General Chat

[Xela]

Being cowardly? 

I know, stereotype!

[Rugeley Villa]

On 23/04/2017 at 15:32, chrisp65 said:

it's almost as though heavy metal appeals specifically to small under developed brains

AC/DC heavy metal? 

Ive never understood why people look down on metal or are snobbish about it. It's just a different kind of music at the end of the day. I'm not a massive metal fan myself tbf and I will admit some bands can come across a bit juvenile but the same could be said about the Beatles.

[mjmooney]

4 minutes ago, Xela said:

Being cowardly? 

I know, stereotype!

Sorry, I grew up in the aftermath of WWII, therefore 'cowardly' = Italians. 

[chrisp65]

11 minutes ago, Rugeley Villa said:

AC/DC heavy metal? 

Ive never understood why people look down on metal or are snobbish about it. It's just a different kind of music at the end of the day. I'm not a massive metal fan myself tbf and I will admit some bands can come across a bit juvenile but the same could be said about the Beatles.

Don't tell the moderators but I was PFE back there.

I'm going to a tichoumaren tuareg guitar rock night on Thursday and a country n western / blues / techno / rock evening on Friday, so I'm in no position to judge.

[Rugeley Villa]

5 minutes ago, chrisp65 said:

Don't tell the moderators but I was PFE back there.

I'm going to a tichoumaren tuareg guitar rock night on Thursday and a country n western / blues / techno / rock evening on Friday, so I'm in no position to judge.

I should of known better as you have form for this kind of thing  variation can be good, sometimes.

[Ingram85]

Snowing and Thunder & lightning at the same time?

Is the world ending?

[mjmooney]

1 hour ago, Ingram85 said:

Snowing and Thunder & lightning at the same time?

Is the world ending?

Slowly, yes. 

[BOF]

13 hours ago, Ingram85 said:

Snowing and Thunder & lightning at the same time?

Is the world ending?

We had snowing, thunder & lightning from one side of the sky and glorious sunshine from the other yesterday, all at about 4 degrees celsius.  I thought I was in a lucid dream for a mo'.

[This Could Be Rotterdam]

Ive had an email saying my amazon email address has been changed. The email address isnt suspicious and actually seems to be from Amazon. Opened up amazon in a seperate browser and it now wont let me log in, saying they cant find an account with that email address so it looks like it actually has been. And now my amazon account to log in is showing this new email address. I cant log in to amazon to get on to their help pages and contact them, which are almost impossible to navigate anyway for this. Does anyone have any ideas? 

[Demitri_C]

8 minutes ago, This Could Be Rotterdam said:

Ive had an email saying my amazon email address has been changed. The email address isnt suspicious and actually seems to be from Amazon. Opened up amazon in a seperate browser and it now wont let me log in, saying they cant find an account with that email address so it looks like it actually has been. And now my amazon account to log in is showing this new email address. I cant log in to amazon to get on to their help pages and contact them, which are almost impossible to navigate anyway for this. Does anyone have any ideas? 

Ring them mate 

[BOF]

16 minutes ago, This Could Be Rotterdam said:

Ive had an email saying my amazon email address has been changed. The email address isnt suspicious and actually seems to be from Amazon. Opened up amazon in a seperate browser and it now wont let me log in, saying they cant find an account with that email address so it looks like it actually has been. And now my amazon account to log in is showing this new email address. I cant log in to amazon to get on to their help pages and contact them, which are almost impossible to navigate anyway for this. Does anyone have any ideas? 

It's possible you've been done by a punycode hack ?

Quote

Chrome, Firefox, and Opera users beware: This isn’t the apple.com you want

Unicode sleight of hand makes it hard for even savvy users to detect impostor sites.

Dan Goodin - Apr 20, 2017 6:34 pm UTC

Enlarge / This is how a Chrome 57 displays https://www.xn--80ak6aa92e.com/. Note the https://www.apple.com in the address bar.

166

 

If you're using Chrome, Firefox, or Opera to view websites, you should be aware of a weakness that can trick even savvy people into trusting malicious impostor sites that want you to download software or enter your password or credit card data.

The weakness involves the way these browsers display certain characters in the address bar. Until Google released version 58 in the past 24 hours, for instance, Chrome displayed https://www.xn--80ak6aa92e.com/ as https://www.apple.com. The latest versions of Firefox and Opera by default continue to present the same misleading address. As the screenshot above demonstrates, the corresponding website has nothing to do with Apple. Had a malicious attacker registered the underlying xn--80ak6aa92e.com domain, she could have used it to push backdoored software or to trick visitors into divulging passwords or other sensitive information.

Xudong Zheng, a Web application developer who developed the apple.com look-alike site to demonstrate the threat, explained here how the attack works.

Punycode makes it possible to register domains with foreign characters. It works by converting individual domain label to an alternative format using only ASCII characters. For example, the domain "xn--s7y.co" is equivalent to "短.co".

