* Posts by tfewster

544 posts • joined 18 May 2007

Page:

BoJo, don't misuse stats then blurt disclaimers when you get rumbled

tfewster
Silver badge

Re: EU must be joking

@PatientOne Thank you, yes, £148M is a more sensible figure to discuss in the context of "£350M available for the NHS".

Though you don't touch on what we get for the £148M (CERN, standards etc. as others have stated), it makes the EU look like an even better bargain

6
1

'Don't Google Google, Googling Google is wrong', says Google

tfewster
Silver badge
Thumb Up

Contacting someone implies you were successful; "reaching out" and "pinging" can be useful in context, especially if you don't really care about the result: "Yeah, I reached out to (difficult person with a notoriously short attention span) [with a PGP encrypted linguine-long technical proposal] and s/he didn't have any objections"

2
23

Stand up who HASN'T been hit in the Equifax mega-hack – whoa, whoa, sit down everyone

tfewster
Silver badge
Facepalm

Only

... the names, Social Security Numbers, birth dates, addresses

Isn't that all fraudsters need?

> 3 execs sold stock

Excellent, data loss might just get them a slap on the wrist, but the SEC hands out prison sentences for insider trading.

Loved the tweet from ElReg, by the way!

59
0

It's official: Users navigate flat UI designs 22 per cent slower

tfewster
Silver badge

Re: A serious question.

Shadow Systems, imagine some trendy designer thought it would be "cleaner" or "cheaper" to just draw Braille dots rather than make them 3D. A "flat" UI isn't even in the same ballpark, but it's annoying and stupid regression. The ongoing increase in processing power makes it unnecessary.

Of course, on-screen 3D isn't really 3D but it does make buttons stand out better visually. I guess a temptation then is to make the button smaller and hence harder for people with shaky hands and weak vision to hit :-(

4
0

Why is it that geeks' favourite enemies are... other geeks?

tfewster
Silver badge
Thumb Up

Re: Same with [members of] simlar religions ...

Northern Conservative Baptist Great Lakes Region Council of 1912? Splitter!

4
0

Connect at mine free Wi-Fi! I would knew what I is do! I is cafe boss!

tfewster
Silver badge
Joke

Re: re. Heelight

And of the 16M colours, one will be black so you don't need light switches - the bulb can be on all the time, emitting 16KW of black light during the day (according to your preferences).

Welcome back, Dabbsy!

34
0

Terry Pratchett's unfinished works flattened by steamroller

tfewster
Silver badge
Thumb Up

Re: I wonder

L-space: "one can read any book ever written, any book that will be written at some point and books that were planned for writing that were not, as well as any book that could possibly be written"

I don't want to see a second-rate takeover. But I hope someone like Neil Gaiman looked though Pterrys notes and memorised some of the unpublished genius puns, pastiches and plots for a completely different world

3
0

Despite being totally Megless, HP Inc stands on its own two feet

tfewster
Silver badge
Facepalm

Megless

Are you implying that HPE would be better off without Meg (Or that the old HP would have been better off without her)? I couldn't possibly comment.

4
0

Kill animals and destroy property before hurting humans, Germany tells future self-driving cars

tfewster
Silver badge
Terminator

Re: Who

> But does it prioritize its passengers?

One could argue that that would be unethical - They chose to ride in the killing machine, the other party is deemed to be innocent.

Car comes round a blind bend to find a human standing in the road - crash into the wall or kill?

Car comes round a blind bend to find another auto-car coming the other way (with passengers) - crash into the wall or kill?

Traffic lights broken, both cars think they have right of way - crash into the wall or kill?

Add black ice, oil on the road, "invisible" trucks and other undetectable hazards, and even the best driver or computer will get caught out eventually. So Asimovs Third law applies - the car should sacrifice itself (its airbag-protected contents are at lower risk anyway)

18
1

Disbanding your security team may not be an entirely dumb idea

tfewster
Silver badge
Facepalm

Interesting hypothesis

After all, security is everyones problem. But we're not all trained or available to tackle armed robbers, so we have a specialised group of "police" for that.

InfoSec get the ear of the board, and hence funding, in a way that IT don't. Remarkable for a group of blockers playing on peoples fears - telling CxOs that that could lose their jobs or go to prison if things go wrong.

InfoSec must then use that power responsibly - to enable the IT team to make improvements. E.g. login management/SSO tools, which have security and productivity benefits. Patching policies and tools, which have security and productivity benefits. Malware blocking, which....You get the idea. Community policing as well as SWAT teams.

2
2

Forget sexy zero-days. Siemens medical scanners can be pwned by two-year-old-days

tfewster
Silver badge
Facepalm

Re: It's not the scanner's fault

> "They are also going to have to pay for the weeks/months of testing necessary everytime Windows releases an update..."

That's fair. Say Siemens spend £1M a year on that testing (10-20 FTEs). Divide it amongst their customers (Say 1000), and add it to the maintenance costs of the scanner. £1000 p.a. each isn't going to make a blip on the costs of running a scanner.

(Part 2 of the plan is to make security a selling point and block competitors from winning sales on those grounds. Win-win)

1
0

Look out Silicon Valley, here comes Brit bruiser Amber Rudd to lay down the (cyber) law

tfewster
Silver badge
Facepalm

Re: Not Very Bright...

Amber Rudd and others are conflating two very different uses of the internet by the "bad guys":

1. External communications: Propaganda, recruitment etc. - YouTube, FaceBook, Twitter. Has to be widely visible, can't be encrypted, easily taken down, and sources blocked, though the individuals behind it may be harder to find.

2. Internal communications: Planning attacks, logistics, etc. - Burner phones, WhatsApp for encryption, all of the above for innocuous coded messages - all using burner accounts.

Internet companies are cooperating on any "offensive" material, which covers the first type. For the second type, breaking encryption wouldn't gather anything meaningful - What does "The grey goose flys at dawn" mean, unless you have the codebook?

30
1

The ultimate full English breakfast – have your SAY

tfewster
Silver badge
Facepalm

Re: Sorry for the thread subversion...

@ Hollerithevo - You used "food" and " Nando's" in the same sentence - shome mishtake, shurley?

1
1
tfewster
Silver badge
Pint

Re: Get it right

One of the best "Full English's" I've ever had was a pub in Amsterdam. With a pint of Guinness, at 10am. Before heading off to the Heineken brewery tour. So I can't remember the details of the contents, but the whole stag party of Brits-abroad was well impressed.

1
0

Pre-order your early-bird pre-sale product today! (Oh did we mention the shipping date has slipped AGAIN?)

tfewster
Silver badge
Black Helicopters

Re: Bah!

Nice product concept. Send me £100 now, and I'll ship you one of the first production models* -->

* In 2030**

** May be delayed due to our dodgy uranium suppliers letting us down

6
1

Cellphone kill switches kill cellphone snatchers

tfewster
Silver badge
Facepalm

Re: And elsewhere in the US?

Apparently not in the UK: http://www.bbc.co.uk/news/uk-40731485

"In the 12 months to the end of June, the Metropolitan Police logged 16,158 crimes involving powered-two-wheel vehicles compared with 5,145 the year before. Most of the offences were robbery and theft, with mobile phones making up 90% of items stolen. Phones can be reset within minutes and sold on, or used by gang members who like to have a handful of devices each."

6
0

Hackers can turn web-connected car washes into horrible death traps

tfewster
Silver badge
Terminator

ROTM

FOIP (Fist Over IP) becoming a deadly reality - Now you can hit someone over the internet by controlling a device that moves. Earlier examples, like opening your victims CD tray to push their coffee into their lap, or opening a POS terminal cash drawer to punch them in the gut should have been a warning...

13
0

Ten new tech terms I learnt this summer: Do you know them all?

tfewster
Silver badge
Facepalm

Re: Fibre

"The name will be like USB speed names"

Hmm, beyond infinity => Buzz Lightyear? "Buzz" has a short, snappy ring to it - "I'll use the Buzz", "Buzz speeds" etc. etc. ad nauseum

2
0

UK regulator set to ban ads depicting bumbling manchildren

tfewster
Silver badge
Facepalm

Re: There goes

Yes, Mr Ad-man, I'm now aware of the product you're pushing. And thanks to your irritating presentation, I've developed a personal hatred for you and the company you're representing. It makes buying choices SO much easier when I've immediately eliminated the irritating ones!

Was that the response you were looking for?

P.S. Your techniques for informing and persuading aren't much better

2
0

Ew! HTC jams pop-up adverts into people's smartphone keyboards

tfewster
Silver badge
Facepalm

Re: Trivago?

It's 2017, and the Trivago ads are telling us how to use a website to search for hotel rooms. Unfortunately their target viewer is more likely to put the credit card in the CD holder than complete a booking successfully.

6
0

All your bass are belong to us: Soundcloud fans raid site for music amid fears of total collapse

tfewster
Silver badge
Joke

Aha, that's just what the RIAA and NASty manufacturers WANT you to think, to increase their sales!

0
0

UK spookhaus GCHQ can crack end-to-end encryption, claims Australian A-G

tfewster
Silver badge
Joke

Physics is just applied mathematics, so gravity will be easy-peasy

25
0

Dear racist Airbnb host, we've enrolled you in an Asian American studies course

tfewster
Silver badge
Facepalm

Re: Contrition

Strange - "Barker" doesn't sound like a Native American name, and they're the only ones who can legitimately claim to be "not foreign"

37
9

Trump Hotels left orange faced: Hackers plunder systems for credit cards

tfewster
Silver badge
Facepalm

Re: "Card security code"?

Yep, if Sabre themselves take payments from cards, I guess they just lost that privilege. If they're just a booking service and the hotel takes the payment from the card details forwarded from SynXis - dunno how PCI sanctions would work there (but also not clear how that could work if the hotel/bank interface used additional authentication, e.g. Verified By Visa)

1
0

May the excessive force be with you: Chap cuffed after Star Trek v Star Wars row turns bloody

tfewster
Silver badge

Question 3

x The one with 7 of 9 in it

17
5

Google ships WannaCrypt for Android, disguised as Samba app

tfewster
Silver badge
Facepalm

Re: This is what happens ...

It's not as simple as that. Engineering would have to be pretty clueless and/or spineless to play along. And Marketing would be sensitive to PR own goals, so they must have been poorly advised. That said, I can imagine the conversation:

Engineering manager: We have your demo of SMB ready

Marketing: Cool, ship it

Engineering manager: But it only supports SMBv1...

Marketing: No worries, we'll sell SMBv2 support as an upgrade. We're hearing a lot of buzz about SMB, we need to be in that space right NOW.

Engineering manager: $RESPONSE

case $RESPONSE in

"But" ) fire manager;;

"I quit" ) while resistance from subordinates do (fire replacements);;

"Yes|OK" ) sleep until PR disaster;fire manager;;

esac

6
2

Feelin' safe and snug on Linux while the Windows world burns? Stop that

tfewster
Silver badge

Re: CVE's

Destktop/mobile OS's v servers - it's the difference between stealing car stereos and robbing a bank. Harder, but vastly more rewarding* And Linux and Unix are pretty popular for servers.

* Ransomware has changed the balance somewhat - potentially $300 a time for fairly easy pickings!

7
1

Brit prosecutors ask IT suppliers to fight over £3 USB cable tender

tfewster
Silver badge
Facepalm

Re: Public Sector Purchasing Frameworks

That's how it's supposed to work, but it rarely does. The £4 flash drive price is inflated by the cost of tendering for and administering the contract, compliance with regulations like d3vy's examples, hospitality (negotiators kickbacks), non-standard item charges (8GB drives? No, but we supply 8x1GB drives cheaply) and the "we got your guaranteed business with a few loss leaders and now we're gonna milk it" factor. I've seen it many times in public and private sector organisations.

