* Posts by Flocke Kroes

2646 posts • joined 19 Oct 2007

Your wget is broken and should DIE, dev tells Microsoft

Flocke Kroes Silver badge

If only ...

If only their were implementations of curl and wget available in source code form on the internet that could be compiled for Windows and distributed for free. Microsoft would be able ship software that has survived decades of testing by demanding techies without having to go to the expense of creating, testing and debugging their own versions.

Microsoft has open-sourced PowerShell for Linux, Macs. Repeat, Microsoft has open-sourced PowerShell

Flocke Kroes Silver badge

Re: Microsoft Open Source ©

Microsoft was doing open source back when I was a PFY. The license went something along the lines of "If you could have glimpsed Microsoft's source code, and you profit from software that does something similar, Microsoft can sue you to bankruptcy".

The article says "permissive MIT licence". The difference between that and a standard MIT license was not obvious with couple of quick web searches. Microsoft have been releasing software with MIT-like licenses for years. It is a big step up from their early poisoned chalices. The bit that is missing is the patent promise. Last time I looked, Microsoft promised not to sue you for patent infringement if you created a standards compliant implementation of the .NET framework. If you created an implementation that was compatible with theirs instead of being standards compliant, you had no such protection.

It has been years since I looked at Microsoft's terms and conditions. I could be very out of date. If Microsoft has made a stronger commitment not to sue developers, a link to it would be appreciated.

Flocke Kroes Silver badge

Why is ssh built in?

If it is not built it in, you can use the latest ssh, tested by programmers all over the world. Any built in version will either be behind the times, or some clone tested only by the brave Microsoft customers running the next version of Windows.

£11bn later: Smart meters project delayed again for Crapita tests

Flocke Kroes Silver badge

Re: "Smart" meters

No need for a problem. The requirement is for someone to pay for them. If something has value, people will buy it. If something is pointless, businesses will buy it and pass the costs on to customers. If it is a broken money sucking disaster, governments will buy it with tax payers' money.

Some Windows 10 Anniversary Update: SSD freeze

Flocke Kroes Silver badge

Re: Satya Nadella fault

IIRC Ballmer fired the test department because they were delaying the release of Vista.

Flocke Kroes Silver badge

Thankyou AndrewDu ...

... for offering to install your MS software on the home device of anyone who needs it to do their homework. Isn't it generous of Microsoft to allow this in their terms and conditions. But what happens when students complete their course? Can they continue with the licensed copy you installed, or do they have to pay a monthly fee / answer questions on the adverts to use the skills they have learned?

Vodafone: Dear customers. We're sorry we killed your Demon

Flocke Kroes Silver badge

I think it would hurt them

Early on, they were using FOSS. They would deliver to your server which you could configure to convert email addresses to user accounts as you chose. Some turd brained halfwit replaced it a Microsoft disaster. You then had to fart around with their steadily deteriorating web site to administer addresses. I assume this was because their Microsoft license depended on the number of unique addresses (on the assumption that this is somehow related to the number of users). Switching back to avoid the growing licensing fees would require hiring someone competent, which I assume is beyond the ability of the current PHB.

The free demon website became a free NamesCo website and a year later they said it was only free for the previous year.

To some extent, this is a good thing. Domain names are cheap, and ADSL is sufficient for a modest website and email server. I no longer have to tolerate whatever PHB was in charge of these services. (And I hope he is now working out his notice because he has made himself redundant)

I assume the next thing to go is the free technical support number, followed by service interruptions to increase revenue from the new premium rate number.

Anyone know an ISP that: puts their terms and conditions front and centre where you can read them, gets their revenue from providing a good service and not a premium rate complaints number and has a termination policy that does not involve finding the secret procedure to arrange a face to face meeting with Mr Inaccessible 36 months in advance?

Russia is planning to use airships as part of a $240bn transport project

Flocke Kroes Silver badge

Re: Fuel

The old solution was Blau gas. A more modern solution is to retain the water vapour from combustion. Fuel has about twice as many hydrogen atoms as carbon atoms. The loss of carbon in CO₂ is balanced by the gain of oxygen in H₂O.

