* Posts by robidy

155 posts • joined 11 Jan 2010


Facebook's at it again: Internal emails show it knew about Cambridge Analytica abuse 'months' before news broke


Re: Be careful where you tread

Like any organisation, FB has many good and bad points e.g. Whatsapp is great for keeping in touch in an emergency and is ad free right now (i predict that will change). FB has brought many people back in touch after years and decades apart.

Throw the bath water out, by all means possible but don't burn the baby.

Children of Wales to be prepped for the vibrant world of work with free Office 365 ProPlus


Re: It's good to be king

Wales in a principality...

This headline is proudly brought to you by wired keyboards: Wireless Fujitsu model hacked


Windows key-R

ping <your hostname>

Should give you the public IP address from either the DNS logs or by inspecting ICMP contact to your public IP.

ftp runs in dos so grab a payload and get remote access.

Other operating systems, key sequences and targeted attacks are available.

Samsung pulls sheets off costly phone-cum-fondleslab Galaxy Fold – and a hefty 5G monster


Re: Well done Samsung

But it has a cat scene detection feature to make your cats brighter and sharper...what more could you want...yes it has one for shoes too....

Housing biz made to pay £1.5k for sticking fingers in its ears when served a subject access request


Re: So how much for the vicitm ?

For non-UK readers when the reigning monarch is male, it's His Majesty's Government....not that this has happened since the birth of the internet...or likely to for a while.


"We have no record of your complaint and the product is now out of guarantee. We are unable to discuss it with the person you wrote to as they have now left/been fired for being diligent."

The diligent employee forward the complaint to various people that has a lengthy "oh shit" internal discussion probably also copying in third parties as it's a health and safety as opposed to guarantee issue...deleting data to avoid an SAR is a dangerous game.

Mobile network Three UK's customer details exposed in homepage blunder


Re: ...that only four people had complained...

PR dept "What's the smallest number involved in the data breach?"

Techie "Three..."

PR dept "Okay that's our brand...we'll use 4 to avoid jokes from The Reg"

Apple yoinks enterprise certs from Facebook, Google, killing internal apps, to show its power


Re: "but it also treats mobile users like adults capable of making their own decisions"

Click and let us know...

Global server motel, with a supermarket in the parking lot, banks $10bn profit from $233bn sales (Yes, it's Amazon)


Many loop holes work regardless of brexit...if anything it makes it easier, your being harsh assuming Amazon will start paying more tax and not change the loop holes it's using ;)

We can all use licencing as a loop hole to transfer profits...it works just as well in countries outside the EU...if not making it easier.


Meanwhile UK gov does nothing to make Amazon pay it's fair share of tax in the UK.

Just sayin' it might help an accounting hole due in a few months time...or help pay down the national debt.

Plus provide a level playing field for UK online retailers.

Trying to log into Office 365 right now? It's a coin flip, says Microsoft: Service goes TITSUP as Azure portal wobbles


For those wanting to be paid for a UK snow day...this might just justify it..."no I'm not in the office, no I can't do any work...the Office is down."

And it's go, go, go for class-action lawsuits against Equifax after 148m personal records spilled in that mega-hack


Re: But whose data was lost?

In the UK that's most of you NI* Number ha ha.

Wonder if the three...I mean millions of Brits can join in too?

French data watchdog dishes out largest GDPR fine yet: Google ordered to hand over €50m


Re: Well that took long enough.

That's the cheap knock-off one from an Amazon seller with 125 excellent reviews in 2 days....I can't find him today...but there are 20 other sellers with the same item all getting great reviews today.

The real one says $111 profit on turnover of $12.6 billion.

US midterms barely over when Russians came knocking on our servers (again), Democrats claim


Re: Always blaming Russia

Not sure if you've read the court filing but the theft of internal Amazon architecture isn't a list of Russian IP addressses...I think you're in Friday night beer goggles mode. The are also the best part of 111 pages of stuff not listing web site probes from Russian IP's.

