* Posts by DanDanDan

216 posts • joined 17 Aug 2010

Page:

Gone in 70 seconds: Holding Enter key can smash through defense

DanDanDan

Re: Not the whole story:

Quite. This article is severely lacking in several key details.

"With access to the shell, an attacker could then decrypt Linux machines". The implications are that this decryption would be easy. The reality is that you'd have access to a root shell, with an encrypted hard disk. How useful this is depends on the specific environment, but at least for me personally: as long as the "hackers" can't access any of my personal info on my hard drive, this is no worse than them bringing their own laptop and plugging it into the right sockets (with the MAC address of the network card spoofed). If the network is hardened correctly, then it's No Big Deal.

Gaining access to an environment where you can't actually see or do anything is arguably not really useful at all.

11
0

Kids today are so stupid they fall for security scams more often than greybeards

DanDanDan

Re: Wonder if they are any better at butchering stats?

Not to mention the discussion about how the study was done (people who have been scammed may be more likely to take part in the survey), the percentage of people of different age groups who regularly use the internet/dodgy websites on the internet (if millennials spend more time on the internet or torrenting, they're much more likely to be scammed). Altogether if the variables that were controlled for are not spelt out, the underlying data is less than useless. Not to mention the clickbait title.

"The proliferation of tech support scams on torrent sites could suggest millennials are more likely to encounter the ruses, though this is not mentioned in the report." - This report is attention grabbing nonsense to make the older generation feel good about themselves.

5
0

Pair programming – you'll never guess what happens next!

DanDanDan

> boiling with so many "why the hell did you do that?" questions ... its simply unworkable for experienced programmers.

If your code is not understandable (or not commented), then it's not maintainable. I can see how pair programming would lead to more maintainable and hence bug-free code.

6
2

Tesla autopilot driver 'was speeding' moments before death – prelim report

DanDanDan

Re: Dangerous attempts to fix stupid?

I think he must have been the first car there, otherwise the other cars in front would have been visible.

Unless the car in front slowed down and the Tesla switched lanes to pass it. That would also make sense. The car in front would block the rear of the truck a bit, and by the time the Tesla was in the outer lane, it might be difficult to see the truck because it's white on a white background.

0
0
DanDanDan

Re: Not an AI

Agreed. I think "Nearly hit in the side door" means that it nearly hit the door, but instead hit the wheel arch. You'd need some sort of linguistics/anthropology degree or something to properly grok the syntax and sentence structure.

4
0

LIGO team may have found dark matter

DanDanDan

Re: Sample size?

A plausibly plausible plausibility argument?

0
0
DanDanDan

Re: Sample size?

It's an argument that something is plausible, not the argument which is plausible. There's a subtle difference.

8
0

Bloaty banking app? There's a good chance it was written in Britain

DanDanDan

Re: Warm Braw

So this whole article is an advert? Great!

12
0

Microsoft joins Eclipse Foundation. Odd thing for a competitor to do

DanDanDan
Linux

Embrace, Extend, Extinguish

Microsoft back to its old tricks I see! It is indeed a trap! My Pingu sense is tingling!

1
0

Surprise! That blood-pressure app doesn't measure blood pressure

DanDanDan

Hoaxes.org

Was sure this was going to 404!

1
0

Google robo-car backs into bendy-bus in California

DanDanDan

Re: Bus vs. meat bag

Highway Code Rule 223

Buses, coaches and trams. Give priority to these vehicles when you can do so safely, especially when they signal to pull away from stops. Look out for people getting off a bus or tram and crossing the road.

The reason buses assume they have right of way is that they do. Other road users should always give priority (i.e. cede right-of-way) to buses coaches and trams. People really shouldn't be driving without knowing this!

8
4

What we all really need is an SD card for our cars. Thanks, SanDisk

DanDanDan

Re: New sticky labels bought - need to find use for them

I think people are missing the point here. The aim of these SD cards isn't solely to play music from or store SatNav maps. It's also for Driver Assist Technology and data event recorders (i.e. crash information that manufacturers use to identify the causes of accidents, etc.)

These need to be robust, with proven long-lifetime, all the necessary additional automotive tests, suitable for low and high temperatures (so that they can survive said crash), withstand bumps and bashes (you don't want its connectors coming loose just as the car slips off the side of the road. These aren't aimed at consumers, but manufacturers. Automotive grade electronics equipment has a whole suit of additional tests. You can't pop any old diode into a power charging circuit these days, so why do so many people here think manufacturers will be content to use any old SD card?

19
2

OpenSSL fixes bug, gets dissed by German gov: That's so random ... not

DanDanDan

Yup! I know that in certain applications (router firmware designers, I'm looking at you!) they used C's "rand()" function. During WPA2 auth (WPS in particular), a string of "random" characters is sent in the clear, followed by the "encrypted", sensitive data used for authentication. The rand() function can therefore be brute forced if you know roughly what the seed values will be (especially easy if srand(time(NULL)) is used.

People never seem to learn!

0
0

GCHQ’s Xmas puzzle proves uncrackable

DanDanDan

Re: QR code?

"I'm pretty sure that finding a viable QR code in a picture is somewhat harder than encoding the information which is just a bit pattern, albeit a complex one."

There's a website that explains how you can do it. You don't need to build a laser scanner or anything else physical. Just apply the mathematics and run through the operations. You might need an ascii table, depending on how good you are at subtracting 96.

http://blog.qartis.com/decoding-small-qr-codes-by-hand/

0
0
DanDanDan

Re: QR code?

Encoding is much harder than decoding though for a QR code. It *could* be done manually if you didn't have a smartphone or computer...

1
0

Little warning: Deleting the wrong files may brick your Linux PC

DanDanDan

Re: Not on the HDD - NSA

> As with the Intel Management Engine, I am fairly certain that the UEFI also had input from the NSA.

https://www.google.co.uk/search?q=UEFI+NSA

0
0

GCHQ creates Github repo, offers graph database code

DanDanDan

Re: This repo.. Citing a Lack of Positive Effective Direct Action Leadership ....

The sad history of evident 21st century media failures though is proof positive of an inherent systemic lack of providing creative constructive abilities to slave services and servant administrations which might be fully reliant upon them.

Uh... come again?

0
0

I survived a head-on crash with driverless cars – and dummies

DanDanDan
Unhappy

As a motorcyclist, it irks me when cars slow down to wait for a red light to turn green. It means the traffic never stops, and makes filtering through the traffic much more dangerous (I never filter through moving traffic). Given I can accelerate off the line much faster than a car, it's a bit annoying to be held up by cars (like when you're in a car, stuck behind a big lorry or bus or tractor). I'm not saying it's not a good idea, just that it'll annoy me :)

2
11

Oh dear, Microsoft: UK.gov signs deal with LibreOffice

DanDanDan

Each and every one of your points can be solved without Microsoft lock-in, and are issues with any software migration. The fact that MS make it so much harder to migrate than other solutions is the main reason I can see for making the transition ironically.

Macros are barely even compatible between Office versions, so I don't really see that as a strong point. I usually see macros being used by people who don't know how databases work to perform functions (using a lot more code) that a database could do in a jiffy.

Without you going into specifics of what addins you use, it's tricky to say much more.

Sharepoint has terrible lock-in and could be replaced by a number of collaborative software solutions.

DRM for secure govt documents? How would DRM help? Honestly.

I'd argue that Libre Office is ok for advanced users, who know what tool to use for which job, but really basic people users should probably stick to what they know and let the world overtake them with more powerful, scaleable, transferable, automatable, open solutions.

26
2

FATTIES have most SUCCESS with opposite SEX! Have some pies and SCORE

DanDanDan

Re: BMI

Even a cylinder is a cubic function where as BMI is a square so your argument is pretty much invalid.

The increase of a cylinder with respect to length is actually linear. Double the length of a cylinder and its volume doubles. If you double the radius only, then it's quadratic. If you increase its length and radius in proportion, then after dividing by the length (as you would to calculate BMI), then it's back to quadratic again.

4
0

Microsoft replaces Windows 10 patch update, isn't saying why

DanDanDan

"It skipped version numbers because of lazy 3rd party app developers in the time of Windows 95 / Windows 98 who coded applications to look for Windows 9*"

Ahhhhhh that makes more sense. I was under the impression it was to keep the alternating "Good OS" "Bad OS" that they've been working on since inception. And in order to release two Bad OS's, they needed to skip a good one.

7
2

Exploding Power Bars: EE couldn't even get the CE safety mark right

DanDanDan

> all testing processes are a one time, and the fact "it could explode if used with a faulty lead" is true of any device, even jesus mobes.

Well I don't think that's quite factually accurate. I think the faulty lead could melt or set on fire. But just using a faulty cable should be protected against by the charging circuitry to prevent an explosion of the device.

1
0

Want Edward Snowden pardoned? You're in the minority, say pollsters

DanDanDan

Re: Let's just say

Employment status:-

Employ: Private Sector 668 32%

Employ: Government 151 7%

Employ: Self-Employed 154 7%

Employ: Homemaker 236 11%

Employ: Student 68 3%

Employ: Retired 481 23%

Employ: Unemployed 166 8%

Employ: Other 140 7%

N 2064

1
0

Wait, what? TrueCrypt 'decrypted' by FBI to nail doc-stealing sysadmin

DanDanDan

Encrypted copy of the encryption key? What key do you encrypt it with?

It's encryption keys all the way down.

4
0

UK.gov makes total pig's ear of attempt to legalise home CD ripping

DanDanDan

Re: On the spot fines, trial run on trains!

Open ear headphones generally sound better and have better soundstaging. The cheap s***e sold by Apple doesn't live up to this, but that's no reason to ban good headphones just because some people are arseholes!

0
0

Police, firefighters, ambulances, hospitals: 20 per cent still rely on Win Server 2003

DanDanDan

Great original reporting El Reg... unfortunately, I'm not surprised!

3
0

Buh bye fakers? Amazon tweaks customer product reviews system

DanDanDan

They do this already. The problem is that the "supplier" review is too difficult to find, so people leave the review next to the product. Then when a better supplier comes along and sells the good product, no-one buys it because of the stupid people.

Then people complain about the supplier review next to the product and so the review gets removed and then people come onto the reg forums and moan about it like they're not the idiots. Ugh!

1
0

Vicious vandals violate voluminous Versailles vagina

DanDanDan

Re: Correction.

Should HAVE!

First clue that your post would be clueless.

11
0

Amazon turns up spectacularly late to 'transparency' party, pours a large one

DanDanDan

Re: No need

Ah... audits. Say no more! Those who can, do. Those who can't audit/train.

0
0
DanDanDan

Re: No need

> Or slightly later when I asked my guys to recompile sendmail to mask the version number.

Ahh security by obscurity... no wonder you're posting as AC

2
0

OPEN WIDE: Microsoft Live Writer authoring tool going open source

DanDanDan

Re: What licence?

So you go straight to 'Trap' without waiting to see what occurs rather than actually looking at the direction Microsoft do seem to be taking now-a-days?

Implying that Microsoft has a direction now-a-days. roflcopter

5
6

Facebook: Your code sucks, and we don't even have to run it to tell

DanDanDan

Re: 1% Finished?

That's kinda the point of Open Source. We all (developers) need a good tool to check our code, so let's *all* work together on it to share the resource investment so we can *all* benefit. I like it. What's your criticism? They've done 1%, now all we need is another 99 companies to come along and work on it and it'll be done. I don't think that's unfair.

1
0

Don't panic. Stupid smart meters are still 50 YEARS away

DanDanDan

Why? Because it's super expensive for the perceived "convenience". No-one wants them and no-one needs them.

17
1

Women are fleeing from the digital sector, reckons UK.gov report

DanDanDan

Another skill? It's just like a standard UML diagram; they both have arrows you know. Oh and, uh, yeah... can you consistently hit treble 20 in less than a week's time, only I promised the customer you'd have it ready for a product launch demo on Friday?

5
0

Obama issues HTTPS-only order to US Federal sysadmins

DanDanDan

Re: Why?

>"checking the requirements for various items (passport application, driving license application, various benefits and tax breaks) would benefit more from a simple page, and a local cache than they would from encryption..."

So I know you're going on holiday soon so I can plan who and when to burgle. I know you'll be getting a new car in the not-so-distant future, so I can advertise accordingly. And I know what tax breaks you're looking into, so I know how many dependents you have and also have a reasonable handle on how much you earn.

In addition, I can splice your internet connection, adjust the content being delivered to you and give you advice that strongly encourages the use of my (paid-for) services.

There's almost no downside (HTTPS is easy as pie to set up these days and computers have long-since gotten past the point where you'll notice a performance hit). I don't see what your argument here is based on.

1
1

Facebook flings PGP-encrypted email at world+dog. Don't lose your private key

DanDanDan

>""Do you understand asymmetric crypto at all?"

>Do you understand that Facebook are in the pockets of NSA and GCHQ?"

So that's a "no" then.

0
0
DanDanDan

> Mark my words, if they got a letter through the door or a tap on the shoulder to show what you are writing to your friend via encrypted means, then they will decrypt that message faster than you could poke good ol' Zuck

Do you understand asymmetric crypto at all?

3
0

Thousands of 'lost data' reports mean we should ARM the ICO, says infosec bod

DanDanDan

Re: Anyone else see the gaping hole?

> ViaSat sells encryption technology so it has a commercial interest in trying to drive demand

Agreed!

0
0

Creationist: The Flintstones was an accurate portrayal of Dino-human coexistence

DanDanDan

Re: Got any more from this loon?

> Oh but his proof will be that someone wrote a book about it.

> And further proof will be found in that famous documentary 'The Land that TIme Forgot'

I saw a documentary about this once, set in the Stone Age, it concerned humans living in a town called BedRock.

3
1
DanDanDan

Re: "Seriously? You think people who disagree with you should be murdered?"

Quiet down Big Nose!

9
0

SNAFU: Blighty's judges not trustworthy, says their own website

DanDanDan

Re: Expired cert does not mean in the clear

"A spokesman from the Judicial Office told El Reg that people wanting to access their site should do so by clicking past the security warning."

Good grief!

"... just because a certificate has expired does NOT mean that the communications are no longer encrypted"

No, but it may as well. If I can't be sure who gave me the info, or who I'm giving it to, it hardly matters that it's encrypted at all!

2
0

VOTERS! This Election: Vote #Smart, Vote #Digital

DanDanDan

How do we stop the loons...

... who think banning encryption has even a morsel of sense?

4
0

Finally, Mozilla looks at moving away from 'insecure' HTTP. Maybe

DanDanDan

Re: If I'm not sending private details..

You clearly don't know wtf you're talking about. Maybe google will help.

0
0
DanDanDan

Re: Bad idea

Ahem... https://letsencrypt.org/

3
0

Lib Dem manifesto: Spook slapdown, ban on teen-repelling Mosquitos

DanDanDan

Re: British politics in a nutshell

"On a balance of very strong probabilities we'll end up with a Labour/SNP coalition"

Twaddle. The whole post, but that sentence in particular.

http://www.theguardian.com/politics/2015/mar/16/ed-miliband-labour-will-not-form-coalition-with-snp

http://www.bbc.co.uk/news/uk-politics-31906463

http://labourlist.org/2015/03/ed-miliband-officially-rules-out-snp-coalition/

http://www.telegraph.co.uk/news/politics/ed-miliband/11475189/Ed-Miliband-rules-out-formal-coalition-with-SNP.html

http://www.independent.co.uk/news/uk/politics/generalelection/ed-miliband-rules-out-a-coalition-with-the-snp-10111058.html

0
1

Aged 18-24? Don't care about voting? Got a phone? Oh dear...

DanDanDan

Please don't spoil your ballot. Vote for one of the lesser parties/independents instead. This is the only thing that people will look at. People who spoil their ballots aren't worth campaigning to win in the eyes of those who care, they don't pose a threat.

5
3

Want to deploy virtual machines in a hurry? PowerShell is your friend

DanDanDan

Obligatory...

http://xkcd.com/1319/

http://xkcd.com/1205/

3
0

IBM sued for talking up semiconductor business it couldn't give away

DanDanDan

Re: Worthless chip manufacturing plant??

I hate to say it FutureShock999, but you're being sexist.

Making generalisations such as "Women are GREAT as leaders at building consensus, understanding customer-centricity, at encouraging teamwork, and occasionally being ruthless and aggressive" is blatent sexism.

Ginni Rometty has a batchelors in computer science and electrical engineering, worked for General Motors, was a systems engineer for IBM and basically has a very technical background, in addition to her "fluffy wuffy soft skills and business acumen".

So can you please stop generalising about one gender or another and focus more on individual merit instead of spouting 19th century crap?

5
5

Skin colour's irrelevant. Just hire competent folk on their merits, FFS

DanDanDan

Re: MLP?

FWIW me too. Especially Major League Penguin

0
0
DanDanDan

Re: MLP?

My little pony

3
0

Page:

Forums