Posts by Am I Paranoid Enough? 18 publicly visible posts • joined 29 Mar 2017
I was 4th year BR apprentice (early 70's) and had finished overhauling (under supervision) the gas powered sanitary product disposal unit in a posh office block in the centre of Nottingham. I was working under the guidance of a experienced fitter with a 1st year apprentice (on his last day with us) and he was tasked to fix the supply pipe to the back of the unit and to clamp the unit onto its' base.
All looked well, but the next day we had to go back as the damned thing had gone bang. At least the cut-off valve worked.
Having lost the nuts to go on the screws to clamp the pipe, he used self tappers. One was nearly 1.5" long and it punctured the internal supply pipe causing a leak. Fortunately the woman using it at the time smelt gas (after depositing her used Item) and got out shutting the door behind her before it fired up.
The young lad was dragged back from Derby the next day to clean the mess up which included several partially burnt used products and ash. The unit lid was embedded in the ceiling tile with half of the last deposited item expected to fall from it.
Oh the smell!
I know the person concerned is an avid El Reg reader. So if you don't want me to reveal your identity you know what to do little bro. No excuses you've been sent the link.
Time to find out how to install TOR for all connections from my Linux box. and....
Would this help defeat the Windows slurp that by-passes all other efforts including MS remote access when they feel the need?
As this is down the list of priorities, any pointers gratefully received.
Snorlax:
"It's been a while since I looked at a tort law book, but vicarious liability is fixed on an employer when the employee does something negligent in the course of his employment."
Without seeing court transcripts, my best guess would be that vicarious liability was triggered due to the failure of the employer to take all reasonable and practical measures to prevent this foreseeable incident from occurring and any reaction once the breach has been detected.
Moreover, did their action or inaction facilitate the theft? Such as;
- why did this person have access to all those different items of data?
- how did he get the data out?
- were all reasonable steps to prevent unauthorised data transmission taken?
- what provisions were there to ..., etc?
I know it is a fair few decades since I studied law, but IIRC the example given below may help...
If I run a bank and leave cash on the counter it won't be there for long. SOP's to protect the cash will in place so it is negligence by the teller. If the SOP says it is OK to leave it there until the teller has opened the drawer or safe, then the bank is apportioned blame (vicariously liable), as its' action or inaction allowed to theft to occur.
Perhaps with the forthcoming GDPR the financial implications may focus attention.
El Vark wrote:
"So far the Feds have refused to say whether they still have that copy."
"So, there is a copy available."
So, maybe there is, and maybe there ain't. True, state agencies are bullish on document retetention, as well as coy to flirtatious with possible information. How these things result in a fractious partisan jab is perhaps more telling of oneself than those one seeks to disfavour. Still, Jayzus.
Now what I would like to know is... do we have a version of Schroedinger's Cat thingy for this sort of Legal/IT conundrum?
Here we go again. So many systems getting well and truly screwed all around the world!
Am I correct in understanding that this happens (in part) quicker in systems patched by Micro$oft?
Viz: "These cyber-weapons attack vulnerabilities patched by Microsoft earlier this year, so the credential theft is usually more successful, at least at places that are on top of their Windows updates."
Last July, I worked at home with a senior lecturer producing a course document on using IT&C in research. After a long day he left for home needing to just do a final read through and to email the final copy to me.
At 2330 I got a very panicked colleague who reported that the laptop had died and wouldn't start. It was plugged in but nothing. It was fine during the day and had worked perfectly for an hour but died whilst he got a brew.
I told him I would call in in the morning to see what I could do, even if it meant removing the HDD into a caddy. Next morning I headed off to see him with 10 year old Grandson in tow. Whilst I got the low dow on what happened and before the kettle boiled, my grandson walked up to the machine stared at it then pushed the powerlead into the charger fully and bingo. The look of contempt on my grandsons face was priceless as he added, "now can I get a lift to rugby practice, I'm gonna be seriously late!"
My colleague taught electrical/electronic engineering for 31 years previously having been in industry. At 67 he had comtemplated retirement but loved his work.
However, a few weeks later whilst in my home office again, he watched in amazement as my 8 year granddaughter came in apologising for sending her homework to the wrong printer (from her home) whilst bemoaning the fact that the 'HPLIP set up on the laptop was only allowing single side printing again.'
He retires next week. Happy birthday and don't worry, let the kids will deal with it. Get back to finishing your book on thermionics before your knowledge is lost.
If you seriously think HMG gave up the ID Card battle, think again. DVLA issue them and the proposals for biometric data inclusion is far worse than the original ID Card project. Why withdraw paper licenses otherwise?
It doesn't matter who you vote for, the government still wins. Unelected senior civil servants v naive/compliant politician - no contest.
I made coment on Wileyfox Zen feedback and got a response from Yandex.Apparently they might include a way to disable it in a future update but as yet you have no option. Wileyfox say they will include a way to disable it in the next update to be installed in the next few weeks, however, in view of Yandex response I wouldn't hold your breath.
All services (seems to be related to 'Trebuchet') for this are hidden and no permissions are available to prevent it data slurping. The only solution found was to restrict all background data and net access via a non-root firewall app such as Mobiwol. Some basic investigations reveals that data does flow to Yandex out of the box and that you can not opt out. The lack of optout implies you automatically consent to its activities (is this this modern version of 'Shrinkwrap Licensing?) contrary to the provisions in law which requires prior knowledge or optout provision.
As for Trucaller, there are numerous issues such as what they say they won't do yet in their EULA & Privacy statement clearly contradict themselves. Out of the box it is next to useless without signing up. For example, you can not access SMS if you don't agree. This is being replaced.
We run dozens of these devices for vulnerable people for whom release of sensitive PII is a serious issue.
Apart from the Storm trialled last year ( (in repair for 42 weeks out of 52) we have had, until now, no issue with the Swift series. Consequently it is hope that they get back on track as until we can establish the same control as before, we will not be buying any further units.
The school bully is punching the crap out of his victim.
A rich kid moans that because the bully is doing his thing, the victim can't get to do his homework now, so he won't get good grades and go to college and rule the world.
Teacher says well hit him harder than the school bully until he does your homework.
If he doesn't do your homework then, we'll suspend him until he does.
Because that's what the new laws say.
The teacher adds, don't worry you won't get into trouble because the new law will protect you and they've made the law so it can't ever be changed again.
~
Seems to apply here too. Enough Said.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
