Posts by Recluse

Re: I am beginning to think . . .

I’ve long ago reached that conclusion … I won’t even apply for my bus pass entitlement on the basis I don't trust the council idiots to safely secure my identification data and photograph.

Now if I could just get the DVLA. to delete my driving licence photo … Oh forgot about the idiots at HMRC & NHS and the Electoral Commission (but as to the latter, I seem to recall its already all gone to some foreign entity with them having been hacked)

My personal data is very important to me, but only post hacking, does security become top priority to these numpties (or was that posterior/bonus covering?)

Horse, door, stable, bolts, shut, me thinks

God help us all if they introduce a mandatory biometric national ID card

Re: How many fraud and theft cases in the 80s?

Whilst I share the outrage of the many, I think the ultimate unaccountable public body is HMRC.

They don’t answer the phone efficiently (if at all) they have no local offices and take months (in my experience) to answer correspondence and then frequently ineptly. They have inherited (via Customs/Excise) forcible powers of entry - they effectively write their own search warrants.

They are judge, jury and executioner all rolled into one, with draconian levels of powers able to impose “assessments” the ultimate steamroller … Essentially you are guilty until proven innocent.

Don’t think it will ever happen to you?

Read this woeful tale of a business destroyed by HMRC and the tortuous route the victims had to follow in order to try and obtain some form of redress. Its positively “Orwellian” To the very end HMRC were attempting to avoid any financial liability for their outrageous conduct.

https://www.rpc.co.uk/perspectives/tax-take/high-court-criticises-hmrcs-conduct-and-compels-it-to-honour-its-undertakings/

Short cut to full (2015) judgement on Bailii.org (for those with time on their hands to digest )

https://www.bailii.org/cgi-bin/format.cgi?doc=/ew/cases/EWHC/Ch/2015/225.html&query=(Abbey)+AND+(Forwarding)+AND+(Ltd)+AND+((in)+AND+(liquidation))+AND+(v)+AND+(HMRC)+AND+(.2015.)+AND+(EWHC)+AND+(225)+AND+((Ch))

Re: Hot air

Yes indeed and you can also add to the list the scandal surrounding the NHS and those unfortunate to suffer from haemophilia whom decades later are still awaiting meaningful compensation (a significant number having died from HIV)

https://en.wikipedia.org/wiki/Contaminated_blood_scandal_in_the_United_Kingdom

Re: Price rises

Oh A&A do put their prices up !

I seem to recall them increasing their monthly line rental on VOIP lines (SIP Number service) from £1.00 to £1.20 per month.

Mind you it was their first price increase in over ten years and if you contrast them with the grasping main players (BT/Virgin et al) I consider their SIP services a bargain.

Re: What about sites that force you to make it easier?

My experience is similar - complex passwords ( > 25 characters) accepted, only to find that the password is later rejected as incorrect.

Experimentation finds that the site (although not mentioned) only actually accepted/recorded (say) the first 20 digits of the input passwotd. Doesn’t say much for their capture/error checking/sanitation code …

My other bugbear (as I use a password manager) is constantly being hassled to rotate passwords. If its a site that I don’t visit frequently, the first 5 minutes of any return are spent messing around updating/resetting passwords.

Naturally the sites that seem to insist on frequent changes are the ones that often don’t offer proper 2FA - only the inadequate SMS version - and perhaps I don't want them to know my phone number (no, I am not referring to “cough” smut sites …)

Re: Plan to slow Windows 10 - try the other side, its less hassle (mainly)

You may indeed - its VMWare Player which is free for personal non commercial use.

See here

https://www.vmware.com/products/workstation-player/workstation-player-evaluation.html

I migrated to Mint about 5 years ago and its been subject to multiple OS updates (all seamless so far) Just as well really as I am no Linux geek!

Its been such a long time I can no longer recall how I installed player, but it seems reliable and stable.

Re: Hands

I believe it was called the Zen “lifetime price guarantee”

It was withdrawn for new or existing customers moving to a new plan but continues for those (like me) who do not change their out of contract plans. That said I am sufficiently old in the tooth to know that ultimately it’s likely my plan will be withdrawn by Zen when they decide its uneconomical to maintain and the offered “improved” plan will come without.

Whilst Zen no longer offer the lifetime guarantee, they do guarantee a fixed price for the term of your contract - a much more ethical approach than a lot of the big boys. Its hard work saving money, which is why the big boys with their automated systems have a field day with the busy and apathetic.

I always review my options (your electronic diary is your friend) - as my late father used to observe “we aim to lose by the smallest possible margin” …

Re: Tim Cook's punishment?

As a person who went to a comprehensive school (unlike my mother who was grammar school educated) its a delight to be educated by the learned readers of the Register, not only in technical IT matters, but also the history of England and its grammar.

Embarrassingly I often feel that my multi lingual friends have a considerably better grasp of the subject (I fear I might be demonstrating my inadequacies in this written response)

That said I do know its “similar to” and “different from” …

Re: The guy's here...

Many years ago, on logging onto a website and being advised that I was required to change my password (and as a recent convert to the joys of the password database) I rather smugly decided to update my password to a super secure (so I thought) 30 digit one (system specified a minimum length of 10 characters).

Auto generated new password and cut/pasted into requisite field, which was duly accepted and confirmed updated. Completed my business on site and logged out and happily went on my way.

Next time I came to logon my password was rejected as invalid - impossible I thought as its recorded in a database and was copied/pasted.

So I used the reset password link and updated my password once again, however next time I came to logon again history was repeated - updated password invalid.

It was only much later I discovered that said system not only had a minimum length but also a maximum field length ... which I consistently exceeded, presumably it arbitrarily shortening my input.

That will teach me to be smug (would still wish to shoot the developer - where was the error checking?)

Re: Check out Pi-Hole - run on a VM if necessary

I basically block anything Microsoft related at my pfsense firewall until such time as I need to update my Windows VM at which point I temporarily enable access.

Note there are wider implications in blocking Microsoft eg Azure hosted websites etc. This can be overcome by segmenting your network devices into access lists - appreciate I am a bit of a tin foil hat in this regard. Unfortunately privacy requires some effort (and occasional inconvenience).

ASN numbers listed for Microsoft shown here

https://whois.arin.net/rest/org/MSFT/asns

If you are using pfsense firewall this article describes how to block ASN numbers

https://dannyda.com/2021/04/22/how-to-block-asn-autonomous-system-number-with-pfsense-firewall-how-to-block-an-organization-using-pfsense/

Re: To: support@ionos.co.uk

An alternative registrar ?

Mythic Beasts - see here https://www.mythic-beasts.com/domains

(and as an added bonus in the forthcoming vote, they have already declared to oust the current Nominet squatters)

Re: Smug bastard is smug.

Or indeed pfblockerNG on pfsense (which IMHO. is a pihole on steroids)

See here (article is a couple of years old)

https://linuxincluded.com/block-ads-malvertising-on-pfsense-using-pfblockerng-dnsbl/

Re: Recommendations please

Yes likewise - highly recommend Mythic Beasts as well

ASN blocking, not individual IP, is the way to go

@Binraider

If I have understood your intentions correctly, I think that blocking individual Microsoft IP addresses will be akin to "wack a mole" much better to block at the ASN level.

As indicated in my original post one of the third party packages I use in pfsense is called pfblockerNG (pfBlockerNG-devel v2.2.5_33) which allows DNS and ASN blocking. Amongst its killer features is it will automatically check and update ASN lists so as additional subnets are added/removed from an ASN it will update the firewall block lists without any further intervention.

Looking at my firewall logs this morning (post Windows 10 VM boot) I can see the following IP addresses (all Microshaft) on port 443 blocked

52.114.75.79

13.69.68.25

13.80.7.77

52.114.132.73

These are different from those I listed yesterdays and would not be blocked via DNS (no entries listed for IP's)

Personally, if you can, I would recommend switching to pfsense full stop. It is very sophisticated and also free open source software! While pi-hole is good (and has a very low hardware requirement) pfsense is IMHO streets ahead in functionality.

For pfsense higher specification hardware will be required but its still relatively modest. I use an Intel NUC (see here https://www.mini-itx.com/~JBC313) which is powered by a 36w supply. Whatever hardware you use for pfsense its strongly recommended that it has Intel NIC’s and AES-NI on the chipset.

Frankly (whilst I am only a home user) I would feel naked without pfsense. Its also excellent for configuring VPN inbound/outbound connections.

Re: Good & Bad

Interesting article entitled “ A New Needle and Haystack: Detecting DNS over HTTPS Usage“ on the SANS Institute here

https://www.sans.org/reading-room/whitepapers/dns/needle-haystack-detecting-dns-https-usage-39160

IMHO for those who like to see what’s going through their networks and the security conscious, it does not make for happy reading ...

Re: Not been a fan of Logitech for some years.

Whilst I do not disagree with the sentiments of the previous poster, to provide some balance, at least as regards Logitech Media Server, I would observe that they still maintain the infrastructure to support the associated mysqueezebox.com

Also (as I understand it) on discontinuing their hardware products they released the Logitech Media Server (aka Slimserver) software under a GNU Public Licence. Then of course we still have the indefatigable support of Logitech developer Michael Herger in their forums, who also works on the open source side as well.

Logitech Media Server software IMHO is a peach of a product. The outcome could have been worse ... and all is not bad as regards Logitech

Just to clarify (in case anyone is looking for “Gattacre” in the BT bumph) Mr Norton has spelled Gateacre as it as it is pronounced locally in Liverpool).

Startpage tarnished ?

Worried about your privacy ? there are suggestions that Startpage is no longer "clean ... sort of gamekeeper turned poacher.

"Recently there has been lots of talk about Startpage being acquired (or at least partially acquired) by a US company called Privacy One Group, which is a division of System1, a “data science” company that specializes in targeted advertising"

More here

https://restoreprivacy.com/startpage-system1-privacy-one-group/ and here https://blog.privacytools.io/delisting-startpage/

Re: Makes logitech look like....

When there are excellent open source solutions available, I have always struggled to see what was the attraction for Sonos equipment (beyond its supposed plug-n-play setup) but that is unlikely to be a concern for the techies here. An earlier poster has commented about the continuing availability of the excellent Squeezeserver (aka Logitech Media Server) and I would likewise highly recommend the software and its underlying ecosystem.

My home music system runs on multiple Raspberry Pi 3 Model B's with added combined DAC/AMP HAT running PiCorePlayer OS with Logitech Media Server on my NAS. Add in iPeng running on any Apple Device (and a set of loudspeakers) and you have a fully functional system that can play synchronised music across my whole house.

Added hi-lights

Multiple plugins available for added functionality eg Tidal, BBC iPlayer, Spotify etc ...

Active and incredibly responsive developers (donating their time free)

For anyone interested in exploring further I have posted some links below to various sites (this is only really scratching the surface as the possibilities are almost infinite)

(A) Logitech Media Server (LMS) https://forums.slimdevices.com/forumdisplay.php?27-Logitech-Media-Server

(B) LMS Plugins https://forums.slimdevices.com/forumdisplay.php?4-3rd-Party-Software - a particular shout out for Micheal Herger (LMS & Spotify) and BPA (BBCiPlayer and iPlayExtra)

(C) PiCore Player OS download https://www.picoreplayer.org/ plus wider explanation of your multiple options

(D) PiCore Player support https://forums.slimdevices.com/forumdisplay.php?3-Linux-Unix

(E) iPeng http://penguinlovesmusic.de/ipeng-8/ (check out iPeng support thread within forum link B above (This is NOT free but well worth the modest charge - my only connection is as a happy user)

(F) DAC and AMP HAT http://iqaudio.co.uk/hats/9-pi-digiamp.html (other suppliers are available eg https://www.hifiberry.com/shop/)