* Posts by Duncan Macdonald

333 posts • joined 20 Mar 2009

Page:

IPv4 apocalypse means we just can't measure the internet any more

Duncan Macdonald

Re: I don't want to be measured!

Users do NOT control the code in a IoT device - the only way to limit its access to and from the internet is to have some type of firewall device that does not let its traffic through. A NAT router will stop J Random Hacker on the internet from connecting to the IoT device but will not block the IoT device from sending information out unless the NAT router has a firewall rule blocking outgoing traffic from the IoT device.

Of course the best way to block traffic from IoT devices is to never buy them.

For non-PC network devices (e.g. printers), access to and from the Internet should normally be completely blocked. (If IPv6 has to be used then such devices should ONLY be allocated a link local address to break any communication with the Internet.)

2
0

Google-funded group mad that US Copyright Office hasn't abolished copyright yet

Duncan Macdonald

IIRC and Usenet

Almost any book that is worth reading (and many that are not) can be found on Usenet or the IIRC groups. The copyright laws have proven incapable of preventing this - and the politicians are not interested. The politicians are only interested in the media companies who make big donations (Hollywood, big music etc) - these companies (Disney being one of the worst offenders) have pushed for the copyright term to be raised to its current stupid length.

Copyright should be limited to no more than 20 years from first publication (or public viewing for films).

12
10

L0phtCrack's back! Crack hack app whacks Windows 10 trash hashes

Duncan Macdonald

Car reg + serial number

In the UK at least the combination of a neighbours car number and the model number on a bit of equipment is likely to be secure and yet still easy to use.

An example (not one that I use!!!)

S357HGKAOA110Ab where S357HGK is a car registration number and AOA110Ab is the model number of a netbook.

(The car reg number above is a made up number - I do not know if it is still in use.)

0
0

Deep inside Nantero's non-volatile carbon nanotube RAM tech

Duncan Macdonald
Headmaster

Error ms is millisecond not microsecond

A bit of editing needed in the paragraph

NRAM seems to be far faster than XPoint, and could be denser. An Intel Optane DIMM might have a latency of 7-9ms (7,000-9,000ns). Micron QuantX XPoint SSDs are expected to have latencies of 10ms for reading and 20 ms for writing; that’s 10,000 and 20,000ns respectively.

it should read

NRAM seems to be far faster than XPoint, and could be denser. An Intel Optane DIMM might have a latency of 7-9us (7,000-9,000ns). Micron QuantX XPoint SSDs are expected to have latencies of 10us for reading and 20 us for writing; that’s 10,000 and 20,000ns respectively.

8
0

Pump-priming the new ampere: NIST works to count electrons in silicon

Duncan Macdonald

Reverse the definition

I coulomb is defined as the charge that flows in 1 second in a current of one ampere. So a current of 1 ampere is a flow of one coulomb per second.

Define the coulomb as a specific number of electrons and the definition of the ampere then becomes the flow of that number of electrons in one second.

The ampere would then be a formally defined unit.

1
2

Li-Fi with my little eye … a vulnerability

Duncan Macdonald

Re: Reliability & infrastructure - bandwidth and interference

Using Li-Fi instead of Wi-Fi can provide higher bandwidth and no interference between adjacent rooms. The biggest advantages might come in places like conference centres where the Wi-Fi is often saturated.

0
0

Touchy iPhone 6, 6 Plus chips prone to breaking down and giving up

Duncan Macdonald

Re: That's what people get

An analysis of the Iphone 6 by TechInsights gives a construction cost of $242.50 per phone - if Apple was content with the usual profit margin for the industry then the end user price would be around £300 - of course being Apple the price was more like £600.

(The analysis by TechInsights can be found at http://www.techinsights.com/teardown.com/apple-iphone-6/ )

6
6

Kaspersky launches its own OS on Russian routers

Duncan Macdonald

Re: True microkernel approach?

Is the performance penalty of a micro-kernel a problem for industrial systems ? The available CPU power has increased so much over the last 2 decades that inefficient but secure systems are probably better for industrial control as most industrial systems do not do a huge amount of number crunching.

(A control system hand coded in C on a 486 could be replaced by an interpreted system running on a modern CPU and still be over 10 times faster.)

7
0

OpenFlow controller design killing SDN, say network boffins

Duncan Macdonald

Pre allocated or dynamically allocated - same overflow problem

Heaps and pre allocated buffers both overflow - the software MUST cater for the no buffer available condition in either case.

There is always a buffering limit set by the amount of memory in the system.

