Feeds

* Posts by Velv

1267 posts • joined 21 Jan 2010

Page:

Banking apps: Handy, can grab all your money... and RIDDLED with coding flaws

Velv
Silver badge
Gimp

Re: Just don't do it

"Additional think like hardware encryption..."

So that would be Apple iPhones then. Hardware encryption as standard (3GS and later). I haven't investigated any others.

As for the communication channels, they're the same for all Internet access, so you might as well restrict yourself to performing all transactions at a branch. And carry lots of cash. And be even more vulnerable to attack.

0
0

RealVNC distances itself from factories, power plants, PCs hooked up to password-less VNC

Velv
Silver badge
Pirate

And people wonder why the Architecture team screams when some techie suggests "Let's just install VNC"

Don't get me wrong - there's nothing fundamentally wrong with VNC, or most of the other remote control tools - AS LONG AS THEY ARE CONFIGURED AND SECURED PROPERLY

To quote the great Robin Williams - "it's like partial circumcision - you either do it properly or you fucking forget it"

5
0

Apple's iWatch? They cannae do it ... they don't have the POWER

Velv
Silver badge
Mushroom

Why don't they just buy Pebble?

Probably a better product already, so just stick it in an Ive's case

0
3

Dragons' Den man and co-CEO to work for FREE at loss-making Outsourcery

Velv
Silver badge
Joke

First it was Brighton. Then it was Fleetwood. Hastings came next, then most recently Eastbourne.

Which of our famous Piers will be next to go up in flames?

0
0
Velv
Silver badge
IT Angle

Re: Maybe he should go into the Den

I'll give him all of the money, but I want 35%, not 18.2%

1
0

YES YES YES! Apple patents mousy, pressure-sensing iVibrator

Velv
Silver badge
FAIL

Prior Art

The Heart Of Gold spaceship had motion sensing controls, and that's simply all this device does - detect motion through changes in pressure.

0
0

You've got three days to patch Adobe Flash, Air, Reader

Velv
Silver badge
FAIL

Re: Update management

Even if you use a third party update tool, you can't actually turn off the inbuilt Adobe Updater for Flash. If you want to stop it checking for and offering updates you need to set the check time to a large number as well.

I found this after being offered updates after turning off auto-update.

I then found this article: https://forums.adobe.com/message/6250514

0
0

Now even Internet Explorer will throw lousy old Java into the abyss

Velv
Silver badge

Great move, however the cynical side of me predicts a substantial number of internal applications failing in the business world.

Maybe it will encourage more businesses to consider refreshing their estate more often...

1
0

Target tosses US$148m onto data breach barbecue

Velv
Silver badge
Pirate

Another US$148m this quarter. Ongoing. Increasing.

And yet so many large businesses are continuing to scrimp and save on little bits of security "because it'll never happen to us"

Is your security as good as it could be. If you just answered "yes", prepare to be boarded. What was the best last week is old news and vulnerable. Security is a moving target and if you don't keep looking at ways of improving it you will be a victim.

1
0

New iGasm: Apple to unveil not one but TWO iPhone 6 models on 9 Sept

Velv
Silver badge
Gimp

You missed an option on the Poll

"Don't be stupid, El Reg is never going to be invited to an Apple event"

2
0

UK WhatsApp duo convicted of possessing extreme porn

Velv
Silver badge
Boffin

Re: unsolicited

If it's unsolicited, why didn't they delete it?

We're talking several months where it was on their device. The judge is right - we cannot permit "it was unsolicited" to be a defence for the continued possession beyond what would be a reasonable time to check and delete.

What is a reasonable time? Every circumstance may vary, but I'd have thought 99.9% of people check and clear their messages at least once per week. Most people are several times per day.

0
12

Pentagon hacker McKinnon can't visit sick dad for fear of extradition

Velv
Silver badge

I doubt the Merkins were even aware of the different jurisdictions jeopardy otherwise they'd already have tried something surreptitious to make him visit Scotland then nab him while there. Oh, little bit of a conspiracy theory there.

8
2

Scotland's BIG question: Will independence cost me my broadband?

Velv
Silver badge
Flame

"There is no reason, in a competitive integrated market, for companies to frustrate customers on both sides of the border by introducing roaming charges after independence."

Although there will be a currency conversion between Sterling and the Euro

2
2

Bitcoin on ATM? Pfft! We play DOOM on ours

Velv
Silver badge
Headmaster

Much as I commend you for your attempt at wit, Link is the agreement where cards from one bank can be used in an ATM provided by someone else, and Link make no charge to the card holder for this service. (Banks pay each other an interconnect fee of ~30p, but across the major providers that pretty much evens itself out since they all own some of their own ATMs that can be used by other banks).

Charges are levied either by the owner of the ATM, or less common, by your bank if its one of the few who charges for not using their own ATMs.

2
0

ICO: It's up to Google the 'POLLUTER' to tidy up 'right to be forgotten' search links

Velv
Silver badge
Facepalm

It's like trying to stop the phone from ringing by removing all the phone books.

If information is out of date, then it is the out of date information that should be removed, not the links to it. The links will disappear if the information is removed.

Politicians really don't get it, do they

8
4

MPs to sue UK.gov over 'ridiculous' EMERGENCY data snooping law

Velv
Silver badge
Big Brother

Conspiracy Theory

There is actually an extensive, ongoing, developed monitoring of a specific known threat. Why else would ALL parties agree to this rushed legislation.

I don't for one minute believe it would have received the support from Labour if Ed Milliband not been fully appraised of what his predecessors left behind and he would be likely to inherit.

Now I know David Cameron announced in a vague way that loss of data retention "would hinder investigations", but I'd suggest there must have been something substantially more tangible to present otherwise the opposition would have taken the opportunity to oppose.

Or maybe I just need a thicker tinfoil hat...

1
3

Banning handheld phone use by drivers had NO effect on accident rate - study

Velv
Silver badge
Boffin

Statistics are brilliant. Until recently that's how the insurance industry priced premiums. Male, 17, more likely to have an accident than a Female, 17, or a Male, 45.

There are types of people who are more likely to have accidents. It's largely down to attitude. It's a generalisation but it's been the foundation of the actuarial industry for centuries. So the people who adhere to the ban are typically those less likely to have accidents in the first place. Those who "know better" tend to be paying less attention irrespective of it being a phone, cigarette, CD, satnav, short skirt or any other distraction. That doesn't mean the ban is invalid. It simply means those who have chosen to ignore it continue to have accidents.

3
0

Orange spent weekend spamming customers with TXTs

Velv
Silver badge
Mushroom

Orange (and now EE) really piss me off with these texts. Despite following the instructions to STOP, they continue.

Why does it piss me off - well its not my phone, its my Mums, and she's not up to speed with this text thing yet. So I get a call - "my mobile's making funny noises, what should I do". I then need to go through the whole rigmarole again of explaining what SMS is and why she can ignore it

EE - get your act together. Opt-out means OUT. No texts. None. Nada. Keiner. Aucun. Nessuno. Or do you like paying those Ofcom fines?

3
0

Don't put that duffel bag full of cash in the hotel room safe

Velv
Silver badge
Headmaster

Re: Well there is flaw right there....

I think you missed the point.

A bypass needs to be available so the hotel can access the safe when the guest forgets the code or the batteries fail.

Makes sense to put the emergency access BEHIND a screwed panel to increase the attack time required. You still need the emergency key to actually open the safe.

"Bit like putting screws for the padlock latch on the outside but covering them with thick paint that clogs the slot"

2
0

Sit back down, Julian Assange™, you're not going anywhere just yet

Velv
Silver badge
Headmaster

"Although Assange maintains his innocence of the Swedish allegations – and no charges have been filed against him..."

Yes, that is why Police have powers of arrest - so they can investigate allegations and determine if charges are appropriate. They cannot charge him until they investigate fully, that would clearly be a breach of human rights or at the very least would jeopordise any potential trial as a technical failure.

