* Posts by Roland6

4089 posts • joined 23 Apr 2010

Pickaxe chops cable, KOs UKFast data centre

Roland6
Silver badge

Re: UPS and power shenanigans...

>I can tell you for a solid fact that APC UPS units get mighty peeved when they see 220 on the _ground line_.

What, it's 2017 and this is still a problem! :)

Back in the late 1970's I worked for a company that installed IT systems next to railway lines ie. signalling systems. Where fluctuating voltages on the ground line were regular events (ie. every time a train went by). So the company had developed some rather fancy switch gear that sorted the problem. The other problem (to delicate IT systems) we saw in the early 80's were the power spikes caused by the then newly introduced thyristor controlled systems, these were particularly troublesome as they were invisible to the then new digital scopes but not to the analogue scopes.

0
0

Big tech wants the ICO on EU data protection board in Brexit fallout

Roland6
Silver badge
Pint

Re: Unicorns! Get your fresh Unicorns!

Apart from the fact that it was a fucking stupid idea™ in the first place to want to leave the largest free trade area to which the country belongs and secondly was instrumental in its establishment and evolution into its current relatively open state.

FTFY

Re: Ugandan Navy - friends, who have been back, tell me the buses are now both more reliable and more regular... :)

0
0

Archive of 1.4 BEEELLION credentials in clear text found in dark web archive

Roland6
Silver badge

Re: Do you not think there's a slight flaw in the idea...

Re: It'd be nice if someone like HaveIBeenPwned would load this up and then tell you WHAT PASSWORD they had in that list.

Looking back, this is the substantive part of the email I received from HaveIBeenPwned when LinkedIn was Pwned:

"You've been pwned!

You signed up for notifications when your account was pwned in a data breach and unfortunately, it's happened. Here's what's known about the breach:

Breach: LinkedIn

Date of breach: 5 May 2012

Number of accounts: 164,611,595

Compromised data: Email addresses, Passwords

Description: In May 2016, LinkedIn had 164 million email addresses and passwords exposed. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.

It would make sense for Troy to amend the lookup and to send the results (suitably secured) to the user entered email address, thereby getting around this issue...

0
0
Roland6
Silver badge

Re: How do I check if my password's been compromised

Visit Troy Hunt's website: https://haveibeenpwned.com/

Although it might be a few weeks before this latest credential haul is uploaded.

1
0
Roland6
Silver badge

Re: 12345? That's amazing, I've got the same combination on my luggage!

Wind forwards about 15 years and I wanted to use the briefcase again. One of the locks had got nudged and for the life of me I couldn't remember that old phone number to unlock it. Old phone bills had been chucked out years before.

I finally dug it out of an old CV that was lying around on my hard drive

Know the feeling, I've got a whole bunch of encrypted files scattered through my projects archive, I simply wrote the passphrase in the margin of my then current notebook/diary. If I ever want to access these files and the disk is still readable, it will be a long skim read through my old notebooks/diaries...

2
0
Roland6
Silver badge

The linked article <https://medium.com/4iqdelvedeep/1-4-billion-clear-text-credentials-discovered-in-a-single-database-3131d0a1ae14 > is interesting.

This database seems to be an aggregation of a number of previous breaches and thus spans several years of Internet usage and can for any particular email address give an idea of the level of password re-use etc.

Interestingly, because of the aggregation, I see that even passwords of 10 characters have made it into the top 20.

I see that both in the linked article and here on El Reg, little real thought is being given as to how user credentials are stored, transported and looked up, particularly on websites.

2
0
Roland6
Silver badge

Re: Oh not biometrics again

Next, Biometrics could very simply be changed in EXACTLY the same way we change regular passwords. Send an email asking to be changed, re-scan fingerprint. I fail to see how this is an issue.

Most people only have 8 fingers and two thumbs, and current biometric scanners only use a handful of data points (hence why they are so easy to fool), whereas each character of a password can use most of the keys on a standard keyboard...

3
0
Roland6
Silver badge

Re: Oh not biometrics again

>Facial recognition is still rather unreliable, can be easily fooled and requires a rather important back-end.

As far as my son and daughter are concerned facial recognition works perfectly on the Xbox One!

They enter the room and most of the time the Kinect automatically logs them in as me, I go in and get logged in as one of them; largely making parental controls even more pointless (IE on the Xbox has a 'feature' that after a couple of minutes on xbox.com, automatically logs into the parent account, regardless of whichever account on the Xbox is actually signed on).

My son (age 12) has finally decided parental controls are a nuisance and has simply turned them off, at least he hasn't yet bothered with the content restrictions, but to watch "The Grand Tour" he needs 'relaxed' ratings I think it will be a couple of years before he has need to play around with these...

1
0

UK.gov's plans for data processing framework create new risks, says watchdog

Roland6
Silver badge

Remind me again about the massive amount of personal hospital health data released to organisations, unanonymised?

That won't happen again! Under the new framework, defined by the governmentTreasury, citizens automatically give the government the right to sell their data, hence permitting departments to have their own revenue stream. Thus people won't be leaking data, because it would negatively impact their bonus.

2
0

UK border at risk of exposure post Brexit, warn MPs

Roland6
Silver badge

>I don't see the Remoaners coming up with any clever ideas.

Not been paying attention! Just like Brexiteers 'Remoaners' come in many flavours.

One group's (fervent) hope is that Brexit is so bad the UK bounces back into full-fat EU: Euro, Schengen, no veto etc. etc. Perhaps they wish to revive the post -1066 social order in this country...

3
1
Roland6
Silver badge

How does "no difference" equate to "less secure"??

There will be little the UK, once outside of the EU, can do if France simply puts all those undesirables in the Calais camps on to trains and ferries - I don't expect them to form and wait in an orderly queue for passport control...

0
1
Roland6
Silver badge

Re: WHAT BREXIT???

She has hijacked brexit to deliver what she wants, and seems to be firmly on the path of getting that.

Hijacked?

I think not, she was very clear at the outset: "Brexit means Brexit"; just that no one, especially the foaming at the mouth Brexiteers, bothered to ask her to define 'Brexit' ...

3
0

Mailsploit: It's 2017, and you can spoof the 'from' in email to fool filters

Roland6
Silver badge

>SMTP is too broken to be properly fixed. We need a new protocol.

X.400 ?

Suspect it might need to be dusted down and refreshed in light of experience both with X.400 implementations in the 1990's and with SMTP.

But given where we are in networking compared to 1990, perhaps the real problem is that it is time for the current IPv4 Internet to be replaced; just as it is time for copper to be replaced by fibre.

0
1
Roland6
Silver badge

Re: Am I missing something...

Yes!

If correctly parsed the From address in many of the demo's should be <demo@mailsploit.com>

However,when you reply the address is taken from the "Reply To" field, which (in the demo's) has been set to: potus@whitehouse.gov.

More details and an option to send 14 different test emails to yourself at https://www.mailsploit.com/index

0
0
Roland6
Silver badge
Pint

Re: More depressingly...

Scratched my head about the down votes, then realised AndrueC was referring to Messagebody text and not Displayname text.

2
0
Roland6
Silver badge

The real issue isn't so much the "From" line, but what gets displayed and/or made available to the end user to enable them (and their spam filters) to determine the providence of an email.

Remember we are talking here not of anal retentives who check the header details of every email received, but normal users who do use the "From" field to help them determine if a message is worth opening or not.

Thus whilst it is good your server supports SPF etc., have your clients correctly set up their SPF records to include your server? Also we shouldn't forget the "Reply to" address, as I've had legitimate-looking emails with a distinctly dodgy reply to addresses.

3
0
Roland6
Silver badge

Re: More depressingly...

>I have my clients configured to only show text

Like living dangerously!

My default is to display both, thus aiding spam identification:

Lloyds Bank [secure@lloydsconfidential.com]

Sage Invoice [secure@sage-invoices.com]

PayPal [support@bt.com]

All of the above are spam.

1
7

VW's US environment boss gets seven years for Dieselgate scam

Roland6
Silver badge

>“This sentence reflects how seriously we take environmental crimepeople who make us look stupid. "

FTFY

I suspect there has been no change to the emissions test or action taken in light of this case, so it is still wide open to being fooled.

Been here before, repeatedly over the last few decades, with various US government and associated agencies computer systems, who's security has been shown to be inadequate. Yet rather than do anything about improving security, great effort is put into prosecuting foreign nationals, especially when those foreigners are revealed to be teenagers, working on their own, out of a UK bedroom.

6
1

Get ready for laptop-tab-smartphone threesomes from Microsoft, Lenovo, HP, Asus, Qualcomm

Roland6
Silver badge

Re: More crap for the e-waste facilities?

>Don't forget that EU+EEA based operators have to offer free roaming across all member states these days

It's not free and what is included in your normal monthly subscription and what additional usage will cost is determined by your plan...

2
0
Roland6
Silver badge

>An iPad or surface is likely to cost 2-3 times as much, though.

But unless these devices can run applications at least as well as the oldest still supported iPad (currently the iPad Air, released in 2013 and available secondhand for a little over £200), they will effectively be landfill - just like all the budget Win10 tablets today.

From my experience, my inclination is to go with either an iOS or Android platform as these were developed from the ground up for mobile.

2
1

Did you unwittingly support the destruction of net neutrality rules?

Roland6
Silver badge

Re: Most amusing

A lot of Rolands posted exactly the same comment.

Another repeated posting is:

"The current FCC regulatory scheme known as "Title II" represents an unprecedented increase in government control over the internet. Such over-regulation is hurting our economy and suffocating innovation. I support Chairman Pai's plan to return to a commonsense regulatory framework that allows for the internet to grow without useless government interference. The internet has flourished for decades without the heavy hand of government over-regulation. It’s time we return to what works."

0
0

Ofcom just told BT to up its game on fibre investment

Roland6
Silver badge

>but Plusnet only sell the 40/2 variant, the mean gits.

So don't be loyal!

EE standard fibre offers are 80/20 and 40/10; in my area, it also has the benefit of having a rather low contention ratio... Additionally, by playing the system (cashback, discount codes, offers etc.) the amount you actually pay is not too dissimilar to Plusnet.

As you note, the vdsl2 speed distance chart is useful, in my case it meant there was no value in me even thinking of subscribing to the 80/20 service.

0
0

Voyager 1 fires thrusters last used in 1980 – and they worked!

Roland6
Silver badge

Re: "Yes, move 0xFF to the register at position IX+0xBEEF"

>and don't need to carry around the whole "ecosystem" of compilers, optimizers, frameworks, deployment infrastructure and consultants.

But when working on bespoke hardware, it is useful to have a precision ruler: Even with the clock speeds being used back in the early 80's, I encountered timing problems where the outermost parts of a circuit board where operating several clock cycles behind the CPU. The ruler helped me to identify which components were affected.

1
0
Roland6
Silver badge

Re: It's good to see your tax money being spent

>Shockingly, I do not accept low-grade science fiction speculation as justification for spending taxpayers' money.

Not a fan of Dr Who or Douglas Adams then...

0
0
Roland6
Silver badge

>Yes you can communicate with it if you have the patience to wait 39 hours for an answer

Good thing SatNat didn't exist back then...

1
0

WW2 Enigma machine to be seized from shamed pharma bro Shkreli

Roland6
Silver badge
Boffin

Re: Enigma

>Ah, but was it a cryptic crossword?

And to truly count, it does need to be The Telegraph's cryptic crossword and completed within 12 minutes...

0
0
Roland6
Silver badge

"It was just a (very good) encryption tool used in normal business well before and after the war."

FTFY

Enigma was widely used after the war, in part because the UK government kept both Bletchley Park and the breaking of Enigma secret, because many foreign governments thought it was secure and unbreakable...

6
0
Roland6
Silver badge

Re: Enigma

Bletchley Park wasn't just about knowing how to break an enigma message, it was a huge industrial operation that collated thousands of messages from dozens of outstations and had to do it very quickly.

Perhaps the real reason some are happy that "pop historians and shoddy film makers that helped to bury the many contributions Gordon Welchman made to these efforts." is to keep the focus on Turin and Enigma, and so deflect attention away from the big picture and Welchman.

It is interesting that Welchman was still considered to be a security threat in 1982, because of his book "The Hut Six Story", which "included details that were "still classified""

[http://www.bbc.co.uk/news/uk-england-beds-bucks-herts-27128685 ]

Aside: If you are interested in the bigger picture, I recommend reading "Bletchley Park's Secret Sisters: Psychological Warfare in World War II" published in 2005.

2
0

UK government bans all Russian anti-virus software from Secret-rated systems

Roland6
Silver badge

Re: AV - Can we really trust any of them?

>This story is about government computers, part of the job of GCHQ (well, CESG) is to protect those computers.

Which is even more interesting, given the discussion about the NSA exploit [https://forums.theregister.co.uk/forum/3/2017/12/02/nsa_tao_exploit_leak_guilty/ ]

Cloud-based security software has been around since circa 2008 (Prevx, Panda,...), thus it is notable that it is only recently ie. this year, that the NSA, GCHQ etc. have woken up to this attack vector...

1
0
Roland6
Silver badge

Re: AV - Can we really trust any of them?

>Just be happy Microsoft offers Windows 10 Chocolate Firewall built-in.

But to benefit from it, you need to have given permission for MS to access your hard disk and upload any files of interest and share them with selected third-parties...

1
0

Escrow you, Apple! Ireland expects Cupertino to cough up to €13bn

Roland6
Silver badge

Apple are allowed to offset any corporation tax they pay on overseas earnings against US corporation tax due on them, if and when they finally re-patriate that money to pay tax on it.

You are forgetting that a few years back Apple took out loans in the US to pay dividends, the loans get repaid by repatriating monies from overseas, with no US tax being paid regardless of whether or not overseas taxes have been paid on the earnings.

1
0
Roland6
Silver badge

Re: A debt's a debt!

I think you will find those loans were in Sterling, not Euros. So Ireland only has to wait a little and suddenly that 9B GBP becomes 9M Euros... :)

4
3

Guilty: NSA bloke who took home exploits at the heart of Kaspersky antivirus slurp row

Roland6
Silver badge

Re: Pho no!

It does look like comparisons of Internet security software is now going to have to include consideration of where a company's servers are located.

As it is beginning to look as if the US government is spreading 'allegations' ie. FUD about non-US security software, from places US agencies have little access to or influence over.

Naturally, all of this is outside of any trade deal/arrangements and thus the companies affected have little redress.

0
0
Roland6
Silver badge

Re: Linux, BSDs, Mainframes

>Linux, BSDs, Mainframes

The use of these platforms and others is only part of the solution.

You also need to look at the programmers' workbench toolset you are using, specifically the code repository and version control and build systems; if these are cloud-based...

0
0
Roland6
Silver badge

Re: all this focus on pho...

"Shirley the bigger concern is that , in a post-Snowden world, their developers are able to get that off their secure network, apparently without detection."

FTFY

0
0

Unfit to plead before a US court? You may face 'indefinite detention'

Roland6
Silver badge

From reading these articles, that is the crux of the matter.

The crux of the matter is the other way round: The USA DONT want the trial to be held outside of the US because it would mean the US would have to finally accept the legitimacy of legal systems in the rest of the world and that there are times US law is subservient - hence why the attempt to narrowly define broad concepts in the treaty and the lies about how difficult it would be to get evidence to a UK court. Lies? yes because as the Hague has demonstrated, it is perfectly possible to firstly conduct trials where the evidence is a lot more physical and less mobile than is the case here with pure digital 'crimes', and secondly achieve success convictions of people of war crimes.

So given what we know about the US court system anyone in their right mind will be looking at using anything they can to avoid putting themselves before it.

0
0

What will drive our cars when the combustion engine dies?

Roland6
Silver badge

Re: Just popping down the battery station for some half dead flowers

Where standardisation works as an enabler vendors get dragged into line whether they want to or not.

What I have found surprising is that after several decades of product development, mobile device vendors still insist on using different battery sizes - often unique to specific phone models, even though the economies of scale that arise from standardisation are obvious.

2
0
Roland6
Silver badge

Re: fossil fuel - we're addicted.

And where does all the plastic come from to make the 'cruelty free and vegan' interiors of Teslas?

And what do we do with that highly flammable distillate, leftover from the 'plastic' refining process, which if we aren't going to be putting it into millions of combustion engines will rapidly become rather a large waste problem.

7
0

Win 10 creators update offers new reality opportunity

Roland6
Silver badge

"That said, the market is at an early stage."

It would seem the only progress since the early 1990's is that the platform hardware (and thus software) is more capable. AR and VR are still niche technologies looking for mass-market applications - I wonder if any will be found...

5
0

Three useless UK.gov 'catapults' put in Last Chance Saloon

Roland6
Silver badge

>That article is a little out of date

I would hope so! :)

At the time it seemed totally daft not to use the same gauging standards for both lines and hence allow for future integration etc. and the savings to be had from using common rolling stock.

0
0
Roland6
Silver badge

Re: Luas (tram) lines

"Dublin's two Luas light rail lines from the city centre to Sandyford and Tallaght are being built to different standards, the Railway Procurement Agency (RPA) has acknowledged."

[https://www.irishtimes.com/news/luas-lines-being-built-to-different-standards-1.364183 ]

The issue is that the 'gauge' isn't just the distance between the tracks but also such things as curve radius and loading...

0
0
Roland6
Silver badge

And therein lies the issue in a crowded citycountry. You can't just barrel through a route and say "fuck you" to the various property owners along the way.

You can if you are the government...

HS2 is just the latest example: Government, in private, chooses a route and then simply offers property owners a compulsory purchase valuation based on questionable valuations and if you object well we'll simply call you a NIMBY and proceed regardless...

0
1
Roland6
Silver badge

> it woud lhave to run on the UK gauge.

and which gauge are you referring to?

Whilst many trams/trains do use 4 ft 8 1/2 in between the rails, there are many other gauges that dictate whether rolling stock from one part of the network can run on another part. If memory serves me correctly, the two tram lines in Dublin were originally designed to different gauges, preventing rolling stock from being used on both lines...

0
0
Roland6
Silver badge

>Crossrail worked out well

Getting ahead of ourselves here - they've yet to run trains on it or have paying passengers...

1
0

Bulletproof Coffee lacks bulletproof security: Nerd brain juice biz hacked, cards gulped

Roland6
Silver badge

Re: Buttered coffee

Amazing how you can only get the benefits if you buy the special ingredients from the firm.

Personally, I'll be sticking to my preferred breakfast: Bacon and egg butty and a mug of coffee...

https://www.healthline.com/nutrition/3-reasons-why-bulletproof-coffee-is-a-bad-idea

Interesting, following up the obsession with "grass-fed butter", I hadn't realised just how different (currently) the UK/EU and Australian cattle feeding practises are to those practised in the US.

Perhaps, if I could package the Bacon and egg butty and coffee into a Nespresso style pod, some Silly Con Valley investors might throw money at me...

0
0

Dark fibre arts: Ofcom is determined to open up BT's network

Roland6
Silver badge

Re: Does any one actually know where all this dark fibre is?

The cost of the actual cable isn’t that much. Paying people to dig up the roads to lay it is most of the cost, and it doesn’t cost any more to ask them to lay a load of them rather than just one strand.

Agree, however, given how long Ofcom and BT competitors have been going on about access, it would not surprise me to find that BT simply laid the bare minimum of actual fibre to satisfy BT's immediate needs, leaving the rest as empty tubes for blown fibre...

2
1
Roland6
Silver badge

Does any one actually know where all this dark fibre is?

I am pushed to understand the true extent of the resource being discussed.

It is really true that BT in rolling out FTTC, didn't put one fibre and a spare between the exchange and street cabinet, but put in a few dozen fibres, but only lit one.

Likewise, in the backbone (exchange-to-exchange) network, just how much spare capacity/dark fibre is there.

About the only place I can think of where potentially large amounts of dark fibre exist that is awaiting commercial exploitation, is in the local loop! Where BT for years has been deploying cable with copper and fibre cores, but only connecting the copper cores. But then access to this is available through sub-loop unbundling...

I suspect the real reason behind this 'initiative' is to enable BT competitors to gain greater visibility of BT's network and so give them more ammunition to use against BT. We can be sure that when it is discovered that there isn't any dark fibre where a competitor such as Sky want it to go, they will be back knocking on Ofcom's door crying that BT isn't playing fair...

4
3

Abolish the Telly Tax? Fat chance, say MPs at non-binding debate

Roland6
Silver badge

Re: BBC rocks

I watch Netflix and Amazon prime...

We should not forget that Prime's big asset of the moment is..... The Grand Tour

Which as everyone knows is TopGear, without the BBC production constraints (in all their forms)...

Without the BBC's multi-decade investment (in TopGear and Clarkson, May and Hammond), I doubt Amazon would have taken Clarkson et al on.

0
0
Roland6
Silver badge

Re: The BBC Is OK.... Honest

There's Blue Planet 2, which features the most brilliant photography ever seen in a nature documentary.

I just wish it had subtitles continuously scrolling across the bottom

What?!!

Haven't you discovered the Audio Description setting on your TV/PVR?

0
0
Roland6
Silver badge

Umm...but the BBC buy in a lot from independent production companies...

That is because of changes made back in the 90's when it was determined that as both the leading UK broadcast organisation and commissioner of programmes that part of its public service obligation was to stimulate the programme production industry. Thus many former BBC employees were encouraged to set up their own production company and sell programmes back to the BBC and to others.

This action served two purposes: the first it gave the production companies greater freedom than they had when directly employed by the BBC, the second was that this could reduce the cost of the BBC and thus the cost of the licence fee.

The BBC also have a record for producing utter dross - see about 50% or 'comedy' and drama on R4.

Agree with respect to R4, Hitchhikers Guide to the Galaxy was a R3 production and much superior for it....

0
0

Forums

Biting the hand that feeds IT © 1998–2017