* Posts by Sir Runcible Spoon

5770 publicly visible posts • joined 29 May 2007

Asteroid Florence buzzes Earth, brings two moons along for the ride

Sir Runcible Spoon
Joke

Re: only ones saved

"108 Astral Crescent, Zoovroozlechester, Betelgueze V"

What did the Romans ever do to get to Betelgueze...Betelgueze...Betel....

Networking vendors are good for free lunches, hopeless for networks

Sir Runcible Spoon

Re: Cloud

Everyone seems to be focusing on the software aspect of routing. What about the physical?

Plenty of enterprise architecture revolves around processing packets very quickly, and in parallel with other networks that might be logically separated (but on the same physical links).

I can understand that there are savings to be made in a server based approach, but from a security point of view that's always just going to introduce more ways to circumvent your policy control points.

Security engineers won't necessarily be aware that their virtual firewall can be bypassed by a bug in the underlying host that is subject to a different patching/update policy and not necessarily under their control.

Give a boffin a Xeon and a big GPU, get a new big prime number

Sir Runcible Spoon

Am I safe to assume that the following idea is already part of how primes are determined to be prime?..

Prime Number = N

Divide N/2, this is the upper limit of the factoring process, = Nx

Start dividing N by Y (3, 4, 5 etc.),all the time reducing Nx by dividing it by the current value of Y.

At some point Y=Nx and if you haven't found it to be divisible, then you have a prime#

(Apologies to any mathematicians out there, I failed A level :) )

Australia reviews defence export controls, perhaps easing cryptography research

Sir Runcible Spoon

Re: Not really enforceable

What happens if an Oz researcher has copies of known malware on his laptop and then he travels to the US of Jail?

80% of IT projects in public sector delayed due to IR35 – report

Sir Runcible Spoon
Facepalm

Re: All because the lady wanted 50 million

Please tell me you at least use a spell checker on your documentation :)

Sir Runcible Spoon
Joke

Colour me surprised

Why do I suddenly have a vision of the public sector IT industry doing a 'double-take brother' style jump.

Joke icon, because that's what this is - a joke. If (when?) they roll this out to the private sector, they might want to watch Fight Club. Do *not* fuck with the little people who make your little bits of money disappear and reappear.

Deputy AG Rosenstein calls for law to require encryption backdoors

Sir Runcible Spoon

Re: Impossible

I hope you don't litter your coding remarks with that many capital letters :)

Sir Runcible Spoon

Re: Impossible

keeping you in prison indefintely until you reveal the keys and holding you upside down in a tank of water with electrodes on your bits until you remember

PTSD interferes with my memory recall. As does being pissed off at someone trampling over my rights.

Sir Runcible Spoon
Paris Hilton

Re: call to arms

"But unless enough "sheeple" also use proper encryption"

Take a look at the top of your browser, right now. See that bit that starts 'https://' ?

If you need any more clues - I refer you to the right doshonourable Paris Hilton, T.A.R.T. ->>

Sir Runcible Spoon

Re: "if you FORCE A BACK DOOR like that, you render the encryption WORTHLESS"

"A "lynch mob" of Aholes, perhaps?"

How about..

A clusterfuck of dingbats.

Mega VR roundup: Lots happening in the virtual and real worlds

Sir Runcible Spoon

Motion Sickness

I get nauseous even when I'm driving myself sometimes, and it was certainly a struggle playing Battlezone on ps4 vr at first. However, by stopping when I felt ill and trying again the next day I got my VR legs in about 3 weeks. Now nothing bothers me in VR. In fact, it's actually helped me deal with it in RL as well.

VR is the nuts.

Connect at mine free Wi-Fi! I would knew what I is do! I is cafe boss!

Sir Runcible Spoon

You could have saved yourself some grief by setting QoS for VPN traffic and then only connecting a VPN to the wi-fi. No need to constantly re-boot.

China's cybersecurity law grants government 'unprecedented' control over foreign tech

Sir Runcible Spoon

Re: Bravo .... QubedD

Hmm, rampant greed vs. self-preservation*

*which, in the short-term means losing out on business, but in long run means you won't have a Chinese knock-off competing for your global market in 10 years time.

Yep, greed it probably is.

If the tech companies all agreed to pull out of China if they insist on this kind of bullying, then what kind of market would be left do we think?

'Independent' gov law reviewer wants users preemptively identified before they're 'allowed' to use encryption

Sir Runcible Spoon

@Amber Rudd et. al.

ACKnowledge your SYNs and we might consider IT.

Right, off to UDP we go :)

Bitcoin Foundation wants US Department of Justice investigated

Sir Runcible Spoon

Re: Dear DOJ:

as long as US dollars are involved, the US government, by default, is involved.

By that logic all people have to do is convert from USD to GBP first before converting to Bitcoins

Sir Runcible Spoon

Re: Dear DOJ:

"Um, aren't they actually only backed by the private central bank that issued them?"

Um, and under whose authorities do these central banks operate?

Well, in the US I can tell you that it *isn't* the government.

Sir Runcible Spoon

Re: Dear DOJ:

"So, apart from a lack of sovereign backing, how is an e-currency any different?"

Because the law doesn't yet recognise it as a legal form of tender?

NSA enters stage two of its spying revival plan: Getting Trump onboard

Sir Runcible Spoon

Sir

It isn't rocket science.

1. If the law allowed the NSA to spy on US citizens, then they don't need to protest.

2. If the law doesn't allow the NSA to spy on Citizens, and the NSA want to, they need to try and get the law changed so they can.

I suspect they can't get this authority passed into law as US citizens might not like it.

Knowingly subverting the law to enable the NSA to spy on US citizens is nothing less than treason against the state (which is run by US Citizens) and the entire organisation should be scrapped and started again with a lot more oversight.

Any statements from politicians that they are exempt from being included is bullshit - they weren't always in that position of privilege (i.e. private law) therefore NSA has something on them all.

The biggest hurdle people have to overcome is the access to good quality information upon which to base their opinions. A free (as in not owned by special interest groups) press is essential to liberty. Without it we have very little access to credible information.

Stephen King's scary movie reboot provokes tears from 'legit clowns'

Sir Runcible Spoon

Re: Why do Clowns think they are funny or entertaining?

" I hope the El Reg Censors pass this through. It's funny to me, at least."

It's funny to us as well, just perhaps not for the same reasons :)

El Reg will always let this stuff through, because it would be criminal to remove such a farcical rant.

Sir Runcible Spoon

Don't forget the classic B movie - Killer Clowns from Outer Space

US government: We can jail you indefinitely for not decrypting your data

Sir Runcible Spoon

Who said anything about using a valid key (or algorithm?)

Take input data.

Determine what you want as output data.

Create a 'decryption' process that will simply convert the first into the latter. If they don't have to reveal the code that does this it doesn't even need to be an algorithm, just a straight switch.

Wouldn't work on a whole disk obviously, but for a single file I can see that fooling a lot of non-technical people.

How the CIA, Comcast can snoop on your sleep patterns, sex toy usage

Sir Runcible Spoon
Paris Hilton

Re: If there were no such commercial product as insurance...

Whilst we are on recommendations, I have a NCU that I'd like to turn into a router (or transparent bridge) that can also run wireshark.

Best OS and software for the job?

Intel ME controller chip has secret kill switch

Sir Runcible Spoon

Re: The mind absolutely boggles.

@Charles 9 - Thanks for helping to restore some sanity and harmony to my household :)

Sir Runcible Spoon
Paris Hilton

Re: The mind absolutely boggles.

How does that old saw go ... "One sign of insanity is doing the same thing over and over again, each time expecting a different result"

I said this to my wife yesterday whilst we were in the garden enjoying the Sun. She was trying to stand up a water bottle on sloping ground and it kept falling over (6 or 7 times). After uttering the above phrase she just looks at me and says 'it only has to work once'. At which point the bottle remained upright after being placed down.

I had to concede that she was right and that I was speechless.

Mazda and Toyota join forces on Linux-based connected car platform

Sir Runcible Spoon
Unhappy

OFF

Please, for the love of all that is good in the world, include an OFF function for any kind of remote connectivity to/from our future cars.

SAP point-of-sale systems were totally hackable with $25 kit

Sir Runcible Spoon

Re: SAP server connects back to hacker laptop

Unfortunately a VPN doesn't help if someone has control of one of the end-points.

Didn't the attack simulation involve the servers that were on store premises (rather than the back-end servers running the databases)?

Sir Runcible Spoon

Re: once on the network...

Not sure who would down-vote this statement, possibly someone who hasn't tried to secure windows servers in an enterprise environment.

Netbios ffs?

Sir Runcible Spoon

Re: once on the network...

If it involves a windows server at any point, forget about secure protocols.

Vodafone won't pay employee expenses for cups of coffee

Sir Runcible Spoon

"If your job requires travel and you sign up to it knowing you will be inconvenienced then why should your company pay for lunch?"

Well, in my case it would be because I made sure that was in the contract.

Sir Runcible Spoon

Re: Quid pro quo

"if you are being flexible by travelling long distances on your own time"

This is why I charge for the travel time as well (assuming it's not a usual location I'm going to). Once a client queried it (as in - why are you doing this?) and I simply said they were paying for my time. If they wanted me to drive for 6-8 hours for a 1/2 hour meeting that was their choice, but they were paying for it.

Amazing how requests for on-site meetings dropped after that :)

'Driverless' lorry platoons will soon be on a motorway near you

Sir Runcible Spoon
Flame

Have you ever argued with a lorry pulling out into the lane you're in? I tend to find when they put their indicator on they just go for it.

Indeed I have, I was alongside at the time, driving myself and my wife back from an anniversary trip.

The bastard heard me on the horn, we could both see him looking at us in his wing mirror. I was wedged up against the crash barrier on one side and his tyres on the other before I'd managed to slow up enough for the bulk of the lorry to pass in front of us - he didn't stop straight away either.

Bastard nearly killed us and he didn't even get out of his cab when I managed to flag him down and turn into a petrol station forecourt.

Sir Runcible Spoon

My concern is how they overtake the old biddy doing 45mph in lane 1.

If the first lorry is sending instructions back to the other two, then an overtake would have to take into account the whole length of the convoy before verifying it is safe to do so.

It's hard for single lorries to get into the other lanes sometimes, so no idea how 3 will cope.

DreamHost smashed in DDoS attack: Who's to blame? Take a guess...

Sir Runcible Spoon

Re: Okay.

It bothers me that Brass Eye looks like real footage when I look back on it

Fewer than half GCSE computing students got a B or higher this year

Sir Runcible Spoon

Re: Also....

I have to disagree with you there.

When I dropped out of Uni after my first year I did some ICT courses to fill the time (they were free) whilst I was looking for work etc.

They've come in very useful over the years. People who have used Excel for years often ask me how to do things, especially when they see some of my 'thrown together' reports expressing functionality they hadn't even considered.

Also, making my design documents look professional by understanding how to format Word documents properly helps too.

Powerpoint, yeah - fair enough.

The point is, it isn't an either/or choice, and ICT isn't completely useless in IT.

Sir Runcible Spoon
IT Angle

When I had to choose which O level course I would take, I had to make a choice between History and Computer Studies. CS won, but I loved history. In fact, my history teacher actually cried and tried to convince me not to take CS (lovely lady, great teacher as well).

How life turns on a single decision made when you're 12 years old eh?

Sir Runcible Spoon
Paris Hilton

Re: IT snobbery

Personally I think that the education system would do well to teach core skills, rather than specifics.

Things like:

Don't be afraid to experiment

How to break things down into first principles so you can apply the knowledge across multiple disciplines

F1 - What is it good for? (RTFM)

What kind of attitude gets the best results

How to change your attitude if you're not currently happy with it

How to use online search engines to discover possible answers to your current problem

How to filter out the information you don't need and focus on the information that is relevant

etc.

Sir Runcible Spoon

Re: Teaching IT doesn't have enough money

I spoke to someone recently in a large firm who was trying to recruit for a fairly specialised role in IT security.

In order to get the role categorised to allow for a competitive salary he had to tick lots of boxes relating to skills that weren't specifically required (otherwise HR would classify the role as a lower tier and limit the salary on offer).

So, imagine the surprise when it's hard to get people applying with the right skill-sets.

Sir Runcible Spoon

Re: Teaching IT doesn't have enough money

Stop teaching kids that copy/paste from Google images into word is "computing"

Really? Wow. I had to write a database for my Computer Studies 'O' Level ffs.

Sir Runcible Spoon

really young kids that don't have the same fear of technology

I think a healthy respect is required. Total lack of fear basically means they will trust anything associated with technology and trust their entire lives to little bits of silicon in other peoples' possession. Oh.

Also, what does anyone expect when all the kids are seeing are no-talent shitheads getting boatloads of money for just being famous shitheads. Why bother with all that hard work of actually learning something when route-1 is to take part in a reality TV show and be more outrageously thick/controversial than the previous lot.

Race to the bottom doesn't even cover it.

Cybersecurity world faces 'chronic shortage' of qualified staff

Sir Runcible Spoon

Re: Broken labor market for workers in the IT industry

The trick I learned to overcome this obstacle was to apply for jobs where my previous experience only counted for 1/2 of what the new role requires - then added in a commitment to learn the other half asap.

Once you've done that a few times you have a track record to point at to say 'see - I did the same thing here, and here, and here - so trust me, I can learn the rest'.

After a while I found I had enough experience to be considered 'qualified', even though I still take jobs where I only 1/2 know what I'm doing ;)

Disclaimer: This doesn't help getting onto that first rung, but basic certs like CCNA can help a little there. You don't get to the top overnight - well, I certainly didn't at any rate.

Read IBM CEO Ginni Rometty's letter to staff: Why I walked from Trump's strategy forum

Sir Runcible Spoon

Re: Sir Runcible Spoon

While I truly wish he was true with every bone of my body, history now mocks his appeasement strategy.

Now that we are faced with our own Nazis, there has to be a decision. Do we appease them, knowing that no amount of education or "showing them whats right" will change their views or do we meet force with force?

What is the third option here?

