* Posts by Mark Morgan

31 posts • joined 11 Sep 2007

Microsoft: Yo dawg, we heard you liked Windows password expiry policies. So we expired your expiry policy

Mark Morgan

Re: Gaaaaaa

I've had ones that don't tell you the maximum length, so you generate a 30-char random password using a password managed and store it. Website accepts it whilst creating a user profile and lets you in. The next time you try and log in it fails. Turns out after much forum digging that max length is 16. Create user screen had just truncated it and let you in but logon screen doesn't truncate and flags a mismatch. Doh! Had that more than once.

Using a free VPN? Why not skip the middleman and just send your data to President Xi?

Mark Morgan


Somewhat ironic that the links to the original report on top10vpn.com show a certificate error "your connection is not private"

What went wrong at Tesco Bank?

Mark Morgan

Re: VbV

Yes it does. It depends on the card issuer. One of my cards Verified by Visa asks for the full password the other asks for random characters.

My biggest gripe with it is that it responds "no that is not your password", you shout at it "yes it is". Select change password; Answer some staggeringly easy questions (you know, like mother's maiden name and postcode) and set your new password and it says "you've used that one before you can't have it" - at which point you punch the screen shouting "that's the bloody one I was entering before". You just end up in a loop resetting your password every single time you're forced to use it.

Verified by Visa is just the banks attempting to offload their fraud liabilities on to the retailer.

Mark Morgan

Re: Santander must also not be hashing passwords

Santander 'upgraded' (NOT!) their security. Old Santander accounts require customer ID, full passcode and full registration number. Accounts opened in the last couple of years required customer ID and three random characters from the passcode and three random characters from the registration number.

So they must be storing them using reversible encryption. and to make it look like they beefed up security they just changed the front end. No changes have gone into the way the data is stored.

What do customers do when presented with three random character shite? They chose simpler passwords don't they? No point in trying to use a 20-character random generated one when they pull this crap on you.

I don't use the Santander mobile app so can't speak for that one.

The Tesco's one is worse. The three random characters required by Santander are in fields named in the HTML as x1, x2, x3 and the three characters random are annoyingly not in order either. The Tesco's site asks for the username (not email address), full password (good) but the three random characters of the security number are presented and named as x1, x2, x3, x4, x5, x6 with the three you don't have to enter greyed out.

Skyscape rebrands to UKCloud following legal challenge by Sky

Mark Morgan

Re: How much would it stand in a court?

"... they [Microsoft] could have counter-sued on the basis that Sky infringed on Skype"

Other way around, I'm afraid, Sky sued Microsoft over the Sky in Skype and Microsoft lost! That was 2015, not sure what's happening now though as Skype shows not signs of changing its name.

Wi-Fi network named 'mobile detonation device' grounds plane

Mark Morgan

Re: Lots of lateness

I saw a hotspot listed as "PoliceSurveillanceVan2".

And the amount of times I've seen open ones called NETGEAR is depressing.

CryptoLocker-style ransomware booms 700 PER CENT this year

Mark Morgan

Re: We need a good backup solution

Multiple backups is what is needed. But a NAS device alone only defends you against HD crashes and not disasters that take out all of the IT kit in your house which is where the cloud comes in. But remember too that neither are fully secure as Cryptolocker would encrypt your cloud storage and NAS drives if it detected them mounted as a network share in Windows. Synology NAS devices have been hit by a Cryptolocker clone - Synolocker - when they had been opened up for internet access and we've all heard what happened to celebrity's iClouds recently and unconfirmed mentions of Dropbox contents being amongst the celebrity files doing the rounds too.

YouTube will nuke indie music videos in DAYS, says Google exec

Mark Morgan

Re: High handed google again!

I suspect you didn't "leave Youtube" as you put it but in fact deleted your Google account. Your Youtube, Picasa, Panoramio, Google+ and Google account are all one and the same these days. Only the Google Mail account is separated as you can delete that without deleting your Google account.

BT network-level STOCKINGs-n-suspenders KILLER arrives in time for Xmas

Mark Morgan
Thumb Down

I predict massive overblocking

If it's anything like the blocking that I've accidentally switched on on my Orange (EE) phone (and can't switch off without a credit reference check to prove I'm 18 - even though I've been paying by direct debit for 13-years and you can't have direct debits on an account until you are 18 - or showing my passport in an Orange shop) then it'll be pants and block everything in sight. For instance in the last week I've had blocks on Tesco and the whole of CNET.

BBC's 3D blunder BLASTED OUR BRAINS – Doctor Who fans

Mark Morgan

Re: Annoying promotions

I can't remember which channel it is that does it but there's a couple that regularly put adverts for the next episode of the programme you are watching in the ad breaks within the programme which can end up being huge plot spoilers for the current episode!

SanDisk cops to malfunctioning Micro SDs in Galaxy S3s

Mark Morgan

Re: Balls

Ditto! Did just the same - ordered one from Amazon UK yesterday for the new Samsung before reading this article!

Jammy b*stards: Admen flog chocolate bars with 'Wi-Fi-free' zones

Mark Morgan

Re: quiet coaches

I seem to remember years ago talk of the new Pendolino's having a Faraday Cage built in to the quiet carriage. Nothing came of it probably due to cost rather than illegality. Can't find an article about that but found this later one which is interesting http://www.theregister.co.uk/2008/10/30/faraday_train_windows/

BT in ad slapdown after 'misleading' punters on fibre deployment dates

Mark Morgan

Doubt it'll be coming my way soon either. Live in a village so everyone is wired directly to the exchange and no cabinets are around.

Exchange itself gets on to backbone via local town 5-miles away, I believe, which has been upgraded and is 'Accepting Orders'. I'm guessing that it is fibre between the exchanges anyway and the village exchange would need new equipment in it for me to get it. SamKnows gives a figure of around 700 premises for the exchange so not sure it would ever be a target.

Although my router claims to sync at 8Mbps (numerous speeds tests have been all over the place with the best being around 6.5Mbps but regularly down below 2Mbps) but trying to watch iPlayer or YouTube ends up frequently buffering and iPlayer drops out claiming not enough bandwidth.

Lawyer sues Microsoft rather than slot an SD card into his Surface

Mark Morgan
Thumb Down

This is not new

even back in the days of the 48K Spectrum the OS took up something like 7K leaving only 41K usable for your software.

Nikon snaps first Android-based camera crown

Mark Morgan

Finally someone has done it! NOT!

Finally someone has done it! NOT! I've been thinking for years that some company should release a point-and-shoot camera that is also a phone rather than the other way around.

Cool bit of kit - 16MP camera with 10x optical zoom and Android OS but no phone capabilities? FAIL! Nearly there, though, maybe the next model...

ITC denies Apple an emergency ban on ALL HTC PHONES

Mark Morgan

Erm, not new or original

"HTC was infringing on a patent that allows folks to isolate data such as phone numbers in emails and then call the number"

I'm pretty sure my old Sony Ericsson K750i could do that with numbers in SMS text messages - the K850i could certainly do it.

Barclaycard pay-by-bonk fraud risk exposes Amazon's security

Mark Morgan

Re: @ Irongut

""Would you prevent a family having separate accounts on the same CC" ? - Yes, absolutely."

Why? This is a PITA. Some credit card companies issue additional cards against the primary card holder's account with exactly the same 16-digit card number, start date, expiry date and even CVV2 number - Tesco Visa I'm looking at you. Which means on the few websites which do check for this then my wife can't use her credit card if I have an account on the site too e.g. Paypal. Thankfully many credit card companies, Barclaycard included, issue additional cards against the primary card holders account with a different 16-digit number.

Hackers may be able to 'outwit' online banking security devices

Mark Morgan

Re: Too much security too often?

"Most of my online banking consists of checking the balance and sending money to exactly the same set of people."

That certainly used to be the case but with cheques being phased out everybody you used to pay by cheque - builders, plumbers, electricians, etc - now need you to use the Fast Payment System (FPS - BACS on steroids) to transfer money to their account. But the banks now have you jumping through hoops just to add a payee making your life difficult.

I initially though my Natwest card reader device was a neat idea but they then stopped me using it for both my business account and personal accounts and before long I've ended up with five of the beeldin' readers in the drawer, a special transaction card just to use for my business and no idea which is the right reader for what. I'd have to say that the Halifax Intelligent Finance way of doing it by giving you half a code online then texting you the other half is a lot easier.

Boffins quarrel over ridding world of leap seconds

Mark Morgan

Year 4000

We'll have even more problems come the year 4000 (ye olde Y4K problem) when we realise that we should have adopted John Herschel's 4000-year leap year rule because we'll end up a whole day ahead when we add a leap day that we shouldn't.

Starbucks extends gratis Wi-Fi to UK

Mark Morgan

Starbucks have had free Wi-Fi for ages

I've been using Starbucks free Wi-Fi for a couple of years. You just register a Starbucks card on their website. When you fire up the laptop, connect to the Starbucks BT Openzone hotspot and fire up the browser. You end up on a BT Openzone landing page with a Starbucks login option - no need to sign up to Openzone.

The only time I tried a JD Wetherspoons hotspot the laptop couldn't handshake with the router.

Friends, GenesReunited cuts losses

Mark Morgan


I'm suprised that they haven't split off and sold FriendReunited yet as they only bought it to get GenesReunited. They basically paid £120M for GR and a nominal sum for FR.


'Wear levelling' - a bedroom aid for multi-layer cell Flash

Mark Morgan

Data security

These wear levelling algorithms for flash drives is why it's very difficult to securely earse data from one. Use something like Heidi Eraser on a file on a flash drive and you can still recover it as the wear levelling has written the zeros / random data to another part of the drive and marked the file's sectors for reuse and later garbage collection. I believe the only way around it is to securely erase the whole drive and not just individual files.


Mark Morgan

Who profits?

What we need to know is who paid him for this 'science' fluff piece. With an article like this from a rent-a-scientist you'll probably find it was Mattel or some dating website.


Microsoft sneaks Firefox add-on into Patch Tuesday update

Mark Morgan

Google Toolbar

I don't see anyone complaining that their Google Toolbar running in Firefox has been updated silently by the Google Updater.

I think it's great the way Google Updater silently updates all Google its products in the background and doesn't even require a reboot every time. Adobe and Microsoft take note! The only reason I know Chrome has been updated is because Secunia PSI tells me.

I just wish the lot of them would get together and make one Über 'Windows' update that did the lot for every product that registers wih the update service.

Microsoft's Automatic Update - the way to browser competition?

Mark Morgan

Forcing a choice

If the user is presented with an installation choice when the switch on their new shiny box for the first time most users will pick by brand name as they will not know any better.

Microsoft Internet Explorer

Google Chrome

Mozilla Firefox

Opera Opera

Apple Safari

How many of Joe Public have heard of Mozilla or Opera? The result of this choice would be to increase Google's browser market share and possibly some for Apple too.

Blame game over United Airlines stock crash rumbles on

Mark Morgan

Not Google's fault

This is clearly the fault of the Florida Sun-Sentinel not dating their articles correctly (bad website design), the news agency who picked up on it and didn't check before writing their tag line and posting it and the traders who accepted it all on blind faith and it didn't ring bells as being somewhat familiar.

I used to run a blog where I trawled news using custom RSS feeds from Google News. I used to see this sort of thing all of the time and it was always the same websites not dating their articles correctly, if at all. The key thing for me was I applied some common sense and could spot the rouge stories and didn't post them to my blog.

That password-protected site of yours - it ain't

Mark Morgan

RE: Very simple if you read the docs


..mines the one with "Read the manual" on the back."

Indeed. There was a good case a couple of years ago where a Belgian newspaper company, Copiepresse - covering several countries, sued Google for making their copyrighted, paid-for, content available in their cache. Google didn't show at the court hearing and the judge ordered Google to remove all of the companies newspapers from the site. So, Google obeyed and removed the lot from the entire search index effectively wiping them off the net.

Eventually the papers saw the idiocy in their ways fixed their headers and asked Google nicely to reindex them.

Governator outs Dubya's global-warming 'time bomb'

Mark Morgan

US vs UK Petrol prices

Average petrol price for the UK yesterday - according to The AA - was 109.8p / litre.

Which converts to 415.64p / US gallon

Today's exchange rate is 1GBP = 1.99USD (xe.com)

So UK petrol costs more than double that in the US at $8.27 / US gallon


London store brews £50-a-poop cat-crap coffee

Mark Morgan
Thumb Down

Rip off price

They had Kopi Luwak at Java Joe's in Coventry for around £6.50 a cup and the Jamaican Blue Mountain was something like a fiver. And this lot are wanting 50-quid for a blend of the two!!!

Never could bring myself to try the stuff in all my visits though...

Bebo fingers Yahoo! for display ads

Mark Morgan

Yahoo! Malware! ads!

And yet the other day Yahoo! were caught placing malware laced ads on both Bebo and MySpace!


Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users

Mark Morgan

Microsoft patches not applied

I've got two (out of four) machines at home that are knackered if I enabled the Windows Automatic Updates service - a known issue apparantly. One, a desktop, the processor hits 100%, on the svchost.exe process that is running the service, and stays there. The other, a laptop, freezes completely. So off I pop to the Windows Update website to download the updates manually and it complains that the service is disabled! Argh!

I have a daughter who spends her life on Bebo, MySpace and MSN and my ZoneAlarm Security Suite has found that virus numerous times now.

Biting the hand that feeds IT © 1998–2019