* Posts by bish

63 posts • joined 30 May 2009


Pour $25m in its coffers and the local NAS box gets it. That's backers' hope for public cloud type Nasuni



"It's a very financially driven model and required a lot more money than we expected."

Whoever signed off on the $25m must be reading that quote and weeping. It's the 'a lot' part that tips it over the edge from 'slightly concerning' to 'amateur hour'.

Return of the audio format wars and other money-making scams


Re: ZpulNg

Yep, it's entirely deliberate, and actually just good social engineering: on the one hand, you don't waste time on anyone tech-savvy, and those who you do catch are often too embarrassed to ask their technical friends and family for help, and on the other, you allow the techie types to think you, the criminal, are far too stupid to concoct a convincing phishing scam, which makes them far more vulnerable (through misplaced confidence) to spear phishing. I wish no ill of Dabbs, but I'd be very surprised if he could correctly identify a well-executed spear phishing attack: the good ones can be incredibly hard to detect, and aren't even necessarily about getting you to hand over a password. Sometimes they simply want your correct email and signature, so they can convincingly spoof a message as you to someone else.


Re: MiniDisk? Bah!

It's all been downhill since the reproducing piano went out of fashion. I'm not really joking, either - the early 20th Century tech let you listen to note-perfect performances by world-renowned musicians on your own instrument, in your own home, at much higher fidelity (ie - actual live acoustic sound) than most of the music that's 'consumed' nowadays. Sure, no one bothered with the effort and hassle of dragging one around on public transport - it really wasn't a portable option - but if they had, even out of tune and crashing madly on every pothole, it would've still sounded a lot better than the distorted hiss of an overdriven iPhone speaker at the back of a bus.

One click and you're out: UK makes it an offence to view terrorist propaganda even once


"likely to be useful to a person committing or preparing an act of terrorism"

That would logically include the locations of key targets, and procurement of the means of transport needed to reach them: tourists visiting the UK are advised to eschew all guidebooks, and just wander round the airport until the return flight. Mind you, being in the country at all seems pretty 'useful', so perhaps just stay away altogether.

Seagate punts external PS4 drive at the millions who uninstalled their game libraries to fit Red Dead Redemption 2


Re: Replace it

It doesn't require a spare external drive at all, you can simply format a blank drive and start installing games again. It'll take a while, because PSN download speeds are painful, but it's possible.

What a cheep shot: Bird sorry after legal eagles fire DMCA takedown at scooter unlock blog


Re: Even if you couldn't replace the board

It's the board that costs $30. The scooters themselves are being auctioned off, so prices inevitably vary - but you're absolutely right that many appear to be going for a lot less than the combined cost of the components. I have no use for an electric scooter, but it could be a great way to pick up some cheap batteries and motors with which to build something else, assuming you aren't outbid by someone who actually values them as scooters.


Re: Legal question

I took "more illegal" to mean that the vandalism approach is illegal, but theft is, uh, more illegal. I believe the law bears this out, with (broadly) harsher punishments for theft than vandalism (ymmv).

Before dipping a toe in the new ThinkPad high-end, make sure your desk is compatible


"far-field microphones... in the expectation that voice interaction is an increasingly used feature."

If my voice gets far enough from my lap to validate the inclusion of those mics, I won't need a smart assistant, I'll need a surgeon.

Germany pushes router security rules, OpenWRT and CCC push back


Sell an upgrade

"Support for open firmware is, arguably, a niche consideration at the moment, but you could argue that one of the reasons to block it on end-of-life devices would be to protect the vendor's chance to sell an upgrade."

You could also argue that releasing new hardware that improves or adds features, reliability and speed would be a good way for the vendors to protect their chance to sell an upgrade.


Re: Routers are not firewalls

Yeah, I've got one of those too. I forget who it's made by but it gets rebadged and included as a free* 'perk' in fibre packages all over the EU - mine's from UPC in Slovakia, but while investigating how hopeless it is, I found it's also used in many other West and Central European countries - presumably because it's cheap as shit.

At least the Virgin one (which I had before I moved) makes it easy to enable 'modem mode' and then just connect some functional hardware between the Internet and your own kit - my Slovak variant defaults to IPv6 which hilariously breaks 'modem mode' so, each time they push an update that restores it to v6 (3 times so far this calendar year), I have to call the ISP and ask them to switch us back to IPv4, which inevitably involves lots of patiently explaining that actually their Super Hub is not remotely super and I don't mind whether I'm on v4 or v6, I'd just much rather be able to use use my own router and AP - with which I can actually secure my network - thank you very much, so either switch me to v4, supply a gateway that actually works, or cancel my contract, please. Unsurprisingly, they've always opted for the easiest and cheapest way - click, click, done - of shutting me up.

*actually, now I think about it, the most galling thing about this is that it isn't actually free at all, but rather leased from the ISP. As I recall, you simply had to return the device at end of contract with Virgin, but with my current suppliers I pay some nominal fee like a Euro a month for the privilege of having the piece of crap in my home.

Raspberry Pi fans up in arms as Mathematica disappears from Raspbian downloads


300 baud!? You were lucky...

... There were a hundred and sixty of us living in a small shoebox in the middle of the road, cueing up once a week for a chance to use the village carrier pigeon.

Finally. The palm-sized Palm phone is back. And it will, er, save you from your real smartphone


It’s turtles all the way down.

Gone but not forgotten.

Amazon Alexa outage: Voice-activated devices are down in UK and beyond


Re: Mine are dead

Just for the record: andy-whatever-number is fully entitled to his opinion, as are you, Anonymous Coward, (and the AC before you). I wasn't remotely offended by Andy's opinion, but it did strike me that he had mistaken his comment for a brilliantly satirical skewering of foolish hipsters, rather than a fairly base bit of snobbery, and I felt it only right that someone disabused him of that particular notion. I didn't and don't wish to censor him, you, or anyone else... but that cuts both ways, and I believe we're all entitled to call out dumb opinions when we see them.


Mine are dead

We've got three Dots(*) here in Slovakia (all UK-bought and registered) and none of them have been able to connect to the backend at all today (although, to be fair, it's not like we've been testing at routine intervals - hearing the error message once is enough). To be honest, I'm quite relieved that for once it's not my fault for tinkering with the setup.

(*) For the benefit of andy 103, and any folk like him who agree that, 'If you're the sort of person who needs or relies on devices like this, you have far bigger problems than whether they can be used at any given time.' I'd suggest that - just perhaps - the sort of person who needs or relies on devices like this might not be a dumb, early-adopting, gadget-loving consumer, but rather someone who simply wants or needs to make life easier for themselves or their loved ones - especially if they or their loved ones are especially young, elderly or in some way disabled.

With that in mind, maybe right now, when the devices they rely on aren't working, isn't the best possible time to explain to them which of their problems are more important than their Echo devices going down. But, y'know, thanks for your input, andy 103.

ZX Spectrum Vega+ blows a FUSE: It runs open-source emulator


Re: but that's the same as everyone elses review!

True enough, but the point is that if there's no added value in buying the 'consumer' unit compared with just throwing together some off the shelf parts and spending a few hours soldering, printing and flashing an SD card - and if the latter approach is *cheaper* - then the consumer unit is pretty pointless.

If it was possible to build something *as good as* an iPhone, for *cheaper* than an iPhone, and the only added cost was a maximum of a day's work, there would be a lot more people building their own phones. They don't because the parts wouldn't be cheaper, iPhones are engineered to a standard much better than the average hobbyist could ever hope to achieve, and iOS isn't horrendously buggy while a roll-your-own phone OS can be pretty intimidating. (Installing an emulator shouldn't really intimidate anyone who wants to play Spectrum games!) This Speccy knock off doesn't tick any of those boxes, so I've no idea why anyone would spend more money for something less good - a Pi wouldn't be nearly as limited in playable games, and it could be repurposed if you got bored of it, unlike this thing, which will inevitably end up in landfill.


Re: but that's the same as everyone elses review!

Someone else has pointed out that you forgot about the screen and the button controller. The former is obviously essential, but as it sounds like the buttons aren't even debounced, you could get the same functionality by just connecting some mini switches up to GPIO.

Oh, and you really don't need a Pi3 for FUSE: A Pi Zero would work just fine, and save you some money for that screen (I'm a bit vague on the Speccy's screen, but Pimoroni's HyperPixel would probably work fine).

There's no question that someone, young or old, could easily throw together something as basic as this for about the same outlay, if they were determined to cut corners and not at all bothered whether it was actually any good. I'm just not sure why anyone would.

'Unhackable' Bitfi crypto-currency wallet maker will be shocked to find fingernails exist


Lay off the kool aid

First of all, you're calling out the Register's article as 'BS', but using a quote from a completely different source: the article, in that section, is quoting what Andrew Tierney wrote elsewhere. You can call bullshit on Tierney's opinions (and you'd be wrong) but you can't call bullshit on El Reg, since they're just accurately reporting someone else's (relevant and informed) opinion on the story.

Secondly, and finally, you seem to think 'hacking' is exclusively about using code to manipulate factory standard kit. Social engineering, bugs/key loggers, rubber duckies, etc etc are presumably not 'hacks' in your world, since they don't fit your absurdly narrow requirements that hacks use only stock hard/soft ware. You'd presumably also argue that even software exploits aren't technically vulnerabilities, because people aren't supposed to use software that way. God help anyone who relies on you for tech/security advice.

Tired sysadmin plugged cable into wrong port, unleashed a 'virus'


Re: A common occurrence

Those 'pass through' ports are, in my experience, often 10 Mbit/s. So when you've specifically allowed for two gigabit ports per desk, to ensure the thin clients' remote desktop connections glide along smoothly without being snarled up by the ancient phones, it's rather frustrating when, every couple of weeks, the office staff do a tidy up and some smartarse decides to start daisy chaining devices, and you immediately get support tickets for 'help! URGENT!! computers are slow again'. And no one will admit to even realising the cables were there, much less having dared to touch them.

I'm so glad I don't work there anymore.

Oddly enough, when a Tesla accelerates at a barrier, someone dies: Autopilot report lands


Fire Department

I realise that everyone is far more interested in attacking or defending Tesla's flakey autopilot, but can I ask: what were the fire department doing, pouring water on a burning battery? Electric and hybrid cars are pretty common now (more so in the Valley, I'd guess), so either no one has bothered to tool up the fire fighters with suitable extinguishing materials, or they haven't yet realised that pouring water on a chemical battery is probably the second worst thing you can do, behind setting fire to it in the first place.

Zero arrests, 2 correct matches, no criminals: London cops' facial recog tech slammed


Modern Policing

I'm just waking up so I might be misreading, but:

"If an incorrect match has been made, officers will explain to the individual what has happened and invite them to see the equipment along with providing them with a Fair Processing Notice.”

If fifteen arrests at the football represented 0.005% of matches, that means police were giving an explanation, a Fair Processing Notice, and the (oh so tempting) offer of a guided tour around the equipment ("There's the camera that recorded you doing nothing wrong, and this is the laptop that passed your photo to a central server, where our highly advanced software matched your face with that of a completely different person. No sir, I'm afraid you can't see who that is for legal reasons, but I will say she's a looker.") to two thousand, nine hundred and eighty five pissed-up football fans.

Can someone arrest the system (and/or its devs, and/or the numpties who commissioned it) for wasting police time?

Three storage hardware devices, a cash raise and Oracle gets blocked


Re: "Really? In the cameras themselves? That’s kind of hard to believe. "

I found the disbelieving tone quite hard to believe. As you've said, it's really not so novel an idea.

El Reg needs you – to help build an automated beer-transporting robot


Re: Eh.. Get an office Jnr its easier....maybe

GPS? It's just got to follow the PFY. And while you might use a duino to drive the motors, you'll want the Pi for the brains (whatever following system is used, and obstacle avoidance).

But the really difficult part here is 'without spilling a drop'. If we're talking about pints, in proper, broad-rimmed pint glasses, filled to the brim, putting them on any kind of motor vehicle without spillage is damn tricky. The platform will have to be suspended nicely so that it remains flat, and even then, the robot will need to avoid sudden jerky movements.

I'd probably just give the PFYs a talk on why the business is transitioning to performance-related pay, and clearly explain their new KPIs.

As Zuck apologizes again... Facebook admits 'most' of its 2bn+ users may have had public profiles slurped by bots


If the last couple of weeks have shown anything, it's that Zuck is the absolute king of the straw man. Whether it's his 'maybe I shouldn't be the one in charge of Internet censorship' or this 'I can't fix everything', he's a master at trotting out arguments that make clear he's just this guy, you know, and can't be responsible for everything Facebook does.

Which is perfectly reasonable. Except that he's their CEO, and responsible for everything they do.

Apple, if you want to win in education, look at what sucks about iPads


Re: Sadly a lot of bollocks being talked here

Wish I could upvote you more.


I'm also going to generalise and suggest that people who don't actually teach in schools perhaps aren't the best people to be critiquing the school curriculum.

For the record, I tend to agree that C is a good starting point for learning about code, but since this thread began with the notion that tech in schools is practically useless except as a means to learn to code: I'm just going to gently suggest that computers of all stripes can (when sensibly and thoughtfully applied) be excellent tools to boost student engagement, as well as providing a range of ways for those kids who don't necessarily excel at writing to synthesise their learning in interesting forms. After all (as long as the students can all read and write to a reasonable level) shouldn't producing a slideshow, video or comic that demonstrates the same high-level learning be regarded as just as valid as scribbling a tedious three-page essay?

Oh, and since we're veering way off topic here, I'm going to loop back and add that, while the iPad may seem like the perfect device for what I've just suggested, the OP is spot on in that the management tools are (or have been, in my experience, YMMV, yada yada) terrible and broken.


Oh my...

Thank you, Giles, for writing this. I've been trawling round the mass of thinly veiled press releases published on supposedly informative tech sites, doing my best to articulate why 'buyer beware' is essential advice for any educationalists tempted by Apple's sales pitch. Now I can just link to this article, which (far more eloquently than my own red mist rants) itemises every one of my frustrations from my experience of trying to use iPads in a college.

I, for one, will continue to steer the people with the cash towards Chromebooks until I hear from (a lot of) peers telling me that Apple has finally bothered to create the tools to make iPads work (properly, seamlessly) in a classroom.

Europe dumps 300,000 UK-owned .EU domains into the Brexit bin



They're just taking back control. It's entirely ridiculous and utterly petty, but then, that's Brexit.

SUSE bakes a Raspberry Pi-powered GNU/Linux Enterprise Server


Re: Since the BBC Acorn days...

Yeah, power consumption is practically impossible to improve, but the Pi's size and affordability make all kinds of fun things seem tantalisingly within reach... Until you need to run a power supply to it.

I'd settle for a (cheap) HAT or similar, that allowed a broad range of different types of power source, and included a backup battery to keep things going while you recharge the primary source (assuming that's also a battery). At least that way you could pair it with a big power bank that you'd recharge daily and not have any downtime.

Failing that, I believe young Mr Tesla had some interesting ideas about wireless electricity... :)


Why not remove them?

If you're confident enough with a soldering iron that you reckon you could attach them when needed, surely you can just as easily remove them? You won't be the first, either: check YouTube for examples.

I haven't bothered, personally, because whenever I've needed small/thin, the power tradeoff of using a 0w has been acceptable, and I've never had a problem with the USB/Ether location (having the HDMI perpendicular to them, on the other hand, is a little annoying - but a blob of blutack stops the pi from spinning around too much). If it's just a question of rerouting, there's nothing really stopping you.

Ethics? Yeah, that's great, but do they scale?


Re: Ancient?!

In what way is anyone here guilty of plagiarism? As you yourself noted, few (if any) readers here will not recognise the lyrics, so I can't see how anyone above can be accused of passing them off as their own.

It sounds as though you're having a bad day. Cheer up, the weekend approacheth.

Super Cali's futuristic robo-cars in focus. Even though a watchdog says tech is quite atrocious


Give the headline writer a raise


James Damore's labor complaint went over about as well as his trash diversity manifesto


Re: @Voland

"the stress of having to identify blips and blops on a screen"

Blips and blops and thermonuclear weapons. You're an idiot.


Re: controversial bro-grammer ?

You're absolutely right, a handful of right wing arseholes stepping away from El Reg is sure to make a significant enough dent in the site's ad revenue to warrant a news story. Bye.

Sky customer dinged for livestreaming pay-per-view boxing to Facebook



It's possible that I'm not getting a very good bit of satire, but, um, maybe they just looked at the name of the person at the top of the Facebook feed, and got their lawyers on the case. It's really not as complicated as you're suggesting.

Stupid law of the week: South Carolina wants anti-porno chips in PCs that cost $20 to disable


Re: More Magic Technology

"this is the first time that anyone, myself included"

If you didn't know about it, how were you able to determine whether anyone else did?

'Hey, Buddy! Do you know about that thing I haven't heard about and which might not even exist? What do you mean 'which one'? Well, ok, I'll just mark you down as a 'No'.'

Russian hackers got Trump elected? Yeah, let's take a close look at that, says Obama


Where's the satire?

These comments raised a few chuckles, until I realised they weren't jokes. My opinion of El Reg readers is damaged, possibly beyond repair, by reading so many partisan knuckle-draggers furiously point their fingers at each other. Whether Russia, or anyone else, hacked the US election or not, the people who voted in it seem distinctly incapable of taking a step back and behaving like people with any right to democracy. Thank heavens I live in the UK, where... well, yeah, nothing - never mind. Why has the English speaking world become so stupid? Are the Russians hacking our water supply or something?

Who killed Pebble? Easy: The vulture capitalists



Not convinced you can lay all the blame at the VC, and slightly surprised that such a shrill and overly simplistic article has made the top spot in el reg's email roundup. For one thing, the assertion that the sale means pebbles will simply stop working seems daft - aside from the fact that they'll continue to do all non-cloud stuff - barring an OS update that Borja the app - there's this on the dev blog:

"we’ll be working to phase out cloud services, providing the ability for the community to take over, where possible"

Those last two words are a major caveat, but given what the community has shown itself capable of, I won't be retiring my Pebble Time just yet. I'll be wearing it advisedly, half holding my breath in case things go kaput at any moment, which will be annoying, but I'll just have to look for something else when that time comes.

But yeah, while the VC money may have led Pebble in a direction they didn't have to go, I think it's unfair to lay the blame solely at the feet of the guy signing the cheques. Management made some crazy, well documented decisions, not least attempting to launch three new products before Christmas, funding them on Kickstarter but then still having to go to retail before delivering to backers, because cash flow was clearly so poor. They spread themselves too thin, and quite clearly underestimated the volume of sales a profit margins they needed to stay in the black.

What's utterly baffling at this point is that the Pebble Core, which was either a lie or a unique and well-species product with huge market potential, is now dead. If your company is going under, and you have one Hail Mary play to make, do you pick:

1) update your original watch with smaller bezels and a heart rate monitor

2) update your second watch with smaller bezels and a heart rate monitor

3) launch something entirely new, that will appeal to lots of people - not just smartwatch aficionados - and piggyback on Amazon's success with Echo/Alexa

Somehow, Eric thought the answer was 4) All of the above. It doesn't make sense - you're out of money, but you've developed something new and interesting: that's what you put on Kickstarter, perhaps even as a new company. And you reboot the watches later, once you can afford to pay your staff and ride out the slow sales.

What also doesn't make sense is the idea FitBit has killed the Core. If that's the case, the world's a crazy place. If I were them, that'd be the one piece of newly-purchased IP that I'd be slapping my own company logo on and bringing to market as soon as possible, before something else plugs the gap.

Analysts apply Occam's razor to Tesco Bank breach


Re: Not sure how the trojan theory would work out...

Yep. No idea how they reached the conclusion that cloning was even remotely likely, unless they already know of an employee in the Tesco Bank mailing room who recently brought a card cloner to work.

Shhh! Shazam is always listening – even when it's been switched 'off'



Honestly, if you have serious privacy concerns and you're using a service like Shazam, you're a fool. However much they process (a handful of FFTs, I assume, with some proprietary nonsense seasoning) and encrypt the audio, you're still taking your personal audio and sending it over the Internet. The idea that such a service could be made 'safe' just creates a false sense of security. If you're worried about someone listening in, don't install software designed to listen in. Shazam probably ought to have been more upfront about how its software works, but come on - surely if you're really concerned about privacy, that takes precedence over your desire to find out what's playing on the radio?


Re: Pedantically...

Ha! Correct, but they'll first have to wire your speakers to an input, and it'll sound pretty awful. For all that effort, they might as well just bug your entire house, which of course they have.

NHS IT bod sends test email to 850k users – and then responses are sent 'reply all'


Re: 4s don't really understand

At my place, this used to happen quite frequently. Fortunately, 'all' was only about a thousand addresses (assuming internal only - there were a couple that went out, they were a separate matter). Thing is, the COO (now departed) was a 4 on the above scale, so every couple of weeks you'd get an email from a dunce who hadn't used Bcc, swiftly followed by our most senior tech, also not using Bcc to publicly upbraid the dunce. To be fair, once nearly every one of the grunts had been humiliated, they didn't repeat their mistake, and the culture of cheerfully Ccing enormous distribution lists evaporated. But I do still have nearly 100 emails from said former COO, each with two sets of fancy schmancy signatures with graphics and social media links, clogging up my Outlook inbox (of course I could delete or archive, but I have principles). Given how few of our staff ever delete anything (we have folders last accessed over ten years ago), that's around 100,000 emails from a COO, Ccing everyone to tell them not to Cc everyone.

FBI overpaid $999,900 to crack San Bernardino iPhone 5c password


24hrs? Doubtful

The hacking behind building a safety net for brute forcing the encryption is very impressive, but we're still talking about brute forcing a four digit PIN where every six attempts takes (on the video) ninety-one seconds, from the previous chip powering down, unplugging it, hooking up a clone, starting the phone up (yawn) punching in your first four combos (and you'd want a tick list if you were really going all the way from 0000 to 9999 - which would slow you down a tiny bit more each time - or you'd definitely lose your mind) waiting on the fifth and sixth, (potentially cursing yourself for mistyping a number) then powering down again. By that measure, it would take more like forty-two hours - unless of course the passcode started with 1-8, which admittedly is a fair shot but not guaranteed), without any breaks - if that were my gig, and it included the four months part time (two months full time) R&D, I'd invoice for AT LEAST $1m, simply because it's the most boring task ever.

Ireland looks like it's outpacing Britain in the superfast broadband rollout stakes


Re: Why FTTP?

I understand that you're being facetious, but not all rural areas are Trumpton. Oop North, I lived in an area North of Manchester, where a handful of small towns are connected by tiny clusters of houses and farms, scattered all about the hills, some (like the one I lived in) isolated by a good mile or so on all sides by dank, wet, miserable fields full of sheep. Given that BT still hasn't managed to install a landline that didn't sound like Bell himself might be on the other end (distant, crackly, muffled and with regular drop outs), one could understand their reluctance to invest any time or money in laying any cable where weather, fauna and farmers may damage it at a moment's notice.

According to a friend who's still local (I'd say 'neighbour' but they were fully two miles away) one of the nearest clusters of houses now has a FTTC cab installed, but the hopes of bouncing any kind of wireless signal UP the hills to the farms above seems unlikely, even if they had a maypole (or church spire, or any of the other accoutrements of your picturesque fantasy rural hamlet). Oh, and there's (to the beat of my knowledge - not been back in half a year) neither 4 nor 3 G mobile signals up there. Which is a shame, because it (and many, many similar premises) could easily be converted into a rather splendid office, or at least be used to work from home. I moved in the end because 'working from the coffee shop in town 5 miles away' just isn't the same. They didn't take kindly to me sitting down in my underwear.

Tech support scammers mess with hacker's mother, so he retaliated with ransomware


I have one Windows machine in the house, which I take good care of, and a bunch of Macs, Linux boxes, a FreeNAS system and a couple of Hackintosh NUCs on the TVs. Last time they called me, the Windows box wasn't even switched on, and I was sat in front of the TV in the lounge. I played along, but when they asked me to press the shortcut for Run, I didn't best impersonation of a panicked non-tech person, moaning that it wasn't doing anything and they were right but maybe too late to help me. They told me to open IE, oh noes! It's not there! They asked me what keys were on the bottom left of my keyboard (to filter out Mac users - nice touch, albeit somewhat late in the script) and I told them exactly what I saw on my Logitech wireless board. Utter confusion followed - they seemed to have chanced on a PC that was so utterly borked they couldn't do anything to demonstrate how borked it really wasn't. They escalated my call to a manager, who finally asked what was at the top left of my screen ("Well, there's a little apple and...") after a long pause, the first guy came back on, said "Hello, Sir? Go to hell, sir." And he hung up.

I was left with mixed feelings - of course these guys are scammers and bottom feeders, but the anger in his voice revealed how hurt he was to have wasted his time (which is money). Yep, got my own back, and maybe made him think, but ultimately these scammers aren't doing it for giggles, they're doing it because it's a way to make money, and presumably their English isn't good enough to work in a more legitimate call centre. I can afford to mess these guys around for the better part of an hour, but if he's on performance related pay, coming up to the end of a shift and wastes his time on me when he could be wringing a couple of sales out of people like my parents, I've just cost him big. On the one hand, I'm delighted to be doing my bit to slow down the success of the scam, but on the other, I'm depressed to live in such a shitty world that an (at least) bi-lingual dude of around my age is sat in a call centre somewhere in India, extorting his way to paying the bills and putting food on the table.

I dunno what the solution is, and maybe it's ridiculously post-colonial of me to assume the guy's poorer than me. Maybe his shitty scam job earns him £50k and he drives a Merc, but ultimately I think this kind of vigilante approach solves nothing for anyone. We probably all ought to pressure people in power to do more to address the issue.


Re: Bobby?


Mark Zuckerberg's Twitter and Pinterest password was 'dadada'


Re: As for username and password,

Oh feck yes, this. "Security Questions" seemed utterly dumb to me back in the 90s, so I'd just mash keys for a minute and move on. Lost a few sweet usernames on decent sites when they then started requiring answers after suspicious login attempts.


Re: Password strength lesson

How do salts and stored hashes protect against reused passes? I get LinkedIn's db, and find that they've only stores Zuck's hash and salt. Given he's not just any ordinary target but (a) an internationally recognisable figure with rather a lot of influence, and (b) someone who's (as of now) been known to reuse passwords, I decide he's a good target. I plug the salt into my script and bruteforce until I get a hash that matches. Huh, it's "dadada". Now I head over to a bunch of other sites and try dadada out. The salting and hashing has only protected the majority of users, because it's a PITA (and slow) to bruteforce all those salty hashes, but it hasn't actually added any (meaningful) extra protection to any individual login, and does nothing to mitigate idiot users keeping the same password for everything. Like the OP said, password reuse IS worse than weak passwords. If you find out my password for this site is 1234*, it doesn't matter too much for me since you can't use that pass to gain access to anything else of mine, and I only need to change one password to fix the breach.

NB: I accept I may be wrong or missing something here, so do let me know if that's the case. I also appreciate that I've made quite light of bruteforcing a salted hash, but a six lowercase letter password, containing only two characters, really isn't going to pose that much of a problem. My point is, if someone set out to target Zuck and the LinkedIn db had been salted and hashed, it wouldn't have made that much difference.

*[changes password]

Admin fishes dirty office chat from mistyped-email bin and then ...?


No brainer

If you set yourself up as the kind of admin who redirects mail, you have to redirect it. There's nothing illegal going on, and flagging it up as a violation of company policy on computer use is obviously messy and unnecessarily complicated. The right answer is obviously to stop nannying your users and let their emails vanish into the void. Teach them how to look up email addresses and check their sent items and then just leave it the hell alone.

The implied moral quandary over being complicit in an affair between two adults is so absurdly puritanical, I can't help but wonder if the admin worked in some kind of hyper-zealous bible sales business.

Amazon WorkSpaces two years on: Are we ready for cloud-hosted Windows desktops?


How much!!?

Really? Until it's (at most) half the current price, it really doesn't look like a viable product for anything other than uber-corporations with cash to burn and enormous tech teams to maintain it. The problems of managing the setup would appear to be at least as difficult as managing full fat machines, and much more complex than an in-house solution.

Just why?

Let’s re-invent small phones! Small screens! And rubber buttons!


Re: Small != Small

Bravo. Better than the main article, in fact.


Biting the hand that feeds IT © 1998–2019