* Posts by Fred Flintstone

2702 posts • joined 9 Jun 2009

Microsoft faces Dutch crunch over Windows 10 private data slurp

Fred Flintstone
Gold badge

Re: Much a do

Nope those are not the rules. The rules simply say you have to have specific permission up front

It's a tad more sophisticated than that, but unfortunately vague enough to leave some margin for "errors" in interpretation.

You will always have to seek explicit permission (i.e. not buried in associated terms), but you may pre-tick the box if what you are gathering is not deemed "sensitive" such as contact details, i.e. a default opt-in posture is allowed.

However, when you go into details classed as "sensitive" such as health, you are no longer allowed to default to opt-in, the opt-in must be explicit too. The vagueness lies in "sensitive" because that depends on who you are, and your definition of where the "sensitive" boundary lies is likely to differ from any "gimme all your data so I can lose it" commercial recipient..

2
1
Fred Flintstone
Gold badge

Re: Much a do

Look for "Diagnostics Tracking Service" or "DiagTrack" or "Connected User Experiences and Telemetry", Stop the service, Set startup type to disabled

Or, Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DiagTrack\Start = 4

Or in Powershell: stop-service diagtrack, set-service diagtrack -startuptype disabled

If you consider that "simple" and achievable for the average end user, I have a well known story fragment for you:

“But the plans were on display…”

“On display? I eventually had to go down to the cellar to find them.”

“That’s the display department.”

“With a flashlight.”

“Ah, well, the lights had probably gone.”

“So had the stairs.”

“But look, you found the notice, didn’t you?”

“Yes,” said Arthur, “yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.”

13
2

'There has never been a right to absolute privacy' – US Deputy AG slams 'warrant-proof' crypto

Fred Flintstone
Gold badge

Actually, I think he is right

I agree with him that backdoored crypto is essential in the modern word - for government use.

Any nation with politicians that dare to use the word "democracy" when referring to their activities should mandate backdoored crypto with keys that become public after a set period, say 2 years for regular operations and 20 years for whatever is deemed National Security so we can finally have the kind of transparency that establishes accountability.

For alleged democratic governments, there should not even be another option. For citizens, not so much.

20
0

World's first dedicated computer centre declared 'irreplaceable' by Historic England

Fred Flintstone
Gold badge
Pint

Congratulations!

Here's to preserving a VERY important part of history.

5
0

Home Sec Amber Rudd: Yeah, I don't understand encryption. So what?

Fred Flintstone
Gold badge

Re: she said the government needs to get people who "understand the necessary hashtags"

Upvote for sarcasm :)

5
0

Alleged dark web drug baron cuffed – after he flew to US for World Beard Championships

Fred Flintstone
Gold badge

Re: PGP crypto keys..

I'm wondering what laptop to take next time I travel..probably a brand new one with no useful/usual software installed as it its all 'used by criminals' (github, gpg, ssh, bitcoin, Tor, vpnc, )

At the rate this is going I'd recommend an etch-a-sketch.

10
0

iOS apps can read metadata revealing users' location histories

Fred Flintstone
Gold badge

Re: Turn off GPS on the phone.

Can't speak for Android, but killing GPS data for images has been around for a *long* time in iOS. I still have a 3GS here with iOS 6.1.6 which already contained that switch (just checked :) ).

4
0

Is this cough cancer, doc? No: it's a case of Playmobil on the lung

Fred Flintstone
Gold badge

Re: This is why

Perhaps ones made of metal, with extra-sharp ends. A proper educational toy!

Funny how things develop here. We started with Playmobil, passed Lego and have finally arrived at caltrops for kids :)

6
0

UK Home Office re-bans cheap call gateways because 'terrorism'

Fred Flintstone
Gold badge

I think it's really amazing that our government is so caring and considerate that it tries to protect me by wanting to know everyone I have contact with, when I contact them and for how long

.. whereas us asking for the same transparency from our government (where it is actually warranted until they stop pretending it's a democracy) is deemed almost subversive..

7
0

FedEx: TNT NotPetya infection blew a $300m hole in our numbers

Fred Flintstone
Gold badge

Re: $300M!!

It is "holy crap", but from a different department - the "find excuses for a write-off/declare losses" department.

That's exactly what I thought. To borrow a line from the former New Labour press staff, it was clearly a good time for bad news.

4
0

Mobe reception grief turns LTE Apple Watch 3 into – er, a dull watch

Fred Flintstone
Gold badge

Re: I don't know about you...

Fully agree.

Call me old fashioned, but I still like my on/off switches to exhibit pure binary behaviour. There are usually good reasons why I switch things off.

50
0

DRM now a formal Web recommendation after protest vote fails

Fred Flintstone
Gold badge

Slaughtering the golden goose as usual

And so, the goose that laid the golden eggs was finally slaughtered.

We only got to the scale we have today because the Net was open and accessible to all. Creating a DRM layer will mean that there now will be three Nets rather than two: a Darknet, the Net as we know it and the corporate DRM-protected version where the stench of decay is already wafting from before it's even built.

The next step is self-evident: prioritisation of DRM content. Bye bye Net neutrality.

0
0

'Don't Google Google, Googling Google is wrong', says Google

Fred Flintstone
Gold badge

Re: Because It's Not Google

I seem to recollect googling with infoseek before altavista existed.

No, wait, googling didn't exist back then. The nearest was probably giggling.

In earlier days it was a different thing that started with a "g": gopher.

5
0

Five ways Apple can fix the iPhone, but won't

Fred Flintstone
Gold badge

Re: Sound

https://www.hk.onkyo.com/Product/GRANBEAT_DP-CMX1/index.html

You better try this link: https://www.hk.onkyo.com/en/Product/GRANBEAT_DP-CMX1/index.html - may be easier for most people as it's in English :).

1
0

Yahoo! must! face! the! music! over! data! breaches! judge! rules!

Fred Flintstone
Gold badge

You wish, but your limerick still made a nice start to the week, thanks :)

3
0

SanDisk's little microSD card sucks up 400GB

Fred Flintstone
Gold badge

Re: I was thinking of madder things

I'm not sure how good that would be, cost wise:

Good point. It might be cheaper to bribe someone, or use the $5 socket wrench approach..

0
0

Nest cracks out cheaper spin of its thermostat

Fred Flintstone
Gold badge
Coffee/keyboard

Re: integrating the thermostat to home security

Nothing worse than coming home and finding a burglar naked and frozen stiff to the wife's lingerie drawer

I should now better by now than to read El Reg while drinking something :)

8
0

What code is running on Apple's Secure Enclave security chip? Now we have a decryption key...

Fred Flintstone
Gold badge
Pint

Re: Well you cannot make this secure

Even harder than that... Your maths is out by a factor of 10! :-)

Duh, well spotted. Clearly I should never do any maths on Friday :).

3
0
Fred Flintstone
Gold badge

Re: Well you cannot make this secure

So essentially every moderately advanced attacker can just read out the "security enclave" and emulate it to try out all the PINs.

Dammit. Apple just spend several man YEARS developing this stuff and you broke it already!

Or maybe not.

The PIN yields an access key to a storage container. THAT key is the full monty, 32 of 64 bit wide. The security enclave gives you up to 10 shots at a password that will convince it to cough up the access key, so that's a 1 in 100 chance for a 4 digit PIN, a 1 in 10000 change for the new 6 digit default and a 1 in <god knows> chance in the case of alphanumeric if a password is used and after that it's game over and you can entertain yourself trying out all the 32/64 bit wide keys and grow a grey beard whilst trying.

The only way you get in there faster is using the XKCD $5 wrench technique or take a film off the shiny case and see if any of the fingerprints match - there is no limit on the amount of tries for that and it can be faked using Tsutomu Matsumoto's (et al) gummy fingers approach. That's why I do NOT use fingerprint biometrics unless I know the reader is high resolution (IMHO the iPhone one is not), it is too easy to get hold of the required prints.

5
0

President Trump to his council of industry CEO buddies: You're fired!

Fred Flintstone
Gold badge

Re: ""For every CEO that drops out of the Mfg Council, I have many to take their place." -"

Was I the only person who saw the D his inauguration raise both arms and thought "Heil Hydra."

At the time, yes,, but I also had later flashbacks to Emperor Pirk in Star Wreck in the Pirkinning, with Bannon as a less competent but sartorially compatible Fukov..

I must get out more :).

2
0

WannaCry vanquisher Marcus Hutchins pleads not guilty to flogging banking trojan Kronos

Fred Flintstone
Gold badge

Re: Framed?

Has he had a hand in this affair? [Trump]

With his size hands, that would not have had a noticeable impact.

8
1

WannaCry kill-switch hero Marcus Hutchins collared by FBI on way home from DEF CON

Fred Flintstone
Gold badge

Re: Genuine question

We have the biggest debt because we also have the biggest economy. We're the richest. It is as simple as that. We got it because institutions have determined that we're worth it. Those that can do.

It appears some people have a hard time spotting sarcasm :).

1
0

WannaCry-slayer Marcus Hutchins 'built Kronos banking trojan' – FBI

Fred Flintstone
Gold badge

Re: Apparently he does other thing for a living as well.

If you think that the few pages of the indictment constitute "at length" you should avoid going near bookshops. The shock might be too much.

It's for this sort of sarcasm I come here. Wonderful.

:)

3
0

Microsoft Surface laptop: Is this your MacBook Air replacement?

Fred Flintstone
Gold badge

Re: Nooooo!

Not sure that reviewer is right for El Reg, making some positive comments about a MSFT product

Oh, don't worry. We'll fix that in the comments :)

5
0

It took DEF CON hackers minutes to pwn these US voting machines

Fred Flintstone
Gold badge

You get some that makes trump look like a political genius.

With all due respect, I believe that is now beyond the capability of even the best SFX and greenscreen setups in Hollywood.

6
1

BOFH: Oh go on. Strap me to your Hell Desk, PFY

Fred Flintstone
Gold badge

Re: This

This

Will not End Well

That's mainly a matter of perspective :)

7
0

Trump tramples US Constitution by blocking Twitter critics – lawsuit

Fred Flintstone
Gold badge

Re: ID 10 T alert

I'm not even American but come on, you can't say "come here" and "f*ck off" at the same time.

Steven Wright can: he called his dog "Stay" :)

2
0

Microsoft boasted it had rebuilt Skype 'from the ground up'. Instead, it should have buried it

Fred Flintstone
Gold badge

Re: a colleague skyped me..

Evidence that Redmond is the birthplace of Intelligent Design*?

*as in utter bollox...

Yup. It IS the birthplace of utter bollocks..

:)

3
0

French general accused of nicking fast jet for weekend trips to the Sun

Fred Flintstone
Gold badge

Re: want

Well, as runways and driveways go, John Travolta clearly has that one sorted :).

0
0

Researchers blind autonomous cars by tricking LIDAR

Fred Flintstone
Gold badge

Re: Lidar is a dead end.

The trick, as with cars, is to come up with a system that doesn't involve installing and maintaining equipment along 140,000 miles of existing rail line, much of which is marginally profitable at best. Railroads also put great value on having things fail-safe as much as possible and are pretty conservative about technology.

Hah! You want conservative? The solution was invented ages ago. I'd give it a few weeks before non-self driving cars get the message to stay out of the way, though.

As for the LIDAR problems, at least it gives idiots with laser pens another target :).

1
0

UK parliamentary email compromised after 'sustained and determined cyber attack'

Fred Flintstone
Gold badge

Re: that'll be mps' passwords such as...

You forgot "duckhouse"

:)

10
0

No, really. You can see through walls using drones and Wi-Fi

Fred Flintstone
Gold badge

I suspect that "proper" radar kit is expensive whereas WiFi kit is everywhere - and you may not even detect that you're being scanned.

Personally, I would like to thank the University for giving me yet another reason to down a drone as soon as it comes near my property. And get a WiFi jammer.

3
1

Going to Mars may give you cancer, warns doc

Fred Flintstone
Gold badge

Could we persuade Daily Mail readers that if going to Mars causes cancer then going to Venus must cure it? Then we could send them all.

You've been reading about the B Ark again, haven't you?

:)

2
0

Utah fights man's attempt to marry laptop

Fred Flintstone
Gold badge

Re: OK Computer

I've already brought up the 18+ rule and the date of manufacture of a sex bot on another forum.

Sticky issue.

Yes, old plastic and foam doesn't age gracefully :)

1
0

Google can't spare 113 seconds of revenue to compile data on its gender pay gap

Fred Flintstone
Gold badge

Re: They're probably spending more for their lawyers to argue against it

Personally, I hope this does go all the way to the Supreme Court and the Supreme Court kicks Google's ass from here to Timbuktu!

Not going to happen, which is the exact reason why Google want to go that far. The orange guy at the top loves big business, remember? He's not going to allow something as trivial as any law to protect peasants to interfere with profits, and he's already put his man up there.

2
0

Uber New York class action alleges passengers overcharged $7.43m per month

Fred Flintstone
Gold badge

Re: Hmmm

I'd make it "Exceeding", but otherwise, yes :)

1
0
Fred Flintstone
Gold badge

Re: Money's for a good cause

Upvote for sarcasm :)

2
0

Good news, OpenVPN fans: Your software's only a little bit buggy

Fred Flintstone
Gold badge

Thanks for that, learned something new :)

0
0

Facebook is abusive. It's time to divorce it

Fred Flintstone
Gold badge

Re: And some are ...

Would you prefer I go to the cellar for some Cassegrain or Rousebout Rousey?

Well, I prefer their dry whites - not so fond of their reds but that's more because I'm not really a red wine drinker in general.

That said, I know where I buy my more upmarket plonk :).

0
0

Webroot antivirus goes bananas, starts trashing Windows system files

Fred Flintstone
Gold badge

Re: Kaspersky No Better

Yup, that was my immediate reaction too.

Webroot's security tools went berserk today, mislabeling key Microsoft Windows system files as malicious and temporarily removing them

AFAIK that makes it the only anti malware tool actually doing its job :).

20
3

Nikon snaps at Dutch, German rivals: You stole our chip etch lens tech!

Fred Flintstone
Gold badge

Re: First thing we do..

I suspect that the people helped by Erin Brokovich will disagree..

4
1

Cuffing Assange a 'priority' for the USA says attorney-general

Fred Flintstone
Gold badge
Pint

Re: AC/DC blasting Out

Give or take 300 yards I am one of those neighbours

Good. Keep an eye on him for us, thanks.

I'll come and get you for a beer next time I'm in London :).

0
0
Fred Flintstone
Gold badge

Still, looking forward to hearing AC/DC blasted out at maximum volume outside the Ecuadorian Embassy until they hand over Assange.

LOL, "Highway to hell" - I like it :)

8
0

US surveillance court declined less than 2 per cent of applications

Fred Flintstone
Gold badge

Do they share staff with the Patent Office?

It appears they must have at least the same agile supply chain for rubber stamps..

1
0

UK boffins steal smartmobe PINs with motion sensors

Fred Flintstone
Gold badge

And yet, it's so very, very easy to fix..

What I find baffling is that people find this a difficult problem to solve when you have a touch screen.

All you need to do is randomise the position of the digits on each PIN request. As it concerns numbers it's not too much of a hunt to find the right button (it's not a good idea with alphanumerics) and it gets rid of such detection (location sensing is also something that happens when observing someone entering a PIN on a doorpad - you can assert probabilities from the way the arm moves).

Of course, you make such an idea OPTIONAL - for the user who values convenience over security or who has reduced sight or mobility.

Also, as the video was is showing a fingerprint reader equipped phone, let's make it possible to access such a device with a combination of PIN and FP - that is IMHO better for a device that carries payment information.

5
1

New plastic banknote plans now upsetting environmental campaigners

Fred Flintstone
Gold badge

If we use politicians, then for once I'd support quantitative easing.

Do you really want to have that in your hands? Ugh..

:)

0
0

Forums

Biting the hand that feeds IT © 1998–2017