* Posts by walter.bishop

23 posts • joined 8 Jan 2016

Malware 'clearly' behind Ukraine power outage, SANS utility expert says

walter.bishop Silver badge
Linux

Yet more cyber-hacker-terror-bullshit ..

"BlackEnergy is the handiwork of the Russian-based Sandworm Team which in October 2014 was reported to have compromised industrial control systems in the US for up to three years."

Let me see if I understand correctly. For up to three years a US power company has allowed insecure SCADA units to be connected to the Internet. If this is so and not yet more cyber-hacker-terror-bullshit, I wonder at the level of incompetence of the people in charge.

Hyatt says hackers took card data from 250 of its hotels

walter.bishop Silver badge
Linux

Android Apple Linux malware ..

If only Hyatt had used the fully indemnified industry standard Operating system instead of an OS designed by some amateurs in their bedroom.

JetBlue blames Verizon after data center outage cripples flights

walter.bishop Silver badge
Linux

Verizon data center power outage

Why didn't the UPS kick in and then the diesel backup generators. Why didn't these defects show up in the last power out test. They did test the backup power systems were functioning.

Microsoft calls out Amazon's humble hybrid cloud

walter.bishop Silver badge
Linux

Microsoft's cut Azure prices again

I don't follow the logic. If Azure was better than AWS for the same price then why the need for a price cut. In business, people cut price when the product isn't selling.

IBM buys fraud sniffing biz for real-time protection

walter.bishop Silver badge
Linux

IBM assimilated IRIS Analytics ..

Assimilated .. like the Borg .. and that big sinister eye is a nice touch :)

Late night server rebuild led to 'nightmares about mutilated corpses'

walter.bishop Silver badge
Linux

The pair spent the whole night re-installing all the software

Why didn't they restore from the daily backups?

Cisco decides that to save the cloud, it must hunt it with prejudice

walter.bishop Silver badge
Linux

The Borg's bag?

Isn't this a case of misappropriating the term?

http://lurkertech.com/bill-the-borg/

Microsoft wants you, yes you, to write bits of Windows 10. For free

walter.bishop Silver badge
Linux

Once pull request have been vetted ..

"Patent License. You grant Microsoft, and those who receive the Submission directly or indirectly from Microsoft, a perpetual, worldwide, non-exclusive, royalty-free, irrevocable license under Your patent claims that are necessarily infringed by the Submission or the combination of the Submission with the Project to which it was Submitted to make, have made, use, offer to sell, sell and import or otherwise dispose of the Submission alone or with the Project."

2015 was the Year of the Linux Phone ... Nah, we're messing with you

walter.bishop Silver badge
Linux

Desktop environments actually hurt Linux

"I even wrote a paper all about how desktop environments actually did more to hurt long term adoption of Linux than promote it"

Can I read it, do you have a link to the paper?

SlemBunk slamdunk: Mobile banking Trojans found worldwide

walter.bishop Silver badge
Linux

Android Trojan spread across three major continents

'To detect and defend against such attacks, we advise our customers to deploy our mobile security solution'

Aw, go on, go on, go on ...

Hacks rebel after bosses secretly install motion sensors under desks

walter.bishop Silver badge
Linux

How to defeat motion sensors ..

I do believe C5H4N4O3 has a detrimental effect on such sensors. How to defeat VoloMetrix is to open masses of windows when you arrive in the morning and leave them open all day. It'll slow dow the computer but then again so will VoloMetrix, without adding any value to the work process.

Turkish carder scores record 332-year jail term

walter.bishop Silver badge
Linux

Turkish carder defrauding 54 customers ..

I thought he defrauded the bank using stolen Credit Card numbers. Who was it that thought it would be a good idea to use CC for online financial transactions. A solution to such online fraud is totally banning the use of Credit Card for Internet transactions.

Future Snowden hunt starts with audit of NSA spooks' privileges

walter.bishop Silver badge
Linux

Too many individuals have privileged access to NSA computers ..

How about designing an OS, where someone can't just walk in off the street and burn your entire unencrypted database to a DVD. Or at least implement a full irrevocable auditing system where you don't have to wait until the miscreant downloader announces the deed from Moscow.

Open Web Application Security Project issues new secure coding bible

walter.bishop Silver badge
Linux

Risks associated with software today ..

"An application achieves ASVS Level 2 (or Standard) if it adequately defends against most of the risks associated with software today."

Your web applications are only as secure as the underlying OS. If that's insecure then no amount of ASVS will cure it. How about designing an OS that can differenciate between local software and software downloaded from the Internet and don't execute the latter. How about not using an OS that can be compromised by clicking on a malicious weblink or opening an email attachment.

ps: I notice some broken HTML at the top of the page to get some script to run:

html> head> script>var inDapIF true; /script> /head> body> script src "https://tpc.googlesyndication.com/safeframe/1-0-2/js/ext.js"> /script> IFRAME SRC "https://fw.adsafeprotected.com/rjsi/dc/49009/6898563/ddm/adi/N117602.126839THEREGISTER.COM/B9199301.125002745;sz 728x90;click https://adclick.g.doubleclick.net/aclk 253Fsa 253DL 2526ai

Asian cyber-spies fling Seven Pointed Dagger against Myanmar, NGOs

walter.bishop Silver badge
Linux

Android Apple Linux malware ..

I guess Android Apple Linux malware strikes again. When will people learn to stop using that OS designed by some amateurs in their bedroom and move to the industry standard Microsoft Windows?

Skype finally catches Google with group video chat

walter.bishop Silver badge
Linux

I'll Skype you ..

"Skype .. doesn't find time to reflect on the reconfiguration of its entire network undertaken by Microsoft"

Give them a break, routing all the VoIP traffic through north America is a massive technical undertaking.

http://arstechnica.com/tech-policy/2014/12/newly-published-nsa-documents-show-agency-could-grab-all-skype-traffic/

Your jingle to take into the weekend: QuickTime security fixes to apply

walter.bishop Silver badge
Linux

QuickTime security fixes to apply?

"Apple has posted an update to its QuickTime media plugin, addressing multiple remote code execution flaws for Windows 7 and Windows Vista users"

This would be a flaw in Windows 7 and Windows Vista would it not.

It's replicant Roy Batty's birthday – but hey, where's my killer robot?

walter.bishop Silver badge
Linux

Spinner Flying Cars ..

Where are all the Spinner flying cars that are supposed to have appeared by now?

Was Android moving to OpenJDK really a Google gift to devs?

walter.bishop Silver badge
Linux

Kuhn reckons there is a threat to Android makers?

"FSF chief Bradley Kuhn reckons there is a threat to Android makers who fail to comply with GPL, plus the Class path exception."

My reading of the second linked-to document is that the ' Classpath exception' is designed to allow a developer to distribute a Java application without having to include the source code. I see nothing there in reference to 'Classpath exception' and Oracle. The 'way to extract revenue' quotes are from another document in relation to 'copyleft'. You seem to have added two plus two and come up with a five.

walter.bishop Silver badge
Linux

IBM and political battle over the control of Java?

"IBM had backed Harmony as part of its political battle over the control of Java"

I don't follow, how is IBM trying to take control of Java? I thought it was Oracle that claimed ownership of Java.

Latvian coder released from clink after mega-millions bank raids

walter.bishop Silver badge
Facepalm

It's like déjà vu all over again Yogi ..

http://www.theregister.co.uk/2013/01/24/gozi_trojan_indictment/

http://www.secureworks.com/cyber-threat-intelligence/threats/gozi/

So what's all this about 320k Time Warner Cable users being hacked?

walter.bishop Silver badge
Linux

TWC didn't get breached?

"The most likely culprit is a phishing attack targeting TWC customers"

Which begs the question as to why the passwords were stored in the clear, instead of a hashed/salted token like every other online system since the dawn of the computer age.

Your boss yells 'build a secure IoT gadget' and you don't know where to start. Take a look at this

walter.bishop Silver badge
Linux

Designing secure Internet-of-Things

"It's aimed at people designing internet-connected gadgets and gizmos who want to make sure malicious code doesn't end up compromising devices"

How about running the core OS on read-only memory and the apps on a VM running on top? The core OS can't be altered without visiting the device and plugging in a dongle. As has already been demonstrated the trusted execution path can be compromised.

http://www.blackhat.com/presentations/bh-dc-09/Wojtczuk_Rutkowska/BlackHat-DC-09-Rutkowska-Attacking-Intel-TXT-slides.pdf

Biting the hand that feeds IT © 1998–2019