* Posts by John Robson

1492 posts • joined 19 May 2008

Is ATM security threatened by Windows XP support cutoff? Well, yes, but …

John Robson
Silver badge

Nearly - but if I had a zero day on XP embedded in my pocket now I woulnd't use it for a couple of weeks.

Then I know that if it still works it will always work. AND I can also check the patches issued for whatever followed WinXP Embedded to see if the flaws fixed also existed in the older OS - and again, I know they won't be patched.

The opportunities for exploit are much higher if I know that the systems will never be patched.

12
1

Motorola splashes £817m buying out police comms biz Airwave

John Robson
Silver badge

Re: Manx Telecom

Because the 80% coverage that all the networks claim to have is the same 80% as each other - possibly there are few little areas of difference, but it won't get above 85%, even if you merge them all..

1
0

Free HTTPS certs for all – Let's Encrypt opens doors to world+dog

John Robson
Silver badge

Re: 90 Day Expiry

Bad form replying to myself - but I don't need to do anything wierd with DreamHost:

https://www.dreamhost.com/blog/2015/12/03/lets-encrypt-and-dreamhost/

It should be really easy!

1
0
John Robson
Silver badge

Re: 90 Day Expiry

So renew it every month by cron - how hard can it be? Looks like a simple command to retreive a new cert, and then have a simple root script copy that into place and kick apache?

I haven't played with this yet - but I will do once my current change freeze is over...

I wonder if I can do wierd things with DreamHost?

2
0

Google snoops on kids via Chromebooks, claims EFF in FTC filing

John Robson
Silver badge

Really?

"This allows Google to track, store on its servers, and data mine for non-advertising purposes, records of every internet site students visit, every search term they use, the results they click on, videos they look for and watch on YouTube, and their saved passwords."

Every search term, every result and every youtube video - all of those are under Google's control at the other end so of course they can monitor them...

Most sites nowadays are accessed through a search, so every site is only a small extension of that...

Saved passwords - shock horror, not quite sure that they have the time or inclination to find an individual 7 years old's password to an educational games site....

Yes - the settings should be off by default, or at least be presented on a first boot/account creation basis...

0
0

Competition watchdog dismisses plans by TfL to uber-regulate Uber

John Robson
Silver badge

And presumably it's not a UK only valuation...

But the tax system is, in general, a complete shambles

6
0

Court: Swedish ISPs can't be forced to block Sweden's Pirate Bay

John Robson
Silver badge

And any speeding tickets you get in Germany can be handed back to the government to pay...

Shame you can't pass them back to the car manufacturer, but the government will have to do...

0
0

Uber Australia is broke: 'We don't pay tax because we don't generate revenue'

John Robson
Silver badge

Re: It beggars belief...

"As I understand from the very broad definition, If you're getting paid, it's an enterprise. If you're not getting paid, it's a car share."

I don't think it unreasonable to expect some remuneration towards petrol & wear and tear (as defined by your government's own tax office).

Car sharing without is fine if you drive half the time, and I drive the other half, but if you always do the driving then I'm not contributing appropriately to the arrangement - paying 50% of the relevant milage rate seems fair to me - and probably good for you as well.

Carry two people to work (which I could easily have done at a previous job and you can either cut the costs in 3, or maybe everyone you carry is happy to put in 50% - in which case your own commute is free.

1
1
John Robson
Silver badge

Re: It beggars belief...

"If the goal is to help cover your commuting cost then my instinct would be that such an arrangement would not qualify, so long as the trip would have been made regardless of any paying passenger."

That was the case I was putting forward. But I can't quite work out how you would decide where that case stops...

Presumably where your petrol & wear costs are more than covered?

0
0
John Robson
Silver badge

Re: It beggars belief...

Interesting - but is a driver who, for instance, accepts a fare each way on their regular commute acting as an enterprise?

I'm not entirely convinced that they are - it's just a dynamic, and large, car pooling service.

Obviously if you are just driving around all day grabbing fares then you are operating as an enterprise...

How far out of your way do you have to go to become a taxi rather than a car share?

1
6

Tech firms fight anti-encryption demands after Paris murders

John Robson
Silver badge

Re: WRONG

Maybe because they shouldn't have been reading it without a warrant.

And those warrants are so hard to get, you need to convince a judge and everything...

The VCR legality case, where significant non infringing rights were established, seem s applicable here. There are significant non infringing uses for cryptographics. Therefore they should remain legal, despite the potential for 'missing' a terrorist you knew about anyway...

3
0
John Robson
Silver badge

Re: Join up your thinking

"American senator Dianne Feinstein, who chairs the US Senate Intelligence Committee, told MSNBC: "If you create a product that allows evil monsters to communicate in this way, to behead children, to strike innocents – whether it's at a game in a stadium, in a small restaurant in Paris, take down an airline – that is a big problem.”"

How did they get to those places - by road. What did the Romans ever do for us?

26
0

Car radars gain sharper vision after ITU assigns special spectrum slice

John Robson
Silver badge

Re: I always wonder...

It's been done with a video camera and a 150? "pixel" square on the tongue...

Allowed someone to go rock climbing IIRC...

Edit: Added:

BBC news link (2011)

Discover Magazine link (2008)

611 electrodes in an array on his tongue.

3
0
John Robson
Silver badge

Re: Interesting link

Can your eyeballs penetrate fog? Not really.

Why assume that this is the only system available - advantage of sensor arrays is that you can easily design a few of them - 79GHz, and optical, and IR, and???

Some might not work very well in fog, but between them they will easily exceed the capacity of the plasmic scanner available to the current control system...

2
0

BitLocker popper uses Windows authentication to attack itself

John Robson
Silver badge

Re: Sadistic?

- Is that, typically once a quarter, really so insufferable?

Once a quarter? Try every 30 days (i.e. not quite aligned to months)

Particularly when you normally work remotely (at a client site) and therefore don't get any warnings of password expiry...

2
0

Child abuse image hash list shared with major web firms

John Robson
Silver badge

MD5 Bad....

PhotoDNA - I hope it's somewhat better...

2
0

California cops pull over Google car for driving too SLOWLY

John Robson
Silver badge

"Without valid reason..."

So you are suggesting that conforming to the Californian regulations for their vehicle (which was in California at the time) wouldn't be a valid defense if for some odd reason they chose to prosecute a purely Californian case in Germany???

0
0

CloudFlare drinks the DNSSEC kool-aid, offers it on universal basis

John Robson
Silver badge

Re: Trust is supposed to be a two way street

That's why there is LAV (Look Aside Validation) - so you can have alternative checks of the key's validity.

It's a bit like saying that IPv6 hasn't been fully deployed so we shouldn't bother

1
0
John Robson
Silver badge

Re: All I want to know

No - and it doesn't make you coffee either...

It alows you to verify that the record you just got back from your query to theregister.co.uk was indeed signed by The Register, as authenticated by ".co" as authenticated by ".uk" as authenticated by the root.

Given that you visit frequently you can also use a preload or triangulationto further verify that the cert chain hasn't been tampered with.

You could of course add DNSCurve to secure the request/response to/from the DNS server you spoke to, but they probably keep logs anyway.

There is no reason DNSSEC cannot be used with DNSCurve - and you can add preloads and triangulation, amongst other things to provide further verification [more importantly to increase the cost of an attack, since that is all we can ever really do]

When diud you last clear out the 600+ certificate authorities in your browser?

3
0
John Robson
Silver badge

DNSSEC does provide a decent chain of trust though - you can see who you are trusting in the URL, no need to check that the cert isn't issued by a dodgy elbonian authority.

It could also allow a sideband transfer of HTTPS certs, allowing those certificate chains to be combined into one, easily visible chain of trust.

3
0

Thin Client Devices Revisited

John Robson
Silver badge

I use a thin client...

an iPad - add mouse support and they are great little devices.

I access a full fat Linux desktop running in a virtual frame buffer usinf X11VNC over a VPN tunnel.

The fact that it happens to be on a VPS in some far off datacentre doesn't ever seem to cause an issue. Of course I'm not doing anything too challenging on it...

When I contracted for the NHS they had CAROL (Computer Access Regardless Of Location) and it was nice to disconnect in one office, drive home, then 6 hours in the other direction and sit down at a random desk to the same desktop, with the applications still running....

I did manage to kill it once (I went to IT and suggested that I might, and could I have a test server - It'll be fine they said. When 20% of the office got simultaneously disconnected they gave me a test server)

3
0

Your taxes at work: Three hours driving to turn on politician's PC

John Robson
Silver badge

Really - there wasn't a cleaner or anyone else in the building...

...that she could have asked what colour the light was?

I'd have suggested she grab someone off the street to check the colour. I am presuming that this is before the days of camera phones, where a simple picture message of the light would have done the job...

8
1

US military readies drone submarine hunter

John Robson
Silver badge

Re: WTF, ok i may be a little late to the party but !!!

Alot of salaries on a destroyer..

Random destropyer picked on wikipedia - 35 officers, 218 men.

And that ignores any consumables...

3
0

Virgin Media whines about Sky's customer service claims, ad watchdog agrees

John Robson
Silver badge

Re: Why only private companies

Apparently three people disagree and think that collisions are better at higher speeds. I just hope they don't get trusted with a couple of tons of metal with a significant power plant in it on a regular basis.

1
3
John Robson
Silver badge

Re: Why only private companies

Speed is however a massive factor.

It increases the energy involved in any collision. Since the energy is proportional to the square of the speed even relatively small speed increase makes a significant increase in the energy brought to the scene.

It decreases the time available to react to any situation - whether that be a mechanical failure or a human failure on your own or someone else's part. It also increases the distance required for that reaction to occur - compounding the difficulty.

Obvioulsy travelling at 30mph (relative to what?) doesn't kill, but the energy which does kill people is readily available at speed, and judging by the number of road deaths each year is beyond the capacity of many people to reliably control...

1
4
John Robson
Silver badge

Re: Why only private companies

Take GoSafe who run the speed cameras in North Wales and areas of England, all material they produce states "we don't hide cameras", "speed kills"; both claims have been proven to be untrue or cannot be proven

Find me an accident that would have killed someone if noone had had any speed - speed kills... Obvious innit.

(Yes, I know it's the sudden stop - or the sudden start in the even that you hit someone else, which is more likely at high speed than low)

0
0

E.ON fined £7m for smart meter fail

John Robson
Silver badge

Re: And for customers who say "sod off"?

230MW isn't much compared with the grid overall, but it is still 230MW which we don't need to be supplying...

I might have to get myself a natural gas powered generator for blackouts...

0
0
John Robson
Silver badge

Re: And for customers who say "sod off"?

"But can you see both meters from the kitchen and do they give readings using your current tariff in pounds and pence?"

No - but that doesn't stop me turning off the lights, and leaving various items on standby - because I'm happy to burn a few watts continuously in the name of convenience.

A few watts will take hundreds of hours to become a kWH, at which point it costs me somewhere in the region of 10p, depending on the time of day. I don't need to consult a screen constantly, because I've done the sums and am happy with them....

I'll guarantee one thing - the new meters will take more power than the old ones did.

Whilst *I* might not care too much about 1Watt over a few million installations that adds up and that's several MW the grid now has to find.

2
0
John Robson
Silver badge

And for customers who say "sod off"?

I have stuff running on mains - you can switch my meter live if you must switch it at all...

I don't need a new meter to tell me that I am using electricity - or how much.

The current one already does that. No supplier has read it in years because I supply readings periodically.

5
0

Royal Mail mulls drones for rural deliveries

John Robson
Silver badge

Where we're going, we don't need a letterbox...

Just drive through the wall...

4
0

What the Investigatory Powers Bill will mean for your internet use

John Robson
Silver badge

Assuming HTTPS - then yes. But since they can just issue a warrant for those logs anyway (assuming a UK server)

My only point was that NAT isn't a perfect anonymisation tool as implied in the article. There is alot of information leakage...

1
0
John Robson
Silver badge

And which machine is in use behind NAT can be inferred from UA headers etc. Which can easily be enough to ID a user...

3
1

Microsoft Band 2 wrist watchers in pay-first-ship-much-later rage

John Robson
Silver badge

Re: How much?

That looks like a sum, so I get $900 for getting one of these?

I might even be tempted at that price

1
0

Lithium-air: A battery breakthrough explained

John Robson
Silver badge

Re: Oxygen makes things burn brightly

Yes - because obviously we camn't vent the oxygen into the atmosphere.

Apollo 1 had a high pressure pure oxygen atmosphere - not quite comparable...

34
1

End in sight for wireless power standards war as field shrinks to two

John Robson
Silver badge

I sometimes carry a pair of laptops, pair of phones and my tablet between home and work - I consider that to be massively excessive, but it's useful occasionally

Carried cable count: 0

I have a docking station and charger for the laptops at work, and a pair of chargers at home.

The phones both take MicroUSB, one lasts 10 days, the other 2 - so they very rarely need charging at the same time, but there is a cable on my desk and by the sofa.

The tablet takes a proprietary connection - and there is a cable for it at work and at home.

When I go on holiday I'll normally take a USB charger and one of each cable type... Maybe take two (one for me, one for the wife)

0
0

Skype founders planning non-drone robodelivery fleet. Repeat, not drones

John Robson
Silver badge

Re: @John Robson Mast Needed

@ Turtle...

I drive a recumbent most of the time, and a flag or mast makes neglibible difference to visibility to motorists.

I dont' see many flags/masts here: Google images

I've been commuting by 'bent for 7 years now, and my worst incident occured when I had colourful 2" wide 6' long kite streamers on a fishing whip and an 18" england flag at the driver's eye level as well as being lit up like a proverbial christmas tree. The driver looked straight at me and failed to see me...

The issue is that motorists look for cars, not clear tarmac. That's why there are so many "SMIDSY" incidents with motorbikes, cyclists and pedestrians. If you claim you can't see this box-on-wheels then how do you avoid concrete blocks in the road?

How do you avoid dogs?

How do you avoid children?

Besides which this thing would only occasionally be crossing a road, so most of the time it should be safe from motorists, except that they can't seem to keep between the kerbs - motorists in the UK kill 40-60 people a year on pavements (this even excludes crossings where the pedestrian has priority)

1
1
John Robson
Silver badge

Re: Mast Needed

Yeah - because motorists can't see the white lines on the road, or the cats eyes between lanes, so how will they see anything taller than that?

0
2

Time Lords set for three-week battle over leap seconds

John Robson
Silver badge

Re: Why stop there?

@NumptyScrub - Metric, for all it's faults, is far less confusing when trying to learn the various measures; just learn the SI prefixes and you are good to go with mass, length, and volume right away ;)

Well, except for units of mass...

1
0
John Robson
Silver badge

Re: Why stop there?

Wow - I made two typos ;)

356.25 is close enough to convey the relationship I mean... If I typed 3.14 then you'd be able to fill in the rest.

The missing day is because I don't work on Friday (pick one at random)

Awkward was missing a "w" - That usually gets typed on that Friday....

0
1
John Robson
Silver badge
Boffin

Re: Why stop there?

60 and 24 are actually nice numbers - they have many useful factors.

That 364.25 is akward, but is the relationship between two fundamental properties of the planet (at the moment, one of those properties is gradually changing)

Yes - I know (hope) you were being sarky, but too many people blindly agree with that kind of nonsense...

6
1
John Robson
Silver badge

Sorry - GMT wasn't recognised as *the* prime meridian until 1884

So it's only 130 years old...

3
1
John Robson
Silver badge

So basically

We are having a discussion to decide whether to keep a time standard that has only existed for a fairly short time (1765 - so less than the 600 years we are worried about into the future).

Yes, I'd like Greenwich to continue to be the centre of time, but it is just an arbitrary point on this roughly spherical planet. It isn't even at 0 degrees according to the shperoid used by GPS (no idea what shperoid is used by GLONASS/GALILEO etc)

Given that we can measure the variation in day length caused by the wind on the mountains - is "high Noon" really important? Cornwall is already 15 minutes "out", so we're talking about "High Noon" moving by ~600 miles in ~600 years (at our latitude)

I'd do away with BST as well, we could all agree to get up an hour earlier or later during some months if we really want to... Office hours are 9-5 in the Winter and 8-4 in the Summer. There, how hard was that?

10
0

'iOS 9 ate my mobile broadband plan'

John Robson
Silver badge

Re: Are you listening MS ?

You leave the tethering on by default?

Why?

1
1
John Robson
Silver badge

Re: I don't have a 'cellular' setting..

This - the toggle should be at the TOP - with all the other monile data options.

Why would it be so far "below the fold"?

It's an idiotic design decision...

4
0

Joining the illuminati? Just how bright can a smart bulb really be?

John Robson
Silver badge

Re: .re: Even if you want this...

@Charles Manning - It's really no more stupid than $150/metre gold speaker cables with $4000 speakers on the ends. The sound isn't any better than speakers and wire a tenth of that price.

That really depends on how much you've spent on the acoustics of the room (well, it does for the speakers, if not the cable)

0
1

ITU rubber-stamps '3D' audio format

John Robson
Silver badge

Re: Mono

And it is a single speaker - it just has more than one driver.

In the same way a battery is usually composed of multiple cells.

A disc is made of many platters.

etc...

0
0
John Robson
Silver badge

Mono

A single driver cannot be coaxial - because it has nothing to be coaxial with....

Of course it would also be a massive compromise in terms of frequency response - a decent multiple driver coaxial mono speaker with good crossovers is a nice bit of kit though ;)

1
0

How do you create an SLA and status page for the whole internet? Meet IANA: Keepers of DNS

John Robson
Silver badge

Re: Root hints...

It only has access to the root servers, they have access to the root zone, and tell me the "next step" DNS server to contact.

I don't use the root zone *file* at all - that's the job of the root servers, which are accessed via the root hints file (which is very rarely updated - and usually changes have at least a six month lead time, so you can reasonably update once every six months.)

0
0

'Death star' reaches out invisible hand, rips planet apart

John Robson
Silver badge

Re: Now, that is something

So aroudn a dwarf star a dwarf planet is called a planet, not a dwarf planet?

4
1

Wait a minute, Doc! Are you telling me that you built a self-driving car ... out of a DeLorean!?

John Robson
Silver badge

That's the best...

description of rally driving I've heard in a while, and an excellent piece of research - I can't wait for autonomous vehicles to start drifting round mountain hairpins that currently take a three point turn for most people...

0
0

Forums