* Posts by Pascal Monett

16645 publicly visible posts • joined 10 Apr 2007

150 infosec bods now know who they're up against thanks to BT Security cc/bcc snafu

Pascal Monett Silver badge

Re: Everyone has done this at least once

No, I haven't. Ever. The fact that I don't use Outlook might have helped, from the look of things, but first and foremost I actually pay attention when I reply to or write an email.

There's also the fact that never use Reply To All - my ego is not of sufficient size to believe that everyone is interested in my response.

Maybe, some time in the future after my brain aneurysm I might, but up to now my record is spotless on that account.

Gas-guzzling Americans continue to shun electric vehicles as sales fail to bother US car market

Pascal Monett Silver badge

I do believe that the Tesla is actually better suited to European travel distances. Here in 30km, you can actually reach another major city. In the US, you've barely exited the suburbs of the city you're in.

I see a few Teslas going to and from work. Not saying they're popular, but there are quite a few around.

Boeing comes clean on parachute borkage as the ISS crew is set to shrink

Pascal Monett Silver badge

"That beast was, of course, hugely expensive and entirely unsustainable in its final form"

Yeah, but it was also fucking awesome and it could lift 140 metric tons into orbit.

Today's best lifter would apparently be the Falcon Heavy with up to 50 tons (taking into account only those rockets that have actually lifted something into orbit).

There are a number of rockets promising to approach the venerable Saturn V's record, but none of them exist anywhere except on paper yet, so we'll just have to wait and see.

DXC's new boss has quite the cleanup ahead after frankenfirm exits Q2 nursing $2bn loss

Pascal Monett Silver badge

I wish him luck, for the employees' sake

"Our people need to be clear about their career path at DXC"

Oh, the path was quite clear before : the exit was right there. It's going to be one hell of a job to regain employee trust and demonstrate that management has indeed changed, if that is the case. Still, at least the are words about employee retention, that's a first change.

If this Salvino guy does turn DXC around, in mentality and not just profits, then I might well consider myself impressed.

Because he's starting pretty far down, one must admit.

Despite Windows BlueKeep exploitation freak-out, no one stepped on the gas with patching, say experts

Pascal Monett Silver badge

As usual it's the effin' CEO himself that is the problem.

IT truly is a domain where a little knowledge is worse than no knowledge at all.

I'm still not that Gary, says US email mixup bloke who hasn't even seen Dartford Crossing

Pascal Monett Silver badge

Yeah, why can't The Reg have a simple Contact form ? It's not all that difficult (done it myself).

Pascal Monett Silver badge

Re: Can I get you to do Morrisons as well?

That is likely the responsible answer. If the user is legitimate, then it is indeed up to the user to correct any profile mistakes.

Unfortunately, that means that you are subject to the whims of a nitwit that couldn't enter his own phone number properly.

If it sounds too good to be true, it most likely is: Nobody can decrypt the Dharma ransomware

Pascal Monett Silver badge

Re: Rakhni Decryptor is designed to decrypt files encrypted by Dharma Ransom.

Well, they do specify that the tool was made by Kaspersky Labs.

Pascal Monett Silver badge

It's not just the bogus wording

1) Their website is not good. They claim to have international clients, and only show three logos, none of which point to a testimonial from the website of the company in question. Oh, and they use the same guy on the two pics that show people - looks like they don't have all that many techs available.

2) They brag, that's not professional.

3) They tout a 100% success rate in "decrypting, analyzing and preventing ransomware attacks", which is simply ludicrously impossible.

4) Their testimonials are badly written, with the same kinds of mistakes across several "different" entries.

I look at that website and the wording itself screams "scam!" at me.

Pascal Monett Silver badge

Wasn't Travolta, it was Wolverine - but without the bushy sideburns.

That said, Swordfish was great entertainment.

Uber CEO compares pedestrian death to murder of Saudi journalist, saying all should be forgiven

Pascal Monett Silver badge

Don't be ridiculous

The amount of data collected by Facebook is several orders of magnitude greater than Uber gets.

Facebook has 15 datacenters and has spent a billion dollars on the technology. You don't make that many without the data that they need to store.

Uber, on the other hand, has not built any datacenters, and spends less than $250 million annually on hosted equipment.

It is therefor obvious that Facebook is getting more data than Uber.

Without any apparent irony, Google marks Chrome's 'small' role in web ecosystem

Pascal Monett Silver badge
FAIL

How delightful

Is it any surprise that a Google-hosted event to talk about how great Google is has people mouthing nice words about privacy while defending ads and the data collection it implies ?

Of course not. Obviously engineers are trotted out to reassure people : look how reasonable we are ! We know privacy matters !

You mouth the words, but you're working for the biggest ad giant on the planet. You fool no one.

Google brings its secret health data stockpiling systems to the US

Pascal Monett Silver badge

Yup, you nailed that : people are rubbish at proper document handling and storage. Oh sure, there' the odd exception - like my wife actually, but generally speaking papers are to be stuffed in a closet and forgotten, or judged useless and thrown out. Medical records ? Why would I keep a five-year old bill from my local pharmacist ?

Medical documents are much better in the hands of medical professionals. That does not include Google, even if they hire a "Chief Medical Officer". Is that person even a doctor ? Well I'll be damned, she is. And the head of Google Health is as well. I hope that's a good sign, but that still doesn't make Google a medical company.

Microsoft embraces California data privacy law – don't expect Google to follow suit

Pascal Monett Silver badge

"our commitment to provide robust protection for every individual"

That dates way back to the apparition of GDPR, yeah. Oh, and the jury is still out on whether or not Office 365 is GDPR-compliant, might want to clear that up.

Oh well, at least Microsoft is paying lip service to the notion of privacy. We'll just have to wait for the inevitable cock-up to find out how much it is fooling around behind our backs.

SpaceX flings another 60 Starlink satellites into orbit in firm's heaviest payload to date

Pascal Monett Silver badge

Agreed, but the alternative is another government-funded space program and, to do so, more taxes because NASA is already rolling on three wheels instead of the six it would need to actually get things done.

So, the future of space is Capitalism, and that means profit. I don't like it either, but that's where we're going.

'That roar is terrific... look at that rocket go!' It's been 52 years since first Saturn V left the pad

Pascal Monett Silver badge
Pascal Monett Silver badge

Excellent response. I was going to link to a video on a YouTube channel (Curious Droid) that talks about just that problem and outlines everything you have said, but I do not have the access to do so where I currently am.

You can look at the channel and find it though, so if you're interested . . .

Double downtime: Azure DevOps, Google cloud users put the kettle on

Pascal Monett Silver badge

In time, I'm sure Cloud will be great

Right now we're still learning the ropes. I am convinced that Cloud is complicated, and DevOps, go fast and break things, and all the new thingamabobs they keep adding to remain "competitive" are certainly not helping in the stability and availability sides of the operation.

In twenty or so years, when the long-toothed DevOps guys have actually gained the wisdom of experience, I'm sure Cloud progress will be at a much more sedated pace, and availability will be up there with the famous Five Nines.

But first, we're going to have to live through the breakneck (and neck-breaking) pace of those young whippersnappers who have to invent everything Right Damn Now and get it into production yesterday.

I'll keep my data on my own network during that time, thank you very much.

Hyphens of mass destruction: When a clumsy finger meant the end for hundreds of jobs

Pascal Monett Silver badge

Re: AS400 issues

More importantly, the improved procedures and color-coding of sessions likely ensured that confusing what they were working on would have much less a chance of happening, thus protecting critical data from untold horrors in the future.

Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it?

Pascal Monett Silver badge

Re: Ubuntu, Redhat

Only if you enable it, which is just like Firefox asking you if you want to participate.

In other words, do not confuse the Linux world with Windows or IoT shite. They're not the same . . . yet.

Pascal Monett Silver badge

Re: at least they admit it

Yeah, just like a guy getting caught running a red light admits it to the cops who caught him red-handed.

Sorry bud, but admitting it in this case is not getting them any brownie points. It would have been simple to include a question at install time, collecting performance data is not something new and a lot of programs and other things offer to participate, so why did they think they were above that ?

They're not, and they deserve the fallout.

UK Home Office: We will register thousands of deactivated firearms with no database

Pascal Monett Silver badge

"no requirement of 'registration' for deactivated firearms"

Right, so people are automatically going to volunteer the information that they had a deactivated firearm. Sure. That will in no way bring attention to them, there will be absolutely no investigation launched into people who "notify" several weapon transfers, and nothing bad will ever come to the people involved.

Come on, you don't require registration of such weapons, why do you suddenly need notification of change of ownership ? That is equivalent to saying that someone else now has it, which is the same as a registration in that person's name.

Might as well impose ID cards.

What do you get when you allegedly mix Wireshark, a gumshoe child molester, and a court PC? A judge facing hacking charges

Pascal Monett Silver badge

She did not suspect the IT department, she suspected a District Attorny.

So yeah, she should have gone through the IT department.

Looks like we have a judge who has been watching too many police shows on TV.

Surveillance kit slinger accused of slapping 'Made in America' on Chinese gear, selling it to the US government

Pascal Monett Silver badge
Coat

"some of the allegedly dodgy gear contained known security vulnerabilities"

Ha ha ha ha ha haa !

"some"

Pfft!

HA HA HA Ha Ha Haaa !

Google throws new version of Dart at the desktop, will be hoping it sticks with app devs

Pascal Monett Silver badge

Always bet on Javascript

Oh, but I always do. I always bet that there will be some JS somewhere that is just waiting to pounce on my machine and screw it up.

That is why I use NoScript.

ZTE Nubia Z20: It's £499. It's a great phone. Buy it. Or don't. We don't care

Pascal Monett Silver badge

If you can replace your laptop with a phone, you're not doing much with either.

One day, maybe, when we have finally discovered how to make room-temperature superconductors that will allow us to push processors past 4GHz, we might get computing platforms with the power of a mainframe and the size of a phone, but there is no phone today that can match an i7-powered laptop with 16GB of RAM and a 500GB SSD.

Not one.

To avoid that Titanic feeling, boffins create an unsinkable hydrophobic metal with laser power

Pascal Monett Silver badge

Probably, but I wouldn't mind a plated coat :)

I' have to remember to not take it aboard though . . .

Here are some deadhead jobs any chatbot could take over right now

Pascal Monett Silver badge
Thumb Up

"We have photos"

Brilliant !

California’s Attorney General joins the long list of people who have had it with Facebook

Pascal Monett Silver badge

That is an interesting article, but I didn't read anything in there that contradicts what I said. Facebook is not going to be investigated under the first reason of statutory alignment with social security or state unemployment schemes. Neither is Facebook being investigated for fraud, and Facebook is really, really far from being bankrupt.

As I said, Facebook management is practically immune from legal reprisals.

Pascal Monett Silver badge

Re: How do they get away with not complying with legal orders

Because Facebook is an enormous corporation that gives a lot of lobbying money and campaign fund support, so it will not be treated like you or me, simple citizens.

Then there's the fact that Facebook has it's own army of lawyers who would fight an incarceration tooth and nail, and probably without much trouble.

Finally, there's the fact that jailing company executives for doing the company's bidding is simply not in the law. You fine the company after a lengthy lawsuit, but the people in it are all but immune unless they commit a real crime (ie killing someone, insider trading or such, that cannot be excused by the company).

So what is needed is a change in the law, making executives personally responsible for the behavior of the company - and that is whole other ball game.

When the IT department speaks, users listen. Or face the consequences

Pascal Monett Silver badge
Trollface

Ah, finally a happy ending.

Pascal Monett Silver badge

You can, but it is a tedious process of clicking the Properties and fiddling in the tabs.

And it took from Windows 3.11 to Windows 7 for Microsoft to understand that such functionality was necessary.

Blood, snot and fear: Why the travelling lone tech reporter should always knock twice

Pascal Monett Silver badge

Interesting problem

How is it possible for a computer to allocate a room that is already occupied ? It should indeed be a computer problem because I very much doubt that there is any booking system where the clerk can override room status on an occupied room - that way lies madness.

So there clearly is a bug in the system, but what on Earth could it be ? The database is corrupt ? The system got hacked and nobody's noticed yet ?

Anyone got any ideas ?

Pascal Monett Silver badge
Trollface

How considerate of him.

We're almost into the third decade of the 21st century and we're still grading security bugs out of 10 like kids. Why?

Pascal Monett Silver badge

The task sounds enormous

So, two low-scoring vulns could be combined into one big problem. Sure, theoretically, but how do you evaluate just how many low-scoring things can be combined and in what way, before you can rate all of them properly ?

Security is always in hindsight. We know to look out for privilege escalation issues because some hacker one day taught us that it worked. We have a body of knowledge today that is certainly impressive, and it will be one hell of a task to knit all that knowledge together to create a proper rating system, but there is no such thing as automating the risk evaluation - it has to be analyzed by a human. Humans don't know everything, and are rather bad at taking into account hundreds of parameters at once.

It is obvious the CVSS is not very valuable, but crafting a good replacement is going to be a massive headache. And yet, it should definitely be done. Good luck with that, then.

Intel insists Xeon vs Epyc benchmark fight was fair, amends speed test claims anyway

Pascal Monett Silver badge

"Intel [..] would not intentionally mislead,"

Funny you should say that, given how many times you've already been nailed to the post for misleading reporting on performance. So either you employ incompetent people to draw up your reports, or you don't do enough reviewing before publishing, or . . you're marketing efforts are a bit too zealous (yeah, let's put it that way).

This kind of behavior is quite common in the industry, just look at the continual skirmishing between NVidia and AMD on the graphics side of things. AMD is always being forced to defend the performance of its processors in all domains, because AMD is a worthy contender and we need AMD to keep everyone else in line.

IT is the one domain where the numbers should not lie. Thanks to AMD for their continual efforts to keep it that way.

NPM today stands for Now Pay Me: JavaScript packaging biz debuts conduit for funding open-source coders

Pascal Monett Silver badge

Re: getting hacked to change the funding link to one not controlled by the authors

Yup, when I read the words "all you need to do is set up a funding URL" I immediately thought "and all the hackers have to do is hijack that".

I totally agree on the principle, but JavaScript being the most hijacked thing in the IT world, I can't see how that will not attract all kinds of scum.

Still, at least they are trying something.

Open wide, very wide: Xerox considers buying HP. Yes, the HP that is more than three times its market cap

Pascal Monett Silver badge
Facepalm

Only in the business world

An $8bn company starts talking about buying a $27bn company. Reality stares back and says "Nope".

If I had $8000, I could conceivably persuade my banker to loan me another $20000 to buy a $28000 car, but even if I had $80000, I don't think my banker would loan me $200000 to buy a $280000 house. Not at my age and not on my salary.

So what is the real reason behind this pie-in-sky thinking ? Xerox can re-evaluate its cash flow, redo its financials six ways to Sunday, it doesn't and will never have the cash or the means to match HP's weight.

The whole affair is nonsense.

Leeds IT bloke pleads guilty to hacking Jet2 CEO's email account

Pascal Monett Silver badge

"statistically speaking, he is unlikely to end up behind bars"

Maybe, but he's also unlikely to ever work in IT again in a professional capacity. It's time for a career change - whether he wants to or not.

What is this, 1989? Laplink is still a thing and wants to help with Windows 7 migrations

Pascal Monett Silver badge

Re: external USB hard drives

You do realize that hard drives are not backups ? They are subject to failure, magnets, and various other risks.

An optical disk is the only proper backup. Keep it in the shade at reasonable temperature and your photos will still be viewed decades from now. I suggest a BluRay writer and buying the 50GB disks. They are a bit more expensive per GB than the 25GB disks, but hey, double the storage is worth it.

Controversies aren't Boeing away for aircraft maker amid claims of faulty oxygen systems and wobbling wings

Pascal Monett Silver badge

"implemented corrective actions"

In other words, the whistle-blower was right, and he was right to blow the whistle.

That is what happens when cost and schedule get top priority over security. I hope that not too many people risk dying because of some zealous beancounter.

Bad news, developers: Apple Mac App Store tells cross-platform Electron apps to get lost

Pascal Monett Silver badge

The problem is not in private APIs or not. The problem is the rule said do not use them, developers used them and got away with it for a while, building their base and reputation, and now boom, no more private APIs.

That is not consistent. The developers should never have been able to post those apps in the first place. That would have been consistent.

After that, if you don't like it is another matter entirely. But if you ban them then you ban them from the start, not after a few years of saying so.

Pascal Monett Silver badge

"a rule long ignored is now being enforced"

And therein lies the rub : consistency. Apple is well-known for wanting to control everything, but how it controls is not consistent. It is useless to lay down a rule if you only enforce it after years of ignoring it. That is how you get backlash and discontent among your user base.

Of course, it may be that Apple has decided it doesn't care, but the lapse between declaring the rule and enforcing it is just sloppiness. When a company decides to only accept Word files as job submissions, you can bet that it won't let the first 20 PDF files through anyway, just because. No, those PDF files are going straight to the round filing cabinet and those who submitted are likely never even going to hear about it.

Three UK does it again: Random folk on network website are still seeing others' account data

Pascal Monett Silver badge
Flame

"fewer than 10 customers"

Oh, so that's all right then, nothing to see here.

Move along, move along.

GitLab mulls ban on hiring Chinese and Russian support staff because 'security'

Pascal Monett Silver badge

Re: Nothing to see here

When did GitLab become a defense contractor ?

Pascal Monett Silver badge

Re: I'm a bit confused...

Where in the article was outsourcing mentioned ?

The article is about (not) hiring, not outsourcing.

In a world of infosec rockstars, shutting down sexual harassment is hard work for victims

Pascal Monett Silver badge
Unhappy

It is disheartening

It is disheartening and despicable to realize that we are in the 3rd Millennium CE and there are still men who treat women as objects to be acquired, without acknowledging that they are also people.

I do not understand that mentality. If you really think a woman is just an object, then go buy yourself a Real Doll. You'll have exactly what you want and women will have what they want : not you.

Tech and mobile companies want to monetise your data ... but are scared of GDPR

Pascal Monett Silver badge

"your data for what"

These days, it would seem that the ability to post inane tweets, a picture of your meal or some other equally useless thing is quite enough to validate the usage of people's data.

The only reason we're having this discussion is because people don't actually care what they are being used for on the Internet. There appears to be a general approach of "I can do whatever I want, there are no consequences and I will use anything that is free without thinking".

As long as the majority think that way, companies will be able to get away with a lot. That is why GDPR is likely the best thing to happen to the Internet in general. Only the fines will keep companies in line.

OneCoin lawyer trial kicks off in NY as cryptocurrency founder remains on the lam

Pascal Monett Silver badge

"get in on the ground floor of what she claimed would be the next Bitcoin"

But it is the next Bitcoin : a refined Bitcoin, without all the hassle of having to manage tokens and deal with exchanges.

No, this is just pure "gimme the dough and shove off".

Heads up from Internet of S*!# land: Best Buy's Insignia 'smart' home gear will become very dumb this Wednesday

Pascal Monett Silver badge

Ah, yet another joy of IoT

All the wonderful things that come with "smart" now also include "the provider can shut it down without your consent". Just like all those defunct music services where you thought you buying music tracks, remember ?

Man that really encourages me to dash off and purchase all that smartness.