* Posts by Paul Crawford

3484 posts • joined 15 Mar 2007

Mysterious Gmail account lockouts prompt hack fears

Paul Crawford
Silver badge

Re: Happened to me.

Same here this morning, and this if for my phone and I practically NEVER use that gmail account for anything else. Certainly not in the last few months.

Just wondering - are they migrating password hash algorithms and this is a route from SAH-1 to SAH-256 or similar?

4
0

New UK laws address driverless cars insurance and liability

Paul Crawford
Silver badge

Re: Appropriate

I wondered about that, what exactly will those restrictions be?

Some 512 page EULA from the car company about not one roads without XYZ accuracy of GPS maps being created, etc, that you can't practically verify yourself? Or with snow or ice on roads, etc?

Really, it should be simple:

1) It is manual - drive it yourself

2) It is motorway use only where simple lane tracking is OK (i.e. enhanced cruse control)

3) It actually drives itself and you don't have ANY responsibility for its actions beyond setting the destination.

5
0

Motorola's modular Moto Z: A fine phone for a weekend away

Paul Crawford
Silver badge

I'm still on spinning rust, FFS!

Me too with my ~3 month old laptop. Unfortunately for my work I need ~500GB of data sets on it and just can't afford/justify the resulting SSD price tag.

1
0
Paul Crawford
Silver badge

"There's 4GB of RAM, 64GB of storage and the chance to add more in a micro-SD card slot. The 5.5in screen offers 2560 x 1440 resolution"

Sigh, better than most laptops...

2
0

BOFH: Elf of Safety? Orc of Admin. Pleased to meet you

Paul Crawford
Silver badge

Re: OOOOohh

Or the boss come to an "arrangement" with the BOFH in terms of dealing with problems he has versus supplies of new equipment and the odd jolly to conference events in high-alcohol areas?

15
0

Your future boss? An employee-interrogating bot – it's an open-source gift from Dropbox

Paul Crawford
Silver badge

Re: One afternoon in Hawai...

Hi bot,

Yes its a new ultra-secret project codenamed FUCKITOL to improve the NSA's compliance with the US legal system and constitution.

Yours, Edward.

p.s. Please delete all references to this as you are not written in Ada so are not approved for that level of classification.

3
0

Amazon goes to court to stop US murder cops turning Echoes into Big Brother house spies

Paul Crawford
Silver badge

Re: Legal precedent - and business model

But the point is still valid - if they collected evidence of a crime and it is accessible to Amazon, they should hand it over. The iPhone case was very different, it was not accessible to Apple and they were being asked to assist in breaking the device's security which has much wider implications as it changes what other's get.

Sure, this might become a snooper's gold mine, but following the court case people should know the truth. If Amazon are recording all of this and storing it and that creeps you out - don't get one. Sadly this is likely the reason for the fight - money, not rights.

3
1

Ad men hope blocking has stalled as sites guilt users into switching off

Paul Crawford
Silver badge

Re: I bought your tshirt.

Where did "Cash'n'Carrion" go?

Used to have some nice mugs, radioisotope powered glow-in-the-dark keyring, etc.

5
0

Radioactive leak riddle: Now Team America sniffs Europe's skies for iodine isotope source

Paul Crawford
Silver badge

Re: Whisky

Nah, will be from Laphroaig. It would explain the TCP+ash tray taste...

1
0

KCL external review blames whole IT team for mega-outage, leaves managers unshamed

Paul Crawford
Silver badge

You are right that HP probably were the cause of the primary failure.

However, the disastrous consequences of such an array failure lies squarely with the management and IT teams for not having a working DR system in place (that includes making sure *all* data is backed up, and that the backups are tested regularly). Even if HP didn't fsck-up, failures can and *do* happen all by themselves.

But the blame shone on the IT team is worrying, but maybe to be expected from this sort of commissioned report. I'm sure all of us have made mistakes, and all of us have jerry-rigged systems to get by, but not having proper DR in place for an organisation-wide storage system is a likely a management failure in terms of not funding and/or not asking the right questions (or being prepared to hear the true answers).

5
0

More brilliant Internet of Things gadgetry: A £1,300 mousetrap

Paul Crawford
Silver badge

Re: Homebrew

Improve the flavour of what, the mouse or the cider?

3
0

London Internet Exchange members vote no to constitution tweak

Paul Crawford
Silver badge
Joke

Re: Abandon all Hope. They are all gagging for it.[1]

"Perhaps, in the future, we can move to the Exclusively Thumbs Up System instead and get a better idea about people's opinions."

What like Facebook?

8
0
Paul Crawford
Silver badge

Most countries have legal intercept laws but that is not the problem. What is the issue here is the massive scale, lack of legal oversight in what is gathered, and gagging orders about even the fact of such an order being served.

Look to other countries as well that have less oppressive laws, say Sweden, Iceland, etc.

10
0
Paul Crawford
Silver badge

No, but you can greatly change how such requests are handled and the degree of cooperation offered.

All things considered, would the member's of LINX not be better served if the legal entity became, say, a German listed company with all officers located overseas? Sure it would still be bound in terms of UK operations, but they could hardly censor the directors operating overseas, nor fail to provide them with the details and at the same time serve a company with the necessary order.

10
0

Oh happy day! Linus Torvalds has given the world Linux 4.10

Paul Crawford
Silver badge

Re: your driver accepted in the kernel as a start up company?

Have you tried the same for Windows?

If you are a start-up company how many Linux users will actually have your hardware and need a kernel driver module?

Most specialist hardware companies I know of ship a compilable module for any drivers - that can be part object code if you have IPR to protect, and then end users compile on demand. Yes, its a pain in some cases but you can automate that.

5
3

DraaS-tic times call for DraaS-tic measures in VMware's cloud

Paul Crawford
Silver badge

"to appease the non-windows lot"

Let us not forget that the "Widnows lot" had to put up with some pretty shitty stuff as well, restrictions on what version of Windows/java/flash versions etc.

But your underlying point is valid - fix the $DIETY damn management tools and make the work smoothly on multiple platforms.

0
0

UK Snoopers' Charter gagging order drafted for London Internet Exchange directors

Paul Crawford
Silver badge

Re: LINX is lying

There are interesting aspects to LINX's reply:

"nothing in the proposals bans directors from asking members anything"

It says nothing about then answering such questions.

"we recommend creating a special new ability for elected directors to veto a decision by a majority of the Board"

Surely the majority of the board would act legally? What situation do the foresee that would need such an action at all? Since when did any other company have such a special rule for the board of directors that applies rules beyond the normal statuary duty that comes with being on a board of directors?

Sorry LINX, but those answers do nothing to make me think this has anything other than the Snooper's Charter behind it.

12
0
Paul Crawford
Silver badge

Sounds like the sort of neutral quality advice that justified bombing Iraq and contributing to the rise of ISIS, etc.

21
0
Paul Crawford
Silver badge
Facepalm

Re: Seems rather self defeating to me.

It is not beyond "the government" to do stupid things that fit their own paranoid agenda but ultimately make the UK a toxic place to do business in for the rest of the world. Given the whole Berxit cluster-fsck that is the last thing we need.

14
0

Did Oracle just sign tape's death warrant? Depends what 'no comment' means

Paul Crawford
Silver badge

True, but in this case it looks like Oracle's propitiatory format is the one biting the dust.

If ever there was a reason to move to a tape that more than one supplier provides, this is it. Plus the nice feeling of not having your gonads in Larry's money-extracting vise.

5
0

You know IoT security is bad when libertarians call for strict regulation

Paul Crawford
Silver badge

Re: What kind of code

Unless, of course, Amazon isn't in your jurisdiction, either.

If they trade in the UK they are in our jurisdiction.

1
0
Paul Crawford
Silver badge

Re: What kind of code

Then the importer carries the burden. And its up to them to have sufficient due-diligence from the folk in China to get off for a genuine mistake, otherwise its massive fines and/or chokey time.

It wont stop every crap device, but if it makes it very hard for Joe Public to buy a shitty insecure camera or video recorder, etc, because none of the shops or sellers like Amazon (who of course would be the importer in this case) then its done its job.

1
0

ASLR-security-busting JavaScript hack demo'd by university boffins

Paul Crawford
Silver badge

Timing attacks?

Why not modify web browsers to reduce and randomise the time-measuring functions available to any script?

I mean, when does a web page really need microsecond resolution? If the timing is jittered by a millisecond or so by some pseudo-ransom process would it really break stuff that is talking to the web server via a TCP/IP link with delays typically of the order of 10s of milliseconds?

9
0

No crypto backdoors, more immigration ... says Republican head of House Committee on Homeland Security

Paul Crawford
Silver badge

I seem to have woken up in some alternative reality where politicians speak some sense. Sadly I doubt it will last long enough for the ink to dry...

8
0

University DDoS'd by its own seafood-curious malware-infected vending machines

Paul Crawford
Silver badge
Trollface

Set your IoT networking rules to only allow access to the vending machine companies network addresses then.

2
0

Roses are red, you're over the moon, 'cos you work in infosec, and you're retiring soon

Paul Crawford
Silver badge
Joke

Re: There are two very different problems and this is the solution to neither

"ultimately if you sacrifice all your virgins to ensure the sun rises in the morning, you run out of people to breed from."

What if you just sacrifice their virginity?

