Wouldn't it be funny if they used permanent markers by mistake...?
786 posts • joined 11 Jul 2015
"compared to fish that just had alcohol or only water in their tanks."
Shit. Just alcohol in the tanks?
Re: Just what I need
...that was a Bladerunner quote for obvious reasons...
Re: Just what I need
Let me tell you about my mother....
Re: Just what I need
Useful if you are an android trying to pass for human.
In which case you would probably set a daemon called <breathing> to run in the background.
But that wouldn't be a human thing to do, you would use something to remind you externally, like a watch.
So then you probably would use a watch to do it. But then a human wouldn't need a watch to do it so therefor you would probably set a daemon called <breathing> to run in the background and another called <check_watch> which has a randomisation element for periodally checking the watch. But you would probably not want to do this when you are doing things that shouldn't require you checking your watch like sex or sleeping, so you would need to have states that are checked to ensure that <check_watch.....
I am thinking about this too much.
Re: Transparent dumplings
Don't think he is evil. Just a narcissistic prick who thinks he is some kind of saviour, whose story has ultimately dwarfed Wikileaks and done more harm to that organisation than good.
Which are both controlled by Assange the Puppet Master....
Re: Baud rate
Better still - just use encryption over radio. That way everyone can listen in, and you expect it. Just ensure you use a good encryption.
Numbers stations are still in use. Why? Because they work. You may be able to pinpoint a recipient to a rough continent, but that is it.
Intersting place we are in right now. All of a sudden the reams of data that we daily spew, the trillions of bytes of cats, porn, txtspk and selfies and are flung are all considered 'rightfully' yours; the domain of the security agencies.
We get it. You are keeping us 'safe'. And for a given value of safe, you are. Even if, using this method, you caught or interrupted *one* bad thing, this is a definition of keeping us safe. Thanks for that. But I, personally, don't trust you. You see things with lines stating this is a good citizen and this is a citizen to watch because certain patterns cross over. And you watch, 24/7 and add up all these little extras that once were maybe deemed eccentric by others, and they cause you concern because they dont equate to the idea of a good citizen.
There are far more people like me, than people like you, though.
So you need stricter fines, methods for control to keep the 'undesirables' under control. But this doesn't work. So these methods become more corporal in nature. Because this works, right?
Then what? You think 'this will never happen, we won't repeat history'.
And of course, as you know, you already are.
Because what will happen? A generally disatisfied populace will end up voting in a government that actually looks like it is leading, is forceful and gets things done as opposed to the clowns currently operating. And then that government has the tools, thoughtfully put in place by you, to ensure that they continue to be forceful and Get Things Done™.
So thanks for that.
Total bullshit of course. Just a little eccentricity of mine, thinking like this whilst I have my breakfast.
Re: @camilla I'm not... However
"Halifax really haven't thought this one through and their actions go well beyond the bounds of what's reasonable behaviour. CMA most definietly applies - not for the scanning, but for *the way they're explicitly bypassing security* and attacking the target network"
Then it isn't much in the way of security it is bypassing, then.
I am not defending Halifax. There is a breach of etiquette here. But at the same time it should be water off a ducks back, not a 'How dare you!' reaction.
The internet is an unforgiving place to be.
LIfe's hard. :)
@camilla Re: I'm not... However
"If I want my ports scanned I can ask, give permission, for someone with an appropriate and legitimate service to do so.
I do not need some dweeb dropping in on my open ports saying they are or appearing in my logs as being some sort of security scanning service."
And that is exactly the mindset that the policy and lawmakers are coming from.
If malicious hackers were nice people then they wouldn't be malicious hackers. So it is, quite literally, an anarchists state out there in Intercyberweb Land. Those that know this will have a better chance than those that don't. And now with added GDPR you better hope that your house is in order because hacked/leaked data along with insufficient GDPR consideration will result in bankruptcy.
So as far as I am concerned, if I put anything online I fully *expect* it to be scanner, probed, prodded and slapped for good measure. I don't say 'How dare you!'
But hey. That is just me.
Actually, I am up for everyone being able to scan whoever they like. I, personally, think that will result in a percentage point increase in secure online destinations.
The law is an ass when it comes to security in the online world. Basically going after low hanging fruit because 'We are doing something' and all that bollockerdash.
Re: "future prosperity"
I am not holding out much hope for the new 'Atari'.
Which is a shame. Because that *should* rock the gaming world. Not with 3d immersiveness. Just easy to develop for.
They should have gone for a Neo Geo on steroids. In fact, they should have just made it a Neo Geo clone. :)
Re: The mistake of a non compatible OS....
WebOS had a great UX though. Possibly still the best - the version that was running on the Palm phones that is.
You Won't Believe This Comment!
Re: And that's probably why...
"And annoyingly, Google's GBoard doesn't present a 'C with upside down hat' ( unicode U+010C ) for Capek's name."
Would you be talking about Čapek?
@john - thank you! Thank you so much for that. You won the Commentard Commentry of the Comments Section Communal Comment of the Day award.
Re: It ain't ERP that's the problem, per se.
"It's the clueless middle-to-upper management that spec it and use it that are the security problem."
No, it is still also due to the coders who write the stuff, the analysts who examine the stuff, the testers who test the stuff, the customers who buy the stuff.
Security will only work when holistically applied. Otherwise you are always just one phishing attack away from pwnage.
(Except in the case of Oracle. Oracle is Satan's work.)
"Capita is committed to delivering this contract and its vital purpose: digital transformation for NHS support services that were previously paper-based, fragmented and without national standards."
Oh that's alright then.
"The last time we rejigged the appearance of the site, opinion was highly divided. "
I have just gotten used to this design and you are DOING IT AGAIN??!! WHY?!
You been taken over by some ex-google UI/UX designers?
'Catherine McGuinness, policy chairman of the Corporation of London, chipped in to add: "I'm particularly pleased that this court will have a focus on the legal issues of the future, such as fraud, economic crime, and cyber-crime."'
So they aren't legal issues in this current timeframe, then?
Where on earth to they get these stupid, idiotic, canned media quoting, crap spewing shitty little bollocky, electron wasting, bile inducing fools?
The strange tale of an energy biz that suddenly became a blockchain upstart – and $1.4m now forfeited in sold shares
Not if he doesn't give them real burgers for their money. He just sends an email with a picture of a burger on it to customers.
Don't be so bloody melodramatic.
There will always be cats infesting technological forefronts. May as well say gravity is doomed.
Re: Desks should be clear anyway,...
Oh good. I'm positively brimming with mental health, then. I should tell my therapist(s).
RE: Nostalgia - I remember reading a lot about L0pht in 99/2000. I may even remember the senate hearing. Was it in computer weekly? Certain names cetainly popped out, Mudge, Space Rogue - those, and others, certainly came up time and time again.
Anyone else read, or used to read, Attrition.org? Still going.
“So obviously I just ran the job again, as you do. I think I did it a few times before I gave up and asked a colleague for advice.”
Does running something again when you get something unexpected seem like a bad idea?
Or is this just me?
"At least what we do is basically out on the table. The same can't be said for the French or German security services."
Sooo...what you are saying in the French and German security services are better at keeping secrets?
Saying publically: 'We are going to do this questionable moral activity in the name of (insert catchy soundbite here)', doesn't make it any less questionable.
Human nature at work. It won't improve. The game will stay the same but the goals will shift.
It has ever been so, it will ever be so. Start with your own personal moral compass and work from there.
Re: Whos'e on first...
Oh no it isn't!
Re: PIcky picky picky
Wasn't talking about the good linx distro side. I was just referring to the household name bit.
If I went to my family and said Android, they would go 'What about it?'
If I went to my family and said 'Ubuntu', they would go 'You having a stroke or is that a new cordial?'
If I went to my family and said 'Canonical', they would go 'is that a small camera?'
I love my family. I hate the fact I am the only one who works in IT, in my family.
PIcky picky picky
"Canonical makes an easy target for this sort of thing because it's the closest thing Linux has to a household name."
I would have said Android.
Yeah. But we read El Reg regularly. We don't need no stinking headlines.
But we do apreciate them!
Re: Nicely Done Reg!
I mean well done is deserved.
But I don't see why we have the term 'Open Justice'. Justice is justice, surely?
If there is something nefarious going on behind closed doors, if something is just it still is just, if it is affected then it isn't justice.
Actually that reads weird. You know what I trying to say? Meh.
Too much GDPR documentation going on.
"and Frutal has positive connotations which obviously wouldn't influence the results."
Was he from the Flumps?
Legally mandated requirements are that. Legal requirements. So if you run a Telco, you have to comply with the the data logging requirements for running that Telco.
After that GDPR and the ePrivacy directive take hold.
SO if you are legally required to keep a record of what phone calls where made through your system for 7 years, then you keep them for 7 years. But on the first day of the 8th year, you better have your data deletion policies in place.
"But a normal website owner should have no further need for the data after it has been in the logs long enough to check for unauthorized access, which should be same-day or next-day (3 days if there is a weekend between), is what I'm reading from the IETF. But that does seem rather short. A few weeks seems more reasonable."
You won't necessarily know about an instrusion until Troy Hunt mentions your domain. Bad things™ happen even to those that do take precautions. Ever hear of the rogue employee? And you need to find out what occurred so you know that particular hole is shut down and the ICO will want to know what you are doing about the data breach. You can't do that if you dispose of your logs too quickly. When you are aware of it, you don't know how or when it occurred yet so you need to check.
Those that think they are that secure that they can't be hacked in anyway are, for the most part, deluding themselves. You have to assumed you will be hacked at some point.
“The processing of personal data to the extent strictly necessary and proportionate for the purposes of ensuring network and information security, i.e. the ability of a network or an information system to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services offered by, or accessible via, those networks and systems, […] by providers of electronic communications networks and services and by providers of security technologies and services, constitutes a legitimate interest of the data controller concerned. This could, for example, include preventing unauthorised access to electronic communications networks and malicious code distribution and stopping ‘denial of service’ attacks and damage to computer and electronic communication systems.”
So a few weeks for logs? Fine. Do it. You may never need them beyond that. But if you do need to know what happend a couple of months ago?
" Full IP addresses should only be stored for as long as needed to provide a service;
Logs should only include the first two octets of IPv4 addresses, or first three octets of IPv6 addresses;
Inbound IP address logs shouldn't last longer than three days;
Unnecessary identifiers should not be logged – these include source port number, timestamps, transport protocol numbers, and destination port numbers;"
I don't agree. The way the internet works means that ip addresses are a necessary use. Yes, IP addresses can be Personally Identifiable Information when combined with other data, or you are using a fixed IP at an individual address, but if you access my services I can't help but know your IP address. My logging is fine to record your entire IP address. It is what I then do with that information that is important.
Also, I am bound to provide suitable protection against any intrusion, or notify ICO if I suspect an intrusion. This aso means potentially sifting through logs to try and locate that source. Three days? That is just silly. 6 Months, sensible. 12? Maybe they have a point, unless regulatory requirements state otherwise.
This would come under legitimate interest. If you come to use my online services, then I have to store the above information to allow me to satisfy the requirements that come from operating online services in the EU. If I then decide to do something funky with that data, then that is another thing entirely.
I am wondering if INTAREA felt that they hadn't yet made any statement regarding GDPR and rolled out the first thing that sounded press friendly. They certainly are not showing a deep understanding of the issues involved.
"Logs should be protected against unauthorised access."
And remember, Kids, don't take sweets from Strangers...
Re: Not the first time
Well isn't this a usual trick of a ruling elite?
IIRC some officers pay in various forces was so low that the only people who could afford to become officers were those that had a seperate income.
Colour me cynical...
I noted the same thing.
I'm sticking with Zen. Not cheap but the odd time I do need to call them, it is a fine experience.
Upvote because, in a few thousand years and the universe's first antimatter linked Hypermegascalon Dimensional Thread TZR + goes online*, I hope the first reported enquiry at whatever passes for a press event then, consists of:
"So...does it run Crysis?"
*I say online. What I really mean is it pops up in your consiousness.
Re: Leaking the anti-leak memo to Bloomberg
"Leaking Apple’s work undermines everyone at Apple and the years they’ve invested in creating Apple products… The impact of a leak goes beyond the people who work on a particular project - it’s felt throughout the company."
The impact of the leak? Really?
I suppose the impact on your unsold stock of current iShiny may be hit. But really, Apple, you truly are just another self righteous, narcissistic, lifestyle wannabee, tax dodging, grubby little American corporate.
Who else would make so much out of a thin laptop, then promptly allow root access without a password?
"Has doing tech support for your family ended in tears?"
Pretty much every other time.
For some reason, I was expected to know their passwords to things until I insisted they wrote their passwords down. Or develop a system for generating passwords.
If I am speaking and saying 'Go to the root of your C:\ drive." the ':\' is silent.
"“The first task, that took about two years, was to stop her saving everything to the root of C:/.” "
Isn't that root of C:\?
Re: life extension - file extension
The trick is not to show anyone anything that might upset them.
Hence the ubiquitous search on modern OSes that helpfully fail to show you the location of the files it finds unless you click on the bugger first.
Unless that is just MacOS.
Ever get the feeling we are moving backward?
Xtree Gold ftw.