* Posts by trolleybus

5 posts • joined 19 Dec 2017

This two-year-old X.org give-me-root hole is so trivial to exploit, you can fit it in a single tweet


Re: Now, if this were a Windows exploit...

But it isn't.

I know what you're saying. I even agree with you, to a point. But this isn't a Windows bug, and shouldn't be used as part of a religious war.

Rookie almost wipes customer's entire inventory – unbeknownst to sysadmin


Re: And then billed 3 extra hours?

Nothing unusual about that. Some Burroughs upgrades were simply moving a jumper. No different than changing software settings to change the way a car works - you pay for better performance, you get better performance.

You know all those movies you bought from Apple? Um, well, think different: You didn't


Re: music

"Does this apply to Music? Could the music that I’ve ‘bought’ from iTunes disappear because they lose the rights to it..."

Much of mine has disappeared. Apple say you can download music you've bought as often as you like, but there are weasel words along the lines of 'so long as we still sell it'. Many of my purchases were made when replacing my vinyl catalogue, so there was plenty of 70s stuff with titles like 'Diamond Dogs 2015 remaster'. Once 2015 ended the title of the product on sale changed to '2016 remaster'. At that point if you lose your local copy, you're well and truly stuffed, as I discovered.

Until last week, you could pwn KDE Linux desktop with a USB stick


Re: And which bunch ...

This isn't autorun, in the .inf sense. Just mounting a new volume when it sees one. Something that Burroughs computers were doing quite happily in the early 70s without magaging to run arbitrary code.

Google asks browser rival Vivaldi to post uninstall instructions


Re: another 'Google is Evil' example

"AC because at the place where I work, central IT does MITM with https. I've tried explaining to people that the padlock which shows when they log into their bank at lunch break does not mean they have a secure connection with the bank, just a secure connection with work's proxy and that IT can potentially log and see everything they do online, including usernames, passwords and potentially sensitive information such as bank statements and that whether or not you trust IT do be sensible with these logs, what happens if there's a breach and the logs are stolen, and "meh" is exactly the reaction I get, followed by placing an Amazon order for a couple of hundred quid."

The web filter I'm most familiar with, Smoothwall, has a builtin category of sites, mostly banking, which are exempted from https mitm inspection. Sure, you have to trust your IT folks not to override this but I'd have thought most companies other than those needing very high security would realise that it's in everyone's interest to allow their employees this amout of privacy.

Biting the hand that feeds IT © 1998–2019