/ Technology

Tech Talk with Which? Computing

Welcome to our tech talk area! This is your place to discuss all things tech, get updates on Which? Computing, and discuss the latest goings on with our Computing editor, Kate Bevan.

Hello, world. Welcome to my tech talk area on Which? Conversation.

It’s been six months now since I took over the editorship of Which? Computing, and one thing I’m particularly keen to do is find ways to meet, chat with and learn from Which? members and our community.

I want to be able to be a bit more nimble about reacting to, commenting on and explaining what’s going on in the wider tech news world, and so we thought that opening up this space would be a great way to do that.

A tech space for everyone

This space is as much for you as it is for me. I’m not only keen to share with you what we’re working on in Which? Computing, but I very much want to hear what you’re doing with your technology; what you’re thinking about technology-focused news, and what you’re considering building, buying and tinkering with.

I’ll be posting here in the comments on a wide range of topics. Next week, for example, is Google’s annual event at which they launch their latest consumer devices. Sadly, I won’t be going to New York for that, but I will be at the London event, and I’m planning to report on that as it happens.

I’ll also be letting you know what we’re up to with planning the Computing magazine; I’ll be sharing news stories and – hopefully – helping those of you outside of the tech bubble make sense of everything that’s going on.

But most of all I’m here for the community. It’s a conversation, not a broadcast, and I hope you’ll be joining in and helping to shape it. I’m really looking forward to it.

From the Convo team

This tech-focused area of Which? Conversation is the first of its kind from a Which? editor.

Much like the Lobby, it was born out of an idea from our community – we’ve been asked for a more tech-focused discussion area in the past, and this can act as just that. This area isn’t only for Kate’s updates, but for you all to discuss the latest tech news, reviews and issues you’re interested in.

Kate will continue to write separate Which? Conversations for the ‘big’ tech stories, which we’ll also link to here for reference.

09/10/2018 All the latest from Google’s annual hardware launch

02/10/2018 Was your Facebook account accessed by attackers?

29/09/2018 A brief history of tech: what got you into computing?

16/08/2018 Do we really spend too much time on our phones?

Otherwise, for all things general tech chat and questions for Kate, feel free to get inolved!


To ensure the Computing Corner remains a healthy and friendly place for you all to share your thoughts and musings, all of our Community Guidelines apply.


Just been informed by the EFF that Apple,s iron clad policy of only having its own engineers repair its products has been overturned by US government legislation under Sections-1201 of the DMCA.
This also applies right across the board in the public being able to repair electronic equipment without them being prosecuted or barred from doing so due to legal threats .
People can now jail-break + modify voice assistants like Amazon Echo and Google Home and DRM can be broken (if its possible ) in the course of repairs .

Adding to Facebook’s woes a group of academic researchers(Princeton ) have uncovered Facebook harvesting users-phone numbers for targetted advertising in two disturbing ways –
Two-factor authentication (2FA ) phone numbers & “shadow “contact information .

Better news -I know one regular here uses Privacy Badger ,well ,as you know an update to it blocked -Facebook,s Link -Tracking -they found Google performs the same tracking in web searches and private conversation like Hangouts and comments on Google Docs that too is now blocked .

I have “banned ” Google from my PC but I just found a downside to it , I was contacted by a US petition company to do a survey –which I clicked on but then found I was blocked from filling it in .
As the the UK companies I use do not have this problem I investigated , it turned out the survey was run/sponsored by—-Google, not too happy about that as the petition company was using the world,s biggest public tracker but I can live without it.

DerekP says:
2 November 2018

Thanks Duncan, that is interesting news, see:


I note that EFF themselves only see this latest win as a small step along their way, so I wonder if your benefit statements above may be exaggerating the immediate impact of this victory for consumers?

When US Customs stop working on behalf of Apple, by impounding 3rd party spares intended for the likes of Louis Rossman and Jessa Jones (and other 3rd party repairers), then the war may be over.


What I posted Derek is taken verbatim from the EFF so if its an exaggeration its the EFF,s .

DerekP says:
2 November 2018

Duncan, OK – please can you post the full text or even better, a link to its source, as I just did?


It could be this, Derek – posted last week.



