Feeds

* Posts by Robert Helpmann??

699 posts • joined 31 May 2011

Page:

Android ransomware demands 12x more cash, targets English-speakers

Robert Helpmann??
Bronze badge
Childcatcher

Pump and Dump

P.S. Proof of concept: Stock market pump-and-dump spam has almost entirely stopped. The stock exchanges acted to block the profits, and the spammers gave up moved on to greener pastures.

Fixed that for you. The problem is that there are so many suckers. Still good points - Have an up-vote.

0
0

Secondhand Point-o-Sale terminal was horrific security midden

Robert Helpmann??
Bronze badge
Childcatcher

Re: Er... news?

So this is another "stuff bought second hand not wiped" news story?

Yes, in as much as there was data on it that might be valuable in and of itself (e.g. account details). However, the researcher was able to learn enough about the second hand box to be able to hack systems that are still in production, assuming they are still set up the same as the terminal he purchased. Knowing that the owner doesn't change the default password or that the password can be recovered from the discarded machine and is likely to be the same on systems still in use can be pure gold (literally). Finally, "Oh's findings suggest the retailer had a poor security policy that went beyond anything particular to the terminal he bought on eBay."

I would like to know which retailer this is so I can avoid walking through its doors.

0
0

New BOMB detect-o-tech 'could give sniffer dogs competition': TRUE

Robert Helpmann??
Bronze badge
Childcatcher

Blade of grass on a football field

"I worry about the accuracy of their research if they think there's as many as a billion blades of grass on a football field."

Turns out this is a mathematics project/thing currently used to teach kids how to estimate. There are a number of examples posted online. This one gave the result as "about 63,350,000." A bunch of 5th graders could have told them better.

1
0

Manic malware Mayhem spreads through Linux, FreeBSD web servers

Robert Helpmann??
Bronze badge
Childcatcher

Re: Tired admin

A sysadmin really should check that every patch works and doesn't break critical services/applications before deploying.

I could not agree more and yet the people who get pissy if the "critical services/applications" aren't working are typically the same bunch who will not fork over the cash to set up development or test environments. I have had to work in several large network environments in which we had to "test in production," which basically means that we target a subset of the overall production environment and see what happens next before proceeding with the rest.

3
0

Google shows off new Chrome OS look

Robert Helpmann??
Bronze badge
Childcatcher

Re: hmmm

To play Devil's Advocate a bit:

I love the way I can log on from any device and just carry on without thinking about what device I'm using...

I don't, at least in as much as it is the default and automated (passwords stored on device). I also have an issue with the fact that others on my home network share access to some data. I know Google searches performed on one device show up in the cache for others regardless of the accounts being used. I don't know what other data leaks may show up, but this should be enough to raise concerns.

...he has no issues anymore with Malware, Viruses and toolbar hijackers.

It might not have any now, but I find it hard to give credence to the claim that there will be no malware, especially given the relative small amount of time between Android gaining popularity and malware being developed for it. Chrome has relatively few users right now, so it is not a worthwhile target. This will change as soon as someone thinks a profit can be made from it, so pretty soon. This also discounts targeting by government sponsored groups.

Google do not sell your personal data, they use your data to place more appropriate adverts.

Essentially, they do not sell the data, but have set themselves up as a proxy. It's more profitable if they simply rent it. On the other hand, they gather as much data as they possibly can, making them a very tempting target for governments and black hats alike. This sort of data gathering is baked into all of their products, as far as I know.

My C720 is the best computer I've ever had. And the cheapest.

I cannot argue with your personal experience, though I would stipulate there are cheaper machines and better machines out there, though perhaps not in the same package. As far as better value for money, beware getting exactly what you pay for. Manufacturers will sell at a loss if they think they will make up the difference and then some later down the road. It is why printer ink cartridges are ridiculously expensive, for example. Google seems to have a good idea of how to make money, so I would not expect them to do otherwise with these machines. The question is more one of how they do so.

1
1

Amazon's Spotify-for-books: THE TRUTH

Robert Helpmann??
Bronze badge
Childcatcher

List Available

I checked Amazon's site when I got home from work on Friday. It wasn't particularly hard to find the list of books available through this service, including listings by genre.

0
0

Chromecast hack Rickrolls Google's TV stick

Robert Helpmann??
Bronze badge
FAIL

Re: Video of device being demonstrated

It's only funny if it's not damn obvious.

0
0

Unbridled BONKING and rampant ROGERING at YOUR office!

Robert Helpmann??
Bronze badge
Childcatcher

Incident Resolution

"No[w] if only I could use that just once in our call logging system!"

You can, but just once (for obvious reasons).

0
0

Spinning SPACE DUCK is comet-chasing Rosetta probe's PREY

Robert Helpmann??
Bronze badge
Linux

Rubber Duckie

Rubber Duckie, you're the one \ You make flying through the vacuum of space lots of fun...

Tux, 'cause that's as close to a duck as we have ==>

1
0

Hi-tech Fagin couple used Apple scam cash to fly pickpockets to UK

Robert Helpmann??
Bronze badge
Childcatcher

Re: 8 years for 15K

It's really not possible for me not to be cynical about banks, having worked for one of the largest. Yes, they make mistakes, but they are much more apt to behave just as SuccessCase describes. They have a responsibility to their shareholders and feel that because it affects their (upper management's) personal pockets. They feel a responsibility to their customers mostly because of regulatory pressure and if they can around it, they will and have demonstrably acted in this manner on a consistent basis.

3
1

MYSTERIOUS Siberia CRATER: ALIENS or METEOR not involved, officials insist

Robert Helpmann??
Bronze badge
Childcatcher

Giant Gofers

Mole Men!

Looks suspiciously like a sink hole. What could the government possibly be hiding down there? Dirt? Water? An underground civilization? (˙ǝuo ʇsɐl ǝɥʇ ʇoN :∀)

4
0

Gust catches Amazon's skirt, reveals glimpse of 'Netflix for books'

Robert Helpmann??
Bronze badge
Childcatcher

Re: So...

The local library in my county lists 165,128 volumes in its collections. While 600,000 may sound like a considerably greater amount, it will probably make little practical difference. While Amazon has greater span compared to my local library system, it also has a much larger customer base. Even assuming only a fraction of their current customers sign up, there will still be a far greater number than live in my area and make use of the public library. With them will come far greater variations in reading taste and selection.

Also, Amazon currently has a big incentive to increase returns on this new effort. They will almost certainly be pushing people to buy books from them based on the data gathered from the service. While this is a pretty good business plan, I would not have to deal with this from a public library. They are apt to push other books on me, it still comes to the low price of my tax contribution.

On the other hand, public libraries offer services such as inter-library loans, public meeting rooms, and free events for kids. None of these are likely to be offered by Amazon with this new paid-for service. I am not sure how much of that applies to you as you are almost certainly in a different locale, but I would guess that at least some of it holds true.

0
0

CERN data explains how Higgs heavies other matter

Robert Helpmann??
Bronze badge
Childcatcher

Exotic Physics

Pleier says the interactions so far observed match the rate of W-W production and scattering predicted by Standard Model physics – which is yet another arrow-to-the-knee for more exotic physics.

Earlier in the article, it was mentioned that "at a critical temperature the Higgs field becomes tachyonic," To me, anything becoming tachyonic would seem to be exotic.

1
0

When the robot rebellion comes, this Jibo droid will BORE you to death

Robert Helpmann??
Bronze badge
Childcatcher

Re: "Your plastic pal who's fun to be with"

Reminds me a bit of Robot & Frank. Perhaps it can be taught to pick locks. It is, after all, a platform...

0
0

Microsoft: You NEED bad passwords and should re-use them a lot

Robert Helpmann??
Bronze badge

Re: @moiety: Try downloading the data sheet for a chip

I have started advising those foolish enough to ask me that they should routinely lie when filling out those questions used to validate your identity, especially when the sites involved are high value (e.g. banking, medical, et cetera). It makes it less valuable to harvest information from social media and other online sources. Obviously, this does not eliminate the risk of identity theft, but it helps secure individual sites.

