386 posts • joined 19 Jul 2011
Re: At first they came for the Paedophiles
Could be. The point is still valid.
Re: The problem is...
I appreciate your sentiments but...
If you were running that infrastructure, why would you allow access to those routers and embedded systems in the first place? Using things like management VLANs, VPN, SSH and doubtlessly more modern stuff I haven't kept up with?
Ok, critical web server with CGI+bash vulnerability I can understand...
D'accord. C'est enervant.
Re: Vyatta and open source
Don't know. Jumped ship for my home setup to another platform...
But yes, the web page/commit log etc does look nice...
Vyatta and open source
"Where the value comes from is to have the community develop the project – that's what leads what to community, collaboration and innovation"
Given the way Vyatta/Brocade killed any community involvement, basically yanked open source Vyatta, didn't accept patches etc, I'm choosing to insert hearty sarcastic laughter rather than the alternative wailing and gnashing of teeth.
Pull the other one, it's got bells on.
Yes, they often do. Once again security researchers shout very loudly "biggest hole since whenever"... while reality is a bit more nuanced.
Seems to me that crying wolf all the time is hardly a worthwile strategy to pursue (but of course it is commercially almost imperative given the competition between various security outfits).
Given all that there are probably still routers etc that do run bash... but definitely not all of them.
Re: Wow, just wow
Well, talking about the network management layer separation: there is a reason for defense in depth. Of course it doesn't eliminate the problem, but mitigates it.
Agreed with the remarks re the web server privileges...
Tens of millions of users
Used by tens of millions of users? Really? Or do you mean tens of millions of victims - which sounds also quite large but who knows!?!?
MS changing your server behinder your back?
"How exactly do you envisage MS changing the behaviour on your server if you don't install the update?"
Easy. They'll use the NSA/FSB/Chinese State Security backdoor of course...
Re: Once upon a time
And the stiffy is apparently still up (oops) and about: I gather it now denotes a USB stick... which probably leads to a lot of possible innuendo I'm not capable of due to caffeine deprivation...
Re: VMS had this in the early 80s
Sensible folks, the Danes.
Sorry Mark, you lost me last week when you started going on about what music to play with a certain novel.
Those problems are insignificant and childish compared to my problem: do I get my posse of nubile, scantily clad, beautiful girls of the female persuasion to pop green or red grapes into my mouth?
I'll skim the article hoping you do address this searing problem... but I'm not hopeful.
Re: Romans: people who knew what's what
Hah - what have the romans ever done for us
@Hans 1: Re: salaried employees
I'm afraid it's not only your Spanish that isn't good.
All well and good that you prefer to use the best tool for the job but if you cannot convince your boss of the need perhaps it's a good idea to
1. go looking for a less toxic environment to work in or
2. see if your own communication skills are lacking
yet another random internet user with an opinion
Re: salaried employees
Yes, but the article is not about paid engineers using the tools but unpaid volunteers that provide (apparently the bulk of the) encyclopaedia content.
Re: I don't understand
Perhaps ask those guys in Munich about advice for moving to a different OS ;)
Re: Just contingency planning @Steve Channell
"Satisfying auditors... primitive technology...what they understand"
ROFLMAO. I'd guess about 90% wouldn't understand even a command prompt if you threw it at them. The rest will grasp that cloud is just a different name for a familiar concept.
Perhaps you mean that Business Critical is essential for the business and MS cannot afford to screw up for their OWN sakes (not regulators, auditors etc)... in which case Mark does have a point.
Change emergency number...
I knew what that link was going to be before I clicked on it.... What does that make me, I wonder...
Collision avoidance system
The suggestion in the article that pilots may ignore the collision avoidance system blaring sounds like a potentially suicidal thing to do and I really have doubts that is the case.
Why not execute (say - I don't know the exact procedures) a diving turn to the right just to be sure?
Apart from that: nice to hear something fairly optimistic coming out of Defcon...
Wasn't interested enough to read the article (new development in world+government=red tape (always)) but wanted to congratulate the author/editor on the wonderful headline.
Yes, but paying tax is not the same as being independent - your parent company may own you and you poor Irish subsidiary may be making massive *cough* profits due to trading with said parent company and then proceed to say pay a lower tax rate than the parent company would.
But your US parent company still owns you=>has control. (Though I agree popcorn may be in short supply if Irish judges/privacy commissioners get involved for the opposite view)
"Mopping up after an incident isn't as simple as it used to be," ...bla... "You can't just stick a patch on and call it done."
Well, it depends on the issue and the patch, doesn't it? A current patch for a buffer overflow would be very simple to apply and forget, as usual. Otherwise I'd like that guy to tell me what exactly changed in the environment that would cause his comment to be true...
Does this guy happen to sell custom vulnerability mitigation stuff/consultancy services or something?
@Lost all faith: notifying vendors
Indeed. Or should that part read as:
"The largest vendors weren't notified as we couldn't be bothered making the effort and had to get the PDF out of the door with the minimum amount of costs and time in order to get the most bang for our PR buck"
Even as we speak, people are prepared to "push guidance". For the initiated, that means "we'll delay actually requiring anything until the cows come home. If we need to invent far-sought exceptions for every case, so be it."
