* Posts by Ken Hagan

5304 posts • joined 14 Jun 2007

Uni student cuffed for 'hacking professor's PC to change his grades'

Ken Hagan
Gold badge

Re: If he was as smart as he thought he was

The article covered that. He already had a B so he probably didn't need to alter it. The other students did, though. I wonder if hormones were at work here. At 19, you can be as smart as you like and still be felled by hormones.

1
0

Malware figures out it's running on VMs and refuses to execute

Ken Hagan
Gold badge

Re: Hide, hide, hide ...

"What is this 'registry' of which you speak ?"

It's a copy of the /etc filesystem, but with all the files pre-parsed so that every program under the sun *doesn't* have to contain full text parsing logic just to configure a few items.

3
0

Lethal 4-hour-erection-causing spiders spill out of bunch of ASDA bananas

Ken Hagan
Gold badge

Re: insect pedantry

Sound advice for anyone who is annoyed by such pedantry is just to use the word "arthropod" instead. (Crustaceans aren't insects either and there are plenty of those that I wouldn't want to find in my nosh either.) In extremis, try "invertebrate". That will annoy a few purists but it will include slugs, which are yet another thing that I don't want in my lunch.

4
0

Brits: Can banks do biometric security? We'd trust them before the government

Ken Hagan
Gold badge

Re: “Unlike passwords, physical biometrics can’t be changed"

I thought one of the problems with fingerprints was that they *can* be changed, all too easily, to the detriment of anyone using a (crap) system that assumes they can't.

0
0

Remote hacker nabs Win10 logins in 'won't-fix' Safe Mode* attack

Ken Hagan
Gold badge

Re: Encrypted HD, right?

On a sane system, the files needed to boot up the system and the files containing personal information would be kept separate, allowing you to encrypt the volume containing the latter without having to encrypt the volume containing the former.

2
0

ICANN latest: Will the internet be owned by Ted Cruz or Vladimir Putin in October?

Ken Hagan
Gold badge

Re: Just a "clerical function"

Nobody else wants just a clerical function. However, there are plenty of people (and ICANN are a good example) who would be happy to do the job if they were allowed to add money-making or power-weilding extras.

It is because we want it to remain a clerical function that we should keep it away from the private sector (who want to make money) or certain governments (who want to weild power). The USG is hardly perfect, but it can usually be relied upon to do bugger all when bugger all is exactly what is required.

5
0

Microsoft Desktop Bridge opens, Win32 apps can now cross into Windows Store

Ken Hagan
Gold badge

Re: store as a familiar and 'safer' way to install?

"When Ubuntu started supporting USB3, the drivers weren't back-ported to the LTS releases, and neither was the Unity interface crap, so why should Microsoft do things any differently?"

Because Ubuntu will product a new LTS release within a year or two and won't charge you for it when it arrives. Unless you are bursting for USB3 support (and LTS fans probably aren't) you can just wait. Even if you are bursting, it is possible to upgrade your kernel to one that does USB3 without dragging the applications up to the bleeding edge. (Imagine that, Microsoft, upgrading to the Win10 kernel but keeping the user-space portion unchanged from the one you trust rather than being forced to hoover up a truck-load of fresh bugs. What silly ideas these penguinistas have!)

6
1
Ken Hagan
Gold badge

Re: store as a familiar and 'safer' way to install?

The sorts of apps that are listed on "some software listing site" are generally (exclusively?) freebies. (That's "free, whether the original author had that in mind or not".) Such things *might* have a champion who is willing to repackage them for the Store and sign for them (I presume everything in the Store has to be signed) but since there is no money involved I would doubt it.

On the other hand, MS are now offering a way to foist malware (if you can get it past the censors) onto the entire Desktop-Windows-using community via a "trusted" platform. The cost to the developer of meeting Store requirements is probably much less than a really nice piece of malware might make in return, so the incentive is there.

Obviously, the harder MS make it to push malware into the Store, the more likely that they make it harder for small ISVs to get their stuff on, too. Those champions I mentioned in my first paragraph may have their work cut out even if they exist.

2
1

Map to the stars: Gaia's first data dump a piece of 3D Milky Way puzzle

Ken Hagan
Gold badge

Bit of a long-lens-paparazzo then...

"With 106 CCDs and almost a billion pixels, Gaia has a high enough resolution to measure the diameter of a human hair at a distance of 1,000 kilometres."

Now that's what I *call* an invasion of privacy!

