* Posts by 0laf

1967 publicly visible posts • joined 25 Nov 2009

Enterprise patching... is patchy, survey finds

0laf
Facepalm

Many big suppliers refuse to invest in the development of their own products leaving customers hanging with out of date vulnerable systems.

CRAPTA and NGA being prime culprits.

Microsoft's instance on bundling up all their patches doesn't help either.

Trident nuke subs are hackable, thunders Wikipedia-based report

0laf
Mushroom

Boom

Mate of mine used to be a submariner on a Trident boat and wangled a tour for a few mates including me.

The systems on those boats look like well maintained relics from the late 70s early 80s (probably because they are). I can't imagine there is much hacking that can be done without a screwdriver and a soldering iron.

My mate's work console had a worrying resemblance to Homer Simpson's station at the power-plant.

So no, not really worried about a v boat being hacked by hippies with iPads.

Healthcare tops UK data breach chart – but it's not what you're thinking

0laf
Childcatcher

Egress

It does have to be said that Egress has a vested interest in showing up these stats since they sell a product suite that addresses the issue.

However being fair I do actually quite like the product

Much-hyped Ara Blackphone LeEco Essential handset introduced

0laf

Re: It's designed for optimal professional reviews

I wonder how fast it goes round the Nurburgring

0laf
Facepalm

It's squarish, blackish, round corners, metal sides, shiny, 2 cameras. Pretty much like every other phone. Pretty much the only differentiator these days is the price.

I've not noticed people getting nearly so excited about phones for a long time now. I don't think the majority really give a shit any more. They have the flavour they like and they have a budget. It doesn't really matter too much what they look like since most people put them in a case anyway.

Might as well have a glossy launch for the 2017 'Brick' - This one is new, 5gr lighter, now with 2 holes not three. Kiln baked at 514C to provide a smooth glazed inner surface, improved mortar adhesion; register to receive your 2017 pre-release Brick before everyone else.

Ad watchdog bites Plusnet over 'unintelligible' radio ads

0laf

Plusnet! We're shite, but so is everyone else.

[Your experience of this or other vendors may vary]

BA's 'global IT system failure' was due to 'power surge'

0laf
Black Helicopters

From another forum and a friend of a friend that works with BA IT.

The outsourcer was told to apply security patches which they did and powercycled the whole datacenter.

When it came back up it popped many network cards and memory modules when the power spiked.

The outsourcers lacked expereince in initiating the DR plan and it didn't work. Or maybe DR wasn't in the contract.

True or not I dunno.

0laf
FAIL

Not shocked

Last time I flew BA (2016) the plane broke before the doors even closed (fuel valve problem). BA basically reacted like they've never seen or even heard of a broken plane before and as if all their staff had just come off a week long absinthe and amphetamine bender. They lost a bus load of passengers who then re-entered T5 without going through security. BA staff were wandering round shouting "I don't know what to do" and the tannoy was making automated boarding calls the staff didn't know about. I've rarely seen such a display of shambolic ineptitude.

Still the compo (when the ombudsman made them stop ignoring me) was more than the costs of the flight.

So to see a fuck up of this magnitude, really not surprised at all.

WannaLaugh? Funsters port WannaCrypt to Commodore, Cisco, Nintendo and Tesla

0laf

Re: Does anyone seriously use the in-car stuff ?

Nope BMW one sucks goats as well.

0laf

Taking bets now

Cryptolocking a car has to be holy grail for the criminals. Pay £40k for a car and £300 every month to get it unlocked because the manufacturers can''t/won't update it.

NHS Digital stopped short of advising against paying off WannaCrypt

0laf
Facepalm

Re: Anyone-

That's the language demanded by the politicians and the decision makers. If you don't mention 'cyber', if happen to talk about it's older wiser less exciting brother 'Information Security', you just get ignored.

So we all sound like fuds talking cyber this and cyber that and secretly hating ourselves for doing it.

Info commish: One year to go and businesses still not ready for GDPR

0laf
Big Brother

Businesses not read?

Government isn't ready either.

Plus UK Gov hasn't produced all the derogations yet so no one knows quite what they have to be compliant with. They'll have to roll out a derogation sharpish to deal with Rudds encryption fuck-up-in-progress / pending-u-turn.

Health data 'vault' app floats into UK.gov's G-Cloud. *cough* GDPR *cough*

0laf
Big Brother

Compliant?

Is there such a thing as a GDPR compliant service. As I understood it the details of the implementation of GDPR in each state is still in development.

https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/national-derogations/

The UKs derogations will probably be written to support cost saving exercises such as this retrospectively using 'public interest' as the excuse for an exemption from the rules.

WannaCrypt 'may be the work of North Korea' theory floated

0laf

Double Bluff

Ideal opportunity for the Norks to play havoc. Every one points the finger at them for every bad event that people will start to disbelieve they can be responsible for it all.

Then they can launch a massive attack knowing that a board population will just roll their eyes and say "not the Norks again, tinfoil hat time".

Shadow Brokers resurface, offer to sell fresh 'wine of month' club exploits

0laf
Meh

ROI

Well they've seen the success of large companies forcing their customers into a subscription model so it's not surprising they would do the same.

[You need a "follow the money icon"].

Ransomware scum have already unleashed kill-switch-free WannaCry‬pt‪ variant

0laf
Mushroom

Oh FFS

I've spend the whole morning fire fighting a executive management that are in abject panic over this. Despite the facts that we

1) Have no windows XP left

2)Patched MS17-010 over a month ago

3)Have tweaked the security appliances to catch this stuff

4) Issues alerts on Friday and primed the helldesk

and ultimately, we've had no fucking incident!

It's almost like they're upset nothing has happened. FFs we had more bother with the emotet version the week before. This didn't even register it was a non-event.

And I must say how much I'm enjoying every department in the company trying to climb on the infosec bandwagon all of a sudden. It's almost like they can smell resources and influence or something. Strangely they're nowhere to be seen when it's risk assessment or PIA time.

PC repair chap lets tech support scammer log on to his PC. His Linux PC

0laf

Hmmm I've never tried the death scenario must try that.

I tried making up a ludicrous story about an accident involving an oil tanker that crashed and rolled into a field setting the sheep on fire and they were running around bleating...and on and on

At the end it turned out he'd taken me seriously and had noted it all down. Even the bit about the flaming sheep setting my barn on fire which contained my collection of antique clown dolls

Fun went out of it then

UK hospital meltdown after ransomware worm uses NSA vuln to raid IT

0laf
Facepalm

Awareness issues, tech will do so much but some spam will always get in. You can't sop the signal Mal! Someone somewhere clicked.

I imagine hospitals are a bit like schools with lots of staff that feel very important and that security measures are not for them because they must not be impeded in doing their important stuff (even if that is playing on their new phone).

Ok I'm generalising but I've yet to be proved wrong.

0laf

Probably a misunderstanding by the attackers. Ransomware is probably quite effective against US hospitals and they may have made an assumption that all hospitals will pay to resume service.

Or it's just collateral damage from a massive email spam list which includes hospitals. That'll be why they are hitting all parts of government as well.

Someone is sending propaganda texts to Ukrainian soldiers

0laf
Pirate

Clever

Low cost, negligible risk, potentially significant reduction in enemy's effectiveness.

Sound tactic I'd say.

User loses half of a CD-ROM in his boss's PC

0laf

Re: He was lucky

High speed drives (52x) had a habit of shattering disks, usually blanks being written because they were that bit thinner I guess.

More a than a few times bits of the disks were embedded within components within the case or had completely destroyed the inners of the drive. Quite scary how much energy could be put into those little disks.

China's first large passenger jet makes maiden flight

0laf

Well the with the glowing safety record of many Chinese produced cars I'm sure we'll all the queuing round the block for this.

Gamers red hot with fury over Intel Core i7-7700 temperature spikes

0laf

Re: Alternate Measure

I think if you did that the processor work be at risk of a catastrophic deconstruction. When you smash the thing to bits for making such a bloody racket.

0laf

i7?

My cheepo i3 does it as well and it's the feckin Windows update service that does it. Are these guys sure it's a problem with the hardware?

Windows 10 S forces Bing, Edge on your kids. If you don't like it, get Win10 Pro – Microsoft

0laf

Re: I remember when...

They would get so much flak if they didn't do so many stupid things.

Like resale a £1000 laptop marketed as if it was a £150 Chromebook.

Plus the £50 upgrade fine. Why fucking bother the damn thing is next to useless without it how about market the thing as a full W10 laptop for £50 more and don't bother with the stupid extra step.

Still too dear, still a stupid idea. At least we know the guys from Winpho are still working.

Has anyone thought of air-dropping them in to 'aid' the current Syrian regime. They'll have the whole thing in collapsed within weeks.

0laf
Flame

Antitrust?

Soooo back in the day the EU took MS to court to stop them bundling IE with every machine by default.

But now that's ok with Win10 and Win10S?

Same for Google, it's ok for them to bundle Chrome with every android device and block it's removal?

I hate the idea of Google in schools, kids forced to sign their souls to the great G in exchange for access to their tracking services.

They are kids, fuck off you should allow them to use the stuff without monitoring until they are old enough to decide to give you information.

Plus all these 'cheap' devices are designed to work with a single user. So the firsm are trying to get schools to buy every kid a device when in reality the school would be happy with one between ten.

No, Microsoft is not 'killing Windows 10 Mobile'

0laf

Re: Alas poor WinPho I knew him well

No I don't think so. I know the app availability was terrible and it had compatibility problems but I always ground the OS very responsive and smooth and very reliable. That was on a Nokia 920 which I picked up for £80 (unlocked) at Tesco when they were selling for £200+ in other places. Your experience on other phones may differ.

I fired it up recently to potentially give my Mum and I still really like it. Mum found it too heavy where I actually quite liked it's tank like feel.

But I had paid for services which were no longer accessible on it so it had to go.

0laf
Pirate

Alas poor WinPho I knew him well

Of course it's dead. There is next to nothing for it to run on.

It is a shame, WinPho 8.1 was (app store ignored) a great phone operating system and the best UI I've used on a mobile device. Nice big resizeable icons to suit my sausage fingers. Got an iPhone SE now ok it's more compatible with everything but it's much harder to use. I don't want a bigger phone I just want bigger icons. If I could put the WinPho UI onto my iPhone I'd be quite happy.

So, you're 'ISO 27001 accredited', huh? Just saying so doesn't cut it

0laf
Flame

Re: Can be misleading

@AC

Bingo that's so common it's sad. In procurement I regularly have to ask a lot of questions to ensure that the supplier is competent. Quite often they'll wheel out "but we're ISO27000" as some sort of catch all them is supposed to mean absolutely everything is ok. And as described when you get to it the scope of compliance is narrow and whatever they are selling is a pile of shit without basic security in place.

But I do enjoy the look on the salespeople's faces when they try, "but we're ISO27000" and the answer is "so what?"

Alert: Using a web ad blocker may identify you – to advertisers

0laf

Meh

It's a trade off.

Run an ad blocker and they might identify you as a browser with an ad blocker.

Don't run an ad blocker and they'll identify you and the internet is practically unusable.

Left field idea, why not use advertising on your sites in a way that isn't so intrusive and disruptive. Then I might not need an ad blocker at all. But right now on many sites if I can't block the ads I won't visit the site

Broadband providers almost double prices after deals end

0laf
Meh

Re: Common sense.

In my humble experience "Common Sense" is a vanishingly rare thing.

0laf
Mushroom

Car insurance seems to have actually caught up with this idea. The last few years my renewal cost have been close to the best deals I could get by shopping around.

Just 40yr to wait on the broadband guys to catch up.

Ex-IBMer sues Google for $10bn – after his web ad for 'divine honey cancer cure' was pulled

0laf
Facepalm

Re: No adverts when I search on Google for homoeopathy?

Luckily Google usually sorts out my keyboard mashing attempts at typing.

Is that two things now?

Double dirty.

0laf
Alert

No adverts when I search on Google for homoeopathy?

So they might have a blanket ban on snake-oil.

I feel a bit dirty I might have something positive to say about Google now.

Put down your coffee and admire the sheer amount of data Windows 10 Creators Update will slurp from your PC

0laf
Stop

Fine fine fine

Oh please let them be fined under the GDPR.

4% or global turnover would make such a nice headline.

D'oh! Amber Rudd meant 'understand hashing', not 'hashtags'

0laf
Big Brother

Ya boo

We politicians demand to at the forefront of any and all decisions about this shiny cyber digital shit even though we have absolutely fuck all idea what we're talking about.

