* Posts by Woodnag

153 posts • joined 24 May 2010

Page:

UK Supreme Court considers whether spy court should be immune to legal probes

Woodnag

Contributions

When considering charities... do check the finances, as some NPs are more lifestyle vehicles for the directors than do-good orgs. A lot of phone-based fundraisers keep most of the contributions. In US, 501(c)(3) non-profits must file Form 990 showing finances, and these aren't difficult to dig up on the webs. When directors are getting a few hundred $k, a question or two are begged...

Germany pushes router security rules, OpenWRT and CCC push back

Woodnag

The updates section is not very good

1. Mandates firmware updates from WAN, so flash will need to be double size to hold old image and new image

2. Allows push updates, which is a massive attack vector, not least because each router must phone home to tell mummy who and where it is, so every nation state monitoring all traffic will know who's got what.

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)

Woodnag

Re: Really?

Per an earlier comment:

If anyone wants to quickly check whether their system is using their drives own hardware encryption, run "manage-bde.exe -status" from the command line as administrator.

For mine it shows AES-256, which is how I configured it, not using the available hardware encryption on the Samsung EVO SSD.

Woodnag

Bitlocker

If MS wanted BL to be great, why is AES-128 the default, and passwords limited to 20 chars max?

Oz intel committee: Crypto-busting is only bad if you're a commie, and we're not by the way

Woodnag

Re: We're not a communist regime

The US systems relies on the various parts of the system (legislature, congress, reps, justice dept) ensuring practice of separation of powers. For example, El Pres. being required to get Congress' consent to declare war. Not working so well right now.

Civil rights group Liberty walks out on British cops' database consultation

Woodnag

Presuming that editing individual records to delete unlawfully retained data is, as claimed, painfully and uneconomically difficult... then the reason not to create a script that filteres out the traffic on transfer to the new system is probably this: it won't get deleted (easily) from the new system. It will get moved instead (equally easily) to the the other 5-eyes databases. So ministers can say that LEDS doesn't have the data. But we won't get an answer on what got pushed to foreign databases for reasons of national security.

Google actually listens to users, hands back cookies and rethinks Chrome auto sign-in

Woodnag

Re: "tucked away in the Privacy and Security settings"

Shift Ctrl Delete gets you to the Clear Browsing Data settings page in Chrome/ium.

Didn't find this out til yesterday meself :{

Spies still super upset they can't get at your encrypted comms data

Woodnag

"I am not sure how the world will react"

Disbelief and sarcasm, for starters.

Woodnag

Re: business won't comply

5-eyes' problem isn't tracking terrorists, molestors, mafia etc.

These countries want the ability to see what normal citizens are doing.

Terrorists, molestors, mafia etc can/will use encryption REGARDLESS of the law.

Android data slurping measured and monitored

Woodnag

Gender ID

It's the combined field values "cnt=1" and "cust_gender=2" in the snapshot.

The 4 combinations give birth gender and current gender, set by primary sexual characteristic currently fitted. Fails to cover neuters and those rare occurrences with both kit.

Hackers clock personal deets on 'two million' T-Mobile US subscribers

Woodnag

none of the customers' financial data were lifted?

"However, you should know that some of your personal information may have been exposed, which may have included one or more of the following: name, billing zip code, phone number, email address, account number and account type (prepaid or postpaid)."

Sounds like financial data to me.

Drama as boffins claim to reach the Holy Grail of superconductivity

Woodnag

Cats

Actually cats have a negative time generator, because they spend 100% of the time asleep, yet still manage to serve the input and output functions as well.

Australia's Snooper's Charter: Experts react, and it ain't pretty

Woodnag

Working with companies

Phair said he would prefer to see governments better engage with the industry: “It's not legislation or ten million dollar fines, it's working with companies on next product suites so there can be lawful interception.”

This is dumb. Oz gov can't work with every company, so either the relationships become legislated state secrets or the ppl wanting to avoid compromise use untampered products.

ZX Spectrum reboot latest: Some Vega+s arrive, Sky pulls plug, Clive drops ball

Woodnag

Re: What we need

Remember how popular the original Microchip PICs were, despite subroutines only being allowed in lower pages and memory segmentation pointer.

Oz digital health agency tightens medical record access as watchdog warns of crim honeypot

Woodnag

I bet there's a fundamental lie here

"If you don't have a My Health Record and don't want one created for you, you will need to opt out."

"However, if you decide later that you would like a My Health Record, you can create one at any time by following the steps to register."

All the data on everyone will be in this database. It's just the data access portal called "My Health Record" will only be enabled per the opt-in/out system. One check box.

So everyone's data will be vulnerable, because it's the database that gets shared, copied etc. Opting out of this one portal helps a little, but not much.

Facebook, Google, Microsoft, Twitter make it easier to download your info and upload to, er, Facebook, Google, Microsoft, Twitter etc...

Woodnag

Misinformation

"...way for people to transfer data into and out of online services".

There is no transfer. It's copying. Transfer implies moving the data, so the data is no longer at the origin. Not so, folks.

Geoboffins spot hundreds of ghost dunes on Mars

Woodnag

With respect, everyone...

... that picture is just of someone's worn tyre tread.

No more slurping of kids' nationalities, Brit schools told

Woodnag

Invasion?

The Normans invaded in 1066. And won. So what exactly is 'foreign' and 'british' anyway?

Ex-Rolls-Royce engineer nicked on suspicion of giving F-35 info to China

Woodnag

Easy one

The definition or terrorism support is deliberately vague (otherwise governments would be guilty too), and the laws have the most powers.

ICO smites Bible Society, well fines it £100k...

Woodnag

Punishing the guilty?

The organisation was fined, not the guilty individuals.

Schadenfreude for UK mobile networks over the tumult at Carphone

Woodnag

Tru dat

You've got Germans buying their cars in Netherlands to pay lower VAT.

I built a house in one part of USA and ending up buying all the white goods over the internet from another state because it much much cheaper than locally. With a lot of big ticket items (hob, oven, fridge, dishy, washer, drier) the savings was thousands.

MPs slam UK.gov's 'unacceptable' hoarding of custody images

Woodnag

Re: DNA

Let's presume UK police follow this retention law to the letter. There's nothing in there about prior DNA sharing with 5 Eyes, Interpol etc and managing that flow.

Just because the trivially sized data for DNA, FP, facial isn't on a UK DB, that doesn't mean the search request can't be against a BD in USA for example, which was automatically passed the info on generation.

Also, tracking of unconvicted individuals coded as 'terrorist suspects' surely comes under different constraints, so loophole there too.

Parallel construction of evidence is so easy nowadays.

Woodnag

DNA deletion

I doubt that any DNA data has been deleted. May not show up as being associated with a specific person when a match is made, so plod has to go up the chain to de-identify.

Investigative orgs never destroy identification data. Just hide it from view by lower lever minions.

Slurp up patient data for algos that will detect cancer early, says UK PM

Woodnag

It's just a BS "reason" to allow patient data to be sold off

It doesn't require machine learning to early detect cancers. It requires repeated high resolution scans of the areas of concern, and diff analysis of the scans over time to detect change.

That is not going to be performed because of the expense.

Machine learning is fine for digging out needles in haystacks, but it can't invent patient data to determine causality let alone do pre-diagnosis.

Realistically, the anayses will at best correlate lifestyle/genetics/whatever against statistical cancer risk. For which, of course, there's just a tiny privacy implication.

Openreach consults on shift of 16 MEEELLION phone lines to VoIP by 2025

Woodnag

Re: No thanks

Firstly, Ofcom issued guidelines not mandated, and they "consider that 1 hour battery back-up capability represents an appropriate minimum level of protection to provide to customers taking FTTP services".

See https://www.ofcom.org.uk/__data/assets/pdf_file/0027/76527/battery_backup_statement.pdf

The issue isn't just consumer premise equipment. It's forcing the telecom provider to not rely on consumer power for the switching network. This costs money - backup battery stacks and generators.

Woodnag

Re: No thanks

Because battery backup is mandated for POTS (must work in event of power failure) but not for non-POTS because the necessary-service laws are very old.

https://arstechnica.com/information-technology/2015/02/internet-providers-lobby-against-backup-power-rules-for-phone-lines/

Woodnag

Re: No thanks

That covers the client's local power, not the power to the intermediate distribution box up a pole or in a grey box at the side of the road.

Woodnag

No thanks

If the power goes down - anywhere - my POTS phone still works to the CLEC. Because they are battery backed up by law, as essential service. The new system?

Equifax reveals full horror of that monstrous cyber-heist of its servers

Woodnag

S'nuthin

I got a dump of my data from The Work Number some years ago, and they had every single pay amount from Freescale for whom I have worked, which Freescale voluntarily gave them as part of the network. No, I wasn't asked if it was ok to pass across the highest possible granularity of my pay to a 3rd party data aggregator.

Woodnag

Equinefax...

Equinefax... because their data management is the horse's arse.

Brexit has shafted the UK's space sector, lord warns science minister

Woodnag

Good analysis:

https://www.nakedcapitalism.com/2018/04/hoisted-e-mail-brexit-security-uks-coming-poodledom.html

UK consumer help bloke Martin Lewis is suing Facebook over fake ads

Woodnag

Try Motor Trend magazine in USA

Motor Trend magazine is probably the highest circulation new car mag, and the ads feature hunks chewing tobacco, more hunks driving trucks bigger than a space shuttle, watches with more complications than aforementioned space vehicle, hideously ugly jewelry with broad-bean sized non-precious stones for the The Wife... and smiling hetero-couple ED treatment ads at the back.

The guns magazine ads are even more steotyped. Slinky ladies featuring small handguns in a thigh holster (!), chunky men in camo carrying the latest black rifle.

But apart from the patriarchal sexist crap, the annoyance of ads is being flooded with toaster ads after buying one online. Do people collect toasters... ooh, that's a nice toaster, let's get than one too!

Mad Leo tried to sack me over Autonomy, says top HP Inc beancounter

Woodnag

Re: Face facts

Americans have a tough time too in court. American companies, however, settle out of court for a small fine and no admission of guilt.

Non-shingled and ready to mingle: WDC catches up with 14TB disk rivals

Woodnag

yes

And that's only 24 days of writing at 267Mbyte/s. Hmm. Backup storage?

Super Cali's frickin' whiz kids no longer oppose us: Even though Facebook thought info law was quite atrocious

Woodnag

UK passport

To renew a UK passport abroad, need to apply on the internet and have an email address for the personalised form to be sent.

'Our way or the highway' warranty scams shot down by US watchdog: It's OK to use unofficial parts to repair your gear

Woodnag

Secret?

Put the 3 examples in Google:

"The use of" "parts is required to keep your" "manufacturer’s warranties and any extended warranties intact"

https://www.hyundaiusa.com/myhyundai/manuals-and-how-tos/Getfaq?faqId=2&category=Consumer_Awareness

"This warranty shall not apply if this product" "is used with products not sold or licensed by"

https://www.nintendo.com/consumer/manuals/warrantytext_us.jsp

"This warranty does not apply if this product" "has had the warranty seal on the" "altered, defaced, or removed."

https://www.playstation.com/en-us/support/warranties/ps4/

'Disappearing' data under ZFS on Linux sparks small swift tweak

Woodnag

However

In FreeNAS if a ZFS pool is allowed to become full, the pool becomes unavailable for read or delete. ZFS writes a small file to the disk at the start of every transaction, and so if can't then the transaction is pooched. I hope the ZFS implementation on Linux has fixed that, and BSD implementations such as FreeNAS can follow suit.

UK.gov told: Draw up code of practice for cops bulk-slurping car plates

Woodnag

The numbers

"Widespread use of ANPR means cameras across the country submit between 25 million and 35 million read records to the national ANPR data centre each day. There are more than 22 billion records in the database."

That's about two years worth. The cameras have been building up for a long, long time. M25 upgrade 20-odd years ago for a start, which used plate reading to calculate speeds over long distances.

PM urged to protect data flows post-Brexit ahead of Munich speech

Woodnag

5 eyes

Since UK is the only EU member of 5 eyes, any agreement should explicitly exclude UK being used as backdoor for getting EU citizen data to USA.

LEDE and OpenWRT kiss and make up

Woodnag

Yet another note of praise to the OpenWRT and LEDE teams.

Not easy to come to a working agreement, well done, and hope you can work through the initial frictions.

Judge rm -rf Grsecurity's defamation sue-ball against Bruce Perens

Woodnag

Re: Everybody is entitled to an opinion

Your opnion is protected, expert or idiot.

UK's surveillance regime challenged in landmark European court hearing

Woodnag

ECHR 1581

The European Court of Human Rights held in 2008 that UK holding DNA samples of individuals arrested but not convicted is unlawful. HMG has farted arround ever since with consultations etc.

Per wikipedia: According to The Independent on 27 July 2011, the UK government "has indicated that destroying the DNA of the innocent would be impossible because the records are mixed up in batches alongside the DNA of the guilty."

https://en.wikipedia.org/wiki/S_and_Marper_v_United_Kingdom

So UK government has essentially ignored the ECHR ruling.

Vodafone, EE and Three overcharging customers after contracts expire

Woodnag

Consumer protection laws...

...are there to protect the gullible, the less informed, the less analytical population.

Woodnag

Actually one would

If you eat beef once a year, every year, then you eat beef regularly.

Just not frequently.

So please change your engine oil frequently (I suggest 60% to 75% of the OCI). I don't care how regular that interval is, depends on your car use pattern dunnit.

You can't find tech staff – wah, wah, wah. Start with your ridiculous job spec

Woodnag

Yup

Been asked for my transcript a few times by US recruitment, and got bewilderment every time on disclosing that UK universities don't do that.

Woodnag

You you name the area please?

Just curious, I'm stuck on the west coast, so not going to pollute your region with my relo.

Woodnag

Sure

Thanks for volunteering!

Equifax CEO falls on his sword weeks after credit biz admits mega-breach

Woodnag

Re: Not going to receive his bonus

Different situation. US execs are employed under a contract, negotiated individually, which explicitly states under what circumstances the two parties can be separated. Being booted for gross misconduct allows the company to do a lot usually.

First big Privacy Shield review has ended – and yep, it's great! Just don't ask about mass spying

Woodnag

The agreement will be toothless...

...unless it mandates that someone around the top of the food chain goes to jail if data flows inappropriately.

Indian call centre scammers are targeting BT customers

Woodnag

Credit card fraud

You probably do want to answer the phone after buying summat pricey with a CC, because it could be the CC company validating the transaction. Or have voicemail to catch those situations...

Page:

Biting the hand that feeds IT © 1998–2018