* Posts by Halfmad

561 posts • joined 16 Jan 2013

Page:

In real life, Q is a woman! Head of MI6 calls for more female techies at SIS

Halfmad

Re: Perhaps

I'm not sure what's quite right. My wife is very nerdy but then again so were many of the engineering apprentices I was with during my teens - but most have apparently not left that sector following time off to have kids.

It could be problems getting back in following maternity leave as many wanted reduced hours and that's not always practical in engineering. Where as Scientific/medical jobs (particularly GPs) can tailor their working hours far better.

Trump lieutenants 'use private email' for govt work... but who'd make a big deal out of that?

Halfmad

Never as clear cut as that.

One of the problems I've had is people using gmail etc for personal e-mail which then over the course of the conversation includes work related stuff, this should be request-able via FOI and should only be on work e-mail servers - it's a surprisingly common problem.

UK ISPs may be handed cock-blocking powers

Halfmad

So for now it's just porn.

Then another amendment and it's P2P traffic.

Then another stating anything as instructed by whitehall.

Then another and it's basically anything any ISP fancies blocking.

It's laughable that the UK criticizes other countries for internet censorship whilst heading down this path., inevitable? No but let's face it with the current government it's highly likely.

Biz claims it's reverse-engineered encrypted drone commands

Halfmad

slowmo guys could make a fantastic video of drone bits flying off.

Symantec carpeted over dodgy certificates, again

Halfmad

Re: Symantec

Hold up, isn't that Veritas?

Unbreakable Locky ransomware is on the march again

Halfmad

Re: viduses

Hey look I'm all for blaming Microsoft but we all have the tech built into Windows to help mitigate this sort of threat, just hardly anyone seems to use applocker as they're too lazy to set it up. We can also disable macro's entirely or make them run only from trusted locations etc.

But convenience, such as running any .exe you want trumps security or even if you bother setting up applocker etc a senior manager loses his mind at not being in complete control and running local admin rights on his PC and you're back to square one.

Mega UK hospitals trust Barts says IT borkage was due to trojan – not ransomware

Halfmad

That's not what usually prevents people upgrading. There are numerous, sometimes hundreds of clinical systems to consider, many of which aren't being kept up to date in terms of latest browser etc and which simply cannot run on the newer operating systems.

Ransomware scum infect cancer non-profit

Halfmad

Knee jerk response seems to be from them "if in doubt - go more into the cloud"

There was probably a reason they didn't go fully in to begin with, the failings here don't seem to be related to the use of local storage, they're to do with the lack of protection, probably a lack of training for staff and a lack of a proper local backup.

Going to fully cloud just changes the risks, doesn't necessarily lessen them.

Chelsea Manning sentence slashed by Prez Obama: She'll be sprung in the spring

Halfmad

Re: Just a pawn

Pawn? No she was the main actor in the leak, that's not a pawn. She was let down by her commanding officers who should have pulled her from duty, but as an adult she was responsible for her actions.

Halfmad

Re: The real culpability lies...

Yes, partially. Officers are always responsible for monitoring the performance and fitness for duty of those under their command. I'm by no means saying Manning wasn't guilty but that doesn't mean all of his senior officers were blame.

Halfmad

Re: Assange will back out of his word somehow

He'll blame Trump, then after Trump he'll blame someone else.

It'll never be Julian's fault that's for sure.

Ransomware brutes smacked 1 in 3 NHS trusts last year

Halfmad

Re: NHS network security?

The vast network is basically thousands of silos with decent firewalls etc between them, it's not as if it's a LAN party were they're all trying to play counterstrike together. From my experience they all default to lock down and open access when given a countersigned form to do so - but I can only speak for my own experiences, I've no doubt there's plenty of plonkers in charge of IT kit out there.

Still it's not JANET..

PlayStation 4 probs: Gamers struggle with PSVR headset blackouts

Halfmad

Damn

As a PC gamer who's keen on VR but wants to see it mature before throwing cash at it - I'm wanting the PS VR to be a success, that's not going to happen if the console that was built for it has silly bugs like this.

Got to wonder how bugs like this get back QA in huge companies like Sony though, seems to happen a little too regularly.

Soz fanbois, Apple DIDN'T invent the smartphone after all

Halfmad

Re: Apple stole the iPhone

Apple were making increasingly popular computers through out the 90s, I say this not as an apple fanboy but someone who was repairing them. They had a lot of success with the early iPods too. Without the iPhone they'd be a fraction of the size they are, no doubt about it but they'd still likely have gone on to make the iPod touches, ipads etc anyway as they was clearly the way they were headed.

As much as the iPhone was critical to their expansion it wasn't the reason they stayed in business.

Hacker publishes GitHub secret key hunter

Halfmad

Re: sesnitive

Has to be more than 20 characters long for them to check.

Plusnet outage leaves customers unable to stream Netflix. Horrors!

Halfmad

Re: People that use their ISP's email service are asking for trouble

Since the 90s I've owned by own domains and simply forwarded e-mail to the provider I wanted to use, for now it's gmail, but I have used ISPs in the past. Means moving ISP isn't a factor and if the likes of gmail change the account address or close I never need change my e-mail address that banks etc are registered too.

Costs less than £1/month to have that flexibility.

Microsoft quietly emits patch to undo its earlier patch that broke Windows 10 networking

Halfmad

Re: So why, oh why do you still trust these clowns?

Thing is it's getting worse with the cumulative patching adopted by Microsoft. I know in the NHS it's caused problems with various clinical systems so CCGs/Trusts/Boards are forced to either run a few months behind security patch wise and hope someone else spots the problem, run ludicrously expensive testing of clinical systems in-house and maybe run a month behind or patch and cross their fingers.

At least with previous updates we could remove the offending patch, now MS are less likely to tell us which it was and even if they did we'd have to remove the entire cumulative patch instead.

BT's hiring! 500 more customer service folk to answer your angry calls

Halfmad

Your call is important to us, if we bother to answer it

and then don't lie through our teeth.

I've had over a dozen "engineers" out to look at our line over the past few years. I finally cracked a few months ago and took the BT master socket to bits, discovered an ancient ADSL splitter built into it and reconnected everything - voila! 3 times faster internet speed with no drops.

Now you imagine how many hours I spent on the phone to get that number of engineers to attend? How often I spoke to "Gary" in India who ran through his little script word for word, how often I told him "Yes I've got internet explorer open", how often I then had to agree to accept any costs should they find no fault etc etc.

What a waste of space these companies are.

Sysadmin told to spend 20+ hours changing user names, for no reason

Halfmad

Anyone with actual management skill of any kind

would have suggested running as-is with the new process documented and any additional users going on in the new format and if/when there's an issue with an existing account on the old system it's transferred over.

A common naming convention is a good idea, however spending a huge amount of time correcting an existing system which works isn't if it's documented to prevent a problem with loss of staff through illness or being driven to leave by a terrible boss.

Few IT staff I know are precious about how things are recorded, they just want it to be consistent an accurate.

90 per cent of the UK's NHS is STILL relying on Windows XP

Halfmad

Re: Extended support?

"Guess what, the IT department hadn't bothered to read the email and so no updates for ~5 months and no-one had thought to check XP machines were receiving the updates."

Was anyone sacked for this? I bet not and that's one of the biggest problems in the public sector, even when colossal mistakes are made, nobody, absolutely nobody takes the blame.

Halfmad

Re: Migration to Office 365 and Cloud Services etc

Someone isn't interpreting the DPA correctly, NHS England can have datacenters anywhere in the UK, not just England and can also have them within the EU if the risk is accepted by the trust/CCG etc.

Hell if the risk is accepted they can have them ANYWHERE in the world, it's just that when someone went wrong, and it would they'd be up to their necks in it.

I'm guessing whoever thought it was unacceptable in Wales either was assuming Wales would go independent in the next few years or there was a technical consideration such as rural broadband around the data center etc.

Halfmad

Re: Migration to Office 365 and Cloud Services etc

icloud - in use

dropbox - in use

one drive - in use

It's not all blocked/banned. I'm guessing you see a snapshot of local use. I know of instances where these are being used and can be used with proper controls in place. Ideal? Absolutely not but if the information going onto them is of sufficiently meaningless level then the risk is massively reduced.

Not saying I personally approve of their use but I do know it's happening.

For God's sake, stop trying to make Microsoft Bob a thing. It's over

Halfmad

VR? I'd rather have AR

I like VR, have used most of the current set of devices on the market but I'm more interested in AR - I can see it being far more useful at work as well as at home than VR.

Cables though - that's the problem with VR for me, I don't want them hanging off me when I'm using a VR headset.

Real deal: Hackers steal steelmaker trade secrets

Halfmad

Re: does EVERYTHING need to be on The Connected Internet? Really?

Time is never that critical and it's easy to have a workstation on segregated network that has no external egress/ingress nearby.

I was an engineer during the 90s and early 2000s before moving into IT. we had such a setup for our clients with high security buildings, draughtsmen were not permitted to transfer files onto any PC on our (then coaxial cable based) network which had a PC connected to the internet. My boss and founder of the company was a little paranoid, think he'd seen "Sneakers".

This was prior to e-mail etc really kicking off and any transfer would have required someone to install a floppy disk drive on their desktop PC anyway, so it was physically impossible for them to do it covertly.

We had 5 CAD workstations on a little LAN connected to an NT server which stored the files for hospitals, airports etc. Everything else was plotted onto vellum and stored in cabinets.

If anyone needed and answer our guys would pull the vellum first and give an answer within seconds as the latest version was always there. These days this would be just as quick by accessing a workstation, it's possible, just not as convenient for staff - and that's a decision which requires backing from the very top of the company.

Masterful malvertisers pwn Channel 9, Sky, MSN in stealth attacks

Halfmad

Re: The steps we have to take to protect our data

As with data protection legislation they should be forced into accepting the blame since they essentially outsourced responsibility for it.

The decision was made by them, they are responsible for the outcome.

Halfmad

Re: What ads?

Adblock, Ublock, we all block!

Fitbit picks up Pebble, throws Pebble as far as it can into the sea

Halfmad

Thing is

As a fitbit owner, they're garbage. I'd rather have a Pebble device.

Ah well another IP down the pan, hopefully Fitbit follows soon after on the second flush.

'Toyota dealer stole my wife's saucy snaps from phone, emailed them to a swingers website'

Halfmad

Re: Maybe...

Comparison would be handing your credit card over and having it's details swiped and sent online. People wouldn't think that's right but some are trying to justify this? Seems really wierd.

I'd never hand over my unlocked phone and I've nothing more worrying than Pokemon Go on it, but if I did I'd expect my Evee and Bulbasaur back unharmed.

Mozilla launches 'privacy edition' Firefox... that phones home

Halfmad

Re: Generic web privacy policy in use

well at least that way I'll get one person looking at my youtube channel.

Wearable eats wearable: Fitbit 'to buy Pebble' with a steal of a deal

Halfmad

OH dear

My experience of fitbit has not been great, let's hope they can't mess up Pebble too much.

European Council agrees to remove geoblocking

Halfmad

Honestly businesses should be free to say "nope not sending stuff there" as a business decision if it's backed up by historical losses etc.

It's unreasonable to force companies to sell at a loss or where there's a high risk IMHO.

SHIFT + F10, Linux gets you Windows 10's cleartext BitLocker key

Halfmad

Hold up - Microsoft are covered on this one folks!

The clever sods makes sure you never know when a bloody update will happen, making it FAR harder to do this.

Sly buggers.

Jeremy Hunt: Telcos must block teens from sexting each other

Halfmad

This is why I could never be a politician

I see it as: 1. The parents responsibility to check what their kids are up to (and I'm a parent. 2. I know this **** isn't workable. 3. I'd be more worried if child-cock-detecting software was a thing than if it wasn't.

What's the first emotion you'd give an AI that might kill you? Yes, fear

Halfmad

Re: Empathy

Harm is sometimes necessary, I'm thinking of doctors having to amputate in order to save someones life. They are causing harm to the patient - but with the aim of benefiting them in the long term.

UK National Lottery data breach: Fingers crossed – it might not be you

Halfmad

Credit where it's due

This seems to have been dealt with quickly and openly by Camelot.

You could say they've been a knight in shining armour for many victims..

*boom tish*

UK.gov was warned of smart meter debacle by Cabinet Office in 2012

Halfmad

I still don't have one

I'd have to take at least half a day off work to get one fitted as it's in our front hall. I don't see the benefit and my leccy supplier has twice lied to me about it being "compulsory by the end of the year" which just got my back up.

Until I hear of evidenced benefits to customers I'm not interested. Like many I was given a power meter that connects to my existing supply so I could monitor use anyway, as far as I can see all the new one does is allow local meter readers to be laid off and I doubt that saving will be passed on.

I can see my meter readings online, I don't need to see them updated 24/7 though.

UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor

Halfmad

Re: In other news...

but at least they don't have to log everything you're doing - yet.

Doesn't help when it's all being intercepted by GCHQ though.

Google DeepMind inks 5-year agreement with NHS for 'Streams' app

Halfmad

Unfortunately what also tends to happen is more than one dataset is sent to the same supplier and they can join up the dots.

substitution/anonymisation is only as good as the people managing it afterwards.

Apple urges court to hurry up with hearing Galway data centre objection

Halfmad

Irish government have no interest in getting that money, if they went after Apple they'd end up having to go after dozens of other huge firms that they've been happily allow slip through the net.

Not that the UK is much better as leaving big business to do as it pleases when it comes to tax arrangements.

Poison .JPG spreading ransomware through Facebook Messenger

Halfmad

Re: Facebook spreading ransomware...

Garbage, nobody has to use Facebook, I don't.

Fibre pushers get UK budget tax reprieve

Halfmad

5 years - then another 5.. and another

BT will be all over this, then drag their heels, blame everything under the sun except themselves and Openreach (assuming it remains part of BT - otherwise it'll be blamed too) and then get additional time to roll out fibre.

Don't expect anything if you live outside a city though.

Stay out of my server room!

Halfmad

Re: Beware cheap combo locks

If the cleaner isn't too great you can usually tell which 4 buttons are pressed most often, just ignore "C" as nobody seems to understand that's for clear/cancel rather than part of the code..

Twitter bans own CEO Jack Dorsey from Twitter

Halfmad

Clearly you've forgotten that those abbreviations were around long before twitter too.

Outlook outage outrage

Halfmad

Re: AD authentication borked

Hope they have Microsoft Premier support at Microsoft otherwise they *******s won't help. :)

PoisonTap fools your PC into thinking the whole internet lives in an rPi

Halfmad

Re: Physical Access...

Unless it's an approved device chances are those ports are blocked.

Not saying it's fool proof by any means but the NHS tends to do the basics like that fairly well. Doesn't help if it's spoofing itself as an approved device though..

FYI Apple fans – iCloud slurps your call histories

Halfmad

caught in a landslide..

Halfmad

Re: Or

Simply never have anything on the phone you're THAT bothered about losing.

Gone in 70 seconds: Holding Enter key can smash through defense

Halfmad

Re: @Homer ... Missing item in the series?

Hold on now, isn't 2016 the year of the Linux desktop? Let's not go making perfectly sensible arguments that this isn't as bad as it appears as most of them are behind locked doors.

Dropbox upgrade adds nice bits for sysadmins

Halfmad

Grudgingly admit it's a good start.

I'm still more worried about where data is though, where it's backed up to and if it's deleted when it's.. deleted.

Russian banks floored by withering DDoS attacks

Halfmad

Re: Leaving security to the end user = no security

So why not simply remove the default password entirely, when powered on force the user to enter a password or the device won't function - if it's a camera you'll have no image, if it's a router it won't connect externally etc.

Forgotten the password - have to reset the device.

Page:

Biting the hand that feeds IT © 1998–2019