Re: Edit the sentence:
Nah. The government share the financial burder with you, the tax payer, and collaborate with their masters to share even more in future. Looks accurate to me ;)
That reminds me, you really need to change the cover sheet of that TPS report!
If you could do that for me, that would be just fine..
Staying away from libressl for years... ok, so you'd suggest relying on OpenSSL's bloated unmaintainable code base (by their own admission). Looks like a dilemma...
Re: Ah, the Cloud..
Yes - previously these guys may have downloaded the stuff from... say, a web server but now The Cloud is there it is all so much more mysterious and exciting! Thank goodness.
Re: Poll? What poll?
Blocking cookies? Terrorist! What do you have to hide?
Re: Re evil plan
It's a good plan, no a Good Plan. Good, I tell you!
You mean that Tesla (not the guy in question) want to build faster stations? I read that in the article...
Re: Good luck with that F35
Don't fear, our country is right behind the US and will support funding this brick in the sky to the fiscal death if need be...
Re: Corporations (like Google) need to step up.
@boltar "I do hope you're not suggesting"... well I don't see him suggesting that, do you? Don't let that stop your rant though... very enjoyable ;)
Same old same old
Mmm, boring as watching paint dry. Probably not for the Microsofties/clients etc but well...
Thanks to the Reg for being able to write some mildly amusing articles about this undoubtedly incredibly boring marketing speak memo.
Hey, is it Friday already!?!?
Ehrm, maybe I'm dim but if you can access the box via RDP/VNC/PCAnywhere then you should be able to change the p/w as well, right?
(Of course, with a chance of locking yourself out etc etc but still)
Re: Assuage this?
Above rant based on previous version of the article - thanks a lot for the clear and informative update, Reg!
Exactly. I would be very interested in seeing what concerns exactly the author can see addressed by having a US corp have a new data centre in Germany...
Fluffy marketing stuff
Even that bureaucratic moloch, the EU, is waking up to the fact that the US Patriot Act is evil and the so-called Safe Harbor isn't safe at all.
Dropping the phrase "it's not only Snowden" a couple of times does nothing to change that. Likewise however many scenarios they want to paint in their <whatever colour> paper.
Do the cloud guys fund 100% of this "open" alliance BTW?
I'll just take a breather now.
"This is why the UK has resisted having a written Constitution, by the way; obsolescence due to changing circumstances."
I strongly suspect that is not the (only) reason. Other countries with written constitutions even manage to update the things, you know...
(Not that ours is worth the paper it's printed on as citizens can't refer to it when they claim rights violations - instead they have to use e.g. the European Convention on Human Rights)
Re: Just remember...
You shouldn't have mentioned Wernher:
Sorry, couldn't resist...
Re: Well done El Reg
Yes, I'm sure the NSA watch list... and the pool guy are the only two things preventing that ;)
Re: God is great and Frank Herbert is his prophet.
Sorry, you're mixing up colonels here...
@Tim99: Well, yes IF... I agree.
Unfortunately, Access sufferes from the VB disease: too easy for nincompoops to slap something spaghetti-like together which then gives the product a bad name...
Typical management approach. Forbid everything due to security/workplace safety/not invented here/job security for others then turn a blind eye when somebody patches up some code which then gets used 20 years, changed, expanded until it is an even bigger problem than the original ancient program it was designed to work around.
Then start complaining about how proper regulations were not followed and this is the mess that results instead of fixing the original problem.
Re: ban Gummy Bears
I didn't dare click that link feeling it might well be the Haribo gummy bear from hell review. I've seen it once and that was twice too many ;)
Icon for me... or one of those new-fangled ethings... after all I'm in the land of the flat and the home of the shops where they sell more than coffee...
Re: Prior art
Ok, what about 2 net sends? One at either end?
You could even go crazy and use one of them new-fangled GUIs at the admin end so all messages show up in a handy window where you can scroll up and down through the messages. That would be great.
Re: Misunderestimating Pragmatic and Smarter Cold War Warriors etc
In that case, my thought would be: TO͇̹̺ͅƝ̴ȳ̳ TH̘Ë͖́̉ ͠P̯͍̭O̚N̐Y̡ H̸̡̪̯ͨ͊̽̅̾̎Ȩ̬̩̾͛ͪ̈́̀́͘ ̶̧̨̱̹̭̯ͧ̾ͬC̷̙̲̝͖ͭ̏ͥͮ͟Oͮ͏̮̪̝͍M̲̖͊̒ͪͩͬ̚̚͜Ȇ̴̟̟͙̞ͩ͌͝S̨̥̫͎̭ͯ̿̔̀ͅ
@Lost all faith...
Thanks from a fellow Windows+Linux user... I really should be ditching those sandals and the beard now ;)
You mean use Linux as a contraceptive? That might actually work quite well...
- +Comment Anti-Facebook Ello: Here's why we're still in beta. SPAMGASM!
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'
- WHY did Sunday Mirror stoop to slurping selfies for smut sting?
- Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
- George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests