172 posts • joined 13 Nov 2015
One step forward...
One has to hate the soulless PR statements that try and deflect blame by comparing the incident to another well known event.
City of London Police and Piracy
The City of London police are well known as being corporate police for the media cartels. I'm assuming piracy sites and any site that upsets Hollywood will be blocked by this service at some point. In fact it wouldn't surprise me if this was one of the main reasons for it but the cyber crime and nasties angle tacked on to sell the service and get it used.
Carrot and the blue stick
Pretty sure if you hovered over the tick or somewhere near the tick it clearly said "verified account" which to anyone with a brain cell indicated they have verified the person is who they say they are.
Effectively they have changed what the blue ticks are for, all for no good reason.
Had an inkling in the past when they refused to give certain people a blue tick that it was because they wanted to punish them for their political views or similar. Twitter have always seen the tick as giving someone more legitimacy and maybe more followers and traffic as a result so have used it as a carrot and a stick. Maybe this change is not so much of a surprise considering.
Twitter is definitely not a tool of free speech.
Re: Stating the obvious
Those paragraphs has since been removed in case anyone wonders what we were gibbering about.
Stating the obvious
Cash converters say they have had a data breach and the comment from Troy is that is bears the hallmarks of a data breach at Cash converters?
Either that is the worst case of stating the obvious or the article has been worded badly :P
This release will not lead to another Wannacry like the professor is babbling about as the release is only code for the control centre part of the malware. No exploits, just the front end and communication stuff.
The media and 'experts' love to make it out to be worse than it is.
I will stick with the Rubber Ducky.
Re: Gerald Ratner moment?
They could pull the Harmony web server configuration tool offline (not that it works if you use Linux) or stop the app connecting to a database for remote configs at any time. All it takes is a meeting where they decide to get out the remote business.
The problem is who else makes a customisable remote at a decent price and doesn't need remote servers of some kind for configuration or is planning future cloud integration for PR and advertising reasons.
Truly stuck what to do when my Harmony finally bites the dust.
Re: Undocumented illegals
Aways some social libtard social justice warrior who jumps to the wrong conclusion.
Mixed race family here with some of my family being immigrants myself. You are barking up the wrong tree.
Unless you have lived in the area and see things with your own eyes, you just wouldn't understand. But yeah, anyone who mentions illegal immigrants is a bigoted dailymail reader to some people. /ShakeHead
Those inflated numbers from the mobile data vs the consensus could be in part from the amount of illegal immigrants in those areas. They have mobile phones but are not on any register.
Often saw multiple gang masters picking up obvious groups of illegals in beat up vans to take them to work and back again from where I was located in the Croydon Home office area for a while. Maybe mobile phone data will finally show how bad that problem is.
Re: Can't come soon enough
Incidentally, a triage nurse at A&E in the early hours used her mobile phone camera LED as a torch to look for whatever was stuck behind my eye irritating it.
All I could think of was how battered and dirty the leather folding case on her phone looked as it swayed about while she blinded me with the LED.
Based on that clearly anecdotal argument, im against phones in the medical profession unless there is a clear benefit.
But sod giving all my personal medical data over to any company, let alone one with the slightest of connections to Google.
Price range and expectations
The price vs performance (and quality) of the models is what puts me off tablets.
I have a PC,laptop AND a mobile phone with a decent sized screen, so a tablet is more of a would like and would use but far from essential.
For that reason I don't want to pay for a surface pro which is way too much power than I need but more importantly, too expensive.
A cheap tablet doesn't have the best performance and ram is always so damn limited too. With a very cheap tablet you get annoyed with them being slow and then the lack of joy using them makes them become back of drawer fodder.
There are not many any between choices unless you want to go to the Chinese market which can be hit and miss. Give me a 12" tablet with 3gb (or more) ram and a fairly decent arm processor for about £100 to £120 and I might be interested.
Maybe I want more than is feasibly possible due to costs but that doesn't change my position.
Re: A password cracker which only lets you see the results ....with a password?
Sounds like a password manager when you put it like that.
The DRM forcing downgrading of quality on 'unauthorised boxen' is criminal IMO. Saying android box's cannot have 4k Netflix for no genuine reason certainly does force people to piracy if they want the higher quality content.
A few android box's can stream 4K Netflix though, such as the cheap Xiaomi Mi Box.
The Nvidia shield is not cheap but has 4k Netflix as well as the Wetek 2.
My own cheap box needed some modified firmware to enable just 4k Youtube video. That is how bad the DRM stuff is now and the amount of control they want to keep on box'es that can watch media.
Android - open and not limited
Costs almost 3x than my Amlogic based android box which has features the Roku Ultra lacks, such as Dolby Vision support, and matches it for everything else with HDR, HDCP 2.2 and audio passthrough of DTS-HD etc.
A family member has a Xiaomi Mi box which supports every streaming service and of course the whole play store apps and games goodies available, also at a fraction of the price of the Roku.
I really don't see why the Roku has such a following beside being available to buy in the high street shops.
Re: Infotainment system
Not that long ago I had a Mini Clubman as a hire care and I tried for ages going through one menu, then to another sub-menu. After a wasted hour of it not wanting to connect I tried the voice command "bluetooth connect" and all the right things happened.
Totally gobsmacked as one goes for the menu system first as voice control is usually mostly pointless.
Re: An Alternative Viewpoint...
Rather than making sure people have internet whilst flying, I would guess puppet masters behind the scene are trying to get a singular point of presence or company they can tap in to keep their 5 eyes busy, rather than have a mishmash of points to monitor.
Runs for days if most parts of it are turned off most of the time
Multi day life but they turn the brightness of the screen right down and turn every device off every 10 seconds to save power. Every time you want to do something you wait 5 seconds for cpu and wifi adapter to be woken up, in a still throttled state to conserve energy. Registry tweaks needed for wifi adapter to use more than 35% power to get a range of more than 6 metres /sarcasm
Multicore ARM chips are good at what they do and how different cores are used at different volatages as needed but they are hardly powerhouses. They would have to slimline all software down to make it not top heavy, which wouldn't be a bad change of direction for windows software.
The person who thought it would be a good idea to give her this position should be fired for incompetence too.
So many reasons not to put her in that position and not a single good reason to do so. I'll have some of what they have been smoking.
Knowing our plod they are more interested in making their stats look good for catching someone who said something deemed naughty or hurtful on Facebook or twitter, rather than catching real criminals. With kids using just phones for internet a lot of the time now, the police are scared they might have to go after real criminals unless the carrier grade NAT issue is sorted.
Even the geeks stayed on stock Oxygen if they wanted to use Android pay, banking apps and stream tv content without having to jump through moving hoops.
From what I understand Android pay now recently works with Lineage but information is all over the place.
The sucking up of personal data by OnePlus and all the other companies is beyond silly now. The fact you can't turn off their second data slurping stream with an app or setting and have to run ADB commands means the majority of cheap phone buyers won't bother doing it, even if they want the data slurping to stop.
Usually one would use the built in sql command 'sqldump', which raises no alarms unlike other hacker tools, and dump the database in to a single .sql file for snarfing away,
Re: Goodbye PureVPN
NordVPN are one I would trust.
I use proxy.sh https://tinyurl.com/Proxy-SH-Reg (affil link)
Getting stalker = good!
VPN provider logging = bad!
Have a VPN connection at your router to one VPN provider and using a Pi or virtual machines with Tor/Whonix to tunnel through that (so no Tor IP's seen by ISP's) and finally VPN to a different VPN provider though that double tunnel. No Tor exit node to sniff your traffic and no way to link up ip's unless you login to something which keep slogs, such as email providers. Used to be slow but not so much these days with all the good routes and servers.
As for pointing out he had a Protonmail account, if that is a sign of guilt, I must be guilty too!
PureVPN is going to suffer from this in the same way HideMyAss did after they did the same.
Re: The Myth of internet privacy.
Again it's down to individual threat models and why someone wants to use the VPN.
Don't want UK plod partner to know you visited xhamster 10 times in one day from ICR's, a VPN does the job.
The problem is many people confuse privacy and anonymity.
Re: Interesting, very interesting
Some only log when they are troubleshooting a problem and delete the logs after.
It takes some work to dig out the good from the bad with VPN providers and it all depends on your thread model anyway.
Choice of games
Not too impressed with the choice of games listed as coming with it.
This story has made me want to play good 'ole Wizball again. Time to put yet another emulator on the phone!
Re: First I heard of these
No need to preach here, I had an OnePlus One and also a Xiomi. Using a Oneplus 3 now and tbh, only a decent camera, maybe the dual ones for better depth and tricks with the camera, would make me upgrade. Oneplus is too pricey with new phones now though.
First I heard of these
I might have wanted one of these if they were decent but I have never heard of the brand or phone.
Their brand awareness marketing must have been localised to America or everywhere except here.
Re: A lot of cool kids have moved on to GitHub
Sourceforge felt dirty when I had to use it recently. Had to upload what I downloaded to virustotal just to feel safe.
Not the sign of a good site.
Forget staring dogs, cats and partners
Is it creepy if the NSA watches you sleeping?
Re: Cars are crap because Robin Reliants are crap
I should have gone with Skoda which first popped in to my head. Figured the Skoda owners would come along and tell me how good they are these days, hence the Robin which no one would defend...except its name!
Those school reports about attention to details might have been right...
Cars are crap because Robin Reliants are crap
In any individual group which align to a more central ideology, you are going to have those that have good skills and those that are idiots. Saying all the failures belong to the central ideology is flawed. It's like saying some random kiddy group that identifies with Anonymous being idiots and getting caught means that the core Anonymous group are all shit hackers as well as other successful offshoots such as Lulsec.
All it takes is for one skill hacker to decide they want to help Daesh and it could change things dramatically.
Also consider successful undetected hacks will not be known about. Maybe they already exist but we are only aware of their obvious failures, partly because of the propaganda machine wanting people to know to deter them from making contact with the evil ones.
As much as we detest security by obscurity, not publishing information about where Daesh is failing would be beneficial. Let them keep making the same mistakes...
Re: The Amiga
Cubase was scary compared the simplicity of Octamed.
Long story short....tech companies have always taken the piss and will continue to do so with the UK where a $999 piece of equipment will cost £999 here when it should only cost about £750.
Re: FFS, stop the nannying
The actual worry of MITM in the FTP case is not getting username/passwords but modifying the files to include nasty payloads on the fly.
There are simple tools which will add your malware to EXE's on the fly as a client downloads them on the same network as you and the same can be done for PDF's with the latest exploits. It's not just nation states with this capability but the Snowden leaks opened everyone's eyes to what is possible. This probably has something to do with the decision too.
SSL stripping is less of a thing these days but still possible and I suspect FTPS is harder to harden.
FTP can use certificates too
FTPS is not insecure if used with a proper dedicated FTP client, especially something like Flashfxp where you can set the lowest HMAC handshakes and algorithms you will accept for the connection.
It's default state maybe less secure but for it's small share of browsing, I can see why the Chrome developers do not want to spend time adding better support to the browser.
The FXP function of FTP will always have a special place in my heart though!
Counteract stupidness or it will spread
The US has been upset with Kaspersky and determined to destroy his business since he released a public write-up of the NA malware/Equation group some time back.
""Because Kaspersky's servers are in Russia, sensitive United States data is constantly cycled through a hostile country," she said in an op-ed supporting the amendment.""
I wish the EU would ban American software that sends data over to America which most the world see's as a hostile country, at least in the way of it's government and it's actions. Ban McAfee, Norton, Fortinet and Webroot and play them at their own game.
Re: Fuck a duck!
After seeing the 400GB storage on a MicroSD card the size of a fingernail yesterday, we were reminiscing about the old 20mb MFM drive days that were the size of a brick.
So give it a few years and that 12TB will be on a MicroSD card and even smaller eventually.
Different technologies with different pro's and cons but it's still good fun to compare size and storage :)
Re: You can't reliably clean malware
Anyone worth their salt would tell you that the guy who said there was a thousand nasties on the laptop is either extremely exaggerating or clueless when it comes to security, as AV's showing many results are usually just shouting about cookies, which are not real nasties or infections
More like one actual infection and a few nasty toolbars thrown in for good measure.
Re: I want to "own" my smart home...
I would use a voice activated system such as the echo if all voice recognition was done locally without any connections over the internet and it sent no data back to the manufacturer.
However, my attempts at creating a system using public voice recognition projects left a lot to be desired. Still needs some work to get local recognition as good as googles or similar services. We will get there eventually though.
Plus I want to use my own wakeup word.
As for the original topic, it is worth the cost to have two routers or a router and firewall setup so you can connect to video streaming services remotely and VPN all other traffic as an example. Just set the default gateway to the main router for video and all other devices have their gateway set to the router/firewall that has the VPN connection for instance. The VPN router has it's gateway set as the main router.
Re: Doesn't exist.. my ass..
Adguard for android gets around having to have root to ad-block all traffic by pushing traffic through a pretend VPN connection on the phone. Neat little trick, just can't be used at the same time as a real VPN on your phone, which is not an issue for most users.
As stupid as this sounds, I carry around two phones these days. One rooted, xposed, ad-free but also with some security software and other apps that require root. The second phone as much as I would like to root, I run banking apps, android pay and media streaming that refuse to work on rooted phone.
Running banking apps on my rooted for years before getting a new phone was safer as ads were blocked at such a low level that there was no chance of malware-laden ads infecting me with a drive by exploit. Then the banks updated their apps to not work with root...barstewards.
Re: So it seems the heat of the EPO is a autocratic Ahole of the first order
The wall is a large version of the Pin Art toys you push your face through. They just pushed a dead eagle in to the pins from behind...
Or a digger out in the road went through the cable. Always happen when I turn up at a regional office and being the IT guy fiddling in the server room, all eyes look at you, wondering why you come to their office and break their worktime internet browsing ability.
The outages hide all the horrible latency and packetloss on the local nodes that people are proving with their ping graphs.
Technically they are not Bearded Bransons customers as Virgin just let the cable guys use his name for a fee. Its not a Virgin company.
25 years ago a director at my company got really freaked out by his week old new car speaking to him for the first time. He actually thought someone was in the car so jumped out and was quite stressed over it and called in to reception at work to say he will be late and explained what had happened.
Overhearing the conversation at reception and the fact I was a young BOFH, I added that "help, i'm stuck inside this computer" to his autoexec.bat within minutes. 30 minutes later I actually heard it from the other side of the building and rushed around to see a completely white CEO backing away further from his room.
Thankfully he took it on the chin and I kept my job!
Revealed his findings on Thursday? Suggests Thursday just gone when it fact it was over 3 weeks ago as I read it back then and the article also has the date of 27th July.
The headers are fine as the emails are sent from a compromised machine on the company network using the proper mail box and server though the phished or keylogged credentials.
Time to invent some noise cancelling headphones that allow remote sounds and alarms to be played to them while also allowing users to communicate with each other too. Walkie talkie headphones that tick the health and safety box.
Pretty sure something like this already exists.
Re: Out of India?
Philippines is a popular choice. Virgin media have centres there I believe.