* Posts by Woodnag

78 posts • joined 24 May 2010

Page:

BBC vans are coming for you

Woodnag

Re: 66% discount

Ah, but does your 'puter have to have a b&w monitor?

2
0

IoT manufacturer caught fixing security holes

Woodnag

Differs

"If there is a street with 1001 front doors with all the same make and model of lock fitted then somewhere one key will fit two doors."

That's the most secure possibility. The other end case is that all 1001 take the same key.

Since you're in the lock trade, what's happening with those loverley 10 pin Ingersoll SC71 locks now they are owned by Assa Abloy? AFAIK, it's the only really secure lock available to Jill Public. AT least in UK.

0
0

Thieves can wirelessly unlock up to 100 million Volkswagens, each at the press of a button

Woodnag

And...

...I upvoted you for your courtesy. Call it an untroll point :)

3
0

Some benefits of digital health to NHS may be delayed by consent model consultation – expert

Woodnag

Protection

I would happily let my aggregate stats be shared if the law mandates that if/when the data leaks, the CIO of NHS goes to prison to 2 years (1 after good behaviour) as absolute minimum sentence.

6
0

Three times as bad as malware: Google shines light on pay-per-install

Woodnag

Get your reader in full, untainted, from the FTP site...

ftp://ftp.adobe.com/pub/adobe/reader/win/

0
0

Privacy warriors drag GCHQ into Euro human rights court over blanket spying, hacking

Woodnag

Brexit actually hasn't happened

The referendum happened. But the invocation of Art.50 to start the Brexit clock ticking is similar to non-free Windows 10 upgrades: it's talked about for the future, but will never quite happen.

7
4
Woodnag

Not quite true

There are more than two names on the ballot.

2
0

Zero-day hole can pwn millions of LastPass users, all that's needed is a malicious site

Woodnag

So use both!

Lastpass for the non-finance, non-reputation damaging sites.

Keepass for the others.

2
0

What's Brexit? How Tech UK tore up its plans after June 23

Woodnag

Counting chickens etc

Brexit is not a done deal.

If it was, Article 50 would have invoked already and started the 2 year negotiation window.

The main hurdle, which the polititions are pretending doesn't exist, is that UK cannot negotiate post-EU treaties whilst it is in the EU. Thtat's EU law - all treaty negotion must be done under the UK umbrealla. UK is trying to get special treatment, but Germany for sure will not allow that, to stop others following.

Give it six months to a year, enough time for May to completely lock down the UK with snooper's charter etc, and she'll say that Brexit ain't happenin' old bean, and she'll call a general election. Probably win it too, if the media is handled right between now and then.

2
2

US govt is in, EFF told to take a hike in post-Safe Harbor wrangling over privacy and EULAs

Woodnag

eh?

"The refusal to include data privacy advocates in the case".

EPIC is a privacy advocate.

2
0

US drug squads told to get a warrant before tracking mobile phones

Woodnag

The point of the warrant

It's not that getting a warrant is much of a nuisance, but more that if a warrant is shown to be legally required to use hoovered up traffic, then historical cell traffic can't be admitted as evidence. So we will get more cases involving reconstruction of evidence.

The interesting issue will be if whether a case can be thrown out because the only hook that got the case investigated in the first place was an 'incidental intercept', i.e. without a warrant with the relevant reason and/or defendant's name on it.

1
0

UK patients should have greater data slurp opt-out powers – report

Woodnag

Actually...

...if you look at the word choice, " personal confidential data" is not what is being shared with world+dog for research anyway. So NDG is defending a straw man.

The two (unaddressed) issues are:

1. The metadata from the aggregate data can be de-anomomised (how many people have colon cancer stage 3 diagnosed at stage 2, 50-55 age range, married, smoke, don't drink, live in Gt. Manchester area, service/technician work level, obese, poor diet)

2. The personal confidential data will of course be shared with 'strategic partners', 5 eyes for a start

2
0

Microsoft to buy LinkedIn

Woodnag

MS account

Wonder if those of us without an MS a/c will be forced to get one to continue with linkedin?

0
0
Woodnag

Re: Delete me

They don't. If you 'delete' data, you simply become the only person who can't see it. I expect people with an HR account for vetting candidates look at what has been editted and deleted.

2
0

As US court bans smart meter blueprints from public, sysadmin tells of fight for security info

Woodnag

GPl

Grab the popcorn girls and boys. It would be so amusing if LandG were using GPL code and can be forced to open the whole source.

21
0

Manchester cops to strap on 3K bodycams

Woodnag

Storage

It's amazing that the police demand almost infinited storage duration for anything on the PNC, including illegally maintained biometrics on those arrested but innocent, yet they can only argue to store their own directly obtained evidence for a month. Talk about wanting to control the data.

And don't tell me that, despite the 31 day nonsense, the stuff isn't backed up by Cheltenham independently. Since 5 eyes want everything, why would they let this go?

6
0

Experian Audience Engine knows almost as much about you as Google

Woodnag

Wrong approach

That may give you a small amount of happiness, but won't stem the flow.

An underpaid human being opens the envelope, and you need to persuade that person to bother to mark you off the mailing list. It's worth doing, because there actually aren't that many financial institutions.

If addressed to me, I return the form in the prepaid envelope with the application bit crossed out with a felt pen, and the words "Kindly remove me from your mailing list". I that found kindly works better than please.

If addressed to A N Other, I return the form in the prepaid envelope with the application bit crossed out with a felt pen, and the words "No such person at this address - possible fraud attempt". Works well.

4
0
Woodnag

Hyperbole

"...you are bombarded with motorbike insurance advertising on every platform you go to."

You are 'bombarded with' exactly the same amount of advertising as before. The content is just targetted.

1
1

Windows 10 free upgrade offer ends on July 29th

Woodnag

upgrade

The announcement "The free upgrade offer to Windows 10 was a first for Microsoft, helping people upgrade faster than ever before. And time is running out. The free upgrade offer will end on July 29 and we want to make sure you don’t miss out. After July 29th, you’ll be able to continue to get Windows 10 on a new device, or purchase a full version of Windows 10 Home for $119." doesn't mention a price for upgrades, just for outright. So more games will be afoot...

2
0

Australia's Dick finally drops off

Woodnag

Re: Next on the list

That is an impressive name for a single stage FET amplifier.

2
0

Remember Netbooks? Windows 10 makes them good again!

Woodnag

Lubuntu vs Xubuntu

Been Lubuntu-ing for a few years, and like the simplicity, but random stuff just stops working until re-install, and PCManFM crashes about 1 in 10 times after copying files. Maybe try X.

0
0

Reminder: iPhones commit suicide if you repair them on the cheap

Woodnag

Paypal did that...

...and the lawsuit has just settled

0
0

Bigger than Safe Harbor: Microsoft prez vows to take down US gov in data protection lawsuit

Woodnag

Re: Winners?

It's not about privacy, it's about money.

MS, FB, Google would like the law to be clear that Gov doesn't have a right to this data. Passing the data becomes a commercial transaction, with contracts, not a obligation, with subpoenas.

MS, FB, Google have businesses selling their scrutiny of you to other businesses. They want to sell it to Gov too, not be forced to give it away, and not for Gov to accumulate it independently.

You privacy will still be up to you to maintain. Sorry.

3
1

Dialog box shut: Now Microchip is set to gobble up Atmel

Woodnag

Re: Missing the point of Arduinos

I suggest that for anyone aged 45+, the MCU arch that they go used to the most is the one they'll try their hardest to stick to, because they like to mix assembler and C. For the C++ generation, they care less. Wot's assembler?

1
3

Seagate floats out 10TB HDD filled with lifting gas

Woodnag

Shocked am I

N'article on HDDs, and no comments about how you'd never buy this brand because **insert horror story from 10 years ago**? Are you all still recovering from 2016?

1
0

Who's right on crypto: An American prosecutor or a Lebanese coder?

Woodnag

Re: Hard Copy of Key

Except in the USofA the solicitor gets served with an NSL with gag order to hand it over, and you are none the wiser.

