* Posts by Adam 1

1614 posts • joined 7 May 2012

Microsoft reveals career-enhancing .PNG files

Adam 1
Silver badge

DevOps Certified ....

0
0

Australia's new data breach disclosure laws have a rather floppy definition of 'breach'

Adam 1
Silver badge

I read/watched/heard recently about a particular data breach. The vendor had in between the time the breach occurred and the time they discovered it changed something about how they stored the passwords, so they judged it unnecessary to inform anyone who had a new structured password. On one level it makes perfect sense as "someone has just stolen your old password you don't use anymore" doesn't sound like a big issue. Of course it means that anyone using the same password for their e-mail or other services is waiting to be pwned. I would name names if I could remember. So in short, yes, self appraisal of the seriousness of a breach (particularly from companies who don't deal in security day in and day out) is rather problematic.

0
0

South Australia blacked out by bad bespoke software, not wind farms

Adam 1
Silver badge

well called Richard

As you predicted, a safety mechanism caused by grid issues caused these generators to perform an emergency safety shutdown. Did exactly what it should have.

Why the grid operators and generators hadn't specifically consulted each other on what those thresholds should be is very much a live question. The fact it took them so long to acknowledge the cause is also regrettable as it allows the opportunist pollies to come out. I wouldn't hold my breath for an apology from them however.

1
0

US government wants Microsoft 'Irish email' case reopened

Adam 1
Silver badge

Re: users don't control where data resides?

> Why don't they buy an island, make their own country, and move their HQs there?

Yes, you can host with Oracle if you like.

0
0

SHA3-256 is quantum-proof, should last BEELLIONS of years, say boffins

Adam 1
Silver badge

Re: Turn that one on its head

> If this, or other, research comes to fruition, doesn't that make the limitations asserted in the article irrelevant?

I wouldn't worry too much about our research coming to fruition. "Efficiency dividends" will ensure these sorts of projects get shelved.

0
0
Adam 1
Silver badge

Re: Hash functions

> it is the ease (or otherwise) of engineering such a collision so that you can fake a digital signature for nefarious purposes.

Let's be honest here. Nefarious actors can just tell Wosign that they own github. No collisions necessary.

1
1
Adam 1
Silver badge

Re: Hash functions

> mapping data of size > n into a space = n creates collisions.

Formally known as the Pigeonhole Principle.

0
0

US reactor breaks fusion record – then runs out of cash and shuts down

Adam 1
Silver badge

Re: We should not forget

> Theres always that eCat thing... The one that lives in a shipping container full of AA batteries that nobody is allowed to open when they "test" it.

I'm sure that uses fusion.

Not quite. It's a bit hard to explain, but in essence you have what looks like a miniature wind turbine, except attached to each blade is an array of cats, arranged in such a way that some of them always have their feet up in the air. The feline self righting principle then takes over causing the turbine to spin at very high velocity. Most of the box is simply sound proofing (very high rpm) and the inverters to produce AC and various step up transformers (largely off the shelf stuff).

2
0

Court finds GCHQ and MI5 engaged in illegal bulk data collection

Adam 1
Silver badge

> Crime, but where's the punishment?

Oh it's there, you must have missed the bit where the staff were warned. That'll teach them...

2
0
Adam 1
Silver badge

> Internal oversight failed, with highly sensitive databases treated like Facebook to check on birthdays, and very worryingly on family members for ‘personal reasons’.

So who's in jail?

The biggest problem with these sort of databases is the complete disregard for oversight. When was the last time you heard a TLA ask their ministers'responsible for additional penalties against their own who are caught doing the wrong thing? No, the solution is always apparently additional powers, secret orders, unwarranted surveillance, indefinite detention without charges etc. Here's an idea. How about they start behaving above reproach with the powers they have today before asking for more?

4
0

ShadowBrokers put US$6m price tag on new hoard of NSA hacks

Adam 1
Silver badge

Re: Password revealed

That's the password on my luggage!

0
0

Casino cops are coming if we can't move all this cash in a hurry

Adam 1
Silver badge

And here I was thinking that casino's were benevolent organisations looking out for the little guy.

1
0

FYI: Amazon's corner stores scan your plates

Adam 1
Silver badge

Re: So, ....

"Others who purchased a Volkswagen also purchased 'new gear box for ...."

0
0

Bureau of Statistics hides trade data about monitors. Yes, monitors!

Adam 1
Silver badge

> We'll never know because applicants request restrictions on trade data through a confidential process: the Bureau of Statistics won't ever divulge who requested data be fuzzed, or why.

Unless they accidentally publish it in a senate inquiry submission outlining why various bungles were everyone else's fault and that they can be trusted on privacy.

2
0

Oz gummint's de-anonymisation crime is as mind-bendingly stupid as we feared

Adam 1
Silver badge

I guess we can all be thankful that the current mob will accidentally vote against it.

2
0

Brandis' boffin-busting de-anonymisation crime legislation has landed

Adam 1
Silver badge

solving the wrong problem

OK George, you clever boy. You solved the problem so that law abiding citizens can't de-anonymise the data. Job well done.

Can you now solve the other part? I mean the bit about preventing non law abiding citizens and foreigners who are not subject to our laws from doing the same. Then we can draw a line under it and move on...

1
0

Australian randoms are chill with Internet data retention

Adam 1
Silver badge

> Australians who don't what the nation spends on defence also don't mind the country's data retention regime.

Guessing that quote isn't from their School of Literature, Languages and Linguistics....

0
0

Command line coffee machine: Hacker shuns app so he can stay at the keyboard for longer

Adam 1
Silver badge

Re: Security bug?

Don't even make jokes about such matters. Someone should report him.

1
0
Adam 1
Silver badge

Re: Why aren't they following the standards ?!

You assume that the standard has been ignored, but I have seen no evidence that this "researcher" has even set the evil bit correctly.

https://www.ietf.org/rfc/rfc3514.txt

0
0
Adam 1
Silver badge

Re: Nuff said

Oh it's worse than you think. You can flash the whole machine, permitting a malicious actor (whom I will assert to be a nation state because that seems to be the thing™) to change settings so it always makes American coffee.

The bastards...

4
0

Crypto needs more transparency, researchers warn

Adam 1
Silver badge

One issue/feature/fact of life about DH is that whilst on paper it takes however many gazzillion years to reverse, if they are created using the same base seed then the first four phases of the algorithm can be precomputed leaving just a minute or two of actual computations needed on the specific key used.

Now consider some of those bullet points. A small handful of precomputed keys gets you practical computational access to most of the VPNs in use. Don't get me wrong, precomputing the seed is not cheap, but we live in a time where large CDNs can be overwhelmed by IoT video devices, so the "it would cost too much" argument only holds water if Mallory is paying the bill.

0
0

Don't panic, but a 'computer error' cut the brakes on a San Francisco bus this week

Adam 1
Silver badge

Wait! Who broke brake? I said no breaking changes, not no braking changes! Ah hang on. I think I can see the confusion.

0
0

FBI wants to unlock another jihadist’s iPhone

Adam 1
Silver badge

Re: unlocked ? WTF?

They should have expected someone to commented on that.

2
0
Adam 1
Silver badge

Re: Killswitch?

Yeah, iOS already does that. Hence the San Bernardino incident. Otherwise they would have just brute forced it.

4
0

'Please label things so I can tell the difference between a mouse and a microphone'

Adam 1
Silver badge

Re: Label you, label me, label us all together

> quite a few people , when learning to drive, have to have their hands labelled "L" and "R"

I know some who need "R" and "the other R"...

1
0

Crooks and kids (not scary spies paid by govt overlords) are behind most breaches

Adam 1
Silver badge

Re: "Dropbox" ".. halfway through moving from the ageing SHA1 technology.."

It's actual difficult to change password algorithms when your user base is casual and you are using a hash because you have no way of determining the hashed password other than brute force, dictionary or rainbow attack, you have to passively wait for the user to authenticate again and force them through the change password roundabout.

4
0

Never explain, never apologize: Microsoft silent on Outlook.com email server grief

Adam 1
Silver badge

weird

When their cloudy visual studio login stuff went down a few months back they were incredibly open about the timelines, what went wrong, what lessons they had learnt etc. Sad if they are reverting to form.

1
0
Adam 1
Silver badge

Re: Naughty El Reg

Maybe Barbra Streisand can email Satya for you?

6
0

18 seconds that blacked out South Australia

Adam 1
Silver badge

Re: That table actually tells us why Turnbull is right

Let me counter your analysis with a simple question.

Do you think that 2 wind farms that are 100Km apart would switch off within 0.05 of a second of each other because they independently judged the wind speed too strong?

Or is it just possible that they both went into a controlled shutdown after some safety system noticed something very bad about the grid they were feeding as indicated in the article?

6
1

'My REPLACEMENT Samsung Galaxy Note 7 blew up on plane'

Adam 1
Silver badge

Re: Get real

SAMSUNG BATTERIES GO KABOOM. Milton cries atrocious.

1
0

Australia's e-Senate vote count: a good start but needs improvement

Adam 1
Silver badge

Re: why paper at all?

No thank you. That would only serve to reduce the transparency of the process. I have no major quarms about a self service kiosk system that lets people fill out their intention and prints out the form to be placed in the box (real toner on real paper that is, not a receipt printer that fades a week later) but there are a number of practical challenges for handling faulty hardware, and ensuring booth attendants can't ballot-stuff.

0
0
Adam 1
Silver badge

> For most of the other States, it seems it would take a lot of errors to change the outcome

I know it's a quote, but it seems that someone has forgotten many many many years ago in 2013, the WA senate election had to be rerun because a small number of ballots went missing whilst being transported for counting and it was realistically possible for preference flows to go one of two ways which changed the number of labor, liberal, pup and green senators depending on that variation.

0
0

Good God, we've found a Google thing we like – the Pixel iPhone killer

Adam 1
Silver badge

is there a Pixel 5c?

You know, the one with a 5% slower CPU, a bit less glass and aluminium and a bit more plastic, a camera with a smidgen less terapixels but with a pricetag that more resembles the Nexus 5?

6
0

True man-in-the-middle: Transmitting logins through the human body

Adam 1
Silver badge

Re: An even better form of authentication:

I've heard about these mythical "house keys" that allegedly work even if they're flat.

4
0

SpaceX searches for its 'grassy knoll' of possible Falcon rocket sabotage

Adam 1
Silver badge

Re: Eliminated the obvious

> Now going for the long shots.

ICBM what you did there.

14
0

Source code unleashed for junk-blasting Internet of Things botnet

Adam 1
Silver badge

Re: Bah!

> How do we clean house?

There was this novel approach after the blaster worm hit in 2003.

https://en.m.wikipedia.org/wiki/Welchia

1
0
Adam 1
Silver badge

Re: Lack of regulation, blah, blah

> could vs could not care less for left pondians.

https://www.youtube.com/watch?v=om7O0MFkmpw

1
0

Apple to automatically cram macOS Sierra into Macs – 'cos that worked well for Windows 10

Adam 1
Silver badge

Wow!

In case anyone missed the tech news of the year:

> has confirmed to El Reg

36
0

Apple's Breaxit scandal: Frenchman smashes up €50,000 of iThings with his big metal balls

Adam 1
Silver badge

> the attacker put his hands around the throat of one of the guards

He's holding him wrong!

4
0

Dirty diesel backups will make Hinkley Point C look like a bargain

Adam 1
Silver badge

According to the guardian, 3 of the 4 lines feeding Adelaide from the north were taken down from 22 downed towers at 5 different places.

The coal plant they mothballed because of these wind farms is at Port Augusta. Those who down voted you evidently haven't ever looked at a map or think that coal power is magical and can be delivered to the population centres without these transmission lines.

2
2
Adam 1
Silver badge

> Wind makes the grid flakier, as Aussies found out this week. No sooner had the state of South Australia boasted about “going zero carbon” then it suffered black-outs.

No, they found that out a few weeks back when the Victorian interconnect was down for maintenance at an unfortunate time.

The statewide blackout was caused by a bunch of high voltage towers were downed by a rather large storm. You know, the ones between all power plants including the coal, gas and hydro plants and the national grid. Maybe their base load capacity is too low, but that is unrelated to their blackout this week. Renewables FUD is no better than nuclear FUD.

1
4

Crypto guru Matt Green asks courts for DMCA force field so he can safely write a textbook

Adam 1
Silver badge

Perhaps he should rather look out on the internet to see if any "ghost writers" have written a "similar" textbook and he could maybe just offer to write the foreword?

1
0
Adam 1
Silver badge

Re: gmail is the answer

Doesn't Adobe have a cloud of some sort?

1
0

Sad reality: Look, no one's going to patch their insecure IoT gear

Adam 1
Silver badge

wait

Hello Barbie does what? Oh right, different products.

8
0

Smartphone lost on QANTAS 'began hissing, emitting smoke and making orange glow'

Adam 1
Silver badge

Re: Is it just me

Meanwhile, one of the cattle class features is how if you drop your PED, the only place it can be is in your neighbour's lap. There's simply not enough room for it to fall in between.

4
0

Australia wants law to ban de-anonymisation of anonymous data

Adam 1
Silver badge

FFS George, our problem with the census and it's ilk isn't just those law abiding citizens. It includes the less savoury types who are already flaunting several laws to get it in the first place. There's also the small matter of the more than 6 billion people out there who are not subject to our laws.

Rather spend your effort instilling a culture of individual's privacy, to only collect the minimum data required to perform the specific functions and to viciously guard against mission creep by unaccountable bodies. Cut bonuses from departments that leak private data and use it to compensate the inevitable victims of those leaks

3
0

nbn™ dumps Optus HFC, will use fibre to the kerb for ≈700k sites

Adam 1
Silver badge

> noting that while its original agreement with Optus was for “progressive migration of subscribers to the nbn™ network and the eventual decommissioning of the Optus HFC network.”

Why should nbnco care about that? As clearly demonstrated, their HFC network isn't able to deliver the scaling needed. From optus's perspective, they are being paid to shutdown a network they would have mothballed for their own commercial reasons or if they truly believed in the future scalability they would need to invest their own dollars in it. In short, this dumb decision means that taxpayers pay optus for doing what they would have eventually done on their own.

0
0

Internet of Things security? Start with who owns the data

Adam 1
Silver badge

> Referring to the recent DDoS of Brian Krebs, which was powered by an IoT botnet – “cameras, lightbulbs and thermostats” all generating 990Gbps of traffic, “which would take most government websites down”

Not saying much there. You'd only need half a dozen to take down the ABS census site.

2
0
Adam 1
Silver badge

Re: The problem is a lack of imagination...

The same sort of thing happened a few years back with I(di)OT smart light bulbs.

http://www.bbc.com/news/technology-28208905

1
0

The server's down. At 3AM. On Christmas. You're drunk. So you put a disk in the freezer

Adam 1
Silver badge

Shirley it would have been easier

... to tell them to call a guy to fix it like last week's printer guy and head back to bed?

16
0

Forums