115 posts • joined 3 Jun 2013
Whos routers ard they using? Alu, huawei, cisco or juniper? I for one cannot believe that they have no redundancy at layer 2.5 of their core. So I expect this to be a label switching router problem
Because its a cheaper defense than paying for masses of conventional armed forces worldwide. Ie people.
Seems to me that -in this instance- common sense prevailed.
Re: "a single purpose: to play demanding PC games"
In fact these days the pc doesnt have to be anywhere nesr the front room, or the display. Its all abouf game streaming now. Like steam streaming.
Re: Isn't this
Hi. I'm average Joe. I don't mine bitcoins. I don't hold them or speculate with them I just use them to pay for stuff.
As long as I can use them to pay for stuff my interest won't drop.
I don't care what the miners are up to. So for me I don't see how failure to mine them will bring a bitcoin downfall.
Re: "a former employee was able to compromise a router using an old password"
Any decent network uses Tacacs or similar. Turn access off for depating employees with one click.
Further, secure ISPs now choose to enable change access only through a change process, no change authorised without permission...
The error was in 3 places.
1) no client-server authentication. (As article states)
2) security in ISP hosting the attack.
3) security on peer isp, which should have had the policies in place not to accept invalid route advertisements.
3 doesnt apply if both the original and breach servers were in the same ISP. I don't think many ISPs do protective policies within their iBGP.
What has thiz got to do with IT?
I like fast cars but I wouldn't expect to see an article about formula one on el reg.
Re: Game Theory
How did that work? Fon only applies to the wireless interface. Theres no FON on the wired ports.
So are you SURE?......
Re: Game Theory
When you disable FON it stops you using it on others systems.
You could enable/disable it every time you left/returned. But that requires a login, and tbh it's nit worth the effort.
Remember, if you use ALL bandwidth whilst at home, it lets you so no bandwidth is available to other FON users. So you lose nothing by leaving it on.
Re: Free FON wifi
Nothing at all to stop this. BT are happy for you to do it. It's a perk of their service.
Only thing is that there's an app for android to log you into FON automatically. But I think not for windows OS, so you'd need to do it manually (web) each time. Oh, and not use wired connection ofc.
Re: Q from the US
Cable and wireless became vodafone, not VM, afaik.
Re: Q from the US
For anyone interested, to get 250Mb of internet bandwidth, unrestricted in both directions, via fibre from Vodsphone (other suppliers do exist) , cost is about £450/month. Business only. They suppky the fibre install and managed NT.
I dont work for them, but this is what it cost our firm, from 2 years back.
Re: Q from the US
Uncle Ron: You are clearly not in the "streaming 7 channels of 4K pr0n at the same time" club. Without this bandwidth, how else am I to get my daily fix?
I find it Ironic that it was Linked In employees. Surely if anyone could find a better job elsewhere it would be them.
Re: Need similar laws in the UK..
Vote with your feet:find another job. It feels great, very empowering to do this. And it's very easy in the current UK employment climate.
you'll wish you'd done it long ago.
Re: Yeah but...
I don't understand this joke. Is this some American thing? What does the call/data plan have to do with the phone.... they are separate entities usually...at least to us techies...right?
I wouldn't call it honey in there. More like tar. It aint Spearmint quality that's for sure.
Re: Wait... what?
Facebork spin-doctors rang it in themselves, hoping for yet more free media publicity.
How silly of them, for surely no decent media outlet would take up this 'story'...
They cab make it go extremely quickly. But, the faster the speed the more thd concentration of cells/access points required. Vendors would love to sell carriers vast amounts of network gear to put backhauled cells everywhere.
I guess mptcp is one for the enterprise. Carriers I expect to be using mpls, with rsvp-te (& ecmp) to make best use of theif capacity. Thus they largely ignore layer 4 anyway.
Re: Security framework
Hi, yes there are lots of security test suites. The good ones are not free. Theh are run by experienced pen test engineers as a paid-for service. They are generally tailored to the system under test.
Im not a developer so can't commeng on security frameworks for embedded iot systems.
Re: Isn't peering....
The term peering doesn't imply any particular payment structure on its own, so asymmetrical traffic is fine (one party pays).
Tier1 to Tier1 interconnects are payment free though.
I believe the next hype-level inbound is '8k'.
The hype is that at 8k your eye cannot tell the difference any more.
For me, I just think 8k has nice natural-extension-upwards ring to it.
Curved screens are a weird TV hype. 'Here's a screen where you *cannot* see all the action from all your furniture'. Really??
Re: I just wonder
I don't think Dell is holding on to the bitcoins and gambling on them going up or down. They are changing the Bitcoins to cash immediately. This is why Coinbase is involved. If they wanted to hold onto the bitcoins, they'd not need to involve a currency exchange. I'm not an expert, but this is how I read it.
Re: Dumb concept - stop being lazy and just run the fiber to the home
I think the cost of putting up telephone poles around the place and stringing to houses would outweigh the cost of just digging up driveways, in the UK,
I think it's great that in some places cables can be 'strung up through the trees' though. Absolutely agree that where it can be done, do it..!
Re: why not take it all the way in.
I do think it would be cool for operators to offer FTTP where residences are prepared to pay their own costs for the access trench, or dig/provide it themselves to some standard.
IN the subtitle of this article it says 'Trail' instead of 'Trial'.
A 7 day ipphone trail sounds good though. I picture it as some sort guided tour around Cupertino hotspots.
This might not entirely be the fault of the voicemail providers.
The originating line switch which accepted the access connection (from your VOIP line - but could as easily have been a Basic Rate ISDN or a Primary Rate PBX interface) should be marking the originating line identify as *untrusted* (user provided not screened) That is, unless it has gone through screening in which case it can become trusted.
If the originating service provider isn't doing things properly then when the call is being passed to the voicemail provider (terminating exchange) they could be acting on the incorrectly marked fields.
Another number to use is the Network Number. In the UK, at least, this should always be provided by the originating service provider and be trusted (public can't change it). Ideally this is the number that should be used for voicemail access/validation, where possible (but there are other complications with this).
Either way, EE and 3 should not allow non-PIN authentication if originating CLI can't be trusted to be network screened/provided. Shame on the *Test Teams* within Three and EE for not picking up on this. O2 and Vodafone proved it can be done right, so why can't YOU?
I'm impressed that this article recognises a legitimate use of Bitcoins - for purchasing - rather than just as a get rich quick scheme.
I bought some bitcoins online. I was able to use them to buy some computer stuff online from abroad (second hand), which promptly arrived (and all works!).
So, for me, the bitcoins were very easy to use and therefore have value to me, beyond the cost of the purchase.
Bitcoins are not just 'collectables' as you seem to call them. I'm not collecting any of them. Just using them as I would any useful tool.
So having been caught out by this problem, will those organisations using these open-source libraries start examining the source updates to ensure they are secure?
Will they pay other organisations to validate the source for them, if they don't have the expertise in-house?
I only ask because surely the real problem will be if everyone sighs about the bug and updates their systems, but then learn nothing from it and just hope it doesn't happen again.....
Star wars is popular, i get that. but why does The Reg report on it?
I like these Star Wars updates, keep em coming. But if you are doing films then why not do updates for all the other cool films coming along too? And why stop at Star Wars films, why not branch into all the other Star Wars media whilst you are at it?
Re: The real difference
Anyone can patent an original invention, without having to make it. You don't even have to make a prototype. You can get away with just a good written description (drawings help).
Re: The real difference
I'm not sure the Apple heads, who are worth hundreds of millions each, will be vastly upset at losing out on this invention. I think they'll still sleep ok at night. :/
Graphene could make deadly strong filaments, invisible to the human eye, which would cut right through you if you walked into it.
urgh what a thought.
If you work for an IT company, but you happen to prefer and use the products of a competitors' company when at home, then should you also resign?
This guy did NOTHING as CEO to further his private cause. He didn't use the power of the company, he didn't sack gay employees, he didn't ban pink screensavers.
If you did a great job at your workplace, and you were sacked by the lefty CEO because he heard you voted Republican/Conservative, would that be fair?
Re: Sod that...
That would be a poor argument. When we went to 9600 the benefits were huge and obvious. It was definitely needed, not least of all because it reduced the cost of batch-data phone calls by so much....
Consumer demand drives vendors. Not the other way around. Exception being anything with an apple on it.
I thought BGP router admins commonly deploy policies these days to ignore problematic announcements?
If <route increments within 5 minutes> exceeds <10> ignore
If route announcement from peer-as 12345 includes peers <not on peer whitelist> then ignore
The tier 1/2 providers with the neighbour relationships need to take some responsibility here, to police their direct neighbours At least a little bit. ?
Re: Get your facts right
Is BT's 50MHz of spectrum enough to provide good coverage and bandwidth to large numbers of users inside and outside of tower blocks in central London, without having to have access points so often that it was be too expensive to deploy?
Qualifications: 'O' level in woodwork, 1988. And 50m swimming badge.
Re: Chewbacca defense
Was he laundering money himself.
Or was he providing a website service, which could be used by other people. If they sold narcotics or laundered money through it, then the charge should be on them, not on him as the host.
I think they could charge him with some form of aiding and abetting.the laundering operation.
But aren't the physical hard drives backed up elsewhere, in case they go up in flames or something?
so if any are deleted, they just pull them back off the backups. Right?
I know it's cloud, so distributed and virtual, but at layer 1 there must still be some backups somewhere.
Its data protection.
If Apple unlock this one without a court order that gives the security services some leverage. The NSA could argue that the IPAD they just took off someone needs to be unlocked, and is also a special case, and shouldn't need a court's approval to open.
Many on this thread have used an emotional arguement. It's an emotional case. But you have to step back and think if the implications. Apple are doing just this. They KNOW that they are getting bad press on this, but they KNOW that it can be far worse, in the long term, if they are seen to be an organisation who will sometimes allow data access without a court order.
Re: Well done
If I left my IPAD to someone in my will, and I didn't leave a password for it, then I would expect it to be wiped and not unlocked. What if there was information on there that I never wanted my family to see after my death? What if I knew that such information could destroy my family?
Apple are right to demand a court order. The information on there could be terrible, and there's nothing to prove that the owner wanted their family to see it.
BUT, it's clear that the owner wanted their family to use it. For this reason I do think Apple should provide an ability to WIPE a tablet back to factory settings in these circumstances, rather than unlock it.
Re: Well, that screws...
Or possibly different people are reading different articles?
Or possibly people change their minds based upon the context?
I recommend that you should a) not be so paranoid and b) stop caring about the votes. They don't make any real difference to the experience here.
Re: Nominet has dismissed the accusations as nonsense. ®
Is that it? Just £70K for a CEO role?
It's not very much. The CEO isn't there for the money then,at least that much is clear.
I think purists can argue that the term 'broadband' is exactly right for this deployment, based upon the words intended original meaning (wiki quote:)
"The term broadband refers to the wide bandwidth characteristics of a transmission medium and its ability to transport multiple signals and traffic types simultaneously."
It's entirely true that "Joe Public" equates the term to access technology to the premise. But we know better, eh?
How long before Ebay sellers can choose to accept payments through paypal in Bitcoins?
Today an auction cannot be held in Bitcoins. But if the seller wished Bitcoins to be used, then why not?
Paypal provides a nice service whereby payment can be returned if goods are not quite right. This would still be viable if they accepted bitcoins.
Only a matter of time.
Re: So they are charging a fortune...
It's not the simplicity of the procedure that counts. It's the work behind it, and the volume.
We don't know how many change actions they get per day across their user base. If the Big named brands are making upwards of 700 changes per day between them, for example, , then that's a LOT of work to process with callbacks.
Further, they now how to put in and maintain the PIN infrastructure, charging mechanisms, SLA/KPI reporting, record maintaining, security procedures in the event of a problem, training for their admins, etc.
As always, the user sees a simple service and wonders why the cost is needed. There's a lot of work that goes into making something seem simple.
Re: I'm sure I've worked there ...
It's good that you recognised the problem. Nowadays though,proving that you emailed the boss (so covered your a$$) isn't good enough in business. Your organisation still failed, regardless of fault.
That no action was taken means that either you didn't make the case clear enough to your boss (unlikely), or that you didn't try hard enough to raise awareness within other parts of your organisation.
We in IT must recognise when to go over our bosses' heads, or call a meeting with others to gain more support, or go direct to the Account with our concerns. It's harder to do and takes more effort and guts, but liek it or not that's what will make the business succeed rather than fail. Bosses aren't always right, and we in IT can't hide behind 'told you so' these days.
Hurts to say it, but it is true.
- Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM
- China building SUPERSONIC SUBMARINE that travels in a BUBBLE
- Review Raspberry Pi B+: PHWOAR, get a load of those pins
- Experimental hypersonic SUPERMISSILE destroyed 4 SECONDS after US launched it
- Will It Blend? Maybe. BlackBerry’s secret comeback weapon