* Posts by Tom Paine

750 posts • joined 19 Aug 2008

Page:

UK Snoopers' Charter gagging order drafted for London Internet Exchange directors

Tom Paine
Bronze badge

Re: Cheers Tory voters - United kingdom = worst kingdom

Exactly. See also ID cards.With the front door approach going down in flames several times under various governments, the Plan B is well advanced: make passports de facto ID cards. An acquaintance of mine from my secret double existence in the Low Life is being forced to get a bank account for his benefit payments. Guess what? Getting a bank account means getting a passport. You already need one to work legally. How long until people are required to produce a passport on request by a police officer, I wonder?

3
1
Tom Paine
Bronze badge

Re: Cheers Tory voters - United kingdom = worst kingdom

...a staunch Anglican convert. There one finds the epitome of the tyrannical "do gooder" who knows what's best for everyone else.

Slightly harsh judgement, perhaps? I'm not aware that the CoE are especially more dogmatic or morally prescriptive compared to other Christian sects. Some of the Baptist traditions were particularly censorious. And when you widen the field beyond UK Christianity...

3
0
Tom Paine
Bronze badge

Re: Didn't this behavior collapse the Empire?

Hard times for everyone else post-Brext? Why should she care, she's got the foreman's job at last.

To find out, plot UK opinion polling for the current party of government against growth, wages growth, and unemployment.

Controversy alert: IMHO, in the 5-10 year range, whatever the implementation details, the UK will take a one-off economic hit followed by a systemic drop in growth compared to the parallel universe where Remain won. The predictable consequence will be a swing in popularity against the high profile Brexit backers (hopefully including that bore down the pub who's always banging on about unelected bureaucrats and bent bananas.) The electoral consequences are hard to predict due to one-off factors like Her Majesty's Loyal Opposition being fronted by Krusty the Klown, the Lib Dems having lost 9/10 of their MPs in 2015, the SNP factor, etc, but even if the Tories scrape another majority, May will be out on her arse and forever tagged as The Brexit PM.

I could be completely wrong about all that; we'll see...

7
3
Tom Paine
Bronze badge

Surely it would be 'safer' to have no such provision.

Yes, right up until all the Directors are arrested and prosecuted.

As I read the piece. LINX are in a cleft stick; break the law, or lose all some of their customers.

2
3

Republicans send anti-Signal signal to US EPA

Tom Paine
Bronze badge
Facepalm

Re: Overreach is the problem

If you elect someone who tries to implement insane fundamentalist policies across the country, you've already got bigger prob ---

Oh, right. :/

1
0
Tom Paine
Bronze badge

Re: Overreach is the problem

Those might become a problem in a few decades time when the parts of the south that aren't stricken by semi-permanent drought develop endemic pools of mossie-born pathogens. Not such a big deal these days, though, surely. One assumes that that risk figures in the cost benefit analysis somewhere.

0
0
Tom Paine
Bronze badge

Re: Overreach is the problem

There are good reasons to keep that particular kind of temporary wetlands, often located where it rains rarely, but when it does, it pours. In those places, they literally save lives.

Altruism in the public interest is probably never going to be wildly popular anywhere, but it's hard to imagine a less popular attitude in the US over the last few decades. Maybe the EPA needs to do a better job communicating why they make decisions like those... or maybe people need to actually read them and think about it.

0
0
Tom Paine
Bronze badge

These criminals are far worse than the normal political criminals. No question

Not wanting to piss on your chips, old chap, but I hardly think that's news to anyone, is it?

1
0

Rasputin whips out large intimidating tool, penetrates uni, city, govt databases – new claim

Tom Paine
Bronze badge
IT Angle

[Off topic]

Is it just me, or is this an incredibly poor choice of site to advertise this product? (I just had a sidebar ad for the stuff here on the comments page. )

https://www.merkabalife.com/ocean#an-ocean-in-a-drop

0
0
Tom Paine
Bronze badge

What is the cost of the outcome?