0
0
Woodnag

Re: Nope, don't care

"If the authorities can persuade a judge to grant them lawful access to your data, then they have the right to access it. If you decline to co-operate and open your devices, then you can stay in jail until you abide by the warrant."

Sorry, too many compliant judges, too many warrant issued without genuine PC. You need to have the right to challenge the warrant before cooperating.

10
1

Juniper resets 'days since last rogue code incident' clock

Woodnag

Summary

Asian - here's the exec summary you'd like. No trouble, mate. Happy to help

1. By 2011 "GCHQ, with the knowledge and apparent cooperation of the NSA, acquired the capability to covertly exploit security vulnerabilities in 13 different models of firewalls made by Juniper Networks" <url>https://theintercept.com/2015/12/23/juniper-firewalls-successfully-targeted-by-nsa-and-gchq</url>

2. An external researcher or internal engineer found the security flaws. "The company said it discovered the backdoors during an internal code review, but it didn’t say if this was a routine review or if it had examined the code specifically after receiving a tip that something suspicious was in it." <url>http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors</url>

3. Juniper sat on it until the discoverer was at the point of going public.

4. Juniper's CTO made the "During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections" announcement to own the discovery <url>http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors</url>

5. Juniper issues fixes that don't fix all the security issues <url>http://www.wired.com/2016/01/new-discovery-around-juniper-backdoor-raises-more-questions-about-the-company</url>

A damning piece of circumstantial evidence is that Juniper won't be explicit about who/how/when the security flaws came to light. It would be to their credit to claim that they found it, but being caught lying (as opposed to evasive) would make their situation and trustworthiness so much worse. That implies that Juniper's hand was forced by the discoverer who was not under their control.

So, Cisco, got anything you need to need to do? Like go to court to get any NSA instructions to you judged illegal before you get caught?

1
0

Dell: How to kill that web security hole we put in your laptops, PCs

Woodnag

Re: software update process... will remove the certificate automatically

SO 'will run' is a lie.

0
0
Woodnag

software update process... will remove the certificate automatically

Dell: "A software update process will run from November 24 that will remove the certificate automatically from machines"

Really? Dell has some software running on my machine that can unilaterally alter the system without any decision on my part?

1
0

Superfish 2.0: Dell ships laptops, PCs with huge internet security hole

Woodnag

Re: Not on my Inspiron E5550 built around 20 August 2015

Per the removal instructions below, the fact I disabled the Dell Update and Dell Foundations services very soon in the setup procedure might mean it is coming in as an update through that route...?

0
0
Woodnag

Not on my Inspiron E5550 built around 20 August 2015

Running 8.1

0
0

Startup founder taken hostage by laid-off workers

Woodnag

I have heard layoffs called "lifestyle adjustments" by a VP.

1
1

128TB SSD by 2018? Toshiba promises much, delivers ... a little

Woodnag

perpetual right to watch a movie

But the streaming catalog from such as Netflix varies by their agreements. So you may be able to watch Delicatessen today, but perhaps not next year.

1
0
Woodnag

Media race

When CDs were released, copy protection was unecessary. When DVDs came out, people backed up to one or two SVCDs or single layer DVD. With 8TB drives available, it will be a race for the studios to render home media unavailable by popularising streaming, before people start building up movie collections on HDDs.

0
0

ICO probes NHS clinic's data blunder that exposed HIV+ status of 800 patients

Woodnag

"We recalled/deleted the email as soon as we realised what had happened."

Per Dr Alan McOwan, Chelsea and Westminster hospital NHS trust’s director for sexual health: "We recalled/deleted the email as soon as we realised what had happened."

Recall is only possible for in-house clients on the same server. So IT was not involved before this inadvised reaction, cos they'd have told him that. It's called compounding stupidity.

3
0

Microsoft will explain only 'significant' Windows 10 updates

Woodnag

Eh?

Since we don't have access to the source of "most commercial software", your assertion seems tough to justify.

8
0
Woodnag

Mint

I agree with you in general, but I am far more productive with O2003 than LOffice or Ooffice, and can't stand the ribbon of O2007+. Which means VB in seamless mode, which is ok, but I'd prefer a Win which is TweakUiable and non-invasive like the good ol' days, that runs early apps fine line Win7 does.

