* Posts by G2

238 posts • joined 21 Jun 2007


World's largest CCTV maker leaves at least 9 million cameras open to public viewing


Re: It's not CCTV

@ Anonymous Coward - you didn't even bother to search and just made a statistical dump of zero numbers on the comment form, did you?

search #1 has some (weird) results about connected circuits and tv

search #2 ...

feniva.eu (around since 2006) and cloud-tech.eu (around since 2010) have a product name tagged exactly like #2 in the extended description - Cloud Circuit TV


video published on 11 Jun 2013



Re: It's not CCTV

CCTV = Connected Circuit TV or Cloud Circuit TV

Unless they spell it out as "closed", it can mean anything... usually, in China, CCTV means "China Central Television" - https://en.wikipedia.org/wiki/China_Central_Television

Not even ElReg's article bothers to fully write "closed circuit", they just use "CCTV".

Uncle Sam gives itself the right to shoot down any drone, anywhere, any time, any how


Re: what exactly do they define as a "drone"?

p.s. hmmmmm... i see that the actual words used in the bill are "unmanned aircraft"... that means that as long as they abduct a human and hold it onboard they are not "unmanned".


what exactly do they define as a "drone"?

ok.. but WHAT is their definition of a "drone"? would a Borg cube starship qualify? What about a Transformer autobot?

Does that mean that they effectively authorized any parking officer / traffic warden / office secretary / etc. to start acts of war against any unidentified flying object?

PayPal reminds users: TLS 1.2 and HTTP/1.1 are no longer optional


interesting typo

@ElReg: you have a typo in title:

"PayPal reminds users: TLS 1.2 and HTTP/1.1 are longer optional"

i think it was supposed to say "are no longer"

also... article published at 03:52 AM?... please get some sleep before posting things.

Samsung escapes obligation to keep old phones patched


Re: Phone contracts

if you as consumer don't buy directly from Europe then the minimum 2 years warranty does not apply.

Also, that minimum warranty period does not apply to goods purchased by companies, it only applies to purchases by consumers.

if Company X buys a batch of phones from China, with 1 month warranty - it's legal.

if person Y willingly buys a phone from China, with 1 month warranty - it's legal. The sale happens in China as far as the manufacturer is concerned, the fact that the phone is then moved to Europe - that's not their problem.

if person Y, in Europe, buys a phone from Company X, from Europe - then company X has to provide a minimum 2 year warranty.... but this warranty only covers the device "as is" at the time of the sale - it does not include any operating system updates. (unless explicitly included in the sale contract)

This is why many phone manufacturers don't give a crap about OS updates a few months after product release, because it's not their problem from the point of view of warranty laws.


Re: Phone contracts

In those contracts the phone manufacturer is often an unrelated third party (from the point of view of the contract), without any obligation to the customer.

When the phone services company purchases phones in bulk to re-sell, it often doesn't give a crap about support past the initial few months.

This is because in China there's no minimum warranty period mandated by law... and it must be specified in the contract. If the contract says that the warranty is only 5 minutes long after they buy a batch of phones, then that's the legal warranty that the phone manufacturer will provide.

If the contract doesn't mention warranty at all then tough luck... there's no warranty and your provider should pay for repairs/replacements out of their own pocket.. and they often don't.

FBI to World+Dog: Please, try turning it off and turning it back on



my router auto-reboots itself every day at 4 AM... =)

0 4 * * * sleep 120 && touch /etc/banner && /sbin/reboot

(the sleep & touch are needed to prevent reboot loops, this way it stores the 04:02 AM time as most recent known timestamp and won't reboot immediately)

BOFH: But I did log in to the portal, Dave


Re: I've been there

OH GOD, we just bought in december 2017 a crap load of HPE OfficeConnect switches and some ProLiant servers... but even if we have multiple volume licenses for Server 2016 bought directly from MS and we provided them with the license info, HPE REFUSED to even send us a single damned install disk with drivers for the servers and the stupid "HPE Intelligent Provisioning" wizard built in the bios was malfunctioning with the standard MS installers (we download the ISO for Server 2016 directly from Microsoft VLSC).

HPE's "Intelligent Provisioning" was causing this dreadful message to appear when trying to install Server 2016:

"Windows Setup could not install one or more boot-critical drivers. To install Windows, make sure that the drivers are valid, and restart the installation."

NO SHIT SHERLOCK... the drivers were built into the damn BIOS and installed by the installer wizard provided by HPE, how much more "valid" do you want to get?

Press F to pay respects to the Windows 10 April Update casualties


Re: Once, you hit F1...

just tried it now, F1 doesn't do anything in my Firefox. It's as if I didn't press anything.

according to https://developer.mozilla.org/en-US/docs/Tools/Keyboard_shortcuts

it only works in the developer tools now, and you have to press F12 or CTRL+SHIFT+i to enable that first.

Windows 10 Springwatch: See the majestic Microsoft in its natural habitat, fixing stuff the last patch broke


Re: Have they turned off the slupring yet

the answer to that is: somewhat.

you still get to choose only between Basic and Full.

The below-Basic, Security-level is only available for Enterprise Editions, the Enhanced setting is also available, but only via GPO because it contains Active Directory-related stuff in addition to the Basic stuff.

In 1803 (or 1804...or whatever they decide call it) they added a visualisation tool for the slurping - there's a Diagnostic Data Viewer added so you can look more easily at what data they are slurping. There's also a "Delete" button for the diagnostic data - pressing it will ask them nicely to delete the already-collected data from their servers, but only the data from the current device.

Torvalds schedules Linux kernel 5.0, then maybe delays 'meaningless' release


why use version numbers at all?

Version numbers are an artefact of the pre-internet era way of doing software development.

With today's continuous release and cloud platforms (github, etc) they should just dump out the version numbers completely and go for YYYYMMDD-style date stamps.

e.g. "release 20180416-S" has a lot more information included in the version than "release 4.15.whatever-rc3" - it indicates right there in the name WHEN it was the last release and whether it was a Stable or Release Candidate.

Microsoft patches patch for Meltdown bug patch: Windows 7, Server 2008 rushed an emergency fix


Re: I'll wait

you assume that they had systems to test the updates on in the first place... or that they bother to publish updates.

These days if a system is older than 12/24 months then most of them consider they no longer have any responsibility so they shovel out the door any remaining systems to sell as "manufacturer-refurbished".


Re: Microsoft should be held accountable for there defective code

or, 4) nobody is perfect and you cannot test for the millions of configuration variants out there. Even you used a BIG typo in your comment code up there: s/there/their/

If you want "perfect" code then write your own OS. And drivers. And design and bake your own silicon chips to avoid any potential CPU meltdown or architectural design variations.

Modern systems are in continuous evolution, the old tests are already obsolete by the time the finished, supervisor-reviewed, manager-approved test schedule sheet rolls out of the office printer.

If you want those back then what are you doing on the internet? The internet is a real-time, continuously-changing environment. Someone wants a change in one part of a software to work with a new gadget on the market and then suddenly something else that was depending on the old version won't work as it used to and needs to be brought up to date.


Transport for NSW scrambles to patch servers missing fixes released in 2007



given that IBM is dealing mostly with companies (or should i say "exclusively"?), i'd say that is standard behaviour in Europe.

You are lucky to have such a consumer law in Australia that allows companies to be considered as "consumers" because here in Europe you're generally fucked if you have a consumer-type issue and you are not a natural person. :(

Under EU law, the notion of consumer does not extend to legal persons (companies), even if they have a non-business character (e.g. non-profit associations). So, if it's not directly written in a contract then it doesn't exist. There are some minor differences from this in some EU countries but generally that's the rule.


quote: ‘consumer’ means any natural person who, in contracts covered by this Directive, is acting for purposes which are outside his trade, business or profession; /quote

Not even self-employed traders or family businesses can be considered as "consumers" - but there are, again, some minor differences to this rule across EU countries.

Stock trader gets two years in prison for pumping up with Fitbit


Re: The power to cloud men's minds

try reading the Helliconia trilogy by Brian Aldiss... it's set in a binary star system that causes extremely long seasons that last for centuries. The Winter book sounds similar to your description but in Aldiss' book it's the extremely long Great Winter that affects the human civilization, not a nebula.


(with double "L"s!)

Android P will hear no evil, see no evil, support evil notches





Fun fact: US Customs slaps eyeglass taxes on optical networking gear


Re: Tax on Glasses?

newsflash: DKNY is a Luxottica brand/product and their revenue ends up reported on Luxottica's balance sheet at the end of the fiscal year - so, yes it matters to shareholders and tax authorities.



expensive internet service

that's an additional explanation why US internet providers are crap at deploying fiber internet access - the import fees for optical fiber equipment and access routers for millions of customers must be horrendous.

In addition, each separate SFP module will have a separate fee applied since it's technically a distinct device, usually shipped and purchased in separate packages too.

yes for each SFP module.


This can lead to having to pay multiple times the same fee for a single equipment that has multiple optical interfaces, one fee for each optical interface. That's crazy.

The strange case of the data breach that stayed online for a month


ElReg cache flush

"We therefore asked Google if it offers service levels for requests to flush its cache. The company told us it wouldn't comment on an individual case [...] Neither really explains how it would respond to a request to remove data from its cache."

well, D'OH... you basically asked if water is wet.


go to the link where they told you to go, you have to verify ownership of the site and then you can dig in settings to flush cache and pretty much nuke everything related to that site's presence on Google.

Bing and the other major search engines have similar options, so it's a bit of a whack-a-mole to do that with various search engine caches.

The site owner can also add a robots.txt to the website with:

User-agent: *

Disallow: /

US Pentagon scrambles after Strava base leaks. Here's a summary of the new rules: 'Secure that s***, Hudson!'


Re: never let it be said

it's anonymized and don't worry - it's just metadata.

quoted from various 3-letter-agencies.


PACK YOUR BAGS! Two Trappist-1 planets have watery oceans, most likely to be inhabitable


error: spellcheck not available

"Celcius", really?


Who's using 2FA? Sweet FA. Less than 10% of Gmail users enable two-factor authentication


Re: Google security...is a joke

P.S.: or report it here:



Re: Google security...is a joke

you can do this: enable advanced protection with U2F keys.

one of the steps when enabling advanced protection is to WIPE ALL application-specific passwords and prevent the use of such application passwords.

Change your main account password after that.


if that application still works after those steps, send a message to security[_AT_]google.com


Re: Google or Hackers?

that "just Gmail" account is not just for email.. if your phone is connected to the account (and it needs to be, if you want email) then the account can be used to enable remote GPS tracking, make the phone ring for 5 minutes in case you misplaced it, or even send a remote WIPE command to the phone, just by logging in to the account on any computer. Email is just a tiny fraction of the functions it has.



Re: SMS 2FA shouldn't even count as "security"

Google supports FIDO U2F hardware tokens/keys = no more SMSs needed, and if you enable the Advanced Protection Program setting for your Google Account then U2F keys are mandatory for login.

(you will need minimum 2 keys, just in case one of them malfunctions)



when you enable the advanced protection mode Google will even prevent the use of SMS for authentication or account recovery because U2F is then mandatory for all account operations.

Hehe, still writing code for a living? It's 2018. You could be earning x3 as a bug bounty hunter


factcheck: fail result


that's Boba Fett from Star Wars:The New Republic Anthology not from Firefly


There are some rumours that a Star Wars film centred on Boba Fett will come out around 2020-ish.

@ElReg: your image was an obvious troll for Star Wars fans... let's call it an article bug :)

Industrial systems scrambling to catch up with Meltdown, Spectre


re: points for giving the advisory a 2017 timestamp


Johnson & Johnson: "January 12, 2017 - Product Security Notification for Meltdown and Spectre"

and in the page footer note:

" All contents © Johnson & Johnson Services, Inc. 2016. All Rights Reserved.

Last Updated: 05/04/2016 "

J&J's web developers/redactors are either asleep when coding or amazing time travellers... did anyone check for a Tardis nearby?

Your connection is not Brexit... we mean private: UK Tory party lets security cert expire


Re: Another autoplay video!

and they designed it to start at MAXIMUM volume... OUCH, my ears!

It gets worse: Microsoft’s Spectre-fixer wrecks some AMD PCs


Re: Redmond office hours only

some home PCs are probably selected by MS for selective deployment testing.

Check the Feedback & Diagnostic settings on those home PCs that receive early updates. My guess is that you'll find them set at either Enhanced or Full feedback.

If Australian animals don't poison you or eat you, they'll BURN DOWN YOUR HOUSE


ok.. so birds finally invented fire.

wake me up when they invent space travel, in a few [million] years.

or a black monolith with the dimensions 1 : 4 : 9

(1 : 4 : 9 : 16 : 25 : 36 ....)

Here come the lawyers! Intel slapped with three Meltdown bug lawsuits


P.S.: in the above post by CPUs i mean manufacturers that offer x86/x64 compatible CPUs not special industrial / RISC CPUs... those are another kettle of fish.


re: lightspeed lawyers

those are not lawyers, those are ambulance chasers.

a real lawyer with IT knowledge would have known that there is practically NO SUCH thing as a CPU on the market these days that is not affected by Meltdown and/or Spectre, they all are, even ARM or Qualcomm. It's an industry-wide bug.

Such a CPU has not been seen since speculative execution acceleration was introduced about ~20 years ago. If they want a CPU without speculative/pipeline execution they should go back to 80286, or better yet 8086 processors to be "safe".

Either that or they should wait for the industry to design and release new silicon that's safe, and since silicon development, testing and release cycles take about 2 years, we should have the new CPUs by 2020 or 2019 if we're lucky.

Windows Update borks elderly printers in typical Patch Tuesday style


dot matrix

in some places these printers are preferred because of their ability to print on practically endless kilometers-long continuous-style paper.


such use cases are: transaction / financial logs, emergency services call detail records, EV/DV certificate issuance by a certification authority or any other case where you need to have some sort of minimal auditable paper trail in case that the electronics go tits up.

Continuous paper is the VERY literal definition of the term "paper trail".

Mozilla devs discuss ditching Dutch CA, because cryptowars


Re: Isn't it about time...

and they probably will do for *.google.nl, *.blogspot.nl, *.yahoo.nl.

in fact, they will probably just skip to forcing PKIOverheid to issue them *.nl certificate(s) for MITM.

What just trousered a $4.5bn profit, has glum desktop chip sales, and rhymes with go to hell?


What news site just entered the "fake news" section?


WTH is with all these "What just..." stories today? The article titles start to look like copy-paste clickbait.

I can see no less than 4 (FOUR) articles with similar titles, and they are even displayed together in a funny L-shaped group, 3 horizontal and one above.

Seriously, please stop with the déjà vu titles. The articles are tagged as written by different authors but i really doubt those people names are really the authors since the four different articles have such titles:

What employs half a million people, just did $44bn in sales, and rhymes with Azerbaijan?

What just trousered a $4.5bn profit, has glum desktop chip sales, and rhymes with go to hell?

What just banked $7bn in pay dirt, is stroking its big growth, and rhymes with cold sweat?

What just counted $24bn in receipts, and rhymes with psycho loft?

Sick burn, yo: Google's latest Pixel 2 XL suffers old-skool screen singe


i have AdBlock and NoScript too.. the problem is that that host (50_28_ etc) is blacklisted via SafeBrowsing for malware and phishing.


enter just the host address there and check.


beware that my antivirus started screaming and lighting up like a Christmas tree when i tried to visit that nibroadcast URL. it's infected.

url path of the infection contains host 50_28_72_138 (dots removed)

Apple Cook roasted for Chinese app takeaway


double standards.. they've heard of it.

Pot calling kettle black, meh.



s/Middle Kingdom/Uncle Sam/g

s/Cyberspace Administration/Homeland Security/g

and the article text remains equally valid. Here's the text after those changes:

(<sarcasm> starts)

Apple Cook roasted for American app takeaway

Cruz missile targets iPhone head honcho for pulling software from shelves at Uncle Sam's behest

A pair of senior US Senators are calling out Apple CEO Tim Cook for what they call "enabling the American government's censorship and surveillance of the internet."

Senators Patrick Leahy (D-VT) and Ted Cruz (R-Zodiac) said this week they are concerned with how quickly Apple caved to demands from the American government to remove VPN apps from its USA App Store.

"As you know, USA has an abysmal human rights record, including with respect to the rights to free expression and free access to information, both online and offline," the open letter [PDF] to Cook read.

The pair of legislators went on rattle off a few of the more damaging accusations against USA – specifically, its crappy record on human rights – before noting that Cook himself was recently lauded for his support of free speech as the CEO of Apple.

Then, they proceed to bring up the incident earlier this summer, when Cook admitted that obeying to censorship demands and pulling VPN apps was just the cost of doing business.

"While Apple's many contributions to the global exchange of information are admirable, removing VPN apps that allow individuals in USA to evade the Great Firewall and access the internet privately does not enable people in USA to 'speak up'," the letter reads.

"To the contrary, if Apple complies with such demands from the American government it inhibits free expression for users across USA, particularly in light of the Homeland Security of USA's new regulations targeting online anonymity."

Now, the bipartisan duo want Cook to explain himself and issue a response to 10 of their questions, including whether Apple was personally asked to pull the VPN apps by American officials, what the biz did to oppose the demands, and how the iPhone maker expressed its concerns, if any, to the American government before its latest anti-internet-freedom laws were enacted.

Additionally, they want to know what, if anything, Apple has done to promote free speech in USA and what it has done to push for human rights and better treatment of oppressed groups on the mainland.

So far, Apple is maintaining radio silence on the letter.


Western Dig's MAMR is so phat, it'll store 100TB on a hard drive by 2032





August 8, 2017

Disk drive and position correction method

Inventors Masakazu Abe

Original Assignee Kabushiki Kaisha Toshiba



"WDC has moved the final joint closer to the read/write head and called it a multi-stage micro actuator with finer track positioning capability."

quick search of Google.com/patents shows:

Multi-stage actuator with writer position determination capability

US 9019650

April 28, 2015

Inventors Ximin Shan, Jye Kai Chang, Sandeep Sequeira

Original Assignee Seagate Technology Llc

Filed: April 30, 2014

Seagate? hmmm, i thought we were talking about WDC here.


Re: Bah...

= wife-assisted magnetic recording?

It's Patch Blues-day: Bad October Windows updates trigger BSODs


"clear the cache on WSUS servers" - WTF.. is he crazy? What has he smoked?

The WSUS caches on my servers are 200+ GIGABYTES on each server. One of them is configured to download express updates instead of normal... that one has a regular WSUS cache of about 900 gigabytes just by itself.

That cache flush would mean re-downloading terabytes of data just to fetch ~99% of the same data that the servers already have and it will take almost a week for the caches to recover.

Dot-Amazon spat latest: Brazil tells ICANN to go fsck itself, only 'govts control the internet'


and before Brazil decided to squat on the [domain] name, the word "Amazon" had already been in use for literally THOUSANDS of years.

So.. following Brazil's line of reasoning, the .amazon TLD should be given to Greece.


In Greek mythology, the Amazons (Greek: Ἀμαζόνες, Amazónes, singular Ἀμαζών, Amazōn) were a tribe of women warriors. Apollonius Rhodius, at Argonautica, mentions that Amazons were the daughters of Ares and Harmonia (a nymph of the Akmonian Wood). They were brutal and aggressive, and their main concern in life was war.


New Horizons probe awakens to receive software upgrade



hopefully they learned from the printer/IoT industry not to perform remote firmware upgrades without a full reboot before attempting anything and then checking the signature of the received file.

replacing a bricked system board for this is not as easy as for a printer.

Missed patch caused Equifax data breach



That's amazing! I've got the same combination on my luggage!


Pack up, go home to your family: Google Drive is flipping out


Re: Do your own - it's safer


Synology? have you even READ their EULA? Their management software and firmware can come with "audit" spyware built-in and it's written right there in the EULA that you have to agree to when you first configure the NAS. Their software = agent authorized by Synology. The built-in remote kill switch is also covered by the EULA.


Section 7. Audit. Synology will have the right to audit your compliance with the terms of this EULA. You agree to grant Synology a right to access to your facilities, equipment, books, records and documents and to otherwise reasonably cooperate with Synology in order to facilitate any such audit by Synology or its agent authorized by Synology.

Section 15. Termination. Without prejudice to any other rights, Synology may terminate this EULA if you do not abide by the terms and conditions contained herein. In such event, you must cease use of the Software and destroy all copies of the Software and all of its component parts.

"component parts" = your data. it's a component part of the NAS.


video streaming coming to Google Drive for organizations

just saw one of the key features of the new tool

Stream files on demand

since Youtube was given a facelift recently, that video streaming feature in Drive will probably have a similar interface to the new Youtube.


Black Helicopters

Re: My FTP repo, OTOH,

even if the server(s) hosting the files is(are) in Russia or Switzerland, that's still under USA jurisdiction... well, at least according to them





Biting the hand that feeds IT © 1998–2019