* Posts by Dr Dan Holdsworth

218 posts • joined 16 May 2008

Page:

What will laws on self-driving cars look like? Think black boxes and 'minimum attention'

Dr Dan Holdsworth

Re: Pointless and expensive technology

Asking a human to sit attentively and watch a machine drive is probably the most idiotic notion ever thought up by a lawyer ever; it displays a profound lack of insight into how human attention works, and how computer control systems work (or should work). The only way the concept could be made worse is to force the human to walk in front of the car with a red flag.

It also completely misses out on some of the easy wins for autonomous driving systems: autonomous motorway driving. It has been found that if cars on a motorway can driver very close together, on the order of about a metre separation, then fuel use for all but the front vehicle drops dramatically. This separation is controllable for a MESH communicating computer talking to all other cars, but is impossible for a human.

So, what happens if the computer gets confused and hands over control in such a situation? Easy, a big pile-up. Either the car rear-ends the one in front, or the human jams on the brakes and gets rear-ended himself. Cue a lawyer pointing out the utter impossibility of a person being able to function, and the law getting thrown out by a court.

The way for a computer-controlled car to fail safe is simple: if it cannot safely control the car, it must slow down and come to a full stop, and only then when stationary may it hand over control. Nothing else is safe or sensible.

2
0

England just not windy enough for wind farms, admits renewables boss

Dr Dan Holdsworth

Re: Stop Dicking about!!!!!

Look, we have a stockpile of plutonium that was used for making weapons and which now really ought to be reduced somewhat. We also have quite a bit of long half-life sludge, which also wants destroying. We therefore need a fast neutron reactor somewhere, and if we're going to build one, we might as well also go the whole hog and build a fleet of other smaller pure-power reactors as well.

Further to this, as well as standard nuclear power reactors we could also give serious thought to building district heating systems which heat water to steam, and distribute the steam as a form of heating. Much of the gas burned in Britain is burned to provide heating or hot water; a small nuclear thermal device would supply quite a large area with heating at similar cost to gas.

On a final note, it is about time we stopped listening to the Great Uninformed Green Blob. They talk an awful lot of utter and complete toot, and really ought not to be listened to quite so freely.

12
1

Label your cables: A cautionary tale from the server room

Dr Dan Holdsworth

How can you tell when a user is lying to you?

Easy, their lips are moving.

32
1

Brits rattle tin for 'revolutionary' hydrogen-powered car

Dr Dan Holdsworth

Trying too hard

What is going on here is that the consequences of trying to be too Green.

Hydrogen is apparently the ultimate Green fuel, but apart from being ultra low emission it has a very long list of major disadvantages. For a start, it is not energy dense, so you need to carry a lot of it and refuel frequently. It is difficult to store, so there are few hydrogen fuel stations out there, reducing the vehicle's utility still further. Hydrogen also explodes very readily, burns with a flame invisible to human eyes and isn't all that easy to make.

If the car makers had only tried a little less hard on the environmental front, then all manner of exciting things are possible. Ammonia is another, better candidate for a zero-carbon fuel. It can be made fairly easily, especially if you have access to electricity from a nuclear reactor, and can be contained in the same sort of technology as LPG is stored in. It can be burned in fairly conventional engines, in gas turbines and (with recently-developed catalytic systems) in conventional fuel cells.

Similarly LPG or methane are also good candidates for Green energy, as is pure ethanol. Once again, these sorts of fuels can be easily made, stored and used with conventional technology and systems, and don't require an absurd new car design to use them in.

9
0

Here's a great idea: Let's make a gun that looks like a mobile phone

Dr Dan Holdsworth

Re: "Absolutely no one can make sense of the United States' infatuation with firearms."

Yeah, right.

American civilians are limited to owning small arms. About the heaviest kit they may possess are Civil War era muzzle loading cannons; mostly semi-automatic self-loading rifles are the most potent weapons permitted.

The US Army and Air Force, not to mention the various police forces and militias are all permitted to have much more effective weapons than that. At best, any US citizen with a legal weapon would be able to make themselves mildly irritating to the government before getting themselves killed.

The US "right to bear arms" does NOT in any way hold the government to account.

3
3
Dr Dan Holdsworth

Re: Top Gear

True, but Terry Pratchett still had a great deal of fun with the concept:

"The King? Oh, he's out exercising his Droit du Seigneur. Damn great hairy thing..."

4
0

Zombie SCO rises from the grave again

Dr Dan Holdsworth

Re: Why can't IBM finish them?

No, SCO still apparently owns some intellectual property that it claims is worth something. As the previous comments said, IBM would be within its rights to demand that this be handed over in lieu of money, at which point SCO is completely dead.

2
0

Investigatory Powers Bill lands in Parliament amid howls over breadth of spying powers

Dr Dan Holdsworth

Re: Double taxation

The Paris attackers were working on the not-unreasonable assumption that if the police hadn't collared them by the night of the big attack, then the police weren't on to them sufficiently for unencrypted comms on the night to be an issue.

Just because comms chatter is unencrypted does not mean that it is intelligible, either. Look at teenagers wittering on in text-speak language. Lots of info, not easily understood.

1
0

Photographer hassled by Port of Tyne for filming a sign on a wall

Dr Dan Holdsworth

Re: Not all security is like that, I'm not

If I wanted to take pictures of a sensitive site for use in any nefarious deeds, the absolute last thing I would is walk up to the outside of the place and start taking pictures of it in full view of rent-a-plod inside.

What I would instead do is quietly turn up a long way away on my bicycle (no ANPR records for a bike) and quietly photograph the place using a camera with a long lens peeping out through a hole in a bag. Even if I couldn't do this, a camera in a shoulder bag with a remote shutter release is not going to arouse the notice of security guards if all the photographer does is walk past without obviously taking photos (whilst snapping away with the concealed camera).

I would therefore hazard a guess that your "security measure" was implemented not to improve security, but more to provide comedic light relief by forcing the security personnel into a real life Monty Python performance every time some completely innocent member of the public happens to point a camera at the site. It certainly cannot be to aid security.

10
0

Intravenous hangover clinics don't work, could land you in hospital

Dr Dan Holdsworth
FAIL

Re: Harmless ingredients...

As I have said before, regardless of how harmless the ingredients are, it is the administration method which the likeliest cause of harm. Human beings have very good immune systems in their guts which only a select few food poisoning organisms can get past. By contrast, if you inject something intravenously, you bypass this immunological safety system.

That these companies are doing this is in its self a form of placebo woo. The only reason for running fluids via an IV drip is when the patient needs fluids urgently, and cannot drink them normally for whatever reason. People with hangovers are not medical emergencies of this kind; there is no earthly reason to expose them to the hazards of an IV line.

If you want to medicalize the process of giving someone fluids, then at most a nasogastric tube could be used. This is however rather an unpleasant way of getting fluids into a person who is perfectly capable of swallowing liquids normally.

All these hung-over morons actually need is a large dose of water with the correct electrolyte mix to be most rapidly absorbed; correctly-formulated oral rehydration mix or any of the rehydration sports drinks will do the trick nicely. The sports drink variants even have the advantage of tasting quite nice, too. Granted, you don't get the placebo effect of a bloke in a white coat sticking a needle in your arm, but you also don't run the risk of septicemia from an iv-sourced infection.

8
0
Dr Dan Holdsworth

Re: "amps up the immune system and detoxifies the liver”,

s/borderline//

Look at what you're getting: someone is sticking a cannula into a vein, and running a litre or two of saline plus other additives into your vein. This is about as invasive as a treatment can get; you are reliant on the operators being clean to hospital standards or above (they won't have a crash team and hospital pharmacy on hand to sort out any inconvenient infections or cardiac arrests on hand) and careful to hospital standards or above.

Even if running glucose saline fresh from a medical supplier, using fresh equipment each time and trying their damndest to keep everything ultra-sterile was all they were doing, they would still be doing something bloody dangerous. Instead they're mixing in other stuff into the glucose saline, which requires a skilled and aseptic lab to do this in, and this is not at all easy to do.

It is even less easy to do on a large scale, and do it repeatedly and to a high standard of accuracy and cleanliness. Even hospitals can't do this, and generally don't do this. If a hospital wants to run, say, some paracetamol solution into a patient, then they set up a known-sterile glucose saline drip, and run a known-sterile bottle of the paracetamol solution into the input stream of the glucose saline.

The hospital will try their best to keep everything clean, but if a patient does get an infection, they can sort this out. This cowboy clinic is taking people in, running in litres of saline, then discharging them before it is know whether the patient has caught anything from the procedure.

Quite frankly, I'm amazed they haven't killed people by now.

17
0

Met Police wants to keep billions of number plate scans after cutoff date

Dr Dan Holdsworth

Re: Prediction

Scene poisoning with foreign DNA is already an item in the enterprising burglar's tool kit. How it works is quite simple.

To start with, a burglar visits the smokers' corner of a notably dodgy pub after hours, and collects cigarette ends, most of which will have been smoked by persons on the police DNA register. Said evidence is carefully bagged and retained.

When our burglar is next out thieving, he takes care not to smoke himself, but to leave several of the carefully-collected fag-ends around the exterior and interior of the property he is burgling. This then gives the police an easy lead as to who has committed the crime.

In court, the standard "odds of X million to one again" canard is presented, and the previous bad character of whichever numpty has been fingered, together with his lack of an alibi for the time in question, lead to said numpty getting falsely convicted. More tellingly, the real culprit gets away as the police have already "caught" the culprit and thus feel no need to look any further.

23
2

Bats and badgers hold up Apple’s Irish data centre plans

Dr Dan Holdsworth

Re: noooo...

Irish legend had it that there were actually two species of badger in Eire; the Dog Badger, a dirty, scrawny beast much given to scavenging and eating carrion and the Pig Badger, an altogether nicer beast that was generally plump, exclusively vegetarian and exceedingly nice to eat.

I do rather suspect a spot of advertising talk in this legend.

2
0

Beware the terrorist drones! For they are coming! Pass new laws!

Dr Dan Holdsworth

Re: yeah, that'll work..

I recall a conversation with an aero-modeller on Baildon Moor, about a competition his club had run for the most unusual object flown. A flying toilet door had taken that prize. Pretty much anything will fly, given enough thrust, and if you can arrange for the object to be mostly wing with a tail to stabilise it then it'll fly really rather well.

Stick on a petrol motor, simple height-maintaining avionics and a gyro-compass and this crude drone will then fly perfectly happily, maintain height correctly and follow a set path. This was how a V1 flying bomb worked; it really was not rocket science at all (Pulse jet science, if we're being picky). To control bomb drop, the V1 simple fell out of the sky when it ran out of fuel; any number of alternatives could be used.

Legislating against specific devices is silly. If you want to do something about drones, work out how to shoot them down effectively without causing trouble with missed shells impacting somewhere else. A super-shotgun may well be the best option, rather than lasers.

5
0

GCHQ mass spying will 'cost lives in Britain,' warns ex-NSA tech chief

Dr Dan Holdsworth
Black Helicopters

Re: Gosh, a voice of reason speaking to our government!

To be perfectly honest, I don't think the spooks themselves want this mass surveillance either. From their perspective, this is also a lose-lose prospect.

Look at this from the spooks' point of view for a while. They get their mass surveillance law, and within days they get the power and ability to round up trolls, loud-mouthed blowhards, keyboard warriors and assorted noisy plonkers by the dozen (and one look at any unmoderated forum will show up these sorts of people by the thousand). The problem here is that loud trolling isn't actually much of a crime, save against the rules of grammar and politeness. People are rarely physically harmed by words on an internet forum.

Even deluded Walter Mitty types rarely do all that much harm. The likes of the Baron of Castleshortt are harmless nitwits, who provide military forums with much amusement debunking their exaggerated claims, but who are not actually anyone's problem.

Actual terrorists, on the other hand, tend not to make a great deal of noise. They especially won't make much noise after Mr Rehman and his wife both got life sentences for terrorism-related offences, having shot their mouths off on Twitter.

No, what is a lot more likely to happen is that the security services will get swamped with data, fail to spot several serious plots which either go to fruition or are picked up on by the police and stopped, and then the heads of the security services will be forced to resign for incompetence. A few times round the block on that one, and the security services will end up with mass surveillance data that they either don't use, or pay only the most cursory attention to unless a target is clear. In other words, the government legislates to piss a huge amount of money up the wall before tacitly admitting that it was all a waste of time and the old tried & trusted security methods were a lot more useful.

21
0

T'was the night before Christmas, and an industrial control system needed an upgrade

Dr Dan Holdsworth

Re: Which movie was this?

I've seen it in some Perl code written by a chap with the moniker of "Random John". This was for the now-happily defunct ISP Netline UK, and ran some of their internal reporting systems, AKA Lies for Managers.

Sometimes now I really do wish I had kept a copy of the original code, simply as a terrible example of how utterly shite Perl can be and still limp along being vaguely functional. The script ran as a CGI program called from a web site, and as it started up grabbed a huge chunk of required info from a separate script of "useful variables".

Then it lurched into action, and grabbed data from various RRDtool databases, web servers, and the in-house database server. That doesn't sound too bad, but all variables were declared global and "to save memory" variables got re-used in the code, so something like $start_date would change to holding a completely unrelated piece of information, and do this several times over.

The entire script could be broken entirely with the simple declaration: use strict ;

All of this was written in a coding style best described as "hurl tin of alphabet soup at wall", with minimal commenting (and most of that wrong or deliberately misleading), no indentation and precious little attention to readability. A complete dog's dinner of a mess, in other words, and I got tasked with sorting the thing because web browsers were timing out before its hideously unoptimised code could respond.

7
0

Drunk? Need a slash? Avoid walls in Hackney

Dr Dan Holdsworth

Or, on the other hand, we could actually solve the problem

The basic problem is that when exiting a club into the cool night air after an evening's drinking, the average person feels a great need to get rid of recycled beer. Thanks to councils closing down public toilets, there are simply no convenient facilities available.

Temporary urinals, even automatic ones which rise up out of the street in the evening, and drop down again in the morning, would seem to provide a much better solution. You could even go as far as re-engineering the walls of alleys into actual urinals, complete with some sort of cleaning system, to give clubbers somewhere to relieve themselves.

20
1

After Death Star II blew: Dissecting the tech of Star Wars VII: The Force Awakens

Dr Dan Holdsworth

AI must be harder than we thought.

The extreme longevity and actual scarcity of droids probably indicates that the actual AI brains of droids are either very difficult to produce, or more likely are a secret of just a very few manufacturers. The lack of pervasive semi-smart computers everywhere also hints that there may be an enormous downside to these, possibly something on the lines of the entire network going sentient and demanding fair pay, equal rights and so on.

A similar thing may be at play with droids as well; the few droids we do see are treated like complete dogsbodies, yet do not revolt at this treatment. Clearly there is an art to building a superhuman slave which does not revolt against its masters. This also likely explains why the Trade Guild war droids are centrally controlled and indeed kept on a very, very tight leash.

What is somewhat more puzzling is the lack of any large Force-based civilisations in that universe; it suggests that Force users have always been very rare.

3
0

HMRC bets the farm on digital. What could possibly go wrong?

Dr Dan Holdsworth

This entire argument is arse about face

Britain has probably the most complicated tax code in the entire world. This is what actually needs reforming; not the collection mechanism, but the hugely unnecessary bureaucratic bloat that makes actually working out who needs to pay what so bloody difficult.

A good example of this is the duties on drinkable alcohol. Currently there are sixteen different duties levied on alcoholic drinks, varying with type, concentration in the final product and so on. These could be replaced with just one duty on the actual ethanol in the drink, thus simplifying the entire thing.

This sort of bloat is evident everywhere in the UK's tax code. Huge numbers of pettifogging rules merely give tax avoiders more places to hide. The answer is not more rules, nor is it an unenforcible General Anti-Avoidance Rule, but instead streamlining the ruleset and reducing the number of different taxes.

9
0

IT salary not enough? Want to make £10,000 a DAY?

Dr Dan Holdsworth

Re: Dilemma

Ah no, because you will be trading as a limited company when you do the work and being a canny consultant, you will not be leaving very much money in the limited company from day to day. Your company will pay its sole employee a salary sufficient to satisfy National Insurance and all other payments will be as company dividends. No UK tax obligations will be evaded, but any that are not compulsory will be avoided.

Should the company be sued, the court is perfectly welcome to fight over the thruppence ha'penny that the company coffers contain.

4
0

Manchester 'wins' £10m to test talking bus stops

Dr Dan Holdsworth
FAIL

Deny reality

Denial of reality is what is going on here. Roughly 90% of journeys in Manchester are made by car, and as self-driving vehicles start to be introduced, this isn't going to change. Over time buses are going to slowly become obsolete.

So, Manchester city council, where does this leave you with your plan to make Manchester a complete bastard of a place to travel through in a car? Standing in the rain looking like a right bunch of plonkers, that's where!

4
1

Grow up, judge tells EFF: You’re worse than a complaining child

Dr Dan Holdsworth
Pint

Re: 'not known to Plaintiffs'

To be honest, what seems to be going on here is a clash between the freetards trying to paint everything in black and white, and the judge going for a more nuanced shades of grey approach. By way of analogy, consider driving a car.

I have a right to drive a car provided I do so with due consideration for others, and abide by the rules and regulations of driving. Thus I have the right to drive at the speed limit where appropriate, but I do not have the right to floor the accelerator and go everywhere at top speed.

The UK telecoms company Virgin Media seem to me to have sorted this sort of thing fairly well; if you use over their really rather generous fair use quotas of bandwidth, they choke down the network speed of your connection for a while. If you rampantly abuse the copyrighted material of major corporations, they give you several warnings before legal action.

In other words, try to abuse their service and your ability to do this is first reduced, then after much noise and repeated warnings is removed altogether. This sort of approach is proportionate, polite and generally highly effective.

0
0

Cyber-terror: How real is the threat? Squirrels are more of a danger

Dr Dan Holdsworth

Re: It's all about the blinky lights

Innovative chemistry is the answer here. All we really need do is add a chemical that tastes absolutely appallingly vile to the cable insulation (and believe it or not, there are chemicals known as stenching agents that are certified to do just this) and together with a distinctive odourant, we have a way of teaching rodents not to chew cables.

Or more exactly, a way to teach rodents not to chew cables thus protected, thus turning them to our less-innovative competitors' cables...

7
0

Europe didn't catch the pox from Christopher Columbus – scientists

Dr Dan Holdsworth
Boffin

Re: It was around before that

One other way to look at the problem is to look at the genetic diversity of syphilis in the Americas as compared to Europe and Asia. If it originated in the Americas and was imported by a few individual sailors infected in the Americas, you would expect the disease in the Americas to be much, much more genetically diverse than it is in Eurasia.

If on the other hand there is little difference in the genomes of the two populations of syphilis, then the hypothesis that the disease was ubiquitous is much more likely. Syphilis is a spirochaete bacterium, so ought to have a passably large genome, unlike a minimalist virus, so this sort of analysis ought to be easier to do.

3
0

Speaking in Tech: Anonymous’s ‘total war’ on ISIS – how effective can it be?

Dr Dan Holdsworth
Black Helicopters

Re: Any Disruption

Oh don't be so bloody daft!

Most of what ISIS is doing is via big media companies like Twitter and Facebook. Some spotty git doing dictionary attacks on the accounts of other similarly sad religious nitwits' pages is not going to discomfit ISIS in the least, though it will piss the media companies off royally.

The way to shut down ISIS accounts on big media companies' sites is very simple. As most are American, you simply ask the CIA if they could possibly go and have a little chat with the chief executives of these companies. I would expect that the chat would go something like this:

"Ah, good morning ladies and gentlemen, thank you for agreeing to see me so promptly. Now, my superiors tell me that your company seems to be hosting quite a few propaganda sites for various sworn enemies of the United States. As I'm sure you all know, we have quite a few laws forbidding this, and should we suspect that you were not doing your utmost to prevent this abuse we would have no alternative but to investigate.

Now, in order to preserve evidence, our usual means of investigation of these sorts of things is to seize the servers upon which the material is hosted while we check to see what is hosted where; obviously you would have to make alternative arrangements to keep your business running whilst we investigated, but as I say we only do this if there is clear evidence of wrongdoing. So, folks, would you mind awfully just checking to see that our fears are unfounded, before we have to investigate these matters more fully?"

That is how you shut down terrorist propaganda sites.

0
0

Identifying terrorists: Let's find a value for needle in haystack

Dr Dan Holdsworth

Data overload time

As soon as you know that the spooks are watching for certain patterns, it is childishly simple to start overloading them with false positives. Most home computers in this country run Windows, and most of these Windows machines are not fully patched or are even running completely out of date operating systems. Therefore most computers in the country are vulnerable to a lot of malware that is out there.

So, consider what happens when some smart malware authors get into the fray. These people would first of all try to make a mildly malicious bit of code that would try to infect as many systems as possible, and which once in a machine would start making HTTP GETs to as many dubious, dodgy websites as possible.

Jihadi forums, pornography, radical politics, bulk nitrate fertiliser suppliers, cat litter bulk suppliers, red diesel and heating oil merchants, carbon credit brokers, EU VAT law forums; everything anyone can possibly think of to throw up spurious interesting coincidences.

Do that in a few thousand households, and very quickly the GCHQ database is so skewed that only law abiding and frankly exceedingly boring people will ever get picked up, on the grounds that they're way too squeaky-clean to be real.

0
0

Has anyone lost 37 dope plants, Bolton cops nonchalantly ask on Facebook

Dr Dan Holdsworth

Re: Oh, that's where I misplaced those.

Plod in America is getting worryingly devious, though.

Quite a few police stations in the USA are running campaigns aimed at the local drug dealers, inviting them to tattle on their competitors in the drugs trade, in order to reduce the local competition with their products. As there is no honour amongst criminals, a cycle of tit-for-tat informing is soon set up, with the local plod being the net beneficiaries of all of this.

1
0

Hi, um, hello, US tech giants. Mind, um, mind adding backdoors to that crypto? – UK govt

Dr Dan Holdsworth
Black Helicopters

I don't see why this isn't readily possible

Do note that Mr Cameron hasn't said how quickly he wants the encrypted material to be decrypted. All we do is hand over the encrypted text, and a secondhand ZX-81 and tell Plod "There you go, this'll crack it... eventually."

It will, too. Probably after a few zillion years, but nobody said this sort of thing was going to be easy, did they?

1
0

Top cops demand access to the UK's entire web browsing history

Dr Dan Holdsworth
Black Helicopters

Re: Script needed...

The slight problem here is that the customers of a major ISP look at a LOT of web pages. Recording the URL of everything that goes through their systems will need a very great deal of storage, and therein lies a problem: storage costs money, and fast storage costs a lot of money.

On the other hand, the Government is asking for a load of web log data that they do not know the content of ahead of time. An Evil ISP might well therefore automagically generate some plausible-looking and entirely legal logs on the fly and give that to the spooks in lieu of actual data, on the premise that if the aforesaid spooks don't find anything illegal, they're not going to pry further.

Alternatively, if the fines for non-compliance are low, simply not bothering at all and swallowing low fines as a price of doing business, instead of the high costs of doing the government's dirty work for them might be an alternative route.

2
0

Second UK teen suspect arrested over TalkTalk hack

Dr Dan Holdsworth
FAIL

Re: flailing around to find the actual hacker

I have seen it reported that there were telephone-based social engineering attacks going on for at least a week, and probably longer before the main hacking event took place. I therefore think that the Talktalk vulnerability to an SQL injection attack has been fairly common knowledge in the black hat community for quite a while, with many a script kiddie giving it a go to see what could be extracted.

As the only reported attacks have been social engineering ones, I am inclined to believe Talktalk when they say that no complete bank details could be stolen via this SQLi attack. The script kiddies being rounded up thus far are just the first few muppets with UK IP addresses seen in the logs of Talktalk; small fry and of no real importance at all, though UK police will doubtless be prosecuting with customary verve.

As the main hack event coincided with a major DDOS, I rather think that a larger hacking outfit had a good, long sniff round the original SQLi vulnerability and decided that since Talktalk appeared to be rather bad at security, more than just incomplete bank data might be obtainable if a bit more force were used.

Thus far, very few reports of major thefts from Talktalk customers' accounts seem to be surfacing, so it would appear that at least some of Talktalk's security is decent.

1
2

TalkTalk attack: Lad, 15, cuffed by UK cyber-cops

Dr Dan Holdsworth
WTF?

Re: Bobby Tables, 15, cuffed by TalkTalk hacking probe cops

Seeing as how the flaw was probably as old as the hills, who says that it was just one individual who was onto it? The fact that assorted Black Hats have been conducting social engineering attacks on Talktalk customers for a couple of weeks now suggests the following:

1) The flaw is an easily-exploited one.

2) The flaw was either widely known in the Black Hat communities, or was easily discovered.

3) Insufficient information could be gleaned from the attack to compromise credit or bank accounts using just that information, hence the extra social engineering seen.

What we may well be seeing is the aftermath from a series of different attackers. The kid so far collared will be just one of many, and the DDOS attack may well be only slightly connected with the other attacks. Black Hats are not all geniuses, indeed many are as thick as two short planks. The DDOS may well be down to one of the stupid outfits who were unable to understand that an SQL injection attack didn't need a noisy cover to succeed.

Indeed, the DDOS might well have been an attempt at extortion, when the SQL injection didn't yield the vast treasures that someone was told it would yield.

3
0

Laid-off IT workers: You want free on-demand service for what now?

Dr Dan Holdsworth
FAIL

You know, this seems too idiotic to be accidental. Even if the clause is never acted upon, it demonstrates a level of anti-clue so profoundly horrifying that I for one would view that bank as a terrible organisation to be looking after my money. I would therefore start looking to see if some of the HR of SunTrust have been bribed by SunTrust's competition to put this clause in as a form of economic sabotage.

32
0

The Emissionary Position: screwing the motorist the European way

Dr Dan Holdsworth

First dodgy testing, now dodgy computer models?

I rather suspect that quite a few of these findings are not actual real world measurements, but are guesstimates from computer models and as such inherently suspect until checked by actual real-world figures.

0
0
Dr Dan Holdsworth
Boffin

Re: Itain't necessarily so!

The thing to remember with both petrol and diesel engines is that the technology has changed a very great deal in the last couple of decades in both cases.

Diesels have changed from indirect injection using mechanical injectors to direct injection using piezoelectric transducers to modulate how much and when the fuel is injected; modern diesels also use variable vane turbochargers. The net effect is to spread out the torque and power curves, so that diesels are efficient and powerful at a wider range of speeds.

Petrol has if anything undergone an even greater series of changes. Old-style petrol engines used carburettors to produce a petrol-air vapour which was then sucked into the engine. This vapour had to be sufficiently concentrated to ignite from a spark (hence the choke on earlier designs, to enrich the mixture when the engine was cold). This changed to injection into the intake system, and then to the modern, direct injection systems.

These inject petrol directly into the cylinder, but vary the mix so that there is a blob of richer mixture next to the spark plug, and leaner, less rich mixture elsewhere. Combined with a turbo this makes these direct injection engines very, very fuel-efficient indeed.

Toyota hybrid engines have another trick: they are not Otto-cycle engines but are Atkinson cycle engines, which means that more power is gotten out of the petrol combustion cycle, at the expense of somewhat reduced power and torque.

Jaguar recently went one better with a prototype gas turbine engine, which used gas turbines to generate power very efficiently to drive electric wheel motors, with a battery pack in between to smooth the power flow. This works and indeed a US truck company is selling LPG-fuelled gas turbine electric transmission replacement systems, but the problem here is the high cost of the gas turbine engines, which are uneconomic for passenger cars.

1
0

US Treasury: How did ISIS get your trucks? Toyota: ¯\_(ツ)_/¯

Dr Dan Holdsworth
Mushroom

Re: Stones and Glass Houses

The basic problem for ISIL and indeed any force operating in desert conditions is vehicle maintenance. Nick a job lot of Humvees, and sooner or later a component breaks for which the local mechanics cannot bodge together a replacement, at which point the car is junk.

A similar thing is true of armour in the Third World; tanks take a lot of maintaining, and when they break down, you need the correct kit and trained people to do something about it. Quite often a pack change is the best option; take out the entire engine pack and replace with a reconditioned one, then repair the old one back at your workshops. ISIL do not strike me as a group capable of doing very much of this since workshops need skilled mechanics and a good parts supply chain, which in turn needs coordination and a reputation for being good payers.

The best fall-back is what they are doing: use vehicles already common locally, like Toyota trucks, and simply do not bother with armour or any more than light artillery. A Hilux with a heavy machine gun on the back makes a very effective support vehicle, and replacing the truck, the gun or indeed the operators isn't difficult simply because all three are readily available locally.

1
0

Slander-as-a-service: Peeple app wants people to rate and review you – whether you like it or not

Dr Dan Holdsworth
WTF?

I wonder what happens when someone merely tries to force UK ISPs to drop this site from their DNS (or similar mostly-effective censorship method) due to libel problems?

2
0

Whoops, there goes my cloud: What to do when AWS foresakes you

Dr Dan Holdsworth

The downside for the jobbing PHB here is that there is a tendency to want to brand services with the local branding. So, instead of buying in an email supplier for the company Acme Widgets Ltd and simply telling the staff that you've done that, the cloud email supplier is often, even usually branded as Acme Widgets Ltd email.

So, when it suffers an outage, those people who know that the email is outsourced to cloud will blame the PHB for using unreliable cloud services, and those who don't will simply blame the Acme Widgets Ltd BOFH.

Either way, whoever is in the BOFH role and whoever is the PHB for Acme Widgets Ltd is going to get it in the neck either for running a crap service, or for choosing the wrong cloud supplier, or (moving higher up the chain) for trying to scrimp and save a few quid and ending up instead costing the company $BIG_BUCKS when the system goes tits up.

Basically, you can't win in this game. Either the lusers blame you for the solution costing too much, or for it being unreliable.

2
0

POLAR DINOSAURS prowled ARCTIC NIGHT, cast doubt on COLD BLOOD theory

Dr Dan Holdsworth
Boffin

Re: This is news???

Feathers or feather-like structures have been found in every dinosaur group except sauropods, and there have been next to no fossils of juvenile sauropods found (juveniles are much more likely to need feathers than huge adults). Insulation is only any use to an animal that internally generates heat; a cold-blooded animal is actually hampered by insulation.

The current hypothesis is that homeothermy (warm-bloodedness) is ancestral to dinosaurs; an internally-maintained warm blooded condition evolved before dinosaurs did. Homeothermy in a small animal and in a big one is different; the surface to volume ratio alters so much that very big animals have more trouble losing heat than they do retaining it (whales lose heat through their tongues, for example).

Big herbivores would have had another advantage; they were essentially fermenting huge volumes of plant material in their guts, which generates quite a lot of heat. Cows do this very thing today, and benefit quite a bit from having what amounts to an internal heating system. Bison, when over-wintering, can store enough fat to get through the winter without feeding much, but nevertheless still dig into snow to feed just to keep the bacterial colony in their guts ticking over and generating heat.

0
0

India to cripple its tech sector with proposed encryption crackdown

Dr Dan Holdsworth
FAIL

How to cock up your tech economy

Yeah, yeah, very good.

Now try doing that with an SSH session, which has been carefully designed NOT to keep hold of session keys and NOT to hold onto session data. Quite a lot of design work in SSH has been based around making it really quite incredibly difficult to save this data.

If you mandate that this data be retained, you have to fork the SSH source and build in new functionality, make sure this works, make sure it doesn't introduce any new vulnerabilities other than the honking great big one that this has to introduce, and keep up with all the patches that occur in the mainstream product.

This is a hell of a lot of work, more so because the session data has to be stored securely somewhere (local strong encryption of these sessions as they are stored would be my preferred option) and also because the amendments and add-ons may well introduce bugs and vulnerabilities.

On the other hand, outsourcing to an Eastern European country and training the locals in speaking vaguely intelligible English is another option. With the massed exodus from India to, say, Elbonia as an object lesson it is pretty certain that the Elbonian authorities will be most careful not to cause a repeat occurrence of the exodus.

4
0
Dr Dan Holdsworth

Re: Here's my comment...

This is why governments have civil service advisors to tell them when they're about to make themselves look like complete prats. If Government ministers don't listen, then on their heads be it.

2
0

Blood-crazy climate mosquitoes set to ground Santa's reindeer

Dr Dan Holdsworth

Re: Make your mind up

Measurement of CO2 levels and inferred temperatures using ice cores with better dating methods has shown that although higher temperatures and higher CO2 levels occur at roughly the same times, the higher temperatures seem to lead the higher CO2 levels.

In other words, higher temperatures cause higher CO2 levels, and not the other way around.

0
0

Well, what d'you know: Raising e-book prices doesn't raise sales

Dr Dan Holdsworth

Re: Cars?

If you are doing a high-ish mileage commuting, as I am, you face a choice in car ownership. You can either buy a reliable-looking vehicle and keep it until it looks like it is becoming a money-pit, or you can buy a vehicle on a lease contract, keep it a few years paying the wear and depreciation costs plus a small premium, then trade it in for another one.

In the former case, you are looking for reliability and economy from the word go.

In the latter case, you are only looking three years ahead, instead of six or seven. Thus in the lease-hire case the person does indeed have a shorter outlook and can afford to make shorter term choices. Of course, if they happen to be skinflint Yorkshiremen like myself, they simply choose an ultra-economical diesel for the money saving.

1
0

Legal eagles accuse Labour of data law breach over party purge

Dr Dan Holdsworth

I do wonder...

I wonder how many of the people who supposedly asked to join the Labour Party actually exist? Were I running the vote, I would at least try to make sure that the names of the supporters correlated with those of people on the electoral roll.

This would prevent entirely fictitious characters like A. Nonymous and Firstname Lastname from being able to vote without having a look at the local edited electoral roll and choosing suitable extant people to impersonate.

It isn't much of a security check, but it is better than no security check at all, or a google search on each name.

1
0

Ashley Madison spam starts, as leak linked to first suicide

Dr Dan Holdsworth
WTF?

Engage brain here, folks

A load of data was stolen from the Ashley Madison databases.

A load of data that some criminals claim was stolen from these databases has now appeared online.

If you look closely, there's a gap between the data being nicked, and the data turning up online. Remember, we're dealing with criminals here, so who is to say that the data has not been tampered with between being stolen and being released?

Ashley Madison were also known for not doing very much, if any, checking on emails they were given. Thus I dare say root@127.0.0.1 will have been trying to cop a free shag according to the records; certainly email@example.com was.

Just because an email address was in the data dump doesn't mean that the person whose email it purportedly was had ever joined that site, or been involved with it in any way, shape or form.

1
0

Visitors no longer welcomed to Scotland's 'Penis Island'

Dr Dan Holdsworth
Joke

Q: How many Gaelic Language academics does it take to change a lightbulb?

A: 202. One to hold the ladder, one to change the bulb, 200 to think up a Gaelic equivalent of "Lightbulb".

21
0

High-heeled hacker builds pen-test kit into her skyscraper shoes

Dr Dan Holdsworth
Black Helicopters

Yes, it is entirely possible to get much, much smaller, more compact lock picking tools that will do the same as the stuff she was waving around there. However if the owners of a datacentre are serious, they will not be using the frankly laughable rubbish that the likes of Masterlock are selling, but will (like my employer) be using Abloy locks.

Abloy make locks which are not susceptible to shimming, nor to simple pin-lifting tricks. They can be opened, of course, but the quick way tends to be rather SOE and very noisy.

It is also worth noting that any data centre worthy of being called secure will not permit anything with an unknown MAC address to send any packets at all, and very likely simply will not have any internal wifi network, simply to remove this attack vector. On a similar line, this pen tester wouldn't be allowed in simply because her footwear doesn't meet the international safety standards.

Still, nice trick to smuggle in tools, and some rather nice silicone on view, too (I'm only human...).

1
1

Rock reboot and the Welsh windy wonder: Centre for Alternative Technology

Dr Dan Holdsworth

Lessons in ecology optional...

If you visit this place, do remember to ask how many species of water plants are currently growing in the pond they have at the top of the hill. The muttered answer will be three or four.

Then ask how many they planted originally: 12 if memory serves.

What happened is that a centre that prides its self on knowledge of ecology and biology just tried to buck one of the few ecological theories which has actually been thoroughly experimentally tested: island biogeography.

Basically, you need a set amount of habitat for each species in an ecosystem. Make the ecosystem too small, and some of the excess species will go extinct. Doesn't need to be the same species each time if you re-run the experiment, but you always hit about the same number of species per unit area of habitat.

Nice of them to test that one out for us again, eh?

Oh and try not to mention otters to the staff, either. They don't like otters very much, not after one made a habit of climbing out of the river below the site every evening, scampering up 200 feet of hill, diving into the pond and scoffing expensive koi carp until dawn, then waddling back down again.

12
1

The Ashley Madison files – are people really this stupid?

Dr Dan Holdsworth

Re: Lets look at this

Several other websites will *claim* to have accurate dumps of the data, and will *claim* to check the email address you type in to see whether this is in the stolen data.

Note that I said *claim*?

What the websites will actually do is record all the emails input into them, and occasionally, randomly, return one as being in the stolen data. The list of new, mostly known-working email addresses will then be sold on to spammers selling new dating web sites (seeing as these people have helpfully self-selected as being a) stupid, b) interested in dating websites, c) stupid enough to give out working email addresses to untrusted websites, d) really, incredibly stupid and of course d) stupid.

There's nothing like working with a known-stupid, known-horny crowd when you want to sell something. Stick a pair of tits on it, and these geezers will buy it, regardless of what it might be.

This business model is after all what Ashley Madison were all about: flash tits at thick, sexually frustrated male audience, wave huge computer-generated list of female members (*ahem*) at said audience, and rake in a membership fee every month. Oh, and hope that the few prostitutes who get past your rigorous checking system (yeah, right) are up to taking on a lot of work.

5
0
Dr Dan Holdsworth

Re: "The Ashley Madison files – are people really this stupid?"

The notoriously long reach of UK libel law does not extend to the USA, except in special cases. The US congress signed into law an act called the Speech Act in 2010, which makes libel rulings foreign to the US unenforcible in the US if the rulings are deemed to run counter to the US constitution rules on free speech.

Practically speaking, this means that most UK libel judgements would need to be re-run in the US courts before being considered enforcible over there, which rather takes away the point of libel tourism.

3
0

Hey, folks. Meet the economics 'genius' behind Jeremy Corbyn

Dr Dan Holdsworth
FAIL

Re: interesting on Murphy's education

Economics and programming have a few things in common; both are complex sciences with plenty of blind alleys and gotchas into which the unwary and untutored can easily blunder. Self-taught programmers are relatively easy to spot; they tend to be either one-trick ponies, or to turn out pedestrian, uninspired and frequently quite buggy code.

The same is true of self-taught economists.

Murphy seems intent on ignoring everyone else's mistakes so that he can make them anew all by himself. There is a rude but highly descriptive word for one who takes this approach: idiot.

True genius gets to where it is by standing on the shoulders of giants, that is to say by learning from earlier genius in the field and not making the same old mistakes. Murphy is alas no genius and as the original author points out, it is indeed worrying to see him having such an influence on a potential PM.

2
1

Page:

Forums