* Posts by Pomgolian

132 publicly visible posts • joined 26 May 2012

Page:

Kiwi hackers crack crap algo, showcase 40c-a-litre DIY fuel discounts

Pomgolian
Pint

Re: Just back from NZ

>Still more expensive in the UK. £1 per litre is about $2.20 per litre.

You should have stayed - it's typically around $1.70 right now, which works out at 77pence.

Rejoice, Penguinistas, Linux 4.4 is upon us

Pomgolian
Facepalm

Re: So will 2016 be the year of Linux on the desktop?

>I really, really do not understand why the majority of people who never leave the browser run >Windows.

Because Linux isn't always trivial to install. For example, I have three screens on my c2010 vintage PC. Why? because I haven't got desk space for 5. I tried installing Linux Mint 17.3. Sadly, if it actually manages to detect all three of my screen, two of the three suffer shocking refresh bugs -moving or scrolling a window results in a "mouse trail" of the previous position. More likely though it only detects two but won't let me move the mouse between the two. I've spent a good few hours buggering about with xorg.conf, installing proprietary drivers etc. Nothing. I'm not a complete noob - I was an RHCE 16 years ago. Sticking with Win7 Pro X64. Might try again next year or wait until support runs out whenever.

Patch now! Joomla attacked in remote code execution blitzkrieg

Pomgolian
Alert

Temporary Mitigation

I case any one wonders what it looks like:

194.28.174.106 www.example.com - [15/Dec/2015:08:50:49 +1300] "GET / HTTP/1.1" 200 22504 "http://google.com/" "__test|O:21:\"JDatabaseDriverMysqli\":3:{s:2:\"fc....eval(base64_decode(..."

Snipped to discourage skiddies.

A temporary mitigation is to block any user agent that contains the word base64 or eval:

if (strpos($_SERVER['HTTP_USER_AGENT'],'base64') !== false)

die();

if (strpos($_SERVER['HTTP_USER_AGENT'],'eval') !== false)

die();

Added to the top of index.php

WordPress.com ditches PHP for Calypso's JavaScript admin UI

Pomgolian
Headmaster

Had to read that twice

>The challenge is that WordPress’ venerable PHP code base

Was I the only one that read that as "vulnerable" the first time round?

Tech goliaths stand firm against demands for weaker encryption after Paris terror attacks

Pomgolian
WTF?

Asphinctersezwat

>If you create a product that allows evil monsters to communicate in this way, to behead children, to >strike innocents – whether it's at a game in a stadium, in a small restaurant in Paris, take down an >airline – that is a big problem.

That could equally apply to every single gun, bomb, drone and nuclear warhead the US ever produced.

Maybe if we just banned all weapons, then the bad guys wouldn't be able to use them against us?

Correct me if I'm wrong but the 'merkins have an extremely vocal redneck contingent defending their constitutional right to bear arms in case the old English Queen should decide to invade. Why single out encryption? Guns are the real problem.

Bacon as deadly as cigarettes and asbestos

Pomgolian
Headmaster

>Unsurprisingly, the Mail predicts economic porkocalypse,

Unsurprisingly, the Mail predicts economic aporcalypse

FTFY

Ireland moves to scrap 1 and 2 cent coins

Pomgolian
Childcatcher

Downunder too

Here is NZ and Aus, "Swedish" rounding is the norm. EFTPOS (bank card) transactions are very common and thus rounding doesn't really have much impact. Some smaller shops, convenience stores aka "dairies" have been known to round up even when paying by card. It's not enough to leave your scooter outside the dairy, nekminnit you're being overcharged. (Obscure NZ internet meme)

WIN a 6TB Western Digital Black hard drive with El Reg

Pomgolian
Angel

It doesn't take divine inspiration to pwn Donald Trump's website, but my god, it's soooo much fun.

Nice try, Apple. The Maxi Pad is no laptop killer – and won’t scratch the Surface

Pomgolian
Paris Hilton

Is it just me...

... or does "maxi pad" bring to mind feminine hygiene products rather than tablet computing?

Microsoft backports data slurp to Windows 7 and 8 via patches

Pomgolian
Terminator

Security Essentials

They really want this info - I am regularly in the habit of blocking hosts I don't like or adding other hosts while the DNS catches up in my windows hosts file. Never had an issue before, but after pointing settings-win.data.microsoft.com and vortex-win.data.microsoft.com to 127.0.0.1 Security essentials pops up a warning about "SettingsModifier:Win32/PossibleHostsFileHijack". Clearly it's a big deal for Microsoft, so it ought to be an even bigger deal for all of us to avoid it.

CVS shutters photo website in credit-card hack attack scare

Pomgolian
FAIL

Token Billing

Why the hell were they storing card details in the first place? There really is no real need to do that if you use a proper card provider who offers token billing. The token is completely useless to anyone except the merchant. This set of morons deserve to have the PCIDSS police crawl up their small dark passages and be made to squeal loudly.

Jamie Oliver's ministry of malware served slops AGAIN

Pomgolian
WTF?

Concrete5

@CKOne - I suggest you look again, preferably with your glasses on, a bright light and possibly a brain of some sort. It's Wordpress, no doubt about it. The page source is full of links to wp-content and there is no trace of any of the hallmarks of Concrete5, no JS variables in the page, no CONCRETE5 session cookie...

Concrete5 is one of the most secure CMS systems there is - got do a search on cve.mitre.org and you'll find barely a handful of issues for C5, versus several hundred for Wordpress, Drupal etc.

DON’T add me to your social network, I have NO IDEA who you are

Pomgolian

Re: Bit Sneaky. Reprinting That Particular Article During Dabbsy's Absence

>real whiskey

is actually spelt whisky, just so you're sure to be sure.

Aye-aye Eyeo, go safely on your way-o, says German judge

Pomgolian
Paris Hilton

Re: According to Eyeo, AdBlock Plus is used on 50 million devices

c:\windows\system32\drivers\etc\hosts

127.0.0.1 doubleclick.net

127.0.0.1 googleadservices.com

...

rinse and repeat

Mozilla to whack HTTP sites with feature-ban stick

Pomgolian
FAIL

>Mozilla, whose Firefox is used by a quarter of net surfers,

Yeah, right, they'd like to think so, but it's more like half that and dropping every month.

I can just imagine the response from the customer base when asked to stump up for an SSL certificate and my time to manage it all. Firefox support will get dropped faster than you can say "chrome".

Jog on, Firefox.

Web geeks grant immortality to Sir Terry Pratchett – using smuggled web code

Pomgolian

Practising What You Preach

..and just in case anyone is inclined to check, el Reg's server sends this:

X-Reg-BOFH: pfy

X-Clacks-Overhead: GNU Terry Pratchett

Nice one.

Qantas' biggest problems are … Apple, Samsung and Google?

Pomgolian
Coat

I support two teams...

Sounds like the typical whining you get from them ozzies whenever they're not winning at something.

Moon flashes Earth after getting pounding from MASSIVE meteorite

Pomgolian

I for one, welcome our drunk driving alien overlords.

Google underwrites Firefox another year, even as Chrome outpaces it

Pomgolian
Facepalm

It's not IE..

>it has no incentive to encourage anyone to use Firefox.

Yes, it does. If you can't force Chrome down their throats, let them eat Firefox instead - the point here is that Firefox ain't IE, which must not be used at all costs.

New Zealand to bar software patents, again

Pomgolian
Happy

Huzzah!!

....that is all.

Web host Linode, hackers clash over credit-card raid claim

Pomgolian
Pirate

Cean up required

This might explain why I've had a rash of attempts to crack open POP mailboxes from lots of different IPS resolving back to xxxx.members.linode.com. Hope they've cleaned it all up.

Internet Explorer makes modest gains against Google Chrome

Pomgolian
Boffin

Re: Meanwhile, in the antipodes...

Most probably true, I was merely paraphrasing for those in the northern hemisphere.

My point was their stats are based on server logs, and not on samples collected by websites where the webmaster has added code to feed back to StatCounter. As such it's probably quite a fair reflection of the browsers that people at least in NZ are actually using as opposed to those that they are reported to be using.

Pomgolian
Paris Hilton

Meanwhile, in the antipodes...

Down here in Chrome infested NZ, IE is continuing to sink. TradeMe is the Kiwi equivalent of ebay and thus the stats are probably typical of the average web user.

http://labs.trademe.co.nz/trade-me-browser-stats-march-2013

makes for interesting reading

Six things a text editor must do - or it's a one-way trip to the trash

Pomgolian
Pint

Re: There is only one thing a text editor needs

=====> :)

I did that for 15 years. Mine's a pint.

Yahoo! webmail! hijacks! are! back!...

Pomgolian
FAIL

Staying signed in

There was an outbreak of this sort of nonsense with the yahoo/xtra email service down here in NZ last month.

The advice here was that it was a cookie stealing vulnerability, which affected those who had the "stay signed in" option set when they signed in to their webmail. Clear your browser cookies and don't check that option.

Microsoft: Office 2013 license is for just one PC, FOREVER

Pomgolian
Linux

May I be the first to say..

...Fark that for a game of soldiers.

Ancient Mars: Covered with life, oceans, clouds, and imagination

Pomgolian
Pint

Full Marks

...especially to someone who allegedly used GIMP to do anything useful. I'll buy that man a beer.

Kim Dotcom flashes his rack

Pomgolian
Black Helicopters

Mansion?

"Dotcom’s famously flamboyant lifestyle bespeaks considerable wealth, inasmuch as he bought a colossal mansion"

..er....no. He's renting it. He wasn't allowed to buy it because at the time he didn't have permanent residence or something and was thus a "foreign investor". Shame for the spooks who spied on him illegally that he didn't remain so. He has now, apparently, been cleared to buy the mansion, but can't because his funds are frozen.

Can't argue about the cars though.

Internet shut-down easier, in more countries, than you think

Pomgolian
Pirate

Kim Dotcom

I for one, welcome our transpacific fibre cable toting germanic overlords.

Kiwi cops forgot Kim Dotcom's visa

Pomgolian
FAIL

Baby you're a Firework

The unbelievable thing about this whole debacle is that nearly everyone *knew*Kim Dotcom was a resident - that's why he sponsored the 2010 New Year's Eve firework display to the tune of $500,000 NZ - a celebration of his residency being granted. A small sum of money, easily missed.

The GCSB is not permitted by law to spy on NZ passport holders or permanent residents. There's another organisation dedicated to that though, so we can all sleep uneasily. The whole commando style raid followed by this shenanigans and the way that NZ is sucking up to Hollywood/Uncle Sham makes me wanna puke. Thought I'd left that kind of shit behind in the UK.

UK cookie law compliance takes effect today

Pomgolian
Facepalm

EPIC FAIL

http://www.ico.gov.uk/

Click on the privacy policy -

Firefox tells me:

The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

This problem can sometimes be caused by disabling or refusing to accept cookies.

FAIL!

Page: