Re: So? Responsible Disclosure?
we won't know of many of the exploits in use until it's far, far too late.
Well.. probably the 5-Eyes know and wouldn't want those exploits or faults revealed.
Posts by Mark 85
12884 publicly visible posts • joined 22 Nov 2012
Page:
- ← Prev
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
- 223
- 224
- 225
- 226
- 227
- 228
- 229
- 230
- 231
- 232
- 233
- 234
- 235
- 236
- 237
- 238
- 239
- 240
- 241
- 242
- 243
- 244
- 245
- 246
- 247
- 248
- 249
- 250
- 251
- 252
- 253
- 254
- 255
- 256
- 257
- 258
- Next →
Boffin suggests Trappist monk approach for Spectre-Meltdown-grade processor flaws, other security holes: Don't say anything public – zip it
Tuesday 5th February 2019 18:13 GMT
Re: You don't say
Also, having the public's anxieties ratchet up is necessary in as much as if there is no anxiety about security flaws, there will be no patches deployed or fixes made. Complacency is the enemy of security!
Most people don't read tech nor does the popular press cover it unless it's something really big. Then again, most users have their PC's set to "auto" for patches. Servers are a different critter in this as they are watched and administered. If the users were paying attention and administrating their own boxes, chances are Win10 wouldn't have as large a share of PC's as it does now.
Tuesday 5th February 2019 18:03 GMT
Re: Know thy enemy (bugs in this case)
so what is the point in 'quietly' patching vulnerabilities again?
Simple, they don't. Well, some do but Intel is one who doesn't quietly patch. One has to go to Intel and look for patches and then install them. I suspect that there's just too many PC's out there with Intel chips for them to figure out which computers have their chips, where they are located, and then attempt to push a fix. The Net is just too big for that sort of thing an if Intel quietly pushed out a fix to every machine (server or PC), it might cause other issues due to bandwidth. Come to think of it, we've not seen any stats on what percentage of processors have been patched.
Grumble Pai: FCC boss told by House Dems to try the novel concept of putting US folks first, big biz second
Tuesday 5th February 2019 17:19 GMT
Re: Big biz first, surely...
...isn't that the American way?
Maybe not the way it started out but there are arguments about that, but currently it is. I'm waiting for a rewrite of things along the line of: “government of the corporates, by the corporates, for the corporates”. It's not just the FCC from the top to bottom.
El Reg talks to PornHub sister biz AgeID – and an indie pornographer – about age verification
Monday 4th February 2019 19:24 GMT
Re: This Identity thing is the key
There is the beauty of what they're doing. "Think of the children" and "porn". Nail down the porn sites because no one will publically admit to being a customer (in politics anyway). Then move the goalposts to what they really want to control. This has all the hallmarks of a "bait and switch" scam but at a national (soon to be worldwide) level.
What's that, Skippy? You want a taste of Windows 10 19H2? Oops, too late
Techies tinker with toilet-topper to turn it into ticker-tracker
Windows Defender update: So secure, it wouldn't let Secure-Boot Windows PCs, er, boot
Monday 4th February 2019 18:37 GMT
Re: At least you can get your machine back maybe -- sometimes with updates you are not so lucky
One would think that borking Win7 updates would fulfill MS's goals of getting everyone over to Win10. This is just one more reason not to upgrade (or downgrade if you will). I'll credit sheer incompetence at this point and not malice.
European Commission orders mass recall of creepy, leaky child-tracking smartwatch
Mobile network Three UK's customer details exposed in homepage blunder
Bug-hunter faces jail for vulnerability reports, DuckDuckPwn (almost), family spied on via Nest gizmo, and more
Techie finds himself telling caller there is no safe depth of water for operating computers
Friday 1st February 2019 23:40 GMT
Re: Ex designer of military kit
So-called "ruggedized" hardware is usually way behind hi-tech or recent. Part of it the chip makers aren't making the hardware a priority. Plus, it may have been hi-tech when specified but by the time it's deployed it's damn near obsolete. If you can get access to the specs for the hardware, you'll see the differences in components compared to civilian components. A big cost adder is "testing"... as some have pointed out.. 100% testing as opposed to civilian being maybe 1 out of 10 without the harsh environmental specs of the military.
Not defending the prices or anything else, just explain what I've seen in the industry.
Friday 1st February 2019 23:32 GMT
Re: Annoying pedantry
Its just routing government gouging, because its nobody's job to say if its reasonable, only that a "process" has been followed.
Part of the increased price is CYA paperwork, plus some extra testing and certification.. etc. etc. etc. The end result is everyone on the board of the aspirin company gets a new Porsche or Ferrari. So, not "gouging" but "profit" for hard work on their part.
Another Apple engineer cuffed over alleged self-driving car data theft: FBI swoop on bod as he boards plane to China
Friday 1st February 2019 22:52 GMT
Re: $100,000 in cash.
i'd be curious as to where and how he's accumulated so much cash.
Bail Bondsman. Here in the States, you put up 10% (this may have gone higher) to the bail bondsman who keeps it and may require additional "monetary security" in case you skip. He/she pops for the whole bail. Look to the several very high profile cases where the perp (alleged) skipped bail and those who put up money lost it all when they ran off and left the country.
Wednesday: Facebook sparks another privacy brouhaha. Thursday: Facebook axes Iranian disinfo bods. Fancy that!
Ca-caw-caw: Pigeon poops on tot's face as tempers fray at siege of Lincoln flats
Friday 1st February 2019 21:35 GMT
Falcons do work. Many cities seem to be trying them with varied results based on nesting availability and the number of Falcons the use.
In one small town I lived in, once a year, the local cops supervised a pigeon hunt in the downtown area (no buildings over 3 stories.. I said it was a small town). Seemed to work for them until the snowflakes got upset about dead birds falling out of the sky and sound of shotguns.
Jammy dodgers: Boffin warns of auto autos congesting cities to avoid parking fees
Musk shows off the latest power plant for Starship, replaces Tesla CFO with a millennial
Ad-tech industry: GDPR complaint is like holding road builders to account for traffic violations
Thursday 31st January 2019 21:54 GMT
A pox on all advertisers.
I see how it's supposed to work but yet I get ads for companies on the east coast of the US but I live on the west side.
Obviously (or maybe probably as it hasn't been proven) the IAB and thus the ad agencies already have our info on file . IP addy is part and parcel to the "Net" so does the IAB and the ad companies really need to keep collecting more info? Just because the law says they can't collect it any more doesn't mean they will destroy what they already have or not use it. After all, the Internet is Forever.
For the analogy, I moved a year ago and am still getting snail mail ads for the previous owners even though I mark them "not at this address" and sent it back. I'm also getting new snail mail ads addressed to me even though I've never done business with any of these companies.
Personal data slurped in Airbus hack – but firm's industrial smarts could be what crooks are after
Chang'e 4 wakes and Yutu 2 stretches its solar panels for another day... on the friggin' MOON
Team America tries to crash Little Rocket Man's Joanap botnet from within, warns owners of infected boxes
Thursday 31st January 2019 06:59 GMT 
Defeated by antivirus... simple solution...
“While the Joanap botnet was identified years ago and can be defeated with antivirus software, we identified numerous unprotected computers that hosted the malware underlying the botnet.
So there's a bunch of idiots running Windows without AV or at least turning on Windows Defender? Unbelievable.
Boffins debunk study claiming certain languages (cough, C, PHP, JS...) lead to more buggy code than others
Wednesday 30th January 2019 23:32 GMT
Re: And they get paid money to do this?
In this case, the second set of academicians' research was needed to refute the first and point out what you have posted. Are they aware? Who knows? Seems any PhD candidate will engage in research no matter how aware of things they are.
Even though we IT types know that this research is flawed (the first), we have no standing unless there's plenty of PhD's involved and some reseach grant money.
Furious Apple revokes Facebook's enty app cert after Zuck's crew abused it to slurp private data
Apple: You can't sue us for slowing down your iPhones because you, er, invited us into, uh, your home... we can explain
Wednesday 30th January 2019 06:03 GMT
Built in obsolescence?
I thought it was an Apple design function. First the battery is glued into place and then they charged a small fortune (as phone batteries go) to replace it. And it only lasts about a year? Requires one of their Geniuses to replace it and you need to schedule an appointment where I am. Really?
I have an old Samsung flip phone I've been using heavily for about 10 years now. I've replaced the battery twice. Didn't take a Genius to do it, just pop off the back and replace. Batteries run about $25 or so. Wife has an Android phone, same deal: remove replace battery herself and hers with heavy usage also lasts about 2 years or so.
I'm believing Apple does want folks to replace the phone instead of replacing the battery. Otherwise, why make it a hassle to change?
You think election meddling is bad now? Buckle up for 2020, US intel chief tells Congress
Facebook cuts off independent political ad reviewers, claims security concerns
Microsoft decides Internet Explorer 10 has had its fun: Termination set for January 2020
I studied hard, I trained for years. Yay, now I'm an astronaut in space. Argggh, leukemia!
Tuesday 29th January 2019 02:38 GMT
Re: Kinda makes sense...
You might be right about repeated exposure. The wihte cells that survive come back stronger. Rinse and repeat. The 'nauts with the low count should be tested again to see if the white cell count goes up after being here on Earth for a bit.
Footnote: no where did I read that these tests were ongoing so the one who white cell count was "normal" may have regenerated or maybe it's something else. When someone says something like: "That's odd"... it merits more investigation.
FTC gets back to work: Now, where were we? Break up Facebook and fine it $2bn, you say?
'Numpty new boy' lets the boss take fall for mailbox obliteration
Monday 28th January 2019 18:27 GMT
Re: 100% honesty 90% of the time
You can only come clean if you know you screwed up. Sometimes we screw up and don't know it particularly when writing scripts. In my case, it was decades ago and we didn't have a test server, only live data. I hiccupped writing a script and it didn't work. Reworked it and it worked fine. A bit later, the database started having issues. We shut it down and rebooted the server and everything was fine. After head scratching we traced it back to my script (the version that "didn't work") and a mistyped command. Luckily the boss was very understanding and we had our test server pretty quick after that.
Six Flags fingerprinted my son without consent, says mom. Y'know, this biometric case has teeth, say state supremes...
Saturday 26th January 2019 00:57 GMT
Re: Thank you!
For the life of me, I can't imagine why an amusement park needs your fingerprints or facial recognition unless it some sort of ticketing thing which like many other places, one price and you can ride as many rides as you want... food and souvenirs are extra of course. It's not like they don't have security cams and employees everywhere. So what do really need this for?????
Oof, are you sure? Facing $9bn damages, Google asks Supreme Court to hear Java spat
Users fail to squeak through basic computer skills test. Well, it was the '90s
SpaceX enjoys three whole seconds of fire and fury on Pad 39A
Requests for info, gag orders and takedowns fired at GitHub users hit an all-time high last year
We did Nazi see this coming... Internet will welcome Earth's newest nation with, sigh, a brand new .SS TLD
Thursday 24th January 2019 23:21 GMT 
Political correctness running amok?
I guess then that Chevrolet will have to kill off the SS branding of some it's cars and the ones out and already branded won't be allowed on the streets? I feel sorry for someone with those initials say someone named Steven Smith. Any documents he initials will need to be burned. But on the bright side, the SJW's, etc. will be happy as the final bits of the SS will be expunged from Earth.
Under Armour and Virgin Galactic team up so tourists can stay on-trend throughout white-knuckle ride into space
Starship bloopers: In touching tribute to Tesla shares, Musk proto-craft tumbles – as Bezos' Blue Origin rocket lifts off
Thursday 24th January 2019 05:27 GMT
For some reason, every time I see the Bezo's rocket I'm reminded of the rocket in Flesh Gordon (definitely NSFW) and have to chuckle, sometimes laugh. The comment at work is "Mark's watching a Bezo's launch" and the youngster's there don't get it. But the older guys do.
I'm still not believing the picture windows on the capsule. I guess the paying customers deserve a nice view,
Page:
- ← Prev
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
- 223
- 224
- 225
- 226
- 227
- 228
- 229
- 230
- 231
- 232
- 233
- 234
- 235
- 236
- 237
- 238
- 239
- 240
- 241
- 242
- 243
- 244
- 245
- 246
- 247
- 248
- 249
- 250
- 251
- 252
- 253
- 254
- 255
- 256
- 257
- 258
- Next →
Biting the hand that feeds IT