The simple answer is that the Swedish offices come to Ecuador (UK) and interview Assange. They can then decide either to charge him, or remove the arrest warrant. That then only leaves the UK laws he's broken.

5
2

YES: Scotland declares independence ... from the dot co dot uk empire

Velv
Silver badge
Flame

Re: Subsidised?

So Scotland subsidises the UK. Great. That's what being part of a caring communal society is about. Those who can contribute more, do contribute more. A progressive taxation policy.

Or are you not aware of the proposed taxation structure from the White Paper. It's great how the poor insist "the rich should pay more" - well you know what - you're probably an educated technical person if you're reading El Reg. You probably earn above the national average. You're the rich, please pay more!!!

I'm guessing you're the petulant selfish child in the mirror of Mr Salmond. "It's our oil and we'll use the money for ourselves only and screw anyone whose poor 'cause its OURS not yours".

16
7

Popular password protection programs p0wnable

Velv
Silver badge
Boffin

You have important passwords, and very important passwords. Just because they are passwords doesn't mean you should treat them all in the same way!!!

I save passwords for many websites and other services (e.g. El Reg) in one of the above. What's the worst that can happen - someone can compromise my account and post as me online.

I keep my very important passwords in a completely different manner.

As has been said many times before, security is about layers - you're more secure the more layers of protection you have

3
0

Murdoch calls for ISPs to be liable for users' activities

Velv
Silver badge
Big Brother

A bit like the old desire to be a politician should exclude you for life, if Murdoch wants it, it should automatically be discounted as an option.

7
0

Amazon France routes around free shipping ban with €0.01 charge

Velv
Silver badge

Surely the law is ultimately counter-productive

Amazon sells at roughly the same price as a shop.

Amazon enjoys bulk discount from the publishers so on any given book it's profit margin is larger, so it can invest in quicker delivery and more customer service (and potentially other "benefits"). At the very least it would cover the delivery charges and then some.

Or does the law mandate that the publisher must sell to each vendor at the same price (wouldn't that encourage a cartel and be against EU competition law)

1
0

Google de-listing of BBC article 'broke UK and Euro public interest laws' - So WHY do it?

Velv
Silver badge
Headmaster

Utter rubbish. Google is under no legal obligation to "publish" anything in a search result.

Public interest law does not mandate that a search must return any particular item which may well be in the public interest.

1
0

iWatch watch: Apple tags sales bod from luxury Swiss watch firm

Velv
Silver badge
Gimp

Nostradamus

"Apple hasn't officially announced the arrival of its iWatch, but you don't have to be Nostradamus to see what's coming."

And yet ironically Nostradamus didn't see it coming

10
0

Brit celebs' homes VANISH from Google's Street View

Velv
Silver badge
FAIL

Nothing like obscuring something to peak peoples curiosity...

"oooooo, what's that bit of property I'm not allowed to look at online, lets drive by next time we're out in the car"

4
0

'Spy-proof' IM launched: Aims to offer anonymity to whistleblowers

Velv
Silver badge
Childcatcher

Doomed to failure. How do you police the content? (and don't answer "the whole point is that you can't")

By their very point of being anonymous, these services are designed to be used for illegal activity. So how do you separate the wanted illegal activity from the unwanted illegal activity?

Whistle blowing has proven to be vital to maintaining sensible balanced order in our society, so finding ways to ensure it remains safe for the whistle to be blown are important. But that must be balanced against unwanted side effects.

0
0

iPhone user SHAMEGASM: 'I beg of you', delete sex app from my purchase list

Velv
Silver badge
Joke

I always thought the self indulgence induced by Apple products was called Macturbating

5
0

Big Java security fixes on the way – but not so fast, Windows XP users

Velv
Silver badge
Mushroom

I don't install Java on my own machines, but I'm required to use it on the corporate machines.

In my experience Java is rarely backward compatible, with 6 being widely deployed in multiple companies I deal with.

