It exists now.
2815 posts • joined 30 Sep 2009
Are we sure about that? Just asking.
I think when a cool name is given to this bug, it should honour Alan Turing, since the theoretical (?) attack is a weaponised version of the unsolvable "Halting Problem". It may be logically impossible to fix it??
https://www.google.com/search?q=%22alan+alan+alan+alan%22 "Alan, Alan, Alan, Alan, ..."
I don't say I wanted to know, but I wondered.
You may imagine that real criminals are devious masterminds. But they are just ordinary people who are doing naughty thing. Some are even of less then ordinary intelligence.
Taking at face value https://www.bbc.co.uk/news/uk-scotland-tayside-central-45731642
Three Scotsmen recently tried to fly assorted drugs by drone into Perth Prison. The drone was found by a prison officer.
It had a video camera and it had filmed the men's faces, the drugs, their house door with the number on it, and their car, while they were loading the stuff in and then presumably taking the drone to the prison.
Presumably they did not know this.
The pictures are quite good quality as home video by my standards, but I'm not a connoisseur.
Two men in the video are now in jail and one apparently hasn't been recognised yet, so, if he looks familiar, feel free to call the Police Scotland Clypeline.
A probably former admin set us up the obscure long mineral names. What a clinoamphibole.
The star - or the would-be star - is the show's unique selling point, so you name it after them, and not a snappy title that the audience is still less likely to remember. In some cases, "The Name Of Leading Performer Show" also has a different setting and even cast each week, aside from that one constant element. "Hancock's Half Hour" for instance didn't particularly start like that but ended up that way.
It's also a case where the star plays a character with the same name, which could confuse a stupid person and worries me - although with "Hancock", the show tended to be about what the cast of the show got up to when they weren't performing the show... except that that was, in fact, the show. Even more confusing. But it did make sense for Mr Tony Hancock to appear as Mr Tony Hancock.
A root vegetable is one thing, the legendary Maltese Falcon is another! :-)
The article makes the point that a password can be compromised, and not used... until someone in the department gets a Nobel Prize, or you migrate your application interface to the cloud, and a new opportunity is created.
Up to a limit, passwords can be remembered by the user; my limit is 6 letters and 2 digits for several different passwords, making up little phrases to remind of the letters (the numbers usually come to mind when the letters do), and if possible not changing all of them at once. I may do better if I have to. As it is, I have one format that satisfies nearly everyone's rules. 69soddit! if necessary. ;-)
But without the exercise of regularly remembering new passwords, you won't be able to do it when you do have to. It needs practice.
"We take customers security and privacy. Very seriously." FTFY
I don't know what it is but I suspect it is painful. :-)
If flight times were disrupted during this incident, how would we know it? Not to doubt them, but no data means no data.
Up-vote me if you meant "I used to use", but, since a dollar denominated company presumably means you're in the U.S., could be either.
Being divorced twice is Presidential. But that's not a recommendation.
(Donald Trump is not an actor, he is a reality person, the difference being he can't act, as his appearances in films reveal.)
A purpose of the U.S. constitution supposedly is to stop the kind of thing that Ed Snowden exposed being done to U.S. citizens, so you can't really call the exposing unfair. Putting all staff of TLAs in jail would be a bit awkward but not really unjust. The fact that TLAs of various countries sometimes did the spying on each other's entire populations instead of their own and then sent each other the backups is not an acceptable loophole.
Once Britain leaves, the EU can legally declare war and get it back as an administered territory. I'd find that funny, but be careful what you wish for.
$50 in Bitcoin to stop us installing it, say hello to Clippy :-O
My keyboard has a fault in password mode, it always comes out as: ********
But I do log in ok so.... I may have just told the world what my password is. It is ********
If your department's accounts lock after ten bad login attempts, then I can do denial-of-service on you by trying each account ten times. You see? This is hard.
I probably could get a job for Heinz breaking into people's online grocery accounts and substituting Heinz products for the other brands. (Customer relationship meddler, probably.) You won't question it if a store delivers Heinz instead of the brand you requested - that happens - until maybe the fourth time. And then you'll assume it's a bug. But it isn't a bug. It's me. Just conveying orders.
If you misremember a song then it's highly secure... maybe. I don't think "ladymondegreen" will do.
Executives' passwords are to be remembered by their secretary. Solved. Or, they get a golden key card to insert in the PC instead of a password. And it's the secretary's job to take it out after they go home.
Anyway their hardware is... limited. http://dilbert.com/strip/1995-04-03 yes that one.
But I've changed it.
What does it mean? (1) Nothing, it's random consonants. (2) It means "Metal harrow 13", which is what I remember. And which in turn doesn't mean anything, although it sounds like it does. I don't use "Metal harrow 13", because it's longer but not really more secure. But, I believe, not less secure.
My hint is "here is no hint."
Can you remember "xkcd936"?
With the punctuation marks :-)
Why special characters? We all know computers run on just 0 and 1. enough of those and... it's remembering them that's a pain.
Especially when one user at work needs up to six passwords. Changed on different days, if at all.
My system - 6 letters, one capital; two numerals; no vowels. Special character? Exclamation mark, you creep. Just because a smiling brown pile isn't on my keyboard... I never used APL. Wait, a black heart, that'll do. ...Apparently you're a character that The Register doesn't support, and neither do I.
Oh - no vowels. Happy now? Wlsdyn47! [ = well s*d you anyway ].
Is clicking on a link in e-mail ever a good idea?
Hmm... yesterday I sent some third-party public site links in internal e-mail.
That's probably all right but perhaps I should have used a nice zip file?...
Currently it's The Nigerian Candidate.
That is, Release Candidate.
After all, the wealthy Nigerian - usually based in Amsterdam for some reason, the last that I heard - is just a new version of "The Spanish Prisoner".
My mental image is of the "Ghost Busters" - 1980s version - in their affordable on-call vehicle. I can't get rid of it.
Is swatting the problem or is it the solution?
Carry a single use bag, life bag, or cotton bag; put that on scales to pack shopping into, then transfer the entire bag into your backpack. I caught cotton bags with Harry Potter logos at Poundland that fit in my new Ridge bicycle panniers. To avoid nerd conversations I chose Slytherin House bags. Working so far!
Upvote for the "subtotal" tip for Tesco, provided that it works. Maybe I can use it at the Co-op just east from Central Station in Glasgow, where the self-service stations are clever but cramped.
Several shops seem to give me an issue of accepting a bar code but not letting me bag the item. I might get into trouble for dealing with that by laying the charged but unweighed item next to the scanner and then taking it with me after I pay for it and for everything else - but I don't see it as doing wrong. I must look honest, anyway.
Well, 4 years ago, Windows XP was legal!
It depends if the software is being sold to hackers, or being pirated by them...
It could for instance be made to check the date and time on an Internet time server, and if that's too late then this copy won't run. You need the update.
Kids should play old fashioned games, such as football, no, wait. That causes just as much trouble.
Robert Carnegie, cyclist and baller. Not footballer.
It can't be as dangerous as you say, it's just a rubber ball and they didn't send you one to play with in the office so you're sulking.
Granted, I cannot find that "moon foam" is a thing..
The other day or week it was in the news... some VPN or super-secure browser (obviously Tor? Or not) was using secure anonymous comms with web sites, but ordinary unsecured DNS on the user's machine to look up the web site address. Oops! So, not to be sniffed at? Au contraire.
Silly! Minions don't speak... English.
...I'm not going to count the word "Banana", used in the Minion epic adventure, "Banana".
Or of course "en famille"...
They've all got it - oh, no they haven't.
As bad guys know already: there are historic bugs in widely used versions of JPEG image data handling library. JPEG is basically Zip file for pictures. Fax machines can handle JPEG data, and due to either a new bug or an unpatched old one, you can send binary data and code in the format of JPEG - maliciously malformed data - to a fax machine, and it will hit the bug and START EXECUTING THE PROGRAM CODE IN YOUR JPEG STREAM INSIDE THE FAX MACHINE. Well... there is some more work to do to get there from "buffer overflow" or "chair stacking", but it's not -difficult- work.
And since the fax machine these days is networked, once it's pwned, you have an enemy inside your camp - or your network.
So, no, please don't publish details, such as a QR code of the data file needed to hack any fax machine.
Dropbox is to sack up your files automatically to the cloud, yes? That sort of is about disk management, then.
Tell management that all the kit will stop working at the end of 2018. In terms of working securely, that's not so far wrong. Y2K18 Bug: This Time It's Spurious. You could probably even persuade them that "spurious" means "very, very bad." Serious and worse. So when they ask the consultants, "Our guy says this threat is spurious, do you agree?" "Oh yes, it's the most spurious that I've ever seen."
I suppose this is a Man In The Budget Freeze Attack:
And it turns out:
But no longer
which I guess was kind of tech-ie for readers.
Perhaps the detonator has a tamper switch. Start to pull out the detonator and boom.
On the other hand, there's an argument that terrorists' home-made bombs are built with an off-switch for safety, as they are liable to be precarious otherwise. But once you place the bomb, you may remove the off-switch. Then, you know, run.
The off-switch appeared in a TV programme I watched recently; I won't say which as it may spoil the surprise i.e. not wiping out the cast of the show. (That is, the characters, but with some special effects, who knows.)
I'd write "send". With despatch, or with dispatch if I feel like it.
Since the 1960s and mostly in Scotland.
Wikipedia has incomplete records for recent Devon County Council elections, but they appear to have been Liberal Democrat after 1997 and before 2009, since when they've been Conservative. And UK.gov put the screws on state school term-time holidays in 2013 (and I'm disinclined to disapprove). So, "thanks, Labour" not so much. Good news is that there won't be any state schools left soon, and, leaving your daughter in the pub after a good lunch - presumably still fine, and by "fine" I don't mean money taken off you. Unlike Devon Conty Cuncil.
Well, if the flaw is firmly baked into the hardware, the speculative execution microprocessor, then the only way to remove the flaw is to remove the processor and replace it - or replace the machine that contains the processor. This obviously is inconvenient but it would be the only way to stop the flaw properly. Or run a really, really good anti-virus - but that's not a 100% answer.
It's like if your equipment will all stop working at all at the end of, oh, the year 2000 - in that case, you simply have to plan to scrap it then, or, before then. And sue the supplier, of course.
The alternative was a lot of work.
PalmOS emulation is in existence. But I don't know if it will be included in these devices.
If I go to your UK voting centre first I can just say that I'm you. And more people don't vote than do, so they might never know. Maybe we should improve the system, although the main motivation for doing so presumably is to stop political left-leaning people from voting.
I count Register puns - not to mention the rhyming headlines - as a reason not to read. If your story doesn't hold your own attention......
Biting the hand that feeds IT © 1998–2018