22 posts • joined 10 Nov 2008
Electronic Voting is Fundamentally Flawed
An important feature of a voting system is that everyone has a chance to see and have confidence that it's secure. This means understanding what happens every step of the way. Voting on paper and using ballot boxes makes this possible though even this simple system can be rorted. Compare this with electronic voting which is many orders of magnitude more complex. No one person can possibly understand all the code in the voting software, OS, encryption libraries, drivers, computer and networking device firmware.
Want to speed up the count with computers? No problem: OCR the ballot papers. Maybe they already do. It would need to be special and very conservative OCR to deal with handwriting and send anything with even the slightest ambiguity to a human. Spot checking would be routine and you could always fall back on a full manual count because you still have the all-important piles of paper that voters actually marked.
Re: Lightbulbs are perceived to have a short life
"LEDs are less than 50 percent the power of CF bulbs for twice the light output"
When I go down the lighting aisle I find that LED lights struggle to even match CF for efficiency. 80 lumens per watt seems to be about the best you'll get for either technology. Wake me up when I can buy a standard bulb replacement that beats 100 lumens per watt.
Telstra's DNS is Already Broken
Telstra already redirects DNS queries for non-existent domains to some advertising page in violation of DNS specs. You can opt out of this behaviour by manually configuring a different Telstra DNS server. Sadly this service has a high rate of false negatives which is probably also in violation of specs. It will occasionally tell me that sites like google.com or even theregister.co.uk don't exist ... until I push reload. I'm sure their new blocking rules will only make their DNS service even more reliable.
Re: "Mercury-rich devices like thermometers and blood pressure meters..."
Are you serious? How long do you think the mercury in a glass thermometer is going to stay sealed in glass once it's buried with tons of other waste and driven over by heavy equipment?
No Desktop Need to Push Volume
10Gbps is way faster than desktops need: 1Gbps is plenty for almost any application. So there goes the volume for 10Gbps hardware so it will say expensively in the server room.
In contrast, 1Gbps ports appeared on desktop motherboards very quickly after the standard was released. The datarate was a good match for what a hard drive could manage so it made sense. All-Gbps switch prices quickly became very affordable too. None of this is going to be true this time around.
Archive with Helium? Not a Good Plan!
They use Helium to test for leaks which is a clue that it's very good at doing just that. Some of your archival drives are going to fail strangely because the Helium has leaked out over the years. As it is, the big concern with using spinning disks for archival is that they don't have a specified shelf life like tapes do.
So, call me sceptical, but for now our archival drives are going to be Helium free.
Doesn't Add Up
110000 times 60GB is 6.6PB, not 11PB. Oh, wait: my guess is that this is the infamous assumption by tape vendors that you can compress all data by 2:1.
They're making 4TB drives now so 6.6PB is only 1650 drives. This doesn't seem like a ridiculously large array to me: you could fit in in five racks easily. Surely in backup/archive applications the drives could be powered down almost all the time with individual drives powered up as needed. The biggest win is that these drives can be accessed with just a standard SATA cable on just about any computer, compared to tape which needs an expensive drive, even more expensive software and probably SAS interconnect and HBA.
The only concrete win I can see for tape over disk is that it tends to be designed for archival purposes with consideration given to media life out to thirty years.
Disks Last ... Companies Fail
I wonder how M-DISC is different from Cranberry from 2009. The press release said "DiamondDisc: Stone DVDs Will Last 1,000 Years"; see:
but the company is apparently stone dead in less than two. The similarities of the product are so great that I'm betting the same tech is being re-incarnated at some level. Google finds me:
so this is the rebirth of a product that's been around for a while.
It's a shame something like this is taking so long to come to market. I guess most consumers have no idea just how bad burned optical media really is until they find years of irreplaceable digital photos and movies gone. I found the Cranberry $35 per disc offer tempting but never gave it a try.
No Blu-ray on Linux Anyway
There's no way to play Blu-Rays on Linux anyway so at least we're no worse off. I know I could fritz about with VLC player and MakeMKV and get most titles sort-of working but the percentage of people who go that route is going to be extremely small.
VPNs OS OK
You buy a VPN service from an OS provider. There are various flavours of VPN that appear to have encryption good enough to thwart the likes of ASIO. The trick lies in deciding which country to choose with the US and UK not looking good. I would have though Sweden might be a good choice until recently. There were some buccaneers there offering this kind of service but now you'd have to worry that you'd wind up in the frame for some kind of virtual sex offence and be extradited there:-). A VPN to anywhere should still at least make ASIO's life quite a bit harder though it might make you look more interesting to them too.
The tin-foil hat guys still have to worry about:
* ASIO breaking in to your place and planting keystroke loggers or similar;
* Back-doors in the VPN client you're using;
* ASIO cooperating with their equivalent in the country you've chosen;
* The VPN provider is a front for or infiltrated by spooks from somewhere;
* etc., etc., etc.
Hands-Free Just as Dangerous
There have been studies showing hands-free conversations are just as bad, if not worse, than holding a handset up to your ear. I think a blanket ban would be a good thing. I also think that bringing in such a ban would be a Humphreyesque "courageous decision" and so hold out little hope in the current Australian political climate (with a minority government). See:
Not Trusted for Long
* the root cert that Tunisia controls is already on the trusted list and
* Tunisia uses it to sign a cert used to spy on https://facebook.com.
One would hope this would be noticed, probably fairly quickly in view of this story. The signed cert would be solid proof of misuse of the root cert. Bringing this to the attention of Microsoft, Mozilla, Google and Apple would hopefully have them remove the Tunisian root cert from their browser's trusted list. It's a real worry that there are so many dozens of root certs currently on the trusted list. The current facebook.com cert is signed by DigiCert Inc.
Long Passwords are Safe
Just use good, long passwords and you're safe from this guy. A ten-character, random, mixed case alpha-numeric password will average 30000 years at 400000 per second. Realistically, passwords are often not random. Assuming four bits of entropy per character the time to brute-force a ten-character password comes down to a fortnight. If the 400000 figure is per node then it's a matter of how many nodes you buy and finding a ten-character password in less than a day is conceivable.
So, specify a sixteen-character password minimum to be safe. It's not like you have to type these in every day: they're typically entered into each computer once and saved. At that length it's getting hard to find dictionary words though I guess you'll still have idiots who manage to find a totally obvious pattern.
"Full HD Video" Deceptive
Sure it can do 1920x1080 progressive video ... at 24 frames per second only. Great if you're making a movie for projection in cinemas but not so good for display on a TV screen. To get 25fps or 30fps matching TV standards you have to switch down to 1280x720 resolution. Given the tiny difference between 24 and 25 this has to be a limitation driven by marketing and not by technology. In due course Nikon will presumably have something that can to 1080p25 and 1080p30 but at a higher price.
So I guess this is the first known critical vulnerability for Windows 2000 that Microsoft won't release a public patch for. Time to upgrade people.
Sorry if I gave the impression that I thought it was a good idea to ban encryption. I am suggesting they might try to do something like banning it for Torrents and/or other P2P. Good luck denying you were participating in an encrypted swarm when one of your peers was a government stooge. As for the argument about banks needing encryption to pass around information; in the unlikely event they're using P2P for this now they could easily change to some other encrypted protocol or simply obtain some kind of commercial exemption.
So, to be clear, I personally think citizens have the right to privacy and free speech and should be completely free to use encryption as they see fit. I'm worried that the government will try to trample on this right in the name of copyright enforcement. The new plan would even allow MPs to disclaim responsibility for the laws (regulations?) which won't have been passed by the parliament.
For those feeling smug about encryption: what's to stop it being banned, at least in certain circumstances? As an example (playing devil's advocate) why do we need encrypted torrents if all we're passing around is open source distros? I'm not sure it's so clear-cut that technology can beat the law. Note that, when I say the law here, I'm talking about the written legislation and statutes, not the enforcers and prosecutors thereof.
"Brick" doesn't mean this
To "brick" means means to render the hardware permanently as useful as a brick. This anti-virus screw up will, at worst, mean re-installing the OS with a very good chance of some data loss. It's bad ... but not _that_ bad.
OpenID Provider Only?
Microsoft have been an OpenID provider for some time, i.e., they allow you to use Windows Live ID to log into other services. They don't currently allow you to do the reverse, i.e., use another OpenID provider (like Google or Yahoo) to access Windows Live ID. OpenID is going to end up being pretty pointless if all the big players stay this way; all take and no give.
Their web site says that you can
"Login to websites with a single click"
"It is Your responsibility to review this Agreement prior to each use of Your I-Card"
So, before you click, you have to visit their web site and read many pages of legal mumbo-jumbo. Password headaches sound minor by comparison.
Misleading speed difference
The article is misleading. A 1xDVD spins just three times faster than a 1xCD. The higher data density of DVDs accounts for the factor of ten figure quoted.
So, a 16xDVD spins at the same speed as a 48xCD. Pushing out to 20xDVD is much like the CD people pushing out to 60x. The limiting factor is the physical strength of the media. The faster you spin, the bigger the chance that the whole disc will just fly apart. Polycarbonate shards are not nice; are you feeling lucky! Pioneer's proprietary technology to spin faster could be stronger discs or better public liability lawyers. I'll take the safety clothing either way.
- Product round-up Coming clean: Ten cordless vacuum cleaners
- Vulture at the Wheel Ford's B-Max: Fiesta-based runaround that goes THUNK
- Worstall @ the Weekend BIG FAT Lies: Porky Pies about obesity
- Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
- 'Snoopers' Charter IS DEAD', Lib Dems claim as party waves through IP address-matching