nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

* Posts by NonSSL-Login

172 posts • joined 13 Nov 2015

Page:

Loake Shoes admits: We've fallen victim to cybercrims

NonSSL-Login
Bronze badge
Coat

One step forward...

One has to hate the soulless PR statements that try and deflect blame by comparing the incident to another well known event.

2
0

DNS resolver 9.9.9.9 will check requests against IBM threat database

NonSSL-Login
Bronze badge

City of London Police and Piracy

The City of London police are well known as being corporate police for the media cartels. I'm assuming piracy sites and any site that upsets Hollywood will be blocked by this service at some point. In fact it wouldn't surprise me if this was one of the main reasons for it but the cyber crime and nasties angle tacked on to sell the service and get it used.

2
0

Twitter's blue tick rule changes may lower the sueball barrier

NonSSL-Login
Bronze badge

Carrot and the blue stick

Pretty sure if you hovered over the tick or somewhere near the tick it clearly said "verified account" which to anyone with a brain cell indicated they have verified the person is who they say they are.

Effectively they have changed what the blue ticks are for, all for no good reason.

Had an inkling in the past when they refused to give certain people a blue tick that it was because they wanted to punish them for their political views or similar. Twitter have always seen the tick as giving someone more legitimacy and maybe more followers and traffic as a result so have used it as a carrot and a stick. Maybe this change is not so much of a surprise considering.

Twitter is definitely not a tool of free speech.

17
0

Pawnbroker pwnd: Cash Converters says hacker slurped customer data

NonSSL-Login
Bronze badge

Re: Stating the obvious

Those paragraphs has since been removed in case anyone wonders what we were gibbering about.

0
0
NonSSL-Login
Bronze badge
Facepalm

Stating the obvious

Cash converters say they have had a data breach and the comment from Troy is that is bears the hallmarks of a data breach at Cash converters?

Either that is the worst case of stating the obvious or the article has been worded badly :P

3
0

WikiLeaks drama alert: CIA forged digital certs imitating Kaspersky Lab

NonSSL-Login
Bronze badge

This release will not lead to another Wannacry like the professor is babbling about as the release is only code for the control centre part of the malware. No exploits, just the front end and communication stuff.

The media and 'experts' love to make it out to be worse than it is.

12
0

Don't worry about those 40 Linux USB security holes. That's not a typo

NonSSL-Login
Bronze badge
Thumb Up

Wubbery but

I will stick with the Rubber Ducky.

1
0

Logitech: We're gonna brick your Harmony Link gizmos next year

NonSSL-Login
Bronze badge

Re: Gerald Ratner moment?

They could pull the Harmony web server configuration tool offline (not that it works if you use Linux) or stop the app connecting to a database for remote configs at any time. All it takes is a meeting where they decide to get out the remote business.

The problem is who else makes a customisable remote at a decent price and doesn't need remote servers of some kind for configuration or is planning future cloud integration for PR and advertising reasons.

Truly stuck what to do when my Harmony finally bites the dust.

0
0

Commuters' phone data could be tracked to save megabucks on census

NonSSL-Login
Bronze badge

Re: Undocumented illegals

Aways some social libtard social justice warrior who jumps to the wrong conclusion.

Mixed race family here with some of my family being immigrants myself. You are barking up the wrong tree.

Unless you have lived in the area and see things with your own eyes, you just wouldn't understand. But yeah, anyone who mentions illegal immigrants is a bigoted dailymail reader to some people. /ShakeHead

5
7
NonSSL-Login
Bronze badge
Devil

Undocumented illegals

Those inflated numbers from the mobile data vs the consensus could be in part from the amount of illegal immigrants in those areas. They have mobile phones but are not on any register.

Often saw multiple gang masters picking up obvious groups of illegals in beat up vans to take them to work and back again from where I was located in the Croydon Home office area for a while. Maybe mobile phone data will finally show how bad that problem is.

8
11

Londoners: Ready to swap your GP for an NHS vid doc app?

NonSSL-Login
Bronze badge

Re: Can't come soon enough

Incidentally, a triage nurse at A&E in the early hours used her mobile phone camera LED as a torch to look for whatever was stuck behind my eye irritating it.

All I could think of was how battered and dirty the leather folding case on her phone looked as it swayed about while she blinded me with the LED.

Based on that clearly anecdotal argument, im against phones in the medical profession unless there is a clear benefit.

But sod giving all my personal medical data over to any company, let alone one with the slightest of connections to Google.

5
1

Off-brand tablets look done, but big players are growing

NonSSL-Login
Bronze badge

Price range and expectations

The price vs performance (and quality) of the models is what puts me off tablets.

I have a PC,laptop AND a mobile phone with a decent sized screen, so a tablet is more of a would like and would use but far from essential.

For that reason I don't want to pay for a surface pro which is way too much power than I need but more importantly, too expensive.

A cheap tablet doesn't have the best performance and ram is always so damn limited too. With a very cheap tablet you get annoyed with them being slow and then the lack of joy using them makes them become back of drawer fodder.

There are not many any between choices unless you want to go to the Chinese market which can be hit and miss. Give me a 12" tablet with 3gb (or more) ram and a fairly decent arm processor for about £100 to £120 and I might be interested.

Maybe I want more than is feasibly possible due to costs but that doesn't change my position.

1
0

Only good guys would use an automated GPU-powered password-cracker ... right?

NonSSL-Login
Bronze badge
Coat

Re: A password cracker which only lets you see the results ....with a password?

Sounds like a password manager when you put it like that.

1
0

Why are we disappointed with the best streaming media box on the market?

NonSSL-Login
Bronze badge

Re: 4k

The DRM forcing downgrading of quality on 'unauthorised boxen' is criminal IMO. Saying android box's cannot have 4k Netflix for no genuine reason certainly does force people to piracy if they want the higher quality content.

A few android box's can stream 4K Netflix though, such as the cheap Xiaomi Mi Box.

The Nvidia shield is not cheap but has 4k Netflix as well as the Wetek 2.

My own cheap box needed some modified firmware to enable just 4k Youtube video. That is how bad the DRM stuff is now and the amount of control they want to keep on box'es that can watch media.

1
0
NonSSL-Login
Bronze badge
Meh

Android - open and not limited

Costs almost 3x than my Amlogic based android box which has features the Roku Ultra lacks, such as Dolby Vision support, and matches it for everything else with HDR, HDCP 2.2 and audio passthrough of DTS-HD etc.

A family member has a Xiaomi Mi box which supports every streaming service and of course the whole play store apps and games goodies available, also at a fraction of the price of the Roku.

I really don't see why the Roku has such a following beside being available to buy in the high street shops.

27
2

Car trouble: Keyless and lockless is no match for brainless

NonSSL-Login
Bronze badge

Re: Infotainment system

Not that long ago I had a Mini Clubman as a hire care and I tried for ages going through one menu, then to another sub-menu. After a wasted hour of it not wanting to connect I tried the voice command "bluetooth connect" and all the right things happened.

Totally gobsmacked as one goes for the menu system first as voice control is usually mostly pointless.

2
0

Viasat: We're going to sue Ofcom over EU-wide airline Wi-Fi network

NonSSL-Login
Bronze badge
Big Brother

Re: An Alternative Viewpoint...

Rather than making sure people have internet whilst flying, I would guess puppet masters behind the scene are trying to get a singular point of presence or company they can tap in to keep their 5 eyes busy, rather than have a mishmash of points to monitor.

5
0

Microsoft exec says ARM-powered Windows laptops have multi-day battery life

NonSSL-Login
Bronze badge

Runs for days if most parts of it are turned off most of the time

Multi day life but they turn the brightness of the screen right down and turn every device off every 10 seconds to save power. Every time you want to do something you wait 5 seconds for cpu and wifi adapter to be woken up, in a still throttled state to conserve energy. Registry tweaks needed for wifi adapter to use more than 35% power to get a range of more than 6 metres /sarcasm

Multicore ARM chips are good at what they do and how different cores are used at different volatages as needed but they are hardly powerhouses. They would have to slimline all software down to make it not top heavy, which wouldn't be a bad change of direction for windows software.

0
2

Ex-TalkTalk chief grilled by MPs on suitability to chair NHS Improvement

NonSSL-Login
Bronze badge

The person who thought it would be a good idea to give her this position should be fired for incompetence too.

So many reasons not to put her in that position and not a single good reason to do so. I'll have some of what they have been smoking.

