Posts by Robert Helpmann??

Re: Er wot?

Sometimes I think El Reg’s commentards are speaking a foreign language.

Yes, there's English, Bad English and whatever it is the English speak.

Re: Screw the people this will put out of work then.

I do believe there will be one point where humans will have next to nothing to do anymore, because we will have made robots capable of doing it all.

I think this is the point where human nature pushes us in a different direction. Eventually boredom will trump greed and laziness. Not for everyone, but for many. While I am sure that some bored souls will become destructive (based on plenty of historical data), I am equally sure that the need to find a meaningful existence will push some of us and our descendants to figure something out. By that point, the solution to this might simply be to ask our robot overlords/serfs for a worthwhile activity.

Re: The ONLY things going for it were

ME was like having somebody stamp on your balls, then the jaw, then the hand...

ME is one of the few Windows OSes I never have had to support professionally (from Windows 2 to current iterations). I did get on it once at my in-laws'. They had an issue and since I was handy they asked if I would have a look. I stopped looking when I started to develop an eye twitch.

Re: Core issues

I'm assuming you're talking about the Intel Management Engine.

Yes! That is exactly it! I was taking a quick break while doing some unscheduled work on the weekend and didn't have time to dig it up.

Re: I swear I knew from the headline ...

The first thing I thought of that this could be used for is a supply chain attack on burner phones. This sort of thing isn't easily implemented and there are other easier routes for most purposes. So if it or similar is going to be used, it requires a long setup. Hardware attacks get around most software defenses. Perhaps coupled with a watering hole attack, this might be useful in some cases where malware can't be expected to get the job done.

Re: Question?

If it ain't broke, don't fix it.

This is exactly the attitude that I encountered with NationsBank and later Bank of America after their merger which involved switching from OS/2 and a Linux variant to Windows. It was... traumatic. Banks are about profit first and stability a very close second. Customers are on the list too, somewhere.

Re: And it seems that something is wrong with that McAfee

My enemies maged [sic] to spike something that i ingested. However, I am more difficult to kill than anyone can possibly imagine.

1) He is his own worst enemy.

2) Just because he lacks imagination does not mean he won't eventually get it right.

Re: Similar but not

I got overpaid by the payroll system.

My experience balances yours, then. I wasn't getting paid as a contractor after having transitioned to a new company when the contract was awarded to them. It was a chaotic transition, so I figured that I could live through a few weeks and they would sort it out and give back pay. I had filled out all the paperwork and been sent offer and confirmation letters. My manager had asked up the chain and everyone said everything was sorted... until the next pay day came and I still didn't get paid.

HR had totally screwed up and not entered me into their system. According to them, I was not legally an employee. They were quite panicked about it too as I was the only person at the time who could perform the role and they did not want to admit to the government they had been allowing someone who was technically not their employee to access government systems.

They eventually gave me back pay and a reasonable-ish bonus, but the damage had been done. I had become convinced that the contracting company was incompetent and had other issues with the position. I found another job somewhere else. A shame, too, as I thoroughly enjoyed the work and the folks I supported.

Sounds like the due dilligence failure was before the aquisition.

The way I read that was they realized prior to the acquisition that they would have to cut off the service from existing customers if they went ahead with things. They knew what they were doing well in advance and could have planned for it. They then "made the difficult decision to wind things down right away” which included giving zero shits about the people with whom there were preexisting contracts and obligations and otherwise acting like complete jerks.

To summarize: the plan was to buy the property, throw out everyone else and then let the lawyers sort out the mess. Actually, it doesn't sound such a difficult decision when you put it like that.

You had just one job!

The safety driver's job is... well, the clue is in the title isn't it?

To which I reply "autopilot".

All joking aside, simply based on what I have seen and read concerning this very tragic case I think charges should be brought. I am also interested in some of the back-story. Did Uber review tapes after each run and did this or any other driver behave in a similar manner? Uber has a long history of shirking their legal and social obligations, so it seems reasonable to look into their role in this rather than accept their shifting all blame onto the so-called safety driver alone.

Re: obligitory

And on the top rungs of the corporate ladder we find Type A and Type B Users* who have the very best kit but require someone else to operate it for them.

* A/B-Users

Re: Wha' ha' happened was...

Surely the scale of the issue (27 data centres) would be beyond what a single ePO instance...

Just taking a guess that it was a single ePO server that had the issue from this statement:

"...engineers with Compute Infrastructure identified a database issue that necessitated the restoration of a key update repository for McAfee Antivirus services from backup."

I was basing it on the idea that IBM has set things up to use a single ePO server as their main repository. It is possible to do this and has some benefits in terms of restricting outside access and allowing custom modules to be rolled out, but it also creates a single point of failure.

Re: Not quite a master hacker, but still needs a harsh-ish term

All those IOT devices are right out...

Soooo... silver lining?

What's in a name?

When I hear the term "activist investor" I expect there to be some social issue at play. Turns out it includes these locusts, too. Who knew?

Re: AT&T has no reason to believe......

"AT&T has no reason to believe that there are other instances of unauthorized access to AT&T customer location data"

Oh really?...

They are misleading by way of being technically accurate. It is no longer a belief if it is a confirmed fact and it is not possible to have "unauthorized" anything if you are complicit in everything.

Re: Inquiring minds wish to know....

Will the designs for such user interfaces be known as Knobby Styles?

More apt to be Knobby McKnobface even if it makes no sense at all... because kids these days!

Smart watches are a pretty neat idea ..

Pathetic earthlings... who can save you now?

- M.T. Merciless

Re: obvious solution ...

Qubes is a single user system, by design, even if it hosts multi-user VMs. What you propose would better be addressed with a VDI and/or app container setup such as Docker.

For the issue of internet accessibility versus security, the issue is the same as ANY OTHER NETWORK. It requires planning, knowledge and consistent implementation. My experience with medical facilities is that they focus only on the physical aspects of patient care and are often underfunded for that. Tell them their systems may need to be down for patching and they start playing the "it's a matter of life or death" card and straight up ignoring the very real risks they are accepting by kicking the information security can down the proverbial road. It's not that they don't understand IT or have expertise in IT, it's that they don't want to know or to deal with it because it is outside their wheelhouse.

For background, I have worked with several military medical commands. I also have had to spend more time in hospitals than I want, but nurses love to talk shop. From a security perspective, hospitals rate below public schools in my book, both physical and information.

Re: Why would they?

Why would any country not the USA care about American jobs...? You only look after another country if it serves yourself.

Have an upvote for fine rhetorical form. I suppose the rub is in getting countries to agree on what actually serve their own interests, especially from one regime to another. We go through an adjustment every four years in the US while other countries do so on a different schedule and under differing circumstances. Too, it's not like any country is particularly consistent as there are so many competing internal and external interests.

Re: SCADA systems running windows

Not ideal, but at least they have the right attitude to the security of such "IoT" devices - known security holes and no patches = no network for you!

Not a bad attitude, but perhaps a better one might be more simply "IoT device = no network for you!" based on the idea that "IoT device = known security hole".

I have been through the drill with the 3rd party SCADA vendor being given unauthorized access (by my then-boss) and their using our site as a way to "patch" systems across our network. Patches caused problems I had to fix. I managed to demonstrate what had happened and there were repercussions for the vendor (but not to my boss), but these machines should have been blocked from external access by default. There was no need for them to allow access from across the network and yet there was no hardening done at that level or any level that I could discern.

It would have made so much sense to keep the SCADA machines on a dedicated network and require a physical step to be taken for any other access. That was my recommendation, but even running a few more cables to existing network kit was considered too expensive much less purchasing a few additional switches.

Re: Speaking of "matey" error messages

bipolar user, maybe

Dissociative identity disorder, you mean. People with this rare condition are often victims of severe abuse such as being made to use Office 365. To avoid the effects, it is best to prophylactically administer 800mg of fugidol. If that does not work, repeat dosage until desired state is obtained. See icon for generic version of fugidol.

Re: Being sensible

Because in Switzerland it's a direct democracy?

So mob rule, but being Swiss, it is a very sensible mob.

Re: Man-in-the-middle

...right down the rabbit hole you go again...

I schedule time to do this about once a week. It's a good way to at least pretend to stay up to a certain level of education. It's also handy on trivia nights.

Icon, because I feel just like that some... er... most days.

Kobayashi Maru Much?

Shatner's business acumen would appear to be about on par with his acting and authoring abilities.

He's getting paid to promote this, so whether the company succeeds or fails, he is already ahead. If he cut a similar deal to what he did with Priceline.com, where he cleared a reported US$600 million, I would say that he is a far better business person than you give him credit for.

Mine is the one with a flask of Romulan ale in the pocket.

Re: "maintain paper trails to help track ballots and guard against tampering"

I don't see that being doable with paper ballets.

The US has had absentee (mail-in) ballots for years. It has proven to be more reliable than electronic voting has. In fact, many precincts are pushing people to avail themselves of early voting which may make use of the same (early voting may be done in person or via mail). I am not saying electronic voting cannot be made to work, but we do have plenty of data for the alternative.

...only two pictures was of myself - and the rest

None of myself. Several of a young, good looking Australian actor. I like this arrangement!

Re: Undecimate?

Lots of people misusing a word doesn't make the misuse correct.

Actually, this is one of the many ways that languages change. The lexicologists that I have worked with (n=2) say that their field has become more descriptive and less prescriptive over time.

...if they want to use the image or video for public display, then your consent must sought.

No, there is no expectation of privacy while in public and that includes images taken in public being published. It is polite to ask, but it is not a legal requirement, at least not in the US in general terms. There are specific guidelines that vary between jurisdictions and there is some subject matter that has additional restrictions placed on it, but in general there is no consent requirement.

To a productive member of society:

I'm 73 and receive a government pension...

Have an upvote and a virtual beverage!

Re: I think I'll have some veil

Can't... resist....

What are you going to do with the rest of the bride?

Dessert.

Re: Flawed Patch

If the version cannot be determined from the scan performed, it is most likely down to he owners having taken measures to prevent access and reasonably can be used as a proxy for security as a whole. Those showing as current can be assumed to be so. Those that show as otherwise, even if the measurement is indirect, can be assumed to have some flaws based on poor housekeeping if nothing else. Those machines will serve as a good starting point for attacks based on flaws that have been known for months. I would stand by those results, too.

Perhaps a better way for Drupal to protect their reputation is to send messages to their customers letting them know the results of scans of their web sites and otherwise raise awareness of the need to patch rather than trying to deflect blame. Are they doing that? Probably not.

Re: The question begged is...

...doing it that often in exactly the same place pushes the credibility of that justification out of the window.

But not down the drain?

Re: Why would you even let Russia host the world cup ?

More importantly, why the f*#k should we care about a couple of dozen people kicking a ball around a field?

I feel pretty much the same about organized sport. Then again, it sure beats a shooting war.

Re: Pour chap

Perhaps he asked instead for someone to pour him a few down at the pub.

Re: Not a good start

The “Neural Joking Machine” (NJM) was created by computer scientists from Tokyo Denki University and the National Institute of Advanced Industrial Science and Technology to see if humor could be automatically generated and studied academically.

If this doesn't sound like the setup to a really lame joke, I don't know what it is. Word of advice to the researchers, if you have to explain the joke, it's not funny. If you have to explain how to tell the joke, too, it was never going to be funny.