* Posts by Halfmad

437 posts • joined 16 Jan 2013

Page:

The eyes have IT: TSB to roll out iris-scanning tech for mobile banking

Halfmad
Bronze badge

I heard an interview with an "expert" about this.

Apparently it's great for customers because:

1. You don't need to physically touch the device to login and check balances etc.

2. It's more secure than finger prints.

3. It's just jolly bloody great.

OK well let's see.

1. You can login accidentally just by f*cking looking at it.

2. You still need to physically access the device which is in your f*cking hand to do anything in the app.

3. It can be bypassed using a photograph and a contact lens and as camera get better..

3
0

Moneysupermarket fined £80,000 for spamming seven million customers

Halfmad
Bronze badge

Fines are always stupidly low

7+ million people spammed.

80K fine.

I'm sure they'll totally learn their lesson.

5
0

'Millions of IoT gizmos' wide open to hijackers after devs drop gSOAP

Halfmad
Bronze badge

Re: Maybe I'm growing into a grumpy cynic but...

That'd be like finding a needle in a haystack..

1
0

Want to kill your IT security team? Put the top hacker in charge

Halfmad
Bronze badge

The NHS sort of does this in my area, the trust has managers who are on a grade below some of the staff they manage as those staff are specialists in their area. Sadly this isn't the case in IT departments though.

7
0
Halfmad
Bronze badge

Re: So the obvious solution is...

This is how healthcare tends to handle clinicians. Sadly it doesn't extend beyond that so we end up with the best staff going into management and making an **** of it. Many of the dreaded NHS "Middle managers" I know were fantastic in their fields and the only option to progress was to move out of it into managing the staff working in that field.

Then they themselves can no longer contribute anywhere near as much.

9
0

Flight Centre leaks fliers' passport details to 'potential suppliers'

Halfmad
Bronze badge

Don't forget it's not just about the potential to leak that data

There's a debate over whether people testing system readiness should have access to person identifiable information. They have no need to access that particular data, so they should really be using randomly generated data.

0
0

Ubuntu Linux now on Windows Store (for Insiders)

Halfmad
Bronze badge

I know I'll be down voted for this

But at least it gives more exposure to Linux. I know two of my friends kids will be all over this as it gives them a way to tinker with Linux more readily without annoying their windows obsessed dads until they get their own PCs. Both currently use live linux CDs to mess about.

2
2

Bloke takes over every .io domain by snapping up crucial name servers

Halfmad
Bronze badge

"Bloke takes over every .io domain by snapping up crucial name servers"

then a few paragraphs down

"It's worth pointing out that owning four of the seven authoritative name servers doesn't grant full control over .io."

So which is it el 'reg?

4
0

Good luck building a VR PC: Ethereum miners are buying all the GPUs

Halfmad
Bronze badge

Re: Not to worry

Generally less stressful for the card than the hot/cold of gaming. Buy card, reapply fresh thermal paste and a new cooler and it'll be fine.

I've still got a couple of 7950s in Crossfire on a PC which ran for 3 years overclocked at a friends house.

0
0

Largest advertising company in the world still wincing after NotPetya punch

Halfmad
Bronze badge

Re: Is it just me...

Those local IT staff don't need to understand it, they need to have a process in place and training to say "look guys, you use your admin account when you need to do admin work, at all other times you use a standard account". Nice and simple, also don't give access to network shares etc from the admin accounts to stop them wanting to use their personal shares etc. Typically these accounts require local admin rights and very little rights on the network.

Hell I can monitor admin account usage due to the way our transparent proxy picks up anyone launching a browser or windows looking for updates.

0
0

Judge used personal email to send out details of sensitive case

Halfmad
Bronze badge

Re: A digital watch?

80085

Had to be done.

12
0
Halfmad
Bronze badge

Re: At least it seems it's an exception

If companies don't want staff to use things like cloud then policy/guidance is only the first step. Step two is to block them on work computers.

This is typically where things get messy as there's almost always exceptions to be made as companies you collaborate with start supplying information only via cloud based solutions.

13
0

PCs will get pricier and you're gonna like it, say Gartner market shamans

Halfmad
Bronze badge

Re: Value for money?

We get semi-decent PCs at work, although an SSD would be a massive help when juggling a VM and a large unwieldy spreadsheet people demand I use.

