Re: Making DNS communication more secure
You get a notification in Firefox whenever a page attempts to play audio, telling you to install pulseaudio. How did you miss that?
1165 posts • joined 1 May 2008
You get a notification in Firefox whenever a page attempts to play audio, telling you to install pulseaudio. How did you miss that?
But my inner Grammarnazi is getting (erroneously) #triggered every time I clap eyes on that leading apostrophe.
>Then you're starving the revolutionaries
And here I thought I'd heard every euphemism for wanking already...
Not on the router, but you can on your pc/slab/etc so what the router says is ignored by it.
Really? If anyone utters or interprets "to $date" as excluding $date, I judge them an utter ocean-going See You Next Tuesday.
And don't get me started on people who say "next Tuesday" when they mean THIS Tuesday (Tuesday of THIS week). Nurse, make it a large one please....
If your email platform requires your input in order to sort by date, I'd find a better one.
After such an interminable set-up, I really was expecting a funny punchline. I sort of feel as if I should be calling the OFT or the ASA or someone about this.
...that cats are fair game to run over?
Not to dilute your point, but it's ln <target> <linkname> innit?
No, you misunderstand. Norman was primarily the company cook, specialising in stir-frys.
Quaequam blag! That is a downright grexnix slur-by-association upon Betelgeusian immigrants the length of the land! I suggest a prompt retraction, lest a Rigellian Hot-Shot be delivered with little warning!
I suppose, but "Made in Scotland from poagled mountain-bike frames" doesn't quite have the same ring to it.
(Actually, now I've sung it out loud, I like it better!)
Shame, you were doing so well up until then... </wtfdidijustread>
Wanted to mention you can also add ReplayGain tags (both track and album) to FLAC files, the command-line app "metaflac" can do it. My player supports it, but YMMV.
The loudness issue used to drive me mad on my phone, but after much study I managed to patch the old Android (ICS) Music app to support ReplayGain on MP3s.
Only problem was when Jelly Bean came along and I recompiled the app, it now has "gapless playback" (i.e. a slight crossfade/segue) which when fading from a song with lots of gain applied to one with none or negative gain, there tends to be a split-second burst of EXTREME LOUDNESS until the equalizer adjusts it to where it should be for the next track. I must try to fix this at some point but I fear by then the AOSP app will be abandonware :(
Mm, I wondered the same. Not sure the CMD shell can even do that on the host VM all that easily, let alone reaching back through the tubes and doing it to the VNC client's host machine.
Not to mention that if Hide Extensions is enabled (as has been default for quite some time), the mark might wonder why the file *has* a .TXT extension showing?
Now you could name it "Passwords.bat" but the icon would still be wrong. Worth a try would be creating the batchfile elsewhere and placing on the Desktop a shortcut to it, which IIRC you can change the icon of the shortcut.
But I'd still like that recipe for how this batchfile is pwning the intruder's machine. Still with us, OP?
Icon: closest available to "chinny reckon".
(in a couple case I even got a "recipient does not exist" response)
Now that *should* be enough to see action taken by their (the ISP's) TLD registry, as it violates RFCs, but I imagine for most of them this is equally fruitless.
What you can do however is report the offending IP (and in some cases the ISP's whole IP range if there is enough evidence of endemic misuse) to various spam blacklists (there are many). Then at least you're hopefully reducing the pain for others.
I'm reading through the Cisco analysis as I speak, but I'm not yet seeing what's the excuse for being vulnerable to this.
Seems that it
(1) Spreads through unsecured SMB ports
Well what the fuck retard has their MSNet ports out there waving in the breeze of the general Internet in this day and age, FFS? I mean even MS don't sell you an OS any more that does such stupid things OOTB.
(2) Drops a binary, msseseccexxxesexypoo.exe (or something)...
Well how does it drop it and execute it without a by-your-leave? What browser/email client is allowing that to happen, because it doesn't magically happen without a parent vuln or colossally bad design decision to enable it.
I've only skimmed this info so far but please, someone, let me know if I can get this without having my SMB ports open to the WAN and/or ignoring some permutation of Windows/browser/emailer that won't shout at me "UR ABOUT TO RUN A PROGGY OFF TEH INTERNET IT MITE BE BAD ACTULY ITS PROLLY BAD Y/N" prior to executing a downloaded binary (which, Christ, Windows itself actually does a pretty good job of doing lately).
NGL, if they show me Ren & Stimpy I'll probably forget all about the porn objective.
They'll have to prise it from my cold, damp hand.
>even having a wank could land you in hot water
Ugh, best avoid that. The lysis of the sperm cells in. pure water will render them extremely sticky and hard to remove. Soapy water is your friend. Er, so I'm told.
Most of the time Firefox binary release is fine, at times I've used that in preference to whichever distro's package, and that meant getting updates straight away too. I wish Libreoffice had a standalone installer as it's a nightmare trying to satisfy dependencies for Gentoo's binary package of it. I might give the Snap/Flatpak option a look.
Firefox accounts do use end-to-end encryption, so your 2nd and 3rd "rules" are moot. And if the data "being on someone else's computer" still bothers you that much in spite of this, the server software is all open-source so you can host it on your own computer if you want.*
* I did this myself and have to admit it is quite a battle to set it all up correctly, so in the end I asked myself why I was bothering and got a Firefox account instead. #NoRegrets
"HEYYY! It looks like you're losing a gun-battle. Would you like some help?"
Some impressively over-engineered solutions above, but this can be accomplished using Firefox alone. I use this feature myself to insulate extra-sensitive workloads from day-to-day omnivorous browsing. Just start Firefox's profile manager:
Create a new profile called e.g. 'banking'. When done, launch not this new profile but your original one (called 'default' by, er default).
Now, without closing Firefox, execute this:
firefox -no-remote -p banking
Voilà: a completely separate instance of Firefox running side-by-side with, but fully insulated from, your normal browsing. And because it's completely separate, you can customise the browser UI, add-ons and other preferences completely independently, to optimise them for the one or few sites you'll use it for.
This. I don't think they appreciate quite how big a kick in the market-share nuts the upcoming bonfire of the legacy add-ons is going to be. The current add-on ecosystem is the only thing besides sentimentality and inertia that's keeping me on board (though I certainly don't much fancy the alternatives either).
Or the suitably-descriptive-while-retaining-brevity: handegg.
>We could vote for 59 fluorescent macaques and it would have no effect.
I dunno, might liven up PMQs a bit. Let's try it.
Good point. There's a large (and disaster-prone) chunk of the planet that wouldn't be too happy wearing a picture of a cowburger on their chest, and another that'd be equally unwelcoming of anything featuring bacon.
Windows might not have its own sshd, but it's been possible since forever to set up Cygwin's sshd as a Windows service. I dunno if it could handle the Kerberos tokens as well but I don't see why not.
I don't think any of the multiprocess code was rolled out as far back as 45.* (could be wrong).
If it is, you should be able to check in the about:support page. If it's present but not active, then as someone else said, it will be because you have an add-on installed that's not compatible with it.
To see which addons are and aren't compatible with multiprocess, you can install a Mozilla add-on called Add-on Compatibility Reporter; once installed, this will add (in-)compatibility labels to each installed add-on's listing in the add-ons screen.
Sadly, if you've been collecting add-ons for a while, you'll probably find quite a few marked incompatible. I'm using quite a few that are pretty indispensable, both at home and work, and which all evidence suggests are unlikely to be ported to WebExtensions* as the developers have long-since moved on. It will be a real wrench and I'm honestly not sure my fondness for the Fox can endure it; I fear the add-on catalogue will be a shadow of its former self soon, and with that goes a lot of what made it awesome. Sad times.
[* Because it's not just a question of replumbing extensions to work with multiprocess, oh no. The whole extension architecture is being thrown out and replaced with something [semi-]compatible with the WebExtension format as used by Chrome and Edge. So far, I've seen nothing to suggest that the possible gain of ease of porting addons from those browsers will outweigh the loss of the existing massive and diverse AMO collection.]
Doesn't flak usually come from underneath though?
Ah, but the sentence is still grammatical and doesn't even change meaning if you delete "People", so there's no problem :)
>Nicotine produces the highest dependency score among common drugs, so one could argue that it is the most damaging, in an indirect way.
I'll hazard a guess that however this dependency score was arrived at, it involved study of smoking tobacco. There's recent research that suggests that nicotine by itself is far less addictive than other compounds found in burnt tobacco. (Sorry no citation, but you didn't give one either so yar boo sucks.)
Anecdotally, I've found I don't "crave" a vape in the way I very definitely used to go spare when denied the chance of a gasper.
Vaping's not an option, e-cigs are banned in Australia. It's in TFA, like.
Man, Australia sucks balls.
Having a prescribed dropzone for downloaded files would be a royal ballache for me a lot of the time, though I'm not against it as a default for new users. What would be more beneficial to my mind, would be if downloaded files weren't executable by default and had to be explicitly OK'd as such by the user.
I've tried in the past to make Windows systems live up to that philosophy, typically by revoking execution permissions on all but one of a user's folders (and crucially not the default download folder) but this just tends to hit problems. 1: some apps have installation/update routines that fail if your TEMP folder doesn't have execute permissions; 2: the stupid-ass Windows permissions granularity where the key permission is "Read AND Execute" whereby if you revoke this permission from a given folder, you can download shit into it and be sure it won't execute, but unfortunately nor can the shell navigate that folder!
In short, a setup whereby the user is required to manually bless the execution of a downloaded file is not a goer without training or seriously crafty system configuration.
>same reasons that UNIX / Linux systems still have a statically-linked (and therefore less dependent) subset of binaries in /sbin.
Mostly only true in the initrd nowadays, from what I've seen. And under systemd, you pretty much need an initrd if your system has any kind of mount that doesn't come up instantly :(
So, um, what if you don't use an initramfs? I don't. Just wondering ...
Well, you know, we could use what we learned to fix knackered (not by us) monkeys too. I doubt we will (outwith the class of vet practice Michael Jackson had for Bubbles back in the day), I'm just saying.
Don't be too hard on John. His language is a bit blunt, but he has a point and I find I largely agree with it (uh-oh). I don't desire the extinction of any species of life, nor inflicting suffering (a very difficult thing to quantify in less-sentient organisms, mind you) without purpose. However, it's unthinkable that humans could thrive as we do without exploiting other species in various ways, including lethal and "life-changing" ways. Polio is a lifeform, but I'd eradicate that in a heartbeat. It's all relative.
By and large, I'd sooner we cracked the technique of not doing unspeakable cruelty to our own species before we get to micromanaging the extent to which we're comfortable doing it to cows or monkeys. Because one way or another, we'll always be doing so. I challenge anyone to establish a "red line" on that which can't be argued against.
I hope you kept your Tor on when you admitted doing this while signed in to this (non-SSL) comment forum then. Oh, and that you've done so every time you've ever signed in to El Reg, otherwise Insp. Knacker of the Yard can pop down to Vulture Central and ID you right quick (if he can be arsed).
Enter key broken?
I don't advise requesting a blanket from a USAfriend, it may contain smallpox.
I won't be the first to opine this, but the worst thing about v6 is the lingo.
I (eventually) got the heads of my dependents, both at work and closer to home, around the concept of an IPv4 address. Four integers with dots in between. Sort of like a phone number, in that the format was consistent.
IPv6? 8 numbers in hex notation (with which we're all super comfortable, yeah), colon-delimited, which if they happen to be zero can be omitted, and if a number of them adjacent to each other are zero the colons can also be omitted just to make it extra opaque.
Do people really not get this? It's too much. Joe sixpack does not want to speak hexadecimal, nor to make sense of which address components are elided or why. If the address is reliably eight integers, with colons or periods or fucking Euro symbols delimiting them, that he can grok (possibly with help). IPv6 address notation is design by engineers, for engineers; granny need not apply.
>an intercontinental flight from the UK to Europe
Christ, I'm not looking forward to Brexit either but I hadn't heard we'd be classified as a different continent!
I vote we name it "Justenoughrope" :(
So you're the spoilsport, eh?
Damn your eyes, I was really looking forward to my wonderful knob.
Don't think Dabbsy was El Reg's cross to bear back in 2003. Legend has it the snub was sparked by a Reg hack mocking Jobs's pronunciation of "Jaguar".
God, but I have been here too long.
I think it's reasonable to assume that Scrooge's parsimony was a year-round occupation, and that the Christmas season merely provided the appropriate background conditions for the filthy lefty free-riders to perform their cynical bit of social engineering upon him.
(Signed, someone for whom the emotional blackmail to spend spend SPEND has already entered high gear.)
Besides, a downvote is as expensive as an upvote, so I don't think it was him at all. QED
Well this just comes across as bitterness, but if you have no body then I suppose it's understandable. It must have taken ages to type that with your nose.
A Honeywell appliance materialised on the wall of our Throne Room at the same time the gas boiler was replaced. I'm guessing it's a CO detector. It does give me a little frisson to see it, albeit that there's very little connection with the tech titan that was.
Part of me wants to pry the casing open in case there's an advanced supercomputer in there (hell, relative to Honeywell machines in their pomp that's probably a valid comparison) but another part of me thinks that if either my landlord, the boiler maker or the plumber felt the need to surreptitiously install such a thing in our bog, I probably don't want to know why.
Biting the hand that feeds IT © 1998–2018