* Posts by Graham 2

13 posts • joined 28 Aug 2015

Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs

Graham 2
Devil

I wonder how many of those 144 are honeytraps?

Things that make you go .hm... Has a piece of the internet just sunk into the ocean? It appears so

Graham 2

Re: A Domain of Fire and Ice

What a great article, a really interesting place.

Nothing 'unites teams' like a good relocation, eh Vodafone?

Graham 2

Re: At least they are not "uniting them" abroad.

Egypt and South Africa.

Graham 2

Re: £8,000 to relocate from Glasgow to Newbury?

It ain't Shoreditch either..

Happy Thursday! 770 MEEELLLION email addresses and passwords found in yuge data breach

Graham 2

772 meeelllion?

I got an email about this. When I ran the domain level report to see which accounts appeared I saw 5 that were valid and current email addresses and another 23 which were mangled versions of these, or really old "one off" emails that were used about 15 years ago.

While it's a big number, I don't think it will have hugely increased the number of pwned addresses overall.

Graham 2

Re: Detail gone

This data release is a collection of other breaches, hence why there are lots of different types of delimiter, crap data etc. So, there's no way to tell if the data is from a specific source.

Epic's Fortnite fail: Ancient UT2004 server used for login-stealing proof-of-concept

Graham 2

Somehow I doubt that UT is making money hand over fist in the same way that Fortnite is.

If you wanna learn from the IT security blunders committed by hacked hospital group, here's some weekend reading

Graham 2
Pirate

Re: show me the money

I'd be prepared to bet that getting said managers to cough up the money won't be hard this quarter.

US bitcoin bomb threat ransom scam looks like a hoax say FBI, cops

Graham 2
Pint

Re: No transactions have been recorded yet

f) Do b to d and then naff off to the pub with the money from b because it's Friday.

Yet another mega-leak: 100 million Quora accounts compromised by system invaders

Graham 2

A silverish lining

It's nice to see:

1. A timely report of a potential breach

2. The passwords were encrypted

3. A company acting proactively.

If only some/many/all the others would take note.

That sphincter-flexing moment for devs when it's time to go live

Graham 2
Mushroom

Experience is a harsh teacher

"It sounds a little like changing your car engine while in the overtaking lane on the motorway. "

... in the dark, with no tools.

The challenge comes when *someone* (it doesn't matter who, but they often count beans for a living, decides that the carefully prepared plan "takes too long" and needs to be done in less time. Inevitably some part of the process has to give, and ultimately that leads to problems, and support issues, and things taking longer than if they hadn't made any "helpful" comments in the first place.

Boss helped sysadmin take down horrible client with swift kick to the nether regions

Graham 2

All the best

Enjoy the new job, we'll miss you... at least until next Friday!

BACS Bank Holiday BALLS UP borks 275,000 payments

Graham 2

Re: I feel sorry for

I think it comes down to cost; BACS transactions are pretty cheap but CHAPS transactions are expensive (it's what lawyers charge you a not small fortune for when buying a house). I suspect the issue here is that HSBC have arsed up their identifier which is why a. It's not quick for HSBC to fix and b. Despite their Teflon shoulders it'll still be HSBC's f**kup rather than BACS'

Biting the hand that feeds IT © 1998–2019