nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by 10forcash

89 posts • joined 21 Aug 2015

Page:

Britain approved £2.5m of snooping kit exports to thoroughly snuggly regime in Saudi Arabia

10forcash

We need all the export business we can get now brex-pocalypse is almost on us.

Register Lecture: Right to strike when your boss sells AI to the military?

10forcash

Maybe we've been under an illusion about Google, purely due to a typo

It's not 'Do No Evil'

the correct version is:-

'Do Know Evil'

Paraphrased from a CMT patch I saw somewhere sandy a good few years ago ;-)

10forcash

It's not a real conflict unless humans are at risk on both sides eh?

Just to even things up, I suppose we should fight ethical wars where all sides have equal armament, resources and training so the real skill of winning comes down to tactics not technology and / or finances.

Lenovo tells Asia-Pacific staff: Work lappy with your unencrypted data on it has been nicked

10forcash

Re: Lenovo takes the security of employee information very seriously

I'm fairly sure Lenovo have said that only once. Very recently.

Unless you've got it on repeat.

In 2018, Facebook is the villain and Microsoft the shining light, according to techies

10forcash

The behemoth in the room?

Where is Google in all of this? surely they eclipse both Microsoft & Facebook? or is this another 'study' sponsored by Google?

I don't consider that Microsoft has improved in it's attitude towards ethical privacy, more that Facebook has sunk lower (undertaken?) Microsoft by several fathoms of slime. In other words, they're both bad, only now one is more worse than it was considered to be previously.

10forcash

Re: How quickly they forget

"FB is bad, there's no doubt of that, but you don't have to use it if you don't want to & can block them if you want;"

It's the other way round - Facebook uses you, well, us. - Conveniently we don't even have to sign-up to be tracked & harvested, the web sites we visit happily feed Facebook (and others) all the info they demand and we are identified by association - sometimes by well meaning but naiive friends who have sold their soul (and other data) to Facebook in return for targeted ads....

Giraffe hacks printers worldwide to promote God-awful YouTuber. Did we read that one right?

10forcash

Re: He’s not so bad

Join the ranks of Ben Shapiro and Mr. Beast to help win the war.

Who & who?

I wasn't aware there was a formal declaration of war - who are we fighting this time?

The only reason I can see for so many people 'following' the recorded meanderings of others on youtube is either morbid curiosity or hoping they capture the moment they auto-Darwinate themselves....

i have to admit to using some youtube content - the Canary singing master recordings are great for teaching our young ones to sing and (unless PETA get involved) are unlikely to be copyrighted this side of the next ELE

Awkward... Revealed Facebook emails show plans for data slurping, selling access to addicts' info, crafty PR spinning

10forcash

Popcorn anyone?

So far in the last few days, reports of:-

Youtube shutting down 'because copyright'

Googlers in open revolt against their employer

Facebook doing things they said they didn't / wouldn't

What a time to be alive!

He's not cracked RSA-1024 encryption, he's a very naughty Belarusian ransomware middleman

10forcash

"deliberately damage my sump plug in order to sell me an expensive repair"

Most likely the damage was done by over-enthusiastic tightening (as opposed to applying the correct torque) the sump plug at the last oil change, repairing the sump is never a manufacturer authorised repair so the tech would be recommending the correct repair if it was a franchised dealer. Obviously your vehicle means it's your choice, I have known repairs like that to be done as 'goodwill' if the vehicle has always been serviced within the dealer network - if the owner pushes enough....

10forcash

"Or mechanics"?

Mechanics (or more recently, vehicle technicians) are seldom unethical, Service receptionists / advisers, call centre staff and Service managers under the cosh of performance targets generally are though...

My favourite 'unethical' service add-on, usually sold by call centres 'because bonus' is the 'emissions control service', 'oil & fuel treatments' or some such wording - not only are these 'treatments' prohibited by most vehicle manufacturers but can be harmful in some engines.

Fuel additives can negate the benefits of AdBlue or Eloys Powerflex and cause premature wear or failure of HP diesel pumps, oil additives / flushes can cause premature failure of 'wet' timing belts.

More than once, I have seen technicians directed to use these products against their will, just to put another £29.99 on the bill (and hopefully a HP fuel pump or DPF once the vehicle is out of warranty).

I think your 'or mechanics' should be replaced with 'and Service advisers'

Former headteacher fined £700 after dumping old pupil data on server at new school

10forcash

Victim surcharge of £35

Is that each?

Q: If Pesky Pepper had a peek at patient papers, at how many patient papers did Pesky Pepper peek? A: 231

10forcash

Explain this to me...

"Her role required her to look at some medical records – lawfully – to help doctors, solicitors and insurance companies."

Doctors, well obviously, yes - the others, when and how did I consent to that? And by someone who clearly has no understanding of 'patient confidentiality'

BTW, the first 'ex' refused to go to a Doctors Surgery just over a mile from the house because one of the receptionists there knew her and she didn't want her gossiping about her medical stuff the way she did about other friends... She went to one just over eleven miles away so she could be gossiped about by a stranger (some of here 'issues' were worthy of a listen over a dry sherry or two to be fair).

Washington Post offers invalid cookie consent under EU rules – ICO

10forcash

Simple fix

Either the US media comply or prohibit by copyright terms of use 'Royal' photos, gossip & baby news from being published by non DPA(2018) compliant means.

That should sort it!

Personally, if I ever feel the urge to read anything published as 'news' from that side of the pond, I would probably look on the BBC website for it - can't say for sure as it's not an urge I've ever had, and at my age, I've had a few!

Analogue radio is the tech that just won't die

10forcash

DAB is the IPv6 of radio

OK Google, why was your web traffic hijacked and routed through China, Russia today?

10forcash

So basically people are complaining that traffic destined for Google may be stored, analysed and used for nefarious purposes by someone other than Google?

Google REALLY doesn't like competition does it?

Google logins make JavaScript mandatory, Huawei China spy shock, Mac malware, Iran gets new Stuxnet, and more

10forcash

If the 'tiny' 0.1% of users were not significant to Google, they wouldn't be pushing Javascript as mandatory, I suspect that the 'tiny' amount has in fact grown to 0.1% and they are mandating Javascript in an attempt to prevent it becoming a whole number percentage...

From today, it's OK in the US to thwart DRM to repair your stuff – if you keep the tools a secret

10forcash

Re: I'm guessing, but ...

"I'm guessing, but I suspect that when this all settles out "repairing" internal combustion engine ECUs and emissions control hardware may not be allowed on grounds of emission control. Likewise modifications to safety systems on gear that faces the public."

It's already the case that repairs and modifications to a vehicle 'Must not' compromise or allow the vehicle to conform to a lower emission standard than extant at its first registration date - despite the open sale of EGR blanking kits, DEF defeaters etc. As far as the likely penalties in law are concerned, they are just as potent as fitting a shonky airbag unit from China, fitting a second hand unit over 10 years old or fitting a termination resistor in lieu of any airbag / SRS device at all.... but it still happens.

'The inmates have taken over the asylum': DNS godfather blasts DNS over HTTPS adoption

10forcash

Re: Another step

I'm starting to agree about Palemoon being a sub-optimal browser, I did look at Waterfox but after reading "Webpage data to Google’s SafeBrowsing service:

Learn more or read Google’s Privacy Policy. Opting out prevents Waterfox from warning you of potentially illegitimate or malicious websites."

I was reminded of why I went with Palemoon in the first place...

WRT 'Brave', well i'm not 'brave' enough to allow them to choose and curate my addons for me.

Oh, Waterfox also has an 'Awesome Bar' - last time I saw one of those, an American was having a drink in it.

Punkt: A minimalist Android for the paranoid

10forcash

Re: Ffs

"but owns and drives a range rover V8 at the weekends"

Petrol or diesel?

Makes a difference ya know!

Uncle Sam gives itself the right to shoot down any drone, anywhere, any time, any how

10forcash

Re: @jake

Darwinize It's Darwinate or Darwinating - as in to auto-~Darwinate, which hopefully will happen to the sub-branch of humans that apply 'ize' to proper words and assume it's now a legitimate 'new' word (same goes for anyone starting a sentence with 'So' followed by a pause....).

Rookie almost wipes customer's entire inventory – unbeknownst to sysadmin

10forcash

Re: @Martin an gof

That would generally cause a DTC of 'commanded position unreachable' or something along those lines...

is your car PSA French or 'Diamond / Nissan' French - you have my sympathy in both cases, however you're more likely to get things resolved to your satisfaction if it's a PSA car combined with an appropriately motivated tech...

10forcash

Re: @Martin an gof

Took it to the dealer (I know...read on) several months back, for [Takata] airbag replacement recall, and just a few weeks ago, discovered that the fog lights no longer turn on.

Two options here - either is likely as the other...

Firstly, the car was reloaded with the CCF stored at build for that VIN, these can sometimes get corrupted or the VIN can be misread by the OCR / barcode reader - what should happen is that the CCF is downladed from the vehicle prior to any work involving the potential for the CCF to be reloaded - it's actually stored in two places, usually the instrument pack and the central electronic module.

Secondly, it's possible that the CCF is correct from build but someone has upgraded prior to sale (again, the CCF should have been downloaded from the vehicle and stored locally), this usually happens when the dealer buys a load of 'base' spec vehicles then upgrades them prior to sale - charging the customer for 'extras' and getting a kickback from the manufacturer for hitting 'accessories' sales targets.

A prime example of this is Motab cars having PDC added as accessory fit - because safety!!!, even though the cost of factory fit is negligible (to the dealer) and is more integrated with the other vehicle systems.

Attempt to clean up tech area has shocking effect on kit

10forcash

So in the UK you have to stand there breathing in the carcinogenic fumes from the evaporating petrol generated by the hot British sunshine ?

No.

Most modern (post 2014) petrol vehicles have a capless filler neck and a seal that prevents fuel vapour from leaving the filler neck, this in turn allows the fuel vapour to be recovered to a carbon canister where it is then fed into the engine in a controlled manner.

This type of ORVR has had various revisions since it was devised in the 1970's.

TLDR: It's not warm enough in GB to worry about fuel vapour

Sync your teeth into power browser Vivaldi's largest update so far

10forcash

New security features you say?

Based on Chrome/Chromium you say?

So backdoored by Google by the err... back door?

That'll be a no from me then - unless Im missing something - I know you can access the source code for Chromium, check it for phone home code and 'roll your own' browser, who has the time for that?

Braking bad: Mitsubishi recalls 68k SUVs over buggy software

10forcash

Consumerreports.com has claimed the second bug puts pedestrians at risk.

SUV's don't kill pedestrians, mobile phone's do. - to paraphrase GLC

10forcash

"Given the number of people who don't seem to know how to brake without ABS in winter driving conditions"

...or with...

Also, the %age of people that take their car to a dealer / garage because the TPMS light is on... rather than periodically* checking the tyre pressures or having a puncture repaired like in the old days!

Interesting** factoid:-

JLR TPMS trigger pressures are roughly 10% below the amount of pressure naturally lost by a tyre in a year to prevent owners calling in to dealers with a 'tyre fault' unnecessarily...

* periodically ~ once a month, tried to explain the reason why it's called that to a woman once...

** to me

10forcash

Re: What did we do before they invented ABS?

"...as far as I remember if there's no ABS and manual you slam the break before the clutch (rather than together"

What?

That's correct, you *should* use {progressively, not 'slam'} the brakes without depressing the clutch right up until the stall point, used to be part of the GB driving test - or at least part of the instruction IIRC... it's a mandatory part of offroad driving instruction to master if you want / need to pass a BORDA or IOPD training course.

I seem to have some memory of ABS negatively impacting braking on reduced traction surfaces (can't remember the details - sorry) - which is why there is a DSC (or similar) 'off' button on most cars intended for use on a mixture of surfaces

Fallover Friday: NatWest, RBS and Ulster Bank go TITSUP*

10forcash

"Pregnant and nearest branch is 3 towns away. Bloody brilliant customer service"

I cant work out if that comment is criticism or praise...

It looks like tech-savvy drivers will have to lead connected car data purge

10forcash

Although I despise 'connected' cars (maybe because my work brings me into contact with them on a daily basis) I've added 'connected' functionality to my own LandRover - but on my terms, with a GSM Telemetry module - it's not really telemetry, more simple I/O...

It alerts me by text if the alarm is activated, the main or aux battery fall below 11.8VDC

I can command it to run the fuel fired pre-heater for 30 mins, and / or turn on the heated screen, seats & steering wheel for 10 mins.

It requires a pin to accept commands and only from registered numbers and can be interrogated for its GPS position, with the added bonus of being able to connect by satphone if the GSM network is unavailable.

It doesn't save tracking info, send to anyone else, identify me or my car uniquely and most importantly, can be turned off without affecting the designed functionality of the car.

Yes, I know the GSM & INMARSAT can be tracked, but the IMEI's are not associated with the vehicle specifically, unlike the 'connected car' stuff, so in that sense, it only shows the vector and speed of travel, the mode is unknown.

‘Very fine people’ rename New York as ‘Jewtropolis’ on Snapchat, Zillow

10forcash

Re: You mean redheads?

Strawberry blondes

or Gwars in Mil. speak

or most of the inhabitants of East Yorkshire.

'Our day will come' https://vimeo.com/11281228 - NSFW

10forcash

Being from the ancient Kingdom of Yorkshire, I find it's potential future name less offensive than 'New York'

Chap asks Facebook for data on his web activity, Facebook says no, now watchdog's on the case

10forcash

My DNS just has blackhole entries for the root domains

*.fbcdn.net

*.facebook.com

etc.

Don't forget to block those nice 'free' fonts from google as well...

fonts.googleapis.com

or as it's stored in my blackhole list:-

*.googleapis.com

The powershell script is from https://cyber-defense.sans.org/blog/2010/08/31/windows-dns-server-blackhole-blacklist/

I've been using it since early 2011, needed a few tweaks to prevent unintended blocks (youtube etc.) and there are curated lists available of advertising / malware domains (same thing really) to get you started.

To pre-empt the expected 'what about usage on public connections' question - simple, no personal details are used or stored on devices used outside of our control, personal devices are on a separate vLAN to work devices and all devices used in public are either hobbled to prevent use outside of their intended work purpose (no browser etc.) or only connect to our own 'walled garden' via VPN.

Microsoft takes another whack at killing off Windows Phone 8.x

10forcash

Winphone user since v6.1, not a great user of 'apps' (probably why I'm still using one!) day-to-day phone is a Nokia 830 running WinMo10 with the standard list of stuff installed (Office, navigation with offline maps for EU & Africa etc.) plus Viber, Office Lens, Microsoft Authenticator, Run the Map {don't ask!} File explorer & Have I Been Pwned? installed. the annoying bits are quiet hours doesn't always work, unable to set different alert tones for different email accounts, camera occasionally crashes on launch - none of this was an issue with WinMo8.1 -, which my backup phone still runs...

Overall, for my usage case, I see no need to change either - they send & receive calls, text, email and Viber messages without any problems, which is all (apart from <20 technical photos a day uploaded to Onedrive and the occasional document loaded via Office Lens) I need it for. Yes, it's not cool, it's old tech, it's a WTF is that? comment opportunity for the hipsters, it's battered (screen intact though!) but it's mine, reliably carries out it's core tasks and I see no reason to change it for something that requires more effort to manage for daily use.

Google keeps tracking you even when you specifically tell it not to: Maps, Search won't take no for an answer

10forcash

Isn't 'sign in with no account' an oxymoron?

At best i'd expect just a local account created (although the underlying ad-targeting software will complain), at worst, a cloud profile is probably created with SkyNet Google, the blanks being populated as you donate your data in exchange for a usable device....

Ad watchdog: Amazon 'misleading' over Prime next-day delivery ads

10forcash

I can't believe the ASA can't deal more harshly with Amazon, this is exactly the sort of 'First World Problem' that Prime Membership is supposed to get rid of surely?

p.s. only went 'Prime' to watch Grand Tour and a few other assorted programmes, the 'free delivery' - whether next day or not, is just an added bonus.

Google Spectre whizz kicked out of Caesars, blocked from DEF CON over hack 'attack' tweet

10forcash

Maybe they just found out he works for Google....

That in itself is pretty much a crime - or at least antisocial behaviour.

Shock Land Rover Discovery: Sellers could meddle with connected cars if not unbound

10forcash

Re: Ho hum

"One, dealers CAN be forced into repair stuff by the manufacturer..."

Dealers like nothing more than repairing stuff for manufacturers - recall actions, service actions, quality campaigns etc. etc. They get paid at a defined rate for carrying out specific actions on vehicles in a VIN range or exhibiting certain symptoms - at one time, there were eighteen 'quality enhancement actions' applicable to each and every instance of a certain model of a premium car manufacturers product, most were cosmetic or minor, some were bordering on safety recall territory - most owners were unaware of the rework as it was all classed as service action (but took 3.6 hours to complete) so there was no letter in the post, those that chose to use the 'EU block exemption' and get their vehicle serviced outside of the dealer network whilst in warranty would only get the individual items reworked 'upon customer complaint'.

Not withstanding the above, warranty, recall and service / quality campaign work is lucrative 'bread & butter' work for the dealers - Nissan have spent years replacing engines because one person on the engine assembly line was OCD enough to line up all the gaps in the piston rings 'because it looked better' in the absence of being told otherwise... PSA have replaced 16k engines, mostly on a Dealer Hold Order due to a second tier Turkish manufacturer supplying substandard pistons for the 1.6 litre diesel engine, Ford Mustang 5.2l have an oil supply problem to the RH cylinder head / camshafts, mainly due to being built in America - their words, not mine, BMW are replacing battery wiring looms on 180k vehicles in the UK alone, should take about two years to complete - All of which is great news for the dealers!

BTW, JLR use SDD & DoIP not ETIS and have done for some time. The last shared diagnostic platform with Ford was IDS and went out of the door with Discovery 3 so the chances of a JLR dealer (not indy) being able to / want to do stuff to a Ford is slim to feck all, even if they still have the interfaces, SDD simply won't recognise it!

10forcash

Re: Ho hum

"One would have expected it to be a simple "Bring it into your local dealer with your paperwork. They'll reset everything for free while you enjoy a complementary cup of tea. And here's a nice glossy brochure and a voucher for 20% off your next service. Welcome to the JLR family"."

No.

Firstly, the vast majority of private buyers never want to visit a 'stealer' - even for free stuff like safety recalls, and would never be in the market for a new or 'approved used' vehicle so as far as the dealer network and manufacturer are concerned, they are not and never will be a potential revenue stream.

Secondly, who is going to pay for this reset? the manufacturer? nope, they don't care about out-of-network sales, see above. The dealer? nope, they haver to assign tech's time to something, can't be sales, as they didn't sell it and cant be workshop as no-one to bill, can't be internal work as the tech's will kick up a stink over lost productivity & bonus (and rightly so) - just to 'log in' to a vehicle with DoIP, SPA or Flexray takes ~20 mins...

20% discount on a service? 10% is the limit even if you push really hard, because they know that you'll then want a price match on all the stuff identified on the eVHC - or just take it to a local indy to have it bodged for a third of the price with the nastiest possible aftermarket parts.

There's vehicles in dealers compounds that have been sat there for years waiting for work to be done because the owners have taken it there as a last resort after every other option has been exhausted and they haven't the funds to get it fixed, so the cheapest option is to SORN it and park it for free at the 'stealers' until they can be arsed to do something about it - which is usually get the local scrappie to tow it away after the fourth quarterly letter from the service manager threatening to charge them storage!.

So no, getting private buyers into a dealers isn't ever going to generate another customer for life.

What might work is registering your 'newly purchased' vehicle on the manufacturers portal, which would then generate a message to the existing registrant, if not answered within a week or two or answered with a 'no, don't change the owner' type response, the new owners details would default over to the online service.

10forcash

From personal experience of being within JLR dealers, it's too much faff for sales droids to 'unbind' a VIN, regardless of what the dealer minimum standards document says..... bit like PDI battery tests ;-)

It walks, it talks, it falls over a bit. Windows 10 is three years old

10forcash

LTSB

Been using it since it became available, despite MS claiming it to be niche usage case only, we use it on *everything* - mainly due to registry & policy features not available in other versions that stop or limit slurp.

It's entirely possible to install 'apps' using Powershell to install store or just the individual bits you want / need (news and weather are the most popular). We have a lot of laptops, mainly Panasonic CF-52's running various vehicle manufacturer diagnostics and have not experienced any crash, incompatibility or installation issue. We install Classic Shell, Office 2016 & Palemoon as the default browser but have to fall back to IE11 on occasion - in every case due to compatibility issues with manufacturer training providers... Don't suggest Chrome as anything Googly is verboten, as is facebook & twatter....

WRT dual boot, I can do work & superfluous stuff in Windows, why would I choose to do work in Windows, then reboot into Linux to do the superfluous stuff just to 'stick it to the man'?

Heatwave shmeatwave: Brit IT departments cool their racks – explicit pics

10forcash

Back in the day (2002) we had an IT tent, complete with a pair of DL380's and associated kit. ambient was 38 Celsius at it's peak and the wind direction determined the server maintenance schedule (daily or weekly). Still, could've been worse... and lo, two years later, it was. 55 Celsius, no time for acclimatisation and queues for the portaloos (emptied at 1500 daily). - but at least they were civilised enough to have British mains sockets!

Chrome, Firefox pull very unstylish Stylish invasive browser plugin

10forcash

Re: Stylus

"One of my prime reasons for using Stylish is to read El Reg without the gratuitous headline images."

Bugger...

I now have a choice, migrate to Firefox from PaleMoon so I can use Stylus instead of Stylish

-or-

Stay with PaleMoon and trace & block all outbound traffic from Stylish...

Neither seems ideal, nor is accepting the 'as intended' rendering of El Reg.

Brave Brave browser's hamburger menu serves Tor onion routing

10forcash

'Activist'

Another one of those words that has been claimed by those that don't deserve it. Quite often, 'Protester' or 'Disgruntled of Tunbridge Wells' is more appropriate.

Google kills AdWords!

10forcash

The important question is:

Are there any new domain names to block?

Every bloody gadget in the house is ringing. Thanks, EE

10forcash

Only on Apple kit you say?

Thanks, another reason to avoid it!

Although to be honest, the Venn diagram of me, Apple and EE would just be three unlinked circles at the extremities of the sheet of paper...

US websites block netizens in Europe: Why are they ghosting EU? It's not you, it's GDPR

10forcash

Septics

I worked overseas for many years, sometimes with other nationalities. One day we went to see one of our US 'partners', he looked really pleased to see us (unusual in itself) and we were greeted with 'hey guys, I know why you call us 'septics' - it's rhyming slang, 'septic tanks' means 'Yanks', he was really pleased with himself until I replied "Nah, it's 'cos you're all full of shit'.

Which to me, pretty much sums up their attitude to 'privacy' and lack of understanding that 'personal' means 'it's mine' - which is how we ended up with GDPR being needed anyway.

GDPR for everyone, cries Microsoft: We'll extend Europe's privacy rights worldwide

10forcash

If there's one thing I wouldn't buy it's an Android TV

Me neither, we have a couple of Panasonic 4k TV's which have a Firefox OS, there's still some slurp, but it goes direct to Panasonic and is blockable at the DNS level. The various UK 'on demand' providers are now requiring users to have an 'account' to get to know you better, two of them accept an email address of invalid@nowhere.com with no confirmation...

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on

10forcash

Some people want true point-to-point on more than one device.

Why?

What's the benefit of that?

(Genuine questions from someone who is happy to maintain an IPv4 network behind a NAT'ed router that may or may not have an external IPv6 address).

10 social networks ignored UK government consultations

10forcash

"And after all, these companies were set up to make the world a better place"

For the advertisers.

A focal point of abject misery for it's users product

You've been Zucked: Facebook boss refuses to face-off with Brit MPs

10forcash

Block Facebook and all it's entities at the Brit & EU internet exchanges until all the questions are answered clearly, unequivocally and honestly.

I'll take a look in ten years or so to see if it's still blocked....

Page:

The Register - Independent news and views for the tech community. Part of Situation Publishing