* Posts by fnusnu

155 posts • joined 8 Nov 2012


Behold… a WinRAR security bug that's older than your child's favorite YouTuber. And yes, you should patch this hole


I make a point of replacing WinRAR with 7zip when I am the 'home helpdesk'. WinRAR seems to be very popular in the former Soviet Union / Eastern Europe.

Data-spewing Spectre chip flaws can't be killed by software alone, Google boffins conclude


So which chips are now secure against spectre / meltdown?

It's 2019, and a PNG file can pwn your Android smartphone or tablet: Patch me if you can


It would be extremely helpful if the message you get when you click on System Updates was 'Your device is no longer supported', rather than 'Your system is up to date' if it no longer gets updates.

IBM HR made me lie to US govt, says axed VP in age-discrim legal row: I was ordered to cover up layoffs of older workers


Re: Changes staying the same

Nope: https://en.m.wiktionary.org/wiki/plus_ça_change,_plus_c%27est_la_même_chose

xHamster reports spike in UK users getting their five-knuckle shuffle on before pr0n age checks


What actually happened is that the radio stations play French music in the small hours when no one is listening

IBM insists it's not deliberately axing older staff. Internal secret docs state otherwise...


Re: I hope IBM gets crucified


New side-channel leak: Boffins bash operating system page caches until they spill secrets



So they found a bunch of insecure router firmware. Why didn’t they test openwrt or similar to at least give people a fighting chance of finding something secure?

Corel – yeah, as in CorelDraw – looks in its Xmas stocking and discovers... Parallels


Is the business plan

To get people to actually pay for winzip? Did anyone? Ever?

Marriott's Starwood hotels mega-hack: Half a BILLION guests' deets exposed over 4 years


Re: Card numbers

My key problem with REvolut is this:

3.4. When we hold Electronic Money for you, us holding the funds corresponding to the Electronic Money is not the same as a Bank holding money for you in that: […] © your Electronic Money is not covered by the Financial Services Compensation Scheme.

When selling security awareness training by email, probably a good shout not to hit 'reply all'


Bit rich of El Reg to have a pop seeing as radarone.co.uk (whose security whitepapers they flog) had an expired certificate when I went to their site a couple of weeks ago...

Joe Public wants NHS to spend its cash on cancer, mental health, not digital services


Technology is the only way the NHS can continue without being overhwelmed.

Oh, and fatty lard-buckets getting off their portly posteriors and doing some exercise.

If Shadow Home Sec Diane Abbott can be reeled in by phishers, truly no one is safe



She's thick as mince and an Arts grad to boot. Why should she be any better at spotting a phishing call than 99% of the population?

Web browsers sharpen knives for TLS 1.0, 1.1, tell protocols to dig their own graves for 2019


It's been educational to set firefox to allow TLS1.2 only and see what breaks.

Solid password practice on Capital One's site? Don't bank on it



Not that you see a techy in a double cuff shirt very often ;)

UK.gov went ahead with under-planned, under-funded IT upgrade? Sounds about right


And the commentards on the People's Republic of El Reg

Want these buffoons to run our railways, water, and electricity!

Welcome! Mimecast finds interesting door policies on email filters


Re: We are getting mad about end-to-end encryption for chat messages...

Sensitive data should not be sent unencrypted via email.

You want how much?! Israel opts not to renew its Office 365 vows


Microsoft's response

Here you go:

Microsoft respects the views of the GPA and is working to better understand their requirements. We recommend that all our customers move to an annual pricing model in order to receive the benefits of the latest updates to our software.

The last phablet? 6.4in Samsung Galaxy Note 9 leaves you $1k lighter, needs 'water cooling'


Re: Nobody buys Samsung anymore...

The hardware is great, but they don't support the software for very long...

Tech Shutdown Blows: IT chaos cost Brit bank TSB almost £200m

Thumb Up

Re: It's gonna cost more than that...

Ooh! I spot a new El Reg measure. 1 persterf*ck = £200m :)


Re: And lessons learned ?

Correct. Like the British Army, they have a stack of lessons identified...

BT's Patterson keeps his £1.3m wheelbarrow of bonus cash after all


This shit gives free markets and capitalism a bad name.

East Midlands network-sniffer wails: Openreach, fix my outage-ridden line


Re: Hate to say this, but....

"I sent an email directly to Clive Selley, Openreach CEO. He answered me personally"

50p says it wasn't actually him...

Don't fear 1337 exploits. Sloppy mobile, phishing defenses a much bigger corp IT security threat

Paris Hilton

Re: Thank you captain obvious--Is this really your best?

If it was so obvious and simple we wouldn't be having so many breaches would we?

GIMP masks font downloads, adds horizon fix in new build


"a powerful image editor with functionality comparable to its far costlier commercial equivalent"

One word:


A fine vintage: Wine has run Microsoft Solitaire on Linux for 25 years


Killer App

I'm going to downvoted out of existence again, but here is your missing 'killer app': Unfortunately, the latest versions of Microsoft Office have yet to make the cut.

IBM memo to staff: Our CEO Ginni is visiting so please 'act normally!'


Because they have been laid out JUST SO.

Sheesh, have you never run a visit for VIPs?

Why, hello Rubrik's Trello: Data protection biz leaves productivity tool open to world+dog


"We take privacy very seriously"


It's time for TLS 1.0 and 1.1 to die (die, die)


I set my browser to support TLS1.2 as a minimum about 6 months ago. It's interesting to see what breaks and requires an alternative browser *cough* English Heritage *cough*

UK military may recruit wheezy, alcoholic keyboard warriors


Re: Pay?

If you're going to have a pop, at least get the name right: Royal Logistic Corps

The glorious uncertainty: Backup world is having a GDPR moment


It's not an unqualified right to be forgotten...

or did you forget this?

UK pub chain Wetherspoons' last call: ♫ Just a spoonful of Twitter – let's pull social media down ♫


Re: Or maybe....

And also the amount of wasted time and money the response to the fake 'no poppies' tweet required...

Facebook admits: Apps were given users' permission to go into their inboxes


The outrage here is that people expected their messages to be secure (I know, I know, email isn't).

Peronsally, I'm fine with anything I make public being shared.

No password? No worries! Two new standards aim to make logins an API experience


When, oh when, oh when will Apple provide USB C so that yubikeys will work with iOS?

How machine-learning code turns a mirror on its sexist, racist masters

This post has been deleted by a moderator

One solution to wreck privacy-hating websites: Flood them with bogus info using browser tools


Not Found

The requested URL /cgi-bin/Shovel.pl was not found on this server.

Apache/2.2.9 (Fedora) Server at www.turnstep.com Port 80

Watchdog growls at Tesla for spilling death crash details: 'Autopilot on, hands off wheel'


Known issue

The aviation industry has years' of experience with the autopilot handing back control and the humans being unable to cope with the situation (which was so complex the computer couldn't...)

Bitcoin's blockchain: Potentially a hazardous waste dump of child abuse, malware, etc


Re: Wait... wait. So what?

I hope you never lose your private key

Sysadmin held a rack of servers off the ground for 15 mins, crashed ISP when he put them down


What got me was the people who walked past in the meantime, smiling and saying "You alright up there?"

Got to love British humour :)

Wearables are now a two-horse race and Google lost very badly


Why spend £250 on a smartwatch you'll have to chuck in 3 years...

...when you can spend a similar sum and buy a decent watch which will last your whole life - and possibly longer?

Home fibre in the UK sucks so much it doesn't even rank in Euro study


Latvia: probably helped by the fact that 1/3 of the population lives in the capital city.

Six things I learned from using the iPad Pro for Real Work™


Office it is

"For two decades Office has been the litmus test of whether a machine can cut it. "

I got downvoted into oblivion for pointing this out in the recent WINE thread...

Vast majority of NHS trusts have failed cyber security assessment, Brit MPs told


Re: heres 2 right off the bat.

Don't your policies say you will be patched within 30 days? It's a Cyber Essentials requirement.

UK infrastructure firms to face £17m fine if their cybersecurity sucks


Any chance of a link to the guidance?

Deep sigh... Servers get teaser trailers now



Any chance you could stop using this annoying word?

Perv raided college girls' online accounts for nude snaps – by cracking their security questions


Re: The very definition of "security by obscurity"

Easiest solution:

Use your password manager (e.g. Keepass) to generate 'passwords' for these fields and store the questions and answers in the notes box attached to username and password.


Where were you born? e)\I7l}$=c&T@Pin+{m]

What is your mother's maiden name? Zg%N7al:Y2#R+fmwnc)C

etc, etc

Have three WINEs this weekend, because WINE 3.0 has landed


Office 2016?

If it can't run Office 2016 then it remains a curio

Adrift on a sea of data: Architecting for GDPR


Encrypt your SAN?

If someone carts off your SAN you probably have bigger things to worry about...

And we return to Munich's migration back to Windows - it's going to cost what now?! €100m!


Re: Just some facts about Linux adoption.....

"I simply don't believe that a professional, enterprise-sized organisation CAN'T adopt Linux successfully. Of course, such an organisation may not WANT TO adopt Linux....likely for reasons other than functionality."

When you have as many niche (Windows only) applications as a local council you really can't. As Munich found out...

Azure VMs borked following Meltdown patch, er, meltdown


Only for those on the insider track


Biting the hand that feeds IT © 1998–2019