The curious case of a wearables cynic and his enduring fat bastardry

Flocke Kroes Silver badge

To everyone complaining that trousers are too big at the waist:

Belt up.

BlackBerry: Forget phones, Lawsuits In Motion is back – and it's firing off patent claims

Flocke Kroes Silver badge

bazza - try getting your facts right

TSG (The SCO Group) litigation was about contracts, not copyrights. According to TSG, when IBM added code to AIX that made the functionality the property of TSG. Linux destroyed the value of Project Monterey, a joint venture by companies (including IBM and TSG) to create a single Unix for multiple architectures. TSG claimed that IBM broke a contract with TSG when it increased the value of Linux by adding TSG's functionality (that was designed by IBM, and implemented by different IBM programmers for AIX and Linux) to Linux.

TSG said they owned the copyrights for Unix. They actually had a contract to collect royalties for Novell's Unix, pay all the money to Novell and in return Novell would pay TSG commission. TSG's litigation with Novell was about the lack of transfer of copyrights, TSG keeping Novell's Unix royalties and TSG suing IBM over Unix without authorisation from Novell.

TSG also sued former customers because the licence agreement required customers to count the number of installations of SCO Unix they used (zero) and post the results to TSG every year. When the letters stopped arriving, TSG sued ex-customers for breach of contract.

TSG made a lot of noise about copyrights they did not own and patents they did not have. They pressured some companies into signing a contract to pay royalties to TSG for any TSG code or patented material that might be in Linux. The contract was the source of revenue, not STREAMS (Licensed GPL and contributed to Linux by SCO, ignored by everybody and deleted from Linux when TSG started threatening every penguin on the planet).

I am churlish enough to say that BlackBerry have come out from under a other people's bridges and are trollishly demanding money to cross. There is some strange belief that this behaviour is acceptable if the company doing it does (or used to) manufacture something.

Patents were supposed to increase the rate of technological progress by rewarding inventors for publishing the details of their invention so others could use them. Software patents at best describe functionality that is obvious to those skilled in the art. The time consuming part of adding functionality is creating code that implements the functionality and the test vectors that ensure the functionality survives debugging, optimising, porting and feature creep. Software patents (== computer implemented inventions) do not include code (which is protected by copyright), so they do not increase the rate of technological progress because they do not include details that allow others to use them without doing all the work of coding and testing.

Judges are beginning to understand this, and have set precedents reducing the value of patent portfolios. Some states recognise the damage that patents do to their SMEs, and have passed laws to place barriers in front of trolls. Filing in East Texas is by itself evidence that BlackBerry knows it is trolling, and would lose on appeal if their victim has the cash to last long enough. The reason BlackBerry has not been snapped up is they believe their patent portfolio has greater value than experienced trolls are prepared to offer.

HPE CEO Meg Whitman endorses Hillary Clinton, dumps on Trump

Flocke Kroes Silver badge

mainstream media?

ooFie: "almost ALL mainstream media denouncing Trump as the anti-Christ"

I have read plenty of mainstream media about Trump, but this was the first time I heard he was the anti-christ. I tried a web search for "Trump anti-christ" and found plenty of results. I did not recognise any of the sites, and lacking significant knowledge or interest in religion I had difficulty separating sincerity from satire.

As I was clearly out of my depth, I looked for the opinion of an expert. A web search for "Trump pope" showed lots of sites I recognised. No mention of anti-christ so far, but here is what Pope Francis said about Donald:

"A person who thinks only about building walls, wherever they may be, and not building bridges, is not Christian."

Perhaps you could point out a mainstream media site that claims Trump is the anti-christ?

Chinese Android smartphone firm: It packs a dedicated crypto chip

Flocke Kroes Silver badge

I am sure I saw something like this before.

Virgin Galactic wins US operator's licence for SpaceShipTwo

Flocke Kroes Silver badge

Re: Space travel—for those who don't know what that is

I was going to reply that a fraction of the project would be used on something useful: LauncherOne (200kg to sun synchronous orbit). A short fact check before posting showed that White Knight Two is too small for the current design of LauncherOne, and they will need a 747 instead. Also, the LauncherOne design uses an RP2/LOX engine, not N₂O/HTPB so the two projects have very little in common.

I found about $400M of funding for the up/down joyride, $100M for LauncherOne. I found between $100M and $200M of real funding for Skylon, and promises for $350M that could have arrived, or been trimmed to the funding I did find.

The entire Skylon project was expected to require $12B in 2004 and the current first test flight could be in 2025. I can see why investors are going for cheaper toy projects with a shorter promised delivery date. SLS has currently cost most of $7B, and is expected to reach $35B by 2025. If Alan Bond promised to drop half his budget on states that made space shuttle parts, he could have got all the funding he needed.

You think Donald Trump is insecure? Check out his online store

Flocke Kroes Silver badge

That was the old plan

Trump was profiting from the primaries by spending campaign money on Trump businesses. Trump's self funded campaign got money from (initially unsolicited) donations and from loans from Donald Trump. Right up to the nominating convention in Cleveland, Trump could have mostly repaid himself from contributions. Only when the Republican party was irreversibly committed to nominating Trump did he forgive the loans.

The fun part is that Trump might have taken the plunge at the peak of his polling. Americans start taking an interest in their elections at different times. Some will wait for the debates, others waited for the conventions. Only the truly committed followed from the start of the primaries. During the primaries, each party feuds with itself. That is supposed to end at the convention which is used to heal the party's rifts and convince the supporters of the other candidates to accept the nominee.

Trump made his commitment before the Democrat's convention started, and before the Republican convention finished. The polls would have included thoroughly disgruntled Bernie supporters and and Republicans who had not yet looked at who their candidate really is. The Democrats reduced their spending on Trump bashing adverts before the Republican convention. Perhaps they were afraid that if they worked too hard, Trump would not get nominated, and Trump was doing an excellent job of convincing Republicans to vote Hillary. Trump's convention highlighted and widened the divisions in his party, and convinced many senior Republicans to endorse Hillary. When the polling reflects that, Trump will be looking for someone to blame.

Giant Musk-stick test-firing proves a rocket can rise twice

Flocke Kroes Silver badge


I keep seeing "first stage separation at about 100km". After separation, stage one is still going really fast, but near horizontal. If a stage one does not get into space before separation, it probably covers the last few hundred meters after separation. There is still plenty of atmospheric heating on the way down, but not as much as for the space shuttle or Falcon 9 stage 2. NS2 has a much easier return path as it is just going up and down with no attempt at getting into orbit.

Flocke Kroes Silver badge

Splitting hairs

"it's the first time a rocket's first stage has ever been fuelled up and fired after it's been to space."

NS2 has been into space and back four times. You can almost exclude New Shepard from the above statement because the first stage is the only stage (and has only half the thrust of a Falcon 9 stage 2). Despite New Shepard's much less demanding missions suborbital test flights, I still think Blue Origins wins the prize for flying the first re-usable stage 1 rocket.

Auto crypto algo validation? Protocol prototype here

Flocke Kroes Silver badge

Doesn't everybody ...

... arrange for 'make test' to whine if some module's output does not match known good output for a set of test vectors?

So the new plan is to use untested code to connect to a spoofed server, get some test vectors, run the untested crypto algorithm on them and rely on a reply from that spoofed server to valid the code that authenticated the wrong server in the first place?

Dem-owned-crats: Now its congressional committee is hacked

Flocke Kroes Silver badge

Re: Someone get Assange a cookie

Would you like to point at the email on wikileaks that proves the democrats are corrupt criminals? If you actually find one, how would you prove it was written by a democrat and not a fake planted by the crackers?

Windows 10 pain: Reg man has 75 per cent upgrade failure rate

Flocke Kroes Silver badge

Guess at Windows 10 specific BIOS

Are we looking at a TPM issue? As a complete penguin, I could be thoroughly wrong here, but as I understand it, Windows machines must be completely locked down to prevent users doing something without explicit permission from one of Microsoft's servers. Imagine if an exploit was found for an old TPM. The driver would already exist for Windows 7, but it would be 'impossible' to create one for Windows 10 because a user might be able to do something that Microsoft want to charge extra for - say extracting a local copy of a file held for ransom on OneDrive.

I thoroughly welcome you to explore Penguinland - on days well in advance of deadlines. On your first visit to the command line, you want 'man 1 less', and find the button that exits from less, which is used for displaying manual pages. Next up is 'man 1 man', and look for the command for searching for manual pages referencing a specific topic. After that, try 'info info' because some raving gnu hates man pages. Before frustration sets in, read about asking questions.

The return of (drone) robot wars: Beware of low-flying freezers

Flocke Kroes Silver badge

Re: Even in 2016

[Expletive deleted] pedestrians deliberately blocking my path and telling me not to ride a bicycle on the pavement. A few have the grace to apologise when I ask them not to obstruct the cycle path. Lane markings, a picture of a bicycle painted on the path and the white bicycle in a blue circle sign, yet pedestrians still cannot spot a cycle path.

[I know there are inconsiderate cyclists, but there are also inconsiderate drivers and inconsiderate pedestrians. No one group has a monopoly on stupid.]

Fork YOU! Sure, take the code. Then what?

Flocke Kroes Silver badge

Re: Forking Debian...

Distrowatch tells me the most recent distribution based on Debian is Bodhi, which came out yesterday. For a proper fork, I would guess Devuan.

Gullible Essex Police are now using junk science lie detectors

Flocke Kroes Silver badge

Simple: choose the right question

Did you steal a cookie from the jar by your neighbour's kitchen sink at 10:30 yesterday?

Have you ever take something you that perhaps you shouldn't have?

It's 2016 and your passwords can still be sniffed from wireless keyboards

Flocke Kroes Silver badge

I thought it was keykerikiki


UK membership of Council of Europe has implications for data protection after Brexit

Flocke Kroes Silver badge

Re: something as “flexible” as PrivacyShield

How about a papyrus boat? (You can't find me. I am hiding behind a Cheshire cat.)

Seminal adventure game The Hobbit finally ported to the Dragon 64

Flocke Kroes Silver badge

Re: Posh Gits

At school, the compukit UK101 was somewhat accessible. With some extra software you could use the arrow keys to move the other cursor and copy one letter at a time from a different part of the screen! There were rumours of an ITT2020 hidden in a locked room.

If the Trash 80 was too pricey, you could have got the Chinese copy called a Video Genie (mine had both shift keys!)

No, the VCR is not about to die. It died years ago. Now it's VHS/DVD combo boxes' turn

Flocke Kroes Silver badge

Stop making me feel old

Helical scan digital storage tape did exist. It was based on Digital Audio Tape, and the computer storage version was informally known as DAT as well.

Kids today... don't even remember DAT. Time to practice shouting "Get of my lawn!"

IT boss 'set up fake companies to charge his employers $2.4m'

Flocke Kroes Silver badge

Re: Consultancy...

The other way to do hardware:

Delete a driver. Tell victim he needs a new motherboard, purchase for real, swap in the new one, and send the old one for recycling and re-install the driver. Move the old motherboard from your recycling company to your computer spares company and repeat - this time buying from the 'new' motherboard from yourself.

In a couple of years, the Brexiters will give us back the tariff rip-off. Pick something with an import tariff, buy some for real abroad and import it from yourself. Collect broken kit that resembles the product and send it back under guaranty to your foreign self. You can then send replacements to yourself without paying the import tariff and undercut the competition.

Alleged skipper of pirate site KickAss Torrents keel-hauled in Poland

Flocke Kroes Silver badge

Re: Here's a thought...

Thanks for the love, but I do have a wish list of content not available for purchase either at all, or at a sane price. The newest items on the list are exclusively on Amazon Prime. Exclusives are exclusive for a limited time. I can wait. While I am waiting, older items from the wish list become available like my recent purchases. I keep to a strict ≤£5 per film and ≤£1 per episode. I can sit back, feel smug and self righteous with >370 films >3400 episodes until Amazon Prime's temporary monopoly gets broken just like all their predecessors.

Flocke Kroes Silver badge

Re: Big content: 3

A 500GB spinning disk is about the same cost as 100x 4.7GB DVDRW, and I do not have to waste time loading and unloading 100 disks.

I am sure there will be a successor or several for KAT. The Motion Picture Ass of America has used particularly poor methods for discouraging copyright infringement, but they do learn from their mistakes (at a glacial pace). I am sure Artem Vaulin is going to have several really bad days, and if found guilty, several bad years. Even so, new copyKATs will appear because every single one of them knows he is too smart to get caught.

Flocke Kroes Silver badge

Re: Big content: 3

Just bought another four DVDs. Happy to contribute towards a little nail pounding.

Flocke Kroes Silver badge


Let's take Assistant Attorney General Caldwell at his word, and assume Vaulin is "responsible for unlawfully distributing well over US$1 billion of copyrighted materials". Wouldn't that mean more than 50 million unique visitors a month were not responsible for distributing that billion?

Gartner's hype cycle turned upside down to assess Brexit

Flocke Kroes Silver badge

Gartner predicting a return to rationality?

Now I am really worried.

GMB tests Uber 'self-employed drivers' claim at London tribunal

Flocke Kroes Silver badge

When Uber started ...

The idea was that if I was going to drive somewhere I could tell Uber in advance and if someone else was going the same way I could pick them up, drop them off and get back some of the costs of the journey. The passenger gets a cheap ride, I get some petrol money and Uber takes their cut. All three benefit from the deal. The key points here are that driving is not my day job, and as I was making the journey anyway all the money I get is profit even if it doesn't even cover petrol.

Some people started considering Uber as their day job and making journeys entirely at customer request. At this point everything has gone wrong. The driver needs commercial insurance, Uber should not send dispatch assignments without evidence of commercial insurance, and the price has to cover insurance, petrol, maintenance, driver time, and the journey between fares. Self employed or employee does not matter, but self employed has to charge extra to account for lack of sick pay and holidays.

I have no problem with contractors not asking for enough money. They should either put up their prices or seek different contracts. I do have a problem with contractors agreeing to a contract then whining to a judge about lack of holiday pay. I also have a problem with Uber benefiting from their taxi dispatcher service while avoiding their responsibilities because they once pretended to be a ride sharing service.

UK South East Coast Ambulance slammed for creaking emergency dispatch IT

Flocke Kroes Silver badge

Re: Oh FFS

Demonstrated working by other regions? Double the price! Threats of dire consequences if problems not promptly fixed? Price x10 + monthly service charge! Your consultancy fee is at 50°N, 30°W.

Three pence in a pound awaits Steljes' trade creditors

Flocke Kroes Silver badge

Are they insane?

When a tech company is in its death throws, the standard plan is sue a big company, hire a high profile litigator for a share of the damages, fire everyone but the litigation manager, place a ridiculous value on the litigation so you can pretend you are not trading while insolvent, run up bills and don't pay them, asset strip and give yourself a pay rise.

Blighty's Coastguard goes into battle against waterborne Pokemon

Flocke Kroes Silver badge

Re: Don't mess with evolution!

I assume somebody used a boat to place a lure in the middle of the lake. It is not that difficult to get a phone high up in a dangerous place, but presumably you have to press a button to set the lure, so need to get into that place yourself - until GPS started working in canyons.

The satellites transmit right hand circular polarised microwaves. In the dark ages, GPS antennas were designed to prefer RHCP to avoid being confused by reflections (reflections are LHCP). Antennas changed to accept either polarisation so they would still work when the direct signal is blocked. Modern receivers track the direct and the reflected path at the same time. The first one to arrive must be the direct signal, but the second may provide a clearer signal.

To take advantage of multipath, you must turn your phone off, go to a place with two tall buildings, stand with your back against one of them and turn the phone back on again. The building behind you should block or at least weaken the direct path, so it will take the phone time to detect it. The signal from the building in front of you should provide a stronger signal that the phone detects quickly. As the phone has no history of how it got to its current position, it will assume the reflected signal travelled in a straight line, and will conclude that it is on the far side of the building in front of you.

If that is an impossible place for people to reach, you should be able to wind up Satoshi/Musashi unless they understand multipath too.

UK 'emergency' bulk data slurp permissible in pursuit of 'serious crime'

Flocke Kroes Silver badge

Re: Exactly what defines 'serious crime'?

It doesn't matter. If something is not a serious crime then it must be a humorous crime. I am sure we will get new laws to protect us from humorous crimes and a panopticon to hunt down everyone who says thing that might cause offence. I feel confident that I can say "Theresa May doubleplusgood duckspeaker" without getting a free trip to joycamp until after Brexit.

What will laws on self-driving cars look like? Think black boxes and 'minimum attention'

Flocke Kroes Silver badge

Re: Road Net

For some reason, journeys start taking longer. Next, central control offers a monthly fee for priority routing. Priority routed vehicles slow everyone else's journeys so they have to buy priority routing too. For an extra fee, super priority routing becomes available for a super monthly fee.

Trump? Terror? Turkey? Whoa, there's a Tentacool in that Bush...

Flocke Kroes Silver badge

Re: Parallel Universe?

I thought I had escaped the parallel universe until Team rocket SpaceX ended their CRS9 launch video by finding a dragon.

Ad blockers responsible for rise in upfront TV ad sales, claims report

Flocke Kroes Silver badge

Re: Huh?

I had to look it up: For TV advertising, upfront is presenting an opportunity to buy adverting slots before a season of a TV series starts showing (or possibly filming).

One in five consumers upgraded to Win10 for free instead of buying a PC

Flocke Kroes Silver badge

Re: PC sales decline

Welcome to Penguinland. Try a SuperTuxKart.

UK gov says new Home Sec will have powers to ban end-to-end encryption

Flocke Kroes Silver badge

password 12345 can be secure

gpg encrypts mail with the recipient's public key. It can only be decrypted with the recipient's secret key, which is supposed to be a secret. The difficult bit comes from where the recipient keeps her secret key. If it is only on a device she controls and on a backup floppy disk in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying "Beware of the Leopard", then it is reasonably secure.

Secret keys are often encrypted with password that the owner has to remember. If the password is 12345 and copies of the secret key are all over the internet then there is no security. If the password is something like "$>QeP{r:{s=6|b}VNJFt" and the owner types it into a device with a key logger or trojaned version of gpg then there is no security.

Password protection on secret keys dates back to an age when computers were so expensive that they had to be shared, the system administrator could be trusted not to replace gpg with a trojan, and you could not be locked up for five years for not telling the police the password for your secret key. A more modern use of that password is to protect against accidents like a leopard enthusiast with a crow bar desperate for a pee.

EU waves antitrust claims in Google's face, snarls 'You want some?'

Flocke Kroes Silver badge

Are comparison sites still rubbish?

Back when I was a PFY I occasionally clicked on a comparison site by accident. They were so irritating that I took the trouble to learn their names so I could scroll past them to the sites that actually sold things. There were articles on the internet like price comparison that only covered the shops in the mall where the comparison booth was located with no warning that the rest of the world was excluded from the results. There were rumours that it was really expensive to be listed as the cheapest insurer on a comparison site, and some insurers advertised that they were not listed on such sites.

It is quite possible that Google noticed my aversion to comparison sites and does not include them in my results. It is very likely that I was not the only one ignoring such sites, and their page rankings fell for everyone else's results too. Over a decade has passed. I do not see comparison sites in search results and out of habbit I would not click on one if I recognised it. After all this time have comparison sites cleaned up their act to the point where the cheapest seller on the list will actually deliver, does not have hidden extra charges and is actually provides the same product cheaper than I am likely to find elsewhere if I spend an hour or two checking individual retailers?

Smartphones aren't tiny PCs, but that's how we use them in the West

Flocke Kroes Silver badge

Advantage of QR over NFC

Crims can steal from NFC bank cards 40cm away without you noticing until the bill arrives. Victims have to actually point their camera at a QR code, and there is some hope that the phone might display the amount, who gets paid and an opportunity to cancel the transaction.

Florida U boffins think they've defeated all ransomware

Flocke Kroes Silver badge


This is my home system. Computers are mostly Raspberry Pi's and some similar devices predating Pi's. This applies to home directories. When I modify system config files, tested and working versions get copied to a directory in /home/ so everything is in one place. Video files are dealt with separately because they are too big and new ones do not appear every week.

Out of lazyness, nightly backups are cron+rsync over the network to a single point of failure. Weekly(ish) backups using tar+bzip2 to one of two USB disks. The USB disk gets moved to an old mips board and is checked with a script that includes: bzip2 -cd /mnt/backup/latest.tar.bz2 | tar -xT path/to/canary_list

bzip2 will go through the entire file and complain to stderr if it is not valid. The canary files are checked with cmp. Remember to delete the canaries before extracting them.

This strategy depends too much on human discipline and does not scale. The advantages are that it was made mostly out of kit I had lying around gathering dust, it is sufficiently odd that mass market malware will not understand it and that the data protected is not valuable enough to be worth a competent cracker's time.

I hope there are some ideas you find helpful. If you need an old mips device, look for a dusty box full of old routers and see if any of them are on openwrt's supported devices page. Linux's supported architectures are X86_64, i686, ARM, mips (often) and various problems I hope I never have to deal with again. Mips should be sufficiently odd to annoy crackers. If you can find less than three working i686 laptops, one would be a good choice.

Flocke Kroes Silver badge

Re: Next gen ransomware

DavCrav: The article had "Bulk modification of file types", so my plan was not to change the file type, just the data after the header identifying the file type. The bulk of the data in a file does get modified. If the defenders try to detect that, then I would make a small modification to a bunch of source files, then go through them again and again until thoroughly trashed, then pick another bunch.

Mayhem: I like the idea of splitting the work among child processes. I thought the defenders were looking at the file system, not the activity of individual tasks, but might as well burn that bridge before someone tries to cross it.

Dr Syntax: "if the file changes look OK" is the tricky bit. Attacker and defender can both arrange that files with properly documented formats are valid. If the file format is documented except for some secret binary blobs, then attackers cannot create valid files and defenders cannot check them.

Flocke Kroes Silver badge

For the time being, just about ...

There have been several attempts at ransomware for Linux. Some actually encrypted files. Last time I looked, the encryption keys were recoverable for free.

Offline backups still have additional value as a ransomware recovery strategy. Backups should not be considered successful without a restore. As the restore is required anyway, I use a non-networked machine that is not x86 or ARM, and check for some canary files.

I would be grateful is other Linux users were at least as paranoid so Linux ransomware does not become a multimillion dollar per month enemy.

Flocke Kroes Silver badge

Next gen ransomware

Disks are way too big these days, so there is room to add plenty of extra data that is not required for decryption. For each old file, create a new one of the same type. Each new file contains chunks from other files of the same type in a random order, an encrypted map where the chunks came from and repeats of sections of the encrypted map to reduce entropy. When an old file's contents is mostly stored in new files, modify the old file preserving the type, including the remaining chunks of original data in a random order and add the final encrypted map.

This will not trigger any of the indicators mentioned in the article. It costs some code for each file type, but even with just jpeg and docx people will have plenty of incentive to pay up. Ransomware distributors are well funded, so I am sure they can afford the development effort more than Florida University boffins can afford to counter it.

Google slammed over its 'free' school service

Flocke Kroes Silver badge

The strangest bit

Google could have written a privacy policy along the lines of 'Google will mine the data extensively and use the results for profit and drowning cute kittens'. Dozens of people would have read the start, a few would reach the end, and the one that cared only went to Google to read the privacy policy and had no intention of using the service anyway.

If you do not want Google to spy on you, use a different search engine. If you do not want anyone to spy on your internet activity, do not own a cell phone or use the internet. (This behaviour is considered conclusive evidence of terrorist activity.)

Other people have the right to make their minds up for themselves. If they want to exchange loss of privacy for search results, that is their choice. If they could not be bothered to read a privacy policy, that is their choice too.

Google may well deserve a legal kicking a misleading privacy policy. Making 'free' services illegal in the name of privacy might stop the 'free', but it wont stop the spying. If governments cannot spy on you through the companies you interact with then they will have to do it themselves. I really do not want them to waste more money on another big IT project.

(Please take a look at the tails privacy focused OS. If enough people go there, they cannot imprison us all for suspicion of not voting for Theresa May.)

Linus Torvalds in sweary rant about punctuation in kernel comments

Flocke Kroes Silver badge

Re: Quotes

Converse: Pay other people to do it while you watch.

Biting the hand that feeds IT © 1998–2019