* Posts by Adrian 4

1103 posts • joined 18 Jul 2009

Page:

Fix this faxing hell! NHS told to stop hanging onto archaic tech

Adrian 4
Silver badge

Re: UK Intellectual Property Office - Sorry can you FAX that

I suppose an image-transmitting IM service is completely beyond the bounds of possibility, so fax will always have to be on standby ?

1
0
Adrian 4
Silver badge

Re: Sometimes, Paper is just more valuable

"We've all worked with people who will email after every conversation or phone call to "confirm" what has been said"

And very welcome they are too. Though they could probably save time and dispense with the conversation. I'd much rather search my inbox than my memory.

3
0
Adrian 4
Silver badge

Re: @ wolfetone

@HmmmYes

If only that were true.

0
1

AI threatens yet more jobs – now, lab rats: Animal testing could be on the way out, thanks to machine learning

Adrian 4
Silver badge

Sounds completely useless.

Isn't the point of testing to find out if there are effects that aren't expected from the theory ? If the computer models were perfect, there wouldn't be a need for testing at all. So relying on a knowledge base - even one with trendy words attached - isn't going to do even half a job.

19
1

Ransomware is so 2017, it's all cryptomining now among the script kiddies

Adrian 4
Silver badge

cross-platform

"Check Point further noted an increase in the number of malware variants targeting multiple platforms (mobile, cloud, desktop etc)."

But no details of how that's done or how one might guard against it, unfortunately.

2
0

Fresh cup of WTF with lunch? TeamViewer's big in Twitter's domination-as-a-service scene

Adrian 4
Silver badge

Re: To do the same for free...

"You accessed your FaceBook account from your work computer ?"

You still have a facebook account ? WTF ?

1
0

Git365. Git for Teams. Quatermass and the Git Pit. GitHub simply won't do now Microsoft has it

Adrian 4
Silver badge

Re: Trolling for comments

@JDX They sure buggered it up, though. Repeatedly.

27
2

Schneier warns of 'perfect storm': Tech is becoming autonomous, and security is garbage

Adrian 4
Silver badge

Re: ahum, dumb fucks ?

We don't have Caution: HOT on coffee cups because of dumb fucks. We have it because of lawyers.

Any idiot knows - or hopes - their coffee is hot. But if it says so on the cup, there's less chance that when they accidentally spill it on their lap that they'll be able blame the vendor.

It's not information. It's arse-covering. But yes, Americans.

2
1

What's all the C Plus Fuss? Bjarne Stroustrup warns of dangerous future plans for his C++

Adrian 4
Silver badge

Re: Disagree....

C++ still isn't good enough for embedded systems (unless you mean phones, which are more like a pc on a stick than their embedded roots)

5
3

Sir, you've been using Kaspersky Lab antivirus. Please come with us, sir

Adrian 4
Silver badge

Sales feature

Kaspersky is doing it wrong.

Banned by the agency best known for planting spyware and illegally accessing their own employers (federal and public) data ? Must be good ! Buy it !

8
0

Indiegogo lawyer asks ZX Spectrum reboot firm: Where's the cash?

Adrian 4
Silver badge

Re: Optimists

It got spent on some other lawyers ?

17
1

Unbreakable smart lock devastated to discover screwdrivers exist

Adrian 4
Silver badge

tamper-proof screws aren't

Not sure I can blame them for using philips screws. There are various screwheads around that are claimed to be tamperproof, but really they're just mildly inconvenient.

Many of them have drivers available in a kit from your nearest poundshop (where available) and those that don't can usually be defeated by hitting a cheap chinesium screwdriver so it moulds itself to the screwhead.

In short, they're worthless : tamperable by anyone over the age of 2 and most certainly by someone with an inclination towards overcoming locks.

65
1

Meet the Frenchman masterminding a Google-free Android

Adrian 4
Silver badge

Re: Banks

@DougS

You're missing the point. There is, perhaps, a statistical possibility that a rooted phone is more likely to have malware. But it's not certain, and the opposite could also be true (phones more likely to be rooted by people with a clue). I suggest figures, rather than supposition, are desirable here.

But the real point is : an unrooted phone isn't free of malware. NO phone is guaranteed free of malware. If the app isn't secure when running in a rooted environment then it isn't secure running in an unrooted environment either, and assuming that it is, is just painfully shortsighted.

The app has to do its own security. Any reduction in security created by the owner giving himself root privs is lost in the noise.

7
1
Adrian 4
Silver badge

Re: Pipe dream

Good thing the people who built Open Street Map weren't as short-sighted as you.

9
0
Adrian 4
Silver badge

Re: Banks

Why would you want to detect rooting ?

Any app that relies on the OS security to protect itself is insecure by design. The OS can't be trusted, because there's no way to know whether some other malware has found a way under it.

If you consider that an app can't be built that is only secure on a secure OS, you may well be right (as in the old mantra of 'physical access is game over'), but that doesn't make any difference. There is no such thing as a secure OS, and rooting most certainly isn't a reliable indicator of insecurity.

If your bank insists on non-rooted phones to run their apps, they are incompetent. Don't use those apps even on non-rooted hardware, let alone rooted.

9
4
Adrian 4
Silver badge

I don't think keeping up the standard is so hard. I'm finding Gmail less and less reliable : it gets stuck, crashes, is harder to use.

The bar is falling, not rising.

21
3

Universal Credit has never delivered bang for buck, but now there's no turning back – watchdog

Adrian 4
Silver badge

Re: hmm

You forgot cheaper. It would be cheaper to just hand out money than it is to mismanage the attempts to control it.

7
0
Adrian 4
Silver badge

Re: The government position:

Oddly enough, they already do run the rail systems. After a fashion.

The 'raiI minister' who cut all the high-speed commuter services from my local (thameslink) line, but fucked up and didn't provide even approximate replacement services has had another go. And fucked it up some more.

5
0

Visa Europe fscks up Friday night with other GDPR: 'God Dammit, Payment Refused'

Adrian 4
Silver badge

Re: Cashless society

Simultaneous identical ( or complementary) hardware failure on all their backups ? Wow.

Bad luck's a bugger. Really hurts when it hits, eh ?

Obviously there wouldn't be a single point of failure or a domino crash in a professionally-engineered system. So maybe it was done by amateurs, or worse, accountants.

6
1

Smart bulbs turn dumb: Lights out for Philips as Hue API goes dark

Adrian 4
Silver badge

Insecure

I've discovered a huge vulnerability in TV sets from almost every manufacturer. Apparently they use an unencrypted, openly known (and often documented) broadcast method to control them.

You could be subject to sniffing attacks that determine your choice of TV viewing, traffic and content analysis that determines which of your family is near that TV, remote command attacks that could change channel and influence you politically or present a fake channel instead of one you thought you chose. Selection of paid content while you're not present. Denial of service.

All this with just line-of-sight access to your window : no need to tap infrastructure, you can do it from a van in the road,. a handheld appliance from across the street, or a laser from the next block of flats.Cost of entry is low using arduino-level hardware. Cheap products have been on the market for years to facilitate some attacks. For extra fun and on-topicness, I can imagine a remote attack via a compromised light bulb. PoC needed.

ps. I don't watch TV any more and never leave it in standby if my partner uses it. So I don't care. Perhaps you don't either. I made this post because you don't have to be on the internet to be a victim of remote control device takeover. Moaning about IoT failures like they're a new thing and the result of people using unnecessary technology is valid, but 50 years too late.

5
3
Adrian 4
Silver badge

You can even do that with a gas or oil lamp. No need for pesky unreliable mains services.Get orff my lawn.

Everyone has their own choice of a tradeoff between convenience, complexity and risk. You make yours and I'll make mine. Fwiw, that means mechanical switches for me too at the moment too, but there are some cases where I'd be glad of a different method provided it met various criteria.

I'm getting bored with the anti-ioters. Nobody makes you use the things. Some of them (most of them ?) have flaws. So what ? Fix them, or ditch them, or push for something better and move on. But don't tell me what I should think. I can do that myself, thank you.

8
5
Adrian 4
Silver badge

Re: What A Time To Be Alive

It's partially good design in having local control (does Nest have that ? I''m not sure). But it's bad (read : venal, customer always comes last) to tie the remote service into a single point of failure.

Of course, most customers want it in a box and no thinking. I'm sure Philip's have done a reasonable job on that or they'd be on the remainder shelves already. And they're not : I tried to get one in the Maplin firesale but they all went before they'd dropped to retail price. So they're an attractive item, for whatever reason.

A reasonably professional IoT device though would have :

1. Default fully-local control (not set it up on the net then fallback to local. Full.)

2. A provisioned service from the manufacturer, secure, reasonably reliable, easy to use. 'Free', paid, whatever as long as it's clear upfront. Points off for 'free for the first year'.

3. The option to move the remote control from the manufacturers' service to another, whether your own or a 3rd party. Documented, secure, no opt-out cost. Possible even if the manufacturer's servers fall offline one day and never return.

I don't honestly know whether Phipps or Nest offer that (I wanted a bargain offer to find out!) but anything less than that is just junk or, worse, a scam that deserves the full scorn of the anti-IoT peanut gallery.

There have been a few people doing studies of IoT devices with an interest in security. They don't generally do a good job of also evaluating threat models, they're more interested in the publicity of 'I found a hole'. But it seems to me that such a review should also examine business models.

Update : just saw MartinB105's post. Philips appear to be pretty close to the above. ++

5
0

Softbank's 'Pepper' robot is a security joke

Adrian 4
Silver badge

Re: too much security

You've made a big assumption there. That the toy is on the other end of a routable internet connection. Sure, if that's the case you deserve everything you get.

Clue : Having an IP address doesn't mean you're open to the internet, any more than having your bedroom door open means you're welcoming the public in.

Why on earth would you put an unknown device on your internal network without firewalling it off ? Security belongs at the borders. That's why you don't need to care about the internal security of these devices - because if your network allows them incoming or outgoing access you've lost.

Expecting any vendor - especially malicious ones - to do your security at the device level is silly. A toy isn't going to be as hardened (or as trustworthy) as a gateway router so why even waste your time testing it ? Put the security where it's under your control, not the toy manufacturer's.

0
1
Adrian 4
Silver badge

Re: Password == root???!!!

Better still, a completely random password

4
0
Adrian 4
Silver badge

too much security

I'm starting to get the impression that some of these 'security researchers' are just making a mountain out of a molehill for the sake of publicity.

Not EVERYTHING has to be secure by design. Especially things that are toys, or research tools.

I've got a drawerful of sharp knives in my kitchen. Someone could easily break a window, climb in and kill me with them.

I've got a garage full of tools to help them break in. A gas pipe full of gas to set a fire with. A water tap that could be used to construct a DoS moat. A piggy bank that can be robbed just by dropping it and stealing the £5 that falls out.

Get a grip folks. If you're going to pick faults in things that don't actually need to be secure, at least write up a decent abuse scenario and risk management strategy. So we can decide if we actually give a ff.

2
20

As Tesla hits speed bump after speed bump, Elon Musk loses his mind in anti-media rant

Adrian 4
Silver badge

look at the great log in youir own eye ..

You do know that's pretty much how the rest of the world sees journalists / media etc., don't you ?

They're only no longer at the bottom of the pile because politicians, estate agents and lawyers have been doing their damnedest to get lower.

We do remember the occasional journalist who did something useful so there's kind of a hope that you'll beat down the Daily Wail element and drag yourselves up by your bootstraps.

But get on with it, k ?

16
6

President Trump broke US Constitution with Twitter bans – judge

Adrian 4
Silver badge

Imagination

Awesome imagination you've got there, Kieran.

Hope it's not disappointed.

0
7
Adrian 4
Silver badge

Re: A ruling full of holes that will go nowhere

It's a decision by a judge. Generally given their post by noting that they're intelligent and knowledgable about the law.

Unlike POTUS, which is mostly about being newsworthy enough to attract votes.

If the decision fails to stand, it won't be because it's stupid. It'll be because politics doesn't respect justice.

15
4

Astronaut took camera on spacewalk, but forgot SD memory card

Adrian 4
Silver badge

Re: The man is 53, for god's sake!

Regardless of his age / senility etc. - it's unlikely he expected to have to check out the camera before using it. Would have been just a piece of kit supplied by NASA - while it might be familiar, you wouldn't expect him to check and maintain every bit of crap. He's supposed to use it in accordance with the mission plan. If the plan doesn't say 'check batteries, SD card' then he's got no reason to do that.

If NASA wanted him to take it outside and take pictures, they should have prepared it to do that. I very much doubt the astronauts have a supply of SD cards for putting in various things.

Of course, he MIGHT have ignored the instructions, thinking it was just a gopro and he knew how to use it. In which case he's probably not going to survive many more missions. I very much doubt that happened.

2
0

Blood spilled from another US high school shooting has yet to dry – and video games are already being blamed

Adrian 4
Silver badge

Re: Early information

Regulate ammunition supplies.

For personal protection,. you don't need more than one reload. If it takes more than that you've lost.

For agriculture (most likely a shotgun), licences and appropriate storage can handle it.

For target shooting, the shooting range can control it.

For gun-nuts with a huge cache 'because' - prosecute.

Avoid a rampager having a big enough cache to shoot more than a few rounds and the problem will be less.

15
3

IP freely? What a wind-up! If only Trevor Baylis had patent protections inventors enjoy today

Adrian 4
Silver badge

Patents

I would have more sympathy for the patent system if it was usable from both sides.

It should be simple to register a patent and defend it successfully against infringement.

It should be simple to determine whether an invention infringes an existing patent.

At present, I think it's weighted toward defence - although that can still be costly. But I don't think it adequately allows for searching, and can be abused to make it specifically difficult to find a relevant existing patent.

2
0

Shining lasers at planes in the UK could now get you up to 5 years in jail

Adrian 4
Silver badge

Re: RE: Dodgy Geezer

Fit corner reflectors around the cockpit.

1
0

Make masses carry their mobes, suggests wig in not-at-all-creepy speech

Adrian 4
Silver badge

Re: ID Cards and enforced bio-metrics

The objection to them is the idea that $authority would demand 'papers please'. If there are no papers, there can be no demand.