In the UK, under the current DPA : max fine of £500,000 and IIRC they can have company Directors debarred. After May 2018, fines up to 4% of turnover (that's GLOBAL turnover.)

0
0

Oracle 'systematically stiffed its salesforce' claims new sueball

Tom Paine
Bronze badge

Yayyy!

Which means more court action - yay!

Finally, some good news at last!

* forms a one-man conga line around the office

0
0

IBM to launch cheap 'n' cheerful Power server for i and AIX userbase

Tom Paine
Bronze badge

"cheap"?

How "cheap"? Under £10K?

0
0

Windows 10 networking bug derails Microsoft's own IPv6 rollout

Tom Paine
Bronze badge

Re: Backward compatibility

Here.

https://en.wikipedia.org/wiki/End-to-end_principle

0
0
Tom Paine
Bronze badge

Re: "IPv6 was built to reinstate end-to-end connectivity on the Internet and all connected networks"

Tish, fie and fiddlesticks!

If end-to-end connectivity exposes your systems to security problems YOU HAVE BIGGER PROBLEMS ALREADY.

Secondly, surely it hasn't escaped your notice that for the past, what, 15 years, the de facto vector for 98% of security compromises and data breaches have been clientside attacks that render the supposed security benefits of NAT completely worthless?

"Data snoopers"?? Who on earth are "data snoopers" when they're at home? Sounds like a phrase you'd see in a BTL comment on the Grauniad or, indeed, Daily Mail.

0
0
Tom Paine
Bronze badge

Re: Backward compatibility

Puzzled by the downvotes for the above comment. Could someone explain which bit they disagree with?Nextweek's statements are all factually correct. You might not LIKE them, you may think they were bad decisions, but it's true: NAT is/was a dirty hack, and it's not required by IPv6. I do hope this isn't still about people clinging to the idea that NAT is a security control? (in 2017? Nahhhh... surely not.... ?)

0
0
Tom Paine
Bronze badge

Re: It is not the backward, it is the forward bit which is the issue

Why can't the Windows firewall be trusted?

0
0
Tom Paine
Bronze badge

Re: Backward compatibility

There are plenty of good security reasons to proxy various types of traffic.

0
0
Tom Paine
Bronze badge

Re: "but Android doesn't support that"

(There are, of course, ext2/ext3fs drivers available for Windows, and I dare say shims for other filesystems are also out there. I use it for pulling backups from my Dad's windows PC for offsite storage on the same volumes that have my Linux backups (with an offsite copy at parents' place, of course.)

0
0

Infosec pros aren't too bothered by Trump – it's his cabinet sidekicks you need to worry about

Tom Paine
Bronze badge

Re: What an asshole

Woah, woah, woah. We got a referendum on some approximation of a proportional system. For reasons too tedious to discuss again, the People Of Britain Spoke: they didn't want representative democracy, thanks, they're happy with an UNrepresentative democracy where it takes 50x more votes to elect an MP from one part than another, just as long as it gives them the reassuring crack of firm government.

Sorry, you can blame us for some things under the coalition, but not the referendum result.

1
1

Co-op Bank up for sale while customers still feel effects of its creaking IT

Tom Paine
Bronze badge

Re: "Co-operative used to MEAN something."

"rip off" is meaningless. Without wanting to get all Adam Smith about it, prices are determined by the equilibrium between supply and demand. Suppliers always try to maximise the price, of course they do, it's in their interest. If you want prices to fall you can increase competition (if that's the reason they're high) or reduce demand (ditto) but if there's reasonable competition and demand is fairly static, as with personal finance products, the price is what it is and moaning about it being a "rip-off" is just that... moaning.

2
0
Tom Paine
Bronze badge

Re: Not available?

Alas, the economics of running branch networks are about the same for any banking organisation. If it's not viable for Bank A to keep open a branch where, presumably, it has quite a lot of customers in the local area, how could it be viable for Bank B who have few customers there?

1
0
Tom Paine
Bronze badge

Co-Op Bank customer, too, here.

