* Posts by Doctor Syntax

16449 posts • joined 16 Jun 2014

PC repair chap lets tech support scammer log on to his PC. His Linux PC

Doctor Syntax Silver badge

Re: For the phone scammers ...

"Never had a call back."

I had once. The salesdroid's supervisor rung back to say the call must have been cut off.

Doctor Syntax Silver badge

But surely the DoB should have been 1/4 not 1/1.

Doctor Syntax Silver badge

Re: I've done the Linux thing

"he woman at the other end had just tried to tell me Linux runs under Windows."

Well they do have a Ubuntu subsystem in W10 - although I doubt the average scammer would know that.

Doctor Syntax Silver badge

Re: Ideas for a new game

Final plans for the invasion of India with a special unit to be dedicated to liquidation of phone scammers.

Doctor Syntax Silver badge

Re: I'm missing out

"Take out service with TalkTalk."

There are limits. Now go and scrub your keyboard with soap and water.

Doctor Syntax Silver badge

Re: professional scammers

"He/she/it/they said "Hello Mr. Shaw" in perfect English to which I replied in Italian, for the lulz."

I'd have thought linguistic skills ought to be able to earn them a better legitimate income than scamming. Or maybe the scamming's just a sideline.

Doctor Syntax Silver badge

The only call I ever got from one of those is one I missed - it just came up on the phone's missed call list.

What I do get from time to time is SEO spam in my Hotmail spam bin - that and phishing scams pretending to be from Outlook etc are the only ones that the Outlook filters let through. Occasionally I've delved into the Hotmail junk folder and sent replies to the usual amazing business propositions written as an out of office response and giving them the SEO address. After all, they're all in the same line of business so surely they'd appreciate the introductions.

Other responses are to ask them for the URL of the site they're sure they can improve because otherwise I can't tell which of my many(!) sites it is. Oddly they never respond. Another, bearing in mind that they're probably very proud of their English* is to reply pointing out how badly written their email is and I doubt that if this is the best they can do they couldn't be trusted with a site.

More recently I've taken to pointing out that if they're able to get first page in Google their own site must be on the first page if I search for "first page in Google" in Google but they seem to have omitted its URL so I can see for myself and what's more it's odd that they're using a gmail address rather than their own domain. Usually, of course they can't reply because their long established company - whose name they also managed to omit - is just a single chancer without a domain let alone a web site.

But then I got a reply from a different name. I realised the spammers are just taking any responses and selling on the leads. The reply came from a real business based in India but with branches in the UK (Streetview finds it above a "language school" in a shop-front in Longsight) and Australia, presumably the owner's cousins, brothers-in-law or whatever. He included a number of reference sites to I wrote back pointing out the errors in the UK examples: bad copy ranging from poor English to complete nonsense, over-dependence on Javascript and news items that broke off in mid-sentence - even mid-word. I've not heard back but I wonder if his Mancunian cousin got a bollocking for slack work.

*I wonder, however, if they've bought the text of the email along with the spam list.

WannaCrypt ransomware snatches NSA exploit, fscks over Telefónica, other orgs in Spain

Doctor Syntax Silver badge

Re: Antivirus?

"Do these things do anything useful?"

The updates you get today should protect you against stuff that's been known for x* days. That means that some people will be infected in the period between release and the discovery and distribution of the AV update. In the normal state of affairs this will be a small proportion of vulnerable systems. When the virus spreads as rapidly as this today's updates are already too late.

*where x is however long it takes for the vendor to confirm reports and put together their update.

Doctor Syntax Silver badge

Re: Cost (not just of cleanup)?

"Which stovepipe's budget is going to be picking up the cost of cancelled appointments, wasted time, etc?"

How about the NSA? They sat on this for a long time and then failed to prevent it leaking out.

74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+

Doctor Syntax Silver badge

Re: Risk Management

"The rest goes on wages. That's a political failure."

?

Doctor Syntax Silver badge

Re: Risk Management

"What if such systems had been based on open standards for device control, document interchange, etc?"

You are, of course, correct. But note the past perfect tense in your sentence. We're not where we'd like to be or ought to be. We're where we are.

Doctor Syntax Silver badge

Re: Risk Management

"Can you explain to me, with consideration for any contractual terms one might agree to in the EULA, how that proposal would work?"

It transpires that MS were very quickly able to knock out a patch for this vulnerability. They must finally have realised that they had responsibilities. So they question arises - was this EoLed because it wasn't feasible to continue maintenance or because they wanted to herd those who could be herded into upgrading?

Doctor Syntax Silver badge

Re: Solution

"True, but that implies you can sue a previous administration which is AFAIK not possible."

No such implication. I said sue the NSA. Even given the political nature of top USA appointments institutions like that are apt to run on unchecked.

Doctor Syntax Silver badge

"Yeah, Microsoft only supported XP for 13 years (2001-2014)."

Is it too unreasonable to hope that in 13 years they'd be able to get it right?

Yes, it is.

Doctor Syntax Silver badge

Re: on the upside....

"The good thing about this episode is that it is so high profile that no CTO or even IT manager is going to want to be caught out by it again and can not refuse to address the problem of running obsolete OS´s and maintaining a policy of never patching anything again."

I'd like to think you're right. Cynicism says that there'll be a subset of bean counters* for whom it confirms their belief that IT is a net very good cost centre.

*Bean counters are, of course, a cost centre but they lack self-awareness.

Doctor Syntax Silver badge

Re: Windows XP

"Why are people still using it again?"

Why is this question being asked again?

Go and read through comments in many MS-related threads including this one. You'll find it explained time after time.

Doctor Syntax Silver badge

Re: From North of the Border

"Part of the blame goes to the regulators who drag their feet on approvals."

And if they move faster and let something through without thorough testing how does that work out?

Doctor Syntax Silver badge

Re: From North of the Border

"Enterprise licences don't do this. It's only Home and Professional et al. that spy on you."

Neither my dentist nor optician are large enough to qualify. They're professionals but don't get treated as such by Microsoft.

Doctor Syntax Silver badge

Re: From North of the Border

"knee jerks are for jerks."

Nice one.

Doctor Syntax Silver badge

Re: From North of the Border

Interesting calculation. But you've omitted the cost of testing the ability of the existing applications to run on W10 and remediation or replacement of those that won't. An OS exists to run applications. These are the very arguments used against FOSS in such circumstances.

There's no silver bullet.

Doctor Syntax Silver badge

Re: Kill switch

They knew the code had been stolen. But they chose not to activate the "kill switch".

Not activating it immediately it was stolen was reasonable. If they had the malware operators would have noticed it because they'd have had to debug it to get it to work. However they should have been watching for a release and thrown the switch as soon as they discovered it in the wild.

The NSA have a lot to answer for here and I hope govts. around the world let the US know that.

Doctor Syntax Silver badge

Re: Stupidity

"But it's TRAINING."

And counter-training unfortunately. You train people to use email safely. Outside of your training session marketers everywhere are counter-training them to accept HTML mail as normal. Banks and others are counter-training them to click on URLs in their HTML mail. Social networks are counter-training them to throw complex files around. Gmail and the like are training them to view their mail through a browser, described here the other day as not a single point of failure but a whole three-dimensional space of failure.

Doctor Syntax Silver badge

Re: Mitigation against ransomware:

"11. Update the antivirus version on regular basis and keep the definitions updated on a daily basis."

Today's definitions won't protect against yesterday's infection. And if that infection is also an aggressive worm as this was that's not going to be much use.

"12. Keep the computers and servers up to date with Windows updates and security patches."

In 15a you go on to explain why this isn't always possible.

Doctor Syntax Silver badge

Re: What the I don't even

"MSNet ports out there waving in the breeze of the general Internet"

Assumes a fact not in evidence. If you have a system with substantial internal SMB linkages than all it takes is one person to open an email booby trapped with a worm. The externally exposed port is your email port and that isn't going to work without being open externally.

Doctor Syntax Silver badge

Re: 'They've already been copied a dozen times for further use.'

"They weren't released before Shadow Brokers failed auction"

And what's that got to do with anything? Shadow Brokers would have sold you a copy. What guarantee would you have had that there wasn't another?

Doctor Syntax Silver badge

Re: Solution

you tell me what the "most basic principles of security" are that Microsoft have missed in current Windows and we'll see if your GNU/Linux distribution of choice has or has not also missed them.

OK. MS have always been a bit obscure about what any given fix does. Given that, in the real world, fixing one problem sometimes causes another. Recently they've taken to rolling multiple patches into one so it will take longer for sysadmins* to test and roll out.

My chosen distro is Debian LTS, ie systemd-free. Over to you.

*A good sysadmin is paranoid about everything.

Doctor Syntax Silver badge

Re: Solution

"does this mean we can now collectively sue the Trump administration"

Downvoted for gratuitous Trump insertion. Clearly this goes back some way beyond the current administration. There may well be good reasons for suing the NSA, assuming they're not legally protected. There are also good reasons for being critical of Trump but conflating the two issues when they don't belong together weakens your argument. Learn to stay focussed.

Doctor Syntax Silver badge

"Either Microsoft were coerced into deliberately introducing this for the NSA's pleasure, or the NSA had it inserted somehow."

Or it was a genuine bug which the NSA found and didn't bother to warn anyone until it was too late.

Doctor Syntax Silver badge

Re: Risk Management

"Simple."

The word you're looking for is "simplistic".

As has already been pointed out all unpatched versions of Windows are vulnerable. Patching itself introduces risks - patches have been known to break things and now that MS are rolling multiple patches together those risks are increased. So patching also involves testing and testing takes time.

The specific risk for XP is that it doesn't get patches. But, again, the issues with XP aren't simple. In many cases it will have been retained because something mission-critical depends on it and replacing whatever that is may require major expenditure and further risks. If your MRI scanner, for instance, relies on a no-longer maintained piece of XP-only software do you simply put your hand in your pocket for a few million to replace it, commission a rewrite and take the risk that it may fail in some respect to emulate the existing product or do you keep using XP?

These sorts of issues are not easily solved. Of course they only exist in the real world so please feel free to keep helping with your advice.

Doctor Syntax Silver badge

Re: worthy of mention

"On stand-alone PC's, ensure you have an adequate AV solution"

The problem with this is that the signature for any new malware won't be available until the target has been released, infected systems and been reported. When something spreads as fast as this has done that will be much too late.

UK hospital meltdown after ransomware worm uses NSA vuln to raid IT

Doctor Syntax Silver badge

Re: >You might not now but in medieval times it was the best way of becoming rich.

"yeah, I know it's not necessarily the sysadmins' fault, but somewhere, some people, either incompetent IT or managers, decided it was acceptable to connect an OS that is now 2 yrs out of even extended security support to wider networks."

You may have to look a little further back than that. Maybe at some business that was writing current applications but has now been bought and re-bought by some bigger business and somewhere along the chain the application development has been discontinued, maybe the source lost and runs on nothing newer than XP.

There's no silver bullet.

Doctor Syntax Silver badge

Re: Backup

"then my friend, you deserve all you get."

But your users and those they serve don't.

Doctor Syntax Silver badge

Re: Alternatives?

"1: You do not normally have to use Windows. There are more secure alternatives."

As others have said there's a lot of specialist kit for which only Windows drivers and/or applciations exists (which version of Windows is another worry). So it's not as simple as that. However there should be proper network segmentation to protect these.

OTOH plain vanilla desktop office/mail/web machines could well be shifted to other platforms. However this would buy time, not complete protection. A booby-trapped email will inevitably find a supply of boobies if it's widely spammed.

What's needed is a better architecture that doesn't allow some random application to save or update whatever file it wants.

Doctor Syntax Silver badge

Re: something or nothing....

"ever tried deleting/moving/modifying a file on a network share that you only have "read" permissions to?"

Those file you only have read permission to - how did they get there? Could it be that someone has to have write permission?

On a more practical, albeit longer term scale alternatives to simple shared folder need to be looked at. As one approach I'm currently setting up Nextcloud at home. I have several alternative ways to share files with a client. One is to use the webdav client to sync a specific desktop folder with the server. That means that even if I had a ransomware program running wild on the client PC it could only (a) affect files on the synced folder and (b) the contents of the folder on the server are versioned so that the last good version can be restored.

Microsoft's Windows 10 ARM-twist comes closer with first demonstration

Doctor Syntax Silver badge

"Windows has had ARM support for quite some time too... there's even a distribution for Pi's"

Presumably you mean the W10 Core? That's the one aimed at IoT. Another reason to reject it.

Doctor Syntax Silver badge

Linux has been on ARM devices for a while. And:

# apt-get install p7zip

[...]

Suggested packages:

p7zip-full

The following NEW packages will be installed:

p7zip

0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.

Need to get 268 kB of archives.

After this operation, 812 kB of additional disk space will be used.

Get:1 http://mirrordirector.raspbian.org/raspbian/ jessie/main p7zip armhf

etc. but that "arnhf" gives the game away - this isn't emulated, it's fully native.

O2 continues to splash out on 4G ahead of rumoured IPO

Doctor Syntax Silver badge

What a pity BT bought EE. They could have had O2 flogged back to them.

Cloudflare goes berserk on next-gen patent troll, vows to utterly destroy it using prior-art bounties

Doctor Syntax Silver badge

Re: Prenda law V2?

And let's hope Ken White writes up the story.

Mozilla to Thunderbird: You can stay here and we may give you cash, but as a couple, it's over

Doctor Syntax Silver badge

Re: It's the 21st Century: Outside of Work, Email is dead

"Noone has the slightest interest in archiving years of invitations to go to the pub or links to cat videos."

Personally I've no interest in any crap for which the main purpose is the dissemination of cat videos.

"It's not even a youth thing: I'm 58 years old and never email anyone, outside of work."

Maybe you're prematurely aged and live a very restricted life if you don't actually do anything online that requires email.

Doctor Syntax Silver badge

Re: Thunderbird users?

"I was using email long before the Internet was set up"

Now that's really going to blow the OP's mind. Email not only without the web but also without the internet. Bang on!

Doctor Syntax Silver badge

Re: Can someone give me an idea of what sort of money is involved?

"If there are Thunderbird developers still in existence (and I frankly doubt it), they have rejected each and every one of your ideas every hour of every day for years upon years."

Good try at trolling. As they incorporated Lightning (see my previous post) that's at least one of his suggestions that they haven't rejected. What's more their not rejecting it pre-dates his posting it.

On the whole I have some sympathy in their trying to ignore HTML and the like. It's an abomination in email.

Doctor Syntax Silver badge

Re: Perhaps a Good thing?

"All I would ask, is for some decent native CalDAV implementation. The Calendar plugins always seem a bit "tacked on" and not fully integrated, and sometimes will cock up."

From https://support.mozilla.org/en-US/kb/using-lightning-calendar-add-on

Starting with Thunderbird 38, Lightning is bundled with Thunderbird. This means you don't need to install it separately, but simply confirm to use it once you create a new profile or upgrade from a previous version of Thunderbird.

What's not, AFAIK, built in is Lightbird, an add-on to Lightning which provides a the calendar in its own window with a somewhat different and, to my mind, better interface. Native CalDav would also be useful.

Doctor Syntax Silver badge

Re: Apart from security fixes - why change Thunderbird ?

"Google Calendar also opens in a separate tab"

I think I can see the problem there.

Doctor Syntax Silver badge

Re: Apart from security fixes - why change Thunderbird ?

"Calendar improvements."

Make Lightbird a component instead of an add-on.

Doctor Syntax Silver badge

Re: Pointless interface changes ?

"Android doesn't even seem to know what I'm talking about."

It only seems not to know what you're talking about. But that's another issue.

Doctor Syntax Silver badge

Re: Pointless interface changes ?

The outcome I'd like to see is one that was discussed back when this was first raised: Thunderbird (and Lightning) joins the Document Foundation (i.e. LibreOffice) and preferably takes the other orphan child, Seamonkey, with it. LO would be able to add a mail client and PIM and, if Seamonkey is included, a browser. The interface could then go back to the old style which would better fit in with LO and maybe there'd be money to add in its own CalDav connector instead of relying on SOGO.

Phil Collins and supergroup exposed as cloud investors

Doctor Syntax Silver badge

"digital transformation of health."

Overall I think biological would be better than digital. It involves a bit more than cobbling together an app, however,

Drugs, vodka, Volvo: The Scandinavian answer to Britain's future new border

Doctor Syntax Silver badge

"cameras being moved so they did not read plates, as well as other attempts to damage them including setting them on fire."

There's also scope for a sort of crowd sourced DDOS attack. Make up flip books with number-plate fonts, each character being individually flippable and just show a rapid succession of randomly flipped "number plates" to the cameras. With a bit of extra planning the same number could be shown to widely separated cameras at more or less the same time.

Well this is awkward. As Microsoft was bragging about Office at Build, Office 365 went down

Doctor Syntax Silver badge

Re: Numpties.

You shcould trust them because if the penalty clauses in the contract madeke it really bad for them if you suffer any kind of outage and so they'dll make every conceivable effort to deliver.

FTFY

Doctor Syntax Silver badge

Re: Cloud just means...

"SLA's around it all"

Do those SLAs actually prevent things from going down?

Do they actually provide compensation for the real costs to the client when they do go down?

Do those trying to fix things when they go down have your, the client's interests as their prime motivation or are they just working to the SLA?

Biting the hand that feeds IT © 1998–2019