The historical situation with Nazi Germany isn't really a true comparison as they were operating within their own powerbase. The Nazi wannabee's on show here don't have a powerbase and they aren't speaking to a large group of people and saying what they want to hear. (There will always be the odd bell-end who believes that drivel).

1. Appease? - No. They have a right to their views, but they don't have a right to make me listen. If they act out any of their ideas then they are breaking the law and are simply criminals.

2. Respond with force? - No. This only legitimizes their position and could actually garner them more support from moderate right-wingers - if only to thwart the radical left that are oppressing them (see how that works?)

3. Respond with strength. - Yes. As long as you don't equate strength to use of force that is. Rejecting their ideas - protesting at their rallies without resorting to violence etc.

4. Ignore - up to a point. If no-one else had turned up at that rally except NN's etc. there wouldn't have been an incident at all - unless they started turning on themselves or damaging property - which would just make them criminals and free speech protections don't apply.

It has been my experience that letting idiots ruin themselves (which they always do in the end) is the most efficient means to deal with them, as long as they aren't hurting anyone else (and I don't just mean with 'offensive' language). If they hurt others, then it's a crime and they can be arrested/jailed etc. Otherwise just let them wank each other off into oblivion - who'd notice?

Just as a side note, I'm pretty sure that none of these numpties would ever have been accepted by the Nazi SS for example, who are they kidding?

Sonos will deny updates to those who snub rewritten privacy terms

Sir Runcible Spoon

Re: Farewell Sonos

""It's not like if you don't accept it, we'd be shutting down your device or intentionally bricking it.""

Lying turds. When I first bought a Sonos speaker I also bought an iPod touch as the controller for it. At some point iOS updates became so large that you couldn't install them on that particular generation device. Pretty much everything still works on that touch though, except the Sonos app. They updated the app so that it would no longer run without ios 7+ or something, and since my device can't run that it can no longer control the speakers - even though the app on ios 6 worked just fine for me.

There's no way to reverse the patch, so they basically made my system inoperable overnight unless I buy another device to control it. (Yes I know it can be done from a PC etc. but that isn't the point, it also isn't convenient).

British snoops at GCHQ knew FBI was going to arrest Marcus Hutchins

Sir Runcible Spoon
FAIL

Re: @The idiot... you really don't get it...

"Stopped wannacry, or told the world he stopped his own out of control experiment before it caused even more chaos..."

Whilst that has obviously cross some people's minds, there isn't any hint that this is the case. Nothing in the US case mentioned Wannacry - it's all about Kronos.

Sir Runcible Spoon
Joke

"

...Or all of you did it!"

I'm Kronos, and so's my wife!

Sir Runcible Spoon

"What betrayal? This isn't school where you don't snitch on your classmates to teacher, this is the adult world where if someone has potentially committed a crime they need to be investigated. The guy is on bail , not in prison. If there is evidence he did this then he'll do time, if not then he'll come home."

Since he is a British subject, and GCHQ work for Her Majesty (via HM Government), then selling him out to the Americans is a betrayal (whatever justification they feel they might have) of one of the Queen's subjects, by one of her appointed agents, to a foreign government.

If the crime turns out to be based on code written on a server hosted in the US then perhaps I could understand, but there is no mention of that. If anything, any *actual* evidence would be located on his systems at home, HERE IN THE UK.

Tell me again about how this 'evidence' is to be found by the US investigators?

Sir Runcible Spoon

Unfortunately that *would * make him a criminal (breach of bail conditions).

Sir Runcible Spoon

"Let that be a lesson to all black/white hatters. Don't go the the USA."

Also: Don't trust the spooks.

Even if Hutchins is as guilty as sin, why would there be any need to extradite him? Why couldn't he be arrested and tried here in the UK - his home.

Unless there isn't enough evidence for the UK courts and the spooks knew the CPS would just chuck the case out the door the moment it was presented.

Talk about betrayal. Now the US doesn't even need to present flimsy evidence to secure a Brit for trial. Shady fucking bastards.

Disbanding your security team may not be an entirely dumb idea

Sir Runcible Spoon

Re: Stovepipes!

"They all attempt to set out who is responsible for what"

If people spent more time addressing the issues of the day than working out who to blame *when* it all goes wrong then there wouldn't be as much going wrong in the first place.

Sir Runcible Spoon

Re: I met one chief security officer who..

If this is the perception then they're not doing their job properly.

It isn't the job of the security team to prevent people from doing business, but they are responsible for telling the business if there is a more secure way of doing it.

Failing that, document the risk and potential impact and get sign-off from the stakeholders and do what you can to mitigate.

It should never be about preventing business, after all if the revenue dries up there won't be anything left to secure - compromise is required, but that requires adult conversations between 'The Business' and 'IT Security' to achieve.

Since that seems quite difficult to most people they default back to 'computer says no', which is wrong.