0
0

Microsoft drops rush Internet Explorer fix for remote code exec hole

Woodnag

XP

I've always understood that the main security issue with XP/2000 is that Internet Explorer's default settings leave it wide open. XP is fairly safe if you can use Firefox or other browser, because you just lock down IE to be safe. Go into Internet Options under Control Panel. Select Security tab, then Custom Level and set the options to "don't". And update your hosts file with something like Peter Lowe's list at http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=1.

Most other security issues are escaped by not opening attachments that you are not expecting. People don't analyse these things with any common sense. A friend got an email purportedly from UPS saying they had a delivery for her (sender not named), and she had to fill in the attached form before they could deliver. Luckily I had beaten the friend up to call me FIRST before succumbing to temptation. Are you expecting a delivery? No. When has a delivery agent ever had an email address as opposed to a phone number? When ever has a recipient had to fill in paperwork conditional on delivery for domestic mail? People see something official looking and don't analyse before twitching that mouse finger to have a look... and won't do a gOogle search first with a clip of text from the email to check whether it comes up as a known nasty.

1
0

Raspberry Pi gains new FreeBSD distribution

Woodnag

For those interested in servery type projects

FreeBSD has ZFS

0
0

Microsoft replaces Windows 10 patch update, isn't saying why

Woodnag

A) not really

Classic Shell is your friend.

1
0

CAUGHT: Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS

Woodnag

Re: Windows only though

So is there a patch for WinX to stop the BIOS being tested and executed?

Then could install Win with the machine internet-free, patch it, then connect and do the post-install upgrades.

0
0

Jail incompetent council folk who leak our data, thunders furious BBW

Woodnag

Re: Who's responsible?

Also, the law needs to reduce cover-ups by management. Perhaps have a central reporting station where possible leaks must be reported too ("I can't find that USB stick, but it may be at home") with in 24 hrs or suspected loss.

0
0

Safe as houses: CCTV for the masses

Woodnag

Re: NETATMO Ts and Cs

No, it is yours to sell. It's also theirs to sell. That's what non-exclusive means.

0
0
Woodnag

NETATMO Ts and Cs

Sure you want a company have to full rights to your security stream?

https://www.netatmo.com/en-US/site/terms

3.1 The User Generated Content (the 'UGC') is all types of information and material... includes all data transmitted by your Netatmo Product.

3.2 ... you hereby grant to Netatmo a perpetual, irrevocable, non-exclusive, worldwide, royalty-free license, with the right to sublicense, ... on any of your UGC, in any media now existing or hereafter developed... You hereby waive any rights of publicity and privacy with respect to the UGC.

14
0

Microsoft vacates moral high ground for the data slurpers' cesspit

Woodnag

Two good answers to that

1. The Innocence Project https://en.wikipedia.org/wiki/Innocence_project shows otherwise

2. Khow any suspect, who happens to be a law enforcement officer, who tells all rather than shuts up and demands a lawyer?

3
1

Microsoft's Windows 10 Torrent-U-Like updates GULP DOWN your precious bandwidth

Woodnag

Being a noob on Linux....

"Being a noob on Linux I rely on the prescribed suppositories".

Er, updates are meant to be uploaded to your computer, not 'intimately' shall we say.

12
0

Google dumps ISP email support. Virgin Media takes ball, stomps home

Woodnag

Maybe

Except for emails to/from someone with a gmail a/c.

0
0

UK surveillance commish asks CCTV operators to please be good

Woodnag

Good question

About 20 years ago, I had similar conversation with the top dog at a small UK company who built security cameras/recorders. He said that no compression was allowed if the recording was be entered as evidence to court. So analogue cameras, feeding VCRs. But if the suspect confesses, no need to present the recording.

1
0

The finest weird people in the world live here, and we're proud of it

Woodnag

Sillinesses

...and vetting agencies for prospective employees still ask for a 'transcript' for a UK university degree, despite UK universities never having provided these.

1
0

Page:

Forums