Well, something like Ubikey might work for you. Physical hardware token.
343 posts • joined 11 Oct 2012
Re: How about what BT/VM do?
[quote]But, this is all academic anyway - unless the hacker is in close proximity then they won't be trying to connect to to your WiFi. Hard to do that from half way round the world.[/quote]
Fortunately, you've got always-on broadband for those people.
Re: Who bears the losses ?
I'd check that if I were you. Not having the right door locks (in the UK, a 5 lever British Standard door lock on a wooden door, or a multipoint lock on plastic) *invalidates* your insurance, whilst an alarm or not gets you a 15% discount which generally isn't worth the cost of the monitoring required!
IoT gear should not have a password until you boot it for the first time. I came up with "4 simple rules for IoT development" on Twitter after a challenge. That was number two.
"Ok, 4 simple IoT rules? I'll try: Close all unnecessary ports. No default password (prompt at 1st boot). Make firmware updates possible. Have an ID on device to link back to manufacturer & manual/website for tech & update support."
Re: The free market bites again
Indeed, this was pushed through the UK parliament (unopposed by the so-called "opposition") and signed into law just today.
Likewise - I'd happily buy one now, to be honest, and just charge it in a lipo bag. Or just take it apart and swap the battery out, or whatever. Exploding phones aren't great, but like others have said, it's a tiny fraction of the ones sent out, and an easy fix. And, if it really was the charge voltage, as someone posted somewhere I now can't track down, it's an easy easy firmware fix anyway.
Plus, think what it'll be worth to collectors in a few years!
Re: Did you beat back the barbarians at the gates?
No, it's a co-located server, so the physical infrastructure is under the control of the co-lo company (though you may or may not own the actual computing hardware) so access and the like is down to them and their security team. And so out of direct control by your boss.
Fortunately, most see sense when you explain the long prison term for corporate manslaughter.
Blocking the fire escape with crap in the room most likely to have a fire? The directors will be in court, explaining it, if someone gets hurt.
It's not just a big fine anymore.
Re: Beware cheap combo locks
Some very witty comments here...
If you've the budget, electronic access control is way better than a £20 push button "any order" XYZ mechdigi lock. Obviously!
You can't set the XYZ up for simultaneously pushed buttons. You're thinking of the Unican range, which start at around £200 not fitted. And few seem to be able to master those four picking or decoding. (and the electronic version is superb!)
For maybe £400 you can get a basic electronic access control system. But do yourself a favour, ask a professional to design and install it! Yes, it'll cost more, do more and be better - just like your IT system design is better than the boss's "great idea".
It's hard to believe this is still on-going! This is well past the stage of "He might be doing the right thing". Now, he's taking the piss. Batelli needs fired imo.
Re: TWO days to get the Domain Administator password.
Hope you guys realise that a segregated wifi network generally isn't actually secure unless it is running on separate hardware too?
Re: "automatic domain registration"
That's just not going to happen.
For one thing ,it would show down the registration process - lost your domain to someone who passed it through vetting a bit faster? Bad luck!
B) The cheap domain names that keep the Internet expanding are automated at the seller end to keep costs right down.
III) People would bypass it anyway. Whether by pretending to be the domain owner wanting the typo domain name to catch otherwise list traffic, by clever boys trying next obscuration with Cyrillic or Arabic character sets, or by simply submitting a few million requests in a DoS.
Maybe change the headline?
Just saying. The orange faced wankpuppet won.
All he had to do was have the GOP remove half the opposition voters from the rolls, & bingo! Nearly a majority.
Re: It's simple, really
Except that it *is* powerful kit. Modern smart phones do full screen video at HD with colour & sound far beyond a PC from 10 years ago.
Not comparable to the state of the art PC plugged into the mains, but still remarkable. Just because it is mostly hidden, doesn't mean it isn't there.
Re: Good job... or not...
I wouldn't worry. I bought all three off Amazon. Free next day with Prime. Mostly basic, but then all three are seemingly written by/for the US Army.
I'm anticpating a more dangerous & violent world. Signs point to it, as do portents. My clients expect a good security review, so that's what they'll get.
Ban thinking! Think of the children!!
However accurate the rest of your post is (very accurate), you miss that in another ten years there simply won't be any jobs for those people to do. Literally the whole point of Uber is to get rid of their drivers. Mercedes Benz and Tesla both have self-driving vehicles, and so those millions of trucking jobs will soon disappear. Uber as a side gig is great, for some, but that'll vanish once there is a fleet of self-driving taxis that use tracking apps and location services to predict where to be for the best fares.
