Re: Thunderbird with Lightening
"I was...my Outlook email into a file Thunderbird could read"
That is a damn sight better than Google managed with tools to import stuff to Gmail
3063 posts • joined 15 Mar 2007
"I was...my Outlook email into a file Thunderbird could read"
That is a damn sight better than Google managed with tools to import stuff to Gmail
I have found that distro upgrades are flaky if you have any unusual partitioning or RAID set ups.
As another penguin-botherer mentioned, always put /home on another partition as then you can simply re-install the OS partition without significant risk to your own data. Often better, when creating partitions in the first place, is to create one for / of say 20GB and another of about the same that you keep for a future upgrade, and then one for swap, (maybe one of 10GB for /tmp as well) filling the remainder for /home.
While it is great that Google are improving the security architecture in general, if 90% of smartphones using Android still fail to patch things is a growing clusterfuck as ever.
Really, why can't the core OS and libraries be auto-patched for security as most Linux distos do?
Serial is still common in very low power devices as the overhead to implement a UART and the matching software stack is trivial in comparison. Seriously, work out the power used to be listening and able to respond quickly in both cases and you are in for a big surprise.
Also simplicity makes for reliability/security as you are only point to point and not having to fend of the barbarian hoards when someone forgets to properly firewall your system.
Not all VPN systems are good at making sure your DNS queries are also tunnelled, so it may well be getting local look-ups that Google is using to decide on your location.
Proper privacy / anonymity on t'Internet is surprisingly hard to achieve, as the occasional arrest of folk who piss off those in power (or those funding them e.g. the RIAA, etc) find out.
Realistically this is for "stupid", both in terms of idle morons doing stuff near airports, and similarly stupid jehadies wanting to re-purpose commercial stuff for terrorism.
Of course, there might be a 2nd step of action if the RF deterrent is not working...
Realistically there is more to worry about with simple stupidity around airports and similar situations.
ALGO69? Is that what powers pr0n sites?
Exactly. So much of the problem is simply crap software.
This is made more crap by the mind-set that software is expected to be shit, so bugs are accepted, vendors not held to account, and people simply click on "OK" without reading that pop-up asking of shaftmewithatoastingfork.exe should be allowed to run.
Second aspect of a lot of this is the lack of 2FA for important stuff, or the "two factors" both relying on a single device like a phone that may already be compromised.
At last! Now I can have my robot monkey butler!
At least you did not go for anything kryptic...
I should react to that, but seem to find my shell full just now.
Really? Other than a handful of nut-jobs, everyone in the area of science and technology wants to know what happened so there is a better chance of it not happening again.
This is not some shitty OS that crashes and people just shrug their shoulders, reboot, and try to redo the last hour or twos lost work. Here it really matters!
Even if it turns out to be a human fault, or even a deliberate action, we can learn and make it less likely in the future. As already pointed out, the lack of a squawk that said something useful about location and status is something that is trivial to remedy, but some other failure scenario may be present but no one has seen it yet (other than the poor souls on board MH370) so knowing that would allow something to be done.
Too much schnapps, too little dried frog pills.
Now if only AMD would open up the management processors, etc, so a proper audited open-source BIOS could be offered for matching motherboards we might be able to use less tin foil for our millinery needs.
Interesting. Wonder if those networks deliberately interfere with VPNs, or maybe VPN traffic is just less tolerant of shitty networks?
"autonomous car .. about 40GB a minute of data"
Very likely in its own sensors, but almost bugger-all of that will be hauled back to the cloud as the radio bandwidth is simply not available for the huge number of cars in most cities (along will all of those trying to use youtube on mobiles, etc).
Sure they might sell CPUs for on-board processing but most likely it will be ARM for lower power and cost if the car companies have anything to say about it.
My first thought was this is so they can slurp your data to whore you to advertisers (and paying gov departments) just like Google do. And Win10 does.
Having thought about it a bit more, that is also my 2nd thought.
Edited to add: What are the real alternatives to Skype these days? Something that is cross-platform and not dependent on a big data-slurping company? Might be useful to know.
"a bill to regulate services like WhatsApp, including a requirement that services maintain a local office and enable lawful intercepts"
That might work for something like WhatsApp, assuming they are willing to do an about-turn and break any pretence of privacy and encryption to stay and set up offices there. Which I kind of doubt given they are not exactly making money off use but from slurped metadata and a mass exodus of users to another would make that much, much less useful. Also it might become a political hot potato if the masses of current users are unhappy about all of this.
However it is kind of pointless move because it sends the message that businesses can't use secure encryption, only what is approved for state snooping on. Also I am sure we will simply see the rise of P2P apps that are all but impossible to block at a network level (e.g. use same ports as web browsing or other apps, no single IP range to central servers to block, etc).
"way around E2E encryption should be compromising the physical endpoints"
This is very likely to be possible with any phone, including those featuring in the current criminal cases, given how crappy the software is. But it much simpler and cheaper to shoot the messenger, isn’t it?
The judge is indeed asking that messages (for the "criminals") be recorded before encryption and handed to authorities. Well, not asking... ordering.
Is this on-going (i.e. a request to change it) or for an case on trial where they want stuff that it is too late to change?
And no, she is not trying to bypass parliament, as the law that allows her to demand such things already exists.
I think the point is this does not already exist for WhatsApp, and the system was designed that way to avoid criminals, spooks and nosy ISPs from listening in. In effect she is demanding that a change is made to back-door the system for surveillance purposes. The question is whether or not there is an existing law that applies to over-the-top suppliers like WhatsApp that mandates such access. Do they clearly fall under telecoms regulation, for example, where this is often that case, or not?
If not she is trying to make properly functioning encryption in software illegal by the back door of punishing a supplier for not having the ability to sneak in to its customers data, and not by parliament making that an explicit aspect of law.
The two options are:
1) The judge is a technical incompetent and unable to comprehend how properly implemented encryption works.
2) They are trying to bully WhatsApp in to creating a back-door but without going through the Brazilian parliament, etc, to do so in an open and properly debated manner (such as having a telecoms regulation that explicitly covers over-the-top providers like this).
The motive for (2) is probably not wanting to alienate the population or businesses that then see proper encryption as illegal and not something that protects you from the multitude of criminals (private or "state") who also want your information.
Chinese USA government's constant attacks by the People's Army hacking units NSA and others, running Chinese American closed source software represents an unacceptable risk."
Appears you can use Office365 using a Linux based web browser:
Options appear to be:
Find one with Win7 (or a spare install licence) and lock it to block win10 updates, living with the EOL risk.
Get a Mac and use the Mac version of Office
Use a VM on Mac/Linux to host Windows & Office. That way you can deny it network access and use, for example, the VMware shared folders so stuff can be up/down loaded by email.
Use Linux and on-line Office365, after all it will be based on web standards?
I think you mean "by spreading obvious bollocks through the moron-net in a manner that even the Daily Mail and Morning Star would be ashamed of".
So £38/month for around 12TB of protected storage (i.e. 400 times the original MS offer) assuming RAID-5 on each of your NAS and then they are mirrored somehow, and with gigabit access speeds and no dependency on foreign government policies.
Hmm, how much for the same size and speed from a cloud provider?
Sad, but predictable.
Many years ago when I was using w2k and then XP I was pleasantly surprised when MS decided to go per-processor licensing as we saw the first multi-core x86 appear, instead of some complex and ultimately rather pricey per-core formula as Oracle and the rest of the "old guard" pushed.
Now that practically all my software development is for Linux first, with Windows support as an after thought for "the old guard" perhaps I shall not care...
"Excel is a swiss knife type tool every accountant knows on a level you would not master in years."
Very true, but why do people assume that a general migration to Linux means EVERYTHING must be Linux?
In my own limited experience, most folk are happy with Linux for many things, and the few business-critical programs you really must have can often be run in a VM of Windows. Said VM can be minimal, have limited network access, and generally is a very secure way of doing things (given that a lot of smart malware avoids running in VMs to evade analysis).
Sure it is an extra training step for those users, but my 75 year old and largely computer-illiterate father was able to master VM use for a specific genealogy program. I'm sure your accountants, etc, would manage it fine if given a couple of minutes tuition and a cheat-sheet of things to remember.
Use a server with something like ZFS that supports snapshots and is copy-on-write. Then seeing massive disk use between snapshots is a clear sign of bulk modification, plus you can go back to previous snapshots to recover the data quickly.
Try FreeNAS on, say, a bottom end HP Microserver with, 4 * 6TB disks or similar and 12GB or 16GB RAM. Under a grand for a system with 12TB of well protected storage. OK, you need to make damn sure that snapshots are on and *WORKING* (hint - make sure 'recursive' is ticked) and that control over the NAS is secured so malware cant go in and disable stuff or simply wipe it. But that is kind of basics anyway.
