* Posts by Alister

4259 publicly visible posts • joined 19 May 2010

Hilton confirms hotel credit-card-snaffling sales till malware hit

Alister
Facepalm

Exposed data includes cardholder names, payment card numbers, security codes and expiry dates.

Great, all the information you need to make an online payment then.

Addresses and PINs were not exposed, Hilton concluded

Oh well, can't have everything

Suck it, Elon – Jeff Bezos' New Shepard space rocket blasts off, lands in one piece

Alister

Re: The space joyride market seems crowded..

<wanders off, muttering and wondering how this will improve humanity or help space exploration.>

It really is laughable reading some of the commentards on this thread. Their echoes could be traced back through history... listen!

"That Christopher Columbus, who does 'ee fink 'ee is, sailing off all over the place, waste of money, what use is it?"

"And what about that Captain Cook, eh, wasting the Royal Navy's money, can't see the point, we've discovered everything that's worth finding"

"Stupid steam Joyrides, have you seen them rich toffs paying good money to ride around on that circle that Richard Trevithick's built? What's the point of that then?"

"I hear George Stephenson's offering rides on his new steam tramway thing between Stockton and Darlington. I mean, what's the point? Who wants to go to Darlington anyway?"

"I'm glad they've brought in that new Locomotive Act, having someone in front with a red flag will just show those idiots who think horseless carriages will ever amount to anything. What a waste of money!"

"Have you heard about that Wilbur Wright bloke? He's supposed to have invented a flying machine thing, he's showing it off all round Europe. Can't see the point myself, it's not like it's useful for anything"

"They ought to ban those barnstormers, whizzing about everywhere in their airyplanes, why would you pay money to go up in one of them things, it's not like they're any use for anything really"

"What about Harry H. Knight and Harold M. Bixby then, they've put up $18,000 for some crazy stunt to fly across the Atlantic. What a waste of money!"

etc.

Alister

Re: Nouveau riche?

But seriously, this is not space, it's not even close. It's just above the Kármán line, a fairly arbitrary distinction, going fairly slowly by satellite standards. Go and do something useful with your money.

But this is exactly how road transport, and later air transport, finally took off (if you'll excuse the pun).

In both cases the rich eccentrics were the ones who started, with small steps, and eventually what they were doing progressed until it became of interest to more staid businesses, at which point some serious money started to be invested and it became more and more commonplace, and more accessible to the general populace.

The trouble with space travel is that it started with a politically driven effort to score points which was very dramatic, but very shortlived, and therefore skewed our perception. What you are seeing now is much more "the norm" it's just we've had our expectations raised by what's gone before.

The successful VTOL, especially the "L" bit, is a major step forwards. Elon must be grumbling to himself today that he didn't get there first, but a bit of healthy competition will benefit everyone.

North Korea is capable of pwning Sony. Whether it did is another matter

Alister

Re: @Trevor_Pott "They've reversed the polarity on the tachyon inverter"

If that is not a Star Trek reference than I do not know what is. James Doohan would have very happily delivered that line.

I think it's a combination of Star Trek and Doctor Who.

Jon Pertwee once ad-libbed "reverse the polarity of the neutron flow" and it became a bit of a catch phrase for the Time Lord, but "tachyon inverter" certainly smells more Trekkie to me, although more TNG than TOS.

Alister
Mushroom

They've reversed the polarity on the tachyon inverter and suddenly used the thermostat to overwrite the hidden sectors on the tablet that controls the nuclear reactor. Oh noes!

Trevor, you've done it now mate, releasing closely guarded details like that can only lead to you being picked up for terrist activities.

A font farewell to Fontdeck as website service closes

Alister

Re: A resourceful web developer

How can anyone using a third party service guarantee any kind of up time/latency/page loading times etc. to a client?

This, exactly.

One of our sites was responding incredibly slowly some time back, and we traced the problem to the loading of custom fonts - not, as it happens from Fontdeck on that occasion, but a different supplier.

