Posts by happygeek

Watched Triads, Yardies and Onion Bhajees (Once Upon A Time In Southall) on Friday and then the film it was so clearly paying homage to, Lock Stock and Two Smoking Barrels, on Saturday (for the umpteenth time).

Enjoyed both, but you have to give the nod to Guy Ritchie when it comes to telling a story to be honest, and IMHO it has nothing to do with budgets etc. I did like the fact that Onion Bhajees was shot in black and white apart from one touch of one colour (red) in the final scene. Worked well with the gritty subject matter. IMDB user reviews are way out of line giving it a 1/10 and saying 'worse film ever' etc. It's reviews like that which encourage me to watch a movie, if the plebs hate it then I usually like it :)

Or even this one which is also abandoned?

Satesh - read from the start of this discussion and you will find your answer.

The correct answer is Lenovo :)

I have been turning my USB thumb drives into fully encrypted data containers for years now, but readily admit that the prospect of rolling up your sleeves and getting down and dirty with encryption software is not as exciting to everyone as it is to me. However, with removable USB data storage devices having hit the pricing point where they have well and truly become commoditized and the data stored upon them of increasing value to those who would cause you financial injury, it really isn't safe to carry data around unencrypted; so what to do if DIY encryption isn't your cup of tea? That's where the growing range of 'secure USB thumb drives' enter the equation, with all the tricky stuff already installed and configured. All that the user has to do is enter a master password and anything stored on the device gets encrypted. I've been taking a look at one such device, the Kingston DataTraveler Vault Privacy USB (8GB) thumb drive, for DaniWeb.

The big question that people will ask is whether this thumb drive is worth paying £30 for at Amazon when the retailer is selling other hardware encrypted 8GB devices for less than a third of that (including older USB 2.0 models from Kingston) and unprotected drives for less than £3? The price dividend in this case is courtesy of a combination of factors, including the fact that this is a USB 3.0 device of course. You are also paying …

With my practical head firmly screwed on:

Given the value of your time and the amount of it already expended, and given the fact that 2Gb thumb drives are so cheap that they are almost in christmas cracker gift territory these days, wouldn't the sensible thing be to just buy a new one and move on?

Yes, we remember you. Hopefully you have developed a thicker skin and are more prepared for forum/chatroom life now...

What happened to your project? I note you say 'used to own'.

<irony> Ah, my apologies; if there are 19 videos on Youtube slagging it off then I am amazed that Microsoft hasn't removed Windows 8 from the market </irony>

However, if you are after a serious answer then how about these for starters:

UEFI secure boot firmware with ELAM driver, AppContainer sandboxing, WTG (Windows To Go) for Enterprise, Supervisor Mode Execution Protection, etc etc.

In other words, and talking with my IT security consultant hat on, Windows 8 is the most secure out-of-the-box OS that Microsoft has brought to market. That's what I like about it, seeing as you asked...

Nope, sorry. See the ToS:

Posts contributed to the community immediately become the property of DaniWeb upon submission. Members may edit their posts for a limited time period immediately after, for the purpose of correcting spelling and grammar mistakes and accidental ommissions. After this initial period expires, posts may only be edited or deleted by DaniWeb team members, and only in cases where they do not comply with our forum rules for the purpose of making said content comply with all rules. As a discussion community, posts contributed by many members work together to form coherent discussions. Altering or deleting individual posts may have consequences that unfairly extend to other members of the community. All members are held responsible for their actions. As always, think before you permanently post something on the public Internet.

Cool new feature, Dani. Here's mine http://www.daniweb.com/members/67225/happygeek/cv

What don't you like about 8.1 Pro, just out of curiosity?

When it comes to web browsers, my general rule of thumb is that the latest version is usually the most secure and this is certainly the case with Internet Explorer. However, when I started using Internet Explorer 11 on my new Windows 8.1 Pro laptop I soon discovered that latest doesn't always mean greatest in terms of usability. If you have read my "How to return the resize buttons to Google Chrome" tutorial, you will appreciate that Windows 8 doesn't always give you the UI experience that you are expecting, or that you want. Such was the case when I fired up Internet Explorer by hitting the 'tile' from the Start screen, after I had set it to be my default browser. When I set Chrome to be the default, Internet Explorer behaved exactly as I expected. However, this I discovered, is courtesy of Windows 8 changing the UI behaviour depending upon whether Internet Explorer is the system default or not (great bit of design there, I don't think).

Anyway, what I encountered was not like any Internet Explorer I had seen before, and was in fact another full-screen touch-optimized and tablet friendly version of the browser. I do use a large touchscreen here at the office, although my laptop itself is not touch-enabled, but prefer for the time being at least to stick with the familiarity of the desktop browser interface.

So how do you go about changing things? Well, at first …

The purpose of this short and sweet tutorial is equally concise: how to get the original look and feel of the Google Chrome web browser back after installing on a Windows 8 computer.

Having recently been forced into buying a new laptop, I finally took the plunge and decided to start using Windows 8 on a daily basis. In fact I upgraded the Windows 8 OS that came with my Lenovo Y510P laptop to Windows 8.1 Pro, and am happy enough with it apart from a few small UI niggles which I will be addressing in a series of brief Windows 8 UI tutorials. The first problem identified itself after I installed my preferred web browser client, Google Chrome. The install itself was as smooth as expected and once I had signed in and synced my bookmarks I thought I was good to go. Wrong. This was not the Google Chrome browser I was used to.

The problem is that Windows 8 defaults to running Chrome as a Windows 8 app, which is OK if you like that kind of full-screen tablet experience but pretty useless on a laptop (even though I do link my laptop to a 22" touchscreen monitor) if you ask me. The main gripe though, is that you lose the resizing buttons completely. When running Chrome I found myself with something that consumed my entire large screen and didn't provide any way to allow other applications to share the screen estate with it.

If, like me, …

I think that this whole concept of forever slicing and dicing SEO into ever more precise, specific and narrow colour-coded categories is less than helpful and just serves to confuse what is essentially a fairly straightforward topic.

However, trawling back through the online archives I see that generally speaking 'pink hat' SEO is most often described as the process of partially revealing sites content in an attempt to 'trick' Google and by sop doing multiply the traffic delivered.

In other words, pink hat SEO is really no different to black hat SEO...

Look, you either do SEO the 'right' way or you follow the dark path and take your chances. It's as simple as that, forget all this colour-coded crap.

The photo messaging application Snapchat, which allows users to post images, video and text on a time limited basis to a group of recipient users, has been hacked. The attraction of Snapchat, apart from not being Facebook and therefore somewhere teenagers can meet online without their parents having a clue about it, is in the 'Mission Impossible' nature of the service: your photo will self-destruct in 10 seconds. Well sort of, as users set the time limit up to 10 seconds that the snap will be viewable to the receiving group, after which they can no longer see it and Snapchat deletes the item from the servers. This kind of discrete time-limited approach has appealed to many, leading them to send perhaps more risque images than they would otherwise, certainly stuff of a more personal nature as their confidence is boosted by the self-destructive feel of security it provides. It is, let's be honest, a magnet for online flirts. It is also less than apologetic after being hacked, apparently preferring to play the blame game.

Of course, what isn't deleted from the Snapchat servers are the usernames and phone numbers of people using the app. And now hackers have apparently successfully downloaded some 4.6 million of them into a database which was made available for anyone to access online. The SnapchatDB site made the data available, but censored the last two digits of the numbers which suggests that maybe this was more a case of a warning shot across the …

Go online, buy some goods and have them shipped directly to your country without any problem.

Millions and millions of people do it every day...

As a gamer myself, I thought that last year was a pretty good one. After all, not only did I get to play both GTA V and Call of Duty: Ghosts (indeed, I'm still playing it and working my may through the prestige levels) but if I had enough spare cash and will I could have bought an Xbox One or PlayStation 4. As it happens, I did buy a Lenovo IdeaPad Y510P which can manage a pretty respectable average of 40fps in Crysis on the high quality settings at native resolution. However, according to research figures from Kaspersky Lab, 2013 was pretty dire for gamers in one regard: they were the target of malware abuse, and then some.

The Kaspersky Lab researchers reckon that there are currently at least 4.6 million pieces of gaming focused malware, with the total number of attacks facing gamers hitting 11.7 million globally. In fact, it says, that on average there were some 34,000 attacks related to gaming malware every single day of last year.

Looking at the European numbers, as I am based in the UK, it appears that Spanish gamers were the main focus with 138,786 attacks against them, closely followed by Poland on 127,509 attacks across the year. Then there's quite a drop in attack rates, with third placed Italy on 75,080 and the figures tumble once again to 47,065 for France in fourth spot. Germany (29,049) is just above the UK (27,049) in fifth and six places respectively, followed by …

Seeing as his signature is for a cell phone signal booster, and his username is signal121, and he has already had posts deleted for spamming signal booster adverts, I would imagine that this really isn't the 'problem' that the original post makes it out to bhe. Just saying...

He trolled DaniWeb forums using another account, which is banned for three months as a result. The mace_windu account is also banned, permanently, as it was an attempt to get around the other account ban which is something we do not allow.

Glad we got you back Matthew (PS. you have another email which should help solve the final leftover problems you were having)

2014: The usual evening, an inconvenient day off, and now I have to remember to write 2014 instead of 2013.

Hehe, what he said. Apart from the day off, as I'm in the office working now while all the bozo's recover from last night ;)

According to Dell SecureWorks Counter Threat Unit (CTU) security researcher Keith Jarvis, the CryptoLocker ransomware that has been written about so much of late has infected as many as 250,000 computers during the first 100 days of distribution (staring on the 5th of September, 2013). What's more, Jarvis estimates, based upon independent research, that owners of at least 0.4% of the infected machines will have paid the ransom demanded in order to unlock their data. Some pretty simple maths says that the $300 ransom multiplied by 1000 users equals a net haul of $300,000. Right? Well, maybe not.

Although it does seem likely that CryptoLocker remains the work of a single criminal gang, and security experts suggest it is operating out of either the Russian Federation or former Eastern Bloc states, the total ransom generated so far is open to some doubt. I'm not doubting that the infection rate is correct, and Jarvis himself admits that the 0.4% number of folk coughing up the cash is very much a minimum figure and likely to be much higher in reality, I do think that even so the total profit if going to be much, much greater. Why so? Well, I would imagine that you can up the number of people paying for a decryption key from that very low 0.4% to at least 1% which in itself still seems on the low side for such a well co-ordinated and executed attack as this. But hey, let's side with caution …

The single best way to get reputation points is to help people, participate positively in threads and answer their questions correctly. There really isn't a shortcut to better rep, it just comes naturally. Think of it as karma; rep is what the DaniWeb community gives back to those who give to it.

I worked for nothing, nada, zilch, zero pay for my first 12 months in order to get a portfolio of work (as a freelancer). After that I explained to my clients that if they wanted me to continue working with them then I would require paying, and we should discuss terms. Not a single one declined to pay... This was 20+ years ago, but I like to think that (some) employers do still appreciate people who are prepared to show they are serious about a career rather than just a job.

There are lots of reasons why I could say bah humbug today, but the primary one right now is aimed squarely at the spammers who seem to think that there will be nobody at DaniWeb to deal with their crap. Wrong. Happy xmas spamming losers, another day of your life wasted...

Happy Xmas, or whatever you celebrate, to each and every DaniWeb member. Have a good one.

Personally I'm trying to pretend it all doesn't exist, and that's why I am at work at the DaniWeb helm at 8am on Xmas morning - but apparently I'm just a bit weird... :)

Agreed, I was pondering just what he may have achieved if he had lived a full life. Computing may not have been different, but I suspect we may have got where we are a lot quicker.

Sadly true, there are still countries where sexuality can be a crime. I just assumed most people realised that the UK was no longer on that list of shame...

No, homosexual activity is not still prohibited by law in the UK... Was that really a serious question, by the way?

If you don't know who Alan Turing was, then shame on you. The British code breaker, mathematics genius and father of both computer science and artificial intelligence is rightly credited with helping to bring the second world war to an end. Turing was also gay, and that's where the shame has stuck firmly on the UK establishment for more than 60 years. Turing was convicted for 'homosexual activity' in 1952, and his punishment was to be chemically castrated.

This shameful and appaling conviction meant that Turing was unable to continue his pioneering code-breaking work at Bletchley Park as he lost his security clearance. He also lost his life, committing suicide just two years later. Now, some 59 years after his death, Alan Turing has finally been given a pardon by Queen Elizabeth II under the 'Royal Prerogative of Mercy'.

Turing is widely credited with shortening the second world war by at least two years thanks to his work that helped crack the German Enigma codes at Bletchley Park. He went on, after the war, to work for the UK Government Communications Headquarters (GCHQ) until his security clearance was revoked thanks to that conviction. He died as a result of suicide poisoning, assumed a suicide at the age of just 41 although some gay rights campaigners have today called for a full investigation into the possibility that he was murdered by British intelligence forces as he was perversely considered a threat to national security because of a combination of …

I always tend to think of an OS upgrade as a false economy. You may save time (or not as AD has discovered) in not having to reinstall applications, but if you keep your data separate from your applications the fresh start option must surely always win out in terms of clearing clutter, speeding up the system, ironing out those usability oddities that have crept in over the months/years etc.

Hehe, yep I would say that an average of 2000 flags/infractions per month during my time here would be about right if you factor in the 'Great Spam Wars' of course... :)

As with any online service that starts to get popular traction and experiences rapid growth, social network come micro-blog platform Tumblr has been the target of just about every kind of scam and attempted cyber-criminal subversion out there inclduing some of its own making. Most of the time it's not worth reporting on these as they fall into the 'same old, same old' category, and if we did then DaniWeb would be so awash with scam warnings that every other posting would be drowned into obscurity. However, this one is worthy of our attention.

Not least as it seems to be catching a lot of folk out, rather sadly. It's doing this by using that tried and tested methodology of telling a user that there's a way to cheat the system and get something in terms of functionality that The Powers That Be don't want you to have. In this case that something is the ability to post more than 250 times in a single day.

Yep, as Tumble 'power-users' will be all too aware there are limits on the number of posts you can roll, and that daily posting limit would appear to be 250 for the typical user. Even though, in reality, for all but the most prolific poster and the spamming fraternity, 250 is probably quite enough thank you very much; when faced with a limit we all want to break it as that's our nature. And so it is that there has been a …

My post count has dropped by something approaching 20,000. That's some re-tallying :)

The Welsh bloke who hates Fred.

AKA diafol (which is Welsh for devil) >;)

If nothing else, this thread has been worth it for the sheer joy of watching Alan get close to having a coronary at the keyboard as he attacks a completely virtual character with a brilliant display of Welsh wit. Yep, Welsh wit - who knew? ;)

Your definition of 'new' is interesting as you have been posting on DaniWeb for two years...

Welcome, anyway.

US retail giant Target has confirmed that hackers gained access to payment card data that could mean 40 million credit and debit card accounts are at risk. An official statement says that the retailer is "aware of unauthorized access to payment card data that may have impacted certain guests making credit and debit card purchases in its U.S. stores" and is now working with law enforcement and financial institutions having "identified and resolved the issue".

The accounts in question were targeted, no excuse for the pun, between November 27th and December 15th in order to hit the increasingly busy seasonal shopping period. Gavin Millard, Technical Director at security experts Tripwire says that the two most worrying aspect to the breach "are time frame, because it occurred on the busiest shopping period in the US calendar year when millions flood to the big box retailers and the fact that the “track data” was captured, enabling the attackers to create counterfeit cards."

Meanwhile, Mark Bower, vice president at Voltage Security thinks that sadly this massive security breach is simply a reflection of the times we live in. "The size, scale and coordination required for this attack illustrates the lengths that attackers will go to steal valuable credit and debit information including card track data and CVV codes – the ultimate prize" Bower says. Typically there are two points in the retail chain where attacks take place – the POS or the payment switching back end. "POS systems are often the …

If it makes you feel any better I'm turning 50 in a couple of weeks, think how awful my birthday will be :)

We are not a real estate forum, so you may find yourself very disappointed...

As you've already been told on the eBay forums where you also posted the same question, you should escalate the complaint with eBay...

The odd thing about these particular headphones is the marketing, in my opinion. The very bright colours, mine were what I can only describe as dayglo yellow, are not offset by any calmer touches; the same colour is applied to the wires, cups, buttons, jacks, headband, everything. It's a deliberate ploy to attract the Electronic Dance Music (EDM) fans, and the back of the box even states "EDM is taking over clubs and festivals all around the world, provoking the return of neon body paint, fluffy boots and glow sticks. In keeping with this trend, the KS iD headphones come in a range of bold colours." Yet, although I admit I am no expert in this particular field, EDM encompasses an entire spectrum of dance music from house through trance to hardcore. All of which has one thing in common, quite a lot of bass. Yep, the one thing I felt that these 'phones didn't handle too well is the one thing that the target market will want. I tried a lot of reggae tracks and dance remixes such as the Calvin Harris treatment of When You Were Young by The Killers and in every instance I wished there was a bass button that I could ramp up to 11, but had to do with a virtual one stuck at 5 instead.

Bankrobber by The Clash was also lacking in bass oomph, not to the point of my being unable to enjoy this classic track …

According to a report from researchers at US security outfit FireEye, a number of computers belonging to diplomats attending the G20 summit in Russia three months ago, including at least five European foreign ministries, were successfully targeted by Chinese hackers.

FireEye researchers had monitored a server, one of 23, used by the Ke3chang group in August. This enabled them to observe the malware in action, although FireEye says no data was stolen as far as they were aware during this period of observation. Naturally the security firm contacted the relevant authorities as soon as it realised what was underway. The circumstantial evidence collected at the time leads FireEye to believe that Chinese hackers were carrying out the attacks, although it admits it could also have been 'other actors' making it look like the Chinese were to blame. In the murky world of international espionage, such things are never usually clear cut. If it were a matter of misdirection, then it would appear to be a cleverly crafted one with Chinese words on the CnC control panels, servers registered in China and linguistic clues within the malware binaries pointing towards a Chinese coder.

The attack, nicknamed Ke3Chang by the researchers, used fairly standard social engineering infection methods such as emails with attachments leading to malware installation once opened. These attachment were well targeted, apparently, with some purporting to be documents revealing a plan by the US to intervene in the Syrian crisis whilst others claimed to be photos of …

Sounds to me like your 'friend' needs to find a proper penetration tester, if indeed this was ever the case. Why do you need to write an exploit for a vulnerability that you have found? That doesn't sound like a pentester to me, sounds more like a wannabe hacker.

As Deceptikon has already said, you are in the wrong forum for discussing this stuff - read the rules and you will find this is made quite clear. You might also like to read the rules regarding keep it pleasant while you are there!

You want to know what SEO is, yet you have been giving advice to others about what SEO is and how to apply it? Have you had a bang on the head and lost your memory?

