1138 posts • joined 14 Jun 2007
Re: It's Secure*
"the MX record offers STARTTLS,"
Re: @Titus Technophobe
"Another one would be at every intersection recording all cars that went by (maybe stopping them to do so without missing any)."
We have that in the UK already - they are called 'average speed cameras'
I have <anything>@jamie.mydomain.com go to my main mailbox. If anything needs to be blacklisted it can be set to 'no such user' in the sendmail virtaliases file.
A long time ago, I used to use date-expiring email addresses for usenet, of the form YYDDD - even now, I'm still seeing sendmail rejecting spam sent to email addresses last valid in 1997!
If the snooping is any part of the reason.....
.... then uk.gov only has itself to blame.
Like with the NSA, the US and UK governments should be held account for their actions against the people, and of course,the 'bottom line' is the only place they can be touched.
Of course the government loving 'sheeple' like Matt 'the world is full of paedophiles and terrorists' Briant won't agree...
Re: Deal With It!
Re: "it has 15 faces (12 bevels, obverse, reverse, outer edge)"
Who cares how many faces it has? More importantly, how many of these coins does it take to fill Wales/an olympic swimming pool/a pint glass.
"As for the IT guy tracking internet usage, etc. consider that the manager maydelegatedthe task to the IT guy as a security matter."
That's a fair point. I concede it also depends what the job is in the first place.
'anon' neglected to mention he/she works on the counter at McDonalds!
@anon: eeeek! For what it's worth, have a sympathetic upvote.
Re: Blocked URLs
I agree with Tom Walsh. Do IT services monitor how long you aren't at your desk? Does your company monitor all your phone usage too?
Your productivity and internet usage should be the concern of your manager only.
As for the link, when using the mobile, I wish that the actual link was provided, so I could 'click' and the video would then open in a video player, so i can avoid the slow flash crap.
Leave the embedded stuff if you want, but have a href fallback please?
Needs an El Reg comparison unit
We already have the El Reg special size units ™ (6 times the size of Wales etc.)
It's about time we had similar for computer speeds.
What I want to know is 'How many ZX Spectrums is this beast the equivalent of?'
Re: Still is easy to acheive
The dangers of burn-in.... :
Re: Oh come on
Hey, I think it's stupid too, but it doesn't alter the fact that for many, the sky was falling in, and a lot of them read tech sites.
I wouldn't expect it to make BBC News, but the fact many will be in uproar is reason enough to be covered by a daily tech news site
Re: Oh come on
" A 1/2 hour outage for some users isn't a major incident. Mr Hamill is scraping the bottom of the barrel if that's the best he can do."
It is to them , though. That's the point - as typified by the quoted twitter post.
" The default configuration of the tools used to make apps (for both Apple and Android) appear to default to settings that allow access to things on your phone that nobody in their right mind would give permission to."
No they don't - not on Android, at least.
It is true that if an app is built using an old SDK level where a newer permission didn't exist, for compatibility reasons that app will be granted said permission automatically on devices where the permission does exist.
Also, it can be argued that some of the permissions aren't granular enough (For instance, Candy Crush saga requests 'read details of installed apps' so that it can bug you in game to install some of their other games if you haven't already - it would be nice if such a permission could be restricted to apps from the same author, for example)
"Why does any app need permission to dial numbers, scrape or delete contacts, change various parameters etc etc especially stuff like Flappy Birds?"
Generally, excess permissions are a requirement of in-app advert SDK's - I'm sure you can draw your own conclusions on that!
It's also a pain that there is no mechanism for apps to request permissions that are optional, and can be rejected, allowing an app to be run with reduced functionality.
But yeah, many apps do request excessive pernissions - either out of authors ignorance, or more evil reasons!
Re: I remember my email address
email@example.com and firstname.lastname@example.org
, though you beat me by a couple of years!
What was the uucp gateway to Janet? I seem to remember using something like ...genvax!tardis.cs.ed.ac.uk!eimaj
Oh, and the domain wasn't the wrong way around.. NOW it's the wrong way around! !
Re: Protocol breakdown by traffic
But he wasn't shouting.....
Re: www = internet
My mum phoned me recently to say her google wasn't working (meaning the internet, and not specifically google). I can't complain though. It was only a few months ago that I finally got her to use a computer.
I remember back in the days of dial-up, (when I was back living with the folks for a while) my dad would assume all his non-networked programs would run really slowly if I was downloading something on my computer at the same time!
Yeah, we can laugh, but computers and the internet have long been a consumer product - but it still doesn't excuse the newspapers from making the mistake. That's just sloppy journalism.
And as we sleep......
.........government ministers are busy discussing what 'green' tax levy to apply to it!
Does that mean that our governments documents are to be stored on American servers?
Re: I find this hard to believe
You choose to use firefox by choice?
There's an endorsement! :-)
Re: What about a GIF squasher too?
Exactly. I've found that many animated gifs can be reduced in size by 'intergif':
Re: Almost certainly a stupid question...
"Indeed. When will we have nuclear powered aircraft and buses, like in that documentary series I used to watch. What was it called again? Ah yes, Tomorrow's World^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H Thunderbirds."
Well, "Back to the future II" was set in 2015, so I wanna know......
Where's my bloody hoverboard?
Re: Tired of self professed "security experts"
Firstly, hashes are mainly used to secure the integrity of a file, whether encrypted or not (and this is the point of the article - protecting against maliciously altered files)
Secondly, even if you were talking about only protecting against, say, disk corruption, the extra entropy in sha256 can only help..
Ahhh. gotcha! Sorry!
And yeah, your point makes sense. Also, I don't expect fibre to our rural exchange any sooner either!
As for tarsnap, I mainly use it for my remote servers, where it's impractical to pop around with a usb disk :-) although saying that, it's pretty good with dedup, deltas, and compression (much like rsync) but each backup 'appears' to exist as a full backup and can be treated as such (but as it really isn't, you don't pay for all the bandwidth and storage)
Re: Tired of self professed "security experts"
If you are going to go to all that effort, you may as well use something more secure than md5 e.g. sha256 or even sha512!
Online backups can be made write-only. Check out 'tarsnap' - you only need install a 'write key' on the system that is being backed up - it then can't alter any of the data previously written
Re: YouTube is not about free speech and only video sharing site.
No, it's US law that applies to Google.
I haven't seen the video, but it's not relevant! Everything is offensive to someone!
Pakistan (or anyone else) can make Google comply with their laws within Pakistan - if Google have an operating presence there. If Pakistan wants to try and block Google content there, they can do.
What if some country decided all technology news sites were the spawn of Satan and such hedonistic websites should be banned..... Should El Reg, and many many other sites close down because of it?
As for the Reg abuse button, it's to alert the staff to a really abusive or libel etc. comment. They can remove posts at their discretion (their site; their rules) - If a tea totalling vegetarian had reported the recent article on beer and bacon, do you think their report would have been acted upon?
p.s. I didn't downvote you.
Re: YouTube is not about free speech and only video sharing site.
It's called the law.
As the article said, they only took it down because their courts told them to.
Fortunately, we don't (quite) yet live in a world where we have to obey every stupid and backwards law some government comes up with. (We have enough of our own to deal with anyway!)
Oh, and the video didn't kill anyone - that's entirely due to backwards religious nutters.
And as for offensive, there are many things that offend my personal sensibilities, but that doesn't mean they should be banned. (Well, OK, shop 'muzak' should be!)
Re: Implementation of IPv6 is a farce..
The main problem with sixxs is one of the guys in charge is on some sort of ego power trip .
Stick with he.net or hexago if you want a free local broker that isn't in danger of being switched off for no reason by someone who behaves more like a basement geek IRC operator than a professional.
One typical example I just googled: http://www.habets.pp.se/sixxs.net-sucks.php
Re: 7 days ago "timestamp"
Actually, I wasn't wrong after all.
