* Posts by Waseem Alkurdi

928 posts • joined 16 Apr 2018


Roses are red, we've received about fifty. Google's next trick? Pixels for the thrifty

Waseem Alkurdi

Re: And Windows

We deleted Sys32 system32

Well, I really had to do it.

It's now 2019, and your Windows DHCP server can be pwned by a packet, IE and Edge by a webpage, and so on

Waseem Alkurdi

Is it Acrobat or PDF itself?

The overwhelming majority of those are the 39 arbitrary code execution vulnerabilities in Acrobat and Reader. In each case, the attacker could execute code on the target machine by convincing the user to open up a poisoned PDF file.

If it was PDF, then won't every single PDF client in known existence be affected?

In that case, what would average Jo{e,anne} with their locked-down Android and preinstalled system PDF reader do?

Waseem Alkurdi

Re: How oh how

If you mean the (now a) standard, then nope, allow me to disagree.

If you mean Acrobat Reader, then I'm getting the pitchforks Molotov cocktails.

Ivan to be left alone: Russia preps to turn its internet into an intranet if West opens cyber-fire

Waseem Alkurdi

Re: Airgapped

From Hong Kong I guess?

Waseem Alkurdi

Re: Can anyone bother to explain

Is jumping off a skyscraper justified because everybody is doing it?

US et al and their missiles might've "done wrong", but does that justify doing another "wrong"?

all countries have always been governed by interests and not by principles.

Depends on the interests and principles involved, but I agree to a certain degree.

Waseem Alkurdi

Re: Idea for a cleaner internet...

I initially agreed, but there's China.

All traffic into China passes through Chinese governmental servers (Great Firewall).

Yet the traffic to the outside doesn't, though traffic to the outside is monitored as well.

Waseem Alkurdi

Re: Doesn't every country

Doesn't every country major country


Some countries can't be bothered, because the Internet to them is purely for entertainment, no gov't business depends on it.

Waseem Alkurdi

From the article:

* Despite the English transliteration of its name, RBK is a business news wire and not a consultancy.

I don't speak Russian (though I really wish I did), but couldn't be like an English newspaper called "The Consultant"?

Well, thinking of it, it's like El Reg itself. A Russian may go like:

Despite the Russian transliteration of its name, The Register is a tech news wire and not a CPU register.

Waseem Alkurdi

Re: Clientside Loopback Protection.

I can't seem to access El Reg (or any internet) at home anymore.....

Who needs the ISP's filthy internet when you have your own, all to yourself, courtesy of a couple of servers on your very own Linux server?

Waseem Alkurdi

Can anybody explain this?

So far Russia has built a local DNS copy to allow its internet to keep working if local officials pull the plug on connectivity to the rest of the world.

Assuming it's a copy of all DNS entries, both Russia and outside, why is a copy of (non-Russian) website DNS entries necessary for a Russian intranet?

I think there's something more to this.

Can't "unknown" websites w/o suitable DNS entries be simply returned with a HTTP 503 Temporarily Unavailable?

Prez Trump orders Uncle Sam to step up AI efforts – we all know the White House knows a lot about artificial intelligence

Waseem Alkurdi

Re: I can never understand anything the guy says

I think it's just like that; he speaks with parenthesis included (even with nested parenthesis (even nested, nested parenthesis) (a great talent (a huge talent), the best there is (the Donald is great (the best) at it)).

No, he's being a programmer using recursive calls:

x = doFunction1(y, doFunction2(doFunction1(a, b), z, doFunction3(c, d)))

EDIT: Seems that @Rich 11 has beaten me to it xD

Accused hacker Lauri Love tries to retrieve Fujitsu lappie and other gear from Britain's FBI in court

Waseem Alkurdi

Re: "Britain's FBI"

Department of Defense

Erm, go to this URL: www.defense.gov

This would be the title:

U.S. Department of Defense

(Yeah, I know about defense vs, defence)

Cops looking for mum marauding uni campus asking students if they fancy dating her son

Waseem Alkurdi

Re: It gets worse.


Uni student? Possibly normal, but eerie. But uni grad? Damn.

Waseem Alkurdi

Re: My experience

got me to deliver a parcel

Hmmm ... I see your issue. You have a mail server set up.

Solution? Redirect root's mail to /dev/null.

Waseem Alkurdi

Re: Had to happen

Just wait until both sets of parents insist on being there for the first sexual encounter to offer tips and commentary.

Something similar to this used to happen in the Middle East, despite being clearly morally wrong and opposed to the two religions (Islam and Christianity). One parent would stand behind the door while the newly-wed couple did their thing.

This practice is as dead as a zombie though, with people having grown up.

Skype goes blurry, Office gets a kick in the privacy, and Microsoft takes us back to 1990

Waseem Alkurdi

and a way to save files locally (in TXT format, if the user so desires).

As if the .sb file format isn't a .txt?

Sure, you can keep Grandpa Windows 7 snug in the old code home – for a price

Waseem Alkurdi

Re: Not funny caption

It was intended as satire, not to ridicule older people. And there's the whole "machinification of man" thing.

I'm in two hearts on this.

It, er, feels wrong to me, but at the same time, well, dunno.

Waseem Alkurdi

Re: Win 10- no thanks

And still a heavier footprint than 7.

I'd go with a Windows 7 PE, with Explorer added, and its WIM applied to a disk for persistence.

Waseem Alkurdi

AFAIK the AMD PCnet chip works natively, out of the box.

(Source: https://reactos.org/wiki/VirtualBox)

Waseem Alkurdi

Re: Prevaricating?


Waseem Alkurdi

Re: Bad news...

Is 'bigly' even a word?

Waseem Alkurdi

Re: Updating to Windows 10

Keys are nowadays, in the bios the SLIC table in ACPI, exposed by the UEFI firmware.


Waseem Alkurdi

Re: Updating to Windows 10

No, it's nothing to do with this at all.

If it's a genuine Windows 7 or 8.1 key, whether retail or OEM, it'll upgrade and get a digital entitlement "a key".

If it's activated using a SLIC table injector (Windows L0d3r, etc) it'll upgrade as well.

Waseem Alkurdi

Don't worry 7,

You'll be always alive, at least to us., in our hearts.

(After XP and Linux, of course)

Sysadmin's three-line 'annoyance-buster' busts painstakingly crafted, crucial policy

Waseem Alkurdi

Re: Great system...

That's precisely the point.

See how we have different answers?

Waseem Alkurdi

Re: Oh yeah, _that_ fscker.

It (SELinux) was originally engineered by the American government, so it seems to mirror a governmental bureaucracy.

Waseem Alkurdi

Re: Great system...

It's been always this way with config files.

Let's say you have a config file under ~/.config/myprog/config and another under /etc/myprog/config and a default under /usr/share/myprog/default/config.

Which one am I gonna load?

Waseem Alkurdi

So Todd wrote a security policy.

"It was a three-line policy that basically said 'this file can be accessed by this process in this way'," he said.

SELinux policy?

Good news! Only half of Internet of Crap apps fumble encryption

Waseem Alkurdi


We have added security measures, including the introduction of encryption

You gotta be kidding.

I'm a crime-fighter, says FamilyTreeDNA boss after being caught giving folks' DNA data to FBI

Waseem Alkurdi

Re: It's For the Children

1984, right?

What's Farsi for 'as subtle as a nuke through a window'? Foreign diplomats in Iran hit by renewed Remexi nasty

Waseem Alkurdi

Re: infallible proof

Care to provide proof? Something like this must've been taped by at least one reliable news source.

Texas lawyer suing Apple over FaceTime bug claims it was used to snoop on a meeting

Waseem Alkurdi

Ambulance chasing at its best?

Or so that guy thinks.

Wait a sec, how did he knew that it was THIS bug and NOT a "bug" placed in their alleged meeting's venue?

The D in SystemD stands for Danger, Will Robinson! Defanged exploit code for security holes now out in the wild

Waseem Alkurdi

Re: Hunting around online I found an excellent bugfix

But don't forget to set binary mode when downloading it using FTP, because its first release is ASCII. (Pun superintended)

Waseem Alkurdi

Until glibc (then systemd) magically discover portability and mutate, infecting FreeBSD, that is.

Waseem Alkurdi
Waseem Alkurdi

Re: Do one thing...

Noooo! Mash it all up so it looks like these whizzy machines in movies!

Waseem Alkurdi

Re: Again

systemD might make sense in a few (mostly laptop related) cases

Parallel init allowing for faster startup?

I'd rather prefer a stable laptop to a $#!tty one.

Waseem Alkurdi

Re: Again

A 10 line prog has 10 lines that each interact with 9 other lines, so 90 at least 90* bug opportunities

Hate to be pedantic, but ... fixed.

* 90 is in the case there's only one bug per line.

Waseem Alkurdi


This seems to be a direct consequence of the init that's an OS in its own right.

Apple: You can't sue us for slowing down your iPhones because you, er, invited us into, uh, your home... we can explain

Waseem Alkurdi

Re: Interesting argument

Or, alternatively, the court should pronounce summary judgement against them, impose a fine well into the billions, ensure that the proceeds are distributed to iPhone owners worldwide, and rule that there is absolutely no leave to appeal. Something like this is what these tech giants and their lawyers need to teach them a lesson.

And I dream that Linux conquers the world and that all data-slurp CEOs are tried and found guilty of grand treason, arson (of the CPUs they overheated with their ads), and some sabotage charge or another.

Dream, my mate.

PSA: Disable FaceTime. Miscreants can snoop on your iPhone, Mac mic before you pick up call

Waseem Alkurdi

Re: Bug?

The best way to have a confidential meeting is still without any electronics

Bugs. Lots of them.

Q. What do you call an IT admin for 20-plus young children? A. A teacher

Waseem Alkurdi

"Young students, for example, cannot be expected to remember and enter a password. "

Eh? They only can bother remembering that of Fortnite/PUBG/whatever online game?

I've been dealing w/ passwords since age six or something. It was mostly 1234s, but hell, it's possible.

'Numpty new boy' lets the boss take fall for mailbox obliteration

Waseem Alkurdi

Re: Novell NetWare and roaming profiles

I've never seen ‘roaming profiles’ working even when they did work, minutes waiting for the profile to be copied down to the client and minutes waiting for the client to be copied back to the server usually because some process is keeping NTUSER.DAT locked.


Waseem Alkurdi

Re: "He knew the VP's password..."

The BOFH is obviously not called Simon. He only says this so that we don't track him down.

Waseem Alkurdi

Kover Your Arse

Sounds like a program shipping with KDE.

Waseem Alkurdi

Re: 100% honesty 90% of the time

Charlie Ash

And Ronald Amchip and Frank Irmware (and his widow Charlotte Amchip and her non-profit Charlotte Amchip's Schizophrenics' Hospice).

Waseem Alkurdi

Re: Principles..

Exactly, since they aren't called vice principles, contrary to what some people think ...

Data hackers are like toilet ninjas. This is not a clean crime, you know

Waseem Alkurdi
Thumb Up

Re: Arrested development?

these people also touch their mice and keyboards.

And smartphones which you've been given to repair, and touchscreen queue kiosks at banks, etc.

Waseem Alkurdi

Re: Biblical solution to bathroom issue

Back in the days when we all wrote in FORTRAN (before Fortran had discovered lower case) we all spoke like that.

Thanks for the laugh!


Biting the hand that feeds IT © 1998–2019