* Posts by Werner McGoole

213 posts • joined 11 Mar 2008

Page:

Collective noun search for security vulns moves into beta testing

Werner McGoole

Normally it would be a shedload

Except, obviously, you don't keep vulns in a shed.

So sandbox (or sandboxload) is clearly the correct term here.

0
0

Mozilla testing very private browsing mode

Werner McGoole

Not so sure about this

Maybe this'll all turn out good, but I'm not sure that's guaranteed. Companies that get interested in security frequently go down a well-trodden path where they keep adding defences against more and more threats, becoming a jack of all trades. And in the process they duplicate facilities that are already available from others (as add-ons in the case of Firefox), often in an inferior and incompatible way.

So I'm not optimistic that Firefox can out-ghostery Ghostery, or out-adblock AdBlock Plus, etc. But I am confident that they can make idiotic design decisions while attempting to do so and make it considerably harder for these exiting add-ons to continue.

Add-ons have the distinct advantage that you can easily swap between them. So when AdBlock Plus started selling its soul to certain "approved" advertisers, there was AdBlock Edge to move to. Now imagine what'll happen when (not if) Mozilla changes things the way you don't like. It'll be take it or leave it, like with all their random UI changes.

For my money, the correct approach is to work with the add-on suppliers to make their job easy by exposing the necessary internals, fixing the bugs that plague them and not continually changing features they depend on. And I include the Tor bunch as "suppliers" as I'm sure they could tell Mozilla a thing or three about the tracking risks baked into its browser.

Please, Firefox devs, concentrate on your core competence and give us a reliable, fast, stable and standards-compliant browser and recognise that you need others to help you with many of the extras - and that you need to make their life easier.

6
0

Want to download free AV software? Don't have a Muslim name

Werner McGoole

And the purpose is?

I assume the reason AV software is sensitive is because it can potentially detect malware planted by law enforcement. So obviously you wouldn't want any old crim getting his hands on it (rolls eyes), especially not one with a foreign-sounding name (smacks head).

Although this does pre-suppose that Sophos' AV software detects government-produced malware in the first place. Given that US and UK AV vendors don't seem to be targets for NSA/GCHQ hacking or reverse engineering, that's not so certain, of course.

Or it could just be that if the powers that be don't like you they don't want you to have any software at all. But surely even they can see the futility of that?

1
0

Dormant ALIEN SLIME LIFE frozen in SPEEDING comet will AWAKEN - boffins

Werner McGoole

Indeed. He has plenty of form when it comes to over-hyping things in an alien-life-on-comets direction, not to say bending the evidence a bit to fit on occasion. Organic molecules on comets have been known for many years, but that doesn't equate to life. It's probably best not to jump to any conclusions about the latter without pretty firm evidence.

3
0

Climate change alarmism is a religious belief – it's official

Werner McGoole

It's all about controlling people

Religious leaders have always needed something big and scary so that the church could save you from it, especially so the Church of Rome that has so many people to control. These days, governments are using the tactic rather more effectively than churches, though - and with better memes, what with fire and brimstone being a bit old hat.

Unfortunately for the Pope, however, paedophiles are out (for obvious reasons) and terrorists are a bit risky considering how the Romans would have viewed Jesus of Nazereth. So climate change seems to fit the bill nicely.

It's a bit surprising it's taken Rome so long to catch on to the trend everyone's been following for years. But, then, they've only quite recently caught on to the Earth going around the Sun, so I guess you can't expect miracles.

6
2

F*cking DLL! Avast false positive trashes Windows code libraries

Werner McGoole

Just thought I'd point out that to test AV software against a set of files (like dlls) you don't actually have to install those files. This sort of problem can be avoided by just plonking all the files somewhere in a big heap and scanning them.

4
0

UK.gov shovels £15m into training new quantum engineers

Werner McGoole

Presumably someone told Cameron about a wave function and he though it sounded like a great photo opportunity.

3
0
Werner McGoole

Re: What about the quantum mechanics?

Quantum mechanics or quantum engineering? I's so hard to decide. Maybe I could do both?

1
0

Pirate Party leads Icelandic voting intentions poll

Werner McGoole

Re: I can invent a cure for cancer and get a maximum of 20 years

I think you might have just solved the problem of how to overturn the patent system. I'm sure any decent composer could set that legalese to a catchy tune.

Method and apparatus for producing rounded corners... doo dah, doo dah!

1
0

Quantum computers have failed. So now for the science

Werner McGoole

Testing, testing...

So if I read the article correctly, the existence of a quantum computer would serve as experimental refutation of this theory. These days it's good to find such a simple experimental test of a new theory in physics - and such a well funded one too!

Personally, I'd have to agree with Richard Feynman's original observation that, essentially, the universe has to be able to compute a lot faster than our classical computers do or it wouldn't be able to work fast enough itself. Quantum computing is just a way of harnessing the computing that goes on around us all the time - and it's staggeringly fast.

0
0

In assault on American values, Lockheed BLASTS PICKUP with RAYGUN

Werner McGoole

Hmm

So did it punch a hole through the engine block (quite impressive) or did it just damage the "engine manifold"? I'm not quite sure what the latter is, but it sounds like it involves only a fraction of the metal mass of the former. If they meant the exhaust manifold, which would likely be quite accessible, then all you'll have is a rather noisy truck, not a dead one.

Looking at the picture and assuming the laser is fired horizontally, the hot spot looks too high to be targeting the main block. I'd think 30kW would also take quite a while to heat the mass of an engine to a destructive temperature, what with it being water cooled and stuff. My guess is that any disabling of the truck is most likely to result from burning the electrics. Quite effective, I guess, but not a patch on what even a small amount of high explosive would do.

3
0

Violin-fiddling boffins learn that 'F-HOLES' are secret to Stradivarius' SUPERIOR sound

Werner McGoole

Yet another explanation

These seem to come around regularly and rarely do they sound that convincing; this less than most, in fact.

It's obvious you can design just about anything by natural selection (c.f. the natural world) but you'd be a pretty dumb craftsman if you set out to do it that way and not use a modicum of intelligent design. For a start, you can make small sound holes, then play the violin, then make them bigger and see what changes. That's not random and I can't believe a decent craftsman wouldn't have done exactly that, many times over in fact.

Obviously, sound holes aren't the only important design factor, either, so certainly not the "secret" of Stradivari. In fact, if it were just down to dimensions, machines would be able to turn out top-quality violins by the thousand as they'd be able to accurately reproduce the dimensions of great old instruments.

And the sound holes don't just let the sound out. Among other effects, they allow the "table" (the approximate square of the top plate between the sound holes) to vibrate largely independently and affect the resonances of the whole instrument. Elongated sound holes obviously do that better.

You'd have to think the old craftsmen were really pretty stupid to have spent their whole lives breaking new ground in instrument-making and not realise just a little of this. To the extent that they were no better than a bunch of random monkeys? Pull the other one!

6
0

NASA plots methane-detecting laser in SPAAACE

Werner McGoole

Re: Water, water, everywhere...

I think it's a basic assumption in climate models that water vapour concentrations are increasing. The thinking is that as temperature rises, so the atmosphere holds more water. It's a positive feedback effect.

But the increased water vapour also allows the atmosphere to transport heat from the earth's surface to the upper atmosphere more efficiently, where it's radiated into space.* That's a cooling effect and therefore a negative feedback.

Both these effects are quite strong. So the net effect depends a lot on getting your model for water vapour correct. That rarely seems to get discussed, but it's quite important and complicated, what with clouds and stuff being involved.

*The radiation absorbed by CO2 has never been able to reach space from ground level (the greenhouse effect is a dumbed down explanation for the masses). The atmosphere is optically thick at these wavelengths and always was. The heat is instead radiated from the top of the atmosphere and it gets up there primarily by convection.

1
0

Scary code of the week: Valve Steam CLEANS Linux PCs (if you're not careful)

Werner McGoole

Handy hint no. 37

If you're going to do:

rm -rf $somewhere/*

then using "set -u" beforehand might save you a lot of bother in the event that $somewhere didn't get defined or you mis-typed it.

1
0

Osborne ponders giving fleeing bank customers an API getaway car

Werner McGoole

All well and good

I'm sure it'll all be very nice and shiny when it's all agreed and implemented. But the trouble is, having gone to all that effort, in 50 years time they'll still be using the effin thing. Much like how it still takes 7 working days for a cheque to clear.

0
0

Hawking: RISE of the MACHINES could DESTROY HUMANITY

Werner McGoole

Oh really? You don't say?

You'd think that with a brain the size of a planet and a subject of such fundamental importance, he'd at least come up with an original thought - even a small one. Wouldn't you?

But instead he says something that's been said about a million times ever since the idea of a computer first arose. Maybe he's just discovered SF and it's got him all fired up to the extent he didn't bother checking if anyone else had ever pontificated on the subject.

Tell you what Stephen. Submit a paper with your thoughts on AI to your favourite scientific journal and let's see how impressed the referee is to hear that old saw again.

1
2

Post-pub nosh neckfiller: The MIGHTY Scotch egg

Werner McGoole

What do they call them in Scotland?

Over the years, a number of Scotchmen have informed me that the only thing the adjective "scotch" can be applied to is whisky. Obviously, as an Englishman, I consider that to be nonsense and object with eggs, mist, corner, butter, hop and many other examples of ancient English usage. But they are insistent.

So what's Carmen's take on this as a Scotchwoman? Do they call them Scotseggs in Scotland, or just eggs?

1
0

Danish lit star Helle Helle, Marianne Faithfull and Jim Al-Khalili on Quantum Biology

Werner McGoole

Meh

I'm not sure it's accurate to say this is the first layman's book on quantum biology. McFadden's earlier book "Quantum Evolution" surely counts (there may be others). That book was a rather fanciful and unscientific exposition, although interesting.

But what's all the fuss about quantum mechanics and biology? Self evidently QM influences biology. Without it atoms and molecules wouldn't be stable (the entire world wouldn't exist). The quantum de-localisation of electrons makes much of chemistry (hence biology) possible. Of course reaction pathways follow the routes that QM allows even when they're classically forbidden: QM was invented to explain the behaviour of atoms after all.

What's more contentious is whether the more "spooky" quantum effects can survive and be observed at a macroscopic scale. McFadden's first book was full of such claims, but little of it convinced me. As this subject advances, it seems to be leaving these wilder claims behind and focusing on more mundane aspects of QM that amount to - well, little more than normal chemistry to be honest. If the macroscopic consequences of QM in biology are so remarkable, then so, also are other simple facts, like the existence of solids and liquids, electrical conductivity and countless other phenomena we take for granted.

Penrose's conjecture certainly retains the essence of "spooky quantum action" and deserves more study than it's been getting, but apart from that, I say "meh" to quantum biology.

1
0

Lords take revenge on REVENGE PORN publishers

Werner McGoole

Swings & roundabouts

I guess this will just lead to the alternative of allowing your nudie pics to be posted on the internet by your lover. Then, when you get jilted, you claim you never gave permission.

8
2

Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM

Werner McGoole

Re: I seem to recall reading this experimental procedure before

Indeed. One of the most important experiments in physics, although it routinely gets overlooked when documentaries are looking for the big moments in science.

It also sounds suspiciously like the gear used to look for gravitational waves. In fact, from the description I can't see how you'd tell the difference if you did detect something. Presumably there'll be a subtle signature in the signal that's below the noise level of journalists.

0
0

Climate: 'An excuse for tax hikes', scientists 'don't know what they're talking about'

Werner McGoole

Re: I think...

There are lots of people who are scientists (but not climate scientists) who have plenty of relevant knowledge for assessing the work that climate scientists are doing. Many of them have extensive knowledge of data analysis, computer modelling, physics, chemistry, statistics and all manner of other subjects that are very relevant to climate study. Many also work in far stricter disciplines, where the scientific method and the burden of proof are adhered to far more closely than in climate science and where being a sceptic is seen as fulfilling a valuable scientific role.

Many people with these sorts of backgrounds look at what climate scientists are doing and feel they are letting science down, badly. They can see very little scientific rigour being applied and no scientific basis to the theories that predict future climate - principally because none has ever passed even the simplest of experimental tests. These details are important, because they are what distinguishes science from opinion.

So, to put it bluntly, there is every reason to think that the man-in-the-street's opinion will be just as accurate as that of the climate scientist, because neither is doing science.

4
1

Amazon France routes around free shipping ban with €0.01 charge

Werner McGoole

Re: Booksellers do deserve protection

No matter how "good" they are, why would I go there to buy something they don't stock? Small places inevitably don't have as much stock. When buying books, the range available is quite important. That's why Amazon is a better solution, quite apart from the price.

2
1

Catch cack-handed baggage handlers in the act with Ericsson's SPY SUITCASE

Werner McGoole

Meh, it's all standard these days

Standard suitcases already contain most of the required sensors for this sort of work. They contain plastic parts that fracture at a pre-determined impact to detect rough handling. They have bendable metal handles that detect excessive loads (just check to see whether the handle will still pull out when it arrives). They also have absorbent coverings to detect moisture and many will reveal contact with abrasive or sharp objects by ripping.

Of course, you can also install your own sensors internally; a cheap bottle of wine will reveal if the bag has been thrown around by imparting a red stain to your undergarments.

0
0

Black hole three-way: Supermassive trio are 'rippling' space

Werner McGoole
Headmaster

Re: different terminology please

Technically, I think he has stopped. Unless he uses it again, of course. But you won't know that until he does, so it's too early to complain yet.

4
0
Werner McGoole

Re: To put 300 times the speed of sound

Actually, that they're orbiting at 300 times the speed of sound is about the least extraordinary thing about them. In astronomical terms, that's a boring, pedestrian speed.

0
0

You are ALL Americans now: Europeans offered same rights as US folks in data slurp leaks

Werner McGoole

"This is an important first step towards rebuilding trust in our transatlantic relations."

This is an insulting first step towards failing to rebuild trust in our transatlantic relations.

There, FTFY.

7
0

Boris: Look on 'London's digital tentacles', ye mighty, and despair!

Werner McGoole

Re: Like it's a good thing?

Yes, definitely a bit vampire squidish, that.

1
0

Debunking Jimbo: Slippery Google tries to evade European privacy

Werner McGoole

Re: So in summary...

"If they accede to demands without sending them to court, Google are pro censorship, and their previous freedom posturing is exposed as lies!

And if Google send things to the courts, then Google are arrogantly attempting to defy their obligations under EU law!"

But that's pretty much the dilemma we all face, including the law itself. Either we're in favour of censorship or we're in favour of violating privacy. Unless we all agree on exactly where the dividing line falls (and there's not much chance of that as it's a political judgement as much as anything) then there's no squaring this particular circle.

The usual solution in such cases is to enact some fairly vague and ambiguous laws so that only those people who care enough to spend a fortune going to court ever need a firm decision. The rest of us just have to lump it because we can't afford the money or effort to fight. In the case of data protection, you also set up a watchdog with no teeth to take the wind out of people's sails if they have the cheek to complain

Looks like we're fairly well down that path already.

0
1

Egghead dragged over coals for mining Bitcoin on uni supercomputer

Werner McGoole

This is academia

I guess they were just miffed he didn't get any publications out of it.

1
1

UK govt 'tearing up road laws' for Google's self-driving cars: THE TRUTH

Werner McGoole

Re: I'm against it at this time. here's why...

One big difference between the US and UK is that we drive on the left in the UK. But I guess we should be OK there, so long as NASA don't get involved.

4
0

Tech talk bloke compares girlfriend to irritating Java tool – did he deserve flames?

Werner McGoole

Investigative journalism at its best

Small group of people on Twitter get annoyed about something trivial. What a great story that'll make.

1
0

You've got two weeks to beat off Cryptolocker, GameoverZeus nasties

Werner McGoole

Ooh a nasty virus is coming to get us all....

Sounds like business as usual to me. Actually, maybe just a brief holiday before returning to normal.

Why all the fuss?

0
0

It's Google's NO-WHEEL car. OMG... there aren't any BRAKES

Werner McGoole

So what happens...

...when an automatic software update bricks them all at once?

3
2

EBay, you keep using the word 'SECURITY'. I do not think it means what you think it means

Werner McGoole

Or you could just try writing eBay a stern letter

Cut out the middle man...

4
0

Mozilla agrees to add DRM support to Firefox – under protest

Werner McGoole

Re: The underlying problem is...

You're right. Browsers are already too complex - a bit like operating systems became, in fact. I think it's time we stopped using "a browser" and had browser distributions like we have Linux distros. That way, projects could more easily set up new forks of (say) Firefox and just use the bits they like.

More importantly, they could also add in any extras they want and could enhance neglected areas (like security and privacy) without taking on the massive challenge of supporting an entire browser. At one time, Firefox's extension mechanism was a great strength, but many extensions now look like little more than sticking plaster and just provide an excuse for not tackling fundamental browser problems.

We need to develop an ecosystem where competition can help drive forward the individual component parts of a modern browser and take control out of the hands of the big players.

3
0

Amazon granted patent for taking photos against a white background – seriously

Werner McGoole

Or that you can use a ruler to measure any length so long as it's not 10cm.

0
0
Werner McGoole

Re: Insane

I doubt they can do that. Amazon has probably already patented the idea: "Method and Apparatus for issuing daft patents...".

0
0

Symantec: Antivirus is 'DEAD' – no longer 'a moneymaker'

Werner McGoole

Re: One good thing Microsoft has embraced and extended

"Dont need link scanning, email scanning, network lock downs, child monitoring, arbitrary trusted app levels, convoluted firewall blah blah blah..."

You need to tell that to pretty well everyone who's writing stuff these days. No-one seems happy any more with software that does what it needs and nothing more. If another feature is possible, then it needs to be added... and on and on... until it collapses under its own bloat. AV, unfortunately, is not alone in this by a long way.

That's not to say it doesn't deserve to die, though.

5
0

DreamWorks CEO: Movie downloaders should pay by screen size

Werner McGoole

And books...

...should cost more if you're wearing big glasses.

5
0

Top tip, power users – upgrading Ubuntu may knacker your Linux PC

Werner McGoole

Grub's a really touchy beast these days

Especially if you've more than one OS installed. Breaks as soon as you look at it. Fortunately fixing it is usually pretty simple. Overall, not necessarily a good situation, though.

I guess it's just become over-bloated as these things always seem to do.

0
0

Not just websites hit by OpenSSL's Heartbleed – PCs, phones and more under threat

Werner McGoole

Re: The real bug

No, the real bug is having a software development system that allows someone with insufficient experience to add code to a system that needs to be secure - and then not having a sufficiently robust review process in place - and then installing that software in a critical situation on huge numbers of servers around the world.

This bug is the sort of mistake beginners make (I believe the culprit was still at uni). I'd be embarrassed if I put a bug like that into a one-off throw-away lash-up. But somehow it got into openSSL which everyone regarded as secure.

It's a bit like the debt-laundering that took place before the financial crash. Everyone thought the debt was solid, but simply because no-one bothered to look at the fundamentals. I think this incident has shown FOSS security to be based on similar principles.

0
0
Werner McGoole

In my view seeing a naked memcpy call at all in supposedly secure code is like walking into a restaurant kitchen and seeing a big pile of rotting carrion on the floor. The staff may know not to handle it before dipping their fingers in the gravy, but it's a clear danger that you don't want to have around. It may cost to clear it up, but that's what you have to do.

memcpy is a big red flashing warning light that says "make damn sure you've checked and sanitised every bit of data that goes in and out of here" (not only memcpy, of course, but quite a few other C functions). In fact. I'd suspect simply looking for all the memcpy et al. calls is a pretty good way of finding vulnerabilities. The best approach is to wrap them up pretty tightly. Even that's not 100% secure, but it does make a difference and in security code it's 100% worth doing.

1
0

Boffins make noise about D-Wave chip: it seems quantum

Werner McGoole

Re: I don't get it.

That makes me scratch my head a bit too. Either it's a lot faster than a classical computer or it doesn't really matter whether it's a quantum computer or not.

I could say I'd sold my soul to the devil in return for the skills to make blisteringly fast computers, but if the computers I sold weren't actually fast, what would be the point?

2
0

New IPCC report: 8 ways climate change will throw world INTO PERIL

Werner McGoole
Pint

Re: ..everyone can identify with slower maturation of wine grapes as an issue worth tackling! ..

I'm more interested in what it'll do to barley and hops, actually.

For once, the perfect icon!

2
0

US to strengthen privacy rights for Euro bods' personal data transfers

Werner McGoole
Facepalm

Ha ha ha ha ha

What bit of "trust" don't they understand?

6
0

GNOME 3.12: Pixel perfect ... but homeless

Werner McGoole

Re: Nope

OK, so you have to edit a config file. Not ideal, obviously.

But OTOH, do you want a dancing paperclip popping up saying "I see you're looking at a web page, would you like me to help you create a short cut to that?" and then proceeding to create a widget that plays a tune every time you mouse over it, tells you the time of day in the web site's locale, adds it to a semantic map of your browsing habits, emails all your friends to tell them what a great site you think it is and posts to Facebook, Twitter et al. just for good measure, before suggesting where you can get discount vouchers, signing you up to the web site's spamletter and prompting you to create an account?

There's a balance to be struck here. In my view it's about at the level of right-click and select "create a desktop link to a web page". Unfortunately, 99% of GUI designers seem to have convinced themselves we prefer the "paperclip" approach. So kudos to Gnome for going the other way, but it's still not right guys!!

3
0

Middle England's allotments become metric battlefield

Werner McGoole
Holmes

Now that's proper mental mental arithmetic... a counting system with multiple fields and different bases in each field. Who on earth would invent a system like that? Oh, hang on... I seem to recall spending several years of my life practicing that stuff.

FWIW I also recall we had a computer* made out of relays when I was at school that could do arithmetic in yards, feet and inches and suchlike. I think it could calculate pi as well, but rather slowly.

* IT angle.

0
0

Monkey steals iPod touch, loses interest in minutes

Werner McGoole

I feel a patent coming on...

Rounded corners aren't cool in monkey society. Simians prefer curved, elongated shapes with pointy ends. So that idea's now in the public domain, before Apple patent it and come up with the iBanana.

0
0

Blighty goes retro with 12-sided pound coin

Werner McGoole

Re: You can get the fakes at clubs

I think it doesn't really help that they change the design on coins and banknotes so often. There are so many designs in circulation now that I don't necessarily recognise them all and I'm not that surprised when I see a new one. If I got given a pound coin with a picture of Mickey Mouse on one side, I'd probably assume it's some stupid attempt to commemorate Walt Disney or something.

So now I suspect the fraudsters could start minting 13-sided pound coins and still get away with it. People would just assume it's a new official design.

1
0

WTF is … the multiverse?

Werner McGoole

Inflation conflation?

You seem to be talking about theories that propose that outside our universe there are other things (that might be other universes), hence a multiverse. But in "quantum physics" (as mentioned in the title), the multiverse normally refers to the idea that all possible quantum statistical outcomes of an event actually exist together (rather than one of them being special and representing a unique reality).

So have you just conflated two rather unrelated ideas, or is there some more subtle connection between the two that I've missed? For example, is it being suggested that the existence of inflation is somehow the cause of quantum uncertainty?

0
0

Page:

Forums