* Posts by Tom Paine

1421 posts • joined 19 Aug 2008

Page:

Biggest vuln bombshell in forever and storage industry still umms and errs over patches

Tom Paine
Silver badge

The security folks will say that, unless it is ring-fenced absolutely from running external code, apply the Spectre and Meltdown patches. That seems good advice. ®

The business reads "ring-fenced absolutely from running external code" as "inside the firewall". Security folks in many orgs spend their time patiently trying g to explain why the current "yes, but..." excuse doesn't work.

1
1

'No evidence' UK.gov has done much to break up IT outsourcing

Tom Paine
Silver badge

"scandal"? What scandal?

Seriously. "Company with crap management screws up and goes bust"? There evidently may have been shenanigans going on among directors and senior management in the last year or two, and obviously their methodology for arriving at bids was broken. So they failed, and went bust. That's capitalism. It's a bag of shit for employees directly affected and for those at third party suppliers who've lost money on invoices that won't now be paid, bit that is life.

3
0

Boffins split on whether Spectre fix needs tweaked hardware

Tom Paine
Silver badge

At last - my GF!

After decades of sarcasm and evil eyes, FINALLY a use for that MicroVAX under the stairs! \o/

9
0
Tom Paine
Silver badge

Exercise for the poster: why is it that this is not being contemplated?

0
0
Tom Paine
Silver badge

Re: Perimeter Defence

Use OpenBSD.

4
4
Tom Paine
Silver badge

Re: Perimeter Defence

Yes, we know. Put my shoes on and try explaining that to The Business.

3
0

BOFH: Buttock And Departmental Defence ... As A Service

Tom Paine
Silver badge

Truth to power

A manager once got very upset that, in an email to him and him alone, I referred to a fuckwitted colleague as a fuckwit. (The context was "why did you slam the office door yesterday?" And the answer was "because I was debugging the script that was pushing the new AV sigs through several test servers and then pushing them out to a CDN to be deployed to hundreds of millions of endpoints under intense time pressure, as it had to work by 4pm, and the fuckwit found it very amusing to come up behind me during this time and flick his fingernail on my clamshell headphones very hard, and the third time he did it after I told him not to I had to go for a fag and a walk round the carpark").

Ten days later, a detailed discussion with HR after the manager lodged a formal complaint was brought to a premature end when I observed "Well, to be fair, he IS a fuckwit."

11
0

More stuff broken amid Microsoft's efforts to fix Meltdown/Spectre vulns

Tom Paine
Silver badge

Re: Add Symantec Endpoint Protection to the broken list...

That's odd, they've told us they're compatible, our testing appears to confirm that so far, and @GossiTheDog (aka Kevin B, whose spreadsheet is linked from the article) lists it as fixed.

1
0
Tom Paine
Silver badge

Re: Systems without an AV may need the reg key to be set manually

No. That is not the problem with AV and these patches.

2
0

WD My Cloud NAS devices have hard-wired backdoor

Tom Paine
Silver badge
FAIL

Re: "consumer device manufacturers"

Meltdown/Spectre, in some forms, originated in 1995 - 27 years ago.

What with that, this WDMyFail story and a few other ohJFCnotagain fails lately I'm really starting to wonder whether I should jack in security and take up, I dunno,.. something else. Sitting next to my local ATM with a McDonalds cup, perhaps? That looks like an appealing lifestyle, compared to this.

7
0

You GNOME it: Windows and Apple devs get a compelling reason to turn to Linux

Tom Paine
Silver badge

""bug""

Why the scare quotes?

0
0

If Australian animals don't poison you or eat you, they'll BURN DOWN YOUR HOUSE

Tom Paine
Silver badge

Re: Picking up burning/smoldering twigs

The Red Kites currently recolonization the UK have 5-6' wingspans (hard to appreciate when you see them at a distance) so I imagine that theoretically, yes they could.

They do look fabulous, I must say.

