* Posts by YetAnotherLocksmith

233 posts • joined 11 Oct 2012

Page:

Bloke clicks GitHub 'commit' button in Visual Studio, gets slapped with $6,500 AWS bill

YetAnotherLocksmith
Bronze badge

How about...

...writing an extention that scans user code for AWS keys *before* it uploads, & alerts you if it would be publicly exposed?

27
0

Vodafone: Dammit Britain, your emergency services need 4G!

YetAnotherLocksmith
Bronze badge

Re: 4g isnt ready

That's nothing*.

You can stand at the sign that says "Welcome to Hereford" on one main road, with lots of houses on it, and have not one dot of signal, let alone 4G. You might as well be holding a house brick.

Bromyard, my local town, hasn't had a working data signal on the high street as long as I've been checking it, despite it saying that there is 3G on the handset.

My house has 3G. Because we've dedicated the entire ADSL (at a blazing 0.8MBPS) to running a femtocell we bought, just so we could actually have communications for our businesses. Hell, we can't even get a second phone landline!

I'm just hoping that Facebook or Google actually do shame our government into action with their "Get internet to Africa with flying/floating things" initiatives.

*Excuse the pun.

0
0

US to stage F-35-versus-Warthog bake-off in 2018

YetAnotherLocksmith
Bronze badge

Re: Ultimate CAS

Ah, but the American way is to outspend everyone else by using their credit to buy/develop the weapons they have. Hence trillions in debt, but no-one's brave enough to foreclose.

If I buy all your guns, I can then take your money. If I buy all your guns on credit, then I need never re-pay the debts.

2
2

Spaniard claims WWII WAR HERO pigeon code crack. Explain please

YetAnotherLocksmith
Bronze badge

Re: Useful

We've skipped a few cyber world wars, and are going straight to WWW.

0
0

Manchester skeptics annexed in hostile digital power grab

YetAnotherLocksmith
Bronze badge

Re: Rather More Than A "Fault".

Being a lawyer or barrister doesn't make you better at remembering a card you registered 3 years ago on a web form has just expired, now does it?

Be sensible.

4
0
YetAnotherLocksmith
Bronze badge

Re: Sounds like Meetup is potentially open to scams

Undoutably! There's millions of people out there who would like nothing better than to snag a group they don't like, & for £15 a time, with a few scripts watching, it'd be very doable.

You'd likely only target groups in a range that you didn't like, at that price, but then if you were using a stolen card would you care at all?

As for the money side,I doubt you could make it pay often, but for some groups it would be worth it to them to pay out big time to get their calender and email list back.

1
0

Why is the smart home insecure? Because almost nobody cares

YetAnotherLocksmith
Bronze badge

Re: *I* Care. And In My Home, That's All That Matters.

Eventually though, your CRT will stop warming up, and the only modern TV will have this crap built-in whether you want it or not. Bit like your phone, only worse.

0
0

High-heeled hacker builds pen-test kit into her skyscraper shoes

YetAnotherLocksmith
Bronze badge

Re: Given the size of a small mobile

She herself admits she is standing on the shoulders of giants. It's a cool thing to do, amazing from the perspective of even just 10 years ago, but today? Literally anyone competent can do this in a few days at their local hackspace, for under £100.

The pace of change is stunning.

5
0

The good burghers of Palo Alto are entirely insane

YetAnotherLocksmith
Bronze badge

Spot on!

Good article - and something that hadn't occurred to me in this respect.

4
2

I've seen Kaspersky slap his staff with a walrus penis – and even I doubt the false-positive claims

YetAnotherLocksmith
Bronze badge

You're thinking of FBI sting terror plots here, aren't you?

0
0
YetAnotherLocksmith
Bronze badge

Re: The Participant Observer Problem

Well, you could take a hash of it?

(But then what if the hash generator was hacked to return the right value? It's an endless loop.)

Surely someone will say "Use the blockchain, duh!" in a minute?

1
0

Boss hands dunce's cap to chap who turned off disk monitor

YetAnotherLocksmith
Bronze badge

A nice surprise

At least he got it sorted quite easily.

