Posts by Nick Kew 1844 posts • joined 16 Jan 2007
Likewise. Saw "vitamin water" in the headline in the feed, and thought it sounded like a startup with some possibly-novel proposition, perhaps on the health bandwagon like coconut water or birch water. Except that the gimmick seemed implausible.
Do I take it "vitamin water" is something 'merkins would automatically recognise as a brand name? I guess El Reg's .uk heritage must be pretty-much dead when it assumes we'll recognise the name.
Don't pay any ransom demanded by an unsolicited email, and report all threats to an admin and/or the police. ®
If we all reported all the crap coming our way, that could DDoS the police, perhaps so effectively as to preclude any resources at all for action against these or other malefactors.
It seems to me the question asked doesn't really tell us anything. An organisation might say "none" because it doesn't separate out a specific security role. Maybe it's outsourced, along with other IT functions? And security expertise isn't necessarily associated with box-ticking training and qualifications.
Not that I'm suggesting they're on top of it. That would indeed seem far-fetched.
Not just the late '80s, when xhost + was still a default. Right into the '90s you could - and inevitably sometimes did - make someone else's computer burst into song, tell a joke, admonish the user, or just fart. You could also trivially run your prank from another computer again to leave a false trail in case someone investigated: a local area version of the CIA routing an attack to come from China or Russia.
But we did it for laughs, and drew the line at actually damaging anyone's work.
Oh, and this wasn't even a university. Though it was a research institute funded by (many) governments, so not quite the corporate world.
Why does he let tickets in to the system in the first place?
He could take lessons from Virgin Media in preventing that. Alongside never answering the phone (just torture them with menus that go nowhere, adverts, and piped screaming) or the online 'chat' facility (a much more benign "try again later"), you just don't provide any system that could accept a ticket into it.
Might I point out that you don't have a plate glass exterior wall in your shower,
True. It's clear perspex.
and you do have drapes over the windows in your living room & bedroom
No I don't.
and hopefully there is a door between your toilet and the rest of your house.
There is, but it stays open. Well, OK, I shut it to keep the roomba out if the floor's wet. And occasionally for guests.
But I do have locks on both front and back doors, and indeed a burglar alarm. Nothing to hide, but just possibly something to fear?
Aussies will get their backdoors to services operated by Aussie companies. What happens outside that could be popcorn-time.
In an ironic twist, it was an aussie (Eric Young) who first gave us SSLeay, the ancestor of OpenSSL, back in an era when Oz was part of the Free World and the US was almost-uniquely[1] restricted.
I wonder how you could modify OpenSSL to open a backdoor for malicious third-party-key injection? No, I'm not going to work on it.
[1] Among developed countries.
What immediately springs to my mind is the Sklyarov case. Uncle Sam arrests a man for writing software that was perfectly legal in his own country, where he had done the work. Took them quite a long time to decide no crime had been committed.
[aside] ISTR commentards here taking a robust attitude at the time. I looked for a quote, but Reg stories from the era seem to have lost all their comments.
Damn, I must be a freak. On a long train journey, I more often than not find myself in conversation with one or more actual people, merely by virtue of occupying neighbouring seats.
p.s. my O2 4G returned sometime yesterday evening. When I put the phone on the charger around midnight, it was there.
Is anonymity the real issue here?
Fully-anonymised data on this scale must have considerable commercial value to pharma research interested in such things as the prevalence of genetic patterns. If it's explicitly in the public domain, that's fine. If not, then industrial espionage becomes an obvious issue.
IP companies specialising in patents could be a prime suspect here.
"... a problem that doesn't exist."
So they're lying to us about all those deaths and injuries on the road?
And all those kids who can't go out unsupervised 'cos of the danger are no more than their parents' neurosis?
And all those cars parked willy-nilly blocking everything must be an illusion?
Surely a likely candidate is the party itself. Just like in the UK, the party whips ferret out party members' secrets to bully (even blackmail) them on important votes, so a party in the US or elsewhere will want whatever it can find to hold over its legislators when it matters.
That would imply no (or very few) actual leaks. The power is in the threat.
In what sense "worse"?
If being tracked bothers you, then yes, you're cooperating with them. But for basic security, using OpenID (which I presume underlies logging in with Facebook) beats creating Yet Another Username/Password any day. At least on a site that's less critical than the OpenID provider.
So they're 'protecting' users who do dumb things like re-use passwords ... by doing dumber things like forcing them to deal with extra complexity. Along with all those who would never dream of reusing their Correct Horse Battery Staples. This is broken, so let's double down on it.
Do they also make you identify with memorable personal data? Mother's maiden name, favourite colour, first school, sorta thing? Now that really does feature in data leaks. As if it was even secure in the first place.
Where's the Pratchett icon, for occasions like this when he helps translate AAARGH to a half-decent LART?
Safe aliases for 'rm' are a good thing to prevent this!
Aliases for standard system commands are pure evil. They bugger up expectations, both for those who know the standard commands and may react unpredictably to unexpected behaviour, and for those who come new to the aliases and are then surprised by the real thing.
If you want an "rm" you consider safe, use something else for the alias. "del", for instance.
Code used to be backed up to tape too. It was obsoleted by revision control systems.
First code I ever wrote had to be saved to tape for every increment. 'Cos we didn't have discs back then, and a simple bug would commonly require a several-minute reboot (from tape) and restore (ditto).
But revision control had already existed for some years: sccs goes right back to 1972.
Most countries seem to be a bit random IME. I've had hotels in Blighty, as well as various other countries in Europe and elsewhere, ask for my passport or comparable ID. And others that take a more relaxed attitude.
They do all seem to want a creditcard on booking and checkin. And recently they don't bother with it on checkout, which implies the capability to debit it some days later than reading it. I should hope that works with a single-use token rather than storing the whole thing!
There was no such thing as a Rubik's Cube in the 1970s.
OK, there was a magic cube that you could easily scramble but was harder to unscramble. I still have a vintage example from November 1979[1]. But it wasn't until 1980 that it hit the shops and acquired the "Rubik" name.
[1] I can place it that precisely because it was my first term at Cambridge, when I regarded it as a practical exercise in Group Theory - one of the term's main courses.
My most memorable story of fixing not-broken technology comes from when I was about thirteen-ish and had never seen a computer. My granny told me, if I could fix her old radio, I could have it for myself. I changed the batteries, and it worked!
To be fair, at the time I was pretty handy with electronics, and fixed a few less-trivial things. Come to think of it ... no, you don't want to hear that one.
Couched in a more convincing spiel, leaving the poor bugger no option ...
Hello telco, this is GCHQ (honest guv). We urgently need to listen to those terrorists: they may be about to attack imminently. Yes of course they're terrorists: the Nether Blighty Sunday Cricket League is just a front! Yes, NOW, we can't wait while you complete all the red tape: that'll be too late, and your refusal to cooperate will be responsible for many deaths!
their best assistance in understanding the nature and the content (where we have a warrant) of that communication”,
That at least sounds more like the FBI Iphone case than a backdoor.
Perhaps the Reg could point us to the real smoking gun here?
You need to get over it. Language evolves.
Click may have some historic association with a sound, particularly in an era when computer devices had horrible artificial "click"s that were supposedly reassuring to people making the transition from mechanical typewriters. But that's now historic, and (in a computing context) the word "click" is now an action.
A recipe I like is to write the techie explanation in the middle.
Above it, a simple note "for quick step-by-step guide, scroll down to <anchor>".
Below it, those step by step instructions. Any critical gotchas refer back to the explanation.
But then, the kind of instructions that say "click OK or cancel" don't feature in my world. I'll google when something is a bit less obvious than that.
Over here there are initiatives to let people participate in installations on other people's roofs, including public buildings.
Here too. But the subsidies are far, far less. And yet we who don't have our own roof and so have to resort to investing in public facilities get pointed to and labelled "fat cat investors".
In contrast, smart meters can disconnect individual users for short periods (load shedding)
I have an old dumb meter. I don't know how many of my neighbours have smart vs dumb meters. But we all get disconnected depressingly frequently. It's called power cuts.
A smart meter wouldn't change my usage much. But I can envisage a future world in which my dishwasher can be set to run when the supply tells it is cheapest overnight. Those who have electric cars will have a similar situation on a much bigger scale.
Do you know anyone who doesn't flush a bog within an hour of falling out of bed in the morning?
That might not register. Some people have alternative sources of water to flush the loo. In my case, when I empty the dehumidifier. Doesn't happen every day, but often enough to be at home without using that flush from time to time.
In any case, isn't the discussion based on a false premise? The OP's premise appears to be Debunked here.
Other countries seem to be spending much less and achieving much more rollout. Which suggests the problems we have arise from our system rather than anything inherent in the technology.
My home broadband is a 4G connection (not via the 'phone, though I have that as emergency backup since it's on a different network). Cost is rather less than fixed line phone+broadband or a virgin cable Heisenconnection.
I shall await with interest what deals appear for 5G, and whether it becomes as ubiquitous in 'puters as wifi is today.
@Jimmy2Cows - I guess that was directed at me?
It was a reference to the magical thinking that makes IT a "solution" to a problem. As opposed to a means to implement a solution. Brexit seems to be the leading example of that today: those calling for a technological solution seem to be missing the idea that there needs first to be a political solution to implement, and denying all efforts to reach a political solution.
Then tell management what's wrong. Senior management if necessary, and write a detailed memo (the process of which will help anticipate possible attacks on your analysis). Discuss it with any colleagues you can trust.
If that goes nowhere, blow the whistle to the press! At this point, your memo is your chief weapon in being taken seriously.
I should add, I myself failed to do that at the beginning of my career. I just left two jobs where I'd been doing such useless work. In retrospect I regret my lack of self-confidence. By the time I hit 30 I was successfully avoiding projects like that.
Exactly. It's an entirely false dichotomy. IT is a means to an end, no matter what magic properties the brexiteers may endow it with in their imagination. Insofar as it helps the NHS in its goal of treating patients better (whether directly or indirectly - e.g. by supporting admin), spending on it is justified.
A survey that puts IT in opposition to the goals it supports is somewhere on a scale from disingenuous to clueless.
You seem to be seeing a grey area there.
I'd fix it by a per-call levy initiated by recipients of nuisance calls. Say, a button you could press that would initiated an automated penalty payment of £1 for the call, administered by the telcos. With basic safeguards against malicious or accidental activation, like a threshold number of calls before penalties start.
Proceeds to go to charity (less a small admin charge determined by ofcom), in the manner of the Lottery.
The Register - Independent news and views for the tech community. Part of Situation Publishing
Join our daily or weekly newsletters, subscribe to a specific section or set News alerts
Subscribe