9
0

Delete Google Maps? Go ahead, says Google, we'll still track you

Ken Hagan
Gold badge

Re: Creepy

In urban areas, a post-code might well identify a group of addresses that mostly within 30 yards or so of each other. Combine that with your entirely human tendency to remember the occasions when it was (by chance) scarily accurate and I don't think you have anything to worry about.

Of course, if this is happening to you and you live in sparsely populated country, you may have a point.

0
0
Ken Hagan
Gold badge

Re: "We've reached out to Google to ask "

"We've asked Google..."

0
0
Ken Hagan
Gold badge

Re: Not just google

"I can't see how this could work securely unless the banking app could access my contacts."

In Android, it is possible to ask permission on a case-by-case basis, so the app could be blocked by default and ask for permission only when you actually try to use the service that requires the information.

That would, of course, encourage customers to think about security. Perhaps some banks reckon it is more profitable to scare away the security-conscious customers in favour of those who just do as they are told.

0
0
Ken Hagan
Gold badge

Re: broken sarcasm meter

Also, even if there *were* reasons why your bank might be interested in your contacts, it is a clear violation of the principle of least privilege for the banking *app* to be interested.

So, with the banking app having clearly indicated that it was, at best, badly implemented and, at worst, downright malicious, the banking app gets told where to get off.

3
1

End all the 'up to' broadband speed bull. Release proper data – LGA

Ken Hagan
Gold badge

Re: Er... ? Comparing different providers to the same property?!

True about shite lines, but a sufficiently shite ISP can make even a good line perform badly.

3
0

Microsoft's Service Fabric for Linux hits public preview

Ken Hagan
Gold badge

My reading is that there's a new VB runtime in town (or its moral equivalent). This one has been "ported" to Linux, where ported means "completely incompatible implementation of the same original idea".

10
6

VW Dieselgate engineer sings like a canary: Entire design team was in on it – not just a few bad apples, allegedly

Ken Hagan
Gold badge

Re: It seem to me

It tells *me* that anyone else selling diesels in the US should be investigated. If the test is so hard that VW thought it was worth the risk of cheating (the company may go under now) then the chances are no-one else can build one either.

8
0

Hololens for biz shocker: Surprisingly, it doesn't totally suck

Ken Hagan
Gold badge

I think Pokemon Go demonstrates that GPS and mapping are now (almost?) at the point where the real world can be used as a stage. I also know that you're not alone in being uncomfortable with "eyes moving but balance organs static" and AR games are presumably mostly immune to that problem. What I can't imagine is *quite how awesome* it would have been if all those games we played at primary school had been enhanced with a head-up display.

I assume that various groups are already working on these, so the parents of the next generation will spend as much time trying to get the kids to come in as the previous generation spent trying to get them to go out.

1
0

Microsoft thinks time crystals may be viable after all

Ken Hagan
Gold badge

Re: Buh?

I think the gist of it is that someone with a Nobel to their name (and who therefore presumably knows how thin the ice is this far out) reckons they have identifed a system which *in its lowest energy state* is in some sense "in motion". This is apparently a novelty. Furthermore, a group financed by Microsoft is now going to try and create that system to see if the wacky idea is true.

8
0

Self-stocking internet fridge faces a delivery come down

Ken Hagan
Gold badge

Re: kick from a cow

That's sounds more like they don't want to be not milked. At the very least, it raises philosophical questions about whether they want to want to be milked.

2
0
Ken Hagan
Gold badge

Re: Superb!

I assume you have the old-fashioned type of soup bowls -- that is, the concave ones. Modern ones are designed to be more dishwasher-friendly. :(

4
0

You should install smart meters even if they're dumb, says flack

Ken Hagan
Gold badge
Pint

Re: Omnishambles

My wifi router has a power supply brick rated at 12V and 1A. I presume the unit itself doesn't actually draw that much power. That's about 1kWh (about 10p?) every three days or so. If you've really optimised your home energy use so that this is a meaningful saving, then I'm impressed. Treat yourself to a pint to celebrate, every few months or so.

2
0

Petulant Facebook claims it can't tell the difference between child abuse and war photography

Ken Hagan
Gold badge

Just a thought...

...but if Facebook are editing people's facebook pages then in my book they have no right to hide behind "common carrier" protections when something appears on their site that is legally suspect. I hope they are comfortable with the consequences of that.

46
1

WhatsApp, Apple and a hidden source code F-bomb: THE TRUTH

Ken Hagan
Gold badge

Re: Shoddy code reviews...

They did, but it was a case-sensitive search.

3
0

Adobe reverses decision to kill NPAPI Flash plugin for Linux

Ken Hagan
Gold badge

Re: Does this mean...

If so then I'm not bothered. Most Android devices will never get the update.

(If only they were attached to some sort of global wireless network so that updates could be sent to them automatically, as and when they were produced ...)

0
0
Ken Hagan
Gold badge
Black Helicopters

But ... why?

Have the BBC decided that HTML5 is too difficult and so they've decided to bung some cash at Adobe instead?

7
0

Spoof an Ethernet adapter on USB, and you can sniff credentials from locked laptops

Ken Hagan
Gold badge

Re: Just another NTLM hack

If it is an NTLM hack then Microsoft fixed it years ago. NTLM isn't enabled by default anymore and corporate users should have disabled it back in 2000 or so when NTLMv2 turned up.

Funny how Linux supporting (optionally) ancient hardware and protocols is a sign of how great FOSS is, whereas Windows doing the same is a sign of why closed source is evil.

2
1
Ken Hagan
Gold badge

Re: Oh look, there's a dongle in one of the USB ports of my laptop

"outside the IT security box"

I agree, but is this really, still, considered outside the box? I thought this was common knowledge before I was born? Almost everyone inside an organisation is paid less than the value of the information that they have access to and in most cases there are enough of them with access that you'd never be able to prove it in court unless you caught them red-handed.

1
0
Ken Hagan
Gold badge

Re: 13 seconds?

@Nick: The ID is, as you suspect, mandatory for some device classes and not for others. Windows implements both per-port and per-ID recognition of devices, falling back on the former only if the device turns out to have no ID.

A question for the hardware people out there: What's the cost of ensuring that your mass-produced devices all have unique IDs (or even "statistically very likely to be unique" ones)?

1
0
Ken Hagan
Gold badge

Re: Drivers?

I don't think the logged-in user (presumably you mean one of the possibly several users logged in at the console) is the one running any of the code involved, so I don't think their rights would ever be relevant.

I would hope, however, that blocking unknown USB devices (if practised) would be effective.

3
0

Life imitates satire: Facebook touts zlib killer just like Silicon Valley's Pied Piper

Ken Hagan
Gold badge

zstandard sounds like two ideas in one package, where one of the ideas (a branchless and multi-core implementation of deflate) would have been useful but has been hijacked by a non-standard algorithm.

2
0

EU 'net neutrality' may stop ISPs from blocking child abuse material

Ken Hagan
Gold badge

"Why has Hanff changed his tune from 2008 after the Phorm trials when he was busy proclaiming that consent from both sender and recipient was needed to make any interception legal?"

Perhaps because blocking is different from snooping. In the latter case, either sender or recipient may be unaware that there is anything going on.

0
0
Ken Hagan
Gold badge

Re: 'That, however, may be a matter for the courts to decide.'

Er, no. *You* get real. Try and imagine that you are one of the several-nines-percent of the population who can't implement blocking by firing up emacs and hacking a few scripts on their router.

Just because something is arguably legal in some ountry or other does not mean that I don't want to block it, the bottleneck between my ISP and my CP equipment is the logical place to do the blocking, and the professional IT staff at my ISP are the logical people to give the job to.

0
1
Ken Hagan
Gold badge

Re: Carp

The IWF watchlist might be covered by (a) but there's lots of perfectly legal 18+ material that non-techy parents might prefer to be filtered out by someone with a clue. Likewise, ad-blocking might be covered by (b) but any ISP offering the option would have to argue that out in court against people with very deep pockets.

Someone further up had the idea of offering better routers to consumers and then claiming that the filtering was being done at the consumer premises. Yes, but that still places the burden on the end-user to maintain the filtering ruleset because the ISP can't make it a point-and-click option without getting sued for offering filtering as a service.

It would be much easier to have an option (d) allowing ISPs to offer filtering packages to customers.

1
0
Ken Hagan
Gold badge

"What if my ISP / Mobile provider offers an optional service (and by default switched off), say at £0.01 cost, to do my blocking for me?"

My reading of the article is that they've thought of that and ruled it out. They seem quite careful to emphasise that the consumer can do it even if the ISP can't, and then they list three exceptions to the rule that ISPs can't, none of which are the option you describe.

So I think the article (and Mr Hanff) have it right and the rules really, really need a paragraph (d) saying it is OK if the customer specifically requests it.

And like many other commentards, I reckon I probably *could* implement it myself if I had the time and energy, but I'd rather pay someone else to think it all out and maintain it and then flick the switch for my line. (Your mileage may vary. It depends on your ISP.)

0
0

Pump-priming the new ampere: NIST works to count electrons in silicon

Ken Hagan
Gold badge

Re: Bah!

What furor? I don't see anyone who is actually involved in propogating high-precision measuring equipment who is arguing against the desirability of this. Sure, if you buy a ruler at the newsagent then it probably wasn't calibrated by counting wavelengths of anything, but it was almost certainly calibrated against something that was itself calibrated against ... [repeat no more than a few times] ... exactly that.

And those clever engineers building moon rockets would almost certainly have wanted a fairly precise ruler to build the parts for their air-tight capsules, or those engines that burn 5 tons of kerosine per second and only stay solid because they have five tons of coolant (kerosine, as it happens, because they had some handy) flowing past on a one-way trip.

1
0

Intel's makeshift Kaby Lake Cores hope to lure punters from tired PCs

Ken Hagan
Gold badge

Re: Speeding up web browsing by a fifth

You forgot about the DRM. If the web server at the other end of the wet string and your own PC have to apply and then remove a load of DRM, then CPU may still be the bottleneck at one or other end.

1
2

Big data busts crypto: 'Sweet32' captures collisions in old ciphers

Ken Hagan
Gold badge

How does it scale?

The half-terabyte of raw data looks like a very unlikely pre-requisite. The average punter would have to max out their allowance for several months to exchange that much. Is the attack still feasible for (say) 100 times less raw data, which would seem to me to be a more reasonable amount to pull over in a single session. (Even that, of course, is 100 times more data than might appear in a truly interesting SSL session, such as a visit to a bank.)

Or am I thinking of the wrong target here?

1
0

Chinese CA hands guy base certificates for GitHub, Florida uni

Ken Hagan
Gold badge

Going further, we have a collection of "Trusted Roots" but do we also need a collection of "Dis-trusted Roots"? Simply removing a CA from the former list means that its certificates will show up as someone the browser hasn't heard of, but that's nothing like as alarming as "I've heard of them and they are rubbish.".

If memory serves, Windows has a "Revoked" list for actual certificates, but no equivalent list for authorities. (Happy to be told I'm wrong on this count.)

7
0
Ken Hagan
Gold badge

"Am I the only person..."

I doubt it. I don't, but reading this article makes me wonder if I should delete *all* the trusted roots (because that's an easy policy to follow) and then treat every site as an exception. Has anyone out there tried this? Is it practical (especially with more and more sites switching to https by default)? Is there an option in the browser to "dis-trust everyone" (so that I don't have to keep emptying my trusted roots)?

5
0

Uber lost $7m a DAY in the first half of this year

Ken Hagan
Gold badge

Re: Make it up in volume!

Volume doesn't help if the multiplier is negative. Brand recognition doesn't help if people buy a hoover made by Electrolux or don't even know that there was ever a pen company called Biro.

5
0
Ken Hagan
Gold badge

Re: Eeeeek

As the article points out, this isn't even a proper company. It's a website, plus a few lawyers, connecting people who want to go somewhere with people who want to take them. (Funnily enough, that's also a pretty good description of lastminute.com just before the bubble burst.) You could *certainly* run a web-site that lost less per day than that.

6
0

Excel hell messes up ~20 per cent of genetic science papers

Ken Hagan
Gold badge

Re: Killing spreadsheets for fun and profit

You appear to be assuming that everyone using Excel is using it as a database. Actually, some of us use it as a spreadsheet and it works fine.

But the auto-formatting, auto-correct, auto-as-you-type... Yeah, they all need to die. They also need to die in word-processors. (End-users should learn how to spell and computers should stop trying to enforce one rather ignorant person's grammatical and stylistic prejudices.) Actually, the only instance I can think of where I am occasionally grateful and never actively narked by a computer trying to change what I type is Google's search engine.

3
0
Ken Hagan
Gold badge

"The paper's silent on why genetic scientists, who The Register will assume are not short of intelligence, have been making Excel errors for years."

Since they only studied published papers and (by the sound of it) did not also study the papers as-submitted to publishers or at any even earlier stage of drafting, I'd say they haven't a clue when the errors are creeping in or which piece of software is responsible. Excel isn't the only piece of software that "helpfully" changes what you type and the original authors aren't the only people involved in the publication process. (I presume that authors are offered the final version to proof-read, but as long as it is largely correct I expect they just skim it. They're busy people, you know.)

3
0

Kindle Paperwhites turn Windows 10 PCs into paperweights: Plugging one in 'triggers a BSOD'

Ken Hagan
Gold badge

Re: Shrug

"Maybe it's a confuence of various bits of other software causing the issue?"

A lot of USB3 chipsets (or their driver stacks) are still fairly crap in my experience, and by "fairly crap" I mean that the USB 1 and 2 functionality is broken, leading to random disconnects or other trouble.

4
0
Ken Hagan
Gold badge

Re: Who's driving?

The kindle does not have a proprietary driver. It is possible that Windows includes a kindle-friendly driver in the basic OS, but I think it is far more likely that this is the bog-standard driver for a USB-storage-class device. The BSOD may also be triggered by other (less common) storage devices, or it may be triggered by something in the USB device descriptors issued by a kindle paperwhite. The latter is more likely, but it is still embarrassingly poor programming from MS if Win10 can be made to BSOD based on data it receives from an external device. (It is a major security problem if someone who doesn't even have an account on the machine can DoS the box given a few seconds of physical access.)

7
0
Ken Hagan
Gold badge

Re: Printer drivers. why

As far as I'm aware, such standards already exist (defined by the USB consortium) and are implemented in Windows. Despite this, printer and scanner manufacturers apparently believe that having their own driver stack is a good thing.

Perhaps this is because it lets them push crapware (for which, presumably, they get paid) alongside the driver installer. Or perhaps it is because Microsoft's implementation is so bad that no vendor wants to associate their kit with the bugs. (This was certainly the case for USB comms devices until at least Win8. *Everyone* wrote their own driver on Windows but just used the standard one on Linux.)

15
0
Ken Hagan
Gold badge

Re: is there a comprehensive list of cockups?

"Oh, I didn't know you all support your customers indefinitely for free."

Smart businesses do. It is well known that finding new customers is harder than keeping existing ones. It is also well known that a sufficiently bad experience will mean that customers black-list you and for a number of years afterwards will buy from anyone-but-you. Bluntly, there's no point in producing new products if the support experience of the older ones is bad.

Support isn't *that* expensive if you have half a brain. Most genuine problems only need to be fixed once, properly, and most non-problems don't cost you anything but time. After 5-10 years, depending on the product, they may well be open to the suggestion that the best "fix" is to replace their gizmo with one of your more recent offerings.

In that last respect, Microsoft's repeated failure to convert XP and 7 users to more recent versions of Windows stands out as an oddity. Even without seeing the later versions, you can tell that they must really suck, based on the low conversion rates. It is astonishing that a company as large as MS has not shed more blood internally because of this demonstrable under-performance.

34
0

'Second Earth' exoplanet found right under our noses – just four light years away

Ken Hagan
Gold badge

Re: I wish they would can "Operation Starshot"

"And the sensors are too small to return any meaningful data."

Correction: the craft are too small to return any data whatsoever.

The inverse square law applies. 4 light-years is about 250,000 AU which means it is about 2000 times further away than Voyager 2 right now. The latter is a much larger craft than this "postage stamp with a sail" and can only deliver 160 bits per second where it is now. Reduce that bit-rate by 4 million. (1200 bits per year = 150 bytes per year.) Then try to deliver a 20-kilobyte JPEG of Proxima Centauri. Plan to wait about 150 years for the results. Then remember that you've forgotten to reduce it still further to account for the lower transmission power of a postage stamp. I'm not sure what an appropriate guess would be here, so you can make up your own and multiply the 150 years by whatever number you think of. Finally, realise that after 150 years of travelling at 20% of light-speed (because you've no brakes) the inverse square law *still* applies and you are wasting your time.

Edit: No, *finally* stop and wonder what the fuckity-fuck Stephen Hawking is doing lending his reputation to something so innumerate.

3
2

Facebook, Twitter and Google are to blame for terrorism, say MPs

Ken Hagan
Gold badge

"slick and effective propaganda machine being run by Daesh"

I must have missed that. The only propoganda I've seen has been along the lines of "Join us and you get to rape and murder innocent foreigners (fellow Muslims mainly, but don't worry, they aren't *proper* ones) for a year or so before being bludgeoned yourself by the armed forces of the countries you've chosen to attack.".

The evidence is that this appeals to at most a few hundred disaffected teenagers out of a population of millions, who are resistant to the counter-propoganda not only of their own age group but also their parents and wider family. So yeah, they're really going to sit up and take notice if The Government starts telling them what to do.

So did the whole select committe sign up to this verdict, or are some of them *not* utter cretins?

17
1

Windows Update borks PowerShell – Microsoft won't fix it for a week

Ken Hagan
Gold badge

But, but...

They *can't* fix it because some people might write scripts this week that depend on the broken behaviour.

20
0

Forums