* Posts by Duncan Macdonald

346 posts • joined 20 Mar 2009

Page:

Cheap virtual box hosters – Amazon's Lightsail is out to destroy you (yes, you, Digital Ocean)

Duncan Macdonald
Silver badge

What is the point ?

Unless you have a very intermittent large demand - why use a cloud service?

For any reasonably predictable demand on-site equipment is almost certain to be cheaper (except for web hosting if you have a poor internet connection).

(Taking the pricing given by Platypus in his Yawn comment above - 2 cores 2GB RAM and 40GB SSD works out to $240/year - a new 4 core 4GB RAM 128GB SSD Lenovo B50-10 Laptop can be purchased for £280 on ebay - in less than 2 years this system will cost less that the lightsail setup while being twice as powerful as the lightsail setup. )

Also using an onsite server means that your data is not exposed to the NSA and whichever US companies they feel like selling it to.

5
0

Behold, your next billion dollar market: The humble Ethernet cable

Duncan Macdonald
Silver badge

Only 1 billion ?

With all the cabling in computer centers and connections to desktops/printers/etc I am surprised that the annual cost of the cables is that low. (As always however the cost of the cables is tiny compared to the cost of installing them - routing cables is labor intensive.)

2
0

Search engine results increasingly poisoned with malicious links

Duncan Macdonald
Silver badge

NoScript and AdBlock+

NoScript and AdBlock+ are now essentials for sane use of the internet.

I do not have Flash in any browser that I use - and as I cannot remove it from Edge I have blocked Edge (and IE and Cortana) from any internet access using the program control feature of Norton Firewall.

If an ordinary site is unusable with Noscript or AdBlock+ then I remove it from the sites that I visit.

6
0

Ageing GSM crypto cracked on commodity graphics rig

Duncan Macdonald
Silver badge

Re: Not a problem

The A5/2 cipher is MUCH WEAKER than the A5/1 cipher - it fact it is so bad that the GSM association prohibited its inclusion in new phones back in 2006. The A5/3 cipher is far stronger than the A5/1 cipher and is used in GPRS / EDGE mode. Note if you make a voice call anywhere with a poor signal then fall back to GSM mode with its poor security is likely.

2
0
Duncan Macdonald
Silver badge

Re: Is it me...

If the table is arranged as a ordered list then a binary search would find the answer in no more than 42 reads. With an SSD this would take well under 1 second.

As the rainbow table is not exhaustive (as it is far too small), several bits of the key must be determined by a computation (maybe by brute force) and this is what would take the bulk of the 9 seconds.

(An exhaustive rainbow table would require 2^64 entries - many exabytes.)

9
0

DNS devastation: Top websites whacked offline as Dyn dies again

Duncan Macdonald
Silver badge

Use old cache data ?

If the public DNS servers algorithm was changed to continue to use the entries whose TTL had expired if it was not possible to get a reply from a master DNS server would that have any severe effects ?

(I am thinking of providing responses to users with a 60 second TTL and requerying the master DNS servers at 60 second intervals until a response is received.)

0
1

NSA, GCHQ and even Donald Trump are all after your data

Duncan Macdonald
Silver badge
Mushroom

Waste their time

Send lots of heavily encrypted messages that when decrypted turn out to be bits of the Bible or Koran.

A few non-encrypted message attachments that contain weapon or rocket details extracted from public US documents should ensure that the spooks try to decrypt the rest of the messages. Send the messages to an Iranian embassy for even more amusement.

5
1

Open-source storage that doesn't suck? Our man tries to break TrueNAS

Duncan Macdonald
Silver badge
Thumb Down

Re: @TP

However the performance of 150MB/sec is so low that it cannot support more than one moderate server.

Either the disks have crappy performance or the server has horrible software. The network interfaces would allow for 2 GB/Sec per controller so the network efficiency is only 7.5 percent (or if both controllers can be used together then the network efficiency is only 3.75 percent).

In fact the performance is so low that the 10GbE connections are unnecessary - a bonded pair of 1GbE links could handle the 150MB/sec throughput.

As the system has only a single SSD for the L2ARC then it is only moderately high availability as the performance will degrade badly if that SSD fails - for a true high availability system there should be NO single point of failure

1
0
Duncan Macdonald
Silver badge
Thumb Down

Why hard drives and a storage server ?

With only 3TB of disk storage - what is the point of using a storage server with hard drives. Using 4 local 1TB 850 Pro SSDs would provide far better performance (and even better performance if the application server supports PCIe storage). The best case of 150MB/sec is pitiful compared to even the cheapest consumer SSDs.

3
2

Decade-old SSH vuln exploited by IoT botnet armies to hose servers

Duncan Macdonald
Silver badge

Best fix - DO NOT BUY IoT devices

With the current state of play IoT devices are for IDIoTs.

If for some strange reason you want an IoT device then connect it to a wireless network that has NO connection to the internet.

3
1

Nuke plant has been hacked, says Atomic Energy Agency director

Duncan Macdonald
Silver badge

Re: PDP-11

Training ENGINEERS yes - training COMPUTER SCIENCE GRADUATES no.

Confront a modern computer science graduate with a system with no GUI, code written in assembler and low level C and watch him (or her) run away as fast as possible.

Most (if not all) computer science graduates are unable to conceive of a system that is expected to run UNCHANGED for 20 years.

For critical industrial systems it is far better to get the coding done by engineers than by computer science graduates.

10
0

Firefox to doctor Pepper so it can run Chrome's PDF, Flash plugins

Duncan Macdonald
Silver badge

Re: unsafe at any sandbox

The play/pause/seek/volume buttons can be part of the viewer - not the script supplied by the website. (If Windows Movie Player can implement these functions when playing a .wmv file then there is no reason why a Flash viewer could not implement these functions when playing a Flash video file.)

For most users of Flash - it is only used to play videos. For these users a crippled Flash that completely ignored all the scripting commands would be adequate. (Getting the website to change to HTML5 <video> would be better - but do not hold your breath.)

3
2
Duncan Macdonald
Silver badge

Re: unsafe at any sandbox

What is needed is a crippled Flash that can ONLY play videos - with ALL the scripting removed. Likewise for the PDF viewer - it should only display and print PDF files with ALL the interactive and scripting bits removed. If this was done then the result would satisfy 99% of web users needs without the horrible security holes that the scriptable plugins have.

23
2

IPv4 apocalypse means we just can't measure the internet any more

Duncan Macdonald
Silver badge

Re: I don't want to be measured!

Users do NOT control the code in a IoT device - the only way to limit its access to and from the internet is to have some type of firewall device that does not let its traffic through. A NAT router will stop J Random Hacker on the internet from connecting to the IoT device but will not block the IoT device from sending information out unless the NAT router has a firewall rule blocking outgoing traffic from the IoT device.

Of course the best way to block traffic from IoT devices is to never buy them.

For non-PC network devices (e.g. printers), access to and from the Internet should normally be completely blocked. (If IPv6 has to be used then such devices should ONLY be allocated a link local address to break any communication with the Internet.)

2
0

Google-funded group mad that US Copyright Office hasn't abolished copyright yet

Duncan Macdonald
Silver badge

IIRC and Usenet

Almost any book that is worth reading (and many that are not) can be found on Usenet or the IIRC groups. The copyright laws have proven incapable of preventing this - and the politicians are not interested. The politicians are only interested in the media companies who make big donations (Hollywood, big music etc) - these companies (Disney being one of the worst offenders) have pushed for the copyright term to be raised to its current stupid length.

Copyright should be limited to no more than 20 years from first publication (or public viewing for films).

12
10

L0phtCrack's back! Crack hack app whacks Windows 10 trash hashes

Duncan Macdonald
Silver badge

Car reg + serial number

In the UK at least the combination of a neighbours car number and the model number on a bit of equipment is likely to be secure and yet still easy to use.

An example (not one that I use!!!)

S357HGKAOA110Ab where S357HGK is a car registration number and AOA110Ab is the model number of a netbook.

(The car reg number above is a made up number - I do not know if it is still in use.)

0
0

Deep inside Nantero's non-volatile carbon nanotube RAM tech

Duncan Macdonald
Silver badge
Headmaster

Error ms is millisecond not microsecond

A bit of editing needed in the paragraph

NRAM seems to be far faster than XPoint, and could be denser. An Intel Optane DIMM might have a latency of 7-9ms (7,000-9,000ns). Micron QuantX XPoint SSDs are expected to have latencies of 10ms for reading and 20 ms for writing; that’s 10,000 and 20,000ns respectively.

it should read

NRAM seems to be far faster than XPoint, and could be denser. An Intel Optane DIMM might have a latency of 7-9us (7,000-9,000ns). Micron QuantX XPoint SSDs are expected to have latencies of 10us for reading and 20 us for writing; that’s 10,000 and 20,000ns respectively.

