* Posts by Tomato42

511 posts • joined 31 May 2011

Page:

OpenSSL swats a dozen bugs, one notable nasty

Tomato42
Bronze badge
Boffin

openssl-0.9.8zh is also vulnerable but patches won't be made for it

1
0

Sad reality: It's cheaper to get hacked than build strong IT defenses

Tomato42
Bronze badge
Mushroom

Solution?

The solution it is to not make it cheaper: fine the companies that are hacked.

7
0

Using a thing made by Microsoft, Apple or Adobe? It probably needs a patch today

Tomato42
Bronze badge
Childcatcher

Re: It's not the brand, but the software...

it may not look like this, but I have on high authority that software is written by humans and it's common for humans to err

where are the robotic overlords where you need them!?

5
0

YouTube breaks Sony Bravias

Tomato42
Bronze badge
Joke

Re: Obviously the haven't even heard of defensive programming

> distinguishes quality software from poor hacks.

"poor hacks"? that's a new term for Internet of Things?

2
0

Europe to order Apple to cough up 'one beeellion Euros in back taxes'

Tomato42
Bronze badge
Stop

Re: Hehe

@veti just like we're still talking just how stupid of an idea is to fight Russia in winter (unless you're the Mongols), we will be talking how moronic the decision of UK was to leave the EU.

so get used to it

6
3

Google breaks heart, White Knight falls off horse

Tomato42
Bronze badge

Re: "The majority of the population is concentrated in urban areas."

the point is that those suburban areas have higher population density than Europe, and they still have slower and vastly more expensive Internet

1
0

Windows Update borks PowerShell – Microsoft won't fix it for a week

Tomato42
Bronze badge
Linux

Re: Go Linux Mint

at this point in time, I have fewer problems with a BLEEDING EDGE, ROLLING RELEASE distro like Arch than I see people have with Win 10

now you'd have to go to LFS to have worse experience with Linux than in Windows, it would be funny if it weren't so pathethic

14
0

Google Chrome will beat Flash to death with a shovel: Why... won't... you... just... die!

Tomato42
Bronze badge
Boffin

Re: Why wait until December?

Nuke it? It needs a relativistic kill vehicle! High orbital bombardment!

18
1

Windows 10 Anniversary Update is borking boxen everywhere

Tomato42
Bronze badge
Happy

Re: I'm waiting

ain't that a good thing? after that you can say "oh, win 10? I'm afraid that is double my usual rate"

14
0

Cats, dogs starve as web-connected chow chute PetNet plays dead

Tomato42
Bronze badge
Joke

Re: Another negative for IoT

@fidodogbreath the problem is that the notification system works only in local environment, with a roaming owner it is ineffective

2
0

US standards lab says SMS is no good for authentication

Tomato42
Bronze badge
Flame

For moment there, I completely forgot about the atrocious security of the US carriers

(not that others are not bad in their own right, but some are more... "special" than others)

4
1

Ivory tower drops water bombs on dumpster fire

Tomato42
Bronze badge
Boffin

Re: A Vote is an endorsement

with a First Past The Post voting system, if you don't vote on the candidate, it is as good as voting for the opposing party candidate

the whole voting system should be changed to something like single transferable vote

2
0
Tomato42
Bronze badge
Stop

Re: so the usual

I would have agree with you, if the "ones that killed innovation" weren't saying that misogyny, racism and xenophobia are bad for this (or in fact any) country.

it's like saying, "this professor is wrong about climate change, I saw him jaywalking a month ago!"

13
0

Google's Nexii stand tall among Android's insecure swill

Tomato42
Bronze badge
Flame

Re: Until Blackberry goes under

@DougS you mean just like the 3 year cadence of the Nexus devices?

'cause it's exactly what google is doing, they drop support for "Nexii" like a hot potato right after the 3 year mark

it's a shitfest, all of it

4
0

UK gov says new Home Sec will have powers to ban end-to-end encryption

Tomato42
Bronze badge
Boffin

Re: Idiots!

not to mention that a CA which would sign certificate for the Blue Coat system would very quickly be removed from Mozilla's and Microsoft's trust stores

5
0

Microsoft wins landmark Irish data slurp warrant case against the US

Tomato42
Bronze badge
Angel

Re: non-US citizens on non-US servers

@AC and that's the crux of the matter

I have no problem with US enforcement agencies asking EU enforcement agencies for information in EU. But it must go through EU court, with EU laws and EU judges.

7
0

Bomb-disposal robot violently disposes of Dallas cop-killer gunman

Tomato42
Bronze badge
Stop

Re: Gunman murdered by the police?

@bombastic bob: right, because "heroes" are incapable of doing evil things

see also: The Hague Invasion Act

0
2

Russia, China fight UN effort to extend human rights onto the internet

Tomato42
Bronze badge
Unhappy

Re: Simply amazing....

you're forgetting that USA is "exceptional" and that they will maybe sign, but never ratify this new law

you know, like domestic laws apply only to some people, just not those in establishment or enforcement...

