* Posts by TrevorH

60 posts • joined 22 Sep 2009

Page:

Huge ransomware outbreak spreads in Ukraine and beyond

TrevorH

So let's get this straight, this exploits the same vulnerabilities as the last one that made headlines all over the world and crippled various organisations and yet, some people still didn't patch against it?

sympathy-o-meter firmly pegged on 0 here.

15
0

'OK, everyone. Stop typing, this software is DONE,' said no one ever

TrevorH

CentOS 6 is in production phase 3

So... yes, CentOS 6 is "supported" until 2020 but the upstream RHEL that it's based on and receives all its patches from went into what Redhat call "Production Phase 3" on May 10th 2017. That means that only security vulnerabilities that Redhat class as "critical" will now be fixed. Anything that's merely "important" or less gets patched if they feel like it and judging by the things that _didn't_ get fixed in RHEL5 once that reached PP3, that's going to mean that CentOS 6 gets less and less secure over the next 2.5 years until it goes EOL.

4
1

Canonical sharpens post-Unity axe for 80-plus Ubuntu spinners

TrevorH

All this stuff about not rebooting when there's a kernel update. Without the reboot you're still running the old, potentially exploitable kernel. But who needs security anyway, eh.

2
0

1.37bn records from somewhere to leak on Monday

TrevorH

It's a myisam database

Unlikely to be Microsoft then

0
0

Mysterious Gmail account lockouts prompt hack fears

TrevorH

There was some discussion about this possibly being related to Cloudbleed too but comment 24 in https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 says definitely not.

0
0

Intel's Atom C2000 chips are bricking products – and it's not just Cisco hit

TrevorH

I'm pretty sure that I've had one Supermicro A1SAi fail with these exact symptoms already. Was in normal use one day and then the load average went sky high with no warning and a shutdown/reboot killed it stone dead. One replacement motherboard and processor later...

0
0

Alleged ISIS member 'wore USB cufflink and trained terrorists in encryption'

This post has been deleted by a moderator

TrevorH

USB stick disguised as a cufflink...

as sold by that bastion of terror: Marks and Spencers Plc perhaps?

16
0

NASA gets last Pluto data

TrevorH

The one kilobit figure is wrong

Having done a little reading around it seems that the spacecraft has 2 transmitters and both can be used simultaneously if they shutdown other equipment on board. That nearly doubles the data rate to 2Kb/s but that still doesn't explain the discrepancy. I also see that the image data can be compressed by a considerable factor so this is probably more likely to be the explanation - the 50GB figure is going to be the total data size before compression.

2
0

Belgian court fines Skype for failing to intercept criminals' calls in 2012

TrevorH

>> but explained that it was impossible in 2012 to provide access to users' conversations

In 2012. Doesn't say it's _still_ impossible.

18
0

Asterisk users need to patch DoS bug

TrevorH

1.8 is also affected but out of support so there is no upstream fix.

0
0

M.2 SSD drive format is under-rated. So why no enterprise arrays?

TrevorH

Re: Gbit/sec?

Yes, Gbit/sec is wrong. It's GBytes/s.

6
0

Bad news: MySQL can dish out root access to cunning miscreants

TrevorH

mariadb is affected too

Don't assume that mariadb is immune - it was a fork of mysql and at least some of the vulnerabilities discovered here are also present. Mariadb also helpfully reads $datadir/my.cnf so you can do something similar with it too.

4
0

Having offended everyone else in the world, Linus Torvalds calls own lawyers a 'nasty festering disease'

TrevorH

> Effectively Red Hat and Oracle have both done that. They publish their own version of the kernel as a tarball

Haha. Not sure if that's meant to be a joke since the main reason that Redhat produce a monolithic patch of their modifications to the kernel is to stop Oracle from hijacking their work.

20
0

BT customers hit by broadband outage ... again

TrevorH

Re: Some sympathy -but not a lot

I don't believe this problem has anything to do with LINX. THN is a massive building and LINX have space there but the room currently affected by the power problems is not the LINX suite.

6
0

Linux command line mistake 'nukes web boss'S biz'

TrevorH

Re: I thought everybody knew

The original post said he was running CentOS 7 and if you run rm -rf / on CentOS 7 you get...

[root@localhost ~]# rm -rf /

rm: it is dangerous to operate recursively on ‘/’

rm: use --no-preserve-root to override this failsafe

7
0

No, HMG, bulk data surveillance is NOT inevitable

TrevorH

Why did I read "the draft Communications Data Bill" as "the daft Communications Data Bill" ...

10
0

Containers! Containers! Containers! And RHEL 7.2. Employ as you wish

TrevorH

CentOS 7.2 "any day soon"

CentOS 7.2 has been out for more than a month.

0
0

Is the world ready for a bare-metal OS/2 rebirth?

TrevorH

The guys behind Arco Noae are longtime collaborators with the people who previously produced Ecomstation and wrote much of the code that shipped with ecs. I doubt if they'll price themselves out of the market so it's likely to be affordable when it comes out.

5
0

Caption this: WIN a 6TB Western Digital Black hard drive with El Reg

TrevorH

Clive unpacked his new HD projector from Ebay

2
0

Brimming with VM goodness: Qnap TS-453mini 4-bay NAS

TrevorH

Hmmmm

Magnetic lid and spinning rust... good combination.

2
1

Red Hat unleashes EL 7.2 beta on a waiting world

TrevorH

Re: Some nice additions

Oddly the release notes make no mention of two of the biggest changes: systemd is rebased from version 208 to 219 and gnome from 3.8 to 3.14.

0
0

CAUGHT: Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS

TrevorH

Lenovo are not the only ones apparently

http://www.securityfocus.com/archive/1/536181/30/0/threaded mentions HP and if two of the major vendors are at it then I'd not be that surprised to find more of them at it too.

9
1

Linux Foundation serves up a tasty dish of BUGS

TrevorH

"therefore how much TLS a particular tool or project needs."

I'm pretty sure you meant TLC

0
0

Thinking of adding an SSD for SUPREME speed? Read this

TrevorH

Your price for the 512GB SM951 is about £100 too high, it's currently available from a well known UK etailer for a shade over £235 + delivery.

0
1

China's STILL holding up the full WD-HGST integration. Why?

TrevorH

Or perhaps they've seen the failure figures for both companies drives and want to retain one company that makes stuff that works.

9
0

Feared OpenSSL vulnerability gets patched, forgery issue resolved

TrevorH

Bug introduced on June 11th

This is a fix for a bug that only entered the codebase on June 11th and was spotted on the 24th. I suspect almost no distros have backported or shipped such new openssl releases - oh, except Fedora which handily backported the buggy code :-( For those of us running CentOS/RHEL or probably any other LTS distro, the bug never even made it to the code...

2
0

The next Nest? We talk to Ring, the doorbell-come-security system

TrevorH

device owner gives 4 out of 10

So I bought one of these and by the time you factor in VAT and customs fees it works out at pretty nearly £200. Not cheap. And for that you get a nice looking bit of hardware that attaches to a 20p plastic backplate that's screwed onto the wall with 4 screws. The screws are a decent length and won't come out in a hurry but the backplate looks like it'll just tear off round them. The bell then fits onto the backplate with 4 tiny little plastic lugs that a child could rip off. In addition their special 'security' screws are standard size 5 torx fittings so really would only deter a passing thief who couldn't be bothered to go home and get his torx set out. Oh, and every time you screw those torx screws in, they eat a bit more of the bottom two plastic lugs on the flimsy backplate.

As for the device itself: it can't handle being set up on one wireless network while being configured from a device on another! It just bombs out and leaves the device half setup. And to reset it and set it up again, you have to remove it from the wall so that you can press the setup button on the back. Same goes for recharging the battery, device has to be removed from the flakey looking backplate which looks like it'll only stand a few removal/install cycles before it gives up the ghost entirely. Then there's the device functionality itself...

The videos it takes are full of blocking and static, the audio in both directions is appalling and barely recognisable, motion detection eats 12% of the battery per day so the claimed one year battery lifetime is really a week unless you disable the motion detection. Which is probably a good thing anyway since it goes off about every 30 seconds even with the range setting set to 5 feet.

Then when someone does come to call and rings the bell, it takes a few seconds to come through to my phone but uses the standard android notification sound, there's no ability to choose a different one nor to set its volume individually. So it bongs quietly and half the time I don't hear it and the rest of the time, by the time I've swiped my phone screen to get the unlock screen and entered my pass code then pulled down the notification area from the top and selected the ring app and hit 'accept' 5 times because it doesn't detect when you click on it, the caller has given up and gone away.

The latest android app update has now added a big advert at the bottom of the screen for their cloud storage solution. This takes up about 20% of my phone screen and cannot be removed except by signing up for cloud storage. Thanks but no thanks. No bug fixes in this upgrade, just 20% less useful information.

Can you tell how impressed I am with this? Great idea ruined.

1
0

Roku 3: Probably the best streaming player on the market ... for now, at least

TrevorH

>> Roku has no skin in the game when it comes to content.

So exactly how much of Roku is owned by Sky these days?

0
2

REPORT: UK needs online eBay-style court for civil justice

TrevorH

Wouldn't it be cheaper and more or less as reliable just to flip a coin?

10
1

Living with a Renault Twizy: Pah! Bring out the HOVERCRAFT

TrevorH

It's KW

It is of course 3KW and 7KW not 3W and 78W. I think even a tiny electric car might take a few days to charge at 3W...

5
0

Bash bug: Shellshocked yet? You will be ... when this goes WORM

TrevorH

Even the fix is flawed... CVE-2014-7169

6
0

MtGox has VANISHED. So where have all the Bitcoins gone?

TrevorH

"So even if Mt Gox has lost 6% of all its Bitcoins, it's still massively more solvent than any bank"

Err, no, it lost 6% of *all* Bitcoins. Not 6% of "its Bitcoins".

5
0

Apple plans to waggle iNormous 4½-incher in fanbois' faces

TrevorH

VPL or VLP

Surely a VPL is a Visible Pantie Line not a Very Phone Large. Perhaps you meant a VLP?

1
0

Just when you were considering Red Hat Linux 6.5, here comes 7

TrevorH

Re: and will it have python > 2.4 FINALLY?

You seem to have missed RHEL 6 entirely then. It's had python 2.6.6 since 2010 when it was released.

0
0

Red Hat Enterprise Linux 6.5 ships, but still no RHEL 7 in sight

TrevorH

Re: Major changes

Based on RHEL 5 & 6, there was a public beta first followed around 6 months later by the GA release. If they follow the same pattern this time, even if the beta came out tomorrow, the GA wouldn't be until mid-2014.

0
0

Dell orbits Linux a third time with revamped Sputnik notebooks

TrevorH

Sputnik 2 owner

I have one of the older Sputnik 2 models, though mine came from the Dell Outlet with Windows 8 on it. The hardware is identical to the developer edition that Dell ship however. I've got no complaints (well only one and that's that they used the cheapest touchpad that money can buy). It installed and runs CentOS 6.4 with no problems at all and everything on it works perfectly. Battery lasts a good 6 hours or more and I'd imagine that'd be the biggest improvement with the newer one.

And it's an ultrabook hence the cost of the thing. It's not a bottom-feeding 5lb laptop, it's a MacAir-alike. I give mine an 8 out of 10 so it's really nice to see Dell still improving the model.

6
0

That Microsoft-Nokia merger you've been predicting? It's no go

TrevorH

2) fire Elop

23
1

Soylent Corporation prepares to DEFEAT FOOD

TrevorH

Naming a product after a fictional glop made out of ground up human bodies sounds a little silly.

13
0

Microsoft reveals Xbox One, the console that can read your heartbeat

TrevorH

It's £399

Within 3 hours of the announcement I had SPAM in my inbox trying to sell me one for £399.

3
0

8 in 10 small UK firms hacked last year - at £65k a pop: Report

TrevorH
FAIL

I expect more from the Register than this

Please, I expect the Register to at least take this sort of rubbish with a large pinch of salt. One of your commenters digs deeper into the reasons for these ridiculous numbers yet your writer seems to have just taken them at face value. Classic case of "Lies, damned lies, and statistics"

15
0

Review: Google Nexus 4

TrevorH

No mention of call quality

All the other online reviews that I've read say it's great as a computer and crap as a phone with most comparing call quality to a dalek. No mention of using this as a phone!

3
0

US Dept for Homeland Security shafted by trivial web bug

TrevorH

You can't trust version numbers

You report that the site is running RHEL with apache 2.2.3 and php 5.3.3 and say that both should be upgraded but RHEL does not use standard version numbering so 2.2.3 could already be the latest apache version on RHEL5 with all known security bugs fixed. Likewise for php 5.3.3, if they're running the RH supplied php53 packages then they could already be patched to date.

https://access.redhat.com/security/updates/backporting/

Never trust a version number.

2
1

UK.gov to clear way for Britain's first SPACEPORT

TrevorH
Thumb Down

Less of the CRAPITALS please

Putting CAPITALS in your subheadings was amusing the first time you did it. When you do it all the time, it becomes childish and annoying. Please stop.

4
7

Mozilla shoots down Thunderbird, hatches new release model

TrevorH

Wait...

But the bits that are missing from Thunderbird are the same bits that have always been missing: no calendaring and scheduling facilities. And, yes, I do know about Lightning but that's a very poor relation to the sort of thing that's in (shudder) Outlook. To get widespread adoption of Thunderbird as a fully fledged replacement for anything that's useful in an office environment needs this sort of stuff to be included.

The entire open source calendaring landscape is mostly bare and what little there is doesn't work properly. Not just clients but servers too. It one area where there's nothing to touch the proprietary systems.

24
3

Red Hat pumps up Enterprise Linux to 6.3

TrevorH

Release notes URL wrong

http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.3_Release_Notes/index.html

0
0

The best April 1 gags … or were they?

TrevorH
Facepalm

I see that this year even the government joined in the April fool's frenzy with their new monitor everything everywhere law.

Oh, wait...

23
0

WD slashes warranty periods on Blue and Green drives

TrevorH
Thumb Down

I bought 4 of their crappy 'Green Power' drives and have RMA'ed all 4 plus one of the replacements so far. The reduction in their warranty presumably reflects the fact that they're disposable rubbish.

5
0

Red Hat's sales architect exits on Linux high

TrevorH

http://www.acronis.com/pr/2010/11/24-13-53.html

0
0

Farewell then, Sony Ericsson

TrevorH

Your pic of the Sony Z5 brings back memories - one of the nicest phones I ever had (and the first too). I regretted changing it for years and I still have a soft spot for it now. I think it's probably still the smallest phone I've ever seen.

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017