* Posts by tekHedd

276 posts • joined 9 Aug 2011


Happy Thursday! 770 MEEELLLION email addresses and passwords found in yuge data breach


Same here except...

I'm getting those same emails, except it's always an email I've never used anywhere. This makes me question the usefulness of some of the breach data.

Detailed: How Russian government's Fancy Bear UEFI rootkit sneaks onto Windows PCs


Enable SecureBoot? You mean that thing I have to disable to get Linux to install?

Great, so what I'm hearing is that I should also be disabling UEFI? Even though it really can provide some useful support features, ie for suspend/resume support etc? Great.

As usual, anyone outside the 80% is shafted. (On the bright side, 99% of the exploits expect a windows OS, so there's that.)

Millennials 'horrify' their neighbours with knob-shaped lights display


"When you walk home you just don't expect to come face to face with an enormous penis on a wall."

At least, not until you arrive home and go inside...

That amazing Microsoft software quality, part 97: Windows Phone update kills Outlook, Calendar


Re: The lead-in picture is wrong ...

... and you're not going to be doing much self-foot-shooting with an uncocked gun, for that matter.

Google vows to take claims of sexual assault, harassment seriously, just like privacy


We're Looking At It(TM)

So...it's a toss up between "we're looking at it" and "we're listening", the standard "expression of concern" brought out by companies whenever someone examines their dark side too closely.

It's been a week since engineers approved a new DNS encryption standard and everyone is still yelling


Re: Tough

"Nobody is forcing you to use the municipal water supply, this is not the only source of water. You are incorrectly conflating piped water with the entire food supply ecosystem. I can drink whatever liquid from whatever vendor I choose, so long as it is purchased legally."

Yeah, but when I need to boil some eggs, I go to the sink and turn on the tap.

Pirate radio = drug dealing and municipal broadband is anti-competitive censorship


It's always about control

They always mask it as arguments about copyrighted content or hate speech, but it's always and only about maintaining control of the media, mainly for profit but also and increasingly for nefarious reasons.

FYI: Drone maker DJI's 'Get it on Google Play' website button definitely does not get the app from Google Play...


So let's emphasize the lying part next time, perhaps?

As a user of a phone without any google apps whatsoever, I always appreciate when a company makes the APK directly available. (When it's a company I trust, anyway.) If Google Play is the only way to get an app, I have to violate Google's terms of service to get it. And yes I know there are handy tools that offer an easy, convenient way to violate the ToS and get the apps. :/

Offering an APK download from a "Google Play" button, yeah, that's shady. Offering an APK download, that's just how I like it.

Your RSS is grass: Mozilla euthanizes feed reader, Atom code in Firefox browser, claims it's old and unloved


Well, that's a shame, but...

I've always used standalone readers; I don't even know what the built-in reader looks like in FF. RSS is the awesome (or Atom, sure, I don't care, it's a protocol.)

At this point, RSS is the only way I can really handle El Reg, as it's just too much effort to scan through the news now that it is algorithmically sorted in order of... I honestly have no idea how the editors decide what I will be interested in but it's hit-and-miss and I now really can't be bothered to read past the top headlines on the official web site.

That 'Surface will die in 2019' prediction is still a goer, says soothsayer


So the logic is

... Surface isn't making ALL THE MONEY so you should just cut it. Never mind the halo effect, any future possibilities as Microsoft refines their hardware production savvy. Forget the high end--rich people don't have money, and their opinion of your company doesn't matter. What matters is that this other division has a bigger upside this quarter and we want to see your FPE increase for the next 2 quarters.

I keep meeting people who absolutely love their Windows Phones and protect them like human babies, terrified because there are no replacements.

It must be good business to establish a brand, acquire and develop hardware/software expertise to support it, restructure your bread-and-butter OS to include this product as part of your core strategy, spend millions on marketing, establish a loyal core fan base, and then kill the product. Microsoft does it over and over, and look how successful they are.

Shortages, price rises, recession: Tech industry preps for hard Brexit


Oh no, it's 1999!

Brexit is the new y2k bug.

Redis does a Python, crushes 'offensive' master, slave code terms


No masters!

Even if they rename it, the architecture itself is offensive. I will be boycotting the product until all offensive dominance roles have been removed therefrom.


Re: They should ask Torvalds to rename git.

You "ask", we "demand." This is why you fail.

Python joins movement to dump 'offensive' master, slave terms


The terminology is not the problem.

Removing the words master/slave does nothing to correct the underlying power imbalance between the controlling and controlled 'wares. We MUST boycott offensive hardware/software until all such relationships are corrected to be consensual.

Microsoft tells volume customers they can stay on Windows 7... for a bit longer... for a fee


"enterprise and education customers"

I don't run windows a lot, maybe every week or three, and it seems like every time I launch Windows 10 the user interface has changed completely.

I guess it's a moot point now. I wiped my last Win10 box in favor of Mint last week. :P

C'mon, if you say your device is 'unhackable', you're just asking for it: Bitfi retracts edgy claim


You know they're serious about security *now* though...

because "Security Manager" is capitalized.

Salesforce boss Marc Benioff objects to US immigration policy so much, he makes millions from, er, US immigration


Qualified workers

These companies REALLY hate native qualified workers, don't they?

Android data slurping measured and monitored


Fake DOB?

I used to put in bogus DOB etc...and then I lost access to an old email account, which then meant I couldn't recover my ebay password, which means I lost 5 years of eBay seller history... etc etc.

You can't put in fake information that later might be used for account recovery unless you are planning to then write that all down somewhere. At some point you'd have to memorize an entire fake identity or two or three... sure some people do this but come one who has time?

Australia's Snooper's Charter: Experts react, and it ain't pretty


"puritans on both sides"

Or, in the words of someone who my mother says is a "great man and a genius", there are "Very Fine people on both sides" of the argument. :P

Clap, damn you, clap! Samsung's Bixby 2.0 AI reveal is met with apathy



OpenCamera pretty much rocks. You still lose advanced features if you have a really fancy phone though. What's a "stylus support?" ;)

--running Lineage + MicroG for several months now.

Summary in a nutshell: Here Wego > Google Maps, but I miss my cloud storage for saves in AlphaBear.


Where's MY AI?

We talk a lot about "creepy and invasive", but the only thing that's really wrong with Google's AI is that it's not *my* AI. When I think back to AI assistants in the various Sci Fi books I've read, AI agents never seemed creepy because in books the agent is 100% owned by and working for the protagonist. It's the difference between "I am here to support you in any way you want and only those ways", and "I'm not going to hurt you, no really I promise, but not in a binding way and also sign this agreement indemnifying me before you let me help..."

There's a world of difference between "don't be evil" and "be good".

Top tip? Sprinkle bugs into your code to throw off robo-vuln scanners


Re: If you can generate your 'chaff' bugs algorithmically...

See also: every obfuscation tool. You can strip out all of the useful data, but you can't strip out the executable program and still have useful software.

Now if this were carried to the level of a complete custom "fake buggy compiler" you might have something, but then that sounds an awful lot like making a hardened compiler that automatically protects you from the kind of bugs you're simulating in the first place, with similar overhead, that puts me right back in the camp of "why are we doing this again?"

Dear alt-right morons and other miscreants: Disrupt DEF CON, and the goons will 'ave you



"Is there such a thing as the alt-left?"

True Believer Progressives are not an exact opposite of the alt-right. While the right might for example propose dismantling the EPA and using violence to suppress opposing viewpoints, the left might propose heavy censorship of "inappropriate speech" on social media and passing laws to let the government to use violence to suppress opposing viewpoints. More and more it looks like the authoritarian vs the anti-authoritarian version of the same thing. And in the end we'll probably end up with the worst of both sides as our next round of new laws. :/

Early experiment in mass email ends with mad dash across office to unplug mail gateway


Re: Firetruck?

"proceed" to travel, to go "off" somewhere

"firetruck" no additional expln. needed

Ya gotta use the noggin DN! :)

You can take off the shades, squinting Outlook.com users. It has gone dark. Very dark


All the hate for dark

I like dark interfaces. The glaring white becomes exhausting after 10-12 hours.

I'm frankly surprised. It's only taken them, well, literally from the launch of the service until now to come up with a dark skin, one of the easiest things to do with modern CSS-based interfaces, and people are still complaining about the "waste of resources." This is why we can't have nice things.

Google Chrome: HTTPS or bust. Insecure HTTP D-Day is tomorrow, folks


Not about encryption

The dangers of unencrypted transmissions? Sure it's real, but no, that's not a problem that is solved by this move. The real end result of this move is the death of self-signed certs.

Why does Google hate self-signed certs?

Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help


Scary trump pic, or is it?

The truly scary thing about this article is that the attached stock photo is actually a fairly flattering picture of Trump, relatively speaking.

Google Cloud CEO admits: Yeah, we wanted GitHub too. Whatevs


Exactly. Microsoft buying an OSS repository is questionable because of their open hostility to openness. Google buying an OSS repository is questionable because their track record suggest they'll forget they own it and shut it down completely.

But at least Google is not yet openly and actively hostile to all open source projects, and does not have a track record of infiltrating standards bodies and sabotaging standards. Not yet, anyway.

RoboCop-ter: Boffins build drone to pinpoint brutal thugs in crowds


And.. JUST violent actions, right?

So... how much work would it be to train it to recognize other suspicious actions, people trying to evade detection, people walking guiltily, "loitering with intent", protesters, people working their way purposefully through a crowd instead of gawping? I'm sure you can come up with more. It's fun!

HPE: Hell yeah, those job cuts worked out great… for our investors


for a short while

"It's funny how falling feels like flying, for a little while"


US Congress mulls expanding copyright yet again – to 144 years



I can't see how Congress keeps getting duped into supporting Mickey Mouse legislation like... oh...

Bowel down: Laxative brownies brought to colleague's leaving bash


A tip-off...

This is why revolutions fail.

Pointless US Congress net neutrality vote will take place tomorrow!


Let's keep talking about it anyway...

Now is a good time to ask: what legislation is Congress quietly and bipartisan-ly passing while all this noise is going on? If Trump tweets something outrageous on top of all this, watch out.

You love Systemd – you just don't know it yet, wink Red Hat bods


Not UNIX-like? SNU!

From now on, I will call Systemd-based Linux distros "SNU Linux". Because Systemd's Not Unix-like.

It's not clever, but it's the future. From now on, all major distributions will be called SNU Linux. You can still freely choose to use a non-SNU linux distro, but if you want to use any of the "normal" ones, you will have to call it "SNU" whether you like it or not. It's for your own good. You'll thank me later.

Password re-use is dangerous, right? So what about stopping it with password-sharing?



I *really* really hope that when the article said "encrypt" that this is a misspelling of "hash".

Hash without salt? Yuck!


Re: Always an angle trying to sell something

Top Of The Form https://www.youtube.com/watch?v=C-Ta4XbRRj4

:) Don't waste time searching that you could waste watching a commercial!

NSA sought data on 534 MILLION phone calls in 2017


That they admitted to.

I just assume all call data is archived, made available, and used. With the NSA a more or less completely opaque organization this is the only reasonable assumption.

You'll notice that I'm not panicking. But to think otherwise would be naive.

LLVM contributor hits breakpoint, quits citing inclusivity intolerance


It's illegal...

"Discrimination on grounds of gender is illegal (in the UK), except under very specific circumstances."

Discrimination is illegal, except where required by law. :)


And here we go

How appropriately ironic that this comment thread should immediatey appear attached to news of out of control SJWism. Clearly our troll has a sense of humor.

Facebook's login-to-other-sites service lets scum slurp your stuff


"only a few hundred sites.

Yes, it's "only" a few hundred sites, like Tealium, which I see blocked by Ghostery on something like EVERY web store I've ever visited. :(

Disappointed in BH Photo though, they have been good to me otherwise.

Twitter API overhaul threatens to seriously shaft apps... again


Re: Goodbye Twitter

I feel much the same about Talon. Talon and its developer support have been great, whereas the official twitter app is... not? Not. Yes, that's the word I'm looking for.

Are meta, self-referential or recursive science-fiction films doomed?


Based on Robert Heinlein's Hugo-winning 1959 novel,

And by "based on", we mean "having the same title as"...

They forked this one up: Microsoft modifies open-source code, blows hole in Windows Defender


"Even Microsoft's own development documentation recommends not using unsigned integers"

I can't decide whether to upvote this as top-shelf satire, or downvote it as a huge WTF?

I mean, yes, if your integers are unsigned, anyone can replace them with other integers and you won't be able to tell. On the other hand, integer signing has never been useful as a form of DRM, and can make it more difficult to update the integers if it turns out one requires patching.

The problem, as ever, is backward compatibility.

Computers were designed from the start to use integers without cryptographic signatures, so it is not possible for applications to detect whether an integer is signed or unsigned just by looking at it. A program must be compiled with foreknowledge about which integers to check for signing. Signing is a "cool hack" first used in the late 90s as an attempt to prevent piracy, pioneered first by Microsoft, quickly followed by most of the rest of the industry. Applications designed for unsigned integers will run fine on modern operating systems, but if signed integers are used by mistake, this can result in crashing, especially if the numbers involved are modern numbers that can be quite large. This is because cryptographic signing uses a "hack" that takes over the topmost bit, which may be flipped in some circumstances. This confuses older software.

Microsoft's hacking of the modern RAR program to force the use of outdated "unsigned" integers is an example of how the company has failed to move with the times. This dinosaur's days are limited.


Not to worry, unless...

"No problem, the bug is already patched, unless you're on Windows 7 of course, where due to an accident, the patch introduces a few more exploitable bugs." is what I expect to hear next.

Furious gunwoman opens fire at YouTube HQ, three people shot


Under no obligation

"YouTube are under no obligation to provide anyone except their employees with an income."

And in fact as a publicly traded company, are legally and ethically bound to maximize profit at the expense of their customers and uploaders, which will inevitably be done in a way to ruin many of them once they are in a monopoly position. In other words, YouTube's behavior is the inevitable and perfectly normal result of unfettered capitalism.

Not saying capitalism is bad, and certainly not saying I know of anything better, but this is what its darker side looks like. Well, the true dark side is people defending YouTube's unethical behavior on the basis that "they can do it, and it maximizes profit, therefore it is OK that they do."

Intel admits a load of its CPUs have Spectre v2 flaw that can't be fixed


Every corporation has his raisons

Those reasons are given as:

1) it would cost us money

2) we don't have a large customer pressuring us to update this model

3) we would prefer that you buy a new processor instead


Microsoft's Windows 7 Meltdown fixes from January, February made PCs MORE INSECURE


Quote Accidentally Unquote

Only on Windows 7, they "accidentally" left the write bit set. "Oops."

How did I get so cynical? The behavior of Microsoft and similar companies over the past [redacted] decades. The line between cynicism and skepticism is very, very thin.

Fatal driverless crash: Radar-maker says Uber disabled safety systems


Human-To-Vehicle communications

The answer is to fit not just bicycles, but all persons with human-to-vehicle location transponders. These can be permanently installed in or on the head. It's for safety, so we should start with the children. This will also double as a handy tracker so you can locate others if they become lost. And you'll always have a GPS with you wherever you go!

I see no possible way this could have negative consequences.

Hip hop-eration: Hopless Franken-beer will bring you hoppiness


Two Words

I'm sure the phrase "cost reduction" never even entered into their minds.

Half the world warned 'Chinese space station will fall on you'


In Soviet Russia...

"Russia except bits of Caucasus is outside the impact zone so it is giggling and twiddling its thumbs."

In rest of world, Chinese Space Station falls on you.

In Soviet Russia, *you* fall on... wait, hold on.


Biting the hand that feeds IT © 1998–2019