'I was like, yea!' 5-year-old found his Xbox so easy to use, he hacked it

Elsewhere: 'I cannot stand the attitude of these guys' ... who could that be?

5 things you didn’t know about cloud backup

Quotw We haven't heard any expletive-laden smackdowns from Linux kernel chief Linus Torvalds in a while, so this week he obliged us all with a beaut. The head penguin railed on developer Kay Sievers, one of the key figures behind systemd, which isn't in the kernel but is one of the first essential programs to launch after Linux boots.

And what dread sin had poor Sievers committed? Another kernel developer Steven Rostedt discovered that when a Linux system is started with the "debug" option enabled, systemd can flood the logging services with so much information, the machine fails to boot. Torvalds was so incensed, he got Sievers' name wrong in his flame of the developer:

Key, [sic] I'm f*cking tired of the fact that you don't fix problems in the code *you* write, so that the kernel then has to work around the problems you cause.

Other devs had suggested there may be ways for the kernel to mitigate the flood, but Torvalds was having none of it:

I'm not willing to merge something where the maintainer is known to not care about bugs and regressions and then forces people in other projects to fix their project. Because I am *not* willing to take patches from people who don't clean up after their problems, and don't admit that it's their problem to fix.

It's really sad that things like this get elevated to this kind of situation, and I personally find it annoying that it's always the same f*cking prima donna involved.

Sievers took his public scolding well, reposting a statement from Lennart Poettering explaining that the systemd devs would be sorting the issue out with a software patch and posting a tongue-in-cheek status update on Google+:

Screenshot of Kay Sievers

Torvalds had threatened to reject his code from the Linux kernel, but Sievers said he didn't care, since he wasn't planning to submit any:

My last kernel patch is more than a year old, my last non-trivial kernel patch 2 years old. I stopped working on the upstream kernel "long ago" for reasons I cannot stand the attitude of these guys, I decided to work with grown up or funny people instead and I enjoy it a lot more. Not sure what this childish blackmail attempt relates to.

Speaking of fury, users of Western Digital's online storage service MyCloud reached the end of their patience with the firm this week as an outage dragged on. Quivering rage-infused customers filled 33 pages of the WD community web forum with complaints since MyCloud went titsup last week. The punters detailed their ongoing issues with accessing the file cloud.

User Prototyp_Gottes said:

If I use the desktop app, it works properly. I can see all folders and can also access them without any problems.

But I still have problems with my remote access. Using wd2go.com, I only can pass the login screen. After clicking on my My Cloud device, my browser keeps on loading and nothing happens. And by using my mobile apps it is almost the same. At least I can see all the public folders, when I try to access via mobile apps. But after opening the public folder my mobile app also keeps on loading and won't show me the folders within the public folder.

WD president Jim Murphy sent out a mass email at the start of the week to try to soothe the ruffled feathers, but since he failed to give out any useful information such as what the problem is or why it's taking so long to fix, it's unlikely to assuage the masses.

User Karimero said:

A few days ago I thought the problem was solved. Back at work now, trying to login. And there it is again: unable to access device. (0).

Fail. Fail. Fail.

Never again a WD product.

In Blighty, a High Court judge has decided that IBM was wrong to pull a quarter of its employees off Defined Benefit pensions – which would have given them a pension set as a portion of their final salary – and leave them with no choice but to sign non-pensionability agreements or get no pay rises in the future.

Employees sued the firm for breaches of its duties in implementing so-called "Project Waltz" changes, and Justice Nicholas Warren came down on their side:

In the light of all the evidence… it is my view that no reasonable employer in the position of [IBM] in 2009 would have adopted the Project Waltz proposals in the form which they took.

IBM said that it would be looking to appeal the decision:

IBM respectfully, but fundamentally, disagrees with the court's decision. The court's opinion acknowledges IBM's right to make changes in its UK pension programmes, but we believe the Court applied an incorrect legal standard in invalidating IBM's exercise of that right.

Those in search of, ahem, love on popular dating/hookup app Tinder could be running afoul of robot-voiced tricksters. Hackers are using the app to spread malware and survey scams by hoodwinking potential lovers into clicking on fraudulent links. The bots lure their prey in with tempting profiles and pictures, according to net security firm BitDefender. Chief security strategist Catalin Cosoi explained:

After users swipe the right button on Tinder to indicate that they like a profile, the bots engage users in automated conversations until they convince them to click on a dubious link. The name of the URL gives the impression of an official page of the dating app and for extra legitimacy scammers also registered it on a reputable .com domain.

The cybercrims have even tailored their scam for particular areas and countries: for example, enticing Brits with a bit of totty and an invitation to compete for ASDA and Tesco Vouchers, while Americans get a hottie and a challenge to play a Cattle Clash game. An example of the automated love chat goes like this:

Hey, how are you doing? I’m still recovering from last night :) Relaxing with a game on my phone, Castle Clash. Have you heard about it? http://tinderverified.com/castleclash[removed]. Play with me and you may get my phone number.

Both Cattle Clash developer IGG and an Arizona-based photo studio mined for suitable pics are also victims of the hack.

George Anderson, director of product marketing at Webroot, said:

The Tinder bot is a sophisticated attack - to be able to trick people into thinking they are chatting with real people, hackers must have invested a considerable amount of time and tested lots of reply and response scripts to get a high success rate.

And finally, a five-year-old boy has figured out how to hack his dad's Xbox Live account. The likely lad, Kristoffer Von Hassel of Ocean Beach, San Diego, California, managed to break into the account without the password, allowing him to play games outside his age group on his parents' Xbox, a fact his mum and dad noticed after Christmas.

The simple hack consisted of Kristoffer inputting the wrong password at the login prompt, going to the password verification screen and then filling the password box with space characters before hitting submit. Hey presto! He was in.

The cheeky chap summed up his fearsome tech abilities thusly to ABC News:

I was like, 'yea!'

His father, Robert Davies, who is a computer security specialist, said that it wasn't the first time Kristoffer had tried something like this on. Apparently, at the tender age of one, Kristoffer beat the toddler lock on his dad's phone by holding down the home key to disable the lockout. Far from being enraged with his prodigious offspring, however, Davies seemed quite chuffed:

How awesome is that! Just being five years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool.

Microsoft said that it had fixed the issue as soon as it heard about it from Davies, allowing the family to go public. For finding the flaw, Kristoffer got four free games, a year's Xbox Live subscription and $50, which is really gonna discourage him from a life of questionable computer access. ®

The essential guide to IT transformation

More from The Register

next story
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story


Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?