* Posts by Giovani Tapini

350 posts • joined 11 May 2018

Page:

Password managers may leave your online crown jewels 'exposed in RAM' to malware – but hey, they're still better than the alternative

Giovani Tapini

The most relevant comment in the article

is the one that says security of your passwords is not an issue until you open the password manager that uses them...

Ultimately you can throws layers of defence around access to your machine, it's services, the OS, etc. etc, but as soon as data has to be used or seen it is at risk. This suggests that the only safe data is that which is never accessed and not accessible. Otherwise there will always be threat vectors.

I would like to think that these tools will be fixed where the entire password catalogue is stored in plaintext, and they are decrypted on demand. But decrypted they must be while systems are accessed in a way where credentials must be entered. The benefit of this, is that I own my own credentials (albeit with described risks) whereas a lot of the alternatives you have to trust someone else and their own infrastructure to manage your identity for you.

Big Brother, or incompetence could make this more catastrophic than the loss of individuals credentials if they happen to be the one unlucky enough to be compromised. Bearing in mind the general public don't even seem to care about being compromised unless it slows down facebook too much we, although right, are not barking up the right tree.

Giovani Tapini

Re: Remembering loads of long passwords

@twatsthatallowinputofmorethat16charsbutonlystoreandtestthefirst16!?

Windows Subsystem for Linux adds pop to release, SAC-T sacked, crypto-jacking apps: It's Microsoft's week

Giovani Tapini
Coat

Re: Crypto mning is not optional tomorrow?

Quaint they may be, but I suspect there is life in the full OS for some time to come outside large business applications.

I, for one, am only predicting a reduction in footprint. This probably favours more modular OS platforms like Linux over a monolith by default like Windows...

I'll get my hat, grab my bag and run to the waiting chopper now...

Solder and Lego required: The Register builds glorious Project Alias gizmo to deafen Alexa

Giovani Tapini

Re: Waste of a good pi.

Are we aiding and abetting this toastercide?

Techie in need of a doorstop picks up 'chunk of metal' – only to find out it's rather pricey

Giovani Tapini

Cover story

This happened far away at a place called Windscale. Nobody will know it was you...

Oracle throws toys out pram again, tells US claims court: Competing for Pentagon cloud contract isn't fair!

Giovani Tapini

Have big red

Made sure they hadn't employed or contracted anyone that would give themselves leverage? I don't imagine for a second the two guys had any overall power over the bureaucratic purchasing machine.

Oracle calling ANYTHING unduly restrictive has to be having a laugh.

If the DoD is not authorized to enter the market at all how does that help them? That's just bad luck.

Again, the winners will be lawyers and nobody else...

OK, Google? Probably not! EU settles on wording for copyright reform legislation

Giovani Tapini

Will probably encourage

More copyright thieves sending takedown notices to original content providers. These scum cannot be challenged as the YouTubers in Google's case will me marked with challenges and banned.

This problems are less with Google but what is now a wild west of claim, counter claim between law firms at the creators loss. Yes there are some blatant copies of stuff but they will easily republish via TOR

Google's stunning plan to avoid apps slurping Gmail inboxes: Charge devs for security audits

Giovani Tapini

Business before pleasure...

Any app from any app store, including fruit flavoured ones collecting personal information should arguably be audited. This is information over and above that already collected by the app store owner, Google or otherwise.

In some ways, this is a really good idea, although instead of pushing an auditable qualification standard, pushing specific auditor firms and costs does not sit well with me.

It's always fun to bash Google, however business before pleasure and all that, I would rather see other stores take a similar stance, albeit with a more flexible regime depending on the data collected and the volatility of the use-cases. These proposed costs do seem rather excessive for the masses, and will probably end up inefficiently re-auditing a few advertising solutions hundreds of times as they are consumed in apps. Frankly Google, evil or otherwise, is scrutinised far more than random-app-developer.com's independent, unsupervised, data harvesting operation.

Hold horror stories: Chief, we've got a f*cking idiot on line 1. Oh, you heard all that

Giovani Tapini

I believe the stapled floppy disk story was genuine from the Commercial Union insurance techies in Croydon IIRC from the distant 80's. I recall an interesting memo from the then equivalent of the dis-service desk with lots of do's and dont's...

Giovani Tapini

Re: Nicely done

sometimes, unfortunately that is the only way to get accounts closed. This was a particular issue with, but not limited to, certain mobile companies that would lock in contracts.

Certain acquaintances of mine (but not me - yet) have yelled abuse at the poor sod in the call centre just to get a contract terminated. An effective, albeit probably unethical, way of getting the job done when the proper channels simply don't care or are deliberately resistant to being straightforward.