Add to that, the purchasing department is focused on the main stuff the organisation needs - Nurses unifoms, beds, tongue depressors - and weird IT stuff isn't a priority for them. Whenever I hear "framework agreement", I know someone just got screwed for over for the convenience of the purchasing department.

3
0

Dead serious: How to haunt people after you've gone... using your smartphone

tfewster
Silver badge
Flame

Re: You surely must have forgotten

This. Be right back, just going to rent a botnet to upvote Terry 6 a few million times.

15
0

Ubuntu 'weaponised' to cure NHS of its addiction to Microsoft Windows

tfewster
Silver badge
Facepalm

Re: Good luck.

Did you read the part of the article that said "not for clinical systems"? The attitude* that "We can't do everything, so we won't do anything" infuriates me.

Re: Training - How much training do you need to use a different browser? Especially given that most people have already chosen to learn a new UI, on their smartphone?

* I'm not saying YOU are saying that, but it's a short step from your sensible caution to organisational paralysis.

27
4

NHS WannaCrypt postmortem: Outbreak blamed on lack of accountability

tfewster
Silver badge
Facepalm

Re: You have have a million Cyber (euughh) security professionals...

...if the software is out of date, unpatched, unsupported...

You don't need a cybersecurity professional, consultant or industry body to tell you that's bad.

On the other hand, the Board tends to listen to and fund InfoSec teams, so InfoSec _could_ direct and fund remediation efforts - as long as they don't fall into the trap of just listing the problems without contributing to solutions.

0
0

Former GDS head Mike Bracken quits Co-op

tfewster
Silver badge
Thumb Up

Re: Twat

Don't be so shy - tell us what you really think of him?

4
0

UK parliamentary email compromised after 'sustained and determined cyber attack'

tfewster
Silver badge
Facepalm

Everything our elected MPs say and do is apparently so important and sensitive that they're exempted from the Snoopers charter etc. Yet their email doesn't require 2FA or lock them out after multiple failed logins? Oh, sorry, I forgot they were too important to be bothered with plebian matters like that.

I guess the ones who were still able to access emails had auto-forwarded them to hotmail

38
1

Ex-NASA bod on Gwyneth Paltrow site's 'healing' stickers: 'Wow. What a load of BS'

tfewster
Silver badge
Facepalm

Who said it was about YOUR wellness? I bet the peddlers bank account is quite healthy right now.

4
0

Waymo: We've got a hot smoking gun in Uber 'tech theft' brouhaha

tfewster
Silver badge
Facepalm

"No, don't bring any hard evidence on-site. We just want what's in your head ;-) ;-)"

3
0

WikiLeaks doc dump reveals CIA tools for infecting air-gapped PCs

tfewster
Silver badge
Happy

Re: Air gap with Windows gateways, you say (imply)

Would that be an African or a European swallow? And will that change post-Brexit?

12
0

Software dev bombshell: Programmers who use spaces earn MORE than those who use tabs

tfewster
Silver badge
Alien

You question my indentation?! I should kill you where you stand!

Klingon developers do not believe in indentation - except perhaps in the skulls of their project managers

6
0

Boeing preps pilotless passenger flights – once it has solved the Sully problem, of course

tfewster
Silver badge
Facepalm

Re: Remote pilots?

Ding! You have a new ticket, flagged "Urgent"

OK, let's log in and check it out. Hmm, Dreamliner, that's a 16 char password, remote into Boeing password database to retrieve the password...Right, we're in. Let's see - Altitude 300ft, both engines out - f***, must be time for my break, let someone else deal with this ticket - It's not like my life is on the line.

The alternative, having one trained pilot on board but out of the loop, isn't much better:

Ding! Computer says "Emergency, over to you". Huh, whut? OK, hit "override", check status, get a feel for the controls - lessee, the 787 has a worse turning circle but better glide characteristics than the 767, this one feels like 200 passengers with just a weekends luggage, got it now...

18
0

What a tit! Uber CEO hijacks his staff breast-pump room to meditate

tfewster
Silver badge

I agree it's probably not significant, but it sends the wrong messages. Presumably he already has an office and a PA, to ensure he's not disturbed. Is meditating on company time a perk for everyone at Uber? And can anyone at Uber just take over an empty room, denying its use for its intended purpose?

