* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

Microsoft won't patch SMB flaw that only an idiot would expose

Doctor Syntax Silver badge

Re: sorry, but is this so unreasonable?

It's like insisting that the security issues in Telnet get fixed. They *did* get fixed, and the result is called "ssh".

And domestic routers etc. still get shipped with telnet & no ssh.

In the real world what gets done is what's convenient, not necessarily what's best.

Doctor Syntax Silver badge

Re: But...

"there is a REASON they have gone no-where over the last 40+ years."

Yes, Microsoft's leaning on major PC manufacturers to ship them all with Windows.

Facebook COO Sheryl Sandberg: Crypto ban won't help trap terrorists

Doctor Syntax Silver badge

Re: Reason for snooping..

"So stop obsessing about survellance and concentrate on real long term threats."

And stop becoming being that long term threat yourself.

Doctor Syntax Silver badge

"Even if there is no sender's return address, this would raise a flag - X gets lots of anonymous letters from region Y."

Business letters normally have a return address. Personal letters? Very rarely.


Doctor Syntax Silver badge

"And then you get to read a letter about Great Aunt Agatha's trip to visit her relatives with a reminder not to forget her hair curlers."

Your name has been taken.

Doctor Syntax Silver badge

"you could just nip to the Post Office and buy a stamp."

There are at least 3 options for TPTB to deal with that:

1. In some cases a spray* can render the envelope temporarily clear enough to photograph the contents. That's why a good envelope has a pattern printed on the inside.

2. Steam it open and reseal.

3. Rip it open and fake a replacement envelope.

* Possibly something nasty like a halogenated hydrocarbon - it's a long time since I saw it so I've forgotten the details.

AI quickly cooks malware that AV software can't spot

Doctor Syntax Silver badge

"The key to the system is to take legitimate-looking code and change just a few tiny parts of it to convert the software into attack code. Even changing small details can fool AV engines, he said"

There's something self-contradictory here.

Start with something legitimate. Make small changes. Small changes can fool AV engines. But if the AV engine were white-listing the legitimate code than those small changes should fool the white-listing. And if you weren't counting on white-listing why bother to start with legitimate-looking code in the first place?

Autonomous driving in a city? We're '95% of the way there'

Doctor Syntax Silver badge


"Audi drivers took the Wanker Behind The Wheel award from BMW drivers around 5 years ago and have kept it ever since."

Never underestimate the capabilities of a driver who expected a company BMW or Audi and got a Mondeo instead.

Scary news: Asteroid may pass Earth by just 6,880km in October

Doctor Syntax Silver badge

From the NASA article: "while we know the orbit of 2012 TC4 well enough to be absolutely certain it will not impact Earth, we haven’t established its exact path just yet,”

Somehow I don't find the last bit entirely reassuring about the first.

So who exactly was to blame for Marketo losing its dotcom?

Doctor Syntax Silver badge

Re: "The system failed due to Network Solutions ..."

"Network Solutions are the absolute pits."

I've no experience of them but I've come to regard "solutions" as a warning.

Systemd wins top gong for 'lamest vendor' in Pwnie security awards

Doctor Syntax Silver badge

Re: Devuan smugness

"!Just a lame award for not liking what someone says."

Really? I read it as an award from security professionals for a cavalier attitude to security.

Doctor Syntax Silver badge

Re: Don't worry

I've no problem with any company making money from releasing FLOSS who, after all, are the largest contributors. In fact, a commercial vendor is more likely to respond to users than an independent developer who has nothing to lose or gain from the responses to their work.

In Red Hat's case, however, I can't avoid the thought that, as things have worked out, they are now (AFAIK) the only resort for those who need a commercial vendor-supported distro and want it to be systemd-free. Is that irony or a clever ploy?

Doctor Syntax Silver badge

Maybe they missed a trick here. Instead of Poettering they could have nominated his employer, Red Hat. A corporation might respond to the bad publicity whereas Poettering seems to think the whole thing is, to use his own term, a circus and dismisses it.

BOFH: Oh go on. Strap me to your Hell Desk, PFY

Doctor Syntax Silver badge

Re: True to tradition

"He should have cut the BOFH in on the deal"

I was expecting the BOFH to have sussed what the was happening very early & taken over the sales spiel to cut himself in. Is he getting past it?

Ransomware scum straighten ties, invest in good customer service

Doctor Syntax Silver badge

"comparing what they make with anything honest work might conceivably get them is nothing short of delusional."

Although my OP might have been somewhat tongue in cheek it does reflect the point of the article: in order to make ransomware work the operators need to be professionally business-like in their approach. As such they could probably equally well operate a legitimate business so that the comparison with employment isn't really justified.

Of course they wouldn't make the same returns from a legitimate business. However the NSA will be trying to track them and will probably succeed in at least some cases. The consequence is that if they try to spend the proceeds or maybe lured by a sting operation somewhere where they can be made amenable to the US authorities - and that seems to be a rather large slice of the world - then they could end up looking at multi-decade prison sentence.

Doctor Syntax Silver badge

Re: Quote from "anti-virus" provider

"I wonder how he knows, is it customer feedback?"

Thank you for your Bitcoin payment. Please remember to fill in our customer satisfaction survey.

Doctor Syntax Silver badge

If they need to make all these efforts they might as well work for a living. They might end up with the ransomware being the front for a call centre business.

London cops bust fake Cisco hardware chain

Doctor Syntax Silver badge

"not much of an improvement."

It depends who you're more worried about.

Maybe the trick is to place one behind the other so that one blocks other.

Doctor Syntax Silver badge

"But we all know that equipment produced in the same factory by the same people won't be of the same standard as the stuff that is official."

Maybe it won't have the NSA back doors installed.

It took DEF CON hackers minutes to pwn these US voting machines

Doctor Syntax Silver badge

"What could possibly go wrong?

You get some that makes trump look like a political genius."


Doctor Syntax Silver badge

Big John,

Could you please provide the URL of the story you're commenting on as it doesn't seem to resemble the one I read.

Sysadmin jeered in staff cafeteria as he climbed ladder to fix PC

Doctor Syntax Silver badge

Re: What is this ?

"a lady who looked like she'd got dressed in a hurry was standing there."

And you believed her story?

Doctor Syntax Silver badge

75 Ohm cable

I should add that at one stage (early 80s) I used a network which was designed to be wired up with 75 Ohm TV coax. It consisted of small boxes, allegedly each contained a Z80 with an RS232 connector, a TV connector & a small stub of TV coax with another connector on it. These were daisy-chained with more TV coax. I can't remember what the head end was like but it must have broken out a batch of RS232s to connect to the host, a Z8000 box.

A few years later, and another job not a million miles from Euston, I came across a very much grown up version, again strung together with coax but definitely not TV coax, doing much the same job. In that case the head end had a room to itself but still fed the serial lines through to a server. And that gig also had some of the original hose-pipe sized Ethernet as well.

Doctor Syntax Silver badge

Re: Windows for Worgroups

"Still to this day can't figure out where he got the reel of 75 ohm from!"

Local TV shop?

Doctor Syntax Silver badge

"I dont know how fancy switches were in those days"

If you were replying to Richard 26 I guess you didn't realise the import of "flat thinwire". No switches - everything shares the same medium.

Doctor Syntax Silver badge

Re: So ...

El Reg's resident bastion of truth, restraint and modesty BOFH.

Enumeration bug offers five-finger discount on Woolworth Australia loyalty points

Doctor Syntax Silver badge

Re: Disloyalty.

"Kellogs run a TV commercial, do you change to Kellogs?"

If I watch anything on a commercial channel I'll fast forward through the adds so I wouldn't see it. If that wasn't the case and I did see the ad it would have no effect unless I was already buying Kellogs in which case I'd get pissed off with the ad so quickly I'd change to BrandX.

Next question.

Flaws in web-connected, radiation-monitoring kit? What could go wrong?

Doctor Syntax Silver badge

"Worse yet, the device communicates via cleartext, so attackers would be able to falsify readings, disable alarms, or perform any other originally supported operation."

This gains it the highest approval rating from both our house-trained Home Secs (I'm counting the one currently installed in number 10).

Microsoft: Get in, IT nerds, you're now using Insider builds and twice-annual Windows rollouts

Doctor Syntax Silver badge

@Jonathan 27

Back in the '80s when we first used RCS I checked after a few months & discovered we'd been releasing changes on average of every 2 weeks for our in-house application system so I'm not impressed by your idea of every 2 months as continuous release*. This was for adding functionality for business reasons (mostly requests from the beancounters which was handy because it kept them from complaining that we were a cost centre). OTOH we did expect a much slower rate of churn on the underlying platform, OS & RDBMS.

*We also had the same team as developers, DBAdmin & Unix Admin so I'm not impressed with the idea of DevOps as the latest shiny. Everything old is new again.

Doctor Syntax Silver badge

Re: Oh god.

Common sense would dictate that when an update downloads, it detects whether or not the device it's on can run on batteries asks for permission to apply the updates.

Doctor Syntax Silver badge

Re: Did anyone else read that line as:

No, I was too busy wondering where "rough" should really have been placed.

Doctor Syntax Silver badge

Re: Still not 'buying' it

"I have a new laptop coming with Windows 10 on the HDD."

PC Specialist will sell you a laptop without Windows of any variety.

Doctor Syntax Silver badge

Re: What's the problem?

"before the s/w hits desktops."


Pre-order your early-bird pre-sale product today! (Oh did we mention the shipping date has slipped AGAIN?)

Doctor Syntax Silver badge

Grow your own Unicorn

I saw the above at my local Morrison's pop-up garden centre (an otherwise vacant bit of paving they monetise during the summer). It turned out to be genuine. It's a variety of pepper.

Hackers can turn web-connected car washes into horrible death traps

Doctor Syntax Silver badge

Re: "We controlled all..machinery inside the car wash and could shut down the safety systems,”"

"Monitor status of safety systems, yes. Change them remotely, no."

Basic rule: just because you can do something doesn't mean it's a good idea. And the converse also applies: just because it's not a good idea it doesn't mean you can't do it.

Flash... Nu-uh! Tech folk champing at the bit to switch off life support

Doctor Syntax Silver badge

"alternatively there is always the Met Office site."

And its demand to enable a stupid number of javascript sites. This is supposed to be better?

Doctor Syntax Silver badge

If only the Beeb would stop using Flash on www.bbc.co.uk/weather I think I'd be able to ditch it completely.

Strong and stable, my arse. UK wobbles when coping with ransomware

Doctor Syntax Silver badge

"I'd also get rid of whichever idiot is clicking on links in dodgy emails but it's probably the CEO."

That's probably why so many don't know where it's coming from. They actually do know but saying so would be career limiting.

Doctor Syntax Silver badge

"In the UK, almost 20 per cent of businesses have little or no confidence they could stop ransomware" but "35.4 per cent not knowing where it came from".

So at least 15.4% didn't know where it came from but nevertheless have more than a little confidence they could stop it.

Disgraced Entatech founder Jason Tsai tossed in the clink for contempt of court

Doctor Syntax Silver badge

"6 months extra in clinky"

That's just for taking the piss and to let him know he's not being believed. I'm sure if the cash isn't recovered there'll be a good deal more time in chokey. Getting on the wrong side of the judge isn't a good idea.

OnePlus cash equals 5: Rebel flagship joins upmarket Android crew

Doctor Syntax Silver badge

"During the review period, I received several OTA updates from OnePlus – a sign of attentiveness."

Fairly meaningless unless we know how long the review period was. If OTA updates come in quick succession it could be less attentiveness and more "ship now, finish later".

Meg Whitman OUT at HP ...Inc

Doctor Syntax Silver badge

Re: Maybe she'll do for Uber

"I remember a time when HP test gear was comparable to tektronix."

That sells HP short. HP of old made a lot more than test gear. I don't recall Tektronix making spectrophotometers, for instance.

All of which goes to show that the wrecking of HP was even worse than you thought.

Firefox doesn't need to be No 1 – and that's OK, 'cos it's falling off a cliff

Doctor Syntax Silver badge

Re: Probably more to do with attitude

" we are the best programmers and therefore we know best. Nothing you old people know is relevant to us anymore." From the comments it looks like they have continued on with their cavalier attitude.

That attitude is reminiscent of something else that keeps cropping up here. Maybe someone else needs to reflect on the reasons for Firefox's decline.

Doctor Syntax Silver badge

Re: I still use IE6. Nothing else comes close.

Please accept an upvote for your skilful use of satire.

Doctor Syntax Silver badge

Re: Google - It is getting worse for us

"Remember that outside of IT a large percentage of the population works in retail, marketing, or sales, and even tradespeople are generally aware that their own employers and their own jobs depend on advertising."

I think we're into irregular verb country here:

I send out valuable marketing messages

You nag

He, she or it spams.

I wonder just how many people in the advertising industry itself use adblockers because other peoples' ads are so annoying. Not their own, of course - a serious lack of self-awareness would see to that.

Doctor Syntax Silver badge

Re: Google - It is getting worse for us

"If you think that's bad, refer to Yahoo Mail, which autoplays a video whenever you've emptied your trash bin."

Well, if you will insist on webmail....

Doctor Syntax Silver badge

Re: Firefox has gone full retard ever since it started chasing version numbers

If you want Mozilla nostalgia a browser and a client for email, RSS, Usenet, calendar and IRC: Seamonkey.

I wish LibreOffice would just take it over and put a bit of development nous into it.

Doctor Syntax Silver badge

Re: Don't always blame others...

"I rather prefer that they only fix what's broken"

Nevertheless I wish they'd release a successor to 2.46. I had to roll 2.46 back as it proved somewhat unstable and I get fed up with prompts that it's available to install.

Doctor Syntax Silver badge

Re: IMO It is an engineering fault for their failure...

"Putting you in a vice: break your machine or get pwned."

Simple solution there. Split feature updates and security updates. Unless you were actually relying on a bug which is patched in the security update you can apply the security update irrespective of it being out of band without breaking functionality. (Assuming the update itself isn't broken.)

Doctor Syntax Silver badge

Re: Google isn't neglecting the web the way Microsoft did with IE

"A remnant of Netscape's code made its way to Mozilla, and eventually the browser Firefox was born."

An even bigger remnant than you thought. Seamonkey was also born.

Biting the hand that feeds IT © 1998–2019