* Posts by Paul Crawford

5636 publicly visible posts • joined 15 Mar 2007

Pentagon in uproar: 'China's lasers' make US pilots shake in Djibouti

Paul Crawford Silver badge

Re: Advanced Tactical Laser - ATL

Problem with the "thrown into military compounds" part is you have to point a laser at the aircraft with pretty high accuracy.

GoDaddy exiles altright.com after civil rights group complaint

Paul Crawford Silver badge

Re: re: The solution is to educate people

The old adage:

Never argue with a moron, they will bring you down to their level and then beat you with experience.

It's World (Terrible) Password (Advice) Day!

Paul Crawford Silver badge

Re: '2 Factor- This is proper security'

Lets face it the biggest problem with the text-based 2FA is not someone hacking the phone company's network but that likelihood that a user is relying on their phone for both the web login AND the text message.

So that dual-use phone becomes a single point of security failure, more so given the piss-poor patching and updates for most Android phones (i.e. most phones in total).

So use text-based 2FA if you possibly can, but please don't do both one the one device!

Javid's in, Rudd's out: UK Home Sec quits over immigration targets scandal

Paul Crawford Silver badge

Re: So who's Javid?

Well its hardly an authoritative analysis, but taking a look at the wikipedia page about him suggests he can't be any worse than Rudd. He seems to be competent in business and educated, and in fact he has in the past opposed some of the more stupid suggestions in the name of anti-terrorism, so a little better than most Torys.

How well his integrity lasts in the data fetishist's tower of the Home Office remains to be seen.

Can't log into your TSB account? Well, it's your own fault for trying

Paul Crawford Silver badge

Re: French Cinema

Around the same time as 'Monkey' was The Water Margin, another triumph of poor (or impossible) translations.

BOFH: Guys? Guys? We need blockchain... can you install blockchain?

Paul Crawford Silver badge

Re: Adult Badgers?

Today I'm more interested in Bionic Beavers.

If only I had 6 million dollars...

The tech you're reading these words on – you have two Dundee uni boffins to thank for that

Paul Crawford Silver badge
Pint

Re: I'll raise my tankard in toast.

And from me =>

While I don't remember Spear, I do remember LeComber as a genuinely nice guy as well as being a bright as they come. We were all shocked when he died so young (younger than myself now) and I even made it to his funeral service. RIP.

Good news: AI could solve the pension crisis – by triggering a nuclear apocalypse by 2040

Paul Crawford Silver badge

Holy Quarrel

Like the Philip K Dick story?

https://philipkdickreview.wordpress.com/2014/06/17/holy-quarrel/

Astroboffins discover the stink of eggy farts wafting from Uranus

Paul Crawford Silver badge

Where the Sun don't shine

...on Gemini filters the sunlight reflected above the clouds in Uranus’ atmosphere into spectral lines...

Well done to those boffins for finding that, contrary to common public opinion, the Sun does shine on Uranus.

Bungling cops try to use dead chap's fingers to unlock his smartmobe

Paul Crawford Silver badge

Re: Animation

Well its a poor necromancer who blames the corpse...

Tech bribes: What's the WORST one you've ever been offered?

Paul Crawford Silver badge

Re: Probably...

You hope its a taste of things to come?

Nominet drains mug of tea, leans back, calmly explains how to make Whois GDPR-compliant

Paul Crawford Silver badge

Re: I would agree with only LEAs having full access

On the other hand whether paid-access-for-others stands up might depend on whether the domain owners opt in?

INAL but I think it should not - after all the right to privacy is not something to be sold without consent. LEA are a different matter, some would say they should get a warrant, others might feel that whois data is not so personal as to need that for a general look-up. Getting other data like IP addresses of those making contact, etc, is another matter.

OK, this time it's for real: The last available IPv4 address block has gone

Paul Crawford Silver badge

Re: BT

Did BT also update all of their supplied modems, etc, to work with IPv6?

Genuine question, as I'm on VM and last time I looked (admittedly a year or two ago) my cable modem with IPv4 only.

Machines learned to assemble IKEA’s semi-disposable furniture

Paul Crawford Silver badge

Re: @Ledswinger

I think there's only certain tools that qualify for "real man" status

Yes, and that type of tool is made by Abingdon King Dick

http://www.kingdicktools.co.uk/index.asp

Paul Crawford Silver badge

Re: Not the real world

Real men have tool boxes!

Some even keep tools in them.

Size does matter, chaps: Oversized todgers an evolutionary handicap

Paul Crawford Silver badge
Trollface

And in.

And out.

And in.

...

Guess who's still most moaned about UK ISP... Rhymes with BorkBork

Paul Crawford Silver badge

Re: I miss Demon Internet

You mean before they were bought our and ruined?

Like practically every other decent small ISP?

US government weighs in on GDPR-Whois debacle, orders ICANN to go probe GoDaddy

Paul Crawford Silver badge

To be honest, why should the rest of the world comply with a law Europe has developed. Why should the US, Asia anyone else?

Maybe because they want to do business with companies and people in the EU?

Otherwise they are free to do as their local laws demand, but just not to deal with EU customers.

More than 87m Facebook profiles farmed, says second ex-Cambridge Analytica witness

Paul Crawford Silver badge

Very true - simply nullifying a vote on the basis that some dodgy dealings allegedly* took place is a very risky idea and sounds a lot like certain tin-pot dictators do when general/presidential elections are held.

However, using such dodgy dealings as a reason for holding a 2nd democratic vote once people have seen more, and making sure that any illegal actions are prevented, that is another matter altogether.

[*] as we have not had a court trial yet, etc.

Paul Crawford Silver badge

Re: "because, as upper class Brits, they did not want to front up the deal"

Try the phrase "getting your hands dirty"

India completes its GPS alternative, for the second time

Paul Crawford Silver badge

I suspect it is much less about guiding neuks to terminal global warming and much more about mitigating the major economic costs of the loss of precision navigation and timing. Few folk realise how much we take for granted would go TITSUP in the event of prolonged GPS outage (like mobile phone networks and digital TV, etc, and the services that rely upon them) to other things that do have fall-back options but less efficient/safe (like ship navigation and air traffic control).

'Well intentioned lawmakers could stifle IoT innovation', warns bug bounty pioneer

Paul Crawford Silver badge

Re: Easiest solution

For the legion of commentards on El Reg, yes. But then all of the rest of the population they will still buy "oh shiny thing!" and we still suffer from the botnets and friends & family pestering us to sort out the shit storm they have brought upon the digital world.

So really you have to make the manufacturers somehow responsible with enough clout that they act.

Paul Crawford Silver badge

Make the supplier / importer responsible for the consequences of bugs that remain unpatched after, say, 1 month and for 5 years after end of sale. I'm sure it would focus minds on security and patching systems beautifully.

As for stifling innovation, at what point is collateral damage sufficient to stop marketing muppets from adding ill-thought out and supported features? Financial pain is probably the only incentive. Or jail time.

UK rocket-botherers rattle SABRE, snaffle big bucks

Paul Crawford Silver badge

Re: Satellites

The main "punishment" the UK will get is a result of stupid politicians and those who voted from them. You don't need to punish someone who is beating themselves so effectively.

But otherwise you probably are right in terms of future job losses, just not in terms of the real reason.

Paul Crawford Silver badge

Re: jw@resthaven.org.uk

Also you have used less fuel in the initial stage with maximum launch mass and highest air resistance. I suspect that leads to a huge increase in payload/cost ratio.

What most people think it looks like when you change router's admin password, apparently

Paul Crawford Silver badge

Re: "why would you use your own?"

Dozens of reasons: your own control of firmware, no back-doors, ability to set up different wifi networks for guest and own use, custom firewall rules, maybe running a VPN end point in it, etc, etc.

Fear the Reaper: Man hospitalised after eating red hot chilli pepper

Paul Crawford Silver badge
Gimp

"You eat one, suffer a bit, recover and 10min later your brain is telling you to eat some more."

Sounds a bit like visiting a dominatrix =>

UK.gov expected to quit controversial harvesting of schoolchildren's nationality data

Paul Crawford Silver badge

Re: Rotated children

Just ask them - the hips don't lie

VMs: Imperfect answers to imperfect problems, but they're all we have

Paul Crawford Silver badge

Hardware Obsolecence

Another very good reason for VM use is to get round the lack of drivers for ancient OS to match modern hardware. In many cases you can get "immortal" hardware as the VM sees little if any changes to the machine upon which it runs.

Of course one would not want to use an out of date OS, but in the real world you may well have some very expensive / difficult to replace software that works just fine on wk2 for example, but would be way too much cost/trouble to replace and run on a current OS.

Azure needs extra security controls before it's fit for government use, says Australia

Paul Crawford Silver badge

Re: "additional configuration and security controls"

I wondered if this has anything to do with the odious CLOUD act and the Aussies wanting to be damn sure Uncle Sam can't extract data without them knowing.

They're back! 'Feds only' encryption backdoors prepped in US by Dems

Paul Crawford Silver badge

Re: The ultimate vapour-ware

And a little salt

Paul Crawford Silver badge

So at what point will legislation force all public servants and politicians to use the "magical" proposed system and only the proposed system?

After all if it is secure and never going to be abused then they have nothing to worry about and surely will be delighted.

There's security – then there's barbed wire-laced pains in the arse

Paul Crawford Silver badge

Re: Conflicting Advice

OK so lets say you force your users to change passwords every 30 days, and even more assume this does not lead to piss-poor practice in terms of post-it notes, easy-to-guess choices or IT support getting lax in terms of vetting those requesting a reminder/renewal: Now you have an average time from breach to password change of 15 days.

Do you really think that any competent bad guys won't have totally screwed your systems in under 15 days? Not put in shadow accounts and/or key-logging software? Not used network access to compromise all those unpatched* devices you don't/can't have AV on like printers, IoT crap, etc?

So how much more useful is this compared to password changes one per year or only on employee changes or suspected breaches?

[*] when did you last get an update for any of your printers with built-in web servers?

Apple, if you want to win in education, look at what sucks about iPads

Paul Crawford Silver badge

Re: Walled Kindergarten

The name is Bond, Basildon Bond.

Paul Crawford Silver badge

Re: @AC

"People also moan when kids show no interest in STEM subjects"

I doubt that arsing about with animated emojiis is going to make anyone interested in STEM.

Taking said expensive iPads apart, now that might get some interest...

Politicos whining about folks' data rights ought to start closer to home

Paul Crawford Silver badge

Re: It's just data warehousing all over again

For some reason I read that as "whore housing"

Why you shouldn't trust a stranger's VPN: Plenty leak your IP addresses

Paul Crawford Silver badge

Re: IPv6

You really should be checking your config, etc. Sadly IPv6 leaks are all too common: many VPNs simply disable v6 as a quick solution to that issue.

Paul Crawford Silver badge

Re: WebRTC

The usual VPN check sites such as https://ipleak.net/ already report on WebRTC activity.

But as you say, who really uses it?

Brit Lords start peer-to-peer wrangling over regulating the internet

Paul Crawford Silver badge

Re: Oh no ...

And how is that different from the house of commons?

Please no Basic Instinct flashing, HPE legal eagles warn staffers

Paul Crawford Silver badge
Coat

Ah yes, my kilt worn* the traditional way.

Thanks, mine is the Prince Charlie jacket =>

[*] of course when a Scotsman is asked what is worn beneath his kilt the correct answer is "Nothing, its all in perfect working order".

Uber self-driving car death riddle: Was LIDAR blind spot to blame?

Paul Crawford Silver badge

The question being asked as fsck-all to do with why she chose to cross there, or it being night time. The key point is the car totally failed to see her and make any attempt to stop.

Uber execs should be facing jail time for this: they have shown the sort of negligence in design and system testing that lead to a death. Having some low-paid meatbag sit there with the hope of taking over in the event of a fault is something already ridiculed in tech circles such as El Reg, and yet that seems to be their approach to checking the sensor system could detect all reasonable risks.

Did the FBI engineer its iPhone encryption court showdown with Apple to force a precedent? Yes and no, say DoJ auditors

Paul Crawford Silver badge
Joke

Re: useful idiots in politics

Come now! All good politicians know that π=22/7

Fed up with Facebook data slurping? Firefox has a cunning plan

Paul Crawford Silver badge

Re: While Facebook Container may help a bit, it has limitations.

No, this is still very important because some people actually do different things on facebook compared to the rest of the web they access.

Yes, I know that is a strange idea that there are people who won't spunk their entire life and thoughts on the modern idiot-box replacement, but it is apparently true. By locking out cookie / "like button" tracking they are making a good start.

Next think they should be addressing is browser fingerprinting. Just how much information is really needed to make a usable web site interaction? My guess is very little compared to what is currently offered, so they should stop reporting non-generic stuff like installed fonts, plugins, display size, etc. While some info might be useful, having only a dozen or so browser permutations from Firefox would be a major step forward in terms of privacy and a useful selling point over Google/MS offerings.

Fatal driverless crash: Radar-maker says Uber disabled safety systems

Paul Crawford Silver badge

Re: The Shape of Things to Come...

"So you want to make a life-saving technology too expensive to use?"

I think we have just seen it doing quite the opposite.

Paul Crawford Silver badge

Re: The Shape of Things to Come...

"why do you think autonomous vehicles would be any different?"

Because those behind it should be facing jail time for injury or death unless they can show the highest standards for safety-critical code. You know, like the aviation industry does.

What, that will make it too expensive to get rid of human taxi drivers?

Sadly we have reached the point where software suppliers/licensor/whatever need to be held to account for a shitty job. Just now they can fob off all sorts of liability under the EULA, but cars are different - they actually do kill people when it goes wrong as we are sadly now discussing.

What the @#$%&!? Microsoft bans nudity, swearing in Skype, emails, Office 365 docs

Paul Crawford Silver badge

Re: What that tells us about Skype?

That was my thought - how do they know or verify if you have been using foul language on Skype?

Doh, of course just take a look at the voice-to-text slurp logs...

Parents blame brats' slipping school grades on crap internet speeds

Paul Crawford Silver badge
Trollface

@LucreLout

You are obviously new to this site:

https://www.theregister.co.uk/2014/06/27/slab_fondling_becomes_xrated/

Manchester Arena attack: National Mutual Aid Telephony system failed

Paul Crawford Silver badge

Re: Holy **** you can't make this stuff up.

You could post them to NI to deal with Brexit there?

You won't have time to make a splendid cup of tea before the resignation letter is on your desk...

Astro-boffins find new type of super-fast supernova

Paul Crawford Silver badge

Re: "absolutely phenomenal"

I think the term you were looking for was "astronomical":

https://what-if.xkcd.com/73/

UK smut overlord declares age checks should protect users' privates

Paul Crawford Silver badge

Re: @Johndoe132

It depends on your goals, budget and technical skills.

One advantage of most VPN providers is they in effect run NAT so your traffic shares an IP address with many other users, providing ether (A) plausible deniability, or (B) a noise-like signature for any advert tracking.

As for "no logging" then sure you don't log if you don't want to. But are Amazon are not tracking traffic to your rented instance?