8
0

Pump-priming the new ampere: NIST works to count electrons in silicon

Duncan Macdonald
Silver badge

Reverse the definition

I coulomb is defined as the charge that flows in 1 second in a current of one ampere. So a current of 1 ampere is a flow of one coulomb per second.

Define the coulomb as a specific number of electrons and the definition of the ampere then becomes the flow of that number of electrons in one second.

The ampere would then be a formally defined unit.

1
2

Li-Fi with my little eye … a vulnerability

Duncan Macdonald
Silver badge

Re: Reliability & infrastructure - bandwidth and interference

Using Li-Fi instead of Wi-Fi can provide higher bandwidth and no interference between adjacent rooms. The biggest advantages might come in places like conference centres where the Wi-Fi is often saturated.

0
0

Touchy iPhone 6, 6 Plus chips prone to breaking down and giving up

Duncan Macdonald
Silver badge

Re: That's what people get

An analysis of the Iphone 6 by TechInsights gives a construction cost of $242.50 per phone - if Apple was content with the usual profit margin for the industry then the end user price would be around £300 - of course being Apple the price was more like £600.

(The analysis by TechInsights can be found at http://www.techinsights.com/teardown.com/apple-iphone-6/ )

6
6

Kaspersky launches its own OS on Russian routers

Duncan Macdonald
Silver badge

Re: True microkernel approach?

Is the performance penalty of a micro-kernel a problem for industrial systems ? The available CPU power has increased so much over the last 2 decades that inefficient but secure systems are probably better for industrial control as most industrial systems do not do a huge amount of number crunching.

(A control system hand coded in C on a 486 could be replaced by an interpreted system running on a modern CPU and still be over 10 times faster.)

7
0

OpenFlow controller design killing SDN, say network boffins

Duncan Macdonald
Silver badge

Pre allocated or dynamically allocated - same overflow problem

Heaps and pre allocated buffers both overflow - the software MUST cater for the no buffer available condition in either case.

There is always a buffering limit set by the amount of memory in the system.

1
0
Duncan Macdonald
Silver badge

Object Oriented

It is not surprising that Object Oriented designs are less efficient - just like C++ is less efficient than Fortran when it comes to heavy duty mathematical processing.

Using a preallocated array is going to be faster than allocating space with NEW for each packet but current programmers have been brought up on C++ and other object oriented languages rather than the speed oriented FORTRAN language and do not realize that the elegance of object orientation comes at a cost in processing time.

1
0

Windows 10 Anniversary Update is borking boxen everywhere

Duncan Macdonald
Silver badge

Re: "Where every customer is a perpetual unpaid beta tester."

When a major "update" like this one is due - stop and disable the Windows Update Service - wait until there has been at least 2 further updates to correct the worst of the problems before re-enabling the service. (Disabling the Windows Update Service works on Home and Pro.)

2
0

Microsoft adds new 'Enterprise Products' section to privacy policy

Duncan Macdonald
Silver badge
Mushroom

And you believe them ?

All the agreement does is to say to M$ - interesting data here.

If you need to keep data private then do not have it on a system running a Microsoft OS that is connected to the internet.

3
0

Windows 10: Happy with Anniversary Update?

Duncan Macdonald
Silver badge

Re: Use a firewall to block Cortana

Use Spybot Anti-Beacon to disable the MS data slurping.

3
2
Duncan Macdonald
Silver badge

Use a firewall to block Cortana

Use the program control feature of Norton (or other) firewalls to stop Cortana from accessing the internet (and while you are at it block Internet Explorer and Edge as well. This will improve security and privacy. (Use Chrome or Firefox instead of IE or Edge. That way you can avoid the insanity of still using Flash.))

If you do not want the Windows App Store then another firewall rule to block access to the Windows Store will disable that annoyance.

3
1

BT sees 35% sales gain as it digests hearty EE meal

Duncan Macdonald
Silver badge

Re: Pension deficit = Cap Board salaries

If the pension deficit exceeds 10% of the value of the company then limit Board members salaries to a maximum of £1 million pounds per year (full time board members - pro rated for part timers). This would rapidly get the companies to reduce the deficit.

0
0

Verizon wants to replace your net gateways with 'a simple mux'

Duncan Macdonald
Silver badge

Security

How many business customers will trust Verizon with their network security ?

The business requirements of firewalls and data security will require considerably more than just a simple mux at the customer site.

3
0

Microsoft ordered to fix 'excessively intrusive, insecure' Windows 10

Duncan Macdonald
Silver badge

Re: Rather Late.... - Blackberry Playbook ?

Will not run most modern apps - but does not have intrusive advertising and was built with security in mind.

Still readily available secondhand.

8
0

For $800 you can buy internet engineers' answer to US government spying

Duncan Macdonald
Silver badge

Hopefully the H/W will shrink

A production unit (not this early prototype) needs to end up no bigger than a large USB stick for mass acceptance. A unit this size would only be acceptable in a few locations that need extreme security (especially as it needs its own power supply).

4
1

AT&T: We wanna be a drone company, not just a phone company

Duncan Macdonald
Silver badge

Tethered drones

Tethered drones seem like a good idea for some inspection jobs and for some of the Cell on Wings proposals - the flight time limit for almost all drones is determined by battery capacity. Between the cable weight and the lifting power of the drone (even with its battery removed) the range will probably be no more than about 500 ft.

1
0

Software bug costs Citigroup $7m after legit transactions mistaken for test data for 15 years

Duncan Macdonald
Silver badge

Re: A better question

Sometimes the only way to be certain that the production system actually performs in the same way as the development system is to exercise it with the same data. Without that check it is possible for the production system to have an unnoticed coding difference from the development system (Yes in theory this should never happen but in the real world it does happen that a patch fails to make it from development to production.) It is also possible that size differences between the development system and the production system can lead to errors (eg if there is a fixed size array that overflows) as in many companies the development/test systems are not as large as the production systems.

7
0

Amazingly insecure industrial control systems + internet = Cupful of nope

Duncan Macdonald
Silver badge
FAIL

Unpatchable control systems

Many control systems are so old that no one now has access to the source files or the build environment. Given those conditions the only safe thing to do is to keep them physically isolated from the internet - the engineers often know that but are overridden by stupid management who want the convenience of remote access without considering potential costs. (Building a new up to date control system would cost so much money that it is almost never done.)

If remote access is forced then using a dedicated firewalled gateway computer (NOT running Windows) may limit the damage. (Better still use 2 gateway systems - one connected to the internet and the second one connected to the control system with the link between the 2 using a protocol other than IP (for example DECNET phase 4) to make it difficult for an attacker to get from the internet to the control system.)

1
0

UK.gov rolls out 10 years' chokey for industrial scale copyright pirates

Duncan Macdonald
Silver badge
Flame

How big was the bribe ?

The existing rule requires that the infringement causes harm to the copyright holder - the new rule changes that to causing a risk of harm (the actual harm does NOT need to be proven).

As anyone who downloads a file using a torrent makes the file available to the public while downloading, this revised clause COULD be used to persecute individual downloaders.

Once this law takes effect, expect to see a large increase in the number of threatening letters from lawyers demanding huge penalties to avoid prosecution.

21
1

Linux letting go: 32-bit builds on the way out

Duncan Macdonald
Silver badge
Thumb Down

Netbooks

There are still a number of Netbooks around. With their Atom processors they are incapable of 64 bit operation but still work quite well with less demanding Linux builds. Ubuntu developers are saying that people with old hardware that they do not wish to upgrade or who cannot afford to upgrade are no longer worthy of consideration.

Cheap lightweight Netbooks still have a place as computers to take on holidays - the light weight does not burden a holiday maker excessively and the cheapness means that if it gets broken (or stolen) it is not a major expense.

56
3

Hey cloud lawyer: Can I take my client list with me?

Duncan Macdonald
Silver badge
Mushroom

Pen and paper and human memory

Copy the important information using the old method of pen and paper - no audit trail to incriminate you.

(If you are planning to leave then memorise the details of 2 or 3 clients each day and write them down after you have left the building. For most businesses the top 10 to 20 clients are the important ones and this amount of information can be extracted using human memory. This is usually legal (as well as untraceable) as using information that you remember is normally not prohibited.)

6
1

E-books the same as printed ones, says top Euro court egghead

Duncan Macdonald
Silver badge

Copyright infringement

Anyone who is determined to keep access to a borrowed ebook without paying would probably get the book from one of the many illegal sites. Almost any popular book becomes available within a few days of being published electronically. (If only published in hard copy then it takes about an extra month before a PDF generated from a scan appears.)

Copyright infringement because the term piracy is grotesquely incorrect .

13
0

It's [insert month] of 2016, and your Windows PC can still be owned by [insert document type]

Duncan Macdonald
Silver badge

Firewall and different programs

One way to make IE and Edge safer is to disable their internet access (I do it by using the program control feature of the firewall component of Norton). Firefox with Noscript and Adblock Plus (and no Flash) makes for a far safer Internet Browsing experience. Foxit Reader also seems to be more secure than Adobe Reader for handling PDF's. Finally use LibreOffice instead of Microsoft Office to get round even more problems.

2
4

DataCore dominating SPC-1 benchmark on price–performance

Duncan Macdonald
Silver badge
FAIL

Sorry - my mistake

I assumed that the SPC-1 benchmark was better protected against gaming - I was wrong.

Reading the SPC-1 Benchmark full disclosure for this test - it is actually running on Windows Server with caching software providing a huge in memory cache (of over 500GB). I had thought (incorrectly) that SPC-1 required separate client and storage server systems.

1
1
Duncan Macdonald
Silver badge

Parallelizing server IO

Nice idea - however it requires either rewriting either the Windows kernel (a bit difficult without the sources!!) or the Linux kernel (possible but VERY non-trivial) depending on what the server runs on.

Microsoft have very little incentive to rewrite the portions of the windows kernel needed for fully parallelizing the disk I/O and have a lot of incentive NOT to rewrite the kernel (cost and the certainty of introducing nasty bugs).

Rewriting the Linux kernel for fully parallel disk I/O without breaking existing user programs would require a lot of first rate talent with a corresponding high cost and no guarantee of a profit at the end.

The DataCore system is dedicated to I/O and does not need to support existing user programs (as they do not run on the box) so the company could write the fully parallel I/O code for a far lower cost.

1
0

Why Oracle will win its Java copyright case – and why you'll be glad when it does

Duncan Macdonald
Silver badge
Mushroom

Florian Mueller

Look at his record on Groklaw - I would not trust ANYTHING that he said.

This whole piece is yet another bit of Andrew's wishful thinking. He is hoping for the most confused, restrictive and legally supported IP laws possible in order to provide the maximum income for IP law consultants like himself.

75
8

Universe's shock rapidly expanding waistline may squash Einstein flat

Duncan Macdonald
Silver badge

MOND ?

If the MOND theory is correct then the Dark Energy and Dark Matter theories will go the way of the phlogiston theory of fire.

(The MOND theory explains the galaxy rotation paradox by gravity having a very weak 1/r field as well as the much stronger 1/r^2 field. For more details see https://en.wikipedia.org/wiki/Modified_Newtonian_dynamics )

1
0

Life after Safe Harbour: Avoiding Uncle Sam's data rules gotchas

Duncan Macdonald
Silver badge

Probably the only viable option.

4
0

Surface Book nightmare: Microsoft won't fix 'Sleep of Death' bug

Duncan Macdonald
Silver badge

Re: Anyone buying MS hardware deserves what they get.

Be fair - most of the Microsoft mouse designs have been very reliable. Just do not trust them for anything that needs software!!!

8
1

Airbus to build plane that's even uglier than the A380

Duncan Macdonald
Silver badge

Hyper Beluga

It would be interesting if Airbus did a Beluga design based on an Airbus 380 - how large a cargo could you get in such a plane?

3
0

Inside Electric Mountain: Britain's biggest rechargeable battery

Duncan Macdonald
Silver badge

It was even more impressive during construction

I was part of the team that produced the original computer based monitoring system (based on a PDP 11/34 with 2 RK05 disks (2.4MBytes each!!)).

To get the main overhead cranes into position, large mobile cranes were used which had about 6 inches of clearance coming down the main access tunnel - the crane driver was superb.

16
0

Super-slow RAID rebuilds: Gone in a flash?

Duncan Macdonald
Silver badge
FAIL

Get your maths right

A 72GB disk (not 720GB) will take 900 seconds at 80MB/sec

The first line in your table has an error 72GB is 0.072TB not 0.72TB

2
0

How 'flexible' can the UK actually be on EU data protection law?

Duncan Macdonald
Silver badge
Thumb Down

Useless

The UK government will appoint the members of the UK Supervisory Authority who will proceed to give a green light to whatever the UK government does.

It will be as useful as the USA's FISC which has not rejected a single spying request.

8
0

Hold on a sec. When did HDDs get SSD-style workload rate limits?

Duncan Macdonald
Silver badge

Why not bigger drives

For the large capacity lower performance market (array sizes in multiple petabytes) why do drives have to be limited to 3.5 or 2.5 inch sizes? Using the larger 5 1/4 inch size would allow far more data to be stored per drive.

2
0

Page:

Forums