* Posts by tfewster

1193 publicly visible posts • joined 18 May 2007

Not a death spiral, I'm trapped in a closed loop of customer experience

tfewster
Facepalm

Re: Opposite button labelling

Or turn the car engine off with the ignition key?

The safest place to save your files is somewhere nobody will ever look

tfewster
Facepalm

Stupidity has mass. That's what Dark Matter really is.

How much is your face worth? Google thinks a $5 Starbucks gift card should be good enough

tfewster

Re: OK

And the sample is still skewed...towards poor, young, time-rich people. Who may be more susceptible to falling into bad ways.

So will the AI "prove" what cops have always "felt" - Black people are all criminals?

Behold the perils of trying to turn the family and friends support line into a sideline

tfewster
Facepalm

Re: Obligatory XKCD

XKCD 627 really needs updating:

Find a menu item or button which looks related to what you want to do.

- I can't find one

Are you using Windows 10 without Classic Shell?

- Yes

Oh. There aren't any buttons. Give up.

- OK, I installed Classic Shell.

Oh. None of the buttons do anything anyway. Give up.

and:

Google the name of the program plus a few words related to what you want to do. Sift through abandoned questions, irrelevant answers, zealots who insist your approach is wrong and annoying YouTubers who skip over the critical step. Give up.

UK taxman wins tribunal case against BBC presenters

tfewster

There are quite a few nuances and the meaning of "contractor" varies between countries: From a consultant with skills the client doesn't have in-house to a temporary worker doing BAU work backfilling a permanent post; Or from a contract specifying a deliverable to a contract specifying working hours.

True independents are usually outside the taxmans "disguised employment" net.

"Temps" are usually in the net - They're doing the same job as a permanent employee. So their daily rate needs to be about 50% higher than a permanent employee to allow for employers tax, pension contributions, sick pay, unemployment etc - plus personal taxes - just to reach parity with a permies annual take-home pay.

Call-center scammer loses $9m appeal in stunning moment of poetic justice

tfewster
Facepalm

Re: The thick twat

Obviously he should lose every cent he profited from the crime. And obviously there should be an appropriate deterrent penalty on top, maybe cash or jail time.

Though he, personally, may not have made $9m. But I guess he'll just have to sue the ring leaders to get "his" money back.

Right-click opens up terrifying vistas of reality and Windows 95 user's frightful position therein

tfewster
Facepalm

Re: Taking the Trash

> We put ours out the night before

Butnot before 7pm - Our council will fine you for that.

From pen-test to penitentiary: Infosec duo cuffed after physically breaking into courthouse during IT security assessment

tfewster

@PM from Hell Re: hire a more reputable firm

> restricted to remote working

Doesn't that run the risk of missing internal and side-channel vulnerabilities? I expect you have that covered, but it's not entirely clear to me from your brief comment.

I recently saw the results of a pen test where the testers had gained Domain Admin rights and then went on to exploit that in a chain of events that ultimately meant they were detected by a secondary mechanism - but it created a lot of clean-up work.

Brit MPs: Our policies are crap and the political process is in tatters, but it's Twitter's fault, OK?

tfewster
Facepalm

As well as greater awareness by the public, Twitter also gives MPs feedback from the voters on their proposals. How could that be a bad thing in a Representative Democracy? It's not like they'll get immediately sacked if they support something unpopular with their constituents "for the good of the nation as a whole".

P.S. I don't use Twitter, I despise my politicians the old fashioned way - from the news and at the polling booth.

Infosec prophet Bruce Schneier (peace be upon him) is only as famous as half of Salt-N-Pepa

tfewster
Facepalm

Not according to Googlefight

https://www.googlefight.co.uk/kevin+mitnick-vs-Robert+Herjavec.php

And Edward Snowden beats them both

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they're typed over the network

tfewster
Joke

Re: NetCAT?

NetCack would have been more descriptive, less confusing and met most of the researchers "objectives" for a name.

Of course, netcat and Linux are known for being hackers tools - Is your son a computer hacker?

Today in tortured tech analogies: Mozilla lets Firefox loose in the hen house, and by hen house, we mean the tracking cookie jar, er...

tfewster

Re: How does a third equal single figures?

Have a look at the netmarketshare.com link in the article. FF 9%, IE 8%.

Frankly, I'm surprised Safari is so low, as it's the default on iPhones. On the other hand, Chrome figures are for both mobile & PC

Buying a Chromebook? Don't forget to check that best-before date

tfewster

Re: Consumer Rights?

On the other hand, even a newly discovered vuln demonstrates the product is "faulty by design" or has a "manufacturing fault".

You don't have to wait until your tumble dryer burns your house down or your car kills you to get faults in those repaired. Taking on a Google/Apple/Microsoft alone would be futile, but you wouldn't be alone

Electric vehicles won't help UK meet emissions targets: Time to get out and walk, warn MPs

tfewster

Re: 50 miles???

I'm curious as to where you get your figures from. One in particular doesn't make sense - the "20 minute break every 5 hours". Assuming this is at a supercharger at a motorway service station, it's more likely to be 7 minutes every 1.5 hours. Which works out about the same, and that's still fine as long as every parking space has a charging point - otherwise you would need about about 20 times as many fuelling points (< 2 minutes to fill a car with enough conventional fuel to do 500 miles)

'Hey Google, remind Greg the locks have been changed, and he should find a new place to live. Maybe ask his mistress?'

tfewster
Thumb Up

Brilliant - I'd pay to hear exchanges like that. Maybe an army of unpaid users could curate (anonymised) conversations and post them on YouTube where they can earn Google a secondary revenue stream?

If bigger seats and nicer nosh in British Airways' First Class still aren't enough, would sir like to wear some VR goggles?

tfewster
Joke

Re: Don't forget about us mere mortals in Cattle class

BA plan to fit oars in Economy class (or maybe pedals linked to a fan, saving on A/C).

And then they can save on gadgets for Business class passengers by letting them have whips instead.

Chap uncovers privilege escalation vuln in Steam only to be told by Valve that bug 'not applicable'

tfewster
Trollface

Re: Running a gaming PC without local admin rights is frustrating

You want an argument?! PC game prices drop 75% after the first 6 months, Console games prices always stay high long after the developers have made their money back!

(Works great for me, other people can subsidise the Developers and do the beta testing, if a PC game is still popular after 6 months then I'll buy it at the reduced price.)

Y'know how everyone hated it when tuition fees went up? Cutting them now could harm science, say UK Lords

tfewster
Joke

Re: Arts subsidises STEM already

Maths can be taught using just a blackboard and a few cheap b&w books . Why should Maths students subsidise engineering and physics departments expensive toys?

Don't go down that line of thought, unless you're prepared to do itemised billing for the accommodation/management/teaching/lab components of every course and region.

tfewster
Facepalm

Re: Bah!

A degree course doesn't work for everyone. In the past, formal apprenticeships and polytechnics were good alternatives, but they've been subsumed into the degree culture.

Life skills lessons during further education would be a fine idea, but would have to be on top of the degree course. Which, of course, adds cost. Though one could argue that the further education system teaches a lot of life skills anyway.

As to funding, I'll just note that any "taxpayer funding" should include a fair amount from corporates. However, they should not be allowed to overly influence the academic curriculum.

Finally, on "toy" PhDs - every PhD is expected to contribute some original research, and they're so specialised at that level that almost every one will sound stupid to a layman

The sea is dangerous and no one likes robots, so why not send a drone on rescue missions?

tfewster
Facepalm

Built-in killswitch

> The winning bidder is expected to deal with regulators like the Civil Aviation Authority and National Air Traffic Systems to make this possible.

A government agency admits it can't deal with other government agencies and tries to outsource that part? I wouldn't touch that with a bargepole long enough to move the world.

BOFH: Oh, go on, let's flush all that legacy tech down the toilet

tfewster

Re: ShitSecurity

> but we Users are also the ones who make sure that the company keeps making money and therefore has enough to pay you SysAds wages

Joking aside, is that really the case? Apart from the efficiencies of using a computer rather than a small army of quill pen wielders and couriers, if "data is the new oil" then IT has moved a long way past automation.

I'd say that every company is an IT company, no matter what they sell.

Fed-up graphic design outfit dangles cash to anyone who can free infosec of hoodie pics

tfewster
Facepalm

Re: Truth in advertising

Do NSA/GCHQ geeks wear Russian/Korean/Iranian military uniforms when planting their false flags? Now that's method acting!

Migrating an Exchange Server to the Cloud? What could possibly go wrong?

tfewster

Re: Why are the admin accounts disabled by Exchange?

@Alien8n - Thank you for that explanation - Potential nightmare scenarios, I almost wish I'd remained blissfully ignorant!

tfewster

Re: Why are the admin accounts disabled by Exchange?

Further to your post, isn't there a built in Domain Administrator account, for setup and emergency use only? I'd be surprised if that had email enabled.

Cyberlaw wonks squint at NotPetya insurance smackdown: Should 'war exclusion' clauses apply to network hacks?

tfewster
Joke

Re: Prove it

Cyber insurance policies can reject claims for all Cyber attacks because Government Agencies tell us all Cyber attacks are state sponsored by baddies (usually supposedly "technologically advanced" countries like Iran or North Korea [total coincidence that we're against them for other reasons], but not China [because we're really scared of them]).

tfewster
Facepalm

Re: The "physical loss or damage" clause is key, no?

"all risks of physical loss or damage to electronic data, programs, or software, including loss or damage caused by the malicious introduction of a machine code or instruction."

Sorry, but that sounds like Cyber insurance to me. And Zurich haven't tried the "due diligence" getout, but went for the "act of war" excuse. So that's what we're discussing.

UK PM Johnson spins revolving doors, new digital minister falls through

tfewster
Facepalm

Re: I just come here for the IT news

Thank you so much for staying to read the non-IT stories, and then the comments on them and especially for taking the time to educate us.

True, I don't want to be a manager or an MP. I don't claim to be infallible, but I can spot a fake when I see one.

(P.S. I work in IT. I'm used to taking shit from Lusers)

Spri-Mobile? T-Print? Time to think of a nickname: The Sprint/T-Mobile US merger is go

tfewster

Re: T-Mint

Spit-bile

Sp-oil

S-oil

Pri-mo

City-obliterating asteroid screamed past Earth the other night – and boffins only clocked it just 26 hours beforehand

tfewster

Nominative determinism?

Asteroid 2019 OK - Sounds OK

Asteroids 2019 AI/NO/OOF/NBG/ICRAS etc. - Sound like trouble

He's coming home, he's coming... Hutchins' coming home: British Wannacry killer held in US on malware dev rap set free by judge

tfewster
Facepalm

Re: Not exactly Lord Copper

Not really - Hutchins pleaded "guilty" to past misdemeanours, so the verdict was "guilty" and he now has a criminal record. The judge took everything into account (as they should) and passed a minimum sentence.

An instant trial or a plea of "not guilty" might have led to the same verdict but a harsher sentence. Swings and roundabouts.

Anyway, I'm happy he's free now.

Rise of the Machines hair-raiser: The day IBM's Dot Matrix turned

tfewster
Facepalm

Re: Oh Be Reasonable

She got herself into that situation, but somehow it's the PFYs fault that she didn't suffer any serious consequences? (applies equally to males & their ties)

Lusers and Manglement are a different species from techno nobilis

Our sales were to genuine customers, Autonomy ex-CEO Mike Lynch insists in court

tfewster
Facepalm

Re: I don't know if he's a crook or not, but...

RTFA: There were a minuscule number of transactions in kind rather than cash. “So in $2.2bn of revenue, what we’re actually seeing is something along the lines of $9m where we didn’t get the cash." And come back if you find a few billion rather than a few million in "dodgy" (even if legal) transactions.

Does the Defence really have to say anything at this point? Apart from "Free the CFO one"?

Low Barr: Don't give me that crap about security, just put the backdoors in the encryption, roars US Attorney General

tfewster
Facepalm

...mechanisms that can be used by investigators...

The article missed one elephant in the room - which investigators? Police, FBI, NSA, natch. Homeowners associations? Why not, good ol' American boys. GCHQ? OK, they're our buddies. Other countries cops? Um, well, they're law enforcement too, and we can't really deny them the right to monitor their own back yard. Maybe we need a separate instance for each country. Or political party, in the case of disputed territories. Fuck it, let's just ban encryption. Oh wait, that would be against the second amendment.

Complicated, isn't it? And unless you're Captain Picard, saying "Make it so" doesn't work.

It's Prime Minister Boris Johnson: Tech industry speaks its brains on Brexit-monger's victory

tfewster
Facepalm

Re: Disaster

My last faint hope is that Boris is just a figurehead* for a shadowy group that has the UK's best interests** at heart. Remember how he went quiet for a while? I assumed that was his handlers muzzling him to stop him putting his foot in it.

* Quite possible.

** Pretty unlikely.

tfewster
Facepalm

Re: Labour Party has 'self-destructed'

Well said, sir.

When the Labour Party split itself between Corbynites & Blairites (Full disclosure: Personally I'm left-wing so I guess that makes me a Corbynite, though I don't support him personally) - The outcome should have been that the Tories trounced them.

When the Conservative party fragmented over Brexit, it was an opportunity for Labour to reunite and bounce back. But they wasted it.

A pox on both their houses. While they're all pissing about, implementing "the peoples will" needed a steady hand on the tiller to avoid a risky decision becoming a disaster.

Literally braking news: Two people hurt as not one but two self-driving space-age buses go awry

tfewster
Facepalm

Re: Here's what's really bad

If only there was a was a way of recording events in the visible light spectrum so a human could correlate what really happened with the sensor logs...

Those facial recognition trials in the UK? They should be banned, warns Parliamentary committee

tfewster
Facepalm

A Home Office spokesperson got in touch to say: ..."The Government believes ..."

Hang on, the Home Office is not the Government.

Of course, a Parliamentary Select Committee is not the Government either. But they're rather more likely to be be impartial (multi-partisan).

Oi, SadJav - Until you have the governance in place, stop the snooping. Allowing it to continue until the courts rule is "pre-empting the outcome of this case".

Li-ion battery 'price-fixing' case settled with bonus fury over lawyers pocketing eight-figures

tfewster

I wonder. If the lawyers pursuing a class-action lawsuit are taking all the risk, aren't they entitled to a fair reward? Maybe it was a quick/cheap win in this case, but more complex cases would balance that out.

So now we're just quibbling over what is a "fair" reward. For the class being represented, 70% of something is better than 100% of nothing. And at least, the bad actor has been stopped and made to pay.

The Empire Strikes Back: Trump discovers $10bn JEDI cloud deal may go to nemesis Jeff Bezos, demands probe

tfewster
Facepalm

Re: Here is a first

Sure. As soon as another vendor starts providing their own AWS (or Azure, if that's the tool that wins the bid) plug-compatible infrastructure, the bid can be split.

$10bn is peanuts compared to e.g. the F-35 program which also went to a single "vendor".

'I AM NOT PUTTING UP WITH THIS SH*T' Mike Lynch raged at salesmen

tfewster
Megaphone

Re: The rant is fair

Agreed. Sales gets the rewards, and a fair bit of clout in any company. If they're not keeping on top of "delivery" issues (be it a proposal, demo, contract, shipment or anything else that goes to the prospect/client), they're not doing their job. Tech Team managers may also be fair game if there are legitimate complaints.

But if Dr Lynch had spoken like that to the individual salesmen or tech staff, that would be unreasonable.

Maybe double-check that HMRC email? UK taxman remains a fave among the phisherfolk

tfewster

Re: HMRC

To be fair - at least you can report these scans to HMRC:

https://www.gov.uk/government/publications/phishing-and-bogus-emails-hm-revenue-and-customs-examples/phishing-emails-and-bogus-contact-hm-revenue-and-customs-examples

"Forward suspicious emails and details of calls claiming to be from HMRC to phishing@hmrc.gsi.gov.uk and texts to 60599"

Google nuked tech support ads to kill off scammers. OK. It also blew away legit repair shops. Not OK at all

tfewster

Way to miss the point, Google. They could easily verify an ad is linked to a bricks-and-mortar address (or even a reputable website/trader).

That said, I won't be disabling ublock/NoScript until the advertising industry starts taking responsibility for what it's trying to shove down my pipe. And it looks like that day is coming - if Google is vetting ads, surely it bears some liability for those it "approves"?

Amazon's bugging of homes has German boffins worried that Alexa may be an outlaw

tfewster
Big Brother

Re: users can delete recordings themselves by accessing recordings through an app or browser.

> How can I tell where I've been "accidentally" recorded?

Interesting question. If a home/property has CCTV, it's supposed to display a sign if it's likely to capture images of people outside your "private" space - UK ICO rules

It seems like a case of "My house - my rules". So you should always check.

New old Windows bug emerges, your 'strong' password is anything but, plus plenty more

tfewster

Not sure if you're joking, but from: https://answers.microsoft.com/en-us/windows/forum/windows_7-update/how-to-obtain-and-install-windows-7-sp2/c2c7009f-3a10-4199-9c89-48e1e883051e

In 2016, Microsoft decided to package 5 years worth of updates (2011-2016) into a single update, called the "convenience update" (although you and I can just call it Service Pack 2 because that's exactly what it is).

.

.

Note: Installing the update won't affect the version of Windows listed in system properties. It will remain listed as Service Pack 1.

Internet imbeciles, aka British ISP lobbyists, backtrack on dubbing Mozilla a villain for DNS-over-HTTPS support

tfewster
Thumb Up

Re: Perplexed

Thanks Graham - the explanation at https://blog.cloudflare.com/encrypted-sni/ shows that ESNI is quite elegant, as it offloads the SNI portion to DNS (which seems like a valid extension of DNS anyway).

tfewster

Dear Police

- if you want to know which sites I've been looking up, get a fucking warrant and serve it on my DNS provider.

(Note, post may display evidence of ignorance over how DNS/HTTPS works. I would have thought that the IP address that subsequent HTTPS traffic went to would be sufficient to build a case for a warrant, even if an IP address hosts multiple legit and dodgy websites.)

Oh good. This'll go well. Amazon's Alexa will offer NHS advice

tfewster
Facepalm

Re: Solution looking for a problem?

I'd really like to hear from someone like Shadow Systems for their views on how effectively blind people can use NHS Direct (phone or Web) at present, and if Alexa "AI" would add anything to that.

"There is no cost to this agreement to the taxpayer". Yeah, because we're the product being sold (out), not the customer. FOAD, Alexa

Yorkshire bloke's Jolly Roger flag given the heave-ho after council receives one complaint

tfewster
Facepalm

> So there are people who must be really busy but still have time to create such stupid regulations. Stupidity is the most shared quality among human beings.

I know what you mean, but unless you have some set standards (pun intended), someone will take the piss, e.g. a dozen huge flags with offensive designs. Stupidity is not restricted to officials.

Reading the PDF, it seems a reasonable benchmark. Though I might be inclined to test some of the definitions in court if someone were small minded enough to complain about what is clearly a bit of fun.

Marriott's got 99 million problems and the ICO's one: Starwood hack mega-fine looms over

tfewster
Trollface

Re: Just the cost of doing business

The basis is EU GDPR law. If you're doing business in the EU, you have to comply. The (British) ICO is taking this up on behalf of the EU, though I'm curious about where the fine goes to. $4 per head doesn't go far in covering individuals against ID theft, but presumably the ruling makes it easier for customers to make their claims for actual losses.

I don't know California law, but they're welcome to prosecute as well if they don't feel the company has been punished sufficiently.

I can see a fun future where countries race to get their prosecutions in "on behalf of the world" ;-)

Fibaro flummoxed, Georgia courts held for ransom, and more

tfewster
Facepalm

Lake City IT boss fired for ransomware payment

From the linked news report, it sounds more like the insurance company made the decision to pay the ransom to save themselves some money, and it cost the City just $10k.

The City IT Director may have been on the hook for allowing the incident to arise in the first place. Someone senior should be fired. But whether the responsibility lies with the IT Director or someone else, e.g. a Finance Director who refused to budget for DR & backups, is debatable.