If somebody can market an app that can securely wipe *all* data from your droids...
147 posts • joined 6 Jan 2010
Traffic analysis to spy errant behaviour?
Yeah right. What if said traffic is hidden inside a VPN tunnel? By the time it takes to notify a meatsack about the errant traffic, it'll be too late to stop the nuclear reactor from SCRAMming by itself, or start a meltdown...
Keep in mind traffic will be monitored by computer, but it'll take a human (or team of humans [meatsacks]) to respond to the threat notification and do something about it. Bonus points if attacks are done just after New Years' Eve when world+dog is drunk/passed out/is NAAFI, or at any other times when human reaction time will be very slow and uncoordinated.
I still say IoT is a load of bollocks. Put the IoT behind a proper firewall with controlled external access to said IoT gadgetry, that way you can cut attacks down, and be notified by the firewall itself should there be an increase of SSH attacks (or the such).
But in the end any damager worth his/her salt will just decree to have IoT talk directly to the 'net and hope for the best. And Skynet will be born.
It's things like these which invokes nostalgia for the good old days of DOS, Win3.1 and OS/2 - and when antivirus solutions did their job properly.
Maybe it is high time to make something like a Psion Organizer which cannot be hacked that easily.... or, failing that, just fall back to the good old pen/pencil and paper...
Getting my jacket, I'm leaving for the pub!
Or they had some serious legacy hardware which they did not (or could not) replace in time, and now something borked...
Maybe some n00b engineer decided to run software updates on a critical server, borking something in the process. Or it could be some spammah/pornbot throwing a hissy fit because I've told her off because of her small titties....
We use a Polycom video conferencing system. Many times I wished to kick it out, and installing Skype instead of that.
Now I'm glad I didn't...
Skype services still offline in South Africa. Not going to break my head about that. They'll sort it out in due course.
You'll need access to the physical device, obviously. And enough time to type/paste in that long string.
But any ne'er-do-well will have all the time in the world once your device's been blagged...
I'm using PIN's on all my devices. Wonder if these are also susceptible to these kinds of shenanigans and ne'er-do-well tomfoolery?
I also hail from that era.
When simpler was actually better.
Nowadays the average PC is burdened with a virus (windoze) & maybe a couple of trojans or three...
WordPerfect 5.1 for DOS was the best. Small, fast and stable. Not unlike the 500Mb+ bloat of today's crap just to write a simple letter lambasting the local council for their lack of attention to detail.
And email clients also bloat as well. Not to mention complexity.
Where did things go wrong?
All is good and well using the cloud for backups, but, as noted in the comments above - what if the provider decides that said service isn't profitable anymore?
One more reason NOT to rely on the cloud for a backup solution.
Rather get a NAS+server solution, plonk these down in a secure location (which will be a headache, but can be sorted out) and use this for remote backups for critical company data... no more worries about somebody snooping around in sensitive corporate data (which is a possibility with cloud storage).
Another thing most people overlook with cloud storage is what happens if some critical upgrade is applied incorrectly? Then most, if not all, backups will be gone in a flash, never to be recovered. This kind of thing happened before (there's a couple of articles on El Reg) and will happen again.
Terabyte backups = the bane of limited-budget sysadmins all over the world
I enjoyed his stories, and most are food for thought, most especially Fahrenheit 451.
I found it odd that Equilibrium (movie) shared the same storyline as F451 to a degree, but with the addition of 1984 (Big Brother = "Father"), The Matrix (Grammaton Clerics) amongst others.
Pfft, you youngsters did not experience the dark old days, before mobile phones, when all we had was pagers, or nothing.
Wussies, the lot of you who can't survive ten minutes without pecking at your cellphone like a chicken on steroids.
Email administrator's worst nightmare - finding his/her email server compromised...
Glad I don't do email admin anymore. And I don't miss it. But I learnt a lot, and developed skills around that.
Already received two suspicious MMSes - luckily I disabled MMS auto-retrieval on all my Android devices.
I have a Symbian device (Noka 5230 phone) - maybe I should switch off Android*.* and go over to Symbian for a while until all this bollocks have been sorted out...
Or, an alternative. Disable 3G/cellular and use wifi only - that way no pesky SMS/MMS messages will come through.
Wonder how Windows Mobile is coming on... may be a good choice. Pity Symbian's dead.