The web team was getting flak from the client, and were a bit snotty about our servers when they passed it to the Sysadmin team, so we took great pleasure in telling them there was bugger all we could do about it, and gave them the support email of the font provider. :)

Alister
Unhappy

Cloud = Vapour

Our Web team use Fontdeck quite a bit for custom fonts, so this is going to hit them hard.

As with the reported shuttering of Adobe's Photo cloud, this does call into question why you would constrain your business to the point of reliance on a cloud based service, which may disappear at any time.

Granted, Fontdeck have tried to do this in the least disruptive way, instead of abruptly disappearing without trace, but if no-one else provides an exact replica of a particular font they currently supply, then designers, developers and clients will all have to start again picking a replacement, which all costs time and money.

So what incentive is there to use a cloud based service, given you could be left in the lurch at any time?

Remember Windows 1.0? It's been 30 years (and you're officially old)

Alister

Re: At Least Get an Old Person to proof-read the article

Windows 3.11 on the other hand was to me at least a notoriously buggy interim release, quickly replaced by Windows 95 (and my company skipped Windows 3.11 entirely; so I view 3.11 as the first _Vista_ type release - the one to ignore until the right one came along).

This is completely at odds with my remembrances, my experience was that Windows For Workgroups 3.11 was the first edition that gained any traction in a business environment, allied with the TCP stack add-on, and is certainly the first Windows edition I remember dealing with in any numbers. Prior to that we used to run MS-DOS and various custom front ends like XTree Gold.

Alister
Unhappy

Re: Why the hate for Me?

I think you must have been lucky.

I had personal experience of installing ME on a large number of machines, due to a misguided PHB insisting, and a more god-forsaken unstable piece of crap has yet to be found (yes, even Vista and Win8 were better!).

Without any exaggeration I think we left it a month before uninstalling it and going back to 98SE - no small undertaking in itself.

This was on a range of hardware from different manufacturers, so it wasn't just a single model of PC.

Alister

A couple of thoughts...

Firstly, you really should have included Windows 2000 in the "Good", to my mind it was the most reliable, bomb-proof OS they produced, especially with SP4 plus.

Secondly, although Vista was unmistakeably awful in it's own right, one of the big reasons for it's failure was Microsoft's then policy of not releasing details of the new OS to hardware manufacturers until the last minute - on the grounds of secrecy - which meant that when the OS was released almost nobody had got round to writing Vista compatible drivers for most common hardware, including graphics cards, sound cards, network cards etc. so you were bloody lucky if your chosen hardware would work properly.

Science Museum trumpets Da Vinci expo

Alister
Boffin

Amongst the exhibits on display you will find the following:

A machine capable of travelling submersed in a marine environment, the "Going-Under-The-Water-Safely Device"

A device invented to encrypt and decrypt messages, the "Engine for the Neutralizing of Information by the Generation of Miasmic Alphabets"

A machine to make coffee really quickly "The-Very-Fast-Coffee-Machine"

A device to propel a small projectile accurately and quickly, "The Gonne".

We chew over CCS Insight's look into the fu-ture-ture-ture-ture

Alister
Mushroom

We're all DOOMED! Doomed, I tell ye...

World needs 252,288,000 seconds to decide fate of leap seconds

Alister

Re: Why the high degree of granularity?

Do you really want to live in a world when things are out by an hour?

Exactly! What about lunchtime, or beer o'clock!.

What we need is for them to take off an hour now, and then gradually add a second for the next few years...

Ofcom asks: Do kids believe anything they read on the internet?

Alister
Mushroom

...she sulked off to her room and spent the spare time she gained reading real books!

The Anarchist's Cookbook, for example?

Short weekend break: Skegness or exoplanet HD 189733b?

Alister

Re: Skeggie? Why oh why?

The ONLY place on the east coast colder than Skeggie is Hunstanton. Winter clothes needed for August in both places.

Rubbish, you should try Scarborough, a more joyless place is hard to conceive.