I hope it bricks them too - but not in a 'ner ner -- serves you right' way, but in the hope that these devices will be made with more secure software in the future.
"Credit where it's due: Microsoft is making the effort. It's also forged struck up "a partnership with Laplink to make available a new free tool, allowing individuals to easily copy files and settings from a Windows XP PC to a device running Windows 7 or newer.""
In other words, Microsoft is making the effort to sell more Microsoft products.
How is that creditable?
In fact, if the software was fit for purpose when realeased, people would be able to use it indefinitely - most sensible people don't trade in their old TV just because there in a newer one with better features - as long as the features their current TV has are all they require.
Re: "paedophiles, extremists and terrorists... oh my!"
Graham, spoken like a true extremely perverted terrorist!
I suggest Gitmo for you forthwith!
Re: Where are the American commentards?
" As a citizen of the U.S., I'm appalled that both the U.K. and the U.S. seem to be on the same trajectory"
I agree totally. As this article shows, here in the UK, the main parties are also as bad as each other.
The people (or 'sheeple' to use the paragraphically-challenged-ones silly word) such *as* Matt believe any of the "there's a paedophile/terrorist/welshman' hiding under your bed" stories, and are willing to throw away their freedom, as long as it doesn't affect their ability to vote on programmes such as (ironically) 'Big Brother'.
I'm more surprised that it's happening here, though, as the WWII bombing stuff and the domestic terrorism have been a factor in our history. I guess people forget, and youth grow up without ever knowing or caring.
The main problem that people like Matt don't see is the insidiousness of the whole operation: Laying the legal and technical infrastructure to make mission creep almost inevitable.
As someone has already pointed out, soon, any group planning a peaceful protest will be considered 'terrorists'.
People will be investigated due to jokes or misconstrued comments supposedly made in private - thought-crime will become a real issue, just as the book predicted.
In the past, if the police had wanted to listen in on someones communications, the word 'warrant' was always expected to be part of the picture, but it seems the spies live on a James Bond pedestal....
Where are the American commentards?
I've just had a thought.
No doubt you've seen the reoccurring theme from some American commentators in the NSA threads accusing us Brits of biased American-bashing, even though (as many have pointed out) the complaints have been related to the American situation, simply because the majority of articles are about the NSA.
And then the strange reaction when the Yahoo webcam GCHQ story was released and it was almost like "ner ner, yours are bad too", and we were "errr, yeah, and? it's not a competition. Feel free to rip into them as we will"
Well, here is an article about scummy UK stuff, and every post so far has been critical of both/either parties, but the Americans seem to be strangely quiet.
To be fair, there are some anti-American arsehats on here, but could the more general feeling of anti-American bias simply be because those that feel it simply aren't interested in UK related articles, and therefore don't get to read these types of comments?
I hope not. I was looking forward to opinions from our American friends (as long as they aren't of the 'one-up-manship' type that some think has been our agenda)
Seriously, I think some of the best commentards on El Reg are American, and it's nice to see a group that doesn't fall into the 'we kick yer ass, America #1 fuck yeah!" stereotype.
I'd like to hope both Yanks and Limeys alike can continue to post an opinion here on things that are USA-related, or UK-related, without things turning into an us..vs..them / anti-US/UK accusational (Does that word exist? It should do!)
In fact, El Reg has been one of the few places I've seen on the net where this has been the case. I hope this continues.
Sorry, I've gone off on a big touchie-feelie hippy tangent, ho hum. I blame the meds!
P.s. Of course, the same applies to all other countries too, but problems mainly seem to appear when its UK <-> US
I think that's a very good question. I'd like to know too.
I will add a bit that I do know... Firstly (and I think this is just me being pedantic on your wording), a number would still be needed for routing purposes. But I suspect you mean the number would be tied in with the key.
Secondly, public key encryption, being asymetrical is relatively slow and expensive. The way TLS/SSL work is they initially establish a connection via this public key magic, and then exchange a big private randomly generated key for a non public/private key encryption system, which is then actually used to encrypt the session.
So a standard connection uses 2 encryption systems. The first one which is public/private key based is used to set up the initial channel, and securely pass the session key for the subsequent symetrical encryption system.
I suppose some IP phone protocols use similar, but yeah? Why not generally simply 'SSL for phones' ? My guess is it's the age old chicken or egg problem in getting it rolled out. Does 4G use anything like it?
Re: The long necked chicken
I wish the downvoters had the balls to say why they downvoted you...
Meh. I'd never heard of them before now.
Re: Mark 85
" The only limits are how much they can gather and how much they can automate filtering to ensure the right stuff ends up with the analysts. No-one is watching you or reading your email, it probably gets scraped straight into /dev/null"
So why gather it? They are obviously looking for keywords, so I suppose its fine to you if an email of mine is flagged and read because it says "great time last night. Those guys doing that dare.... true martyrs, I tell you! sorry the movie bombed, but the sex afterwards was great. That thing that you did with your tongue.."
Funny Matty boy, you consider everyone else to be paranoid, but you are the one who thinks there are terrorists around every corner.. It seems you've forgotten the much more legitimate threat that was the IRA...
Taylor, read my post on this subject on the previous page, and please try and understand the difference between being critical of a situation/policy/event, and being anti the people.
To you, a critical comment coming from an American could well be justified. from a non-American, you see it as an anti-American attack.
You may go ahead and post your disgust at this webcam hacking, and rather than crying like babies, I think you'd find most of us Brits agree.
Downvoted not for being American, but for being an insecure paranoid twerp!
Re: To my American friends.....
There have been more stories here on the NSA because most of the leaks have been to do with the NSA directly. I (and I hope the other Brits here) have been critical of their actions as have you guys - but not under an anti-American agenda.
In a strange way, I'm almost pleased this story has come out. - You guys get to call out our spooks and successive governments for a change, and I'm sure most of us Brits would agree.
So, righty-ho good chap! Do carry on, and I'll get the beers in!
Re: Anonymous Cluetard Cue Matt Bryant's forceful explanation on how this is all necessary...
"When he was traced to his hideout in Tikriit he was online using his webcam...."
Just as well he wasn't taking a shower at the time.
I like to take showers, and don't expect GCHQ to use some islamist terrorist as justification to spy on me
Personal DNS server
I can't be the only one out there who runs their own recursive resolvers, surely?
It's one of the most efficient and easiest ways to reduce dependency on a third-party.
Re: Changing passwords
" Most corporate security bods don't though. They do have rules for 90 day changes. They do insist on one capital, one numeric, one special character, but then do nothing to block Password1! and similar rubbish."
I once worked somewhere where that happened - although it was management who came up with the policy.
To appease them, a colleague wrote a program that generated pronounceable passwords that weren't actually words. Management made him rewrite it, saying "you have to have zeros and ones instead of 'o' and 'i'" - showing cluelessness regarding dictionary attacks, and the futility of changing all 'o's and 'i's every time. (Management had obviously heard something relating to dictionary attacks, but only remembered a few 'buzzwords' without actually understanding the situation)
In the end, we had about 100 machines with unmemorable (but only 8 characters long) 'random' passwords. 10 passwords were changed daily, meaning each password only lasted 10 days.
So, each day, a new 'password sheet' was distributed to support staff. If I ever needed to access something out of hours, it was easy - I'd just go to the support office and there would always be a copy of the password sheet in sight...
Did Bob try it too, or just stick with the pint?
Anyway, I don't get hangovers, and don't eat bacon... I'm going to be doubly-immortal!
Re: Surprise!...People need to give themselves a shake and stop using MS products!
Haha, fallen for this particular anon's standard ms troll!
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- Spanish village called 'Kill the Jews' mulls rebranding exercise
- NASA finds first Earth-sized planet in a habitable zone around star
- New Facebook phone app allows you to stalk your mates
- Battle of the Linux clouds! Linode DOUBLES RAM to take on Digital Ocean