* Posts by Waseem Alkurdi

1240 publicly visible posts • joined 16 Apr 2018

They're BAAACK: Windows 10 nagware team loads trebuchet with annoying reminders to GTFO Windows 7

Waseem Alkurdi

Re: But...

You've forgotten the (/s), since @bombastic bob is known for his pathological hate of Win-10-nic.

UK joins growing list of territories to ban Boeing 737 Max flights as firm says patch incoming

Waseem Alkurdi

Re: I forgot to add

Difficult to see that not leading to a landmark judgement about the liability of software.

We humans are, frankly, assholes, because we only learn when people die. Cars, aircraft, and now software. Why not get it right the first time?

Could be different for the Ethiopian flight which, unfortunately, had UN people on board, and where the flight recorder could end up in Paris.

Is it not unfortunate that the Ethiopians were onboard as well? I'm not following here.

Waseem Alkurdi

Re: An already safe...

replace the MAX with A320neos, for both Boeing

Imagine General Motors (back in the 2000s and the failing ignition switches, or the '70s Ivey "your life is worth $200K" Memo) giving out Toyotas and Nissans to folk.

Ahhhh ....

Waseem Alkurdi
Joke

Re: We've downloaded some updates for your plane.

Then reboots in 10 minutes. Yes, it's running embedded Windows 10.

(Would be ironic if it did though)

Amazon may finally get its hands on .amazon after world's DNS overseer loses patience

Waseem Alkurdi

Re: Can of worms or Pandora's box is about to be opened...

Nope - it's because phishing scams can use a TLD like dave@techsupport.microsoft (notice - no .com).

They should also gobble up *.microsoftcom as well.

Waseem Alkurdi
Angel

Re: Not English.

So it's not only I who had noticed this!

Microsoft changes DHCP to 'Dammit! Hacked! Compromised! Pwned!' Big bunch of security fixes land for Windows

Waseem Alkurdi

Deja vu?

First, there are the trio of CVE-2019-0697, CVE-2019-0698, and CVE-2019-0726, all covering holes present in the DHCP server component for Windows. Each of the flaws would potentially allow an attacker on the local network to achieve remote code execution on a targeted machine simply by sending a malformed DHCP network packet.

I'd swear I've seen this before ... and in an article on El Reg no less ...

Doesn't M$ learn?

Microsoft tweaks Windows 10 on Arm64 to play nicely with KVM

Waseem Alkurdi
Devil

Re: KVM is making QEMU shoddy

They *FEEL* (not think) that _EMOJIS_ are more important than KERNEL FIXES???

To a PR entity facing lusers (the "Insider Team"), they are more important! (see icon)

And while emojis are a fad, they actually help communicating the emotion associated with some sentence, to prevent a joke from being taken seriously, to point out one example. I used to hate them, but not any longer.

VirtualBox uses QEMU code, but is not a QEMU fork. While VirtualBox is faster, QEMU actually adheres to the UNIX philosophy (the "do one thing and do it well" one). VirtualBox IMO is the systemd of virtualization.

And yep, you can specify multiple cores, with a number of cores that can be higher than the host (the option is -smp <NUMBER>.

Waseem Alkurdi

The world _has_ changed a bit

"... which means that something not running under QEMU usually indicates a problem in the OS following the spec, not QEMU."

That's a <M$>Microsoft</M$> engineer caring about the OS adhering to standards. What do you think, Steve?

Waseem Alkurdi

Re: KVM is making QEMU shoddy

A good response to this is that QEMU is kept under Git source control. One can get the "last known good" build (without KVM), fork it into a new branch, say "QEMU Legacy", and develop onto that.

That's how many open source projects started ... fork for keeping legacy compatibility (MATE started as a GNOME 2 fork in response to GNOME 3).

Waseem Alkurdi

who lacked the imagination that cold could be unpleasant.

As a "desert dweller" myself (my country is half desert, half mountains) you can have my word that the desert at night is a really, really cold and unpleasant place to be.

Microsoft flings the Windows Calculator source at GitHub

Waseem Alkurdi

Open-source Media Center, anyone?

Also known as XBMC/MythTV? Who needs Windows Media Center (aside from the nice UI)?

ReactOS 0.4.11 makes great strides towards running Windows apps without the Windows

Waseem Alkurdi

Re: Exactly!

And perform like shit.

Correction: Last month, we called Zuckerberg a moron. We apologize. In fact, he and Facebook are a fscking disgrace

Waseem Alkurdi

Re: Optional

And how would I block an svg file on the register server with that?

Point the file's specific URL to 127.0.0.1 in your hosts file.

Foldables herald the beginning of the end of the smartphone fetish

Waseem Alkurdi

Re: fetishisable glass slab

Cool. We're in the same boat then, and I consider myself to be an expert on this particular issue.

