebook tells Belgian government its use of English invalidates privacy case

Alistair
Silver badge
Windows

Belgian cookies? I'll have several thanks.

1) $245B valuation is a stock market farce. It happens to be irrelevant in this discussion.

2) Social Interaction Data Mining Inc not comprehending the fact that there are entire countries where folks actually speak more than one language is only attributable to the fact that they have no perspective other than the glass box they call an office.

The older I get the more I find that the majority of those younger than I are utter twats with no ability to see anything outside of their own narrow experience. Sad really. I suppose that there are more than a few that *do* see outside their warm fuzzy bubble of black and white, but they are getting further and further between, or are getting drowned out in the avalanche of stupid that the interwebs has become.

10
0

Ginni Rometty to pocket $4.5m bonus for IBM leadership

Alistair
Silver badge
Windows

IBM

Is still upright and breathing -- sort of --

Ginny's vestment is 2019? -- three years. I suspect she'll walk out the door with everything in pocket. Quietly and gracefully.

How much longer after that it continues to stagger forward without slaughtering the entire GDF division and selling it to Tata I do not know.

4
0

US police contracts and private forum posts dumped online

Alistair
Silver badge
Pint

Re: Was SIN ever so Sweet and Appealing and Enlightening ‽ .

@amfm:

Either I've been hanging about these fora too long and am getting particularly damaged in some way, or you are starting to make sense. Not sure which of those is more scary.

14
0
Alistair
Silver badge
Coat

Interesting that he's already recieved threats.

I wonder who would be so silly as to threaten someone on line.

<the one with the "Trolling for idiots" in the pocket please>

10
0

Patent Troll Unit set up by Virginia government to slay lawsuits

Alistair
Silver badge
Windows

Re: Why don't they save time

" patent troll extortion model (PTEM)."

Tagged for future use as an ATBMW.

1
0

Intel and Micron's XPoint: Is it PCM? We think it is

Alistair
Silver badge
Windows

Any physicists around that care to comment

on chalcogenide behaviours *other* than the phase change induced by electrical stimulation?

I've an engineering text that might have the answer, but that text is buried amongst other such dead tree objects I've not touched in ............ Well, long enough that I'm not gonna admit it.

1
0

Two-thirds of Android users vulnerable to web history sniff ransomware

Alistair
Silver badge
Windows

Re: Malware, app.... all very similar

I'm not sure what phone and version you're on where disabling Google play services is uninstalling all your apps.

I keep GPS disabled unless I have to pull something from the store. There are some apps that tend to want it on when they're running but mostly those are FREE games that are generating revenue through GPS adds. Again, this is a user issue - User doesn't want to pay $1.99 for that app - so the app makes its money by throwing ads at the user.

I'm also not running a stock ROM or kernel. But I'm crazy techie geeky that way.

0
0
Alistair
Silver badge
Windows

Let me see here.

1) stupid user gets pop up on some website that tells them they need an app to do something questionable

2) stupid user follows (what must be fairly detailed) instructions from popup to:

a) disable a security setting (sideload)

b) connect to non-standard app "store"

c) install questionable app

3) stupid user gets pwnd

4) AV review blames OS creator.

this sounds to me like an LNF error.

Logic not found.

Yes, hardware vendors not keeping hardware that they've sold patched and updated is terrible. This is not something new, when was the last time your cheap as chips router got a firmware update from the vendor? It goes with the capitalist competition, sell, sell, sell, new, shiney stuff mantra, but that is systemic, and certainly not google's fault.

Most of those here are capable of working around the 'cheap as chips, crap support' issues. The vast majority of the population expect such things to 'just work'. Thing is, if they are to 'just work' and stay managed and maintained, generally they wont be 'cheap as chips'.

5
2

BOFH: In-depth IT training needs a single-malt distillery

Alistair
Silver badge
Pint

Islay junket.

!! Sign me up !!

And, I'm fairly sure that the manglement wont pay for it it, but damn I'd be going.

<it *is* supposed to be malt too>

3
0

30 years on from Challenger, NASA remembers the fallen

Alistair
Silver badge
Windows

Was a very long day for me.

I got up early to get to work early so I could take my lunch to watch the launch.

Manager had no sense of people skills, was essentially an overblown secretary. Had fits when I said I was going to be late back to work. Mind you I did get back to work and finished the day. Owner of the company (a neighbour of mine) was astonished to see me in that afternoon. He knew how invested I was in geeky stuff (which was one of the reasons I was running their computers).

I for one will not forget that image........

4
0

You've seen things people wouldn't believe – so tell us your programming horrors

Alistair
Silver badge
Windows

just don't want to remember writing:

HPUX 11.0 korn shell process that had to handle (yesterdays log files).

too many nightmares to talk about since ......... no perl <and no, they would not install it>

0
0

Apple yanks international travel plugs over shock worries

Alistair
Silver badge
Windows

Re: Mystery solved

I'm sure he was answered with thunderous applause.

4
0

Uber driver 'pulls handgun' on passenger

Alistair
Silver badge
Windows

Having driven cab at one time in my life, (actual licensed cab, not "we're not a cab company, but we'll get you a ride"). Picking up collections of male youth greater than 2 on a drinking binge is *NOT* something that ever makes any driver feel safe, ever. And the yark urge is always present in one or more of these individuals. I *always* had a collection of plastic bags in the car on weekends. And the cash in hand before I rolled.

7
0

Come on kids, let's go play in the abandoned nuclear power station

Alistair
Silver badge
Windows

@Symon

A substantial portion of Monbiot's statement applies to Thorium Salt reactors -

In fact the *suggested* path is Thorium Salt > IFR as it reduces the recycling required at the IFR.

But *that* is a hell of a lot of engineering that governments don't want to pay for.

4
0
Alistair
Silver badge
Windows

Nice read == agree we need more of these articles.

Grew up less than 20 miles from (actually, still live less that 20 miles) Ontario's first electrical production nukes. At the age of 11 or 12 I recall going on the tour, including walking by the "decommissioning pool" - no tours now, that I'm aware of , and 4 of the 8 are fully shut down now, but it was quite enlightening. Tour included comparisons of FBR, BWR, and HWR and I still haven't seen how HWR haven't been deployed everywhere (oh, look, yes, they have ....) or more of them.

6
0

Microsoft encrypts explanation of borked Windows 10 encryption

Alistair
Silver badge
Windows

Re: Whut?

" Unless you have Win 10 Pro, in which case you are allegedly deemed capable of not losing your keys simply not told that it is being collected for you.

FTFY

0
0

China has a chip to fry with y'all: Wants its own chip smarts and fabs

Alistair
Silver badge
Windows

IP rampage.

I'm surprised that the RIAA and MPAA haven't yet sued the chinese for copyright or patent violation.

Sounds *very* much like their processes.....

0
0

Sainsbury's Bank web pages stuck on crappy 20th century crypto

Alistair
Silver badge
Windows

*layers* -- they have *layers*

"can rest assured that they are protected at all times by multiple layers of online security"

So -- the website is ... an onion or an ogre, ... or perhaps a cabbage?

3
0

West Virginia mulls mother of all muni networks – effectively a state-wide, state-run ISP

Alistair
Silver badge
Windows

Re: Just got back from The Windy City...

Camilla:

If you've read the Hunger Games you pretty much have the US. Either now or in the near future.

0
0

Criminal records checks 'unlawful' and 'arbitrary' rules High Court

Alistair
Silver badge
Windows

Re: It's a start

@WatAWorld

For most CR's over here that is true. Try getting a government security clearance. An entire other world.

From my past, I've pulled my CR 3 times over the last 15 years, all three times it was 'no data found' type report - I however have a copy of what was done for my security clearance. It has data on it from *prior* to me being an adult, which was somewhat staggering, since our *legal* system states that that data be sealed off and unattainable.

0
0

Five technologies you shouldn't bother looking out for in 2016

Alistair
Silver badge
Pint

Re: Hey, I can play "Linux Sux" too!**

@ Captain Daft:

For 30 seconds there I was thinking you came over to the darkGentoo side.

1
0
Alistair
Silver badge
Windows

Re: Five technologies you shouldn't bother looking out for in 2016

"The reason users have long start up times is because of all the crap they install. That doesn't change when you change the OS.

Actually LL, *that DOES* change. The crapware, malware, toolbars, browser addons and junk, at least for the moment, due to attitudes like yours, just doesn't exist in the linux context. Certainly - its *far* easier on my 9 year old's linux system to keep him from killing the system.

Three quarters of the $h17 I have to rip out of mangled windows installations is stuff the end user downloaded and installed trying to get to ... free porn .... free music ... free movies ... bull$h17 driver updates from spamsites etc. 99% of the virus infections I've cleaned up in the last 4 years have been due to "driver update" sites injecting god knows what else into their javascript launched ASP.

8
3

Japanese chief TPP negotiator accused of taking $100,000 bribe

Alistair
Silver badge
Windows

Benefits.

Kieren, I *really* hope you're getting paid by someone other than the register for the spin you're putting on TPP. And a HELL of a lot.

Benefits:

Corporations will be able to sue *foreign* governments if laws they enact challenge the corporations profitability. This benefit alone makes my stomach churn, my blood boil, and my eyes roll back in my head - I've seen what the oil industry is trying to get away with here in Canada, and what the chinese will be willing to do with our water.

Me? I get ZERO benefit from the TPP. Large corporate entities? They get *plenty* of benefit, to reduce costs, reduce salaries, reduce tax payments and increase profits. Those are the benefits.

69
0

BOFH: I want no memory of this pointless conversation. Alcohol please

Alistair
Silver badge
Windows

BOFH ... Hmmmm....

Friday, yes it is!

"ignoring the HR guy with a tiny slash in the pant leg of his expensive shiny suit."

Do I see a part 2?

5
0

Boeing just about gives up on the 747

Alistair
Silver badge
Windows

747 memories

I still recall my first flight - Viscount from T.O. to New York in 69. Again, kids were treated like kids.

Coming back from Morocco, we spent a weekend in Lisbon and caught a flight from Lisbon to (gag) Mirabel. I recall that we were on standby, and ended up with seats on a 747, I believe the Portugese national airline at the time, at the trailing edge of the wing, and my mom stuck me in the window seat. Taking off I'm fairly sure that I terrified a few of the passengers around me by announcing "Look Mom! The wings are flapping". I got the tour of the cockpit and the toys -- Being the age I was at the time I asked endless questions of the flight staff. I also recall that the layover in Mirabel was cold, the interior lights at the time were mercury blue white and I couldn't sleep for the ballast "buzz". The flight was nice but I ended up with a hate on for that airport.

1
0

Peru scrambles vulture squadron in war against trash

Alistair
Silver badge
Windows

"Negative view of the vulture"

!! And published on the Reg !!

<< Not that *I* have a negative view of vultures, I've been hanging around here for too long >>

5
0

The last time Earth was this hot hippos lived in Britain (that’s 130,000 years ago)

Alistair
Silver badge
Windows

Sorry -- I'm with the flatpack at the moment.

The article takes data points, extrapolates them. This is what science is supposed to do. Shortly after that some of the statements run off the rails.

Do NOT get the idea that I am a climate change denier. Most definitely the climate we're living is is changing. Rather rapidly over the last 20 years of my experience.

What is also (measurably) changing is the amount of C02 we're dropping into the atmosphere.

Also changing - known variables in the climate models such as;

total volume of arboreal mass (C02 eating material)

total thermal values of water masses

insolation variation levels both historical and current

corrective variations in both historical and current measurements of localized temperatures.

Now, I can look out my window at my spottily covered lawn that in *my* past would have had upward of two feet of snow on it at this time of year and say - yup - its kinda warm out there. So, yes dammit the climate is changing.

As long as the IPCC supporting groups keep having to *change* values in the models *every single* iteration - then those models are not conclusive. Once we can run those models consistently without having to massage the data in inconsistent manners we'll have models that come close to being conclusive.

What *I* and rather a *lot* of intelligent folks who do have basic comprehension of science are saying is that some of the *political* actions that are occurring are not in any way shape or form going to solve *any* of the issues we're concerned about with global warming. That some of the actions are motivated *solely* by financial gain of entities that will do the least they can but charge the most, justifying their actions by "save the children, save the planet". That the most efficient, most effective, and best understood technologies are being ignored in cases where they are truly the best interim solution. That decisions about climate based energy solutions are being made without contemplating .... the fact .. that ... CLIMATE IS CHANGING.

The level of greed, ignorance and outright bigotry in regard the climate change issue and the political bullshit being spewed in *all* directions in the mass media by various groups of allied idiots is staggering.

Yes the climate is changing. Yes - C02 numbers are sky-rocketing. Yes it shirley looks like C02 is to blame.

But - the models don't work without *lots* of number management, the data values are being challenged by non climate types who have *every* reason to be listened to from their neck of the woods, scientists all. Yes 96% of climate scientists agree the climate is changing. **NOT** all of them like the data in the models.

That intelligent, considered discussion is possible amongst some is a good thing. It helps if you have a clue about the systems involved, but committing to spending the equivalent of several dozen years of GDP to a solution *right here right now* needs to be done in a manner that will not leave our grandchildren destitute, starving, cold and in the dark.

9
0

Boffins: There's a ninth planet out there – now we just need to find it

Alistair
Silver badge
Windows

Re: Planet?

@Tadirr

Was happy with my green.

Scary - this ties into one of the reasons my wife and I hooked up.....

(muds/mushes. Still around. Still running. Still backing up 4 of them ....)

2
0
Alistair
Silver badge
Windows

Re: Planet?

**cough red star cough**

Threadfall warnings shortly........

8
0

New open-source ad-blocking web browser emerges from brain of ex-Mozilla boss Eich

Alistair
Silver badge
Windows

Re: Maybe I wasn't reading properly

@ Jos V

While I'll agree that google's homepage is a horrendous mess of code, that is, when noscript is running and *blocking*, exactly one script. Not a list. And search still works rather well.

I'm referring to the moments when you have 45 different sources involved in getting one webpage to load and *work*

1
0
Alistair
Silver badge
Windows

Re: Maybe I wasn't reading properly

@ Charles 9

I generally don't have that sort of issue - my drivers tend to come from repos, not websites.

With *work* stuff, we've enough equipment on the floor that has proprietary hardware that I've got repos for the linux hosts and ISOs for the windows boxen (cough) that are falling into my lap.

If the *driver* site you are visiting has $h177ons of javascript, and whales of ads, you aren't downloading a driver, you're downloading toolbars, adware, malware and crap that you will have to moan about.

3
0
Alistair
Silver badge
Windows

Re: Maybe I wasn't reading properly

when a page requires a list of scripts that doesn't fit on the screen just to show content, that becomes a site I block completely

FTFY.

9
0

Microsoft's new cross-platform web app framework renamed ASP.NET Core

Alistair
Silver badge
Windows

Even better:

"new, completely written-from-scratch"

With new, completely written from scratch bugs, vulnerabilities and security issues......

As with all new code, wait a bit .....

6
3

Spare a reserved cloud instance, gov? Microsoft's $1bn, 70k charity sales pitch

Alistair
Silver badge
Windows

Re: No comment...

I'll have to agree Graham, its been quite a while since a hero pic actually made me chuckle. And strangely, I'd toss a loonie or two in his cup. Would probably have to be 3 or 4 now, considering where the loonie is headed.

Have an upvote.

1
0

Hortonworks shares plunge 22% after secondary IPO news

Alistair
Silver badge
Windows

Added to my CV.

There is a place for it in businesses that have other analytic tools in place, as an adjunct or accessory to standard business analysis tools. The issue is finding folks in the business that know which questions they want answered. Most of our issue has been moving data from historical environments to the new environment. Once its *there* the old queries can be satisfied quite well, usually with *much* faster response times (in our case - the old environment included a data migration to tape component, and getting it *back* was terrible) - and we're slowly getting new queries into the mix. We've added a far faster set of data retirement, recovery tools, which also massively improves performance.

We've *new* data streams coming into the environment that will be chewed on by the data scientists for a while and eventually turned into pretty pictures for management and advertising. Not sure how this will work for the business itself, but I'm sure they'll manage to sell it on to other groups as valuable information.

Right now, biggest issue is getting old and new data mining tools to play nice together so that it can all be presented in one interface/set of reports/graphing tools.

0
0

It's 2016 and idiots still use '123456' as their password

Alistair
Silver badge
Coat

scrap passwords for scrap accounts

- at least -- anything that makes me create an account in order to read something i make junk accounts, pointing all over the planet and use junk passwords for.

Stuff I need, on the other hand, I take some care with, but the passwords are algorithmic, so remembering them is easier.

Stuff I have control over? SSH? private/public key authentication only, no passwords.

Educating the ID admins? long, painful, tedious processes. Worth it tho.

I too worked for the 30 day rotation, 16 password deep history queue, 2 Upper, 2 Lower, 2 special, 2 Numeric "reset yer password over the phone based on one question" company. Same with the vpn password. *sigh*. I think it explains the crash and burn.

Mines the one with the encrypted spreadsheet and a copy of "ssh-agent for dummies" in the pocket

1
0

Inside Intel's CPU-level multi-factor auth (and why we've got deja vu)

Alistair
Silver badge
Windows

Re: Oh dear.

"Have you googled/binged yourself recently?"

I binged my head off a server in a rack yesterday --

But the MS offering? dear god no, I don't go there. ever.

5
0

RAM, bam, thank you Ma'am! Samsung fires up fastest-ever memory

Alistair
Silver badge
Windows

Re: RAM, bam, thank you Sam!.. Shirley?

"PS Why do I seem to be receiving eleven minutes to edit my splaffs today? I feel like I'm channelling the incomparable greatness of Spinal Tap"

Yer already running that nifty new memory in your instance of reality, so its running faster?

2
0

Twitter goes titsup

Alistair
Silver badge
Windows

@AC

" full two bytes because I don't think the 14 bit signed integer"

I see you've been in this war for a while too.... Either that or read my other post...........

0
0

El Reg mulls entering Robot Wars arena

Alistair
Silver badge
Coat

Re: A no-brainer, Shirley?

Umm.

Put an two state solenoid at the base of the neck. Stabber rotates to become flipper. Might need some tweaking of the mounting arm, but it would work.

0
0

Page:

Forums