Mention a mighty beard in the teaser and no photo. I only clicked to see the beard. You hurt me, Reg.
1187 posts • joined 1 May 2008
Mention a mighty beard in the teaser and no photo. I only clicked to see the beard. You hurt me, Reg.
To my mind, however, Microsoft hit a high point for event audio with Windows 95. Subsequent releases of Windows have never reached such glorious levels of gratuitous audio; indeed, the startup and shutdown sounds these days are little more than clicks or bips.
How dare you overlook that Vista's "soundscapes" were imagineered by bleedin' Robert Fripp?
People gonna forget how rock'n'roll MICROS~1 used to be ;)
If you're on a multi-user machine, ensuring "your" stuff is insulated by the correct file permissions by default is valuable: I tried making a "personal" folder under C:\ (which last I looked is world-writeable by default - WTF?!) but ensuring the permissions were set to propagate properly was a screaming nightmare. Windows permissions editing ... shudder.
I stopped using [user]\Documents when ransomware became a thing, as this would likely be a default target. The weird symlinking shenanigans to which Documents and its ilk are subject make them problematic for doing backups as well.
As for AppData, I've never grokked the philosophical distinction between Local/LocalLow/Roaming, and it's pretty clear app devs don't either. I never know which one I'll find an app's settings in, let alone why. Some even use more than one of them(?)
At least the FOSS apps can be relied upon to ignore all of them and create a nice predictable [user]\.[appname] folder :)
As I recall, the main target of Linus's anger at the time was Andrew Tridgell, for coming out with the reverse-engineered BK client that provoked BK's owner to withdraw the free-beer client license for kernel devs. If git was named for any one person at that time it was probably Tridge.
However, the very swift appearance of git in the wake of BK's move did make me wonder whether Linus had already been working towards dumping BK for some time, having tacitly acknowledged the complaints from many around him about the risks of adopting it in the first place.
Nah. All the downvotes in the world don't tell the poster that throwing around homophobic slurs (thanks for the repro, @TonyJ) is not OK with the Reg. For a lot of such specimens it only emboldens them. Nuking their post (with presumably a ban-warning given behind the scenes) tells them they're in a place that won't stand for that shit.
Welp, at least they can't claim you're holding it wrong if you can't hold the bloody thing.
Hm, guess Trump won't be a fan either.
There are still limits, for heaven's sake.
Why are all the actors in that Android pic Canadian?
Snotch to the muthafuckin' notch, snoogans.
to the unhappy days of early-Noughties wifi adapter purchasing for Linux, where not just white-box jobs but most big brands were prone to having their innards completely re-jigged without so much as a telltale hardware rev to warn buyers of its now paperweight status. Traumatic.
@James Hughes 1 if you're still hanging around, is there any way to identify the faulty boards? Are any steps being taken to withdraw them from sales channels? (I don't remember seeing anything about this in the article, although that was a good 5 minutes ago now #NanaMoon)
I think we all did, Frank. They did kind of telegraph it with the whole italic thing.
ProTip: It's actually quite easy to keep personal electronics in one piece if you can't afford to replace them.
Shouldn't it be "Newercastle" then?
Prefixing that comment with TL;DR was classic btw ;)
Maybe a GDPR maven can answer this.
Where would the law stand on FB (or whoever) charging money for non-slurped access? (This might or might not include also not getting served ads, or that could be an additional pricing tier.)
Asking for a FriendFace...
Someone (possibly here yesterday) explained it thus: The attacker sends a crafted message with three MIME parts to it:
Part 1 (HTML)
Part 2 (PGP / S/MIME)
[Previously-intercepted encrypted message]
Part 2 (HTML)
The silly mail client then glues all three into a single HTML part for display, and if it's REALLY silly it also goes right ahead and fetches the image, which passes the plaintext to $badguyserver in the URL (or as many characters thereof as the system allows for a URL string).
Hope I have that right; for some reason I'm loath to grace the vanity vuln-site with a click.
...surely has to be the name of a Dutch hard-house DJ.
My phone's data connection goes through the cabinet as well? Damn. I should try to get them to route mine through the cabinet near my mum's place, I always get better speeds there.
And if the problem's in the cabinet, how much help is the Windows manual going to be?
CoffeeScript is already a thing, IIRC.
How about ACMEScript - close to its parent standard, and likely to come top in alphabetical lists. And you get a free anvil and some dynamite with it.
At the moment (as far as I understand it) there is a sizeable difference in the compliance burden for PCI DSS between credit-card terminals that connect via dialup vs over the internet. To wit, terminal on dialup = can just self-certify; terminal over IP = have to get whole network audited regularly.
Doesn't moving to VoIP mean then that every bugger'll have to get audits done? Or will the exemption apply to it as well? Penny-pinching minds demand to know.
>A pox on it. We need IPv7 - just add another octet at the start of IPv6..
Couldn't we add one onto IPv4 instead and keep the rest of it the same? Then the hard-won skills of a multitude of consumer grannies (and me) could be transferred and nobody has to play how-many-colons bingo with that ridiculously opaque address scheme. Worked pretty well when we needed more phone numbers, amirite?
You get a notification in Firefox whenever a page attempts to play audio, telling you to install pulseaudio. How did you miss that?
But my inner Grammarnazi is getting (erroneously) #triggered every time I clap eyes on that leading apostrophe.
>Then you're starving the revolutionaries
And here I thought I'd heard every euphemism for wanking already...
Not on the router, but you can on your pc/slab/etc so what the router says is ignored by it.
Really? If anyone utters or interprets "to $date" as excluding $date, I judge them an utter ocean-going See You Next Tuesday.
And don't get me started on people who say "next Tuesday" when they mean THIS Tuesday (Tuesday of THIS week). Nurse, make it a large one please....
If your email platform requires your input in order to sort by date, I'd find a better one.
After such an interminable set-up, I really was expecting a funny punchline. I sort of feel as if I should be calling the OFT or the ASA or someone about this.
...that cats are fair game to run over?
Not to dilute your point, but it's ln <target> <linkname> innit?
No, you misunderstand. Norman was primarily the company cook, specialising in stir-frys.
Quaequam blag! That is a downright grexnix slur-by-association upon Betelgeusian immigrants the length of the land! I suggest a prompt retraction, lest a Rigellian Hot-Shot be delivered with little warning!
I suppose, but "Made in Scotland from poagled mountain-bike frames" doesn't quite have the same ring to it.
(Actually, now I've sung it out loud, I like it better!)
Shame, you were doing so well up until then... </wtfdidijustread>
Wanted to mention you can also add ReplayGain tags (both track and album) to FLAC files, the command-line app "metaflac" can do it. My player supports it, but YMMV.
The loudness issue used to drive me mad on my phone, but after much study I managed to patch the old Android (ICS) Music app to support ReplayGain on MP3s.
Only problem was when Jelly Bean came along and I recompiled the app, it now has "gapless playback" (i.e. a slight crossfade/segue) which when fading from a song with lots of gain applied to one with none or negative gain, there tends to be a split-second burst of EXTREME LOUDNESS until the equalizer adjusts it to where it should be for the next track. I must try to fix this at some point but I fear by then the AOSP app will be abandonware :(
Mm, I wondered the same. Not sure the CMD shell can even do that on the host VM all that easily, let alone reaching back through the tubes and doing it to the VNC client's host machine.
Not to mention that if Hide Extensions is enabled (as has been default for quite some time), the mark might wonder why the file *has* a .TXT extension showing?
Now you could name it "Passwords.bat" but the icon would still be wrong. Worth a try would be creating the batchfile elsewhere and placing on the Desktop a shortcut to it, which IIRC you can change the icon of the shortcut.
But I'd still like that recipe for how this batchfile is pwning the intruder's machine. Still with us, OP?
Icon: closest available to "chinny reckon".
(in a couple case I even got a "recipient does not exist" response)
Now that *should* be enough to see action taken by their (the ISP's) TLD registry, as it violates RFCs, but I imagine for most of them this is equally fruitless.
What you can do however is report the offending IP (and in some cases the ISP's whole IP range if there is enough evidence of endemic misuse) to various spam blacklists (there are many). Then at least you're hopefully reducing the pain for others.
I'm reading through the Cisco analysis as I speak, but I'm not yet seeing what's the excuse for being vulnerable to this.
Seems that it
(1) Spreads through unsecured SMB ports
Well what the fuck retard has their MSNet ports out there waving in the breeze of the general Internet in this day and age, FFS? I mean even MS don't sell you an OS any more that does such stupid things OOTB.
(2) Drops a binary, msseseccexxxesexypoo.exe (or something)...
Well how does it drop it and execute it without a by-your-leave? What browser/email client is allowing that to happen, because it doesn't magically happen without a parent vuln or colossally bad design decision to enable it.
I've only skimmed this info so far but please, someone, let me know if I can get this without having my SMB ports open to the WAN and/or ignoring some permutation of Windows/browser/emailer that won't shout at me "UR ABOUT TO RUN A PROGGY OFF TEH INTERNET IT MITE BE BAD ACTULY ITS PROLLY BAD Y/N" prior to executing a downloaded binary (which, Christ, Windows itself actually does a pretty good job of doing lately).
NGL, if they show me Ren & Stimpy I'll probably forget all about the porn objective.
They'll have to prise it from my cold, damp hand.
>even having a wank could land you in hot water
Ugh, best avoid that. The lysis of the sperm cells in. pure water will render them extremely sticky and hard to remove. Soapy water is your friend. Er, so I'm told.
Most of the time Firefox binary release is fine, at times I've used that in preference to whichever distro's package, and that meant getting updates straight away too. I wish Libreoffice had a standalone installer as it's a nightmare trying to satisfy dependencies for Gentoo's binary package of it. I might give the Snap/Flatpak option a look.
Firefox accounts do use end-to-end encryption, so your 2nd and 3rd "rules" are moot. And if the data "being on someone else's computer" still bothers you that much in spite of this, the server software is all open-source so you can host it on your own computer if you want.*
* I did this myself and have to admit it is quite a battle to set it all up correctly, so in the end I asked myself why I was bothering and got a Firefox account instead. #NoRegrets
"HEYYY! It looks like you're losing a gun-battle. Would you like some help?"
Some impressively over-engineered solutions above, but this can be accomplished using Firefox alone. I use this feature myself to insulate extra-sensitive workloads from day-to-day omnivorous browsing. Just start Firefox's profile manager:
Create a new profile called e.g. 'banking'. When done, launch not this new profile but your original one (called 'default' by, er default).
Now, without closing Firefox, execute this:
firefox -no-remote -p banking
Voilà: a completely separate instance of Firefox running side-by-side with, but fully insulated from, your normal browsing. And because it's completely separate, you can customise the browser UI, add-ons and other preferences completely independently, to optimise them for the one or few sites you'll use it for.
This. I don't think they appreciate quite how big a kick in the market-share nuts the upcoming bonfire of the legacy add-ons is going to be. The current add-on ecosystem is the only thing besides sentimentality and inertia that's keeping me on board (though I certainly don't much fancy the alternatives either).
Or the suitably-descriptive-while-retaining-brevity: handegg.
>We could vote for 59 fluorescent macaques and it would have no effect.
I dunno, might liven up PMQs a bit. Let's try it.
Biting the hand that feeds IT © 1998–2018