And if for 'malicious' you substitute 'compromised'? As compromised servers seem to be rather more frequent these days. I doubt the run of the mill person is going to be using scp, but this particular hole is more worrying than some that have been published.
82 posts • joined 7 Mar 2013
Silicon Valley CEO thrown in the cooler for three years, ordered to pay back $1.5m for bullsh*tting investors
It seems to come as a surprise to certain people that mobile screens are a lot small than computer screens. Why on earth is it necessary to make page layout look the same?
You will be able to see less data on the mobile version so format it differently.
Trying to make it looks the same ends up with a metro like interface. Which everyone hated.
Incidentally I also hate the attempt to make everything look like web pages designed by extreme minimalists. A control panel is not a web page.
I coughed up for windows professional on all our home PCs after one of our PCs had something updated while it was being used, causing the keyboard to do something very odd.
So I've told windows to not apply updates unless asked for. And it asks nicely to reboot. Don't see why I should have to pay for this, but for £99/PC it (sadly) seems worth it.
However it's still pretty manky:
- it does not download stuff before notifying it has an update. Result. Update stops for a long while while it's downloading stuff.
- you can't choose which updates to apply (I'm happy to apply defenders update - mostly - recently it decided to quarantine some microsoft control panel, for instance, but leave the rest of the stuff till saturday)
- it appears to bugger off for a pint and a meat pie when it's updating. The progress indicators frankly suck.
- the progress meter is insane. it stops dead for a while then leaps ahead 20 percentage points
- the "I am doing something" spinner somehow magically turns into an "I am not sure what I'm doing so I'll spin this to convince you I'm doing something useful" after about 1 minute, leaving me with the impression the machine has hung.
- it can hang or fail for no reason. Or at least no reason it cares to translate into comprehensible English. And the fixes invariably seem to involve running stuff from an admin window.
None of which appear to be being addressed by the update. It's just attempting to guess better when you aren't using the machine.
Re: AV issues/missiing server patches - WTF
> Oh look - you can only get the MS patches if your AV vendor stops making unsupported kernel calls,
> otherwise the patch will Blue Screen your machine.
Well, duh. You dig around in the kernel and call bits of it, your code is going to be very unstable. At least MS have done something so that the users won't unexpectedly be nuked (or at least no more unexpectedly than normal). It's probably rather hard to apply subsequent patches if your system keeps blatting itself because the AV program checks the subsequent patch...
Re: Forking right! ?
Pretty sure they can tell the difference between a forked repo and a copy and paste. It's pretty much how github works.
Re: One thing that bugs me in all this...
I don't see why you feel the law should come down twice as hard on someone who has been conditioned to behave in a certain way. They are victims of someone else too.
You might as well demand the punishing of someone who doesn't report someone else abusing them, because they are making it easier for the abuser to get away with it. However it is more than clear that society does exactly the opposite and people who report rape and abuse tend to at best get ignored.
Clearly abusers shouldn't be allowed to continue abuse, but heaping further abuse on them by inappropriate levels of punishment isn't really going to help. That's likely how they got into this position in the first place.
only the 32 bit installer?
Well, I have a 64 bit version of windows. Yet somehow windows defender (yup, free, comes with windows) detected the malware and quarantined it (as well as the downloaded file). And detected and cleaned registry entries.
Yes, I use ccleaner because windows doesn't automatically clean your tmpdir and it ends up with tons of crap. not so impressed with the cookie/history cleaning and I treat the registry cleaning with a large pinch of salt (there are some programs that have been known to put entries in the registry that purport to be a file path, but the path doesn't exist, the program appears merely to be looking for the key), and to be honest I've hardly ever used it.
Re: Great article
Only for metric sizes. If you use imperial paper measurements (foolscap, quarto, elephant, double elephant (a personal favourite), etc - which, given Foyles reputation for cutting edge technology is rather more likely to be the style of paper in use there) there's no such guarantee.
Interesting this was published the same day as this https://www.theregister.co.uk/2017/07/19/apple_patches_ios_os_x_flaws/
Sadly, as people are people, and our society is what it is, a significant amount of what is said by vendors is hype, otherwise no one would even look at their products, whether they are superb or awful.
But 47 assorted flaws is not exactly zero.
Won't this go the way of other similar attempts at control? There will be some mosquitoes that are immune / resistant to the infection. they'll successfully breed, and their offspring will be more likely to be immune. Somewhat like the antibiotic immune bacteria.
So after some years, this'll just end up with releasing 20 million randy and ready male mosquitoes.
I thought for a moment from the headline that github was leaking passwords. But it seems it's not github at all.
It's not really githubs fault that someone put things there they shouldn't have done (or at least shouldn't have done without more security). The whole point of github is for people to read and share information.
I think this article could do with a little bit of retitling / rewording.
*sigh* Windows does NOT encourage users to run as admin. It throws up a box saying "this software wants to do something to your computer". And on loads and loads of websites, you see advice that tells you to
1) Switch off the access control
2) Change the permissions on <something in program files> so you can write to it
3) There is still software that is released that more-or-less expects people to grant write access to places they shouldn't have to (Bethesda/Steam - Skyrim immediately comes to mind, but there are others).
With a mindset like that even with the large developers, let alone the help sites, what do you expect. If people advised you to always run as root in linux, they'd be howled down. But apparently it's Microsoft's fault that doing the same thing on windows is considered par for the course.
There are plenty of criticisms that microsoft deserves, but encouraging people to run as admin all the time is not one.
How are home users meant to fix it
Do you really think upgrading the router firmware is a trivial operation for the non-technical? Even I wouldn't want to do it. If the router dies because the ISP downloaded non working software to it, that's their problem. If my firmware upgrade went wrong (and TBH I've really got no idea what the 'right' version of software is, and even if I did, the instructions are frankly scary, and omit important stuff like MD5 sum for the software), it's my problem.
And it's not one I want. Support from ISPs is bad enough with stuff *they* do, anything out of the ordinary and any information they give goes from useless to worse than useless.
So I'm not surprised that heartbleed is still there. Nor will I be until the ISPs block malformed packets downstream.
OK, so I liked firefox. But they just introduced Australis which bust my user experience. The 'classic theme restore' isn't so bad, partly because I'm not totally against the curved tab markers.
But it broke at least one of the extensions I use, badly. I'm not an extension writer, so I can't tell how good/bad the code is, but it's worked more or less unchanged for ages.
So I went to palemoon which is more or less firefox without the UI changes for Australis, and everything works fine.
So why did they do this? Not to mention that the version number system is so broken resulting in everyone putting insane version ranges in their addons, and it makes the whole boiling thing useless.
Why so many problems with windows 8?
I freely admit the UI assuming you have a touch screen tablet is a disgrace. It's not that hard to get a traditional start menu though (first thing I did was to get a replacement for that. The 2nd thing was to get a sidebar replacement).
I don't much like the way they've tried to kill off all the desktop UI. I don't particularly want to be logged into MS network to use skydrive or whatever they call it now.
But the underlying system though is much smoother and better. As soon as I got a windows 8 machine on my network, ALL the problems I had with windows homegroups went away...
All they need to do is shoot their UI department. My experience in this industry is whenever you let programmers or trendy people get involved in UIs, the usability goes down the hill faster than Sisyphus's rock. And it takes a similar effort to get it back where it was.
BTW I like the article, thank you
Those numbers are just so - it makes me feel small. But not dangerous, unlike the spiders.
Hope the install goes well, because I don't think you want another trip like that in the immediate future. Though TBH I don't think the lack of speed limit means you need to drive as fast as the car will go - I'm pretty sure the police won't have you for not having your foot flat down