Literally, by the time this matters again, it won't matter at all. You can't bring those jobs back from China in any meaningful way, as I've tried to explain a thousand times with varying degrees of success. Not only are the wages lower, but the Chinese factories are now practically fully automated. Foxconn just laid off thousands of workers because the robots they are building are doing the jobs that the people who used to build the robots are now doing for, near as dammit, free, 24/7. Robots beat even slave wages - they don't need to sleep!
We are rapidly being replaced in most "bulk" jobs. Expensive speciality "knowledge workers" are also highly at risk from some gimp with a CS degree building an expert system over their lunch, too.
I'm in a job that literally cannot be outsourced, and cannot be completely de-skilled, though a lot of un- & underskilled people are flooding the market, and learning via YouTube and forums. So as everyone in the country tries to become a locksmith, the market saturates, and bingo, no-one needs to pay a locksmith again, because they are one or they know one. Likewise with basic IT skills being learned by lots of people, some will become highly skilled, but others will always use YouTube and StackOverflow and GitHub, and, well, you end up with hte Internet of Shit, and massive DDoS attacks run by toasters.
Back in my day, you had to craft the packets by hand before whistling them down the phone line yourself. Which reminds me - have you heard the one about the bugle player being replaced by a £20 electronic trumpet for Remembrance Day services? Because I heard it today...
But it was secure yesterday
A simple solution?
Perhaps this is just too obvious, but couldn't we agree that all IoT traffic has to use Port 666 to 669 (or whatever) so that there is an option to block it easily?
Obviously, with attackers able to root & flash devices they can swap to whatever port(s) they want, and shape traffic as they see fit, but it would be a start for people trying to solve issues.
Truth is though, there's simply no good answer. Security costs time and money, & trust me, most people are cheap.
Re: Is Apple to Blame? Conspiracy Theoriests Unite!
Yes, and that's how it should've been here - but it wasn't. You can go google the teardown yourself, the original Note7 firmware charged the battery to 4.3V, and the replacement bumped it up to a stupid 4.35V! Yes, they were meant to be able to take it, but surely the sensible thing to do would've been to turn it down, not up!
Re: "...cause a contagion."
Well, there's a lot to be said for being able to blow up a person remotely by a simple tweak to their firmware. Because that's what this is - a tweak to the firmware maximum charge voltage value. Simply set it at 4.5V and you can be fairly sure that after most of a night on charge it'll burst into flame.
Re: Is Apple to Blame? Conspiracy Theoriests Unite!
It's one line of code. Seriously, it isn't even that: it's one variable, the firmware charge voltage is set too high.
The charge voltage is set to 4.3V in the first explodo-phones, & the replacement units have it at at a frankly stupid 4.35V! Safe charging on a LiPo battery is 4.23V, absolute max, 4.2V is regarded as the same upper limit.
It is also a one second firmware fix! So what the hell is really going on?
Re: Surely not ...
The vanity of that man, thinking he is clever enough to understand the "purpose" of an AI. I suspect he can't even understand the average hamster, let alone a dog, dolphin or monkey.
He is as doomed as everyone else when it goes wrong, as it almost certainly will.
Great plan, so it'll never happen
This is brilliant, so in 15 years, when we've got Brexit put to bed & we've finally got those trade agreements sorted, and finally manage to invite a foreign firm back to the UK with cut-price Marmite, they'll insist we install it, so they don't have to put up with patchy 3g/4g that's 20 years behind.
Of course, everywhere else will be on 6g by then...
Re: specific sender email addresses can be blocked
Yeah, that is really not how that should work. "Businesses won't use our systems" - no, but that's the whole thing about spoofing! No-one can tell until it's too late!
Re: Security First
I'm sure that would simply end up being very embarrassing for the USA. That billion dollar (ok, $300 million, currently, actual price classified!) aircraft will rapidly look outclassed by faster developed, more agile new stuff at far lower cost. Or indeed, just a dark swarm of 300 $1 million drones! (probably only $50k each in reality though - but 200,000 drones would have it's own logistics issues!)
Encouraging the USA's competitors to make their "crown jewel" tech companies look silly & slow would merely hasten the fall of the world's last superpower.
Re: Not the biggest problem...
I seriously doubt that would work unless you could somehow convince the Turks to get all 100 planes up at the same time. Once 1 plane flew away, they'd be wise to the trick, & they'd be shipped by truck to a reverse engineering plant in Russia to cure the problem.
Re: Well I never...
Both you & Ragarth have the same issue as me, the barware at BT simply abuse their monopoly position time & again.
BT won't even commit to telling us if they are *going to decide to commit* to installing fibre around our way!
Fortunately I have a plan, involving a real tall mast in a field, some directional antennas & a few data SIMs.
It'll still be cheaper/faster/much lower latency than the satellite system we currently have.
A few more weeks and it'll sort itself, is what you're saying then?
Re: walking in front with a red flag
Indeed. See my post above for my thoughts on how this will be a new circle of hell.
Re: Pointless and expensive technology
Sadly AC has it right.
Being forced by your car to sit attentively so it will work is going to be the newest circle of hell.
Too tired to drive? Bad luck. Disabled & can't drive? Bad luck. Not sitting & passing the twice per second "paying attention" eye tracking check? Bad luck. No "auto" driving for you!
Even better, take control yourself, touch 31mph, get automatic tickets from the black box.
It really is going to be the most horrendous of futures.
And that's before you factor in the fact that *every single vehicle you see* could be a reprogrammed kill-bot, actively looking for your number plate in order to crash/ram/crush.
Hardly a fair statement, that. Android is the Apple iOS version of Linux, written by Google!
It makes sense, but...
Well, it makes sense to not risk another few officers, but then, just like the guns, every civilian will demand their 2A right to a killer assault robot, & then it's going to get even messier...
Re: For those still confused: Brexit = peasants revolt against the bien-pensants
And how's that working out for you now?
The pound has slumped against the dollar, but not so much against the euro, because we dragged that down with us. The FTSE 250 has sort of recovered, but mostly because the pound has dropped so far. The entire Brexit "winners circle jerk" has vanished - even farage has given up, having "won" without the slightest shred of a plan.
I've already seen prices pushed up - steel? We barely make any, so all this won't save that industry, and your hand-hewn artisanal coal that you are planning on selling for 3x the price of everyone else? Well, that's not going to save you either.
It's like a dog chasing a car, then, one day, it catches the car, and gets it's jaw ripped off.
That last paragraph is this whole f'd up mess in a nutshell.
This is what Vexatious Litigant laws are for. And this nice fellow is the absolute definition...
Like that doesn't already exist. You just can't see it because of Copyright.
Re: It all just whiffs of publicity
Not sure they'd go to the Supreme Court, let alone Appeals, just for publicity. They aren't Donald Trump.
Might I suggest not actually just shutting them down? Block their traffic. If there's immediate crashes and screams, it's a sub-second fix! If no screams, then after a short while shut them down.
Re: Your daughter did click on ransomware
It's just a ransom to be paid when demanded *some unknown time in the future*
More secure? My parent's brand new Win10 laptop was ransomwared by the 4th day, I think because it had a "free" trial of Office and hence a macro was run.
(Proper "Yours files are in the same place heavily encrypted" ransomware, not the Win10 update!)
When does the payment plan start?
So, right, M$ are nicknamed that because they love the big bucks. Yet they are tricking and forcing people to take their product *for free*.
So when and how will they be taking payment? Because they will.
(And clicking a 5* review for "Calculator.exe" isn't going to be enough.)
Surely an array of redundant flash chips?
Surely someone could make a "HDD" that simply takes SD cards in an array, & handles the wear leveling at a higher level (as well as the in-built on the individual cards)
You plug in a few ?Gb, ??Gb or ???Gb (micro?)SD Cards, and the controller, in the form of a regular HDD sized thing, gets on with it. Uses JBOD architecture or some fancy RAID, according to your tastes, & presents as a standard SSD/HDD.
Completely removes a single point of failure too as if the controller dies just put the SD cards in another controller. If any one card dies, you get an alert and you swap that card.
This already exists, doesn't it? (It's too simple and obvious)
Re: We use
Just avoid 3Gb drives - they appear to have far higher failure rates than 2 or 4Gb disks.
(This was tested across loads of disks, there's an article on here somewhere about it I think)
Re: All of this also ignores...
I use different manufacturers now. Once had a RAID that died, & the second (paired) disk died literally two hours later during the restore! Cue data recovery required.
Because SMART isn't. YMMV but I've seen discs that don't work, yet SMART says all is well, & I've seen disks with dodgy SMART results that have worked for ages after.
To those screaming about OpenSSL again
And how often does Microsoft patch their version? Are you sure that the dozen or so MS lawye^wcoders are up to the same standard as the hundreds of eyeballs looking at OpenSSL? Or do we think that because the source is opaque there aren't any of these often very subtle bus?
Couldn't he have just done it "because he could"?
Re: It makes sense for banks and some other companies
Well, that's the theory at least.
And besides, adding more domain names is weakening security - without certainty, people are more likely to be unconcerned with a slightly different domain name.
Re: Just don't use disk encryption...
(How do I edit? Never figured that out!)
However, when downloading 55 million voters' data from the Philippines (apparently including fingerprint data!) with terabytes of data (which is what would get you done as proof of the crime!) TAILS can't help you. Because you have to store it somewhere.
Re: Just don't use disk encryption...
Yes, TAILS. The Amnesiac Incognito Live System. Designed to leave no trace of booting and routes everything through TOR.
Still leaves certain clues behind but a great starter for ten.