* Posts by EnviableOne

690 posts • joined 28 Jan 2016

Page:

If Shadow Home Sec Diane Abbott can be reeled in by phishers, truly no one is safe

EnviableOne
Bronze badge

Re:Re:Re: Eh?

@AC

to be fair both the major parties bareley qualify, as the only reasonfor all this brexit mess was trying to hold the Conservative Party together.

and this lot didnt win, in fact at the last GE no-body won, and Teresa had to make a deal with the uber right wing from NI just to get anything done.

@everyone else

Diane Abbot is a numpty, but so are most of the MPs, there are few exceptions, we need more MPs with some work/life experience outside of politics, but in this country its hard to get into in later life.

The political system in terms of FPP is broken, it leads to a two party system, and both of them are broken, on both sides of the pond.

5
2

UK.gov to roll out voter ID trials in 2019 local elections

EnviableOne
Bronze badge

Re: In other countries

In the UK the corruption is in large part down to the postal voting system. Non-existant

FTFY

2
3

US draft bill moots locking up execs who lie about privacy violations

EnviableOne
Bronze badge

politics needs more Ron Wydens

If anything vaguley sensible and tech related comes off the hill, you can be sure Mr Wyden wil be involved.

0
0

US Republicans bash UK for tech tax plan

EnviableOne
Bronze badge

Taxes, Havens and Loopholes

Ok so the tax is a good idea, but the reason that the tax needs to be deployed at all is the UK overseas territories acting as tax havens.

Jersey, Cayman Isles, Bermuda, Gibralter, British Virgin Islands, Anguilla

the rest of them are former Empire nations or micro-nations

2
0

Budget 2018: UK goes it alone on digital sales tax for tech giants

EnviableOne
Bronze badge

Amazon wont get hit

if you look at there accounts, they only made 2% on turnover, google, zuck, Tim and SatNad's lot made nearer 25% on turnover

0
0

Pirate radio = drug dealing and municipal broadband is anti-competitive censorship

EnviableOne
Bronze badge

Opposite land USA

"The Media Institute" "Free Speech America Gala"

are about as acurate as

PATRIOT Act

USA Freedom Act

Foreign Inteligence Surveilance Act

The Protect America Act

Tax Cuts and Jobs Act

4
0

Memo to Mark Sedwill: Here's how to reboot government IT

EnviableOne
Bronze badge

Agile and Govenrment

Two words that anyone with any life experience know dont deserve to be in the same sentence

uk.gov dont know what they want from one day to the next, so in order to do your job properly you need to get a propper SoW chiseled in stone or preferably written in blood.

2
1

Techie was bigged up by boss… only to cause mass Microsoft Exchange outage

EnviableOne
Bronze badge

especially when your in the office in slough, and the server is in telecity, and you dont have inteligent hands.....

3
0

What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection

EnviableOne
Bronze badge
Joke

oooh just had an idea

Crane Ransomware - payup or we drop this load of steel on your head

2
0

We asked 100 people to name a backdoored router. You said 'EE's 4GEE HH70'. Our survey says... Top answer!

EnviableOne
Bronze badge

no longer EE

its not EE its a BT subsidury

Par for the course, BT will sit on their asses until forced to do something

3
3

Cathay Pacific hack: Personal data of up to 9.4 million airline passengers laid bare

EnviableOne
Bronze badge

Arline Safty not Privacy

the whole industry is rife with bad security

just look at the SABRE and Amadeus

0
0

SQLite creator crucified after code of conduct warns devs to love God, and not kill, commit adultery, steal, curse...

EnviableOne
Bronze badge

CoC is a PITA

Codes are a right PITA

SQLlite is too Religious, CC is to SJW, Linux is too short (Be excelent to each other)

I'd go with a modified version of Matthew 22 37 and 39

You Shall value stability and security of $project with all your heart soul and mind

You Shall do nothing to others you wouldn't want them to do to you.

3
0

Facebook, Google sued for 'secretly' slurping people's whereabouts – while Feds lap it up

EnviableOne
Bronze badge

Re: Privacy » Location Services » Off ?

Ahh, but the folks in curpertino collect where you have been too, its just kept on your iThinghy (for know anyway)

https://www.cultofmac.com/522515/how-to-see-iphone-significant-locations-map/

3
2

'The inmates have taken over the asylum': DNS godfather blasts DNS over HTTPS adoption

EnviableOne
Bronze badge

DoH and DoT cover the confidentiality

DNSSEC covers the Authentication/Non-repudiation

0
0

Microsoft Azure looks to make cloud-native payments SWIFTer

EnviableOne
Bronze badge

their system is great, just talk to Bank of Bangladesh, some russian ones, chileans, and others that got robbed over swift in the last year ...

1
0

Forgotten that Chinese spy chip story? We haven't – it's still wrong, Super Micro tells SEC

EnviableOne
Bronze badge

There are problems either way ...

The reason SMC wont sue is "The burden of proof is always on the plaintiff" and it is intensley hard to prove a negative as they have said.

Its hard to see the conclusions either way as there is no evidence presented either way.

But an absence of evidence is not evidence of absence

so its basically Bloomberg and its anonymous sources vs SMC, Apple, Amazon and the TLAs

the question is who do you trust more, and who should you trust.

with a story of this magnitude, Bloomberg will have done enough to ensure their Liability is covered, SMC need this to go away fast, so their rep can recover.

IRT the previous quotes about Saudi, its not cash that menas people wont care, its the largest oil reserves in the world ... From vlad&Co its their Natural Gas, and the iranians have a good 3rd on the Oil reserves especially with sanctions, reducuing their output.

2
0

Microsoft deletes deleterious file deletion bug from Windows 10 October 2018 Update

EnviableOne
Bronze badge

Re: Internet Explorer, ...., Internet Explorer

and Edge was supposed to be a ground up new browser, its amazing how many bugs are in both it and ie

6
0

Don't make us pay compensation for employee data breach, Morrisons begs UK court

EnviableOne
Bronze badge

Re: Quis auditdiet ipsos Auditores?

IIRC the data was removed from morrisions and uploaded from a personal machine.

IMHO, Morrisons should be liable for not taking due care of the payroll data of its employees.

Auditors should be able to see and verify, but not in any terms remove PII.

If this was under GDPR, regs there would be no case as Both would be liable.

1
2

Punkt: A minimalist Android for the paranoid

EnviableOne
Bronze badge

FFS it looks like a pocket calculator

so much for the design, it even has the wedge on the back so you can see the screen when its on the desk

2
0

Google now minus Google Plus: Social mini-network faces axe in data leak bug drama

EnviableOne
Bronze badge
Go

Google Knowledge

Google may not know whos data or what exactly was accessed, but tehy will damn sure know if anyone used that feature of their API cos $$$$

1
0

Payment-card-skimming Magecart strikes again: Zero out of five for infecting e-retail sites

EnviableOne
Bronze badge

Magecart - not one group

This code is everywhere

its not just one codeset being exploited its a whole load.

https://doublepulsar.com/magecart-new-tactics-leading-to-massive-unreported-fraud-5211c9883dea

The IOCs on this are never ending

0
0

Man the harpoons: The KRACK-en reawakens in updated WPA2 attack

EnviableOne
Bronze badge

Hey You Wireless vendors!

Where are those WPA3 devices you promised the first time ....

9
0

Wi-Fi Alliance ditches 802.11 spec codes for consumer-friendly naming scheme

EnviableOne
Bronze badge

where does 6 come from?

0-802.11

1-802.11b

2-802.11a

3-802.11g

4-802.11n (wave1)

4.5-802.11n (wave2)

5-802.11ac (wave1)

5.5-802.11ac (wave2)

6-802.11ax

what about WiGig(802.11ad) or Super Wi-Fi(802.11af) or dot11 ah or aj

4
0

Windows 10 1809: Now arriving on a desktop near you (if you want it)

EnviableOne
Bronze badge

Re: "there isn’t a lot in it"

local group policy editor is your friend, go mine locked down and configured to not allow most stuff.

6
1

UK's Openreach sends full fibre to Coventry

EnviableOne
Bronze badge

Re: Be careful what you wish for

80/20 is FTTC Infintiy 2 rate, so you are not actually getting anything better than a fibre enabled copper line.

in the mean time, the bt site says: "You can get speeds up to 256k with our Broadband Unlimited, and you can get BT TV."

even when you need 2Mbps for BT TV

please stop showing off, untill 100% of the uk has 2Mbps, let alone the 10mbps USO they are proposing, I'm sending BT to coventry.

3
0

Financial Conduct Authority fines Tesco Bank £16.4m over 2016 security breach

EnviableOne
Bronze badge
Facepalm

thats not the worst of it

the whole CNP system is ripe for this sort of attack

no transaction rate limiting, no same origin tracking

specific detail failiure messages .... (wrong card no, wrong cvv, wrong expiry)

2
0

Location, location, location... technologies under the microscope

EnviableOne
Bronze badge
Happy

RFID FTW

The Oldest, cheapest and the best

1
0

Health insurer Bupa fined £175k after staffer tried to sell customer data on dark web souk

EnviableOne
Bronze badge

Re: Total game changer!

just like you get 50% of your prison sentence for good behaviour .....

0
0

Oslo clever clogs craft code to scan di mavens and snare dodgy staff

EnviableOne
Bronze badge

Converged security

Ok so this is a new idea, physical security has always been part of Information security, now were in a digital world how is this any different?

So they basically added more sources to a siem and invented a new search taxonomy, exactly what all new SIEM vendors do

1
0

Trump's axing of cyber czar role has left gaping holes in US defence

EnviableOne
Bronze badge

Re: Stupidity or cunning?

like the people he was going to appoint which are just air

November 23, 2016

We have many people for every job. I mean no matter what the job is, we have many incredible people. I think, [...] The quality of the people is very good. ... We’re trying very hard to get the best people. Not necessarily people that will be the most politically correct people, because that hasn’t been working. So we have really experts in the field. Some are known and some are not known, but they’re known within their field as being the best. That’s very important to me.

yet still over half of the presidential appointments are lying empty

1
0

Sunny Cali goes ballistic, this ransomware is atrocious. Even our IT bill will be something quite ferocious

EnviableOne
Bronze badge

Super-Cali-Fragil-istic-expi-ali-docious

Super Cali Go ballistic Celtic are atrocious

San Diego port encrypted, IT is Atrocious

0
0

Internet be nimble, internet be QUIC, Cloudflare shows off new networking shtick

EnviableOne
Bronze badge

Re: "Check one two"

this is only used by those idiots that think they know what they are doing

the one two transition checks the low range, you need to do the two for the hard t and the two three transition to check the high range too, so the "check 1,2" brigade are as clueless as the author!

1
0

Have I been pwned, Firefox? OK, let's ask its Have I Been Pwned tool

EnviableOne
Bronze badge

Re: Oh no.

K-annonymity to the rescue

https://www.troyhunt.com/were-baking-have-i-been-pwned-into-firefox-and-1password/

and the only data being collected is email X has been in breach Y (and Z and A ...)

2
0

Office 2019 lumbers to the stage once more as Microsoft promises future releases

EnviableOne
Bronze badge

Re: Classified and commercially sensitive documents?

However the Microsoft Cloud environment has an equivalency decision from the EU, unlike google and post-brexit britain.....

0
0

Amid Trump-China tariff tiff, Cisco kit prices to resellers soar up to 25%

EnviableOne
Bronze badge

No one got fired for buying Cisco

but noone ever saved money by doing it either. Just another reason not to buy from Switchzilla.

Their kit comes with all sorts of bells and whistles that you dont need, and probably a hardcoded root password (or two) with an auful GUI, if thats how you want to manage it.

Personally, i'd go with one of the other vendors out there, which give you the bell and whistle you need and do what you need at half the price.

0
0

Barclays and RBS on naughty step: Banks told to explain service meltdown to UK politicos

EnviableOne
Bronze badge

Barclays outage is an annomoly, RBS OTOH is situation normal, their system fall over in a light breeze. I worked for a firm that was invited to tender on their new systems, we walked away as it needed re-built from the ground up and they wouldnt pay for it.

2
0

Virus screener goes down, Intel patches more chips, Pegasus government spying code spreads across globe

EnviableOne
Bronze badge

Re: Some of the countries

Nah, between NSA and GCHQ, they will have their own one.

2
0

FCC's 5G masterstroke little more than big biz cash giveaway – expert

EnviableOne
Bronze badge

American Revisionists

Hmm AT&T first in the world?

Ooredoo, a large mobile network operator in Qatar, launched the first commercial 5G network in the world as of May 2018 in 3.5 GHz band

0
1

What's that smell? Oh, it's Newegg cracked open by card slurpers

EnviableOne
Bronze badge

Content Security Policy

Sureley a CSP would stop this code sliding into their websites?

HTTPS is just not enough

Scott Helme give great advice on this, and even set-up securityheaders.com to check it (along withother websec) and run a service to handle your CSP reports (report-uri.com) (assisted by Troy Hunt)

Quite fankly if your running any sort of secure site and it doesnt Get an A on SSLLabs and an A on Security Headers, your not doing it right

2
0

First Boeing 777 (aged 24) makes its last flight – to a museum

EnviableOne
Bronze badge
Joke

Obv a crab

In the RAF they say a landings ok, if the pilot can get up and walk away,

but in the Fleet Air Arm the chances are grim if the landings piss poor and the pilot cant swim

2
0
EnviableOne
Bronze badge

Re: "I thought the 777 was ETOPS 180?"

A321neo is more economical per seat mile and doesnt need the extra tanks on the westbound now.

i'm prety sure the 320neo could make the trip and is a lot more economical than the 737-9ER

the MAx9 doesnt have the range and the MAX 10 isnt fast enough.

0
0

Equifax IT staff had to rerun hackers' database queries to work out what was nicked – audit

EnviableOne
Bronze badge

Re: Igorance

I am fully aware of risk based security, but if as you said this was seen as so small a risk it could be accepted, then their risk manager needs shot as well, cos they let this happen.

As others have said if its core to your system, it should be maintained, and from the details comming out, Equifax was a hive of poor oversight, poor practice and poor security, if this system is core to their monitoring, it should have been reporting on expiring certificates, and someone should have had the job of making sure something was done about it.

I am not saying I'm perfect, but i am pretty sure i know where the holes are and have multiple layers on the important stuff.

1
0
EnviableOne
Bronze badge

I'd like to know

How does a cerificate being expired prevent a security tool from working,

and if this is the case, why wasn't it picked up?

or do their IT team have Alert Fatigue? seeing as all these unpatched uncertificated services will be flinging alerts at them

4
0

'I am admin' bug turns WD's My Cloud boxes into Everyone's Cloud

EnviableOne
Bronze badge

Re: The Cloud...

Nah I have my own accronym

OPT - Other people's Tin

0
0

Linux kernel's Torvalds: 'I am truly sorry' for my 'unprofessional' rants, I need a break to get help

EnviableOne
Bronze badge

I think you'll find they added some letters

LGBTQIA+

would be the current vernacular, providing they haven't added alphabet since, personally I thought the + was a greedy catch all, but someone wanted the I and A too

1
1
EnviableOne
Bronze badge
Linux

Fair Cop

Linus has always rulled with an iron fist and to be fair, the critisism is usually waranted, and some on the reciving end have even admitted, bit harsh, but i deserved it.

Oh and since when has linus been bothered with security? He has reserved special places in hell for it on several ocasions.

His two priorities are clean code, that runs, no BS, no fluf.

6
1

C'mon, biz: Give white hats a chance to tell you how screwed you are

EnviableOne
Bronze badge

Re: Finance

you think finance IT is under funded, come work in healthcare

we got 1/10th the staff and 1/100th the budget

0
0

Watt the heck is this? A 32-core 3.3GHz Arm server CPU shipping? Yes, says Ampere

EnviableOne
Bronze badge

RE: @cronus Spooknotes speak volumes

As for the Spectre and Meltdown CPU vulnerabilities – which affects a range of CPU architectures, from Intel'x x64 to Arm's Cortex-A families – Ampere's Taylor told us this:

Patches have been installed. As with other Arm-based processors, there are vulnerabilities. For eMAG and all future generations, architectural changes were made and will be made now to address the Arm fix for Spectre and Meltdown.

1
0

UK.gov finally adds Galileo and Copernicus to the Brexit divorce bill

EnviableOne
Bronze badge

The KISS

Wait for deal to be announced

hold referendum with three options:

1.Take deal and GO!

2.Stuff deal and stay!

3.Stuff deal and GO!

the current deal we have with the EU is the best anyone has, if we leave we will have to follow the whole process to come back.

No Disputes with members - That means Gibralter with spain and the Irleland problem need to be sorted before we get back in

Must Join the Euro - try getting that one passed

No Rebate - saves us a good chunk of what we put in

Fix the Surveilence regieme - They hate the 5 EYES and have some other issues too

10
1

US govt confirms FCC's broadband speeds and feeds stats are garbage

EnviableOne
Bronze badge

the problem with comparing US to EU

most EU nations had a former publicy owned telephone company that ran cables to everywhere and has at least one with a Global service obligation. Unfortunatley for them tother side of the pond, this is not the case, and it all comes down to economics, and based on most models, 80% coverage of the US is about economical, the other 20% is going to be costly.

in the Uk this comes down to 95% (due to the size and landsacpe) so the government are (barley) funding the last 5% along with co-ops and collectives, who are paying the national networks for connectivity on a group rate.

1
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018