* Posts by Paul Crawford

1884 posts • joined 15 Mar 2007

My self-driving cars may lead to human driver ban, says Tesla's Musk

Paul Crawford
Silver badge

Re: @Crisp

Robots in a factory doing precisly defined work is one thing, and they work really well. Its the uncertainty in what a real road will throw at the system that matters, and how it copes.

Also I think it is moronic to have the assumption of "phone home" operation. What if you loose connectivity or the central servers go down for whatever reason? Does your car just stop?

So then what if someone simply jamms the radio for a short while to stop you and rob you?

6
2
Paul Crawford
Silver badge

Re: Not a problem solved

If it is a 10% driving failure it is not "annoying" but "potentially fatal".

4
1

OpenSSL preps fix for mystery high severity hole

Paul Crawford
Silver badge

Re: @tnovelli

You seem to forget that C was largely created to be a systems language in order to write UNIX in the 70s. Do you really think an OS written in assembler would be a better idea?

Of course, the other side of a "systems" tool is it lets you do things that might not be smart, even though you might just need to that sort of thing inside an OS. Common mistakes relate to memory usage (not bound-checking, use after freeing, etc) and the notorious printf()-like calls that can really mess things up on the same basis (it relies on you telling it correctly what type of arguments are being passed).

Wile other languages take away your ability to make some of those mistakes, much of those problems are now managable if only folk would use the C-language tools that are already out there! Static analysis tools (e.g. Coverity) and using maximum warnings from your compiler (gcc can now check printf formats, and please us snprintf() to force memory length restrictions) will help if you are willing to take the time to check what they are squaking about, and fix it.

6
0

Let's talk about the (real) price of flash and spinning disks

Paul Crawford
Silver badge

Re: Prices for flash are wrong

"To be fair, a consumer-grade flash drive (with SATA interface) is only 10x the $/GB of a SATA hard disk"

It was mentioned, and for fairness it also has costing for both "consumer" and "enterprise" SATA disks (really, use the SAS version for high-capacity HDD for various reasons to do with reliable identification and proper command queuing, but the pricing is not so different these days).

0
0
Paul Crawford
Silver badge

Re: IOPS

There is no "one size fits all" unless price is no object. For your use-case you have to decide how much IOPS you need, how much data you need to store, and how much money you are prepared to spend.

I suspect the majority of users would currently be best served by a combination of HDD and flash. Some file systems like ZFS have built-in support for using separate storage for write intent logs, so using flash for that is a very cost-effective gain on the write side. For reading you can also have read-optimised SSD for the cache to help with frequently accessed data. Other systems also support data tiering so you can balance cost and performance in an intelligent way. The Devil is often in the detail.

3
0
Paul Crawford
Silver badge

Re: Power?

"SATA 50p per gig per year"

So my home RAID with 12TB protected space from 5*3TB HDD is going to cost me £6000 per year in power! Are you quite sure?

1
0

Gamers! Ransomware will scramble your save files unless you cough up $1,000

Paul Crawford
Silver badge

Re: AV

If you don't need the last few percent of performance, then running Windows in a VM seems a pretty good way of putting off a lot of the smarter malware in case you are analysing it.

Also the ability to make a copy of a VM and restore operating in minutes, rather than hours (the old install Windows, reboot, patch it, reboot, install your software, find license keys, restore data files, etc) is also great.

3
1

I BEG YOU, mighty Jobs, TAKE MY LIVER, Cook told Apple's dying co-founder

Paul Crawford
Silver badge

I think is from this: http://en.wikipedia.org/wiki/Visible_Human_Project

0
0

RIP Sir Terry Pratchett: Discworld author finally gets to meet DEATH

Paul Crawford
Silver badge

Sad to hear, his books provided a lot of entetainment over the years :(

4
0

ACLU files new lawsuits in hunt for police 'Stingray' mobe-trackers

Paul Crawford
Silver badge

Re: ACLU = AssCLowns Unlimited

Gee, so you are happy to have secret evidence gathering against you? You know, without any discussion by the folks who make the laws (i.e. your elected representatives, and I mean all of them and not just a select few on secretive committees) and the public they are supposed to represent, nor by your defence lawyer should you find yourself accused of some crime?

I, and probably most of El Reg's commentards, have no problem with legal interception when it is done based on probable cause and with judicial oversight. If this equipment is gathering data on others who are not involved in the targeted operation that is no big deal as long as all such data is deleted afterwards and not misused outside of the scope of the investigation.

What I do have a problem with is the current trend to assuming EVERYONE is guilty so worthy of surveillance and endless data retention, and that our judges and politicians are not telling us about this so we can have a democratic system in place.

12
0

Ouch! Google crocks capacitors and deviates DRAM to root Linux

Paul Crawford
Silver badge

Double the cost?

Really? ECC memory costs more, but typically 20% and the RAM is often only a fraction of the machine cost.

True, proper servers cost a lot more than desktops, but there are other factors in that cost such as dual PSU options, easier to change fans, hot swappable HDD, etc, (and probably a bit of profiteering as well).

3
1

Nothing says 'Taliban' quite like net neutrality, eh, EU Digi Commish?

Paul Crawford
Silver badge

Ass-hat

Not just him, but anyone who has a car the depends on internet access for safety deserves to be dismissed and the design scrapped. Have you tried getting even GPRS around a large number of rural roads in hilly areas?

5
0

UK Gov SciTech advice bureau suggests keeping Tor alive to reduce street crime

Paul Crawford
Silver badge

A fairly sensible and balanced report.

However, it remains to be seen if the politicians have enough brain cells between them to avoid monkeying with things that will generally make matters worse.

13
0

Is there a cure for cancer sitting at the back of the medicine cabinet already?

Paul Crawford
Silver badge

Citation due?

"And as for cancer cures, there's only one cure for many forms of cancer, which has been proven by INDEPENDENT research, as well as anecdotal evidence"

Please provide some evidence of this or we naturally will decide you are talking bollocks.

Of course, the rant-like nature of your post has raised the bar somewhat to reversing that judgement, but some of us are open to the scientific process where opinions can be changed when repeatable experimental evidence says so.

19
0

Adobe launches cashless bug bounty

Paul Crawford
Silver badge
Thumb Up

Re: You want your vulnerabilities traded in underground forums?

Well played Keef

3
0
Paul Crawford
Silver badge
Trollface

Re: You want your vulnerabilities traded in underground forums?

Feeling sad you don't have one?

2
6

Shove off, ugly folk, says site for people who love themselves

Paul Crawford
Silver badge

@h4rm0ny

You are right to a point. Someone who is above-average in terms of attractiveness is not guaranteed to get attention from folk that they want, maybe because they are afraid of rejection as the presume such a person is overwhelmed by offers.

But this is a site offering only other "beautiful people", and that alone suggests they are not looking for those missing Joe Averages who are average looking but underneath really a decent and interesting blokes.

8
0
Paul Crawford
Silver badge

Probably because they are vain tossers and quickly lose anyone initially interested in their looks once their personality (or lack thereof) is known.

But don't listen to me, I am just ugly, bitter & twisted...

19
0
Paul Crawford
Silver badge
Thumb Up

Re: Three things come to mind here

You deserve two up-votes for getting Groucho & Carly in to one post.

11
0

Microsoft comes right out and says backup software is dead

Paul Crawford
Silver badge

Re: Not dead

If your data is all in the "cloud" and said cloud provider deletes it due to a contractual dispute or simple fsck-up, or goes bust, etc. What then?

Both your primary operational data and the backup/snapshot are gone in a flash.

The old adage about a backup having to be "off site" should be extended to the requirement that any backup is held by another organisation if cloudy, or better still, you have it in your own possession (but not the same building).

9
0

Virtual reality WHIPLASH CHAIR in shutdown scare

Paul Crawford
Silver badge

Re: Disappointed...

I am sure that €10000 would buy me quite a few good hours of "whiplash" experience that would be very NSFW. But then I have friends in low places...

5
0

IBM's secret growth plan is … Karaoke?

Paul Crawford
Silver badge

Audience feedback?

When ever I am stupid/drunk enough to attempt karaoke there is often prompt feedback, typically in the form of thrown bottles or boo/hiss remarks. Just how will they provide the same "experience" in software?

Edited to add: The caption photo is of the portrayal of Ian Dury from the film "Sex & Drugs & Rock & Roll", well worth seeing.

0
0

Carriers want 5G to do everything, for anything, anywhere

Paul Crawford
Silver badge

Autonomous cars?

Really, the key thing about autonomous cars is they are autonomous!

That means they can work in the middle of nowhere, not needing to find the roads to be exactly as surveyed, with temporary diversions and obstacles dealt with as they come, and without any sort of link at all so they don't bork with some ne'er-do-well armed with a £100 Chinese-sourced jammer comes close (or your favourite 3-4 lettered agency with its £200k jammer). WTF do these people think is going to happen if cars depend on networking?!

2
0

Hillary Clinton draws flak for using personal email at State Dept

Paul Crawford
Silver badge

Re: How is this different from private business?

The difference is that folk should use TWO emails! (In fact 3+)

The first one for official business and that is subject to discovery. Of course, depending on the data retention rules and any legislation that forces that period.

The second one is your personal email account that you use for chatting to friends, ordering stuff from Amazon, arranging a hot date, etc... Since this is not used officially (and you are not dumb enough to do so and have a client's email reveal this so it IS then subject to discovery) you don't need to worry much. If it is not using the corporate servers, they don't have to touch it at all.

The 3+ ones are for spam accounts, like sites that ask for email to download articles, etc. You can more or less set that to self-delete after a day or two once you have the access you needed.

1
0

$250K: That's what Lenovo earned to RAT YOU OUT with Superfish

Paul Crawford
Silver badge

Re: Just goes to show....

While MS might offer the Windows software recovery image, what about OEM-specific drivers? From experience they can be a pain for Windows and for Joe Average its just not going to happen.

Lenovo need a kicking over this, and maybe MS should get touch and put a stop to crap-bundling on any OEM deals.

0
0

Sick of Chrome vs Firefox? Check out these 3 NEW browsers

Paul Crawford
Silver badge

Rant #1

I was deeply disappointed when I "upgraded" Opera to the latest version, as it has been dumed down and thing I used to like having, such as the ability to turn off GIF animations and generally block content per-site, are gone. Maybe some plug-ins will help, but overall its almost pointless.

Chromium gives me a webkit-based browser without Google's spying, so what is Opera actually offering to justify their existence? OK the "turbo" feature is occasionally useful, but that is about it.

Rant #2

Will Firefox quite copying Chrome's "users are morons" approach and stop dicking around with the GUI? You know, hiding thing and/or removing them because a couple of developers don't use them.

Rand #3

Actually, its an anti-rant as I am pleased MS has finally bitten the bullet and decided to ditch all of the legacy crap in IE. Yes, I know a lot of organisations are IE-bound but for the love of $DIETY just fix those. MS needs to move on and if they stick to open standards, and ideally open their browser (even if under a restrictive license) all will benefit.

70
0

Is light a wave or a particle? Beaming boffins prove it's BOTH

Paul Crawford
Silver badge

Re: Brilliant!

Except goats. They just don't care.

17
0

Windows XP's market share grows AGAIN!

Paul Crawford
Silver badge

Re: Uhhh, since when was "embiggen" a word?

Blackadder?

0
0
Paul Crawford
Silver badge

Its a tricky one.

While you might feel guilty about revealing it, there is a good chance that someone else will (or has) found it and will exploit it. Until it is understood by AV companies (as we can assume MS knows now) there is nothing to protect those using XP from it.

Now MS told you its not going to be fixed as XP is EOL, but what of the embedded version that various systems use? Publishing might be the only way to force MS to fix that for those still expecting support until that version is finally EOL'd.

Finally, you might want to consider if the same underlying bug also impact on Win7/8.x as well. Disclosure would allow that to be investigated.

So really, it will come out one way or another, and probably best if done via an open forum than black-hat sales channels. MS know, so its their call about patching.

1
0

Mozilla mulls Superfish torpedo

Paul Crawford
Silver badge

Deeper problem

The deeper problem is the sorry state of SSL certificates in the first place, and why it was possible to go pretty much undetected until security researchers looked in to it.

Lenovo deserve a really big bollocking here, but all of the web browsers, and business in general, needs to be doing something more serious about stopping faked certificates being used to MIM https, or making them damned obvious to the users.

4
2

Didn't the Left once want the WORKERS to get all the dosh?

Paul Crawford
Silver badge

@Sarah Balfour

You might find this enlightening:

http://www.cgpgrey.com/blog/the-true-cost-of-the-royal-family-explained.html

6
0

Nvidia U-turns on GTX 900M overclocking after gamer outrage

Paul Crawford
Silver badge

Thermal monitoring?

Don't these chips have thermal monitoring?

If so (which I assume they all do), why not scale back the clocking if they start to overheat?

0
0

Linux clockpocalypse in 2038 is looming and there's no 'serious plan'

Paul Crawford
Silver badge

Re: It's time

You mean like we have has since 1985 (Cray UNICOS, first 64-bit implementation of Unix)?

Or 1994 (Silicon Graphics IRIX)?

Or 1998 (Sun Solaris 7)?

Or 2000 (IBM z/OS)?

Or 2001 (Linux becomes the first OS kernel to fully support x86-64, same year as XP 64-bit)?

Or 2003 (Apple Mac OS X 10.3 "Panther")?

[Shamelessly copied from http://en.wikipedia.org/wiki/64-bit_computing]

16
0
Paul Crawford
Silver badge

Re: The problem is in applications

It also depends on how well the applications were written, and how they are linked. For example, if they only ever used the libc code for time calculations (mktime() gmtime() etc) then having a patched libc on the 32-bit system would allow this to be put off until 32-bit unsigned overflow, which is around 2106

However, if statically linked or doing things with time_t based on it being signed, then its going to have problems. Also note (as already covered) this is not a Linux problem as such, it is a C language problem and anything similarly UNIX-y that uses the time_t. A lot of MS software could well be using the C library, etc.

So really this is more a 32-bit application/data problem, and only code audits and (more importantly) testing will reveal what will actually happen.

1
1
Paul Crawford
Silver badge

Testing, testing!

There are some ways to work round this and some things might just work. But testing is needed, and more importantly there should be STANDARDS for all those embedded applications that demand testing with post-2038 dates just to be sure.

Currently 64-bit Linux works fine, of course, as time_t is natively 64-bits.

Even today, as time_t is generally used as that (i.e. a specific data type and not the generic 'int' or even 'long'), if it were defined to be a 64-bit integer then most 32-bit systems would re-compile and be all OK as the compiler should do all the necessary stuff. What would be broken is things like file systems and other file formats where 4 bytes is explicitly used and that is all.

Alternatively if the 32-bit integer was treated as unsigned then also most things would work. I tested the gmtime() function recently and found that 32-bit Linux "failed" post-2038 by design as it returned -1 to flag an error, same for the older MS VisualC++ 6 (also 32-bit). Ironically the old 16-bit MS-DOS C compiler got it right post-2038 if you treated time_t as unsigned!

10
0

Hellooo, NSA? The US State Department can't kick hackers out of its networks – report

Paul Crawford
Silver badge

Re: "That's the FBI's and GCHQ's responsibility"

Really old bean? I though GCHQ had nothing official to do with the US after that spot of bother in Boston with all of the tea...

1
1

Euro broadcast industry still in a fug over that 4K-ing UHD telly

Paul Crawford
Silver badge

Re: Never mind the quality, feel the width

I think you will find users want better content, rather than more content or quality. Sadly this is misunderstood to mean there should be more channels of utter pish, rather than the available revenue being spent on fewer channels with worthwhile content.

Also WTF is it that broadcasters/ISPs will spend billions on sports coverage and not nearly as much on creating worthwhile programs in other areas (arts, drama, comedy, science/education, etc)?

8
0
Paul Crawford
Silver badge

4k Monitors

I applaud this just because it means we are starting to see 4k monitors at tolerable prices.

For PC use having a big 30-40" monitor in 4k would be great as the resolution would be usefully delivering the equivalent of 4 * 15-20" HD monitors but without the division and physical arrangement problems. Great for all sorts of things beyond speciality video!

4
0

Have YOU got Equation NSAware in your drives? Meh, not really our concern, says EU

Paul Crawford
Silver badge

Re: Can we trace our HD's heritage?

This family of infections has a (rare) module that can be used to infect your HDD's firmware so even having bought a clean one is no guarantee it will never have this.

5
0

Microsoft leaves the Rooms. How will Windows Phone OS users make to do lists?

Paul Crawford
Silver badge
Pint

Re: Anyone else reading Cloud-o-bile my way

Arr, t'is the true way!

[closest icon to a flagon of rum]

0
0

Hoping for spy reforms? Jeb Bush, dangerously close to being the next US prez, backs the NSA

Paul Crawford
Silver badge

Of course if it were not for the botched intervention in Iraq a lot of the terrorist problems would not exist.

Sure Sadam Hussain was a ruthless bastard, and a lot of his people suffered under his regime, but I'm not convinced that Iraq "post-democracy" is a better place to live with the lack of security, rise of religious power, and enormous society & infrastructure damage.

23
0

AT&T suddenly finds demand for 1Gbps fiber in Kansas City – just after Google arrived

Paul Crawford
Silver badge

VPN?

I wonder how much VPN use that $29/month "privacy fee" would get you?

A smart enough router and you could stuff some high-bandwidth but low interest things like YouTube direct on AT&T's network and everything else via the VPN.

0
0

Thecus N4310 4-bay: A NAS-ty beast for the budget-conscious

Paul Crawford
Silver badge

@JEDIDIAH

Clearly you know little and/or have never used any significant number of single-parity RAID before. Maybe you got lucky, but others know that sinking feeling when a RAID rebuild throws up errors due to bad sectors on what you had hoped were the remaining good disks.

Of course "RAID is not backup" as everyone here should know, but unless you have a 2nd RAID or some serious money in a tape system you will have a tedious and probably incomplete data restore to face you.

By the way, that is one of the nice things about ZFS: it tells which files are corrupt, not that sector 1284529784 has an error and you have to either spend ages on your file system of choice to identify what that impacted upon, or go down the "nuke it from orbit" route of a fresh start and complete restore.

0
0
Paul Crawford
Silver badge

Re: RAID6

Rebuild times for classical RAID (including smarter ones like ZFS) is a bit problem with modern drives because the capacity has increased way beyond the read/write speed, so you can be looking at days or even a week or so. That is not, in its self, a problem but both the longer time and the huge amount of data means you have a much greater chance of another disk croaking (or discovering bad sectors) during this process.

This is why you really, REALLY, should be scrubbing your RAID array every week/fortnight. This forces the disks to read every sector and then to fix/remap bad sectors while you still have parity, so when you lose a disk in RAID-1/5/10 you have a sporting chance of a successful rebuild.

Better still, look to dual parity like RAID-6 or ZFS' RAID-Z2

1
1
Paul Crawford
Silver badge

Re: Pass

I don't know if its still the case, but fsck-ing ext4 with large arrays needs lots of memory, more than 2GB usable, and that is a problem on small NAS.

You are better off with XFS for a lot of those NAS, but ZFS (and not on LVM as Thecus do - doh!) is much better (subject to much more memory though).

1
0
Paul Crawford
Silver badge

Re: Had a Thecus, don't bother

I have had Thecus and support was not that bad, but still crappy much like other NAS-in-a-box offerings.

Really, if you have the technical know-how (which usually is the case of El Reg readers), then a cheap server like HP ProLiant Gen8 G1610T MicroServer, some more ECC memory, and a copy of FreNAS will give you a much better box.

2
0
Paul Crawford
Silver badge

Re: RAID6

Yes, I worry when reports like this profile RAID-0 without dire warnings about how that is not really "RAID" because it lacks the redundancy pert of the acronym...

4
0

Microsoft: Look at our cloudy privacy award. Isn't it so ... meaningful?

Paul Crawford
Silver badge

Re: “If there is unauthorised access ... we’ll let you know about this,”

Chris, this "protection from lawful interception" you speak of is complete bollocks. If the police wants my data then they simply have to get a court order in my country and I will have to hand it over.

We are not talking about some free/anonymous service here, this is all about businesses paying for storage/servers/etc so its pretty clear who is responsible.

5
1
Paul Crawford
Silver badge

Re: “If there is unauthorised access ... we’ll let you know about this,”

A much more useful measure of "cloud service" integrity would be some properly audited trail to show that YOU, the customer, sets a private encryption key on your clients and that is never made available to the cloud provider.

If the law want your data then they have the proper course of action by getting a court order in YOUR COUNTRY to force disclosure.

Anything less is just marketing whitewash.

10
0

Anonymous HACKED GAS STATIONS - and could cause FUEL SHORTAGES

Paul Crawford
Silver badge

Re: Is there any doubt?

You might want to look up "anonymous", it kind of is opposite to declaring a consistent name.

1
0

Forums