nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by h4rm0ny

4601 posts • joined 26 Jul 2008

Brit boffins build 'quantum compass'... say goodbye to those old GPS gizmos, possibly

h4rm0ny
Silver badge

unless you were intending to shoot first.

Less of a problem than you might hope. The USA has been pursuing a policy of Nuclear Primacy for some years now. Nuclear Primacy is the capability to first strike so hard there cannot be an effective response. Long, but good, article on this:

https://www.foreignaffairs.com/articles/united-states/2006-03-01/rise-us-nuclear-primacy

3
2
h4rm0ny
Silver badge

Re: It's not a compass.

It's how you get a heading underground if you wanted to eg. dig a tunnel to France.

Why couldn't you use a regular compass to get a heading underground?

2
0
h4rm0ny
Silver badge

Re: It's not a compass.

Additionally, the threat of disrupting or hacking GPS that this addresses isn't just a theoretical one. This is how the Iranians captured a US drone some years ago. They flew another plane over the top of it and broadcast fake GPS signals to it causing it to think it was somewhere else and land.

6
0

Bruce Schneier: You want real IoT security? Have Uncle Sam start putting boots to asses

h4rm0ny
Silver badge

The easy way to avoid the problems with new TVs is to simply never connect them to your network. Then issues like security are nonfactors.

I considered that, but as alluded to in my post, that doesn't always work so well. I tried a Samsung 4K TV and every time I powered it on it would go through this registration rigmarole. You can say later, but not "no". I actually returned the TV because of all the "smart" functionality. I just didn't want the hassle and I didn't trust it.

Or, even better, don't buy a TV at all -- buy a large monitor instead and connect it to a media system.

That's not a bad idea, but a monitor of equivalent size is absurdly expensive and they tend not to have good viewing angles because they're designed for one person. I've considered a projector, though.

2
0
h4rm0ny
Silver badge

Re: 6 years (and counting) for a fridge

"@h4rm0ny is lucky, my £600 one lasted 3 before getting a leak and discharging the coolant. I was quoted £300 for a re-gas with no guarantee it would even work. It's now in landfill."

Name, shame and one-star review them, then. I'd like to know who to avoid next time I buy a fridge.

2
0
h4rm0ny
Silver badge

On the contrary, goods where large improvements have ceased, can and do have lifespans much more than ten years. My TV is a 1080p and ten years old. New technologies like HDR mean an upgrade would have some value, but it's not enough for me to have done so. My cooker is around twenty years old. My fridge is only six years old but there's nothing a new fridge would have that would make me want to replace it. What do all these things have that sets them apart from computers, tablets, et al? The technology has reached the point where you buy for reliability and long-term value rather than new features.

Which is WHY I haven't bought a new TV. Because any new TV that would actually be an upgrade is now saddled with cameras, microphones, an OS (usually based on that famously secure platform Android) and my faith in it still working, being secure and compatible with everything else a decade from now is in the low %. Ditto for any fridge with WiFi or heating system that insists on running from an app on my phone. They may be secure today. They wont be five years from now (let alone ten),

Bruce Schneier is quite correct (as he always seems to be). We have a time-bomb of crappy security waiting for us. I'm personally going to make my TV, Fridge, Cooker, Heating System last the next ten years as well. Hopefully by then I'll be able to buy a TV that doesn't flash "Create your account" messages every time I turn it on until I give Samsung permissions to access it.

25
0
h4rm0ny
Silver badge

Re: America always waits for class action suits

Do you really think IT security policies would be better under Hillary? I mean, ignoring them is kind of what she's famous for!

8
23

That amazing Microsoft software quality, part 97: Windows Phone update kills Outlook, Calendar

h4rm0ny
Silver badge

So that's what happened. I noticed I couldn't open Calendar on my phone - it starts to open and then just shuts down.

I really like the Windows Phone OS. I'm pissed off with Microsoft for dropping it. They may not have had as much initial success with it as they liked but it is a solid OS and ceding the market entirely to Google and Apple is a huge mistake. I've stuck with it since because I like it, but I'm going to have to get an Android phone soon just because nobody writes software for WP anymore.

15
1

Premiere Pro bug ate my videos! Bloke sues Adobe after greedy 'clean cache' wipes files

h4rm0ny
Silver badge

Re: Biz math

But if all that's on premises, you can still lose it all to theft or fire. At the very least you want it in a good fire safe. But then you're taking it out, doing your backups, putting it back in every day. And you know you're going to stick to that.

I would consider backing up to the cloud. And perhaps using something like <a href="https://www.boxcryptor.com/en/>Boxcryptor</a> for confidentiality if you choose.

0
0

HSBC now stands for Hapless Security, Became Compromised: Thousands of customer files snatched by crims

h4rm0ny
Silver badge
Unhappy

Re: it wont do the hackers any good...

What on Earth are they doing in a web app that means it wont run on GNU/Linux?

0
0
h4rm0ny
Silver badge

Re: regular password changes...

Without the token, they won't be able to steal any money, but they can still look.

And that's quite sufficient to cause a lot of problems. I complained to HSBC when they suddenly reduced their security and got one of the most patronising brush-offs I've ever had. I suggested they make the downgraded security ("which our customers love for its convenience, please install our mobile phone app") optional, but not a chance.

0
0
h4rm0ny
Silver badge

Voice authentication.

HSBC is the bank that decided Two-Factor Authentication was too much hassle for its customers and now only requires their dongle for things like setting up payments. You can login, view all sorts of financial information without it. They also, and this is the one that really gets me, are really pushing hard on voice authentication. Convince the machine you sound enough like the target and in you go!

0
0

If Shadow Home Sec Diane Abbott can be reeled in by phishers, truly no one is safe

h4rm0ny
Silver badge

"While fraudsters traditionally prey on the gullible and feeble-minded, their wicked ways have ensnared British Labour MP Diane Abbott."

What you did there, I see it! :D :D

But really, where do we rank this? Worse than her "Chaiman Mao did more good than bad" idiocy, her inability to perform a <= operation on numbers greater than a thousand? Honestly, she is not fit to be in charge of anything.

32
4

Macs to Linux fans: Stop right there, Penguinista scum, that's not macOS. Go on, git outta here

h4rm0ny
Silver badge

Re: "secure" boot is *EVIL*

Users can unlock it.

At least if it's Windows where, as the article states, a physically present user must be able to disable it to get Windows certification. That's been the case since the start. Secure Boot is a very valuable security feature.

It's Apple's version that's the problem.

7
1

Lucky, lucky, Westminster residents: Who better to look after your housing benefits than Capita?

h4rm0ny
Silver badge

Links.

If you're going to link to other people's articles as part of your own, can you at least make them publicly accessible ones rather than behind an FT paywall?

And whether you like JRM or not, I'm fairly sure he doesn't decide where he lives based on a £500p/a cost saving.

6
0

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)

h4rm0ny
Silver badge

it's a bit like buying a dodgy toaster from argos. if it fails - your first port of call is Argos, not the toaster manufacturer.

If we absolutely must argue by analogy (which is usually just a way of moving away from the actual facts) then lets make your analogy better. In this case, Argos sold you a kitchen. You brought your own toaster and plugged it in yourself.

2
0
h4rm0ny
Silver badge

@FrogsAndChips Re: manage-bde.exe -status

You're using Windows own in-built encryption. The line "Encryption Method" will be whatever is reported by the disk if it's using that. And whilst the disk could say "AES 256" it would almost certainly more likely say something like "SAMSUNG blah blah blah blah".

0
0
h4rm0ny
Silver badge

Re: "Because MS was just blindly trusting them all, they have to take some of the blame."

It would be interesting to know if MS was testing and vetting SSD encryption from various vendors before approving BitLocker to utilise it, or whether they were just allowing any device that stated that it supported hardware encryption to go ahead. If it's the former, their testing clearly could have been better. If it's the latter, it's a major risk if Bitlocker is allowing untested and potentially insecure hardware encryption to take the place of its own encryption capabilities.

Microsoft could well have tested this and still not found the problem, because the problem isn't with the encryption itself but an exploit on the attached password system. Nothing to do with AES. And these things have been out in the wild for a long time before this vulnerability has emerged and used by far more than just Microsoft. Microsoft is not everybody's parent. If someone plugs in hardware that later turns out to have a vulnerability, MS are not going to tell you at the time you can't use it.

1
0
h4rm0ny
Silver badge

Re: This explains it

Ahh, so that's why sometimes they have 2 people bashing at the same keyboard, to increase the typing speed.

Always a favourite: https://www.youtube.com/watch?v=u8qgehH3kEQ

5
0
h4rm0ny
Silver badge

Re: Perhaps its just as well

So I've ended up with bitlocker using SW encryption. I suspect there are ways around that too, but the customer who's paying the bill insists on bitlocker on the PC.

Well if you know any you should contact Microsoft for a hefty bounty. Bitlocker is very good. The only way "around it" that I know of is if you store a copy of your keys with Microsoft for disaster recovery, which is optional. Basically, if you want to guard against thieves and competitors, it's fine. If you want to guard against the FBI or CIA, keep the keys local (or don't keep a backup at all!).

5
0
h4rm0ny
Silver badge

Re: Really?

You turn on full disk encryption in your corporate standard enterprise grade Windows operating system and it actually doesn't bother but just trusts the unknown crappy made in China hardware encryption.

Just the same as it trusts your TPM module or the security certificates you've installed. Because that's normal. BitLocker DOES allow you to CHOOSE whether or not to use the drive's own on-board encryption. Which uses the same standard algorithms that others use so seems reasonable. If it defaults to using them well, they offer lower energy usage and a smaller performance hit. You can't really blame Microsoft for believing the hardware does what it is supposed to.

Also, Samsung are Korean and their SSDs are generally considered to be industry leaders by most reviewers. Not exactly "crappy Chinese hardware" as you call it.

If anyone wants to quickly check whether their system is using their drives own hardware encryption, run "manage-bde.exe -status" from the command line as administrator. It should say for the encryption method if it's using the drive's.

41
1

Which scientist should be on the new £50 note? El Reg weighs in – and you should vote, too

h4rm0ny
Silver badge

Write In Option:

Charles Babbage AND Ada Lovelace.

0
1

30 spies dead after Iran cracked CIA comms network with, er, Google search – new claim

h4rm0ny
Silver badge

Re: Hmmmm, 2008, 2010 and 2012

>>"Did he actually ever change anything for the better?"

Well, he managed to spend around $10bn on an healthcare website which didn't work, so he made things better for somebody.

2
14
h4rm0ny
Silver badge

Re: Kim Philby

>>In other news.. is it just me or does American foreign policy seem recently like it was borrowed from episodes of Futurama?

Well Trump hasn't:

1/ Funded ISIS and Al-Nusra as Obama did (proven and admitted before you click downvote).

2/ Campaigned for and achieved the bombing and destruction of Libya as Hilary Clinton did (see above).

3/ Is actually willing to engage in dialogue with Russia.

4/ Has managed to bring North and South Korea to the negotiating table for the first time in forever. (credited to Trump by many, including SK's Foreign Minister).

So to answer the question? Honestly, US Foreign policy is a step up from where it was, imo.

8
17

Cray's pre-exascale Shasta supercomputer gets energy research boffins hot under collar

h4rm0ny
Silver badge

Major win for AMD

To get such a major and efficiency and performance critical project swapping to use AMD's Epyc line (essentially the Pro version of Threadripper) is a big PR boost for AMD. A project like this really knows what they're doing so if they think AMD is the way to go, they undoubtedly are right.

1
0

US Republicans bash UK for tech tax plan

h4rm0ny
Silver badge

China trade wars.

We'll likely see trade negotiations between China and the USA suddenly start moving again before the month is out. They're waiting for the results of the mid-terms. If the Republicans do well then China will shrug and start making some concessions because Trump's not going anywhere. If the Democrats surge then China will push harder because Trump will be politically very insecure. Either way, the deadlock is in large part because China is waiting for 6th of November to see how strong a hand Trump has to play.

15
0

Top AI conference NIPS won't change its name amid growing protest over 'bad taste' acronym

h4rm0ny
Silver badge

Re: It was a fair vote!

I call Crap Analogy time. Big difference between being eaten and not thinking a simple acronym is denigrating you. If it spelled out the N-word or something, sure - because that's extreme and looks contrived. But this is not.

Other way your analogy is bad is that the chicken in this case (political feminists) is pretending to speak for women as a whole. But most women are far smarter than to be offended by this. All chickens don't want to be eaten. Most women do not identify as feminists. Not in the modern sense.

3
0
h4rm0ny
Silver badge
Flame

Re: TWTAs

On the contrary, I think less of anyone who needs the name to be changed because "NIPS" upsets them. These people are over-sensitive ideologues just looking to be offended. They lose the respect I would give them by default through their behaviour. Ditto for those Californian politicians who have tried to get the terms "master" and "slave" removed frim computer terminology and feminist campaigner Adria Richards getting two developers fired because she overheard them making a joke about 'dongles'.

Some people you don't kowtow to. You tell them to grow up and stop trying to invent sexism and racism where there isn't any. Give them power and they'll just move on to policing the next piece of language. Fuck 'em.

9
1

UK.gov to press ahead with online smut checks (but expects £10m in legals in year 1)

h4rm0ny
Silver badge

unless things like VPN's and the like are banned in the name of protecting the children.

Shhhh! Don't give away stage two!

EDIT: Seriously, that really is stage two. First, make porn illegal under the right circumstances (i.e. without verification of identity - the only way you can check someone's age). Then say "people are still able to access porn illegally. How can we stop this?" It's not that I'm pro-porn (though it's people's right if they wish). It's that I'm anti- Government having the tools to destroy privacy.

26
0
h4rm0ny
Silver badge

It will achieve one thing. It will push those seeking soft porn and normal porn to rub shoulders with those trading in the more hard corn and violent porn.

32
0

Sync your teeth into power browser Vivaldi's largest update so far

h4rm0ny
Silver badge

Re: Tiled tabs are useful here

Are you a Mad Scientist? 'Cause you sound like a Mad Scientist.

8
0

Fortnite 'fesses up: New female character's jiggly bits 'unintended' and 'embarrassing'

h4rm0ny
Silver badge

Re: True, that's why it's *not* realistic

She looks like an Old West character. If the objection were about what's "competitive" they'd have critiqued the large rucksack and cookware, don't you think? Not a lot of sports bras in the Old West.

As to adding bouncing genitals to male characters and having male characters be naked and at full mast, you're being absurdly over the top in trying to criticize this.

1
0
h4rm0ny
Silver badge

Re: Rumor has it

Some of us very much. :(

5
0
h4rm0ny
Silver badge

Re: ... for various meanings of 'realistic'...

Disagreement is with your last line stating it was dumb to have non-rigid breasts and possibly with the implication that there's something immature about enjoying a sexually attractive character. I think that's the source of your downvotes.

8
1
h4rm0ny
Silver badge

Re: There's something very weird looking about that

I just watched it after reading your comment and no, her hair definitely bounces as well. As does the pan on her backpack and her backpack itself. I don't think the breasts bouncing is out of context with anything else. Article is wrong. Anyone disagreeing, have a re-watch.

9
0
h4rm0ny
Silver badge

Re: Shock doctrine

>>It's well known that young men who view female breasts grow up to be climate change deniers and socialists.

Actually, I think the sort of people complaining that breasts are sexist are actually pretty in favour of socialism. It's no longer some puritan religious Right leading the charge, but left wing SJW types, ime.

8
19
h4rm0ny
Silver badge

Re: I'm shocked...

I remember an Anita Sarkeesian one where she was complaining that Ms. Pacman had a bow. Used it as an example of "female stereotyping in videogame culture" or some such.

Why can't some people just relax a bit more. You know quite a few women like those big breasts as well?

29
3

A story of M, a failed retailer: We'll give you a clue – it rhymes with Charlie Chaplin

h4rm0ny
Silver badge

Re: Ironic, isn't it?

I always found Maplin stores to be very good from a customer point of view and the staff surprisingly knowledgeable about their stock and what you need.

The problem is that the only things I ever need from Maplin are small items that I suddenly realise I need (USB stick, SD Card reader, cables, a mouse...) and isn't worth making a special trip into town for. So I open a new tab, find the item on Amazon and know that it will be with me in the morning.

5
0

Fourth 'Fappening' celeb nude snap thief treated to 8 months in the clink

h4rm0ny
Silver badge

Re: I'm not a particularly draconian 'eye for an eye' person...

There shouldn't be a double standard for celebrities. If you argue that these people should be treated lightly because of whatever reason you want to blame the celebrities for, then you're normalizing and arguing for light treatment for all victims.

If it's humiliating and destructive for you or me (and yes - nudes and sex tapes seen by everyone I work with would be very damaging for example) then celebrities should be treated the same.

4
3
h4rm0ny
Silver badge

Re: I'm not a particularly draconian 'eye for an eye' person...

They would have been less if it wasn't celebrities.

Maybe. But if they hadn't been celebrities the files wouldn't have been mass shared the whole world over and a media focus. I don't know if that makes a difference to how they should be sentenced.

2
0

Judge bars distribution of 3D gun files... er, five years after they were slapped onto the web

h4rm0ny
Silver badge

Re: Lateral Thinking

No, I'd prefer that no-one built and used the damn things. But if someone is going to make one, smuggle it onto a plane or suchlike where security would bar a "normal" gun and then use it to take someone's life then I would prefer it be the perpetrator that suffers rather than the innocent victim.

These still have metal parts in them, still show up in X-rays, still use gunpowder (and thus detectable by the same chemical techniques). You clearly have no idea what you're talking about. The few people making these things are hobbyists, not criminals.

0
0
h4rm0ny
Silver badge

Re: Lateral Thinking

So basically you want to kill people.

7
3
h4rm0ny
Silver badge

Re: Where is the NRA?

Not necessarily. I'm not into guns, but I remember several people in my youth who built zip guns in grade school shop class, using basic and readily available tools and materials.

I read the post as meaning "real" guns. Not dangerous but highly inaccurate one-shot devices. But they are guns, I suppose. So it depends what is meant. In any case, it takes a lot of bulky and expensive equipment to make a modern firearm, that is for sure.

1
0
h4rm0ny
Silver badge

Re: Where is the NRA?

>>

What will happen to the NRA's generous corporate contributions from Big Gun when people quit buying from them?

The NRA has over 6 million dues paying members. This may shock you but guns are actually quite popular in the USA. The biggest share of its funding is from ordinary members. There's around another 10% from advertising (which is probably your "big gun") and then a chunk of private contributions above and beyond dues. As lobbyists, they rank far, far, far behind big players like Google and Health Insurance industry.

7
2
h4rm0ny
Silver badge

Re: Where is the NRA?

Did you bother to look before you declared the NRA remain silent. NRA have commented on 3D guns previously. Most recent statement on it seems to be from just last month:

“Many anti-gun politicians and members of the media have wrongly claimed that 3-D printing technology will allow for the production and widespread proliferation of undetectable plastic firearms. Regardless of what a person may be able to publish on the Internet, undetectable plastic guns have been illegal for 30 years. Federal law passed in 1988, crafted with the NRA’s support, makes it unlawful to manufacture, import, sell, ship, deliver, possess, transfer, or receive an undetectable firearm.”

Seems an accurate statement to me. I'm unclear on what exactly you expect their position to be.

8
0
h4rm0ny
Silver badge
Black Helicopters

Re: Bad Logic

What about people who can work out for themselves that a pipe, a projectile and a small quantity at one end makes a firearm? Has the UK outlawed thinking as well?

Actually, don't answer that - the answer is probably 'yes'.

8
1

Elders of internet hash out standards to grant encrypted message security for world+dog

h4rm0ny
Silver badge

Re: Cue firestorm

>>"So all the TLAs need to do is give compromised systems a hard time, and you'll assume they haven't been compromised?"

I'll certainly consider it more likely. They'd be damned fools to allow a non-compromised network to operate unimpeded whilst actively banning or restricting the one they can scan through at will. Most people don't choose their app on the basis of what the state dislikes, but on what is convenient. So why would they try and push the masses to the one they don't the to use?

You're considerably less clever than you think you are.

2
1

Facebook brings banhammer down on over 650 pro-Iranian 'fake news' accounts

h4rm0ny
Silver badge

Re: I don't get it.

I agree with nearly everything you say except that blaming Trump for anti-US sentiment. The destruction of Libya was the policy decision of Obama and Hilary (who really pushed very hard for it). The US backing of anti-Syrian elements in the ME (i.e. ISIS) along with CIA destabilization efforts in Syria was initiated by Obama. Bush attacked Iraq.

Trump's contribution to anti-American feeling in the non-English speaking world is basically recognizing Israel's claim of Jerusalem as their capital. Which yes, caused a lot of anger, but mainly with parties who were already very angry with the USA anyway.

3
1
h4rm0ny
Silver badge

So are these all bots?

Because the way it's written makes it sound like many of them are actual Iranians and just considered removed because their political views are considered wrong.

Will Facebook be dealing with UK, USA and German public manipulation efforts on their network? Because all three are actively engaged in exactly this. I remember during the attacks on Libya there was a large co-ordinated effort to create and maintain online accounts to push the accepted view and attack contrary posters. I'd love to know how many people they actually had working on that one.

3
1
h4rm0ny
Silver badge

Right Wing?

"While inauthentic content operations are, at least in the popular mind, associated with right-wing content..."

They are? Why? Because of a pittance of Facebook ads bought by Russia that were vaguely (we're told - they wont show them) pro-Trump? To my mind it would be the many millions that the Democrats spent on "online campaigning" that comes to mind along with the use of Cambridge Analytica data. But hey, I'm not a journo from San Francisco where anything bad must be Right Wing so what do I know?

3
1

The Register - Independent news and views for the tech community. Part of Situation Publishing