* Posts by Robert Helpmann??

2583 publicly visible posts • joined 31 May 2011

Sony boss: Nork megahack won't hurt our bottom line

Robert Helpmann??
Childcatcher

Re: A new measurement?

This unit should be known as the 'bollock' (abbr: BOLX).

You can have your BOLX if I can have my Hoover* (unit of measure of power). Besides, I got into IT as an escape from becoming a trick cyclist, so probably not even then.

*Sorry, couldn't link directly to the entry.

World's largest ship swallows 900 MEGATINS of baked beans

Robert Helpmann??
Boffin

UOMs!

El Reg measurement units are of course the standard units of choice...

Two units of measure are missing from the pantheon: time and power. I humbly nominate the Hoover to fill in the void for the measure of power:

...the CSCL Globe's massive two-stroke engine... "operates” at 56.8 megawatts... the equivalent of almost 38,000 1,500-watt vacuum cleaners"

Thus 1 H = 1,500 W

Anyone want to have a go at a UoM for time?

NASA closing on fix for Opportunity rover's 'amnesia'

Robert Helpmann??

Re: rover's flight software

Nice! I thought something similar and had a Google moment. Turns out that it isn't the flight software as it was replaced. From that font of all knowledge, Wikipedia:

Activities such as taking pictures, driving, and operating the instruments are performed in a command sequence that is sent from the flight team to the rover. The rover installed its full surface operations software after the landing because its computers did not have room for it during flight. The new software essentially replaced the flight software.

Will hottest CES gadgets be HOT TARGETS for hackers?

Robert Helpmann??
Childcatcher

Heavy Lifting

What, then, is going to keep advertisers/telcos/Google/Apple/etc from lifting all that data and using it for their own ends?

Why steal when you can get the users to just hand it over for free? The point of many gadgets and apps these days seem to be just that. That's why, for example, a simple solitaire app for my phone claimed to need access to every possible permission available including location and call records. Denied, by the way. It's good to see that someone sees security conscious customers as a possible market and is moving to fill the need.

Anonymous vows to avenge Charlie Hebdo massacre by blitzing jihadist sites

Robert Helpmann??
Childcatcher

Re: Whose freedom?

So anonymous are going to defend freedom of speech by denying freedom of speech?

Yeah, it's what they do. They probably even get the irony. Of course, if they really wanted to go for a full eye-for-eye treatment, they might do better to find the locations and identities of all those people against whom they are venting their spleen and post those details for all to see. Perhaps they are taking a more measured approach than they did after the Michael Brown shooting.

Thunderstrike shocks OS X with firmware bootkit

Robert Helpmann??
FAIL

Re: Fluff?

Have a thumbs-down for totally missing the blatant phishing joke! Simply put, the best and most common way to defeat really good technical defenses is through social engineering. This has been done over and over in all sorts of settings and in many different ways. Of course, you would never, ever fall for something like that... or understand it, for that matter.

Robert Helpmann??
Childcatcher

Re: Fluff?

Not so far on my PC with Windows + Secure Boot + Bitlocker + TPM. Zero known successful exploits of that to date.

Really? Send it my way and I'll have a go. It might take a while, though, so please be patient.

Boffins erect semi-hard 3D silicon: Pop-up micro-machines breakthrough

Robert Helpmann??
Childcatcher

What do you mean, "you nanobots?"

Where we're going next is to build multilayered devices with specific functions, and to go full CMOS.

Never go full CMOS!

Very interesting tech. I look forward to seeing it developed. They might do well to hire themselves a pitch man, though.

US watchdog boss pencils in net neutrality February showdown – report

Robert Helpmann??
Childcatcher

Re: A nice way of putting it..

They have had it too easy, too long, so whatever the FCC does I hope it makes them uncomfortable.

Phil Dude, while I have more of a quibble with every ISP I have dealt with than I do with you say, I should point out that you are describing the classic conditions for a competitor to step in and make some cash: high demand in an under-served market. Yes, there is plenty of government collusion in keeping monopoly players in business, but I have seen little movement on this in years. Surely someone somewhere would have seized this opportunity a while back if it actually existed.

