* Posts by Paul Crawford

3554 posts • joined 15 Mar 2007

Upset Equation Editor was killed off? Now you can tell Microsoft to go forth and multiply: App back from the dead

Paul Crawford
Silver badge

Re: Another piece of abandonware.

An example of how users get screwed by MS again. One BIG reason for sticking to a product is the ability to keep updating or re-using existing work, and for the science lot MS has just thrown that away.

Yes, WORD has its own equation editor function now but it is a bit crap compared to the one just dropped and those with many existing documents and papers are now looking at having to re-enter it with all of the typos / bugginess that brings.

WTF were they thinking? Can't they have a format converter that actually works if they are going to do this?

1
4

Infamous Silicon Valley 'sex party' exactly as exciting as it sounds

Paul Crawford
Silver badge

Re: Definitely bullshit.

And the film of the name about his life is well worth watching, if a little odd. The actor who played the Golem was amazingly good at portraying Ian Dury's condition.

2
0

Intel puts security on the todo list, Tavis topples torrent tool, and more

Paul Crawford
Silver badge

Re: Topples Torrent Tool

Lets be honest here, its the main reason I use it...

6
0

Smartphones' security enhancements just make them more dangerous

Paul Crawford
Silver badge

Re: To know != to be

And presumably you could have multiple PINs that unlock the phone in different, possibly partially data-earsing, ways?

Or is nobody as paranoid / devious as me in the outside world? Or do we simply not put such stuff on our phones because we trust them as far as we can comfortably spit a rat?

2
0

You GNOME it: Windows and Apple devs get a compelling reason to turn to Linux

Paul Crawford
Silver badge

Re: Unimpressed by Gnome

Not to mention GNOME's apparent dependency on systemd these days. But as you say, the most annoying aspect if the removal of useful features because some developer would rather cull code than fix bugs.

Do you still get GNOME for other non-systemd systems like Solaris, OpenBSD, etc?

18
2

How to hack Wi-Fi for fun and imprisonment with crypto-mining inject

Paul Crawford
Silver badge

Re: @ Credas

Any of the small coffee shops I visit have no problems, neither do most smaller hotels, etc. Also have not had problems at Edinburgh airport (don't remember details, maybe some over-priced eating places wifi instead of the airport's one).

Also as another commentard has pointed out you can run VPNs over port 443 like https to avoid problems (as I do). I suspect in many cases they are not specifically trying to stop VPNs (except Bonn, where it blocked VPN on port 443 but allowed https to the VPN's web site) but file sharing, etc, so they probable block most ports except the few common DNS/web/email ones.

2
0
Paul Crawford
Silver badge

VPN use

Yet another good reason to use a good VPN on any unknown/untrusted WiFi connection.

And yes, VPNs are not perfect security and also using public wifi is not good practice either, but sometimes it is just the only useful/practical way to get a reliable connection when you 3G, etc, connection sucks (or is charging usurious fees in certain countries abroad).

What is shitty is some places like Bonn airport where the "free wifi" blocks VPN use.

3
0

Here come the lawyers! Intel slapped with three Meltdown bug lawsuits

Paul Crawford
Silver badge

Re: Data breeches

No, those are hard drives. He is just pleased to see you.

15
0

Military alliance NATO adopts official hymn

Paul Crawford
Silver badge
Gimp

@ James O'Shea

So are you volunteering to spank Angela then?

2
0

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

Paul Crawford
Silver badge
Facepalm

Re: DEC Alpha

Yes, in its day a great CPU. Wiped the floor with x86 (especially on single-precision floating point maths).

And once DEC was bought by HP they dumped it in favour of the Itanium, because it was clear that Intel's new design was going to be a great hit, eh?

23
0

Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs

Paul Crawford
Silver badge

Re: Hmm, If I was working at a secret agency

Lets face it, the underlying problem is the "need for speed" and the resulting mismatch between the CPU core at ~3GHz and main memory in the ~1GHz and below range. So lets throw hardware at it, millions and billions of transistors to try and play God/quantum by plying out all possible paths within the instruction pipeline.

And they got it wrong. Not massively so in normal terms, but they did not design based on the assumption of bad actors abusing this. Because no one bought hardware that was slow and secure, at least, not the majority of PC gamers or business managers chasing the ever-bloating OS and web browser problems. Make it fast, make it now. Ship it when its half-baked and if we get too many problems then put out a microcode update which users may (or probably not, given the shittyness of many motherboard makers) apply.

Sorry, but in most cases like this it is simple "incompetence" for not really planning high security from the original start because that is not what the boss will get bonuses for.

16
0

Judge rm -rf Grsecurity's defamation sue-ball against Bruce Perens

Paul Crawford
Silver badge

Re: Someone'll need to explain what rm -rf means...

DEL /F /S /Q *.*

(I think that leaves directories though)

RMDIR /S /Q *.*

(On later Windows instead of deltree)

Please don't try this at home folks! More so if you had to ask...

2
0

Google Chrome ad-blocking to begin in February – but what is it going to block?

Paul Crawford
Silver badge

Re: "...including Facebook..." ??

You want the "FB Purity" plug-in just for that sort of shit.

Assuming the best option of simply ignoring Facebook is not possible...

2
0

Firefox 57's been quietly delaying tracking scripts

This post has been deleted by a moderator

UK, US govt and pals on WannaCry culprit: It woz the Norks wot done it

Paul Crawford
Silver badge

Re: @ Jonathan Schwatrz

"Bollocks. You are excusing criminals."

So you think that a large professional organisation that uses IT has no obligation to take some care of its own system security?

I take it you would be happy to see banks store your money in a cardboard box under the counter?

No problem with leaving your keys in your car overnight?

Better if airports did nothing to check passengers or luggage boarding the plane you are due to fly on?

0
0
Paul Crawford
Silver badge

Re: @ Jonathan Schwatrz

"Yeah, and people that don't have bars on all their windows are totally to blame when their houses get burgled?"

No. Having "unpatched machines being publicly exposed" is more analogous to having unprotected sex with every lady (or man) of negotiable affection down at the docks. How long would you expect to last before getting a dose of galloping knob-rot?

3
1
Paul Crawford
Silver badge

Re: @ fandom

"What you are doing is a lot like blaming a mugging victim for not knowing karate."

No, more a case of a shop assistant carrying large wads in cash in clear plastic bags, and without any disguise or protection, to the bank every day. Of course they *should* not be robbed, but if they were you could not help but think it was partly due to a rather lax and careless attitude to security.

And then you (or the insurers, assuming they had any) would be asking the shop owner serious questions about their risk assessment and practices...

3
1
Paul Crawford
Silver badge

Re: So,

Bomb? More like blowing hard on a house of cards.

No mention of our American friends providing the exploit?

No mention of the impact being severe due to unpatched machines being publicly exposed?

No mention of a lack of IT funds/staff with authority to sort that out?

25
3

Windows 10 Hello face recognition can be fooled with photos

Paul Crawford
Silver badge

"To be honest if someone has physical access to your machine then you can count it pwned anyway so I don't see the issue here."

There is a difference between 'having physical access' in the sense of time and privacy to open a machine to extract the HDD and/or modify it to inset keylogger or run some sort of DMA attack via Thunderbolt ports, etc, and 'having physical access' as in popping in to an office with a sheet of paper when you have gone to the toilet.

6
0

France gives WhatsApp a month to get slurps in order or face fine

Paul Crawford
Silver badge

Re: So what if they don't ?

As already alluded to by my fellow commentards, the action the French can take is against any company doing business in France. Fine them (i.e. Facebook as well) if they don't pay then no business in France or with French advertising agencies. And money speaks loud and clear in the USA...

8
0

Irony's lost on old Pope Francis: Pontiff decrees fake news a 'serious sin'

Paul Crawford
Silver badge

Re: The Two Commandments

Are you sure that was not the "Two Condiments" he was talking about?

Salt & Pepper.

5
0
Paul Crawford
Silver badge

Re: Is oral sex ok, as long as it is traditional ?

But where can I find a missionary these days to bonk?

6
0

Why bother cracking PCs? Spot o' malware on PLCs... Done. Industrial control network pwned

Paul Crawford
Silver badge

Re: Solution looking for a problem

"SCADA tend to be based on windows, so the challenges are the same as for a standard PC and nothing special in terms of what is required. The weaknesses are the ones inherent in windows"

No they are MUCH worse as no one really wants to apply windows patches / 'upgrades' to industrial control systems due to the risk of causing more problems than the security aspect of not patching. And practically no one has a 2nd / spare PLC as a test/simulator to actually verify software changes before hand...

Just look at the recent fsck-up relating to the NHS and the stories of £M medical equipment on old versions of windows because the are not certified for use with the security-essential upgrades.

2
0
Paul Crawford
Silver badge

Bandwidth?

"other techniques designed to increase the bandwidth of transmissions"

The limiting factor is most likely to be the available SNR as that places an ultimate limit on the data rate (Shannon limit).