(1) Banks are regulated by the PRA ("Prudential Regulation Authority")

(2) the bad due diligence on Britannia was entirely the fault of the incompetent Buggins' Turn amateurs on Board. Those responsible were fired and disbarred by the PRA (meaning: "you'll never work again".)

See, eg., http://www.thisismoney.co.uk/money/markets/article-3401619/Two-former-bosses-operative-Bank-banned-life-City-posing-unacceptable-threat-future-troubled-bank.html

https://www.theguardian.com/business/2013/jun/17/coop-bank-six-executives-responsible

http://www.telegraph.co.uk/finance/newsbysector/banksandfinance/10469956/Co-op-crisis-a-shambles-waiting-to-happen.html

1
0

GDPR: Do not resist! Unless you want a visit from the data police

Tom Paine
Bronze badge

Re: The new PPI

Why?

Walk me through what an attacker could do with the information that a registration number exists, and is associated with $(make, model), and that you bought new wipers for it?

0
0

Life after antivirus: Reinventing endpoint security

Tom Paine
Bronze badge

AV is a sign of the failure of Windows security policies.

Really? So how do you account for the existence of AV products for Macs, iOS, Android, Linux and (IIRC) even one or two on BSD?

0
0
Tom Paine
Bronze badge

promo

Oh, is it? I actually stopped reading half way through and scrolled up to look for some sort of "advertorial" disclaimer, but couldn't see one, so I assumed it was just rather poor writing... sorry, Mr Author!

0
0
Tom Paine
Bronze badge

When testing their new XG UTM, I could still take it down with a silly little ip address.

I don't understand what this means, could you explain a bit more? Are you talking about handing it traffic with spoofed IPs ? Setting the src IP field to 127.0.0.1? What?

WRT bootkits and embedded microcode, there are in fact various schemes using variations on crypto-signed hashes to check integrity of such microcode. The hot (relatively) "new" unaddressed HW vulnerabilities seem to mostly be around attacks on busses such as USB, SATA, PCI-E &c.

However this is all irrelevant if you're not doing at least basic threat modelling. Bootkits, microcode exploits and suchlike are very unlikely to be used outside of targeted attacks on high value targets by nation state actors; for almost everyone else, there are much easier ways of getting the job done.

0
0
Tom Paine
Bronze badge

Re: Missed opportunity for El Reg...

I had the opportunity to work with FireEye web and mail appliances a while back - they pop open file attachments (for mail, or just downloads for web) in a sandbox and watch what it does. I'm sure it's not perfect, but it was catching a lot of stuff my then employer's mainstream corporate desktop AV was missing. I gather it's ferociously expensive, although as they just fired a load of sales ppl perhaps that's changed.

I assume that as FE have been doing this for several years now, that competing products doing the same sort of thing are available; I just haven't heard of them.

0
0

Ex-FBI man spills on why hackers are winning the security game

Tom Paine
Bronze badge

Re: Comfortable illusions about computer security

Sadly, that's impossible.

1
2
Tom Paine
Bronze badge

Re: Oh god...

Exactly. People feel empowered to file everything to do with networking and Internet connectivity under "far too complicated for me to understand, leave it to the experts".

However I don't think its unreasonable to accept that that's an irresponsible attitude. I don't touch main electricity because I know just enough to know how dangerous it can be if you don't know what you're doing, which I don't.

If you're hoping future nirvana where every citizen can tell you what an IPv4 subnet mask is or what DHCP is for, I can safely predict you're going to be disappointed. Nevvvvvvver going to happen.

6
0
Tom Paine
Bronze badge
Pint

Re: Bunkum

Absolutely spot on. Have a pint.

2
0
Tom Paine
Bronze badge

Re: Typically wrong.

But as you surely know, if every software vendor or project spent 10x more effort on catching security bugs, or 100x more, -- whilst they'll catch a lot of bugs that way, it certainly doesn't mean vulnerability-free software. Microsoft have made enormous strides since the famous BillG memo in 2003, but you'll notice there are still 8-12 security updates every month. (I will, perhaps, grudgingly admit that perhaps fewer are RCE and more are local DoS...)

Anyway, the point is that doing more of what we're doing already is not the answer. It would help, and it would improve things, but we would still have orgs getting compromised left right and centre; don't kid yourself.

1
0
Tom Paine
Bronze badge

Re: Typically wrong.

Believe it or not, the NSA is not staffed entirely by idiots who haven't noticed that buggy, insecure software is a double-edged sword. Implementation details vary from country to country, but I believe most countries nowadays have some sort of national CERT or awareness raising organisation, with greater or lesser degree of arms length from the CNE people in the traditional intel gathering orgs, who are charged with improving national security levels. Undoubtedly the CNE people hoard 0day, but they're under considerable pressure to follow responsible disclosure to vendors these days.

0
0
Tom Paine
Bronze badge

Re: Article upvote!

I know we've got EMET et al, but it needs to be baked into the OS and packaged with the application, not an afterthought.

Like Windows 10, you mean?

0
0

All of Blighty's attack submarines are out of action – report

Tom Paine
Bronze badge

Funny enough _I_ clearly remember seeing a histogram showing the UK as having the third biggest defence budget in the world, but Wikipedia says 5th: https://en.wikipedia.org/wiki/List_of_countries_by_military_expenditures

Be that as it may, it seems pretty unlikely that we have the fifth most capable military forces in the world. Piling huge amounts of money into a small number of very expensive bits of kit (aircraft carriers, F35s, whatever) is fine and dandy when those assets have overwhelming superiority. If, god forbid, we ever get back into a shooting war with a moderately well equipped modern military and have a couple of strokes of bad luck (anti-ship missile hitting one of those carriers, for instance) it'd be all over bar the shouting. I was a young teenager at the time of the Falklands and got rather swept up in it all, and back then the cold war RN was , what, three? four? five times larger than today's RN. Even so, had an Exocet hit Hermes or Invincible, we'd be living in a very different parallel universe today.

0
0
Tom Paine
Bronze badge

Re: No EU Discount

Some people seem to believe that national loyalty is a male line recessive trait, i.e., genetic. They're joking, of course, except that they're not, really.

0
0
Tom Paine
Bronze badge

Duff story?

...if one believes The Sun [...]

Well, quite. Who believes The Sun? Run a story when this is confirmed by real journalists.

0
0

Planned Espionage Act could jail journos and whistleblowers as spies

Tom Paine
Bronze badge
Pint

Good journalism

A spot of meta: good work Mr C and El Reg, and nice to see this story being picked up by your downmarket rivals from what used to be Fleet Street over the weekend. Here's Monday's Grauniad front page:

http://ichef-1.bbci.co.uk/news/660/cpsprodpb/9056/production/_94605963_guardian.jpg

Definitely worth a pint.

2
0

Police drones, robo surgeons and chatbot civil servants. What could go wrong?

Tom Paine
Bronze badge
Terminator

Judge Dredd already faced down this threat...

...about eighty years into the future, IIRC.

And in a particularly nightmarish vision of the future, Reform said surgery is another area on the verge of being disrupted. “Autonomous robots, such as the Smart Tissue Autonomous Robot, have already outperformed human surgeons in routine procedures,” it said.

Come back, Call-Me-Kenneth, all is forgiven!!

0
0

RAF pilot sent jet into 4,000ft plummet by playing with camera, court martial hears

Tom Paine
Bronze badge

Re: A very long time ago...

This phenomena is known as the paradox of automation and the seriousness of the problem scales with the magnitude of the consequences. An Air France Airbus falling into the Atlantic because none of the flight crew recognised a stall or knew what to do about it is bad enough, but blowing up the world economy kills a lot more people in the long run.

0
0

UK uni KCL spunks IT budget on 'reputation management' after IT disaster headlines

Tom Paine
Bronze badge
Pint

bosses brought in reputation management business RiskEye, which set about trying to expunge news of the incident from the web.

After The Register declined to remove its coverage, we filed a request to the public university under the Freedom of Information Act

Good journalism; Ingrams would be proud. Take a virtual pint, and -- if I may be allowed to suggest a new meme: -- *snookerclap

0
0

Cardiff researchers get £250k to monitor Brexit hate crime on Twitter

Tom Paine
Bronze badge

Re: Who defines what Brexit Related Hate Crime is?

Correct.

And I speak as a white heterosexual man. Mostly.

0
0
Tom Paine
Bronze badge

Re: Who defines what Brexit Related Hate Crime is?

currently all it takes is the victim to say it was a hate crime for it to be recorded as such

Source? No, the sewer press doesn't count.

0
0
Tom Paine
Bronze badge

Re: Who defines what Brexit Related Hate Crime is?

Who defines what Brexit Related Hate Crime is?

IF ONLY someone had thought to answer that question in the article you didn't read just now!

0
0
Tom Paine
Bronze badge
Mushroom

Written a lot of sociological and anthropological research papers, have you?

0
1

UK defence secretary: Russian hacks are destabilising Western democracy

Tom Paine
Bronze badge

There's a book you should read.

https://books.google.co.uk/books?id=a_3_iLxxa40C&pg=PT29&lpg=PT29&source=bl&ots=NPBwCnd2Jx&sig=BsU2yWGh0TnFMtJj0XNTwXJXYpk&hl=en&sa=X&ved=0ahUKEwjm0seun_TRAhUFIcAKHR_HCDcQ6AEIPDAG#v=onepage

0
1
Tom Paine
Bronze badge

Re: There is nothing new under the sun

Brilliant analysis, except for one minor problem: businesses make much more money in peacetime than wartime, your sixth-form ideas about the arms trade notwithstanding.

2
2
Tom Paine
Bronze badge

And I humbly posit that you're talking crap about something you know nothing about.

Sorry for the intemperate language but it's the laziness of this sort of garbage that really pisses me off. Go join a party and get out there pushing leaflets through some doors, then come back in ten years time and tell us what you think of politicians.

3
7
Tom Paine
Bronze badge

Re: Don't be a cvnt and there won't be a problem

If you'd ever got up off your sofa or gaming chair and got involved with a political campaign you'd find that actually there are many, many sincere, honest and well-intentioned MPs of all parties who want to do their honest best job for their constituents, working 80 hour, six day weeks for pay that, frankly, is laughably low. But of course it's much easier to get a few easy upvotes repeating the tired, boring cliched line that they're all fat lazy super-rich crooks only in it for themselves.

Give it a go some time, you might be surprised.

3
9
Tom Paine
Bronze badge

Re: Just my two cents...

"liberal fascists"!!! Oh, my acheing sides!

Yes, Russia is certainly and undeniably trying to influence the German and French votes, just as they did the US and the Brexit vote (and who knows, maybe the 2015 GE as well?)

The full -- well, fuller story about Russia and the Referendum is nowhere near told yet. [1] Presumably apart from unknown facts, and facts that are known but can't be revealed without jeopardising sources, it's considered too risky to put that news out yet when people are still in a shouty ranty CAPSLOCK sort of mood. By 2020, as the economic benefits of Brexit are really starting to kick in, people will be a lot more receptive to hearing that actually they were helpless playthings of a highly successful Russian disinformation campaign assisted by the sewer press. Well, remember where you heard it first!

[1] Even the TV station that was pwned by Fancy Bear for a year has only been muttered about in dark corners. Funny, really, cos you'd think "British TV station was controlled by Russia for a year" would be front page news; Paul Dacre and Murdoch seem to disagree though. I'm sure they know what they're doing, though, and it's all for the good of the country.

2
6

For $deity's sake, smile! It's Friday! Sad coders write bad code – official

Tom Paine
Bronze badge

Re: POETS day.

Isn't it Piss Off Early, Tomorrow's Saturday? I've been sold a pup!

1
0

Page:

Forums