* Posts by John Robson

1539 posts • joined 19 May 2008

German prof scores €2.4m EU grant to crack software on your bicycle

John Robson
Silver badge

Re: Its a bike...

There are broadly two classes of electric bike.

One is legally a pedal cycle (no special clothing, no VED, no registration) and the other is basically an electric motorbike.

Some places on the continent blur the lines slightly with mopeds and the rules around those vary - but technically you ought to be able to pedal those (not that you would want to)

1
0
John Robson
Silver badge

"Last time I saw him (a few years ago now), he was working on wireless brake controllers. It's a very interesting exercise analysing the reliability of wireless brake controls, and computing that despite your natural horror at the idea, they're no more likely to fail than a brake cable is to snap."

I'd suggest that the likelihood of either is dependant on maintenance.

If you don't keep charging a wireless system it will fail catastrophically fairly quickly. This is particularly true of the 'actuator' end of the system.

If you don't maintain a brake cable then after many years it will start to fray - it will get harder to apply the brakes, and eventually one of them will fail - but by that stage most people with that little mechanical sympathy will have taken the bike to their bike shop for new pads.

It's easier to get a cable to snap if you manage to set it up very badly of course...

Then he omits to mention hydraulics...

I wouldn't trust wireless brakes on a push bike - but it's not just the 'wireless' bit that concerns me, it's the extra batteries. And with wireless you can always jam a signal - which in this case would presumably put the brakes on full, inevitably causing a face plant for anyone on an upright bike...

1
0

IBM says no, non, nein to Brexit

John Robson
Silver badge

Re: @codejunky - RE: Brexit is all a sham like the Scotland referendum.

"There are 2 ways to look at the people who didnt vote. They dont care or they implicitly accept the outcome."

Or that they don't think it makes a blind bit of difference.

Would you like to be shot or hung: Please vote now.

2
1
John Robson
Silver badge

Re: @codejunky - RE: Brexit is all a sham like the Scotland referendum.

"@ John Robson

"I'm sorry - but 37% is not a majority."

Yes it is. When everyone else got considerably less than 37% across all parties yes it is. Simple math the most voted for the tories by a clear margin."

No - it's the largest slice, it's not a majority.

There is a nice table here: http://www.bbc.com/news/election/2015/results

Tory: 37% 331 seats

Labour: 30% 232 seats

Lib Dem: 8% 8 seats

SNP 5% 56 seats

So why is a 1% of the votes cast worth 1 seat for the Lib Dems, 7.7 for Labour, 8.9 for Tories and 11.2 for the SNP.

There are 650 seats, so each % of the vote should yield 6.5 seats worth of representation...

2
0
John Robson
Silver badge

Re: @codejunky - RE: Brexit is all a sham like the Scotland referendum.

"@ Graham Marsden

"Remind me again: What percentage of the votes did the Tories get which gave them a "majority" in Parliament?"

The majority, to the shock of a lot of people, including the tories who expected anther coalition. Looking it up the figure is almost 37% while labour got 30% with the rest being divided out. You might not like it but"

I'm sorry - but 37% is not a majority.

It might be the largest slice, but it is clearly far short of a majority.

Even worse is the percentage of the electorate who voted for them...

3
2

Colander-wearing Irishman denied driver's licence in Pastafarian slapdown

John Robson
Silver badge

Re: Obviously a parody

It's a parody because it was set up as one.

What scuppered him here was admitting that he didn't wear the colander to work, or on social occasions. It is therefore not a core tenet that it is always worn, so removing it for a photograph is clearly acceptable.

28
0

Google discovers you assume clouds just work

John Robson
Silver badge

That's good...

They have looked and decided that alerting users to BAU activity that is reliable is worse than telling them nothing - since they stop reading the alerts for serious issues.

The point of cloudy services is that it is SEP - so that's how people treat it.

0
0

HTC 10: Is this the Droid you're looking for?

John Robson
Silver badge

Re: HiRes

"This too shows ignorance of your knowledge of audio. The DAC built into this phone does make a huge difference especially using hi res ear buds.

It's your ears, but you're missing out."

I agree - the quality of the DAC is very important. And Ultimate Ears Reference earbuds would probably be considered high fidelity.

But there is no benefit in reproducing sounds that are at more than twice the frequency I can hear - and the act of trying to reproduce them means that the hardware is less well tuned in the audible frequencies, AND that you end up with unwanted audible harmonics.

As for 24bit depth - the human ear can theoretically get better than 16 bits, but 16 bits, with dither, can easily represent over 100dB of dynamic range. What are you trying to listen to that you need to go to the threshold of hearing (which is significantly less than an incandescent light bulb at 1m) and the threshold of pain?

0
0
John Robson
Silver badge

HiRes

It's HiRes certified?

Really - who cares, 16 bit 44k is all anyone needs at point of playback (there are cases for deeper bit depth and, at least temporarily, higher sampling rate during production).

My TV supports colours way past mere blue, both ultra violet and x rays are faithfully reproduced...

9
2

Ex-NSA security expert develops generic Mac ransomware blocker

John Robson
Silver badge

Re: the chicken or the egg

It's not as if he claims any particular self protection - in fact he explicitly says that anything designed against it would probably work...

It's a first step, and should be an embarrassment to the current 'black list' discovery style of security software. It really is time that we had whitelists by default...

2
0

UK web host 123-Reg goes TITSUP, customer servers evaporate

John Robson
Silver badge

Re: The National Enquirer of Technology

"Trouble is, I've never come across a cloud/hosting/service provider that did keep people informed."

My current provider has had a couple of issues over the past few years.

There was even an IP range change (having to give back small slices in order to get larger slices), there have been data centre level DDOS and a router screwup.

But I have always had an email from the main technical support within minutes of it kicking off (I was actively online for one of the events, and I hadn't finished bashing out my "what's up" email before theirs hit my inbox).

Regular updates of what they are trying along the way, then a decent breakdown of the issue after.

Makes life so much easier if people admit that things go wrong, and deal with their customers as if they could do it as well...

Who? corgi tech

I was a fairly early customer and agreed to switch data centres for bonus features (i.e. I pay a lot less than I should) - but it's still pretty good value anyway. I don't use it for anything particularly critical, but I really notice when it isn't there...

0
0

Line by line, how the US anti-encryption bill will kill our privacy, security

John Robson
Silver badge

Re: How to get a supercomputer, paid for by the USA Gov...

Buy it online, submit invoice to US Gov.

If they don't pay inside the DLR time limit then return supercomputer to supplier...

0
0
John Robson
Silver badge

Re: Evil one time pad

"My question is that if you decode the decoy message, does not that give some clues (either by changes at conversion time or by what's left) that might make it more vulnerable to finding out that there's another message in there? Or worse - to decoding it? "

Any OTP encrypted message contains ALL messages of the same length (or shorter) - you just need the appropriate OTP to get to it.

All that the "innocuous OTP" proves is that someone has combined the 'crypt data' with 'innocuous message' to get an 'innocuous OTP'.

If you find the 'evil OTP' then you reveal the 'evil message' - but you need to demonstrate that that OTP was used on this message - since you now have two apparently valid OTP instances, and only one is genuine.

3
0
John Robson
Silver badge

Reasonable costs...

Well, I'll need a few dollars to research quantum computing, build working hardware, then I can start to crack the encryption to help you...

No I can't tell you if 'few' means a billion or 100 trillion...

2
0

Ad slinger Phorm ceases trading

John Robson
Silver badge

Regrettably?

Best decision ever.

Taken a long while though - hope the major losses are confined to those not at the coal face

15
0

Picture this: An exabyte of cat pix in the space of a sugar cube of DNA

John Robson
Silver badge

Re: A writeable CD left on window sill

I have just gone through a data refresh project - discs which were written and then filed in individual sleeves in a disc storage case, with silica gel left inside. Stored in a fireproof safe.

Those from 2005 are *mostly* readable. There was a ~5-10% failure rate, and those discs were looked after rather well. It is possible that the data was corrupt when written.

Unfortunately I am no longer in that role, and the 2001 discs were next on the list...

0
0

FBI Director defends iPhone 5C unlock tool that's obviously going to leak into wrong hands

John Robson
Silver badge

Re: Trust me, I'm from head office

Slartibartfast: Come. Come now or you will be late.

Arthur: Late? What for?

Slartibartfast: What is your name, human?

Arthur: Dent. Arthur Dent.

Slartibartfast: Late as in the late Dentarthurdent. It's a sort of threat, you see. I've never been terribly good at them myself but I'm told they can be terribly effective.

3
0

Champagne weekend for Blue Origin with third launch

John Robson
Silver badge

Re: Toy rocket....

Well...

Yes I know that Bezos is building towards bigger rockets, and these are already serious bits of kit. But the grasshopper was doing all of this several years ago - it was just using a lower peak altitude because it wasn't targeting tourism, but was a pure technology demonstrator.

There was a great infographic posted a few months back - pointing out that the Falcon 9 first stage could put a fully fuelled and loaded Blue Origins NS into orbit...

That's a colossal difference in capability!

2
0
John Robson
Silver badge

Toy rocket....

This is a pure toy - there is nothing wrong with that, but any attempt Bezos makes to compare this with the Falcon is like comparing one of those kiddie electric ride on cars with a supertanker...

5
2

Tesla books over $8bn in overnight sales claims Elon Musk

John Robson
Silver badge

Re: @ bazza

Sorry - missed this para:

"When I start my car on an average UK morning, the first thing I do is turn the heating full on for a good 15 minutes. In the winter, it's front and rear electric defrost for a good 10 minutes and 50% heating/demist all the time. In the summer, I have the aircon running. I have a feeling that these conditions would invalidate the mileage range claims for any electric vehicle."

Err - it's plugged in, so all you need to do is tell it you'll be driving in 15 minutes, and use the mains feed to preheat the car. Easy. No cold running engine either...

5
0
John Robson
Silver badge

Re: Lead, follow, or get the hell out of the way.

"If you're thinking of repairs, please turn your attention to the battery pack. Never take your eyes off the battery pack. Battery pack. It's a 'Lifed' item. Clock is ticking."

Yes - it has a life - so do all the components in an internal combustion engine.

The battery was originally quoted as a 10 year predicted life. Since they have had a few being driven around that has now been revised Upwards as a result of the telemetry data. It's now 12 years.

Oh and that's when they have 80% charge capacity, so they are then useful in all sorts of other applications - probably static, and then they can be recycled into new batteries.

My car has just died, it was 11 years old - The engine is dodgy, the gearbox is a bit wonky, the brake lines are corroded - it's had various mechanical failures....

But a 10-12 year battery life doesn't seem so limited any more.

2
0
John Robson
Silver badge

Re: @ bazza

"The average automobile engine is only about 35% efficient, and must also be kept idling at stoplights, wasting an additional 17% of the energy, resulting in an overall efficiency of 18%.[7] Large stationary electric generating plants have fewer of these competing requirements as well as more efficient Rankine cycles, so they are significantly more efficient than vehicle engines, around 50% "

Grid losses:

"Total losses: 1,423.5 MW (2.29% of peak demand)"

Charging efficiency:

80-90% (theoretically 92%, but who gets that)

So even ignoring:

- Nuke plants

- Renewables

- Regenerative braking

You get 97%*80%*50% ~40% efficiency from an unrefined, centrally delivered fuel as opposed to ~20% for a highly refined and locally distributed fuel.

4
1

Hi! Up here! I'm your Amazon drone. Do you mind if I land now?

John Robson
Silver badge

Re: Prior Art

I wonder if "on a mobile device" covers applications on a drone?

4
0

Amazon WorkSpaces two years on: Are we ready for cloud-hosted Windows desktops?

John Robson
Silver badge

I presume...

that if you buy more than a couple of desktops the price comes down to something a little more reasonable.

1k/year is an awful lot for a system that could probably be set up in house for not much more than that (assuming that clients need to be added on in either case)

0
0

Only 0.1% of you are doing web server security right

John Robson
Silver badge

Re: Store the keys on the web server...

"On Dropbox? Really?"

I really didn't expect that the joke icon, or the </sarcsm> tag would be necessary. I overestimated the humour detection of commentards...

The point being that we can fairly easily defend a small piece of information against data loss.

3
1
John Robson
Silver badge

Store the keys on the web server...

and a copy on Dropbox, and you'll be fine....

Does this refer to losing the keys as in "I lost my house keys and now I can't get in", or "I lost my keys, and now Eve can impersonate me".

The first of those is pretty easy to defend against...

0
9

Oh, sugar! Sysadmin accidently deletes production database while fixing a fault

John Robson
Silver badge

Re: In a similar vein

"I once Ghosted a blank drive over a client's hard drive instead of the other way around - oops."

I have seen a RAID controller do that automatically...

Mirrored disks, one fails - alarm goes off, everyone carries on.

Pull it out, all good.

Pop in a new disk, all good

Array starts churning, excellent - copying data from one to the other, tea time.

Erm, where are all the files?

Why do we have two disks with identical unformatted data?

4
0

Google publishes list of Certificate Authorities it doesn't trust

John Robson
Silver badge

Re: Since users too often click through those warnings.

I'm sure you can turn it off - or just run your own CA - and install the root...

0
0
John Robson
Silver badge

Re: Since users too often click through those warnings.

"I would tend to agree, although in corporate environments the only root CA the clients need to trust is the in-house root"

Yes - although most companies don't MITM certain traffic (like banks etc) - they recognise that that would be seriously unethical.

Hence my "public" CA for these devices, which would be well known and only valid within an RFC1918 domain, and potentially not even across routers. The idea is a limited mechanism for those connections to be trusted - which will satisfy home users, and will allow corporate users to get a proper cert on there easily.

0
0
John Robson
Silver badge

Re: Since users too often click through those warnings.

Surely no need for it to do so though.

There is of course the question of what you are trying to do with said cert:

- Authenticate

- Encrypt

Why not have a "public" root CA which anyone can sign their "self signed" cert with - but that is only trusted on RFC1918 devices

After all - I suspect we're looking for data encryption, not authentication for these devices. You could even use the MAC address as part of the cert, and validate the connection against that as well (no routing allowed)

1
1

It's nuts but 'shared' is still shorthand for 'worthless'

John Robson
Silver badge

"True enough; but if your trading algorithm really works, you can get the same result in time by just leaving it running."

Not if it is time limited - and if you can leverage 1000 times more money that you have available, then you can jump start yourself very fast indeed...

You can then invert that into your own scheme, and get 90% returns (assuming that the Quantico service is actually providing things like the high speed links that you don't have access to)...

1
0
John Robson
Silver badge

You get 10% of the return on someone else's money.

Not just one "someone else" either - as many as think you are good at your job.

That could be a 10% return on much more money than you can risk personally...

5
0

A Logic Named Joe: The 1946 sci-fi short that nailed modern tech

John Robson
Silver badge

Re: *Remarkably* sharp prediction?

"Back to the story, it seems to show a setup where each house has a local server and storage more than computers connected to the Internet and uploading everything to four giant US companies."

From the story itself:

"The tank is a big buildin' full of all the facts in creation an' all the recorded telecasts that ever was made—an' it's hooked in with all the other tanks all over the country—an' everything you wanna know or see or hear, you punch for it an' you get it"

That sounds like a few interconnected data centres to me...

2
0

'Hot Tech Talent' IT job board ads caught up in sexism allegations

John Robson
Silver badge

Re: Image this

"I haven't seen any ads showing blokes. I saw th ad with a woman and just sighed. If you want to appeal to women to join the tech industry, why do you think this would attract them to the profession? Again, why would showing a sizzling hot stud attract men to the industry? Now, if you should men and women with their pockets loaded with dosh, looking happy and successful, that might work."

Maybe the women are there to attract the men and viceversa?

Maybe not everyone is motivated purely by money?

8
0

Who'd be mad enough to start a 'large-scale fire' in a spaceship?

John Robson
Silver badge

Re: So, the next time you see a falling star ..

It's generally shock heating - i.e. heating due to compression.

Meteors are generally fast enough that the air just can't move out of the way

2
0
John Robson
Silver badge

Why wait to downlink?

Is it just me or would others not activate this and want as much data as possible to be instant telemetry, rather than waiting until it's over before downloading it all?

If it goes "unexpectedly" then you at least get some data...

4
0

'Just give me any old date and I'll make it work' ... said the VB script to the coder

John Robson
Silver badge

I assumed everyone here had heard of...

The Daily WTF

11
0

Brits shun nightclubs and CD-ROMs for lemons, coffee and woman’s leggings

John Robson
Silver badge

Only if it's not plugged in...

WORM media has many benefits, and backups are one seriously good case for them

1
0

Dropbox slips 500PB into its Magic Pocket, not spread over AWS

John Robson
Silver badge

Now they do, rather than Amazon being the only ones...

I still don't...

0
0

Nest: It's no longer all about you. Now it can recognize your kids, too

John Robson
Silver badge

Re: Not under my roof you won't

"@John, I'd agree that your own, custom designed system will be a harder nut to crack, but the key issue here is that we're talking about volume produced products which are given to people who don't understand the very basics of security, usually because they're Joe Average - it's only us with our warped and twisted minds that immediately spot the inherent problems :)."

Yes - the custom nature makes it much easier - but actually the internal security doesn't need to be that complex. It's the remote access that's harder.

You could have matching internal security all of these things - and actually you could have fairly matching *external* security...

The value of the attack on each of these is still far lower than the cloud solution.

Obvioulsy having strong internal seciurity makes life better still, but reducing the value of each target makes a significant difference.

2
0
John Robson
Silver badge

Re: Not under my roof you won't

There's no need for it to be cripplingly expensive - I have a rasPi which runs as a security camera (and associated IR light), and controls (visible) lighting and secure access to my garage (rather nice when it's wet and dark).

Functions which logically hang together, and can be easily run by a very low power and low cost system.

There is an scp based data uplink to a hosting account under my control, so that security footage isn't lost in the event of an intelligent thief...

The security hole needs someone to break my VPN, then break my SSH key into the Pi - I reckon by that point they can figure out which pins to toggle on their own...

The reward is fairly low - one garage with some tagged cycles...

OTOH a commercial cloud based system has a much higher reward - Look I can see when any of these 100k people are out and unlock their door. Easy.

I'd like to run some digitally controlled TRVs and have that all handled by another RasPi.... But that needs to wait for a little while...

2
0
John Robson
Silver badge

Re: Not under my roof you won't

@Dan 55

Actually having those things working together is quite nice - but it doesn't require any external connectivity.

Open the door at night and have the lights come on...

A delivery man rings the doorbell, and your phone rings so you can talk to them, despite being at the school gate/shop down the road...

The issue is external connectivity, not that things can work together...

2
1

Sexism isn't getting better in Silicon Valley, it's getting worse

John Robson
Silver badge

I think it rather depends on :

a) how often you ask

b) how you ask

c) the context in which you ask

18
1

Home Ebola testing with a Tricorder? There's an app for that

John Robson
Silver badge

Re: With an iPhone?

The prime advantage of an iPhone is that they are readily available - and self contained. No need to get an extra screen and keyboard as well...

3
3

Boffins bust biometrics with inkjet printer

John Robson
Silver badge

Re: Not Surprised

more importantly - it looks like the technology on those readers hasn't improved much...

What can you do to defend against a printed fingerprint? Look at vein structure and heat as well?

2
3

Software dev 101: 'The best time to understand how your system works is when it is dying'

John Robson
Silver badge

Re: Is it just me ..

I did specify lab testing..

We used to do this at a previous place of employment - we'd run simulations etc, then we'd test on the real world. But we'd do so in a non destructive manner (fairly easy, we were testing torrenting performance, so we contributed as much as we could to the swarm)

They replayed an old set of data into the system in a lab...

This is a *good* time for the failure to occur.

0
0
John Robson
Silver badge

Re: Is it just me ..

In (lab) testing I want them to fail - and this is what happened here.

They tested against a known large load - and it fell over. They tweaked it and now it doesn't

That's the point of this testing...

4
0

BBC telly tax drops onto telly-free households. Cough up, iPlayer fans

John Robson
Silver badge

Re: Taxation Without Representation

We all pay taxes for things we don't use.

Some people don't use the health service much, others don't trouble the education system.

Some don't ever use the jails, or the rubbish collections...

That's kind of the point of taxes...

The BBC tax is somewhat anomolous because it is a flat rate - it's a per household tax, unrelated to income or wealth (at least council tax is related to the value of your home, so some loose indication of wealth)

0
0

Google robo-car backs into bendy-bus in California

John Robson
Silver badge

Re: Pfft! Stupid meat bag!

a) lidar still needs to be able to see the sandbags - which it did, but only after trying to make two lanes out of two.

b) the car has been programmed to ease traffic flow - that does mean asserting priority at times, else the whole system shuts down...

So it understands priorities and common behaviour (in this case making the lane into two lanes on approach to a junction is apparantly common practise, mostly because the American't can't paint - or don't stop at red lights... ;) )

So it started the two lane manouvre, as would a human, then had to stop - and pulled back into a gap in the traffic. Note that the traffic was still in it's own lane - so it could reasonably determine that it had priority in this situation. The bus driver either assumed it was parking or didn't give a monkeys about priority - we'll probably never know which.

0
0

Forums