We all see port scans everyday...that's not a problem they are on about.

South Korea reckons mystery hackers cracked open advanced weapons servers


Re: Good heavens

China trying to derail Trumps Korean peace deal....would be handy for thsm if the norks copped the blame...would also benefit Russia.


Donald Trump for all his faults is doing just that with trade tariffs on Chinese imports...AND profiting from said tariffs.

Say GDP-aaaRrrgh, streamers: Max Schrems is coming for you, Netflix and Amazon


Until they face a multi million/billion dollar fine.

Then sudden the cry the and scream that the nasty EU are picking on them.

Microsoft partner portal 'exposes 'every' support request filed worldwide' today

This post has been deleted by a moderator

Marriott: Good news. Hackers only took 383 million booking records ... and 5.3m unencrypted passport numbers


Re: Huh?

Says a lot for duediligence they didn't do or a bizarre risk acceptance if they knew about it.

GDPR: Four letters that put fear into firms' hearts in 2018


GDPR isn't pronounced as a word...I suspect it's actually an initialism as opposed to an acronym.

However if we move from the realms of the English language to geekery then WTF, ROFL and CUNT are called acronyms but are technically initialisms.

Of course MYSQL and SQL could be either or a hybrid.

So this boxing day everyone's a winner ha ha :)

It is with a heavy heart that we must inform you hackers are targeting 'nuclear, defense, energy, financial' biz


Re: emails contain poisoned Word documents

Interesting post.

Docx and xlsx don't have the same exploit risk as doc and xls.

Hence doc being the transmission vector of choice for miscreants.

I'd consider allowing docx and xlsx and analyse my logs to see if they supported that hypothsis...while still blocking encrypted ones.


Really, that's no guarantee...a compromised server accessed via an anonymous vpn..or three...job done, how do you find them.

I trust you don't work in tech security.

Taylor's gonna spy, spy, spy, spy, spy... fans can't shake cam off, shake cam off


Ah, Taylor Swift....clothes make ready for Yoda.

Huawei CFO poutine cuffs by Canadian cops after allegedly busting sanctions on Iran


Re: Canadians as puppets

It's no just Americans, it's also commonwealth countries.

I'd avoid letting my view of Trump cloud my judgement of international security.

Trump will be gone in 2-6 years China will still be agressively protectionist.

NHS supplier that holds 40 million UK patient records: AWS is our new cloud-based platform


Re: Storing PII Data in AWS (S3)

Correct me if I'm wrong but the US Patriot Act covers US corporations regardless of server location.

The act covers corporations not their location...otherwise there would be some massive data centres in Canada and Mexico to avoid it.


Re: Bullshit Alert

Err erm, how are my or anyone else's medical records out of scope of the US Patriot act in AWS?

El Reg, this is something we UK citizens need help answering?

Warning: Malware, rogue users can spy on some apps' HTTPS crypto – by whipping them with a CAT o' nine TLS


Re: It's time to start over

To be fair, some languages allow users to make bigger mistakes more often than others.

Marriott's Starwood hotels mega-hack: Half a BILLION guests' deets exposed over 4 years


Re: Card numbers

That's exactly why innovative startups succeed in all industries...a defence of the status quo as opposed to a drive for positive improvement.

You can change and improve if you want to.

You can have multiple accounts so you can do an orderly transition...heck acquirers will give you a temp account to help with the transition...you just have to ask for one.

Apple in another dust-up with its fans: iMacs, MacBooks lack filters, choke on grime – lawsuit


Re: Who is in charge?

Yes now share price is tanking...question is will they fix this...only if it drives shareholder value.


Re: Errr....

Are the down votes on @msknight's post the count of Apple PR execs who have read it?

Baroness Trumpington, former Bletchley Park clerk, dies aged 96


Re: Advocatus Diaboli

Sometimes, it's best not to advertise one's ignorance.


I didn't think May was dead...

Just because you're paranoid doesn't mean hackers won't nuke your employer into the ground tomorrow


Re: Paranoid

In the the tech world it's paranoia...everywhere else worrying about the threat/competition is being an entrepreneur

Qualcomm: Welp, there's a $5bn-ish Apple-shaped hole in the books, but at least we have other chip buyers


Re: Qualcomm is dreaming

If the consumer is told it's faster than a home Virgin or BT connection AND you can take it with you then 5G will be a masssive hit.

Mobiles have replaced landlines so home broadband could be next.

FYI: Drone maker DJI's 'Get it on Google Play' website button definitely does not get the app from Google Play...


Re: Police Drone Use

My comment was ironic :)


Re: Police Drone Use

Ha ha! I thought my comment about the Police was outrageously ironic...does this mean 50% of El Reg readers are American or have they been infiltrated by the Chinese thought Police.


Users will forget to turn security back on after loading a non-play store app.

Chinese company DJI will have a list of these users.

No UK Police or other law enforcement have ever used drones, let alone any from DJI.

Of course Chinese companies and the government would never dream of doing anything with this info.

Virgin Media? More like Virgin Meltdown: Brit broadband ISP falls over amid power drama


The internet or the status page ;)

UK's Openreach sends full fibre to Coventry


Re: Removing the copper cuts us off

Remind me how a sip phone or homehub router work in a power cut?

Rural places have multiple power cuts a year...often for hours...

VirusTotal slips on biz suit, says Google's daddy will help the search for nasties


Re: owned by google

Think it through...virus total uses AV packages to scan files.

It includes Russian, Chinese, American and European vendors amongst others.

Are you suggesting Google have hacked into all these vendor's packages?

Are you suggesting no one ever double checks the results?

Now here's an idea: Break up Amazon to get more shareholder cash


If all retailers paid Amazon levels of tax we'd have a massive budget issue.

Why shoild bricks and mortar retailers subsidise Amazon's agressive tax avoidance?

British Airways hack: Infosec experts finger third-party scripts on payment pages


The domain was registered by the miscreants...are there not http headers to limit this.

There are a number of basic things that could have been implemented to expose parts of the hack that weren't.

Yet again the basics being missed cause a cluster f***.

So yes, the lesson (still) to learn is get the basics right before blowing millions with IBM or whoever.

Dear America: Want secure elections? Stick to pen and paper for ballots, experts urge


Re: It doesn't matter if an OMR machine can be hacked

There in lies the problem...you are assuming all machines need to be tampered with.

You only need to tamper with sufficient machines, to cover the winning margin+1 vote.

Anything else is a waste of resources you could use hacking other things.

However if your're on the voter machine security side, you must secure ALL voting machines for the election to be credible BEFORE the election.

This changes AFTER the election dependent on tbe result...i.e. you need the winning margin-1 to have been secured.

$200bn? Make that $467bn: Trump threatens to balloon proposed bonus China tech tariffs


It's a back door tax on profitable tech companies like Apple and Amazon.

It's actually quite clever....must be a side effect of a Trump policy.

Tech manufacturing is already starting to move away from China so it's a double win for Trump...though can't see it moving on shore...more likely to SE Asia and then Africa.

'World's favorite airline' favorite among hackers: British Airways site, app hacked for two weeks


Didn't that go to TSB?

Congress wants CVE stability, China wants your LinkedIn details, and Adobe wants you to patch Creative Cloud


When did u rename it?

Are you confident your security is good?

Could evidence a more recent data breach at Linkedin.....


Re: CVE Funding

The industry (closed and open source) has had over 3 decades to do something.

The only notable action was Google's and that is hardly adequate.

The alternative is not worth contemplating.

Windows 0-day pops up out of nowhere Twitter


Re: "and their dog being able to use the Administrator account"

Cisco wouldn't do that ha ha ha plop...

Netadmins: Grab a plate and wander down El Reg's network buffet


Nice click bait...where's the free food for my plate...is there free alcohol too?


Biting the hand that feeds IT © 1998–2019