* Posts by two00lbwaster

29 posts • joined 1 Aug 2010

Quic! Head to the latest Chrome version and try out HTTP/3


Re: Don't worry

Erm, it seems like you're not aware that a lot of the work that went into SPDY was picked up and implemented into the HTTP/2 protocol.

Firefox 48 beta brings 'largest change ever' thanks to 'Electrolysis'


Someone should tell their devs about this site


Yeah, have a look at all broken addons, the ones not tested but listed, and then notice that this page only lists 880 addons out of 1000s.

Also look at the number of users that are using the broken addons who will either lose functionality or be stuck unable to benefit from the E10 changes.

Will any of those users be told when their addons are disabled as incompatible? Not if the move to signed addons is any example of how Mozilla treat their user base.

I've had a quick check:

* I've got 5/20 addons which are known to work

* I've got 6/20 addons which are known not to work

* I've got 3/20 addons which haven't been tested

* I've got 6/20 addons which aren't even listed

Out of the 6 plugins which are broken, I use 5 of them every day and will be disabling E10 until they all work; Ghostery, Downthemall, Lastpass, Session Manager and X-notifier.

A bunch that haven't been tested or aren't listed I'd be in the same boat if they broke, like tab groups, The Addon Bar (restored), external IP and Last tab close button.

Alarming tales: What goes on INSIDE Reg hack's hi-tech bedroom


For Android users

I use Juice Defender (BETA) Ultimate on Andorid (I tried it for 'free' by getting the APKs elsewhere and then bought it off of the Play store because I was so impressed with it.)

I can create separate schedules for the weekends and weekdays. I can set the phone to go into flight mode on a schedule and also for it to turn the phone to a different alert setting, vibrate for example, during those schedules. The side benefit is that my phone battery lasts for 2-3 days now too.

The only thing missing at the moment is for Google to tie the alarm clock to the calendar so that I can get the phone to automatically use a different alarm setting if it's a bank/public holiday or I have a holiday scheduled into my calendar.

This really needs to be done as it would mean that my mainly useless memory won't lapse and forget to turn off / on the alarm at the beginning or end of the holidays!

GitHub code repository rocked by 'very large DDoS' attack


Re: It IS a bit puzzling.

I take it that he's not on your Christmas card list then? :-)

Hands on with LG's 21:9 monitors


Re: Argh!

The best of which is the Dell U2412m. I'm glad at least one manufacturer recognises this market. Unfortunately, they're not exactly the £100 monitors I'd usually buy.

Alpha.gov.uk preps for beta, prays for funding


Google analytics

I wouldn't have noticed that it had been blocked if I hadn't read the comments first.

Ghostery plugin is a Firefox necessity (Yes you can get it on Chrome too but it's missing some blockers).

Stop sexing up IT and give Civil Servants Macs, says gov tech boss


You don't seem to see, or understand, the problems

"Most of you want to stay with the same old failed systems: Windows! Look at what a success that has been. Cheap? Have you ever worked in a shop that uses mainly Dell? I have, several times. The cost of the native hardware, with Windows or Suse or Redhat (or self installed Slackware or Suse) was not much lower, especially with the Gold support needed. Then, the failure rate was "awesome". I recall getting a batch of six higher spec. laptops. All were under repair within six months, two of them twice and not for user damage, just straight, hardware failure. The desk tops were scarcely better, though the servers, once one called in the engineer to fit the ordered parts rather than what arrived, were not so bad."

Just because you have had a piss poor experience with PC hardware and open source don't tar the rest of the industry with the same brush. The problem is with the planning and execution.

Santander blames Firefox 4 for website fail


Obviously very badly uninformed!

"We are aware that some customers using the latest version of the browser Firefox, version 4, may currently be experiencing difficulties accessing their account details online. We are in the process of rectifying this and would advise customers in the meantime to use a previous version of Firefox or Internet Explorer.

"This will not impact customers' online security..."

No one should be using IE at the moment due to the MHTML bug that allows drive by attacks that can compromise the system. Stupid, stupid people. Just because they have particularly stupid management when it comes to deploying a web service, and/or particularly stupid web developers doesn't mean that they should be giving poor advice that can lead to their customers having their bank accounts hijacked.

Walk away from Santander, and any other monkeys, that want your cash and can't write a proper website that works across browsers.

IE9: Downloads beat Angry Birds, lag Firefox and Opera


Downloaded it three times here

Laptop, main PC and the work PC. I need to build an IE8 VM now though; to go with my IE 6 and 7 VMs.

FF 4 will get 10 downloads from me (work PC, main PC, Laptopx2 (Windows and Ubuntu), Netbookx2 (Windows and Ubuntu), Windows VM, Ubuntu VMx2, work Mac Mini).

Guess FF4 wins this round again.

Twitter adds HTTPS opt-in button to micro-blogging service



Secure DMs?

Mozilla to ship Firefox 4 on 22 March


Depends on your audiance.

If your visitor statistics back up use of CSS3 and HTML 5 in your websites then I would say go for it. CSS 3 is especially easy to implement into sites in a progressively enhanced way, so we have started using it even though most users won't see the enhancements.

The company I work for shows a massive bias on our clients' sites to IE 6-8 users, and that won't change anytime soon, so even PNGs are a pain to work with.


Use IE9 at your own peril

MHTML bug owns all versions of IE and such attacks will be commonplace for the foreseeable future because of the tight integration with the OS.

Most Linux distros come with Firefox by default, so this is interesting for them.

Firefox didn't get hacked this year at PWN2OWN, along with long standing Chrome (not hacked as of yet).

Firefox 4 is a stepping stone for Firefox 5/6/7 this year which should bring tab isolation/sandboxing, 64bit version, more HTML 5 and CSS 3 features.

Making sport of browser security, hackers topple IE, Safari


Day two

No takers for Firefox so it stands alongside Chrome this year as not having been hacked.


Mac hack

So, you now have access to the system through an account; next hack run is privilege escalation exploit.

Once you're in the system remotely you're in the system, regardless of the account you happen to have wheedled your way into.

Doesn't matter what system you're attacking, the exploit methodology is the same; get into the system, escalate privileges, control system.


No Firefox results because it was delayed until day 2

So anyone saying that it has been hacked already is wrong.

Mozilla delivers first Firefox 4 release candidate


What's with all the bad memory management reports from FF users?

I really don't understand this. I have never seen large amounts of memory used by Firefox, I only see a huge amount of memory usage with flash apps running (800MB for the plugin container.)

Do you all have so little memory that 100MBs make a difference between browsers?


@AC "And it's utter pants"

There is malware out there that causes FF4 to crash but not FF3.6. You need to reformat your PC with a clean OS DVD and check performance again without installing anything other than FF4 and windows patches. Use an antivirus package, like a free one such as Avast 6, or a paid for one from a reputable vendor. Then install your programs one by one.

See: https://bugzilla.mozilla.org/show_bug.cgi?id=633445

Mozilla confirms Firefox 4 beta 12 is FINAL test build


FF + Hotmail user here

I use Hotmail via the Webmail notifier plugin, alongside a couple of yahoo accounts and a gmail account.

I get lots of newsletters sent to the hotmail account. I use a yahoo account for sites like this one.

Windows 7 service pack 1 set to lift off today


It's out now!

I just manually checked for updates and sure enough there it was ready for download. ~80MB-900MB I think it said, but most machines should be up to date.

I don't fancy the job of updating the four Win 7 office pcs tomorrow. I guess I should be glad that there are only four of them. We have three sat in storage, but hopefully I may get WSUS before I need to update them.

UK.gov braces for Anonymous hacklash


Online DDoS laws outlaw similar, offline, legal forms of protest

If I, and two thousand of my friends, turn up at some store or other and pack it out, and pack out the street outside trying to get in, just browsing so that no one who might wish to actually give that store their business can get in that would be a denial of service attack.

This is different to just barring the entrance and preventing access as there would be no room for the actual customers to get into the store.

If you were to go into a bank with lots of your friends throughout the UK and remove all the brochures from those branches. That is a DDoS attack, but offline, and it would be seen as a legitimate form of protest.

Thus, I would argue that doing so online, through the LOIC or holding your ctrl+F5 buttons for a few hours, is a legitimate form of protest, as far as I'm concerned, and would cause less of a financial impact than other forms of offline protest. (Think of the amount of cost there is in printing and stocking leaflets and brochures and denial of service on a store or bank, by filling it out with non-customers, would have on the bottom line.)

MS warns over zero-day IE bug


Nice mention...

Which is funny, as IE 6 doesn't have ASLR or DEP support and I doubt that the EMET workaround will work for it either.

I hope that all those corporate security types that love XP/IE6, like HMG, are paying attention to this.

WikiLeaks' Assange to be indicted for spying 'soon'


If he's a spy...

for whom does he spy?

Simple enough question.

RHEL 6: serious Linux built for growth


128 cores...

Is a dual processor workstation in 2015. So, it's got four years of life in it. Six before it will only work in high end single processor machines.

Those four thousand cores will be utilised by a single processor machine in 2027, assuming two years for each process transition and a linear doubling of cores per process transition.

Green light for spooks' net snoop plan


Skype uses 256bit encryption doesn't it?

Also, SSL Google anyone? SSL encrypted proxies located abroad for all your traffic.

It's a bit weak, but if everyone does it they will be back to square one.

£1bn+ Royal Navy destroyer finally fires 'disgraceful' weapon


It all sounds very familiar.

I wonder if they tested the missiles against the Mirach 100/5 towed targets at 792


The Mirachs aren't supersonic so can't use them for testing that aspect of the system.

The MoD procurement sounds like my current job's management team's approach to building new software; which is funny as I came from the MoD into my current job.

At my current job, we have managed to get the directors to go to an outside firm to get the specification written. However, knowing the directors, they will constantly be changing things

until they are happy, and so it will be exactly like a military/government project, with massive overruns in terms of costs and time.

Hodehum :-(

How do you copy 60m files?


No hierarchical folder structure?

Surely you would do this in parts using something like the native zip functionality or a third party program like WinRAR to turn a large number of these files into a single archive.

The thought of transferring 60m files across a network connection makes quail. Even the web servers that I look after top out at 7.5m files.

Rise in Latvian botnets prompts Spamhaus row

Thumb Up

Utter tosh

If we returned to the 'trees', you'd be at the mercies of the person or group of persons that held the biggest stick(s).

If they didn't like what you were saying they'd quite happily be rid of you. If you wandered into someone else's area, they might tortuture you and or kill you for doing so.

All these basic 'Human Rights' are utter b.s.

UK.gov sticks to IE 6 cos it's more 'cost effective', innit


There're a number of things to consider...

What most people fail to understand that HMG is probably using and controlling their systems with AD, and as other browsers don't tie themselves into AD, the admins would not have control, unless the browser update is to a more recent version of IE.

Also, what do you think they would do when they realised that all these 'In porn' modes made logging what people were doing impossible to follow?

My impression is that HMG is using IE6 specific ActiveX controls, like a lot of big corporations of the early XP generation and that they would have to rewrite those or all those applications that they use that use them to be able to move away from IE6. Personally, I think that they should never have been allowed to go the OS specific integrated route as it's a lock in to a specific platform. All their apps, both front end and backend, should be fully portable to other OS and browser platforms.

It is a good argument for public oversight of governmental IT projects, so that we the tax payers don't get screwed over, and over, and over.

I also think it's outrageous that the government would publish a statement that insinuates a lie, that they don't need to do anything because there's no evidence that that the latest fully patched browser from MS is any less secure than alternative browsers. All well and good, if they were using IE8, but they aren't using the LATEST fully patched browser from MS, they're using IE6. And probably systems that are not fully patched either, so two lies?

Also CanSecWest has had IE8 crumble during its competitions every year that it has been out. Only one desktop browser remains uncompromised at that event, and that's Google's Chrome browser. So there is the evidence that there are alternative browsers that are less insecure than IE8.


Biting the hand that feeds IT © 1998–2020