From a security perspective, Unicode domains can be problematic because many Unicode characters are difficult to distinguish from common ASCII characters. It is possible to register domains such as "xn--pple-43d.com", which is equivalent to "аpple.com". It may not be obvious at first glance, but "аpple.com" uses the Cyrillic "а" (U+0430) rather than the ASCII "a" (U+0061). This is known as a homograph attack.

Fortunately modern browsers have mechanisms in place to limit IDN homograph attacks. The page IDN in Google Chrome highlights the conditions under which an IDN is displayed in its native Unicode form. Generally speaking, the Unicode form will be hidden if a domain label contains characters from multiple different languages. The "аpple.com" domain as described above will appear in its Punycode form as "xn--pple-43d.com" to limit confusion with the real "apple.com".

The homograph protection mechanism in Chrome, Firefox, and Opera unfortunately fails if every characters is replaced with a similar character from a single foreign language. The domain "аррӏе.com", registered as "xn--80ak6aa92e.com", bypasses the filter by only using Cyrillic characters. You can check this out yourself in the proof-of-concept using Chrome, Firefox, or Opera.

Visually, the two domains are indistinguishable due to the font used by Chrome and Firefox. As a result, it becomes impossible to identify the site as fraudulent without carefully inspecting the site's URL or SSL certificate. This Go program nicely demonstrates the difference between the two sets of characters. Safari, along with several less mainstream browsers are fortunately not vulnerable.

The issue has generated an interesting discussion on the Mozilla developer forum. For now, lead developers have indicated they won't change the default behavior when the browser encounters punycode-based domain names.

Such a change "would make all non-Latin domain names show as gibberish," Mozilla developer Gervase Markham wrote. "That's not really a good thing for people, countries and languages which don't use Latin letters. We want every script and language to be treated equally on the Internet."

People who use Chrome should install version 58 as soon as possible. Firefox users can protect themselves by entering "about:config" in the address bar and agreeing to the displayed warning. From there, enter "punycode" in the search box to bring up a line that reads network.IDN_show_punycode. Next, double-click the word "false" to change it to "true." From then on, Firefox will display the "dumb ascii" characters and not the deceptive, encoded ones. Besides Apple's Safari, Microsoft's Edge and Internet Explorer browsers are also not affected, at least as long as they don't have support for a Cyrillic language.

The weakness was reported to Chrome developers in January. Security firm McAfee has more about this problem here.

 

[Tegis]

On that note, always double-check certificates when navigating to a site you have been linked to from somewhere. Especially when logins are used. And ALWAYS use 2 factor authentication when available.

 

 

[BOF]

I hadn't seen it before, and it made me follow the firefox advice.

Quote

Firefox users can protect themselves by entering "about:config" in the address bar and agreeing to the displayed warning. From there, enter "punycode" in the search box to bring up a line that reads network.IDN_show_punycode. Next, double-click the word "false" to change it to "true."

[Paddywhack]

I've been told I've done something wrong at work. It's not going against me in anyway, I just need to do a simple re-work. However, I really don't think I've done it wrong.

Do I take the easy path and knowingly redo the work incorrectly or do I stand up and start telling people why I've not done it wrong and explain why it doesn't need to be done?

I know what the right answer is, but I nearly always choose the easy path and I think I'm going to again.

Edited April 27, 2017 by Paddywhack

[Paddywhack]

18 minutes ago, Paddywhack said:

I've been told I've done something wrong at work. It's not going against me in anyway, I just need to do a simple re-work. However, I really don't think I've done it wrong.

Do I take the easy path and knowingly redo the work incorrectly or do I stand up and start telling people why I've not done it wrong and explain why it doesn't need to be done?

I know what the right answer is, but I nearly always choose the easy path and I think I'm going to again.

I didn't wait for an answer, I already did the work again.

'Easy Path Paddywhack' they call me.

[Stevo985]

I would have done both.

Redone the work but make it clear you think it was right first time round.

 

"I'm happy to redo it for you, but I think it was right the first time round"

[Paddywhack]

6 minutes ago, Stevo985 said:

I would have done both.

Redone the work but make it clear you think it was right first time round.

 

"I'm happy to redo it for you, but I think it was right the first time round"

You're probably right, but I think even that would have caused a bit of discussion and debate I'm too half arsed to be bothered with.

[BOF]

7 minutes ago, Paddywhack said:

You're probably right, but I think even that would have caused a bit of discussion and debate I'm too half arsed to be bothered with.

So you've now given them work you know is wrong?  And this won't come back to bite you later on, from someone possibly even higher up the ladder who spots the 'error' ?

[Paddywhack]

Just now, BOF said:

So you've now given them work you know is wrong?  And this won't come back to bite you later on, from someone possibly even higher up the ladder who spots the 'error' ?

Not really, without explaining the very boring processing work I do, somebody external will just go "Why's he bothered doing this?" *delete*.

[Demitri_C]

Wahey... so you remember I asked you guys weeks ago about energy companies well I went with Scottish Power and guess what they have only gone and done? Took over the wrong persons electricity! They took over the downstairs persons electricity so when i rang them up they told me they will cancel this but then they didn't realise they took over the correct gas and it was just the electricity! Therefore they have cancelled both and now they are investigating this colossal screw up.

What a shambles