* Posts by Adam 1

1460 posts • joined 7 May 2012

If we can't fix this printer tonight, the bank's core app will stop working

Adam 1
Silver badge

Re: Yawn

> Many a time I've seen a printer break and someone has had to fix it. In fact on more than one occasion a printer has broken and it has had to be replaced entirely.

I've personally witnessed a few printers displaying the dreaded PC LOAD LETTER error. Even a hard power cycle wouldn't fix that one.

1
0

And! it! begins!! Yahoo! sued! over! ultra-hack! of! 500m! accounts!

Adam 1
Silver badge

Re: Looks like the beginning of the end

Only a few more disastrous multi billion dollar losses and Microsoft might make them an offer (based on a valuation of their market cap during the dot com boom).

3
1

Victoria Police warn of malware-laden USB sticks in letterboxes

Adam 1
Silver badge

Re: Or maybe it was targeted

Looking at it from a purely economic point of view, the profitability is simply a function of (percentage chance of someone plugging it in times percentage chance of them running a vulnerable system times ransom revenue per infection) minus the cost of the USB sticks. The sort of scum that would do this would have no reason to avoid the 5 finger discount at officeworks/hardly normal so let's assume that is not a big factor.

The low key distribution then minimise the chance of detection as it is much less likely to hit the major mastheads or TV news.

Combined with some phishing, this is indeed a powerful attack vector. I mean, it isn't too hard to find some large company (eg Telstra), fake an envelope with their logo, a short cover letter advertising some new foxtel streaming tie in and say there is some previews on the stick. Then a cheeky final line saying that even if you don't wish to subscribe, we hope you enjoy this 4GB USB stick.

A few logo stickers on the USB stick and even a few of us commentards may have been fooled. Some delayed execution of the malware would make detection very difficult indeed.

2
0

WTF ... makes mobile phone batteries explode?

Adam 1
Silver badge

Re: Dense energy storage can be dangerous...

> e.g alcohol) , a spark in the vicinity of the liquid is enough to trigger a chain reaction

Contrary to pretty much any action thriller you have ever seen, it is rather difficult to get an explosion from petrol. Hint: firing a few rounds into the fuel tank will make a bit of a mess, but if it catches fire you can probably blame the exhaust

A spark within proximity of a hydrocarbon is not setting the liquid on fire but the evaporated gas (which in turn may produce enough heat to encourage the puddle of fuel to turn into an inferno, but that is secondary to the spark.

In the meantime, forget the spark. Please don't let lithium come into contact with air. Or water. It is really happy to see the back of that electron.

10
1

'Strategic' submarine cable to connect islands where locals just emerged from stone age

Adam 1
Silver badge

> connect islands where locals just emerged from stone age

If they are after "only just emerging from stone age broadband", they should take a look at our FTTN NBN.

1
0

World+dog to get retro classic Commodore 64 for Christmas

Adam 1
Silver badge

LOAD "$" ,8

3
1

Naked, drunken Swede assaults chicken shed after 60th birthday

Adam 1
Silver badge

aw come on

Who hasn't been there...

0
0

Hackers claim they breached Aussie point-of-sale tech firm, try to sell 'customer DB'

Adam 1
Silver badge

Re: Did I read that right?

But the advances in computer power mean that homer17 should be crackable someone next year. I'd go something more secure like homer21.

1
0

Hackers hijack Tesla Model S from afar, while the cars are moving

Adam 1
Silver badge

Re: Over-the-air security of our products

I don't even want a breaking system in my car. That should definitely be covered by warranty.

4
0
Adam 1
Silver badge

Re: Pretty likely how they attacked

It is possible to construct a system that way, but anyone who does should stay well away from software development.

That sort of diagnostics should only be possible by plugging something via the OBD2 port. I can well imagine a company working towards autonomous driving vehicles needs a remote override to activate the brakes during testing, but this can be achieved pretty easily by relaying the command via an onboard laptop with a 4G connection plugged into OBD2. Then your hacking risk isn't to your customers' vehicles.

3
0
Adam 1
Silver badge

Re: Pretty likely how they attacked

Activating wipers? Applying brakes? Not sure what apps you've been using but I don't want such a feature of any car I'm in.

16
0

ROBO-PLOD! 'Droid snatches scumbag's shotgun in standoff

Adam 1
Silver badge

Re: Should have

Alternatively, something like

https://www.amazon.com/Loftus-Power-Starter-Prank-Pistol/dp/B0006GJXW4

1
0

Apple seeks patent for paper bag - you read that right, a paper bag

Adam 1
Silver badge

alternatively

If you make it blue, then over 60℅ is fine

11
0
Adam 1
Silver badge

Re: what we really want to know is ...

Barbra Streisand hadn't replied at time of publication.

3
0

Jakarta be kidding me! Google gets $400m tax bill from Indonesia

Adam 1
Silver badge

+1 subeditor

Love it

1
0

Let's Encrypt won its Comodo trademark battle – but now fan tools must rename

Adam 1
Silver badge

> Full disclosure: This article's author uses Let's Encrypt to provide HTTPS encryption for his personal websites. And you should use it too.

Do you use it on the comments pages for your personal websites too? That would seem to be a good fit if for some reason you found yourself running a popular comments page on your websites.

8
0

Former comms minster Stephen Conroy to leave Parliament

Adam 1
Silver badge

It's a bit more complicated than that. It was Brandis in that Brandis introduced the bill that eventually passed. On that note, he demonstrably showed a lack of judgement that will come back to bite us in the future, so definitely no free pass for him.

Indirectly, the ALP is tarred with the same brush here. There are times when you could argue that positions were changed by compromise and negotiation. For example, a party may claim to be against a particular service cut/tax hike but negotiate it through in such a way that the constituency that they are concerned about is compensated for that change. Sometimes it is a pragmatic decision to take a lesser of two evils on offer. That wasn't the case here though. The alternative "do nothing" was indeed a live choice and the preferred position of a significant minority of both major parties.

More directly though, there were definitely rumblings back in 2010 and 2012.

Here is a link to a senate investigation on the matter.

http://www.aph.gov.au/About_Parliament/Parliamentary_Departments/Parliamentary_Library/pubs/BN/2012-2013/DataRetention

So Conroy is knee deep in it, even if he himself didn't pull the trigger.

1
0
Adam 1
Silver badge

Conroy was more of a tapper than a tappee given the sway his faction has.

I'm a bit mixed really. NBN; brilliant idea in its original guise. Metadata retention? Made as much sense as his red underwear gag except it is dangerous and expensive.

I would have really liked the parliamentary raid privilege issue to have been resolved though.

1
0

Encryption backdoors? It's an ongoing dialogue, say anti-terror bods

Adam 1
Silver badge

a few quick questions off the bat

Regarding the backdoor key. I'm going out on a limb here and assuming that we're restricting it to "the good guys".

Who are the good guys? NSA? Five Eyes? EU? The Philippines? Turkey? Saudi? Russia? China? North Korea? Seriously, who are you going to trust this to?

Have we developed a branch of mathematics that only works when one of the said good guys is doing it?

On what occasions will this backdoor key be utilised? Terrorism? Major fraud? Dude of colour walking down the street (that seems to be a capital offence in some parts of the land of the "free")? Murder? Kidnap? Tax avoidance? DUI? Didn't pick up your dog's turd? Where is the line?

I think protecting the key is not a problem. It's not like the US ever had nuclear secrets stolen by the Russians when they were first trying to develop them? It's not like the organisation responsible for security clearances for government employees was hacked leaking details of 10s of millions of Americans and journalists who had applied for them. Pretty sure nothing could go wrong with that escrow.

5
2

Did you know iOS 10, macOS Sierra has a problem with crappy VPNs? You do now

Adam 1
Silver badge

Re: Really?

>However, PPTP has been known to be flawed for years.

Your post is confusing two issues together; the security vulnerabilities in the protocol (which to my mind justify the decision to sunset it) and the length of time that is reasonable for people to get their backsides into gear and use a proper protocol.

To my knowledge, there has been no amazing breakthrough that has come to light in the past month or so that means that today is the day it's got to go. These vulnerabilities have been publicly known to exist since before Mountain Lion, but they didn't announce their sunset plans any time in the past 3 years to anyone who doesn't visit some obscure forum.

As a better model, look at how other companies are handling the transition away from sha1 certificates. Whilst the attacks against them are still believed to be impractical, we are coming close enough to realising them that we know they shouldn't be used. The big browser makers no longer accept as secure any sha1 certificate signed after a certain date and once that period has elapsed they won't be trusted at all. Sure owners don't like hearing about broken padlock icons so get properly signed ones.

0
0
Adam 1
Silver badge

Re: Really?

Did they not consider popping up a warning whenever you connect to such a VPN for the post 6 months. I mean if a protocol is bad enough from a security perspective to drop entirely, Shirley you can justify nagging anyone still using it and retire it gracefully.

6
2

Using a thing made by Microsoft, Apple or Adobe? It probably needs a patch today

Adam 1
Silver badge

Re: brilliant idea MS

It doesn't install it. It just updates it if you're "brave" enough to still have it installed.

8
0

HP Ink buys Samsung's printer business for a BILLION dollars

Adam 1
Silver badge

that's amazing

That dude is tiny!

0
0

VW Dieselgate engineer sings like a canary: Entire design team was in on it – not just a few bad apples, allegedly

Adam 1
Silver badge

Re: It seem to me

All that matters from an efficiency perspective is how much fuel was used over a specified distance.

Unless your driving pattern involves continuously driving at 35Mph without ever braking until your fuel tanks are dry, your economy will benefit from kinetic energy capture systems. Anything reclaimed is fuel that doesn't need to burn.

I'm not going to make a case for or against a phev. It is largely dependent on a combination of your local energy mix and your driving distance requirements. But your complaints about well to wheel efficiency of them would hold a bit more water if you stop assuming that we drill for gasoline and start to understand the huge amount of energy required to refine it to something useable. It is not beyond possible that your gasoline car consumes more electricity via that one refining step than some EVs.

1
0
Adam 1
Silver badge

Re: It seem to me

> where do you think hybrid cars get their energy from, either from the ICE engine or from regen energy from the brakes, ultimately, the ICE engine...

In the end they reuse energy that non hybrid cars waste as heat (primarily through the brake pads) and by supplementing the performance with an electric motor they can use a smaller engine and run an Atkinson cycle and still keep up in traffic.

Even if all their energy is ultimately derived from the ICE, efficiency is not measured by quantity used but as a quantity used per unit of work. By reclaiming a proportion of kinetic energy that is otherwise going to heat, you can achieve more work for the same input.

Plugin hybrids can in many cases forgo the gearbox entirely using direct drive only at higher speeds.

3
0

Delete Google Maps? Go ahead, says Google, we'll still track you

Adam 1
Silver badge

We have no problem in you opting in to sharing such information with any organisation that you choose if you are happy to do so. Is it really so offensive to you that some people think that a macca's menu isn't enough of a "pro" vs the "con" of slurp watching you 24/7?

The "horror" is that he explicitly said he didn't want to share his location data and it didn't respect that.

9
0
Adam 1
Silver badge

weird recommendations

A few months back I was attempting to explain why a daft byod geo-fencing suggestion was fundamentally flawed politely suggesting an alternate suggestion to an otherwise perfect idea from the PHB. Didn't succeed, so when the feature proof of concept arrived, I made sure that my geo-fence violation came from Buckingham palace (context: not my hemisphere).

Got some pretty weird Google now updates for the next week or so.

2
0
Adam 1
Silver badge

Could even be simply looking at the SSIDs it can see and correlating that with it's street view WiFi packet sniffing (remember that) or even just looking at other android users seeing the same APs but who had location services on.

1
0
Adam 1
Silver badge

Re: eh?

My Nexus 5 has a great GPS activation detector. You simply glance at the battery level and if it has dropped 50% in the past hour you know that something's activated it.

29
0
Adam 1
Silver badge

Re: app permissions

At least with marshmallow or above you can retrospectively deny permissions (even if the app claims it needs them). YMMV but after installing any new app I religiously deny things that serve no apparent purpose to the app. Very few apps actually crash, and those that do get uninstalled.

20
0

Tesla to stop killing drivers: Software update beamed to leccy cars

Adam 1
Silver badge

Re: Light bulb moment?

Just like how pilots get to cruising altitude, activate autopilot, then flick on harry potter I guess.

Jokes aside, there is a colloquial usage when you start driving the wrong direction for where you are actually intending going so it does risk drivers believing they can stop paying attention.

0
1
Adam 1
Silver badge

> As road safety experts physicists have said for decadesmillennia, the slower you have a crash, the better.

Tftfy

1
1

Just not cricket: Microsoft's big data Googly called No Ball

Adam 1
Silver badge

The problem isn't with the system per se. The problem is with the complete failure of any commentator or cricket show etc to seriously attempt to explain why the numbers fall the way they do. There are a myriad of factors that come together to decide the adjusted target, the scoring rate averages, wickets in hand, overs remaining, the price of cheese and Schrödinger's cat's life expectancy. It tries to balance out the reduced overs so that neither team is advantaged by the target but you are looking at a game where a few runs can matter a lot. For me, the confidence interval for likely scores has got to be too wide for this sort of protection to be reliably made.

When there's only a few overs truncated I am probably exaggerating the problem, but i would as an engineer like to see the relative weightings displayed in the stats rather than just be told that's the number because we're clever.

1
1
Adam 1
Silver badge

> Duckworth and Lewis were English statisticians and their Method is very robust, but occasionally turns up oddities that get fans scratching their heads

I don't recall ever watching a D/L score where the numbers didn't leave me scratching my head.

3
2
Adam 1
Silver badge

Re: Who really benefits from this research?

All but guaranteed to be used in a betting capacity. Allows the controller of that data to figure out the betting odds before the revised targets are otherwise announced and effectively short other punters when the conditions are right.

Last summer some Indian guy was kicked out of various Aussie grounds after sitting there on his laptop working with the telecast delay (~10 seconds) to make bets about batsmen getting out after it was lollipoped but before it was caught. If it was an iPhone app, he could do it undetected.

It's a mugs game.

6
0

'Oi! El Reg! Stop pretending Microsoft has a BSOD monopoly!'

Adam 1
Silver badge

Re: Genuine BSODs?

In the same way, you really going to blame the OS for a bad/kernel panic when the RAM or PSU starts to give up the ghost? It's still funny as when the resulting dump lands on a giant public display (proceed with this silliness at full steam) though, no matter what the OS.

8
0

Self-stocking internet fridge faces a delivery come down

Adam 1
Silver badge

Re: On the plus side on holiday cat feeding sorted.

> Cats slash bag of biscuits open (I'm sure ths inspiration for Wolverine and his adamantine claws came from a cat owner as byproduct of cats is scratches & looking like you self harm) and happily eat food, and wait for next combo food and play installment

Never happen. Once the bag was opened, it would take one sniff and decide that it doesn't eat that brand anymore even though it's been their favourite for weeks. Seriously, their mates are probably around the corner ROTFLMAO at our feeble attempts to guess what to order next time.

4
0

Is there paper in the printer? Yes and it's so neatly wrapped!

Adam 1
Silver badge

Re: Removal of 'W' keys story was propaganda

Wait, are you expecting me to believe that the Bush administration lied about things? Shirley you jest?

10
0

Come in HTTP, your time is up: Google Chrome to shame leaky non-HTTPS sites from January

Adam 1
Silver badge

Re: "a long-term plan to mark all HTTP sites as non-secure"

> HTTPS is really, really slow

No. Not even close. When Google switched on HTTPS for Gmail by default 6 years ago, they found it increased CPU load by less than 1℅ and network traffic by 2%

https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html

With multiplexing in HTTP/2, HTTPS more often than not outperforms HTTP.

If there is a difference it is in transparent proxies.

I do however add my +1 to some sort of digital signature standard for delivering non private pages in a way that the client can tell they haven't been tampered and where the transparent proxies can still operate.

1
0
Adam 1
Silver badge

Re: @Stuart Moore - So, does this mean

1. People are lazy and use the same handles and passwords elsewhere. Think of all the people who are not as security literate as yourself but come here often because they like DevOps.

2. Not only can people read HTTP in a MitM attack, but they can actively change the communications. They can replace the El Reg ads with something more sinister, inject JavaScript or even change your comment so that instead of fiercely agreeing with Stuart, you appear to disagree with him.

12
2
Adam 1
Silver badge

Re: Dumb idea IMO..

It's also just the last endpoint. It tells you nothing about what happens after that server receives your credentials.

Tip El Reg:

If you want to want to stop our narky comments about this forum's lack of HTTPS, just hide behind cloudflare or equivalent. They'll serve us HTTPS then talk to you over HTTP. Defeats part of the purpose of HTTPS but at least we get a padlock icon hey.

6
0
Adam 1
Silver badge

Re: Thin end of the whatsit.

I'm sure it's not to thwart network level (ISP level) ad blockers. Clearly that is an unintentional side effect.

20
0

Really – 80% FTTP in UK by 2026? Woah, ambitious!

Adam 1
Silver badge

good thinking on a FTA with Oz

That way when you get your FTTP ramping up, we can trade you the ability to convert it to a FTTN cluster explicative which will cost just as much to build but run out of capacity at about the same time the build completes.

0
0

Tesla driver dies after Model S hits tree

Adam 1
Silver badge

Re: @AndyS

> I think you have that the wrong way round.

Yes I do. Ended up with an extra not in that sentence which changes the meaning. Also, autocarrot changed one of my words to bakery which reads pretty random.

But I think you picked my basic point; that if your engine bay contains an engine block, you have to try to jettison it under the safety cell. But it is still going to crush your feet on the way through because you can't quickly change the direction of many hundreds of Kg. The more energy that can be absorbed in front of the safety cell, the slower the rate of deceleration experienced by the passengers.

0
0
Adam 1
Silver badge

Re: @AndyS

> However I do think people might want to re-consider driving electric cars considering the extra hazards it could cause.

People may well but people are not as rational as we like to believe. Are you considering the additional deaths from NOx emissions or do we feel like externalising those? Not to mention the bakery of bunnies, kittens and unicorns that are the oil producing regions that get subsidised.

I would have thought that not having a massive block of incompressible cast iron or aluminium in between you and the other object limits the amount of energy that can be absorbed by the crumple zones when compared to an empty void. That increases survivability in such other cases.

2
0

Pains us to run an Apple article without the words 'fined', 'guilty' or 'on fire' in it, but here we are

Adam 1
Silver badge

Re: environment nose

> You've got digital ears? Wow

Yes, 10 of them with self evidently 0 in between.

0
0

Inside our three-month effort to attend Apple's iPhone 7 launch party

Adam 1
Silver badge

Re: Perhaps one day....

Nah. You know if they somehow implode and lose all that hundred gazzillion dollars stashed in the bank and have to lay off their engineering and marketing talent then it will be Microsoft that buys them out for $100 billion. Then they will use that new found IP to change the way that you end a call (dragging the contact to the trash).

2
0
Adam 1
Silver badge

Re: Try the top man

Agreed. You should see if Barbra can get you a ticket.

8
0

Sneaky Gugi banking trojan sidesteps Android OS security barricades

Adam 1
Silver badge

> In other news, a murderer rang up his victim and told him to take a knife out of the top drawer and then stab himself repeatedly with it.

The bastard! I should've known it was a scam. After I stop this bleeding I'm going to

1
0

QANTAS' air safety spiel warns not to try finding lost phones

Adam 1
Silver badge

Re: No need to panic... But PANIC FEELS BETTER

> This country went from landing on the Moon to "This bag is not a toy!" in only 40 years

Maybe so, but this one time after shopping for what seemed like eternity for some new shoes, I got home and needed to have a bite. Thank God for that timely warning on those silica gel packs. Could've made me sick had I not noticed.

2
0

Forums