As far as passwords are concerned, I find that a pattern-based system works fairly well. You need only remember the pattern used and a starting point for a given site. For example, if my base pattern was 1qaz@WSX and I wanted to apply it to El Reg's site, I would start at the letter T (for www.Theregister.co.uk/) and transpose: tgb5YHN^.

3
2

You don't need a HERO, you need a ZERO. From Google

Robert Helpmann??
Bronze badge
Childcatcher

Re: Defence is always more difficult than attack.

Google may actually be on the right side on this one.

No, definitely not. They are on their side, not the right side. What they are basically saying is that they don't appreciate the competition and are willing to pay top dollar to put it down.

0
0

New photonic router works by flipping reflective atom's lid

Robert Helpmann??
Bronze badge
Childcatcher

Re: I'll go pedantic

I think the big thing here isn't the creation of a router or switch, but the fact that they have created a photonic transistor.

2
1

Whoah! How many Google Play apps want to read your texts?

Robert Helpmann??
Bronze badge
WTF?

Re: Yup, that's why I won't use apps.

It obviously does not stop with Android. I don't recall getting any sort of notification that Chrome would be able to access my web cam and mic. I just happened to notice that it had spawned yet another process. I realize that Flash and similar do this, but I can choose to enable, disable, or uninstall these if I wish. Now, Google have embedded this in their browser. Additional bloat, no or ill-defined user controls, and more... what's not to love?

Google seems to be intent on undermining any expectation that consumers should have control over their online lives. This is definitely not what I want to deal with.

7
1

Native Americans KILLED AND ATE DUMBO, say archaeologists

Robert Helpmann??
Bronze badge
Childcatcher

Re: Nice job making the illustration captions illegible

Associated text:

"From left to right: Mastodon, mammoth, gomphothere. Credit: Sergio de la Rosa"

I suspect that El Reg did not reduce the resolution of the image and instead just went with what they happened to find first. Just a hunch.

0
0

Will GCHQ furtle this El Reg readers' poll? Team Snowden suggests: Yes

Robert Helpmann??
Bronze badge
Childcatcher

Re: now it makes sense

...anything else was categorised as undecided

I suppose that's as good a way as any to record a response of "@#$% off!" followed immediately by an abrupt termination of connection.

0
0

Hackers' delight: Hotel cyber-cafe, er, business centers, apparently – US Secret Service

Robert Helpmann??
Bronze badge
Childcatcher

Re: Note to self:

I always assumed the business centre computers or any public computers were riddled with malware.

I was a member of a group that held meetings at a local university. There were PCs and overhead projectors in all the classrooms. I wanted to use the overhead as part of a presentation I was giving. I had loaded the presentation on a thumb drive with a variety of portable apps (I did not know what the computer would have installed) and ran the portable AV product when I plugged it in. It had its work cut out for it. It seems that installing an AV product or using any sort of common sense was right out on those systems.

I know to treat these systems as the infected cesspools they are, but it surprises me that hotels don't take better care than they do. They only offer "free" computer access to their customers, meaning it isn't really free and might open them up to liability issues.

0
0

Diary note: Pluto's close-up is a year from … now!

Robert Helpmann??
Bronze badge
Childcatcher

Re: Pluto Energetic Particle Spectrometer Science Investigation

I’d hazard a guess at zero.

It's "Coke Zero," not "Pepssi Zero!"

1
0

Microsoft's new 'Adam' AI trounces Google ... and beats HUMANS

Robert Helpmann??
Bronze badge
Childcatcher

Projection?

...like a sudden bout of creative swearing or perhaps going to a window and leering at pedestrians on the street below can give a useful jolt to our own grey matter.

It would be interesting to see how this is optimized for performance. How much random info leads to better results? What kind of "random" stuff would help? Sports scores? News sites? FaceBook? What is the neural network equivalent of cat pictures? Wait, that one already been done...

1
0

Canuck reader threatens suicide over exact dimensions of SPAAAACE!

Robert Helpmann??
Bronze badge
Childcatcher

Re: Shmoptional

Yes, but you can't have lower case stars to simulate the loss of sound with the air running out of the environmental enclosure:

SPAAAaaace!

1
0

Amazon begs Feds for drone test permission slip

Robert Helpmann??
Bronze badge
Pint

Re: Gifts From Above

All of that lovely Friday prose can be summed up in one word: predictable! Still, the gift card idea has some merit. Perhaps Amazon can shift from a sales model to one financed by ads...

0
1

Star Wars: These are the 'unknown' actors we were looking for

Robert Helpmann??
Bronze badge
Childcatcher

Re: "Disney and Lucasfilm are, of course, saying nothing about the plot"

You left off:

Dancing aliens in bars with space jazz playing and funny colored drinks!

Retro screen transitions!

Plot holes!

Inside jokes referring to movies that have nothing to do with Star Wars!

and Droids (running KitKat)!

0
0

MonkeyParking FLINGS AWAY San Francisco service

Robert Helpmann??
Bronze badge
Childcatcher

Re: Our Mission

I just got a great deal on some prime real estate! It's a bridge. You might have heard of it...

0
0

Brute-force bot busts shonky PoS passwords

Robert Helpmann??
Bronze badge
FAIL

Re: Really?

From the linked abstract: ...BrutPOS... uses thousands of compromised computers to scan specified IP address ranges for RDP servers that have weak or default passwords in an effort to locate vulnerable POS systems.

It uses the simplest of methods to break into PoS systems and makes enough money for renting one or more botnets to scan for exploitable systems to be worthwhile. This was low hanging fruit, both for the researchers and for the crims. I agree that there is no need to tar the whole industry, but only because it seems obvious that same industry is doing the job well without outside help.

I am in the process of putting a PoS system together and had to browbeat the db developer into using basic security principles in the design because "It's going to be a closed system. How could any info possibly be stolen?" This simple check only shows the tip of the tip of the iceberg.

0
0

Cosmic dust riddle BREAKTHROUGH: Study tackles stuff of the universe

Robert Helpmann??
Bronze badge
Childcatcher

Re: What is the 'shockwave' made of?

"Sorry but I don't rate the clarity of the article much."

Thanks for the explanation. It was quite helpful. Some of the article goes beyond not being clear, though.

Once the hydrogen is all gone and no more energy can be extracted from the fusion process, the star dies and giant clouds of gas....

No, there's still hydrogen left at that point and fusion is still producing energy, just not enough to maintain equilibrium with gravity. What are those "giant clouds of gas" mostly made of?

0
0

Give an exoplanet a new name: Fill in this form and hope these astro-boffins pick your $input

Robert Helpmann??
Bronze badge
Childcatcher

Re: Bob

You can't call a planet 'Bob'! I'm never calling it that.

1
0

German spy agency staffer spied for NSA during gov probe into NSA spying – report

Robert Helpmann??
Bronze badge
Joke

Finally!

The... man allegedly had a weather app which appeared innocuous until one searched for the weather in New York, at which point the app allegedly opened an encrypted communication channel.

So much spycraft - at least what is reported - seems to be rather pedestrian stuff. I wonder, when the "encrypted communication channel" opened, was it in the form of a holographic pop-up with a 3D spinning CIA logo followed by a direct link to his handler who appeared as a dark-cowled figure with a raspy voice?

0
0

Russian MP fears US Secret Service cuffed his son for Snowden swap

Robert Helpmann??
Bronze badge
Childcatcher

Re: don't rendition in Italy

Funny you should bring that up. Is the difference between kidnapping in these cases and making an arrest simply that the capture took place outside the arresting party's jurisdiction (in possible violation of a sovereign nation's laws)? Is it ever OK to do this under international law? Would defendants convicted in absentia be given a trial in which they could defend themselves should they ever come into Italy's (in this case) custody? What makes the second action (trial without the defendants present) more acceptable than the first (extraordinary rendition) from a legal sense?

0
0

OMG, sorry about 'poor comms' on Facebook secret emoto-meddle tests. Laters!

Robert Helpmann??
Bronze badge
Childcatcher

If you can't be a good example...

...exemplary behaviour is expected from [FB]...

...just not the example we would prefer that others follow. I think the second definition, "serving as a warning," is more to the point.

1
0

Windows 7, XP and even Vista GAIN market share again

Robert Helpmann??
Bronze badge
Childcatcher

Re: History repeating

So, the inverse of Star Wars trilogies, then.

1
0

Brazilian baddies bank Boleto billions

Robert Helpmann??
Bronze badge
Childcatcher

Re: Krebs title is better

Fraude Financeira!

0
0

NSA man says agency can track you through POWER LINES

Robert Helpmann??
Bronze badge
Childcatcher

Re: I think the idea is that they could identify a studio

Another possibility would be to purposefully add noise to lines that could later be decoded and identified.

1
0

Microsoft's anti-malware crusade knackers '4 MILLION' No-IP users

Robert Helpmann??
Bronze badge

Re: No other law that I'm aware of works this way.

I was torn between giving you an up-vote for catching my ridiculous usage error and down-voting for missing the obvious parallel between the judge in the ongoing MS/No-IP mess and the Hackensack Planning Board's use of eminent-with-an-E domain to attempt to take property from one group and give it to another based on it being blighted and in need of redevelopment. This unfortunately has been upheld in various courts as being legal (no prior convictions needed if I recall correctly), prompting various groups to attempt to change the law and to replace office holders. This last is obviously one of the areas where the comparison breaks down. Either way, while I am am not alone in comparing the two, your correction deserves acknowledgement: have an up-vote.

0
0
Robert Helpmann??
Bronze badge
Childcatcher

No other law that I'm aware of works this way.

Actually, imminent domain in various US jurisdictions has done just this sort of thing, though to to considerable outcry and ongoing efforts to have the law and office-holders changed.

2
1

Lords try shoehorning law against REVENGE SMUT into justice bill

Robert Helpmann??
Bronze badge
Childcatcher

Re: It is not only the images that are the problem

Context is all important.

So, to put it in context, someone points a camera at me while I am in a NSFW way and I allow it. Why would I have any expectation that this essentially permanent image would never be seen by anyone other than myself and the person taking the picture? What could possibly go wrong? Yes, posting of such a picture has great potential to detrimentally affect one's life. To me, this is analogous to posting one's most intimate details to a social networking site. You are quite naive if you think that just because someone else is telling you that it will never be seen by anyone else that you should have any expectation that it will be the case.

If it is predictable based on a very basic understanding of human nature that something will happen, then you should have no expectation that it will not. I am not defending the actions of individuals posting their exes' pics, but this really looks to me like trying to pin the blame for someone's bad decisions (allowing the picture to be made) on someone else (the person posting the picture).

3
0

Trick-cyclists defend Facebook emoto-furtling experiment

Robert Helpmann??
Bronze badge
Childcatcher

Informed Consent

As the AC pointed out above, the business version of the informed consent is the agreement each user agrees to when registering and most major companies preform some type of research. It makes me wonder if the user agreement would really cover this, at least in a legal sense. It's not as though in signing up for a service you are expecting to be experimented upon.

Also, academics have to put their experiments through a review process before going forward. Part of that process is an ethical determination of expected or possible harm to the subjects put against the expected gains in knowledge. From a business practice, I wouldn't be surprised if this came down to "Is this likely to cost us more money than it is likely to generate?" Just a thought.

0
2

MONSTER COOKIES can nom nom nom ALL THE BLOGS

Robert Helpmann??
Bronze badge
Childcatcher

Re: Bingo

...a Google security rep [said] the risk was a problem for web browser developers to fix, rather than a lone web app providers...

Perhaps someone can set me straight. Doesn't this amount to poor error handling on the part of the web servers? I would think that this is the sort of thing that mail servers have to deal with in handling attachments. Why can't cookies be filtered based on size, even if it is not by the web server itself? I understand that mail and web servers are not the same thing, but the issue has to have come up before. It would seem to me that the solution used in one case should at least be considered in the other.

0
0

Mystery bidder plunders the whole haul in Silk Road Bitcoin auction

Robert Helpmann??
Bronze badge
Childcatcher

RFI?

I am surprised that the USMS has not released the name or names of the winner. It is by its nature a matter of public record. I would think that they would have to release it if a FoIA request were made.

How about it, El Reg?

1
0

Redmond's EMET defense tool disabled by exploit torpedo

Robert Helpmann??
Bronze badge
Childcatcher

Nothing was ever 100%

Nothing was ever 100% with EMET or Windows, it was just one more added precaution. Use throwaway VMs when needed for unsafe activities.

Nothing is ever 100%. Better to use throwaway VMs for all or most activities in addition to other precautions. Many enterprises are moving to a VD environment for this among other reasons. Qubes OS is another implementation of this idea, though for standalone workstation users. None of it is bullet proof - you still have to protect the data, for example - but it is a really good start.

0
0

Bitcoin was illegal in California? Whoops, governor fixes that 165-year-old money law

Robert Helpmann??
Bronze badge
Coat

Re: Mark my words...

Yes, it would be bad to miss out on the revenue stream that money laundering operations would take with them if forced to move to another state.

Just checking the pocket for cash.

0
0

Using Android 4.3? Don't let malware snatch your private login keys

Robert Helpmann??
Bronze badge
Childcatcher

Re: @Taylor 1

Yes, all very true, though it perhaps does not match my Top x List. However, the "new boss," same as the "old boss," has many of the same issues:

1) Lacks many security mechanisms, especially and most egregiously a meaningful way for users to grant permissions to applications based on informed consent rather than the all or nothing approach that is currently the norm.

2) Hold security as an afterthought - in as much as the app store is a part of the Android experience, even if not part of the OS, it is unusual for there to be any thought of security at all, after or fore.

3) Open source is no guarantee of security or flawless code, nor that it can be repaired if there are errors or vulnerabilities. It is a valid approach, but it is not the only valid approach. As far as overwhelming influence and monopolies are concerned, try breaking the internet by googling Google. For more Android flaws, try googling "android security issues"

Here's a question that is more to the point: When MS puts out a security patch, individual users and organizations have control of when it is applied. They can test it out before deploying it on a wide scale, wait to see how other people fare, or jump right in and trust MS with an automatic patching regimen. What choice to Android users have?

1
0

Application delivery controllers tighten the security perimeter

Robert Helpmann??
Bronze badge
Holmes

Old News

...the time-honoured perimeter view of network security is still imperative, but it needs to be matched by a layered approach to application and data access throughout the network.

Ever hear of Defense in Depth? It isn't new.

0
0

True fact: Your CAT wees ... like a racehorse

Robert Helpmann??
Bronze badge
Childcatcher

Re: Igs

No, as it does not in fact represent the actual research being conducted. It is part of a larger, more elaborate study involved in getting people to count out loud in public restrooms.

1
0

Zero-knowledge proof crypto scheme divines truths from nothing

Robert Helpmann??
Bronze badge
Childcatcher

Re: Irradiated electors

For a quick tutorial on zero-knowledge proofs, try "How to Explain Zero-Knowledge Protocols to Your Children."

1
0

Dropbox used as command and control for Taiwan time bomb

Robert Helpmann??
Bronze badge
Childcatcher

Re: A similar exploit.........

Past exploits used FTP for similar purposes. Everything old is new again.

2
0

Devs: Fancy a job teaching Siri to speak the Queen's English?

Robert Helpmann??
Bronze badge
Childcatcher

Re: "this writer's Apple Map app has started giving directions in a Welsh accent"

It couldn't possibly be as bad as Eve Myles trying to speak with an American accent... could it?

0
0

Page: