* Posts by Paul Crawford

2459 posts • joined 15 Mar 2007

Trio nailed in US for smuggling $30m of microchips into Russia

Paul Crawford
Silver badge

Just how hi-tech?

I really wonder exactly what the parts were they claimed to have exported. I mean, if you are pretending to be a traffic light supplier you could hardly get away with ordering rad-hard parts, stuff tested to MIL-STD-883, etc. So what were they?

1
0

Bacon as deadly as cigarettes and asbestos

Paul Crawford
Silver badge

Now I'm hungry

That picture looks a lot like the El Reg award-winning bacon sandwich from The Horn, and my some miraculous coincidence I will be passing that location in under an hour.

Drool....

0
0
Paul Crawford
Silver badge
Joke

Re: Forgive me, but that must be a made up name

Of course it is, I mean who would trust a "North American Meat Institute"?

2
0
Paul Crawford
Silver badge

Re: re-reporting the daily mail?

Probably slitting your own throat gives you cancer as well.

Just not enough time for it to develop...

23
0

California enormo-quake prediction: Cracks form between US boffins

Paul Crawford
Silver badge

Re: Goodbye California

Oh lick my salty wife!!!!

7
1

WikiLeaks leaks CIA director's private emails – including his nat sec clearance dossier

Paul Crawford
Silver badge

Re: HOLY DOT SHIT

At first I thought he was some sort of complete idiot for having important stuff on an AOL mail account, but the suggestion that talking to Iran to try and sort things out is an unexpected breath of sanity in this world.

Still, we all have nothing to hide, so nothing to fear from our emails. Right?

18
1

Oh dear, Microsoft: UK.gov signs deal with LibreOffice

Paul Crawford
Silver badge

Re: jonpratt@outlook.com

OK so no dependency on O356 and your data being in USA hands. And you say that like its a bad thing?

2
1
Paul Crawford
Silver badge

Re: The economics just don't stack up

@J J Carter

The simple economics you give are only a small part of the picture. As well as reduced costs from year 4-ish onwards, you also have a number of other factors:

1) Less likely to be p0wnd by script kiddies (only slightly less for nation state, though) as no macros/VB

2) No need for Windows for the OS, so some flexibility and possible cost savings there.

3) More pressure to have open formats for data exchange.

4) A very good sick to beat MS with for pricing and licence terms as your gonads are no longer quite so tightly in their vice.

Sure there are a number of cases when MS products are the only or best option, but anything that gives them cause to sit up and listen to the user base instead of screwing them for more money and/or personal data is a good thing.

7
2

Made you jump! Space to give Earth an asteroid Halloween scare

Paul Crawford
Silver badge

Re: Suspiciously exact

Its suspiciously close to 310k miles.

3
0

Microsoft boss Satya Nadella is paid $18m – and would trouser $20m if sacked

Paul Crawford
Silver badge

Re: @Lost all faith...

Always have a separate /home partition. Ideally also a spare 20GB of unpartitoned HDD space.

Then worst case you can either re-install the OS over a badly borked one, or install a new one along side it, then boot it up, edit /etc/fstab to mount your old home partition and Robert is your little grandfather.

Now if only Windows always separated the OS partition form all user data and settings...and didn't bitch about activation keys, etc, if you do have to reinstall.

2
0

Another go with MIPS IoT: Imagination unveils new Creator board

Paul Crawford
Silver badge

Re: Another go?

A long time ago (like 1998) I was involved in a project that decided to go with Windows NT instead of VMS because it was going to support multiple hardware platforms and be flexible and secure. All of the things that MS promised.

Alas, after buying some Alpha workstation for this (not cheap, but super-computer like speeds then) MS announced the death of all non-x86 platforms. Our customer (who was quite technical) was far from pleased and although the project was completed fine (and better than some other partner's work) the change in MS' support was a major blow.

Fast forward almost 20 years and I can see MS blow this way and that, and I am might pleased not to be dependent on them for any of my work (other than the odd Windows VM to run CAD software).

7
0

US senators lean on ICANN, tell it to quit squirming and open up

Paul Crawford
Silver badge

Re: "a right flogging in the middle of Times Square"

Get the CAT-6 of nine tails!

0
0
Paul Crawford
Silver badge

If could vote, I would turf every one of the current board out and appoint a new lot. Ones more interested in the Internet's general well-being and less on their personal fiefdoms.

In addition, I would make it a rule the no board member can stay on longer than, say, 4 years, and all have to have at least some real and recent computer science background (e.g. degree) or experience (e.g. successful management of software-heavy project).

Oh, and a personal unicorn would be nice while I'm at it...

11
0

Accidental homicide: how VoLTE kills old style call accounting

Paul Crawford
Silver badge

And now its the other way round. Such if life...

7
0
Paul Crawford
Silver badge

Actually anything that marks the death-knell of "premium numbers" and stupidly over-priced foreign calls is a good thing!

It can't be beyond the wit of the telcos to have a reasonable model for data based on some monthly minimum and some reasonable extra for large amounts of data that will keep the lights on. All we need is some honesty in advertising and a regulator willing to beat them until the comply.

7
2

Temperature of Hell drops a few degrees – Microsoft emits SSH-for-Windows source code

Paul Crawford
Silver badge

Re: Found it!

[citation required]

4
0
Paul Crawford
Silver badge

Re: Ugh!

"a better way would be to use UTF-16 everywhere in a Windows application"

No a much better way would be some thin compatibility layer for Windows that allows UTF-8 to be used in Windows in place of UTF-16.

UTF-16 is horrible and breaks all of the native C/C++ string handling and all legacy text applications. At least UTF-8 is usable, even if you have the unpleasantness of off characters in old editors and variable length strings for a fixed number of "characters" when outside of the ASCII Latin alphabet.

7
7

GCHQ to pore over blueprints of Chinese built Brit nuke plants

Paul Crawford
Silver badge

Re: Blueprint?

Unless you have one of those inkjets that refuses to print a B&W document because its low on magenta...

8
0

Shoebox-sized satellite enters orbit packing 3Mbps radio

Paul Crawford
Silver badge

A lot of polar orbiting satellite use torquing coils against the Earth's magnetic field to off-load momentum wheel speed.

2
0
Paul Crawford
Silver badge

The problem with a "deployable sail" is the satellite has to be still working well enough to deploy it. Now if you can have a chemical/UV exposure timer with ~4 year period that might be OK...

1
0
Paul Crawford
Silver badge

Also remember that the speed of development is due to simply bolting together off-the-shelf cubesat bits and not having to design for long life and no single-point-of-failure (since its so cheap, and then they don't care if it fails soon).

The long term consequences of a vast number of short-lived and then (or even by design) uncontrollable small satellites is a serious one. Really, those things should only ever be put in a very low orbit so they will de-orbit all by themselves in a couple of years at most.

14
0

Bug-hunt turns up vuln in LibreSSL

Paul Crawford
Silver badge

Re: @GrumpenKraut

Thanks for reminding me of valgrind. Yes, it is not quick but it is a useful tool!

My comment about the efecne library is it has some minor performance hit on the allocation/freeing, but once you have an array it is pretty much full speed and not having to check array indexes on every access as the chip's VM unit will alert on out-of-bounds access. How much that impacts on a program depends on the relative amount of malloc'ing versus amount of array access.

2
0
Paul Crawford
Silver badge

Enforcing allocation

If you are using malloc & free then you can run the code using the electric fence library (or similar) that uses the system's VM manager hardware to enforce bound checking and will trigger a segmentation fault and thus a core dump for debugging the code. This has very little performance penalty and requires no code change other than linking with the efance library.

What is much more of a pain is the abuse of stack-allocated arrays as they are much more likely to lead to code injection, and often confuse the debugger if the function context (return address) gets trashed.

Anyone know of a simple way to debug that? I.e. some automated way of using an electric fence style of check on stack arrays without a massive code change?

Also it is worth noting that a number of tools like Coverity are quite pedantic about array use from a static analysis point of view and will help find such problems even before you run the code. Not always of course, but use all the tools you have...

1
0

Standards body wants standards for IoT. Vendors don't care

Paul Crawford
Silver badge

"lack of security for IoT deices results in a negative externality, where a cost is imposed by one party (or parties) on other parties"

OK, simple solution - make IoT vendors liable for the consequences of security breaches if any identified flaw is not automatically fixed within 30 days, maybe forcing them to have some insurance policy to cover it. That liability and/or how the premiums are calculated might just focus the idiots design and marketing minds of having a proper development, testing and support process.

What, then IoT is too expensive?

Oh dear, how sad, never mind! </Windsor Davies>

5
0

Facebook appoints self world police, promises state attack warnings

Paul Crawford
Silver badge

Re: Maybe I'm too cynical ...

Exactly. Many moons ago they pestered me to add a p[hone number "for security" as if I gave a monkey's crap about what FB contained. The more info they have on you all the better to whore you from advertiser to TLA to advertiser.

8
0

Where will storage go over the next 15 years? We rub our crystal ball

Paul Crawford
Silver badge

The only solution to the latency issue is to have you processing "machine" on the cloud-provider's infrastructure. At that point you surrender any security as that machine would necessarily have the key(s) to decrypt your data.

Otherwise you can use cloud for secure storage so long as it is encrypted at your end using a key not known to the storage provider, which is a good options for some situations (e.g. off-site backup).

0
0
Paul Crawford
Silver badge

Re: What about support?

You have a valid point, that someone has to support it.

Sadly, often the paid-for support is only a little better than what a popular (e.g. FreeNAS) forum has. I'm guessing you can also get paid support for open source solutions like FreeNAS, so its not an either-or option.

Can we have a straw poll on which major storage vendors really provide good support?

1
0
Paul Crawford
Silver badge

Re: Snapshots have never been a paid feature from NetApp

What about accessing the snapshot'd data?

0
0
Paul Crawford
Silver badge

@Roj Blake

Do I put my data on public-facing networks?

Am I subject to USA data snooping laws? Would I know if I was subpoenaed?

If I run out of short-term cash will I delete my own data?

Also money is, like AC power, or water, etc, interchangeable. The numeric value of my balance is not something that would be of special advantage for industrial espionage.

0
0
Paul Crawford
Silver badge

Electricity is a basic commodity, it has no real unique characteristics. Just 230V +/- 10%, 50Hz, (mostly) sine wave here in Europe.

My data is unique which is why it is so much more valuable. Do I trust others to look after it? No!

Sure, I might use a cloud provider to store an encrypted backup, but then if they bugger me around I still have the original, and they don't have access to whore me from advertiser (or TLA) to advertiser. Going cloudy might suit small businesses that have no tech support and limited requirements (say just email & dropbox share) but if you have big demands the cost of the "cloud", and the bandwidth needed to work with, it becomes uneconomical even before we get to data sovereignty.

3
0

Will stock market swipe right on Tinder? Match Group files bid to IPO

Paul Crawford
Silver badge

"pay to get access to other people's vitals"

The oldest trade, tarted up in the name of romance.

0
0

Big Blue lets Chinese government eyeball source code – report

Paul Crawford
Silver badge

Re: Not enough

It is a fair point, that with several MLOC and a closed environment for a few dozen folk to review the code, you have very little chance of finding anything.

If, and that is a hypothetical "if", the TLA have had backdoors planted you can be damn sure they are not so dumb as to have obvious code and matching comments to draw attention to it. Most likely it would be some apparent 'typo' that allows an exploit to be deliverer, or it would be some obscure cryptographic flaw (or blind use of closed hardware support) that makes it easy for them and hard for others to exploit.

0
0

Job alert: Is this the toughest sysadmin role on Earth? And are you badass enough to do it?

Paul Crawford
Silver badge

I think it is that a lot of dog diseases can be passed to seals.

1
1
Paul Crawford
Silver badge

Re: Wot No Huskies?

At the BAS base at Rothera they have photos of the various dog teams and some letters about what happened to the last set when they went back (I think to Canada) to live out their lives. Most did not live long, probably due to a lack of immunity to diseases on the mainland, but at least they were treated well. Still fondly remembered by the older hands.

0
0

Self-driving vehicles might be autonomous but insurance pay-outs probably won't be

Paul Crawford
Silver badge

Re: Speaking as one who has fallen from ths sky

Given two choices:

(1) broken ribs, broken vertebrae, punctured lungs, demolished spleen

(2) several months of daily buggery

I think any sane person, of any sexual disposition, would opt for the buggery!

1
0

So just what is the third Great Invention of all time?

Paul Crawford
Silver badge

Re: Measurement

+100 for this. Not only the standardised units, but the idea of standard parts (like Whitworth's screw threads) and the resulting interchangeability that led to mass production and, in many ways, the latter part of the industrial revolution and all those affordable gadgets we take for granted (you know pipes and taps for clean water, cookers, etc,).

1
0

Radio wave gun zaps drones out of the sky – and it's perfectly legal*

Paul Crawford
Silver badge

It unlikely, unless some moron of a designer makes it dependant on having a signal.

Firstly you can disrupt RF comms at levels way below those needed to actually damage electronics, and secondly most body implants have the benefit of flesh around them which works as a useful attenuator at the sort of frequencies these things work at.

Still, if you need any medical electronics to live, best not to play with an ESD simulator or similar...

0
0

Fixing Windows 10: New build tweaks Edge, sucks in Skype

Paul Crawford
Silver badge

Re: "...huge A3 CAD drawing..."

Yup, some years ago I had to shrink some schematics down to fit A3 and it was only just readable. Now I try to fit on A3 pages and split up the design, which sounds obvious, but then with some packages you don't get that much on an A3 page at normal symbol size :(

1
0

No change in US law, no data transfer deals – German state DPA

Paul Crawford
Silver badge

Outlook

Cloudy, with some rain in the immediate future

16
0

Volvo to 'accept full liability' for crashes with its driverless cars

Paul Crawford
Silver badge

Re: how do you steal a car that will drive itself back home?

Probably break it for spares, though I can see some great Darwin awards coming for petty thiefs...

0
0
Paul Crawford
Silver badge

Re: What ifs

EVERY article ever written on El Reg about driverless cars, someone in the forum pops up with "who's going to pay for it if/when they crash"

I do. And now we have a car company saying quite unambiguously that they accept the blame for faults in their car design or manufacture, and that is a great step forward (subject to getting country laws to accepts such a thing).

As other commentards have pointed out, an autonomous car will almost certainly out-brake a human driver in any obvious impact scenario. Though how well they will deal with odd cases, loss of communications (doh! stupid idea...) and anticipation of kids, etc, playing at the roadside is another more difficult question to be answered.

Finally, can we please have proper audits and standards for car software? It is shitty enough we have cars recalled due to potential hacking via in-car entertainment (e.g. Jeep) and not shutting off (e.g. Ford) but having full control of all aspects of the vehicle offers far more opportunities for a BSOD than so far (e.g. Toyota's "unintended acceleration").

6
0

Google's .bro file format changed to .br after gender bother

Paul Crawford
Silver badge

Re: perhaps you could name some of your folders as .ass?

So we have:

.vag

.ass

.mouth

.apple-pie

.pigs-head

Its a gift that keeps giving :)

1
0

Vodafone joins calls to pry Openreach from BT's hands

Paul Crawford
Silver badge

Virgin (no longer owned by the beardy one) bought over past telcos coax networks, they have laid very little since.

It costs real money to do so, and there is not profit in that when there is no universal obligation on them to do so (and bugger-all for openreach putting in fibre outside of VM's areas).

0
0

Now even EUROPE is slapping down ICANN in internet power struggle

Paul Crawford
Silver badge

Re: ICANN in a death spiral then?

The tech world's FIFA

12
0

ICANN: Just give us the keys to the internet – or the web will disintegrate

Paul Crawford
Silver badge

I fully agree!

Now about that "biologically impossible" act, I'm sure we all have a few old spare routers kicking around and a jar of Vaseline is well within my limited budget...

5
0

4K catches fire with OTT streamers, while broadcasters burn

Paul Crawford
Silver badge

Re: Content is everything

I saw a 96" 4k TV in Harrods last week and it looked simply amazing, but the £17k price tag is a touch outside my budget.

5
0

Porsche-gate: Android Auto isn't slurping tons of engine data, claims Google – but questions remain

Paul Crawford
Silver badge

Re: All cars have split CAN buses

That sounds sensible. But what happened with Jeep's hacking via entertainment system? Seems someone was not thinking security through at all.

As I have commentarded before, its time that in-car hardware and software was audited for this sort of thing and the results published ncap-style so you can choose to avoid dumb/misled designer's results.

11
0

EU desperately pushes just-as-dodgy safe harbour alternatives

Paul Crawford
Silver badge

I suspect if this starts costing real profits in the US then the "national security" laws will be changed to have the sort of narrow focus and judicial oversight that should always have been present.

At that point some more equitable replacement agreement should be easy.

11
0

Phone thieves to face harsher penalties for data theft

Paul Crawford
Silver badge

Re: Irreplaceable photographs

The only way this law makes sense is if the criminal then goes on to use/abuse the phone's data.

If your phone is nicked that’s not good, but if there is no violence/injury its only a phone. If you have irreplaceable data on the phone that is valuable then you should not deserve any more compensation (or the scrote any more punishment). After all it could easily fail or be wiped by some botched upgrade and you would get bugger-all back from the EULA even if it were generally dismissed by a court.

1
0

Surface Book: Microsoft to turn unsuccessful tab into unsuccessful laptop

Paul Crawford
Silver badge

1TB storage?

How much for the 1TB storage option?

1
0

Forums