1
0
Duncan Macdonald

Object Oriented

It is not surprising that Object Oriented designs are less efficient - just like C++ is less efficient than Fortran when it comes to heavy duty mathematical processing.

Using a preallocated array is going to be faster than allocating space with NEW for each packet but current programmers have been brought up on C++ and other object oriented languages rather than the speed oriented FORTRAN language and do not realize that the elegance of object orientation comes at a cost in processing time.

1
0

Windows 10 Anniversary Update is borking boxen everywhere

Duncan Macdonald

Re: "Where every customer is a perpetual unpaid beta tester."

When a major "update" like this one is due - stop and disable the Windows Update Service - wait until there has been at least 2 further updates to correct the worst of the problems before re-enabling the service. (Disabling the Windows Update Service works on Home and Pro.)

2
0

Microsoft adds new 'Enterprise Products' section to privacy policy

Duncan Macdonald
Mushroom

And you believe them ?

All the agreement does is to say to M$ - interesting data here.

If you need to keep data private then do not have it on a system running a Microsoft OS that is connected to the internet.

3
0

Windows 10: Happy with Anniversary Update?

Duncan Macdonald

Re: Use a firewall to block Cortana

Use Spybot Anti-Beacon to disable the MS data slurping.

3
2
Duncan Macdonald

Use a firewall to block Cortana

Use the program control feature of Norton (or other) firewalls to stop Cortana from accessing the internet (and while you are at it block Internet Explorer and Edge as well. This will improve security and privacy. (Use Chrome or Firefox instead of IE or Edge. That way you can avoid the insanity of still using Flash.))

If you do not want the Windows App Store then another firewall rule to block access to the Windows Store will disable that annoyance.

3
1

BT sees 35% sales gain as it digests hearty EE meal

Duncan Macdonald

Re: Pension deficit = Cap Board salaries

If the pension deficit exceeds 10% of the value of the company then limit Board members salaries to a maximum of £1 million pounds per year (full time board members - pro rated for part timers). This would rapidly get the companies to reduce the deficit.

0
0

Verizon wants to replace your net gateways with 'a simple mux'

Duncan Macdonald

Security

How many business customers will trust Verizon with their network security ?

The business requirements of firewalls and data security will require considerably more than just a simple mux at the customer site.

3
0

Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10

Duncan Macdonald

Re: Rather Late.... - Blackberry Playbook ?

Will not run most modern apps - but does not have intrusive advertising and was built with security in mind.

Still readily available secondhand.

8
0

For $800 you can buy internet engineers' answer to US government spying

Duncan Macdonald

Hopefully the H/W will shrink

A production unit (not this early prototype) needs to end up no bigger than a large USB stick for mass acceptance. A unit this size would only be acceptable in a few locations that need extreme security (especially as it needs its own power supply).

4
1

AT&T: We wanna be a drone company, not just a phone company

Duncan Macdonald

Tethered drones

Tethered drones seem like a good idea for some inspection jobs and for some of the Cell on Wings proposals - the flight time limit for almost all drones is determined by battery capacity. Between the cable weight and the lifting power of the drone (even with its battery removed) the range will probably be no more than about 500 ft.

1
0

Software bug costs Citigroup $7m after legit transactions mistaken for test data for 15 years

Duncan Macdonald

Re: A better question

Sometimes the only way to be certain that the production system actually performs in the same way as the development system is to exercise it with the same data. Without that check it is possible for the production system to have an unnoticed coding difference from the development system (Yes in theory this should never happen but in the real world it does happen that a patch fails to make it from development to production.) It is also possible that size differences between the development system and the production system can lead to errors (eg if there is a fixed size array that overflows) as in many companies the development/test systems are not as large as the production systems.

7
0

Amazingly insecure industrial control systems + internet = Cupful of nope

Duncan Macdonald
FAIL

Unpatchable control systems

Many control systems are so old that no one now has access to the source files or the build environment. Given those conditions the only safe thing to do is to keep them physically isolated from the internet - the engineers often know that but are overridden by stupid management who want the convenience of remote access without considering potential costs. (Building a new up to date control system would cost so much money that it is almost never done.)

If remote access is forced then using a dedicated firewalled gateway computer (NOT running Windows) may limit the damage. (Better still use 2 gateway systems - one connected to the internet and the second one connected to the control system with the link between the 2 using a protocol other than IP (for example DECNET phase 4) to make it difficult for an attacker to get from the internet to the control system.)

1
0

UK.gov rolls out 10 years' chokey for industrial scale copyright pirates

Duncan Macdonald
Flame

How big was the bribe ?

The existing rule requires that the infringement causes harm to the copyright holder - the new rule changes that to causing a risk of harm (the actual harm does NOT need to be proven).