1. Sell it for whatever money it gets you, no matter how little. This would be equivalent to having a random passerby on the street give you $5/$10/$20 for nothing, because you were going to dump it for $0 anyhow.

2. Use it as a remote control, especially if it has an IR blaster, especially popular around that exact period (2014 - Android 4.4 era), so chances are that you have that. I'm literally dying for a modern phone that has one!

If it doesn't have an IR blaster, you can use Wi-Fi and an app installed on the device you want to control (limits your device-to-control choices from "almost everything" to "laptop connected to TV)

As I quite often say, forget the folk paying hundreds of dollars for a touchscreen remote control like the Logitech Harmony stuff ... you already have one laying around.

3. Related to #2 above ... you can turn it into a Bluetooth mouse and/or keyboard (but requires that both phone and laptop support BT 4.0 LE -OR if unavailable- joining the same Wi-Fi connection on both and using a companion program on the laptop)

4. Good processor? Chances are that it'd be a Snapdragon. These are less bothersome in terms of (binary, closed source, "blob") drivers, so you can possibly port LineageOS to it yourself. Not difficult, with lots of guides around, especially if there's another similar device with the same chipset and a working LineageOS.

5. You can even run Linux on Android phones, either via chroot on top of the existing Android -with or without needing root access on Android- or as a whole (real) OS (as in porting Sailfish OS ... both of which are quite easier than it sounds).

Techie in need of a doorstop picks up 'chunk of metal' – only to find out it's rather pricey

Waseem Alkurdi

Re: I did that once too...

Definitely not acid-proof though. (Bone is calcium carbonate, aside from the organic matter)

Waseem Alkurdi

Re: I don't believe it...

Apple?

Waseem Alkurdi
Joke

Have you ever heard a story about something you did told second-hand?

My whole life's been just that xD

Roses are red, we've received about fifty. Google's next trick? Pixels for the thrifty

Waseem Alkurdi
Headmaster

Re: And Windows

We deleted Sys32 system32

Well, I really had to do it.

It's now 2019, and your Windows DHCP server can be pwned by a packet, IE and Edge by a webpage, and so on

Waseem Alkurdi

Is it Acrobat or PDF itself?

The overwhelming majority of those are the 39 arbitrary code execution vulnerabilities in Acrobat and Reader. In each case, the attacker could execute code on the target machine by convincing the user to open up a poisoned PDF file.

If it was PDF, then won't every single PDF client in known existence be affected?

In that case, what would average Jo{e,anne} with their locked-down Android and preinstalled system PDF reader do?

Waseem Alkurdi

Re: How oh how

If you mean the (now a) standard, then nope, allow me to disagree.

If you mean Acrobat Reader, then I'm getting the pitchforks Molotov cocktails.

Ivan to be left alone: Russia preps to turn its internet into an intranet if West opens cyber-fire

Waseem Alkurdi
Joke

Re: Airgapped

From Hong Kong I guess?

Waseem Alkurdi

Re: Can anyone bother to explain

Is jumping off a skyscraper justified because everybody is doing it?

US et al and their missiles might've "done wrong", but does that justify doing another "wrong"?

all countries have always been governed by interests and not by principles.

Depends on the interests and principles involved, but I agree to a certain degree.

Waseem Alkurdi

Re: Idea for a cleaner internet...

I initially agreed, but there's China.

All traffic into China passes through Chinese governmental servers (Great Firewall).

Yet the traffic to the outside doesn't, though traffic to the outside is monitored as well.

Waseem Alkurdi

Re: Doesn't every country

Doesn't every country major country

Fixed.

Some countries can't be bothered, because the Internet to them is purely for entertainment, no gov't business depends on it.

Waseem Alkurdi

From the article:

* Despite the English transliteration of its name, RBK is a business news wire and not a consultancy.

I don't speak Russian (though I really wish I did), but couldn't be like an English newspaper called "The Consultant"?

Well, thinking of it, it's like El Reg itself. A Russian may go like:

Despite the Russian transliteration of its name, The Register is a tech news wire and not a CPU register.

Waseem Alkurdi
Trollface

Re: Clientside Loopback Protection.

I can't seem to access El Reg (or any internet) at home anymore.....

Who needs the ISP's filthy internet when you have your own, all to yourself, courtesy of a couple of servers on your very own Linux server?

Waseem Alkurdi

Can anybody explain this?

So far Russia has built a local DNS copy to allow its internet to keep working if local officials pull the plug on connectivity to the rest of the world.

Assuming it's a copy of all DNS entries, both Russia and outside, why is a copy of (non-Russian) website DNS entries necessary for a Russian intranet?

I think there's something more to this.

Can't "unknown" websites w/o suitable DNS entries be simply returned with a HTTP 503 Temporarily Unavailable?

Prez Trump orders Uncle Sam to step up AI efforts – we all know the White House knows a lot about artificial intelligence

Waseem Alkurdi

Re: I can never understand anything the guy says

I think it's just like that; he speaks with parenthesis included (even with nested parenthesis (even nested, nested parenthesis) (a great talent (a huge talent), the best there is (the Donald is great (the best) at it)).

No, he's being a programmer using recursive calls:

x = doFunction1(y, doFunction2(doFunction1(a, b), z, doFunction3(c, d)))

EDIT: Seems that @Rich 11 has beaten me to it xD

Accused hacker Lauri Love tries to retrieve Fujitsu lappie and other gear from Britain's FBI in court

Waseem Alkurdi

Re: "Britain's FBI"

Department of Defense

Erm, go to this URL: www.defense.gov

This would be the title:

U.S. Department of Defense

(Yeah, I know about defense vs, defence)

Cops looking for mum marauding uni campus asking students if they fancy dating her son

Waseem Alkurdi

Re: It gets worse.

Ouch.

Uni student? Possibly normal, but eerie. But uni grad? Damn.

Waseem Alkurdi

Re: My experience

got me to deliver a parcel

Hmmm ... I see your issue. You have a mail server set up.

Solution? Redirect root's mail to /dev/null.

Waseem Alkurdi

Re: Had to happen

Just wait until both sets of parents insist on being there for the first sexual encounter to offer tips and commentary.

Something similar to this used to happen in the Middle East, despite being clearly morally wrong and opposed to the two religions (Islam and Christianity). One parent would stand behind the door while the newly-wed couple did their thing.

This practice is as dead as a zombie though, with people having grown up.

Skype goes blurry, Office gets a kick in the privacy, and Microsoft takes us back to 1990

Waseem Alkurdi

and a way to save files locally (in TXT format, if the user so desires).

As if the .sb file format isn't a .txt?

Sure, you can keep Grandpa Windows 7 snug in the old code home – for a price

Waseem Alkurdi

Re: Not funny caption

It was intended as satire, not to ridicule older people. And there's the whole "machinification of man" thing.

I'm in two hearts on this.

It, er, feels wrong to me, but at the same time, well, dunno.

Waseem Alkurdi

Re: Win 10- no thanks

And still a heavier footprint than 7.

I'd go with a Windows 7 PE, with Explorer added, and its WIM applied to a disk for persistence.

Waseem Alkurdi

AFAIK the AMD PCnet chip works natively, out of the box.

(Source: https://reactos.org/wiki/VirtualBox)

Waseem Alkurdi

Re: Prevaricating?

Temporizing?

Waseem Alkurdi

Re: Bad news...

Is 'bigly' even a word?

Waseem Alkurdi

Re: Updating to Windows 10

Keys are nowadays, in the bios the SLIC table in ACPI, exposed by the UEFI firmware.

Fixed.

Waseem Alkurdi

Re: Updating to Windows 10

No, it's nothing to do with this at all.

If it's a genuine Windows 7 or 8.1 key, whether retail or OEM, it'll upgrade and get a digital entitlement "a key".

If it's activated using a SLIC table injector (Windows L0d3r, etc) it'll upgrade as well.

Waseem Alkurdi

Don't worry 7,

You'll be always alive, at least to us., in our hearts.

(After XP and Linux, of course)

Sysadmin's three-line 'annoyance-buster' busts painstakingly crafted, crucial policy

Waseem Alkurdi

Re: Great system...

That's precisely the point.

See how we have different answers?

Waseem Alkurdi

Re: Oh yeah, _that_ fscker.

It (SELinux) was originally engineered by the American government, so it seems to mirror a governmental bureaucracy.

Waseem Alkurdi

Re: Great system...

It's been always this way with config files.

Let's say you have a config file under ~/.config/myprog/config and another under /etc/myprog/config and a default under /usr/share/myprog/default/config.

Which one am I gonna load?

Waseem Alkurdi

So Todd wrote a security policy.

"It was a three-line policy that basically said 'this file can be accessed by this process in this way'," he said.

SELinux policy?

Good news! Only half of Internet of Crap apps fumble encryption

Waseem Alkurdi

Duh?

We have added security measures, including the introduction of encryption

You gotta be kidding.

I'm a crime-fighter, says FamilyTreeDNA boss after being caught giving folks' DNA data to FBI

Waseem Alkurdi

Re: It's For the Children

1984, right?

What's Farsi for 'as subtle as a nuke through a window'? Foreign diplomats in Iran hit by renewed Remexi nasty

Waseem Alkurdi

Re: infallible proof

Care to provide proof? Something like this must've been taped by at least one reliable news source.