* Posts by Martijn Otto

448 posts • joined 20 Oct 2007

Page:

Check yo self before you HyperWreck yo self: Cisco fixes gimme-root holes in HyperFlex, plus more security bugs

Martijn Otto

Despicable

That you need a support contract with them in order to install security fixes. I can sort of understand that you want to charge users if they want to install updates providing new features. But to let customers be unprotected after purchasing your tech is simply unethical.

Not that I'm surprised, of course.

Bored bloke takes control of British Army 'psyops' unit's Twitter

Martijn Otto

"We have always been at war with Eastasia"

The wayback machine is lying. The army has no twitter account and has never had a twitter account.

Secret mic in Nest gear wasn't supposed to be a secret, says Google, we just forgot to tell anyone

Martijn Otto

Re: Oh, crap they caught us again!

It's getting a tad obvious indeed, perhaps they should use the BOFHs excuse calendar instead?

Password managers may leave your online crown jewels 'exposed in RAM' to malware – but hey, they're still better than the alternative

Martijn Otto

Re: This is why you need a dedicated hardware-token for things like this.

Fair enough - the entry you unlock will be available somewhere in memory. Either on the console, or in your copy-paste buffer. That's obvious because you need some way to get it into whatever form you're pasting in.

Even if your manager is completely safe, you're still pasting it into your webbrowser, which will keep it somewhere in memory until its posted.

I don't get what exactly is "extreme" or "theoretical" about a key unlocking a specific entry. This is exactly what pass does. Each password is individually encrypted and also decrypted on demand (with the use of the token).

Martijn Otto

This is why you need a dedicated hardware-token for things like this.

There are basically two ways to do this. You can either get a U2F token. This is pretty easy, but the website needs to specifically support it. Many don't.

The other way is to use a password manager which integrates with a token. Personally, I like pass, which uses GPG for encrypting all the passwords. If you then store your keys on the token you can only get at your passwords by having the token and entering the pincode for it. The password database is synced with git (each new or edited password automatically becomes a commit) and pushed to a repository. It also supports submodules and multi-key setup so you can have a shared submodule with passwords you need shared (e.g. with colleagues or a spouse).

Leaky child-tracking smartwatch maker hits back at bad PR

Martijn Otto
Joke

Watching your kid is good

Having the whole world watch your kid is even better. More eyes, more safety.

I therefore applaud Enox for doing their part to make children safer.

Google: All your leaked passwords are belong to us – here's a Chrome extension to find them

Martijn Otto

Re: Which password manager to plump for?

I can recommend pass. Open-source (it's just a bash-script), usually available in the repositories (so easy to install), works with GPG (so you can use it with a hardware-token) and integrates nicely with git (for syncing the database over multiple machines).

https://www.passwordstore.org/

Forget snowmageddon, it's dropageddon in Azure SQL world: Microsoft accidentally deletes customer DBs

Martijn Otto
Joke

Must be a misunderstanding

Instead of the more common Ctrl-Alt-Delete to restart a server with a BSOD, somebody accidentally hit only the Delete key, resulting in customer data deletion.

Newsflash: Twitter still toxic place for women, particular those of color, Amnesty study finds

Martijn Otto
Coat

"said Dorsey, pining that tweet to the top of his timeline"

Is this a very subtle reference to Monty Python here?

tweeting => birds => parrot => dead parrot pining for the fjords

Microsoft: Come and play in our Windows SandBox

Martijn Otto
Joke

Windows ensures your privacy

I have heard a rumor that upcoming builds will re-enable the "remove user files" option, thereby ensuring no private data can leak by preemptively deleting it.

This feature was present shortly in a previous build, but it didn't work consistent enough yet and was therefore removed. Don't worry, though, Redmond is on the job!

The Palm Palm: The Derringer of smartphones

Martijn Otto

Re: Very, very nice

My current phone is a Sailfish. My next phone - which I ordered on ebay and should arrive shortly - is also going to be a Sailfish. Why?

- privacy by design

- apps in store are all open source

- very fast

- easy on the battery

- gestures work extremely well

- full Linux system

For the apps where you cannot find a native counterpart, you have the option of running Android apps.

NHS supplier that holds 40 million UK patient records: AWS is our new cloud-based platform

Martijn Otto

Cloud of Confusion

I've always wondered whether people who consider this kind of cruft to be a good idea have cloud formations inside their own head where the gray matter should be.

Russian rocket goes BOOM again – this time with a crew on it

Martijn Otto
Joke

Re: "viable and tested emergency system"

Oh the moon landings are definitely real. On the video you can clearly see the curvature of the moon. Were it filmed on earth you wouldn't have seen it as the earth is flat.

Don't believe this round-earth nonsense people!

Python joins movement to dump 'offensive' master, slave terms

Martijn Otto
Trollface

Re: I could not agree more

Perhaps we can make this list by hashing al the ungood words and then having the runtime hash all the variable and function names and comparing them against this list.

