* Posts by Pen-y-gors

3147 posts • joined 1 Oct 2010

Astroboffins spy a rare exoplanet evaporating before their eyes

Pen-y-gors Silver badge

Re: The whole point of the metric system is to make large numbers more ‘palatable’.

Yep 10,000 tons a second - which the article implies is incredibly fast.

BUT... the line before says

For other types of exoplanets like hot Jupiters, which also orbit close to its host stars, the rate of evaporation can be as high as thousands of tons per second but the impact is much smaller.

So, is 10,000 tonnes a second a little or a lot?

It's very bad practice to mix units in an article.

It is with a heavy heart that we must inform you hackers are targeting 'nuclear, defense, energy, financial' biz

Pen-y-gors Silver badge

Re: emails contain poisoned Word documents

The whole point of spearphishing is to run a con on a specific target.

Exactly. Carefully crafted for the target(s). Ideally, for a specific person, but a small group can be effective too.

<war story mode on>

Some years ago one of our clients who we had developed a website for (to do with uses for timber) had an email from a customer saying there was a virus on the website. Instant panic mode, check everything, absolutely clean. Scratch head. Then look at email in more detail - wrong domain name. Someone had registered a .com version of our .co.uk site, grabbed our entire site (not exactly difficult), and cloned it onto the .com, with added sprinkles.

We suspect they then had a nicely crafted email referring to some recent interesting pieces of news in the burning trees industry, and sent it to a smallish number of people in organisations and businesses interested in burning trees. A fair proportion would probably follow the links, see a plausible site, and leave none the wiser, while something nasty started to nose around their network.

And that's even without Office attachments. No matter what we do, highly intelligent scumbags will craft new ways of conning people. Even if we provide people with non-network connected tablets using a 4G data connection for all web access, they will still get conned and reveal a password to a 'Windows Security Team member' via email.

Pen-y-gors Silver badge

Be fair, it's a clue, not a clear answer.

Once you know the control server you infiltrate and monitor that. If a VPN connects see if you can poison the VPN client to detect/trace where the connection is from. That may give another clue. And so on. Who knows, if you're lucky, you may be able to send a little present down the VPN!

Pen-y-gors Silver badge

There is a solution to dodgy e-mail attachments.

1. Set up a desktop on AWS or similar.

2. Require all users to access said desktop via VNC (special version, file transfer disabled)

3. Require all users to only access e-mail using webmail of some sort via a browser on the remote desktop, with attachments being viewed via browser plugins.

4. Wipe and re-install remote desktop every hour.

There's probably still some holes in this, but it's more useable than 'ban the interwebs'.

Fraudster convicted of online banking thefts using… whatever the hell this thing is

Pen-y-gors Silver badge

Re: Tech or pretend-tech?

How does the mirror and holy postcard help with that?

Home users due for a battering with Microsoft 365 subscription stick

Pen-y-gors Silver badge


I believe this is some sort of games console?

What would be the point of bundling it in with a package? Fine for people with an XBox, pointless otherwise. A 'bonus' or 'feature' that you don't use is worthless. Bit like Amazon Prime - well, a lot like Amazon Prime. I'd happily pay an annual fee for faster delivery, but not £80/year - oh yes, but Prime also includes some sort of video download service and special deals on bling. Neither of which I want or would use. I want faster delivery. Why won't they sell that to me?

Thanks to UK peers, coming to a laptop near you in 2019: Age checks for online smut

Pen-y-gors Silver badge

Re: Doh....

Now, WE (the vaguely IT-literate Reg-commentardiate) know that VPNs are basically a good thing, so long as they aren't free! Paid for and used properly they can considerably increase security while browsing, and not just smut.

Could someone explain this to the BBC and the Lottery? Who flatly refuse to let you use iPlayer or buy a ticket while you are using a VPN, even if it terminates in the UK.

No, they want you to disconnect your VPN and use the highly questionable free WiFi in your local coffee shop without the safety of virtuality.

But kids can still sit in Star*ucks watching movies showing grown-ups in a state of undress, so long as they use their VPN.

Why do we bother with a Parliament of morons?

Ticketmaster tells customer it's not at fault for site's Magecart malware pwnage

Pen-y-gors Silver badge

Re: Offsite scripts GAH!


Have a look at the TSB login page. Offsite resources include:

That got me interested. Just looked at the Lloyds login page:




All now blocked by ABP of course.

And looking at the Network info from Webdeveloper in Firefox there are a lot of curious bits - cross-site scripting blocked to other subdomains? XML parsing errors? Some very curious "Firefox can't establish a connection to the server at wss://"

And am I the only one who is suspicious of GET requests that have a parameter of 500 bytes of hex?

25% of NHS trusts have zilch, zip, zero staff who are versed in security

Pen-y-gors Silver badge

Security costs

We all know that security costs, as do so many things.

For an under-funded trust, when the choice is between spending cash on security training and staff to avoid a (future) data breach, an on spending cash on staff who can stop people dying tomorrow, it's and easy choice.

Same as any choice - Universal Credit late? Benefits stopped for no good reason? Limited cash? You buy food to stop starving today, and try to forget the risk of being evicted in a few months for not paying your rent.

Immediate needs outweigh future ones.

Only answer is more real money for the NHS. If we want it, it has to be paid for.

Boffins build blazing battery bonfire

Pen-y-gors Silver badge

Re: Interesting idea


Small-scale production is less efficient and more expensive than mass-production in just about everything, and energy production is no exception.

Very true. But it's also massively more flexible and extensible. Need more leccy? Add a few panels or an extra turbine of some sort. Or spend £30+ billion and wait 20 years for a new nuclear station. Base cost should only rarely be the most important consideration.

Pen-y-gors Silver badge

Re: Interesting idea

@Jellied Eel

"Taking it further, if the EV was parked indoors, then waste heat from battery warmers & charging could heat the home"

An interesting idea. Hoe exactly does that work on the 6th floor of a block of flats? Bigger lifts? Crane outside the window to hoist the car up?

Pen-y-gors Silver badge

Re: "cheaper"

How about 'Nuclear' instead? Nuclear doesn't generate CO2, the thing you fear the most. But wait, it's not in line with the POLITICS, now is it? Heh, yeah, pointing out the obvious again. I think I prefer FREEDOM.

Okay, I'll take the bait and try to explain.

Is your idea of FREEDOM being required to get your electricity from a single Japanese company who build and run a massively expensive and potentially lethal generation facility on your doorstep, which is liable to catastrophic failure (or even non-catastrophic failure) - one bad glitch in a nuclear power station and a million people have no electricity until it's fixed. One really really bad glitch and a million people probably won't ever have to worry about the electricity supply (or anything else) ever again. And when they're the only game it town they set the prices at whatever they want. The wonderful Hinckley C has a guarantee that they will get £92.50 per Megawatt hour, index linked, for the next 35 years. UK electricity companies are currently paying under £40 for French nuclear power. Large-scale wind currently costs around £50/MWh. Hinckley will cost UK consumers £50 billion more than it needs to. And you will pay it whether you want to or not. That's FREEDOM!

Not my idea of FREEDOM, but hey, whatever floats your boat.

Or maybe FREEDOM is having a large network of connected small-scale, varied, renewable generators with a range of doorstep and locally-ish storage to smooth things, so you have the FREEDOM to actually use electrical appliances when you want.

And on a related point - "Nuclear doesn't generate CO2" - only true-ish at the point of generation. Over the lifetime of a reactor, once you include the necessary construction, mining, refining, decommissioning and waste-disposal as well, then Nuclear generates a lot of CO2. Depending on the concentration of the ore it can easily exceed the lifetime CO2 outputs of every know current type of renewable. So, no, not a magic wand solution either.

Dine crime: Chippy sells deep fried Xmas dinner

Pen-y-gors Silver badge

Re: Xmas dinner?

@Charlie Clark

Good gravy, good strong mustard and hot horseradish are all the condiments you ever need.

Possibly true if all you ever eat is roast beef. But with poultry? Gravy yes, but not horseradish.

But of course, a mild horseradish for dipping chips a la Belge...

Pen-y-gors Silver badge


What's wrong with plain crisps and a bag of salt to shake over them, hey? Hey?

A bag of salt? A BAG of salt? I think you mean a pinch of salt wrapped in a twist of blue paper.


Pen-y-gors Silver badge

Re: battered?

Our village shop is selling complete stalks of them. I believe they keep for ages if you leave them in a cool place on the stalk.

Pen-y-gors Silver badge

Re: battered?


and lots of them!

Pen-y-gors Silver badge

Xmas dinner?

That's not xmas dinner! Where's the cranberry sauce, stuffing, bread sauce, bacon, prunes and roasties? I suppose chips can replace the roasties, but they're not the same. I suggest a proper, complete traditional full christmas dinner, with everything, wrapped into a filo pastry parcel, and then battered and fried.

Identity stolen because of the Marriott breach? Come and claim your new passport

Pen-y-gors Silver badge

New passport?

How exactly will getting a new passport help? Will they change your date of birth? Your place of birth? Your name?

Expired cert... Really? #O2down meltdown shows we should fear bungles and bugs more than hackers

Pen-y-gors Silver badge


I assume this is something to do with controlling autonomous vehicles.

If it is, then it's worrying. An autonomous vehicle must be able to work without a network connection! For emergencies and for areas without 5G. All it needs is to know what is around it - it doesn't need the latest news on traffic problems 300 miles away. It should be able to rely on its own sensors, and, possibly, short-range comms to chat to nearby vehicles. That's it. Updates can wait until it's next connected, like phones.

Peak tech! Bacon vending machine signals apex of human invention

Pen-y-gors Silver badge

Re: The best bacon

and the sausage, tomatoes, cheese, and mushrooms. With Potteries oatcakes to transport it to your mouth - and dribbling down your chin.

Cheese???? And you forgot t' black pudding. And tinned tomatoes, not fresh.

Pen-y-gors Silver badge

Re: Which is better?

The only bacon worth eating is homemade. Period. End of discussion.

Do you mean home-made or home-cooked?

It's a hell of a big job to find somewhere in your house where you can salt and smoke half a pig. I find the locally-cured bacon from our butcher down the road is excellent (and more like a steak than a 'slice'). And nicely grilled at home, in a soft white bap, with <insert sauce of choice>. Yum.

But having said that, a decent freshly-cooked bacon roll from a roadside van (fat trimmed off) is often a delight.

How the mighty have fallen: Anglian Water knocks Google off perch as UK's best workplace

Pen-y-gors Silver badge

Major companies only?

I assume this is limited to 'best employer' with a value over $1 billion, and generally rubbish moral standards?

There are tens of thousands of small businesses which offer a better place to work than any of these.

My employer (me) has an office ten yards from my front door. No fuss if I'm 'late' in. Great coffee and use of fridge for snacks whenever. No problems with bringing my cat to work. Holidays whenever I like. The right to turn down jobs I don't like the look of. Only downside is the wages, but money isn't everything. That beats all the ones mentioned.

Adobe Flash zero-day exploit... leveraging ActiveX… embedded in Office Doc... BINGO!

Pen-y-gors Silver badge

Qihoo 360?

Having the same sort of availability issues as Office 361.5 ?

European fibre lobby calls for end to fake fibre broadband ads

Pen-y-gors Silver badge

Cogito ergo sum?

If you think you have a full-fibre connection, you probably don't

I'm pretty sure I do have FTTP. Otherwise what were the openreach guys doing running a special new cable into the new router thingy on the bedroom wall, which then gave me 300Mbps down? And what were all those coils of new something that were hanging off the local telegraph poles? Do you mean it's just a new bit of copper?

Here's the list of space orgs big and small sparring to send next NASA gear to the Moon

Pen-y-gors Silver badge


Presumably these companies will just be bidding for the last bit of the journey - getting the package down to the lunar surface, and not the full journey from Florida. With Boeing/SpaceX/NASA getting it into lunar orbit?

Marriott's Starwood hotels mega-hack: Half a BILLION guests' deets exposed over 4 years

Pen-y-gors Silver badge

500 million?

Nah! 500 million transactions, maybe, but not 500 million customers. Even if it's worldwide, I suspoect a lot are in the USA, and a fair proportion of the population there can't afford to stay in decent house, never mind a Marriot hotel. And I'm sure a lot of their customers tend to be regular repeat offenders, so probably only 50-100 million, i.e. less than Equifax. Pah! Piffling small change!

Pen-y-gors Silver badge


Or possibly it was upgraded in Sept 18 to report additional types of activity as being suspicious. We shouldn't always assume the worst. Which of us has never upgraded software to make things better?

Pen-y-gors Silver badge

Re: Card numbers


I've done the opposite before, flag that the card is going out of the UK.

It must be 10 years ago that I visited Chile. After a couple of days tried to use my debit card to withdraw cash - nope! Seconds later got a text from the bank telling me about it and saying to reply to unblock.

Had similar texts (but not blocks) when I used Lloyds CC to order stuff directly from a shop in Santiago. "Was this you? If not phone...."

But yes, why does anyone need to store CC numbers once the transaction has been verified - or even before if you use a portal like Paypal?

Canuck couple returns home after night on tiles to gaggle of randomers hanging out in their flat

Pen-y-gors Silver badge

I remember reading an article recently suggesting that this approach is being frequently used to set-up "pop-up" brothels.

1) Book large house with lots of bedrooms with false credentials for a week

2) Move in

3) Start passing the word round the local pubs

4) Move out at end of week, don't bother changing sheets or clearing the mess.

Pen-y-gors Silver badge

Re: Experienced something similar myself from the other side

Raises an interesting question, the same as the one in the article.

If it was the wrong place, how did you get in? No key? No key-safe code? No 'key under 3rd flowerpot from the right'?

OneDrive is broken: Microsoft's cloudy storage drops from the sky for EU users

Pen-y-gors Silver badge

Re: Ah the Cloud

Where does rain come from?

$deityOfChoice is having a wee-wee

Blighty: We spent £1bn on Galileo and all we got was this lousy T-shirt

Pen-y-gors Silver badge

Re: Well, who'd have thought it?


If you love the EU so much bugger off and live there .. I have for over 10 years. At least I know what Europeans think of the UK.

I've lived in the EU for many years, still do. It's a little country called Wales. I want to continue living in the EU, but a bunch of mindless, selfish, gullible twats are taking that right away from me.

Pen-y-gors Silver badge

Re: Well, who'd have thought it?

There are plenty spaces for heads on pikes on Westminster bridge.

No, we are a 48% civilised country, we don't put heads on pikes these days (although it has a strong emotional appeal, and would undoubtedly be a major tourist attraction for years - helping our foreign trade balance, which I'm sure they would appreciate, if they were alive to do any appreciating)

No, they should all spend the rest of their days in a 10x10ft cell in Dartmoor, only coming out for 12 hours work a day breaking rocks in an open-air quarry, regardless of the weather. The whole thing being livestreamed 24/7. Vindictive? Moi?

Pen-y-gors Silver badge

Re: Well, who'd have thought it?

Well, just because you donated £500 to the Golf Club towards the cost of building a new shower block doesn't mean you get to use it after you've resigned from the club.

NASA has Mars InSight as latest lander due to arrive today

Pen-y-gors Silver badge

Re: Information

Damn! They'll be spitting when that happens and they realise they hadn't allowed for such an obvious problem. That's what comes from letting inexperienced grad students design experiments.

Pen-y-gors Silver badge

Re: Dusty

I wondered about having a little electric fan attachment, but I suppose with the thin air a feather duster on a robot arm would make much more sense.

HMRC: 30 months to prep Northern Ireland backstop systems, 24 for customs

Pen-y-gors Silver badge


with all this chaos and all this ridculous insoluble problems, there MUST be some sort of alternative plan???

<whisper>pss sssh ssshhh</whisper>

What's that Sooty? Why not just stay in the EU? No, don't be silly. If it was that simple everyone would be calling for that, even the government!

<whisper>pss sssh ssshhhpp sssph</whisper>

What's that Sooty? You say that everyone IS calling for that, including pro-Brexit government ministers and ex-ministers like Raab C Brexit? Well! Why don't we all know about this?

<whisper>pss sssh ssshhhpp sssph</whisper>

What's that Sooty? Because the fascist owners of the main newspapers make sure it's not mentioned? Maybe you have a point. Good night Sooty.

Pen-y-gors Silver badge

Re: Don't worry

@Ken 16

Oooh, wouldn't want them 'jumping the queue'!

Pen-y-gors Silver badge

@Ian Johnston

It could be damage limitation. Basically putting it in writing now so when/if it is required and doesn't happen they can say 'told you so, don't blame us'

Pen-y-gors Silver badge


no that was Plaid Cymru, the DUP (formerly UVF) just shot people.

No, that wasn't Plaid Cymru, Meibion Glyndwr (the Sons of Glyndwr) it was that did the 'come home to a real fire, buy a holiday cottage in Wales' thing. And no-one was ever injured. And traditionally they used "England's Glory' matches.

Mobile networks are killing Wi-Fi for speed around the world

Pen-y-gors Silver badge

Re: Yes its cost...

Good to hear that WiFi is good in the UAE. What's reception like in the prison cells they bung foreign students in?

Oh, I wish it could be Black Friday every day-aayyy, when the wallets start jingling but it's still a week till we're paiii-iid

Pen-y-gors Silver badge

Meanwhile in Welsh Wales

the preferred term for the day known by USAians as 'Black Friday' is Diwrnod Gwario Gwirion - Stupid Spending Day.

Well that's just spliffing: UK Amazon merchants peddling Mary Jane

Pen-y-gors Silver badge

Laura Norder

So at some point in the past there was a time when the British public were all entirely law abiding?

A historian writes...

No, not really, but it's interesting how views on what is just law and how it should be enforced have varied over the years. I'm currently deep in the 19th Century (but not in a Rees-Mogg sense, I'm actually learning from it) - there were as many crimes then as now, possibly more. And basically the same sort of things. Drunk and disorderly, driving furiously (a cart), not having a cart licence, rape, burglary, assault, paying wages in a pub...the usual. Remarkably few murders though.

What is fascinating is how these crimes were dealt with. Many people in rural areas didn't want to see their neighbours banged up for something they considered quite minor, and cases were 'compromised' before the trial. In many cases matters were dealt with locally without the Cardiganshire Constabulary getting involved at all. There was a tradition that if the judge arrived for the Assizes and there were no cases to try, he received a pair of white gloves. It happened a lot round here, not because there was no crime, but because the locals didn't want outsiders interfering.

And of course what was considered a crime by the state was not what the people always thought. Justice was the purlieu of the landlords, and they wanted to protect what was theirs (which was just about everything), so crimes like trespassing after game & theft of property got stomped on hard, whilst beating up the wife got a 10/- fine. Another reason why the little people preferred to stay away from costly English justice and handle matters themselves.

Pen-y-gors Silver badge


Sigh... some bastard stole the cave I was living in...

Interesting, given that a cave is effectively defined by being the absence of a load of rock, surrounded by rock, how do you steal it? Did they come and fill it with concrete?

Microsoft: You looking at me funny? Oh, you just want to sign in

Pen-y-gors Silver badge

I'm confused

I'm going to have to re-read the article. I didn't understand any of it apart from the nonce-signing, which I assume is what the "tough" lads in H.M.Privatised Prisons do with a sharp implement to any sex-offenders they manage to get alone in the shower block.

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you're visiting

Pen-y-gors Silver badge

It should only take 10 minutes to negotiate a fix for this

Well, possibly a little more.

But shirley there are a number of defences and browser fixes possible?

It would have an efficiency hit but could the browser do a bit of random cache grabbing all the time? So the pattern is unpredictable? There are enough delays in loading and rendering a page these days that there is ample spare time to play around.

And does this attack work cross browser, so could you defend by using Chrome for the stuff you don't care about ('cos Google is snooping on everything anyway) and then say, Firefox in private mode for the banking site?

OnePlus 6T: Tasteful, powerful – and much cheaper than a flagship

Pen-y-gors Silver badge

Re: Dumb dumb dumb

I must confess general ignorance as I don't use headphones, but surely a purchase of a 3.5mm to USB-C adapter (£10 on you-know-who) solves the problem?

5.. 4.. 3.. 2.. 1... Runty-birds are go: 12,000+ internet-beaming mini-satellites OK'd by USA

Pen-y-gors Silver badge

What could possibly...

you know the rest.

And, out of idle curiosity, what gives one country the right to fill Earth's orbital space with junk? Does the government of Tuvalu have the right to authorise the deployment of 12,000 itsy-bitsy-teeny-weeny yellow-polka-dot nuclear devices in low earth orbit?

Bloke jailed for trying to blow up UK crypto-cash biz after it failed to reset his account password

Pen-y-gors Silver badge

Counter Terrorism Command?

I appreciate that language and the meaning thereof can change over time. But surely trying to kill someone in a business quarrel isn't terrorism? Terrorism is about attempting to create terror for political purposes, frequently involving violence. But violence != terror. Or have they just bundled bombs 'n white powder 'n stuff in with the Terror-plods for pay-and-rations convenience?

iPhone XR, for when £1,000 is just too much for a smartmobe

Pen-y-gors Silver badge

Re: "when £1,000 is just too much for a smartmobe"

face it, there isn't a planet in the known universe where £1000 isn't too much for a smart phone, unless it has a solid gold case. And in that case it would just be bloody daft.

Biting the hand that feeds IT © 1998–2018