So it really makes little difference if Oracle supports versions prior to 8 or not, those versions are going to remain widely in use. Oracle may think it can claim "we told you to use the latest version", but ultimately it is going to need to shoulder some of the responsibility for the impending major security fail rooted in older versions since the new version doesn't work.

1
0

EPIC FAIL, FACEBOOK: FTC complaint against creepy mind games filed

Velv
Silver badge
Black Helicopters

Since the IPO took place in 2012 as well, it will not be long before a class action is launched by those who bought shares since this experimentation was not declared in the prospectus and is something that is likely to have a material impact on the share price.

0
0

Microsoft confirms Office 365 price rise

Velv
Silver badge
Flame

TCO

Doesn't matter what you use, you pay for it. Don't like Microsoft, fine, don't use Microsoft.

Use something free? Well, is it really free? You still have to pay to train users on a different product, probably more so if its not what they use at home or learned in school? You have to pay for support. Maybe not directly (although some regulated industries mandate vendor support), but you'll be training and employing specialist support personnel who probably command a higher salary than an off the shelf Microsoft monkey.

If only the world of business was flat and one product did everything for everybody. Well it isn't.

Prices go up. Nothing to see here but bitching from trolls.

1
16

Google BLOCKS access to Goldman client-leak email

Velv
Silver badge
Headmaster

Re: Autocomplete of e-mail adresses

The trouble with autocomplete is that you normally need to have used the full address at least once before it will then appear in autocomplete later.

And that would imply the contractor already has some form of relationship (i.e. a requirement to email) with the owner of the gmail address.

Something about the story as reported here smells funny. Either El Reg is reporting it badly, or more likely, Goldman et al are spreading the bullshit.

1
0

Virgin Media struck dumb by NATIONWIDE DNS outage

Velv
Silver badge
Trollface

Re: Hmmmm DNS ...

Yea, because giving google even more information about the websites you visit is such a good thing.

Run your own DNS server and leave it to look up the root hints

4
0
Velv
Silver badge
Facepalm

Re: Hmm

I just love the status pages.

I just love that they offer to send you an email when an issue is resolved.

I just love that it was email that was down, and they offered to send me an email when it was fixed... (I leave the reader to do the facepalm)

(yes, yes, I know, I could have used a different email address if I had one, or if I had push email it should have come through to my phone or I could of chosen to receive an SMS. But where would the Virgin bashing fun be in that)

1
0

Microsoft thumbs nose at NSA, hardens crypto for Outlook, OneDrive

Velv
Silver badge

I know we don't allow lawyers in the house, but here's an interesting question...

If Microsoft (or another provider) were asked for data and they hand over the encrypted files, have they complied with the request even though the NSA et al are unlikely to be able to read it?

0
0

Catch cack-handed baggage handlers in the act with Ericsson's SPY SUITCASE

Velv
Silver badge
FAIL

Nothing like placing a huge FRAGILE sign on something to ensure it receives the opposite treatment.

Looks like a fairly distinctive design, something that should stand out nicely as it enters the carousel system almost ensuring it receives the treatment it deserves (before being subjected to a controlled explosion as mentioned above).

0
0

Glastonbury debuts festival wide Wi-Fi network - fitted to COWS

Velv
Silver badge
Headmaster

Pictures, or it never happened.

0
0

France frostily foists flat fizz fear on ICANN's .wine plans

Velv
Silver badge
Big Brother

Just goes to show how ill-conceived the whole non-geographical TLD piece was. And I mean all of it, .com, .org, .everythingthatsnotacountry. And no, the Merkins don't own it.

Many recent cases have raised questions over jurisdiction and pinning domain names to a country is one way to help clarify responsibilities.

Until we live on a borderless planet we are stuck with virtual borders as well as physical.

13
1

Assange™ makes fresh bid for FREEDOM from Scotland Yard's 'physical encirclement'

Velv
Silver badge

Re: Fees

While I absolutely agree with everything you've said about jurisdiction, you forget that the Merkins believe they have jurisdiction everywhere on the planet irrespective of what has actually been signed by governments.