Spies still super upset they can't get at your encrypted comms data

Martijn Otto

Spooks caught with hand in cookie jar. Cookie jars are now locked by owners. Spooks upset they can no longer steal cookies.

Oh boohoo, they have proven time and time again that they are unreliable little data-junkies with little to no regard for the privacy of ordinary citizens. Why don't they start by showing us that they know how to behave before continuing their demand for access to anything, anywhere.

Politicians fume after Amazon's face-recog AI fingers dozens of them as suspected crooks

Martijn Otto

They've done it!

The first true A.I.! The system is apparantly smart enough to recognize that there's no such thing as an innocent member of congress.

Don't panic about domain fronting, an SNI fix is getting hacked out

Martijn Otto

Re: Or we finally switch to IPv6

I don't see that as an ugly hack at all. The whole concept of running multiple websites on a single IP address itself is ugly. If I remember correctly that only came about when shared hosting became a thing.

Martijn Otto

Or we finally switch to IPv6

where we don't need ugly hacks like SNI.

One two three... Go: Long Pig Microsoft avoids cannibalising Surface

Martijn Otto

It doesn't have a sim-card?

Then how can it consistently upload all the slurped data?

Open plan offices flop – you talk less, IM more, if forced to flee a cubicle

Martijn Otto

It's a conspiracy

by the manufacturers of noise-cancelling headphones!

Without kidding, though, I work in an open-plan office and about 50% of the employees here have good-quality headphones with active noise-cancelling, myself included.

GNOMEs beat Microsoft: Git Virtual File System to get a new name

Martijn Otto

BRRVFS, or Big Remote Repository Virtual Filesystem

serve cold.

Uber 'does not exist any more' says Turkish president

Martijn Otto

The Great Turkish Führer has spoken

Uber are destroying the economy. They must be eradicated.

BOFH: Their bright orange plumage warns other species, 'Back off! I'm dangerous!'

Martijn Otto

Jokes on you

Carrots aren't classified as fruits.

Martijn Otto

Re: hang on....

You think we all wear bright orange all day?

Meet Asteroid, a drop-in Linux upgrade for your unloved smartwatch

Martijn Otto

I'll wait

For Sailfish to become available for smart watches. It works extremely well on my phone and being free of the Big Bad Google feels very liberating.

Off with e's head: E-cig explosion causes first vaping death

Martijn Otto
Joke

Exciting news

This adds a whole new dimension to smoking. Now there is an element of surprise: Will you die a slow and painful death from lung cancer or are you going out in a fiery ball of flame as your "cigarette" explodes?

Leave it to Beaver: Unity is long gone and you're on your GNOME

Martijn Otto

"the loss of Unity"

I wouldn't exactly call that a loss!

Commonwealth Games brochure declares that England is now in Africa

Martijn Otto
Joke

That's Brexit for you

If you don't want to be a part of Europe, you will be a part of Africa.

Veteran NASA probe Dawn: Winter is coming on Ceres (sort of)

Martijn Otto

Re: The Expanse

I'd actually rather recommend the books. The T.V.-series - while good - pales in comparison.

Full shift to electric vans would melt Royal Mail's London hub, MPs told

Martijn Otto

Suitable alternatives

Suitable alternatives are already available. One such alternative is ammonia. Ammonia can be used as an easy and safe fuel by using a catalyst that splits up the ammonia into water and hydrogen (which can then be burned).

What makes ammonia such a good alternative you might say? There are a few reasons.

1. It can be easily manufactured, it only takes water and energy to create it.

2. Emissions from an ammonia car are only water vapor and nitrogen.

3. Energy density is good (half that of gasoline).

4. Conversion kits are available for about $1000

5. Cars can be easily made dual-fuel, so one could still burn gasoline when in necessary

Ammonia cars don't produce dangerous emissions (you could run it in your living room without any problems), they have good mileage given the high energy density, allow fast refueling and still allow you to take the car to places where you don't have ammonia available - so it doesn't limit you in any way. It's cheap to convert a car - so it's viable to people besides Elon Musk.

In addition, if ammonia cars are taken up, we could use the fuel manufacturing for buffering renewable energy. Say the wind is blowing very hard or the sun is shining brightly we could up the manufacture to absorb this energy instead of offloading it for sometimes negative amounts.

The phone OS that muggers wouldn't touch is back from the dead

Martijn Otto

Sailfish

I have been using a Sailfish device. The hardware is vastly underpowered, but the phone is actually quite responsive. I have been quite impressed with it. Only thing you notice is when you run an app using the Android Compatibility (because there is no native app available) is that those Android apps are horribly slow.

That microchipped e-passport you've got? US border cops still can't verify the data in it

Martijn Otto
Joke

Re: Software?

Well, obviously a framework of some sorts will need to be made in which a suite of applications can be created that creates an interoperable, secure system which forms the basis of national security.

