Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Meh (Score 1) 480

FTFA: 2012 may have been the year that the password broke. It seemed like everyone on the internet received spam e-mail or desperate pleas for cash — the so-called “Mugged in London” scam — from the e-mail accounts of people who had been hacked. And Wired’s own Mat Honan showed everyone just how damaging a hack can be.

> Firstly, I don't recall seeing *any* spam e-mails in 2012 - at least to my own domain. I get a number to my work e-mail address, but that's because they use firstname.lastname@bigcorp.com, and at any rate the address is likely harvested when software companies demand e-mail address for pricing. At any rate, this is unlikely to be related to the e-mail account being hacked as much as it is marketers gonna market.

> Secondly, I vaguely recall the Mat Honan hack, but I'm reasonably certain I've already got sufficient steps to mitigate the attack he suffered. For one, I don't subscribe to the apple camp. For two, I don't use similar credentials across the web. For three, I think the guy who was affected made a significant number of utter schoolboy errors and would have been subject to an attack sooner rather than later. Lets hope he sufficiently learned his lesson rather than be the subject of another embarrassing hack later on.

Anyway, I'll be happy to see the demise of the password - it does have significant problems with regard to entropy versus memorability; general weakness tied into the idea that humans aren't necessarily designed to cope with arbitrarily long strings; arbitrary and inconsistent requirements, and policy-related changes. On a couple of occasions I've been aghast that somewhere requiring authentication kicks out credentials because they're either too long or they start with a number. The fuck?

But, I don't think Google is the innocent party presenting this for the good of mankind. Any move that reduces the possibility of plausible deniability, anything that increases the confidence that an action can be tied to a person, will directly benefit their bottom line. Therefore, I'd suggest that while the sentiments behind the paper may be good, a different approach may be better (e.g. LiveCD on RW media, with a KeePass or similar database in ~/boringdatabaselogs.

After all though, perhaps my tinfoil hat is on too tighOP HERE, DISREGARD THIS, I SUCK COCKS.

Comment Re:No trouble at all (Score 1) 191

You haven't seen the word users at my place of work. Page breaks are some form of obscene devil-magic. I was recently asked by a user something like "How many blank lines should I have at the top of a page" (paraphrased, but that's the gist of it). I responded that in the UK and indeed most of Europe, there's a de-facto standard of a 2.5cm top margin. They came back with "how do I check that". It's on days like this I really regret not following my childhood dream to be an astronaut.

Comment Re:No surprise (Score 1) 334

Replying logged in this time. The photocard needs to be renewed every ten years, but there is no such restriction on the old-format paper license. I've just checked mine (which normally resides in a locked filing cabinet) and it's good for another 30 years or so. I'm not likely to change my name, so change of address is the only likely thing. I've lived in my current place for about thirteen years though, and I'm in no hurry to move.

Comment Re:Bzzzzzt. (Score 1) 582

Replying logged in this time. Mortgage is about £20k remaining on a property that's worth about £70k. While it's not a palace by any stretch of the imagination (two bedroom terrace) it's certainly big enough for me. Combine this with the rock-bottom interest rates in the UK at the moment, and servicing that £20k costs close to nothing.

Comment Re:*sigh* (Score 1) 254

(And since BioShock is such a recent game, exactly what has it had the chance to influence yet?)

Well, you could look at Fallout 3 - there's a fair bit of the style that looks astonishingly similar to Bioshock... just look at the "Please Stand By" TV display for example.

[Cocking a snook at the blatant neophilia of the list]

Comment Re:Who got a 120Hz monitor today? (Score 1) 123

My ten year-old 21" CRT does at least 1024 x 768 @ 120 Hz. I think it drops down to 100HZ for 1280 x 1024 though, but I'd still be willing to give it a shot.

It's a pity that you can't buy decent CRTs any more, as I've yet to see a TFT that comes close to the performance of my current monitor. I'll be forced to change when it dies, but until then you can pry it out of my cold dead hands.

Comment Re:Crippled like XP Home (Score 1) 842

"It took me nearly half an hour to realize that XP Home doesn't let you change permissions on files."

Really? I though you could get at NTFS permissions using (Explorer) Tools-> Folder options -> uncheck "Use simple file sharing".

If not, you still have CACLS if you're prepared to get your fingers dirty.

Comment Sounds like an interesting idea (Score 3, Insightful) 420

As well as that, how about setting the default admin account so you have no sounds, no desktop wallpaper, no animated cursors - none of the flashy crap that users seem intent on encumbering themselves with. You want the bling == run as a limited user.

However this would require limiting the capabilities of the Admin account, and this is something I'm not entirely happy with (as, admin *should* be equivalent to god mode).

Comment Agreed (Score 1) 388

I've been installing Foxit on new machines for about nine months now, and have a lot of love for it. It was the retarded reboot-on-upgrade policy of Adobe that particularly ticked me off (load times notwithstanding).

I noticed earlier today that V3 is out, will be giving this a trial run sometime over the next couple of weeks. Only thing I'm hoping for is that they've improved the process for unattended setups, as this is the only thing that bugs me at the moment.

Comment I'd respectfully disagree (Score 1) 835

unless the submitter has two identical machines. Reason being, if the hard disc is swapped into another system there's a fair chance the wrong chipset driver will be provided and the compisite machine will bluescreen.

Even worse would be if the machine starts correctly and then installs its own chipset driver causing bluescreens when the hard disc is swapped back.

My first port of call, before the memory diagnostic and before running SMART tests would be the event log. It's neglected far too much for my liking.

I'd follow that with perfmon, and then offline AV scanners / liveCDs. Then I'd start thinking about burn-in testing and swapping out hardware.

Comment I'll throw in my £0.02 worth (Score 1) 353

Had a friend's machine in over the holidays. It would boot, get to Welcome screen, then after logging in machine would log straight back out. You weren't able to interact with the system at all.

Tried safe mode - same symptoms. Therefore I was of the opinion that it was a driver, winlogon-hooked DLL or a service that was tagged to run in safe mode.

The WinPE preinstallation environment allowed me to find/remove some of the offending parties, but still no dice. Snagged UBCD and pulled updates for all of the antivirus / antispyware tools.

Booting to UBCD got _some_ results... Spybot found a large number of nasties (including some identified as Antivirus 2009); A-Squared found some, as did AVG. Even after running all of them, the actual root cause persisted. Unfortunately, SysInternals autoruns wasn't much help, as it retrieves startup info from the currently running system, rather than of the inactive o/s (anyone know whether there's a tool that'll do this?)

Ultimately I waved the white flag and pulled out a repair install of Windows to bring the machine back up, at which point I found the culprit - a process called winlogon.exe in \windows rather than \windows\system32 and invoked via the winlogon registry keys. I kicked myself for not spotting this, but also note that none of the scanners in the UBCD (updated as of 28 Dec) were capable of identifying this as foul.

The offending file has been sent to various AV vendors in the hope that this one can be spotted in future.

Comment Re:Respect the user perspective, please (Score 1) 855

Then they will take over your computer and make the user watch while they google for the problem and its possible solution. Not necessarily a stupid thing to do, but it tends to undermine confidence. When did you last see a doctor entering your symptoms in Google? At least they don't do it while you watch.

To be fair, when I receive a really asinine query - one that the user should have been able to solve themselves - I take great pleasure in using either F1 or Google with a couple of keywords that said user has used describing the problem, and - cor, look at that - problem's solved. I used to think that this would give end-users a cluestick to F1 / search the internet before calling. My optimism was somewhat unfounded.

Comment Re:Kill!!! (Score 1) 855

In my experience, it's never a collection of screenshots. It's one screenshot. Usually of the entire screen, not the actual error window.

This is sent via an e-mail client. Since we're in MS land (os/x at a pinch) as evidenced by the use of "Word", then it's a pretty safe bet that whatever e-mail app the user has will support inline images. Instead, they've made you (1) open a word processor to display the image and (2) muck about with zoom settings so you can actually read the damn thing.

Also, what you generally find is that the problem description is in the e-mail, not in the document, so you're also having to juggle windows to work out what's going on.

This happens so often where I work that it just isn't funny anymore.

"The Mets were great in 'sixty eight, The Cards were fine in 'sixty nine, But the Cubs will be heavenly in nineteen and seventy." -- Ernie Banks