* Posts by steeple

10 posts • joined 6 Jun 2013

Tesco Bank limits online transactions after fraud hits thousands


Re: Tesco bank headers missing

Interesting tests, Ben. My immediate response was that the Barclay's app gets a bonus star for not working at all... no? I realise this makes it harder to test the other controls but I would never usually trust an app on a rooted device as I would assume sandbox/walled garden integrity is compromised anyway.

Apple: FBI request threatens kids, electricity grid, liberty


Re: @1st AC - Apple being first to improve security

I think you're being a little unfair. Where does he say a "positive" part?

Regardless, he is just recognising a fact of modern life: in our current reality phones are now pretty firmly baked in as part of our security perimeter. SMS confirmation, mobile banking access, digital wallets, password reset, account recovery, etc.

Yep, they're right in there.

Seems to be spot on to me!

Why Tim Cook is wrong: A privacy advocate's view


Sorry Trevor, it's not "flawed" as much as lacking in some functionality. A car built before ABS did not have flawed brakes. The patch for this is called the Secure Enclave, by the way. Being a hardware fix, however, it is difficult to roll it out over the internet...

Also, "hiding behind a technicality of the law" is what keeps many innocent people out of prison.Holding the technicalities of the law in contempt is simply silly.

Bruce Schneier: 'We're in early years of a cyber arms race'


Not Equal To

"inna deep ocean with trident-equipped submarine" TFTFY, as far as the point being made is...

Sysadmins, patch now: HTTP 'pings of death' are spewing across web to kill Windows servers


Re: system crash vs payload with elevated privileges

Thanks AC. Nice explanation.


Re: Don't like IIS?


Overall, I agree with you. However, I am uncertain about the emphasis in: "Heartbleed etc. is an information disclosure attack. It doesn't crash your servers." For me, information disclosure is probably the biggest risk I have.

Naive question: does this vulnerability only allow the attacker to crash servers? Or does it enable elevated privileges or other compromises to the target?


Fight back against illegal GCHQ spying with PAPERWORK!


Re: Spirit of the law

The other way around,

Kryder's law craps out: Race to uber-cheap storage is voer

Thumb Up

Re: They're all wrong...

This. I think there might be an amendment needed to your economic model, Chris. I don not believe the assumption that data demand is largely independent of the price of storage is as robust as you make out. If we instead assume that demand is a function of the price of storage then we can also see how the demand curve meets the supply curve somewhere around a very low (if not zero) cost.

As a consumer, I choose to limit myself to using only free cloud storage - 5, 15, 25GB, whatever. I do not plan on ever paying for storage (hostage to fortune alert).

Doctor Who trashing the TARDIS, Clara alone, useless UNIT – Death in Heaven


Re: Too Simples

Didn't get that to be honest. This is a Time Lord, right? With a time machine, right? And, you're going to tempt him by offering him an... ARMY OF CYBERMEN!

With a time machine I can beat any army (q.v.)

Microsoft parades Windows 8.1, the version you may actually want


Nothing wrong with architecting

Architect has been used as a verb for centuries (just). Ref: http://blog.oup.com/2008/07/architect/

Biting the hand that feeds IT © 1998–2019