You had me until the bit about "I don't think China is really interested in Taiwan". China is interested in anything that isn't nailed down and quite a bit that is. Not that they are unique in this. Just saying.
Posts by Robert Helpmann??
2583 publicly visible posts • joined 31 May 2011
Page:
Taiwan cracks down on China spying on tech firms
Privacy and computer security are too important to be left to political meddling
Re: Obligatory Reply
I look at the "What do you have to hide?" question in reverse. One of the things a right to privacy ties into is the presumption of innocence as far as the government is concerned. If there is widespread surveillance, then it implies a disregard for this. Also, while this argument is focused on government access to our lives, companies such as Meta profit greatly by eroding the concept of privacy and that we should be concerned with it at all. They have taken the approach of catching users while young and training them up to think that it makes sense to make public their private lives. Government and industry efforts play off each other in this regard and are a blight.
Facebook is one bad Chrome extension away from another Cambridge Analytica scandal
Re: Deflect and play down
As part of that deal, Facebook committed to limiting third-party access to user data.
Unless they get paid for it, in which case profit.
On a personal note, I recently posted to FB for the first time in several years. It was a quick note about a Magritte print I had never seen before. I can only guess at the consternation this caused the algorithms Meta employs to track users. If they can make a profit off that, more power to them.
UK cybersecurity revenue up 14% on last year to £10.1bn
Google expands Privacy Sandbox to Android
Re: Google's track record
... if only there were a way how to extricate oneself from Google's tentacles and acceptable forward security of private data...
If only? It takes effort and therein lies the rub. Google makes it easy to access a lot of important services all in one go. Any direct competitors to Google do pretty much the same thing with users' data and any secure, user-oriented services that cover any of Google's suite are very focused on just one or two areas. Few folks are willing to make the effort to secure their digital lives or to go through the hassle of shopping around, but it is possible with effort to avoid Google's trap.
Russia 'stole US defense data' from IT systems
Microsoft prepares for its staff to return to Washington sites
Re: "Remember to keep the Windows open"
WA isn't even in the top 10 for the rainiest states.
The eastern half of the state doesn't get much precipitation because of a few annoying hills blocking clouds getting there, so on average Washington state is not the rainiest, but where most of the people are (along the coast) there's plenty of the wet stuff to be... enjoyed.
IBM HR chief insists 'no systemic age discrimination'
Re: Utter Management Stupidity
This is a prime example of the utter stupidity of senior executives in American Corporations and how they are so focused on the immediate cost reductions and not even aware of the long term costs of their actions.
I think you are confusing lack of awareness for lack of concern.
IBM looked to reinvigorate its 'dated maternal workforce'
Sophos: Log4Shell would have been a catastrophe without the Y2K-esque mobilisation of engineers
...the Log4Shell vulnerability has made it clear just how dependent some companies are on open-source components they don't even know about, don't contribute to or don't have a support contract for...
So open source doesn't equate to freedom from contributing to and maintaining the health of the tools being used? There ain't no such thing as a free lunch!
No more Commercial Space Astronaut Wings after this year because FAA has been handing them out like candy
Re: Raising the bar
...Virgin's joy ride sled should be a special case... anyone who has the guts to [climb aboard] deserves some form of recognition.
There is always the Darwin Awards. Maybe create a category for special effort?
*Mine's the one with a dog-eared copy of On the Origin of Species in the pocket.
Newly discovered millipede earns its name by being the first to walk on one thousand legs
WTF is a 'software-defined community cloud'?
Re: Google gargling at its best
Google has history in providing products with marginal functionality targeting business rivals' cash cows. They do not do it to give the users of these products something worthwhile. Rather they seem only to want to screw with their opponents in the tech sector. I can think of no better explanation for any of the Google Workspace products that are similar to the Microsoft Office suite. Microsoft responded with Office 365, so mission accomplished. It looks like this cloud product is there to compete by buzzword. I wonder how Amazon et al will reply.
GPU makers increasingly disengage from crypto miners
Re: "more troublesome than real money without any real advantage"
the whole thing with blockchain, and bitcoin (and all it's clones/derivatives/etc.) is that it's using increasing amounts of power and compute for something that is at the end of the day, a thing to barter with.
That was a design choice in that it was intended to prevent there from being an infinite amount of a given currency. What happens when quantum computing matures a bit more and there is essentially an infinitely greater amount of the stuff to be made for the same cost of resources?
BOFH: You drive me crazy... and I can't help myself
Singaporean minister touts internet 'kill switch' that finds kids reading net nasties and cuts 'em off ASAP
Warehouse belonging to Chinese payment terminal manufacturer raided by FBI
Teen bought Google ad for his scam website and made 48 Bitcoins duping UK online shoppers
Re: Will he get a job offer?
Upvoted because I agree with the sentiment though not the particulars. I would not consider running a scam to be a good entry into security work. Definitely put him to work, but if he wants to learn the technical side, I don't think that should be done as part of the deal.
YouTubers fell for shady 'sponsors' who seized, then sold, accounts
Better late than never: Microsoft rolls out a public preview of E2EE in Teams calls
Where to Start?
I have to use Teams for my work; we are moving from another functioning application to it for chat. Unfortunately, it is like a lot of MS changes in that it does exactly what the old thing did, but differently, with different menus and slightly different abilities and limitations. Change should be a means to the end of something better but not be a goal in and of itself. As things stand, so many upgrades and new products are just that.
Online harms don’t need dangerous legislation, they need a spot of naval action
NFTs not annoying enough? Now they come with wallet-emptying malware
Re: ???
So "Investors" in an NFT exchange that is used b[y] people to make virtual money on virtual things get their virtual wallets emptied.
Yes, three layers of abstraction separate them from reality. Perhaps they will manage to transcend this mortal realm to become virtual beings. We should be so lucky!
Chinese developers rebel against long working hours with crowdsourced tell-all on employers
Re: Perhaps we could have a version of this for the west as well
I've never understood the reasoning behind making newly graduated doctors work 36-hour shifts...
IIRC, it started because a doctor running a research hospital stayed up for insane hours and expected everyone else to work the same way. After that, it's all economics. Cheap labor, reduced liability and tradition. It is not done the same way in all countries and those that don't do not have worse medical outcomes on average for having relatively sane working hours for their interns.
Fatal Attraction: Lovely collection, really, but it does not belong anywhere near magnetic storage media
A student at a school where I worked would take all her projects home with her on floppy over holidays. She would inevitably come to me after class resumed with a corrupt disk asking me for help in retrieving files. I initially thought she was buying some cheap disks but finally asked her about what she did when she got home and what happened to her disk over the break. Turns out she was afraid of losing the thing and stuck it on her fidge with a magnet as soon as she walked through the door so she would know where it was when she got ready to go back to school. She never lost the disk, just the contents.
Ukrainian cops cuff two over $150m ransomware gang allegations, seize $1.3m in cryptocurrency
Educating people, communicating multiple times, giving examples...
Agree with all of the above, but there also needs to be consequences when users inevitably fail to follow guidance. They need to understand that it's not just about listening to a lecture and nodding, but that failing to act right will affect them personally.
Google to auto-enroll 150m users, 2m YouTubers with two-factor authentication
Re: And because we know the best way ...
...because its Google doing it, its now really creepy.
It's not Google is using it that makes it creepy, it's how they will use it that does it. They already have a lot of information about their users. I am sure Google will be able to leverage this to embed themselves even more into their lives.
From the article: ...this code could be generated by an app on your phone or emailed to you...
So to get into my Google account, I could have them send the passcode to my Gmail address that I now have to use 2FA to get into? Also, how is this going to work for those of us who are not allowed to use our cell phones at work (yes, this is a thing) but are allowed some reasonable access to personal email and other web resources?
Want to check out Windows 11 but don't want to buy a new PC? Here's how to bypass the hardware requirements
Windows 11 in detail: Incremental upgrade spoilt by onerous system requirements and usability mis-steps
Confusion at Gare de Rennes as Windows shuffles off for a Gauloise
Waymo, Cruise get green light from California's DMV for self-driving taxi services
Re: --As-a-service is nothing new
Cost per mile is how taxis charge over here.
But that is not how cars that are not rentals or leases are generally dealt with. XaaS is just a new way of saying you rent something or it is a subscription. When you buy something, the expectation is that you do not have to continue to pay for it to be allowed to use it. You may have to pay taxes or purchase operating supplies or an operator's license, but not continue to pay for the use to the entity you bought it from. This is basically the difference between ownership and not. Being able to tell someone they own something but they have to pay you to use it is a scam.
Revealed: How to steal money from victims' contactless Apple Pay wallets
Computer shuts down when foreman leaves the room: Ghost in the machine? Or an all-too-human bit of silliness?
Re: Power socket on the lighting circuit?
It's pretty much standard practice in the US from what I've seen.
And it's annoying as hell! I always felt like this was some do-it-yourselfer's idea of the way to do things, but for some unknowable reason it caught on. Even more annoying is the lack of any indication a particular wall socket is wired in this manner. How to tell what wall switch goes to what thing? Switch them off and on then when some do nothing, run around the room searching for outlets, plug something into them, rinse and repeat. Still can't find the match? Open the wall switch to see if anything is actually connected or call in an electrician because at that point it is probably safer than finding out yourself what else is done badly.
'Quantum computer algorithms are linear algebra, probabilities. This is not something that we do a good job of teaching our kids'
Re: "Why not include critical thinking as well?"
The typical business risk assessment is "I think it's a three" - "that sounds about right".
For a fun experiment illustrating how the population as a whole fails to grasp these concepts, ask any large group of adults how many think they are above average drivers. Except in very rare circumstances, most will assess themselves as above average. People are generally crap at risk assessment and management.
'Extraordinary' pigs step in to protect Schiphol airport from marauding geese
Re: White wine with geese, I presume?
It depends on whether the bird is wild or domestic. For domestic, I would go with something crisp, like a Riesling. For a wild goose, I would go with a Malbec or similar or perhaps something like a Petite Sirah. I suggest including how the bird is cooked and what it is served with in deciding which to choose. Most important, really, is which wine you like, but these are where I would start given the opportunity.
ASUS patches ROG Armoury Crate app after researcher spots all-too-common flaw
Ransomware-hit law firm secures High Court judgment against unknown criminals
Yes, of course there's now malware for Windows Subsystem for Linux
Re: Microsoft! Leave our Linux alone!!!
It's Windows API(s?) allowing the Linux subsystem to access it all willy-nilly which is the problem.
Which begs the question of how to restrict the subsystem while still allowing it to do worthwhile things. The description in the article sounds more like the reason the embedded Linux bit in Windows was being used is that it is an unusual source of any behavior and thus likely to evade detection by existing anti-malware rather than that it does anything special.
Tick, tick, tick … TikTok China just limited kids to 40 minutes' use each day
Ex-US intel, military trio were cyber-mercenaries for UAE, say prosecutors
Re: it does not make much difference to me.
That's not quite the implication, though I can understand how you arrived at that. Spies are gonna spy, but they have to follow rules of engagement. If I understand correctly, all the Americans involved in spying formerly worked for the US government and they had to sign binding documents saying they would continue playing by the rules... which they failed to do and got caught out. The US government has a separate agency for spying on its citizens and want it to have a monopoly on doing so. No different from every other government out there.
Ransomware crims saying 'We'll burn your data if you get a negotiator' can't be legally paid off anyway
BOFH: Pass the sugar, Asmodeus, and let the meeting of the Fellowship of Bastards … commence
Russia: Forget about the Nauka incident. Who punched the hole in the Soyuz, hmm?
What happens when a Chrome extension with 2m+ users changes hands, raises red flags, doesn't document updates? Let's find out
Trump administration bans eight Chinese apps
Why WPS Office?
I wonder what the impetus was on banning WPS Office?
This is exactly the issue, isn't it? What are the details that led to the decision? It's one thing to say "China bad therefore Chinese apps bad" but at least some of us want to make informed decisions and want a reasonable amount of transparency from our leaders.
Micropayments company Coil distributes new privacy policy with email that puts users' addresses in the ‘To:’ field
how we interface with our mailing list provider
Another business that takes security so seriously that it trains its customers to be phished.
More like another company that takes security so seriously, it farms it out to unspecified third parties. Nothing like increasing the corporate attack surface as a security goal.
Apple's privacy pledges: We sent dev checks over plain HTTP, logged IP addresses. We bypass firewall apps
Check This Out...
Finding out what is happening in a target's environment is a typical first step in most hacking attempts. Having a setup that makes known what applications you use and when you are apt to be using them seems like a way to make a hacker's life easier. It really doesn't take much imagination to figure out how to use this against a target.
BOFH: Rome, I have been thy soldier 40 years... give me a staff of honour for mine age
Adventures in SQL Server 2019: Microsoft updates the update that broke the update
Burning down the house! Consumer champ Which? probes smart plugs to find a bunch of insecure fire-risk tat
Re: The stupid, the lazy and the first mover
"No, it's from Amazon, that makes it secure".
I wonder if Amazon takes the same approach to vulnerabilities as MS in rating severity on the risk they incur by vulns existing rather than by the potential outcomes to their customers.
Icon: As appropriate to IoT as anything.