* Posts by Paul Crawford

2161 posts • joined 15 Mar 2007

EU graciously lets Dutch splurge €33m on 'leccy car charger network

Paul Crawford
Silver badge

Home chargers?

How many people have their own drive ways so they can use a home charger? Most cars I see are parked in the street, so that is not going to happen.

OK, maybe for high-end cars like the Tesla folk might be in luxury homes with their own drive, but certainly not for the mass of cars in current use.

1
0
Paul Crawford
Silver badge

Re: Netherlands

"more efficient and produce less pollution per unit energy that a car engine"

Really? I thought modern turbo diesels were pretty much a match for most power station, but I don't have the numbers. Do you? Also what about the extra mass of the battery to throw around, or is that largely covered by regenerative braking?

As an aside, recently I saw my first electric charging station in the UK. It had three bloody cables since the ass-hat manufacturers have not standardised on one. A 43kW AC one, and two 50kW DC ones. Why?

Mind you, a typical UK main supply fuse is 100A, so a home supply could provide at most 23kW.

5
0

Hurrah! Windfarms produce whopping ONE PER CENT of EU energy

Paul Crawford
Silver badge

How stable would the grid be with even 50% renewable energy?

What would the black-start options be?

10
2

Intelsat to FCC: For the love of satellites, STOP ELON MUSK!

Paul Crawford
Silver badge

Re: I call Foul!

Intelsat don't want a business plan, but knowledge of the transmissions to see if they are a threat to proper operations. LEO satellites are global, so they have the potential to piss on everyone's party if done badly.

6
0
Paul Crawford
Silver badge

Re: Is Musk going for geostationary?

"Obviously the LEO satellites would be licensed for a different frequency"

Very likely NOT.

There are only a few viable and allocated bands where you can get cheap COTS hardware, etc, to support this and they are all pretty full, so very likely they will be broadcasting on the same frequencies as the GEO birds but relying on (hoping?) that the directional properties of the antenna (both their own, and the GEO ground terminals) are sufficient to stop interference.

I am pretty sure that is why Intelsat wants the details, do do their own analysis of the interference mitigation strategy to see what the impact might be. Beyond that, there is also the heavy congestion of the usual S-band TTC range to consider, and what impact trying to manage a fleet of a thousand small satellites over a couple of operators will be on other satellite's TTC.

6
0

Hark, the Hacking Team angels sing, it’s not us who’ve actually sinned

Paul Crawford
Silver badge

"on the side of angels, albeit deeply misunderstood"

Wasn't Lucifer himself an angel once, and now has a bit of a PR problem?

9
0

Jeep drivers can be HACKED to DEATH: All you need is the car's IP address

Paul Crawford
Silver badge

Re: No smoking gun?

In many cases, yes. But that is not an excuse for not properly engineering systems that are safety critical.

0
0
Paul Crawford
Silver badge

Re: A start, but...

As already pointed out: start aggressively jailing managers who fail to enforce proper safety processes in product design, testing, and support.

Industry won't go bankrupt, and after a few execs are doing jail time the behaviour will improve remarkably.

7
0
Paul Crawford
Silver badge

Re: No smoking gun?

So how do you explain the significant number of reported incidents?

What about the case when they (passenger) were making a 911 call during the process of the car being uncontrollable? (They died in the crash). No one from Toyota could point to a sticky mat, etc, to explain that away.

Sorry, but show me safety-critical system that has so many potential flaws and has single points of failure (in both code and the hardware) and that is a "smoking gun" to me.

0
2
Paul Crawford
Silver badge

Re: No smoking gun?

Have you read this about Toyota's ECU software:

http://betterembsw.blogspot.co.uk/2014/09/a-case-study-of-toyota-unintended.html

Not just it could crash, but also it might corrupt the logging feature supposed to help find the cause of a serious crash.

7
1
Paul Crawford
Silver badge

A start, but...

"$5,000 fine"

No, lets start with $500k for failing such a penetration test, and go upwards from there. Only if profits are seriously threatened will those morons who decide to make everything software-controlled (by the cheapest code monkeys they can find) start to get the message.

And yes, I have designed control systems and even written code for an engine management computer project in the distant past. So I'm no Luddite, but someone with a heightened sense of how critical such systems are and how piss-poor most designs end up.

Rule #1 no external connection unless ABSOLUTELY necessary. There is no necessity for brakes, steering and throttle control to be externally accessed.

Rule #2 have hardware & software with no single point of failure.

Rule #3 software is never 100% trustworthy, so have hardware limits, watchdogs and cut-outs that can override ANY software command.

Rule #4 big red switch for power. That stops EVERYTHING if needed.

<edited to add>

Rule #5 don't trust something that has not been independently audited. Not even your own code.

48
1

Beaten blokes HATE the women who frag them in online games

Paul Crawford
Silver badge
Gimp

Meanwhile on another site...

I wonder how the "low-status, poorer-performing males" on Fetlife react?

1
1

SourceForge goes TITSUP thanks to storage fault

Paul Crawford
Silver badge
Stop

At this time (UK evening 21st), the code repository is still down.

So 4 days for DR to come though and counting. Guys, are you serious about being a place to trust?

1
0
Paul Crawford
Silver badge

Re: It's a pile of poo

It is known as "delivering shareholder value"

In buckets.

3
0

Big Blue bafflement: Anyone in IBM Storage know which way is up?

Paul Crawford
Silver badge

Re: Maybe customers are worried...

Imagine the (potential) customer's conversation:

C: So what is special about IBM storage?

IBM: Er, well, Yes! Its from us, the big computer company you can trust!

C: How long will you be supporting it?

IBM: Er, as long as we have a hardware business, were in!

C: OK...<slowly moves towards to door>

7
0

Apple Watch is such a flop it's the world's top-selling wearable

Paul Crawford
Silver badge

Re: Who actually wears a watch anymore? And why?

Partly because I always did.

But mostly I do as it lasts for years on one battery (in fact, mine also solar charges) so I can tell the time without having to keep charging my phone every day or two. That matters if you are in the middle on nowhere as far as power points are concerned. It is also "waterproof" (they say 50m depth but reality is a strong shower) and won't fall out of pockets, etc, depending on activities.

15
1

Your poster guide: A fascinating glimpse into North Korea's 'internet'

Paul Crawford
Silver badge
Joke

Re: Internet Directory

I suspect that 'foreign exchange reserves' would not be the only thing completely drained after such a night of pr0n browsing

2
0

Russian billionaire: GET me the ALIENS ON THE PHONE. Do it NOW

Paul Crawford
Silver badge

Re: So... what if their not friendly?

Simple, they will find you and make you one of the "actors" in a pluck'em, fuck'em and chuck'em tourist package...

You wake up after being dropped somewhere smelling of cheap booze, with a sore arse, and no one will believe your story!

2
0

The Ruskies are coming for you, NSA director tells City bankers

Paul Crawford
Silver badge
Facepalm

Re: secure?

Oh the internet is secure.

But once we started with routers/switches attached and "protecting" our interests that have more lines of code for poxy user interfaces than most 70's operating systems had, and then hooked up PCs designed so an idiot could get on-line to browse pr0n, then you have a security problem...

4
0

Reg reader? Work at the Home Office? Are you SURE?

Paul Crawford
Silver badge

Re: Middle managers

Good point. Lets keep the telephone sanitisers...

5
0

Fragmented Android development creating greater security risks

Paul Crawford
Silver badge

Re: Isn't the real problem here...

Funny how Linux desktop & server have updates easily applied to any part of them, often while the thing keeps running. Why can't phone makers, who use the same OS as a starting point, achieve this known application technology as well?

9
0

WHOA! Windows 10 to be sold on USB drives – what a time to be alive

Paul Crawford
Silver badge

Probably shitty UEFI implementations, but I'm not sure when it comes to Windows.

I have only had two problems with Linux USB "live" sticks, firstly with old PCs (think 2006 era) which don't see a USB stick as a simple bootable HDD and often ask you if its a floppy or CD, etc (none of which seem to work).

The other is very new PC motherboards with secure boot that failed to boot Linux but said bugger all about the reason. Only poking about in the BIOS/UEFI settings did I find that secure boot was enabled.

UEFI BIOS writers, a pox on them all!

11
1
Paul Crawford
Silver badge

Is this a "run anywhere" live USB stick, or just a copy you have to install and separately 'activate' on any PC you wish to use it on?

And how do you make a back-up copy, is it just a 'dd' style operation or will these sticks have some anti-copy arrangement?

Of course, other OS have had this for years and no license restrictions, so lets see how the arguments stack up.

7
1

Wicked WikiLeaks leaks considered harmful: Alert over malware lurking in dumped docs

Paul Crawford
Silver badge

Or the font-rendering one I guess :(

2
0
Paul Crawford
Silver badge

As always, view such material in a VM without network connections.

Maybe using Linux as well if most of these are typical win32 malware that was spammed to the now-leaked account, though getting MS docs to render accurately is a challenge (if you just want the info, not such a problem).

1
0

Google robo-car in rear-end smash – but cack-handed human blamed

Paul Crawford
Silver badge

Re: "and they never get tired, irritable or distracted".

Lets hope the quality of code is better than the Toyota engine management unit:

http://betterembsw.blogspot.co.uk/2014/09/a-case-study-of-toyota-unintended.html

Read it an weep, or at least, not buy a Toyota.

However, who knows how well other suppliers would fair if properly audited. Eh, Ford with your engine stopping problem, or you Range Rover with your door unlocking?

11
1
Paul Crawford
Silver badge

While this one example is clearly a not-paying-attention driver, Are there any stats to say if these events in total are more or less common than a meatsack driven car?

4
1

Space Station 'nauts dive for cover from flying Soviet junk

Paul Crawford
Silver badge

Re: Oh those evil Russians...

Only if it was, in fact, part of an old Soviet craft. Which it is.

Recently the worst offender is the Chinese with their anti-satellite test that cause a huge cloud of debris, largely higher than the ISS orbit. Most Chinese scientists were appalled by it, but of course you do as the leaders tell you.

1
0

Feel like you're being herded onto Windows 10? Well, you should

Paul Crawford
Silver badge
Linux

@ The Original Steve

Have an up-vote for a reasoned post.

However, a lot of folk here don't like the model of MS pushing changes if you like it or not. Maybe they will relent. Maybe not as they want to be more like Apple (regular OS updates, no support beyond 2 versions or whatever, and LOTS of profits including the app store). I don't know.

All OS suck donkeyballs, really, but in my case I will stick with Win 7 if I need it, and Linux otherwise because I value my freedom to use the software as I want to. That is enough to accept the occasional hairy mouthful.

Tux, because we don't have a donkey icon.

6
1
Paul Crawford
Silver badge

We are a Linux org mostly, but have a few VMs with XP for some stuff, and a couple of machines running Windows 7 for things with no viable Linux alternative. If you don't monkey with them they are stable & reliable, which is good.

Shame the update process is tedious, last time one machine needed two reboots for no obvious reason. WTF? :(

As others have mentioned, pushing a Win10 advert though the "security" updates is a distasteful trick, and if that is the new corporate model then Win 10 will only be worse for pushing crap you don't want/need upon you cloud-style. Another reason for us to stick with 7 until we see something better.

12
1
Paul Crawford
Silver badge

Re: Life on the trailing edge...

Just learn to accept it. There are some commentards who downvote (and upvote) for no obvious reason.

11
4

Lawyer brands client 'small penis asshole' before challenging him to a DUEL

Paul Crawford
Silver badge

Re: The Irish Code of Honour

Considering that nature of the alleged insult, I would suggest speedos and paintball guns at 20 paces. First to squeal like a piggy has lost.

6
0

Suse preps for ARM-ageddon: Piles up cans of 64-bit Linux code to feed server world

Paul Crawford
Silver badge

I suspect the Linux kernel has the same approach: compile, test, debug as needed. Have you read the release notes for each kernel update? Often there are comments about fixing this on ARM, or that, or reverting some change because problems were found, etc.

1
0

Large Hadron SMASHER: Boffins BLOW OPEN the PENTAQUARK's secrets

Paul Crawford
Silver badge

Easy - they are the ones signing about gold and carrying axes.

6
0
Paul Crawford
Silver badge

Re: Five

"If I have seen further than others, it is because I am surrounded by dwarfs standing on the shoulders of giants was defenestrated from a tall building and survived"

2
0

Hacking Team spyware rootkit: Even a new HARD DRIVE wouldn't get rid of it

Paul Crawford
Silver badge

Re: Open BIOS now needed

You seem to mistake gov & TLAs for simple monolithic organisations with a singular goal. In reality they are complex, contradictory and often plain incompetent.

Some of the gov want back-doors and weaknesses in other people's systems, but most certainly do not want it in their own systems. But outside of the likes of NSA/GCHQ for secret-and-above projects, they all buy off the shelf computers and such p0wnage leaves them as vulnerable to other nations (and criminals) as we are.

Sadly most consumers don't understand and don't care, so they will apply no pressure on Dell, HP, Asus, Gigabit, etc, to offer us coreboot-compatible hardware (or the necessary documentation). My budget is for a couple of machines a year - will they listen?

So maybe having such UEFI malware from this hack out in the field is actually good in the long term as we, and major security vendors, can start asking pointed questions to suppliers about how to secure the BIOS, and how to put in our own more secure versions.

0
0
Paul Crawford
Silver badge

Open BIOS now needed

It is high time that a few big players, such as Gov/Police/etc insisted on a supply of PCs & laptops with an open and documented BIOS system, so that any bugs can be fixed (not saying they will be, mind) and tools developed to allow the safe wipe and re-installation of any potentially compromised BIOS.

One can dream :(

13
0

Linux Foundation serves up a tasty dish of BUGS

Paul Crawford
Silver badge

Seems you know SFA about this. Linus Torvalds is only the kernel's lead developer/manager, this is looking at all the other packages that make up a typical (and thus usable) distribution of a system and many of which lack any sort of clear guidance or leadership.

3
0
Paul Crawford
Silver badge

Re: Help.......

It depends on who you are. Given that 99% or so of malware by simple number is Windows-specific, the odds are pretty low for a drive-by infection. More so if cross-platform stuff like Java and Flash are disabled.

However, if you are part of an organisation that is worth targeting then all bets are off. Most recent surveys have shown the Linux kernel and Windows kernels have similar magnitudes of vulnerabilities, so if someone wants to find a privileged escalation bug for ether then a decent hacker will. Even so, most attacks are started on other programs (web browsers, word processors, PDF readers, etc) which tend to be far buggier than kernels.

Take some time to read GCHQ's advice on securing Ubuntu 14.04 for example, as that looks in to various aspects of security-by-configuration that are not always obvious. The list of guidance can be found here:

https://www.gov.uk/government/collections/end-user-devices-security-guidance

While that is for UK Gov use and so has some assumptions that might not be relevant, most still apply and you should be considering a VPN as well if you travel a lot and have a properly fitted tinfoil hat.

1
0

Yes! Windows Phone lives: Microsoft to pump the device Kool-Aid

Paul Crawford
Silver badge
Pint

Re: milliGreeks

Thank you sir, another stonking El Reg unit of fiscal impropriety!

Have a pint on me (bought with borrowed money, of course)

2
0

Police investigate strange case of doughnut-licking pop singer Ariana Grande

Paul Crawford
Silver badge

Oh well, makes a change from toad licking I guess.

All hail the hypnotoad!!!

5
0

Java jockeys join Flash fans in the 0-day exploit club

Paul Crawford
Silver badge

Re: Writing from a dull place

I have a VM with Java installed just for Webex stuff. While that is an extra resource hog, generally it works fine.

2
0

WHAT ARE the 'WEIRD' SPOTS seen on far-flung PLUTO?

Paul Crawford
Silver badge

That is a lofty goal, but I think the problem of slowing a probe down to get into orbit around a (relatively) light system is going to be a show-stopper in terms of fuel demands (as you have to get the probe+fuel up there and fast enough in the first place).

An atomic powered ion-engine craft might be possible...

1
0

Surviving Hurricane Katrina: A sysadmin's epic DR (as in Didn't Realise) odyssey

Paul Crawford
Silver badge

An insightful tale and one we could all benefit from considering.

Personally I know little about disaster sex, but sadly too much about disastrous sex.

34
0

Flash HOLED AGAIN TWICE below waterline in fresh Hacking Team reveals

Paul Crawford
Silver badge

Re: Question

Most probably, in fact almost certainly. But the earlier one was largely mitigated by Chrome's sandboxing. Not that sandbox technology is anywhere near infallible, of course...

4
1

China's STILL holding up the full WD-HGST integration. Why?

Paul Crawford
Silver badge

Re: hmm

Some of us cant afford 10TB in SSD

4
0

Wow, another NSA leak: Network security code appears on GitHub

Paul Crawford
Silver badge

Re: NSA?

GCHQ also provide guidance for securing systems. It is OK and you can sleep safe, they are not a TLA :) See here, but of course read and understand first:

https://www.gov.uk/government/collections/end-user-devices-security-guidance

4
0

Black and Latina boffins regularly mistaken for janitors, study finds

Paul Crawford
Silver badge

@Mine's a Guinness

You don't know how desperate I am...

5
0
Paul Crawford
Silver badge

On a more serious note, in engineering in particular there is a shortage of women entering the subject to study (e.g. compared to biochemistry, etc), no doubt due to various factors, but that in turn has an impact on the gender bias of typical engineering companies and university staff (who tend to reflect the entry stats some 5-20 years previously).

Tackling the issues around that at school age would be a good start.

Or just giving us engineers all much more pay, THEN we would have more uptake :(

7
1
Paul Crawford
Silver badge
Coat

Simple - the women are 5/3 more entertaining to watch!

Thanks, mine is the dirty mac...

15
2

Forums