* Posts by EJ

164 posts • joined 9 Jul 2007

Page:

What is this bullsh*t, Google? Nexus phones starved of security fixes after just three years

EJ

Well, that sinks my plans to consider a Google phone next time around. Nice move.

0
0

'We should have done better' – the feeble words of a CEO caught using real hospital IT in infosec product demos

EJ

What is it with next-gen AV?

Between this and Cylance, it seems like it's all bad decisions and knife fights in the land of next-gen AV.

1
0

Revealed: Scammers plaster Google Maps with pins to lure punters from honest traders

EJ

Google should make it easier to report these discoveries of false/incorrect entities, too. I once drove to a hotel on their map in western NY that was in actuality nothing more than a hay field - the hotel was literally 3 miles away. Trying to contact Google was a bit of an uphill struggle to report that issue.

4
0

Everything's fine, says Cylance, as workers given the boot

EJ

They still are snake oil to me. We had a 2 month demo with them and experienced significant false-positives involving well-known commercial software components. At that point, it seemed like an exercise of manually identifying each file on your network, which defeats the purpose. Others swear by them, and yet I've never heard an explanation to reveal the reasons why some love it and others have our experience.

5
0

Like stealing data from a kid: LA school pays web scum US$28,000 ransom

EJ

Like paying criminals is a better answer? Might as well award the crims honorary degrees while they're at it.

5
0

Busted Oracle finance cloud leaves Rutgers Uni unable to foot bills

EJ

"If you are contacted by a vendor who is requesting immediate payment, please advise that we have an emergency process in place, and your unit will submit a request for expedited payment," the bulletin reads.

That should put the crims on notice to submit phony invoices, El Reg. Nicely done.

0
0

Hackers could turn your smart meter into a bomb and blow your family to smithereens – new claim

EJ

Any time I see a Weekly World News article cited then I know it's going to be a good day.

1
0

The Life and Times of Lester Haines

EJ
IT Angle

The saddest thing is to only discover the brilliance of people after they've passed. Thanks for the great read.

*Where's the IT angle? in honor of Lester...

18
0

FYI! – Your! hacked! Yahoo! account! is! worth! $0.0003!

EJ

I'm leaving - so reduce your bid by $0.0003, Verizon.

0
0

Banks 'not doing enough' to protect against bank-transfer scams

EJ

Banks could simply require 2FA and it would put a huge dent in the problem. That's on the banks.

0
5

Ransomware scum offer free decryption if you infect two mates

EJ

Disappointed by accompanying graphic

Way better graphic for this story would have been https://images-na.ssl-images-amazon.com/images/I/410wlv-29JL._SL500_.jpg

2
0

Drive-by web nasty unmasks Tor Browser users, Mozilla dashes to patch zero-day vuln

EJ

NoScript FF add-on

It's a wonderful thing.

0
0

Bletchley Park Trust vows to shore up insecure website

EJ

Dead now?

Is it just me or has someone set fire to the site and it's just a smoking pile of ruins?

0
0

Oh no, software has bugs, we need antivirus. Oh no, bug-squasher has bugs, we need ...

EJ

*Yawn*

OK, I bit and threw my privacy to the wind in order to read the 3 page report. I saw nothing of real concern here, unless you're heavy into IBM software or a PAN OS user.

0
0

Half-ton handbuilt CPU heads to Centre for Computing History

EJ

Should be the basis for Dom Joly's mobile device when he next films an episode of Trigger Happy TV.

0
0

Poison .JPG spreading ransomware through Facebook Messenger

EJ

"Checkpoint"...

Any relationship to Check Point, the firewall security company?

0
0

Phishing tackle ships data catch to net sharks

EJ

Just more justification for ad blocking tool usage.

0
0

WordPress auto-update server had flaw allowing anyone to add anything to websites worldwide

EJ
WTF?

Re: Welcome to the future. It's not safe.

Last I knew, WordPress is free software, so this 'rich corporate bastards' take is probably not very hot.

1
0

It's time: Patch Network Time Protocol before it loses track of time

EJ

Link for PoC is 404

The link for the PoC code is fubar'ed - the URL appears to have been doubled.

0
0

178 arrested in pan-European money mule crackdown

EJ

Re: Cops 178, Criminals 0

I hear ya: we need more drone strikes.

2
0

Some! at! Yahoo! knew! about! mega-breach! as! early! as! 2014!

EJ

*typing...*

https://www.google.com/search?q=best%20alternatives%20to%20yahoo%20email&ie=utf-8&oe=utf-8&safe=active

0
0

Computer glitches force US election poll stations to stay open for longer

EJ

Unaccountable? Yes. Illegal? No. Let's see how fast either side moves to close that loophole once and for all. Hint: not fast.

0
1

Survey finds 75% of security execs believe they are INVINCIBLE

EJ

For the 3 of us who haven't seen Goldeneye yet...

Thanks for the spoiler alert.

0
0

Smell burning? Samsung’s 'Death Note 7' could still cause a contagion

EJ
Go

In a perfect world...

... there'd exist a video where a dude riding a hoverboard while using his Note 7 has both catch on fire at once. That needs to happen.

1
0

FCC death vote looms for the Golden Age of American TV

EJ

And... the FCC voted to delay the vote.

http://www.nytimes.com/2016/09/30/technology/fcc-cable-box-vote-delayed.html

0
0

Dev teaches bot to talk spammers' ears off

EJ

Loved the response from Pratik D in his thread: "why are you sending spam emails?" Lol - oh, the irony...

2
0

Two-speed Android update risk: Mobes face months-long wait

EJ

It's my understanding you have 2 points of failure in this issue: the handset manufacturers and the wireless carriers. Example: even if Samsung releases something for your phone, you're still beholden to Verizon Wireless to release their version of that patch.

Google sold their soul in order to try to catch and dampen Apple's momentum in the market, and now that eagerness is stifling the ability to secure an Android.

0
0

Ex-Citibank IT bloke wiped bank's core routers, will now spend 21 months in the clink

EJ

IT Suicide Bomber

Nothing better justifies the judgment of management in firing/sanctioning an employee than when said employee turns around and pulls a stunt like this in response.

0
0

36 idiots running SAP under attack after flubbing 2010 patch

EJ

Having done battle with patching in an enterprise environment for years, it's very understandable why this would have been missed. My security team is always ready to demand patching ASAP, but the admins and customer support are always on about "up time", "reliability & availability", "regression testing", and other non-sensical terms. Enough with the hand wringing... Just patch the damn stuff and let God sort it out, I tell them.

3
0

Infosec freeloaders not welcome as malware silo VirusTotal gets tough

EJ

So... who are these freeloaders touting "patternless" next-gen AV vendors? Let's name names...

Ahh - I guess Reuters did: www.reuters.com/article/us-cybersecurity-sharing-virustotal-anal-idUSKCN0XY0R4

0
0

Linux infosec outfit does a Torvalds, rageblocks innocent vuln spotter

EJ

A ringing endorsement of the firm's professionalism. About the same for the researcher.

14
1

Linux-fight! Dev's plan to bundle kernel patches sparks debate

EJ

Remember the days when we believed Linux and open source were the paths to security? Oh, we were so full of hope back then...

1
0

Facebook tells Viz to f**k right off

EJ

https://www.facebook.com/papa.bungard

This page is immune to complaints made to Facebook...

0
0

Obama govt proposes 33% hike in cyber-security spending

EJ

$5B? Pfftt... that's like 28 F-35 fighters.

3
0

Samsung sued over 'lackadaisical' Android security updates

EJ

USA wants in on this

In fact, I'm surprised we haven't already tried this. BTW - it's an open and shut case as Samsung is crap with regards to Android patching.

0
0

Windows for Warships? Not on our new aircraft carriers, says MoD

EJ

US Navy & Windows

Back in 2000 I had the chance to tour the USS Hue City when it was docked in Boston Harbor, as part of a special millenial Tall Ships weekend. We eventually headed down to the "war room" on the ship. This place was really impressive to me because of all the computer equipment. It was equally exciting to see Microsoft Windows NT logon screens on several monitors (I had read an article in Computerworld that the Navy was going to use NT on missile cruisers, and we had made several jokes about re-booting in the middle of a battle and dealing with blue screens when things were going hot and heavy). At the Vanguard Security Expo later that year, Bill Murray (of IBM & Deloitte & Touche fame, not the actor), a recognized national expert in secure computing issues, had stated during a presentation that he would leave the country if the military ever began to rely on Microsoft technology for anything of a strategic nature. I could hardly contain my excitement to point out I'd already seen it in use on a US Navy ship. "God help us..." is all he could mutter to the audience.

3
0

VirusTotal invites Apple fans to play in updated Mac malware sandpit

EJ

At least the clean up is simple

I've been helping a friend get some malware/adware off her Mac. The one positive I can add here is that clean up has been pretty easy compared to the Windows side of things.

3
0

ProtonMail pays ransom to end web tsunami – still gets washed offline

EJ
Facepalm

So fail

Paying crims didn't solve the problem? Wow - who could have anticipated that?

4
0

Russian hacker, nabbed in Spain, cops 4+ years for Citadel botnet

EJ

Re: "who was arrested by US law enforcement partners"

As an American citizen, I'd be worried that Mother Russia will attempt to put a few American citizens under her skirt in retaliation.

1
3

Robo-car wars: Delphi's near crash, prang, wallop with Google DENIED!

EJ

I'd tend to believe the exec who was actually in the car rather than Delphi, who has something to lose if the story is true. Then again, if Brian WIlliams, formerly of NBC, was in either car, then I'm probably back to believing Delphi.

0
1

Man sparks controversy, fined $120 for enjoying wristjob while driving

EJ

What an idiot

His "life" of enjoying his toy does not trump someone's right to hold onto their life rather than die because he can't keep his eyes focused on the road. I would like to see those convicted of texting while driving or other e-distractions be charged with attempted manslaughter, as that is what they are doing, they are knowingly putting others at great risk due to their inattention. At the very least, it should result in license suspensions of significant time.

28
3

Chrome version 42 will pour your Java coffee down the drain: Plugin blocked by default

EJ

Great.

Now how about Flash Player?

0
0

VirusTotal wants YOU (but not you) to join its epic AV whitelist

EJ

Hmm... that's a tough one. How would Google, the handler of VirusTotal, deal with Chrome, another Google product.

Would Google act in their own best interests? I'm stumped...

0
0

Bitcoin, Litecoin, cash, watches seized from alleged software pirates

EJ

Re: What exactly

So MS sells them for $70, and the pirates sell for $30. MS then sells for $30, and the pirates drop to $10.

Not a winning strategy, but I agree that at some price point some portion of people are going to be willing to pay for the security of having a genuine MS product rather than a questionable purchase. The problem remains with the folks who are always going to want to pay as little as they can get away with.

0
0

Phishers, scammers pile into worried Anthem customers in FRAUD FRENZY

EJ

Before California gets too high and mighty here, I just had a buddy purchase a Cisco ASA firewall on eBay cheap. He turns it on and finds it has a configuration already in place. Turns out it is from the California Department of Parks & Recreation. No wipe, and the thing was on their network as recently as October 2014. Shining example of security awareness right there.

1
0

Secret Service on alert after drone CRASHES into White House

EJ

Re: How much C4

There was a story of an American microbrewery that was using a drone to deliver 12 packs? of beer to ice fishermen in the Great Lakes region, but the plug was pulled on it once the FAA heard about it. http://abcnews.go.com/US/faa-slaps-drone-beer-delivery-service-ice-fishermen/story?id=22314625

How much C4 equals the weight of a 12 pack of beer?

0
0
EJ

Re: Pull!

I believe El Reg had an article on how the thought of shooting down a drone easily was a fallacy, at least with rifles/shotguns. It was a topic brought up in the hysteria cloud of Amazon's drone package delivery daydream.

0
0

POS malware crooks hack IP cams to validate targets

EJ

Re: Browser clock?

I seed my PC with some random Mali family's photos and set the default Windows OS to Swedish to throw people off my trail.

2
0

JPMorgan Chase mega-hack was a simple two-factor auth fail

EJ
Windows

"industry-standard security practice "

Really? TFA for servers is like a unicorn: I've heard of it, and seen some illustrations of it, but I've never come across it in real life.

Do I really work in a bubble?

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017