3
0

My plan to heal this BROKEN, BREXITED BRITAIN

Tomato42
Bronze badge
Trollface

@fidodogbreath: give credit where credit is due! After all, he's the guy that killed Hitler...

0
0

Time to re-file your patents and trademarks, Britain

Tomato42
Bronze badge
Stop

wait aren't you so against ID cards because they remind you of those food stamps from those "glorious" times?

yes, the times when you were young were much better, but it's because you were young, you had the vigour to learn new stuff, strength to overcome obstacles, not because they were better times

now forgive us youngsters while we're working on beating yet another all time world-wide low for people living under the poverty line and illiteracy rates

3
0

EU GDPR compliance still a thing for UK firms even after Brexit

Tomato42
Bronze badge
Meh

honestly, I see Turkey meeting the requirements earlier...

2
0

Tech firms reel from Leave's Brexit win

Tomato42
Bronze badge
Facepalm

Re: Didn't

you think UK will get access to common market without a deal like Norway? ha! not if French have anything to say about it (psst: they do)

6
2

US plans intervention in EU vs Facebook case caused by NSA snooping

Tomato42
Bronze badge
Devil

Re: I doubt it

@ckm5: UK is not the whole Europe...

11
0

Microsoft has created its own FreeBSD image. Repeat. Microsoft has created its own FreeBSD image

Tomato42
Bronze badge
Linux

Re: Just another good example...

of course it's a take-over attempt

there's no objective reason to run BSD over Linux. Features, speed, programmers, either Linux has it all, or can simply run BSD stuff

but BSD doesn't have this pesky GPL business so when they decide it's enough of this OSS lip service, MS can just close it up

(See also: core Android applications that are no longer developed in AOSP)

2
27

Get ready for Google's proprietary Android. It's coming – analyst

Tomato42
Bronze badge
Unhappy

Re: They already have

> Heck, Microsoft might pick up the ball and write in support for Bing and sell their own

> Android that is freer than the one Google offers. Wouldn't that be a crazy turnaround?

with current Microsoft and current Google, that's not exactly inconceivable...

6
0

Microsoft thinks it's fixed Windows Server mess its last fix 'fixed'

Tomato42
Bronze badge
Unhappy

Re: I'm flabbergasted

@Unicornpiss: in letting it go.

Once you start using it, you basically will use it forever. So you need a Windows Server to host it.

I was referring only to the addictiveness of it, nothing more.

0
0
Tomato42
Bronze badge
Boffin

Re: I'm flabbergasted

Active Directory is worse than crack cocaine...

7
6

UK Home Office is creating mega database by stitching together ALL its gov records

Tomato42
Bronze badge
Facepalm

Re: Right of abode

Sorry, but I see this whole aversion to national ID cards in US and UK to be completely irrational.

Government already knows well where you live (birth certificates, taxes). Universal proofs of identity don't change that one bit. On the other hand they are useful to prove your identity to other people - employers, banks, your UK citizenship when you're abroad

Actually oppressive communist governments don't use ID cards to oppress the population!

0
5

Capitalize 'Internet'? AP says no – Vint Cerf says yes

Tomato42
Bronze badge
Trollface

Re: The Internet is an internet

those are press junkies, they use Macs and those have case insensitive FSs too

0
0
Tomato42
Bronze badge
Boffin

Internet? Generalized?! What the hell are they drinking?

Friday is as generic as it gets, yet we still write it with a capital F.

More arbitrary "rules" from AP.

0
0

Tech titans demand free speech law to head off President Trump

Tomato42
Bronze badge
Unhappy

For one, Putin wants to rule something more grandeur than nuclear wasteland...

1
0

Jaxa's litany of errors spun Hitomi to pieces

Tomato42
Bronze badge
Boffin

Re: This is why Japan prefers to fire refurbished WWII dreadnoughts into orbit

questioning people with time seniority in the company is frowned upon in Japan

we can just hope that this will be a Challenger moment for Jaxa and that they will get their Feynman on it...

8
0

Top EU data cop slams Safe Harbor replacement as inadequate

Tomato42
Bronze badge
Trollface

@Pseu Donyme: they will do that right after they switch to metric and stop using their brain-dead electric sockets

7
0

FCC swivels to online privacy, gets bitten in the ass by net neutrality

Tomato42
Bronze badge
Boffin

and if I have a PBX in my business, no one can call my desk phone without me telling them the internal number

damn, more ways in which telephone and Internet systems are alike

0
0
Tomato42
Bronze badge
Boffin

You know what else is an old law? The constitution and its amendments.

I only see "It's the end of the world, cats and dogs living together", etc.. No explanation WHY equating IPs to telephone numbers is bad. No explanation WHY making ISPs just dumb pipes that pass packets around is bad.