7
0

Munich may dump Linux for Windows

Paul Crawford
Silver badge

Re: @ werdsmith

"Every fecking time someone comes up with these fictional anecdotes"

Who said anything about getting an IT job? Did you actually read the comments?

Many folk, myself included, have found that most users can adapt, look at how the majority of the formally-windows-only users have now got smartphones and no issues with using them. That is the point, if you set up a Linux PC for someone like a grandparent and spend just 5 minutes to show them the key stuff (e.g. web browser, email client) that is enough in most cases. You get almost no examples of them breaking it because 99.9+% of malware won't run on such a desktop and they don't get put off by endless, pointless, indecipherable warnings from AV, etc.

They won't set up a Linux PC, and if they buy a Windows PC it won't come setup in any sane way (from their perspective) either so in a short time will cause you grief (if you care enough to help them that is).

11
1
Paul Crawford
Silver badge
Trollface

Re: @ Korev

"is Linux as functional at mail, calendaring, forms, rules, and tasks as a Windows/outlook/Exchange combination?"

Yes. If you want exact outlook/exchange work-flow then you can simple use Office365 from any standard-compatible web browser.

Can't you?

7
10
Paul Crawford
Silver badge

Re: Charlie Clark

"but every time I boot a Linux box I become convinced that the UX team hates me"

Really the same applies to most software now :( MS buggered about the the UX in the great 8.1 failure, Macs have been getting dumber, Google (and Mozilla who seem to slavishly follow them) seem hell-bent on removing anything possibly useful in a web browser. The list goes on and on...

28
2
Paul Crawford
Silver badge

Re: Adam 52

I was talking about using the machines, not system design/config/management.

Irrespective of the OS, you still need professionals in a given area to do that properly.

I have been using Linux for many years and never (since mid-2000s) had to bother much with configuring X or networks - all pretty much works out of the box. As for LDAP, no idea, but then I would not attempt to set up Active Directory or roll-our a big platform of machines (any OS) similar without going on a relevant training course.

22
2
Paul Crawford
Silver badge

Re: @ Korev

Calendars, task tracking, contacts...

That is NOT email (except for email contacts, of course). The fact that MS decided to lump it in with their own email client still does not make it email.

You do need Windows really for this though, I'm on a Mac right now and not of the above work that well compared to Windows.

Translation - MS can't (or won't) make their own fscking suite of programs work properly on other platforms they claim to support.

If you are tied to MS office in such depth then tough, you have no choice but to pay MS and accept any T&C they choose to apply to you. That is not the fault of the underlying OS, that is the fault of MS (and to some degree, yourself for buying in to) for such lock-in.

32
17
Paul Crawford
Silver badge

Re: Replacing Linux with Windows, based on *cost*?

"Given that most people are familiar with Windows Android"

Fixed it for you...

Really, this "training for users" cost w.r.t OS choice is a bit bogus, either you have staff that are technically adept (e.g. software/engineering sort of group) in which case they can do most themselves, or you have non-computer geeks (i.e. most others) in which case you have to train for anything that changes. So a new version of Windows has played "lets move the control panel" one more: more training. You cloud supplier (MS, Google, whatever) has played the same "lets bugger up the web version" and training again. Irrespective of the underlying OS.

52
16

That guy using a Surface you keep seeing around town could be a spy

Paul Crawford
Silver badge

Don't you know? Maybe you could spy on yourself for a while to work out if you are, or are not, actually a spy?

2
0

Kids these days will never understand the value of money

Paul Crawford
Silver badge

Re: Cashless society

This =>

I would up-vote you many times if I could!

7
0

Lovely. Now someone's ported IoT-menacing Mirai to Windows boxes

Paul Crawford
Silver badge

@Linux is secure!

Yes, right up the the point when you have internet-facing ports open with default root passwords...

0
1

Judge green lights Microsoft vs Uncle Sam gag order case

Paul Crawford
Silver badge

Re: The Cloud..

Of course if the cloud companies had implemented proper user-side encryption for data storage this warrant would be moot as the companies would never have the keys. However, that would also restrict their ability to whore you to advertisers...

4
1

Samsung's Chromebook Pro: Overpriced vanilla PC with a stylus. 'Wow'

Paul Crawford
Silver badge

Re: A TPM os good on Chrome, and bad in Windows?

Is a very good point.

The real answer, of course, is secure/TPM boot is good when you have the ultimate control over its use, and not what the OEM has decided you should get. However, I don't know what this Samsung laptop is like to actually answer that. My old Acer Chromebook allowed you to disable it so I could boot Ubuntu, etc, if I wanted.

6
1
Paul Crawford
Silver badge

Reading the review my main complaint is the lack of built-in connectors for HDMI and older USB. Who really wants to have to carry a bag of dongles where ever you go that you might need to plug in to anything?