If the PCs/controllers are well designed then RF leakage should be very small, and if you are relying on operations in the low tens of MHz region then background noise in most areas will already be way above the receiver's noise figure. So unless you are *really* close I doubt you could get more than tens of bits per second out.

6
0

Hey, we've toned down the 'destroying society' shtick, Facebook insists

Paul Crawford
Silver badge
Trollface

Re: Khaptain

Ah, but El Reg has the down-vote button, so really it is anti-social media.

Oh and we can at least be honest trolls here =>

1
0

OK Google: A stranger with stash of pirated films is spamming my Google Team Drive

Paul Crawford
Silver badge

Re: Google, your cracks are showing

"your cracks are showing"

Good grief, is it that sort of pirated movie?

8
0

No, BMW, petrol-engined cars don't 'give back to the environment'

Paul Crawford
Silver badge
Coat

Re: I was driving behind an Audi TFSi the other day...

Achtung! Untrained Driver Inside!

Yes, I'll go get my cost and leave...

19
0
Paul Crawford
Silver badge
Joke

Re: They have indicators?

That is how you spot the unmarked police cars, they are the only ones with working indicators.

34
0

Get ready for laptop-tab-smartphone threesomes from Microsoft, Lenovo, HP, Asus, Qualcomm

Paul Crawford
Silver badge
Big Brother

Re: The reason

You might not have any reason, but MS will be able to spy on your PC's activities (e.g. wifi-based location, etc) so much better if you do have an always-on connection.

3
1
Paul Crawford
Silver badge
Trollface

Re: So...

No, no!

This new device will emulate the x86 so all those Windows-specific malware you know and love will also run. Slower, but still there...

6
1

Escrow you, Apple! Ireland expects Cupertino to cough up to €13bn

Paul Crawford
Silver badge

Re: the remaining 26 are the republic of Ireland.

A useful short video on the issue of Great Britain:

https://www.youtube.com/watch?v=rNu8XDBSn10

0
0

RSA coughs to critical-rated bug in its authentication SDK

Paul Crawford
Silver badge

I believe the going rate is $10M:

https://www.theregister.co.uk/2013/12/21/nsa_paid_rsa_10_million/

4
0

Dirty COW redux: Linux devs patch botched patch for 2016 mess

Paul Crawford
Silver badge
Coat

Re: HugeDirtyCow

Maybe because it applied only to the 'huge page' support?

Looking for a book with > 4k characters per page =>

4
0

UK government bans all Russian anti-virus software from Secret-rated systems

Paul Crawford
Silver badge

Re: Further sanctions

"alks to something somewhere in an adversary state"

Should exclude the USA as well, given how they have screwed the UK commercially on many occasions.

11
0

Want a new HDMI cable? No? Bad luck. You'll need one for HDMI 2.1

Paul Crawford
Silver badge

Re: I'll wait

"Gold plated contacts are a requirement for low voltage signalling"

Indeed, not gold plated bodies and similar bling. Also that is for very low voltage analogue stuff, in the digital HDMI case the signal levels are way above that and pretty tolerant of amplitude shifts.

7
0
Paul Crawford
Silver badge
Trollface

Re: I'll wait

Yes, the "ker-ching" sounds so much better with gold :)

10
0

Chinese IT security bods accused of siphoning US GPS, biz blueprints

Paul Crawford
Silver badge
Trollface

"exploit a zero-day flaw in Internet Explorer to infect Windows PCs, proved very successful"

Something for Munich council to look forward to. Assuming they have anything worth copying...

"Wu got into the Trimble servers, it is claimed, and prepared a 252MB .zip archive containing trade secrets. The file contained 773 pages of technical specifications, business documents and design blueprints, as well as plans to bring the new hardware to market"

Well he is doing a damn sight better that anyone I know going to the Trimble web site and actually trying to find and buy a product they make. So I'm looking for, say a GPS module, so how do I find a list? You are right! I need to know what sort of industry I'm in, or application! Sweet fsck-all to do with the technical performance or specifications that any sane engineer would start with.

3
0

Tom Baker returns to finish shelved Doctor Who episodes penned by Douglas Adams

Paul Crawford
Silver badge
Coat

I always wished for a Dr Who meets Sapphire & Steel episode, alas, not to happen...

Still looking for my enormous scarf, damn those tardis pockets! =>

9
0

Wizarding World of Harry Potter awaits Microsoft Office exam winners

Paul Crawford
Silver badge

Re: HP who?

Oh, I thought you said a coat with a raven in your pocket. Presumably this raven is Quoth, and he is hopeful that some eyeballs will be up for grabs?

0
0

Aussie Catholic School forced into hasty cover-up over suggestive Saint

Paul Crawford
Silver badge

I like bread! Without any mayo, obviously...

5
0

Level 5 driverless cars by 2021 can be done, say Brit industry folk

Paul Crawford
Silver badge

"With the added characteristic of being repeatable."

Have you ever tried to debug multi-threaded software with some sort of hardware/real-time dependency?

It may be repeatable in the strictest sense*, but probably chaotic in the sensitivity to the timing of data and small variations in it (e.g. the recent 'single pixel' change in AI's interpretation of a road-sign).

[*] not including single event upsets / DRAM errors in hardware, or common programming bugs like using uninitialised memory.

2
0

National Cyber Security Centre boss: For the love of $DEITY, use 2FA on your emails, peeps

Paul Crawford
Silver badge

Re: Not the point ....

"SMS has been shown to be less than secure"

I think a big issue is that many people use their phone for both web/email, and of course SMS. So get root on that device, probably no longer patched of course, and you are laughing while they are not.

Of course we can all see this approach is then really 1FA (or SFA in some cases).

6
0

Some 'security people are f*cking morons' says Linus Torvalds

Paul Crawford
Silver badge

Re: Linus Torvalds is a f*cking moron?

In the ideal world you would be nice and polite to everyone, all of the time.

In reality, you get some people who just keep coming back with bad ideas again and again and it sometimes takes a loud outburst of rudeness to make them actually listen (but systemd seems to be an exception...).

In this case it seems Linus' point is the kernel should not kill itself on events that could well be simple user bugs, and that seems reasonable - kill the buggy requesting process instead.

47
2
Paul Crawford
Silver badge

Re: Userland

"A kernel detecting an illegal permission escalation attempt deciding to kernel panic?"

For those sort of "user process playing silly buggers" problems we have apparmour, don't we?

Edited to add: root is also a user, and one with a greater need for care in terms of daemon processes.

1
1

Windows Update borks elderly printers in typical Patch Tuesday style

Paul Crawford
Silver badge

Re: "I got myself a Mac and could still use my scanner"

"Anyway drivers are up to the HW maker, you can't really expect an OS deliver drivers for each and every device ever produced. Especially complex ones like scanners or printers which may have "

You can expect an OS not to dick around with the HAL to such an extent that new drivers are ever needed. Indeed, beyond the occasional "big shift" there is SFA reason for hardware drivers to break. Not that FOSS is always much better (looking at Firefox, that recently fucked over useful API's) but you are not so much at other's mercy if it does change...

16
3

Prosecute driverless car devs for software snafus, say Brit cyclists

Paul Crawford
Silver badge

The cyclists have a point, but in a roundabout way: Why should the owner of an automatic car be liable for *any* expense that was not directly of their own doing? Sure they should have insurance for many aspects, but in the event of the self-driving software being at fault to any degree the car company should pick up the whole bill.

Sadly I see moving the costs to the public, via the insurer's premiums, will not result in enough pressure on the software development to deliver something safe and reliable.

I mean look at Google going for this given they never provide anything but 'beta' software, and never guarantee anything in the way of functionality, safety or security.

15
2

Munich council: To hell with Linux, we're going full Windows in 2020

Paul Crawford
Silver badge

Re: "When it's political, technology cannot do anything."

I guess another unanswered question is how many of those 800 programs are supported for the planned Windows 10 roll out?

If they have many legacy issues, which seems to be a root cause, they may find they are in the same situation of various old/unfamiliar systems being kept for widget2000 that barely runs on XP, and only pre-SP3...

14
2

Brace yourselves, fanboys. Winter is coming. And the iPhone X can't handle the cold

Paul Crawford
Silver badge

Re: You're touching it wrong ?

Oh dear, I hope you did not have visions of Garry Glitter Jimmy Savile Kevin Spacy on hearing that...

26
4

BOFH: But soft, what light through yonder window breaks?

Paul Crawford
Silver badge

"But they sometimes get bosses they like!"

Indeed, what is better than a boss who is willing to get his hands dirty for the greater good? One who's aims are *broadly* in line with the BOFH and PFY? Also must come as a great relief to know that it is not only their window that seem to be an H&S trap...

Methinks a few nice new 4k monitors and fast desktops are coming to desks near by, such as shame of one was *caught* with pr0n on it...but maybe the boss is too useful...

3
0

Irish priests told to stop bashing bishops

Paul Crawford
Silver badge
Headmaster

Re: Perhaps what they need is lawyers?

Bend over Sparticus, its poker time!!!

https://www.youtube.com/watch?v=rBhTIoIXoTI

2
0

Forums

Biting the hand that feeds IT © 1998–2018