So to me this looks more like a list of people being paid by the cable industry.

9
0

EU wants open science publication by 2020

Tomato42
Bronze badge
Boffin

Re: That's eminently reasonable

> Someone will have to pay for managing and hosting this data. Who will pay that bill?

you mean who pays for arxiv.org? Cornell University Library. In all honesty, hosting one such site is probably cheaper than subscribing to 2 or 3 journals in only one of the fields covered by arxiv (yes, subscriptions have outrageous prices)

34
0

Got a Fitbit? Thought you were achieving your goals? Better read this

Tomato42
Bronze badge
Trollface

Re: How to get in on these scams

Why are you talking about the Fontus? it's not in the article!

2
0

Your next server will be a box full of connected stuff, not a server

Tomato42
Bronze badge
Paris Hilton

Can somebody remind me, why exactly do we listen to Gartner?

41
0

Oculus backtracks on open software promise

Tomato42
Bronze badge
Devil

Re: Inevitable

"Exactly. Considering there are already competitive alternatives like the HTC Vive, it could be really bad for Oculus if games could be modded to run on alternate VR headset."

Yeah, that would mean direct competition and that's bad for business. If only those pesky customers didn't demand Vaseline for shafting, we would have pure profit!

4
0

SWIFT moves on security in wake of hacking attacks

Tomato42
Bronze badge
FAIL

That's what happens if you consider IT _only_ a cost centre: you get an even bigger bill at the end of the day

8
0

Zombie crypto still rules smart grids: OSGP vendors need to kill RC4

Tomato42
Bronze badge
Flame

If only they knew earlier that the RC4 may be insecure... /s

but that's IoT for you, until you beat them with a heavy rod, they won't do anything

1
0

Adobe...sigh...issues critical patch...sigh...for Flash Player zero day

Tomato42
Bronze badge
Happy

Fla-what?

it's been so long I had it installed I forgot it exists

those were very blissful moments

1
1

Android's security patch quagmire probed by US watchdogs

Tomato42
Bronze badge

Re: sigh

EU law allows you to simply return the device after 2 years if it does not match advertised feature set or breaks down in normal use.

Some things should really have longer terms, but the basic framework is in place.

1
0
Tomato42
Bronze badge

Re: I am (perhaps naively) hopeful...

I would say that your optimism isn't completely unfounded, Tom Wheeler was quite effective up till now

1
1
Tomato42
Bronze badge
Angel

Re: sigh

To fix this we really don't need much.

The first thing is that software defects should not be excluded from warranty (that includes disclosed vulnerabilities).

Then we just need a label that clearly, in standardised manner, informs the customer:

1). how long is the warranty for all defects

2). what is the manufacturer designed expected lifetime of the device (that means, at the minimum, that replacement parts, including software, will be available)

3). what (if present) is the length of time software updates of the device will be provided

allow for paid/free options on top of that, and then there's _some_ chance that the market rights itself up

10
2

This is what a root debug backdoor in a Linux kernel looks like

Tomato42
Bronze badge
Facepalm

and that's why you should always deploy code only after it goes through upstream review and merge

but some ARM device makers still "know better"

4
1

Stop resetting your passwords, says UK govt's spy network

Tomato42
Bronze badge

Re: Too Many bad Movies

passwords are more likely to be guessed the more they are used; but it is offset very easily by making it longer

the original advice of the 30-day lifetime of a password assumed a fairly simple password (essentially a single word selected uniformly at random from greatly reduced English dictionary), double the password (use two words) and the 30 days suddenly become 80 years at the same level of security

oh, and another thing often forgot: the original advice included mandatory rate limiting on incorrect logon attempts

4
2

How 'flexible' can the UK actually be on EU data protection law?

Tomato42
Bronze badge
Joke

Flexibility?

given their ability to suck their own jingle bones, I would asses the government's ability to be flexible as "extraordinary"

0
0

Batten down the hatches! OpenSSL preps fix for high impact vuln

Tomato42
Bronze badge

Re: Oh, good, more bullshit from the Reg

It's because the fact of branding a vulnerability doesn't mean anything.

There are severe vulnerabilities which are not branded and irrelevant vulnerabilities which are (Grinch attack as an example).

By focusing on branding you simply focus on the wrong thing. You should focus on the security and vulnerability parts.

0
0

AWS outgrows its own resource numbering scheme

Tomato42
Bronze badge

Statistics

Because of the birthday paradox, if the identifiers are assigned at random (and they better be or the whole system is insecure) that after assigning about square root number of all available means you have a 50% chance every time you assign a new one to pick already selected one.

In other words, they prepare for a more modest number of about 1.69266 * 10^13 (16 trillion short scale, 16 billion long scale) tracked items.

1
0

Page:

Forums