The biggest problem without a doubt though is the f*cking monitors. They're all widescreens, it's like looking through a letterbox compared to the 4K monitor I have at home. The one I'm using just now is 1600x900

900! I'd rather have a 1080P monitor than this sh!t.

9
1

'Bio-hacker' embeds public transport ticket under his skin

Halfmad
Bronze badge

Re: Easy fix

Or sown it into the cuff of a jacket he regularly wears etc.

Clothing in general with little zip pockets near the cuffs would be ideal for this sort of thing.

#gonnagointoretail

0
0

Ubuntu 'weaponised' to cure NHS of its addiction to Microsoft Windows

Halfmad
Bronze badge

Re: Terminal servers?

We use to do this, problem is reliance on boardband connections, even with failover circuits when it happens you can have many hours or even days of outages.

That's frankly unacceptable but no amount of stamping of feet and pointing at an SLA helps in that situation.

3
0
Halfmad
Bronze badge

Re: Good luck.

Not for clinical systems rules out 95% of computers in most health trusts/boards as clinicians have to have access to clinical systems, not just in wards.

They can say that but the way these places work means it's not possible WITHOUT including those and preferably as early as possible as frankly many developers dont have a linux client from my experience so far. Sure they can make one, but that costs money and takes time.

3
7
Halfmad
Bronze badge

Good luck.

But for many places 2.5 years isn't long enough to move over even if it was a proven option right now. Existing contracts for many clinical systems are 3 years+ as a minimum and moving off those will have a major cost in terms of finding an alternative system and training etc.

I'd love to have the flexibility of not being on Windows but no way will anyone be fully off it by 2020 for this, not without a huge chunk of additional funding and staff.

8
7

London suffers from 'sub-standard' connectivity - report

Halfmad
Bronze badge

Stop comparing to the best.

Compare to the average across the country, that's what most of us are stuck at.

0
0

Dixons Carphone stirs PC Curry, reports 10% profit gravy

Halfmad
Bronze badge

Re: Actually not terrible

As long as you're selective you can get what you want with just a little numpty-surcharge over internet sites.

It's things like whole systems, cables and audio stuff that's usually insanely price and of course those warranties!

0
0

Murdoch's £11.7bn Sky takeover referred to competition regulator

Halfmad
Bronze badge

Re: Why not just say NO?

You require a politician to say no to the media? are you mad?

He'll get enough stick for referring this to the competition regulator.

1
0
Halfmad
Bronze badge

Re: NowTV

I recently got a box with a 3 month pass for £10 in sainsburys. I've cancelled my current subscription and will then register a new account to claim the 3 month pass.

Should be noted that Now TV and sky share customer information.

0
0

Cisco and McAfee decide users just can't be trusted not to click on dodgy attachments

Halfmad
Bronze badge

Re: Won't work

That's why this is part of a layered defence, although I doubt Cisco and McAfee will call it that.

Can't rely on any one vendor to save you, especially McAfee IMHO it's an odd teaming up.

0
0

Watchdog slaps NHS for failure to tackle correspondence backlog

Halfmad
Bronze badge

ICO should step in.

Any patients asking for copies of their own records wouldn't have been able to be given complete sets due to this missing data sitting at the SBS but nobody would have known that other than the SBS.

They have fundamentally failed to care for the data in their possession whilst data controllers.

4
0

US voter info stored on wide-open cloud box, thanks to bungling Republican contractor

Halfmad
Bronze badge

Re: Voter registration data is not confidential

That's fine but they started tagging things onto it, some true, some not and now that's public.

Whether it can be considered sensitive is another matter but it's certainly embarrassing for the firms involved.

2
0

Banking websites are 'littered with trackers' ogling your credit risk

Halfmad
Bronze badge

Re: I think we need to know...

Don't investigate yet, wait until GDPR kicks in..

0
0

Apple gives world ... umm ... not much new actually

Halfmad
Bronze badge

Microsoft are like the mad uncle

In their shed banging out ideas, doesn't matter if most are awful you need to at least give them credit for trying some of their whacky sh!t. Every so often they come up with something clever and then someone else actually makes it useful.

Apple have become incredibly safe and scared of trying out new things, they'll happily buy a company that's already done that - but rarely push any boundaries themselves.

2
0

IBM: ALL travel must be approved now, and shut up about the copter

Halfmad
Bronze badge

Re: Again

It'll be sold as a brand and used in future years to flog products made by others. Wait? erm, I'll get back to you.

8
0

UK trigger-happy over fines for data breaches compared with Europe

Halfmad
Bronze badge

As it's almost entirely dependent on self-reporting I'm willing to bet a lot of it is down to companies just not owning up. The UK public sector is particularly good at reporting itself to the ICO quickly, within hours usually, knowing that if it does so there's far less chance of a monetary penalty at the end of it.

0
0

Whoops! Microsoft accidentally lets out a mobile-'bricking' OS update

Halfmad
Bronze badge

Well on the brightside

At least it's more secure now.

15
1

UK council fined £150k for publishing traveller family's personal data

Halfmad
Bronze badge

Re: Named council employees?

As the guy who works in public sector at the moment and who reports my organisation to the ICO when there's a breach I'd love for staff to face disciplinary when it happens. I rarely see that though.

Mistakes happen, genuine "shit I sent that to the wrong person" mistakes, should people lose their job over it? Well personally I think that should always be an option when they've caused actual harm by their actions. However I have yet to see it happen.

Staff names are typically removed from reports the ICO get, I'd love them to demand those and public those involved. My name will be on the ICO multiple times - as the person reporting it and the contact for the organisation, but others should be up there for having been held responsible for the breach.

This shouldn't just be the chief execs though, it has to include those who have direct line management responsibility if training was permitted to slip, if policies were not up to date and staff not aware of them etc. Putting a single name up won't be enough, it has to be the "chain of command" from top to bottom that could have prevented it.

There are also typically prosecutions that could be brought but again never are. Section 55 of the DPA is one such area but there are many others - we simply done' hold people accountable, but then again we don't for virus infections either even when it's personal USB sticks brought in from home - because the organisation should simply have tools to block those working right?

But surely if that sort of thing isn't permitted by policy (rules of your employment essentially) then you should be sacked for doing it?

IT breaches in general are seen as trivial when it comes to disciplinary action, I've seen people hit far harder for mistakes on their time sheets or breaking a window by accident..

2
0
Halfmad
Bronze badge

Re: Grrrr

NO but what those at the top can do is fire people for gross misconduct or have HR policies written to state that a breach will be handled as gross misconduct.

It never is though.

3
1
Halfmad
Bronze badge

Re: Grrrr

Your argument makes little sense, if you've ever been involved in a breach you'd know that it's typically down to one persons mistake initially then a series of mistakes over the course of the next few days as people try to cover it up. The "best" breaches are those where staff put their hands up so you can try to contain and get control back over that information (usually not possible, but sometimes it is), you can then notify the ICO and you can talk to those involved most importantly the data subjects who's information has been spewed.

In terms of "taxpayer coughing up" the monetary penalty goes from the council to central government, it doesn't go to the ICO and then essentially through loans etc to councils will end up back there eventually.

The public need to start understanding that public sector organisations, (especially the NHS - and I'm excluding GPs as those are PRIVATE contractors) are very good at self-reporting to the ICO. This is why the stats typically show that the public sector are AWFUL at handling information but in reality they are generally better than private firms, just that they are far happier to notify the ICO when something happens.

Having worked in private and public sector over the past 25 years I can honestly say I've personally reported my organisations to the ICO half a dozen times, yet never had approval from private companies to do so - even when the incident was arguably far, far worse. It comes down to money and lack of "give a toss" about data subjects.

5
1

Acronis adds automated ransomware protection to latest Backup version

Halfmad
Bronze badge

Re: True Image?

Confusing?

I think you mean "feature rich" !

2
0

BT considers scrapping 'gold-plated' pensions in bid to plug £14bn deficit

Halfmad
Bronze badge

Yeah but they don't want to have to put that money into the pension scheme they've been managing for years do they? Let's just reduce the payments to those who have been paying into this scheme the company agreed to manage.

Cos that's fair, right? :-/

9
0
Halfmad
Bronze badge

Much like my pension, which I'll likely never get.

Yet I've been paying in at a higher rate than any of those currently retired, the pension age will keep increasing and I'll probably die before it.

The country as a whole needs to take pension funding more seriously, for starters they should NEVER be allowed to run in deficit.

24
0

'Major incident' at Capita data centre: Multiple services still knackered

Halfmad
Bronze badge

Thing is with these companies that although they may include agreeing to have failover sites etc when sh!t happens and those don't work they just say "hey sorry, won't happen until the next time it happens" and as the NHS is f*cking awful at contract law they have no monetary clause to hammer them with.

Seen this so often in the past 10 years.

16
0

‪WannaCry‬pt ransomware note likely written by Google Translate-using Chinese speakers

Halfmad
Bronze badge

Re: More to the point

Well tells them an IP, might not tell them where the people actually were though.

1
0

Info commish: One year to go and businesses still not ready for GDPR

Halfmad
Bronze badge

Re: Pointless fines

I've been saying this for years but it also has to apply to public sector organisations, as right now they get fined - they go to government ask for a loan for that amount (since it's the government who essentially fined them anyway) and they are back to square one.

Public sector are great at reporting themselves compared to private companies but they also have nothing personally to lose, we need to change that for directors and chief execs.

2
1

IT firms guilty of blasting customers with soul-numbing canned music

Halfmad
Bronze badge

I don't mind beeps, I don't mind music.

Just don't keep me hanging on for 30 minutes telling me every 30 seconds how ******** important my call is whilst I'm 305th in the queue also sort out the damn volume level between that message and the music so I'm not deafened by one or the other, then unable to immediately hear the call handler who's whispering in afterwards.

28
0

Gig economy tech giants are 'free riding' on the welfare state, say MPs

Halfmad
Bronze badge

Re: 'worker' status to the drivers

Autonomous vehicles will need R&D and more frequently - maintenance. You can also bet your behind that the government will come up with new ways to extract money from them in new taxes etc.

3
0

UK outsourcing market hits record levels

Halfmad
Bronze badge

Re: This is where the lack of training and head hunting ethos has got companies.

You could say the same for any department which is generally not "front of house" such as information security, information governance, cleaning, estates/facilities management, HR, occupational health etc.

They are all being outsourced where possible to "save money" but in reality I doubt any money at all is saved and the service is usually poorer and less flexible as a result.

3
1

Oh lordy, WD just SCHOOLED Seagate in running a disk drive biz

Halfmad
Bronze badge

Pepperidge Farm remembers

When Seagate drives were considered some of the quietest, reliable drives on the market.

Them were the days, long gone now.

2
0

Don't stop me! Why Microsoft's inevitable browser irrelevance isn't

Halfmad
Bronze badge

Re: My work Windows 7

If they have sites that only work on older browsers go to IE11 and use Browsium.

0
1

While Facebook reinvents Sadville, we still dream of flying cars

Halfmad
Bronze badge

Re: Flying cars? Pft.

Why the f*ck would I want them flying above my house? Not like they'll be restricted to specific routes and of course the governance for it will take years and start happening properly AFTER it's started and AFTER several high profile crashes no doubt.

0
0

PC sales are up across Europe. You read that right. PC sales are up

Halfmad
Bronze badge

Re: Brexit or not...

It's not cretinous to not know about computers especially since many of those buying them for grand children didn't have access to them until they were well into adulthood. I'm sure a few of them could teach our millennials a few things about how even modern car engines worked as they are far more likely to have had to get their hands dirty maintaining their own car.

Using the wrong terminology is one thing, fact is they knew what they meant - storage space as that's typically what's marketed as good as it holds all the kids "college work", it's not as if other goods aren't marketed as equally daft at times, cars for example are typically done on fuel efficiency none of us ever see and on glamour when it's a tool most of us don't think twice about until it breaks.

1
0

Police Scotland and Accenture were at odds over ill-fated IT project i6

Halfmad
Bronze badge

Re: "at odds"?

Quite impressed that the Police had a contract sewn up like that, good on them - now if only whitehall could start doing that.

0
0

Flaws found in Linksys routers that could be used to create a botnet

Halfmad
Bronze badge

Smart eh?

It's always the smart ones which are dumb.

3
0

Have we got a new, hip compound IT phrase for you! Enter... UserDev

Halfmad
Bronze badge

Re: Success!

Not security, training and likely not following policy.

0
0

No, Microsoft is not 'killing Windows 10 Mobile'

Halfmad
Bronze badge

They don't have to kill it off.

It'll die on it's own.

8
1

Free health apps laugh in the face of privacy, sell your wheezing data

Halfmad
Bronze badge

You'd at least think they'd want to stifle the competition for it..

5
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017