Re: Want to, can't, it's 2018
Got so fed up going round the Download / Update / Fail / Restore loop in the end I barred it from updating for 9 months so I could get some work done.
94 posts • joined 20 Oct 2010
Got so fed up going round the Download / Update / Fail / Restore loop in the end I barred it from updating for 9 months so I could get some work done.
I happened to walk into Asda during the Visa chaos, only to be told "it's cash only" - gone of the days of getting out a manual card-swipe machine.
The reality is that the tech is so complex and interdependent - there is no plan-B when it all goes wrong.
If you need to FTP files, then TFTP is much better!
At least then you know and are aware that there is no security and no user-name/password and thus (hopefully) need to put a security wrapper around anything you transfer.
So for example: and AES-256 Password encoded ZIP file - sent over TFTP.
Four years ago, as an experiment, I paid £175 for a Chromebook to see if I could use it as alternative to my Windows laptop for travel, this means a full day in London without a charger etc.
After four years there have been about 5 occasions where I've needed to use "real" MS Office (presenting embedded video in a PPT) other than that it works fine and has travelled all over the world with me.
It has the added advantage that getting internet connectivity on the move is a simple case of simply plugging my Android (4G+ Internet - often better than my home fibre broadband) into it and it simply works.
Thus I've just upgraded to a new Chromebook ultra slim, with full HD screen, metal case, 11 hrs on a charge AND it supports android apps, thus MS Office 365.
Cost of this new beast £220.....
Can't see myself ever needing to lug my Windows laptop again!
Unless you are "famous" and you are invited (paid) to do the closing keynote, all the major keynotes are from sponsoring companies that put up MAJOR $$$$$$$$$$$ to get a keynote - the more money the higher up the keynote tree you get (opening keynotes on day one being the most expensive I guess).
So, don't blame RSA if those companies, populated my MALE CEO's and very senior executives put up a male for the keynote - by all means blame those companies for their lack of diversity at senior levels.
But do blame RSA for a culture of pursuing only money, and not actually (outside of the cryptographers panel) having keynotes from interesting leaders in their field [Male of Female] high in the keynote agenda.
Don't think I've been to a keynote session since the "Microsoft - "we've got security religion" back in early 2000's as basically they are all just corporate hype. (and it's mind numbingly boring to sit through them to accidentally stumble on the one that is not).
Microsoft just don't get it......
What people want is a stable, secure OS on which they can run their business applications, or in the case of Joe Home User; a Word Processor and a Browser.
However MS continue to think that people want an entire ecosystem of apps and other cr*p.
Unfortunately for MS (and fortunately for the rest of us) the world has moved on, those who still need a desktop for full-fat applications buy Windows; if you can afford it Apple, and the rest use either a Chromebook or a portable device of some description.
Speak to the kids, very few now have desktop devices in need of an OS like windows that is the centre of their life!
As a customer from (almost day 1) circa 1973, they used to be great; as they were the cheapest place to buy electronics with a wide stock. Unfortunately, most of what they now sell can be brought cheaper elsewhere and the electronics are just a sideline.
I fear this will be another "Woolworths" we loved the brand, mourned it passing, but when you thought about it you cannot remember the last time you brought anything "serious" from there or though of it as your first choice destination to buy any particular product.
Please send all those who oppose the Licence Fee to spend a month in the USA - the TV is unwatchable due to the adverts.
Even if you do not watch that much BBC output remember all other commercial broadcasters have to compete with the BBC for quality of output and not overloading it's viewers with adverts. In the US there is nothing on (linear) TV to compare against.
And while we are at it, please remind me why to view Sky I have to pay an exorbitant fee AND put up with adverts?
#1 If you can buy it, it's obsolete
Brought a Chromebook four years ago as a £200 "throwaway" experiment - over those 4 years I've hardly ever needed a windows laptop when out and about.
Now, just replaced it with a new HD Chromebook - and it supports Android Apps as well - so now Office 365 and Skype as well as Gmail and G-Calendar.
Add to that the "use for a whole day" without need to lug a power supply, and the "instant start".
I think I can finally retire the ageing backup windows laptop.
Irrespective of how serious this flaw *actually* is.....
Back in 2006 the Jericho Forum explained that the world was going de-perimiterised - and that you should rely on encrypted protocols NOT encrypted networks (you may want restrict network access for QoS purposes - not security).
If you are not concerned with QoS then follow the guidance of OpenWireless.org and run a fully open wireless network (it's a neighbourly thing to do) with the SSID of openwireless.org - just ensure that your traffic using the network uses only secure protocols.
IMHO iTunes is a rather good music manager - the search function is incredibly fast (I have in excess of 25k tracks)., and the playlist manager is great.
However I export the playlists to a Roku soundbridge and also to DoubleTwist for my Android, and drag and drop to a memory stick for the car. No Apple devices in sight.
Actually, the System Image Backup (SIB) is what we should be panicking about - this simple programme, run monthly, has got me out of trouble more than once. If we remove it from "standard" (and no extra cost) windows how many people will never ever run a backup.
The US law is plain daft, by this interpretation if I go on holiday and hand my camera to a random passer-by to take our photo, posing in front of a landmark (as many millions of people do); then legally that random person holds the copyright to the photo.....
As opposed to the UK interpretation, my camera, I set up the pose and set the camera up, and give it to a fellow tourist to push the button - my copyright.
Much more sane and sensible - and no monkey business!
Look at Wire, simple, by some of the original Skype people, works with a phone app but ALSO WITH any modern browser (including a Chromebook) using WebRTC.
Business School 101; never outsource anything which is critical to your business. Outsource that which is not critical and gives you no competitive advantage (for example; payroll & HR systems).
Seems BA seem to have forgotten the essentials.......
Any CEO who signed off on such a deal, irrespective of whether it was the root cause, should be falling on their sword.
Any CEO who does not understand the criticality of the IT systems (and it may be negligible) in their business should not be in the job.
Surely this is counter to the safetly instruction that Li-On batteries mus be carried in hand luggage AND NOT stowed in the hold??
"Until fixes are available, Cisco says Telnet should be disabled in favour of SSH."
What do people not understand about Telnet - username and password and all data sent in clear over the wire....
Telnet should ALWAYS be disabled in favour of SSH......
We were preaching this way back 15 years ago. (Jericho Forum Commandment #4)
"Any of us can be compelled – in appropriate circumstances"
Action have consequences - if you decide not to tell (or decrypt) then based on the law of the land (or lack of it) you face the legal consequences - in a benign western society, that is jail for contempt of court.
Lots of examples of journalists who have done just that.
The problem comes when the society is not benign, then our problems are bigger anyway.
However the solution is NOT backdooring the encryption....
Privacy Shield in an interesting device to protects everyones modesty, I don't think anyone really believes it makes a blind bit of difference.
RAN = Radio Access Network (I think) which I presume is the street hardware and back-haul wires?
"may be awarded only to individuals and teams of individuals who are citizens or permanent residents of the United States"
If you learnt nothing from the first four breaches it is "be open with your customers and tell them early" unfortunately the advice is still "if you have a connectivity problem simply reset your router".
As before, no proactive advice whatsoever - Yes I'm a customer - no I have not received any proactive communication.
Dido, your customers are reading about the severity in the papers and on the BBC, an email - if only to say "you do not have an affected router" would not go amiss. for those with affected routers then what you are actually doing.
Every vendor in the spaces used Credit Card strings and they are really simple and unique format, and thus easily defined.
The trick is finding all that "other stuff", so every time with catch someone doing something bad then in retrospect we write another string search......
Else you let your IT and/or security team go trawling for anything suspicious. [and that's so good for employee moral].
Apple playing catch up with a set of "me too" features that can already be found at half the price, and nothing that is leading edge, and at substantial premuim.
Still it's got an Apple logo on the back; Baaaaaa.............
"If privacy is outlawed, only outlaws will have privacy" [the original quote] often bastardised as "If encryption is outlawed, only outlaws will have encryption".
So, let's all assume a 1990's architecture where only corporates have networks and only use desktop computers with a hard perimeter!
Let's ignore that fact that since 2003 the Jericho Forum have highlighted the issues of the de-perimeterised network. Microsoft would do well to actually read the Jericho Forum commandments! https://www.opengroup.org/jericho/commandments_v1.2.pdf
Look at Wire, not open source, but a good raft of platform support as well as it works with my Chromebook (the acid test)
This is a vendor produced survey - so surely a little more of the scepticism the Register is famous for?
Last time I looked Gmail, Amazon, Sykpe, What'sApp all used HPPS and/or were Encrypted protocols.
So what is actually the problem?
And why do I need a VPN? Other than a vendor is trying to flog me one?
Paid the "lifetime subscription" fee and guess what - upgrades now cost.
* Have NFC?
* Have wireless charging?
* Support all the UK 4G Bands?
* Is is 4G or 4G+ (LTE-A or 4.5G)?
* Does is have a full range of sensors?
* Can it take Photosphere pictures?
* Removable media (plus max ROM & RAM) [yes, this was covered]
* Dual-SIM [yes, this was covered]
Because I agree with the above comments; Camera/Screen etc. Yawn.... Battery maybe, but lets review "flagship" phones against the flagship features.
Seems like no Band 20, so you are stuffed if you want 4G on O2
Agreed, but digital signage for the open-air (full sunlight) is at stupid pricing, so not needing to do video is fine if they can get the price down to a regular indoor digital signage panel.
The trick is to understand how to align business strategy to security architecture. Unfortunately having a rough idea and using goggle means you end up with a firewall and some boxes that often inhibit the business and security is thus seen as "the boys that say NO"
I'm sorry Trevor; "Proper information security requires defence in depth: layers of technologies, techniques, best practices and incident response woven together into the tapestry of everyday operations" may be correct for some businesses - but for most this approach is old-hat, and means kludging their architectures to take advantage of BYOD, Cloud, IoT and other such technologies that gives them strategic advantage.
The most agile companies are 100% cloud, using Chromebooks and BYOD; where is your need for firewalls, layers of technology etc.?? Then actually you need a CISO that understand Cloud Identity and entitlement, not layers defence.
But then you get what you pay for......
My submissions would be:
This is a great example of why you should ONLY use open formats. MP3 for you Music and e-Pub for your books. Yes, my Nook may only last until it dies, but I will have all my purchased content backed up and ready to port onto my next device. Will Apple be around in 10 or 20 years time? But at least my music (currently on my iPod) will be portable to whatever is around.
So now you will have to log any cash transaction over £5 with your local police station...... or have they forgotten the £63m, the €995bn and the US$1.2 trillion in circulation?
At what point does the CEO actually take responsibility for all this mess and resign?
When will hotels, restaurants and other establishments realise that people want free wi-fi that is truly free - slurping my personal data means it is not free.....
Let's all campaign for the mass adoption for openwirless.org as an SSID and simply let people connect.
Engine software (firmware) development is tightly controlled - to add a "feature" will have been tightly controlled with a specification, writing, testing and QA. All stages will have required approval and sign-off.
Thus is beggars belief it was "just a couple of rogue engineers".
If it really was a rogue addition then you should really worry about the whole production process and the rigour with which VW cars are produced.
I don't understand number 11; "Thou will be sceptical of everything on the Internet"
"We just need a little help about where the lock goes on this chastity bra"
In a very simple way, this neatly sidesteps all the technical arguments about can you put an backdoor into encryption for the "good guys" to use, and provides a really simple example of why ** ITS A REALLY BAD IDEA **
The Which customer satisfaction survey rated EE 2nd to bottom for "Pay monthly" and bottom for Pay as you go".
Lets ignore the real world top 35, and just splash out multi-millions on hardware, software and consultancy to implement a big-data, APT detection solution...... Oh, and lets not forget more billions on a GRC system.... and while we are trying to avoid actually fixing the root cause (at minimal cost) lets implement a "Cyber Threat Intelligence Integration Center" so we can share our woes with everyone else.....
But then we have always lived in an industry that is vendor driven, where common sense and getting the basics right have no part to play.
Why are the "experts" in this area not coming together to define how to work securely on open, public WiFi?
Secure protocols, with tools that switch on certificate pinning and force HTTPs only, and only allow you to connect with trusted sites must be the way to go; rather than needing to buy a VPN service from a company, as this:
a) does not solve the underlying problems, and
b) wont be used my the majority of the public, and
c) it liable to the same interception / attacks by anyone who owns the termination node.
By default, data must be appropriately secured when stored, in transit and in use - Jericho Forum Commandment #11. from 2005
Great shame to see they've forgotten about "when stored" and "when in use" - maybe in another 10 years....
As much I agree with what Which are trying to achieve, the speed is usually governed by physics, namely the length of copper from the exchange (or FTTC box) to the home.
Is not the pragmatic solution to charge for the percentage of actual speed delivered.
This if you advertise 18M for £10/month but I only get 9M then I only get charged £5 / month.
Or is this too simple?
So first, GIF is a global not-for-profit foundation, with matching charitable clauses with a commitment to everything being open source - it's exactly your first comment that means a new structure was needed.
And yes, if you read the original work from Jericho, and the white paper from GIF then you will see embedded the concepts of persona that meet the needs of privacy, primacy and agency.
Can't see why you are getting a blank web site - works for me!
Does not work on Chromebook, go figure..... As a web-based end-point surely this should be an ideal target for this technology - oh wait..... its a laptop that does not support Windows.....
Biting the hand that feeds IT © 1998–2018