Oh, and what about Grimsby - the clue is in the name :)

Looking for a council house in Sheffield City? Meet your fellow tenants

Alister
Facepalm

A spokesperson from Sheffield City Council said: “... We noticed immediately and recalled the email and alerted data protection officers."

The very first lesson in school ICT, and in all these IT literacy courses should be "YOU CAN'T RECALL AN EXTERNAL EMAIL!"

I bet they feel so proud they recalled it immediately...

Shame...

One-armed bandit steals four hours of engineer's busy day

Alister

Re: Hands up if...

Hands up if...

...You've been the one to have to do a long drive to switch a box back on after you got confused between "Restart" and "Shutdown"

Never sure if it's more embarrassing explaining to the boss why you suddenly have to drive to the other side of the country (UK only), or explaining to an onsite technician that you fucked up, and please can he wander along and restart it...

eBay scammer steals identity of special agent investigating him

Alister

one count of stealing a special agent's identity

Is that really a specific offence on the statute books? Wow, they do think ahead, don't they!

Rise of the handy machines: UK gears up for first Robotics Week

Alister
Boffin

Bring Back Robot Wars!

That is all

Telecity's engineers to spend SECOND night fixing web hub power outage

Alister

Amazon AWS EU-West1

We run some monitoring software on a VM instance in Amazon's EU-West cloud, which we use to keep a check on our servers which are in various datacentres around the UK. Yesterday at about 14:00 GMT we started getting buried in alert emails, as the AWS instance couldn't see any of our stuff in Union Solutions, 6Degrees, Node4 and various other providers. We ended up turning the monitoring off, and weren't able to start it again until past 19:00 GMT last night, and it's still a bit flaky today.

Rap for wrap chaps in crap email trap: Chipotle HR used domain it had no control over

Alister
Facepalm

Similar example

A newish developer with our company, who was working on some bulk mail software, decided to create his own test email addresses by running his fingers up and down his keyboard, and then inserting a dot before the last two or three letters. He did this for about 1,000 addresses, and then sent them all a test email.

He was successful in creating quite a few real domains using that method and we ended up fielding a lot of bounces, including some from an obscure military establishment in the US...

I wasn't best pleased, especially since we have our own test email server with a specified domain set up for sending to.

Brit cops accused of abusing anti-terror laws to hunt colleague

Alister
FAIL

Re: Entirely too distracted

Sorry, wrong Cleveland...

Telecity London data centre outage borks VoIP, websites, AWS...

Alister

Telecity refused to comment when The Register phoned them to ask what had happened.

Oh! You managed to get through then?

Pope instructs followers to put the iPhone away during dinner

Alister

Re: Expert

@dan1980

Before the ubiquitous availability of Internet access and use of mobile devices, there was very little opportunity for families (or friends) to communicate with each other through the day and this, naturally puts a large focus on those times when it is possible to have a conversation.

But that was then. Now, families have the ability to communicate very nearly whenever they want. Through social media and mobile phones, I would suspect that many parent know more about their where there children are and who they are friends with and what music and activities they like than they ever did before.

The thing is though, Dan, that communication is all very well, and you are correct that it is easier and more available now, but the ability to communicate is notthe same as proper social interaction, and in particular the close family interaction which you get from regularly eating together or gathering together.

There is strong evidence to suggest that the children of families who set aside time to get together regularly are more confident socially, and in particular young children's language acquisition and literacy development are much better in families who regularly eat together than in children from families who rarely spend time together.

Decoding Microsoft: Cloud, Azure and dodging the PC death spiral

Alister

Microsoft is a long way behind Amazon Web Services (AWS) in the IaaS (Infrastructure as a service) market but makes up for that to some extent by a huge SaaS (Software as a Service) presence with Office 365,

Whilst this is undoubtedly true, Azure does have one distinct advantage, and that is the cost of Database storage if you need to use Microsoft SQL.

Unsurprisingly, to bring up a Windows Server 2012 VM with SQL Server 2014 on it requires software licensing, however Microsoft deliberately undercut their normal SQL pricing to make it a no-brainer to choose Azure over AWS.

Apple's OS X App Store downloads knackered by expired security cert

Alister
Facepalm

But you'd have thought a company with the vast resources of Apple could assign someone to keep an eye on such things.

Umm, I would argue that in a company of Apple's size, (or Google, or Microsoft, or Facebook) then it's likely to always be someone else's job, whereas in a small company it will definitely be assigned to a single individual.

And even then, it's possible to miss one... ask me how I know...

Royal Mail mulls drones for rural deliveries

Alister

Re: "Jumping enthusiastically onto the airborne parcel bandwagon"

over the top pie-in-the-sky ideas

Quite apt considering we are discussing aerial drones, but we must ensure these ideas don't end up in-your-face...

What the Investigatory Powers Bill will mean for your internet use

Alister

Will investigators have powers to examine web server logs?

Yes, for those based in Britain.

So, as someone who currently hosts a load of websites for friends, when am I going to be instructed as to how long I need to hold web log data from my servers?

And. as a Sys Admin for a company that hosts thousands of web sites in the UK (but is not an ISP by current definition) when are we going to be formally informed as to our obligations regarding log data? At present there doesn't seem to be a clearly defined period for which we have to hold logs, nor is there much information about when we should destroy log data.

Trident test-shot startles West Coast Americans

Alister

A likely story...

<tinfoil hat mode>

They say it was just a Trident launch now, but we all know it wasn't anything from Earth. They'll be telling us next it was swamp gas from a weather balloon that was trapped in a thermal pocket and reflected the light from Venus....

</tinfoil hat mode>

Swedbank smacked by DDoS attack

Alister

It wouldn't happen to be in the same data centre as ProtonMail, would it?

Fancy flying to Mars? NASA's hiring

Alister

Brian Kelly, director of Flight Operations at the Johnson Space Center, described right now as "an exciting time to be a part of America’s human space flight program".

Until the next round of budget cuts, anyway.

ProtonMail still under attack by DDoS bombardment

Alister

The chances are this attack is sponsored / carried out by one or other of the five-eyes. End-to-end encryption! not allowed!

Licence to snoop: Ipso facto, crypto embargo? Draft Investigatory Powers bill lands

Alister

So, who's going to pay for the ISPs to store all this data then?

To the best of my knowledge they don't, at the moment either log or store http(/s) requests for each subscriber, so to implement this will require some serious outlay in equipment and storage.

Man hires 'court hacker' on Craigslist ... who turned out to be a cop

Alister

Landis pleaded guilty to felony counts of computer trespass, tampering with public records, and unlawful use of a computer.

Why?

He didn't do any of that, in fact nobody did, he just tried (unsuccessfully) to hire someone else to do it?

He could be convicted of intent, but surely that's a different charge?

Volkswagen: 800,000 of our cars may have cheated in CO2 tests

Alister

Re: Hint - time to blame cheap offshore programmers?

Careful, if governments get the idea that beer contributes to global warming, we're all in the shit.

No, no, no! Shit is a proven contributor to global warming, you must not end up with more of that.

Met makes fourth TalkTalk arrest, this time a London teen

Alister

Are all these teenagers actually just contributors to the DDOS - maybe they were amateur users of LOIC?

It certainly feels like low-hanging fruit is being plucked.

Spanish town trumpets 'Clitoris Festival' thanks to Google snafu

Alister
Thumb Up

Re: What's "cheapskate" in Galician?

Exactly, no-one should be using Google translate for official documents (or websites), it just isn't clever enough yet to deal with the myriad of variations in human language.

And people misuse it without checking what it is the algorithms think they are translating, too.

Al

TalkTalk downplays extent of breach damage, gives extra details

Alister

Re: Luhn Check to Retrieve card details

believe PCI-DSS should be much more restrictive than it currently is and not allow masked details to be included in the same detail as the encrypted card number as you are basically making breaking the encryption easier.

I think you are misunderstanding.

The encryption is applied to the stored data, which is only the first 6 and last 4 digits. There (should be) no circumstance where the full card number is stored in any format.

Whether Talk Talk followed this is, of course, open for discussion.

'Govt will not pass laws to ban encryption' – Baroness Shields

Alister

Re: No one planned to ban encryption

Few people have a legitimate need for encryption so it's a lot of noise over nothing.

A-Huh. So only a few people use credit cards, or have confidential data? So you'd be quite happy for anyone to be able to access all your bank details and personal information?

UK.gov plans to legislate on smut filters after EU net neutrality ruling

Alister

These providers will not be able to block or throttle traffic in their networks or give priority to some particular content or services in exchange for payment.

To be fair, the telling phrase is that one in bold, and shouldn't have any impact on government imposed filtering, which (should) not be driven by commercial interests.

Bacon can kill: Official

Alister

Re: @Zog: {Sigh}

Btw rivers and canals are much nicer to cycle along than roads, especially in London.

If a little damper, and more effort due to the drag of the water...

Mystery object re-entering atmosphere may be Apollo booster

Alister

Re: @Alister

@ Graham Marsden, Yep, having waited so long for the sequel to appear, I was very disappointed with the eventual release, far too much psychobabble and soap opera. When you think of the classic hard sci-fi that Clarke had previously produced, the follow-up to Rama could have been so good :-(

Alister

So, scientists have discovered what appears to be a cylindrical body, which when measured, appears to be hollow, rapidly approaching the Earth from space...

I for one would like to welcome our Raman visitors,

and look forward to the next two...

It's all Me, Me, Me! in Doctor Who's The Woman Who Lived but what of Clara's fate?

Alister

Re: Osgood is back !

Osgood got killed off by Missy last season, so why is she back now?

I mean, I always liked Osgood and was disappointed when she was killed, but you can't just blatantly ignore it and shove her back on next time you want to do a UNIT episode.

I'm guessing that they will retcon it so that the Osgood who Missy killed was the Zygon one, and not the human one.

TalkTalk plays 'no legal obligation' card on encryption – fails to think of the children (read: its customers)

Alister

Journalists reporting on this and other recent cases seem to think that the PCI-DSS is a set of strict Regulations, all of which must be met to gain PCI compliance,

This is not actually the case, PCI-DSS is a collection of recommendations for best practice, but they are not "laws", and in fact so long as a valid reason can be given and noted in the risk register, most of these recommendations can be set aside.

The classic case is in the matter of SSL cypher suites. If you follow PCI-DSS to the letter, and turn off all the cypher suites that are considered insecure, then a large percentage of the internet would be unable to browse your website, only those with the newest browsers and operating systems which support the newest cypher suites would be able to make a secure connection.

Curiously, one PCI audit we had, the QA wanted to fail the us because the firewall rules allowed https connections to the load balancer from any IP - this is a public facing website!!

None of this excuses how TalkTalk have handled this, though, just thought it worth setting the record straight.

Fully working U-Boat Enigma machine sells for $365,000

Alister

I hate to disappoint the owner but I think the manufacturer stopped producing patches for the known vulnerabilities long ago.

Wait, what!! They never said anything about vulnerabilities when they sold it??

Alister

Purely as an academic exercise, I wonder how long it would take a standard desktop PC running an emulated bombe to crack and decrypt something encoded with this machine.

Would it be a matter of hours, minutes, or seconds?

Bacon as deadly as cigarettes and asbestos

Alister

Re: Another balancing article from the 'Fail

On the very same day, the 'Fail runs an article about a consultant gastro-enterologist saying that he recommends the eating of red meat. Which article are we to believe?

Ah, this is what they'd like you to call "balanced journalism"...

How to stop ICANN becoming FIFA of the internet – a plan forms

Alister

How to stop ICANN becoming FIFA of the internet

Promise never to employ Sepp Blatter?

UK/China cyber security deal: National security attacks still OK, it seems

Alister

The Register has not received any explanation of what the particular mechanism for the "high-level security dialogue" will be.

64bit RC4 cypher...

or possibly ROT13

:)