13
0
tfewster
Silver badge
Joke

Perfect

A lactation room is just the place for a tit

19
0

Hand in your notice – by 2022 there'll be 350,000 cybersecurity vacancies

tfewster
Silver badge

Re: What do they actually do?

You're talking about vulnerability management and auditing there, which involves scanning, pen-testing and interminable meetings about how to fix the problems with 0 resources.

There's also Incident Response (Long periods of boredom followed by a few hours of frantic activity), Policy and Compliance (that no-one listens to), and Identify and Access Management (The nasty people who make it difficult for techies to do their jobs).

I do the technical bits for free, as I enjoy that. But I get paid handsomely for the meetings and paperwork.

5
0

Ex-MI5 boss: People ask, why didn't you follow all these people ... on your radar?

tfewster
Silver badge
Facepalm

Outdated, yet still pushing bullshit

"In a democracy, it would not be acceptable to have a security service police force that is so enormous that it can follow everyone around."

But that's precisely what they want to do, using computers instead of agents. And she still avoided the question of why they didn't "follow a small number of known hostiles around"

9
0

WannaCrypt: Pwnage is a fact of life but cleanup could and should be way easier

tfewster
Silver badge
Facepalm

My initial reaction was the same, but it's an idea. In theory, all critical industries should already have backups and disaster recovery plans. In theory, existing data protection legislation and the duty of Directors to protect the business should be sufficient. In theory, software companies should ensure their products are fit for purpose.

In practice, it's hard to anticipate every attack vector, or to apportion blame when things go wrong. So Trevor's approach, to brainstorm/spitball/blue-sky recovery mechanisms, is an important tool in a sysadmins kit.

Take it further - NHS owned DR DCs, with a ("secure") warm copy of a hospitals data, copied over fat pipes, fast enough for staff to use the DR systems remotely when their local system is down? When disaster strikes a hospital, just connect the data disks to a suitably powerful system and boot it. I don't know if it's practical, original, or even useful in this scenario, but I'll risk the derision and downvotes because it might just spark a better idea in someone.

3
0

Uber fires robo car exec for insubordination

tfewster
Silver badge
Facepalm

Re: Dropped

If you only want British English on El^WThe Reg, don't expect to see any more articles posted at 23:26 BST!

Incidentally, why "Greyball" and not "Grayball"?

1
2

TRUMP SCANDAL! No, not that one. Or that one. Or that one. Or that one.

tfewster
Silver badge
Facepalm

Obviously imaginary (i.e. fake) - too few superlatives, far too coherent and you finished some of the sentences.

22
0

Life is... pushing all the right buttons on the wrong remote control

tfewster
Silver badge
Facepalm

Charles 9, your account appears to have been taken over by a newcomer!

https://xkcd.com/927/

1
0

Sysadmin finds insecure printer, remotely prints 'Fix Me!' notice

tfewster
Silver badge
Angel

Ah, the scream-tracing method. Power an unknown server off and see who screams.

38
0

UK ministers to push anti-encryption laws after election

tfewster
Silver badge
Facepalm

Re: Banning encryption is unenforceable

information = Data + meaning, surely?

Data: 2,3,5

Meaning: You've just been insulted 3 times, in American, British and Roman fashion

1
0

NASA duo plan Tuesday ISS spacewalk to replace the mux that sux

tfewster
Silver badge
Facepalm

Uh-oh

Not the AE-35 unit. We know how this plays out.

36
0

Proposed PATCH Act forces US snoops to quit hoarding code exploits

tfewster
Silver badge
Facepalm

Re: Is what we might learn about the terrorists worth risking people's lives for?

@WatAWorld "If you patch the NHS computers, civilian computer types are going to know..."

Which is why I said the "suggestion" would be to block SMB at the firewall, which can be justified for other reasons.

@Richard 12 > "excellent, we now have a way inti these targets"

Agreed, they would have scanned for targets and then identified those targets to find the "interesting" ones.

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017