* Posts by DJ Smiley

342 posts • joined 14 Sep 2011

Page:

El Reg straps on the Huawei Watch 2

DJ Smiley

Re: Reasons to be Wear-y

The idea you're listening to music while riding infinitely scares me.

While you may be one of the safety conscious who actually have headphones which allow you to hear traffic and such, or you don't ride on roads making the point mute - but 90% of cyclists who use this kit are on the road, and really shouldn't be :/

4
3

Drones over London caused aviation chaos, pilots' reports reveal

DJ Smiley

No matter how you approach it.....

It's difficult to see what can be done.

2m across is a pretty big drone, someone some where will of seen this taking off. However the question really is, what do you do about them - you can't just 'shoot them down' or any such thing as the danger of it landing on someone is real (even if unlikely) and while the loss of said drone would be a deterrent it still wouldn't stop a bad actor from using one to do some real damage.

I honestly don't see the problem with licencing drone users, the same way HAM radio users are licences - with a test if required. While I believe 'some/most' drone manufacturers are saying they have put in (or are going to put in) means to stop the drones going into these such areas, clearly it hasn't happened yet, or isn't working.

1
3

Google now mingles everything you've bought with everywhere you've been

DJ Smiley

They came for my data.... and I gave it them.

In return they gave me useful/fun services.

I'd much prefer to be able to 'correct' the data they have on me, at least then I might get relevant adverts :(

6
2

Network-sniffing, automation, machine learning: How to get better threat intel

DJ Smiley

Until we can get the basic's right....

We can't go any further.

Finally some actual realistic fines - lets just hope they get enforced.

Wannacrypt hitting 100k pc's shows that systems just aren't patched. And why? After all currently there's no more than a slap on the wrist generally from the ICO for being breached. Once the fines some how match the impact to the people who's data is being released, then we'll see rapid improvements.

4
0

O2 will be carrying out UK IoT connectivity trials later this year

DJ Smiley

Good to see we've already all upgraded to smart meters before this comes along

Good to see we've already all upgraded to smart meters before this comes along,

Ideally making sure in 5-10 years we need to upgrade again, to use this tech as the old stuff is turned off ;)

1
0

You think your day was bad? OS X malware hackers just swiped a Mac dev's app source

DJ Smiley

Re: Lost ?

Also there seems to be no warning to all the people who are now using what basically amounts to 'infected' apps. As there was time when these apps source code was accessible, and could have been changed - if there's been any release or update in that time, bad times!

0
3
DJ Smiley

Re: Deathly silence

You might want to check out apples latest advertising then...

Claims doesn't get viruses, malware, is uber secure, etc.

No '*' saying '*may depend on user actions' either!

5
5

Avast blocks the entire internet – again

DJ Smiley

Re: More info required

Is your linux mint disk running Avast...?

3
0

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools

DJ Smiley

Re: Move Windows XP to VM

Internet Of Lathes? Is that a thing now?

1
0
DJ Smiley

And it's on the internet why?

2
0

Doctor Who-inspired proxy transmogrifies politically sensitive web to avoid gov censorship

DJ Smiley

Indeed, this would require the backbone ISP's to cooperate, and concidering the new rules and laws they are already facing, I doubt they want someone checking about this as well.

0
0

Radio hackers set off Dallas emergency sirens at midnight as a prank

DJ Smiley

Re: using radio waves...

It's a running joke that every year on BBC Radio 1 that they have to disable this system for the minutes silence on 11th Nov.

One year someone did forget apparently, and it kicked in (And they've discussed how every few years it's updated to be (ill)relevant music).

2
0

Miss Misery on hacking Mr Robot and the Missing Sense of Fun

DJ Smiley

Re: I have enjoyed it

As someone who's had a really out there experience (not due to drugs but tiredness - I walked home thinking I was in some real life game of CS to the point at which I was imagining seeing my ammo number in one corner of my vision), I can imagine the whole 80's sitcom thing actually happening to some body.

2
0
DJ Smiley

Re: Seen some of the first season.

They had a guy who was basically responsible for making the hacking look authentic. He did a talk at DefCon I believe - most of the 'onscreen' animation is recorded in flash because that's the easiest way to make it authentic - someone can tap away at a keyboard and the letters would appear at the right time, and never a typo in sight!

If you can find the talk it's really good to hear how 'respectful' of real hacking the directors and such were. Rather than being a case of them not listening to what would make sense and pass for 'real' they actually listened to genuine hackers for inputs. As such, there's even a few sneaky shout outs to various hacker groups and such in the series too.

6
0

Honeypots: Free psy-ops weapons that can protect your network before defences fail

DJ Smiley

Re: "a great experiment to analyze the adversary's moral limits"

You've never had a button, which gave you the option to do something terrible, and no one ever know have you?

That kind of power can change how people think. It's been shown again and again in psychological studies.

0
0

The gospel according to Blockchain, or is it the other way round?

DJ Smiley

I sense a mistake. It says you can't read the data from the prior block..... this isn't true as far as I know.

It simply means you can _Verify_ the data in any block, from the blocks prior, that is far far different to reading them.

0
0

Brit ISP TalkTalk blocks control tool TeamViewer

DJ Smiley

Re: Sounds like an executive snit

'Clearly someone is neither technologically inclined, nor particularly likely to listen to reasonable advise.'

This is talk talk of 'Whoops we lost 14 million customers details'... I think someone there doesn't really care what anyone else thinks.

5
0

Watt the f... Dim smart meters caught simply making up readings

DJ Smiley

Re: pah....

All meter readings are available to all suppliers.

Source -- used to work at a supplier.

4
0
DJ Smiley

Re: There's more to it that that...

Maybe, but your washing machine/tumble drier/dishwasher all have selectable 'wait X hours' modes which do allow for this kind of usage.

3
2
DJ Smiley

Re: Working as intended

I believe - don't quote me - that the reduced usage comes from 'awareness' of how much power you're using. The smart meters allow readings every 30 minutes (it's never been clear to me why you can't get a minute/second accurate reading locally). Due to this, people tend to 'watch' the figures more - become more aware of usage and generally use less.

Same thing is well documented with water metering...

3
1

Stop the press: Journos not happy losing jobs to journo bots, say journos

DJ Smiley

Re: > and actually increases the need for the very human skills that good journalists embody...

The funniest bit to me is that the fact because the robots won't feel the need to blow stuff out of prospective, there'll be no more 'fake' news as such.

4
5

Linus Torvalds lashes devs who 'screw all the rules and processes' and send him 'crap'

DJ Smiley

Re: Grasshopper ...

If he's read (and understood) the entire Linux Kernel then he's a better man that me (and most probably Linus who'd be happy to admit it too.

2
0

Cloudbleed: Big web brands 'leaked crypto keys, personal secrets' thanks to Cloudflare bug

DJ Smiley

Re: xhml5

or they could just not parse html...

5
0

Scottish court issues damages to couple over distress caused by neighbour's use of CCTV

DJ Smiley

Re: 5 days

I thought this too, concidering my CCTV records for about 3 months at a time, 5 days is laughable.

But mine only covers my drive (which I don't really consider private anyway) and the public road where both neighbours park their cars sometimes. Both neighbours are aware and happy for the CCTV to be there (It was installed by the person who lived here prior) and it's managed to capture two break in attempts on cars which were passed onto police.

Why you'd have CCTV recording a back garden is questionable - you could have it covering the part of the garden concidered 'shared access' but by the sound of things this was directly setup to monitor the entire garden including that which is the other tenants.

3
2

Revealed: Malware that skulks in memory, invisibly collecting sysadmins' passwords

DJ Smiley

Re: Cybercriminals and open source exploit code

The infectee runs a exectuable.

2
0

GitLab.com melts down after wrong directory deleted, backups fail

DJ Smiley

At my 2nd day of a job, I deleted the entire stack of the test system with a misplaced rm -rf.

I crapped myself thinking I'd be instantly fired. My boss made some 'angry' sounds, then told me it's not the biggest issue as they needed to try a fresh install of the new version anyway (as thats' how the new version would be rolled out in production rather than upgrading, which is what they normally did on the test servers.)

This also allowed them to fully test the backups, pulling the older data from the production backups, anonymising it as required and also finding some faults with various processes that were included but didn't work after the upgrade. In all the test system was down for about 4 days instead of 1, but the fixing of the systems to allow it to get the go ahead in production took a month or more. If I'd not 'slipped up' then they wouldn't of known these issues until trying to go live in production and if so, it would of been a very long night of around 6-8 hours reinstalling the older version back into production (after the 6-8 hours of installing and testing the new version).

This attitude of 'we can't afford to test it' is utter bollocks. You fire up as many vm's as required in the cloud, and you at least verify the _data_ is there, even if the functionality isn't. It's bad to find the code for the production system isnt' backed up as much as you think it is, it's unrecoverable to find out the data is gone.

These guys got lucky, if he hadn't taken that copy 6 hours before they'd be dead in the water and the company would be gone.

9
1

Chevy Bolt electric car came alive, reversed into my workbench, says stunned bloke

DJ Smiley

Re: Odd belief

We broke a handbrake cable in Iceland, it was -20C outside. After this happened they told us just to leave the cars in gear, and not put it on.

1
0

Home Einsteins help turn up 13 new pulsars

DJ Smiley

Re: How the hell does a star change its rotation?

I'm imagining it literally rolled over, it'd then appear to be rotating the other way from afar?

0
0

Insane blackhats behind world's most expensive ransomware 'forget' to backup crypto keys

DJ Smiley

Re: Sounds like...

Bitcoin is auditable - it's shown in the blockchain if anyone has paid (or in this case that no one has).

0
0

How the NYE leap second clocked Cloudflare – and how a single character fixed it

DJ Smiley

Re: "but we have external input making them unpredictable"

Trust, but verify. Applies to programs and users.

1
0

'Upset' Linus Torvalds gets sweary and gets results

DJ Smiley

Re: I wonder about the devs

I'm laughing hard, because basically we've gone from blaming the 'kids' to blaming the adults who teach them, who are mainly... us.

15
0

Major outage at broadband biz 186k

DJ Smiley

Re: Safety Net

That's because, despite how much the energy companies would like you to believe otherwise, they don't actually 'handle' the energy.

They simple broker how much usage they think they'll require, and make sure they put the numbers in, in good time for the production to be done.

Not quite the same with ISP's, where they are actually handling the data from point to point (and so when it falls over, it isn't actually 'still there').

3
0
DJ Smiley

Re: Is it just me ...

Where there's no money, there's no refunds.

Also, unless you've got SLA's with contracts to match, you'll have fun getting refunds anyway.

0
0

Top tech company's IP was looted by China, so it plans to hack back

DJ Smiley

Re: Errr

It's not, it's just costly to do so.

Obviously weighing up security vs ease is a hard one that we'll be battling with for a long time to come.

4
0

Sysadmin told to spend 20+ hours changing user names, for no reason

DJ Smiley

While not as abusive, my own thought was 'can't you script this?'

Obviously if said educational institute doesn't want to fund the educating of an employee to be able to do such things then, they can enjoy [wasting|spending] said time doing it instead.

14
0

Google turns on free public NTP servers that SMEAR TIME

DJ Smiley

Re: Smearing

That can make things get really confused also, so it's a tricky one to be sure.

If you for some reason have something running at 23:59:59; and you check if it's running still 1 second later (expecting the time to be 00:00:00) - what do you expect will happen?

3
0

SHIFT + F10, Linux gets you Windows 10's cleartext BitLocker key

DJ Smiley

Re: What's wrong with that, Microsoft...?

Anyone doing remote/unattended upgrades should be capable of reading the articles on how to do this manually, create a clear key and save it to the drive - along with the appropriate warnings about doing so (I'd be worried if anyone has un-monitored access to their physical servers anyway).

Doing it by default is just plain ignorant, stupid and possibliy malicious.

It's not impossible for me to have dns claim my server is updates.microsoft.com (or whatever the address is now) and tell windows I have a 'new upgrade' package for it to install. Suddenly this looks very dodgy indeed.

4
0
DJ Smiley

Re: This, because we can't overwrite files that are in use.

No you don't.

You need to remotely have the system request the password of a user who has the ability to create the clear text key, you then save that key, get to the system whenever you want (and however you want); put the key back; reboot it.

It reboots back up, and unencrypts the drive for you while it does it.

0
1

A cardboard desk? I won’t stand for it (actually I will)

DJ Smiley

Re: Portability

Actually... they did make them do that...

http://www.shippingcontainersuk.com/brands/foldable_containers.php

0
0

Small ISPs 'probably' won't receive data retention order following IP Bill

DJ Smiley

Re: Dear Santa

Erm no it isn't.

The idea is the traffic cannot be viewed in transit, and not MitM'd unless they are placing the Man after your vpn exit point (i.e. another country.).

Of course to get around this will mean most companies will soon be hosted out of places where they can't be reached, along with moving their tax paying dollars there too.... oh, wait.

5
0

User needed 40-minute lesson in turning it off and turning it on again

DJ Smiley

Re: Can you hold down the power button

No, That's the return key, or 'Page return key' if we're being pedantic.

The enter key is 'normally' found on a numpad. My Dell provided input device clearly has this.

4
0

Arch Linux: In a world of polish, DIY never felt so good

DJ Smiley

Gentoo here! Far more pure!

Or something.

I have nothing useful to add :(

0
0

Hell desk thought PC fire report was a first-day-on-the-job prank

DJ Smiley

Can I turn it on? It's under 6 inches of water....

Working for a hell-desk for a medium sized pharmacy firm (street facing shops) and I have a call from a concerned pharmacist. Their store had flooded overnight and was still about 6 inches deep in water but they were some how operating by hand anyway.

So they asked if they could turn on the pharmacy computer, as some of the electrics had survived. I pondered this for a moment, then asked 'well is the computer wet?'. The answer, from someone who had done a number of years at university and was qualified to give me enough drugs to kill answered honestly 'well, it's on the floor so it's in the 6 inches of water, but I thought it might just work anyway?'

Needless to say I told them not ot turn it on under any circumstances, and let us know once all the pluming was sorted so we could look at getting a tech out for the computers...

36
0

GlobalSign screw-up cancels top websites' HTTPS certificates

DJ Smiley
Joke

Re: Wikipedia affected

I was SO expecting a 'Close Safari.... Use a real browser' type response.

12
1

TV5Monde was saved from airtime-KO hack by unplugging infected box

DJ Smiley

Re: Technicians

I find it amusing that something like this doesn't have 24/7 on site support.

0
0

One-way Martian ticket: Pick passengers for Musk's first Mars pioneer squad

DJ Smiley

Re: No idea why...

I'm wondering if we ignore the moon bceause the dust is so dangerous? You'd basically never be able to take anything from outside inside, due to all the cancer causing stuff.

I'm presuming Mars' dust is actually safer.

0
0

DDoS attacks: For the hell of it or targeted – how do you see them off?

DJ Smiley

Re: Cloud-based DDoS defences introduce delays

Because the two largest ever seen DDoS's were windows boxes right.

Yeah, exactly. I'm a linux user, but stupid comments like this help no one.

0
0

Google rushes in where Akamai fears to tread, shields Krebs after world's-worst DDoS

DJ Smiley

Does it matter if it's obvious?

These guys were making money from doing the DDoS's, from a business pretending to be a testing service.

I'd find it hard to believe anyone thought these guys were legit.

1
0
DJ Smiley

Re: The Only Way...

I'm thinking about a car analogy for this.

The Tesla ships with autodrive, it's great, it generally works, but it might kill you (or someone else).

Your responsibility as a driver, is to remain in control of the device you are using. Tesla's is to try and make sure you do.

Obviously, with IoT devices that you can't configure then ISP's need to outright block this traffic. This is something that's actually discussed in the original article (or one of the many I've read about this attack since). I'm starting to think we need a dual layered internet where the vast majority of users only have access to websites (and maybe force them to use https?) and anything more than this is an extra you opt into. Of course as soon as we did this then ISP's would jump on the chance to charge you for all the extras you need, vpn? charge for that, you host a server? charge for that... etc

I don't know what the fix is :(

4
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017