Feeds

* Posts by Frumious Bandersnatch

1308 posts • joined 8 Nov 2007

ABANDON CLOUD! Docker Linux containers spring a security leak

Frumious Bandersnatch
Bronze badge

chroot as a concept

has an interesting history. There are many web pages describing how, basically, you shouldn't treat it as being a proper security measure, like, ever. I know that things have moved on from naively trusting chroot, and Docker totally isn't just chroot in another guise, but still, I'm not at all surprised that there would be bugs like this in it... (mind you, bugs crop up in vm systems too, from time to time...)

It was probably usability that spurred the development of the first chroot systems, and I'm sure that a similar process took place around the development of containers. Let's hope they can focus on security a bit more to squelch bugs like this so that it doesn't just end up as chroot v2.0.

1
1

Intel reveals its FrankenChip ARM killer: one FPGA and one Xeon IN ONE SOCKET

Frumious Bandersnatch
Bronze badge

Meanwhile ...

Adapteva is busy fulfilling its Parallella pre-order backlog. Zynq 7010 (for the most part) combining dual ARM A9 and FPGA, also coupled with their 16-core Epiphany chips (reg link here). Looks to be a pretty well-balanced system and consumes minimal amounts of power (relative to XEON, naturally).

I'm not sure what the combination of Xeon + FPGA is supposed to achieve, but that's mainly because I don't understand exactly what Intel intends users to offload to the FPGA when they've already got super-beefy cores in the Xeon part. Maybe they're targeting some sort of FPGA-driven interconnect fabric? Still, wouldn't XEON + ASIC be a much better pairing for that particular niche/application?

Otherwise, I just don't know. Customers might "dig" the reconfigurable bit, but FPGA just strikes me as being more of a stop-gap measure until the "real" peripherals can be built... maybe Intel just wants their users to do some R&D for them on the cheap.

1
0

Finding the formula for the travelling salesman problem

Frumious Bandersnatch
Bronze badge
Coffee/keyboard

"So, where do the doughnuts come in?"

Damn. I was guessing (and hoping) they'd found some way to break free from the confines of Cartesian geometry for that customer and instead routed over a topology with one hole ...

Now where did I leave my coffee cup ... ?

8
0

Internet of Things fridges? Pfft. So how does my milk carton know when it's empty?

Frumious Bandersnatch
Bronze badge

Re: what is needed ...

I'm sold! How much do I owe you for mine?

Only your Atman. Mwhuhaha

2
0
Frumious Bandersnatch
Bronze badge

what is needed ...

is some kind of fridge Shiva (or Ganesh). The key point is lots of arms for holding things. This would know what things are approaching their use-by date and would thrust it out at you as soon as you open the door. If you're really slow about getting to use things, it could start banging on the inside of fridge door to attract your attention. You'd soon get used to this disconcerting noise and any guests you have over who become alarmed can have their fears assuaged with a simple: "ignore it; it's just the fridge Shiva."

You might be tempted to give the fridge Shiva some other tasks, such as scrambling eggs or mixing ingredients for a cake. However, this would clearly be sacrilegious and should not be attempted under any circumstances.

3
0

Microsoft C# chief Hejlsberg: Our open-source Apache pick will clear the FUD

Frumious Bandersnatch
Bronze badge

Re: It is not a cancer

Windows Phone is [...] still the _fastest growing_ mobile platform year on year

I'll see your WinPho and raise you an xkcd

7
1

Microsoft 'Catapults' geriatric Moore's Law from CERTAIN DEATH

Frumious Bandersnatch
Bronze badge

Re: A troupe of boffins?

Undignified? But some of the best boffinry comes from monkeying around ...

0
0

IoT cup claims 'instant' identification of what's in it

Frumious Bandersnatch
Bronze badge

Re: This has GOT to be ...

... the absolutely stupidest concept ElReg has ever reported on.

What, didn't you read this part:

it can tell the difference between [...] water and Budweiser

That's an absolutely amazing feat. The man deserves a Nobel prize for that part alone!

3
0

SPIDER-TROOP, Spider-troop, does whatever a spider troop can

Frumious Bandersnatch
Bronze badge

But will it get him out of the bath?

Unfortunately, the Internet has only 4 references to this, but with the aid of the appropriate Japanese chindogou (in this case, a ladder specifically designed for a spider to escape a slippery bath), the answer is "yes". (by themselves, the spider gloves, zey do nothing, though).

0
0

IPv4 addresses now EXHAUSTED in Latin America and the Caribbean

Frumious Bandersnatch
Bronze badge

I'm curious

Let's say I have a dedicated server (or VPS?) somewhere that has IPv6:

* is it possible to set up a vpn (Linux-based) so that my local IPv6 traffic goes out over that link with a specific IPv6 address?

* would I be able to use the same tunnel and some config on the remote server to assign specific IPv6 addresses to, eg, my local toaster, fridge, etc.?

My local ISP doesn't support IPv6, so I'm trying to figure out how to dip my toe into IPv6 waters, so to speak...

1
0
Frumious Bandersnatch
Bronze badge

Re: Easy solution

Just allow it to go higher than 255 in any Octet.

That's actually better than my idea, which was to add an extra 16 bits on the end, kind of like the new emergency phone number 0118 999 881 999 119 725 ... 3

0
0

The Force of tax breaks brings Star Wars filming to Blighty

Frumious Bandersnatch
Bronze badge

The force of tax compels you

The force of tax compels you. The force of tax compels you. THE FORCE OF TAX COMPELS YOU!

(ok, wrong trope; never was a star trek fan)

1
0

Everyone can and should learn to code? RUBBISH, says Torvalds

Frumious Bandersnatch
Bronze badge

Re: Depends what you mean by 'code'

Indeed. My point was, those were two examples where, for me, the money spent in trying to educate me on those topics was largely wasted.

I think I slightly misunderstood you, then. In the end, I think we both agree that not everyone will find formal teaching useful.

While not everyone will benefit from studying a particular subject, I think we should definitely looking to make sure that everyone at least has the option of studying these things (whether it be music, coding, woodwork, art, languages or whatever). In an ideal world, eh?

0
0
Frumious Bandersnatch
Bronze badge

Re: @Frumious

Many of my difficulties learning music have been due to it's totally moronic way of describing things: From notation, to note names, to scales, to time signatures there is not a single part which does not make a logical person tear there hair out with the fuckwittedness of it all.

I'm not totally sure about that. I didn't actually learn music in school (all I can remember is that we did singing and I vaguely remember some messing around with a recorder or tin whistle), so I taught myself about it later. Actually, pretty much my first intro to musical "theory" was from appendix E in the Commodore 64 Programmer's Reference Guide. I must have had some other reference, too, as I discovered that each octave is double the frequency of the last one, and that each semitone is a fixed multiple of the last one too (the 12th root of 2, in fact).

Starting from that point, I found the whole topic much more accessible.

I do agree that notation is a problem, and no, I can't even sight-read very well or (quickly) figure out the scale from the key signature, or understand all time signatures, or even get my head around why A# isn't the same as B flat (the other commenter's explanation notwithstanding), or ...

I don't think that the notation for note lengths is too bad, though, since more "decoration" just means shorter notes. At least that's quite simple ...

0
0
Frumious Bandersnatch
Bronze badge

Re: Depends what you mean by 'code'

Studying aspects of the culture was worthwhile, but not learning the language.

Ah, yes... I found the quote (and person who said it) that I was trying to remember to respond to your sentiment:

"To know another language is to live another life." -- T. G. Masaryk, President of the First Czechoslovak Republic

Who wouldn't want to live another life?

1
0
Frumious Bandersnatch
Bronze badge

"some people don't have the sort of calm, collected, unflappable personality that it takes"

Mmmm. That's good sarcasm. I like what you did there.

1
0
Frumious Bandersnatch
Bronze badge

Re: Depends what you mean by 'code'

I'm sorry to say, but sheet music is really easy to figure (well, apart from key signatures, which require a knowledge of scales). The main problem lies in sight-reading, I think. Anyone can probably learn the notation in an afternoon, but it takes practice to be able to look at the pattern on the page and distinguish an E from an F, say, without resorting to reciting a mnemonic (like "every good boy ...") or having to mentally count from your "baseline".

Sheet music is also completely distinct and separate from actual music. Even if you don't know how to sight-read (or even decipher it in the slightest), you can still be good at music. Scott Joplin, for one, couldn't read sheet music ...

As for the utility of languages, I guess it depends on how far into it you get in the first place. If you don't apply yourself enough to get beyond a few tourist phrases, then sure, it's useless and you'd be better off waiting until you travel (or will travel) to a place before diving in (so you'll have some practical application of it). I think that any serious study does tend to pay you back for the effort, regardless of how practical it might be in general. I rarely use my Japanese, but I'm still very glad that I did study it, even if it's only to get a bit more enjoyment out of Japanese films or chatting to the occasional Japanese person I meet.

Music and Japanese might seem useless to you, but it's hardly a blanket statement you can apply to everyone. Coding is no doubt the same ...

3
0

Flying cars, submarine cars – Elon Musk says NOTHING is beyond him

Frumious Bandersnatch
Bronze badge

flying car, yay!

He should call it Hubris. What could possibly go wrong?

4
4

Google to let Chromebookers take video content OFFLINE

Frumious Bandersnatch
Bronze badge

must be for a reason

My bet is that they've thrown in the towel with their "patent-free" vp6 (or whatever it's called) and decided that if they can't control the patents behind the codecs, they'll damned well be sure they make a play for being the #1 conduit to rival iTunes, Netflix, Spotify, Amazon and all the other delivery guys. They don't have a media store for nothing...

1
3

Euro judges: Copyright has NOT changed, you WON'T get sued for browsing the web

Frumious Bandersnatch
Bronze badge

Re: OMG Mirrors!

all that type you've set up there is a mirror image of my book, pay me!

Fine, have this anti-money, freshly spun from my supercollider. Just don't mix it up with your regular money.

0
0
Frumious Bandersnatch
Bronze badge

I wonder if it's legal to write "Hello, McFly!" or if it's a breach of copyright of the Back to the Future script.

Only one way to know: go back to 1985 and find out. (or get there beforehand and sue the erstwhile writers for stealing your script)

0
0

Patch NOW: Six new bugs found in OpenSSL – including spying hole

Frumious Bandersnatch
Bronze badge

Re: Quick to fix in Open Source, but it leaves questions.

putting the many eyeballs idea finally to rest

Does it? Bit of a tree falling in the forest scenario. Just because people could have been looking, doesn't mean they were. Still doesn't change the fundamental idea of "with enough eyes, all bugs are shallow" (though you may argue about the smarts behind the eyes, if you wish).

1
0

Boffins publish SciFi story to announce exoplanet find

Frumious Bandersnatch
Bronze badge

Re: Clever

Reynolds is a boffin himself or ex-boffin

Indeed he is, and I've read some of his books.

I don't care much for the quality of proof-reading, though. For example:

* unmeasurably old -> immeasurably old

* eeking out its nuclear lifetime -> eking out ...

* Cities as mute as sphinxes -> sphinges (ok, I'm being picky)

Man, the quality of AIs they send into space these days ...

0
0

How I poured a client's emails straight into the spam bin – with one Friday evening change

Frumious Bandersnatch
Bronze badge

Re: Every sysadmin must make one really big screw-up in their career

And if executed as root, "rm" is usually aliased to "/bin/rm -i", so there is a prompt for everything

Huh? What kind of namby-pamby, hand-holding, distro are you running?

Hint: always assume the safety's /off/ and think before you sudo, rm, dd or whatever. An alias for rm is suitable only for true nincompoops.

3
0

How Bitcoin could become a super-sized Wayback Machine

Frumious Bandersnatch
Bronze badge

So much potential

But also so many questions left hanging. Don't ... leave ... me ... this ... way ...

(edit: damn it! that was a Communards hit... nothing to do with Erasure :(. Never mind.. carry on)

0
0

Broadcom: If no one buys our modem biz, we'll DITCH IT

Frumious Bandersnatch
Bronze badge

Re: No Point

There's no point in buying it now

Well I'd make an offer if they'd accept it. True, I've got no money and no experience (apart from having a half dozen Raspberry Pis around the place and having experience with using mobile phones), but I'm sure that the team is well on top of things and if they'll have me, I'd gladly be their leader.

2
0

Supreme Court nixes idea of 'indirect' patent infringement

Frumious Bandersnatch
Bronze badge

interesting, but quite specific

I doubt that this will happen, but it could weaken the power of big copyright lobby interests in pursuing sites that are merely indexing (or even just linking to) "infringing" content. In such cases, it's the user who's downloading the content, with the indexer just telling them how to access it. In both the arenas of patent and copyright law, we know who the real infringers are---the people who hold the copies and distribute them---so they should be the real target of litigation, and not the "finger pointers" (who tell you how the things work or how to find them) or the people who follow that direction.

Yeah, I know that patents and copyrights are completely different things, but I do think that the parallels are worth thinking about here. It could herald a radical shift towards sensible interpretation of "IP" ownership---if the judgement is allowed to stand, that is... Unfortunately, these things rarely follow "sensible" rules...

1
1

Still watching DVDs? You're a PLANET-KILLING CARBON HOG!

Frumious Bandersnatch
Bronze badge

Re: What a load of left wing crap

But it took a whole lot of energy and hydrocarbons to make and transport....

Well, if it's sitting(*) on a shelf, it still has some potential energy due to its elevation. If you were to drop it on your foot, say, you could convert that potential energy into kinetic energy.

The internet, on the other hand, where streaming videos reside, has no such store of potential energy because, as we all know, the Internet weighs nothing.

(* as an aside, why the hell do Brits say "is sat" on a shelf? what the hell kind of tense/conjugation is that?)

0
0

What can The Simpsons teach us about stats algorithms? Glad you asked...

Frumious Bandersnatch
Bronze badge

Re: The moral or the story …

Never use averages as the source of your data. Anything which combines data has already lost important detail.

Oh, I don't know about that. While reading the first article in the series (and again, with the German tank problem) I was slightly disappointed not to see Little's Law listed. Now there's an interesting (and valid) application of averages...

0
0
Frumious Bandersnatch
Bronze badge

Doh

The author mustn't have got the memo at Vulture Towers. I thought the current rule was "no Simpsons jokes, please – we're adults here..." [paragraph 3],

0
0

Are you senior enough to sit around a table with The Register?

Frumious Bandersnatch
Bronze badge

Headline: Are you senior enough to sit around a table with The Register?

Answer: No.

2
0

Senate decides patent reform is just too much work, waves white flag

Frumious Bandersnatch
Bronze badge

"tabling" proposed legislation? (ORLY?)

A case of two nations "divided by a common language?"

"The enjoyment of a common language was of course a supreme advantage in all British and American discussions," Churchill wrote in The Second World War. No interpreters were needed, for one thing, but there were "differences of expression, which in the early days led to an amusing incident." The British wanted to raise an urgent matter, he said, and told the Americans they wished to "table it" (that is, bring it to the table). But to the Americans, tabling something meant putting it aside. "A long and even acrimonious argument ensued," Churchill wrote, "before both parties realised that they were agreed on the merits and wanted the same thing."

(NY Times, 'Origins of the Specious')

6
0

Fanbois Apple-gasm as iPhone giant finally reveals WWDC lineup

Frumious Bandersnatch
Bronze badge

Much Apple

So Now. Actually old, redone.

0
0
Frumious Bandersnatch
Bronze badge

Re: You too can copywrite like a wanker...

Six years ago ...

Damn it! You beat me to it:

An excellence-oriented '80s male does not wear a regular watch. He wears a Rolex watch, because it weighs nearly six pounds and is advertised only in excellence-oriented publications such as Fortune and Rich Protestant Golfer Magazine. The advertisements are written in incomplete sentences, which is how advertising copywriters denote excellence.

(Dave Barry, In Search of Excellence)

1
0

Wacky 'baccy making a hash of FBI infosec recruitment efforts

Frumious Bandersnatch
Bronze badge

You walk into the interview and sing "Alice's Restaurant" and walk out

I don't think they'd let you finish the whole song. It's a bit of a shaggy dog story and they'd probably twig before you got too far into it.

Or arrest you for littering, or something.

0
0

Recommendations for NAS-based home media set-up

Frumious Bandersnatch
Bronze badge

multicast

VideoLAN (and no doubt others) can do true multicast so that several screens can be tuned into the same video stream. If you've got a segmented network topology (several different subnets), you have to be aware that most routers/gateways won't forward multicast packets by default, so you need to explicitly enable it and run something like pimd to do the actual forwarding (Linux kernel, for example, does all the lower-level handling of UDP multicast networking, but you need something like pimd at the higher level to implement the network topology).

A couple of handy commands for testing this:

iperf -c 224.0.50.50 -u -T 2 # sender

iperf -s -B 224.0.50.50 -u -T 2 # receiver

(replacing the 224/* address with whatever multicast address you're using)

1
0

Bitcoin blockchain allegedly infected by ancient 'Stoned' virus

Frumious Bandersnatch
Bronze badge
Headmaster

Re: Bitcoin Bomb?

Have a downvote for "viri". I stopped reading after that.

0
0
Frumious Bandersnatch
Bronze badge

Re: the whole message

So this virus (presumably written by pot smokers) infected a machine which then stopped working, without even 'taking care of business' first. Why am I not surprised?

Nah, it worked. It's just that it lived so close to the top of memory that the stack area overlapped the area for the stored message (so regular subroutine calls and interrupts garbled it). For something that couldn't even "take care of business" as you put it, it was remarkably successful, bugs and all.

(this comment based on actually disassembling the code and figuring out how it worked; I'm sure I have a copy of this still filed away somewhere)

0
0
Frumious Bandersnatch
Bronze badge

Re: the whole message

"why is MSE even searching for Stoned when it is ineffective on systems these days?"

For a few reasons:

* because, as someone pointed out above, it's cheap to add more signatures (things are much better than O(n) complexity we had in the very early days). If you can scan for it, and it's cheap to do so, then why not?

* because it's one of those viruses that your scanner is expected to pick up (and virus scanner manufacturers used to use number of viruses detected as a marketing tool)

* there are such things as virus droppers that will install all sorts of malware. The blockchain (or any random data file) mightn't be (isn't) a virus in itself, but if it contains the virus (which it doesn't) a dropper can pull it out and use it to infect something (so if I had an SQL database with lots of virus code, it would be nice if the av software could detect it in the db file)

* who says that it's ineffective? Some people still use floppies. (true, its not much of a risk, but the infection mechanism still works)

* by catching the floppy-only variant, you might also catch derived versions (like NoInt) that can infect hard disk boot sectors

Mostly, though, it's probably just a combination of inertia and anti-virus writers liking to keep old signatures around for historical/completist reasons. Maybe they should drop these old signatures, but imagine the embarrassment should one of these apparently "extinct" viruses have a high-profile outbreak and MS's program failed to detect it?

1
0

Urinating teen polluted 57 Olympic-sized swimming pools - cops

Frumious Bandersnatch
Bronze badge

America!

You're a nation, alright.

3
1

Hungry for humbler Pi? Check out kid-friendly LED-laden Pibrella

Frumious Bandersnatch
Bronze badge

Re: Decent pass through connectors aren't cheap!

If you're building your own board, there's an Adafruit through connector on the Farnell website for £1.14 apiece. I think the Adafruit stuff tends to be pretty good quality, but I haven't used this particular item.

1
0
Frumious Bandersnatch
Bronze badge

Re: Connectivity?

There are stackable add-ons for the Pi as well. This solution is a bit of an abomination, but it looks like it can take any of the add-on cards so long as they don't have conflicting requirements for GPIO pins. This other supplier seems to have a saner approach, with single-purpose modules being stackable using I2C, I guess, so GPIO conflicts shouldn't happen provided everything has a unique I2C bus address.

Then, there's GrovePi (as mentioned in the latest MagPi, also this link) that does away with physical stacking and does everything through wiring up modules with a standard 4-wire connector. I think that's probably the neatest implementation for stuff like robots because you can route your sensors to where they make sense physically.

I think you were saying that in the Arduino world, it's quite common to have pass-through connectors for stacking. Using a Gertduino would let you build up a stack of such Arduino modules, with a Pi controlling the whole show on the bottom.

1
0

Stone the crows, Bouncer! BT defends TV recorder upgrade DELETION snafu

Frumious Bandersnatch
Bronze badge

you are quite entitled to make any suggestions or protests at the appropriate time!

There's no point in acting all surprised about it. All the planning charts and demolition orders have been on display at your local planning department in Alpha Centauri for fifty of your Earth years so you've had plenty of time to lodge any formal complaints and its far too late to start making a fuss about it now.

0
0

ARM tests: Intel flops on Android compatibility, Windows power

Frumious Bandersnatch
Bronze badge

nominative determinism in action

Gotta love that the power consumption metrics were carried out by a guy called Watt. Any relation to James Watt, I wonder?

4
0

Denmark dynamited by cunning American Minecraft vandals

Frumious Bandersnatch
Bronze badge

Re: Just imagine...

Someone might even burn the White House down. Again.

Fuck yeah! That's what you get when you try to mess with Canada! Eh?

2
1

Boffins build billion-synapse, three-watt 'brain'

Frumious Bandersnatch
Bronze badge

Re: As a matter of interest ....

The 64 core parallella chip seems to be about to start production

Actually, it's not. The original Kickstarter campaign included the 64-core boards as a stretch goal, which was not met. Those 64-core boards they've been testing are engineering prototypes, only going to backers who came in at a certain level.

The whole Parallella project has been something of a disappointment, IMO. I think they over-promised (at least the 16-core machine isn't really a "supercomputer for everyone") and struggled to deliver. At least we know they've been plugging away at trying to make it a success and I do have sympathy for them in terms of the unforeseen problems they ran into. They have delivered at least some 16-core boards and hopefully they'll get around to delivering the rest to all the Kickstarter and pre-order customers within the next month. I'm one of the pre-order customers, so I'm hoping that they'll clear their commitments to everyone who ordered one within that time frame.

After that, and people have the boards in hand, hopefully people will still have enough interest in the platform for them to be able to make money by ramping up to full-scale production of the 16-core boards... I'm sure they're still doing work on the 64-core (and higher, up to 1024-core) and if they can get the funding for it, that's where they do want to go. I just don't expect it any time soon...

As for your idea of neural nets, I'm sure that it's pretty feasible to run them on the Epiphany cores. There's a pretty long thread about it on their forums somewhere. It's nowhere near the level of brain simulation, of course, but you can always cluster them and even single boards should be pretty efficient, given the right algorithms and such.

0
0

US judge: Our digital search warrants apply ANYWHERE

Frumious Bandersnatch
Bronze badge

Re: inevitable

The story is about a narrow minded judge using a very broad interpretation of a USA-ian law to try to do an end run around international law and treaties

It's not the first time this has happened. From an old article here: Kentucky judge OKs 141-site net casino land grab. It's almost as if concepts like non-USA law and territoriality doesn't exist.

3
0

Minecraft players can now download Denmark – all of it – in 1:1 scale

Frumious Bandersnatch
Bronze badge

Re: Needs more Norway

That was also my first thought (so I'm not the only one pining for the fjords). Then I thought, why not do the Benelux countries? It's sure to come in at much less than a Terabyte, being so boring and all (geographically speaking, of course).

2
1

DeSENSORtised: Why the 'Internet of Things' will FAIL without IPv6

Frumious Bandersnatch
Bronze badge

Re: And another thing

<sound of ambulance and large coves wearing white jackets>

They're coming to take me away, hahaaa!

0
0

Shocking new low for SanDisk – 15nm flash chips rolling out its fabs

Frumious Bandersnatch
Bronze badge

Re: 15nm

I'm replying to my own post above purely in the interest of accuracy.

Typing 'beard second' into Google gives the suggestion '= 5nm', so if Google is right, then 15nm is actually 3 beard-seconds. Google's answer may be controversial, though.

0
0