I have a el-chepo Chromebook and it was good for certain things, provided Google's whoring of your information is acceptable. For a "technically challenged" friend it was almost perfect (until they stood on it - not really and OS fault).

However my main gripe with that Chromebook was the keyboard. Yes, I like getting rid of caps lock, but they also got rid of the cursor keys and home/end and for many, many tasks that just royally pissed me off.

7
1

NASA bakes Venus-proof electronics

Paul Crawford
Silver badge

Bring back thermionic valves I say!

But seriously, having such high-temperature electronics has some applications on Earth as well, maybe not as harsh, but for deep drills and around reactors, etc.

11
0

SQL Server on Linux? HELL YES! Linux on Windows 10? Meh

Paul Crawford
Silver badge

Re: Windows ME was worse

Tricky, we have:

1) ME was a steaming pile of unreliable crap without any form of security or application isolation that mattered.

2) Win10 whores you to advertisers and any three-letter agency who asks.

18
5
Paul Crawford
Silver badge

why not just run Ubuntu and put Windows in the virtual machine?

Is exactly what I do and it works very well.

But then I don't have a corporate sysadmin insisting that my desktop has to be a standard Windows image for their ease of management organisation wide, so for those in that situation I can see it kind of makes sense. But then you have to have Win10, so maybe you would ask for an Ubuntu VM on your Windows 7 corporate machine?

15
3

Want to come to the US? Be prepared to hand over your passwords if you're on Trump's hit list

Paul Crawford
Silver badge

Same here, have visited the USA a few times and almost without exception the people I met and dealt with were nice and civilised.

However, that was some years ago and the public image and view being projected by the nation of America is such that I would not choose to go there. Of course, not everyone has a choice as business might take you there, but if you want an English-speaking holiday then you can got to Canada (or UK or event Holland!) and be free of Trumph and the gun-totting idiots that tend to support him.

OK, the UK also has right-wing xenophobic idiots as well, but at least they are not able to get the guns so easily...

8
0

Euro bloc blocks streaming vid geoblocks

Paul Crawford
Silver badge

Re: cheap bent bananas?

I thought that was our glorious leaders already?

7
0

Japanese team unveils terahertz band 100 Gbps wireless tech

Paul Crawford
Silver badge

Re: Naive question

It is not naive, in fact it is a very fundamental aspect the most radio courses gloss over!

Basically you have two antenna aspects: (1) "directivity gain" which is a measure of how much a beam is focused (there is no amplification), and (2) "effective aperture" which is a measure of the antenna's ability to intercept the EM flux.

As frequencies go up (generally speaking here, YMMV, etc) you get more easy focusing from a given reflector, etc, so directivity gain increases, but your effective aperture remains the same. To make calculations easier a radio link's "path loss" has a wavelength term, it is more than just inverse-square law spreading with distance, so that at constant flux and constant aperture you get the same signal even though the directivity gain increases with frequency.

So for two antenna pointing at each other, increasing the frequency would lead to a stronger signal due to the higher directivity gain, but at the expense of needing more accurate pointing. Conversely, if you keep the RF flux constant (so you get the same coverage area, same pointing error accuracy demands, etc) then increasing frequency has the opposite effect in that smaller reflectors, etc, are used to keep the directivity down, and so less aperture able to intercept the flux.

1
0
Paul Crawford
Silver badge

Re: Naive question

Rain attenuation is very high at those frequencies, but also it is not something that is well characterised (yet) as no one really has measured it for long enough to validate the model's upper range.

http://www.itu.int/dms_pubrec/itu-r/rec/p/R-REC-P.838-3-200503-I!!PDF-E.pdf

You will notice the ITU-R models have no accuracy/error bounds on them...

0
0

Juno how to adjust a broken Jupiter probe's orbit?

Paul Crawford
Silver badge

Re: Gravity well.

It's astounding, Time is fleeting, Madness takes its toll...

2
0

Polish banks hit by malware sent through hacked financial regulator

Paul Crawford
Silver badge

I believe that dried frog pills are also available, and very efficacious in such cases.

2
0

Why does it cost 20 times as much to protect Mark Zuckerberg as Tim Cook?

Paul Crawford
Silver badge
Gimp

Re: @ earl grey

No it was Miss Scarlet in the basement with a strap-on.

5
0
Paul Crawford
Silver badge
Trollface

Re: Choose your enemies

"But they don't have an assault rifle"

Not in the UK or Europe at least. As for the USA...

3
0

Ubuntu Linux daddy Mark Shuttleworth: Carrots for Unity 8?

Paul Crawford
Silver badge

Re: Never name a project "Unity"

More so if it is "cold"

2
0

Forums

Biting the hand that feeds IT © 1998–2017