Senior slippery sex stimulator sales exec sacked for shafting .org-asmic cyber-space place, a tribunal hears

Giovani Tapini

He is now slipping down the greasy pole

He clearly has little idea about how the internet works. Or that people have bookmarked the site. Many people use bookmarks and forget the domain entirely, like contacts on phone where you only now recall your own number.

Indeed if I site suddenly changed like that my first assumption would be that it's an imposter and not to be trusted at all.

They are well rid of him...

Techie finds himself telling caller there is no safe depth of water for operating computers

Giovani Tapini

Re: Annoying pedantry

@EvilAuditor

Military stuff always comes at eye-watering mark-ups even where it doesn't make sense. NHS paying more for aspirin than consumers. Its just routing government gouging, because its nobody's job to say if its reasonable, only that a "process" has been followed.

In civvy life you just have to breath a keyword like "Wedding", or "new baby" for example for everything to (at least) double in price from identical items not sold under that heading. So its just as bad elsewhere.

Giovani Tapini

No water stories but

I did find a 100mm pipe in the subfloor of one datacentre I worked in. Nobody, not even the facility manager could tell me if they were for cable runs or drains.. Nothing ever came out of it though (at least not while I worked there)

More in line with the question of colleagues in hazardous situations... One colleague, was questioned at gunpoint by security while working out of hours in a foreign branch. The implementation PM had apparently failed to inform security that he was supposed to be there. The service desk had to find us to confirm he was legit!

A second colleague was stopped by the police after scaling the car park gate which was locked after a weekend callout. He had been given all the building keys, but no one thought to provide the gate padlock key! Someone had reported him, which, to be fair, was probably the right thing to do...

and people think IT is a boring office job..

A picture tells a 1,000 words. Pixels pwn up to 5 million nerds: Crims use steganography to stash bad code in ads

Giovani Tapini

Re: Should be easy to ban

Except the steganography is not the root problem, the side loading/dynamic creation of script is.

Although in this case the code is in an image there are lots of places to hide stuff, even in other code, or comments or images unrelated to the ads etc. The real problem is once, however it was retrieved, has become "code" again and as not directly downloaded outside the sight of most defences.

Again ads are a channel, but the root cause remains compromised scripts. therefore turn of JS which naturally blocks a fair few ads all by itself.

Users fail to squeak through basic computer skills test. Well, it was the '90s

Giovani Tapini

Mouse ball sucked up by vaccum cleaner?!

As I recall they were like steel shot with a rubber coating that was solid and heavy enough to use as high calibre musket shot and kill people.

I do recall finding spiders nesting in one, given the inside of the mouse was effectively void.

The worst was the debris that collected on the sensor wheels, not the ball though. These would get caked in some sort of solidified mucus and collect enough hair to make a fairly convincing wig. Usually this hair would have to be surgically removed with scissors and sharp knife.

Those were the days...

Data hackers are like toilet ninjas. This is not a clean crime, you know

Giovani Tapini

Yes, I have been to places like the one described

It's not what I would call "clean" dirt like a factory environment, this is environmentally hazardous, deliberately created, and usually malodourous laziness.

Where you don't even want to sit on the chairs because you cant tell if the unidentifiable stains on the chairs are still moist, and the toilets smell so bad that you would rather hold on till bursting than actually use them. Indeed using the floor may actually make the place cleaner...

Using the kettle you find it contains a layer of discoloured slime that may be from accidental ingest of soup powder or simply congealed rust, the mugs are filthy and the sink is so full of dirty items you cant even see if clean water may drop from the tap. Bearing in mind that you could only reach the tap while wearing gloves of a length that a farm vet would envy...

I wonder if they treat their customers the same way they treat their own office...

Nationwide UK court IT failure farce 'not the result of a cyber attack' – Justice Ministry

Giovani Tapini

Article talks about crubling courts

In my area they are looking at closing the local, recently and expensively built court to "save money" in favour of the crumbling buildings it was intended to replace.

Sounds like the same strategy applies to their IT!

Ooh, my machine is SO much faster than yours... Oh, wait, that might be a bit of a problem...

Giovani Tapini

Re: The "Apprentice" phase

We now call it a proof of concept instead of a quiet mistake though...

Oxford University reportedly turns off its Huawei money tap

Giovani Tapini

Perhaps I should stop using Cisco network gear

In case it's enabling the Americans to spy on me, as opposed to normal commercial gouging...

I strongly suspect that this is more related to the trade dispute and "America first" than any genuine issues.

All vendors are based in countries where governments could attempt device comprising, either for targeted shipping or backdoor as a standard service.