2
0

Unicode ideogram list-site Emojipedia goes titsup. Wow. Did you just give us the finger?

Velv
Silver badge
Alert

And the lesson to be learned from this story is...

... when you want to publish something new on the Internet that might be popular, publish it secretly in a quiet little backwater first and let google cache make a copy.

Then just point the waiting world at google cache and let them handle the load.

0
1

Tor is '90 per cent of the net' claims City of London Police Commish – and he's dead wrong

Velv
Silver badge
Alien

Police Commissioner - says it all.

An ELECTED official. Not a trained officer. Not someone who's risen through the ranks. Not someone who's actually down the day job.

Don't you know that its a requirement of accepting any publicly elected post that 99% of your brain cells are removed.

7
7

WORLD CUP SHOCK: England declared winner in 2-1 defeat to Italy

Velv
Silver badge
FAIL

Since I haven't as yet spotted a footballer stopping mid-game to read his twitter feed it can hardly be "which team sings loudest".

But the day will come...

0
0

DAMN you El Reg, CALL ME A BOFFIN, demands enraged boffin

Velv
Silver badge
Boffin

NO!

"On these pages, "boffin" has always been a title of honour accorded only to proper scientists and engineers ..."

PROPER SCIENTIST AND ENGINEERS

And in particular, not someone who is working in the field of peer readers here at El Reg such as a "security researcher" or "computer scientist".

Boffins are those who do Voodoo in other fields of science for which we cannot consider ourselves as having proper peer knowledge.

I'm not for one minute suggesting Dr Oren isn't worthy of our respect. But if I understand the technical aspects of his article says, he's not a boffin.

3
1

AWS breaks silence over Truecrypt's role in data import/export

Velv
Silver badge
Black Helicopters

Previous evaluation by respected security experts found no immediate cause for concern, and an independent scrutiny of the TrueCrypt source code is now well under way.

Assuming that code passes, I see no reason anyone would stop using that version of the product because of any subsequent action by the developers. Perhaps Amazon have already conducted an internal review of the source code and didn't find any reasons not to use it exclusively.

4
1

Report pegs Apple for October smartwatch release

Velv
Silver badge
Gimp

Rumours ... Apple ... %product% ... %month%

Meh

I hear Apple's developing a holographic imaging and projection system for Facetime so little images will stand up from the screen while you hold it flat in the palm of your hand. Just don't tip it more than 5 degrees or your friends will fall over the edge.

1
0

Brit lands on Rockall with survival podule, starts record attempt

Velv
Silver badge
Stop

"I find it extemely disgraceful that these charities exist and the government (of any flavour) doesn't step up to it's responsibilities towards those who they have put in a position of need."

While you may think it is the government who hasn't stepped up to its responsibilities, ultimately it is you and I. We elect the government, and more importantly, we pay the taxes.

I'm not for one minute going to comment on the relative merits of one group over another. But ultimately the pot is only so large and can only be divided so many ways. And you won't find a politician (whose self-glory, whose job, whose pay packet, relies on everyone's vote) willing to increase income tax to pay for all the worthy causes.

4
0

'THERE'S BEEN A MURRRDER!' Plod probe Street View 'slaying'

Velv
Silver badge
Boffin

So is it a murder, or a man assisting a heart attack victim?

The Guardian had a great advert in 1986 about Point of View. Anything could have been happening.

It would have been good if the Police had conducted a "full investigation" and asked Google for the original undoctored images so they could identify the perpetrator.

6
0
Velv
Silver badge
Terminator

The garage is in Leith.

A pick axe handle is the least dangerous thing I'd expect them to have lying around ! ! ! ! ! ! ! ! ! ! !

1
1

Spammer sprung to run Russian national payment system

Velv
Silver badge
Terminator

Frank Abagnale - poacher turned gamekeeper. See, it worked. Once.

0
0

Page: