* Posts by ApatheticPlatypus

5 posts • joined 23 Oct 2015

Shock: NASA denies secret child sex slave cannibal colony on Mars



My inner monologue makes absolutely no sense at all when I'm reading the quotes!

Facepalm time: MS Office update wipes custom Word autotext



Personally I don't see what all the fuss is about, they obviously already have everyone's data, why don't the just autorestore the documents they overwrote/deleted from the cloud? Honestly can't believe nobody thought of it - or maybe they have and I'm too lazy to read all the comments ;)

Rooting and modding a Windows Phone is now child's play


Re: Warning: Actual Windows phone owner here

Unless you know something I don't, the pwn2own comp is aimed at attempting to breach the device from the perspective of a remote attacker? The software tool connects to the phone using a USB cable to take advantage of http://www.windowsphone.com/en-gb/how-to/wp7/basics/how-do-i-update-my-phone-software (basically the USB update mechanism). So the only way to breach the security or sandboxing is to purposely connect it to your computer and replace all that security with your own. So no built in security has been breached because it's using an update mechanism already provided to bypass the security for legit updating purposes?


Warning: Actual Windows phone owner here

Whilst I welcome this new ability to mod my phone from it's original purpose, to what end I wonder will this improve my device. As far as I know MS keeps all of it's devices up to date with the latest version of Windows software and I can think of no function I need to perform as root. Indeed to do this to a device that previously passed the pwn to own test (http://arstechnica.com/security/2014/11/windows-phone-security-sandbox-survives-pwn2own-unscathed/) because of it's security and sandboxing seems rather irrational to me. But as someone else pointed out some people just want to play with their *cough* devices - who am I to judge them? :)

Chaos at TalkTalk: Data was 'secure', not all encrypted, we took site down, were DDoSed


Oh well yet another large company p0n3d my data

This is a little bit boring. Honestly you would have thought lessons were learnt from other large companies losing customer data. There were lots of signs before this happened i.e. an increase in the number of fake talktalk phishing calls customers were receiving (yes I was one of them).

Now I have yet another company telling me my data has been lost to who knows who. Would be nice if they could lose a license to ISP or something. Then have to go through a stringent set of checks before they were allowed to ISP again - footing the bill to transfer their customers to other more competent ISPs until they were relicensed. This would definitely put these companies off skimping on security! Probably only get a small fine which isn't much of an incentive for not stopping this kind of thing in the future.

On the plus side the phishing call I received did amused me:

Scamguy: Hello this is talktalk there is a problem with your router

Me: Sorry that's absolute rubbish, let’s start again, you say you are from talktalk yes?

Scamguy: You are stupid <hangs up>

(Yes I phoned talktalk to check it wasn't them)

Biting the hand that feeds IT © 1998–2019