nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by Velv

2360 posts • joined 21 Jan 2010

Don't make us pay compensation for employee data breach, Morrisons begs UK court

Velv
Silver badge
Boffin

While the employee had legitimate access, were Morrison’s controls on its staff sufficient to make the breach difficult or detectable? Clearly not as ithe breach was only discovered when it was published on Tor. So Morrison’s must bear some liability.

18
6

Punkt: A minimalist Android for the paranoid

Velv
Silver badge
Headmaster

consumers probably have "four or five devices" that do WhatsApp already

Well, no, they probably don’t, because WhatsApp unlike many competitor messaging apps restricts itself to phones only, so it doesn’t run as an app on my tablets, PCs, Macs etc. (I don’t count running it in a browser with convoluted access as a sufficient App).

1
0

What do Zuck, Sergey, @Jack and Bezos have in common? They don't want encryption broken

Velv
Silver badge
Big Brother

Go Dark

The big guys should make sure all Aussie users are aware of the implications by going dark for a day, or even a few hours.

Post a message that service would be offline if said law is implemented. Australia is small enough that this wouldn't really impact profits but big enough that the governments and peoples of the world would take note.

14
0

Facebook: Up to 90 million addicts' accounts slurped by hackers, no thanks to crappy code

Velv
Silver badge
Boffin

Facebook @ Work

I wonder if the same issue could potentially have been open on Workplace (Facebook collaboration for companies). How many businesses could have had data stolen that’s not just kitten videos and people’s lunch pictures?

https://www.facebook.com/workplace/case-studies

4
0

'Incommunicado' Assange anoints new WikiLeaks editor in chief

Velv
Silver badge
Headmaster

while arbitrarily detained

There is nothing arbitrary about his detention, he is entirely there through his own choice. Nobody is stopping him walking out of the Embassy whenever he wants.

8
0

Contractors slam UK taxman's 'aggressive' IR35 tax reforms

Velv
Silver badge
Headmaster

Re: Loan Charge?

There is a 2 year period where HMRC can challenge your tax return if it believes there are inaccuracies and go after any money it thinks you owe it.

It is also written in law that HMRC can go back up to 20 years if they believe you have been committing tax evasion, so the legality of a loan you are not expected to pay back is brought into question. And let’s be honest and moral here, any loan you receive that you are never expected to pay back is not really a loan, its a payment.

Or perhaps your out with HMRC is to repay the loan (which I suspect will be a larger sum you don’t have than the tax HMRC expect on it)

6
2

Amid Trump-China tariff tiff, Cisco kit prices to resellers soar up to 25%

Velv
Silver badge
Boffin

Build what?

Import all the raw materials from China to make the silicon billets?

Import the silicon billets from China but manufacture the silicon wafers?

Import the silicon wafers from China but fab the chips?

Import the chips and assemble the boards?

Import the boards and assemble the products?

It’s tariffs all the way down!!!

3
0

UKIP doubled price of condoms for sale at party conference

Velv
Silver badge
Childcatcher

Bait and Switch

Hmmm, the price goes up after you've signed up to being fucked.

A bit like their Brexit plans then

15
1

HMRC contractor scores IR35 payout after yet another taxman blunder

Velv
Silver badge
Boffin

Re: Next:

"Next: HMRC admits to being hoist upon it's own petard."

HMRC will NEVER admit there is anything wrong. To do so would open the doors for anyone previously misclassified to recover back payments.

They will either just go quiet, or more likely declare a new target.

25
0

How an over-zealous yank took down the trading floor of a US bank

Velv
Silver badge
Headmaster

Re: DevOps?

While it might be the buzzword of the CIO, CTO, et al these days, the concept has been around a long time, long before 1996.

12
0

Guilty: The Romanian ransomware mastermind who infected Trump inauguration CCTV cams

Velv
Silver badge
Coat

Re: Prison Time

"I don't think they need encouragement to lock up more people."

Nope, but some of them seem quite focused on locking up just one person

1
0

Microsoft pulls plug on IPv6-only Wi-Fi network over borked VPN fears

Velv
Silver badge
Childcatcher

Broken

As the old saying goes, if it ain’t broken, don’t fix it.

And let’s be honest, for the vast majority of internet “users” (individuals and companies), nothing is as yet broken. It all still works. Quite reliably in most cases. Until the price of operating in an IPv4 world becomes more expensive than an IPv6 there not much incentive to move (future doom doesn’t normally impact this years bottom line).

#DevilsAdvocate

4
3

Salesforce supremo Benioff buys Time magazine for $190m

Velv
Silver badge
Coat

There's always going to be a market for Time magazine while we still have dentists waiting rooms

3
0

Automated Weather Source didn't see this cloud coming: Amazon snatches up AWS.com

Velv
Silver badge
Coat

Re: Today a domain...

aws.world ?

3
0

US govt concedes that you can indeed f**k Nazis online: Domain-name swear ban lifted

Velv
Silver badge
Go

Re: This raises the question

Lothian Buses in Edinburgh use yourb.us as the link on social media to their Service Status pages.

1
0

The grand-plus iPhone is the new normal – this is no place for paupers

Velv
Silver badge
Boffin

Re: Exchange rate

Frequencies do vary around the world, that’s why most phones are “quad band” or similar and are capable of operating in most countries “roaming”

Given the radio chips are all made by a tiny number of suppliers it’s just as easy to put a world capable radio in than have specific radios for specific markets.

If only there was a standard... you know, something like a Global Standard for Mobile communication... or something issued by the International Telecommunications Union for the Third Or Fourth generations of device

6
1

GDPR v2 – Gradually Diminishing Psychotic Robots: Brussels kills Terminator apocalypse

Velv
Silver badge
Terminator

USR

Three laws safe...

2
0

Whisky business: Uni of Edinburgh servers Irn-Scru'd by cyber-attack

Velv
Silver badge
Joke

Re: Scottish college?

Reminds me of the trick question in Blackadder IV where Blackadder asks Nurse Mary which of the three great Universities she’d been to, Oxford, Cambridge or Hull?

It’s a trick question, obviously, as there are only two great universities. Oxford is a complete dump.

8
0

First it was hashtags – now Amber Rudd gives us Brits knowledge on national ID cards

Velv
Silver badge
Facepalm

"Excuse me, do you have any Government ID about your person?"

"Yes, I have my Passport and my Drivers License"

I'm sorry, we don't accept either of those, you'll need to get another piece of Government issued ID"

10
2

Python joins movement to dump 'offensive' master, slave terms

Velv
Silver badge
Headmaster

Re: that's the point where things start to go downhill.

DrEvil / Henchmen

Oh, wait, that won't work

DrEvil / Henchperson

9
2

Register-Orbi-damned: Netgear account order irks infosec bods

Velv
Silver badge
Terminator

Hmm, an app to give remote management access to your sensitive network equipment. Not sure registration with the vendor is your biggest security risk there buddy...

13
0
Velv
Silver badge

Re: Netgear - Another once great brand gone

No it doesn’t. Arlo works perfectly on my iPad and that famously doesn’t have Flash available.

0
1

So what's Microsoft's counter-AWS cloud strategy? Don't be evil

Velv
Silver badge

Re: Here's an idea...

My current company can't use Cloud for anything for security reasons. Bliss.

Sorry, but that’s a popular misconception controlled by a “policy” perpetuated by people who don’t understand what is available in the “cloud”.

Money talks, policies change. Like it or not cloud is maturing, and there is no industry or data that cannot use external services. I’m not suggesting it’s as simple as just “chucking everything into AWS”. But given recent examples of data breaches, where data is hosted (internally or externally) is less relevant than the correct application of controls around accessing it.

True, owning the data centre adds one layer of access control. But security is about multiple layers, multiple controls, all of which can be provided as part of your external hosting.

I know there will be people who disagree with this. I was one of them until I started doing research. Even governments have cleared the way for even the most sensitive of data to be handled leveraging cloud. They changed the policy.

6
3

Expanding Right To Be Forgotten slippery slope to global censorship, warn free speech fans

Velv
Silver badge
FAIL

ENOUGH

When is sense going to prevail and the law force the removal of the original content, not the search results

4
18

Official: Google Chrome 69 kills off the World Wide Web (in URLs)

Velv
Silver badge

Re: The layers keep piling up

@ecofeco

To be fair, I doubt most people ever had a clue how it works, probably not even the slightest idea

1
0

Voyager 1 left the planet 41 years ago – and SpaceX hopes to land on Earth this Saturday

Velv
Silver badge
Joke

Re: Land where?

They’ve already flung a Tesla Rodster at it...

11
0

UK.gov's no-deal plans leave HMRC customs, VAT systems scrambling to keep up

Velv
Silver badge
Mushroom

Lets not forget the shareholders are mostly idiots. That’s why we’re looking down the barrel of this Brexit disaster

20
4

Roskosmos admits that Soyuz 'meteorite' hole had more earthly origins

Velv
Silver badge
Pint

“You realize we're sitting on 45,000 pounds of fuel, one nuclear warhead and a thing that has 270,000 moving parts built by the lowest bidder?”

Rockhound, Armageddon (1998)

13
1

Plusnet customers peeped others' deets during system upgrade

Velv
Silver badge
Headmaster

Re: "handful"

Since “unlimited” in telecoms land doesn’t actually mean unlimited, I shudder to think what a handful means.

6
0

Lyon for speed, San Francisco for money, Amsterdam for fun: the best cities to be a techie

Velv
Silver badge
Headmaster

As for the worst places to go, Panama City ranks 90th i.e. last,

I strongly suspect Panama City is not the worst place to go, it is only the worst place on the list. For example, Dundee is not on the list, is fairly well renowned for its tech, particularly gaming, but I’d rather go to Panama City.

3
0

Apple pushes new iOS 12 beta build to silence notification spam

Velv
Silver badge
Gimp

Apple don’t seem to be able to fix the broken WiFi on the 6s, something fairly fundamental, what makes anyone think they can fix a things such as dodgy notifications...

2
0

Fast food, slow user – techie tears hair out over crashed drive-thru till

Velv
Silver badge
Devil

Re: Ahhh, memories...

Online chat boxes.

“OK, we need to switch to the application behind the chat window, if you press Alt-F4 the application will come to the front.”

29
0

Voting machine maker claims vote machine hack-fests a 'green light' for foreign hackers

Velv
Silver badge
Happy

Re: Umm...

"it does leave no doubt about your voting intentions"

There was a case in the UK where instead of an X in the box, the voter had written a bad word against four of the five candidates. While those four candidates sought to have the ballot paper declared excluded, the presiding officer had to agree that the voter had expressed a clear preference for one of the five.

16
0
Velv
Silver badge
Facepalm

Re: Weasels!

clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop clip clop

Yup, that's the sound of the horse already out of the stable, no point finding out how to close and lock the stable door now

19
0

Defense Distributed starts selling gun CAD files amid court drama

Velv
Silver badge
Flame

Re: oath.wav

He's fighting for our First Amendment rights. Are you?

With rights come responsibilities. You may think you need the right to distribute these files, but you also have a moral responsibility to ensure the safety of your fellow citizens. If he was a Muslim distributing the files would he still have the same rights? What if it was instructions to make a dirt bomb or nerve agent to kill a city would you stand by his "first amendment right"?

8
6

Lawyers sued for impersonating rival firm online to steal clients

Velv
Silver badge
Terminator

Is it just me, but do both companies sound like the type of Illinois “law” firm that would normally have a “team” that deal with this issue without recourse to the law...

1
0

Abracadabra! Tales of unexpected sysadmagic and dabbling in dark arts

Velv
Silver badge

Re: For those in the UK...

A former employer did the open bank holidays thing - absolutely brilliant

A) it’s really easy to get to work on the bank holiday as most folks are still at home; and

B) you get the extra days off when everyone else is at work. :)

24
0

Muslim American woman sues US border cops: Gimme back my seized iPhone's data!

Velv
Silver badge
Big Brother

Re: When Booking-Travel now the first thing I usually do is:

Wzrd1: “The phone is a US DoD provided phone.

So no need for them to seize the phone at the border to copy the data, they already have access to it.

16
1

It liiives! Sorta. Gentle azure glow of Windows XP clocked in Tesco's self-checkouts, no less

Velv
Silver badge
Flame

That’ll be the Pentiums that had the floating point error, which would explain why there’s such a controversy over Horizons accounting errors.

6
0

Texas ISP slams music biz for trying to turn it into a 'copyright cop'

Velv
Silver badge
Childcatcher

Re: From the article...

The insinuation here is that students on the Grande networks within campus are sharing between each other, so the IP address is probably the nefarious students. Probably. Not, as you say, proof positive :)

4
0

Connected car data handover headache: There's no quick fix... and it's NOT just Land Rovers

Velv
Silver badge
Joke

Re: Since Mercedes-Benz is not always aware that the vehicle is sold

Yeah, but given their (un)reliability, the chances of a nefarious person being able to make off with your Fiat or Alfa is quite low

5
0
Velv
Silver badge
Boffin

Re: Why?

Traffic avoidance. Routing round accidents, roadworks and events.

There are some systems available now, they aren’t very good, but it will develop. Google maps shows congestion.

Ultimately as cars start to talk to each other you end up with a system like TCAS (Traffic Collision Avoidance System) in aircraft, or the vision of the future in the Zurich insurance advert a few years ago. You might not like it, but it’s coming.

0
8

Apple web design violates law, claims blind person

Velv
Silver badge

Re: To put it mildly.

“ignorance of the law is not an excuse. “

While I can agree this should be the case for many of the larger companies who have a development team, there are a substantial number of small businesses who have websites produced by individuals or friends. Now while those “developers” should know the law, many are self taught and haven’t had the benefit of ethics and inclusion training, so I can understand giving the website owner and developer the opportunity to be educated and put things right.

4
3

Facebook flat-out 'lies' about how many people can see its ads – lawsuit

Velv
Silver badge
Gimp

The irony of Advertisers complaining about someone massaging the figures is just delicious.

2
0

DXC Technology asks field-based techies if they'd like to leave

Velv
Silver badge
Childcatcher

And there was me thinking DXC (and its predecessors CSC and HPE) redundancy programmes were pretty much like sales at DFS - a new one comes along every month.

18
1

Bitcoin backer sues AT&T for $240m over stolen cryptocurrency

Velv
Silver badge

Re: One thing I don't get though...

The trouble with using mobile numbers as 2FA...

is that the mobile number is used as the out of band communication for ANY verification.

1. Criminal gains control of mobile number.

2. Criminal goes to website and clicks “forgot password”

3. Website sends out of band password confirmation to mobile number to verify person requesting password reset is the person on record.

4. Criminal receives request on mobile number and confirms they requested the password reset.

5. Criminal logs on with new password

6.Website sends out of band logon verification to mobile number

7.Criminal receives request on mobile number and confirms they requested the logon

3
0

UK chip and PIN readers fall ill: Don't switch off that terminal!

Velv
Silver badge
Headmaster

Re: Whaaattt? Turning it off and on again is not allowed???

"88.6% of all statistics are made up on the spot" (Vic Reeves)

6
0

Hackers manage – just – to turn Amazon Echoes into snooping devices

Velv
Silver badge
Big Brother

Re: Hmm 'permanently'...

rather than require it to listen for the "wake word" before listening

Fixed it for you!

2
0

Apple pulls iOS 12 beta 7 after less than 24 hrs

Velv
Silver badge
Trollface

iOS 11.4.1 borked the WiFi on the 6s (and maybe others) and Apple confirmed they’re not planning on a fix until 12.

Sounds like plans for 12 are borking stuff too.

Oh what a glorious few months we’re in for...

3
0

The Register - Independent news and views for the tech community. Part of Situation Publishing