* Posts by Paul Crawford

1933 posts • joined 15 Mar 2007

BRAIN STORM: Nine mislaid cerebra found near railway line in New York

Paul Crawford
Silver badge

Re: It wasn't zombies who left them...

I think it's an Igor you are looking for...

(don't worry one will appear behind you as if by magic)

1
0

Yay for Tor! It's given us RANSOMWARE-as-a-service

Paul Crawford
Silver badge
Facepalm

"ransomware...as a Windows screensaver"

Really, are people STILL falling for that one?

1
0

Shuttleworth delivers death blow in Umbongoland dispute

Paul Crawford
Silver badge
Boffin

Re: Umbongoland

Another minor aspect of the Umbongo "soft drink" was it would not ferment.

In spite of claiming to be fruity juice there must have been some non-volatile preservative in there as even boiling it up, then cooling it and adding yeast, etc, failed to produce any viable fermentation.

I'm sure you will understand how important this information is to your whole day...

4
0
Paul Crawford
Silver badge

Out of curiosity (and really not trolling here) can you point to an example of the agreement so other commentards can judge?

7
0

Microsoft to TAKE OUT THE TRASH in the Windows Store

Paul Crawford
Silver badge

Exactly - that is what proper reviews and feedback is for, to let potential buyers know if its any good!

That and a half-decent try before you buy option to let you see if it really does what they claim.

7
0

Windows 10 won't help. The PC biz is doomed, DOOMED, I TELL YOU

Paul Crawford
Silver badge

Re: Does anybody remember

I'm not sure even XP was worth it. I bought w2k and it was pretty good, but then the only noticeable feature it added compared to NT 4 was support for USB stuff, and I turned off the Fischer-Price menus and went with 'classic' which made it more or less the same.

Most folk who need Windows and have an interest are using Win7, which is basically Vista fixed, and only a few with 8.x even though there are underlying OS improvements. But as you say, its boring and nothing an OS does is exciting, more what it doesn't let other do to you that matters...

So most Windows sales will be down to replacing failed/obsolete hardware, and these days its either broken in a year or so due to a fault or works for 5+ years as a decent enough machine (gaming, etc, excepted).

5
0

EU net neutrality could kneecap the Tories' opt-out pr0n filter plans

Paul Crawford
Silver badge

Re: What has Network Neutrality got to do with this

"If one doesn't want it then its a 30 second operation to turn it off. What is the problem ?"

"If one wants it then its a 30 second operation to turn it on. What is the problem ?"

There, fixed it for you.

Or do you really think we should all be treated like morons and/or sheep by the ISPs & gov in order to keep a few frothing idiots in Westminster or on Mumsnet happy?

14
2

Finally! It's the year of Linux on the desktop TITSUP

Paul Crawford
Silver badge

Sad to see any business go under, but we have not used that distro since around 2009. I quite liked the 2007 era desktop and it worked quite well and also I bought a bootable USB with it pre-installed which was quite a novelty then.

But they messed up and we moved to Ubuntu. Who also messed up post 10-12-ish, but they seem to be the best-ish around for general use and sadly most others are also going down the "make it dumber and uses systemd" path.

2
0

There's a Moose loose aboot this hoose: Linux worm hijacks Twitter feeds for spam slinging

Paul Crawford
Silver badge

Re: Except...

You are partially right, in that its hard to get anyone to understand stuff like cryptography in the first place, let alone to apply effort in to making it better by review and bug-fixing.

But you are also wrong in two very important ways:

Firstly having something open makes it a bigger risk to back-door, and certainly makes it very hard for anyone to be offering it and not to have the come-back if they were the one putting in back-doors or spyware. With COTS stuff you have to take it on trust, which is low these days, or to try and intercept all communications with wireshark or similar and to decode/decrypt them to find out what is happening. Are people willing to do that any more common that those willing to review open source code?

Secondly the idea that open source is not needed any more is utterly wrong, as today perhaps more than ever, we are seeing a "walled garden" approach to machines where some company decides what you can do with your own hardware, and what others are allowed to offer you. Similarly having data open only works if (a) the format is published AND correct, and (b) you have access to alternative software to make use of it. Without FOSS options there would be no pressure on the likes of MS, etc, to even pretend to offer open standards and protocols.

Remember how it took an EU anti-trust suite to get the SMB/CIFS protocol opened? Or how Oracle tried to sue Google on the basis that APIs should be copyright and thus no one can make interoperable code without a license?

17
1

German watchdog rips off Facebook's thumbs after online fracas

Paul Crawford
Silver badge

Re: Twitter et al should be covered by this too

We see more and more reasons to use a Tor-like system for everyday browsing, and it has nothing to do with legality or otherwise, and all about basic privacy. No need for the multi-hop effort of Tor, just a system (even browser plug-in) that randomly redirects your request to others in the same country as the target web site (so it can be presumed the content is legal there) for the short term path. That and keeping each tab private and deleting automatically on closing so cookies, etc, are not shared between sessions or sites you open separately. And also makes everyone's browser look like one of a very small set to render fingerprinting pretty useless.

A shame that web browsers are not really interested, instead keep pissing away effort on ever more useless GUIs and advertising revenue options.

8
1

Skype hauled into court after refusing to hand call records to cops

Paul Crawford
Silver badge

Courts should be involved

MS are quite right here. There should be a proper and judicially supervised system for accessing any data, and some process by which it is reported beyond the investigation.

Sure, MS and similar should freeze any records from deletion immediately on any reasonable police request, but to actually get the data there ought to be a proper system of oversight and one that will protect journalists, whistle-blowers, etc, form abuse by those in power.

18
4

Geofencing: The ultra-low power frontier for the Internet of Things

Paul Crawford
Silver badge

Re: Lawn mowers & logo

Same for unsecured 3D printers. Its all about the willy...

3
0

2.8 million victims squared up by malicious Minecraft apps

Paul Crawford
Silver badge

Re: In two minds here...

Better solution is for the OS to give the user the choice of permissions to allow, with default as more or less none. Then make the app developers justify each and every one of them before they get ticked.

Sure it will piss off a lot of 'free' apps where the business case is about whoring you from advertiser to scam artist, but maybe the long-term result would be a lot better.

6
0

SLOPPY STELLAR CANNIBAL star is a NASTY 1, astroboffins squeal

Paul Crawford
Silver badge

Relativity

"catching binary stars in this short-lived phase"

That is short-lived by stellar life times, still long as measured by our humble time upon this Earth.

0
0

Windows Server 2003 end of support draws ever closer

Paul Crawford
Silver badge
Trollface

"what did you do during Windows Server 2003 end of support?"

Opened a nice bottle of wine, sat back in my chair, and laughed.

Seriously, I have enough problems of my own without worrying about other's...

0
0

New relay selection fix for Tor to spoil spooks' fun (eventually)

Paul Crawford
Silver badge

Re: Hmmm

The gov paper is surprisingly sane and well thought out. Basically it says trying to ban stuff like Tor is a stupid plan as its difficult to do and would make the jobs of police, etc, harder in practice.

It remains to be seen if technically stupid and knee-jerking politicians listen to those who know something about the subject though...

3
1

SAVE THE PLANKTON: So much more than whale food

Paul Crawford
Silver badge

Is it not closer to tree cum then?

0
0

High-level, state-sponsored Naikon hackers exposed

Paul Crawford
Silver badge

Re: an executable file with a double extension.

Are systems still not filtering this stupid (but obviously effective) trick some 20 years after the dumbness was first noticed?

Strewth, as our antipodean cousins might say.

2
0

Microsoft: Free Windows 10 for THIEVES and PIRATES? They can GET STUFFED

Paul Crawford
Silver badge

Re: Where's my checksum?

Come now, what a silly suggestion!

If MS were to offer a correct list of file sizes and SAH256 checksums for all genuine files where would you get that joy of AV software borking your machine by misidentifying MS's own software?

0
2

Blocking pirate sites doesn't weaken pirates say Euroboffins

Paul Crawford
Silver badge

I think all but the most hardened freetard will accept the piracy reduces sales, but many would argue that things like stupid geo-restrictions and flaky device-specific DRM have a much more negative effect on sales of legitimate content.

But if you think El Reg's commentards are bad, just take a wander over to TorrentFreak. The articles there are very well written and often news-breaking, but the comments are often depressingly dumb and knuckle-dragging.

12
2

Hacker 3D prints device that can crack a combo lock in 30 seconds

Paul Crawford
Silver badge

Re: Brings back the memories

I think this is what you mean:

http://en.wikipedia.org/wiki/Permissive_Action_Link

And indeed there was an element of Dr Strangelove being a documentary not a black comedy.

3
0

Dying to make time lapse videos? No? Well, Microsoft is doing it anyway!

Paul Crawford
Silver badge

If it works as well as the demo they did a year or so ago it will make such videos tolerable!

No longer having to sit though 30 minutes of tedious juddery video when you can swoop though in 5 minutes of vaguely interesting and stable footage.

9
0

4K refresh sees Blu-ray climb to 100GB, again

Paul Crawford
Silver badge
Joke

Re: Neil Barnes

"Never mind the quality... feel the width."

Are the pr0n studios interested then?

0
0

It’s Adobe’s Creative Cloud TITSUP birthday. Ease the pain with its RGB-wrangling rivals

Paul Crawford
Silver badge

Re: Different angle

If you are not doing massive images, etc, you might want to create an XP or Win7 VM and use that for your photo editing. I have a few VMs with old CAD and editor software just for that sort of job - saves my having to dual boot now.

Also for most VMs (certainly VMware player) you can save the VM state mid-operation so you can then shut down or reboot your main PC and then later resume the VM from *exactly* where you were...

1
0

World of the strange: There will be NINE KINDS of Windows 10

Paul Crawford
Silver badge

Re: How about the following?

You might be pleasantly surprised by dosemu for Linux as a way of running 16-bit code. Its not perfect (but then XP's NTVDM wasn't either) but you also have some options to customise it or even fix problems if dedicated and smart enough.

Also if you are brave/foolish/need it you can give dosemu direct hardware access to certain I/O ranges or interrupts, this can be useful for some cases when you have special hardware.

We do, and it allows our 22 year old software & custom hardware worth £££ to work just fine. You get the simple DOS "so what you want" ease of doing I/O but with the relative security and remote maintenance of a modern OS. And good time-keeping if you configure dosemu to use the host (NTP adjusted) time.

Sure we could have re-written our software to use different OS (and had to do that multiple times going to various Windows HAL changes, maybe then to Linux to escape the product activation and similar silly buggers screwing things over at inconvenient times) but why? It works well, has hundreds of equivalent year of debugging already, and after spending 6-12 man months of time & cost it would have done EXACTLY THE SAME job. How do you sell that to your business manager?

0
0

SHOCK! Robot cars do CRASH. Because other cars have human drivers

Paul Crawford
Silver badge

Re: Evidence

Down-voted for wanting accidents independently investigated - any down-voters care to say why the DON'T want that?

5
6
Paul Crawford
Silver badge

Re: "so far caused by human error and inattention"

How do you know they are doing so well?

Yes they have managed OK on a pretty regular US system, but how much do they depend upon GPS/maps being completely correct? how do they cope with partially closed roads? What about twisting country roads with passing places? Temporary traffic lights? Polices flagging them down due to an accident or similar? Dumb meat-bags doing stuff that another meat-bag would see the warning signals of high stupidity and/or intoxication and keep well away?

Though Google are pop-pooing it, the accident rate seems to be about 5 times more than average, so its hardly a stunning display of everything being just right.

And Google have a vested interest in playing up the success and not talking about any known problems, do you really want to end up buying the high-tech Ford Pinto?

THAT is why there needs to be an independent analysis of what has actually been tested, and when failures have occurred, what should have been learned.

17
7
Paul Crawford
Silver badge

Re: Evidence

Very true, unless it is withheld for "commercial reasons" or trade secrets, etc..

We really need the equivalent of the air crash investigation board to deal with such events in a way that the manufacturers cannot legally get out of, or withhold evidence from.

OK, maybe not as rigorous in minor cases, but to trust something as new and potentially dangerous like this demands an independent analysis.

12
6
Paul Crawford
Silver badge
Terminator

"so far caused by human error and inattention"

By the Google car under manual override, or by other road users?

When do we get an independent analysis to see if they were really unavoidable, or if the software messed up in some way that a typical human would not have?

I doubt I am the only one, insurers will want to know and I bet people considering such a car will want the equivalent of the NCAP ratings for 'droid drivers.

Yes, I sound negative, but the burden of proof has to be one the suppliers that they are better than the average human in all reasonable situations for most people to be willing to accept them. And that includes in dealing with the other human drivers that will be around for decades to come even after commercial availability.

16
7

With WWDC looming, Apple kicks out third iOS 8.4 beta

Paul Crawford
Silver badge
Facepalm

Re: Huh?

You clearly have missed El Reg's "Biting the hand that feeds IT" mission statement.

9
4

BILLION YEAR SECRETS of baking hellworld Mercury UNLOCKED by NASA probe crash

Paul Crawford
Silver badge

Re: Yet another stunning achievement...

Not intelligent life.

2
0

Microsoft's secret weapon in browser wars: Mozilla's supercharged Asm.js

Paul Crawford
Silver badge

Re: Andrew Richards

SVV said it for me - the lack of strong data typing to catch mistakes in data use is the single biggest thing by far. Fine and less effort to write for a 20 line shell script, pants for anything complex.

0
0
Paul Crawford
Silver badge

Good for MS

While I happen to believe that javascript is basically a pants language by design, it has to be said that it is the lowest common denominator for web applications and they are jolly useful ways of deploying software/services to end users.

Anything that allows fast and usable code cross-platform to be developed without resorting to flaky and/or propriety systems like ActiveX, Java applets, or NaCl stuff is to be praised.

Hopefully the MS implementation will remain "standard" and thus be fully cross-platform (browser, OS, and CPU) and future web developers will look at using this best (OK, fastest) sub-set for writing stuff.

6
0

Facebook echo chamber: Or, the British media and the election

Paul Crawford
Silver badge

Re: @Youngdog

The FPTP system is basically broken if you have more than 2 candidates per seat, and even then a tad doubtful with only 2. Some sort of AV/PR system is going to give you a more balanced seating.

However, the biggest problem is not how we vote for the devious, thieving two-faced bastards, but that so many of them are useless at their jobs and do little more than knee-jerk to get voted in again. Until we deal with who stands for election, and what skills they ought to have (you know, like having had a REAL job for some time and not been a carer politician) then nothing will really get better.

As for Scotland, 50% voted SNP but they got 95% of the seats which is not exactly representative. Still, the only glimmer of justice is UKIP got more votes than the SNP but only 1 seat...

5
0

Flash banishes the spectre of the unrecoverable data error

Paul Crawford
Silver badge

Re: Triple RAID and the use of very small numbers

Usually the biggest error made in predicting RAID failures is the presumption of uncorrelated faults. Most of us know from bitter experience that faults are much more likely to happen in a strongly correlated manner due to:

1) Manufacturing defects (or buggy firmware) that impact on a lot of disks, and you have all from the same batch...

2) A stress event prompting the failure, such as power cycling after years of up-time, or an overheating event due to fan failure, etc, that is common to most/all of the HDD in the RAID array.

So you should start by assuming HDD faults of around 5% per year and do the maths from that, not from claimed BER figures.

2
0
Paul Crawford
Silver badge

Re: FUD

And you don't see the problem in losing/corrupting a chunk of your data without knowing what file it was?

2
0
Paul Crawford
Silver badge

First point has already been made - you just can't do all-flash for a lot of cost & space requirements.

Second point, as most folk will know sooner or later, HDD don't suffer from simple random bit errors, they are almost always big clusters at a time and generally much more common than the quoted BER figures would tell you.

Worst still is that most file systems don't tell you if something is corrupted, so if you do get a rebuild error on sector 1214735999 then how do you know which file to restore? Yes it is possible to work that out but it is a major PITA to do so. Further more, you can have errors that are not from disk surface read flaws, such as the odd firmware bug in HDDs, controller cards, etc. So you really want something that protects against all sorts of underlying errors if you have big volumes of data (or really important stuff). Enter ZFS or GPFS as your friend - they have file system checksums built in. And if it matters make sure the system has ECC memory so you don't get errors in cached data being written to disk!

The multiple day rebuild times are not such a problem in some ways just so long as another HDD doesn't fail during it. So if you have any biggish array you should start by using double parity. It is much better to have 8+2 in a stripe than 2*(4+1) in terms of protection against double errors, etc.

Finally if you have an array make sure you regularly scrub it - most RAID support this (hardware cards, Linux's MD system, ZFS, etc) and it forces the controller to read all sectors of all disc periodically so errors can be detected and probably corrected before you have a HDD fail completely (they will do the parity checks and attempt a re-write, probably forcing a sector reallocation on the flaky HDD). For consumer HDD do it every week or two, for enterprise you can probably get away with once a month.

2
0

NSA spying is illegal? Then let's make it law, say Republicans

Paul Crawford
Silver badge

Re: That ship has already sailed

One day? How about the Boston Marathon bombing? That had the so-called PATRIOT act in place, shit they even had warnings from Russia that these guys were trouble, and what did it prevent?

23
0

JavaScript CPU cache snooper tells crooks EVERYTHING you do online

Paul Crawford
Silver badge

Re: How does this work?

I don't see how they can tell (yet?) which key was pressed, but they might be able to find out your password's length and so target brute-force on a subset of users with short-ish passwords.

1
0

Keurig to drop coffee DRM after boss admits 'we were wrong'

Paul Crawford
Silver badge
Happy

Well thank $DIETY that people realised this and sent them the best answer possible - not buying a shitty locked-in product. One hopes this will be a lesson, perhaps not of Ratner-esque proportions mind you, for other businesses to take heed of.

13
0

Citizens denied chance to vote in local-government IT cockup

Paul Crawford
Silver badge

Re: No representation without taxation

That part is, to me, fair enough.

What was not fair was it was in effect a fixed fee, and not a progressive taxation based on overall income (including any benefits, etc).

1
2
Paul Crawford
Silver badge

Well, Ukip have their way there will be no only undesirables remaining...

Fixed if for you...

2
2

Infusion pump is hackable … but rumours of death are exaggerated

Paul Crawford
Silver badge

Re: We have hundreds of attack vectors that never get used

Well said.

But I guess there is a big difference between "local" attaches, where the person has to gain some sort of physical access, and the risks from a remote hack being used.

While there probably are very few bad/mad enough to do this in total in the world, the risk of it being done is much higher if the perpetrator need not travel or physically risk being caught. To me that is the real issue with the whole IoT craze, not that someone who gets on my LAN can do something stupid/bad, but that suddenly any twerp anywhere in the world can take a shot at things because the devices are being exposed to the WAN, without adequate security or patching, for whatever reason the designer thought cool.

1
0

How Project Centennial brings potentially millions of desktop apps to the Windows 10 Store

Paul Crawford
Silver badge

You are, of course, perfectly right.

Sadly you are also in the minority as developers go, in particular if you have XP-era (or older) software that you need to run. Even a lot of MS's older stuff flouted their own "good practice" guides!

0
0
Paul Crawford
Silver badge

Interesting development. But for now I will stick to a handful of VMs with XP and the strange win32 stuff I can't get on other platforms.

1
0

French MPs say Oui to Le Charteur des Snoopeurs

Paul Crawford
Silver badge
FAIL

Come on now, they never said they would catch smart terrorists or criminals.

This is about citizens who are disliked by those in power, sorry about catching the ones trying to set fire to their underpants. Probably after they have failed, but see - we have emails to prove they have proper explosive pants.!

1
0

Good luck displacing Windows 7, Microsoft, it's still growing

Paul Crawford
Silver badge
Trollface

Re: "completely off the record you'll be informed of your new licensing costs"

Ah yes, illustrates the importance of recording such meetings, completely off the record of course, on a phone. An Android most probably...

2
0
Paul Crawford
Silver badge

Re: FAT32

Are the patents for FAT32 not expired now?

After all its been 20 years since Win95 came out with long file name support. Sure it sucks as a file system, but I doubt you need a license for that any-more. Not true for exFAT of course as it is a recent one...

0
0

Twitter boots out classic DOS games, world productivity surges

Paul Crawford
Silver badge
Trollface

What? Did I miss Twitter having an actual use?

4
0

Plod wants your PC? Brick it with a USB stick BEFORE they probe it

Paul Crawford
Silver badge

Re: Destroying the contents is no good in the UK

I think most SSD support a "secure erase" instruction that wipes the device. They would have to prove you did it (harder to prove if the wipe software was on the SSD when it wiped) but that way there is nothing encrypted to be forced in to decrypting (or trying to prove that random data is in fact random data, for example, as I have from the Numerical Recipes CD). Might also be useful if your device is stolen/confiscated for espionage (industrial or nation state) reasons.

What is a bit sad is the fact this discussion is taking place. That people feel enough of a threat of 'data' being used/abused to convict them when in the past you generally had to be shown to have physically done something and/or have corroborating evidence from others.

2
0

Forums