Magic streaming beans? Sure, have my cow - music biz

Robert Helpmann??
Childcatcher

Elephant in the Room

Even low-res steaming can eat up a good amount of bandwidth in a month...

Add to that the underwhelming quality of many streaming services on the road and there is plenty of motivation to take it with you.

Fill 'er up: 'Leccy car firm Tesla brings back PUMP SERVICE

Robert Helpmann??
Childcatcher

Re: They still do this in Europe

Eddy Ito, you are not at all mistaken about either Oregon or New Jersey. As it happens, there are also municipalities that have the same requirement, too. In Oregon, the law was spurred by a someone driving away from the pump with the nozzle still in the car. This is a fairly common thing, but this time there was a spark that ignited the gas, burning the station to the ground. Every so often, some bright new political figure will attempt to make a mark by repealing this law only to be slapped down as quickly as possible. From what I have read about New Jersey, the same safety concern was cited when the law was passed. Both laws have been on the books quite some time and probably don't really make much sense in terms of a safety requirement any more. Keeping them on the books is more about jobs these days.

Google unveils Windows 8.1 zero-day vuln – complete with exploit code

Robert Helpmann??
Childcatcher

Re: "Aggressive disclosure policy"

I agree a 90 day lead time on public disclosure is reasonable, though not at all with the release of proof of concept code. Also, I cannot imagine something Microsoft would like more than to have it come out that one of its major competitors is selling on the black market. Say what you will about MS's products, their PR people would make good on an opportunity like that.

1,000mph ROCKET CAR project dogged by beancounters

Robert Helpmann??
Childcatcher

Re: There's no accounting for awesomeness.

... and no awesomeness in accounting!

Sony-blasting Lizard Squad suspects quizzed by UK and Finnish cops

Robert Helpmann??
Childcatcher

Re: I always find it horrifying

Q: What's the difference between the death penalty and life in prison?

A: With the death penalty, the state acts as executioner. With life imprisonment, the state acts as gay dungeon master.

Having worked in a medium security facility with juvies and declined to work in a maximum security facility with career offenders, I can tell you that they are filled up with people who make mistakes and that are often victims themselves. Yes, there are some bad people in there that thoroughly deserve to be incarcerated, but what is truly bad in this country, in my opinion, is the combination of mandatory sentencing for non-violent crimes and the privatization of the prison system. The first ensures the prisons are filled beyond capacity while the second ensures that the absolute minimum is provided in terms of service, safety and personnel while providing a business interest in expanding the practice.

One thing that this system is very good at is transforming minor offenders into felons. Imprisoning people for minor, non-violent crimes has exactly the opposite effect that any sane person would want from the justice system: more crime.

Ground control to 2014: A year in Space

Robert Helpmann??
Pint

Missed a few

Left off the list were the re-purposing of the Nuclear Spectroscopic Telescope Array (NuSTAR) to check out the sun and the continuing use of the Kepler space telescope to discover another far-off world. Also left off were the various space rock hits and near misses. There were many more bits that got left off, too, but I am too lazy to dig more than an initial search page worth of results.

Here's to 2014, a remarkable year for space exploration! May 2015 be an even brighter year for space (except for the part about the exploding rocket - we should leave that out).

Office MACROS PERIL! Age-old VBScript tactic is BACK in biz attack

Robert Helpmann??
Childcatcher

Re: "newly discovered attack" ??????

Then this becomes a user issue, not a security issue.

How are these mutually exclusive, other than for the assignation of blame? Of course the solution proposed in the article to limit who can use macros to those who have training, et cetera, poses its own inherent problems. Training would need to be made, given and maintained; an additional user group would have to be maintained (a non-trivial effort even in small companies); there would need to be real and meaningful efforts to enforce the restriction (it's easy to say "enforce by GPO" but that can sometimes have unexpected consequences) and to monitor those who are legitimately allowed to use them.

Barring not allowing macros at all (my preferred solution), it would be best to allow macros to run only on an air-gapped network with new macros only allowed on after being reviewed by someone qualified to check for malicious intent... after a suitably long waiting period. I am only half-joking.

SpaceX six days from historic rocket landing attempt

Robert Helpmann??
Childcatcher

Re: Centripetal?

Yeah, but isn't "centrifugal force" just inertia, at least as it is used in this case? It doesn't sound as impressive, though.

Analysts claim itty bitty iPhone Mini to land next year

Robert Helpmann??
Childcatcher

Re: or maybe...

They are working on a smaller version so that ...

... they can sell customers an "optional" wrist band with extra battery capacity. Voila, iWatch!

El Reg tests portable breathalyzers: Getting drunk so you don't have to

Robert Helpmann??
Joke

Wrong Test

Just take a couple shots and have some a blow!

I thought they were just testing for alcohol!

Survey: Tech has FREED modern workers – to work longer hours

Robert Helpmann??
Childcatcher

No Surprise

In another head-scratcher of a twist, however, 61 per cent of those surveyed said email was "very important" – more than gave that distinction to the internet itself.

I don't see this as much of a surprise having been through both e-mail and internet access outages. While people get upset they cannot get to YouTube and other internet sites, they really lose it when cut off from e-mail and go straight into DTs if forced to do without for just a few short minutes. What is shocking to me is that there are significant numbers of employers who reportedly do not block at least some web sites.

I would like to see what online services or sites make employees feel more productive. Having ruled out social media, my guess is on search.

*HIC*... tweet: Sloshed birdsh shlur songs, boffins say

Robert Helpmann??
Thumb Up

IgNobel

Scientists studied zebra finches because they were considered "a representative songbird and a premier model for understanding the neurobiology of vocal production and learning".

Translating from Boffinish, "We used zebra finches because we had some on hand." It's a well studied species, same as the fruit fly, rats and mice. I feel compelled to give them a thumbs up, though, for the timing of the publication. Happy New Year!

Sucker for punishment? Join Sony's security team

Robert Helpmann??
Childcatcher

Re: The First Step

No, what the article describes is basically offshoring your data center. It offers no more security than the example with which he contrasts the use of Google's services with the added illusion that everything will be handled by Google. Additionally, while conventional data centers offer a well-known set of challenges and requirements, people who are not up to properly managing a data center are apt to me equally ill-prepared to analyze the requirements of cloud-based data services. To paraphrase, "There are ways to put the absolutely most secret things on local servers. They just require a little work to secure."

Gmail falls over after hitting 'Great Firewall of China' – report

Robert Helpmann??
Childcatcher

Gained something in translation?

"China has consistently had a welcoming and supportive attitude towards foreign investors doing legitimate business here," she said. "We will, as always, provide an open, transparent and good environment for foreign companies in China."

I don't think this was intended to be funny, but it really was. Still, I wouldn't want to play Poker with someone that could come off with a line like this and keep a straight face.

German minister fingered as hacker 'steals' her thumbprint from a PHOTO

Robert Helpmann??
Childcatcher

Re: nit-picking time...

...in British English, it's spelled "defence". Note the 'c'.

As noted, the quibble is lousy. It is interesting to note that we Americans sided with the French on this word's spelling.

Internet Explorer 12 to shed legacy cruft in bid to BEAT Chrome

Robert Helpmann??
Childcatcher

Re: I can still

Yes, MS has displayed its corporate backside to consumers on multiple occasions, but if you weeded out all products solely based on the way the producing company acted, you would be stuck building all your own kit, writing all your own code, heck growing all of your own food, either by yourself or with others who feel the same way. My advice is to get over it, at least in cases that do not involve major crimes, and focus on the product itself. Yes, open source software is arguably a good route to follow, but it is not the only viable way. I don't know too many business models that are strictly open source, especially for larger entities and especially in regards to hardware.

I have run into issues with both Chrome and Firefox, so I would not be too quick to tout their virtues compared to IE. Professionally, my choices are proscribed by my employer, so I use what is available in my environment. Personally, I use a variety of browsers as I like to check how my website (such as it is) looks on each, but tend to gravitate to Opera. Make of that what you will.

Doctor Who's tangerine dream and Clara's death wish in Last Christmas

Robert Helpmann??
Childcatcher

Yippee-ki-yay

And since when does the Doctor get pop culture references?

One word: Geronimo!

SEXY GOLD FireFOXY LADY hits Japan in transparent kimono today

Robert Helpmann??
Childcatcher

Re: specs

It is a decidedly mid-level device being thrown into a high-end market, but it looks cool-ish. It's as though they figured out that Apple was onto something, but couldn't quite make out what it was.

Microsoft promises open plan mobile Office. Who sits by the Windows?

Robert Helpmann??
Childcatcher

Re: How

I think I may have a bit of xmas spirit inside me...

That's not pillows xmas spirit! ... Sorry.

I know it's emulation, but I wonder how Office would run under Genymotion or AndroVM. I guess I will find out soon.

HOLD IT! Last minute gifts for one's nerd minions

Robert Helpmann??
Childcatcher

Re: Burn, Baby! Burn!

I suspect that much of that sort of mockery is simply based on difference between the subject and the audience. Too, most world leaders at least attempt to project an aura of sophistication, which is squarely at odds with what Putin seems to be doing in these situations. It seems ironic that the folks here in the US most likely to oppose Putin on ideological grounds are also those with whom I most would expect those sort of pictures to resonate (yes, I'm talking about you Duck Dynasty viewers).

Robert Helpmann??
Childcatcher

Burn, Baby! Burn!

The Oatmeal's Sriracha Flamethrower Grizzly is my new desktop wallpaper. What an awesome gift!

JPMorgan Chase mega-hack was a simple two-factor auth fail

Robert Helpmann??
Childcatcher

Re: one one of the biggest data security breaches in history.

The only way to guarantee security is to fundamentally change the datagram.

AC, security is not an all or nothing proposition. What you are claiming is that if we implemented a non-routable protocol for internal traffic, we will have achieved perfect security. There will be no more breaches. No more malware, No more things that go bump in the night. While what you suggest has a reasonable place on a network, given that best practice for security would have you implement a layered approach, it should only be regarded as a part - and a relatively small part - of an overall security plan.

There are plenty of other attack vectors for bad actors to make use of as a cursory read through El Reg's security articles will reveal. From personal experience, I had to deal with plenty of malware on a campus network that had no TCP/IP installed (IPX/SPX and AppleTalk). Your enthusiasm is to be admired, but you are really missing a few details. You might try getting yourself a Security+ or CISP study guide for Christmas (or the gift giving excuse of your choice) and do a bit of reading. You should find it enlightening.

Robert Helpmann??
Childcatcher

Re: one one of the biggest data security breaches in history.

The only thing protecting the entire world against intrusion is code, software - firewalls - and code is never perfect, never foolproof. NEVER. The recent discoveries of Linux bugs even proves this.

OK, this is patently false. From a very basic perspective, there are both physical (e.g air-gapping and other physical access controls) and social (Have you ever heard of phishing or other social engineering attacks?) aspects that apply here. As far as the rest, well, if you throw a lot out there, some of it might stick.

ICANN's technical competence queried by Verisign report

Robert Helpmann??

Sounds like a plan!

Verisign is unhappy about the degree of progress however, sub-titling an entire section on the issue "Flying Blind".

So, much of the internet's basic workings are based on security through obscurity? Sounds about right.

Hack flings bootkits from Macs' Thunderbolts

Robert Helpmann??
Childcatcher

Thunderbolt devices used as spark gaps?

The attack could also infect Thunderbolt devices allowing it to quietly spread across network air-gaps.

Indeed, that would seem to be the primary use for such an attack. My question would then be how many organizations use Macs as the primary building block of their secure, air-gapped, networks? The other obvious worthwhile target is consumers, which calls into question the utility of such an attack as this would imply the need to recoup the costs of both the equipment and effort needed to carry it out.

New Zealand Supreme Court says Kim Dotcom search warrants were legal

Robert Helpmann??
Joke

Re: I don't get it

helicopters, dogs and armed police in what almost amounts to a paramilitary invasion of his residence for what is realistically a white collar crime

Hmm... that could work for a movie! Perhaps he should get one made about his ordeal and then retire off the proceeds. Oh, wait... file sharing.

Hilton, Marriott and co want permission to JAM guests' personal Wi-Fi

Robert Helpmann??
Childcatcher

Re: Jammers ???

The hotels are really just trying to help lawmakers keep up with current practice. The law suits mentioned in the article are simply instances in which they got caught. Preventing guests from using their own internet service is SOP for hotels. As was pointed out by a fellow commentard, high-end hotels want to charge for everything they can. Sadly, in this case they are hawking substandard service with atrocious security built in.

Shock! Nork-grating flick The Interview WILL be in cinemas – Sony

Robert Helpmann??
Childcatcher

Re: All a marketing stunt?

"Once considered to be a near-certain box office dud that even Sony executives apparently agreed was poor, the movie has rocketed to the top of the crowd-sourced Rotten Tomatoes and the IMDB rankings."

That, I assume, must have been entirely orchestrated by someone at Sony who subscribes to the view that there's no such thing as bad publicity.

Yes, someone was clearly awake during the PR 101 class taught at the P. T. Barnum School of Media, Entertainment and Advertising. Using Brendan Behan's version as a caution, though, Sony should keep in mind "there's no such thing as bad publicity except your own obituary."

GCHQ: We can't track crims any more thanks to Snowden

Robert Helpmann??
Childcatcher

Re: Suggestion for law enforcement

Why not start investing more in ACTUAL police and detective work ...

In order to catch a fox, you have to think like a fox? To be clear, I am not defending the government overreach that has been well documented on this topic, but misuse of a tool does not mean that it lacks valid uses. The tools the various three letter agencies are lamenting the loss of or lessened effectiveness of often have legitimate uses which are now out of reach due to past misuse. It seems disingenuous, though, to simply complain that they can't do the job because the well has been poisoned while still holding the vial. As far as building trust in the community: that pooch has been thoroughly screwed.

Easy Tinder prank hack lets you play stupid cupid

Robert Helpmann??
Childcatcher

That's just mean!

...you change all of his photos to pictures of Gary Busey...

But at least it wasn't Steve Buscemi.

Edu-apps may be STALKING YOUR KIDS, feds warn

Robert Helpmann??
Childcatcher

Spock's Beard!

"Check what information the app collects. Look at the app’s permissions to see if the app shares location, photos, contacts or other personal information," the FTC advises. "If it does and you don’t want your child’s personal information shared, then don’t download that app."

Or in a sane universe, the FTC could review apps targeting minors and require them to remove any such tracking mechanisms. In the physical world, making something available that may entice someone into harm falls under the definition of "attractive nuisance." How is setting up this sort of situation logically any different? Yes, parents should be involved enough to check things of this nature, but the government's assumption that even a sizable portion of the population understands what is actually being asked of them is, well. evil.

Facebook slammed for blocking protest event page at Russia's request

Robert Helpmann??
Childcatcher

Re: It's called capitalism

They're just different principles.

Yes, and they somehow lead to completely different outcomes depending on whether they are applied in the Middle East or in Russia. No Russian Spring in December, then.

Super Cali's futuristic Tesla batt swap focus – even though car tech test is an expected bonus

Robert Helpmann??
Childcatcher

Re: This is the only reasonable way it works

In reality what will happen is the power suppliers will do the same as happens with ISPs...

The cynic in me agrees, but it is worth noting that electric companies are regulated far differently than ISPs, as has been repeatedly brought up in discussions concerning net neutrality in the US.

Hipsters ahoy! Top Ten BOARD games for festive family fun

Robert Helpmann??
Childcatcher

Re: a board game isn't just for Christmas

Jenga? I understand it's used as a drinking game in some locales, so yes, that's good. I prefer Talisman* because it is quick and easy to learn, provides lots of entertainment (especially when characters get turned into toads!), and can be abandoned mid-game for use in endless who-would-have-won conversations later.

* The actual board game. The computerized version is a nice effort but just isn't the same thing.

Social sniffer predicts which Nigerian prince has the best chance of scamming you

Robert Helpmann??
Childcatcher

Perhaps a different approach is called for

Most people Tweet from their desks, log into Facebook during lunch, and are continually connected to both worlds so the division between the systems is flawed.

My first thought on this was that it is easy enough to reinstate the division with some properly configured firewall rules. There is less of a need to allow personal use of company resources now than 10 years ago given the widespread use of mobile tech to play online. Instead of any sort of reasonable push-back in this area, many businesses are embracing the BYOD fad. That direction will only end in tears!

(posted from work)

Cool Large Hadron Collider to fire into doubly powerful ring

Robert Helpmann??
Childcatcher

been cooled

So that's -29.155°Hn. Truly frigid, then.

Batten down the patches: New vuln found in Docker container tech

Robert Helpmann??
Childcatcher

Re: To be expected

Having your security functionality dependent on what file system version your OS lives on LOL?

So how is that not the case elsewhere? You will have a hard time enforcing ACLs on a drive formatted with some derivative of FAT (current examples include most thumb drives), even if you are using Windows. Sure, it would be better to bake encryption into Docker containers, and yes, Windows might offer some examples of a valid direction in which to proceed, but I would not be anxious to recreate the oft-confused difference between granting rights on a network share and rights to the contents of the share.

Blast-off! Boat free launch at last. Orion heads for space

Robert Helpmann??
Childcatcher

Re: Typo

So whats the temperature of a sheep in a vacuum then?

With the assumption of a soon-to-be-dead sheep placed into a vacuum, 1.90° Hn on average.

Sources:

Average body temperature of a sheep

The Reg online standards converter

El Reg Redesign - leave your comment here.

Robert Helpmann??
Childcatcher

Re: El Reg Redesign - leave your comment here.

The drop-down teasers are annoying, I click on a tab, move mouse down the page to start scrolling and the menu pops up for a fraction of a second, then disappears again. Very distracting.

... except when it causes you to click on the wrong article, then it's a pain in the ass. I haven't started digging through articles yet today, but this is my first impression of the new design and it is not good.

EDIT: I didn't realize the menu is stuck at the top of the page in stories (why different from the main pages?), but now that I have had a chance to read a story, I find it to be utter... words fail me.

Your data: Stolen through PIXELS

Robert Helpmann??
Childcatcher

And how do you prevent a cellphone or Google-glass like device from recording the display?

Well, it ought to be pretty obvious if you are at work and someone is holding a cellphone behind you while you beaver away. There are privacy screens that prevent shoulder surfing to a certain extent. Perhaps the next wave in security of this nature will involve a VR headset.

Charge Anywhere? More like Hacked Everywhere: Mobe cash biz admits 5-year security breach

Robert Helpmann??
Childcatcher

Re: "Keep calm and carry on"

Even after we know that you took action only "..after being asked to investigate fraudulent charges.."?

They obviously made some mistakes but seem both to have taken responsibility for them and to have reacted in a reasonable manner. In their statement, they note, "While we discovered the malware on September 22, 2014, it required extensive forensic investigative efforts to de-code it and determine its capabilities." So they did not blow off the victim as often happens, found and corrected the source, and then alerted their customers to the issue. Compare with the way the Hilton rewards program handled their recent breach (I have yet to be notified by them that anything happened and I have one of these accounts).