* Posts by Midnight

307 posts • joined 24 Feb 2008

Page:

I love disruptive computer jargon. It's so very William Burroughs

Midnight

Re: Gif.

<quote>Don't get this - how can G(raphics) be pronounced as JIF.</quote>

The same way that the format created by the Joint Photographic Experts Group isn't pronounced Juh'Feg.

5
0

They've only gone and made a chemical-threat-detecting ring

Midnight

If you can't see it, it can't bother you.

If they weren't a good idea, would the President of the Galaxy wear them?

13
0

Blade Runner 2049: Back to the Future – the movies that showed us what's to come

Midnight

So 35 years between two "episodes" is a series?

Only if you are George R. R. Martin.

15
0

BYOD might be a hipster honeypot but it's rarely worth the extra hassle

Midnight

Re: No hassle here.

This isn't a BYOD solution. It doesnt solve the issues discussed (laptops, desktops, macbooks etc).

Did you read the article?

I thought you knew. The comments section switched to a Bring Your Own Article policy several months ago. It adds a little bit of administrative overhead and may have some minor impact on the coherency of comments, but we feel that it makes the users happier in the long run.

22
0

Sysadmin tells user CSI-style password guessing never w– wait WTF?! It's 'PASSWORD1'!

Midnight

...Followed by Feynman becoming quite unpopular with the secretaries and personal assistants due to a directive from On High that if he has spent any time at all in their offices, they needed to immediately change the combination of the filing cabinet and safe.

10
0
Midnight

Re: Favourite

There are quite a few low-security systems around me where the password is "I already told you that."

2
0

Connect at mine free Wi-Fi! I would knew what I is do! I is cafe boss!

Midnight

Re: Smart intercoms/bells are a good idea, that are usually badly implemented

"So a "ding dong" is a warning signal of visitor, post, or circular. If followed by a Westminster chime then it means someone is ringing the bell."

And if it is followed closely by the sound of barking dogs and screaming then the bell has been rung by a door-to-door soul saver, utilities fraud team or a salesperson from Citrix.

4
0
Midnight

Re: Please to be using our free WiFimabob.

Fortunately, advanced devices[1] using MAC address randomisation when connecting to public wifi..

[1] iOS devices and some Androids..

Or Windows 10 and Windows Phone devices, which technically qualify as advanced.

0
0

Crowdfunding scheme hopes to pay legal fees for Marcus Hutchins

Midnight

I know, right? Most people who go on vacation just spend the whole week in a youth hostel reading paperback romance novels.

It's unheard of for a 23 year old guy to be throwing money around like that, especially in Las Vegas, a city which prides itself on sober, quiet contemplation.

7
0

WannaCry-slayer Marcus Hutchins 'built Kronos banking trojan' – FBI

Midnight

Re: Also Wannacry?

"There is something a little off with this."

There sure is. I think you should look at changing the vendor you purchase domain names from, as it really shouldn't take "a few hours minimum" to sign in to a control panel, type or paste in a domain name, check the box that says "Yes please put this domain on the same domain name servers I always use" and then push a button to buy it. It's a five minute job at most, and that includes typing your password wrong four times and swearing a bit before you turn Caps Lock back off. And if you're concerned about the cost, which is less than the price of buying warm drinks for the entire team one time, you can typically 'return' the domain a few days later and end up paying nothing.

What you may be missing is that checking in with a mysteriously named domain is a fairly common technique for malware to use, and that it is not unusual to take control of expired, unregistered or cancelled domains to 'sinkhole' them, effectively shutting down an entire botnet by not only removing its central command and control facility but also redirecting the C&C traffic to a friendly site where you can keeps tabs on botnet infections and activity. The value isn't just in stopping a single infection on your local network, but also in seeing what every other infected host in the world is doing, so taking a few minutes to register a domain and point it to your existing sinkhole server is a reasonable thing to do.

This is exactly what MalwareTech described in his original write-up of WannaCrypt ( https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html ), and he includes some data he was able to collect on global and regional infection rates through the sinkholed domain.

It may seem odd if you're not familiar with modern botnet hunting, but what MalwareTech did wasn't that unusual.

10
0

'Real' people want govts to spy on them, argues UK Home Secretary

Midnight

Steve Bannon wants Facebook, Google 'regulated like utilities'

Midnight

Re: YOS!

What you've just said is one of the most insanely idiotic things I have ever heard. At no point in your rambling, incoherent response were you even close to anything that could be considered a rational thought. Everyone in this room is now dumber for having listened to it. I award you no points, and may God have mercy on your soul.

21
2

Mac ransomware author is giving away malicious code to script kiddies

Midnight

Re: Given how unsophisticated the average Mac user is

A hacker group known as "The Genius Bar" has been engaged in this kind of ransomware-as-a-retail-service for almost sixteen years.

1
0

'My PC needs to lose weight' says user with FAT filesystem

Midnight

Re: Scuh-zee IS the official pronunciation in some circles

"There's never been a period that I've NOT heard SCSI pronounced that way."

When Larry Boucher invented SCSI he wanted it to be pronounced "Sek-see". Everyone else on the committee thought that sounded unprofessional and decided it should be "Scuh-zee" instead.

I'm pretty sure that this was the same group which later renamed the seventh planet to "Urectum" because its old name sounded impolite.

10
0

PAH! Four decades of Star Wars: No lightsabers, no palm-sized video calls

Midnight

Re: future displays are rubbish

I used to think that way. Then I "upgraded" the antenna sitting on top of my TV to an IP-based...

(loading)

(loading)

...streaming ser...

(loading)

(loading)

(loading)

5
0
Midnight

Re: SW was never about our future.

"Thanks for pointing that out. I'd spent the last 40 years thinking it was a documentary."

I also get Star Wars confused with Galaxy Quest all the time.

7
0

Trump's lips sealed on surveillance, complains EU privacy chief

Midnight

It's just temporary

It's just that nobody in the White House understands how the phones work. Once they figure that out, they'll be in touch.

Now... It's pick up the receiver, then select a line... No wait, select a line, then press the speaker button, then dial '9' for an outside line? Or is it '6' for international calls, then '011'? No, use '9', but drop the '0' and dial --

Hello? Is someone there?

5
0

Boss swore by 'For Dummies' book about an OS his org didn't run

Midnight

Re: But the real issue is

Out of interest what would american chocolate be classified as?

As a previous poster kindly pointed out, it is formally classed as "cheese" and only just escapes being labelled as "tile grout" on grounds of colour.

9
1

Kaspersky launches a range of perfumes to, er, defend your odour

Midnight

Re: Fear awakens our senses

Remember, the "S" in "IoT" stands for security.

5
0

Road accident nuisance callers fined £270,000 for being absolute sh*tbags

Midnight

"Our partner specifically required your number so they could deliver services which you technically didn't _not_ request, so that's pretty much the same as having requested them."

So everything's good now, and the robocalls can continue, right?

1
1

BOFH: Elf of Safety? Orc of Admin. Pleased to meet you

Midnight

Re: reduced fat lard?

Isn't that when you use half as much?

2
0
Midnight

Re: Right Royal Softly, Softly, ...... Catchee GCHQ and Assorted Monkeys ....

I heard that he moonlights as a speechwriter for a recently elected US politician.

4
1

BOFH: Password HELL. For you, mate, not for me

Midnight

Re: Obligatory XKCD

correct horse battery staple is nice, but I prefer the Bruce Schneier password: uTVM,TPw55:utvm,tpwstillsecure.

3
0

You're taking the p... Linux encryption app Cryptkeeper has universal password: 'p'

Midnight

Re: Does this mean

Y'know, there is a bug report which explains all of these things. It's even linked from the article.

Here, I'll read it for you. Cryptkeeper calls encfs to create an encrypted filesystem interactively and feeds it answers through stdin. The code is even included in the bug report:

execlp ("encfs", "encfs", "-S", crypt_dir, mount_dir, NULL);

exit (0);

[...]

// paranoid default setup mode

//write (fd[1], "y\n", 2);

//write (fd[1], "y\n", 2);

write (fd[1], "p\n", 2);

write (fd[1], password, strlen (password));

write (fd[1], "\n", 1);

Not only does it answer "p" to the "Paranoid or eXpert mode?" prompt, it also used to answer "y" twice before that, presumably to answer questions about creating the filesystem and mount point specified in crypt_dir and mount_dir. The man page for encfs even specifically warns about that possibility:

-S, --stdinpass

Read password from standard input, without prompting. This may be useful for scripting encfs mounts.

Note that you should make sure the filesystem and mount points exist first. Otherwise encfs will prompt for the filesystem creation options, which may interfere with your script.

The end result of this is that Cryptkeeper will ignore the user supplied passphrase and create an encrypted filesystem with the password "p". Since the error was restricted to the creation code, any further attempts to mount the newly created filesystem with the correct password would fail.

While the real source of this error is the sloppy use of an interactive session with encfs in Cryptkeeper, the trigger was a recent fix made to encfs which removed the "paranoid?" prompt. Since this fix was committed on December 12th, when Cryptkeeper was no longer maintained, it was not caught until the next time a Debian testing user tried to create a new encrypted filesystem and found that it didn't work.

1
0

How the NYE leap second clocked Cloudflare – and how a single character fixed it

Midnight

Re: There is the theory of the moebius...

Programs assume that time is a strict progression of cause to effect but actually, from a non-linear, non-subjective viewpoint, it's more like a big ball of wibbly wobbly... time-y wimey... stuff.

2
1

New Android-infecting malware brew hijacks devices. Why, you ask? Your router

Midnight

Re: Infection Vector

The linked writeup goes into some depth about this, but here's an overly brief summary which probably misses several important details:

1) End user downloads a copy of a popular search app or free wifi app onto their phone and installs it, presumably by sideloading.

2) The trojan app then runs, checks to see if it has connected to a new wifi network and then phones home for instructions.

3) The app then uses a range of super-secret military grade encrypted ciphers such as "admin/admin" and "admin/123456" to log in as an administrator to the wifi access point it just connected to.

4) Once it has admin access to the AP the trojan will then reconfigure it to use a rogue DNS server for itself and for all DHCP clients which connect to it from then on. According to the article it seems to only understand the web interface for common TP-LINK routers

5) The trojan-infected phone can then be switched off, wiped clean, fed into a wood chipper and then have its ashes launched into the sun, but the damage to the WIFI AP will still remain.

So the initial infection is done by sideloading an app, but once the AP has been owned every user of that WiFi network who uses the provided DNS addresses will be affected.

4
0

Sysadmin told to spend 20+ hours changing user names, for no reason

Midnight

I think you do have those backwards.

https://getyarn.io/yarn-clip/30414f9c-864f-454d-8124-8160934d51f0

And the carbon-units are not an infestation. They are a natural function of the Creator's planet.

0
0

AI gives porn peddlers a helping hand

Midnight

Re: CFCM?

"Clothed Finance, Credit and Macroeconomics"?

YMINMKBYKIOK.

2
0

Post-outage King's College London orders staff to never make their own backups

Midnight

Throw in some phones with cords, octagon shaped paper, and Edward James Olmos in a dark blue jacket and you've got something good there.

2
0

Trump's taxing problem: The end of 'affordable' iPhones

Midnight

Re: Trump's business for more than 10 years has been LICENSING HIS NAME.

"Being president of the USA is 'The road to nowhere' job."

But... David Byrne is Scottish.

2
0

Robot solves Rubik's Cubes in 637 milliseconds

Midnight

Re: As for that time...

Most humans in competitions _do_ use speed cubes, which are designed to avoid unfortunate accidents like popping or corner cutting and then disassembled, lubricated, adjusted and reassembled at least twenty times during the lead-up to a competition. The first adjustment ensures that all of the cube's parts will be turning at top speed with exactly the amount of friction required while the next nineteen or so are just to give the cube's owner something to do with their hands while waiting.

4
0

Microsoft goes back to the drawing board – literally, with 28" tablet and hockey puck knob

Midnight

I'm confused.

I can understand the screen. It's a 3:2 aspect, big enough to display two pages side by side at something around 200 dpi, so it's great for doing print work.

It's touch and has a fancy pen so that you can draw right on it. The Soar Knob does the job of a mouse wheel and give you something to do with your left hand while you're drawing that won't get you arrested.

The screen can tilt from vertical down to almost flat so that it can act like a traditional desktop or a drafting table, and the whole thing is counterweighted to make the transition as smooth as possible.

There's a ridiculously high resolution camera built into the top bezel so that you can share all of your conversations with Skype and that the botnet owners can watch your expression right after you realize that all of your files have just been encrypted with unbreakable triple-ROT13.

That all makes sense.

Why does a desktop computer, designed to be placed with its back against a wall or tilted so that its back goes down to the desk, have both front _and_ back mounted cameras?

7
2

If we can't fix this printer tonight, the bank's core app will stop working

Midnight

Immediate result: Helpdesk calls the printer technician first. For every possible incident.

8
0
Midnight

Re: Some time ago...

"You might need to explain to some of the youngsters here [...] what a "punched card" is..."

I'll give it a go...

*ahem*

"It's something like an iPhone, only even thinner."

24
0

Elon Musk says SpaceX Falcon 9 fireball investigation is 'biggest challenge yet'

Midnight

"""SpaceX quickly released a statement calling the explosion an anomaly"

No shit, Sherlock."

Their original plan was to release a statement saying "We meant to do that!" and hope that nobody noticed.

7
0
Midnight
Black Helicopters

The sixth and final explosion—frame 313—starts on the Falcon 9 in the oxygen tank near the front. This is the big one. The Falcon 9 going back to its left. The explosion came from the front and right. Totally inconsistent with a routine filling operation. Again... back and to the left… back and to the left… back and to the left… back and to the left.

6
0

Want a Windows 10 update? Don't go to Microsoft ... please

Midnight

Re: @kraggy

So if a Windows update installs quickly, quietly, and doesn't break anything, _then_ we will know that it's an obvious and clumsy fake.

30
1

Blackhat wannabes proffer probably bogus Linux scamsomware

Midnight

Re: redis?

Yup. It's the same thing. Just a different payload.

http://www.bleepingcomputer.com/news/security/hacked-redis-servers-being-used-to-install-the-fairware-ransomware-attack/

0
0

Height of stupidity: Heathrow airliner buzzed by drone at 7,000ft

Midnight

Re: Operational distance...

Clearly it was aliens.

2
0

Chinese CA hands guy base certificates for GitHub, Florida uni

Midnight

Re: You can't trust anybody

"Maybe the solution is to add a further category for whom the "Ignore these warnings" buttons are greyed out."

Perhaps an "I am aware of the risks" checkbox could help. Activating that and also pressing the "Ignore these warnings" button would not actually bypass the certificate warning, but instead open up a large text box with the caption "Then tell us what you think they are".

0
2

Sysadmin sticks finger in pipe, saves data centre from flood

Midnight

Re: CROM

I was reminded of this guy instead...

"Friday at last!" crowed Conan springing from his mats with the agility of an antelope. "Crom's Beard but it took long enough to get here!"

-- Conan the Salaryman

4
0

If you haven't changed your Dropbox password for 4 years, do so now

Midnight

Re: Sounds fishy to me

That is an awful lot of passwords, but don't worry. You'll only need to know one of them to convince someone at the call centre that you should have access to all of your accounts.

Security is job one.

7
0

NASA to begin first asteroid sample mission: Seeks 'pristine' specimen

Midnight

Re: Take me along

Green or Blue swimming pools?

8
0

Cops break up German sausage fight between pair of Neubrandenburgers

Midnight

Re: Allo Allo

As any student of art history knows, that's "The Fallen Madonna with the Big Boobies" by van Klomp, which may or may not be within Herr Flick's sausage.

11
0

'I found the intern curled up on the data centre floor moaning'

Midnight

Re: What are the odds

No interocitor part can be replaced. Bear this in mind while assembling. Use only genuine interocitor parts.

...

Cal, are you gonna work naked again?

3
0
Midnight

Re: "Pete' has omitted some details...

Making all those calls would run down the phone battery, which is needed for playing Pokemon.

You've got to have priorities.

14
0

Render crashing PCs back to their component silicon: They deserve it

Midnight

"Private Idaho?"

*sigh*

It is by puns alone I set my jokes in motion.

It is by the brew of coffee that wits acquire speed, the wits acquire groans, the groans become a warning.

It is by puns alone I set my jokes in motion.

5
0

Mozilla 404s '404 Not Found' pages: Firefox fills in blanks with archive.org copies

Midnight

I don't get it.

I understand the github reference, but what's so amazing about Bloomberg's 404 page?

Aside from having over 110k of scripting and menus, the page just says "404. Page Not Found / Unfortunately, this page does not exist. Please check your URL or return to the Home Page".

Am I missing something, or are those two sentences just that much more amusing than anything else Bloomberg ever reports on?

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017