I found that Samsung's "back up solution" for Android required over 560Mb free space in order to actually do the back-up of a 32Gb system! No such trivial fix existed as from the full disk I'd already freed 560Mb - it was now delete (some of) the data to be backed up, or nothing!

Fortunately I used USB-OTG to back that data up first.

Hardly "turn key" though!

1
0

Typewriters suck. Yet we're infinitely richer for those irritating machines

YetAnotherLocksmith
Bronze badge

Of course, these days everyone can correct what they type

but fewer and fewer seem to bother!

1
0

Oracle pulls CSO's BONKERS anti-bug bounty and infosec rant

YetAnotherLocksmith
Bronze badge

Re: Your house belongs to the Oracle

«Sigh. At the risk of being repetitive, no, it doesn’t, just like you can’t break into a house because someone left a window or door unlocked.»

Of course it does! If I can go through the open window or unlocked door, why the heck would I try picking the lock?

She clearly doesn't actually know any locksmiths, nor much about the bad guys trying to get in.

2
0

Vodafone adopts hydrogen fuel cells to dodge African outages

YetAnotherLocksmith
Bronze badge

A neat idea.

There's a security company that uses the slogan "they can't steal what they can't see" & that's literally true here.

Also, after the first few gangs blow themselves to bits drilling holes for no useful result, no-one will touch them again!

3
0

Giant Facebook SOLAR LASER DRONE to FEED interwebs into YOUR FACE

YetAnotherLocksmith
Bronze badge

So the UK gets it first?

That, in itself, is a nice first.

Does this mean that BT will be investing in anti-aircraft "monopoly protection missiles"? Or just the usual lawyers?

0
0

How British spies really spy: Information that didn't come from Snowden

YetAnotherLocksmith
Bronze badge

"In other words: Treating everyone as a suspect..."

"For too long, we have been a passively tolerant society, saying to our citizens: as long as you obey the law, we will leave you alone."

David "Fuckwit" Cameron, turning the law on it's head, May 2015

http://i100.independent.co.uk/article/this-is-the-creepiest-thing-david-cameron-has-ever-said--e1q_01xlZZ

2
0

Contactless card fraud? Easy. All you need is an off-the-shelf scanner

YetAnotherLocksmith
Bronze badge

Re: Hang on, this is *news*?

To be fair, they are flagging up that nothing has been done to fix this flaw yet, which is correct. And Which? is also correct.

Regarding security, surely these are vulnerable to a MITM radio attack? Use a booster scanner to get the signal to your radio bridge, then beam both sides of the conversation to/from your fake card which has a tiny radio in it and that plays back whatever is asked to the real card.

You know, just like car thieves do!

0
0

Ashley Madison hack: Site for people who can't be trusted can't be trusted

YetAnotherLocksmith
Bronze badge

LOL

Cross-referencing with OPM will indeed be interesting.

Had to laugh at "Whatever the motives", right after the section with the hacker's demands.

4
0

Surviving Hurricane Katrina: A sysadmin's epic DR (as in Didn't Realise) odyssey

YetAnotherLocksmith
Bronze badge

Re: "I never got a chance to speak with him again"

Hopefully when he reads this article he'll realise you aren't dead after all.

0
0

Canadian dirtbag jailed for SWAT'ing, doxing women gamers

YetAnotherLocksmith
Bronze badge

Re: Sounds like an ideal candidate

You could be on to something there.

Ten anti-social morons who are "invincible keyboard warriors", sent to live in the Big Brother house as punishment by the courts. Or, for the worst of them, we could put just one into Love Island or something, to be mocked mercilessly for a few weeks & they'd never re-offend for fear of the lack of intelligent conversation they were faced with.

1
0

Ford's 400,000-car recall could be the tip of an auto security iceberg

YetAnotherLocksmith
Bronze badge

Re: Well the more complex u make it the more likely it will mess up

Security wise, we are moving towards two factor for computer systems, yet we are moving away from it for cars.

Cars had great two factor for years - aftermarket alarm and a physical car key, or immo and key, etc.

I have four factor on my van - two different physical keys as well as two electronic. (Yes, I would add face recognition or something if there were a decent way.) Yet it still won't stop someone determined enough.

A friend of mine gave a talk at Bsides London called "How I steal cars" - it's all very technical and expensive, but nearly anything with wheels we locksmiths can walk up to and take away now. And the newer stuff is easier! Manufacturers who literally refuse to believe we can clone it means they won't patch, & just a radio signal - no physical key - so it can be very fast.

2
0
YetAnotherLocksmith
Bronze badge

Except that means you are late patching, which could really easily be fatal or lead to your car literally stealing itself - it wouldn't take much to tell a self-driving car to drive to the new owner in a foreign clime!

3
0
YetAnotherLocksmith
Bronze badge

Re: So what happens

"Smaller car manufacturers" is relative. All the small ones have already been crushed under the costs of testing, inspections, recalls, etc., or simply bought out.

Going for Open Sorcery might work, but let's face it, none of it looks good from here - even the US government can't keep a secret these days, so you holding your car key (physical and/or electronic) on a server? What hope?

3
0

Shadow of the Beast: Amiga classic returns from the darkness

YetAnotherLocksmith
Bronze badge

Re: No idea how the fall icon got on there

You were thinking of the SotB play testers?

0
0
YetAnotherLocksmith
Bronze badge

Re: The amiga!

This reminds me of how shear random factors can change the world.

BT charged something like 10p a minute for a local call to a BBS in the UK. Crushingly expensive!

Local calls in the USA were free. BBS calls could therefore also be free.

And that, really, is why the USA dominants the Internet today - just that fact about the cost of having two machines warble at 14.4kbps across town was zero instead of extortion.

I recall making a huge special trip to Evesham Micros to buy a 52Mb hdd and RAM expansion to 5Mb. :-)

They thought I was a mad rockstar Elon Musk: "No way you'll ever fill that!", "Surely 20Mb would do?"

:-D

It was like going into a shop and asking for a petabyte of storage would be these days.

Shortly later it was all compressed, & I had an old SCSI chain set up for more space, of course!

Fond memories of school days.

2
0
YetAnotherLocksmith
Bronze badge

Re: it was the music

All the ST owners kept going on about the magical midi port. In the end I bought one for about £20 for my A1500, but couldn't fathom what the fuss was about!

I had better everything, they had a £20 add-on box included. Who were they kidding?

2
0
YetAnotherLocksmith
Bronze badge

Re: Custom chips

Shadow of the Best want really a game though, it was an advanced technology demo.

Any attempt at interaction was punished by things like invisible insta-kill traps, long climbs to death, or just a screen full of materialising enemies that killed with a touch.

2
0

Courtney Love in the crossfire! Paris turns ugly over Uber

YetAnotherLocksmith
Bronze badge

Who's going to be able to afford the commute?

Who precisely will be able to afford the cost of an Uber self driving commute?

With self driving cars uber will have to raise their prices because they will have to pay insurance, roadtax, maintain the cars (including washing them) and fund them in the first place to buy them new. They'll have to put their prices UP!

There won't be amortisation of costs from the driver who goes to work and adds a bit of cash to his income, whilst faster depreciating his car, so uber will have to get that all back.

Uber exploits the drivers. You get cheap journeying on the backs of both their labour and their equipment. Without that prices will rise.

Also, all these out of work people won't be buying cars or hiring them, what shall they do for money?

0
2

US Air Force drone pilots in mass burn out, robo-flights canceled

YetAnotherLocksmith
Bronze badge

Not sure whether to up vote or down vote that.

I agree with what you are saying, but cannot condone what the words actually say.

It will be drones vs the rest of the world, eventually.

1
0

'Stolen' art found on nearby shelf. Police keep looking anyway

YetAnotherLocksmith
Bronze badge

The library CCTV footage, perhaps, is at greater risk now than ever before.

1
0

Mad John McAfee: 'Can you live in a society that is more paranoid than I'm supposed to be?'

YetAnotherLocksmith
Bronze badge

Re: Paranoid consumers?

I think you misunderstand. Society absolutely is paranoid. People on the whole are not. It is an important distinction.

c.f. A person is intelligent; people are dumb, panicky animals.

12
0

Science teacher jammed his school kids' phones, gets week suspension

YetAnotherLocksmith
Bronze badge

Re: Whatever happened to 'respect'???

It is difficult. As a self employed person I have to answer the phone when it rings - it is likely a job, & an emergency at that. So whilst it is rude, & I'll apologise, I'll not ignore it unless I know it is something I can ignore.

Plus, it could well be money! You get a salary, regardless of how long you sit on your backside or how hard you work. My income is directly related to how hard I work, & my rate is still, for a call out at midnight, still likely less than many here get per hour.

Once I walk from your job, having solved your emergency or need, it'll be likely years or even decades before further work is needed. So I need to pull in the work, & not answering the phone is a sure way to go out of business fast.

I respect my customers, but I have to answer the phone.

3
14
YetAnotherLocksmith
Bronze badge

Re: Just give them an 'F'

It's never a good idea for your first response to be the same as your last resort.

Hang on, I thought this story was about America?

Surely they should copy the zero tolerance approach they have for violence, drugs and guns? Because that has always worked so well.

9
1

Bluetooth privacy is mostly ignored, so you're beaming yourself to the world

YetAnotherLocksmith
Bronze badge

Few people realise that there are companies that do this, nor that they are simply tracking the Bluetooth beacons in phones, fitness trackers and even sat navs.

Works quite well.

It'll get worse in future, as things like smart locks and other devices demand a fixed MAC or other identifier to allow access! (And of course, that's a bad way to deal with security, and since developers are lazy...)

IPhones now scramble their wifi identifier iirc, & Bluetooth will be too - at least that's why at least one smart lock removed the "door unlocks as you get near" feature. But who knows?

0
0
YetAnotherLocksmith
Bronze badge

Re: It beggards belief

I'd argue that a cheap lock is actually better than a Bluetooth beacon you can't turn off.

You can use the lock on a cupboard inside your house to keep family from drinking your vodka. The Bluetooth on the other hand will betray you even from inside your own home.

1
0

Call girl gets six years for Googler's drug death

YetAnotherLocksmith
Bronze badge

Re: Six years? Anonymous Coward

What?

The guy in Walmart was on the phone, and he was handling the toy that the store sells! Opening fire on a man in a toy gun section of a shop without warning? Totally stupid.

As for the classic "they are all criminals", have you seen what they were hassling these guys for? Suspicion of selling loose cigarettes. Jay walking. Running away when shot. *Not actually* grabbing for an officers weapon. Resisting arrest also - because having 4 cops on the back of a man face down & cuffed with his hands behind his back does obviously require that you kneel on his neck until he not only passes out, but that you continue until he is brain dead, & then once cold you call for an ambulance.

They have been proven time and again to simply make the stuff up after the fact. It is just that with cameras the proof is it there.

Oh yes, & the new one: filming a police officer out in public.

3
1

'Millions' of routers open to absurdly outdated NetUSB hijack

YetAnotherLocksmith
Bronze badge

Re: And feed MORE kit to these jackals?

What do you suggest? Anything you do will be tied to an IP gateway in about 15 minutes by someone, even if you don't allow it.

Even without, you'll end up with entire streets daisy chained together with BTLE devices paying data, or with ad hoc networks, or turning the lights on and off to get data transferred, or even, the weird virus idea bright to life, the devices communicating by ultrasound.

So once compromised, there will still be plenty of routes for stuff to hack other stuff. After all, you'll just Google the exploit for the bit of kit you are looking at, & it will tell you what comms paths it has.

0
0

It’s Adobe’s Creative Cloud TITSUP birthday. Ease the pain with its RGB-wrangling rivals

YetAnotherLocksmith
Bronze badge

Re: Paint Shop Pro

Another vote for PSP7 here. Does the job really well, mostly.

Corel took out the vectors and text entirely, so I rolled back the upgrade. Used 7 ever since.

If they re-do GIMP with some sort of eye to being sane about what users want - copy paste sensibly, starting up in a useful state, cropping without animal sacrifice, decent UI - then in 10 years it might be usable.

0
0

You want disruption? Try this: Uber office raided again, staff cuffed

YetAnotherLocksmith
Bronze badge

Re: Cartels...

I'll disagree.

Let's say you go to a kebab stall. The kebabs taste great, & they are cheap - cheaper than the other shop down the road.

The stand is cheaper because they don't pay rent. Ok, you can live with that. The council gets no money, but that's ok by you, you get a cheaper service.

And the food tastes great! They mix extra offal in. You don't know where they get it, you aren't an offal-and-pig-brain expert, are you? And they've got a halal symbol.

Then you get ill. You get tested, & hey, it is a rare disease. But that's ok - your kebab was cheaper, & most people were fine, right? Because you can't sue them - the name has changed, & it's in another lay-by now, with a different guy working there. And besides, it turns out he doesn't have insurance or a health certificate either. Just more of those cheap tasty meat patties.

(That was an analogy. Uber + driver are the tax dodging uninsured stand.)

0
0

Milking cow shot dead by police 'while trying to escape'

YetAnotherLocksmith
Bronze badge

Can't think why the cow was stressed

You'd be stressed with 20 cops pointing guns at you and a helicopter over head.

19
1

Stuff your RFID card, just let me through the damn door!

YetAnotherLocksmith
Bronze badge

Re: Oh how I CAN relate

As long as they started paying you. If they then don't let you in, that's not your problem.

0
0
YetAnotherLocksmith
Bronze badge

Re: Ceterum censeo!

I once worked with an Australian who was 100% convinced that any Englishman will laugh out loud at the mention of the word "bottoms".

LOL

Sorry, I'll get my coat.

0
0

Hacker 3D prints device that can crack a combo lock in 30 seconds

YetAnotherLocksmith
Bronze badge

Re: The ability to open these is old news

Why waste your time walking back to the van?

These Matter locks are so poor a fire extinguisher or hammer can work, & often leaves the locks still usable.

You can even open them with a towel.

Complete tatt.

0
0
YetAnotherLocksmith
Bronze badge

Re: I guess it depends what you want it for.

You can stop them, but for a shed is it worth it? A cheap hidden camera recording to SD card is probably best, position it do it gets a nice photo of them opening the door.

For a proper brick building, how much do you want to spend to stop what level of threat?

Of course, as a fellow locksmith said when asked on Wednesday night's lockpicking session at fizzPOP, "If I can drill a safe rated for £300,000, I can drill any door lock."

Hence layered security.

1
0
YetAnotherLocksmith
Bronze badge

Re: Analog Security

Problem is, nearly everything is easy to get, what with this new fangled Interwebz.

Security is done in layers, just like your PC. (Only with the physical world, a pro can ensure there are no APTs or the like.)

Bump keys are generally over rated imo. If you are trying to be subtle they are the equivalent of hammering, literally, on the door. Same with an EPG. There are better methods. And they cost more money to protect against!

You can buy specific tools to defeat nearly every single lock on the market with barely a trace in seconds or minutes, if your pockets are deep enough.

Just like the IT market for 0days!

But unlike IT, you can simply add another lock. ;-)

0
0

Polygraph.com owner pleads guilty to helping others beat lie detector

YetAnotherLocksmith
Bronze badge

A sting that stinks. For a change.

3
0

Tough admin forces hacker to STRIP to PANTS, LEAP to his DEATH

YetAnotherLocksmith
Bronze badge

What was the hack then?

Am I the only one who watched the video of the abuse and still have no idea what the mis-deeds were?

1
0

Forced sale of Openreach division would put BT broadband investment at risk, says CEO

YetAnotherLocksmith
Bronze badge

Re: Recent discussion with a senior BT person

I strongly suspect that should it go to pieces, BT would be overjoyed to 'pick up the bits', & start charging through the nose for customers to get 5Mbps.

I'd rather have a really poor five connection running at 0.1% of it'ss capability than 'copper' pushed to 150%. Because 0.1% of a fibre is still 10+Mbps, still a full 10x faster than my current copper.

Also, the FUD used by BT is insane. As someone else pointed it, BT simply threaten to put your area on a list for evaluation for broadband upgrade in 2 years time, & it scares off the investors! It isn't even a promise they will do anything, merely that they will look at it! But that is enough of a chilling effect that it distorts the market. Because BT will squash nearly any competitor.

1
0

Page:

Forums