* Posts by Alan J. Wylie

645 publicly visible posts • joined 21 Aug 2009

Page:

Dell BIOS update borks PCs

Alan J. Wylie

Re: So to get zero stars

turn planet earth to a blackened cinder

That would be a Class 6, to totally eliminate the stars would be an X3

Alan J. Wylie

Dell BIOS update may be a security fix

It is generally acknowledged that BIOS updates should only be applied to fix a known issue. In this case, however, for some Dell systems, the issue is the Intel AMT remote security vunlerability: CVE-2017-5689

This affects at least one laptop to my personal knowledge: Dell XPS 15 9560

Just 99.5 million nuisance calls... and KeurBOOM! A £400K megafine

Alan J. Wylie

His address will be public

He seems to have had several addresses, all in the same area of a certain university city. The question is which is the most recent and whether it is still valid? Has he been renting accommodation?

Taiwan government to block Google's public DNS in favor of HiNet's

Alan J. Wylie

"router overload"

$ telnet bofh.jeffballard.us 666

Your excuse is: Root name servers corrupted.

Lyrebird steals your voice to make you say things you didn't – and we hate this future

Alan J. Wylie

Re: Program for a puppet

Program for a puppet (Roland Perry)

<googles> - Ah - not the Roland Perry who worked on Amstrad computers, but an Australian author.

Jimbo announces Team Wikipedia: 'Global News Police'

Alan J. Wylie

Team Wikipedia: 'Global News Police'

WIll the front page look like GeoCities, but when you click through everything is the latest HTML5? And will there be diversionary gratuitous extreme obscenity?

CensorDecoy

IT error at Great Western Railway charging £10k for 63-mile journey ticket

Alan J. Wylie

British Rail and their legendary sandwiches

Don't forget the cans of Ruddles County

Ex-IBMer sues Google for $10bn – after his web ad for 'divine honey cancer cure' was pulled

Alan J. Wylie

Blimey, did you know? It's World Backup Day. But... surely every day is world backup day?

Alan J. Wylie

Cheap USB flash sticks

As well as a couple of on-line backups of my data, for several years I've carried a LUKS encrypted 64GB USB flash stick around with me. New photos have caused the amount of data to grow, so I recently bought a 128GB drive. It encrypted OK, then formatted as ext4, and the rsync worked OK for a while, then it started throwing errors and became unusable.

I can only assume that recent cheap USB sticks concentrate the wear levelling of erase blocks in the areas used by the FAT, and having file metadata stored anywhere else, as any other filesystem format will do, will cause rapid damage.

A quick google later, I've just found this site: How to Damage a FLASH Storage Device which confirms my suspicions.

BDSM sex rocks Drupal world: Top dev banished for sci-fi hanky-panky

Alan J. Wylie

Re: HOUSEPLANTS OF GOR

Is it safe for me to click on that link at work?

Should be safe enough, so long as the phrases "muchly watered" and "hanging basket" aren't going to trip a content filter.

Alan J. Wylie

HOUSEPLANTS OF GOR

I can't hear mention of Gor without chuckling at the memory of Houseplants of Gor

Google slaps Symantec for sloppy certs, slow show of SNAFUs

Alan J. Wylie

Re: Symantec's response

https://www.symantec.com/connect/blogs/symantec-backs-its-ca

So close, so very close.

Not "completely baseless", but rather "irresponsible" and "exaggerated and misleading".

Also: "remain committed to the security of the Internet"

A router with a fear of heights? Yup. It's a thing

Alan J. Wylie

Cheyenne Mountain Complex

The State Capitol building in Denver, Colorado, has mile high (5280 feet, 1609m) elevation markers on its steps. Most of the more populated areas, e.g. Boulder and Colorado Springs are at about 1600m, but the Air Forces Cheyenne Mountain Complex (NORAD, and where the Stargate is kept) is at about 7200 feet / 2200m. We don't want that bursting into flames!

Twitter app pwned by pro-Turkey hackers: Users' accounts sling 'Nazi' slurs

Alan J. Wylie

Will we still be sending our F35 fighter engines to Turkey for maintenance?

https://www.theregister.co.uk/2016/11/11/uk_f35s_heavy_overhaul_says_us/

Microsoft: Can't wait for ARM to power MOST of our cloud data centers! Take that, Intel! Ha! Ha!

Alan J. Wylie

Re: You've come a long way, baby

That brings back memories. It's not quite 30 years (June 1987) since Tim and I started porting 1st Word Plus to the Archimedes.

Who would have thought it, especially after MS dropped support for MIPS, etc. after NT4.

WordPress photo plugin opens 'a million sites' to SQLi database feasting

Alan J. Wylie

Lots more WordPress plugin vulnerabilities disclosed yesterday

At the Summer of Pwnage site: https://sumofpwn.nl/advisories.html

KCL external review blames whole IT team for mega-outage, leaves managers unshamed

Alan J. Wylie
Joke

"multiple copies with identical hash sums"

I hope those weren't SHA-1 hashes.

shattered.io

Coming to the big screen: Sci-fi epic Dune – no wait, wait, wait, this one might be good

Alan J. Wylie

Chris Foss's artwork and a little known fact

The artwork is so obviously by Chris Foss, as any avid reader of Science Fiction in the 70's will recognise.

http://www.chrisfossart.com/ confirms it.

Little known fact: he also did the artwork for The Joy of Sex.

Google mistakes the entire NHS for massive cyber-attacking botnet

Alan J. Wylie

Re: Google Captcha

I was prompted by an "I am not a robot" page this morning. I haven't seen one of those at work for ages. Perhaps Google has tweaked some of their detection settings?

I'm deadly serious about megatunnels, vows Elon Musk

Alan J. Wylie

Constructed from Stainless Steel?

President Trump tweets from insecure Android, security boffins roll eyes

Alan J. Wylie

Sean Spicer too

He's White House Press Secretary, and has just tweeted "n9y25ah7". His password perhaps?

https://twitter.com/evanoconnell/status/824614832691355648

I've got a brand new combine harvester and I'll give you the API key

Alan J. Wylie

+1

I was going to post the same Wired link. I'd just like to make sure the words "Copyright Office" are mentioned here and note that they have pushed back to allow DMCA exemptions for automotive software.

My hole is a private thing – see for yourself

Alan J. Wylie

Re: Public Hole

Fill That Hole is an alternative pot-hole-filling site:

http://www.fillthathole.org.uk/

Mozillans call for new moz://a logo to actually work in browsers

Alan J. Wylie

about:mozilla

The twins of Mammon quarrelled. Their warring plunged the world into a new darkness, and the beast abhorred the darkness. So it began to move swiftly, and grew more powerful, and went forth and multiplied. And the beasts brought fire and light to the darkness.

ProtonMail launches Tor hidden service to dodge totalitarian censorship

Alan J. Wylie

Certificate Transparency Log entry

https://crt.sh/?id=78086775

What's the biggest danger to the power grid? Hackers? Terrorists? Er, squirrels

Alan J. Wylie

Laser beam sky mirage cannon can spy on enemies and generate Star Trek-style shields

Alan J. Wylie

Re: Can't you...

Might work, if you pulsed the light source in synchronisation with the compressions of the wave.

Alan J. Wylie

Re: All over the place

Trinity Mirror

Even funnier if you are aware of the event on July 16, 1945

Stanford boffins find 'correlation between caffeine consumption and longevity'

Alan J. Wylie

Re: Still something missing for my lifestyle..

Does it have hot chili peppers on it?

The Association of Hot Red Chili Pepper Consumption and Mortality: A Large Population-Based Cohort Study

You have the right to be informed: Write to UK.gov, save El Reg

Alan J. Wylie

Shiva Ayyadurai and Techdirt

https://www.techdirt.com/articles/20170111/11440836465/techdirts-first-amendment-fight-life.shtml

Shiva Ayyadurai is suing Techdirt for $15M over their comments on his claim that he invented e-mail.

http://fortune.com/2017/01/05/email-inventor-techdirt/

GoDaddy revokes 9,000 SSL certificates wrongly validated by code bug

Alan J. Wylie

mozilla.dev.security.policy posting

https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/Htujoyq-pO8/uRBcS2TmBQAJ

3... 2...1... and 123-Reg hit by DDoSers. Again

Alan J. Wylie

Re: I'm with 123reg

I can recommend http://www.gandi.net/

Memo to self. Must move my 123-reg domains over.

Amazon files patent for 'Death Star' flying warehouse

Alan J. Wylie

If they have a 3D printer on board, they will be possessing the ability to recreate an exact likeness of an object ...

Bad news: Exim hole was going to be patched on Xmas Day. Good news: Keyword 'was'

Alan J. Wylie

Xmas day after all

http://seclists.org/oss-sec/2016/q4/744

As at least one major distro isn't ready yet, we'll keep our initial schedule and release the fixed versions on Dec, 25th, 10:00 UTC.

Major outage at broadband biz 186k

Alan J. Wylie

Accounts overdue

They seem to have flip-flopped company names between LIGHTSPEED COMMUNICATION and 186K in July, but the accounts for both companies are overdue since the end of November.

https://beta.companieshouse.gov.uk/company/04937421

https://beta.companieshouse.gov.uk/company/03744335

Europe to launch legal action against countries over diesel emissions cheating

Alan J. Wylie

"the best available technology"

Or more probably, CATNAP: Cheapest Available Technology Narrowly Avoiding Prosecution

Privacy is theft! Dave Eggers' big-screen takedown of Google and Facebook emerges

Alan J. Wylie

"enjoy the unreadable EULA as it flashes past"

By visiting the site, you do grant the Circle the right to interfere with the operation or use of your sites through any means or device including, but not limited to, spamming, hacking, uploading computer viruses or time bombs, or any other means.

In applicable states, your family members, including children three (3) years of age and older may be confiscated for failure to comply

Trust us, we're not breaking antitrust laws.

Users may also have their citizenship revoked for failure to comply with the aforementioned community guidelines. If it happens, we'll know.

And Oh, the Irony: <!-- GOOGLE ANALYTICS TAG -->

Alan J. Wylie

Google Conspiracy?

A Google search for "the circle" or "we are the circle" currently doesn't return http://wearethecircle.com/. There are "high quality psychic mediums" in the results, though. Bing is even worse, however - at least Google returns a couple of Wikipedia hits, so I assume the site is just too recent to have been noticed, or highly ranked.

Bletchley Park Trust vows to shore up insecure website

Alan J. Wylie

I've seen far worse

The "F" grade at SSLLabs is due to the same certificate being hosted on a web server elsewhere (this may be their backend server, they are behind Cloudflare) with SSLv2 and export grade (deliberately weakened) ciphers supported. The certificate has a SHA1 intermediate certificate in the chain, so they will need to update it anyway before the major browsers start giving warnings early in the new year[1]. Doing this will help to mitigate the problem, no need for an entire new web site. They should also be either getting the 2nd server turned off, if it is unused, or better secured if it is their backend server.

[1] https://community.qualys.com/message/35468-sha-1-deprecation-countdown

Three to appear in court over TalkTalk hack

Alan J. Wylie

I await the headline

"TalkTalk to appear in court over Three hack"

PoisonTap fools your PC into thinking the whole internet lives in an rPi

Alan J. Wylie

Re: To lock a Linux system down

It only stops *new* modules being loaded. Load any required kernel modules (e.g. usb-storage) first , then lock down.

Perhaps not the right answer for a developer's system, but very useful for e.g. a system in a doctor's surgery, as was mentioned earlier, or a system in a PCI DSS scope.

Alan J. Wylie

To lock a Linux system down

Adding

echo 1 > /proc/sys/kernel/modules_disabled

to a local boot script will stop any more modules being loaded. Unless the driver for the USB is the same as one used by the system (unlikely) nothing will happen when it's plugged in.

https://www.kernel.org/doc/Documentation/sysctl/kernel.txt

Microsoft just got its Linux Foundation platinum card, becomes top level member

Alan J. Wylie

Re: Great news!

I'm glad somebody finally got it...I was beginning to worry that I'd been too subtle.

I went to the comments and immediately searched for "embrace". Well played, Sir.

Adult FriendFinder users get their privates exposed... again – reports

Alan J. Wylie

Interesting passwords

From https://www.leakedsource.com/blog/friendfinder

short:

43: football

59: liverpool

long:

21 equal: youwillneverwalkalone

21 equal: ilovemanchesterunited

(and for the benefit of non-UK readers: You'll Never Walk Alone is the anthem of Liverpool Football Club)

What is it with footballers?

What should the Red Arrows' new aircraft be?

Alan J. Wylie

Re: Hawker Harrier

VIFF

that is all.

UK will retaliate against state-sponsored cyber attacks, Chancellor warns

Alan J. Wylie

SPF, DKIM and DMARC - better late than never

He pointed to the recent rollout of software to cut to zero an estimated 50,000 fraudulent emails a day from hackers purporting to be from HMRC offering tax refunds in order to obtain people's bank details.

This blog post from February details the government's move to SPF/DKIM/DMARC. I assume this is what the chancellor is referring to. Since SPF has been generally adopted since about 2009 and DKIM since at least 2012, what on earth have civil servants been doing all that time?

I've arrived on Mars. Argggh, my back!

Alan J. Wylie

Re: 'simple'solution

<Red Thunder>

Reminds me in some ways of "Welcome to Mars" by James Blish

'Biggest ever' Linux release

Alan J. Wylie

Wrong way round - it's big *because* it will be LTS

Torvalds says the release looks so substantial it's probably destined for Long Term Support status.

Greg K-H has already announced that he intends 4.9 to be the next long term stable. Linus commented on this in the 4th paragraph of his announcement linked to in the original article: people pushing to get their stuff ready

Page: