* Posts by SAdams

24 posts • joined 28 Aug 2017

iPhone gyroscopes, of all things, can uniquely ID handsets on anything earlier than iOS 12.2


Straining at gnats

Why is everyone so worried about device fingerprints ? Surely 99% of people don’t clear down their cookies regularly and don’t have security problems?

I can imagine hackers and paedos want to avoid fingerprints, but presumably they’re using Tor on virtual machine running on a USB stick. I guess there are a few other legit concerns, but not enough to justify having to press “I accept your cookies blah blah” on every bloody web page...

As long as there's fibre somewhere along the line, High Court judge reckons it's fine to flog it as 'fibre' broadband


A tot of vinegar in your wine, sir?

The judges next visit to a restaurant;

Judge: This wine tastes thin and watery. I ordered the Trivento Eolo Malbec 2014, a rich and full bodied wine.

Waiter: Yes sir, we add water to make it go further. That is how we have such excellent prices.

Judge: But it tastes just like a cheap Merlot, you advertised it as Trivento Eolo Malbec 2014, and said nothing about adding water!

Waiter: The wine is indeed Trivento Eolo Malbec 2014. We find most people don’t notice the difference, sir.

Everyone screams patch ASAP – but it takes most organizations a month to update their networks


To do fast patching reliably, you really need to have (the equivalent of) Winrunner and Loadrunner scripts setup on your pre-peoduction environment that are constantly maintained for all critical applications, and then a full team to manage all these scripts and update them each time an application, OS or middleware is updated. However now that most companies use VM’s on replicated storage, as long as the storage has snapshots (and there is some failover mechanism), security should really take presidence when roll back is an option.

I suspect most companies with *nix patch less than monthly ?


I think the restart is to help keep the server working. I’ve known Unix boxes to stay up 10 years without a reboot, but Windows servers are more reliably when they get the monthly restart. I suspect the patch that MS re-release each month is mainly to ensure there is a restart.

London's Gatwick Airport flies back to the future as screens fail


Everything is just magic when you put it in “the cloud”... no need for any designs, you can have lots of agile applications without any designs and they will just work fine forever.

As Corning unveils its latest Gorilla Glass, we ask: What happened to sapphire mobe screens?


Transparent Metal

We keep hearing about various types of transparent metal that will be used in everything from screens to buildings.

There must be a way to make a phone tough enough that it doesn’t need a case etc, with a decent battery life that lasts the whole day (even if you use it!)

Citation needed: Europe claims Kaspersky wares 'confirmed as malicious'


Re: They learned from the best!

“Whatever happened to that treaty which got signed after World War II which prevented both the USSR and the EU from expanding their borders? So, like, who's the aggressor here?”

The treaty was not for Stalin to do what he did and install puppet communist goverments in Poland etc etc., if you really want to go back there....

El Reg deep dive: Everything you need to know about UK.gov's pr0n block


Possible solution

All these options fail to ask the question “How old do you have to be to work out how to install Tor browser or a VPN client on an iPad ?

The only real answerr I can see is to use the cost of buying a laptop to mean thats an adult. You could then legislate that all laptops are sold with some kind of child protection software enabled (ideally AV software) - which includes a wizard to setup a password and optionally an account for kids in the house. Users can of course change this, but you would expect parents to have some level of control/responsibility...

Its not perfect but seems a sane compromise ...

No, Stephen Hawking's last paper didn't prove the existence of a multiverse


Re: As far as I can tell, you can prove

“as our Universe is infinite the bigger objection towards multiverses is where would you put them? ”

I don’t see this problem at all. Most multiverse theories see each universe existing in self contained branes. They speculate about phenomena we may see in this universe when these branes collide in some way thats clearly difficult to imagine without imagining a different type of spacetime like context outside of spacetime. This is of course the main problem with multiverse theories - no one has ever observed anything other than our single universe, or has any evidence for anything other than our single universe.

The multiverse is partly an attempt to explain the weirdness of quantum mechanics, but in cosmology its mainly a way of avoiding god. It allows you to push back the start of everything to a point where people don’t need to think about it, and it helps explain the high degree of tuning that seems to have occured at the start of the universe to make it possible for us to exist.

Fermi famously asked: 'Where is everybody?' Probably dead, says renewed Drake equation


The Inhibitors

There is of course the Alistair Reynolds explanation for the Fermi Paradox - in the Revelation Space series.

However I tend to agree with the update here, it doesn’t take long for a civilisations technology to exceed its ability to be kind and forgiving on a global scale. There will always be ups and downs and people to blame, and then war.

Does my boom look big in this? New universe measurements bewilder boffins


Re: The edge is nothing more than a ripple in the pond

“We had a big bang and our universe is inside the center of that ripple. There are others, well outside what we can see beyond the ripple.”

No one has a shred of evidence that there is anything more than one universe. We have many anomalies and we have theories that try to explain those anomalies by inventing other universes.

Because a similar trick can help theories on both quantum and cosmological scales, its a popular speculation. Its just as likely that there is only a single universe that originated along with time and space at the big bang. If anyone tells you that there are definitely other universes, unless they can prove they are from the future where there have been some big discoveries, then you can be fairly sure that they are either guessing or making stuff up.

Meltdown's Linux patches alone add big load to CPUs, and that's just one of four fixes


Intel crypto mining

You have to hand it to Intel - they've come up with a genius way of dealing with the fact they've hit a brick wall in Moore's Law, breaking their business model. By inventing "vulnerabilities" in order to mine Bitcoin/Monero etc on all machines globally they've secured themselves a strong new revenue source....

MY GOD, IT'S FULL OF CARS: SpaceX parks a Tesla in orbit (just don't mention the barge)


Re: Excessive cheering

“If I were one of the 6000 people that worked on it, I'd be cheering too.”

Even as someone not working on it, I had a brief, internal and silent ‘British” cheer moment. A South African billionaire with US enthusiasm sending a car playing Bowie towards mars. IT billionaires do seem to have a more generous and optimistic view of what can be achieved with their money than most.

Long haul flights on a one-aisle plane? Airbus thinks you’re up for it


Re: The Golden Age of flying is over

I think they went through a bad phase but have improved over the past 2-3 years. I generally find that if I’m on a plane where the windows dimn rather than having a cover, the seat itself will be comfortable and the screen will not be so low definition that you only get a vague idea of whats happening. Also you can charge your phone.

Of course if you’re flying BA, even on a new plane you will still have shit all over your tray, tissues in the seat pockets etc..,

Nunes FBI memo: Yep, it's every bit as terrible as you imagined


Good article

One of the best summaries of the issue - which happens to be in an IT paper.

Its ironic that the FBI,CIA (and even NSA) have done some incredibly dodgy things in the past (some verging on evil), all proven and with very little if any attempt to even try to follow due process. Admitedly most of it was during the cold war - trying to oppose the USSR being just as dodgy all around the world in the name of global communism.

Nonetheless much of that was ordered and supported by presidents, congress, senate, the republican party etc. Its ironic that here you have a vastly reformed FBI following the prescribed process for something they and the CIA/NSA should know about. You have Trump and many of the Republicans creating fake news about it - the same Trump that demonstrably got elected on the back of fake news, and yet keeps complaining about fake news. This is all straight out of the Goebels / Hitler playbook. Its all about controlling the narrative at all costs.

The FBI will probably pay for past crimes now in the US public imagination, wounded and inefective. Just at the time their role as independant investigative body is probably more important than its ever been. We will soon see how effective the US constitution and its seperation of powers really is when faced with a president playing them all against each other.

Lenovo's craptastic fingerprint scanner has a hardcoded password


Re: WTF ????

“Why would you use a fingerprint scanner ? The casing of your laptop and your keyboard is full of your fingerprints.”

It depends whether you’re using them to logon to the OS. If you’re purely using them to get past the BIOS POST etc, then I don’t see a big problem with fingerprints as one of your factors of authentication. If you go by “something you have and something you know” then there is always the chance of the “something you have” part being stolen along with the actual device being secured.

When you add “something you know” as a password which is not so complicated that people need to write it down, thats not bad for a standard user laptop surely ?

Apple iPhone X: Two weeks in the life of an anxious user


Its good to get reviews by people just slightly annoyed with the people who make the thing. Its left me more interested in getting one (or at least one of the next versions of a ‘home buttonless iPhone”).

With regards to moving pictures onto a laptop, you don’t need to enable Photostream (which should be killed as its pointless and confuses people with duplicated. For me the photos go to iCloud pretty quickly (within an hour?). Maybe historic photos were still trickling down to the phone over the first couple of days.

With this:

“I’m warming to the lack of a Home button. I now think it’s a triumph of smartphone interface design in iOS 11.

It means there is one fewer physical moving part to go wrong on the iPhone X. The Home button on my old iPhone 5 regularly used to need cleaning to remove fluff getting underneath the contacts.”

The last couple of iPhones have not had a physical home button anyway. Its quite strange when the clicky button iPhone 7 disappears when its switched off.


Re: 14 Days and "letting it go" - ??

Classy. Does he also save costs on restaurants by scooping some pubes out of his pants ?

Intel AMT security locks bypassed on corp laptops – fresh research


Re: Annnnnnd....

“Arguably, it's AMD's fault for not being strong enough competition for some years now.”

As far as I can tell, the only way they are weaker is in the marketing department. Intel generally have naming conventions that people think they understand (e.g. 7th gen i3 versus 8th gen i5).

Equifax Q3 results: Not as bad as you might have hoped – hack only cost biz about $87m


Of course once its live, GDPR will be on top of costs incurred responding to the breach.

You would expect something like this (where both prevention and handling were so poor) to be close to the 4%. So companies should probably look at a potential 8% of turnover cost for data breaches.

I’m fairly sure Equifax could still be fined by various governments under existing legislation if they chose to.

Punctual as ever, Equifax starts snail-mailing affected Brits about mega-breach


The reality is probably that everyone who has ever had a loan / mortgage etc is in the leaked data. Their story doesn’t seem to make sense ...

Apple’s facial recognition: Well, it is more secure for the, er, sleeping user


Re: Biometrics

“Biometric measurements are fine as a method of identification, but not as a key. Who I am should establish my user ID, but it should never be used as my password.”

This seems to miss a LOT of people. I’ve heard suggestions that DNA would be good for secure authentication - which is a bit like having a password you write on post it notes and leave everywhere you go!

It's happening! Official retro Thinkpad lappy spotted in the wild


Yes I prefer the X models, although the X240 was a disaster, quickly fixed with the X250 onwards...

Apple iCloud Keychain easily slurped by cops, ElcomSoft claims


“Easily slurped” ?

Even for people who do not have 2FA - which Apple have pushed and users have to reject - you still need AppleID and password ? So its like single factor authentication ?

Moral of the story, if you use Keychain, use 2FA. And always use a unique password for your apple ID, and for any email accounts that may involve password resets.

Biting the hand that feeds IT © 1998–2019