* Posts by simmondp

85 posts • joined 20 Oct 2010

Page:

So the 'Year of Linux' never happened. When is it Chrome OS's turn?

simmondp

Chromebooks are great!

Brought a Chromebook four years ago as a £200 "throwaway" experiment - over those 4 years I've hardly ever needed a windows laptop when out and about.

Now, just replaced it with a new HD Chromebook - and it supports Android Apps as well - so now Office 365 and Skype as well as Gmail and G-Calendar.

Add to that the "use for a whole day" without need to lug a power supply, and the "instant start".

I think I can finally retire the ageing backup windows laptop.

12
5

WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug

simmondp

Should you really care.

Irrespective of how serious this flaw *actually* is.....

Back in 2006 the Jericho Forum explained that the world was going de-perimiterised - and that you should rely on encrypted protocols NOT encrypted networks (you may want restrict network access for QoS purposes - not security).

See: https://collaboration.opengroup.org/jericho/Protocols_v1.0.pdf

If you are not concerned with QoS then follow the guidance of OpenWireless.org and run a fully open wireless network (it's a neighbourly thing to do) with the SSID of openwireless.org - just ensure that your traffic using the network uses only secure protocols.

1
0

Five ways Apple can fix the iPhone, but won't

simmondp

Re: Windows Phone Type Tiles

IMHO iTunes is a rather good music manager - the search function is incredibly fast (I have in excess of 25k tracks)., and the playlist manager is great.

However I export the playlists to a Roku soundbridge and also to DoubleTwist for my Android, and drag and drop to a memory stick for the car. No Apple devices in sight.

2
0

Microsoft hits new low: Threatens to axe classic Paint from Windows 10

simmondp

System Image Backup (SIB)

Actually, the System Image Backup (SIB) is what we should be panicking about - this simple programme, run monthly, has got me out of trouble more than once. If we remove it from "standard" (and no extra cost) windows how many people will never ever run a backup.

18
0

Hey, remember that monkey selfie copyright drama a few years ago? Get this – It's just hit the US appeals courts

simmondp

Holiday Snaps

The US law is plain daft, by this interpretation if I go on holiday and hand my camera to a random passer-by to take our photo, posing in front of a landmark (as many millions of people do); then legally that random person holds the copyright to the photo.....

As opposed to the UK interpretation, my camera, I set up the pose and set the camera up, and give it to a fellow tourist to push the button - my copyright.

Much more sane and sensible - and no monkey business!

1
0

Microsoft boasted it had rebuilt Skype 'from the ground up'. Instead, it should have buried it

simmondp

Wire

Look at Wire, simple, by some of the original Skype people, works with a phone app but ALSO WITH any modern browser (including a Chromebook) using WebRTC.

1
0

BA CEO blames messaging and networks for grounding

simmondp

Business School 101

Business School 101; never outsource anything which is critical to your business. Outsource that which is not critical and gives you no competitive advantage (for example; payroll & HR systems).

Seems BA seem to have forgotten the essentials.......

Any CEO who signed off on such a deal, irrespective of whether it was the root cause, should be falling on their sword.

Any CEO who does not understand the criticality of the IT systems (and it may be negligible) in their business should not be in the job.

4
0

Confirmed: TSA bans gear bigger than phones from airplane cabins

simmondp

Batteries?

Surely this is counter to the safetly instruction that Li-On batteries mus be carried in hand luggage AND NOT stowed in the hold??

1
0

Cisco reports bug disclosed in WikiLeaks' Vault 7 CIA dump

simmondp

Telnet

"Until fixes are available, Cisco says Telnet should be disabled in favour of SSH."

What do people not understand about Telnet - username and password and all data sent in clear over the wire....

Telnet should ALWAYS be disabled in favour of SSH......

We were preaching this way back 15 years ago. (Jericho Forum Commandment #4)

5
1

FBI boss: 'Memories are not absolutely private in America'

simmondp

Assumes a "benign western society"

"Any of us can be compelled – in appropriate circumstances"

Action have consequences - if you decide not to tell (or decrypt) then based on the law of the land (or lack of it) you face the legal consequences - in a benign western society, that is jail for contempt of court.

Lots of examples of journalists who have done just that.

The problem comes when the society is not benign, then our problems are bigger anyway.

However the solution is NOT backdooring the encryption....

2
0

Fear not, Europe's Privacy Shield is Trump-proof – ex-FTC bigwig

simmondp

Sounds like wishful thinking

Privacy Shield in an interesting device to protects everyones modesty, I don't think anyone really believes it makes a blind bit of difference.

3
0

MNOs will lose 5G rewards to new entrants if they will not share networks

simmondp

TLA not defined

RAN = Radio Access Network (I think) which I presume is the street hardware and back-haul wires?

1
0

Put walls around home Things, win $25k from US government

simmondp

US thinking olny permitted!

"may be awarded only to individuals and teams of individuals who are citizens or permanent residents of the United States"

3
0

Mirai variant turns TalkTalk routers into zombie botnet agents

simmondp

When are they going to learn?

If you learnt nothing from the first four breaches it is "be open with your customers and tell them early" unfortunately the advice is still "if you have a connectivity problem simply reset your router".

http://help2.talktalk.co.uk/dsl3780-router-connectivity-issues

As before, no proactive advice whatsoever - Yes I'm a customer - no I have not received any proactive communication.

Dido, your customers are reading about the severity in the papers and on the BBC, an email - if only to say "you do not have an affected router" would not go amiss. for those with affected routers then what you are actually doing.

7
0

Psst. Need some spy-on-employees tech? Ask Oriium

simmondp

The usual "credit card" string

Every vendor in the spaces used Credit Card strings and they are really simple and unique format, and thus easily defined.

The trick is finding all that "other stuff", so every time with catch someone doing something bad then in retrospect we write another string search......

Else you let your IT and/or security team go trawling for anything suspicious. [and that's so good for employee moral].

1
0

Pains us to run an Apple article without the words 'fined', 'guilty' or 'on fire' in it, but here we are

simmondp

Sheep of the world unite.......

Apple playing catch up with a set of "me too" features that can already be found at half the price, and nothing that is leading edge, and at substantial premuim.

Still it's got an Apple logo on the back; Baaaaaa.............

5
0

FBI Director wants 'adult conversation' about backdooring encryption

simmondp

If you don't learn from history, you are doomed to repeat it.

"If privacy is outlawed, only outlaws will have privacy" [the original quote] often bastardised as "If encryption is outlawed, only outlaws will have encryption".

https://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html

5
0

Windows passwords leak tip

simmondp

Advice from the 1990's

So, let's all assume a 1990's architecture where only corporates have networks and only use desktop computers with a hard perimeter!

Let's ignore that fact that since 2003 the Jericho Forum have highlighted the issues of the de-perimeterised network. Microsoft would do well to actually read the Jericho Forum commandments! https://www.opengroup.org/jericho/commandments_v1.2.pdf

2
0

New Google vid-call app

simmondp

Re: Why is this better than Skype?

Look at Wire, not open source, but a good raft of platform support as well as it works with my Chromebook (the acid test)

0
0

GOP delegates suckered into connecting to insecure Wi-Fi hotspots

simmondp

Why? - Let's have some critical journalism

This is a vendor produced survey - so surely a little more of the scepticism the Register is famous for?

Last time I looked Gmail, Amazon, Sykpe, What'sApp all used HPPS and/or were Encrypted protocols.

So what is actually the problem?

And why do I need a VPN? Other than a vendor is trying to flog me one?

2
10

Empty your free 30GB OneDrive space today – before Microsoft deletes your files for you

simmondp

WinZip

Paid the "lifetime subscription" fee and guess what - upgrades now cost.

0
0

ZTE Axon 7: A surprise flagship contender

simmondp

Please review the things that differenciate....

Does it;

* Have NFC?

* Have wireless charging?

* Support all the UK 4G Bands?

* Is is 4G or 4G+ (LTE-A or 4.5G)?

* Does is have a full range of sensors?

* Can it take Photosphere pictures?

* Removable media (plus max ROM & RAM) [yes, this was covered]

* Dual-SIM [yes, this was covered]

Because I agree with the above comments; Camera/Screen etc. Yawn.... Battery maybe, but lets review "flagship" phones against the flagship features.

10
0

ZTE flagship elbows aside Xiaomi

simmondp

No joy for O2 users

Seems like no Band 20, so you are stuffed if you want 4G on O2

0
0

E-Ink goes full colour

simmondp

Re: Anyone seen specs or estimated prices?

Agreed, but digital signage for the open-air (full sunlight) is at stupid pricing, so not needing to do video is fine if they can get the price down to a regular indoor digital signage panel.

2
0

Defence in depth: Don't let your firm's security become a boondoggle

simmondp

Therein lies ruin

The trick is to understand how to align business strategy to security architecture. Unfortunately having a rough idea and using goggle means you end up with a firewall and some boxes that often inhibit the business and security is thus seen as "the boys that say NO"

I'm sorry Trevor; "Proper information security requires defence in depth: layers of technologies, techniques, best practices and incident response woven together into the tapestry of everyday operations" may be correct for some businesses - but for most this approach is old-hat, and means kludging their architectures to take advantage of BYOD, Cloud, IoT and other such technologies that gives them strategic advantage.

The most agile companies are 100% cloud, using Chromebooks and BYOD; where is your need for firewalls, layers of technology etc.?? Then actually you need a CISO that understand Cloud Identity and entitlement, not layers defence.

But then you get what you pay for......

1
10

Apple stuns world with Donald Trump iPhone

simmondp

Competition: SE Stands for.....

My submissions would be:

"Still Expensive"

0
0

No more Nookie for Blighty as Barnes & Noble pulls out

simmondp

March with your wallet - buy only open formats

This is a great example of why you should ONLY use open formats. MP3 for you Music and e-Pub for your books. Yes, my Nook may only last until it dies, but I will have all my purchased content backed up and ready to port onto my next device. Will Apple be around in 10 or 20 years time? But at least my music (currently on my iPod) will be portable to whatever is around.

5
0

Europe wants end to anonymous Bitcoin transactions

simmondp

What about good old Cash

So now you will have to log any cash transaction over £5 with your local police station...... or have they forgotten the £63m, the €995bn and the US$1.2 trillion in circulation?

8
0

TalkTalk outage: Dial M for Major cockup

simmondp

Resign

At what point does the CEO actually take responsibility for all this mess and resign?

9
0

Feds spank naughty Hilton, M.C. Dean in Wi-Fi jamming crackdown

simmondp

** Free ** ubiquitous wi-fi

When will hotels, restaurants and other establishments realise that people want free wi-fi that is truly free - slurping my personal data means it is not free.....

Let's all campaign for the mass adoption for openwirless.org as an SSID and simply let people connect.

0
3

Top VW exec blames car pollution cheatware scandal on 'a couple of software engineers'

simmondp

Engine software (firmware) development is tightly controlled - to add a "feature" will have been tightly controlled with a specification, writing, testing and QA. All stages will have required approval and sign-off.

Thus is beggars belief it was "just a couple of rogue engineers".

If it really was a rogue addition then you should really worry about the whole production process and the rigour with which VW cars are produced.

3
0

WIN a 6TB Western Digital Black hard drive with El Reg

simmondp

I don't understand number 11; "Thou will be sceptical of everything on the Internet"

0
0

WIN a 6TB Western Digital Black hard drive with El Reg

simmondp

"We just need a little help about where the lock goes on this chastity bra"

0
0

3D printer blueprints for TSA luggage-unlocking master keys leak online

simmondp

Backdoor Encryption Advocates - are you reading this?

In a very simple way, this neatly sidesteps all the technical arguments about can you put an backdoor into encryption for the "good guys" to use, and provides a really simple example of why ** ITS A REALLY BAD IDEA **

3
0

At last we know for sure. Blighty's 'best mobile network' is ...

simmondp
FAIL

Pity they are not rated by their customers

The Which customer satisfaction survey rated EE 2nd to bottom for "Pay monthly" and bottom for Pay as you go".

2
0

NIST issues 'don't be stupid' security guidelines for contractors

simmondp

So in reality....

Lets ignore the real world top 35, and just splash out multi-millions on hardware, software and consultancy to implement a big-data, APT detection solution...... Oh, and lets not forget more billions on a GRC system.... and while we are trying to avoid actually fixing the root cause (at minimal cost) lets implement a "Cyber Threat Intelligence Integration Center" so we can share our woes with everyone else.....

But then we have always lived in an industry that is vendor driven, where common sense and getting the basics right have no part to play.

0
0

UK politicos easily pwned on insecure Wi-Fi networks

simmondp

Another vendor flogging a product with FUD

Why are the "experts" in this area not coming together to define how to work securely on open, public WiFi?

Secure protocols, with tools that switch on certificate pinning and force HTTPs only, and only allow you to connect with trusted sites must be the way to go; rather than needing to buy a VPN service from a company, as this:

a) does not solve the underlying problems, and

b) wont be used my the majority of the public, and

c) it liable to the same interception / attacks by anyone who owns the termination node.

1
0

It’s 2015 and we're being told not to send credit cards as cleartext

simmondp

Only 10 years to late....

By default, data must be appropriately secured when stored, in transit and in use - Jericho Forum Commandment #11. from 2005

Great shame to see they've forgotten about "when stored" and "when in use" - maybe in another 10 years....

5
0

MILLIONS of broadband punters aren't getting it fast enough – Which?

simmondp

Time for a pragmatic solution.

As much I agree with what Which are trying to achieve, the speed is usually governed by physics, namely the length of copper from the exchange (or FTTC box) to the home.

Is not the pragmatic solution to charge for the percentage of actual speed delivered.

This if you advertise 18M for £10/month but I only get 9M then I only get charged £5 / month.

Or is this too simple?

5
0

Online identity woes can only be solved through the medium of GIF

simmondp

Re: Setting the fox to guard the henhouse

So first, GIF is a global not-for-profit foundation, with matching charitable clauses with a commitment to everything being open source - it's exactly your first comment that means a new structure was needed.

And yes, if you read the original work from Jericho, and the white paper from GIF then you will see embedded the concepts of persona that meet the needs of privacy, primacy and agency.

Can't see why you are getting a blank web site - works for me!

0
0

Microsoft makes Skype beach body ready with web browser beta release

simmondp

Chrome but not Chromebook

Does not work on Chromebook, go figure..... As a web-based end-point surely this should be an ideal target for this technology - oh wait..... its a laptop that does not support Windows.....

0
0

Freeparking web hosting services go TITSUP after migration

simmondp

Three weeks without being able to send mail

No meaningful response from support whatsoever.

Closed ticket on not being able to send email, can only re-open by emailing from my email address #Doh! #Catch22

If I open new ticket I go the end of a very long queue.

Recommendations for a new domain hosting company please.

0
0

iPhone case uses phone's OWN SIGNAL to charge it (forever, presumably)

simmondp

... the company will shortly be releasing a companion perpetual motion machine....

14
0

Vodafone: Can't make calls on our network? Use Wi-Fi

simmondp

What you fail to mention.....

What you fail to mention is usability; I have TalkTalk2Go, Viber (horribly insecure) and Skype all as apps on my phone, in addition to the actual (standard) phone.

What I want, (and I think most people want,) is a ** SINGLE ** phone interface that works seamlessly whether on 3G, 4G or Wi-Fi.

8
0

Canadian bloke refuses to hand over phone password, gets cuffed

simmondp

Why not?

If you suitcase is locked they will ask politely (demand) that you open it - What is the difference?

Don't carry anything through a border that you don't want to be subject to search - saying "electronic" is different is muddying the waters.

The more interesting case comes where if you are carrying a device that has encrypted material for which you do not hold the key (for example it's a corporate laptop used by multiple people one of which has received an encrypted file).

1
7

Hey biz – cut fraud with digital ID verification. Yes, like Verify – Maude

simmondp

Out of touch with the real world of digital business.

Take a look at the "acid tests" for a decent identity ecosystem, remembering business and e-commerce is global and "Verifiy" fails on all accounts.

http://www.globalidentityfoundation.org/downloads/Six_Conundrums_Of_Global_Identity_v1.0.pdf

1
0

Mobe not-spots 'landmark deal'? We ain't thick, Javid

simmondp

Mixing "cell (call) handover" with "roaming"

Let's be clear, when no signal is available from my operator my phone will make call using any operator on the 999/112 number - and I believe even if no SIM is actually present?

Once you have started the call with a roaming operator then all cell handover will need to be done with that operator - big deal I can live with that restriction.

Simply mandate roaming; and Offcom can ensure that your provider pays a sensible surcharge to the roaming provider (at no additional cost to the user) - so when the usage gets too high in a particular area your provider has the ROI to upgrade, in-fill or provide new infrastructure in that area.

Market forces should take care of the rest!

0
0

2015: The year of MAD TV science, but who can keep up?

simmondp

Vote for Android

The biggest advantage I can see in having an Android based UI - assuming it works this way - it that I do not need be be tied to the media sources that the TV manufacturer wants to give me and give long term support to.

Want ITV player - get it from the Playstore, want Plex again go to the store etc.

Need that latest version, no need to wait for a manufacturer supported version simply update it from the "standard" Playstore version.

If it really does work this way, then I for one, will be making my TV choice based on whether it has Android or not.

Note to the manufacture: locking me out of PlayStore and not letting me use Standard android media player apps will mean I will vote with my wallet!

1
0

MI5 boss: We NEED to break securo-tech, get 'assistance' from data-slurp firms

simmondp

Wanting privacy and security does not equal terrorist.

If privacy is outlawed, only outlaws will have privacy.

Philip R. Zimmermann, June 1991

and it's corollary;

If encryption is outlawed, only outlaws will have encryption.

Thus if I encrypt, does that make me a bad guy, or just someone that wants to protect my privacy.

This is the start of a very slippy legal slope.

0
0

Another lick of Lollipop: Google updates latest Android to 5.0.1

simmondp

Re: 2012 Nexus models to stay at KitKat perrmanently?

I'm running 5.0.0 on a UK Nexus 4 with no problems. Chose to do a full install from scratch. New OS is great - with some fantastic features. Minor niggles - Photosheres will not play (they just error) and the promised integration with my Chromebook has not materialised - (may be a Chromebook issue though).

Couple it with Snapgragon's BatteryGuru and the batter life is very acceptable given it's two years old.

Love the open to application from notifications on lock screen, and the ability to not lock then connected to a trusted device - car BT or BT headset.

All in all a must have.

1
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017