Re: At last!
11, 12 even 13...
2615 posts • joined 15 Mar 2007
11, 12 even 13...
Two beams at 6.5TeV? So finally they can turn it up to 11?
(Alas! No Spinal Tap icon to go with this)
I think you are talking about changing the underlying system clock (i.e. UTC time).
That is normally slewed by NTP unless its a leap second (where the kernel gets that and ought to handle it properly for event timers, etc) or if the time error is too big to be done in a sensible window (typically at system boot where you have no idea if the clock is OK).
The "jump" I am referring to is in local time when the daylight saving hour goes in/out of effect. I don't know of any system that would slew the DST value, but its not an impossible thing to consider.
Why - cheap (usually) code monkeys not using/understanding the details of time/time-libraries, and NOT BLOODY TESTING them!
The standard *NIX approach is to do all your data storage and maths in linear UTC and only for humans do you display it in a readable form and at that point you allow for the local time-zone & language. Its the sensible way.
The complication arises when you have a time-of-day event that some human wants at a set local time and you need special logic if that is in the hour where the "clocks change" as you could get either 2 or 0[*] time-crossing occurrences depending on the direction of the change. But that is independent of which zone your in, other than it is a zone that has "daylight saving" with is practically all significantly northern and southern latitudes.
It makes bugger-all difference to the amount of daylight of course, but humans seem unable to cope in modern times with doing things that are not a set times.
* - of course when local time jumps from 1am to 2am you cross all times in between, but how do you handle that? You could trigger all events set for 1-2 simultaneously, but what if the person needed A to be 5 mins before B, and both 10 min before C and all in that 1 hour window?
While I was quite happy to condemn the original politics of Galileo where the EU weasels, sorry ministers, said it would all be paid by the commercial use, we all knew that was a lie. With GPS being free and mostly available courtesy of Uncle Sam, almost no one will pay much for an alternative.
But I fully support the EU doing Galileo for the following reasons:
1) Developing the technology & infrastructure in the EU to do it.
2) Having an alternative to GPS in case Uncle Sam throws a hissy-fit (or a budget stale-mate turns things off).
3) Improving the overall reliability and accuracy for everyone as they then have a choice of GPS. GLONASS, BeiDou, Galelio and any other regional or LF options.
While it may represent several billion Euros, per person in the EU it is small change and we have already seen the UK gov piss away similar sums on failed IT projects over the last decade.
So cheap for what we get in my view.
I'm sure its just commercial considerations. Just now, in spite of the on going politics and strife over the Ukraine, etc, the EU and Russia do business and this is part of it. Maybe future launches will be more birds in fewer Ariane rockets, most certainly if Russia causes trouble in this area, but for now I guess those in engineering and contract roles just get on with the best deal for the current time & place.
You have to add those moulded plastic seats that made everyone's arse sweaty and uncomfortable even up in less-than-tropical Scotland.
Silly - that is what post-it notes are for! Put one next to your monitor and you wont have any problems with forgetting your password.
In related news, bears are catholic and the pope...
"...biggest threats outside of Russia, China and France."
When and how did France become a major threat to the USA?
Did they threaten to take away their French fries? Shrug and set about cooking good food in a sophisticated plot to topple McDonalds?
I would say this is completely BT's fault, after all it matters not if the end user is business or consumer, the kit they supplied LIED to the admin about the firewall being on, and it LIED about UPnP being off.
More over, this is a known vulnerability that BT has done bugger-all about because it might add to their support costs.
Great title, if I could give you 300 up-votes I would!
"You may be, but Microsoft cannot afford to be as a corporation."
So what if MS decides to ditch IE and drop support for all legacy systems, maybe with patching stopped in 2-3 years? Those enterprise customers have no where to go, they will simply have to update and move on to a future without IE's awful stuff.
What alternatives do they have? They can't realistically go on with old OS/browser without MS providing security patches, so they simply have to either suck up MS' latest offerings, maybe pay a fortune for post-end-of-life support, or go elsewhere.
Where is the 'elsewhere' for them to go? Apple has abandoned any real interest in anything outside of consumer use. While I am a keen supporter of Linux, I am in no doubt that if you are IE-bound and MS-dependant for all sorts of specialist software then you have more pain in changing OS than fixing IE-related stuff.
So basically MS can do as the please and corporate users of Windows just have to follow because so little software was ever designed to be cross-platform. That my friend is the real "End of Story".
Really, I don't see why MS should keep on IE other than for some locked-in corporate customers. So why don't they make Spartan the only supplied browser for Win10 and sell IE11 as an extra-cost option, maybe chucking it in with the "W10 professional enterprise edition" or whatever?
Those who really, really, must use IE will either stick to Win7 or whatever for the next 5 years, or simply pony up for it on Win10. Their pointy-hired bosses might just see that its time to fix their Intranet once they see an on-going cost for not doing so.
But, and this is the important bit, Joe Public won't consider it as an option as nobody has paid for a browser since, oh yes, IE was bundled for free two decades ago. Thus the few remaining web sites that rely on IE-specific support (and all public-facing gov sites, who are often offenders there) will get endless complaints until they fix their shit and become cross-platform.
Similar to slysoft's AnyDVD I guess.
It would be funny if the company then sued Visa/Mastercard for blocking payments in China, won, and made them pay out $Million/day or whatever in compensation. Same for Google, Facebook, whatever. See how it feels when another big country extends its laws to the US business.
Make it big enough and the US laws might change. After all, the only thing that seems to matter in US politics or law-making is money.
Not if you are using Chrome...
In spite of the apparent positive spin, the fact remains they don't properly check for revocation. The last point in the article basically says they whole system is crap/broken (as we know) but offers no proper solution to the stupidly lax design of certificate issuing where ANY one of nearly a thousand issuers can sign an imposter certificate for any domain.
The action should be obvious - revoke all trust in the company that issued the certificates.
If they face financial melt-down due to this, and others see the consequences, maybe the future will be a little better. But saying so, it really points to a fundamentally broken system, and the certificate pinning that some browsers support is not enough of a "standard" to deal with it.
The idea of AI machines destroying vast swaths of humanity is pretty applying.
Until you stop and look at vast swaths of humanity that is...
Firstly, the issue of compliance with data protection ought not to be a problem if you encrypt your backup data BEFORE it goes cloudy, and that your cloud provided never has access to the key. In fact, that ought to be the Golden Rule of cloud storage: "no data without perfect secrecy".
Secondly, the idea that a home user only takes minutes to back up is laughable. If you have a 'typical' upstream rate of 0.5-1Mbit/sec on broadband, that is 225-450Mbyte/hour. If you have any sort of history of using a digital camera your archive could easily be 10-100GB of photos, so you are looking at 1-18 days of uninterrupted transfer to back up initially, and this is not taking ISP capping in to account.
Still, the idea of a NAS fronting your cloud backup is great, fast local syncing of data but with the off-site and (hopefully) backed-up/snapshotted storage if you lose your NAS or get a file-encrypting virus.
And don't forget that if there is any dispute, your cloudy "partner" can make it all disappear at the drop of a hat. Sure you can fight them through the courts, but just how long will your business have the funds to do so if its IT systems have been turned off?
With on-site software, even if licensed (and not free-as-in-speech), the boot is on the other foot. If they dispute then they have to take you to court and prove it and until they do you still have a business.
Really, what is Win10 refuses to run unlicensed copies of Office?
"customers over time will realise the value of properly licensing Windows" - does not compute.
"stands to win more cash under its as-a-service model if it can convince the world to dump its old operating systems" - ah, now that makes sense!
However, given the Chinese government has already said no to Win 8 over (possibly spurious) "security concerns" over data sovereignty, etc, how will they react to Win 10 if its "as-a-service" model allows the US gov to pull the plug at any time on its citizens' business operations?
"2. As described in the article, the attack requires physical access to the machine. Frankly, if somebody has this, it's always going to be game over."
Indeed, but p0wning the BIOS has the big advantage of getting the SMI and boot stages so it becomes possible to have an infection that is totally transparent to any booted OS, and can't even be seen when booting a rescue CD sort of tool. And if you can automate that to slip in USB, boot and press F11, 30 seconds later job done and power off, that is pretty tidy.
"tablets, phones, and other sealed hardware "
The sort with various power & volume buttons on the side that could be held down in some odd manner to enable it passers?
Its not just the UEFI stuff that is stupidly complex, its all of the pointless "eye candy" that MB makers seem to think you want/need. Really, the only folk who should ever be fiddling with BIOS/UEFI settings are the sort who really know what they are doing, and they are quite capable of using text-mode operations.
Its high time that we started pressing for MB makers to fully and openly support coreboot, at least then you have a chance of getting the source code inspected and maybe bugs fixed. Might even save them money in the long term for support and development.
And yes, I would like to see the return of a physical switch to allow BIOS writing, that would put a stop to most of these issues (aside from pre-installed malware, obviously).
"You simply do not have the necessary background to understand what went on and how it happened."
I did not claim that I would have done any better, nor that I understand the details of how the pilots reaction to various conflicting warnings and instrument inconsistencies led them to not recover the plane from stalling.
But what I am absolutely certain of is that having an autonomous system throw back the controls to humans under "difficult" conditions is a recipe for disaster. And equally for cars the conditions that are unlikely to be handled well, such as an unexpected conflict of sensors while approaching a junction, blind bend, etc, will leave the human operator with bugger-all time to come to terms with being in control, let alone to apprise the situation and react accordingly.
So why even consider that case? Maybe so the car manufacturers can pin the blame for out-of-capability accidents upon the meat sack failing to drive correctly...
Folk who care about edge cases are the sort you want working on safety-critical stuff! Typically they are the ones to trust your well-being to. As for reliability, the current US death rate is around 1-2 per 100 million miles driven, or about 150-250 per million vehicle - years:
So an autonomous car has to be pretty good to match that. Sure humans do really dumb things, and they are easily distracted, etc, which probably covers a good 90% or so of those deaths. But cars have to at least match that 2E-8 fault/mile figure under real-world conditions to be taken seriously.
"Well, if it resembles auto-pilot systems (such as those on the Airbus), the correct fall-back would be manual control by the driver"
Yes, and look how well that worked out for AF447 after all!
See that is the problem, if it can't cope near-perfectly with anything on the roads your screwed. You won't be sitting there with full concentration all the time "just in case" - otherwise you might as well be driving. And in the event of an unhanded exception as car has seconds to impact, not the minute or two the startled pilots of AF447 had.
Robots in a factory doing precisly defined work is one thing, and they work really well. Its the uncertainty in what a real road will throw at the system that matters, and how it copes.
Also I think it is moronic to have the assumption of "phone home" operation. What if you loose connectivity or the central servers go down for whatever reason? Does your car just stop?
So then what if someone simply jamms the radio for a short while to stop you and rob you?
If it is a 10% driving failure it is not "annoying" but "potentially fatal".
Having looked at that link I feel quite dirty now :(
I should have noticed it as the Daily Fail.
You seem to forget that C was largely created to be a systems language in order to write UNIX in the 70s. Do you really think an OS written in assembler would be a better idea?
Of course, the other side of a "systems" tool is it lets you do things that might not be smart, even though you might just need to that sort of thing inside an OS. Common mistakes relate to memory usage (not bound-checking, use after freeing, etc) and the notorious printf()-like calls that can really mess things up on the same basis (it relies on you telling it correctly what type of arguments are being passed).
Wile other languages take away your ability to make some of those mistakes, much of those problems are now managable if only folk would use the C-language tools that are already out there! Static analysis tools (e.g. Coverity) and using maximum warnings from your compiler (gcc can now check printf formats, and please us snprintf() to force memory length restrictions) will help if you are willing to take the time to check what they are squaking about, and fix it.
"To be fair, a consumer-grade flash drive (with SATA interface) is only 10x the $/GB of a SATA hard disk"
It was mentioned, and for fairness it also has costing for both "consumer" and "enterprise" SATA disks (really, use the SAS version for high-capacity HDD for various reasons to do with reliable identification and proper command queuing, but the pricing is not so different these days).
There is no "one size fits all" unless price is no object. For your use-case you have to decide how much IOPS you need, how much data you need to store, and how much money you are prepared to spend.
I suspect the majority of users would currently be best served by a combination of HDD and flash. Some file systems like ZFS have built-in support for using separate storage for write intent logs, so using flash for that is a very cost-effective gain on the write side. For reading you can also have read-optimised SSD for the cache to help with frequently accessed data. Other systems also support data tiering so you can balance cost and performance in an intelligent way. The Devil is often in the detail.
"SATA 50p per gig per year"
So my home RAID with 12TB protected space from 5*3TB HDD is going to cost me £6000 per year in power! Are you quite sure?
If you don't need the last few percent of performance, then running Windows in a VM seems a pretty good way of putting off a lot of the smarter malware in case you are analysing it.
Also the ability to make a copy of a VM and restore operating in minutes, rather than hours (the old install Windows, reboot, patch it, reboot, install your software, find license keys, restore data files, etc) is also great.
I think is from this: http://en.wikipedia.org/wiki/Visible_Human_Project
Sad to hear, his books provided a lot of entetainment over the years :(
Gee, so you are happy to have secret evidence gathering against you? You know, without any discussion by the folks who make the laws (i.e. your elected representatives, and I mean all of them and not just a select few on secretive committees) and the public they are supposed to represent, nor by your defence lawyer should you find yourself accused of some crime?
I, and probably most of El Reg's commentards, have no problem with legal interception when it is done based on probable cause and with judicial oversight. If this equipment is gathering data on others who are not involved in the targeted operation that is no big deal as long as all such data is deleted afterwards and not misused outside of the scope of the investigation.
What I do have a problem with is the current trend to assuming EVERYONE is guilty so worthy of surveillance and endless data retention, and that our judges and politicians are not telling us about this so we can have a democratic system in place.
Really? ECC memory costs more, but typically 20% and the RAM is often only a fraction of the machine cost.
True, proper servers cost a lot more than desktops, but there are other factors in that cost such as dual PSU options, easier to change fans, hot swappable HDD, etc, (and probably a bit of profiteering as well).
Not just him, but anyone who has a car the depends on internet access for safety deserves to be dismissed and the design scrapped. Have you tried getting even GPRS around a large number of rural roads in hilly areas?
A fairly sensible and balanced report.
However, it remains to be seen if the politicians have enough brain cells between them to avoid monkeying with things that will generally make matters worse.
"And as for cancer cures, there's only one cure for many forms of cancer, which has been proven by INDEPENDENT research, as well as anecdotal evidence"
Please provide some evidence of this or we naturally will decide you are talking bollocks.
Of course, the rant-like nature of your post has raised the bar somewhat to reversing that judgement, but some of us are open to the scientific process where opinions can be changed when repeatable experimental evidence says so.
Well played Keef
You are right to a point. Someone who is above-average in terms of attractiveness is not guaranteed to get attention from folk that they want, maybe because they are afraid of rejection as the presume such a person is overwhelmed by offers.
But this is a site offering only other "beautiful people", and that alone suggests they are not looking for those missing Joe Averages who are average looking but underneath really a decent and interesting blokes.
Probably because they are vain tossers and quickly lose anyone initially interested in their looks once their personality (or lack thereof) is known.
But don't listen to me, I am just ugly, bitter & twisted...
You deserve two up-votes for getting Groucho & Carly in to one post.
If your data is all in the "cloud" and said cloud provider deletes it due to a contractual dispute or simple fsck-up, or goes bust, etc. What then?
Both your primary operational data and the backup/snapshot are gone in a flash.
The old adage about a backup having to be "off site" should be extended to the requirement that any backup is held by another organisation if cloudy, or better still, you have it in your own possession (but not the same building).