and just to prove the article inaccurate in one point, Echo Show (and some other tat - 'Echo Buttons'?) appears to have been released in the UK today...
347 posts • joined 23 Jun 2009
I have a DTEK60
It's a good phone on the whole, but the support has been pretty patchy. As it's essentially the same spec as the Pixel XL, I had assumed it would at least get Nougat - the hardware is more than capable. The lack of updated OS I could excuse though, if it wasn't for their marketing departments promising that they provide the fastest rollout of updates, criticising other manufacturers for taking weeks or months to deliver security updates (https://uk.blackberry.com/smartphones/dtek50-60-by-blackberry/overview).
Yet after only 6 months, the DTEK60 has started missing the monthly security update releases (twice now, and the August update only lurched into view last week at the start of September), and the general response seems to be that they're only concentrating on the KeyOne now.
The promise of security and a rapid delivery of updates, coupled with lack of bundled bloatware and carrier addons was a key factor for me in buying the phone.
The security lapse allowed .uk domains to be transferred between Enom accounts with no verification, authorisation or logs.
Any domains hijacked would have been “extremely hard or impossible” to recover, according to The M Group, the security firm that discovered the flaw.
Err, why? Surely if both victim and thief have Enom accounts, you just use the same trick to steal the domain back again?
Re: Sunday (autonomous) driving
Have you tried peering through other peoples windows at 40mph?
I need glasses. It took me two reads to spot the 'R' in 'peering'.
Re: There's another dodgy claim there
Maybe their 'military grade UK data centres' are in Cheltenham...
Re: The Guarding Dark
His Grace, His Excellency, The Duke of Ankh; Commander Sir Samuel Vimes
You forgot "Blackboard Monitor".
Re: A few suggestions from me
Aviation museum in Farnbrough, the name of which escapes me - it's on the main road near the airport.
This one? http://www.airsciences.org.uk/
That reminds me...
The world's largest hovercraft museum - https://www.hovercraft-museum.org down near Fareham. Looking at it on Google maps/earth is entertaining, I hope for the sake of the house owners whose gardens back onto it, they never need to fire up the engines... [edit: which I've just noticed is referenced at the bottom of the original article...]
One more to add to the map and to your features maybe - Porthcurno beach in Cornwall:
As well as the more famous clifftop open-air theatre, was where the early international submarine telecoms cables came ashore, linking the UK to the far reaches of the British Empire during the 19th century, becoming the world's largest underwater cable termination point and important during the wars.
Re: My Find
Well I have all the HHGTTG books in their original covers :p
I don't. When I went to University, my parents decided to take a bunch of my old 'kids things' to the charity shop and/or dump while redecorating.
Mostly books, including my HHG set and the original Steve Jackson/Ian Livingstone fighting fantasy books, but also a 1970s Dalek (although to be fair I think it had lost one of its arms, and batteries had leaked) and a few other things that now would have been collectable.. To be fair, at the time they probably would have just seemed to be clutter.
Who switched the comet off?
Ok, not trying to push any sort of alien signal cover up conspiracy theory, just a couple of questions that the article didn't address (ok, I'll admit I've not read the full paper, does that explain?)
From memory, there were two dishes pointed at the same location, slightly offset. If it was comets, surely the other dish should have picked up the same signal a couple of minutes before or after? Or is the signal not constant but changes as the comet spins? (for instance)
I gather the scientists pointed the dishes back at the same point and surrounding space repeatedly afterwards without picking up the signal again, surely comets don't move sufficiently fast to be nowhere near the next night, or even weeks later? So why was nothing picked up?
It seems most likely that if a comet that has since been shown to be emitting a signal at that frequency was in the same place at the same time, it's probably responsible. But doesn't answer those questions.
Just looking on wikipedia, the article on this event references this paper but says it doesn't answer the first question, and says (but cites no sources) that Ehman and his colleagues think it highly unlikely to explain the signal. Not that they're biased.
Re: Hardware nostalgia
I do still have a bunch of SGI kit that I acquired when it was being thrown out. Kept meaning to do something with them and never quite found the time.
As a result, hidden at the back of our server room is a Challenge L (4xR8000) (it is actually exceedingly difficult to 'hide' a Challenge server the size of a small fridge), 2-3 Indigo2s in various states of disrepair (including 1 Indigo2 Impact), a couple of Indys and an O2. The Challenge needed some hard disks, I think the Indigo2s were fine but had stripped them down in order to max the RAM in one.
Re: Irony-o-meter exploded!
Indeed, and only a mere couple of weeks since a major malware outbreak based on leaked vulnerabilities amassed by security agencies showed that said agencies clearly can't be trusted to securely safeguard any back doors that they might demand.
Don't forget your gold plated optical cables too!
Ever visited a land now under Islamic State rule? And you want to see America? Hand over that Facebook, Twitter, pal
Re: What if...
But then you won't be allowed in because it's too new and empty looking.
Please come back when you're following the endless ramblings of at least 100 vacuous celebrities.
Haven't apple already patented "taking all the profits from the mobile space"?
How 'they' knew what Trump & co were saying on his private phones?
They were wiretapping the Russians. Simples.
Re: The moral of the story?
I thought it was "Do not meddle in the affairs of sysadmins, for they are quick to anger and have no need for subtlety" ?
Re: Let's think big
I was thinking Warwick Davis - he was in Willow, several of the Harry Potters and all three Star Wars trilogies amongst others, so he's got fantasy/sci-fi credibility. And it's his birthday today, so why not.
Re: About time
Oh Big John. I'm so sorry but just look at all those down votes! I'm afraid like our glorious King we aren't winning the popular vote
But those down-votes were obviously made illegally by people who are dead or foreign. It's the only explanation as to where they came from. Or maybe the press did it?
'We, um, have to let this one go, because if we say how we got him, we might jeapordise future investigations.'
But surely future investigations are already jeopardised as future defence lawyers now know what they have to ask to get the case quietly dropped?
Strong non-backdoored encryption is vital – but the Feds should totally be able to crack it, say House committees
It's both backdoored and non-backdoored at the same time!
Re: How does it work in practice?
I'd read (but now can't find the reference) that the site is expected to do age checks (only on UK browsers) via either a credit card transaction, or by checking details against (government provided?) records (passports or something?). I'm sorry, I really wouldn't trust those who run porn sites to behave responsibly with personal data on the UK's population, or with credit cards.
But apparently the punishment on non-British porn sites that don't cooperate? They lose the ability to charge UK credit cards. But as any that *do* charge credit cards are clearly providing an age verification service, the only ones left will be the ones that make their money from affiliate links and hosting dodgy malware-laden adverts and so won't care about the punishment.
I would like to know though whose job it is to constantly patrol the world's porn sites looking for which sites do or don't do age verification.
In [old job] the servers were under a table in the open plan IT office. On hot days we'd open the fire exit door out to a strip of grass alongside the building. On one hot summer I'd brought a couple of old 120VAC industrial fans that I'd ripped out of something and wired together and had them in front of the door to vent hot air.
One day heard a strange vibrating noise coming from the fans and discovered that an escaped tortoise had wandered in through the open door and was busy sticking its head into the fan (which was missing its protective grill).
The tortoise was completely fine (and was returned intact to its owner), it moved its head so slowly that the tip of its nose was just being brushed by the fan so it would move backwards then slowly extend head again, which was fortunate as I'm not entirely sure how I could have explained it otherwise.
"The blood all over the carpet and servers? Well, you know how you always said that getting SCSI to work first time required a sacrifice..."
I really can't see how it could be monitored or controlled, but I'd really like to see some process by which companies are prohibited from charging customers more in order to cover the cost of fines and so preserve profits, and instead the fines come from salaries and shareholders' profits - hurt those who made the bad decisions, and force the shareholders to ask awkward questions.
If the board still get their bonuses and shareholders their dividends, at the expense of the customer then nothing will ever change.
I don't ever see this happening though.
Re: The real elephant in the room
The other option would be to run it as a physical server, but then you've still got a single point of failure, and at least with a VM, you might be able to migrate it to a working host if your hardware fails in a non terminal way.
I run it as the only VM on a standalone (free) ESXi box that it doesn't manage. So I can still take snapshots before upgrades and take advantage of hardware abstraction so can move it via shared storage to another box if the first one blows up (and have done so).
Web connections seemed 90% flaky this morning, SSH and VPN seemed unaffected so just connected to VPN and browsed over that, so any packet loss seemed to be confined to certain types of traffic. Or coincidence.
All photos containing people whose identities need to be obscured must be re-enacted in Playmobil.
Re: Going nowhere
Quite. I'm also having some difficulty imagining that, at no point during any of the concerned parties activities, did "that's what insurance is for" occur to anyone.
They probably had insurance, but the insurers insist it's a wear and tear failure and not covered
Legitimate use of VPN fine?
Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery
Sounds as though it's only if you're using it to commit or conceal a crime, that 'new language' doesn't seem to cover use of VPN for legitimate purposes. There's also no mention of VPN in the linked article.
Plus it's not a 'fraudulent' address, it's a perfectly valid address.
Not that I think I'd want to argue the semantics, mind...
This looks veeeery similar to pptPlex - a free addon that MS made available for Office 2007/2010 back in 2011: https://www.microsoft.com/en-gb/download/details.aspx?id=28558
pptPlex is an Office Labs experiment that uses Plex technology to give you the power to zoom in and out of slide sections and move directly between slides that are not sequential in your presentation.
BCC not always blind
I remember receiving grief once when someone *did* use BCC to send email, but the email addresses were still visible to other BCC recipients (but not 'To' recipients). Turns out that mail client had an option about how to handle BCC headers. By default, it was compliant with RFC822, which says:
4.5.3. BCC / RESENT-BCC
This field contains the identity of additional recipients of the message. The contents of this field are not included in copies of the message sent to the primary and secondary recipients. Some systems may choose to include the text of the "Bcc" field only in the author(s)'s copy, while others may also include it in the text sent to all those indicated in the "Bcc" list.
Looks as though later RFCs have tightened that up to say the addresses shouldn't be visible to any other recipient.
Doesn't say what the judging criteria are, other than if it fails to produce the right output it gets disqualified. Which of the entries wins: shortest code, quickest runtime, fewest uses of the letter 'i'?
Or is it just pick a winner out of a hat?
No, didn't miss that bit. But as the article later says he handed over USB sticks containing classified material, it wasn't clear whether he had obtained classified data that he didn't have access to (in which case, how did he access it), or whether it wasn't 'Government classified', but - as in the section you quoted - proprietary trade secrets (in which case it is possibly misleading for the agent to describe it as 'classified').
Or perhaps it's my interpretation - companies have commercial secrets that they don't want competitors to have, and in this case may require a license to export, but to me at any rate, that's not the same thing as being classified as containing government secret information or designs, which ought to be access restricted etc.
I'm guessing it's the former - that he obtained the material that he wasn't supposed to have access to through nefarious means, but that implies poor security.
So if he didn't have 'access to classified material', how was he able to copy it onto USB drives? Or was security and proper separation of classified material from unclassified lax with no access controls?
Or was the stolen data not actually 'classified' at all, just commercially sensitive stuff that the Americans would rather foreigners didn't get their grubby paws on?
Re: History lesson
Ahh, Wimpy. Home of the 'Bender in a bun'.
And yes, that is an actual menu item, not the dodgy character skulking in the toilet.
Re: Healthy options
I misread the subtitle on quickly skimming and thought it was some sort of aversion therapy.
Or to put it another way, "Does it run Crysis?"
Still doesn't seem to be a unicode character for a teapot though.
Only clue I get from the name patrick_bateman is the main character from psycho.
I thought that was Norman Bates? Or was that changed in a sequel/spinoff?
Re: Statement of the Obvious award of the week goes to:
While I do agree with you entirely, I'm afraid that 'statement of the obvious' award for this week has already gone to:
"This individual was wrapped in plastic bags and his arms were tied behind him and his feet were submerged in concrete," Detective Robert Boyce said in a press conference.
"Obviously a homicide," he added.
..from the BBC
Re: Didn't realize there were more data dumps to come
I was surprised that there were no US politicians in the list, but I guess if we've only seen 1/6th of it so far that makes sense. Maybe whoever is deciding the order of release has wants to hold up the US release until after the primaries are done so to maximize the fallout.
I've read two opposing views on the lack of prominent US politicians/wealthy donors (and I also wondered if the elections were involved) - the first a blog post saying that the group controlling the release of the data was owned and run by US politicians and billionaires and, surprise surprise, none of their own sort have been revealed.
The second (NY Times I think it was) explaining it by saying it's so easy to create shell companies in the US that US citizens don't need to bother with offshoring...
Not sure which of those views is worse than the other!
Re: Company wordsmith?
And as for it looks like a "superstar's car" I think I may have a different idea of what that may look like.
I'm not sure there - a lot of superstars would rush out to buy one based on the environmental stuff regardless of what it looks like - look how many Hollywood types were reported as having rushed to buy a Prius when they launched.
From what I've read, a lot of the docs were scanned and ocr'd. So yeah, it could conceivably go back that far.
But if this report of a breach of a mailserver is to be believed, how would all this 40 year old scanned material have been obtained? Seems unlikely that a couple of Tb of scanned files would have been sat in someone's inbox rather than somewhere more suitable.
Re: Puzzled (@ DougS)
At the very least, being able to double your kid's room console as a Linux PC will save you the need of purchasing a dedicated PC, so the kids can e.g. surf the web and do their homework in a safe(-ish) environment
While I agree with your thinking, the fact it needs to use an exploit to work means that it won't be suitable as a proper tool/kids PC as the exploit will almost certainly get patched pretty soon.
I'm not sure that "I couldn't do my homework until someone hacks the latest PS4 firmware" will get much sympathy.
Yes, you could just not install firmware updates that block the exploit, but then,assuming Sony are consistent with how they handled firmware updates on the PS3, games and things like Netflix will refuse to work until you update the firmware, turning the machine back into a single-use box again.
According to a BBC article, the FBI are also now offering to use their new-found wisdom to unlock other iPhones.
I'd agree with that. In the past I've spent hours fiddling around with a Spectrum (or C64 or Amiga) emulator to fire up some game long remembered through magenta-tinted glasses (Spectrum didn't do 'rose'), only to play it for 2 minutes and decide it was actually pretty crap. There were some good games that did revolutionary things and pushed the boundaries of the hardware and of games in general. But they just don't live up to the depth, complexity and polish of modern games.
It may be in part that back then (maybe it's part of being a child?) you filled in the gaps with imagination (that circle's a planet, these few triangles are a spaceship - in the mind all fully textured and photo realistic) but now you're used to having those aspects and not needing to use your imagination to fill what's not there.
Time to add more metrics
Time to start monitoring how long an incremental backup takes to run, if order of magnitude above 'normal', clearly a lot more files have been modified.
Similarly I think I might see if I can also monitor deduplication ratios and if they change, there's a lot of what was identical blocks of data that is now strangely not so identical.