Feeds

* Posts by Brian Miller

594 posts • joined 3 Jul 2007

Page:

Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really

Brian Miller
Bronze badge

Re: cynical remark

"they went back to numbers to distance themselves from Vista..."

Even though Windows 7 reports that it's version 6.1, and Windows 8 reports 6.3. I wonder if Windows "10" will report that it's version 6.4? Incremental versions mean incremental changes, though! Tweaks! No radical changes, move along...

7
7

Shellshock: 'Larger scale attack' on its way, warn securo-bods

Brian Miller
Bronze badge

Re: run for the hills!

One of the things that drives me really nuts is that a server is not supposed to be using Bash for its system accounts. And yet X number of numpties have set the systems up that way. Bourne, and its alternate, Dash, don't offer the attack surface that Bash does, and are the defaults. So whoever is getting pwned by this bug had to go and work their way around a large number of security practices, any one of which would have mitigated the problem.

3
8

Stunned by Shellshock Bash bug? Patch all you can – or be punished

Brian Miller
Bronze badge

Re: what else lurks

Well, the attack is based on a feature of Bash. This means that it's been "out in the open" for the entire existence of the feature, not hidden as an oopsie-daisy bug in the source code. It also points out why it's a bad idea to have so much running with root permissions, besides not sanitizing input. And why it's a bad idea to allow just any server to throw whatever traffic it likes out onto the network.

The equivalent on a Windows system would be to pass in PowerShell script and .NET binaries through the http request, and then run it all with Administrator permissions. Attacks like these should be in the category of GET root!

2
0

Hackers thrash Bash Shellshock bug: World races to cover hole

Brian Miller
Bronze badge

Re: FUD whack-a-mole

But the device zombie botnet has already been done! And without using this "vulnerability," last year. IOT devices have crap security in the first place, and most, if not all, aren't running Bash, but Busybox or equivalent. (Are any of them running Bash?)

Still no word of JUST ONE commercial site (or device!) being pwned by this one. Sure, there's a search on for a server that's vulnerable to this, but so far, nothing.

(Yeah, sure, my IOT light bulb has enough space for Bash. Right...)

Really, anybody notice how all of this is getting inflated? "Oh, maybe the web server is running DHCP. Or a DHCP server could be uploaded." And on and on. How many systems have been pwned by SSH bugs? I worked in a company where a sysadmin opened an unpatched Linux box to the world, and somebody in Germany promptly walked right in through the SSH server.

So, no, I'm not banking on this being as big as people are making it out to be. For this to work, somebody has to explicitly invoke Bash to run executables, not merely have a cgi-bin directory. The system has to be set up with no sanitation of the inputs. All in all, a system has to be set up really poorly for it to be affected.

3
6
Brian Miller
Bronze badge
Holmes

Re: FUD whack-a-mole

You know what else is a "vulnerability?" Running code on a processor. Hello, if a system lets a person anonymously upload and then execute code, that's a vulnerability, too. But we kind of guard against that, of course. Yes, we do. Mostly. Kind of. Now and again. Maybe. Nothing remotely like this has ever happened before now. Really.

Yeah, I know, this could possibly be opened up by someone who hasn't a clue as to what they're doing. Maybe "developers" like the Obamacare site contractors, for example. But you can't totally save someone from themselves. It just can't be done. They will always find a way to fail.

And I do want to see a site, not just some test code, but a normal commercial site, pwned by this bug. There's been so many instances of pwnership, this shouldn't be a hard one.

2
13
Brian Miller
Bronze badge
Linux

FUD whack-a-mole

This has existed for 23 years, and nobody has ever written a worm using it! Now, doesn't that tell somebody something? Like this might be a little bit overblown? "Oh, I found a Bash exploit. Wait, it doesn't actually work. Moving on to something else to exploit now..."

Now, what if that supposedly vulnerable server is actually running Bourne shell instead of Bash? Look, ma, no vulnerability! Or maybe the system was set up with some sanitation on the inputs first before the command was sent onwards. I've been seeing people point fingers at Cpanel, but Cpanel folks say that they don't fork around with Bash.

I have yet to read an article stating that server X was exploited with this bug. And I mean truly exploited, not "oh, it looks that way in a Google search."

Pwn the server, post the results, let's see if it's verified.

12
11

Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR

Brian Miller
Bronze badge
Joke

Fax would be an upgrade...

Because then the "phone" could actually make calls.

No, the next release will fully brick it, thus making it fully functional as one half of a pair of mallets you can use to beat a jungle drum!

6
0

Divinity Original Sin and Wasteland 2 reviews: Turn-based gaming's NOT DEAD YET!

Brian Miller
Bronze badge

Oh, why Steam?

Playing games bought on Steam has not made me happy. When I want to play a game, I want to play it when I sit down, not when Steam decides that it has server capacity to see if I may play it. I'd rather pay a premium for the game to not play it on Steam, and wait for it to be delivered to me.

2
4

Microsoft's axeman Nadella fills baskets with 2,100 fresh heads

Brian Miller
Bronze badge

Something about garden gnomes, ???, profit

Ballmer went on an acquisition spree, since Microsoft can't innovate. Microsoft bought Nokia, allegedly for its cell phone expertise. Now they lay off practically the entirety of Nokia, plus good chunks of their own US operations. Huawei dumped Microsoft phones due to poor sales.

Spend lots of money buying stuff, lay off lots of people, ???, profit.

Well, the profit is, of course, from Windows OS, Office, cell phone patents, and never from cell phones themselves.

7
0

Sweden orders TWO PETAFLOP supercomputer

Brian Miller
Bronze badge

Why bother with "Fantasy Supercomputer League" anymore

Once upon a time I'd look at the list and think to myself, "Gee, how much would it take for me to get my bedroom on the list?" Now, with the smallest configuration using over 2,700 cores, there's no longer any way this could happen. Any configuration worthy of #500 on the list these days would take more power than the whole house's mains circuit. Back in 2005 a system with 50 cores could score well. Not anymore! I'd need about 100 NVIDIA K-40 cards to get to #500.

0
0

Wanna keep your data for 1,000 YEARS? No? Hard luck, HDS wants you to anyway

Brian Miller
Bronze badge

M-Disk: 42,000 pictures of cats

From their own website: 21 hours of non-HD video, 120 minutes of HD video, or 42K pictures of your cats.

So in 1,000 years, the archivists will pop one of these into a drive, and see pictures of cats. And they will wonder what the hell is wrong with us!

0
0

Got your NUDE SELFIES in the cloud? Two-factor auth's your best bet for securing them

Brian Miller
Bronze badge

2FA, passwords, fingerprints

I've had fingerprint readers on my past three notebooks. And I've used 2FA with a key fob device, for access to a corporate network.

The first real level of security is, "don't put that there," and, "don't let it do that." Don't put embarrassing photos of yourself on the Internet, and don't let your bank transfer funds like that.

The fingerprint idea is OK until you get an owie on your finger, and you need a Band-Aid. Even when it works right, it can take a few swipes before it recognizes your finger. The key fob is OK until it gets out of sync with the service, and then a re-sync needs to happen. The smart card and the key fob can also suffer from insufficient randomness or whatever other problem can crop up.

It's really hard to protect people from themselves. My apartment manager's password is two very simple words, followed by repeating numbers, and he has problems remembering that, so no way is he going to remember v<#?rSK51_Rc,pt, which can still be broken by a rainbow table. Yes, he has called me up on occasion to find out what his password is.

Sending a text message containing a second password to the phone is a good idea, though. Then the second password could be something random, like, "battery horse staple." Of course, for a MITM attack, that would restrict the attack to the current session. But depending on the data that the attackers want to access, that may be enough.

0
0

SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn

Brian Miller
Bronze badge

Re: Can't wait to see COBOL syntax highlighting in KDE's Kate text editor

"... but I can see some potential in marrying the mainframe terminal emulator with Linux..."

You do realize that there are already open source TN3270 and TN5250 emulators? There have been professional products for at least 20 years for IBM terminal emulation on Unix, Windows, and even MS-DOS and OS/2. I used to work at Attachmate long ago. ("Where's the IrmaLAN team?" "He's right over there! Splinter!" [This actually confused an HR rep who didn't understand the Monty Python reference. Really, I wonder how much of real life those people experience. Maybe we need to study them with tracking collars and electric shocks...])

Yes, I remember when they were an independent company. Anyways, emulation on Linux not only includes terminal emulators, but also the Hercules project, which can emulate the mainframe itself.

1
0

NORKS ban Wi-Fi and satellite internet at embassies

Brian Miller
Bronze badge

When 60 Minutes ran a piece on the CIA, they received a rebuttal from the CIA before the news segment had been broadcast. The CIA had been monitoring the satellite feeds used for editing the shows...

2
0

Intellifridge terror: Internet of Stuff kit must fend off hackers of the FU-TURE-TURE-TURE

Brian Miller
Bronze badge

Security by brick!

Never mind security by obscurity, you need security by brick! If it has all the connectivity and Internet functionality of said brick, it's definitely secure for ten years!

Seriously, a lot of the security problems simply stem from really bad practices that should get someone fired in the first place before they create a pile of crap. If you want to manage a fridge, all it needs is SNMP, and nothing else. Same for basically every other appliance. SNMP v1 is more than enough to monitor everything, because you just need to get an appliance's state, not turn it on or off. Honestly, an IOT blender is pointless to turn on and off over the net. Really, is your robot capable of washing and slicing and dicing the veggies, but it can't turn on a switch?

1
0

City hidden beneath England's Stonehenge had HUMAN ABATTOIR. And a pub

Brian Miller
Bronze badge

Wonder where they get their data

"Predating Stonehenge, the building is thought to have been a house of the dead where bizarre burial rituals were played out. "The rituals included exposure of the dead bodies, and defleshing on a large forecourt,""

Where do they get that data? And about a wooden building that's older than Stonehenge?? The builders and others who played around with the stones weren't big on writing anything down, so I wonder how the archeologists came up with the specifics of the rituals.

6
0

Apple's Watch is basically electric perfume

Brian Miller
Bronze badge

Watch idea is valid, still bad implementation

I wear a wristwatch, and I keep the mobile phone stowed away. Honestly, I think that the watch is still a great idea, but they keep implementing it wrong.

A watch isn't supposed to be its own input device, it's supposed to be an output device, and it's supposed to be convenient. For a while, Epson produced a watch with pager functionality. Instead of a bulky pager, you had the convenience on your wrist. These new "smart" watches are trying to do too much, and thus essentially fail at everything.

Really, what do you want on your wrist? #1, the time. #2, who's calling you. #3, a small notification that maybe you'd like to look at your phone. That's it, and little more than that. Small, thin, light, and keeps running for a very long time.

Does the watch need to transmit data back to the phone? No. Does the watch need an amazing color display? No. Does the watch need to keep running? Yes, preferably at least a year between battery changes.

Let the smartphones be the little computers they are, and leave the watch with simple functionality.

13
0

Use home networking kit? DDoS bot is BACK... and it has EVOLVED

Brian Miller
Bronze badge

Passwords? We don't need no steenkin passwords!

Anybody remember about the researcher who created a botnet to map out the Internet? 420,000 nodes, just on cameras alone.

It doesn't matter how many times this happens, the hardware manufacturers need to start requiring passwords on their devices, and ones that are "strong." My Cisco ISA550 requires a password that is stronger than logging into their website! And yes, it has to be changed on the first login. And why do they keep opening up ports by default? "This router keeps you safe!" Really? Really?? It doesn't keep you safe, and it doesn't keep anyone else safe, either!

Maybe the manufacturers could be fined under the truth in advertising laws. These are insecurity routers!

2
0

NATO nations 'will respond to a Cyber attack on one as though it were on all'

Brian Miller
Bronze badge

But it's my neighbors what's done it!

Once upon a time, a while back, I set up a honeypot on my connection to see what bots were rapping and tapping at my virtual door. It wasn't a raven, but a crowd of my neighbors! The vast majority of bot net zombies were, in fact, in my IP neighborhood.

So who is the military going to nuke when a DDOS happens?

I just can't help but imagine that some 12yo is going to start WWIII for shits and giggles.

2
0

Ex US cybersecurity czar guilty in child sex abuse website case

Brian Miller
Bronze badge

Re: Absence of evidence = evidence of deletion?

The article on Wired says that the investigators put malware on the site, which was "placed" on the visitor's machines. The machine's address, MAC address, various other identifiers, and Tor browsing history were gathered.

Plus when the agents executed their search warrant, DeFoggi was in the process of downloading a porn video, and the agents had to physically wrest the notebook computer from him.

So, yeah, they caught him in the act, and they had plenty of evidence.

0
0

HP: We're still running the ARM race with Moonshot servers

Brian Miller
Bronze badge

Why binary compatibility?

"The chief problem for ARM is existing Intel apps won’t run on the chipset."

Once upon a time, not that long ago, this would never have been an issue. Really, the data center environment was heterogeneous, and many architectures were found. It was quite typical for a vendor to distribute many versions of the product. Yes, I personally did that, and the product was compiled for over 20 flavors.

Now we supposedly have Linux all over the place, but it's not really about Linux, is it? It's about Windows. If it were Linux, then it would be nothing to do but type "make" and then get on with it. But all of this actually has to do with Windows, and of course there's no end to that rat hole.

7
2

Intelligence blunder: You wanna be Australia's spyboss? No problem, just walk right in

Brian Miller
Bronze badge

What's the point?

Everybody knows the Aussie agency is in a shed in the garden in the first place, and everybody knows everybody else as 'Bruce,' what's the point of all the security fallderal?

"Hello, who are you?"

"Oh, I'm Bruce!"

"Right, grab a beer from the fridge and let's chat."

"Hello, who are you?"

"Oh, I'm Ivan."

"GET HIM!"

5
0

Yes, but what are your plans if a DRAGON attacks?

Brian Miller
Bronze badge

Re: Plans for dragon attack

Really, it's quite simple: arm the citizenry. You never hear of dragon attacks in the USA because citizens may legally own .50-cal hunting rifles. Really, do you think that these things are for deer?? No, the rifles are for dragons and whales. (No, we don't use them on the Ogre battle tank. We trap those when they're in season.)

11
1

Hackers' Paradise: The rise of soft options and the demise of hard choices

Brian Miller
Bronze badge
FAIL

Bad article, miserable rant, no information

"I cannot see how an OS could handle multiple processes without having a kernel mode. It follows that there must be at least some hardware support for security measures outlined above. Perhaps it’s all there?"

Mr. Watkinson, your display of ignorance, on The Register, no less, is utterly shameful. Multiple processes can be run without a kernel mode, and it has been done quite often. As for "Perhaps it's all there," yes, it is all there!!!

The Intel 80386 was released with four independent levels of protection, building on the features in the Intel 80286. The failure of a software vendor to implement those features in an operating system is not the failure of the hardware manufacturer.

The reason that Windows is targeted for malware is due to its popularity. Really, with a minimum 80% market share, who wouldn't target Windows? As for Window's lack of security, well, it was never conceived as a secure system, so what can be expected? One of the "features" of Windows is to start a thread on another process that isn't yours! All of the backwards compatibility of Windows means that there is a lot of significant baggage that must be brought forward, release after release.

You want software to be made secure? It's very simple. Software vendors must be penalized for bad code. If there is a fast and immediate monetary penalty applied, then effort will be made to write good code. It really is just that simple.

Really, good techniques have been known for decades. There is nothing new, there is just very little willpower to carry out the task.

2
0

It's time for PGP to die, says ... no, not the NSA – a US crypto prof

Brian Miller
Bronze badge

He's right! PGP sucks to use!

Yeah, the prof is right, but it shouldn't take a PHD to get people to listen. It's actually been way past time for an update to the general implementation.

One of the reasons all of this really stinks is because SMTP was never designed with rigorous security in mind. It's really past time to move to a better mail protocol.

5
3

No Apple fanbois here: Man United BANS iPads from Old Trafford

Brian Miller
Bronze badge

Security has poor memory...

http://www.theregister.co.uk/2009/09/21/bum_bombing/

What, they don't remember the grenade-up-your-ass ploy? "Please moon us for your safety."

Or how about the movie "Black Sunday" (1977) where a blimp is used to haul in the weapon of mass murder?

So all the fans are queued outside of the stadium, filing through the checkpoints, right where the terrorists will have such easy pickings.

I'm so glad that terrorists are so freaking stupid. Otherwise we'd be in so much hurt.

2
0

Japanese boffins invent 4.4 TREEELLION frames per second camera

Brian Miller
Bronze badge

"it appears to have a shutter of some sort."

Actually, there's a bit of a trick to high speed shutters: they don't open and close! No, it's rotary. The Fastax high speed rotating-prism went to 10,000 framers per second, and the Rapatronic camera with its polarizing filters allows speeds down to 10 nanoseconds. But of course, that's back in the 1940's.

That said, it's actually using a laser to strobe the subject: "An ultrashort laser pulse is split by the temporal mapping device (TMD) into a series of discrete daughter pulses in different spectral bands, which are incident on the target as successive ‘flashes’ for stroboscopic image acquisition."

There you go, no shutter, just a laser to strobe the target.

2
0

Pinterest diversity stats: Also pale and male (but not as much as Twitter)

Brian Miller
Bronze badge
Terminator

Smart and Gets Things Done

Anybody remember that little book by Joel Spolsky? Gee, what is someone supposed to do? Hire slowly and fire quickly?

Of course this is about discrimination, it's about discriminating against those who can't get the job done. A business is a business, not a social program. The reason that males are so dominant in the tech sector is for one reason: the male brain is hardwired for solving problems. That's just the way things are.

When a company forgets that it's a business and becomes a social program, then it goes down the tubes. Even Microsoft realizes this, and at some point it will get someone smart in charge, or it will be dead. When a company is small, it is really evident who does work and who doesn't. Some people won't work in small companies precisely because of this. Me, I prefer small companies precisely because of this.

There are also sectors where males aren't dominant, but nobody ever mentions that. It's always shame on the people who get the work done, dump on the worker. I welcome the robotic overlords. At least there's a hope with them that they'll run things with logic.

2
0

Games industry set for $5 BILLION haircut, warn beancounters

Brian Miller
Bronze badge

Profit wouldn't slip if they wrote better games

How many times has Halo been warmed over? Valve gave up on Half-Life. Fallout drags on and on. But how much have these really evolved from release to release? Not much. Basically the same game play, with different graphics and weapons. Whoopee.

Do we see artificial intelligence? No. Not even on the level of Eliza. It's pathetic, really. Why bother mashing the keys all over again when the game is just the same? I'd love to see something that was sketched out with the "Nonplayer" comic. But all we get is a slight variation on the same theme. Ooh, different clothes and weapons! Might as well be Sailor Moon wiping the floor with Barney the Dinosaur.

9
0

Don't look, Snowden: Security biz chases Tails with zero-day flaws alert

Brian Miller
Bronze badge

Everything has flaws

Everything has flaws, especially code that's just hacked together. The question is, how bad are these flaws? Is the flaw something that we can expect to be exploited by a script kiddie, or is it something that leaks data that requires mathematical analysis for it to be informative?

If the Tails distro has bugs in it like fleas on a junkyard dog, I want to know! Not only do public alerts tell us what's going on, but it gives those of us who code a chance to fix problems.

1
0

Kickstarter tin-rattlers offer reboot of '80s Integrated Space Plan megagraphic

Brian Miller
Bronze badge

Boots on Mars and break a leg

Not only do we need a big rocket, we need some sort of artificial gravity on the way over! By the time the astronauts arrive, they'll have lost enough bone density to break their bones in the reduced Martian gravity.

Better to just send a pair of boots and a Playmonaut to Mars, and then call it a day.

0
2

So whither Microsoft? If Nadella knows, he is keeping it well hidden

Brian Miller
Bronze badge

Story behind Seattle layoffs

OK, the story behind the Seattle layoffs is that Microsoft is ditching its testers. This sounds like a joke, but it isn't. They figured that since 30% of the bugs are found by developers, 30% by testers, and 30% by customers, they'd just ditch the majority of the testers and have the developers do more testing.

Unfortunately, this means that the customers will now be finding 60% of the bugs.

The testers who do remain will be "focused" on testing "scenarios" of customer usage. Unfortunately, the management has no clue what these scenarios might be. A couple of years ago I was in a team that decided to go with "scenarios," and we were given no information about how a customer might use the product. I honestly regard scenario testing as entirely futile.

Microsoft just might as well go with the full cost-cutting finale of, "fire the smartest people because the cost too much."

3
0

Plucky Rockall adventurer prepares to leave islet

Brian Miller
Bronze badge

Watch out for sneaky Argentinians...

And now Argentina makes a sneaky move for the rock in response to the Falklands...

As for RRS James Clark Ross, why shouldn't they be in the neighborhood? The antarctic is cold! Actually, I'm surprised they aren't in Tahiti or some such.

0
0

What a whopper, LG: Feast your eyes on this 77-inch bendy TV

Brian Miller
Bronze badge

How the other (less than one-) half lives...

My, there's £19,999 I'll never spend! Nice that when you're viewing people (werewolves?) with yellow eyes you'll have great color. Maybe as you barricade the door and arm yourself with your custom hunting shotgun, you'll be able to take them on the rise after they smash down your door and leap for your throat...

Or maybe you'll have a better target for your Nerf Gatling gun.

1
0

Physicist proposes 1,000-foot state-sized walls to stop tornadoes

Brian Miller
Bronze badge

According to other boffins, won't work

I saw the response to this from other scientists who actually study meteorology and climate. For some reason, the low mountains in the exact area these walls are proposed aren't doing anything to even slow down the formation of tornadoes.

However, if it were proposed to build a sculpture the same size, I bet it could get funding.

5
0

World still standing? It's been two weeks since Cryptolocker, Gameover Zeus takedown by feds

Brian Miller
Bronze badge

Oh, like the average muddlehead has a choice!

"Repelling cybercrime is not the responsibility of individuals." -- Amichai Shulman

Oh, really? Which part of, "DON'T CLICK ON THAT!" is somebody NOT supposed to miss?

A neighbor of mine, back in the late 1990s, bought himself a computer, and I helped him get set up with the Internet connection and all that. So he's browsing around the web, and there's a banner ad claiming that he has mail. So he clicks on that and lo and behold, the browser jumps to a site that he didn't actually want to visit. Well, duh!

I set my landlord's new notebook computer up for him. He calls me up, says he can't get to the Internet. I come over and take a look, and it's fine. Turns out that he thinks the Internet is Yahoo!, and if that isn't the start page, then there's no Internet.

We have crap OSes, browsers, etc., and nobody has a choice but use the things. The average person out there really does need to learn to lock the door and bar the windows, because that's what the environment is! The police are only part of the answer, but there's precious few among them who have the skills to do a serious net dive and parse apart a botnet or other network.

If it's the job of the police to secure the net, then it's the responsibility of Microsoft, et alia, to write good and secure software. And Microsoft and the rest should be fined, and hard, for not doing it! Using best practices means actually using best practices! Not publishing a book about it, and then writing the biggest bunch of crap code I've seen.

But the muddlehead is going to keep clicking on crap, because they are muddleheads, and all they've got to use is a crappy OS.

5
1

Intel reveals its FrankenChip ARM killer: one FPGA and one Xeon IN ONE SOCKET

Brian Miller
Bronze badge

Intel catches up with 2006

DRC Computer Corp. and XtremeData Inc. were doing this back in 2006 with the Opteron. Not on the chip, of course, but as a coprocessor in another Opteron socket. It's pretty easy to find this with a web search.

3
1

YouTube will nuke indie music videos in DAYS, says Google exec

Brian Miller
Bronze badge

Big = evil?

Although Google's informal motto is, "Don't be evil," it seems that as companies grow large, they grow corrupt. The latest has been Amazon's attempt to squash publishing houses, and Google is squashing independent music labels.

What this really means is that publishers need to ditch Amazon, and all artists need to ditch YouTube. When whatever alternates they land on get too big and become evil, then those get ditched and the artists move someplace else.

And this also means that all of the "users," i.e., self-created data content that is mined and sold by Google, needs to move along with the artists. If you want Google to be poor, stop using Google and block Google's JavaScript and cookies in your browser. But of course Google will continue on unimpeded.

3
1

Supermodel Lily Cole: 'I got a little bit upset by that Register article'

Brian Miller
Bronze badge
Happy

She reads El Reg!

Come on now, folks, she reads The Register! Now, isn't that just significant? In just a little bit she'll be able to correct her website by reading all of these erudite articles and comments.

So let's see the business plan here: collect gnomes, ... something else ..., and no profit at all.

OK, so I guess the whole idea needs work yet. Don't worry, the comments section is on the job! Don't worry, Lily, we'll definitely tell you how to do it right!

6
0

British boffin tells Obama's science advisor: You're wrong on climate change

Brian Miller
Bronze badge

Just wait until next year!

Since there's nothing that anybody can actually do about the weather, just wait until next year to see who's right. None of the nations will stop their CO2 emissions until there's nothing to fuel the factories and power plants. After that, the lights will go out, and it'll be the dark ages (literally!) for all of us.

1
2

Oh, wow. US Secret Service wants a Twitter sarcasm-spotter

Brian Miller
Bronze badge

Doesn't the NSA have something?

With all of the data hoarding the NSA has been doing, don't they have something they can let the Secret Service use? "Look, we've got some great regular expressions posted on the wall here." "Does that work in Internut Exploder 8?"

Maybe the Secret Service should just outsource the problem to Amazon's Mechanical Turk. Oh, but you'd need people who speak English and can recognize sarcasm...

0
0

TrueCrypt turmoil latest: Bruce Schneier reveals what he'll use instead

Brian Miller
Bronze badge

Bruce Schneier *doesn't* reveal what he'll use

An article from years back, Bruce Schneier says what he'll use. But as for what he's using now, he doesn't say. In fact, he writes in his blog, "I have no idea what's going on with TrueCrypt. ... I suppose we'll have to wait and see what develops." No word about his current disk encryption, if any.

Recently he posted that he bought a new notebook, bought with cash from a local store. I suppose if he's using Windows 8 Pro, then he could be using BitLocker. I do know from his blog that he doesn't use Linux, primarily because he's never bothered to learn it.

Certainly, everything is open for speculation. Ending a project for a "dead" OS is a decent reason as any, I suppose. I jumped from Win XP to Linux on my old notebooks, and I suddenly I got full performance again.

2
1

WHOMP! There it is: IBM demos 154TB tape

Brian Miller
Bronze badge

Re: Tape is dead!!!

Is it OK if the tape takes the tube instead?

2
0

Innovation creates instability, you say? BLASPHEMY, you SCUM

Brian Miller
Bronze badge

Beware hokey religions and ancient mantras

“Why do you say we should not innovate?”

You'll never win when you try to challenge someone's hokey religion and their mantra of "innovate." They aren't solving problems, and they know it. They know that they are trying to suck down government money. They are going to give their stupid presentations until they run out of cash, and then find something else to wave around as their new banner.

0
0

Grav waves: Moment when 'father of Big Bang inflation' learns he was RIGHT ALL ALONG

Brian Miller
Bronze badge
Joke

Celebratory ice cream?

Will Ben & Jerry's be releasing Gravity Wavy? Or Big Bang Butterscotch?

7
0

The long war on 'DRAM price fixing' is over: Claim YOUR spoils now (It's worth a few beers)

Brian Miller
Bronze badge

Might as well file, the computers are in the closet!

I still have a couple of the systems gathering dust in the closet. So why not file? I can actually show the memory. They don't ask for any proof, though, like sales receipts. If I were them, I'd be asking for some proof of purchase. That would cut the claims down!

0
0

Brit Bitcoin dev: I lost 'over £200k' when MtGox popped its socks

Brian Miller
Bronze badge

No real banks are messing with BitCoins

Anybody notice that no real banks are messing with BitCoins? And all of the sites that are screwing around with them can't write basic financial transaction software?

2
1

Bitcoin bank Flexcoin pulls plug after cyber-robbers nick $610,000

Brian Miller
Bronze badge

Protocol review? Hello?

How many times will it be before these "banks" review their transaction protocols? And how long before BitCoin users will read the terms of service, and not use a "bank" that declares they aren't responsible for what you store with them?

7
0

Reg HPC man relives 0-day rootkit GROUNDHOG DAY

Brian Miller
Bronze badge

Rootkit playing tunes?

This sounds really bizarre. Why would a piece of malware literally toot its own horn? The whole purpose of a rootkit is to hide and be stealthy.

The second question is, what was it doing? The thing is, remote administration is not the way to go here. Admittedly, I'm one of those fellows who does know how to use a kernel debugger and a network sniffer, and I have a 16 port managed switch just for what's at my desk.

The first thing I would have done is, as Nigel 11 noted, run from a live CD and scan the drive. When a rootkit gets into the system, it then normally removes itself from the various process lists, or renames itself to something innocuous. The next thing I would have done is to look at the network traffic, using a different machine. OK, so I'm using switches that allow port mirroring, or else you'd have to keep a real hub handy. So I'd look at the network traffic. Today's malware usually wants to communicate on the network. So what's the traffic look like? Sending spam? Scanning? DDOS?

Something is fishy about just playing random tunes.

2
0

Chihuahua TERROR: Packs of TINY hounds menace Arizona

Brian Miller
Bronze badge

"It can tear a man's sock right off his foot!"

said Ted Johnson, of Red Meat.

Arizona has an open carry gun law, and people simply need to get over this thing of not eating dogs.

4
0

Page: