Velv • User • The Register Forums

Kremlin wants to shoot the Messenger, and WhatsApp to boot

Tuesday 21st June 2016 10:20 GMT Velv

This is a good thing!

No, wait, let me explain that statement.

If governments are forcing the hand of the big multinational companies then those companies will have little choice to remove the end to end encryption since one product will not work in all countries.

We tend to use the biggies through laziness. It comes bundled and our friends us it. Without the proprietary biggies, the public will then turn to open communication platforms following open communication standards that no country can control. There will be dozens of different clients available from authors around the world and no country will have the ability to shutdown all the individuals who wrote those clients.

A country may be able to threaten a user, but then the (innocent) user has the option of handing the government their previous conversations (but you'll know they have them!).

OK, I'm not really saying the Russian law would be a good thing (or the Merkin, UK, or any other government back door). But maybe if someone points out how simple it is to circumvent then perhaps common sense will prevail (facepalm).

2 0

Wales gives anti-vaping Blockleiters a Big Red Panic Button

Tuesday 14th June 2016 19:16 GMT Velv

"Vaping is harmless"

They claimed smoking cigarettes was good for you. Until they found out it wasn't.

0 5

Bloke flogs $40 B&W printer on Craigslist, gets $12,000 legal bill

Tuesday 7th June 2016 09:50 GMT Velv

Ironically, isn't this the very type of "Service" that made CraigsList infamous???

2 0

Engine warning light appears on Uber's $100m driver settlement

Saturday 4th June 2016 09:52 GMT Velv

American lawyer unfairly profits from legal settlement. Surely not. That would never happen.

12 0

Capitalize 'Internet'? AP says no – Vint Cerf says yes

Saturday 4th June 2016 09:49 GMT Velv

So what about The Cloud, which is of course both The Cloud as a concept of some kind of service in, ear, well The Cloud, and The Cloud which is a company that provides wifi access.

0 0

Unicode serves up bacon emoji

Friday 3rd June 2016 10:47 GMT Velv

Gorilla

Harambe

1 1

Get outta here, officer, you don't need a warrant to track people by their phones – appeals court

Wednesday 1st June 2016 14:05 GMT Velv

Now let's turn the ruling over metadata on its head and see where we get to...

"Dear Mr Phone Company.

Please give us the details of all phones that were within 50m of nn.nn.nnn, ww.ww.www on mm/did/yy* between hh:mm and hh:mm.

Regards

The Authorities"

*its an article about Merkin authorities. We all know the real way to express a date is dd/mm/yy

1 0

A UK digital driving licence: What could possibly go wrong?

Friday 20th May 2016 14:30 GMT Velv

Re: You've all missed the best part

ApplePay (which uses Apple Wallet) can be activated without unlocking the phone. So no reason the driving license couldn't be made viewable while protecting privacy. In fact, you've probably just proven this should be mandatory

2 1

Friday 20th May 2016 14:27 GMT Velv

Re: It Bodes

"...and a certificate of your identity. The latter use only works at all if this is a physical card with security features which make it difficult to reproduce."

The latter use only works at all if this is a physical ~~card~~ item with security features which make it difficult to reproduce.

Lothian Buses do M-Tickets on your SmartPhone - you activate a pre-paid ticket and show the screen to the driver. Sounds easy to "fake". But it's an image with moving elements making it impossible to screenshot. An active security feature is harder to fake, so there's no reason any digital document couldn't have similar features.

2 1

HSBC swinging axe on UK IT department, 840 heads to roll

Tuesday 17th May 2016 08:32 GMT Velv

I don't know HSBCs average for years employed, but I do know the industry average is a little over 10 years.

So HSBC is getting rid of ~8,000 man years of site knowledge.

You can train new people about what's in the book (documentation), but you can't teach that "ah, we saw this fault a couple of years ago, dig out that email". But to an accountant, a techie is just a techie. I wonder when the board is going to notice that the same is true of accountants...

3 0

Sysadmin paid a month's salary for one day of nothing

Monday 16th May 2016 12:40 GMT Velv

My boss caused chaos in the January sales :)

The office was across the road from a large shopping centre. There were around 50 IT staff in the office on the 1st and no catering staff. So for lunch, the boss went over to the shopping centre and joined the queue at Burger King.

On reaching the front, he started:

"Can I have 20 Whoppers, 20 Angus, 20 chicken sandwiches, 20 hamburgers, 20 cheeseburgers and 100 large fries please"

The rest of the queue were not impressed.

9 0

Old, complex code could cause another UK banking TITSUP – study

Wednesday 4th May 2016 07:55 GMT Velv

"... its the quality of the code not the length..."

Quality is a subjective measure. Heavily documented code that's clear and easy to maintain could be quality to one situation where tight efficient complex code is quality in a different situation.

0 0

Colander-wearing Irishman denied driver's licence in Pastafarian slapdown

Thursday 28th April 2016 10:06 GMT Velv

"Surely the thing that defines a religion is sincere belief, nothing else.

If you sincerely believe in something/anything then who are "they" to say it is or isn't legitimately a religion?"

And there in lies the problem - what if your sincere "belief" is that some element of society is wrong and that it's your duty to execute them. Does that grant you the freedom to follow your religion?

There needs to be a consensus of acceptable behaviour, and Pastafarianism is a political tool to show a mirror to religion and religious beliefs. If there is anyone on the planet who truly believes in the FSM then they've missed the point completely.

0 0

FBI ends second iPhone fight after someone, um, 'remembers' the PIN

Tuesday 26th April 2016 02:53 GMT Velv

Re: Some thoughts

If they're your disks and you refuse to comply then you're first person involvement.

If Seagate* were compelled to provide access to the content of your disks then they'd be a third party involvement similar to Apple.

*or your manufacturer of choice.

2 0

Tuesday 26th April 2016 02:45 GMT Velv

Re: Q: How is the government ever going to convict bad guys without access to encryption?

Never lose sight of why the FBI really wanted access to his phone. Hint, it wasn't to convict him.

It was to find his contacts - to find the other drug dealers and users he was interacting with so they know who to conduct the above searches against.

3 1

Amazon attempts rule fudge to take exclusive control of new dot-words

Monday 25th April 2016 11:12 GMT Velv

Re: Bass-ackward.

But do you own .jake

Didn't think so.

So you don't control *.jake

One wonders if Jake actually understand how TehIntraWebTubes (sic) work

5 1

One million patients have opted out of Care.data

Wednesday 20th April 2016 12:23 GMT Velv

I'm in no way defending HOW this has been done (government is shit), or some of the WHYs, but the statistical analysis and big data elements are actually groundbreaking. You find correlations in seeming unrelated data through proper analysis, and things like prescription rates and referrals are related data so they don't count as big data analysis.

2 6

Wednesday 20th April 2016 12:19 GMT Velv

Re: NHS Digital

Just wait until the digital proctologist comes along...

4 0

Utah declares 'war on smut'

Wednesday 20th April 2016 09:28 GMT Velv

Self Removal

Surely all the state has to do is pass a law require transgender people to use their birth bathroom and the porn industry will remove its services from the people of the state ( see North Carolina)?

3 0

Brexit would pinch UK tech spend but the EU wouldn't care – survey

Monday 18th April 2016 09:49 GMT Velv

Isn't there a blogger somewhere who specialises in publish pay-walled articles for everyone?

On second thoughts sounds like this ones not worth reading.

2 0

'GPS 2.0' outline calls for open, hackable, interfaces

Monday 18th April 2016 08:43 GMT Velv

And just how do Google (still) know where the wi-fi base stations are located...

1 0

Drive for Lyft or Uber in SF? Your wallet is about to get lighter

Sunday 17th April 2016 09:43 GMT Velv

Re: But I thought...

Uber maintains the stance that drivers are "independent contractors" despite having lost a couple of cases over a few named "employees".

So while SF "can't have it both ways", neither can Uber, Lyft, or any other business

4 0

Met cops shop for £150m IT system. Must have: Data centre ops

Monday 11th April 2016 11:55 GMT Velv

Perhaps its because its not my area of expertise, but are there really COTS options available for operating a Police force?

There are some Operational Management tools out there for managing workloads and mobile workforces, but do they really meet the privacy, security, integrity and audit requirements of law enforcement and justice?

0 0

FBI, Apple continue cat-and-mouse game over iPhones in New York

Sunday 10th April 2016 11:43 GMT Velv

Re: Pretty weak position for the FBI here

"...by shutting down DFU updates "

I think we should be careful about what we prescribe as the "fix" for the challenge. There are many good reasons why it might be necessary for Apple to assist a person to access the hardware and content using a particular technical method, e.g. a failed update, a company owned phone, the owner being deceased and the family rightfully requiring access.

The issue is not technical. The issue is the government demanding access to private information, and their right or not to make such demands. Technical workarounds will fail - if the government has the power, they will use it, and they will penalise anyone who obstructs them irrespective of reality. We need to make sure they never get the power.

2 0

Read America's insane draft crypto-borking law that no one's willing to admit they wrote

Sunday 10th April 2016 11:29 GMT Velv

"no one is above the law"

But that doesn't mean you author utterly stupid and dangerous laws that no one should be above!!!

1 0

PayPal freezes 400-job expansion in North Carolina over bonkers religious freedom law

Friday 8th April 2016 15:42 GMT Velv

Re: Freedom

@Intractable Potshead

So you don't buy into that philosophy, that's cool.

Perhaps you think it's OK not to serve a disabled person, or an old person. Perhaps you think we should take the vote off the Blacks and the Women, because let's face it, they're not worth.

We've had this debate. Not treating people equally is discrimination. The Suffragets fought for equality and the sane people knew it was right. Martin Luther King fought and died for equality, and the sane people knew it was right. Discrimination and prejudice are wrong, and I stand by my statement - if you're not prepared to serve the public equally don't serve the public. I'm not asking you to like them, not liking your customers is a whole different issue.

1 0

Wednesday 6th April 2016 10:59 GMT Velv

Re: Who are Americans?

All people everywhere gain their personal "standpoint" from the views presented by people around them. From their family, their peers, their social groups (including religious groups), TV, film, and sports and all the daily media. Some of those around them may present conflicting views and they make a choice of standpoint.

They don't inherit it genetically.

4 0

Wednesday 6th April 2016 10:34 GMT Velv

Re: Freedom

"The state can't force you to deal with folks you don't want to."

Well, yes, and no.

If you offer a service to the public, then you must offer that service to all of the public equally. If you are not prepared to offer your services on an equal basis then you should not be offering your services.

Simple. Equal individual rights. Dig?

16 0

Panama Papers hack: Unpatched WordPress, Drupal bugs to blame?

Friday 8th April 2016 10:53 GMT Velv

Re: Simpler yet - Just Encryt

D'oh!

Encryption is useless if an authorised and authenticated "user" accesses the data, and this is actually the more common route for data loss.

2 0

Friday 8th April 2016 10:45 GMT Velv

Drupal 7.23 had major issues and Drupal 7.32 was the fix.

OK, it's utter pedantry, but I do wish software authors would look carefully at the version numbers they release, and if the numbers are close (e.g. easily transposed like the above) then increment to another number to avoid potential confusion. This is not the only example I've seen recently where similar version numbers caused much head scratching.

2 0

Managing infrastructure, a newbie's guide: Simple stuff you need to know

Friday 8th April 2016 10:33 GMT Velv

4. Centralised Authentication

If you're in the UNIX world then learn this now - it's a skill that's missing in so many companies. Some places do this integration very well, but many others haven't got a clue, and as time moves on the requirement to use a Directory Service for authentication not just at OS but at application level is going to become much more fundamental.

Don't reinvent the wheel. Integrate with a proven directory service, and if your company already has Windows AD then leverage Windows AD as that directory - the Windows world has been doing this for 16 years now, and while it's far from perfect, it's extremely pervasive.

0 0

White House flushes away court-ordered decryption like it was a stinky dead goldfish

Friday 8th April 2016 10:09 GMT Velv

Re: How far ?

I'm in no way suggesting this is anywhere near a reasonable justification for such legislation, but you've got to remember that most criminals are a bit thick, they'll use the standard features on their device, and law enforcement gaining access to the information will secure more convictions. I can therefore understand why some people think it's justified, however like you, I'd suggest any such legislation will just push the really dangerous criminals further underground.

0 0

We bet your firm doesn't stick to half of these 10 top IT admin tips

Wednesday 6th April 2016 11:57 GMT Velv

Re: 1) is a tad unrealistic

Agreed there are issues that can only be diagnosed under the users credentials.

But the policy will handle that. The user must remain present during the support service. They cannot be permitted to "just bugger off for coffee". Now I know it's difficult for the PFY in his second week to tell the senior manager they can't just leave their password behind or even just leave the computer logged on, but if the senior manager has signed up to the policy in the first place the company should be behind it and the PFY. It doesn't take long for the right culture to be the norm.

6 0

Wednesday 6th April 2016 11:48 GMT Velv

Re: encourage staff to challenge anyone who's not displaying their badge

Congratulations you've proven you're part of the problem and not part of the solution.

8 6

Security bods disclose lock bypass bug in iOS

Wednesday 6th April 2016 11:18 GMT Velv

"If there's a bypass that will grant access to data without entering the passcode, then the encryption isn't as strong as it's claimed to be, is it?"

Nothing wrong with the encryption. It's the authentication that is weak.

2 1

Contactless payments come to in-flight entertainment units

Wednesday 6th April 2016 11:14 GMT Velv

"in the event of the aircraft losing cabin pressure Oxygen masks are available from the ceiling by presenting your contactless card to the panel above your head"

4 0

'Devastating' bug pops secure doors at airports, hospitals

Monday 4th April 2016 12:31 GMT Velv

Re: The service runs as root?

"The service runs as root? ... is just plain laziness..."

"If the input was sanitised, it wouldn't even matter that it was running as root"

Any single failure probably wouldn't be an issue, but this problem and more importantly the subsequent blindness in the comments just highlight that *ALL* areas of the system need to take responsibility for the security of the entire system. No piece can ever rely on security being provided by some other piece.

7 0

US government updates secure email guide for first time in a decade

Monday 4th April 2016 12:17 GMT Velv

Re: Oxymoron

the old comparison being "Military intelligence is to intelligence what military music is to music"

0 0

Bloaty banking app? There's a good chance it was written in Britain

Monday 4th April 2016 11:27 GMT Velv

Re: A few notes ....

"There a reason the worlds banks run on "old" technologies. Tried and tested for one. I'd rather go into space on a 50+ year old Soviet rocket, than the latest gee-whizz from anyone."

It's a balance between how proven the old and the new are. I'd rather go into space on this years model rocket if they've proven for a few months they can launch 10 a day than the 50 year old rocket that's only ever had 10 launched.

Banks are careful about the technology chosen, but as the proven technologies get older the number of experienced people in the world is actually falling.

0 1

Reddit's warrant canary shuffles off this mortal coil

Friday 1st April 2016 12:04 GMT Velv

Reddit to be first prosecuted for breaching terms of the letter

Reddit have by removing the canary taken an action which tells everyone that a National Security Letter has been served, and that is likely in breach of the conditions of the letter.

It remains to be tested in court, but Reddit is high profile enough that I can see this being the first to be pushed by the government (I guess it depends on the content of the letter and when the relevant agency is willing to make the details public in court).

While the warrant canary is a nice idea, it's not as neat as people think.

0 3

iPad bricked by iOS 9.3? Don't worry, we'll get through this together

Monday 28th March 2016 16:23 GMT Velv

That being the route in the FBI would like to take.

0 0

Computers shouldn't smoke. Cigarettes aren't healthy for anyone

Thursday 24th March 2016 15:53 GMT Velv

Back in the days when you could smoke on aircraft the maintenance crews found the yellow staining a great indicator for finding the leaks in the pressure vessel.

7 0

MH-370 search loses sharpest-eyed robot deep beneath the waves

Thursday 24th March 2016 15:43 GMT Velv

Re: Waste Of Time

Even if such satellites were operating over the ocean at the time, the data will probably have been dropped instantly.

They weren't looking for the plane, so the chances of catching the incident by accident are minuscule, and given the vastness of ocean with nothing happening there wouldn't be analysts wasting time to look for anything in the footage, so it would just get dumped.

4 0

Google to unleash Android Pay on UK shoppers within 'months'

Thursday 24th March 2016 14:47 GMT Velv

Re: I don't see any point to this

Can't speak for AndroidPay, but ApplePay tokenises the details from the App so that as they pass through the card machine and over the network they cannot be copied and used elsewhere.

If you just use your card (contactless or normal) then the card details can be stored or stolen and used elsewhere (and there are plenty of examples where this has happened with dodgy card machines and dodgy retailers).

0 0

Google gives away its internal $200 patch analysis tool for free

Tuesday 22nd March 2016 10:43 GMT Velv

Call me cynical, but one of the advantages of paid for tools is that there is a profit market for innovation and diversity. If all researchers use the same free tools they run the risk of making the same mistakes in their research.

OpenSSL was/is a great security library for developers. Open source is great because anyone can read the source code and find any bugs. It all fell down when it turned out nobody had read the source code and it had quite a serious bug.

0 0

Swede builds steam-powered Raspberry Pi. Nowhere to plug in micro-USB, then?

Friday 18th March 2016 13:41 GMT Velv

Steam Radio

Is the Pi running an Internet Radio Streaming app? Or should that be steaming app?

7 0

Flying Scotsman attacked by drone

Thursday 17th March 2016 14:33 GMT Velv

Re: Clearly impossible

Having applied a fresh cup of really hot tea you've just proven that the more unlikely something is to occur the higher the probability it will happen sooner rather than later

7 0

Thursday 17th March 2016 14:27 GMT Velv

Re: Think of the cost implications

"They'll have to employee someone to scrape all the drones off the front at every station...."

They don't bother scraping off the remains of other flying objects a train hits. And presumably to be mainline certified the windscreens will have been tested with the chicken gun.

5 0

Middle-aged US bloke pleads guilty to iCloud celeb nude photo hack

Wednesday 16th March 2016 14:32 GMT Velv

Re: They gave him their password

He pled guilty to one count of unauthorised access to a computer system.

That doesn't mean that was one of the 122 accounts he accessed (which will be 122 separate counts of phishing or fraud or whatever that actually is in legal terms when you trick the victim into granting you access). It's an entirely different and charge.

But the evidence on that one unauthorised access was probably the best evidence they had of securing a conviction without going to court, the threat to him being a court might find him guilty of the 122 counts of fraud and a substantially larger sentence.

1 0

UK Snoopers' Charter crashes through critics into the next level

Wednesday 16th March 2016 12:24 GMT Velv

Re: Where were the opposition?

The problem is most MPs and parties have been brainwashed to believe that something is required or the country will fall apart. They believe in some form of new powers "to tackle terrorism and crime". Even if they don't believe every word of the current bill they believe there must be a new bill on surveillance and electronic communication interception.

And the fastest way to get those new powers approved is to let this bill pass to committee and hope they can amend it prior to final reading.

What happens next will be the real tell-tale...

4 0

Topics

Special Features

Vendor Voice

Resources

Posts by Velv

Page:

This is a good thing!

Gorilla

Re: You've all missed the best part

Re: It Bodes

Re: Some thoughts

Re: Q: How is the government ever going to convict bad guys without access to encryption?

Re: Bass-ackward.

Re: NHS Digital

Self Removal

Re: But I thought...

Re: Pretty weak position for the FBI here

"no one is above the law"

Re: Freedom

Re: Who are Americans?

Re: Freedom

Re: Simpler yet - Just Encryt

Re: How far ?

Re: 1) is a tad unrealistic

Re: encourage staff to challenge anyone who's not displaying their badge

Re: The service runs as root?

Re: Oxymoron

Re: A few notes ....

Reddit to be first prosecuted for breaching terms of the letter

Re: Waste Of Time

Re: I don't see any point to this

Steam Radio

Re: Clearly impossible

Re: Think of the cost implications

Re: They gave him their password

Re: Where were the opposition?

Page:

About Us

Our Websites

Your Privacy