0
0

Europol cops lean on phone networks, ISPs to dump CGNAT walls that 'hide' cyber-crooks

NonSSL-Login
Bronze badge
Trollface

Social crimes

Knowing our plod they are more interested in making their stats look good for catching someone who said something deemed naughty or hurtful on Facebook or twitter, rather than catching real criminals. With kids using just phones for internet a lot of the time now, the police are scared they might have to go after real criminals unless the carrier grade NAT issue is sorted.

7
0

OnePlus privacy shock: So, the cool Chinese smartphones slurp an alarming amount of data

NonSSL-Login
Bronze badge

Re: LineageOS

Even the geeks stayed on stock Oxygen if they wanted to use Android pay, banking apps and stream tv content without having to jump through moving hoops.

From what I understand Android pay now recently works with Lineage but information is all over the place.

The sucking up of personal data by OnePlus and all the other companies is beyond silly now. The fact you can't turn off their second data slurping stream with an app or setting and have to run ADB commands means the majority of cheap phone buyers won't bother doing it, even if they want the data slurping to stop.

7
0

Equifax: About those 400,000 UK records we lost? It's now 15.2M. Yes, M for MEELLLION

NonSSL-Login
Bronze badge

Usually one would use the built in sql command 'sqldump', which raises no alarms unlike other hacker tools, and dump the database in to a single .sql file for snarfing away,

2
0

VPN logs helped unmask alleged 'net stalker, say feds

NonSSL-Login
Bronze badge

Re: Goodbye PureVPN

NordVPN are one I would trust.

I use proxy.sh https://tinyurl.com/Proxy-SH-Reg (affil link)

1
0
NonSSL-Login
Bronze badge

Getting stalker = good!

VPN provider logging = bad!

Have a VPN connection at your router to one VPN provider and using a Pi or virtual machines with Tor/Whonix to tunnel through that (so no Tor IP's seen by ISP's) and finally VPN to a different VPN provider though that double tunnel. No Tor exit node to sniff your traffic and no way to link up ip's unless you login to something which keep slogs, such as email providers. Used to be slow but not so much these days with all the good routes and servers.

As for pointing out he had a Protonmail account, if that is a sign of guilt, I must be guilty too!

PureVPN is going to suffer from this in the same way HideMyAss did after they did the same.

9
0
NonSSL-Login
Bronze badge

Re: The Myth of internet privacy.

Again it's down to individual threat models and why someone wants to use the VPN.

Don't want UK plod partner to know you visited xhamster 10 times in one day from ICR's, a VPN does the job.

The problem is many people confuse privacy and anonymity.

5
0
NonSSL-Login
Bronze badge

Re: Interesting, very interesting

Some only log when they are troubleshooting a problem and delete the logs after.

It takes some work to dig out the good from the bad with VPN providers and it all depends on your thread model anyway.

2
0

Commodore 64 makes a half-sized comeback

NonSSL-Login
Bronze badge

Choice of games

Not too impressed with the choice of games listed as coming with it.

This story has made me want to play good 'ole Wizball again. Time to put yet another emulator on the phone!

1
0

Essentially invisible: Android big-daddy Andy Rubin's hypetastic mobe 'flops in first month'

NonSSL-Login
Bronze badge

Re: First I heard of these

No need to preach here, I had an OnePlus One and also a Xiomi. Using a Oneplus 3 now and tbh, only a decent camera, maybe the dual ones for better depth and tricks with the camera, would make me upgrade. Oneplus is too pricey with new phones now though.

0
0
NonSSL-Login
Bronze badge

First I heard of these

I might have wanted one of these if they were decent but I have never heard of the brand or phone.

Their brand awareness marketing must have been localised to America or everywhere except here.

3
2

Power meltdown 'fries' SourceForge, knocks site's servers titsup

NonSSL-Login
Bronze badge

Re: A lot of cool kids have moved on to GitHub

Sourceforge felt dirty when I had to use it recently. Had to upload what I downloaded to virustotal just to feel safe.

Not the sign of a good site.

5
1

Out, damned Spot! Amazon emits Echo ball with screen, inevitable ever-listening mic

NonSSL-Login
Bronze badge
Coat

Forget staring dogs, cats and partners

Is it creepy if the NSA watches you sleeping?

5
0

Shock! Hackers for medieval caliphate are terrible coders

NonSSL-Login
Bronze badge

Re: Cars are crap because Robin Reliants are crap

I should have gone with Skoda which first popped in to my head. Figured the Skoda owners would come along and tell me how good they are these days, hence the Robin which no one would defend...except its name!

Those school reports about attention to details might have been right...

6
0
NonSSL-Login
Bronze badge
Meh

Cars are crap because Robin Reliants are crap

In any individual group which align to a more central ideology, you are going to have those that have good skills and those that are idiots. Saying all the failures belong to the central ideology is flawed. It's like saying some random kiddy group that identifies with Anonymous being idiots and getting caught means that the core Anonymous group are all shit hackers as well as other successful offshoots such as Lulsec.

All it takes is for one skill hacker to decide they want to help Daesh and it could change things dramatically.

Also consider successful undetected hacks will not be known about. Maybe they already exist but we are only aware of their obvious failures, partly because of the propaganda machine wanting people to know to deter them from making contact with the evil ones.

As much as we detest security by obscurity, not publishing information about where Daesh is failing would be beneficial. Let them keep making the same mistakes...

11
0

New Amiga to go on sale in late 2017

NonSSL-Login
Bronze badge

Re: The Amiga

Cubase was scary compared the simplicity of Octamed.

0
0

UK PC prices have risen 30% in a year since the EU referendum

NonSSL-Login
Bronze badge

Re: Hmmm

Long story short....tech companies have always taken the piss and will continue to do so with the UK where a $999 piece of equipment will cost £999 here when it should only cost about £750.

7
1

Chrome to label FTP sites insecure

NonSSL-Login
Bronze badge

Re: FFS, stop the nannying

The actual worry of MITM in the FTP case is not getting username/passwords but modifying the files to include nasty payloads on the fly.

There are simple tools which will add your malware to EXE's on the fly as a client downloads them on the same network as you and the same can be done for PDF's with the latest exploits. It's not just nation states with this capability but the Snowden leaks opened everyone's eyes to what is possible. This probably has something to do with the decision too.

SSL stripping is less of a thing these days but still possible and I suspect FTPS is harder to harden.

3
0
NonSSL-Login
Bronze badge
Pirate

FTP can use certificates too

FTPS is not insecure if used with a proper dedicated FTP client, especially something like Flashfxp where you can set the lowest HMAC handshakes and algorithms you will accept for the connection.

It's default state maybe less secure but for it's small share of browsing, I can see why the Chrome developers do not want to spend time adding better support to the browser.

The FXP function of FTP will always have a special place in my heart though!

1
0

Red panic: Best Buy yanks Kaspersky antivirus from shelves

NonSSL-Login
Bronze badge

Counteract stupidness or it will spread

The US has been upset with Kaspersky and determined to destroy his business since he released a public write-up of the NA malware/Equation group some time back.

""Because Kaspersky's servers are in Russia, sensitive United States data is constantly cycled through a hostile country," she said in an op-ed supporting the amendment.""

I wish the EU would ban American software that sends data over to America which most the world see's as a hostile country, at least in the way of it's government and it's actions. Ban McAfee, Norton, Fortinet and Webroot and play them at their own game.

16
0

Whoosh, there it is: Toshiba bods say 14TB helium-filled disk is coming soon

NonSSL-Login
Bronze badge
Thumb Up

Re: Fuck a duck!

After seeing the 400GB storage on a MicroSD card the size of a fingernail yesterday, we were reminiscing about the old 20mb MFM drive days that were the size of a brick.

So give it a few years and that 12TB will be on a MicroSD card and even smaller eventually.

Different technologies with different pro's and cons but it's still good fun to compare size and storage :)

4
0

User thanked IT department for fast new server, but it had never left its box

NonSSL-Login
Bronze badge

Re: You can't reliably clean malware

Anyone worth their salt would tell you that the guy who said there was a thousand nasties on the laptop is either extremely exaggerating or clueless when it comes to security, as AV's showing many results are usually just shouting about cookies, which are not real nasties or infections

More like one actual infection and a few nasty toolbars thrown in for good measure.

0
4

How the CIA, Comcast can snoop on your sleep patterns, sex toy usage

NonSSL-Login
Bronze badge
Big Brother

Re: I want to "own" my smart home...

I would use a voice activated system such as the echo if all voice recognition was done locally without any connections over the internet and it sent no data back to the manufacturer.

However, my attempts at creating a system using public voice recognition projects left a lot to be desired. Still needs some work to get local recognition as good as googles or similar services. We will get there eventually though.

Plus I want to use my own wakeup word.

As for the original topic, it is worth the cost to have two routers or a router and firewall setup so you can connect to video streaming services remotely and VPN all other traffic as an example. Just set the default gateway to the main router for video and all other devices have their gateway set to the router/firewall that has the VPN connection for instance. The VPN router has it's gateway set as the main router.

1
0

Ad blocking basically doesn't exist on mobile

NonSSL-Login
Bronze badge

Re: Doesn't exist.. my ass..

Adguard for android gets around having to have root to ad-block all traffic by pushing traffic through a pretend VPN connection on the phone. Neat little trick, just can't be used at the same time as a real VPN on your phone, which is not an issue for most users.

As stupid as this sounds, I carry around two phones these days. One rooted, xposed, ad-free but also with some security software and other apps that require root. The second phone as much as I would like to root, I run banking apps, android pay and media streaming that refuse to work on rooted phone.

Running banking apps on my rooted for years before getting a new phone was safer as ads were blocked at such a low level that there was no chance of malware-laden ads infecting me with a drive by exploit. Then the banks updated their apps to not work with root...barstewards.

2
1

German court reveals reason for Europe-wide patent system freeze

NonSSL-Login
Bronze badge
Coat

Re: So it seems the heat of the EPO is a autocratic Ahole of the first order

The wall is a large version of the Pin Art toys you push your face through. They just pushed a dead eagle in to the pins from behind...

6
0

Virgin Media customers complain of outages across UK

NonSSL-Login
Bronze badge

Or a digger out in the road went through the cable. Always happen when I turn up at a regional office and being the IT guy fiddling in the server room, all eyes look at you, wondering why you come to their office and break their worktime internet browsing ability.

3
1
NonSSL-Login
Bronze badge

The outages hide all the horrible latency and packetloss on the local nodes that people are proving with their ping graphs.

Technically they are not Bearded Bransons customers as Virgin just let the cable guys use his name for a fee. Its not a Virgin company.

9
1

'Help! I'm stuck in this ATM,' writes poor bloke on a scribbled note

NonSSL-Login
Bronze badge

25 years ago a director at my company got really freaked out by his week old new car speaking to him for the first time. He actually thought someone was in the car so jumped out and was quite stressed over it and called in to reception at work to say he will be late and explained what had happened.

Overhearing the conversation at reception and the fact I was a young BOFH, I added that "help, i'm stuck inside this computer" to his autoexec.bat within minutes. 30 minutes later I actually heard it from the other side of the building and rushed around to see a completely white CEO backing away further from his room.

Thankfully he took it on the chin and I kept my job!

0
0

US DoD, Brit ISP BT reverse proxies can be abused to frisk internal systems – researcher

NonSSL-Login
Bronze badge

Random Thursdays

Revealed his findings on Thursday? Suggests Thursday just gone when it fact it was over 3 weeks ago as I read it back then and the article also has the date of 27th July.

Minor nitpick.

2
0

APT-style attack against over 4,000 infrastructure firms blamed on lone Nigerian 20-something

NonSSL-Login
Bronze badge
Facepalm

Re: Eh?

The headers are fine as the emails are sent from a compromised machine on the company network using the proper mail box and server though the phished or keylogged credentials.

0
0

Blighty’s beloved Big Ben bell ends, may break Brexit bargain

NonSSL-Login
Bronze badge

Headphones

Time to invent some noise cancelling headphones that allow remote sounds and alarms to be played to them while also allowing users to communicate with each other too. Walkie talkie headphones that tick the health and safety box.

Pretty sure something like this already exists.

1
0

TalkTalk fined £100k for exposing personal sensitive info

NonSSL-Login
Bronze badge

Re: Out of India?

Philippines is a popular choice. Virgin media have centres there I believe.

0
0

Page:

The Register - Independent news and views for the tech community. Part of Situation Publishing