The survey tells me the price in HK is $71.21, I'm paying $21.51 so it pays to shop around.
1761 posts • joined 12 Jun 2009
The survey tells me the price in HK is $71.21, I'm paying $21.51 so it pays to shop around.
"Our thoughts go out to the senior officer who has to, with a long straight face, tell a room full of pilots that this is absolutely not funny."
I'd suggest calling out the miscreant in front of his colleagues and asking, "Are you compensating for something?", leaving him with a humiliating nickname would discourage any repetition.
Streets? No, not merely streets, entire towns, cities, and even states (I'm looking at you, Australia!) were named after Victoria, along with rivers, lakes and even Hong Kong's famous fragrant harbour. Though HK did quietly drop using the name Victoria for it's capital, even before the handover. It's now fairly indistinguishably divided into Western, Central and Wan Chai Districts.
Neither Liz nor Charlie have any hope of catching up, without an Empire.
@PNGuinn - Wheatstone bridges, yes.
As AC said, with more detail, "Possible. But not plausible."
But I'd add, you said:
"> Malware developer
You don't know that."
"NSA penetration tools"
So what is a penetration tool created with the intent of unauthorised access, if not malicious?
Nope. Malware developer1 installs anti-malware software2 on their computer. Said software detects multiple items of malware and reports them. Some are ones that the malware developer was creating/using, others were ones from a rival malware developer3 that the first malware developer was unaware of.
1 - NSA
2 - Kaspersky
3 - China
Score so far: NSA -2, Kaspersky 2, China 0. (not counting the 'FSB hacked Kaspersky', 'Israel hacked FSB' stories that seem uncorroborated).
@Doctor Syntax - So that was twice as safe: a fuse in both plugs!
Was the previous owner still alive when you bought it? If not, maybe you should make a Darwin Award nomination.
Ask the person who thinks they may be victimised to send:
i) image of their face
ii) image of normally-visible tattoos or distinguishing marks
iii) images of location where nude snaps were taken
Then flag for investigation any image that AI says contains a nude plus one or more of the above.
Is this a better solution?
1. Was the USB drive successfully recovered?
2. Was it readable?
"And this is our secure data-wipe facility"
"Umm, it's a cage full of monkeys"
"That's right, we feed your data to the monkeys, and their digestive juices do the rest"
"Why do you do that?"
"Mainly for the entertainment value of watching opposition spies collecting the monkey shit in the forlorn hope of recovering the data"
Perhaps there is a terminology problem. AFAIK, "zero-day" means "not known by security researchers before it was seen in the real world in malicious activity", and is usually only applied to vulnerabilities. Malware writers don't send their creations to security researchers before using them on victims, so all malware in the wild could be described as zero-day, making the category meaningless.
I'm curious how you would go about doing a comparative test against malicious apps that aren't known to be malicious. If you check the details of AC Test's Real-World Testing, I think they have a good procedure to present the same current threats to all the software under test simultaneously.
Using a combination of techniques, including known malware definitions (signatures is a misleading term) and heuristics, is standard across anti-malware developers.
@Adam 52 - 'I couldn't possibly
shoot murder someone because I don't have a gun, doesn't mean that I think shooting is OK' - FTFY
He made the mistake of mis-understanding the crime as something over-specific (or was that deliberate on his part?), you appear to have joined him in the error.
"The longest you can be made to wait before getting legal advice is 36 hours after arriving at the police station"
So, with these rules on street interviews, you could be arrested and then "interviewed" continuously (using multiple offices in a relay, if necessary) without a lawyer?
"...but a camera would put a stop to that"
Not quite, now they steal the previous delivery and the camera.
Do people keep gum packs for longer than it takes to consume the contents?
"Honey, I cleaned the rubbish out of your jacket pockets"
"Noooo!! Now I can't login!"
@AC - "Obviously I could do all of these things back in the Victorian era, mainly by telling the butler to ask the head gardener..."
And the butler would give you a clip round the ear, and tell you to get back to spreading horse manure round the rose bushes, like the head gardener told you five minutes ago. Your name clearly doesn't command any respect, AC.
Are there any guidelines on when to compare an astronomical body with a) an egg, b) a river stone, c) a potato?
Well, it's still classified as a "dual use technology", see the Wassenaar Arrangement:
Your local laws may or may not be based on this, Hong Kong's (https://www.stc.tid.gov.hk/english/checkprod/cat5A002.htm) follows the wording so closely that I'm surprised it isn't a copyright violation.
@ lglethal - Since NIST and GCHQ are now recommending not forcing regular password changes, it sounds like you need a new CISO in your office, preferably one who's heard of SSO. Current standard practice is broken (why limit the password size when you are hashing it?), and the "fix" of using memorable questions is like putting a band-aid on a compound fracture. Unfortunately, it is cheap.
PKI with certificates stored on secure smartcards or USB tokens would be a better system but the initial cost is high, the learning curve is steep, and the real benefits come when a critical mass of service providers accept the same certificates, so I'm not rolling in Millions yet ;(
Why is a "memorable question" considered an authenticator separate from a password? It is still "something you know". As you point out, it's only a string of alphanumeric characters, but, I'd suggest, inherently more vulnerable than a password.
We can tell people to keep their password secret and they might do that, but if you tell someone to think of a memorable question, they are going to pick something that is significant to their identity, and therefore something they are likely to discuss with others. Aside - are those, "find your drag queen name" (and similar) games where you use the name of your first pet and the name of the street where you grew up just social engineering to reveal this sensitive information?
There is no need for a list of questions that are best avoided because it's ALL of them. Anything about me that is memorable is not secret, and anything about me that is secret is not memorable.
It's a sign to a Stadium, with an icon of a discus decorated with a hexagonal pattern. They used to use the icon for the relay, but it got confused with the line dancing icon.
@AS1 - "With augmented reality glasses, you could enter your animals of interest and " visit any car park, but experience a full zoo of your desires.
Oh, and where's my flying car?
@Flatpackhamster - "Imperial measurements are based on
human ox perceptions of distance."
Icon - the one with the cheese and pickle sandwich in the pocket, please.
@Alan Brown - "Shows how many people are stupid enough to put that information on a computer they don't own in the first place."
We already knew that - haven't you heard of The Cloud?
I'm guessing El Reg is more afraid of JD's lawyers than ISIS.
@paulf - "those odds are much longer if you don't buy a ticket"
Oh, I don't know. I regularly win Microsoft and Google lotteries that I never entered.
"But how gullable do you have to be to use this stuff without actual testing?"
Unfortunately, with security problems, just testing isn't enough. Sure, the code does what you and the users expect, but testing your app won't tell you e.g. that md5 is too weak nowadays.
@AceRimmer1980 - "is like herding quantum cats."
Which is OK, until HR looks in to check on your staff numbers, and finds many dead.
@Sampler - So you invented social networking for lice, when previously they could only network before they hatched? I never realised.
Nit - the egg of a louse or other parasitic insect.
Close-knit - bound together by strong relationships and common interests.
And now a need a shower.
@MGJ - 1945 UK General Election it is! Good choice!
You do remember that the UK elects people to Parliament, not parties? So Clement Attlee would still be Prime Minister. I think a Government led by a 50 year-old corpse would lend definite stability to the country. Is there anyone still alive who was elected in 1945?
@eldakka - No! This mythic time on the internet ended far earlier than you imagine. BGP was first used in 1994, and updated in 2006, when security threats were already a widespread concern. Already, we'd had the Morris worm and the Michelangelo virus. The IPsec working group started about 1992, and the RFC was published 1995, so someone was working on secure protocols when BGP was developed. Hell, the film Wargames came out a decade earlier, so network threats were even part of the popular consciousness!
Rather than pointing the finger at academic institution trust, it might be worth looking at the cost trade-off of doing it properly, and the telecoms companies wanting to get into this new era quickly.
icon - there's no Star Wars icon, and a deerstalker is very elegant.
@SkippyBing - Unless you think that cars are driven by zombies, you should only include the extra food consumed to fuel the transportation running/cycling.
@DailyLlama - Downvoted for:
2) Failure to calculate 2^11-1
"They are not allowed to carry firearms, or have firearms at their residence"
So do criminals wanting to do burglaries and home invasions look down the lists of recently-bailed people to identify safe targets? If firearms are so effective at home defence and deterring those crimes, then it should be the criminals' natural response.
@Ledswinger "That's what war is about. Kill, or be killed, and fuck collateral damage.."
That's killing your friends, remember? Sure, accidentally or inadvertently, but still your own side! If you were in Théoden's charge, you'd be the one wildly swinging his weapon (nominative determinism?) and injuring your companions!
The Geneva convention may be often breached, but it is part of what keeps us from becoming as bad or worse than those we fight. Protect civilians, care for prisoners. Who wants an endless cycle of escalating revenge?
Up for it? Already did it, last time I renewed my phone contract. Went to the shop, insisted they printed the T&C in English, not Chinese, read it standing there in the shop, amended the bits I wanted to in pen and signed. Didn't even need the thermos and sandwiches, only took half an hour.
It worked because the assistant wasn't briefed on how to handle it, and thought it was easier to complete the transaction and hand the paper on to administration.
I am absolutely disgusted at the price of five beans nowadays. I blame the government!
@leeneubecker - There are too many gaps in your blog and sources to build a credible link between the Raspberry Pi and the NHS outbreak of WannaCry. You say that the Pi has WiFi vulnerable to BroadPwn, but only the Pi 3 and Pi Zero W have built-in WiFi. You say that the NHS has adopted Pis for use in hospitals, but link to an article about a pilot project giving Pis to patients for home monitoring (and no information on whether they use the Pi 3 or PiZero W). You have no statistics on the numbers of vulnerable Pis used in actual hospitals. You have no evidence linking even one incident to a vulnerable Pi. You don't even seem to have tested whether a Pi with built-in WiFi is actually vulnerable.
Full disclosure: I'm a fan of Pis. I own and use a number of Pis.
You mentioned kittens?
@DougS "require signed binaries, and even that isn't a guarantee (you can still be hacked, but you don't have to worry too much about viruses and worms"
Unless you're a developer (some has to sign those binaries), or until someone adds a macro language to your favourite app, because of course everyone needs wordprocessor documents that are programs.
@boltar - "How many welshmen have been legally murdered in chester recently then?"
Trick question! None, because murder is defined as unlawful killing.
If he'd gone war driving, then the connections would likely have come from a handful of networks within easy driving distance. So a suitable stakeout could still catch the perp. Yes, more resources, more subpoenas but ultimately still trackable.
How quickly standards slip. It would be OK if organisations followed what the government actually said, "assessed the risks adequately, taken appropriate security measures, and engaged with competent authorities", but already it's slipped (here in the comments) to "current best practice", which I guess means, "no-one else bothers with more than this".
Anyone want to predict how long before a court accepts, "industry standard practice" as a defence?
@Lord_Beavis "Wasn't that an 'X-Files' episode? Except the people went crazy or exploded?"
You'll have to be more specific, people going crazy or exploding was every X-Files episode.
@deathchurch - So you're not planning to retire, ever? Sure, your pension looks adequate now, but with fewer working-age people around, prices for nursing care, transportation, food... hell, everything that requires people, is going to skyrocket. If you want a stable society that continues for your lifetime, you'd better put some investment in the basic infrastructure to support it: young people.
"can have no contact with his unnamed accused co-conspirator"
Did they tell him who this accused co-conspirator is?
Durham's pretty far North... just redirect the heating pipes through the data centre, and shut down the boilers.
I don't know what you do in summer, but one day downtime a year isn't too bad.
@Alister - Well, it was pre-Colour of Magic publication, so I think I've got an excuse for not thinking of that. On my way out, I did notice a man in a black fedora receiving a package from a short figure with red hair in a long coat.
One time in Foyles, I came across a half-height, arched door at the end of a row of shelves, like it was from a monastery for dwarves. I carefully re-traced my steps, and was relieved to find myself in the same universe.
One DB to rule them all, One DB to find them; One DB to bring them all and in the darkness bind them.
Biting the hand that feeds IT © 1998–2017