* Posts by Doctor Syntax

16426 posts • joined 16 Jun 2014

Don't panic, but Linux's Systemd can be pwned via an evil DNS query

Doctor Syntax Silver badge

Re: Hang on, all y'all ...

"And because a ton of scripted code has been replaced by a ton of C code"

ISTR a rubric which went something like:

Never do in C that which you can do in shell.

Never do in shell that which you can do in awk.

Never do in awk that which you can do in sed.

Never do in sed that which you can do in tr.

Doctor Syntax Silver badge

Re: Only 14 responses (at time of writing)

"Our's seem have come across phishing attacks for the first time"

Be grateful that they finally have..

Doctor Syntax Silver badge

Re: Just like to point out..

"A timely reminder that this stuff is written by journalists, technical journalists, but journalists all the same."

That's right. Journalists who put this paragraph in the article:

The bug is technically present in Debian Stretch (aka Debian 9), Buster (aka 10) and Sid (aka Unstable), however "systemd-resolved is not enabled by default in Debian," according to the project's Salvatore Bonaccorso, so either you have nothing to worry about, apply the patch yourself, or hang tight for the next point release.

It helps to read the article as well as the comments.

Doctor Syntax Silver badge

"Given how this octopus spreads its arm in so many modules, this is probably only the very tiny tip of a very big and cold iceberg."

Regret I can't give you a second upvote for a glorious mixed metaphor.

A minister for GDS? Don't talk digital pony

Doctor Syntax Silver badge

Vic,

I initially wrote "team" and then decided that suggested an unlikely degree of cohesion. "Crew" seemed more appropriate. After all, wrecked ships start with a crew.

Doctor Syntax Silver badge

I suppose that the skills actually needed right now are negotiating skills and anyone with those will be in the Brexit crew.

Four Brits cuffed in multimillion-quid Windows tech support call scam probe

Doctor Syntax Silver badge

A friend who is a lawyer by trade asked my technical opinion on something and I gave them an answer.

"About this speeding ticket..."

Doctor Syntax Silver badge

In a Crown Court case the judge kept reprimanding a prosecution "expert witness" for stating opinions which were outside her perceived remit. She was trying too hard to help the prosecution.

I've had the experience of the prosecution QC (who'd called me) trying to push me further than I was prepared to go. Eventually the defence lodged an objection.

Adam is right. Although an expert is called by one side or the other their real role should be to help the court. In my day I and my immediate colleagues were Civil Servants although one or two labs, notably the Met, were run by the police although the staff were civilian. I'm very much against the privatisation that's happened. Indeed, I thought at the time that the lab should have had a supervisory board from the judiciary to emphasise the fact that we were servants of the court.

Doctor Syntax Silver badge

"Take Burglary, for example."

And (c) establish the ownership of the object taken.

Doctor Syntax Silver badge

"Microsoft are now doing criminal investigations? If evidence isn't generated and validated by the plod, I'm not sure that will stand up in a court. (?)"

So i you were to witness a crime and aren't a policeman you don't think your evidence would stand up in court? Anybody can be give evidence in court to what they witness.

Someone with appropriate expertise can give expert evidence which includes what opinions they draw. They don't have to be police officers; in the UK forensic scientists aren't, nor are pathologists. I think when it comes to investigating Microsoft scams Microsoft would have provided expert advice to the police and their personnel (not the company itself) would be readily accepted as experts by the court.

Doctor Syntax Silver badge

"may I suggest anyone found guilty of running these scams is placed in a genuine computer support desk?"

Given the number of examples on YouTube of the scammers being scammed it's doubtful whether any of them would be good enough to set to work on a help desk...or maybe Capita.

Virus (cough, cough, Petya) goes postal at FedEx, shares halted

Doctor Syntax Silver badge

Re: An Observation

"exactly how does this malware spread?"

This should go some way to answering your question: https://www.theregister.co.uk/2017/06/28/petya_notpetya_ransomware/?page=1

Doctor Syntax Silver badge

Re: If Only "Professional" IT Staff Updated Their Computer OS Software

"Microsoft has provided patches for Windows XP on up through Windows 10 that block ALL of the ongoing ransomware assaults."

Are you sure? From a previous Reg article:

The malware performs a scan of the network for vulnerable SMB file-sharing services so that it can spread via EternalBlue and EternalRomance. It also scans the computer's RAM to harvest login credentials – preferable any admin or domain admin creds present – so that these too can be used to spread the malware via remote command-line tools PsExec and WMIC. These latter pair appear to be the primary method of propagation.

"You have NO excuse."

If I had a £ for every post which effectively says "Works for me so if it doesn't work for you it's your fault" I'd be rich. Maybe they're more informative about the breadth of experience of the posters than of anything else.

Admins do not all have the final word in policies. Very likely there'll be some who have been forbidden from patching because "we can't afford the downtime". In my time I've had a couple of similar blocks imposed on Unix migrations (and a very bad migration platform choice imposed on me). The businesses may - arguably - have got what they deserve, the admins not necessarily so.

Doctor Syntax Silver badge

Re: Today of all days

"single floor building, no open windows or elevator shafts to play with either"

You need a better working environment.

Doctor Syntax Silver badge

Re: Well, MAYBE this will get their attention

"the fixes are a better tax rightoff" or some such malarkey."

It's not only the fixes that cost or even the immediate losses of business during the downtime. It's the loss of confidence by customers. It's also the increased insurance premiums. In fact, if this starts causing serious losses to insurance customers businesses all over, irrespective of whether they've been hit, will start to see their insurers stipulating the precautions they're going to have to take before they get cover.

Search results suddenly missing from Google? Well, BLAME CANADA!

Doctor Syntax Silver badge

So in another jurisdiction one of the alleged knock-off products claims its products are legit, gets a judgement to that effect & demands that Google display its results world-wide. What does Canada do then?

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

Doctor Syntax Silver badge

Re: Lots of fishiness here.

" My own list of suspects would start with recently terminated sys admins."

Or any other techy from there.

I wonder whether the private keys were being emailed in plain text to that email box. Of course with it closed down maybe victims are getting their email bounced back to them.

Doctor Syntax Silver badge

Re: A good argument for keeping *one* *nix machine

"and having *it* act as file server."

But not via SMB.

Doctor Syntax Silver badge

Re: Decrypting?

"Some programs are capable of re-constructing this data, though they're invariably either very, very expensive or very, very un-user friendly (requiring a good knowledge of how a disk drive physically works at a cylinder-and-sector level)."

<cough/> https://en.wikipedia.org/wiki/PhotoRec

Free and IIRC, fairly straightforward. But it does depend on the original data being undamaged on the disk.

Doctor Syntax Silver badge

Re: Decrypting?

"but that won't help with encrypted data files."

It depends on whether the original data blocks were overwritten.

Doctor Syntax Silver badge

Re: Our cats used to deliver half a dead mouse

"And occasionally a stunned chipmunk."

Years ago when we had a cat and a dog one of them brought in a live baby rabbit. Whilst we were trying to round that one up the other arrived with another. I wor nobbut a nipper but I still remember that.

Doctor Syntax Silver badge

"Then he left his note book in the toilet"

Provision of proper toilet paper is an essential for security.

Doctor Syntax Silver badge

Re: Bring Back

"Not in any doubt as to a lower TCO for general use."

That TCO might need some revision this year.

"I'll lay odds in the affected companies the MAC/Unix Systems are still going

Because no one uses them as user desktops"

You think those with Macs aren't using them as user desktops?

Doctor Syntax Silver badge

Re: Backups

"Who is the Data Protection Advocate at your company?"

That begs a question.

Doctor Syntax Silver badge

Re: The real blame goes to..

"MS have patched the vulnerabilities in question."

Only very belatedly. They were embarrassed into having to patch XP after its EoL. If the problem was known during XP's lifetime, shouldn't it have been patched then? If it was known during 7's development should it ever have been in 7?

There are reasons other than indolence why stuff doesn't get patched or at least patched promptly and doesn't get replaced (see TFA and also the frequent posts about the effects of enforced updating of 10).

NSA have no excuses whatsoever for sitting on this stuff and letting it become a global problem. Countries which have experienced serious infrastructural problems should have been calling US ambassadors into their foreign affairs ministries for a good talking to.

Doctor Syntax Silver badge

Re: Of Course

"It could be the Ukrainians themselves who set this loose to try and blame their enemies."

More to the point, has MeDOc let anyone go recently and failed to delete their accounts and change any passwords they may have known? Because this is getting t sound like a bigger and better version of https://www.theregister.co.uk/2017/06/26/engineer_imprisoned_for_hacking_exemployer/ (for some values of better).

Doctor Syntax Silver badge

Re: Since midday it is no longer possible for the blackmailers to access the email account"

"leave it open & monitor who accesses it?"

Yes. I can see why the MSP would want to avoid an aiding and abetting charge or whatever the equivalent is in Germany but the responsible thing would have been to have gone to TPTB and asked how the latter wanted them to handle it. I'd have thought that the answer would have been to keep it running to gather evidence and I doubt that it was kept running long enough for that to have happened.

Doctor Syntax Silver badge

"It just seems odd that there have been 2 separate attacks, using different 'tools', within just a few weeks of each other. "

Why odd? There have been malware campaigns for a long time. Then the EternalBlue and a load of other stuff went public a while ago. Add some time for the malware writers to incorporate it and there's nothing surprising at all that a couple of specimens using it emerge at more or less the same time.

Doctor Syntax Silver badge

"My cat delivers faster and more reliably than TNT."

Kittens or dead birds?

Doctor Syntax Silver badge

Re: Bring Back

@Mark

You do realise, don't you, that there are a multiplicity of other OSs and of CPU architectures? There are also other forms of networking semantics than SMB. Each OS, CPU and networking technology you introduce into the mix raises the difficulty for an attacker more or less exponentially. As the system becomes more difficult to attack even Windows systems gain from herd immunity.

Doctor Syntax Silver badge

Re: Let's blame Obaka's "revenge"

Bob, you really do make it difficult for us to take any of your posts seriously.

Doctor Syntax Silver badge

Re: Bring Back

"malware writers *would* cater for all systems"

It raises the bar for them having to deal with all systems. It wouldn't just be a matter of recompiling the same code.

Also heterogeneous systems can have different modes of operation. For instance drop the idea of using a browser - or anything else - to apply a GUI to your server-based application. [Pauses to allow millennials to stop hyperventilating at the thought of a GUI-free application.] Now you have an old-fashioned terminal application that can be run via a link with the semantics of an RS-232 link. That really raises the bar on trying to get an infection back from a PC to the server.

Doctor Syntax Silver badge

Re: Backups

"but there are plenty out there that silently do their work for weeks before activating"

Do you have a citation for the frequency of this? It keeps being raised but all the reported outbreaks seem to be pretty well instant or nearly so. According to TFA this one spreads for an hour before kicking in but that's very different to working for weeks.

Doctor Syntax Silver badge

Re: The real blame goes to..

"it could be argued that the NSA protected the business world by keeping it a secret."

This is an argument for security through obscurity. The main problem with this is that you have to maintain the obscurity for ever. By far the best approach is for the vulnerabilities to be notified back as soon as discovered, fixed and the fixes incorporated in future products and in updates to existing ones.

Mozilla dev and Curl inventor Daniel Stenberg denied travel to USA

Doctor Syntax Silver badge

Re: Missed Opportunity

"it is a combination of friendly regulation and ready access to investors and capital markets willing and able to throw vast sums of money at tech."

1. The premise of TFA is the unfriendly regulation of the country as a whole.

2. The money will be thrown at the tech wherever it might be if they can't do that locally. And I believe Switzerland and several Caribbean islands might have money available.

Doctor Syntax Silver badge

Re: Save the Planet!

"Maybe all this extra security is actually a cunning way to dissuade us from travelling"

Or a cunning way to disguise bumping overbooked passengers?

Facebook hit two billion users today and SugarCRM reminded us you are Zuck's product

Doctor Syntax Silver badge

Re: I call it misleading.

A proportion are too young or sick sensible to use the Internet or Facebook.

FTFY

Doctor Syntax Silver badge

Re: Wider problem

"late middle age."

Thanks for that. I'll accept the description but still keep off FB and the rest.

Toshiba sues WDC for a cool billion bucks

Doctor Syntax Silver badge

What's the exchange rate between a cool billion bucks and a DUP?

Tanks for the memories: Building a post-Microsoft Office cloud suite

Doctor Syntax Silver badge

"No one mentioned Collabora Office Online."

It's available for Nextcloud but I didn't mention it as I haven't tried it. IMBW but I understand it's based on LibreOffice.

Doctor Syntax Silver badge

For this Cloud-based discussion, we’ll leave LibreOffice out of it

Why?

Clicks File. Ooh, look, Open Remote File is an option. Select that, Click on Add service. Google Drive is actually the first choice there.

If you don't want to put your business in the hands of MS or Google for storage you could always turn to NextCloud, either running your own copy locally or sign up with a commercial vendor to host it.

Met Police laggards still have 18,000 Windows XP machines in use

Doctor Syntax Silver badge

"A remarkable precise number for non networked PCs"

Don't confuse precision with accuracy.

AWS Summit London queues caused by security, not snafu

Doctor Syntax Silver badge

Don't security hold-ups count as SNAFU?

Ride-snare: Lyft ruse helps cops cuff suspect in tech CEO murder case

Doctor Syntax Silver badge

Re: Timing

"Perhaps tackle him to the ground before the polite introductions?"

Just pick him up and give him a lyft to the cop shop. No reason for undue exertion.

Blunder down under: self-driving Aussie cars still being thwarted by kangaroos

Doctor Syntax Silver badge

Pheasants. A lot better at gaining airspeed than gaining height.

The 'DUP' joins El Reg’s illustrious online standards converter

Doctor Syntax Silver badge

Re: Ulster Scots

"I think Welsh is simply Anglo-Saxon for Foreigner."

That seems to be the accepted explanation. But W & G often get interchanged - in fact it happens with the French for Wales. I think the A/Ss recognised the post-Roman Britons as Gauls.

Doctor Syntax Silver badge

Re: Let's not ask who really benefits from the Union

"There are many in the (mainland) UK would happily cut the cord"

That could have happened a century or so ago had it not been clear that the result would have been an extremely bloody civil war. It might have settled matters but at a much higher cost than anything that's happened since.

Doctor Syntax Silver badge

Re: didn't stick in your craw.

"Yet, bizarrely the majority of voters claim that's what they want. Obviously they don't understand how to fill in a ballot paper, or lie to pollsters."

Back in the day it was hoped that PR voting would ensure moderates and even cross-community parties such as Alliance would thrive. It didn't work.

Doctor Syntax Silver badge

Re: Dane Geld

"it does essentially come down to the fact that English/Dutch protestants invaded the island in the 1680s"

A bit more complex than that. You appear not to have heard of the Elizabethan plantation nor of the Ulster Scots (where do you think that name Paisley comes from?). Then, of course, the Scots did come from Ireland in the first place - there's been toing and froing across the North Channel since it opened up (e.g. Argyll is derived from the name of an Irish tribe). You simply can't put a marker into the chain of events and say everything that side is right and everything the other is wrong. Attempting to over-simplify a situation is a sure-fire way of making things worse.

Huge ransomware outbreak spreads in Ukraine and beyond

Doctor Syntax Silver badge

"and needs to get work done?"

Yes, they certainly need to get work done now to recover from this.

I take it you've no personal knowledge of Linux or other Unix-like systems. I've got a little secret for you. Most of those of us who use Linux have also had experience of Windows, including sorting out the problems it's caused for friends and family. We can actually reach an informed opinion of what actually works.

In my case I was using Unix systems to do real work years before Windows was thought of. Lab management, logistics management, industrial control systems, all grist to the mill.

Biting the hand that feeds IT © 1998–2019