* Posts by Adam 1

816 posts • joined 7 May 2012

Samb-AAAHH! Scary remote execution vuln spotted in Windows-Linux interop code

Adam 1
Silver badge

Why does samba need root?

1
4

Norton Internet Security antivirus update 'borked Internet Explorer'

Adam 1
Silver badge

Re: I don't understand

It failed to check that an alternate browser was available.

4
0
Adam 1
Silver badge

Re: "...then reinstalled NIS..."

Don't be so harsh. People reset their computers back to factory image* from time to time.

* that is the only way these things get installed right @

1
0

Evil CSS injection bug warning: Don't let hackers cross paths with your website

Adam 1
Silver badge

Re: Going to ignore this until it has a catchy name.

Something like DEATHNEEDLE and I would be all on it. PRSSI just sounds like one of the cards on your motherboard.

0
0

Euro broadcast industry still in a fug over that 4K-ing UHD telly

Adam 1
Silver badge

Re: “the most significant advance since colour”

Also, it is just a stupid statement full stop. As we become capable of squeezing more pixels into an LED display, matching those additional pixels with more from the source rather than an upscale is at best an evolution rather than a revolution.

I mean if you want tangible improvements, look at increasing the effective frame rates of the broadcast.

2
0

TrueCrypt + Norton AV = BSOD, wail disgruntled users

Adam 1
Silver badge

Re: OEM encryption

My customers trust me with their data. In turn I do my bit to keep their data private in the event of a theft.

The data itself is worth orders of magnitude more than the hardware it sits upon BTW.

1
0

This one weird script continually crashes Android email

Adam 1
Silver badge

I hope he gave them 90 days....

7
0

Samsung's spying smart TVs don't encrypt voice recordings sent over the internet – new claim

Adam 1
Silver badge

Re: If they aren't encrypting data...

Obligatory...

1
1
Adam 1
Silver badge

Re: If you want to mess with them

Or, you know. Fire up curl and send random crap in the right structure.

The binary blob is likely to be one of the standard formats.

1
0

$10,000 Ethernet cable promises BONKERS MP3 audio experience

Adam 1
Silver badge

Re: One born every minute

Well I, for one, am definitely attracted* to these types of cable!

* with a force proportional to the product of our masses and inversely proportional to the square of the distance between us.

2
0

Who's the auto tycoon that makes Apple employees swoon? It's ... MUSK!

Adam 1
Silver badge

> to legal counsel

They will clearly need a crack defence team to argue their case for going 'round corners. I can't imagine a better place to source such counsel.

2
0

G.Fast sand-slinger says it's slung bits at 500 Mbps over 200 metres

Adam 1
Silver badge

Re: We really need a reference Usain

That is quite a lot of him. Of they were all carrying a DVD it would leave gfast for dead.

0
0

Swap your keyless key for keyless key-less key. You'll need: a Tesla S and Apple Watch

Adam 1
Silver badge

Easy, there's a USB port in the dash. Open the door, plug it in and it will start to draw power. This should provide enough charge to fire up the phone. You can then launch the app, open the door, plug it in and it will start to draw power. This should provide enough charge to fire up the phone. You can then launch the app, open the door........ Stack overflow

0
0

Still using Adobe Flash? Oh well, get updating: 15 hijack flaws patched

Adam 1
Silver badge

What's the El Reg stance on https?

2
0

LICKED: Behold my TOAD-PROOF ERECTION, boasts Aussie boffin

Adam 1
Silver badge

Problem is that they are mostly Queenslanders so it is a bit hard to tell.

18
0

Australia's (current) PM Tony Abbott again calls for metadata trove laws to pass, ASAP

Adam 1
Silver badge

Half term Tony trying desperately to get anything else on the front page.

4
0

Ransomware 2.0 'crypts website databases – until victims pay up

Adam 1
Silver badge

^ ouch

0
0
Adam 1
Silver badge

Any backup must be considered as of unknown success until you have successfully restored it to another machine.

If you go 6 months without noticing your backups don't restore with the encryption keys you hold, your problems are deeper than ftp passwords.

4
0

DARPA: We KNOW WHO YOU ARE... by the WAY you MOVE your MOUSE

Adam 1
Silver badge

A good point. This sort of authentication is not designed to be a primary authentication because you really couldn't tell whether to let them use the computer until after a length of time. Generally speaking, you want someone to authenticate before they start using it, so I see this more like a mechanism to protect workstations where the user has wandered off without locking it. As a secondary measure, it would most likely be quite forgiving to minimise the false positive rates, or could work with tertiary measures like activating the webcam for facial recognition when it has a doubt.

The point about the arc refers to the fact that it is very difficult to move your mouse in an absolutely straight fashion due to how people usually hold their mouse. The size of that arc would depend on a number of factors, such as how you grip the mouse, your usual posture and what part of your wrist is still in contact with the desk, the size of your hands etc. Also, the basic direction you move would influence the extremeness of the arc (which would go back to whether you hold it square on or at an angle).

As a result, (in answer to your question) a relatively simple calculation could create a believable profile for pressing minimise or close. The end point and clicks would be chosen by the attacker, but the mouse movements would not raise any alarms because they emulate the speed and direction such a user is likely to take. The easiest attack vector I can think of is to send some exec a "free mouse" and embed the attack code within it.

0
0
Adam 1
Silver badge

Wouldn't this be fooled by recording of mouse movements. I can imagine the following data points without specialist mouse hardware.

* the rate of acceleration and deceleration as you move from the original cursor point to the target.

* the angle of the arc of movement between the two points.

* the delay between movement ceasing and clicking

* double click profile (time between each click and how still you can keep the mouse)

OK, so plug those into some algorithm and give a score as to how likely it is the same user.

Now do all that again and imagine some malware software is recording your mouse movement profile (could even be embedded in a freebee mouse). A vnc style piece of software could after not too much time now allow you to perform an action but instead emulate the recorded profile in those actions.

Not as trivial as a rainbow table, but if these techniques take off you can bet such tools will become available.

2
0

Chipotle insider trading: Disproving the efficient markets hypothesis

Adam 1
Silver badge

Re: Much complication.

The creators of the transaction are not only the customer. Equally without the vendor, no such information would exist. The vendor will provide a receipt if you want your own record of the transaction.

More interesting, unless you opt out, Google will track your location via your android smartphone through location history. They would be in an amazing position to track the movements of customers over time through various businesses. If they play those cards right, they could well and truly beat the financial markets at their own games.

0
0

Living with a Renault Twizy: Pah! Bring out the HOVERCRAFT

Adam 1
Silver badge

Re: It's KW

>I think even a tiny electric car might take a few days to charge at 3W

But on the bright side, at least it could use a standard USB charger.

7
0

Apple CEO: Fandroids are BINNING Android in favour of IPHONES

Adam 1
Silver badge

Just because they provide updates doesn't mean you should install them. Some of the older models that scrape onto the list of compatible devices work so slow you will soon need an upgrade.

0
0

Powering the Internet of Stuff – by sucking electricity from TREES

Adam 1
Silver badge

>The nature of a circle means that adding 1cm to a 2m turbine blade increases the catchable wind by almost half (4.52sq m compared to 3.14), while removing 1cm reduces the harvested wind by half a square metre

Not the circles I am picturing...

6
0

Top smut site Flashes visitors, leaves behind nasty virus

Adam 1
Silver badge

So firing up fiddler and, um "doing research for your story" eh?

2
0

Boffin finds formula for four-year-five-nines disk arrays

Adam 1
Silver badge

Re: Some wierd assumptions

Plus the assumption that you run a data centre but would have to call a guy in to replace the drive?

0
0

Jellybean upgrade too hard for Choc Factory, but not for YOU

Adam 1
Silver badge

Re: So is Firefox safe or what?

The problem isn't so much the browser (or they would just update it in Google play or advise you to use another browser). The problem is that the WebKit rendering engine is used by apps to integrate web content into a regular app. Most commonly, this is how the ad supported apps show those ads, but there are also things like phonegap which lets you wrap an html5 website and deploy it to the various app stores in what appears to the user to be a regular app on their platform.

We are in a state where a dodgy advertisement on a free game is a relatively easy attack vector but Google won't fix it.

Not good enough Google!

(Posted from my Nexus 5 running lollipop)

1
0
Adam 1
Silver badge

Re: Wait 90 days and publish the exploit?

Came in here to find this comment. Was not disappointed.

5
0

Oi, Aussie sports fans! Take that selfie stick and stick it

Adam 1
Silver badge

Re: Wouldn't this problem take care of itself?

You have to keep an eye on the drop bear with a selfie stick. That never ends well.

2
0

Free Windows 10 could mean the END for Microsoft and the PC biz

Adam 1
Silver badge

>That said, 8EiB is about a couple orders of magnitude or so higher than even today's high-end RAM usage.

And the fart of a flea is also a couple of orders of magnitude quieter than a jumbo jet at take off.

The 64 bit address space is really big [citation needed].

The Titan supercomputer at oak ridge is the current largest by RAM. If you decided that you needed you needed a million times more RAM to play the latest version of Crysis, you are still an order of magnitude from running out.

0
0
Adam 1
Silver badge

>Because 64 bit software support is only going to last so long.

May I make a bold prediction;

16EiB ought to be enough for anybody.

1
0

LEAKED: Samsung's iPHONE 6 KILLER... the Samsung Galaxy S6

Adam 1
Silver badge

Re: Apple Worried, more like happy!

Not all android is Java.

1
1

Possible Lizard Squad members claim hack of Oz travel insurer

Adam 1
Silver badge

Re: People still buy travel insurance?

Mostly to get you first world (or as close as available nearby) hospital cover if you fall ill or get injured abroad. Some injuries have long recovery times and prevent you travelling home on your cattle class tickets.

1
0

REGARD our TINY but POWERFUL LASER, suitable for very SMALL sharks

Adam 1
Silver badge

Shirley they could have used more understandable units of measure. I mean we all know that hair driers need a lot of energy [citation needed] so saying that could mean anything.

Why not just state the number in terms of how it compares to the power used by a London bus to drive one beard second.

0
0
Adam 1
Silver badge

Re: Lacking history

I just learnt something today from a cat on the internet.

6
0

Elon Musk: Wanna see a multimillion-dollar rocket EXPLODE? WATCH THIS

Adam 1
Silver badge

Re: Acronym fun

Seems a good candidate for Total Inability To Support Usual Performance...

20
0

Microsoft snubs Codeplex, moves big projects to GitHub

Adam 1
Silver badge

Re: Microsoft FAIL

Eadon?

4
1

Australia tries to ban crypto research – by ACCIDENT

Adam 1
Silver badge

Re: Necessary sacrifices

I, for one, welcome our new <noun> <adverb> overlords.

5
0

What do UK and Iran have in common? Both want to outlaw encrypted apps

Adam 1
Silver badge

Already happening I'm afraid. Some well known technical news sites based in the UK don't even use https in their comments section.

9
0

Tesla S P85+: Smiling all the way to the next charging point

Adam 1
Silver badge

you miss one important differentiating feature

With a Mondeo, you need to find a marked car spot at B. With the others you can just use the dual purpose indicator stalk and stop your vehicle somewhere you find convenient.

2
0

SpaceX in ROCKET HOVERSHIP PRANG: 'Close – but no cigar,' says Musk

Adam 1
Silver badge

I just hope they have the good sense to check the el reg forums before they waste any more money.

8
0

World's largest ship swallows 900 MEGATINS of baked beans

Adam 1
Silver badge

Re: So its more efficient in the use of fuel

Yes. Methane is a particularly potent greenhouse gas.

0
0

BILL GATES DRINKS 'boiled and treated' POO. Ah, 'delicious'

Adam 1
Silver badge

.... where his pennies were spent?

0
0

It's 2015 and ATMs don't know when a daughterboard is breaking them

Adam 1
Silver badge

Re: How come...

If the alternative is FireWire then USB is definitely more secure (can't bypass OS and read all RAM directly)

0
0
Adam 1
Silver badge

Hey, I am not defending them, just pointing out the real world problem. I am sure the newer machines have some sort of counter measures (like how server class machines have alarms that record when the case is open, wouldn't be too hard to do the same when the service door was opened).

My guess is that the bean counters figured that the countermeasures would cost more to retrofit than they will lose to these sort of scams.

3
0
Adam 1
Silver badge

No, but the level of protection around the section housing the computer innards is nowhere near the safe/cash drawer.

Search on YouTube for Barnaby jack. He demonstrates a walkup attack.

1
0

Marriott: The TRUTH about personal Wi-Fi hotel jam bid

Adam 1
Silver badge

It would be more convincing if their submission explicitly stated that they only sought permission to jam APs that purported to be associated with the hotel but that were not.

0
0

Ex-Microsoft Bug Bounty dev forced to decrypt laptop for Paris airport official

Adam 1
Silver badge

Re: Meh

>Yep. I guess 'Woman Made To Prove Laptop Worked At Airport' wouldn't be as interesting a headline

Why does it matter if it works? What if it broke whist travelling? Let's say or wonderfully reliable SSD just gave up without warning and now you just see some text about missing boot devices? Are you supposed to their away your otherwise fine laptop? Are you supposed to fart around trying to sort out warranty claims whilst abroad?

Officialdom gone mad is the kindest way to put it. Time for hidden volumes when travelling to France I suppose...

3
1

Apple's 16GB iPhones are a big fat lie, claims iOS 8 storage hog lawsuit

Adam 1
Silver badge

Probably because you can reallocate that partition back if you were inclined to do so (just pray that you never need to reformat)

0
0
Adam 1
Silver badge

It is also because in one of those cases that is over 50% of the advertised space. A reasonable consumer expects a degree of space used by OS paraphernalia but not in that magnitude. They also expect that a 32GB device from manufacturer A holds roughly the same amount of their stuff as a 32GB device from manufacturer B.

0
0

Forums