"and it's taken three weeks for anyone to notice"
Er, no it didn't, within a few days several Linux distros noticed, such as:
74 posts • joined 22 Jun 2009
Er, no it didn't, within a few days several Linux distros noticed, such as:
So yet another example of a fatuous O/S design element .. API hooking .. is exploitable.
It's sad for the PC world that professional software developers weren't involved in designing Windows and that IBM lost out to Microsoft in the NT vs OS/2 fight.
It's noteworthy that 'legacy' mainframe systems never contained such ridiculous architectures, leastwise not when I was working on them a couple of decades ago.
Or maybe YOU should do the sensible thing and remove Flash from YOUR system, problem solved.
Their whole site is affected, it's nigh on impossible to get to the Control Panel, many times I'm getting "Server responded with empty page" type messages and once logged in it's hit and miss as to whether you can actually do any management on your domains.
Since when did Microsoft ever follow "best practices" except when it suited their agenda?
I canceled my 'pro' service before they did this apparent U-turn, if they came up with that asinine 'policy' once they can do it again. I've used it for over 5 years and have a good number of documents in it but not paying for such cowboy attitudes .. looking at Peerio at the moment, first sight it looks something to be tried.
The computer literati perhaps know better but they're the minority, though they choose to ignore (or else are incapable of comprehending) that fact.
This includes vast numbers of 'businesses' which are one or a handful of people who nowadays feel obliged to use the web even though they really don't 'get it'.
Try Google, this is the top of the list:
Of course, now that Accenture have filed a patent for an EDITOR the entire value of this technology just plummeted as it's no longer possible to believe that the chain isn't 'hackable'.
When websites GUARANTEE that they'll not try to explopit me using 'malads' then I'll consider it .. of course this means Hell will freeze over since the ad networks make zero effort to deal with the malware-punting ad agencies and websites rarely if ever cease dealing with ad networks that are shown to serve ads to their [the website's] visitors.
I guess some lawyers will be getting Christmas early out of this fiasco.
It doesn't take a genius to see this is simply a [malware] disaster waiting to happen when someone spoofs the 'updates' .. using P2P-type methods for software patching is beyond asinine.
The way this article failed to mention the inability for most users to decide for themselves when to apply Win10 updates, failed to mention the egregiously heavy-handed snooping Win10 does before phoning home with vast amounts of information M$ have no business to be taking from your PC .. and the fact that they have the abiltiy to download YOUR FILES if some junior tech. decided he needs them to pursue an alleged 'issue' .. makes me wonder just how critical the writer is, or for that matter, what relationship he has with M$.
Totally agree, but what I find bemusing is the excuse they gave for killing it .. just how hard is it to write this code so that it works without the need to, as the justification alludes to, continually fiddle with it?
"people feel they need a blocker because of the irritating ads"
IMO that's the least important reason for using an ad blocker .. MALVERTISING is by far the most likely way people's PCs are getting hit these days and until the Ad industry learns how to stop serving 'bad ads' to us then Ad Blockers are a MUST for anyone serious in trying to defend themselves, coupled with NoScript's ability to block iFrames.
Isn't Dropbox the company Snowden warned about? Didn't they take on to their board an ex-politican provably hostile to privacy?
I guess if they have all 'your' data in-house it's easier for their friends at the NSA to get at it.
My experience of VM, nee NTL over around 20 years is that the service is generally very reliable but God help you if you need support as their 'tech support' has always been lamentable, seems they're continuing the tradition.
I would say though that if you can get past the abysmal staff they have at 'tier 1' and get through to 'tier 2' (last time I did that was a couple of years ago) in BRITAIN you get to talk to people who understand your language and know what they're doing.
So why is anyone surprised that there's a [good] chance that people will lose some [or most] of the content they paid for .. sorry, RENTED?
Only the naive would expect anything else given the DRM shenanigans of the digital age .. and expect TTIP to make it MUCH worse.
When ad networks
a) guarantee not to inflict malvertising on me
b) never use animated ads
c) never use ads with audio
I MAY decide to remove AdBlock+ .. and I fully expect to see ice in Hell before that happens.
And yes, Steve Todd, a very apposite comment, I do love good doses of irony.
It's only March 1st, you know, not April!
A tad cynical perhaps but still a very valid point, more so for Android, when I have to use an Android device I have a Nexus, at least the support window from Google is measured in months rather than the weeks I experienced from Samsung with a Note II.
Given both Google's and Apple's 'official' stores have had and continue to have malicious apps discovered in them relying on these 'official' sources is clearly little defense.
I too only use Firefox+NoScript (+AdBlock for extra defense), blocking iFrames IMO is the biggest defense in fact even though of course script blocking is also key, which is why I'm sad the way Mozilla is taking Firefox.
If NoScript was available for Chrome I'd be using that browser but sadly there's no sign that it will be and the copy-cats addons for Chrome simply don't do as good a job as NoScript. :(
Yup, seems to be a case of someone looking for anything to slam Apple for.
No, I'm not an Apple fanboi, I loathe some of their policies and attitudes but this is simply a pathetic attempt to find something to complain about.
The VM mail system was moved to Google some years ago, before that I have no idea where it was hosted, so these 'old' addresses could well have been migrated from the previous hoster to Google.
In any case, the Google data was migrated to the new system and all reports I'm seeing infer that the alleged breach occurred after that migration.
You know, while Adobe rightly gets lambasted for Flash, it seems to me WP is now enemy #1 on the Internet yet its developers are never pilloried like Adobe are.
How many scores of holes have been found in this abomination already?
Frankly if I were looking for a new site hoster I'd try to find one who won't allow their customers to use this crapware.
He said: "Given the current concerns around privacy and data security, the realisation that home routers can be accessed by complete strangers is unlikely to be viewed in a positive light.”
That's a pretty sizable understatement!
Given that most domestic routers are riddled with vulnerabilities in their firmware already, must of which is GPLed and open to being looked at, only a fool or someone not technically competent to know would trust the 'firewall' between the two channels.
I'd never use an ISP's provided router for this reason alone, I certainly wouldn't trust BT not to have back-doored their Infinity router to allow them to turn this 'feature' on even when I've disabled it.
Sorry, this piss-take of a 'stupid user' is a fail!
Yes, it's been fashionable in IT circles for the 4 decades I was in DP/IT/whateverthe millenialscallit to deride 'dumb users', but not knowing anything about the organisation this alleged episode happened in it's impossible to know what expectations the end-user being jeered at would have had when he placed the call, however the support person who supposedly took this call made a fundamental assumption which we cannot know if he was entitled to make.
We don't know the remit of the 'support' department, so don't know if he was entitled to presume the end-user had a 'computer' problem without checking, and even if he was so entitled then clearly he didn't ask sufficiently general enough question to have realised the end-user wasn't using a computer payment system.
In any case, sneering at the user in this article is simply fatuous, he was asked questions and answered them, dealing with 'tech support' people that's what I do.
I also love many of the user-jeering replies made here, so typical of 'IT' discussions everywhere.
Me? I was a programmer/systems programmer/ database designer and more for 42 years until retiring in December, so I know full well the attitude of many in the 'computer industry' who deride non-techies.
Actually, no it isn't a defense at all, I suggest you research decided cases.
If it's noticeable faster with encryption turned off you've got some pretty lame equipment, frankly.
Also, failing to secure your Wi-Fi is no defense when the police call tracking down someone using your network to download child porn or somesuch.
Just another example of why anyone who chooses to use an Android phone is bonkers if they don't use a Nexus .. I love my Samsung Note II but it's never been updated so I'm in the process of switching to an iPhone 6s.
Why is it with ALL these announcements only a 'small' number of customers were victims?
Do the PR bunnies that write this trash really think the people reading it are stupid?
Sadly I suspect the answer is undoubtedly a big YES they do.
"am in a law library and have to consult a hard copy of the law reports for the first time ever because of the DoS attack on UK Unis"
'Last century' skills, so useful at times. :)
Sadly another day, another malvertising attack .. simply one more reason to use AdBlock and NoScript in Firefox as the only sensible way to browse web sites these days.
And to those sites who demand I disable my blocker to use them .. I don't need you so I'll pass on the offer, thanks, until you stop using ad networks that don't protect me.
The degree of cluelessness here on Dell's part is staggering, especially from a company whose origins are as storied as this one.
"The case highlighted the problems Microsoft can have with patching. With the plethora of operating systems and software run by its users, "
Um, Outlook is a Mickeysoft product running on a Mickeysoft O/S, how much simpler does it get to check it works?
Sorry, that's just totally untrue.
I have both VM cable (recently upped to 100mb 'free' *cough*) and BT infinity 2 and I see no difference in performance (clearly the BT is now slower but performs perfectly according to its spec) and would quite happily end my VM service and use only BT if I had to choose one or the other .. I likely wouldn't close my BT and keep only VM.
"Because even if you have have a data centre in Europe, most Europeans are sharing their data with people outside Europe, so we need to have clear legal grounds to make sure that your feed isn’t limited to only the people who are also in the EU, which destroys a lot of the value you want out of the product.”
The last part of the last sentence clearly is wrong, it should be:
"which destroys a lot of the value FACEBOOK wants out of the product."
Anyone with the remotest interest in this subject is under no illusions about what Apple's App Store is all about.
It's Apple's system and they have the perfect right to control it as they see fit, users can't fail to realise the 'mind control' Apple exerts, they agree to it when they purchase Apple's products.
No, I'm not an Apple 'fanboi', I think Apple is a far more 'evil' company than Microsoft ever was, but what they do is hardly a secret.
Their switching off their e-mail seems to indicate their mail server techs don't understand the concept of spoofing.
Kind of worrying really.
As I've commented before about this train-wreck called Wordpress, when are Mozilla and co. going to issue a death-penalty on it like they've done for Flash?
Don't be absurd, "a gendered term of abuse", LMAO, that's the problem these days, lame attitudes like this.
Just another example of someone wanting to be offended, so she was. I read the /. article and it's clear this was simply another example of feminism gone ridiculous.
Agreed, I only prefer to use Firefox for NoScript and AdBlock (and a couple of others like Ghostery), if Firefox ceases to support them then I'll have no reason to carry on using it.
Yet another example of 'researchers' who don't have real jobs publishing information that will damage those that do have real jobs.
And yes, 'security through obscurity' is a valid concept, some 'baddies' may know it but now everyone does!
"and keep up-to-date with the latest version of Android, if possible. "
Good luck with that given the utter indifference to their users' problems shown by nearly ALL Android phone manufacturers in their lack of any urgency to supply Android updates, if they ever do at all .. and Google is as bad in that they refuse to provide updates to older models.
Android is a great idea, hobbled to virtual uselessness by those providing phones using it.
"Might the mess of Windows 8.x's interface be deterring the rump of Windows 7 users from going anywhere near a tiled interface?"
For me, totally, a PC isn't a bloody phablet!
Have to say I'm appalled that El Reg gave this 'article' editorial space.
As someone (one of many) who worked alongside 'contractors' in the 80s exploiting umpteen tax loopholes to avoid paying their fair share of tax on the vastly higher salaries than those employees they worked alongside, I have no sympathy whatsoever if belatedly HMRC are catching up with such schemes; even if, sadly, those I saw abusing the system aren't likely those now getting hit.
It seems a widespread domain outage, the forums are down as well as the Store, so it maybe more than just their account system under strain.
Biting the hand that feeds IT © 1998–2017