As anyone who downloads a file using a torrent makes the file available to the public while downloading, this revised clause COULD be used to persecute individual downloaders.

Once this law takes effect, expect to see a large increase in the number of threatening letters from lawyers demanding huge penalties to avoid prosecution.

21
1

Linux letting go: 32-bit builds on the way out

Duncan Macdonald
Thumb Down

Netbooks

There are still a number of Netbooks around. With their Atom processors they are incapable of 64 bit operation but still work quite well with less demanding Linux builds. Ubuntu developers are saying that people with old hardware that they do not wish to upgrade or who cannot afford to upgrade are no longer worthy of consideration.

Cheap lightweight Netbooks still have a place as computers to take on holidays - the light weight does not burden a holiday maker excessively and the cheapness means that if it gets broken (or stolen) it is not a major expense.

56
3

Hey cloud lawyer: Can I take my client list with me?

Duncan Macdonald
Mushroom

Pen and paper and human memory

Copy the important information using the old method of pen and paper - no audit trail to incriminate you.

(If you are planning to leave then memorise the details of 2 or 3 clients each day and write them down after you have left the building. For most businesses the top 10 to 20 clients are the important ones and this amount of information can be extracted using human memory. This is usually legal (as well as untraceable) as using information that you remember is normally not prohibited.)

6
1

E-books the same as printed ones, says top Euro court egghead

Duncan Macdonald

Copyright infringement

Anyone who is determined to keep access to a borrowed ebook without paying would probably get the book from one of the many illegal sites. Almost any popular book becomes available within a few days of being published electronically. (If only published in hard copy then it takes about an extra month before a PDF generated from a scan appears.)

Copyright infringement because the term piracy is grotesquely incorrect .

13
0

It's [insert month] of 2016, and your Windows PC can still be owned by [insert document type]

Duncan Macdonald

Firewall and different programs

One way to make IE and Edge safer is to disable their internet access (I do it by using the program control feature of the firewall component of Norton). Firefox with Noscript and Adblock Plus (and no Flash) makes for a far safer Internet Browsing experience. Foxit Reader also seems to be more secure than Adobe Reader for handling PDF's. Finally use LibreOffice instead of Microsoft Office to get round even more problems.

2
4

DataCore dominating SPC-1 benchmark on price–performance

Duncan Macdonald
FAIL

Sorry - my mistake

I assumed that the SPC-1 benchmark was better protected against gaming - I was wrong.

Reading the SPC-1 Benchmark full disclosure for this test - it is actually running on Windows Server with caching software providing a huge in memory cache (of over 500GB). I had thought (incorrectly) that SPC-1 required separate client and storage server systems.

1
1
Duncan Macdonald

Parallelizing server IO

Nice idea - however it requires either rewriting either the Windows kernel (a bit difficult without the sources!!) or the Linux kernel (possible but VERY non-trivial) depending on what the server runs on.

Microsoft have very little incentive to rewrite the portions of the windows kernel needed for fully parallelizing the disk I/O and have a lot of incentive NOT to rewrite the kernel (cost and the certainty of introducing nasty bugs).

Rewriting the Linux kernel for fully parallel disk I/O without breaking existing user programs would require a lot of first rate talent with a corresponding high cost and no guarantee of a profit at the end.

The DataCore system is dedicated to I/O and does not need to support existing user programs (as they do not run on the box) so the company could write the fully parallel I/O code for a far lower cost.

1
0

Why Oracle will win its Java copyright case – and why you'll be glad when it does

Duncan Macdonald
Mushroom

Florian Mueller

Look at his record on Groklaw - I would not trust ANYTHING that he said.

This whole piece is yet another bit of Andrew's wishful thinking. He is hoping for the most confused, restrictive and legally supported IP laws possible in order to provide the maximum income for IP law consultants like himself.

75
8

Universe's shock rapidly expanding waistline may squash Einstein flat

Duncan Macdonald

MOND ?

If the MOND theory is correct then the Dark Energy and Dark Matter theories will go the way of the phlogiston theory of fire.

(The MOND theory explains the galaxy rotation paradox by gravity having a very weak 1/r field as well as the much stronger 1/r^2 field. For more details see https://en.wikipedia.org/wiki/Modified_Newtonian_dynamics )

1
0

Life after Safe Harbour: Avoiding Uncle Sam's data rules gotchas

Duncan Macdonald

Probably the only viable option.

4
0

Surface Book nightmare: Microsoft won't fix 'Sleep of Death' bug

Duncan Macdonald

Re: Anyone buying MS hardware deserves what they get.

Be fair - most of the Microsoft mouse designs have been very reliable. Just do not trust them for anything that needs software!!!

8
1

Airbus to build plane that's even uglier than the A380

Duncan Macdonald

Hyper Beluga

It would be interesting if Airbus did a Beluga design based on an Airbus 380 - how large a cargo could you get in such a plane?

3
0

Inside Electric Mountain: Britain's biggest rechargeable battery

Duncan Macdonald

It was even more impressive during construction

I was part of the team that produced the original computer based monitoring system (based on a PDP 11/34 with 2 RK05 disks (2.4MBytes each!!)).

To get the main overhead cranes into position, large mobile cranes were used which had about 6 inches of clearance coming down the main access tunnel - the crane driver was superb.

16
0

Super-slow RAID rebuilds: Gone in a flash?

Duncan Macdonald
FAIL

Get your maths right

A 72GB disk (not 720GB) will take 900 seconds at 80MB/sec

The first line in your table has an error 72GB is 0.072TB not 0.72TB

2
0

How 'flexible' can the UK actually be on EU data protection law?

Duncan Macdonald
Thumb Down

Useless

The UK government will appoint the members of the UK Supervisory Authority who will proceed to give a green light to whatever the UK government does.

It will be as useful as the USA's FISC which has not rejected a single spying request.

8
0

Hold on a sec. When did HDDs get SSD-style workload rate limits?

Duncan Macdonald

Why not bigger drives

For the large capacity lower performance market (array sizes in multiple petabytes) why do drives have to be limited to 3.5 or 2.5 inch sizes? Using the larger 5 1/4 inch size would allow far more data to be stored per drive.

2
0

Intel loses its ARM wrestling match, kicks out Atom mobe chips

Duncan Macdonald
Mushroom

Who will now trust Intel ?

Companies building in a new field (like IoT) need confidence that their suppliers will be around for the long haul. Having see Intel abandon the phone and tablet market will make those companies reluctant to trust Intel to stay in the new markets - especially if the unit cost has to be low.

Intel have just effectively said "We only supply X86 chips to PC and server makers. We will not be in any other business EVER."

2
0
Duncan Macdonald

Hudl 2

This was an acceptable Android tablet powered by a quad core Atom - It sold quite well as it was cheap (£129) for a device sold in the UK with a 1 year warranty, decent screen and reasonable speakers.

It had a few disadvantages - it sucked power in standby as the Atom chip was nothing like as frugal with power as an ARM chip.

(The low price was in part due to Tesco including non-removable Tesco shopping apps.)

3
0

'Impossible' EmDrive flying saucer thruster may herald new theory of inertia

Duncan Macdonald
Thumb Up

Useful for satellites

If the results quoted by M E McCulloch in (http://arxiv.org/pdf/1604.03449v1.pdf) hold up to further testing, then getting over 0.75 milliNewton per watt with a very high Q cavity (row C1 in table 1) will have major implications for satellite design. Many satellites have lifespans that are determined by the exhaustion of fuel for positioning. If a few watts can be obtained from the satellites solar panels then this lifespan limit is removed. (One day at 10 watts with the above efficiency would change the velocity of a 1 ton satellite by over 60cm/sec - a fairly large delta-V in orbital terms.) The EmDrive could also provide a replacement for the reaction wheels used for fine positioning in space borne telescopes.

4
1

Storage with the speed of memory? XPoint, XPoint, that's our plan

Duncan Macdonald

NVDIMM

DRAM DIMMs with onboard NAND backup are already available - and they have the speed of DRAM. (The NAND is only used to take a copy of the DRAM data if the main power fails.)

For XPoint to succeed it must have much higher density than NVDIMM that beats it for speed.

2
0

Lock-hackers crack restricted keys used to secure data centres

Duncan Macdonald

Making a non-pickable electronic lock is possible

However when it breaks (always at the worst possible time) the lock (and possibly the door) will need to be physically destroyed to gain access.

(The lock issues a random challenge string encoded with its public key to the inserted key. If the inserted key is a valid one it will be programmed with the corresponding private key and will be able to decode the challenge and pass the decoded string back to the lock. If the decoded string is correct then the lock opens - otherwise it activates alarms.)

This method is not suitable for padlocks or other locations without electrical power.

3
0

Exploit kit writers turn away from Java, go all-in on Adobe Flash

Duncan Macdonald

One type of malware infects another type of malware

Remove the malware called Flash from your PCs and you are immune to the malware that uses Flash.

7
0

Line by line, how the US anti-encryption bill will kill our privacy, security

Duncan Macdonald
Mushroom

Evil one time pad

If you want to send an encrypted message - and still have plausible deniability - do the following.

1) Encrypt the message with a one time pad (simple XOR encryption - still unbreakable if each byte of the message is encoded by a unique byte of the pad and the pad is never reused)

2) Create an innocuous message of the same length

3) Create a fake "one time pad" as the XOR of the innocuous message and the encrypted message from (1)

If forced to decrypt the message - provide the fake "one time pad" generated in stage 3 which converts the encrypted message into the innocuous message from stage 2.

18
0

SpaceX's Musk: We'll reuse today's Falcon 9 rocket within 2 months

Duncan Macdonald

Re: "Merlin engines"?

The original merlin plane engine had the exhausts pointing straight out to the sides of the aircraft. When these exhausts were replaced by the bent ones that sent the exhaust out at a 45 degree angle backwards, they got about 70 hp of extra thrust.

See https://en.wikipedia.org/wiki/Rolls-Royce_Merlin#Ejector_exhausts for more details

7
0

Power9: Google gives Intel a chip-flip migraine, IBM tries to lures big biz

Duncan Macdonald

The real message

Intel you are going to give us chips at a much lower price aren't you - be a shame if something nasty happened to the prospects of your Xeon line of processors.

The old game of demanding discounts with the threat of going to an alternative supplier

6
0

We bet your firm doesn't stick to half of these 10 top IT admin tips

Duncan Macdonald

Nice Theory - but

1) How many outfits have all their IT systems set up correctly - all too often if one person has to provide temporary cover for another, the only way to do so is to log on as that other person. (Or wait weeks for all the authorization tables to be updated, additional user licenses purchased etc.)

2) See (1)

8) Proper procedures are good for routine activities - they are not much good under exceptional conditions.

(Crude example - the payroll printer breaks down on payday - there is no time to follow the "correct procedure" of repairing or replacing it but diverting the print job to a printer in another office allows the time critical payroll job to complete.)

Having "proper procedures" that take too long can result in a company loosing out to more agile competitors.

9) Security is not the second most important thing. Safety, company survival, company profits and company growth are more important. Also in many companies, senior management convenience is counted as far more important than security.

Security is an overhead - (people, software, equipment and employee time) so for most companies, they spend as little as possible on it. This tends to mean that the chief security officer for a company is a fairly low ranked person who can be easily overridden by senior management. (The correct point to stop with security spending in a company is at the point where the loss prevention from increased security no longer exceeds the cost of the increased security.)

Finally if security is applied with too heavy a hand, employee morale and productivity can suffer badly

2
3

The FBI lost this round against Apple – but it aims to win the war

Duncan Macdonald
Mushroom

Re: its got to be a biggy!.....er.....place your bets!

Seeing who the Presidential Candidates are at the moment - getting rid of any (or even better all) of them would be a public service.

1
0
Duncan Macdonald

Re: End of the War

PGP software already does hard encryption - and there are multiple public domain versions of this software available. (If feeling paranoid then follow the PGP encryption up by padding (at both ends) the PGP encrypted data with random bytes and then doing an AES-256 encryption of the result.) If the data is encrypted by this software and the user has properly protected his passphrase then decryption will require forcing the person to divulge the passphrase (maybe by torture of the person or his/her loved ones or by imprisonment). If (as was the case here) the person is dead then the data cannot be recovered.

Usenet has many millions of encrypted files posted on it. For anyone who wants to keep data secure and out of the hands of the FBI/CIA/NSA etc, posting the data as an encrypted file hidden inside one of the many encrypted RAR files on Usenet provides a good method. (if done carefully there will be very little to associate any given file on Usenet with any given person.) The big Usenet providers keep a copy of all files for several years.

1
0

Here's a great idea: Let's make a gun that looks like a mobile phone

Duncan Macdonald

Stable Door - Horse Bolted

There are so many guns in the USA (more than one per person) that the criminals can easily obtain them (even if they are legally prohibited from owning them). As the criminals ARE armed and will continue to be, removing guns from the law abiding population will just make criminals life easier.

Also gun deaths are not a major cause of death in the USA

Excluding suicide, the number of gun deaths in the US was approximately 12,000 in 2013 for a death rate of 35 per million people. The total number of deaths (all cause) in the USA was approximately 2217000 so the non-suicide gun deaths amounted to approximately 0.54% of the total deaths (1 death in every 185).

Accidental deaths were over 120,000 so a person was over 10 times as likely to die from an accident than they were from a gun (and over 100 times as likely to die from heart disease or cancer).

4
2

Page:

Forums