Posts by Mark 65 3438 publicly visible posts • joined 11 Jun 2009
I don't plan on living for 250 years, so just like the baby boomers didn't give a toss when they stole everyone's financial future with their tax burden I don't give a toss either as you'd hope that it would be enough time for science to come up with something. We can all waste our time worrying about the future we won't be here for but I'd rather live in the present thanks.
"Despite this, the officer, Detective Constable Brian Hopkins, pressed three charges of possession of indecent images of children. Mr Justice Mackay said he cut a "rather pathetic figure" in the witness box, having initially claimed he could not give evidence because of a psychiatric condition."
He did have a psychiatric condition - he's a lying, deceitful, malicious little prick who would rather ruin someone's life than do the right thing (and his duty to uphold the law).
We are told it was an advanced persistant threat, but:
1. I'm guessing the installed trojan/malware needed to open a line of communication to the outside world for the hacker to get inside the network. How are the port/protocol combinations and endpoints not checked and validated. I certainly cannot connect to any old host or port from my place of work and we certainly don't sell two-factor security.
2. As well as being able to elevate privileges and access staging and target servers - just how long did these people have access for and did they also have inside help? - they could also FTP the shit back out. It's great to see no checking whatsoever there! I thought these days companies that took their data seriously permitted FTP access only to certain endpoints for certain users? Sounds like they got hold of the keys to the city and made merry.
Should change their corporate tag-line to "Great two-factor security, shithouse internal though"
Taking into account my other post on the merits of buggering around with the go-to distribution for newbies I can possibly see Linux Mint cleaning up if it can do this with the minimum of fuss. Given they have all the codecs etc that Ubuntu doesn't install by default perhaps they should start the "gives you everything Ubuntu used to + more" advertising campaign?
I think the issue people have is that Ubuntu has been the go-to Linux distribution for new users and by radically changing the default interface (these aren't people that enjoy or are possibly even willing to search and dick about with system settings) they are screwing things up. Given Android is the choice for touch interfaces already I'm not sure I see the point of this design aspect. I believe there are other benefits supposedly from removing X or something but I'd guess you could do that without giving everyone's desktop a fisher-price appearance.
...
Even at this early stage Huawei was warning of problems - space and power supplies at stations were both limited, and any heat created by the hardware had to be dealt with.
It warned: "Low ceiling heights, complex inter-connecting corridors and concourses, escalators and staircases, limits the choice of antennas and radiating power power elements and in tunnels have to have adequate and uniform signal coverage."
...
Who'd have thought that all those years ago the considerate engineering pioneers that built the underground system would have had the foresight to "prevent people in 150 years time from having to sit next to some irritating wanker blathering about inconsequential bollocks regarding he said-she said crap that was of no relevance to man nor beast to someone via a mobile device that they'll be meeting face-to-face in about 5 minutes anyway" by virtue of their design.
Gawd bless'em.
I think you'll find that he's saying that even though they believe they had accurate benchmarks and gave some upside headroom they've found that reality is a little different and when you've said you are going to be putting in fibre to the premises (i.e. a shitload of fibre all over the country) the suppliers/installers know they can start taking the piss on prices. They're either going to pay the prices, start their own cable crews, or not deliver on their election promise.
It's also quite sweet that the Government is on the receiving end of what everyone else has been telling them - i.e. that the mining sector has been draining workers out of just about every profession across the country. If you think that's an exaggeration I know of teachers and a landscaper that now work in mining as they get over $100k driving a dump-truck and this high-pay skills drain is happening on a regular basis. Do a search on google and you'll find articles about multiple workers sharing the same bed in shifts, shitbox houses renting for mansion prices due to local accommodation shortages etc etc.
Is it because you want some built-in backup protocol to the device like MS offers? I'd have thought you'd be better off sticking FreeNAS on a spare/low cost tower full of disks or buying a Drobo/NAS box and using Chronosync or rsync for your backups. Either solution will be able to network serve media.
I'd posit that it's definitely illegal. Surely it comes under either interception of communications - if you log every keystroke you have the contents of emails etc. - or computer misuse i.e. fucking with someone's machine without consent, or perhaps a double-whammy of both. I'd say they're screwed.
Then perhaps the answer is to run cheap little low powered end-points (Linux?) with centrally served apps for the majority and VMs for those that are outside of the norm. Government is one area where I'd imagine a standardised centrally administered and secured desktop would be a bonus given their propensity to lose data.
I certainly haven't looked back since I gave up mine. You just realise that no matter how shit the TV is most of what you watch is still on Free-to-air so why bother paying. Now if they offered per program, or per series subscriptions at a reasonable price they may have something to offer instead of the bundle of turds they currently retail. That you pay for an HD box then an extra $10 for the HD version of the channels you've already subscribed to says it all.
The article states, rightly in my opinion, that companies are loathe to change their databases. Thus Oracle are in a winning position. However I would posit that acting like a complete arsehole towards your customers will mean your precious DB is unlikely to ever figure in any future projects, hence by increasing end-user support costs you are merely borrowing a small portion of tomorrow's revenue to tart-up your yacht today at the expense of that future revenue evaporating. Systems have finite lifespans and nothing focuses the mind quite like getting shafted - hence the Paris icon.
It's unfortunate but I'm afraid you can't compare installing windows with installing Linux because the fact of the matter is that windows is pre-installed and Linux needs installing at the current time. Its installer is great but then you are often faced with problem device drivers etc. This may not be Linux's fault but the end user doesn't give a rats arse because Windows just worked and this new OS people told them is great is a "useless piece of shite because x,y,z don't work etc". Sad but true. Users really do not care whose fault it is. The best thing Shuttleworth could do is to start shifting boxes with the OS pre-installed. Someone will have to at some point.
What I'm putting forward is that perhaps one of the factors isn't compromised. If you used this salt+current number method along with network username and password then I don't believe the RSA token is compromised due to 2 parts being necessary for this one factor. Perhaps the current number part may be but then you don't know the salt or the username and password. Either way I think you're better off trying raw currency that hitting up a system with access logging and account lockout.
Everywhere I've worked that uses RSA secureid tokens for external access has the following process...
1. Get token for user
2. "salt" number created from a subset of the digits displayed on the device at a point in time and told to IT - presumably so the end user doesn't choose something stupid.
3. User logs in with username, password, salt + current displayed digits.
Even if you can predict the digits and you've got the user's username and password you still need that salt number too and any commercial/corporate network will lock-out long before you could brute-force it. Do others use the tokens in a less secure manner?
Obviously this weakens things a lot but you still need to link a user to a token then predict the token value as well as obtain their credentials - seems like you'd find an easier way in using cold hard currency.
...is the suggestion of compulsory pension scheme. The Government may need to tweak employment taxation and pensions regulation when bringing it in, and it's by no means perfect, but a similar system to Australia whereby 9% of income goes into a regulated pension scheme is now in order. You can't have people just opting out of paying and banking on a State backstop. I'd also put an end to defined benefit schemes, especially for politicians, as they are in most cases poorly run and funded, thereby creating a never-ending financial hole for others to fill.
"Responding to George Osborne's Budget, Labour leader Ed Miliband said growth is down, employment is down and living standards are falling."
Well I'm afraid Ed old boy that you cannot have higher standards of living if they rely on an ever increasing public and private debt bubble - sooner or later you must pay the ferryman.
...that it didn't take long for them to wheel out a "think of the children" argument when El Reg's statement clearly illustrated that arrests had taken place internationally without it.
As for the "people are happy to give up a little privacy/freedom" statement, that's because most of these people are sheep and do what the politicians tell them. It'll only be some years down the line when they've given up the majority of their privacy and freedom that they'll whine about it and that'll be after the point of no return. It's called sleepwalking into an Orwellian scenario.
"Reg Hardware tested the 2.0GHz, quad-core i7-based MacBook Pro 15in and experienced no such problems when thrashing the CPU with video encoder Handbrake or when running the PCMark Vantage benchmark suite in a Windows 7 Bootcamp partition."
Looks like you found the sweet-spot in the range then
"HTTPS doesn't protect you from a compromised download repository. What it protects against is a man-in-the-middle attack."
Doesn't that tend to rely on the trusted certification authorities certificates installed on the machine? If one happens to be Govt of China will that not make man-in-the-middle possible unless you inspect every certificate?
Regarding the wiretaps, will this be the point at which the normal internet starts to rapidly become the encrypted/VPN'ed internet?
I can certainly see a market for a VPN provider such as Relakks providing a linux distro that preconfigures a connection for you on installation. Live CD or, better, a USB installable one allowing for persistence.
"why a senior banker or financier or factory manager or other such should need a "bonus" for doing his or her job when they are all ready handsomely paid"
The theory is that it is a variable component of salary so rather than pay someone $200k you'd pay them $100k + up to $100k bonus. Then, *if* properly applied, when things don't go so well you don't pay the bonus and when they do you hand it over. It is much better for a company to pay in this way than to hand over a flat $200k come what may.
You will have witnessed that the effects of the bonus tax were for Barclays to up the fixed salary component of their investment banking workers so by trying to make bonuses smaller you have in fact ensured that these people get a larger fixed pay packet and they no doubt thank you for it. For those that believe they then get hit by the 50% tax band you should look into how highly paid finance workers actually get paid. EBT schemes would be a starting point.
All that happens, for those who haven't worked in finance, is that trades then take place between the offshore (tax haven) arms-length entities of each party via a "trading suggestion". If Governments really want to be arseholes with this tax then they are playing in a league well above their level - finance wrote the book on it.
"The law, much hated by all contractors, meant that all new contracts needed to have their wording changed such that the contractor fell outside of IR35. It was an utter waste of time and any additional tax take was far less than the cost of obtaining it. Contractors still paid themselves minimum wage and took the extras as dividends."
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
