* Posts by alain williams

685 posts • joined 29 May 2007

Page:

Administrator tries to squeeze blood out of Stone Computers' parent

alain williams

I still don't see

how they can sell the assets and ignore the debts.

2
0

German spies sold out citizens to the NSA in exchange for super-snoop-ware XKeyscore

alain williams

The only safe assumption about the spooks ...

is that they are all at it. It is probably reasonable to take their butter-does-not-melt-in-my-mouth statements that they are within ''rules'' as just more deception to the man in the street: either following rules that few know about or just bare faced lies.

The more interesting question is which of their political masters know the full extent of what they are up to. I doubt that none of the politicians know the full extent - just how many ?

2
0

PINs easily pinched with iPhone-attached thermal imaging kit

alain williams

More attacks ...

if an ATM is not always in use, spray the keys lightly with a powder (talc would do) and when the mark has gone - see which ones have the powder rubbed off.

All sorts of variations. Interesting.

1
0

Microsoft will explain only 'significant' Windows 10 updates

alain williams

Documentation takes effort ...

and organisation. Maybe their internal systems are so chaotic that they don't really know what has changed. Maybe they don't know all of the changes that have been supplied by: the large number of internal teams, the NSA, device drivers from hardware manufacturers, the lot in India that they outsourced something to, ...

The above might be wrong: but many will suspect that this is what is happening.

9
1

NSA-resistant email service Lavaboom goes BOOM! (we think)

alain williams

Code on github

Well their source code is up on github, so if anyone wants to continue their work they can do so: https://github.com/lavab

A sensible idea to make is open source -- who would trust anything like this if it were not. However: they were going to run it as a service, I don't know how they were intending to demonstrate that the code that they were running was the same as the code on github.

4
0

Linux 4.2 release 'possible' for next week, if Linus feels good

alain williams

Re: Wow

And the *nix crowd actually think this is a better leadership/management than MSFT? Really, 1 person controls your destiny.

Most projects have one person (or a small team) who review the current state and decide if/when a release should happen. This is true for both commercial and Open Source projects; the difference is that with most commercial projects (eg MSFT ones) this review process remains hidden, so you don't get to see the hums and has although you might see a slippage from an announced schedule and not know why.

One of Linux's strengths is that the review process is open to public gaze; also Linus releases ''when it is ready'' and not when some marketing team or accountant says he must.

Please learn about the Open Source processes before criticising - don't flaunt your ignorance.

11
2

Rise up against Oracle class stupidity and join the infosec strike

alain williams

Ethics in business ...

is, unfortunately, rapidly dying. Make money no matter how - who cares how?

One other story today is shops in airports telling customers that they needed to see their boarding passes ''for security reasons'' - when the true reason is that if the customer is flying out of the EU then the VAT does not need to be paid to the tax man and the shop pockets the difference.

Sales assistants were telling the customers fibs. While some of them might not have known the real reason someone did and was happy to have the customers lied to. This is a complete abomination. If they lie on things like this - what else will they lie about ?

3
0

Apple and Google are KILLING KIDS with encryption, whine lawyers

alain williams

Eat fewer doughnuts

is the message that Cyrus Vance Jr should be telling New York cops - ''get off your fat backsides and go and do real investigative work rather than sitting around''. The cops are getting lazy & fat: next up they will be complaining that criminals refuse to just hand themselves in.

7
0

Dying cipher suites are stinking up TLS with man-in-the-middle vulns

alain williams

NSA & GCHQ fail

Part of the remit/mission-statement for both of these organisations is to protect the communications of citizens of their countries from 'foreign adversaries'. Both of them have the skills & budget to properly design TLS (or replacement) to have fewer holes.

Unfortunately: another part of their remit is to break Johnny foreigner's communications - in part they use holes in TLS, etc, to achieve this. There is suspicion that they have weakened or made overly complex the various security protocols & procedures. This might make it easier for snoop on foreigners, but it also makes it easier for foreigners and various crooks to snoop on us.

There is a tension between these 2 different remits, they have settled this by focussing on breaking/weakening TLS. Why ? It is quite simple: they can be held accountable for missing a 'bomb plot', but if a hole in TLS is used to break into big business & syphon off millions they can deny any responsibility - conveniently forgetting that closing TLS, etc, holes is part of what they should be doing.

Our idiot politicians don't help, few of them have any real clue as to what is going on.

