Posts by spellucci 29 publicly visible posts • joined 30 Jun 2011
This seems to only protect an organization whose data is encrypted in its database with an unknown key. The other risk in ransomeware attacks is that of having the organization's data exfiltrated and held for ransom by the criminals. I do not see how DBOS will address that risk.
IMPORTANT: This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humor or irrational religious beliefs. If you are not the intended recipient, any dissemination, distribution or copying of this email is not authorized (either explicitly or implicitly) and constitutes an irritating social faux pas. Unless the word absquatulation has been used in its correct context somewhere other than in this warning, it does not have any legal or grammatical use and may be ignored. No animals were harmed in the transmission of this email, although the Yorkshire terrier next door is living on borrowed time, let me tell you. Those of you with an overwhelming fear of the unknown will be gratified to learn that there is no hidden message revealed by reading this warning backwards, so just ignore that Alert Notice from Microsoft. However, by pouring a complete circle of salt around yourself and your computer you can ensure that no harm befalls you and your pets. If you have received this email in error, please add some nutmeg and egg whites and place it in a warm oven for 40 minutes. Whisk briefly and let it stand for 2 hours before icing.
I had the devil of a time parsing the Queen's English title to this story. Yes, I'm from the other side of the pond.
"Bright spark dev irons out light interference"
What is the verb in the title? Spark? No, sparking a dev iron doesn't make sense. Out? Better, in the sense of exposing or "outing" something. But what does it mean to have a dev iron expose light interference? Light? No, too far into the sentence. Iron, as in iron out? Ah, now we're getting somewhere. But what is a spark dev, and what does it mean for a spark dev to iron out something? I think I need to go back to school to study English at Cambridge on the River Cam instead of Cambridge on the Charles River.
A big IoT issue is the number of devices that do not auto update, and as a result fall prey to being commandeered into botnets. My Really Lousy Idea (TM) is that if a consumer owns a device that gets taken over and used in, say, a DDOS attack, that consumer is held accountable for damages. Imagine the damper that would put on buying IoT devices that are not really damn secure, or at least auto update.
Americans,
You are big consumers of this IoT stuff. And big producers of law firms. Can we arrange for you to create a class action lawsuit or two? Lawsuits that hold individual IoT owners liable for their unpatched devices contributing to, say, the DDOS attacks that those devices take part in.
"If you own device X, and you cannot show it was fully patched, you are hereby assessed $50,000 for damages your device caused." When said device cost $50. That will slow down sales. And have the manufacturers make sure their devices can be patched so we can at least have a chance at keeping them secure.
Sincerely,
Well, everybody
I get the frustration but YIKES is managing an update stream as complex as the Windows Update stream a complicated beast. I am happy for Microsoft to test all the interactions of all the different updates and make sure that that particular mix of updates works together. For me to disable one of those updates would require me to have knowledge of the update interactions that I would not want to have to wade through, thank you very much.
Here is what I wrote to Mr. Rosenstein today.
Dear Deputy Attorney General Rosenstein,
You made an important case for public/private partnership in your remarks to the 2017 North American International Cyber Summit. At the end of your remarks, however, you undermined the credibility of your message by asserting, without proof, that it is possible to have strong encryption that is both secure and available to law enforcement, and that the challenges involved are simply engineering ones.
I was taught in school that ignorance of the law is no excuse. Likewise, ignorance of the fundamentals of encryption does not excuse the fallacy in the both-secure-and-available claim. If authorized individuals can access an encrypted message, then so can unauthorized individuals. Please do not set policy based on the false assumption that this issue can be somehow worked around by engineering. This is not an engineering problem and does not have an engineering solution.
This bug only affected Firefox users and was fixed in version 4.1.21a. See https://blog.lastpass.com/2016/07/lastpass-security-updates.html/ for details.
Decent Security has a workaround for Windows 7 clean install issues: https://decentsecurity.com/enterprise/#/windows-7-fast-update/.
This is more of an enterprise solution, as the author says the solution is "unwieldy" but it might get you past the known issues of trying to use the unpatched Windows updater.
Could you, or any other kind readers, determine the actual topic of this article? I read through it a number of times, but could not tell what was real, what was the author enjoying the writing, and what the story was about. Many pardons if it is obvious to others, but I didn't get it.
There is a family story from the '60s or '70s about a man in Bourne, MA, USA who covered a box kite in aluminium foil, attached battery-powered lights, and flew it after dark on a r-e-a-l-l-y long string. He was listening to the police radio to see who noticed. The nearby Otis Air Force Base, that's who. He reeled the kite in rather quickly when the Air Force scrambled two fighter jets to intercept it.
My teenage sons both have iPhone 4 phones that are just about to be able to replaced for free through my mobile carrier's two year contract renewal plan. I showed them the new iPhone 6s yesterday, and both of them said they wanted to go Samsung. What?!
My eldest said he uses his phone primarily for music, and he is tired of the loss of more and more of the features he likes due to software bugs. That resonated for me, because the only reason I buy iPods, and I have bought several, is to listen to podcasts. The podcast features I like have slowly disappeared over time due to software bugs. (E.g., I used to be able to sync the podcasts to my iPod and listen to them in order--feature now broken. E.g., the podcasts used to be removed from my smart playlist as I listened to them on the iPod so the most recent unheard podcast was always at the top--feature now broken.)
Is the technical debt of Apple's software catching up to them in a way that will dampen new sales? In my small market survey,100% of iPhone users' reaction to the new iPhone is not to get a new one--for free--or even an old one, when their contract is up, but to switch to Android.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
