* Posts by Phil O'Sophical

2186 posts • joined 28 Oct 2011

Buffoon in 999 call: 'Cat ate my bacon and I want to press charges'

Phil O'Sophical
Silver badge

Re: Charge 'em

Extra service on the 999 operators desk, a button that adds £100 to the callers bill, and dumps the recoded converstaion into an evidence file?

10
0

UK.gov wants to stop teenagers looking at tits online. No, really

Phil O'Sophical
Silver badge

Re: Like booze

The point is arse-covering.

Tit-covering, Shirley?

3
0
Phil O'Sophical
Silver badge
Coat

Re: 5 minutes

I don't want to pay for as much Peppa Pig as she'd want to get

Well, I've never heard it called that before.

12
0

Google turns cookie monster on AdSense, DoubleClick clients

Phil O'Sophical
Silver badge

You have some god-given right to use their website?

Not at all, but the the current message is simply a pointless waste of screen estate. I know of no large website that doesn't use cookies. It's just politicians doing something useless so they can be seen to be doing something, with our money.

5
1
Phil O'Sophical
Silver badge

“informed, specific, freely given and must constitute a real indication of the individual's wishes.”

Typical bureaucratese, and the EU seems to accept that a popup that says "we use cookies, go away if you don't like it" is OK? That's what they really need to fix.

9
4

Bloke cuffed for blasting low-flying drone with shotgun

Phil O'Sophical
Silver badge

Re: And the drone owners?

It would certainly be worth the shooter's time filing charges against them. Even if he gets fined for shooting it down, a larger fine for them would send the message that their behaviour wasn't acceptable.

4
1

Got an Android phone? SMASH IT with a hammer – and do it NOW

Phil O'Sophical
Silver badge

Re: How much ?

It's not unpatchable at all, but once the phone companies have made the money out of your contract they haven't the slightest interest in patching it for free when they can get you to "upgrade" instead.

6
0
Phil O'Sophical
Silver badge

Re: How much ?

I'd say one million US dollars would not be much compared to the cost of the PR disaster if this weakness had been discovered by malware users and exploited.

PR disaster to whom? Goggle have a nice fix all ready, the blame for any infections will be firmly placed at the door of Vodafone/EE/SFR/Sprint/etc. who never ship upgrades after the first year or so. Agreed $1337 isn't much, but $1m is way over the top. Maybe $10K and a new Nexus phone?

2
4

EU data protection tsar spams lawmakers with his unwanted opinions

Phil O'Sophical
Silver badge

“Legislation is the art of the possible,”

Only a politician could think so. In the real world Legislation should be the art of the minimal.

3
1

LinkedIn users rebel after personal data siphon crimped

Phil O'Sophical
Silver badge

Gullible people everywhere

I automatically refuse any linkedin request from anyone I don't personally know, and instantly bin messages from anyone with "500+" connections, since they're clearly only going for the numbers. There's a practical limit to how many acquaintances anyone can manage, see https://en.wikipedia.org/wiki/Dunbar%27s_number

7
0

EU graciously lets Dutch splurge €33m on 'leccy car charger network

Phil O'Sophical
Silver badge

Netherlands

electric cars can provide real benefits to society by reducing CO2 emissions, pollution and noise.

Really? In a country where almost 80% of electricity is generated by coal and gas?

2
2

Five data centres you can't live without

Phil O'Sophical
Silver badge
Coat

And people worry about AGW from plane travel?

Clearly social media and conspicuous consumption are the main culprits here. Talk about "first world problems"

0
0

Crazy Chrysler security hole: USB stick fix incoming for 1.4 million cars

Phil O'Sophical
Silver badge

Re: Why is the onboard computer able to control the brakes and steering?

Lots of new cars have "Park Assist", you stop beside a space, put the car in reverse, and press a button. In theory it parks in the space, which requires steering and brake control. Since the hackers noted that they could only control the car when it was in reverse I guess this is the system they used.

I test drove a few new cars with park assist recently. It's impressive in a way, but unnerving, and at least once I had to hit the brake myself to stop the car clipping the one beside it, so the technology is far from perfect anyway.

1
0

It’s DEJA VU: Customer forgets to tell us about essential feature AGAIN

Phil O'Sophical
Silver badge

Re: Soiled underwear

Actually, American chocolate, especially Hershey's, tastes like bitter vomit.

There is an exception, Ghirardelli's chocolate from San Francisco is quite tolerable .

4
0
Phil O'Sophical
Silver badge
Coat

Re: Thanks!

More euphemisms?

7
0

Jeep breach: Scared? You should be, it could be you next

Phil O'Sophical
Silver badge
Happy

Budget cuts, there's no money to nuke it from orbit.

3
0

Antitrust this! EU Commish goes after HOLLYWOOD’s big guns

Phil O'Sophical
Silver badge

Re: BBC?

You can legally watch it, the BBC simply make it technically difficult. If you find a way around it you are breaking no law.

The Beeb of course don't want you to do so, because they make a lot of money selling that content to to other TV companies abroad, and if everyone can stream direct from iPlayer that income will drop.

1
1

Now car hackers can bust in through your motor's DAB RADIO

Phil O'Sophical
Silver badge

@ AndyS Re: Need to apply basic secure design principles.

Good points. As far as

If you have a compromised node in the powertrain CAN system, I don't think there is any way currently to protect against it.

would the standard allow for a handshake with key exchange, perhaps on each total battery-off power cycle? If so you should be able to ensure that you only ever accept a confirmed device as, say, a transmission controller. Any other device popping up later on the bus with that address but not the agreed key would be ignored.

Not foolproof, if you could make your compromised device get recognised as that valid controller at power-on, but it would then need to fully implement all the functions of the device it was spoofing as well, or you'd not get very far.

0
0
Phil O'Sophical
Silver badge

Need to apply basic secure design principles.

Surely the infotainment system would be separate from the drive systems?

One problem is that entertainment systems like TVs, or SatNav units, need some info from the drive systems. For example front TV screens must be disabled if the car is moving, certain SatNav features can only be used when the handbrake is on, selecting reverse gear can trigger rear camera display on the infotainment screen, etc. It should not be possible to send information in the opposite direction, but that is what these hacks are doing.

Since it's a bus it's hard to make the bus itself one-way, but this sort of hack suggests that:

- No-one bothers to make the infotainment system secure because "who cares if someone breaks the MP3 player", forgetting that such a system can, when hacked, send data to the bus.

- The serious flaw seems to be that senstive systems like brakes accept commands from all devices on the bus.

All those sensitive subsystems should have a firewall, and a whitelist of bus clients from which they will accept a specific list of control operations,. Any anomalies, such as commands from unexpected sources, apparent address conflicts, etc. should immediately trigger a lockdown and fallback to a safety mode, perhaps a shutdown of all non-essential devices. You'll never be able to guarantee that a device with an external connection cannot be hacked, but you should be able to have the other devices protect themselves a lot better. It seems that few manufacturers bother to do so (some do, apparently).

25
1

Contactless card fraud? Easy. All you need is an off-the-shelf scanner

Phil O'Sophical
Silver badge

Re: Attack of the clones

If in that time I can successfully clone your card and get it back to you so you don't know I've got a copy - A thing we know to be possible because it happens already - then I can keep paying for things with it as long as I never go over £20

There is supposedly a second level or protection, after some small (5-6?) number of transactions the terminal will ask for a PIN, just as a check. I have no idea if this actually happens (my contactless card has a hole through the antenna), nor if Apple pay implements it, though.

1
0

Universal Pictures finds pirated Jurassic World on own localhost, fires off a DMCA takedown

Phil O'Sophical
Silver badge
Joke

Re: It could be worse..

What do you mean "every machine with a 127.0.0.1 IP address"? Everyone knows that IP addresses are unique identifiers each pointing to an individual laptop. It must be true, I saw it on one of those TV documentries, CSI or NCIS or something.

5
0

Jeep drivers can be HACKED to DEATH: All you need is the car's IP address

Phil O'Sophical
Silver badge

Re: No smoking gun?

safety-critical system that has so many potential flaws and has single points of failure (in both code and the hardware) and that is a "smoking gun" to me.

I'd say the most common example of such a system is "the driver".

1
0
Phil O'Sophical
Silver badge

Never mind air-gapped internally, why are any incoming connections accepted at all?

45
0
Phil O'Sophical
Silver badge

Re: A start, but...

Past experience shows that bankrupting the car manufacturers won't help, since the taxpayer will be on the hook to bail them out. Jail time for the executives is the only deterrent that will work.

45
0

An EPIC picture of Earth, sunny side up, from one MEEELLION miles out

Phil O'Sophical
Silver badge

Re: What a beautiful place to live

capable of doing miracles like sending up this craft and yet we can't stop killing each other

The one is, I suspect, tightly linked to the other. Without the drive and passion that leads some humans to kill one another, we'd probably never work up the collective enthusiasm to build the space craft. Oh well...

4
0
Phil O'Sophical
Silver badge
Coat

Re: Ultimate Holiday Destination

The airline reserves the right to charge for oxygen

And the actual landing zone is on the moon, with a shuttle bus once a year to your hotel...

5
0

Reg top tip: Don't have the same name as someone else if you use Facebook's Instagram

Phil O'Sophical
Silver badge

Re: Good parting advice

customer service seems to be an afterthought.

I doubt if it is even that high a priority. For one thing it would require them to recognise that users are Customers and not Products.

9
0

What makes our planet's clouds? Tiny INVISIBLE CREATURES. True story

Phil O'Sophical
Silver badge

Re: Global warming help?

So we are all doomed then.

'fraid so. I reckon I've got another 40 years or so left.

2
0

Being common is tragic, but the tragedy of the commons is still true

Phil O'Sophical
Silver badge

Re: RNLI

What also fascinates me is the international aspect to it, since (despite having "Royal National" in its name) the RNLI also operates sea rescue for the Republic of Ireland. It's truly a organistion dedicated to a common goal, saving lives at sea, and with both UK and RoI being island, seafaring nations, it seems to transcend any petty differences.

Contrast it to groups like the RSPCA, which seems to have become an activist lobbying group and has long forgotten its real goal. I can't see the RNLI going that way, and you (poster above) have every right to be proud of your part in it. I have friends and family who sail, and although they've never needed you (yet) it is very reassuring to know you are there.

14
0
Phil O'Sophical
Silver badge

Re: Semi "voluntary" cooperation

various taboos and customs are put in place to manage the stock.

That sounds like the "Priesthood" approach, which is surely just a variant on the Government-controlled one? People with power (either physical or spiritual) lay down the rules, and define the punishments that will happen if they are broken.

6
0

2015 Fiat 500 fashionista, complete with facelift

Phil O'Sophical
Silver badge

the 1.2L 900cc engine, does it still crap itself when it sees a hill and goes of drying back to Turin

If the rental I has a while ago is anything to go by, yes. 2 normal adults, and it wouldn't climb a hill in anything above 2nd gear. Horrible tinny pile of crap. Not even worth buying as a fashion statement, if I were given one I'd sell it.

0
1

Your security is just dandy, Apple Pay, but here comes Android

Phil O'Sophical
Silver badge

Re: Convenience?

1 - Wallet out of pocket

2 - 5.00 note out of wallet.

3 - Hand over note to pay.

4 - (optional) put change in pocket.

5
0

Bitcoin fixes a Greek problem – but not the Greek debt problem

Phil O'Sophical
Silver badge

Moving bitcoins out

One snag to this plan is what to do with the bitcoins when you do get them to some other country. The EU anti-money-laundering rules have made it damn near impossible to open a bank account in another EU country if you don't provably have an address there. There's no legal bar, but the banks just don't want the hassle so they won't do it. Maybe you could move them to the US, if US banks still allow non-residents to open accounts, but many (most?) charge a substantial annual fee for the privilege.

0
0

Hands off, Apple! Irish dev studio sues over alleged iWatch infringement

Phil O'Sophical
Silver badge

Re: "Two companies, both alike in dignity, in fair Milan"

What light through yonder Windows 10 breaks?

6
0

Did speeding American manhole cover beat Sputnik into space? Top boffin speaks to El Reg

Phil O'Sophical
Silver badge
Mushroom

The links to the details are worth following, any scientific test where the report includes the phrase "the hypersonic expanding column of vaporized concrete" must have been spectacular, whatever happened!

21
1

IBM to offer BREAST MILK delivery-as-a-service for staff

Phil O'Sophical
Silver badge
Joke

IBM

International Breast Milk ?

International Business Mammaries ?

0
1

The Great Barrier Relief – Inside London's heavy metal and concrete defence act

Phil O'Sophical
Silver badge

Re: How does the barrier defend against heavy rains?

it would have to be upstream from London to hold back the rainwater that's coming down the river.

It doesn't hold it back, it stores it. By closing the barrier at low tide the sea rises on the downstream side, but the basin 'behind' the barrier (upstream) remains low, so all the rainwater flooding into the Thames can be stored, instead of adding to the inflow from the sea. Then at low tide the barrier is dropped again to let the water out. It prevents the sea surge + rainfall adding together.

15
0
Phil O'Sophical
Silver badge

Re: The only computers were a VAX running PDP 11

True, but VMS VAXen can also run 16-bit RSX-11 applications in a compatibility mode, and so were often used to replace aging PDP11s. This may be what the authro was trying to convey.

3
0

My top three IT SNAFUs - and how I fixed them

Phil O'Sophical
Silver badge

cables != cables

I had a VMS cluster once (a while ago) which would, from time to time, run like a dog for 10 minutes. There seemed to be no correlation with anything else, and the diagnostic tools we had at the time were fairly basic. The fault never lasted long enough to debug.

Eventually I noticed a huge spike in network collisions when the problem occurred, and on lifting the floor tiles found that one piece of what looked like ordinary 50ohm 10base2 co-ax was actually 93ohm PC network cable (ARCnet, I think). The mismatch was creating collisions and retries, which mostly went unnoticed until network traffic reached a certain threshold.

On a similar note, I had great difficulty convincing our sysadmin why it wasn't a clever idea to use RJ45 doublers to plug two PCs into a network socket, since it seemed to work just fine...

3
0
Phil O'Sophical
Silver badge

but they report what they think the problem is to the Service Desk,

Ah yes, these are the same users that are totally incapable of reading out an error message word for word from a screen. No matter how many times you ask, you always get their interpretation of what it says.

10
0

Sixty-five THOUSAND Range Rovers recalled over DOOR software glitch

Phil O'Sophical
Silver badge

Re: "...doors can remain unlatched even when in the 'closed' position..."

On the first car I had with central locking, pressing the 'lock' button resulted in whirring and clunks as various motors did their stuff. My wife's new Peugeot just makes a tiny 'click'. I still end up trying the handles, I just can't accept that something as supposedly secure as locking both doors can be done without something solid and mechanical moving.

7
0

Blurred lines: How cloud computing is reshaping the IT workforce

Phil O'Sophical
Silver badge

Or to put it another way

We're moving from the "modern" era of individual computers where developers were their own sysadmins, back to the 1960's timesharing model of huge mainframes somewhere else, managed by expert acolytes, and users who sit in front of a terminal somewhere and see the computer as a service, whose location is unknown and largely irrelevant.

OK, so the "dumb" terminals are smarter than they used to be, and dynamically allocating storage and compute resources on-demand means a bit more than waiting for the operator to load a magtape and a card deck, but it all looks very familiar.

The cloud has been pushed more by marketing types than technical ones from day one, and at least half the companies offering cloud solutions are only doing so because they don't want to be seen not to. It has a momentum all it's own, at least until the next trend comes along.

Security is viewed by both developers and operations as being constantly "in the way".

I have rarely seen this from operations, they tend to see developers as being in the way of security, and with reason. Developers are now, finally, beginning to realize that customers don't care much about performance these days, they can get all they want for next to nothing. Security is foremost in customers' minds now, and the professional developers who get that will be the successful ones.

And as for In a cloudy world you can't just jab a finger at operations and fob an angry suit off on the room of weird socially inept people down the hall.

Of course you can. It just won't be your hall. "it's the cloud" will replace "it's the computer" as the universal scapegoat.

6
0

Google yanks fake Android battery monitor

Phil O'Sophical
Silver badge

Re: "its intentions were revealed by the permissions it seeks (basically, everything)"

It is a pity that Android doesn't seem to have a way to selectively accept the permissions an app requests. There are times I've seen an interesting app, but when I see the permissions it wants I won't install it.

These aren't necessary malicious "give me TOTAL POWER" apps, but otherwise innocuous ones that want, perhaps, location or camera access. Maybe I would find the non-location or non-photo features sufficiently interesting to keep it, if I could say "OK, I accept all these permissions except 'x' and 'y', but I can't. All-or-nothing usually means it gets nothing.

14
0

Planet killer: Ex-army officer's Welsh space-rock mission

Phil O'Sophical
Silver badge
Headmaster

Why would anyone name a surface-to-air missile at all, let alone call it "Jonathan Tate" ?

9
0

Les Américains order a MEEELLION doughnuts ... from French baker

Phil O'Sophical
Silver badge

Re: My head exploded.

Same principle for dougnuts, serve them by the half-dozen but it will be OK because they're only "little" French ones.

0
0

'The server broke and so did my back on the flight to fix it'

Phil O'Sophical
Silver badge

Re: Hubswitch..

The previous generation always blamed problems on "the picture valve" :)

11
0

Reg hack survives world's longest commercial flight

Phil O'Sophical
Silver badge

Re: Auckland to Heathrow

(excluding the Old T1 and now T3 which are shite).

You'll be glad to know that T1 has just closed, prior to demolition and reincarnation as a T2 extension. Why BA moved their T1 flights to T3, and not T5, though, is beyond me. T5 isn't bad, and if your connection all happens within T5 it can be pretty fast, but once you add the T3/T5 standing-room-only bus journey it goes downhill rapidly.

Still, at least it's better than CDG, with the added benefit of not having to flying Air Chance.

4
0

Biologists gasp at lemur's improbably colossal bollocks

Phil O'Sophical
Silver badge

Re: AKA the Madagascarin space-hopper

If I were holding something with eyes that were bugged out like that I'd be shit scared to let go unless I was in Kevlar...

0
0

Ford recalls 433,000 cars: Software bug breaks engine off-switch

Phil O'Sophical
Silver badge

Re: And again ..

Man its fun watching that happen, although i'd imagine shit scary if it happened to you.

It's scary enough watching from nearby, I don't think I'd like to open the bonnet and look for the air intake while the engine was attempting to self-destruct. CO₂ fire extinguisher emptied through the grille, perhaps?

2
0
Phil O'Sophical
Silver badge

Re: And again ..

get back in the car and stall it.

You're assuming a clutch, I think. Most US cars are automatics, much harder to stall.

4
0

Forums