It's all electric magic anyway so you nerds just piss off and don't come back until it works just the way I have it in my head or I've moved onto a new job.

Creators Update gives Windows 10 a bit of an Edge, but some old annoyances remain

0laf

Re: Creators Update, or how to apply lipstick to a pig.

The art of turd polishing

0laf
Trollface

"Windows update no longer reinstalls removed applications"

I'll believe it when I see it.

Europe to push new laws to access encrypted apps data

0laf
FAIL

Stupid is a universal constant

Fucking idiots.

They'll be the first ones to wheel out the fine-gun under GDPR when companies start to lose date through the legislated back doors.

How to leak data from an air-gapped PC – using, er, a humble scanner

0laf
Boffin

Or I could just tailgate you through a door with a badge tucked into my top pocket, mumble I've a meeting with 'John' at 11am find an empty seat and plug in my hacking kit of choice.

Ok not nearly as 'Bond-like' as the story but will work in a large number of sites without 6 months of fecking around.

So really, worry about the basic threats before you start defending against Ninjas and SMERSH.

Russian mega-telco exec: 'No business case' for 5G

0laf
Alert

Wow

Russian Head-Honcho steps off hype-wagon and acquires mystical rare ability known as 'common sense'.

Is there a six step program for all executives to bring them to a moment of clarity and stop them buying into whatever shiny shite is dangled in front of them?

Home Office accused of blocking UK public's scrutiny of Snoopers' Charter

0laf
Big Brother

Did you really expect a Government consultation to consult with the stakeholders? Really?

You must know that a 'consultation' is a political opportunity to publicly justify a position already decided upon in private.

Microsoft wants screaming Windows fans, not just users

0laf
Flame

Forced upgrades

Fucked updates

Adverts on a paid for platform

Withdrawal of services at short notice

Lack of support on their own platforms

Any excuse to ramp prices

Yeah we're all fucking fans of that MS we're fucking just loving it.

Miss Misery on hacking Mr Robot and the Missing Sense of Fun

0laf

Re: It's good but not great

"The Expanse" is going through season 2 right now and a quick Google search says it's been renewed for a third season.

0laf
Go

It's good but not great

I wouldn't want to put off these streaming media companies from creating their own content. They do seem a bit more accepting of risks with what they make.

Mr Robot a bit like a lot of these shows is pretty good but it's not great. I've watched the first series and have the second on a watchlist but it might be a while before I get to it.

I've felt the same about a few others that they have really great production values but I've just not found them compelling (Vikings, Walking Dead).

But I hope they keep trying becasue eventually they're going to make something as good as The Wire or Deadwood again.

I'm really enjoying The Expanse right now and I'm told Narcos and WestWorld are worth a watch too.

Boffins crowdsource hunt for 'Planet 9'

0laf
Mushroom

Lets keep everyone happy

If we reinstate Pluto to its rightful place then the new one can be Planet X.

Duck Dodgers in the 24½th Century icon needed urgently.

0laf

Hurry

If you could get a move on with this please. I have a 6 year old that needs answers.

Disney plotting 15 more years of Star Wars

0laf
Joke

Re: Money, Money, Money

Less of a surprise that a teenage girl should like Rouge One maybe ;-)

Good news, everyone! Two pints a day keep heart problems at bay

0laf

Pharmacology graduate here. One lecture was on alcohol interactions and metabolism.

Lecturer informed us impressionable students that unless you have a particular genetic mutation you can basically drink as much as you like and you'll never get cirrhosis.

Although you'd never know until it was too late.

'Clearance sale' shows Apple's iPad is over. It's done

0laf

Bloody educationalists

Teachers love iPads, but education managers who don't teach love them even more. At one point in the recent past it appeared that a KPI for education was the ratio of iPads to pupils. It didn't matter if they sat in cupboards flat or that they were nicked. They just had to show they'd spent a lot of money on Apple kit and all was good.

iPad = educashun = digital

Shiny and political buzzword compliant.

They never had any idea what to do with the fucking things and still don't.

I accept fully that there are circumstances where a tactile display are very useful and that there apps on the Apple store which are genuinely wonderful for kids with special needs.

But the rest? Shiny shite.

And they're a bastard to set up in a multiuser environment where the users are fundamentally evil.