* Posts by Mark 65

3143 posts • joined 11 Jun 2009

Cover your NASes: QNAP acknowledges mystery malware but there's no patch yet

Mark 65 Silver badge

Don't hold your breath. If it's 8 years old it's likely off the support list so you're on your own. QNAP don't care. I'd advise installing Debian on it with openmediavault and webmin. It'll be rock solid and patched.

QNAP NAS user? You'd better check your hosts file for mystery anti-antivirus entries

Mark 65 Silver badge

Re: Debian

I can vouch for that. Running Stretch on a TS-439 Pro with a systemd run script thingy to control the LCD panel. Absolutely rock-solid and acts as an on-site backup.

Mark 65 Silver badge

Re: Source of the NAStiness?

From personal experience, updating QNAP firmware on a regular basis can be equally as problematic. I've had a couple remove my ability to run VM Station and Container Station. They fixed my UPS signalling it was on battery causing an instant power down but now that has resurfaced after a couple of updates. I like the functionality they have but I'd prefer they properly tested it before release.

Fortunately my older device was outside support so I installed Debian Stretch on it with OpenMediaVault and Webmin. Doesn't have all the functionality of the later box but updates aren't a coin toss either.

Oracle exec: Open-source vendors locking down licences proves 'they were never really open'

Mark 65 Silver badge

Re: Not because of open source

Yachts don't buy themselves

The Iceman cometh, his smartwatch told the cops: Hitman jailed after gizmo links him to Brit gangland slayings

Mark 65 Silver badge

Re: "grassing" in British English or "snitching"

Given he still got 33 to life, why did he bother grassing? He's only added "likely to be shanked in prison" to his tariff.

Detailed: How Russian government's Fancy Bear UEFI rootkit sneaks onto Windows PCs

Mark 65 Silver badge

Re: Once again this proves

A hardware switch will be a problem when you need to update a fleet of hundreds/thousands of PC but a separate bootable environment or something that can be plugged into PXE could be a safer alternative that worth considering.

Then, when they buy and deploy PCs, companies can feel free to set the firmware write switch to "open slather" for their convenience whereas for everyone else it can remain in the "name's not down, you're not coming in" position.

UK spies: You know how we said bulk device hacking would be used sparingly? Well, things have 'evolved'...

Mark 65 Silver badge

Re: The underlying message

Bulk surveillance is about quashing dissent. It is about preventing the rise of a leader capable of bringing about the demise of the military industrial complex and upsetting the status quo. It is about their enemies not ours. Every now and again they might stumble upon the odd useful bone to throw out to justify their existence. Bulk surveillance is useless for its stated purpose. Always has been, always will be. When one of the architects of mass surveillance - William Binney - states that it is useless for their intended aims you know that's not its purpose.

Mark 65 Silver badge

It seems they haven't learned anything from what happened after the Snowden revelations. We found out that they were listening into everything so companies and by extension individuals moved to https over http and encrypted over plaintext. Now they want to put malware on everyone's devices so that the encryption is useless - ignoring the fact that it will be impossible to secure their malware from anyone else that wants to use it. This will only lead to a rise in fully segregated OSes like Qubes and then they'll fucking whine about that.

How about you use the powers sparingly and in a targeted manner and not like a ADHD kid hyped on sugar and perhaps people won't secure the bejesus out of everything? Although the horse has likely bolted on that one due to your immoral "bulk" nonsense.

He, He, more gassy whoppers: Toshiba spreads 12TB, 14TB drives across gaming and NAS disks

Mark 65 Silver badge

Re: Evolve or die.

Evolve or die. £/GB of flash is really not that far behind that of spinning rust any more.

So around AU$300 for a 6TB HDD vs AU$400+ for 2TB SSD - roughly 4 times the price/TB. That's still quite some distance behind.

Wow, what a lovely early Christmas present for Australians: A crypto-busting super-snoop law passes just in time

Mark 65 Silver badge

Re: "Ship! Come back!"

There is all the usual bluster in the legislation about forcing code changes etc and that has been taken to be the backdooring of encryption. However, I think we need to look back to the GCHQ story earlier to see that the likely forced code change will be to allow 5-eyes accounts to silently be part of a group conversation i.e. A contacts B and WhatsApp/Apple/whomever silently adds GCHQ into the chat as if the end-user requested it. That is my guess at what will happen. The unfortunate part is that we are led to believe this will be on a case by case basis whereas I'm expecting it to be "in all cases" because that's just easier.

GCHQ pushes for 'virtual crocodile clips' on chat apps – the ability to silently slip into private encrypted comms

Mark 65 Silver badge

Re: Quid pro quo, Clarice...

This is part of the classic 5-eyes bait and switch. Everyone starts complaining about encryption, terrorists, paedos, and other bogeymen du jour. Then they start talking about must-have access to encrypted comms. The IT community responds with outrage at the thought of breaking encryption. Cue various to-ings and fro-ings on each side about absolute need vs privacy and open access to criminals and despots. This goes on for some time. Then one of the 5-eyes agencies, normally the shitbags at GCHQ who (under the Snowden leaks) seem the worst of the bunch, come up with the solution they were likely after all along as a fall-back plan - namely to allow them to be inserted into encrypted conversations as an unseen fly-on-the-wall, thus preserving the encryption but tapping the information flow.

This process needs to be looked at by all as a free-standing proposal rather than "as opposed to breaking encryption", at which point it will be seen to be equally as repulsive given we all know that they will extend it to "insert us into every chat automatically" via some secret court order.

Oz opposition caves, offers encryption backdoor compromise

Mark 65 Silver badge

Mr Potato Head thinks we're all suspects

Once a copper, always a copper. There's no amount of scrubbing that will clean that off.

Mark 65 Silver badge

Re: That's OK then -- Not The Master Key

Given that, in the main, most of these companies don't actually possess the keys and if it ever got out they'd facilitated keys leaking from an endpoint their business is finished - what difference do they expect this law will make? Are the makers of Signal going to release a cracked version? No, so what then?

Blighty: We spent £1bn on Galileo and all we got was this lousy T-shirt

Mark 65 Silver badge

There is no "punishment" being handed out here.

Wow, just wow. Are you really so short-sighted, so blinkered, so naive as to not realise this is the EU sending a very strong message to the likes of Italy and any other country that thinks they can sway matters with talk of doing their own little side-stage exit if they don't get their own way?

It was always going to be this way. If Brexit resulted in a sweet deal for the UK then other countries would have a viable fall-back option should they not want to play ball, which would result in a clear lack of cohesion within the block. You simply have to make leaving the block appear unpalatable, anything else is suicidal.

Mark 65 Silver badge

Greek austerity, Italian rumblings? We'll see how foresighted they really are.

Mark 65 Silver badge

Re: Well, who'd have thought it?

Can we have the heads of Farage, Boris and Davis on a post outside Parliament?

I'd have thought May should be first up. Negotiating a deal that hands over billions with a loose "might do" text as regards a future "maybe" trade deal doesn't sound like a deal you could sell to anyone. In fact it looks like the sort of deal you'd negotiate if you want it to never get across the line back home. I'd like to give credit and say there's some kind of greater end game in play here but it seems more like she'd just like to be done with it and bring on the famous Tory long knives to end her term.

Not sure Corbyn is particularly offering any alternatives.

Microsoft lobs Windows 10, Server Oct 2018 update at world (minus file-nuking 'feature') after actually doing some testing

Mark 65 Silver badge

When you remove proper QA, then implement a "crowdsourcing" alternative that allows critical bugs to slip through despite being reported, you deserve some criticism.

When you do this and force the software onto people's machines you deserve to go out of business. I think Microsoft are displaying a level of conceited arrogance way beyond what their position in the industry will sustain. They are no longer the only game in town and do not possess whatever strength they perceive allows them to shit on their customers with rubbish like this.

Oz telcos' club asks: Why the hell do Australia Post, rando councils, or Taxi Services Commission want comms metadata?

Mark 65 Silver badge

Bit of an issue with the statement...

Stanton said the huge number of requests arose not because of Section 313, which limited the warrantless supply of data to 20 agencies, but Section 280, which allowed other bodies to request data under various kinds of court orders.

That section, he said, "places carriers in a difficult position. When a council in Tasmania says 'we want data under Section 280, and we have the right', what does the carrier do?"

Stanton added that judging the legitimacy of a request isn't in the scope of most telcos and service providers.

"So you have a barrage of requests coming in from all manner of entities, which may or may not be legitimate requests."

I have an issue with that in that the legislation is said to state that data can be requested under various kinds of court orders. Therefore the start point for your ability to ascertain validity is "is there a court order and if so show me". A scan of that court order should then be registered against the data returned thereby documenting what occurred to cover their arse. After all, a court order is a court order. I would not expect them to question the court order (although they likely could appeal it if their pockets were as deep as Apple's) as the shitty legislation and poor implementation by practitioners is hardly their fault. If a technophobe judge sees fit to sign off on a data trawl there's not much you can do.

30 spies dead after Iran cracked CIA comms network with, er, Google search – new claim

Mark 65 Silver badge

Re: You're FIRED!

Sure? I thought suicide by multiple gun shots to the head was the norm.

Is that before or after you've locked yourself in a holdall?

Oz spy boss defends 'high risk vendor' ban

Mark 65 Silver badge

Both the United States and the United Kingdom governments have said that that's the case, and the companies involved—Apple and others—have also said there is no evidence of this.”

In other words "This hack goes so far and so deep we'd end up disrupting the World economy with the panic if the truth came out so we'll just lift the rug and sweep under. Trust us, it's better this way."

Memo to Mark Sedwill: Here's how to reboot government IT

Mark 65 Silver badge

After Maude's retirement, GDS was vulnerable and the leading lights left – many decamping to the Co-Op, following Bracken there.

That worked well then.

Mourning Apple's war against sockets? The 2018 Mac mini should be your first port of call

Mark 65 Silver badge

Re: Macs typically have a longer usable life than Windows PCs ...

These days? I'm not so sure. Apple's hardware is pretty reliable, but the fact that modern Macs are increasingly soldered together and unupgradable means that "planned obsolescence" is increasingly built into them.

To be fair, with 4 Thundebolt 3 ports you have upgrade paths for GPU and fast storage covered. This was not possible before in the older generations that had Firewire 800 and USB 2. You need only worry about whether the RAM is soldered in. As for the CPU, you should always think a little forward when buying.

Your chief concern would be making sure operating temps remain under control. Do so and these should last a fair while.

Mark 65 Silver badge

Re: Macs typically have a longer usable life than Windows PCs ...

I have a 5k iMac that is just over 3 years old. Cost £2,000 and needs a new main logic board. At a cost of £580.80 which is the price of a whole computer in the windows environment.

I have serious doubts about the iMac design. For anything other than a controlled 20 degree Celsius temperature controlled environment I think they simply end up burning themselves out. My graphics card shat itself. You've got a logic board issue. I simply think they end up running too hot thereby shortening their components' lifespan. They need to come out with a new modular desktop box. The iMac Pro may have plenty of power but I'd wager that using it regularly will come at a heavy cost (excluding purchase price).

Mark 65 Silver badge

Re: Macs typically have a longer usable life than Windows PCs ...

On the other hand, Apple gave up supporting my 2007 iMac in 2014, even though it still works - only the Bootcamp Windows gets security updates these days.

My 2008 iMac has just gone out of support for new versions of the OS, which did irritate me as the lowest hardware they support for Mojave is less capable than my machine in both GPU and CPU. I can move up to High Sierra from Sierra and still get security fixes or I can do like I have with my 2007 Macbook and install Linux on it and be supported for quite some time. Linux Mint installed without issue and runs snappily on the old hardware.

Official support for Sierra ends September 2019 and, presumably, High Sierra will be around September 2020. That would mean 12 years of support for that hardware. Support for 12 years is pretty good and I am only irritated by the lack of further support because it seems to be artificially enforced given the aforementioned supported spec.

I have to confess that I have a newer machine that is a Hackintosh. That is an acquired taste but I did it because there was no path available where I could have an Apple machine with user upgradeable and replaceable components. I had a sketchy graphics card in the iMac which I only realised was a recall item after the recall ended. It promptly shat itself shortly thereafter. I would have preferred to be able to replace the component myself but didn't have a clean-room to remove the screen and dick about with the internal layout and custom card form factor. This machine will last a very long time and would only be hindered on the macOS front by a change in architecture from x86 to ARM.

Belgium: Oi, Brits, explain why Belgacom hack IPs pointed at you and your GCHQ

Mark 65 Silver badge

Re: Bungling Brits ...

It's not as if you're the US, is it ?

No, but in all likelihood we were doing it at their behest.

What could be more embarrassing for a Russian spy: Their info splashed online – or that they drive a Lada?

Mark 65 Silver badge

I'm guessing the Audis, especially quattro variety, are still about 1 inch from the car in front.

New Zealand border cops warn travelers that without handing over electronic passwords 'You shall not pass!'

Mark 65 Silver badge

Re: And IF you have no electronic password or phone?

You can't ensure anything isn't pre-bugged which would be game over in any case.

Mark 65 Silver badge

Re: And IF you have no electronic password or phone?

TBH if it's a cheap shit phone then all it really is is a SIM case. Buy a new unlocked one at your destination and factor it into the travel cost. Quick search tells me I can pick up an unlocked 3310 for NZ$99 if I want.

Mark 65 Silver badge

...and what if your access details to your VPN are stored in a keypass file for security purposes?

You'd need to:

1. Have that file with you which would raise suspicion levels, or

2. Download it somehow in a secure fashion afterwards which seems a bit catch-22

Mark 65 Silver badge

Re: Security by Obscurity

No different from CCTV. Doesn't keep you safe but can help plot get a result later.

Mark 65 Silver badge

Re: If your phone is blank of all apps and data...

that would be reasonably suspicious in and of itself, no?

I'd argue that it's no more suspicious than a phone of someone you believe warrants investigation containing a heap of irrelevant shit, much like most of the World's phones, and nothing as incriminating as you'd like to see. Guilt is in the eye of the accuser.

Mark 65 Silver badge

Re: Is that Amber Rudd?

That statement and the point you make really just highlights the idiocy that is happening here. The rush to gather all information, justified and implemented in law by idiots and enforced by bigger ones.

Chinese tech titans' share prices slump after THAT Super Micro story

Mark 65 Silver badge

Re: Yet another example of the need for security

Fabbing is not particular dirty, though it is rather water intensive (yeah, I don't know why they have fabs in Arizona, either)

Tax breaks, subsidies and other gifts I'd imagine.

Apple macOS Mojave: There's goth mode but developers will have to wait for the juicy stuff

Mark 65 Silver badge

Re: MacOS vs iOS

I'm also not so sure that, just because someone buys an f*cking expensive phone they'll necessarily buy your expensive desktop. Most phone users are predominantly phone users. They might buy a tablet but I doubt there'd be much PC upsell.

Mark 65 Silver badge

Re: "I blame The Matrix for starting all this off, by the way."

Dark background emphasises colour which is why colour photos "pop" with a black boarder - no distracting bright white surround. Anecdotally I also find dark themed desktops easier on the eyes for prolonged use and tend to setup any apps offering it to default to it.

Mark 65 Silver badge

Re: News App

I've been using Thunderbird on Windows and Linux for a decade now, and it works very well.

Whilst I also use Thunderbird, primarily from a cross platform availability perspective, it annoys me with its habit of habitually shitting itself at least once per week. I can guarantee unlocking the (OS X) machine once a week and seeing the "Thunderbird fell on its arse again" crash reporter. I tired of submitting reports. I do use it to enable local folder copies of server mail accounts using the useful "copy folder" add-on.

Mark 65 Silver badge

Re: Wow!

Feel free to now enjoy what is widely considered the most bug ridden and least stable version of macOS in a decade. If you do insist on using High Sierra then make sure you stick to 10.13.4 because 10.13.5 and 10.13.6 have broken graphic drivers (which Apple has admitted is a known issue).

Unfortunately some of us are stuck with the infuriating nonsense whereby Apple refuse to support allow the update to Mohave and so High Sierra is the latest release I can go to on my top of the line 2010 iMac. At least it will continue to get bug fixes for some time.

The computer may be 8 years old but the never ending need for compute power pretty much ended back then. I have absolutely no need for a new machine to replace this and Apple knows that which is why they spin the usual bullshit lines and discontinue support. My machine has an HD 5750 with 1GB RAM which, whilst it doesn't set the world on fire, matches the the GT cards that are supported on the base 2012 machines. These cards have 512MB RAM. If that's not a "fuck you buy our new hardware" then I don't know what is. They could easily discriminate machine support to those that can handle it rather than the half-arsed manner they chose.

Ironically I'll have no such issue updating my Hackintosh machine which is one reason why I built one, as I had no intention of burning $3k when Apple deemed fit to milk the consumer.

MIMEsweeper maker loses UK High Court patent fight over 15-year-old bulletin board post

Mark 65 Silver badge

Re: The Patent Claim at issue

Generally Judges are not idiots and the defendants would have tried to take this apart, but failed. Since it survived then it probably has good merit.

...until it comes to technical discussions whereby Judges, politicians, <insert person in position of authority or power> etc suddenly become utter fuckwits. A large section of the population, irrespective of IQ, are utterly useless when faced with a computer or other interactive electronic devices and exhibit an extremely poor level of understanding so I see no reason why Judges would not fit in with this.

Holy smokes! US watchdog sues Elon Musk after he makes hash of $420 Tesla tweet

Mark 65 Silver badge

Re: Seriously?

I think the best virtue of Musk is his energy, audaciousness and vision to get these projects off the ground and running.

I think it is his knack of tapping into a rich and seemingly unending vein of taxpayer subsidy that is (corporately speaking) his best virtue.

Groupon to pay IBM $57m after getting money off e-commerce patent settlement

Mark 65 Silver badge

Re: IBM has patented things like breathing and movement, etc.

Don't do business in the US, problem solved. Most patents granted in the US are for things that cannot be patented in places like the EU.

Building your own PC for AI is 10x cheaper than renting out GPUs on cloud, apparently

Mark 65 Silver badge

Re: The Cloud..

People need to look at cloud computing much like power generation. Cloud computing - i.e. someone else's computer(s) - is peaking plant whereas your own machine(s) are base load. You activate peaking plant when the demand becomes too great for your base load generation to cope. Examples would be sales periods for retailers, quarterly reporting for financial institutions, overnight processing for trading houses etc.

I cannot see how running the same capability of hardware full time when it is owned by someone else as being cheaper than owning and running it yourself. It is Op-ex vs Cap-ex. They may well be able to buy that hardware cheaper due to volume discounts, but that saving is their additional profit not your cost reduction.

Brexit campaigner AggregateIQ challenges UK's first GDPR notice

Mark 65 Silver badge

Re: So this is punishment for supporting Brexit

Brexit took place on June 23 2016 and GDPR became legally enforceable May 25 2018.

You didn't read the bit about them still retaining the data post GDPR implementation did you Walter?

Is it just me or does GDPR sound like a German state security service?

Whoa – oh no, Zoho: Domain name no-show deals CRM biz, 40m punters a crushing blow

Mark 65 Silver badge

Don't forget your certs

Domain names are one thing but also don't forget to renew your certificates - expired certs also look amateur.

Python joins movement to dump 'offensive' master, slave terms

Mark 65 Silver badge

Re: We lost

I can't wait for the PC brigade to skull-fuck themselves into oblivion.

Facebook flogs dead horse. By flog, we mean sues. And by horse, we mean BlackBerry

Mark 65 Silver badge

Re: Hmmm...

I've said it before and I'll say it again - the vast majority of US patents used in this way are not valid and involve no inventive step or present anything that isn't/wasn't obvious to someone knowledgeable in the field. They are also only enforceable in the US which, handily, Trump is removing from trading with the rest of the planet so perhaps we won't have to put up with this shit for much longer.

Nope, the NSA isn't sitting in front of a supercomputer hooked up to a terrorist’s hard drive

Mark 65 Silver badge

Re: Am I being thick ?

they'll throw you under the bus in two shakes

Future tense? I think Whatsapp threw everyone under the bus some time ago, likely after being bought by one of the 5-eyes outsourced spying agencies. There's no way that treasure trove of metadata isn't well and truly sitting in Utah.

Excuse me, but your website's source code appears to be showing

Mark 65 Silver badge

Well, actually, it was Microsoft who submitted the patches as they were having trouble fitting all of the Windows source code in one repo.

Should've tried "fitting it" in /dev/null

Apple tipped to revive forgotten Macbook Air and Mac mini – report

Mark 65 Silver badge

Re: I want it to be true

They won't hesitate to give you that. The bigger issue is where they epoxy in the SSD and RAM and charge the fucking earth at the point of purchase for improvements. I understand the accountant/MBA theory on fucking the consumer over in this way but I really don't understand the real world practicality of it. At the end of the day you want sales and I think the upsell rate will be lower than expected but the destroy customer relationship one will be higher than first thought.

Fanboi loyalty only stretches to so many reamings. I have a Hackintosh for just this reason. Sure it can be a pain in the arse with security updates requiring kext fixes but I actually get the hardware I want - modular, upgradeable, didn't cost the earth, and it has a decent quiet cooling system.

MyHealth Record privacy legislation published

Mark 65 Silver badge

Re: Phew

Along with...

Judicial orders allowing MyHealth Record information disclosure would have a maximum lifetime of six months, and the citizen would have to be informed that their information is being disclosed.

up until the point at which they sneak in a little change to remove the notification "because national security".

Connected car data handover headache: There's no quick fix... and it's NOT just Land Rovers

Mark 65 Silver badge

Do these cars use a soft SIM or is it one that could be removed?

Biting the hand that feeds IT © 1998–2019