That terrifying 'unfixable' Microsoft Skype security flaw: THE TRUTH

Martijn Otto

Super nodes?

That sounds like p2p, which is not what Skype is nowadays. Of course it's centralized and spy-friendly.

What did we say about Tesla's self-driving tech? SpaceX Roadster skips Mars, steers to asteroids

Martijn Otto

The Tesla Roadster

Now sporting free interplanetary delivery. Place your orders now!

A Hughes failure: Flat Earther rocketeer can't get it up yet again

Martijn Otto
Joke

Why do we need a rocket at all?

Just drive to the end of the world, take a picture of the great abyss at the end. All the proof you need that the eart is indeed flat as a penny.

NASA's zombie IMAGE satellite is powered up and working quite nicely

Martijn Otto

Funding?

This seems like a no-brainer. There is a functioning satellite available to be used. In terms of bang-for-buck, it doesn't get much better than that.

Bluetooth 'Panty Buster' 'smart' sex toy fails penetration test

Martijn Otto
Joke

Fails penetration test?

* It's a sex toy

* It's easily penetrated

Working as expected!

No 'Pai-day' for India: nation to adopt strict network neutrality

Martijn Otto

Role reversal

Looks like roles are getting reversed. Before Modi this would have likely never happened. Corruption and lobbying in India would have prevented this.

Likewise, before Trump, the US seemed to be going a sensible way, with net neutrality being a requirement for every ISP.

Tesla reveals a less-long-legged truck, but a bigger reservation price

Martijn Otto

Re: Electricity vs Petrol/Diesel prices

Don't they usually have a capacitor bank for this? This energy is then fed back into the battery (or the motor).

Help desk declared code PEBCAK and therefore refused to help!

Martijn Otto

Re: Corporate systems

Interestingly, this is exactly what the article describes. Sometimes customers can be stupid as well as foolhardy.

Brace yourselves, fanboys. Winter is coming. And the iPhone X can't handle the cold

Martijn Otto

If you can afford the iPhone X

You can afford to move to a place with a more agreeable climate.

Vietnam bans Bitcoin as payment for anything

Martijn Otto

Re: Please enlighten me.

Where did you get the funny idea about the transaction costs? You are expected to pay a small percentage in transaction fees to ensure the transaction goes through smoothly. It will only ever be so high if you are doing a very big transaction. You can decide the transaction fee yourself and the average seems to be about 0.01 % nowadays.

To reach a fee of $ 40 with that fee percentage you would have to gift your wife something of $ 400,000. Talk about generous!

NYC cops say they can't reveal figures on cash seized from people – the database is too shoddy

Martijn Otto

There is a very good episode of Last Week Tonight about civil forfeiture: https://www.youtube.com/watch?v=3kEpZWGgJks

Shows nice examples of everything being wrong with this system. It's just not that the whole idea is bonkers and that you have to go to court to get your stuff back, the court dealing with this is sometimes run by the same people taking your stuff.

FTC ready to give back tech support scamming money to the bilked

This post has been deleted by a moderator

Vodafone won't pay employee expenses for cups of coffee

Martijn Otto
Joke

Proud to be Vodafone

where we not only screw the customer, but ourselves as well.

Would you like some lube for your shafting? You'll have to buy it yourselves.

Nasty firmware update butchers Samsung smart TVs so bad, they have to be repaired

Martijn Otto

I also have a Samsung "smart" TV. I bought it around 5 years ago, right around the time that the "smart" part was becoming the default. If there had been a cheaper TV with the same picture quality without the "smart" thing I would have bought that, but nowadays they tend to be cheaper.

Never plugged the network cable in, so I don't get any pushy "update" messages. As such, the TV does what it's supposed to do. Only minor annoyance is the fact that it takes quite long to start up, you can see the samsung logo on it (so the screen is ready) but it is probably trying to phone home - failing every time - and waiting for some response from their puppet masters.

Energy firm slapped with £50k fine for making 1.5 million nuisance calls

Martijn Otto

What was the alternative?

Not making any calls during the extended period of downtime?

Wouldn't that financially ruin any telecom-company?

Alphabet takes Euro antitrust fine in stride, spooks investors with rising Google ad costs

Martijn Otto

Google-free

I have gone mostly google-free. I switched from gmail to my own hosted email, threw away my Android phone for Sailfish and I use Duckduckgo for searching.

Life is good without the Google.

Ten new tech terms I learnt this summer: Do you know them all?

Martijn Otto

I am still waiting

for the smart sandwich.

This smart sandwich will be made from materials that can recognize when they enter an acidic environment (say something like hydrochloric acid) and then break itself down.

This way it could be absorbed through a semi-permeable membrane. Wouldn't that be brilliant?

Sleuths unearth 'Panic Mode' in Android, set off by mashing back button

Martijn Otto

I don't know about stock Android

But LineageOS has an option in the developer menu to kill an app by a long press on the back button.

Page:

Biting the hand that feeds IT © 1998–2019