3
1

Robo-callers, robo-cops, robo-runners, robo-car crashes, and more

Adrian 4
Silver badge

AI journalist

Did AI write the article ? Or just someone very tired and emotional ?

4
0
Adrian 4
Silver badge

Re: Atlas

Or stride / leap over instead of stopping and jumping.

But tbf, a five-year-old human would do just the same.

7
0

You have GNU sense of humor! Glibc abortion 'joke' diff tiff leaves Richard Stallman miffed

Adrian 4
Silver badge

Re: Stallman

@itfoobar

You forfeit your right to contribute to this debate due to your error.

https://en.wikipedia.org/wiki/Ad_hominem

0
0
Adrian 4
Silver badge

I can agree with that.

But before we ban something on the grounds that we don't want to try to upset anyone, perhaps we should determine whether, in fact, it does upset them.

1
0
Adrian 4
Silver badge

Re: Shouldn’t quality and professionalism be the issue?

@CheesyTheClown

Where I come from, clowns are supposed to be funny.

So I assume your ridiculous and unhuman opinion is a troll.

1
0

Password re-use is dangerous, right? So what about stopping it with password-sharing?

Adrian 4
Silver badge

Re: Bad Idea

You've got it the wrong way round.

If you want to be protected from prosecution, don't try to prevent other people posting as you. Positively encourage it. Then the host of dodgy characters can unwittingly claim to be Spartacus.

2
0
Adrian 4
Silver badge

Re: too much effort...

Hardly a problem if password theft is common.

In fact, using the password 'password' is probably a good way to claim reasonable doubt of your identity.

1
0
Adrian 4
Silver badge

Re: Password Managers?

I agree about being unusable.

But secure ? Why would you believe putting all your eggs in one unregulated basket is secure ?

If you use them only occasionally as a backup reference like the gentleman upthread, why use an application of unknown quality when you can merely encrypt a text file using some well-verified algorithm ?

1
0

Google Pay heads for the desktop... and, we fear, an inevitable flop

Adrian 4
Silver badge

I think downvotes are mostly like/unlike substitutes. They're used when someone objects to your whole stance, as against racists. Or because you got upvotes, and they didn't.

You're more likely to get a comment when the response is thoughtful (and perhaps corrective) rather than just argumentative.

Personally, I think downvotes should be allowed only with a comment to justify them. Upvotes are ok, because they're just 'me, too's.

2
0
Adrian 4
Silver badge

Similarly, I find getting a card to the reader is easier. Carrying a card is lighter and less prone to battery failure than a phone. A card is completely waterproof. I carry a phone in a trouser pocket or backpack, and being bigger than my wallet it takes longer to extract.

I do find NFC payment very much faster than chip-and-pin, which can take up to a minute, I presume because it's using dialup in some form while NFC is perhaps always online. This may be more of the reason for your satisfaction with apple pay than the terminal-to-card comms : the backend is on a faster infrastructure.

Not arguing that you're wrong : just that different habits and lifestyle can make one or the other better for someone. No person's opinion is everything.

7
1
Adrian 4
Silver badge

Re: As for mobile wallets...

The first Android I bought had NFC. As did a Nexus tablet. The two subsequent ones didn't. No phone cost more than £120. I'm assuming it hasn't really caught on except in the 'do everything' phones in the upper part of the market. Which means it's far from essential and probably always will be.

4
0

Is your gadget using secondhand memory? Predictable senility allows boffins to spot recycled NAND chips

Adrian 4
Silver badge

Bathtub curve

Perhaps it will also help weed out the chips that haven't been properly tested past their infant mortality phase.

5
0

Fork it! Microsoft adds .NET Core 3.0 including Windows Desktop apps

Adrian 4
Silver badge

Re: What a mess

In the foot ?

Head, more like.

News of its demise has only recently reached the feet.

6
10

Zombie Cambridge Analytica told 'death' can't save it from the law

Adrian 4
Silver badge

Re: Pass out the torches and pitchforks!

"Once again, that was an OPEN REQUEST to invite FB friends into activities. Which has been pointed out to you every time you bring that one up. CA has been found to have been quite a bit less open about its doings."

Yes, but Mr. BJ is an american rightwinger. (yes, the extreme leftwingers are pretty much as bad).

He's not interested in the truth. He's only interested in being right (in both senses).

He assumes that if he keeps repeating something it becomes true.

In a more reasonable culture where people don't get excited about mere politics, he just marks himself out as a loonie and is ignored.

21
1

Admin needed server fast, skipped factory config … then bricked it

Adrian 4
Silver badge

I remember filing a 25-way D socket down to fit the 23-way plug that was the Amiga's video outpot.

5
0

FCC shifts its $8bn pot of gold, sparks fears of corporate money grab

Adrian 4
Silver badge

Re: Surprise

Are you still taking the dried frog pills ?

5
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018