4
0
Tom Paine
Silver badge

Re: Fascinating

Politely disagree. Scientists know that anecdote is anecdote, rather than empirical evidence. The *existence* and nature of anecdote can be studied to provide empirical evidence, or used as inspiration about a topic to study, but those are different things.

46
0
Tom Paine
Silver badge

@ProBirdRights

https://twitter.com/ProBirdRights/status/949409091117461505

"#NationalBirdDay activitity: go outside find a birds. swear allegiance to them. your loyalty will be remember come the birdtimes."

I THOUGHT IT WAS A JOKE

8
0

Here come the lawyers! Intel slapped with three Meltdown bug lawsuits

Tom Paine
Silver badge

Re: We have only ourselves to blame

It's not AMD's /fault/ they came up with a good tactic for attacking Intel after the launch of Itanic. It does rather imply we're stuck with x64 forever, now, though, and that it's no-one's fault. How do you make that puzzled / thoughtful face emoticon?

2
2
Tom Paine
Silver badge

a real lawyer with IT knowledge would have known that there is practically NO SUCH thing as a CPU on the market these days that is not affected by Meltdown and/or Spectre, they all are, even ARM or Qualcomm. It's an industry-wide bug.

Oh, well THAT'S alright, then!

A real lawyer... would be entirely happy to sue ARM, AMD and any other processor designer turning out substandard products as well as Intel.

10
0

We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare

Tom Paine
Silver badge

Good grief

Intel believes these exploits do not have the potential to corrupt, modify or delete data

The problem with spraying marketing bullshit at people familiar with expressions like "corrupt, modify or delete" is that we're not quite as stupid as the general consumer. We know bullshit when we see it -- possibly thanks to the past 25 years of this sort of crap.

Come on, Intel. Sir Humphrey would be embarrassed by this sort of crap. Don't insult us; we expect a much better class of bullshit than this.

5
0

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

Tom Paine
Silver badge

Re: Hmmm...

What do you think?

0
5

We've heard of data gravity – we're just not sure how to defy it yet

Tom Paine
Silver badge
Joke

How to defy it?

Easy: tell it to go fuck itself. Cheers, mine's a Special.

1
0

RAM, bam, awww ... man! Boffins defeat Rowhammer protections

Tom Paine
Silver badge

Is that, this?

Did the RotW just catch up with El Reg?

http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table?platform=hootsuite

0
0

UK Foreign Sec Bojo to tell Kremlin: Stop your cyber shenanigans... or else!

Tom Paine
Silver badge
Coat

"Retaliate against cyber attacks"?

Pew! Pew! Pew!

3
0

Astroboffins say our Solar System could have – wait, stop, what... the US govt found UFOs?

Tom Paine
Silver badge
Joke

Re: Alien UFO's are Real - True / False...

Invisible balloon, you say? Did it look anything like this?

http://media.tumblr.com/tumblr_m3kri4zzN01qe26gv.jpg

3
0
Tom Paine
Silver badge

Re: Grainy videos of possibly alien spacecraft

But it doesn't; are you being confused by the recon camera locking in to the 'target' and bracketing it, or the operator apparently switching back and forth between various imaging modes?

Finally, a (lepidoptera) bug in the optical sensors wouldn't explain the aircraft being vectored to intercept on the basis of ship-based radar.

Now I haven't a clue what those things are, and whilst the odds of it being an extraterrestrial vehicle are extremely low, it's definitely a very interesting event.

10
0

Missed opportunity bingo: IBM's wasted years and the $92bn cash splurge

Tom Paine
Silver badge

Re: It's a shambles

I have a friend who was paid for ten months after walking out on IBM, purely because no-one noticed.

Then again my current employer (financial services, believe it or not) recently discovered they'd been paying someone for the last FIFTEEN YEARS after they left, so... IDK. "FML" is my usual conclusion.

10
0
Tom Paine
Silver badge

Re: It's a shambles

IME the first three pars of your post could apply to almost any organisation more than 15 years old, with >=500 employees and >=$25m revenue.

What we technically capable types need to understand lies in the answer to the question "If I'm so smart, why aren't I rich?" - something I like to remind myself of every morning whilst brushing my teeth. If any idiot could be a middle or senior manager, why are we slogging our collective guys out designing, building, installing and operating computers, when we could be paid 5x, 10x, 100x more just generating PPT that leaves a brown stain wherever it goes and finessing expense claims?

8
0
Tom Paine
Silver badge

Re: And the consequences ...?

A few? To misquote a song you won't have heard of, "260 is a lot of millions"

6
0
Tom Paine
Silver badge

Re: Big assumption with that theory

It happened to me when my employer was borged by Symantec. Worst experience of my career, and that includes two redundancies, several "I'm afraid you don't really fit in" firings and a firm going tango uniform the day before that month's payroll run.

15
0
Tom Paine
Silver badge

I don't understand business

Whatever happened to focussing on execution, or in old money, "providing goods and services people want to buy because they are good quality and reasonable value"?

I know, I know. Sorry. Rhetorical question.

12
0

How's this for a stocking filler next year? El Reg catches up with Gemini

Tom Paine
Silver badge

Stupid ****ing IndieGoGo code

I rushed straight over tonchipbin $25 but the sodding IndieGoGo backend rejects my perfectly accurate postcode, probably because it's \w\w\d \d\w\w and they are fuckwits who think all UK "zip codes" start with two letters and two digits. Sorry chaps, I'd like to help, but you evidently picked a shit crowdfunding site.

5
1

HMS Queen Elizabeth has sprung a leak and everyone's all a-tizzy

Tom Paine
Silver badge

Re: Meh

Correct. They may. And in this case, they do.

0
0
Tom Paine
Silver badge

Re: God bless her...

If one can't keep up that way you line up a bucket brigade.

Imagine how much money an Able Seaman Third Class could make if he smuggled a camera in and sold that pic to the tabloids!

3
0
Tom Paine
Silver badge

But we wouldn't be able to afford it, because without money from gilts etc over the last 150 years we'd have the economy of Bulgaria today.

(That doesn't mean the global capital markets should be treated as a source of endless free money, of course.)

4
0
Tom Paine
Silver badge

This story's a good example of the dumbing down on BBC News Online - not that they ran it, in this particular case, but because they picked up a non-starters because the tabloid sewer press both broke and framed the story the previous day. Ten years ago they would be reporting the fact that there was a screamsheet ruckus about it; now, the news agenda is set by the Mail.

There's been a stair-step down in quality in the last few months due to some management change or other - I forget the details - it was in Private Eye IIRC.

8
0
Tom Paine
Silver badge

I love the BBC, and those with strong ideological axes to grind (on various sides - more than two) who rave about bias annoy and bore me.

But I'm embarrassed when I see the 10 o'clock news once a week round my in-laws (long story. Also I have no telly or time.) Radio 4 is the last real, srs, news / current affairs channel left.

3
2
Tom Paine
Silver badge

Re: Minor problem

What, like we didn't hear about the Type 45 shutting down in warm weather?

4
0
Tom Paine
Silver badge

Yes, but no, but yes

Yes, the public who pay for these things with tax have a right to be told about them. I just wish the filtering mechanism that boils down the daily firehose of press releases and general newsflow was a bit better at putting them into context, as El Reg has so done so nicely in TFA. Like many Reg readers with only hazy grasp of naval architecture, a couple of seconds mental arithmetic and knowing that "bilge" and "leaks" are things in perfectly seaworthy vessels and I was thinking "oh, come ON" at the radio yesterday.

Of course the whole shock horror scandal story comes from the tabloid sewer, and the BBC and presumably other MSM outlets felt compelled to pick it up.

Barnum's Law is a bastard.

2
0

Twitter's not dreaming of a white supremacist Xmas: Accounts nuked

Tom Paine
Silver badge

Commercial organisations have always picked and chosen what to publish. The Daily Mail and Express don't run positive pieces about progressive causes they don't support or agree with, as is their right. Is that censorship? Of course not; those organisations are perfectly at liberty to propounding their opinions elsewhere or through their own sites. And the public are free to put their eyeballs where they like. They don't, generally, like Nazis.

30
9
Tom Paine
Silver badge

Oh, the monsters!

Well done Twtr, or to put it another way, about time too. Or to misquote the late great Giles, "What kept yer, Percy?"

Anyone crying free speech, whining about censorship or the Whateverth amendment can reflect on the importance of the boundary layer around society's noses. You're entitled to your revolting, barbaric views, and LI are entitled to break out the Karcher and scrub those particular creeps off their platform if they so choose.

22
19

The Social Network™ releases its data networking code

Tom Paine
Silver badge

Re: It's Monday morning, let's hope BT are already analysing the code on Git-Hub.

How many HD video streams can you watch at once? How often do you really DL files >= 100Mb, and would getting them in 10 seconds rather than 25 really make that much of a difference to your life? For consumer endpoints, 10Mbps should be ample. For the corner case if a family with 4 kids all watching TV in their own bedrooms, 50Mbps or so. More than that is pointless willywaving with as much relevance to the real world as a sports car's top speed.

0
0

Brit film board proposed as overlord of online pr0nz age checks

Tom Paine
Silver badge

Don't forget "digital", which the gov has decreed s now a noun.

3
0
Tom Paine
Silver badge

Re: BBFC

It's a fun thing to do with Brexitards trotting out that "unelected bureaucrats" line. Ask them to name the current head of the Civil Service.

(Just as the response to 'taking back control' is to ask when they intend to repeal the 14,000 other binding treaties the UK has signed up to...)

1
4
Tom Paine
Silver badge

Breaking: I am writing this in my local via their free wifi. You think they want to register as an ISP and do age verification checks on everyone who reads the password off the chalkboard behind the bar?

3
0
Tom Paine
Silver badge

Re: Oh, wow...

I really don't think many "ardent feminists" vote Tory.

2
1
Tom Paine
Silver badge

Re: Suitable alternatives

It seems a long time ago now, but the Sun used to print pics of "topless lovelies" every day. ISTR their minimum age for models was 17, which would make those editions child porn today I believe. Heh. Kelvin McFilth would now be on the sex offenders register for life if he wasn't still banged up on the segregation wing...

6
1
Tom Paine
Silver badge

Re: 'The government said the BBFC had "unparalleled expertise" in classifying content'

Didn't expect to learn anything or be shocked, but this qualifies for both:

"A spokesman told us: "We do not publicly disclose our prosecution policy in relation to specific offences as to do so may allow offenders to adapt or restrict their behaviour to conduct which falls short of our prosecution threshold."

Isn't there some sort of legal principle with a Latin name that you can't prosecute secret laws, in all justice / law enforcement systems worthy of the name? (Yes, even the wacky French investigative magistrates system)

3
0
Tom Paine
Silver badge

Re: Welcome to TLS encrypted DNS...

Ok, 48 bytes. Am I mixing up ATM and BRI / PRI?

0
0
Tom Paine
Silver badge

Re: Welcome to TLS encrypted DNS...

You use ATM for your home network? That's a bit old-school isn't it?

* Suddenly realises there's a whole new generation out there who never had to know what 56 byte cells are. Er, were

0
0
Tom Paine
Silver badge

Re: Why not copy mobile?

On the plus side, there will be a renaissance in IT and infosec in the UK 5-10y after this comes in, as all those spotty 13 yos who heard at school that you can get porn with this "tor browser" thing emerge blinking into the light as guru-level hackers...

11
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018