5
0

Huge hack attack: UK data cops to probe Carphone Warehouse breach

alain williams

Why I did not buy from carphone warehouse

I tried to buy 2 new 'phones from carphone warehouse a few weeks ago, an outright purchase, not on contract, I have a connection only SIM with giffgaff. They asked for my name, address, ... I refused saying I was buying a 'phone & saw no reason to give them all of that. They said that it was company policy to insist on the information and refused to sell anything to me without that info. I left and bought what I wanted elsewhere.

I now feel quite happy that I did insist on preserving my privacy.

2
0

Cloud computing’s refuseniks: How long can they hold out?

alain williams

Want to buy something - then I will sell it to you

If IT managers do not want a cloud based product there will be a vendor who will sell that (non cloudy) product to them - it is called supply & demand.

The problem may be with large vendors (eg MS, Oracle, ...) who insist on going cloudy or jack up the non cloud prices. Also those who make it very hard to migrate away from their product. Organisations may need to do what the vendor wants.

This is why when buying into something you should always be clear how easy/expensive it will be to move away. Another reason for using Open Standards.

19
0

Hurrah! Windfarms produce whopping ONE PER CENT of EU energy

alain williams

U.K. National Grid Status

OK, electricity only, but it is showing wind as 8.21% as I type: http://www.gridwatch.templar.co.uk/index.php, France at 11.88%

2
0

Five data centres you can't live without

alain williams

El-Reg ?

Where is El-Reg served from ?

0
0

Ballmer's billion-dollar blunders: When he gambled Microsoft's money and lost

alain williams

Furniture ?

Maybe Ballmer should have started selling a line of chairs ?

12
1

YOU! DEGRASSE! It's time to make Pluto a proper planet again, says NASA boffin

alain williams

Re: This isn't science

A rose by any other name would smell as sweet.

Let's get on with looking at the great pictures from New Horizons.

2
0

How British spies really spy: Information that didn't come from Snowden

alain williams

Re: Why are they not more often in the news ?

If you listen carefully when Theresa May (or similar) is trying to convince us that this surveillance is effective they say something like ''had found xx suspects'' - translation: ''our monitors went ping over xx people who we shall investigate''. They do NOT say how many people have been convicted (or the ping found to be true) as a result of Internet surveillance, presumably because this would be much less than xx and so less persuasive that letting snooping continue is a good idea.

Any experienced politician or press facing civil servant knows how to present numbers deceptively.

16
0

Office 365 prices 'to rise by up to 13 per cent'

alain williams

Libre office price up 100%

But since it was free in the first place, it is still free!

19
2

Welkom in Nederland: Laid-back, chilled, and MONITORING everything

alain williams

I was pleased to note:

If they are going to force people to decrypt data I was pleased to note:

either by providing encryption keys or turning over decrypted data

Handing over a piece of plain text is, IMHO, much less bad than having to hand over keys. You know what the spooks have, something presumably itemised in a court order. Hand over the keys and a lot of other stuff is now readable by them as well.

5
0

SEX-starved worm can GIVE HEAD to ITSELF to reproduce

alain williams

Seen it on video

Does that count towards one of the 200 porn videos that you watch every year ?

http://www.theregister.co.uk/2015/07/01/entire_planet_watch_200_smut_videos_year_research/

9
0

Get READY: Scientists set to make TIME STAND STILL tonight

alain williams

Seconds for computers, convert for humans

Time in seconds should be how computers see it.

Time broken up into minutes/hours/days is done for the convenience of humans - who cannot deal with large numbers - who knows that 2592000 seconds is a (30 day) month ? The time convertion routines will deal with leap seconds.

Slight complications with some applications, eg bank interest is computed in days - be they 86400 or 86401 or 86402 seconds long. Programmers will get used to this and will cope, it will become part of the 'tradition'.

Fiddle the issue now and we will just end up being hated in generations to come when they have a big problem to deal with - and their computers will not deal with them since that is not the way things will be done.

1
0

US SaaS firm bows to Snowden concerns with UK-based datacentre

alain williams

Re: Yeah, rigth.

They would need to set up a subsidiary over which they only owned shares but had no executive control and which was guaranteed to not employ any USA citizens. Then: when the USA court comes sniffing the USA based company could show its requests and the two fingered replies that the European company was giving it.

Even then: I am not convinced that this scheme would be good enough.