The Distributed Denial of Service (DDoS) attack is becoming the crowbar of the online criminal. In the past we have got rather used to DDoS attacks being one of the favoured approaches of hacktivists, with perhaps the Low Orbit Ion Cannon (LOIC) and later the High Orbit Ion Cannon (HOIC) as used by Anonymous to take down sites being the best known examples. However, recent evidence suggests that taking down a site is increasingly no longer the be all and end all of a DDoS attack, instead it's just a means to a much more profitable end.

A couple of weeks ago I reported how a Bitcoin bank robbery took place under the smokescreen of a DDoS attack. I've now learned that a DDoS attack on another Bitcoin-related site, the Bitcointalk.org online forum, could also have been implemented as a smokescreen tactic. Information Week reports the site was actually targeted for a password-stealing exercise with some 176,584 users login credentials at risk.

Indeed, as TK Keanini (CTO at Lancope) points out there is an established marketplace out there selling the DDoS capability to anyone with the cash, and relatively little of it is needed to attack a smaller company, so the bad guys don't even need a DDoS strike capability as a core competency any more. "It is almost always the case these days that DDoS attacks leverage blended methods, where the volumetric technique is included, but not the primary objective" Keanini says, adding "this is …

Personally, given the amount of spam I see promoting the EaseUS 'solution' I wouldn't touch it with a bargepole. That's the power of negative advertising for you...

In his essay 'A Few Thoughts on Cryptographic Engineering' Matthew Green, a cryptographer and research professor at Johns Hopkins University, asks "how the hell is NSA breaking SSL?" If this is news to you, following the Edward Snowden revelations in The Guardian, then you obviously haven't read the New York Times piece about the NSA 'Bullrun' briefing sheet which quite plainly states that the agency has been circumventing exactly the type of encryption protection of everyday Internet communications that we take for granted, such as SSL (Secure Sockets Layer).

Of course, as Green has hinted at here, it's not the fact that SSL is being broken (or rather sidestepped, although it amounts to the same thing ultimately) that's in doubt but rather the precise method by which it is being circumvented. I'm not going to repeat all of the possibilities here, Green goes through them in some detail in his paper and I would humbly suggest you follow the link and do likewise. It's seriously interesting stuff, even for the non-ITSec geeks amongst you. But it's not all bad news, at least the Snowden revelations are increasing public awareness of the snooping and this in turn is driving IT vendors to double down on efforts to improve and extend encryption efforts to enhance data privacy.

"Whether implementing stronger encryption algorithms or adding it where it wasn't previously used, vendors are raising the bar for attackers (good and bad) attempting to orchestrate data breaches" says Michael Sutton, …

Hi Prof, and welcome to DaniWeb...

Black Friday has historically been a very American phenomenon, marking the start of the seasonal Xmas shopping rush and happening the Friday after Thanksgiving. In the past it has led to scenes of semi-rioting and chaos in some stores as the Walmartarati fight over bargain electrical goods. The UK got a taste of the madness yesterday, with shoppers working themselves into a frenzy at various Walmart-owned ASDA supermarket stores across the country. Some of the most violent scenes were witnessed at the West Belfast, Northern Ireland branch of ASDA where one woman was hospitalized and reports of pensioners being pushed to the ground and a disabled woman trampled on and having her arm broken in the process have emerged. Most of the carnage apparently caused by attempts to grab TVs and tablet PCs that were heavily discounted for the sale.

If that weren't bad enough, the chaos looks like it could continue after the calm of the weekend with Cyber Monday. Cyber what now? Cyber Monday happens the Monday after Thanksgiving in the US, and is nothing more than an attempt to cash in on the whole Black Friday thing but within the online retail sector rather than the high street. If you've not heard of it, you've not been paying attention as the marketers first launched the Cyber Monday concept way back in 2005 when shop.org used the term in a press release. Since then it has really taken hold and consumers seem to have fallen for …