* Posts by Walter Bishop

994 posts • joined 16 Jan 2016

Page:

National Cyber Security Centre boss: For the love of $DEITY, use 2FA on your emails, peeps

Walter Bishop
Silver badge
Big Brother

Re: WTF?

@ThatOne: ‘The obvious solution for important emails is digital signatures: Check the message and signature with the sender's public key and you'll know instantly if something is wrong. Safer than 2FA too.’

But if people encrypt their emails then how will GCHQ be able to read them and so protect us all from the cyber-commies :]

0
0
Walter Bishop
Silver badge
Big Brother

Attack of the red cyber menace

Martin last week revealed that hackers acting on behalf of Russia had targeted the UK's telecommunications, media and energy sectors.’

What for, and what was the nature of such attacks. Is this another pretext to bring in yet more legislation in Parlament to protect us from the Cyber Commies?

I can't get into too much of the details of intelligence matters

Translation: I'm just making this s*** up ..

GCHQ will need to continue to build up its cybersecurity capability against Russia, Iran, China and North Korea

Why does this sound exactly like the anti-cyber-commie waffle eminating out of Washington. For instance the claim that Putin influenced the US Presidential election through social media posts. This despite Hillary I will Nuke Iran Clinton being promoted across the majority of the conventional media both of the right and left. It was expected to be a done deal and the only surprise being the the voters ignored the propaganda and came out for Trump. Trump was the joker in the pack, no one in Washington seriously expected him to win. The weekly scandals such as the 'golden shower' dossier are an attempt to get him removed before he does anymore damage.

0
0

Open-source defenders turn on each other in 'bizarre' trademark fight sparked by GPL fall out

Walter Bishop
Silver badge
Facepalm

Re: 'GPL - proudly, brashly, forcefully illiberal license'

@whatevs... “Because it’s a partisan source”...

Yea sure, it's not as if they explicitly state their purpose right there on the main page:

Our mission is to preserve, protect and promote the freedom to use, study, copy, modify, and redistribute computer software, and to defend the rights of Free Software users.” ref

9
1
Walter Bishop
Silver badge
Facepalm

Re: 'GPL - proudly, brashly, forcefully illiberal license'

@tmz: "Try this - http://www.gnu.org/licenses/license-list.html"

A link to the Free Software Foundation sites gets three down votes :]

11
7

Amazon launches Secret Region – so secret it's endorsed by the CIA

Walter Bishop
Silver badge
Facepalm

Ingenious Tradecraft Intelligence

Don't keep your secrets on a computer connected to the Internet.

7
0
Walter Bishop
Silver badge
Big Brother

Anonymous Agent: "No, just the very small subset that work within, have involvement or access to (physically or digitally) to that particular facility."

What's stopping agents of a foreign power apply to work at Amazon and so gain access to all yer secrets in the cloud. I figure this would be easier than breaking into a building at night and scraping the contents of a harddrive.

4
2

Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets

Walter Bishop
Silver badge
Terminator

Intel finds critical holes in secret Management Engine

They would wouldn't they, as Intel put them there in the first place and wouldn't be currently reporting on this except Intel got found out by some third party who leaked that Intel had set the IME to login anyone with a zero length password and inserted a kill switch at the behest of the NSA.

25
0

DNS resolver 9.9.9.9 will check requests against IBM threat database

Walter Bishop
Silver badge
Facepalm

Forty billion evil sites?

"Those checks protect agains landing on any of the 40 billion evil sites and images X-Force has found to be dangerous" only if you're browsing under Microsoft Windows.

0
2

Kaspersky: Clumsy NSA leak snoop's PC was packed with malware

Walter Bishop
Silver badge
Facepalm

Re: China did it! Not us!

@ST: “for security reasons, this op cannot be undertaken from inside NSA"

Now who is the gullible moron?

2
0
Walter Bishop
Silver badge
Big Brother

Re: China did it! Not us!

@ST: "Really? You're going to deploy software suspected of being spyware tied to a foreign and hostile intelligence agency inside the secure network of another intelligence agency?"

What part of isolated in a lab don't you understand. Answer me this: why didn't the other AV tools such as Avast and AVG detect the NSA malware.?

3
0
Walter Bishop
Silver badge
Big Brother

Re: China did it! Not us!

@ST: “NSA analyst is tasked with determining whether or not Kaspersky AV is spyware for the Russian FSB” ..

Nice piece of disinformation going on there if you don't mind me saying so. The software would have been test on an isolated system in a NSA lab, specifically designed for such purpose.

Answer me this: if Kaspersky was working for the FSB then why would the publicize the details on the NSA contractor hack?

3
0

Microsoft can't give away beta cert exams, so starts charging

Walter Bishop
Silver badge
Facepalm

Microsoft Induction ©

Reminds me of Scientology and its endless course material whose real purpose is to subliminally condition the minds of the unwary student.

“Starting with our next beta, Exam 537: Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack"

.. must use Azure Hybrid Stack .. Azure Hybrid Stack is the only authentic stack .. all the rest are flawed ...

1
0

Belgian court says Skype must provide interception facilities

Walter Bishop
Silver badge
Big Brother

Skype impenetrable encryption

"The Microsoft-owned VoIP and messaging system operated in a peer-to-peer model at the time, making its encryption impenetrable to the company and law enforcement authorities alike."

'Skype worked with intelligence agencies last year to allow Prism to collect video and audio conversations.'

0
0

Internet of So Much Stuff: Don't wanna be a security id-IoT

Walter Bishop
Silver badge
Terminator

The dangers of a monoculture ..

As in nature the dangers in maintaining a monoculture is that when a virus comes around in infects your own crop. What's needed is multiple versions of hardware running multiple versions of the software. The providers could pick from a library of such hard/soft solutions. As in the API or ABI provides the same functionality but is different under the hood. Or the device re-configures itself at first boot to obfuscate the system. I call it inoculate ©.

1
0

New, revamped Terdot Trojan: It's so 2017, it even fake-posts to Twitter

Walter Bishop
Silver badge

Malicious open-source banking trojan

"Terdot, a banking Trojan .. Built on the Zeus framework .. leveraging open-source tools for spoofing SSL certificates"

Well the solution is to ban open-source tools.

"In other banking Trojan news"

There's absolutely zero technical content so far ..

Reversal and Analysis of Zeus and SpyEye Banking Trojans

0
0

Amazon Key door-entry flaw: No easy fix to stop rogue couriers burgling your place unseen

Walter Bishop
Silver badge
Facepalm

Rogue couriers and Amazon Key door-entry flaw

How about giving the courier a one-time-code that way the above method won't work. Besides if losing communication with the 'cloud' prevents the door from being locked. What's stopping the perp from placing a jammer near the door and waiting for the occupant to exit the building. you could place a webcam on a nearby tree and watch from a block away in your car.

1
0

Ads watchdog tells Plusnet: There's no way unlimited business broadband costs £4.50

Walter Bishop
Silver badge

You think BT should provide you with a free line to connect your modem to?

@ Doctor Syntax: "You think BT should provide you with a free line to connect your modem to?"

I rent my electricity and the cable in included in the price, the same should go for 'broadband'. The pricing scheme is deliberately designed to confuse people. Basic, unlimited, super-fast, limited period, annual contract, modem delivery fee, engineer call-out fee etc ...

12
2

Crouching cyber Hidden Cobra: US warns Nork hackers are at it again with new software nasty

Walter Bishop
Silver badge
IT Angle

Attack of the Nork cyber bogeyman ..

Enough with this neocon BS, Nork, China, Russia, Iran whatever is cyber-scary-flavour of the month. Have the geniuses at Homeland Security ever considered not keeping sensitive data on a 'computer' connected to the Internet. 'Hidden Cobra' .. just who is this fable aimed at, the kind of people who think the Bourne Identity' is a documentary. Here's how Kim Yong-il deals with leaks :)

6
11

Shut the front door: Jewson 'fesses up to data breach

Walter Bishop
Silver badge
Terminator

Personal data may have been compromised

'customers’ names, location, billing address, password, email, phone number, payments details, card expiry dates and CVV numbers “may” have fallen into the hands of an “unauthorised person”'

In this day and age, why isn't such information store in an encrypted form on a machine accessable from the Internet. Who designed and install the system at online builders merchant Jewson. Who is responsible for maintenance and security. I guess the original hack consisted of someone opening a malicious email attachment, the solution being to:

a. Configure your email client to only open msWord docs in the MS Word Viewer, same for Excel etc.

b. Disable automatically opening of URL links in PDF documents.

c. Disable auto-running flash and similar active content.

d. Use a unique email to register with a site.

e. Use a burner phone for two-factor authentication.

f. Never disclose either to any third party.

Is this the state of 'computer' security in the year 2017 AD .. I mean Current Era, wouldn't want to trigger anyone :]

0
0

WikiLeaks is wiki-leaked. And it's still not even a proper wiki anyway

Walter Bishop
Silver badge
Big Brother

Leaked leaks did not come from WikiLeaks

"Private Twitter messages obtained by The Atlantic detail how WikiLeaks interacted with the president's son, Donald Trump Jr"

The words private and twitter don't go together in the same sentence. The leaks came from either Twitter or Congress but not Wikileaks. It's more likely that, rather than having anything to do with "Russian meddling in the 2016 presidential campaign", the Washington intelligence establishment already had Donald Jrs Twitter msgs, which prompted the congressional investigation. The same intelligence establishment that concocted the 'golden shower' memo also found evidence of Saddam Hussein weapons of mass destruction.

The truth is more likely that Assange leaked the Hillary emails in retaliation for her instigating an arrest warrant against Assange on false allegations of rape in Sweden. There seems to be two factions of the deep state at work here. One supporting Clinton and one supporting Drumpf, both leaking and making specious allegations against the other side. A defacto palace coup being acted out in public and apparently with the willful co-operating of the US Media.

8
30

Munich council: To hell with Linux, we're going full Windows in 2020

Walter Bishop
Silver badge
IT Angle

Microsoft's new headquarters in Munich

'Microsoft calls new German headquarters “the biggest shift since the industrial revolution”'

Original Accenture report written in LibreOffice 5.0 Investigation of the IT system of Munich by Accenture

Accenture and Avanade named Microsoft 2016 Alliance partner of the year

Microsoft: reminds me ever so much as a cross between Disney and Scientology, they're everywhere, slightly sinister and have no taste.

24
2

Microsoft president says the world needs a digital Geneva Convention

Walter Bishop
Silver badge
Terminator

Microsoft on the sorry state of IoT security :]

"Microsoft president Brad Smith .. made the case for a cyber equivalent of the Geneva Convention. He started off by noting the sorry state of IoT security"

Haaaar :]

"If you can hack your way into a thermostats you can hack your way into the electric grid"

Only if you're controlling the grid through SCADA systems running on Microsoft Windows.

2
1

MINIX: ​Intel's hidden in-chip operating system

Walter Bishop
Silver badge

MINIX: ​Intel's hidden in-chip operating system

"Buried deep inside your computer's Intel chip is the MINIX operating system and a software stack, which includes networking and a web server. It's slow, hard to get at, and insecure as insecure can be." ref

0
1

Manic miners, hideous hackers, frightful flaws, vibrating mock cock app shock – and more

Walter Bishop
Silver badge
Big Brother

The Pentagon appreciates the Russian hackers

"McAfee has spotted that APT28 – aka the Fancy Bear crew thought to be part of Russian military intelligence"

'John Arquilla .. estimated there were around 100 master hackers in the world, with many, if not most, in Asia and Russia. He had established contact with several in the US'

1
0

Learn client-server C programming – with this free tutorial from the CIA

Walter Bishop
Silver badge
Big Brother

Flying Pig: GCHQ's TLS/SSL knowledge base ..

FLYING PIG: GCHQ's TLS/SSL knowledge base

0
1

Inmarsat aircraft Wi-Fi lift off set to fill coffers

Walter Bishop
Silver badge

Satellite in-flight Wi-Fi ..

How does Satellite in-flight Wi-Fi actually work?

0
0

Google's answer to the Pixel 2 XL CRT-style screen burn in: Lower the brightness

Walter Bishop
Silver badge
Alien

Re: Cure for crt-style display burn-in

@Neil Barnes: "Well, Star Trek vintage, anyway."

Vintage Star Trek .. that was long before the current offering 'Discovery', where the co-star is a non-binary-gender entity and is married to a mutant cyborg kangaroo and the only caucasian heterosexual human allowed on the Bridge is also the chief villain and a Brit. I sense the political correctness is much strong here :]

1
3
Walter Bishop
Silver badge
Facepalm

Cure for crt-style display burn-in

The original cure for crt-style display burn-in was to slowly move the display by applying a voltage to the X and X deflector coils. So a static image would slowly move left-right and up-and-down.

6
0

Who's that cuddling up in the container... *squints* Wow you're getting along well

Walter Bishop
Silver badge

Re: Reassurance

"Public cloud is more secure than what local enterprise teams can implement due to the scale of operations"

No doubt you'll correct me, but a VM running in the 'cloud' has no more or less security than one running on its own hardware, it's up to the client to secure it. We also have to take the vendors word for it that the back-end is secure. There's also the question as to who can access your data in the 'cloud' without a warrant.

Your reference to infrastructure bigots Equifax in relation to scale of operations don't make sense. Equifax, with an annual revenue of US$ 3.1 billion couldn't even secure its own systems and the largest banks aren't immune to being hacked. In short, moving to the 'cloud' for security reasons is a specious argument.

0
0

That awkward moment when AWS charges you BEELLIONS for Lightsail

Walter Bishop
Silver badge
Terminator

Azure hybrid cloud deployment stack on premise

@Anonymous Coward: "But it's nearly zero work in comparison to move from say Azure to Azure stack on premise....Good luck ever exiting AWS if you use it!"

How about moving from Azure-stack-on-premise to a standalone system, next to impossible, from what I've seen. But then again I figure that's a major part of the strategy. One Cloud to rule them all and in the darkness bind them. Something dotNET was less successful at doing.

Azure-stack-on-premise: The 'cloud' didn't deliver so you'll have to replace all the hardware you threw out with 'azure stack on premise' and rent it back from us into perpetuity. And you'll have to replace all the old-style sysops with 'azure solution architects' 'azure administrators' and DevOps .. er .. developer operations .. developers :)

2
1

Oh Brother: Hackers can crash your unpatched printers – researchers

Walter Bishop
Silver badge
Terminator

Sixteen thousand Brother printers accessible from the Internet

"Enterprise sysadmins were advised by the researchers to restrict web access to Brother printers using a firewall or similar device."

It doesn't take an enterprise sysadmin to tell them that, a ten year old could have figured this out.

3
0

Firefox bookmark saving add-on gives users that sync-ing feeling

Walter Bishop
Silver badge

Fifteen years years of bookmarks ..

I to find myself saving too many bookmarks resulting in never being able to find a particular one ever again. Is there some kind of a simple-to-use desktop app out there that could store all yer bookmarks/notes etc, something like an electronic Filofax.

1
0

DoS scum attacked one-third of the 'net between 2015 and 2017

Walter Bishop
Silver badge
Terminator

That's the headline?

Macroscopic reflection attack .. anything to deflect attention from all those hijacked Windows desktops out there on the Internet.

1
1

Whois? No, Whowas: Incoming Euro privacy rules torpedo domain registration system

Walter Bishop
Silver badge
Big Brother

The Whois system publishes every domain name registrant

"The Whois system, which publicly publishes the name, address, email and telephone number of every domain name registrant"

Except when people use a DNS anonymising service such as Domains by Proxy. Except DBP will give up your details if you become in a commercial dispute. ref

0
0

OpenSSL patches, Apple bug fixes, Hilton's $700k hack bill, Kim Dotcom raid settlement, Signal desktop app, and more

Walter Bishop
Silver badge
Terminator

Re: And here's one you may have missed

"The fraud is relatively simple. Criminals hack into an art dealer’s email account and monitor incoming and outgoing correspondence"

How did the criminals hack into the art dealer’s email account in the first place, don't spare on the technical details.

0
0

SCO vs. IBM case over who owns Linux comes back to life. Again

Walter Bishop
Silver badge
Linux

Follow the money ..

Lets not forget this is about one commercial entity trying to screw-over another commercial entity and former partner. (similar to what MS did to Big Blue, twice) Who currently owns SCO, who exactly is funding the SCO case and in the unlikely event SCO wins, who do they expect to collect revenue from? Or are the lawyers hoping to extract some go-away money from IBM?

Follow the Money!

2
1

US says it's identified six Russian officials as DNC hack suspects

Walter Bishop
Silver badge

Re: Incident response firm Mandiant ..

@Tom Paine: "The most depressing thing is" ..

The UK has blood on its hands. What's happening in Syria, a war crime that Americas best buddy is happy to be complicit in. If the editors didn't see need to repost neocon propaganda on here, then I wouldn't see the need to respond with some facts.

The Fraud of the White Helmets

Syria : White Helmets ... EXPOSED!

CrossTalk: White Helmets, Really?

0
3
Walter Bishop
Silver badge
Big Brother

Incident response firm Mandiant ..

Isn't it a co-incidence that Mandiant found evidence of Russian hacking considering that Russia is Washington's current international bogeyman. While Mandiant is at it, why not investigate who at the CIA hacked into the US Senate intelligence committee tasked with investigating CIA torture. Mandiant, owned by FireEye the cyber security outfit run by Israeli Intelligence. I'd be more worried about Israeli Intelligence having such deep tendrils into the US security infrastructure. Are stories such as the above designed to distract from the real buggers.

When is the BBC going to do an analysis on the contents of the DNC / Clinton emails, rather than on where the server was located or if it violated government policy :)

8
8

El Reg assesses crypto of UK banks: Who gets to wear the dunce cap?

Walter Bishop
Silver badge
Terminator

Lack of support for HTTP Strict Transport Security

"The most important security vulnerability that HSTS can fix is SSL-stripping man-in-the-middle attacks .. The user can see that the connection is insecure, but crucially there is no way of knowing whether the connection should be secure"

"HTTPS Everywhere .. will protect you against many forms of surveillance and account hijacking, and some forms of censorship."

1
0

Guess who's now automating small-biz IT jobs? Yes, it's Microsoft

Walter Bishop
Silver badge
Facepalm

re: Guess who's now automating small-biz IT jobs? Yes, it's Microsoft

@Neal McQ: "When they looked at OUR solutions of the past, they were outsized in complexity or cost."

Reminds me of a Dilbert cartoon: “It's inexplicable, but the low-cost system I sold you seems to be woefully underpowered”

0
0
Walter Bishop
Silver badge
Joke

The cynicism is much strong here :)

I sense the cynicism is much strong here :)

5
1

Hackers abusing digital certs smuggle malware past security scanners

Walter Bishop
Silver badge
Terminator

Re: A cert is a cert, except when it isn't

@fidodogbreath: “a cert signed by a North Korean CA is just as "valid" as one signed by Microsoft.”

What's preventing the root CA authority revoking the North Korean CA. I ask this in all ignorance as I am not an expert in digital cryptology.

1
0
Walter Bishop
Silver badge
Terminator

Code signing and digital Certs

What's preventing the root CA authority from revoking these 'stolen' digital certs?

2
0

Hackers tiptoe out, launch Silence trojan, quietly raid banks of meeelllions

Walter Bishop
Silver badge
Terminator

Gained persistent access to internal bank network

gaining persistent access to an internal banking network for a long period of time

What's needed is some kind of device at the border that will monitor and block connects to unknown destination IP addresses, something like a firewall (1994). With a second device that would trip an alarm on detecting suspicious activity, something like a tripwire (1997).

'The attachment we detected in this new wave is a “Microsoft Compiled HTML Help” file'

3
3

Wheels are literally falling off the MoD thanks to lack of cash

Walter Bishop
Silver badge
Joke

Landrover wheels falling off

"Repeated incidents of Landrover wheels falling off"

Have they considered tasking someone with tightening the wheels with a Heavy Duty Wrench before undertaking a journey. They can be had for £6:75p online.

3
0

So, tell us again how tech giants are more important than US govt...

Walter Bishop
Silver badge
Big Brother

So, tell us again how tech giants are more important than US govt...

@Kev99 ..

You're talking total b****x, if you don't mind me saying so.

6
0
Walter Bishop
Silver badge
Big Brother

Russia Today and Sputnik propaganda outlets?

"Russia Today and Sputnik propaganda outlets". As compared to Faux News and the BBC I suppose, both guilty of pushing the 'White Helmets' narrative. It's also amusing how the BBC experience a technical fault on the line whenever anyone expresses an unorthodox opinion on the telephone. The Russian story is totally bogus, designed to distract from the real manipulators of public opinion in the US media, that would be the CIA, who have agents embedded as pretend journalists in all the major US media outfits.

My reading is that, Clinton and Drumpf have both been leaked against possible by two competing elements of the US intelligence community, for reasons yet to be determined. And then we have the 'golden shower' dossier concocted by the same people that found evidence of "Saddam Hussein's weapons of mass destruction. Even if it were true that Russia was buying targeted adverts on Facebook/Twitter, is the average American dumb enough to be so influenced by blatant propaganda or is it after a lifetime of being exposed to Faux News, they can't tell the difference.

"Congress now has a dossier on the estimated 3,000 Kremlin-masterminded ads .. precious little information on them has actually been released."

Translation: we're just making this shit up.

9
8

Virtually everyone in Malaysia pwned in telco, govt data hack spree

Walter Bishop
Silver badge
Terminator

I can see only the one solution

I can see only the one solution - ban computers from the Internet :]

1
1

America's 2020 Census systems are a $15bn cyber-security tire fire

Walter Bishop
Silver badge
Linux

America's 2020 Census systems

Any idea as to the hardware/software platform the census will run on and who is contracted to supply it?

"High tech doesn't equal secure"

It does actually, just not in the case of YouKnowWho™

"Dodaro said the US Government Accountability Office has identified 43 electronic systems that are to be used in the 2020 census."

That would be 42 too many and if its 43 different providers then I predict they're heading for a train wreak.

3
1

FBI: Student wrestler grappled grades after choking passwords from PCs using a key logger

Walter Bishop
Silver badge
Facepalm

FBI make federal case out of school keylogger

What a total waste of time and money. This could have been dealt with internally, instead of giving Graves a criminal record.

"The university, meanwhile, told FBI investigators it had cost $67,500 to probe and clear up his alleged actions."

I call cyber BS on that figure ..

8
16

Page:

Forums

Biting the hand that feeds IT © 1998–2017