* Posts by Halfmad

306 posts • joined 16 Jan 2013

Page:

Unbreakable Locky ransomware is on the march again

Halfmad
Bronze badge

Re: viduses

Hey look I'm all for blaming Microsoft but we all have the tech built into Windows to help mitigate this sort of threat, just hardly anyone seems to use applocker as they're too lazy to set it up. We can also disable macro's entirely or make them run only from trusted locations etc.

But convenience, such as running any .exe you want trumps security or even if you bother setting up applocker etc a senior manager loses his mind at not being in complete control and running local admin rights on his PC and you're back to square one.

2
2

Mega UK hospitals trust Barts says IT borkage was due to trojan – not ransomware

Halfmad
Bronze badge

That's not what usually prevents people upgrading. There are numerous, sometimes hundreds of clinical systems to consider, many of which aren't being kept up to date in terms of latest browser etc and which simply cannot run on the newer operating systems.

0
0

Ransomware scum infect cancer non-profit

Halfmad
Bronze badge

Knee jerk response seems to be from them "if in doubt - go more into the cloud"

There was probably a reason they didn't go fully in to begin with, the failings here don't seem to be related to the use of local storage, they're to do with the lack of protection, probably a lack of training for staff and a lack of a proper local backup.

Going to fully cloud just changes the risks, doesn't necessarily lessen them.

3
0

Chelsea Manning sentence slashed by Prez Obama: She'll be sprung in the spring

Halfmad
Bronze badge

Re: Just a pawn

Pawn? No she was the main actor in the leak, that's not a pawn. She was let down by her commanding officers who should have pulled her from duty, but as an adult she was responsible for her actions.

1
6
Halfmad
Bronze badge

Re: The real culpability lies...

Yes, partially. Officers are always responsible for monitoring the performance and fitness for duty of those under their command. I'm by no means saying Manning wasn't guilty but that doesn't mean all of his senior officers were blame.

3
1
Halfmad
Bronze badge

Re: Assange will back out of his word somehow

He'll blame Trump, then after Trump he'll blame someone else.

It'll never be Julian's fault that's for sure.

6
2

Ransomware brutes smacked 1 in 3 NHS trusts last year

Halfmad
Bronze badge

Re: NHS network security?

The vast network is basically thousands of silos with decent firewalls etc between them, it's not as if it's a LAN party were they're all trying to play counterstrike together. From my experience they all default to lock down and open access when given a countersigned form to do so - but I can only speak for my own experiences, I've no doubt there's plenty of plonkers in charge of IT kit out there.

Still it's not JANET..

0
1

PlayStation 4 probs: Gamers struggle with PSVR headset blackouts

Halfmad
Bronze badge

Damn

As a PC gamer who's keen on VR but wants to see it mature before throwing cash at it - I'm wanting the PS VR to be a success, that's not going to happen if the console that was built for it has silly bugs like this.

Got to wonder how bugs like this get back QA in huge companies like Sony though, seems to happen a little too regularly.

1
1

Soz fanbois, Apple DIDN'T invent the smartphone after all

Halfmad
Bronze badge

Re: Apple stole the iPhone

Apple were making increasingly popular computers through out the 90s, I say this not as an apple fanboy but someone who was repairing them. They had a lot of success with the early iPods too. Without the iPhone they'd be a fraction of the size they are, no doubt about it but they'd still likely have gone on to make the iPod touches, ipads etc anyway as they was clearly the way they were headed.

As much as the iPhone was critical to their expansion it wasn't the reason they stayed in business.

5
1

Hacker publishes GitHub secret key hunter

Halfmad
Bronze badge

Re: sesnitive

Has to be more than 20 characters long for them to check.

1
0

Plusnet outage leaves customers unable to stream Netflix. Horrors!

Halfmad
Bronze badge

Re: People that use their ISP's email service are asking for trouble

Since the 90s I've owned by own domains and simply forwarded e-mail to the provider I wanted to use, for now it's gmail, but I have used ISPs in the past. Means moving ISP isn't a factor and if the likes of gmail change the account address or close I never need change my e-mail address that banks etc are registered too.

Costs less than £1/month to have that flexibility.

0
0

Microsoft quietly emits patch to undo its earlier patch that broke Windows 10 networking

Halfmad
Bronze badge

Re: So why, oh why do you still trust these clowns?

Thing is it's getting worse with the cumulative patching adopted by Microsoft. I know in the NHS it's caused problems with various clinical systems so CCGs/Trusts/Boards are forced to either run a few months behind security patch wise and hope someone else spots the problem, run ludicrously expensive testing of clinical systems in-house and maybe run a month behind or patch and cross their fingers.

At least with previous updates we could remove the offending patch, now MS are less likely to tell us which it was and even if they did we'd have to remove the entire cumulative patch instead.

6
0

BT's hiring! 500 more customer service folk to answer your angry calls

Halfmad
Bronze badge

Your call is important to us, if we bother to answer it

and then don't lie through our teeth.

I've had over a dozen "engineers" out to look at our line over the past few years. I finally cracked a few months ago and took the BT master socket to bits, discovered an ancient ADSL splitter built into it and reconnected everything - voila! 3 times faster internet speed with no drops.

Now you imagine how many hours I spent on the phone to get that number of engineers to attend? How often I spoke to "Gary" in India who ran through his little script word for word, how often I told him "Yes I've got internet explorer open", how often I then had to agree to accept any costs should they find no fault etc etc.

What a waste of space these companies are.

14
0

Sysadmin told to spend 20+ hours changing user names, for no reason

Halfmad
Bronze badge

Anyone with actual management skill of any kind

would have suggested running as-is with the new process documented and any additional users going on in the new format and if/when there's an issue with an existing account on the old system it's transferred over.

A common naming convention is a good idea, however spending a huge amount of time correcting an existing system which works isn't if it's documented to prevent a problem with loss of staff through illness or being driven to leave by a terrible boss.

Few IT staff I know are precious about how things are recorded, they just want it to be consistent an accurate.

2
0

90 per cent of the UK's NHS is STILL relying on Windows XP

Halfmad
Bronze badge

Re: Extended support?

"Guess what, the IT department hadn't bothered to read the email and so no updates for ~5 months and no-one had thought to check XP machines were receiving the updates."

Was anyone sacked for this? I bet not and that's one of the biggest problems in the public sector, even when colossal mistakes are made, nobody, absolutely nobody takes the blame.

2
1
Halfmad
Bronze badge

Re: Migration to Office 365 and Cloud Services etc

Someone isn't interpreting the DPA correctly, NHS England can have datacenters anywhere in the UK, not just England and can also have them within the EU if the risk is accepted by the trust/CCG etc.

Hell if the risk is accepted they can have them ANYWHERE in the world, it's just that when someone went wrong, and it would they'd be up to their necks in it.

I'm guessing whoever thought it was unacceptable in Wales either was assuming Wales would go independent in the next few years or there was a technical consideration such as rural broadband around the data center etc.

1
0
Halfmad
Bronze badge

Re: Migration to Office 365 and Cloud Services etc

icloud - in use

dropbox - in use

one drive - in use

It's not all blocked/banned. I'm guessing you see a snapshot of local use. I know of instances where these are being used and can be used with proper controls in place. Ideal? Absolutely not but if the information going onto them is of sufficiently meaningless level then the risk is massively reduced.

Not saying I personally approve of their use but I do know it's happening.

0
0

For God's sake, stop trying to make Microsoft Bob a thing. It's over

Halfmad
Bronze badge

VR? I'd rather have AR

I like VR, have used most of the current set of devices on the market but I'm more interested in AR - I can see it being far more useful at work as well as at home than VR.

Cables though - that's the problem with VR for me, I don't want them hanging off me when I'm using a VR headset.

0
0

Real deal: Hackers steal steelmaker trade secrets

Halfmad
Bronze badge

Re: does EVERYTHING need to be on The Connected Internet? Really?

Time is never that critical and it's easy to have a workstation on segregated network that has no external egress/ingress nearby.

I was an engineer during the 90s and early 2000s before moving into IT. we had such a setup for our clients with high security buildings, draughtsmen were not permitted to transfer files onto any PC on our (then coaxial cable based) network which had a PC connected to the internet. My boss and founder of the company was a little paranoid, think he'd seen "Sneakers".

This was prior to e-mail etc really kicking off and any transfer would have required someone to install a floppy disk drive on their desktop PC anyway, so it was physically impossible for them to do it covertly.

We had 5 CAD workstations on a little LAN connected to an NT server which stored the files for hospitals, airports etc. Everything else was plotted onto vellum and stored in cabinets.

If anyone needed and answer our guys would pull the vellum first and give an answer within seconds as the latest version was always there. These days this would be just as quick by accessing a workstation, it's possible, just not as convenient for staff - and that's a decision which requires backing from the very top of the company.

2
0

Masterful malvertisers pwn Channel 9, Sky, MSN in stealth attacks

Halfmad
Bronze badge

Re: The steps we have to take to protect our data

As with data protection legislation they should be forced into accepting the blame since they essentially outsourced responsibility for it.

The decision was made by them, they are responsible for the outcome.

3
0
Halfmad
Bronze badge

Re: What ads?

Adblock, Ublock, we all block!

2
0

Fitbit picks up Pebble, throws Pebble as far as it can into the sea

Halfmad
Bronze badge

Thing is

As a fitbit owner, they're garbage. I'd rather have a Pebble device.

Ah well another IP down the pan, hopefully Fitbit follows soon after on the second flush.

1
0

'Toyota dealer stole my wife's saucy snaps from phone, emailed them to a swingers website'

Halfmad
Bronze badge

Re: Maybe...

Comparison would be handing your credit card over and having it's details swiped and sent online. People wouldn't think that's right but some are trying to justify this? Seems really wierd.

I'd never hand over my unlocked phone and I've nothing more worrying than Pokemon Go on it, but if I did I'd expect my Evee and Bulbasaur back unharmed.

4
0

Mozilla launches 'privacy edition' Firefox... that phones home

Halfmad
Bronze badge

Re: Generic web privacy policy in use

well at least that way I'll get one person looking at my youtube channel.

0
0

Wearable eats wearable: Fitbit 'to buy Pebble' with a steal of a deal

Halfmad
Bronze badge

OH dear

My experience of fitbit has not been great, let's hope they can't mess up Pebble too much.

5
0

European Council agrees to remove geoblocking

Halfmad
Bronze badge

Honestly businesses should be free to say "nope not sending stuff there" as a business decision if it's backed up by historical losses etc.

It's unreasonable to force companies to sell at a loss or where there's a high risk IMHO.

3
2

SHIFT + F10, Linux gets you Windows 10's cleartext BitLocker key

Halfmad
Bronze badge

Hold up - Microsoft are covered on this one folks!

The clever sods makes sure you never know when a bloody update will happen, making it FAR harder to do this.

Sly buggers.

4
0

Jeremy Hunt: Telcos must block teens from sexting each other

Halfmad
Bronze badge

This is why I could never be a politician

I see it as: 1. The parents responsibility to check what their kids are up to (and I'm a parent. 2. I know this **** isn't workable. 3. I'd be more worried if child-cock-detecting software was a thing than if it wasn't.

4
0

What's the first emotion you'd give an AI that might kill you? Yes, fear

Halfmad
Bronze badge

Re: Empathy

Harm is sometimes necessary, I'm thinking of doctors having to amputate in order to save someones life. They are causing harm to the patient - but with the aim of benefiting them in the long term.

1
1

UK National Lottery data breach: Fingers crossed – it might not be you

Halfmad
Bronze badge

Credit where it's due

This seems to have been dealt with quickly and openly by Camelot.

You could say they've been a knight in shining armour for many victims..

*boom tish*

3
0

UK.gov was warned of smart meter debacle by Cabinet Office in 2012

Halfmad
Bronze badge

I still don't have one

I'd have to take at least half a day off work to get one fitted as it's in our front hall. I don't see the benefit and my leccy supplier has twice lied to me about it being "compulsory by the end of the year" which just got my back up.

Until I hear of evidenced benefits to customers I'm not interested. Like many I was given a power meter that connects to my existing supply so I could monitor use anyway, as far as I can see all the new one does is allow local meter readers to be laid off and I doubt that saving will be passed on.

I can see my meter readings online, I don't need to see them updated 24/7 though.

20
0

UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor

Halfmad
Bronze badge

Re: In other news...

but at least they don't have to log everything you're doing - yet.

Doesn't help when it's all being intercepted by GCHQ though.

2
0

Google DeepMind inks 5-year agreement with NHS for 'Streams' app

Halfmad
Bronze badge

Unfortunately what also tends to happen is more than one dataset is sent to the same supplier and they can join up the dots.

substitution/anonymisation is only as good as the people managing it afterwards.

0
0

Apple urges court to hurry up with hearing Galway data centre objection

Halfmad
Bronze badge

Irish government have no interest in getting that money, if they went after Apple they'd end up having to go after dozens of other huge firms that they've been happily allow slip through the net.

Not that the UK is much better as leaving big business to do as it pleases when it comes to tax arrangements.

0
0

Poison .JPG spreading ransomware through Facebook Messenger

Halfmad
Bronze badge

Re: Facebook spreading ransomware...

Garbage, nobody has to use Facebook, I don't.

10
4

Fibre pushers get UK budget tax reprieve

Halfmad
Bronze badge

5 years - then another 5.. and another

BT will be all over this, then drag their heels, blame everything under the sun except themselves and Openreach (assuming it remains part of BT - otherwise it'll be blamed too) and then get additional time to roll out fibre.

Don't expect anything if you live outside a city though.

3
2

Stay out of my server room!

Halfmad
Bronze badge

Re: Beware cheap combo locks

If the cleaner isn't too great you can usually tell which 4 buttons are pressed most often, just ignore "C" as nobody seems to understand that's for clear/cancel rather than part of the code..

4
0

Twitter bans own CEO Jack Dorsey from Twitter

Halfmad
Bronze badge

Clearly you've forgotten that those abbreviations were around long before twitter too.

3
0

Outlook outage outrage

Halfmad
Bronze badge

Re: AD authentication borked

Hope they have Microsoft Premier support at Microsoft otherwise they *******s won't help. :)

0
0

PoisonTap fools your PC into thinking the whole internet lives in an rPi

Halfmad
Bronze badge

Re: Physical Access...

Unless it's an approved device chances are those ports are blocked.

Not saying it's fool proof by any means but the NHS tends to do the basics like that fairly well. Doesn't help if it's spoofing itself as an approved device though..

0
0

FYI Apple fans – iCloud slurps your call histories

Halfmad
Bronze badge

caught in a landslide..

4
0
Halfmad
Bronze badge

Re: Or

Simply never have anything on the phone you're THAT bothered about losing.

5
0

Gone in 70 seconds: Holding Enter key can smash through defense

Halfmad
Bronze badge

Re: @Homer ... Missing item in the series?

Hold on now, isn't 2016 the year of the Linux desktop? Let's not go making perfectly sensible arguments that this isn't as bad as it appears as most of them are behind locked doors.

0
0

Dropbox upgrade adds nice bits for sysadmins

Halfmad
Bronze badge

Grudgingly admit it's a good start.

I'm still more worried about where data is though, where it's backed up to and if it's deleted when it's.. deleted.

0
0

Russian banks floored by withering DDoS attacks

Halfmad
Bronze badge

Re: Leaving security to the end user = no security

So why not simply remove the default password entirely, when powered on force the user to enter a password or the device won't function - if it's a camera you'll have no image, if it's a router it won't connect externally etc.

Forgotten the password - have to reset the device.

12
2

Nvidia's financials have great numbers. Yuge numbers. The best numbers, believe me

Halfmad
Bronze badge

AMD's Raptr software put me off, I switched back to Nvidia after a couple of years on them. Shadowplay is vastly better, not perfect but better and driver updates tend to be better.

I'd still rather be on AMD though, even if it's purely from the perspective of us needing to keep competition in the game.

2
0

What went wrong at Tesco Bank?

Halfmad
Bronze badge

Re: Intersting....

My RBS account requires the person know my STUPID account name, then a handful of password characters and part of a PIN. But to transfer any money out, add a new payee etc they'd need access to my debit card and a card reader for a challenge/response.

0
0

You've been hacked. What are you liable for?

Halfmad
Bronze badge

ICO work back to front

I've been saying for a while now that the ICO should default fines for large companies to the maximum, then take in mitigating factors to reduce it, not build it up based on severity.

If companies know that they have to evidence the steps they took to mitigate attacks, show purchased products, training for staff, policies and procedures, pen testing etc they'd perhaps give a ****. As it is they are likely faced with fines which cost a fraction of this annually.

Default to the £500,000, then let them knock off 10 grand per control they can evidence.

0
0

Facebook 'fesses up to WhatsApp privacy blunder in UK

Halfmad
Bronze badge

Re: Prediction: The ICO will do f*ck all

Or even worse they'll do everything they can and Facebook, seeing the tiny fine won't give a toss.

When rules change to a % of turn over they might, but not yet.

2
0

World-leading heart hospital 'very, very lucky' to dodge ransomware hit

Halfmad
Bronze badge

From an access perspective that would give them perhaps consultant level access to clinical systems but no greater access to file shares etc than most staff.

Rank of employee in the NHS tends not to mean much when it comes to configuration of I.T. equipment.

0
0

Page:

Forums