"your main web browser should not even have access to a file system containing your personal files"
Except for everyone needing to upload and download email attachments if using web-mail, PDF data sheets, photos up to FB (for the vain and/or with family who pester them enough to bend over for a Zucking), etc?
Of course if you are properly paranoid you will already have an AppArmor profile for Firefox set to only allow read-only access to specific directories (e.g. 'photos') and only read/write to a sane place or two like 'downloads'.
You see, if you can run arbitrary software on ANY platform, then you can encrypt your own files (as pointed out above).
Sure it is less likely on Linux and one reason I migrated, but if you are properly paranoid about this then you will (A) have an isolated backup anyway as that covers hardware failures and "gross administrative misconduct", and (B) set user-writable areas to non-execute so you can't accidentally run something unpacked from an archive (because your were drunk and it promised good pr0n).
Not having admin rights should be the norm, but it only take one of many privilege escalation bug in ANY operating system to be back to having your machine toasted.
Really the only sensible mitigation technique is a working, tested, backup system that is not a simple extension of the main PC's file system. Also works for lost or damaged PCs as well...
Why would law makers care about the costs that the public ends up paying?
Of course, if all web browsers suppliers added a "poke random web sites every 30 seconds" by default you could see those logs grow by a factor of hundreds and maybe then the big ISPs would have to make a noise.
But all of the vendors are like this and SCADA systems are niche products so where do you go to buy a system that wasn't designed by idiots?
This is why we need the law to step in and for security folks to draw up regulations, including things like operating in a VM as an essential attribute, otherwise no sale (and no insurance or license for a business which fails to follow the rules).
Sure there will be a lot of bitching at first, but niche market or not, we need a nice big stick to beat them with so all of the usual software good practice is followed. Things like forcing a declaration on matters like hard-coded passwords, support back-doors, operation with AV/VM tools, respect for proper multi-user practice (i.e. no need for interfaces to run as admin), 10 year or more support that will include replacing any protocol or SSL certificate found to be weak or compromised, etc, etc, etc.
Seems they do a lot to avoid VMs and sandboxes, so why are they not in more common use for security sensitive systems anyway? After all, the actual controllers are dedicated hardware boxes and the SCADA PCs just Windows machines to supervise them. Any reason why those PCs can't be run in a VM?
But how were those machines infected in the first place?
Why were they internet connected?
When will we see serious personal fines and jail time for managers who fail to put sufficient security design, monitoring and management in to critical infrastructure?
Trusting some AV or firewall vendor who said they would stop trouble is just not good enough. Unless, of course, they are offering to pay the fines and do the jail time if they fail.
Ah, the double polaroid moment:
You ought to be questioning why you use MS in the first place?
But at the present, I would NEVER install Linux - either Ubuntu or Mint on my Aunt Lucy's PC. Her old desktop could just not take the excitement of those interminable problem fixes via a list of arcane and lengthy commands.
Quite the opposite, I have put Ubuntu on father's laptop and friends' home PCs and it gives me FAR less support trouble than Windows and the inevitable AV that still fails to stop infestations. Oh yes, and none of this in-your-face nagware or the privacy violations MS are now pushing having conveniently forgotten all about the "Scroogled" campaign.
Yes, the The Register has a "down button"
Better still, express your displeasure by leaving Facebook and doing something interesting in real life.
That sure is a lot of pussy!
An amusing (but NSFW) take on the square hole / round peg idea:
Indeed, as this parody shows:
I forget who said it, but: democracy takes power from the corrupt few and hands it to the incompetent many.
Gotta protect our wimmin from seeing something more interesting...
Ah yes, so that is why Windows 8 & 10 are so much loved and respected by the users?
As for blocked updates for Win7, if the fsckers had not been abusing the update mechanism for this there would NOT be blocked!
Eh? You can, and generally should, set Linux to automatically install security updates.
Unlike the "new Microsoft", that does just that patches stuff without major changes (like the old MS). If you actually want to do the equivalent of an OS upgrade you can (though it is not 100% successful in my experience when unusual partitioning / RAID is in use, etc). You are warned to back up and be sure before starting, etc, etc. Or you can simply tell it never to offer such an upgrade again.