Wot? No Sir Clive?
Would've been ironic if one of the drone operators lost his car/house due to his own stupidity....
Why not do like any normal M$ server does and lock the account out for x minutes after y incorrect login attempts? Not sure if *nix offer this kind of feature though...
Coupled with a script to ban offending IP's for an hour, then two hours, then a day, then a week should keep most accounts safe... or am I talking to a brick wall?
What the **** is it with a live link to SourceForge.net and getting blapped with spamvertisements? :/
Quite easy to spoof DNS and have the keyboard software update itself from a malicious server...
One of the many reasons why I'm going to ditch Samsung and look at something different. (Not Apple or Microsoft/Nokia).
Even backing up to a removable hard drive is not good enough - because cryptolocker.
The best strategy is a three-pronged strategy. (Others may correct me as they see fit).
First stage - backup to an external hard drive hourly.
Advantages - quick recovery, especially undelete/undo folder move operation (can also use shadow copies)
Disadvantages - Cryptolocker or other forms of data corruption can occur quickly.
Second stage - weekly backups to a separate server in a separate building.
Advantages : if main building burns down, you can recover quickly.
Disadvantages : Your data may be anything from 3 to 7 days old.
Third stage - backup to tape.
Advantages : Can store for long periods
Disadvantages : Not quick to restore, prone to failure if reused too much, need frequent testing
Fourth stage : Backup to cloud (daily/weekly/monthly)
Advantages : Totally offsite
Disadvantages : Are your data really secure?
So maybe we need to take a look at punch cards again?
Problem is our judges and courts are not impartial anymore.
So therefore we will find another way.
V for Vendetta.
Some more background on my country...
"he he he he" chortles the Zoomster in glee as another R250mill is made available for upgrades and enhancements at Nkandla....
No fallback fault-tolerant option available?
Not going to go Samsung anymore.
Will rather go to LG, HTC, Sony or some other brand. Just not Apple.
May she recover speedily.
Let's talk bloatware for a little while, before shunting back to topic.
I own two Samsung phones. My first is the venerable Galaxy S, which, until a month ago, ran stock Android. I decided to take the plunge into modding and plonked Cyanogenmod on it.
It ran beautifully, all the stock bloatware was gone, and battery life improved by 50%.
My second, the Galaxy 3 Mini (GT-i8200) still is running stock Android and we hateses it, we hateses it, we hateses it forever. No way of getting rid of unwanted bloat, and there is no easy way to upgrade it to the latest and newest Android... Add to that, some simple charger circuit woes, and I have decided to shaft Samsung and buy something else the next time I'm due for an upgrade. Adding to my woes is the unavailability of a Cyanogenmod ROM for this phone.... but rest assured, as soon as the ROM is available, I'm so going to root it.
So... in the end unwanted bloatware does not endear to end users, who will simply detest it as it just chomps the battery, causing the end user to charge more frequently, causing you to put a little more strain on the electrical grid...
As the one poster up above said :
"It should be an option on first run with a tickbox defaulted to 'no'. If 'yes' is ticked then the bloat should be downloaded."
Make it a default option for users, the user will decide whether bloat be installed or not, NOT the manufacturer. Power users do not need bloat. Finish en klaar.
Now, back to the topic - if Microsoft make their [-]apps[/-]bloatware available via the Play store, then we can decide yea or nay, and it will be providing more realistic statistics as to the popularity of their apps.
Not for me, I think. Thanks, but no thanks, I'll stick with OpenOffice and stuff I know. Don't need paperclip-wielding daemons to haunt my documents etc at all... The smaller (and simpler) the office app, the better. Heck, you will only need left/right/middle justify, bold, italics, underline, various fonts, font colours for a basic document as it is virtually impossible to type up a 10 (let alone a 100) page report on a cellphone before cramping of the fingers set in.
Leave the 10 (and 100 or 1000) page documents for laptops/desktops with proper word processors.
What about creating a default-deny state on computers?
Meaning any kind of program (whether software or hardware) will not be able to run - at all - until their existence have been verified and approved by the operator?
The only drawback to this is that you'll be overwhelmed with a plethora of access requests, or that somebody who don't understand the implications, will grant running rights to a nasty piece of malware.
In the end...
...when an image is flagged as "abusive" it still need a human eyeball to discern whether it is KP or not.
I pity the poor sod whose thankless job it is to view all those nasty images thus flagged...
...here I'm synchronizing (one way) all files to a server on an hourly (or so) basis. Files that get deleted by accident is not deleted on the target server.
Then there's another server which is used for a monthly backup - since it's quick just to synchronize changed files (but not deleted) across. (Tape is taking too bloody long).
Then, finally, a tape backup to commit to long-term all the files/directories directly from the main server. A 5-day backup job.
Last time I had cryptolocker, I was able to recover files from the monthly server quick quick after zapping the cryptolocker'd PC. No need to wait for 5 days or so for files to be restored from backup.
And the backup server and tape streamer PC is in a different building (at last) than the main server.
I'm a lazy bastard, and have no wish to restore a file server from scratch.
Cheers to the other sysadmins out there...
all the way!
Bring back the humble Nokia 3330 :D
Hoo boy, this is going to be really interesting...
PRINT USR 0
So wishing I could donate a lot of these Fun Loving Gummy Bears to our local parliament and government...
...and Mario won.
All patent trolls need to experience the same treatment - and close up shop for good.
...and for Android devices too?
Hopefully it'll also be compatible with Android devices - will be cool if you can be seen banging away at an old Speccy in order to write up an expenses report for the Bossly Unit...
High time to find that Speccy in the cupboard and see whether it is possible to tack on some cheap Bluetooth chippery...
Had my bag of fun with this piece of garbage.
The attack vector was something like this : luser allowed her son (against IT policy) to install and run games on her work laptop. I suspect her son caused the laptop to be infected with CL either by opening an email attachment or the such. It proceeded to encrypt every single .doc, .xls and the such files on said laptop.
Then it displayed its ransomware notice.
Her son tried to uninstall it, but panicked when it changed the desktop background to the infamous CL background bitmap.
He sbould've left it there, but he didn't, and downloaded (and reinfected the laptop) with CL accordingly to the instructions given.
Then mommy came to work with said laptop, plugged it into the network, and did some work.
Then she proceeded to phone me.
Worst day ever. I killed her connection, and had to restore from a backup... Luckily it was only her laptop, her home folder on the server and one directory with lots of .PDF, Word and Excel files affected - and the corruption didn't spread to the automated backups yet....
She was under the impression I could "google for a fix and way to remove it" .... Hopefully the loss of her photos and other (not backed up) documents on her laptop will make her think twice now....
Had to do a fresh windows install on a new HDD as I could not get rid of the CL trojan at all... Will probably format and reinstall that HDD at some later stage.
Going to introduce (and enforce) new, tougher IT policies next year. Lesson learnt.
Made my Friday better.
Gotta try this one day... <evil laugh>
Thorin starts singing about gold
>KILL THORIN BY PUSHING HIM INTO THE OPEN ELEVATOR SHAFT
You pushes Thorin, quite by accident, and in the darkness, into the open elevator shaft.
Is this the beginning of the end?
Re: What's new?
How long does it take to collect the reading? Just a matter of pointing the instrument towards the meter, and off you go?
Here in Guptastan (formerly Gauteng) they do it the old-fashioned way - open the cover for inspection. Frequently the oke doing the inspection get his numbers mixed up, leading to billing chaos.
We email our 'leccy and water figures in to the loonicipal offices every month to avoid a cock-up on our bill.
George Orwell was spot on...
Rollback to 1984, and commit.
Love this command :D
Makes recovery soooo much harder :D
And welcome back, oh mighty BOFH :)
But what about the iPhone5 then?
If the factory itself struggles to produce scratch-free iPhones, then what'll happen should some poor sod plop his iPhone5 down for repairs?
Should be interesting "Shop scratched and ruined my iPhone5!!!"
Wot a daft idea. 'Ere, 'arf a brick at this idea.
They can implement self-expiring ebooks, but there will be ways and means to keep those books from expiring.
What a waste of money and time.
We need a Sparta smiley.
Gonna be ironic if the new batteries promptly overheat and vent with all the execs on board, high up in the sky...
Ne'er-do-wells can jolly well take a hike!
On PC's you have to contend with trojans and viruses.
As if that isn't enough, you also have to contend with malware on smartphones...