2
0

Pirate MEP pranks Telegraph with holiday snap scaremongering

alain williams

New South Wales public parks

If you want to take pictures in a public park and use them commercially you need to pay:

http://www.onlineopinion.com.au/view.asp?article=410

2
0

As the US realises it's been PWNED, when will OPM heads roll?

alain williams

Re: Shit happens...

Extradite Gary McKinnon. Sorted

More or less what I was going to write. Gary only got in because of hopeless sysadmin practices in the USA (eg not changing default passwords). Have these clowns learned nothing in the decade since then?

It seems not - the hunt is now on for scapegoats and then not bother to smarten up their act.

20
1

Pluto plastered in what looks like 1970s orange wallpaper – proof

alain williams

Re: Twice the goodness

TWTA = Traveling Wave Tube Amplifiers, see: https://en.wikipedia.org/wiki/Traveling-wave_tube

0
0

Furious Flems fling privacy rule book at Facebook

alain williams

Don't worry facebook - TiSA will save you

The secret trade deal will, by all accounts, let facebook abuse everyone's personal data. Big business seems to know what is going into this while those affected by it (ie us) will be kept in the dark until it is too late and the politicians can retire on various 'contributions'.

See:

http://en.wikipedia.org/wiki/Trade_in_Services_Agreement

https://wikileaks.org/tisa/

1
0

Passions run high in EU parliament debate over air passengers' privacy

alain williams

How many lives saved, what cost ?

How much has all this collection cost ? Would we have saved more lives giving that money to the NHS?

4
1

OK Google, how much of my life do you observe and disturb?

alain williams

Subject access request

has anyone made one to google to see what it has about them - and got a reply ?

0
0

Russia and China seal cyber non-hack pact

alain williams

They will just outsource it ...

to someone else. I doubt that they really believe that the other will stop trying to crack them, this is just for show.

2
0

Small WordPress sites leaking like sieves

alain williams

Re: There are benefits...

I dislike WP intensely largely for this reason. I want to install the programs/scripts read only - preferably using the OS installer (eg: yum/rpm or apt-get). It is also hard to have one copy of the scripts and use them in several sites. WP makes this very hard, they entire mindset of the developers seem to have little clue about large scale system admin and want WP to do everything.

Also: they seem to favour features over security -- get something working quickly, worry about good coding later.

2
0

Cop in gay porn film advised to put his helmet away

alain williams

carrying out extensive unauthorised checks on the Police National Computer database.

These are the ones that really concern me. The police are given special privileges to find things out about us - ANY abuse MUST be met by a high profile dismissal and loss of pension.

I could not see how many of these were caught, but I suspect that the numbers reflect no more than the top of an iceberg.

21
0

SHA-1 crypto hash retirement fraught with problems

alain williams

Old android

The problem here is that many manufacturers of phones, etc, lose all interest in some hardware once it is more than about a year old. However a lot of us buy a phone and expect to use it for many years - why throw out something that still works ?

4
0

France wants to make les citoyens' health data available to world+dog

alain williams

Let the first records to be released

to include those of the French president and all members of the national assembly.

What do you mean ... some should be excluded ... why ... is it not really safe then ?

7
0

Sweden releases human genome under Creative Commons licence

alain williams

What to do with it ?

What now ? Forks and distros ?

Yes - I have my own copy, slightly different from yours, and I have given versions, free of charge, to my kids.

Sue me if you don't like what I have done!

4
0

SEX: Naughty female stegosauruses offered it on a PLATE

alain williams

Would those plates ...

have made her dishy ?

12
0

Something's missing in our universe: Boffins look into the SUPERVOID

alain williams

It was being filled

Ah, so that is the hole that the bankers were trying to fill - I always suspected that they weren't quite as bad and selfish as they had been portrayed!

1
0

Ad-blocking is LEGAL: German court says Ja to browser filters

alain williams

Re: It's my computer

Adblock Plus should countersue for theft of bandwidth.

No, it is you & I who should sue for use of bandwidth - unless Adblock plus coordinated some sort of class action.

I can see the admen trying technological mechanisms to stop me viewing their content unless I viewed ads - but what they don't understand (or refuse to) is what I don't like:

* ads that start autoplay of video or sound

* ads that use up a lot of screen space

* ads that pop up/under

* ads that download a lot or slow my browser

* sites that run javascript off random servers/domains that I don't know what they are and suspect are tracking me

* intrusive ads

Nice, small, discrete ads I can put up with. Anything else - piss off!

52
0

VMware fires Photon torpedo – a homegrown Linux for microservices

alain williams

Will it really obey the GPL ?

Or will this be another case of VMware ripping off open source. There is already one case rumbling to court in Germany:

https://lwn.net/Articles/635290/

6
4

Finally, Mozilla looks at moving away from 'insecure' HTTP. Maybe

alain williams

Re: Bad idea

You don't need one IP address per site if you use SNI (Server Name Indication). The main problem is that this is not supported by MS Windows XP - which although down to about 17% ... is still some time before web site owners consider it unimportant.

HTTPS is not secure if you can 'own' certificate authorities and/or DNS - neither of which is hard for governments -- so it comes down to who you want to protect against ?

5
0

Radio 4 and Dr K on programming languages: Full of Java Kool-Aid

alain williams

Re: “Goto statement considred harmful”

People forget that what he was talking about was that excessive use of goto is harmful. It harks back to a day when many programs had a goto every 3-5 lines -- that is spaghetti code. A small number of goto and corresponding labels can make the code cleaner by avoiding the use of ThereIsAnError type variables that are continually tested until the error handling code at the bottom of the function is reached.

Here is a nice article on the subject: http://david.tribble.com/text/goto.html

12
0

NSA: 'Back doors are a bad idea, give us a FRONT door key'

alain williams

Re: Github

Quite possibly: good encryption is hard; but just because one group got it wrong does not mean that they all will.

12
0

PHYSICS APPLECART UPSET as dark energy disappears, Universe slams on brakes

alain williams

100 watt bulbs

The findings are analogous to sampling a selection of 100-watt light bulbs at the hardware store and discovering that they vary in brightness

I always knew that these low energy bulbs were not what they were cracked up to be. Don't last as long as claimed either.

4
3

David Cameron's Passport number emailed to footy-head

alain williams

Re: Is it such a big deal?

So if they want a copy of your passport so that you can see what information they hold about you, does that not suggest that they did not do enough to assert who you were when you signed up on their web site in the first place ?

Surely: give the exact same information (be that true or false) should be enough.

0
0
alain williams

The wrong address is not the real issue

Sending the list by (presumably unencrypted) email is a bigger problem. Sending email is like putting a post card into a letter box, it can be read by anyone who handles it. So: this email has potentially been read by all sorts of people.

This is the REAL cluelessness - it seems that el-reg's journalists have also forgotten this problem with email.

OK: in this case the NSA has already got this information, but who knows who else has tapped into the Internet routers that the email went through ?

1
0

VMware channel confirms price hikes from next month

alain williams

They need to pay their lawyers

who are defending them in court over their GPL infringement: https://sfconservancy.org/linux-compliance/vmware-lawsuit-faq.html

They will need even more money after they have lost to rewrite their code so that it does not rely on them just grabbing someone else's code and ignoring the license.

They would be very upset if others did that and used their product without paying them ... thinking about it - since it is based on GPL code, it must be licensed under the GPL, so you can do that - just take a copy and use it where you want to.

1
1

Hello? Police? Yes, I'm a car and my idiot driver's crashed me

alain williams

Will it be easy to disable ?

Will it be legal to rip it out of your car ?

2
1

Respect mah privacy! EU delegation begs US to play nice with data

alain williams

Re: Lip service..

That is all the MEP delegates will get from the US...

Not true - Monica Lewinsky no longer works for the gov't of the USA.

0
0
alain williams

Even if the USA gives assurances

the lying toads will not lose any sleep by living up to the promise. The NSA will just continue to slurp up whatever it wants citing Four Horsemen of the Infocalypse: terrorists, drug dealers, pedophiles, and organized crime.

17
0

OpenSSL preps fix for mystery high severity hole

alain williams

Re: Software written in C contains bugs, that will include Java then...

The definition of debugged software is: software in which the bugs have yet to be found.

Ie all non trivial code contains defects.

6
0

VMware wants amicable end to 'meritless' Linux-lifting lawsuit

alain williams

Re: A nice donation?

There is a relief for breach of GPL that is written into the GPL: release the offending code. VMware could become GPL compliant by releasing its code under the GPL.

Quite simple really.

3
0

Crap employers banned from enforcing backdoor crim records checks

alain williams

Could I do a crim check on a prospective employer ?

That would be very interesting - especially in banking circles!

4
0

Page:

Forums