Perhaps the Chinese could accuse AWS of enabling mass surveillance by the NSA with all the concentration of data and networking and compute while standardising their configuration for interception..."cloud is US cloak encouraging people to provide the state intelligence service with all their data voluntarily and unwittingly."

Basically they are all either at it or capable. Set up your networking properly, try to avoid single vendor setups (usually easy as they all have services they don't provide) and use encryption.

If you don't trust anyone keep your data off the Internet, otherwise use caution and wait for evidence before backing the latest political manoeuvre...

Dozens of .gov HTTPS certs expire, webpages offline, FBI on ice, IT security slows... Yup, it's day 20 of Trump's govt shutdown

Giovani Tapini

Re: Oh God

I am increasingly convinced that the wall is really to stop the Americans getting out... Its nothing to do with the Mexicans...

Windows 10 Insiders sent on quest deep into Registry to fetch goblet of Reserved Storage

Giovani Tapini

Re: Reserved Storage

Second or not. For shops where storage is a chargeback item it will come as an interesting unbudgeted expense...

Hubble 'scope camera breaks down amid US govt shutdown, forcing boffins to fix it for free

Giovani Tapini

Re: Easily solved

The way Trump talks he may as well be at war with Mexico its that bellicose.

Do the workers get back pay when government restarts?

Border guards probe 'suspicious bulge' in man's trousers to find he's packing fluffies

Giovani Tapini
Trollface

I bet that gave the guards a paws for thought

now that cat is out of the bag, so to speak...It clearly didn't take inspector Clawseu to discover them either..

I'm just not sure the computer works here – the energy is all wrong

Giovani Tapini

Re: Mythbusters

I would have assumed, although I have zero education to back this up, that an unshielded aircraft would be just as likely to fall out of the sky in a good solar storm, regardless of phone wielding sociopaths...

Giovani Tapini

Re: on a similar note ...

I also had the same where the machine behind the wall was an industrial pallet shrink-wrapping machine.

Happy new year, readers. Yes, we have threaded comments, an image-lite mode, and more...

Giovani Tapini
Trollface

How do the vultures find time to make these changes

if they have a holographic love dungeon? There must be a queue for beta testing volunteers!

Oh yes, and I, er, have a friend that wants one so where do you get them?

Could you speak up a bit? I didn't catch your password

Giovani Tapini

Re: I'm pretty sure I can prove that...

Ah yes, density will affect energy transfer and heat generated....not to mention if it's a thin wide pie or tall an thin... sod it I'm just going to eat it, someone else can work it out.

Giovani Tapini

Re: If this is how things are going to be

I'll just wait with some gin while it's worked on

Giovani Tapini

If this is how things are going to be

I'll start working on ciphers again if I can't rely on encryption.

Giovani Tapini

Re: I don’t know why I’m reading this except...

Nice to see the jokes branching out once you twigged the punchline. merry Christmas!

Here's 2018 in a nutshell for you... Russian super robot turns out to be man in robot suit

Giovani Tapini

Re: Here I am ...

Maybe spend some time with the doors. They may make you happier

Supernovae may explain mass extinctions of marine animals 2.6 million years ago

Giovani Tapini

You appear to be assuming that intelligent life exists at all...

New Zealand health boards write down losses on Oracle implementation

Giovani Tapini

Re: New Sydney Healthscope Hospital

JIT for a hospital does not sound a very good idea at all regardless of implementation. Especially if that is apparently involving medical supplies.

A factory running out of materials is expensive, and annoying but is not life and death.

Medicine is a great source of what may be "characterised" as unpredictable workloads in their speak. It is not a production line, like the delivery of toilet roll or catering supplies. I certainly would not want to be the one saying, "sorry madam we couldn't save him, the supplies needed were stuck on the motorway"

Sounds to me like the model is doomed to fail regardless of software and comes right back to poor management decisions.

Giovani Tapini
Trollface

Re: Worn out road to the bank

@b0llchit

So you want to become the next POTUS?

App-happy SAP Santa offers partners free access to Cloud Platform

Giovani Tapini
Trollface

Do you still have to licence all your data source systems downstream?

Anyone using this platform is probably at risk of having to licence the entire internet...

Surface Book 2 afflicted by mystery Blue Screen Of Death errors

Giovani Tapini

I wonder if this level of service will be extended

to physically breaking hardware. It sounds like it may be only a matter of time...

Ex-Intel engineer tried to make off with 3D XPoint secret sauce on his way to Micron, says Chipzilla

Giovani Tapini

Re: Personnel data?

And I ask myself, what did he want with the personnel data? was it to help him poach colleagues? Was it to allow him to stalk Emma from accounts? Was he just sucking up everything he had access too "just in case".

I wonder if he was not really getting on well with his bosses, or if he is just a digital kleptomaniac... I feel sure there is a part 2 to this story that hasn't come out into the light yet.

Take my advice and stop using Rubik's Cubes to prove your intelligence

Giovani Tapini

A consultant to consultants

That sounds a great job.

Blockchain study finds 0.00% success rate and vendors don't call back when asked for evidence

Giovani Tapini

Re: Gold rush...

Lawyers make money too, never forget the lawyers.

In this case they will be defending the entrepreneurs (snake oil salesmen) and the customers (the naïve)

Canuck couple returns home after night on tiles to gaggle of randomers hanging out in their flat

Giovani Tapini

Re: It always pays to carry a Micro-Uzi in a shoulder holster

It was Canada, so micro uzi not allowed I am afraid..

Support whizz 'fixes' screeching laptop with a single click... by closing 'malware-y' browser tab

Giovani Tapini

At one place I worked, they had speeded this up

by occasionally deleting user profiles along with all setting, data, documents etc then insist line manager re-requests all your access from scratch. Far quicker than re-imaging a laptop while creating similar feelings of loss and hopelessness in the user (although that included us techies, grrr)

I never did find out if this was BOFH behaviour or simple incompetence though.

It's a patch bonanza as Microsoft showers its OS platforms with update love

Giovani Tapini

Re: Let's be fair to MS (thought experiment)

[They don't know about sites like this where prudent people will sit back after an update is released and what breaks or test it themselves.]

What, you think techie muggles should asking for help here? They'll get 105 downvotes and about 30 sarcastic remarks before someone posts a link to a fix or simply says, you shouldn't have done that ... Dave...

LG: Fsck everything, we're doing 16 lenses in smartphones (probably)

Giovani Tapini

Re: What has the world come to...

Careful, you may retain your intergalactic velocity, and being just outside the door you may find yourself flying towards the queue. It may be a useful way of making sure there is no crowd stopping the other passengers from getting off though, just try to make sure the crater is not too big...

Capita seeks new networking chief: Up for it?

Giovani Tapini

Re: Fewer Things Better

I didn't think it was possible for the company to be better at doing less - that is after all their overall business model.

doing better, also translates to "enforcing confusing contract wording to be able to get away with more in spite of doing less"

Giovani Tapini

No way I would work for somewhere that operates on lowest bid basis

That is not architecture, it is bodge and run and hope for charging for upgrade projects later.

In my experience fully outsourcing networks is a sure path to expense and disaster. Its just a question of time...

Sacked NCC Group grad trainee emailed 300 coworkers about Kali Linux VM 'playing up'

Giovani Tapini

they should have simply swapped out the laptop

If it was a prank, bullying may have had some credibility... It does not sound like that was the case though. I know that helldesks often try to keep people offline for a day or so while they replace a drive which can make people rage temporarily.

If indeed she was supposed to be working on security related stuff they probably should be assuming the device has been compromised anyway, not just faffing with re-installs.

Sounds like a combination of helldesk processes being flawed along with a grumpy trainee

Mobile networks are killing Wi-Fi for speed around the world

Giovani Tapini
Go

Re: the data is flawed

wifi - overshared - cheap ad ridden proxies - poor deployments at scale, can however create a private network and secure it yourself

5g - expensive - crap back haul moving bottleneck back but not eliminating it. - cant create a private network with it, security based on provider trust only.

I'm sorry I don't think 5g is in a position to start roasting yet, particularly while it remains the preserve of telco's

Consultant misreads advice, ends up on a 200km journey to the Exchange expert

Giovani Tapini

Trusting advice on the internet...

Anyone that trusts what the internet says blindly is, frankly, asking for trouble.

Even technical advice for problem solving, although often helpful, is often resolving a problem that is only "similar" and therefore the solution may either be ineffective or add to the problems you have.

I rarely find advice that directly matches the situation I encounter, or relates to the same combination of software versions I am running.

Unless what you read is close to, aha, I would have thought of that eventually, you may want to get a second opinion...

Outside the techie world there is a great deal of "advice" which is positively malicious too, and plays the gullible to brick their devices, and remove their data...

Giovani Tapini

Re: Exam question.

I was given a test with 100 questions on it, where the last one said, all you needed to do was fill in your name and hand it straight back. Many people were still working through it an hour later...The tutor thought the whole process was hilarious.

Pasta-covered cat leads to kid night operator taking apart the mainframe

Giovani Tapini

Re: Click bait

I missed the computer by a whisker while choking on my lunch reading this.

Page:

Biting the hand that feeds IT © 1998–2019