* Posts by Walter Bishop

884 posts • joined 16 Jan 2016

Page:

Black screen of death after Win10 update? Microsoft blames HP

Walter Bishop
Bronze badge
Terminator

Modify the registry incorrectly

"Serious problems might occur if you modify the registry incorrectly."

I suspect Microsoft, purely in the interests of preventing piracy, specifically designed Windows to go BSOD, if it detects it's been transferred to a new PC. Of course in the process they made Windows unrecoverable in the event of a false positive.

0
0

Viacom exposes crown jewels to world+dog in AWS S3 bucket blunder

Walter Bishop
Bronze badge
Linux

Re: What price security?

'Why are huge companies with $billions skimping on security and storage costs and dumping data into the "cloud"? Storage is cheap. Much cheaper than the costs of a leak or even just the bad PR.'

Because their clueless managers have been reading about how much more efficient and economical the Cloud than the old fashioned "stuff"

3
1

Microsoft teases web-based Windows Server management console

Walter Bishop
Bronze badge
Linux

Greybeard Linux admins

"Greybeards Linux admins are used to a very simple system (for example, user management in Linux, is much more limited and thereby simpler than in Active Directory)"

You mean we can get the same usability on Linux without the complexity of the Active Directory GUI. Which also explains why there is a small ecosystem in third party admin tools to admin the admin tools in Active Directory

"in the old times the concept of a system API - maybe language-neutral, was still to come... let's keep our heads well stuck in the 1970s. Linux bird should be an ostrich, not a penguin."

Yes, your FUD does indeed come from the 1970s ..

0
0
Walter Bishop
Bronze badge
Linux

A richer hyper-converged GUI management ecosystem

That's the whole problem with the Windows paradigm. With it's endless click-boxes and sub-sub-menu-control-panels. You have to pay someone or else sit there telling the computer what to do. and yet again, you have to buy a load of 'stuff' to get the computer to do anything useful. Anyone remember BizTalk Server and 'snapins' ..

0
0

Your boss asks you to run the 'cloud project': Ever-changing wish lists, packs of 'ideas'... and 1 deadline

Walter Bishop
Bronze badge
Facepalm

Sure, the future is cloud :)

OK, I've given the article a quick once-over and am given to understand that this hypothetical company expects a single IT techie to design and implement a full IT 'cloud' solution all on top of his current duties and implemented in zero time at no extra costs.

"Bob was more than happy to be selected for the company’s new cloud project"

Doesn't sound like any techie I've ever come across. Never be the first to do anything and never volunteer for the companies next hot project. But if I was at a particular company and management decided to move to the 'cloud', the first thing I would ask is, has this been successfully done elsewhere at a similar size company and if so can we see it in action?

"Cloud was eventually implemented at this organisation, but it delivered just a fraction of what had been promised"

You mean it delivered exactly what the IT department knew it would deliver and a fraction of what management deluded themselves into believing and. Management would know this, if management ever listened to their own IT people instead of some outside consultant.

6
0

FireEye pulls Equifax boasts as it tries to handle hack fallout

Walter Bishop
Bronze badge

How FireEye and Equifax handles unhandled malware

“We have this category that Equifax calls unhandled malware, [with] which traditional security approaches haven’t been very helpful. Putting in FireEye has really helped us detect this unhandled malware, then gives us the capability to take action to stay secure.” Tony Spinelli, SVP and CSO of Equifax -- link

6
0

HSBC biz banking crypto: The case of the vanishing green padlock and... what domain are we on again?

Walter Bishop
Bronze badge

Re: MarkMonitor Inc. Idaho USA

"So? I bet the majority of uk domains use UK registrars."

Well for instance, if I wanted to execute a DNS hijack against HSBC, no one at HSBC would notice. The site says 'Fighting financial crime with HSBC Safeguard'. Obviously not applying the magic sauce to themselves.

"markmonitor specialise in checking/investigating/registering similar domains for companies to avoid phishing and other scams."

Is it wise relying on some under-paid third party intern in India for your Internet Banking security?

0
0
Walter Bishop
Bronze badge
Facepalm

MarkMonitor Inc. Idaho USA

The question is who at HSBC decided to allocate domain registration to a company in Meridian, Idaho USA ..

Domain: hsbc.uk

Registrar: Markmonitor Inc

Name: HSBC Group Management Services Limited

Address: 8 Canada Square

London

E14 5HQ

United Kingdom

Domain: markmonitor.com

Registrar: MarkMonitor Inc.

Organization: MarkMonitor Inc.

Street: 3540 East Longwing Lane, Suite 300

City: Meridian

State: ID

Postal Code: 83646

Country: US

1
1

So you're already in the cloud but need to come back down to Earth

Walter Bishop
Bronze badge
Linux

Private hybrid public cloud

The 'cloud' a virtualized PC running on someone elses server farm that you pay for by the CPU cycle. The rest you have to do it yourself.

1
1

Google, propaganda, and the new New Man

Walter Bishop
Bronze badge
Facepalm

Re: Lying is always bad propaganda, because it deceives and misleads the people

"I think it's unethical to tell women to go into the IT industry and hide from them all the problems women are having there"

Time to inject a little dose of reality: changing the face of coding :)

1
0

Why is it that geeks' favourite enemies are... other geeks?

Walter Bishop
Bronze badge
Facepalm

Re: Same with [members of] simlar religions ...

"there's no more bitter enemy of a religios person than a just slighly different one."

Or the philosophers or sociologists who like to keep a good feud going :)

0
0
Walter Bishop
Bronze badge
Terminator

Re: I have come across some

"Later the open warfare between NT Server and Netware supporters*"

I've never come across Open Source geeks who spent their time thinking up ways of sabotaging other developers efforts. Such as shipping Windows with no network connectivity and refusing to fix bugs in Windows 95. Refusing to provide header files and libraries to Novell. Or writing a bad app to make OS/2 look buggy. Or produce fake error msgs, see AARD code.

0
0

Memo to Microsoft: Keeping your promises is probably a good idea

Walter Bishop
Bronze badge
Facepalm

Microsoft the new IBM?

"when pundits declared that Microsoft was "the new IBM" in the mid-Nineties"

This must have happened in some kind of parallel universe, because I remember it differently. Especially considering that Microsoft skated in on the IBM PC and IBM PC DOS. Microsoft hired on to produce IBM PC DOS for the IBM PC. PC DOS being a clone of SCP by Seattle Computer Products. Later on they were tasked with producing OS/2 and instead spend the money on Windows NT. IBM the company that allowed their intellectual property to be stolen - twice.

0
0

Malware writer offers free trojan to hackers ... with one small drawback

Walter Bishop
Bronze badge
Facepalm

Re: bleugh

"What on earth does that have to do with it?"

It's always amusing watching the reporter manage to not mention the platform, unless it's Android or Apple.

0
0

Alert: AT&T customers with Arris modems at risk of remote hacking, claim infosec bods

Walter Bishop
Bronze badge
Terminator

Just the usual procession of firmware vulnerabilities?

I don't think so, these kind of accidental backdoors are happening to many times to be mistakes. I would suspect all consumer grade hardware comes with such features.

0
0

Pacemaker patch passes probe by US watchdog

Walter Bishop
Bronze badge
Terminator

Manufacturer Reason for Recall ..

"Transmitter may initiate a software reset resulting in backup operation in some implanted St. Jude Medical Radio Frequency (RF) enabled Implantable Cardioverter Assura, Unify Assura, and Quadra Assura ICDs and Assurity and Allure Pacemakers."

1
0

Oh, ambassador! You literally are spoiling us: Super-stealthy spyware hits Euro embassy PCs

Walter Bishop
Bronze badge
IT Angle

Re: System requirements

"Stop whining, I for one would like to know if my system is compatible with the latest stuff doing the rounds."

Compatibility was never an issue until Microsoft made it so ..

Security as a lock in: "I believe as we evolve security capabilities there must be some way to set this up so that our operating systems have shared secrets with each other that make them work better with each other than with other operating systems - whether it's JAVAOS layered on top of us or clones or anything else. I think we need to make this an explicit goal of our security strategy."

Openness: "Our most potent Operating System competitor is Linux and the phenomena around Open Source and free software. The same phenomena fuels competitors to all of our products. The ease of picking up Linux to learn it or to modify some piece of it is very attractive"

Lotus Notes R5 Competitive Analysis aka Microsoft Innovation.

2
0

Another banking trojan is trying to loot your cryptocurrency wallets

Walter Bishop
Bronze badge
Terminator

Where's the IT angle?

.. "a Word document infected with malicious VBA code .. a victim opens the malicious Word document" .. ref

0
0

Ex-Harrods IT worker pleads guilty to PC repair shop trip

Walter Bishop
Bronze badge
Terminator

Removing a computer from a domain?

"Am I missing something but isn't removing a computer from a domain quite easy?

I've come across this before as a friend of mine was asked to perform such a service. The laptops come with some kind of Windows authorization software that if removed is reinstalled at the next boot by a customized bios module in conjunction with the Intel Management Engine. The missing windows components being downloaded through an un-encrypted HTTP connection. I'm sure some third party could figure out a way to hijack this, to plant their own nefarious software on their victims 'computer', just saying :)

8
0

SAP point-of-sale systems were totally hackable with $25 kit

Walter Bishop
Bronze badge
Facepalm

SAP server connects back to hacker laptop

Have SAP ever considered connecting their POS terminals to the servers through an encrypted VPN connection?

Secure retail POS systems with virtual private network (VPN) ..

1
0

Linux for weirdos ..

Walter Bishop
Bronze badge

Re: Linux for weirdos ..

'unless you call those of us who don't use systemd "wierdos".'

No not at all and far from it. I am sugesting that videos such as the above are an attempt to denigrate Linux users by associating them with an Internet weirdo. As such it would be futile to engage 'floater' in an online dialog - don't ever encourage the trolls.

0
0
Walter Bishop
Bronze badge
Facepalm

Linux for weirdos ..

Is this for real or a send-up. Someone who refers to himself as 'floater' demos 'Void Linux', while chomping down on a jam-and-toast sandwich. The accent varies from slacker to Officer Barbrady. And most of the video references in this are equally off-the-wall. The included video samples leading to equally weird entities such as the self styled 'Styxhexenhammer666'.

0
0

New York Police scrap 36,000 Windows smartphones

Walter Bishop
Bronze badge

Old apps won't run on Windows 10 Mobile

"Even though those two models are eligible to be upgraded to Windows 10 Mobile, the NYPD will need to redesign more than a dozen custom apps it created to run on Windows 8.1. And every phone will need to be manually updated to the new operating system."

Old apps won't run on new OS, what genius scientist designed 'Windows 10 Mobile' this way and what's stopping the developers recompiling the old apps for the new OS? Trivially easy under Linux, just a few compiler directives in the make file.

7
5

A LANnister always pays his subnets: Cisco hires Game of Thrones' Tyrion

Walter Bishop
Bronze badge
IT Angle

How networks can protect themselves

Put the executable bits in read-only memory and don't use Intel or Microsoft anywhere on your network.

0
1

Chinese chap collared, charged over massive US Office of Personnel Management hack

Walter Bishop
Bronze badge
Terminator

Improperly patched browser malware infecting people

Come off it, out with it, go on say it, the malware only works on Internet Explorer running on top of Microsoft Windows.

5
0

Bad data and new IT system bugs help knock 66% off Provident Financial share price

Walter Bishop
Bronze badge
Joke

How many people to make a calendar app?

How many people to make a calendar app: five to write the actual code and two hundred and forty five to supervise the other five.

"The routing and scheduling software deployed to direct the daily activities of CEMs [debt collectors] has presented some early issues, primarily relating to the integrity of data, and the prescriptive nature of the new operating model has not allowed sufficient local autonomy to prioritise resource allocation during this period of recovery."

There's your problem right there, the CEO is actually a shape-shifting albino lizard from a planet in the Draco constellation and only learned to speak English from tuning into the Intergalactic Corporate Bullshit Generator.

1
0

WikiLeaks a 'hostile intelligence service', SS7 spying, Russian money laundering – all now on US Congress todo list

Walter Bishop
Bronze badge
Big Brother

The real hostile intelligence service

The real threat to the US is its own intelligence service. You know, the intelligence service that leaked that pissy-gate dossier against Trump. That one no doubt thought-up by the same people that concocted the sexed-up Saddam Hussein WMD dossier. Pissy-gate and other leaks, all designed to tie-up Trump in defending himself against scandal and get with the program.

That program being, expand the military presence in Eastern Europe. Use the blow-back from the Russian Federation as evidence of Russian 'aggression'. Provoke civil unrest in the middle east and then use such unrest as a pretext to invade Syria, Iraq, Afghanistan etc. Use the blow-back from such invasions as evidence of the threat from foreign terrorism, and use such evidence to suppress home-grown political activism. Use the pretext of all of the above to call for a massive increase in military spending. Use the pretext of national security to impose financial sanctions on foreign companies.

13
12

Not another Linux desktop! Robots cross the Uncanny Valley

Walter Bishop
Bronze badge
Linux

Linux desktop not necessarily user friendly?

You obviously haven't had any real world experience of using one of the current Linux Desktop Environments:

Linux Mint 18.1 "Cinnamon" overview

KDE Plasma 5.X Review 2015

Ubuntu Gnome 17.04 Review

Unity 5 running on Ubuntu Natively

Besides it's well known in technical circles that the only people who want to have sex with a robot are Windows users.

0
0

Continuous integration platforms are broken – here's what needs fixing

Walter Bishop
Bronze badge
Facepalm

Re: Stability

andy 103: 'If you get some tosser saying it has to be done in a "agile" way, stay away from them, because they've no idea what it really takes to deliver software successfully .. Even now I bet someone will downvote this or say' ..

Going on the downvotes you got here, there's at least two self identified tossers on this forum :)

2
0

NotPetya ransomware attack cost us $300m – shipping giant Maersk

Walter Bishop
Bronze badge
Facepalm

Medoc: PCI DSS Level 1 Compliant

Medoc: 'PCI DSS Level 1 Compliant, the highest level of data and payment protection'

'NotPetya initially attacks via a phishing email'

7
1

Creepy backdoor found in NetSarang server management software

Walter Bishop
Bronze badge
Big Brother

Someone managed to hack into NetSarang?

"It is assumed someone managed to hack into NetSarang's operations and silently insert the backdoor"

It is assumed is it, without any evidence and just who did the assuming. A more likely scenario is that it was done by the NetSang developers at the behest of the state security apparatus. Or else they got a security audit done by some Israeli cyber threat company with links to the self same state security apparatus.

1
0

Azure Stack will need special sysadmins, says Microsoft

Walter Bishop
Bronze badge
Facepalm

Azure Stack on-premises cloud

An Azure Solution Architect, an Azure Administrator, devOps peeps. Tell me again how much money I'm going to save by moving to the hybrid cloud.

1
0

Russian malware scum post new rent-an-exploit

Walter Bishop
Bronze badge
Facepalm

Israeli Co Intsights Cyber Intelligence ...

"The Herzliya-based company is an intelligence-driven security provider for cyber threats from the dark, deep and open web."

Ah, go wan go wan go wan link ...

0
0

Surfacegate: Microsoft execs 'misled Nadella', claims report

Walter Bishop
Bronze badge
WTF?

Re: When MS Was Good

"MS once sold and supported some of the best in the industry"

Are you posting from some parallel universe, cause I remember things differently.

"Eventually MS began competing with the tools that ran on their operating system. Their tools were horrid by comparison, but for some reason they beat out the competition for sales".

From the Microsoft Lexicon: 'competing for sales' == 'screwing over your business partners'.

"Joint Development Agreement between International Business Machines and Microsoft"

"we need to focus on .. establishing OS/2 as the next standard in personal computing" Bill Gates

"I was super enthustiac that we shipped OS/2" Steve Ballmer

"The demos of OS/2 were excellent, crashing the system had the intended effect -- to FUD OS/2 2.0."

'OS/2 "Crush" will focus .. to stop IBM from further successful promotion of OS/2.'

"It's pretty clear we need to make sure Windows 3.1 only runs on top of MS DOS or an OEM version of it," David Cole

Microsoft Litigation ...

3
0
Walter Bishop
Bronze badge
Facepalm

Nadella to blame for buggy Surface Pro drivers

Headline corrected for accuracy. As usual in these cases when a major scandal comes to light, try and deflect blame against the CEO and foist it onto the underlings. Do you seriously expect us to believe Nadella was unaware of the real source of the problem.

4
0

UK industry mouthpiece wants 'near-universal' broadband speeds of 30Mbps by 2020

Walter Bishop
Bronze badge

Broadband takeup and availability ..

"According to a recent report, the UK ranks 31st in the world, with average speeds of 16.51Mbps. However, those figures represent takeup rather than availability."

What is the correlation between 'takeup and availability' and 'average UK broadband speed'?

0
0

WannaCry vanquisher Marcus Hutchins pleads not guilty to flogging banking trojan Kronos

Walter Bishop
Bronze badge
Terminator

Re: Never do this

.. "why was it necessary to have him arrested and trialed in USA? .. Don't the Americans have confidence in the UK justice system"?

Because: we're not a real country anyway, just a forward missile launching platform in the war against the Soviet Union Russian Federation ..

6
0
Walter Bishop
Bronze badge
Big Brother

"The Marcus Hutchins I knew"

"To be completely honest, I didn’t know him as Marcus Hutchins at the time. I knew him only by his IRC and forum nick, Touchme" link

0
1
Walter Bishop
Bronze badge
Facepalm

Re: UK NHS got his because of many vulnerabilities

"What people don't seem to be discussing yet publicly is the impact of the Broadcom WiFi chips on the Raspberry Pi computers, which the NHS adopted for use in hospitals. This I think explains why the WannaCry malware spread so quickly".

Excepting WannaCry spread through bugs in Windows Server Message Block (SMB) protocol and the hack had nothing to do with either Raspberry Pi or Broadcom. It utilized a leaked copy of the NSA vuln tool known as Eternalblue, do you remember now, is that billg on the end :)

8
0

Kremlin's hackers 'wield stolen NSA exploit to spy on hotel guests in Europe, Mid East'

Walter Bishop
Bronze badge
Facepalm

Re: Curious to know

"How do you patch a Windows system so that it's safe to click on a .doc file, and how do you open it without clicking on it."

You don't you just deflect blame onto "Putin's favorite attack dogs" :)

7
3

SAP cleans up more than a dozen troubling CRM security blunders

Walter Bishop
Bronze badge

Re: Security researchers and software flaws

"To be fair, when you have a number of devs, in SAP's case 10k+ devs, it is hard to avoid these types of issues."

Use a version control system to write the code and allocate two developers to each component. Have one write the code and the other test for bugs. Use a bug tracking system to report bugs. Allow the end users access to the bug tracking system. Generate nightly builds and allocate odd numbers for test builds and even numbers for stable builds. Apply all bug-fixes to the latest even numbered build and publish.

0
0
Walter Bishop
Bronze badge
Facepalm

Security researchers and software flaws

Such defects are unacceptable in this day-and-ages and in my opinion unsuitable for today's totally connected world. Do think that at this stage, the innovators and visionaries really need to be held accountable for the quality of the software product. I mean, I thought OOP, agile, lean, scrum, waterfall, DevOps was supposed to be a cure for software defects. Or are all these methodologies a sign that current software development is in a state of crisis.

0
0

Carbon Black denies its IT security guard system oozes customer secrets

Walter Bishop
Bronze badge
FAIL

Re: Protection software spews sensitive data to third parties

"anyone who cares about security will, unless there are exceptional circumstances, notify the vendor first and allow time to respond."

Anyone who cares about security wouldn't upload their records to a third party 'cloud' service!

1
1
Walter Bishop
Bronze badge
Big Brother

Protection software spews sensitive data to third parties

"Carbon Black's Cb Response protection software would .. spew sensitive data to third parties."

So, its working as designed then ;)

0
1

US court system bug opened hole for hackers to scoop up legal docs for free on victims' dime

Walter Bishop
Bronze badge
Facepalm

Cross-site forgery vulnerabilities are still a thing

Do you think the people who invented cross-site scripting (XSS), javascript, cookies ever stopped to think about how this would impact web security. XSS designed to inject web-adverts into your browser from some third party site, like double-click. Javascript designed to make websites dynamic. Cookies used for web authentication. Does this flaw work on anything else except Microsoft Windows. I don't think so, cause it would have been mentioned by now.

2
4

Assange offers job to sacked Google diversity manifestbro

Walter Bishop
Bronze badge
Big Brother

Re: Noted troll Julian Assange?

"The man sacrificed Chelsea Manning, IIRC. Any updates on this article?"

No, it was FBI snitch Adrian Lamo who betrayed Manning. Lamo also turned in his pal Sabu. The public arrest of both Sabu and Lamo was to disguise the fact they were long time FBI informants. Sabu or Lamo having accidentally doxxing themselves while on IRC. Lamo being drawn to the attention of the FBI while engaged in a little CC fraud to fund his pharmaceuticals.

Hey, elREg, how about an article on the stated aims of the US security apparatus to destroy and discredit Wikileaks and Assange through planting fake news articles in the media.

4
3
Walter Bishop
Bronze badge
FAIL

Noted troll Julian Assange?

"In his latest attempt to further the global alliance of weapons-grade bellends*, noted troll Julian Assange"

The man had sacrificed a great deal in opposing the state security apparatus, what have you done? Would you mind preserving these kind of character assassinations for the likes of Breitbart. But do tell us your opinion on the current illegal and immoral war being prosecuted on the people of Syria by the US military industrial complex?

2
9

Programmer's < fumble jeopardizes thousands of medical reports

Walter Bishop
Bronze badge
Facepalm

A flaw in the PACS Medical Imaging System (NIMIS)

What was the name of the operating system this software ran on. What was the name of the company that wrote the software imaging system?

0
0

Azure security boss tells sysadmins to harden up and properly harden Windows Server

Walter Bishop
Bronze badge
Facepalm

PowerShell and NoLanguage mode

'Language modes are also a big issue. NoLanguage mode is the only safe language mode'

So, PowerShell is safe as long as you disable all its functions.

What is a language mode?

4
0

Systemd wins top gong for 'lamest vendor' in Pwnie security awards

Walter Bishop
Bronze badge
Facepalm

The problem with Systemd

Systemd isn't an init system, the goal is to replace most/all Linux OS userspace with Systemd. This is no accident, one of the designers is quoted as saying as much, the actual website escapes me at the moment. The other problem is that Lennart Poettering is an ignorant prick with an over inflated sense of his own technical abilities.

24
2

Page:

Forums

Biting the hand that feeds IT © 1998–2017