Seems to be a very broad ruling which those who feel DRM is being used as a club to control the innovative have been pushing for. Not all that wonderful, however.

“But the Copyright Office rejected proposals from many people to simplify the exceptions so that ordinary people can use them without lawyers. EFF proposed to expand the exemption for vehicle maintenance and repair to cover all devices that contain software, and to cover legal modification and tinkering that goes beyond repair. We cited a broad range of examples where Section 1201 interfered with people’s use of their own digital devices. But the Office expanded the exemption only to “smartphone[s],” “home appliance[s],” and “home system[s], such as a refrigerator, thermostat, HVAC or electrical system.” This list doesn’t come close to capturing all of the personal devices that contain software, including the ever-growing “Internet of Things,” for which people need the ability to repair and maintain without legal threats. And the Office has again refused to expand the exemption to lawful modification and tinkering.”


I get emails direct from them Derek as I joined the organisation -have a read of-

I keep a lot of their emails as info or when I am quizzed on a technical subject relating to computer digital data and freedom from snooping-online censorship etc .
Second paragraph onwards .

DerekP says:
2 November 2018

Thanks Duncan – that link presents a much less triumphant view and seems consistent with the link that I found.

If I’ve understood this, it only affects areas whether DRM is used to obstruct owner or 3rd party repairs, and does not remove any of the other obstructions that some OEM’s use.


Yes Derek it does not go far enough but having been involved with US politics via many US organisations its a wonder they allowed even that.
Now that the manufacturers /companies know the position now they intend to make any interference with DRM much harder to achieve.
It already takes some high tech.skills.


Only a few hours have passed since the new iOS 12.1s release and already its passcode bypass hack has been identified. Through the hack, the attacker can see all the private conversations on a locked iPhone. The passcode bypass hack has been discovered by a Spanish security researcher Jose Rodriguez.

There is no temporary fix available for the issue as of now so users need to wait for Apple to address the bug and release a software update to fix it.


Hard to know how reliable that report is, Duncan, since there’s only the one report in a Hacking mag, and the other two or three reports are lifted directly from the original. I’ll wait to see what the Reg says.


Have you come across any denials Ian ?
The last thing massive organisations want to talk about is something that upsets their sales/profit .
if I had a pound for every denial that 6 months/one year later is admitted I would be very rich.

ONE report Ian ?? you didn’t look very far or you need another search engine I have a full webpage of reports from tech websites ,
none have disputed the report — do you ?


No, Duncan; but that doesn’t make it true, either. Allegations of this and that are hurled around with monotonous regularity. All I’m saying is that when there’s only a single source for the information it’s better to treat it with caution until more reputable sources confirm it independently. And as we know from the Bloomberg issue in this topic even the reputable sources don’t always get it right.

Edit: read the other reports – they’re all taken from a single original.


I am not into all this, but it makes me wonder how circulating comments that an update might be dodgy helps. There seems to be an element of being first with the story. Who is actually vulnerable to such a problem?


Enough already ! you are all prepared to defend Apple but not the general public which this website purports to support .

Are you waiting for the BBC /Guardian to come out with it ?
I repeat PROVE what has been said is technically wrong/ a lie ?
I will keep repeating faults in big companies merchandise as I am here not to defend invested interests no matter how big /powerful/cherished / –the same as I criticised Google/Microsoft in the USA and got booted off the website because the website was being sponsored by them .
Shekels influence people.

Tech websites with data/digital computing experts with degrees all lying ?
come on !
Have any of you read how its done ?- I have.

DerekP says:
4 November 2018

A quick “Google” showed me that, allegedly, iPhones have had problems like this before. I also know already that there are (or have been) similar flaws in some Windows and Linux OSes, but it has been a long time since I’ve bothered (or needed) to exploit any of them myself.

If this hack is as easy to do as described, then it would be easy for any Apple fan out to verify its existence, if they have have access to a phone running the new OS and another Apple device.

As Ian said, there are a lot of news websites sharing these claims, but none of the few that I looked at seemed to have bothered to directly verified the feasibility of the hack themselves.


Indeed. And Duncan, these websites are generally not run by altruists. In the main they seem to be run for one reason: so that the writers / owners can get more money. This is done either through advertising or, as in the case of some, so that the ‘discoverers’ of bugs can become well known, adding to their future career prospects.

Nowhere have I said, BTW, that this ‘bug’ does not exist, so why you’re berating me I’m not sure, Duncan. But you should also be aware that a total of fourteen potential malware package penetrations were ‘discovered’ over the past five years for Macs, and yet none – none whatsoever – of those 14 have ever been discovered in the wild or even mounted.

Now, you say “I will keep repeating faults in big companies merchandise” but that’s not what you do; you simply repeat what someone else has said without checking it first to ensure it’s correct. That’s not defending the Public. That’s scaremongering.

DerekP says:
4 November 2018

Duncan, I have to say I largely agree with Ian here.

As a cautious and sceptical person, I often find the nature of your “IT bug share tweets” here tends to suggest scaremongering (if not darker motives) and I, too, often conclude that you have made no significant efforts to verify the material before re-tweeting it here.

For me, a classic example was the time you discovered ReactOS and immediately (or so it seemed) advocated its use as a like-for-like Windows replacement. Approaching that post with an open mind (in spite of my previous experiences with that OS) I then spent several hours trying (but always failing) to install and then boot ReactOS on any of my collection of assorted PCs.

Those of us who write or use complex software should never be surprised by the statements of the form “bugs exist in item x” because we should always expect that to be the case. But, before release, quality software should always have been tested, to see if it really read for use by ordinary users. Even then, those users will manage to stress the software in ways that it authors never imagined and, like as not, will find new bugs doing that.

A few days ago, foul ups in the 1809 Windows 10 update caused widespread deletion of user files. I don’t think I was affected, but I am tempted to wonder how M$’s software QA programme allow that to occur. (Possibly, it is all my fault, because I am no longer active as a unpaid beta tester for Windows 10.)


The problem with your logic Derek is that when it comes to verifying a “news story ” I get ALL my info from high tech websites in the EU/USA and not one mentions its not the case –

On the contrary they all give the full explanation of how to do it .
I have not posted the way to do it as I don’t want blamed for encouraging hackers.

DerekP says:
4 November 2018

Duncan, I think “getting ALL your info from high tech websites” is EXACTLY the flaw that I’m commenting on here.

You could choose to own “reference hardware” and then use it try out potential exploits (as I sometimes do) and then tweet your findings – but you don’t.

As Ian pointed out, many of these websites just re-tweet the work of others, with no added value of their own.

Also, many of these blogs are either run as banner-ware for security products and services – or for their direct advertising revenues (as some YouTube channels are).

Hence, spreading sensational news is an effective way of increasing these sites’ hit counts. And, when that is the case, the “first law of journalism” – “never let the facts get in the way of a good story” is likely to apply.

Then you say you don’t want to be blamed for encouraging hackers – but then why post this information at all?

Also – please don’t tar all hackers with the same brush. Not all hackers aim to do malicious deeds – “white hat’s” and “pen testers” enjoy the challenge of breaching systems, so they can call in those defects and get them fixed.

That said, professional “white hats” expect to get paid for doing so and jilted freelance “white hats” may run blogs such as the ones you cited here, e.g. to drum up business and/or to embarrass companies that won’t hire or pay them, e.g Apple here.


I made no comment on the veracity of your message, Duncan, I merely question how it helps to broadcast it.

Every product on this earth is imperfect. Which? and its contributors and supporters give priority to the defects that are hazardous or life-threatening, as confirmed by rigorous testing.


“Sensational news ” my foot ! I notice not for one minute do you challenge the findings because if you did you would provide a technical rebuttal but you don’t and if I have misconstrued you please be at liberty to prove in posting why its not true otherwise all I will believe is you are acting in the interests of major interests .

As for your defense of “White Hat hackers Google paid out more than $1.5 million a few years back to them (business insider.com/google ).

Hacker One -(White Hat San Francisco ) was paid out over $16 million (2017) by them and others.
I know all about their income and protection of “vested interests ” obviously now to the point of defending them on public websites and contrary to your own opinion of me –guess who send me invitations to major conferences in the USA ??
that’s right the same organisations .
You think they are more “righteous ” than others ? I don’t they are in the feeding trough just like all the rest
earning money the “American Way “.

By the way guess who bought up the Red Hat hackers ? IBM—figures.
And guess where IBM move into -buy up and control- big national companies in other countries there bye removing security and ownership/control of that country to dictate foreign policy as they follow orders from Donald – America First and sanctions even when that country benefits $billions from trade and so work against the economy hurting in the end –the public of that country.


Duncan, if you make claims to anything, you need to give the source so people can read the whole story and make up their own minds.

If I state facts I have found online, I always start with:
According to…..

I then follow my excerpt with a website link to the whole story.


As I have posted Alfa I wont provide myself as a source of info for potential hackers to read my posts and then carry out the actions I provided .

Who then has the higher moral ground ?


Duncan, your reasoning is mired in the realm of fantasy debate. You’re not reading what we are saying here. If you were you would notice three things:

1. All software has bugs. All programmers know that.
2. Simply repeating what others – often from dubious sources – have said is no more than rumour mongering.
3. Believing blogs without testing things for yourself is short sighted and lacking in discernment.

Notice that we’re not debating whether this news is true or not; it may well be, as all software has bugs. But this topic is about ‘tech talk’, which by its very nature will preclude most folk from becoming involved and reading it. So repeating what you’ve seen on a blog could be an invitation to being mocked.


Oh – and when you say Through the hack, the attacker can see all the private conversations on a locked iPhone. that’s also incorrect, since it only reveals the contact list and requires the attacker to have another iPhone as well as physical access to the potential hackee iPhone.


Many of us will have gained knowledge from others on computer forums.

One of the first things you learned was never believe the first thing you read.

If you are going to mess around with the internals of your PC, confirm actions from different sources written by different people and not just copied from one site to another.

I was reading one forum and poster A asked a question that was answered by a very knowledgeable sounding poster B. Poster A asked poster B how they knew it was the right solution and Poster B answered he had found the answer on another forum!

The same goes for any ‘news’. What you say may or may not be true, but without a source, are we just supposed to believe you without question Duncan?

It could be only half the story or now out-of-date, but without the source, how can we make an informed conclusion?

As Ian says, all software has bugs. I always try to wait a couple of weeks before applying updates so any major bugs might have been rectified by then.


It helps the presentation of a point of view, whether one you believe in or one that is interjected to jolly a Convo along, to give a link to information that most will not know. Then we can make up our own minds. Simply being told something is fact does not satisfy many people. Rather like we question (well some of us) surveys when we don’t know what information was given, what questions were asked, and why they seem to rely on paid respondents. But that’s another story…….

DerekP says:
4 November 2018

Just as a minor point, I think referring to Red Hat as “hackers” is technically inappropriate. If Red Hat are “hackers” then, presumably, the makers of all other operating systems also qualify for that name.


Forums Alfa where did you get the impression I was on “forums ” ?
the only public one I was permanently on was the USA one I was booted off for criticising Google/Microsoft . Also Head-Fi USA until it went commercial /bought over .Have look on that forum to see my name.

I am talking of BUSINESS tech websites there is a vast difference I am on some major players in that field who contact me regularly giving me detailed tech info on “insider flaws ” etc .

Mess around with internals – OMG !! I give up –it seems I have been put into a box – sorry the “vision ” of me here is usual for those that try to categorize people because it makes them feel more secure .
FYI- I have built “boxes ” from scratch over many years , the PC I am using has a top end USA export case -Silverstone costing £250 + itself -add in the top end cards and you are talking several £1000 and thats in “old money ” -try buying that now and you are talking £3000.
I have 3 SSD,s with different systems on them -none are MS -also other smaller PC,s .
The only “fairy stories ” are the wrong images of me but thats par for this website if somebody can call me a Marxist without Which ? doing a thing about it yet when I reply I am the one in the wrong and its poor ****** looks like a put up job to me.
I take it now MI5 are investigating far Right forums they might have found me there so I must be a “Marxist/ far right extremist ” -yes ? –It beggars belief !


I know you will not accept the majority of websites unless its 100 % the “real deal ”
well will you accept RED HAT itself who call themselves hackers –

probably not , anyway here is one digital programmer,s opinion of “Red Hat” -caution !
its pretty sarcastic-

A Red Hat is a hacker, who has a white, grey, black, and purple hat. Usually with a non disclosure gag order from whatever government entity they may have briefly and secretly worked for. Anyone who defaults to saying there is no such thing, is a noob…. These losers were never good enough at their jobs to be approached by anyone of consequence… and play it off by telling people that there is no such thing, and then point at some crappy linux distro. They may make 150k a year, pretending to be high end professionals, but who cares when most of them don’t know what I2P is, phase jumping, ghosting, or even have the right to physically say the word memex.

DerekP says:
4 November 2018

Short answer: No

…and certainly not on the basis of that somewhat selective weblink.

Here’s how I think Red Hat see themselves:


As alfa said, it is a mistake to believe everything we read on the internet, just as we should not believe everything we read in the newspapers. For example:

My next statement is correct.

My previous statement was incorrect.


Duncan: Marxism and “Far right” are polar opposites, as I imagine you know. And ‘forum’ is the generic term (now) for any internet-hosted, socially-based discussion milieu.


Of course they are Ian and I have every legal and moral right to refute forcefully a lie of my being labelled “a Marxist ” on this website .

I have repeatedly and continually posted that I am a capitalist with a small “c” but because that doesn’t conform with the box a certain person puts me in to justify his remarks about me when he runs out of intelligent response it forces me to reply as Which ? seems to think I should accept a lie directed against my personality and belief but on the other hand censure me when I reply to his “Highness ” because they object to HIS feelings getting hurt .

In any equitable-fair society that it totally unacceptable unless of course the website is politically motivated like many in the USA .

If that is the case then they have no right making out they are–“independent ” from political pressure and admit they back the government dogma in full.

Forum ? quite right Ian but don’t you see I was replying to differentiate myself from them and hard nosed Business websites which present unbiased data and that’s who I receive tech info from NOT forums .


How do we know that the “data” we are presented with is “unbiased”? Anything we are told is likely to carry some bias. News, data, survey results….. We have to use what experience, if any, we have to try to decide what to believe and to what degree. Difficult, when we cannot even believe our own eyes…… 🙁


Duncan – So far as I can see at no point has Alfa said that you only get your tech information from computer forums. What she said was “Many of us will have gained knowledge from others on computer forums. One of the first things you learned was never believe the first thing you read.“.

That applies to all aspects of life. It certainly does not mean that nothing written on forums is true or that everything you find there is false. The absence of a denial does not prove a truth, and it is well known that strong denials can be issued in order to conceal the truth. So everything is open to interpretation, nothing can be relied on, and there is no point in anyone getting het up about what they read here or anywhere else.

On the other hand, some sources are more reliable than others. So in technical matters, on which you suggest people should take your word for it in making their decisions [e.g. don’t install this update yet], failure to give a source does not invalidate it but it is not helping people to have confidence in what you say.

Your reaction to people’s comments suggests that you expect people to have confidence in what you say, and that you are aggrieved if they don’t. If you sincerely believe that people need to know what you have learned for their own benefit and safety on-line then your advice needs to be seen to be authoritative.


The problem with that John is that most big internet companies lie when it comes to admitting they are at fault and because the public are now conditioned to accepting what they say is kosher they find it hard to believe any other voice.

You know time and time again after a year they then admit it when all the publicity has died down .
Just look at the complaints on this website relating to many online problems never corrected till it becomes too big to ignore and even then its- “we are too big to fail ” or change our way of working .


Fair enough, Duncan. I therefore suggest that you either circulate everything critical that you discover affecting commonly used devices or nothing at all since otherwise something will fall in the gap and damage your reputation.


I got a bit of a shock , as you know I used to build /design top end audio amps and I have a £200 Audio card with dis, @ 0.001 % thd – at 20hz-20khz.
I tied it up with an old Arcam ( British ) audio amp as the input (analogue ) from my PC .
Well checking out the system programming – I use ALSA NOT Pulse Audio and no streaming , I nearly fell off my swivel chair as delving into the Alsa system files I found using Mousepad (Arch text editor ) that the system KNEW I was using an Arcam amp .
Now as you know this amp has no interaction -being ancient – with the web so if this is down to GCHQ etc then I stand in awe at their level of penetration of my system .

DerekP says:
4 November 2018


Further to the FACT that your PC seems to have probed its analogue connections and determined that an Arcam amp is connected, is it really reasonable to conclude that someone like GCHQ may be responsible?

I’d have thought that those responsible for the Linux Alsa sound system would have been much more likely to have implemented this kind of hardware probing, e.g for system tuning or diagnostic purposes.

I’ve just checked my system files under /proc/asound – were those the ones affected on your PC?


Duncan – Is there any chance that you could have entered details of your amplifier when setting up the system?

DerekP says:
4 November 2018

…yes, indeed, that would be one potential explanation 🙂


Occam’s razor would seem to apply.


Derek – no it wasn’t that route but this is the sly thing .
Instead of the route you describe it was under-

/etc/alsa/conf.d/ which is a separate file and before the latest system update (rolling ) from Arch/Manjaro the file was completely Empty .
It now contains 9 text files (active -ex type ) which can be varied by root and the relevant one says-
50-arcam-av-ctl.conf –two are Pulse audio which I don’t use as I don’t want my music going through their server .

Wavechange in setting up Alsa there is no (until now ) means of identifying what very old analogue pre/ power amp is installed externally.
With my audio card in analogue mode and more to the point connected directly to the cards output I see no digital path as the input is connected to two 5532 chips very old school analogue small signal amplifiers – not a hint of data control/digital control just a basic amplifier circuit .

On the other hand I have mentioned 3 times on Which ? that I have an Arcam amp connected to my PC but that still doesn’t explain how those old chips can be digitally attacked / change of configuration as the only way to change the specification is by changing resistors /capacitors .
You can see why it would take the power of a government computer to stick that file on my PC.
All a digital signal would do to the line input of the amp is distort the AF signals and I would hear it.


I was just guessing, Duncan. I look forward to learning the solution to your puzzle.

DerekP says:
4 November 2018

Duncan, it looks to me as though the file you mentioned is now provided as part of Arch:


If so, when I suggested “I’d have thought that those responsible for the Linux Alsa sound system would have been much more likely to have implemented this kind of hardware probing, e.g for system tuning or diagnostic purposes.” I would have been on the right track.

Alternatively, if I were setting out to hack the linux sound system on behalf of any given spy agency, e.g. perhaps so that linux PC’s could become covert listening devices, do think I would actually leave such an obvious forensic trail as to put files with obvious and meaningful names and contents around in obvious places like the alsa configuration directories?


You know what Derek -your last paragraph I find that highly acceptable and your right as the amp is on 24/7 its an easy job to use the system to listen in.
I do unplug the PC at night though.

Having said that I was “given a warning” years ago when I used Windows 7 Prof and was on a very far right website Australian run now defunct by the placing in the registry of an obvious means to attract my attention to give it up – by the name of the file in capitals –
SECRET FILE – on opening I got a warning and after reading it –yes as in James Bond the file “self destructed ” .
As I didn’t take the hint I was cut off from the internet several times and BT had a job reinstating me.
No I am no longer on any far right websites including the banned ones in the UK as MI5 have now said they are checking them out but- strangely after many years of not posting on it who reappeared still having my details and telling me to login ?? thats right the SPoGB that well known Marxist website I can guess its run now by MI5 as my blockers blocked me from logging in and NO I am not a Marxist just believe in listening to every point of view
its called Freedom – fast disappearing from this country as more and more solely political websites are blocked by ISP,s on government instructions.

DerekP says:
4 November 2018

Cheers Duncan.

When I was at uni, my amp would sometimes accidentally pick up local taxi radio messages. I’m sure MI5 (and other security services) now have decades of experience in covert listening devices. I’ve always thought the laser based ones that just reflect a beam off a window pane in the target room were particularly clever.

As regards booby traps, SECRET FILE is a bit of an obviously made up teaser name, I’m sure README would look look more innocent and be at least as effective.

My current move to Linux was encouraged by a fake Adobe update a few years ago. As far as I know that was the second time that I have suffered any kind of virus attack on Windows. The other time was long ago in my Windows 98 dial up via damp string internet days and I think involved email malware, but I do not remember any details.