Feeds

* Posts by Duncan Macdonald

169 posts • joined 20 Mar 2009

Page:

The future health of the internet comes down to ONE simple question…

Duncan Macdonald

Do we still need ICANN ?

There are very few (if any) IP4 addresses left to distribute. The IP6 address range is so huge that each country could be given a range of over 10^18 addresses without making a dent. Give the ITU the job of approving additional extensions (e.g. .politics !!!) and appointing the registrars for the non-country domains. Give each county the control over its own domain (e.g. .uk) and leave it up to the individual countries how they administer their own domains. Existing IP4 address range allocations would become permanent assets of the organisations that currently own them (they could be sold if no longer needed).

10
0

Comet Siding Spring revealed as flying molehill

Duncan Macdonald
Mushroom

Re: It is is still an E.L.E. - No it is not

A 450m diameter comet nucleus is not even close to being large enough to be an extinction level event.

It could cause local devastation and some global cooling (due to dust) but it is too small to cause major global damage. If (for example) such an object hit in the middle of the UK there would be little damage (if any) to more distant parts of the EU (e.g. Italy and Spain) let alone to the rest of the world.

This comet masses less than 1/1000 of the dinosaur killer asteroid and therefore has less than 1/1000 of the energy release on impact.

2
0

A drone of one's own: Reg buyers' guide for UAV fanciers

Duncan Macdonald

For kids - gyro stabilised small quadcopters

The current small gyro stabilised quadcopters (e.g. the Hubsan X4) can be flown by complete novices. These are R/C models - not drones so no GPS but the stabilisation is carried out by the quadcopter not the pilot so they are easy to fly. They are also cheap (at under £60) so if a kid does break one it is not the expensive disaster that would be with a high end model at over £1000.

Do not let a kid loose on a big quadcopter until they are good with one of the small models.

6
0

Pen-testers outline golden rules to make hacks more €xpen$ive

Duncan Macdonald

Re: let me see if I've got this right.

Unfortunately two very common apps - Word and Excel - have scripting built in - good luck in getting those apps banned.

Also a number of businesses have web based apps that use scripting (using IE, Firefox or Chrome).

Given the above item 3 on the list has very big problems.

0
0

Linux systemd dev says open source is 'SICK', kernel community 'awful'

Duncan Macdonald

Re: Hostile leadership vs hostile software

Pulseaudio might possibly be OK on reasonable systems - on an old single core Atom based netbook it caused so much trouble with sound breakups that I reverted to the basic ALSA drivers. Now at least YouTube and MP3 playback work.

If systemd and NetworkManager came from the same group as Pulseaudio then I need to hunt for distros that do not use either !!!!

13
0

How the FLAC do I tell MP3s from lossless audio?

Duncan Macdonald
FAIL

Re: Digital Clone - billat29

WRONG - there is a HUGE amount of error correction coding on an audio CD. Cross interleaved Reed-Solomon coding is used that can correct error bursts of up to 3500 bits. The audio data rate is 1,411,200 bits/second, the data rate including error correction and other information is is 4,321,800 bits/second - about 3 times as much. During one of the early demonstrations of the tolerance of CDs to errors, Phillips (one of the inventors of CDs) showed a CD with a hole in the data area still playing perfectly.

2
1
Duncan Macdonald

Good source material and very good speakers or good headphones needed

If the original source is poor (either technically or musically) or the speakers (or headphones) are not of very good quality then a high rate MP3 (256kbps or higher) is not likely to be distinguishable for the vast majority of people.

(Most headphones under £50 and most speaker systems under £500 cause far more alteration to the music than a high rate MP3 produced by a reasonable encoder. The rest of any modern sound system is so much better than the speakers (or headphones) that the speakers are the determining factor.)

For some modern "music" almost any change would be an improvement (especially the mute button!!) - a description (all too apt) of one type said that it sounded like someone kicking a metal dustbin half filled with glass bottles down concrete stairs while cursing it !!!!

5
1

Home Depot ignored staff warnings of security fail laundry list

Duncan Macdonald
Mushroom

Re: FIX: No permission to accept cards for 30 days - 30 YEARS

30 years - not 30 days - make the penalty so bad that firms are FORCED to have good security or go out of business.

5
0

Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland

Duncan Macdonald

Luna Impact Theory

If the theory that the moon was formed by a collision between the earth and a mars sized body is correct then there would have been a time during which the surface of the earth was covered in magma.

1
0

Carbon tetrachloride releases still too high, says NASA

Duncan Macdonald

Dry Cleaning ?

Carbon tetrachloride used to be used as a dry cleaning solvent. It would not surprise me to find it still being used in some of the less well regulated countries.

1
0

The internet just BROKE under its own weight – we explain how

Duncan Macdonald
Flame

IPv6 like OSI is far more complex than necessary

Unfortunately the same sort of people who designed the defunct mess that was OSI designed the complex mess that is IPv6.

If IPv6 had been designed by engineers (rather than by theoreticians) it would have been much less complex - just increase the size of the addressing field by 2 bytes and map all existing IPv4 public addresses to IPv6 with the 2 additional address bytes being zero. Give each country its own unique 2 byte address prefix for additional connections once the IPv4 range is used up then additional values for large countries when their first prefix is near full. If this had been done then IPv6 would be in widespread use by now. (6 bytes of addressing allows for over 280 trillion addresses - over 20,000 for every man, woman and child on the planet.)

78
11

Looking forward to the end of Tuesday? You've patched this month's 37 Microsoft bugs, right?

Duncan Macdonald
Thumb Down

The complexity of Adobe Reader is the main problem with it

If Adobe Reader was JUST a PDF view and print application WITHOUT any form of scripting then it would be far safer (and smaller). (The same also applies to Flash - a version with no scripting would be far safer.) The scripting versions of these programs are needed only infrequently but the UNWANTED presence of the scripting capability increases the hazards in Web browsing for very little gain.

8
0

Top Ten 802.11ac routers: Time for a Wi-Fi makeover?

Duncan Macdonald

Unused speed

With available broadband (cable or fiber) currently topping out at about 100Mbps (and ADSL is MUCH slower) for most people, the theoretical top speed of these routers is unimportant. The wireless connection to the router only needs to be faster than the broadband connection for the precise speed to be unimportant.

(If you are one of the few lucky people who can afford a Gigabit broadband connection then go for the fastest router available.)

0
5

Put down that Oracle database patch: It could cost $23,000 per CPU

Duncan Macdonald

Large SGA ?

Back in Oracle version 7 (last version that I used), if the SGA (Shared Global Area) was larger than the database (plenty of RAM and small database) then once a table had been read in it would never be evicted from RAM so it was possible to run the whole database from RAM - the only I/Os were writes from database updates. Given Oracle's exorbitant pricing , if the database can be held in memory this way then this might be the better option (assuming that for some reason you are locked into Oracle).

3
0

Irish court peels off gloves, hands Facebook PROBE request to ECJ

Duncan Macdonald

Could be a fine mess

If the ECJ rules against Safe Harbour - then a lot of US businesses will have problems. (Cloud providers and search engines especially).

9
0

Intel pleads for €1bn EU fine to be overturned, is DENIED

Duncan Macdonald

Double the fine

If a company makes an unjustified complaint about the size of a fine levied on it then that fine should be doubled. This would reduce the number of unwarranted appeals.

0
0

Feds: Amazon cloud can be used for healthcare data

Duncan Macdonald

Please make it easier for the NSA

If the data is transferred to AWS then the NSA can get a full copy of it enroute (and also from their taps into AWS). If it is only kept on the insurers own systems then it takes more effort for the NSA to obtain it.

2
0

Protecting code's secrets wins ACM prize

Duncan Macdonald
Mushroom

Re: Try this - in APL

life←{↑1 ⍵∨.∧3 4=+/,¯1 0 1∘.⊖¯1 0 1∘.⌽⊂⍵}

This little line of code calculates the next generation in the game of life !!!

2
0

Congress divorces NIST and NSA

Duncan Macdonald

I doubt it

The NSA probably wants to read all the DoD secrets along with those belonging to everyone else.

1
0

Privacy International probes GCHQ's mouse fetish

Duncan Macdonald
Mushroom

Amazon ?

Just imagine the effect of putting one Top Secret document on one of Amazon's cloud servers?

How many millions of components would they destroy if they followed these guidelines ?

10
0

Oracle vs Google redux: Appeals court says APIs CAN TOO be copyrighted

Duncan Macdonald

Appeal for an "en banc" ruling ?

As this was not decided by the full bench of the appeal court - can Google ask for an "en banc" ruling - ie from the full court rather than from this three judge panel ?

8
0

Norwegians trial Oculus Rift in tanks: The ultimate battlefield simulator

Duncan Macdonald

Re: Bad, just bad

Even a poor system will beat the limited vision available on a closed tank. The field of view on a closed tank is so poor that threats to the side may well not be detected. Add a rotatable camera with an adjustable zoom on the top of the turret that the tank commander can switch to and the distant viewing might well be better than that obtained in a open tank using a pair of binoculars but without the risk,

5
0

NASA spots 'new' star just 7.2 light years away

Duncan Macdonald

MoND ?

Unless the MoND theory is correct in which case the dark matter is no more real than phlogiston.

(See http://en.wikipedia.org/wiki/Modified_Newtonian_dynamics for more info)

0
0

LOHAN spaceplane's budget minicam punches well above its weight

Duncan Macdonald

Heater ?

If you can afford the extra weight - consider having a small heater in the camera enclosure. (A BP-511 lithium battery and a resistor could give 5 watts of heat for 2 hours for under 100g.)

0
0

Enterprise storage will die just like tape did, say chaps with graphs

Duncan Macdonald

Partly stating the obvious - SANs are I/O bound

A single high end flash drive can use most of the capacity of a 10GbE link. Almost all SANs are horribly I/O bound. (A small array of 100 SSDs can have a raw I/O capability of over 50GBytes/sec (800Gbits/sec) but is unlikely to have more than 2 40GbE links giving only 5GBytes/sec - the problem gets worse on larger arrays.)

Directly attached storage kicks the sh*t out of SANs for speed and latency. The advantages of a SAN are reduction in storage requirements (due to deduplication) and centralised backup. However these advantages no longer outweigh the costs (lower server performance and the high cost of the SAN hardware)

2
3

Apple sued in Texas troll territory for iMovie patent infringement

Duncan Macdonald
Joke

Re: When

Are there enough crossroads???

12
0

'Good job, NSA! You turned Yahoo! into an encryption beast'

Duncan Macdonald

How long ?

How long will it take the NSA to get the keys ?

Once the NSA have the keys then the comms might just as well be in plain text.

My guess is that the NSA have already got hold of the keys.

"We are now encrypting all our traffic to reduce the public fear - don't worry NSA here is your copy of the keys"

7
1

How Microsoft can keep Win XP alive – and WHY: A real-world example

Duncan Macdonald

Re: Keeping Windows XP alive is not good for anyone

Motherboards with ISA slots are still available - too much specialized equipment depends on ISA interface boards so there is still a market that the hardware makers are prepared to fill. (Even ones with the H81 chipset for LGA1150 CPUs - see www.dfi.com.tw/news/NewsDetails.jsp;jsessionid=C6F2FBF5001AA7ED6BFBEDAFC3C0C58B.node1?press=3764&pressName=HD620-H81_Haswell_4th-Gen-2.html for example.)

Unlike M$ the hardware makers are prepared to support old standards as long as there are customers willing to pay. (For people stuck on XP you can still even get new ISA motherboards with socket 775 !!!!)

8
0
Duncan Macdonald

XP will only be insecure if connected

If, as in your example, a system has to continue running XP it is only a security hazard if it has a direct or indirect connection to the internet. For your example disable all protocols except NetBEUI on the XP systems and transfer any necessary files to them on a USB stick (or CD or even floppy).

For other cases putting a paranoid firewall between the XP box and the outside world might suffice.(Firewall in whitelist mode allowing only a few specified IP addresses to communicate with the XP box and only over specified ports.) This is not as secure as an air gap but may be adequate.

55
2

New IPCC report: 8 ways climate change will throw world INTO PERIL

Duncan Macdonald

Re: thermometer reading at a rural weather station

The common instrument in a rural weather station was a mercury in glass thermometer (the dry bulb of a wet and dry thermometer) - no aging problems that I am aware of. If a thermometer was broken and had to be replaced then the replacement could be assumed to be within 1/2 degree. (A replacement with a thermometer that was significently out compared to its predecessor would show as a step in the raw data and would be rather obvious.) Where the manually read mercury in glass thermometer has been replaced by an automatically read instrument, one would hope that the new instrument had been adjusted to match the the reading of the old one and that its readings were checked from time to time.

1
0
Duncan Macdonald

Re: much data manipulation

For some sensors (e.g. satellite ones) calibration can be difficult - however the thermometer reading at a rural weather station has no such difficulty. The reading would normally only be accurate to about 1 degree for any individual measurement but over a multi-year recording of daily temperatures trends should show up.

0
0
Duncan Macdonald

Reliable temperature records ?

If global warming is happening and the AGW scientists want to convince the doubters, then they should release the records of rural weather stations. If a clear warming trend can be found (WITHOUT any manipulation of the data) in weather stations far from cities or artificial structures then more people may believe the AGW scientists.

The data released to date shows so much data manipulation (deliberate or accidental) that it cannot be trusted as a basis for a multi trillion investment. (Deliberate manipulation - see the code and data released in "Climategate". Accidental manipulation - weather stations that were in rural areas that have been swallowed up in cities and weather stations that are now near artificial structures that release heat (e.g. air conditioner outlets).)

The extreme reluctance to release records by the AGW scientists (several of whom went to court to fight the release of records) makes a lot of people (me included) disinclined to believe what they say without better evidence (not manipulated by AGW "data corrections").

16
2

Microsoft DirectX 12 pushes gaming code closer to GPU bare metal

Duncan Macdonald

Windows 7 or it will not be used

With the tiny takeup of Windows 8 to date - if M$ only release it on 8 (and 8.1) there will be very little interest from game developers as the target audience would be too small to justify the effort.

16
4

What kid uses wires? FCC supremo angry that US classrooms are filled with unused RJ45 ports

Duncan Macdonald

Use 5GHz band

Use one cheap 5GHz access point with DFS in each classroom. E.g the Deliberant APC-5Mi which costs less than £80. Sticking to 5GHz provides sufficient channels that the access points can do their own channel allocation without needing tedious manual allocation.

0
3

NSA's TURBINE robot can pump 'malware into MILLIONS of PCs'

Duncan Macdonald

Re: Sigh

Correction - Governments' ONLY job from day one is to protect the rich and powerful from the people who are not rich or powerful.

11
1

Belgian judge mulled BANNING APPLE (actually, its website) in Euro warranty row

Duncan Macdonald

Re: 10 years, 100,000 miles??

Replacement Apple battery £55 - and loses all data on the phone (the user has to back it up and restore it himself - or pay for someone else to do it).

Replacement THL W8S battery £12.49 - all data on the phone is preserved as it is a user swappable battery.

(IPhone battery 5.45Wh - W8S battery 7.4Wh)

1
0
Duncan Macdonald

Re: 10 years, 100,000 miles??

By the end of year 5 the charge cycle count for an iPhone will be about 1800 if like most smartphones it is charged every day. If even apple admit that the capacity will be down to 80% after 1000 cycles then a remaining capacity of 50% after 1800 cycles is perfectly plausible.

A properly designed phone should have a lifespan (excluding accidents) of 10+ years - however Apple would much prefer the phone to become unusable shortly after the warranty expires.

2
0
Duncan Macdonald

Re: 10 years, 100,000 miles??

Except for the batteries - by the end of year 5, the run time is probably less than 50% of the original figure. For sealed units (APPLE and some android vendors) this limits the life of the kit. For the better value android phones with replaceable batteries (e.g. my THL W8S) a life expectancy of 10+ years is achievable.

If the judge wanted to punish Apple - require them to provide and fit replacement batteries for no more than 20% of the original purchase price of the kit.

3
0

Hey, Nimbus Data. What you doin' with those 4TB flash slabs? Making a 96TB box? We KNEW it!

Duncan Macdonald

Bandwidth starved

40Gbits/sec is 5Gbytes/sec. As a single 4TB PCIe SSD can reach 4GBytes/sec and this system at full size would have 240 such drives with an total bandwidth of almost 1TByte/sec, the interface to the host is a SEVERE bottleneck.

(Even if the Reg has misquoted and the bandwidth to the hosts is 40GBytes/sec rather than 40Gbits/sec it is still a severe degredation of the potential SSD bandwidth.)

0
0

Energy firms' security so POOR, insurers REFUSE to take their cash

Duncan Macdonald

Blame Management price cutting

Power stations used to have sufficient manning that external day to day support was not needed and there was no connection between the control systems and the outside world. However skilled manpower costs money - so to reduce the costs a lot of the on-site staff was made redundant and much of the monitoring was done remotely instead. In a ideal (no-threat) environment this makes sense as by grouping the monitoring function it is possible to manage more generators with the same amount of people. However this (and the demand for computer based remote control of generator output to meet the trading systems requirements) requires communication from the power stations to the control and monitoring locations. For cheapness this is done by TCP/IP and often over the internet. The power station control systems were designed as isolated systems with no outside connection so security was never a design requirement. Given the difficultly of making the control systems secure (downtimes of months to years could easily occur), the security needs to be put between the power station system and the outside connection.

Minimum requirements for reasonable security

1) NO UNUSED USB PORTS (disable any unused non-removeable ports by filling them with epoxy or by using a locked cover over the ports). (Note that some plant interfaces and printers may be connected by USB.)

2) Dedicated non-Windows system (Linux, Unix or OpenVMS) running a stringent firewall application as the sole interface between the power station control system and the external site(s)

3) Encrypted comms between the firewall system and the external site(s)

4) No public TCP/IP address for the firewall system or any part of the power station control system

5) Enough trained staff at the power station to allow continued operation (including requested changes of output) if the remote link fails.

For the people who say that the control systems should have been designed with security as a prime requirement - this is like saying that a WW1 ship should be designed to stop sea skimming missiles. At the point where many of these systems were designed the current threats did not exist and even if they had, the isolation of the power station control network from the rest of the world would have made them of negligible significance.

New systems being designed now (or that were designed in the last 5 years) should have security as a major design requirement.

5
2

FBI offers $10,000 bounty for arrest of laser-wielding idiots

Duncan Macdonald

Re: No problem...

Bit nasty for the neighbours if the perp lives in an apartment block (or is in a hotel).

6
1

DARPA hands IBM £3.4m to develop SELF DESTRUCTING CHIPS

Duncan Macdonald
Mushroom

Re: Self-destruct helicopters? - Thermite

If you want to do an effective destruction of an aircraft then fire is the best choice. Include a 10Kg thermite charge on the craft with a manual trigger - if the vehicle has to be abandoned then trigger the charge and all that will be left is a pile of ash.

For self destructing chips, I would suggest using a layer of bullet primer compound under the silicon chip. When triggered it would both pulverise and melt the chip. Using this method the actual chip production would not need any expensive adjustments - the primer compound would be added as part of the packaging.

0
0

Ex-NSA guru builds $4m encrypted email biz - but its nemesis right now is control-C, control-V

Duncan Macdonald

Virtual PC ?

If you run the "secured email" client in a virtual pc then what ever is displayed may be copied at the host OS level irrespective of ANY security that the client may have.

8
0

Good news: 'password' is no longer the #1 sesame opener, now it's '123456'

Duncan Macdonald

Banned password dictionary

Even back in the early 1980's VMS had a list of banned passwords - any attempt by a normal user to create a password that matched one in the forbidden list was rejected with a request for the user to choose a different password. Why is it that modern systems running on vastly more powerful hardware do not use the same method . (From memory in one of the early VMS versions the forbidden password list was about 47000 words long.)

6
0

Marvell stuck with $1.17 billion patent bill

Duncan Macdonald

Paying the taxes a different way

Instead of paying the taxman, they are paying CMU instead.

(As judges are human - there would be more chance of judicial support if they were a tax paying US company instead of a tax avoiding Bermuda one.)

4
0

Thought sales were in the toilet before? Behold the agony: 2013 was a PC market BLOODBATH

Duncan Macdonald

Hardly surprising

PCs have become good enough for the majority of users that there is very little need to upgrade. With Windows 8 being unattractive to users, there is even less desire to upgrade.

(Even if the Windows 8 interface was not so horrible - touch screens have an inherent problem - fingermarks. By the time a touchscreen PC has been used for a few weeks, it looks bad compared to an older non-touchscreen PC. This further reduces consumer demand.)

At the moment the consumer PC market consists of new users, replacements for really old systems (Vista and older) and replacements for broken systems. Users with working Windows 7 systems have very little need or desire to upgrade.

32
0

UK 'copyright czar' Edmund Quilty quits as Blighty's Director of Copyright Enforcement

Duncan Macdonald

Excessive copyright term

If the copyright period was reasonable (no more than 20 years) then fewer people would be in contempt of it.

Big companies (DISNEY and others) get the copyright term extended whenever one of their moneymakers is nearing the end of its copyright period (the 1936 Mickey Mouse film is still in copyright!!).

What I would like to see - copyrights owned by the original author(s) 20 year term - all other copyrights 10 year term - in both cases from first publication. (As politicians are so easily bought by "Big Business" the chance of this happening is zero.)

2
0

2013: A Space Odyssey - a cosmological review of the year

Duncan Macdonald
FAIL

Get the mass right

The Russian meteor is estimated to have been about 12000 tons not 10 tons - for more info see the wiki entry

( http://en.wikipedia.org/wiki/Chelyabinsk_meteor )

3
0

You've got $60k: So, 2013 sporty Corvette, or a year of AWS's new I2 beast?

Duncan Macdonald

Expensive

There is an article on Anandtech about server memory that mentions server pricing

(http://www.anandtech.com/show/7479/server-buying-decisions-memory/3)

Quote

An HP DL380 G8 with 24 x 32GB LRDIMMs, two E5-2680v2, two SATA disks and a 10 GbE NIC costs around $26000.

Adding the extra SSDs to match the i2.8xlarge would cost less than $4000 so for less than half the cost of 1 years usage you can get a system with 3 times the memory and 40 virtual cores (20 physical + hyperthreading gives 40) instead of 32. The Amazon system is only suitable for short term peaks - if you need it for more than about 3 months then it will be cheaper to buy your own server.

3
0

Legal bruiser Reback joins Google battle in Europe

Duncan Macdonald

What a surprise

An american lawyer paid by Microsoft says that the EU is not nasty enough to Google.

I also trust Google more than Pricerunner, Bizrate or Kelkoo to find the best deals (hint: select order by price low to high).

Microsoft does not like the fact that its search (Bing) is far worse than Google search and people know it.

8
0

Page: