But he's a government official and he pinky swears it, surely that's proof enough?
176 posts • joined 25 Dec 2009
> DMARC only reports if your policy is set to "none", it can quarantine and reject mails if you like. or am I missing your point?
DMARC lets you broadcast a policy, that tells the world what *should* be done about messages coming from your domain and that are not authenticated a certain way. DKIM is one of those authentication methods and it can actually protect the domain used "from:" (the one in the message, not the smtp envelope). There are a lot of problems still however:
- Adoption rate is very low at the sender level (only a tiny % of domains have proper spf, dkim and dmarc policies in place)
- Adoption rate is still so-so at the received level. It's a much higher %, but there are still stupid situations like Microsoft still not doing shit about DKIM, and *lots* of self-managed smtp servers don't handle these things properly
And of course none of those policies, and use of those policies in email filtering, will do anything about the fact that most email agents are complete garbage. Take Yahoo for instance, you can mangle the subject line so much that it can alter their webmail GUI, still to this day.
That, or your outlook.exe lacks the proper signature, and isn't the one on the whitelist. Scan for virii? :)
(My Outlook from Office 2013 had no problems writing to my document folders when saving an email attachment after enabling this).
The obvious unfortunately. The unsecured one scrambles the files, syncs them to dropbox, from where they get synced back to the secured device. If only the unsecured device could have read-only access to your cloud data...
"The article says Google now has a system where you have to reply to a text. The act of replying acts as the validation in the server - there is no code to input"
No SMS or reply.
Their new method sends a push notification to the app. The app then prompts the user somehow ("Looks like someone's trying to log into your account from *location*. Is that you?", with allow / block buttons). Upon pressing allow/block, the app calls a Google API to complete the process.
So yeah it's a 2-way street but it's data communications, not SMS, which is the hey as SMS has been proven to be vulnerable to SS7 and it was effectively exploited in the wild already.
End result is extra security because push notification subscription are "secure" (only the owner of the app can push to a specific phone/installation and no known hiijaking of that has happened yet) and the specific install on a phone is the only owner of the key necessary to sign the response message (the public part of which is sent to Google as part of the enrollment process).
In the end it's one more tool in the 2FA toolkit. Google aren't forcing this, they're offering it as a more secure version of SMS. You can still use authenticators that don't require sms or data connections.
So... Israeli intelligence, in the process of hacking Kaspersky for (probably exactly the same purpose), discovered that Russian intelligence had beat them to it?
Where's the popcorn icon?
Apple's iOS password prompts prime punters for phishing: Too easy now for apps to swipe secrets, dev warns
One way ...
To truly differentiate system password prompts from application-generated password prompts (including fake password prompts) would be to include contents in the system login prompt that is selected by the used when creating their account, and is never visible to the App landscape under any circumstance.
My bank for instance issues a favorite picture selected from a bank of hundreds along with a "personal saying" type phrase that was entirely typed in by me;
After years of seeing the same picture and text on their login screen, I would say I am phishing-proof (*).
It would be easy to implement by Apple / Google, and would mean the system login prompt is a "personal" thing that always has the small P.S. note "we'll never ask your password without showing those!"
Then give it ~5 years for users to train themselves.
(*) ok, so for varying degrees of "proof", but at least not spoofable unless a seriously bad leak already happened.
Re: "opting for cheaper 3rd party labels"
I had a very nasty argument with one of those high end audiophile shops when digital stuff started showing up - he was trying really hard to prove to me that his ~$300 gold-plated, HDMI cable was so badass that colors would be brighter, blacks would be darker and general contrast/sharpness would be better.
Complete with 2 TV sets showing the same movies, with "exactly the same things except for good vs cheap hdmi cable", to prove how shitty it was to watch a movie with a cheap $50 HDMI cable vs his expensive one.
Re: Surface, the Apple iPad/MacBook wannabe
Another way to see it is that Surface's goal was to give the OEMs a solid kick in the behinds, and wake them up from all the terrible, terrible hardware they were making.
Just look at screen and storage.
As apple was coming out with retina displays and ssd storage in their laptops, it was still considered a premium, high-end, "costs 100s of dollars more" feature to get an 1920x1080 display from Dell, HP and the like: they were very comfortable still peddling those 1366x768 pieces of junk in overweight laptops with storage that felt slower than my old 20 Mb RLL drives from the 1980s.
The current surface line-up clearly has those heat / etc. issues but calling them iPad wannabees is ridiculous.
That's an impressive pie!
> "The winning vegetable actually weighed in at 792.5kg, or enough to make 100 pumpkin pies serving around 800 people. Despite this bulk, it still came up well short of last year's 900kg record."
We're talking about 8 Kg of pumpkin per pie!
Re: Never understood why ..
Holy crap if SMS is "a technology that most people don't use these days" I must live in a weird place :)
But at any rate twitter limit was in no way technology-related, it was a design choice, they wanted to create an instant short-message feed. It's part of their branding, so to speak.
As another poster said, make it unlimited and they'd be just another Facebook knock off.
I don't care about pewdiepie or that specific game / developer, but I'm genuinely asking from the legal standpoint.
I'm assuming game developers have some rights / control regarding this, and streamers would need their permission and/or could be asked for some licensing fees? After all, (some) streamers are making a living out of this, in somewhat (and I'm really stretching here probably) the way that cable companies make money off the TV channels they carry, but in exchange for license fees. Of course game developers certainly must be getting lots of sales out of the deal (endless hours of free advertising).
I really don't know (or have any very clear opinion either way), but does anyone know the "legalities" of this?
Re: Getting bored now
It's fascinating how in such a short time they went from spectacular explosions to making those perfect landings feel like routine. Soon it'll barely be a footnote to the stories!
Seeing from the onboard camera, coming down from space at 3500+ km/h to land right in the middle of the logo is just amazing!
Re: How is this still a thing?
The point of this however is standardisation. They want to develop a standard that they'll impose on their vendors so that they don't end up with incompatible kits (so whatever form their charging stations take, they don't have to deploy 6 versions of them if they have 6 UUV vendors).
You let an underling decide on a technology / supplier / etc. on a multi-million deal because she's difficult to get along with?
Honestly her boss is as much to blame as she is... More, probably.
Re: Why Do People Expose Themselves With HTML E-Mail
That's only true for what is nowadays a very small, old-school slice of email users.
Everybody else at the very least can't understand why anyone would tell them they can't have bold, italics, etc. in text they write to someone.
And we're not even talking about the crazy idea that people who get their news, etc. via daily emails should get it in black-and-white text with no headlines / etc. whatsoever.
Email *was* a text medium. Decades ago.
Re: Tight squeeze
> Eh? They've still got a brake and accelerator
F1's really high tech now, they scream engine / braking onomatopoeia into their helmet microphone for that.
Vroooom, Vroooooooooom, Vrooooooooooooom, Vroooooooooooooooooooooom!
That's more or less what your firewalls are for, it's just that most people still assume firewalls are only meant to protect from external threats.
So they still allow, for instance, all servers to connect to any IP in the world using the basic protocols (http/https for instance).
Seems that financial client of Kaspersky was actually doing thing rights, and actually investigated blocked outgoing traffic to the point of hiring Kaspersky to figure out what was causing it.
But in the end your idea is just another approach that would generally not be implemented for the same reasons -- so many people assume traffic originating from their own systems is legitimate by default.
Re: Did you ever hear of the Seattle seven?
The dude abides.
"Japanese interest rates are actually negative at the moment, meaning it costs money to save"
How is that even a thing?
Re: Absolutely uncalled for...
"I dunno, Justin Trudeau seems to be doing pretty well on his own."
This is a gross oversimplification but...
Trump got elected because he ran a popularity contest out of his reality TV "star" status / outsider status.
Trudeau got elected because he's cool and popular on social media.
More than ever voters basically make decisions based on popularity contests, this does not bode well for the future of mankind :)
The first computer I owned...
I had the occasional brush with an Apple IIe before (where I learned some very, well, basic BASIC), when Sears liquidated their stocks in ~83 or 84, my parents bought it for me.
Soon enough, I had scrounged the extra peripherals - the speech synthesizer, the external expansion (with slotted RAM on an external bus AND a floppy) and, the grand prize of them all, an ASSEMBLER cartridge that basically gave you access to assembly coding.
So there I was at ~12 years old, having only a few months of self-training in BASIC, learning assembly on the TI-99/4A with zero resources other than a 4-inches thick manual in english (which I needed a french-english paper dictionnary at the time to understand).
That's what got me started anyway, so I still have great memories of this little computer.
> It's the new agile, dev ops combination bringing energy and innovation to the customer.
energy? you must mean synergy!
Re: Linus needs to start looking for his replacement.
> "Linus needs to start looking for his replacement."
On a somewhat more serious note, this is something I've wondered about from time to time. I only follow Linux Kernel development from articles here so my view is obviously completely skewed, but these articles definitely make it sound like Linux is what it is almost entirely due to Linus Torvald's vigilance and strict refusal to let any shit slip by. In a sense, if feels a lot like a personality cult, him being the glue holding everything together.
What happens when he retires years from now, having properly handed off stewardship and all is one thing.
How would Linux look like 5 years from now however if he died in an accident tomorrow? Is there a clear path of succession, or would things just devolve into 10 forks from people with different ideas?
I'm not criticizing or anything here, mainly I'm curious to hear from people that know about it more than from El Reg's headlines :)
It's hard to decide which side to root for!
see title ;)
Re: So which antivirus is the best for Android
> "Go and get a not-so-cheap android phone."
And what is wrong exactly with a cheap phone?
God forbid some of us see phones as actual, you know, phones, not as a social status symbol to be derided if it's not worth more than a reasonable desktop computer.
Re: Whats up with those numbers?
Yeah I think there's a math glitch here?
The author is counting 500 cache misses instead of 50,000.
It should be:
((950,000 x 1) = 950,000) + ((50,000 x 5) = 250,000) = 1,200,000 time units
((950,000 x 1) = 950,000) + ((50,000 x 50) = 2,500,000) = 3,450,000 time units
It's fine however because the marketing / business person that created the Flow "App" will also handle support and issues for it, and won't escalate it to IT.
Are you saying that, growing up as a kid, your parents were keeping things like bank statements safely locked in the family vault because god forbid if the kids got to see those and steal the bank account #?
> "...every single piece of fruit is checked..."
... from outside the crate, through those tiny hole used for air flow and whatnot, while being loaded 10,000 at a time in a cargo container ...
Re: Fragile evidence...
... but I play one on the internet.
Re: Smile :)
> Then again, if you have 10,000 machines, why are you on Win10AE rather than on Win7?
Or at the very least, if Win10 has to be a thing for you, on the LTSB version!
Evil staff, scheming so their bosses can hit their goals...
And management was just as surprised as those guys at Volkswagen were when they discovered that all their engineers had been scheming behind their back in a worldwide conspiracy to cheat on those diesel tests without management's knowledge.
Re: "Pete' has omitted some details...
What makes me skeptical on this one is that he has just the *one* call / voice mail? So the intern didn't call 50 times in a panic, just once, left a voice mail, and waited the rest of the day?
Re: Why oh why...
Because the user would then simply click yes and think "of course I'm sure, what a stupid question".
After all, they're the one that pasted 100 addresses in "to:" in the first place. That's what they wanted to do.
"Only participating nations on Earth have the plans for the International Docking Standard, so passing Aliens will be completely unable to connect to it."
Unless they have MacBooks which, as we know, include universal Terran-to-Alien protocol converters.
Re: The Cloud...
"You mean other people's computers that cost much less to run and are far more reliable than the ones you do have control over? That cloud? Where do I sign."
It's a good debate to have for sure but it's not nearly as "rainbow and unicorns" as that statement claims.
"Cost much less" ?
In some cases. In others, not. We've selectively targeted workloads that would be cheaper in the cloud as candidates, other workloads, not so much - in fact, some would cost many times more.
"far more reliable" ?
Google Compute Engine's SLA is 99.95%. That's a very good claim, but that one 211 minutes alone sets them at 99.5% for that month. A 10% credit towards the next month (as per their SLA) doesn't make up for 3.5 hours of unscheduled chaos.
In the end it depends on how critical your systems are and how good you are at maintaining them. I trust Google to know their shit, obviously, so yeah their cloud is very reliable. But I also understand that my SLA (the one I provide my customers) is the last thing on their mind when things go tits-up (and things invariably do). For these "absolutely must not fail", where you can afford to plan specialised backup / redundency / disaster recovery scenario, you can definitely be more reliable than the cloud. Or at least, when all hell breaks loose, you get direct control of the fixing process.
As you can probably see from that, I'm a bit cloud-shy. I do see it as "another guy's computer, that won't even take your calls when things go wrong" (well, you sure as hell are not going to talk to "the guy" unless you have a lot more clout with Google than I do)!
My general thinking is that I'll happily "cloud" anything that I would have run on a rented server at the local datacenter/colocation facility. Anything more serious than that, and I get scared.
"in pure Biblical terms, Google probably aren't the Antichrist."
That cracked me up. Have a pint!
Looking for a problem to solve...
"For us, Kinetic storage still has elements of clever engineering technology looking for an end-user problem to solve."
That's what I was thinking immediately / wanted to comment until it turned out to be the last paragraph of the article. Seems more like a toy for proof of concepts, the management issues you'd get at scales with that would be terrible, and you'd need so much effort to manually handle redundant storage in case of failures, and so on.
Maybe as a cheap, proof of concept object storage system for dev work...
I mean, it seems clever, but it also seems to have no real large scale practical application.
... and the tinfoil hat brigade rides in!
Also, fake moon landings, illuminato or free masons or somesuch.
Re: Silver Bullet
No Silver (or Platinum) Bullet will ever stop Dave.
What kind of actual damage can he have done that would truly have cost $189k to fix?
Or does that include $180k in legal fees to track / sue him?
Re: There is *something* somewhere ...
> Or you could ditch the daft, geeky feature list and go with something sort of retro / steampunk. Maybe purely mechanical, with little gears and a way you could see them?......(looks at own wrist).
May as well go full-blown crazy then: http://www.hytwatches.com/collection-h3/watch/h3-titanium-and-platinium-2/
Re: Oh wont someone think of the EULA
> Uhhhhh, why would you expose a DB server to an open internet connection?!
The topic here is not exposing the server to the internet, but rather granting the server internet access (so the server can get critical updates, anti-virus signature updates and so on).
Definitely not a great idea but any smaller organisation without WSUS tends to default to that.
Re: Why carry on sending spam?
"If I was a spammer, I wouldn't want to waste my bandwidth sending out email that was automatically deleted."
The thing is, bandwidth is cheap, and if you're a spammer it's also quite often not YOUR bandwidth. 1% inbox rate, if you send 1 billion, is still 10 million people. Then 1 in 1000 of those click something, you still have 10,000 people on your (drive-by malware / blue pill / whatever) site.
Facebook and Google IDs are both more and more used as a sign-in alternative to creating local accounts by a LOT of online services. You know, for user convenience and ease of development (offload authentication and account management to Facebook = save days of work!)
So besides the obvious "high % of Facebook users will use the same password everywhere" and "their Facebook email will be behind the password recovery scheme of other sites", the actual Facebook ID itself is quite valuable - would take seconds to test every phished credentials against hundreds of sites where valuable things might be stored.
Voters database *in the cloud*?
Shame on the whoever is responsible for this incorrect config cock-up.
How can the setup / configuration of a database of all citizens be left to a single guy (or have no review / audit policy of any sort in place, given that even the simplest "IT security for Dummies" check would have caught that)?
And then, how is it even acceptable that such an official database be hosted in the cloud, by Amazon, in the first place? I'm pretty sure item #1 on most governmental data security policies is "don't upload private citizen data on Amazon or Google"...
Re: That table again...
> Seek time has nothing to do with rotational speed as it is a measurement of time taken to move the read/write heads from one track to another and average seek time is approximately the time taken to move over one third of the tracks on a drive.
Seek times are generally listed to include stroke time / settle time as well as "waiting for the beginning of the track to reach the head once the head is in place". Basically "how long before you can actually read the next thing 1/3 of the drive away". So rotational speed does have an effect on average seek time - although clearly not a huge one.
Re: That table again...
Enterprise drives will have a 2-4 ms seek time depending on size and rotational speed. You basically won't find anything that's not at least 2 to 3 times faster than 10 ms on and Enterprise-class drive (that's sold for speed - those slow "backup" drives are another story).
But where I agree that the numbers are waaaay off is DAS / SAN. You're looking at those same 2-4 ms drive, with an I/O subsystems that will add *microseconds* worth of latency.
You can easily have a DAS subsystem that's filled with spinning rust (say, 15k rpm, 2.5 inchers) that will have an average access time below 5 ms.