* Posts by Duncan Macdonald

1107 publicly visible posts • joined 20 Mar 2009

Page:

In the rush to build AI apps, please, please don't leave security behind

Duncan Macdonald
Unhappy

Senior management are the problem

Many companies senior management would much rather that money be spent on their salaries and bonuses than on making products safe, secure and reliable.

This is not only an IT issue - see the Boeing 737 MAX crashes and problems for example of what happens.

Watchdog calls for more plugs, less monopoly in EV charging network

Duncan Macdonald
Unhappy

Re: I will purchase an electric vehicle - eventually

Try remembering that wind power is NOT reliable power - there have been times when the UK 18+GW peak wind capacity has actually generated under 0.5GW. In addition to that the EV energy consumption of 300Wh per mile is under optimum conditions (daytime, clear road, no heating or air conditioning needed) - in winter months the requirements for heating and lighting massively increase the needed electrical energy. ICE vehicles have effectively free heating as they use the waste heat from the engine but as an example the Tesla 3 heater takes over 4kW from its battery.

In winter when the electricity demand is already the highest, EVs will require far more energy from the electricity system than they do in summer. The electricity system margin is already too low to cope with 10% of ICE vehicles being replaced by EVs during a calm spell in winter let alone 100%. (I do however agree that during a windy spell in late spring there would be enough power.) Generation and transmission systems have to be sized to handle the peak load (and still have a safety margin to cope with equipment outages). Generators and major overhead power lines take years to build once someone puts up the money for them. As both the generating companies and National Grid are businesses they will not make the multi-billion pound investment needed themselves until they are certain that they will make a profit from such investment and there is no sign that the UK government is prepared to fund the investment.

One of the other big problems with the electricity supply is likely to be the local 240 volt distribution systems - the underground cables are sized for the current loads - adding a significant number of EVs charging overnight is likely to need the cables (and transformers) to be upgraded needing a lot of roadworks to replace the cables.

Icon for an EV owner who can not charge his/her vehicle =======>

Duncan Macdonald
FAIL

Re: I will purchase an electric vehicle - eventually

Remember a huge number of UK vehicle owners do not have dedicated off street parking. For these people charging at home is difficult or impossible. The cost per kWh at public charge points is far higher than the cheap off peak rates available for people who can charge at home and the higher charge rates reduce battery lifespan.

A further point - there is NO WAY that the UK mains electricity supply can handle the replacement of a significant proportion of the current ICE vehicles with EVs. Locations with a number of high power charge points will probably need to install their own diesel generator to handle the load - and if they do then the "NO EMISSIONS" part of EV advertising rings rather hollow.

Current UK peak electricity demand is just short of 50GW (50,000,000,000 watts) and the UK population is a bit over 67 million giving a current average peak electricity consumption per person of under 750 watts (total peak load divided by population). Charging EVs at home even using a basic 3kW charge rate (ordinary UK mains plug) adds the equivalent of 4 extra people per EV while charging. Replacing just 10% of the current ICE cars (33.5 million) by EVs (ie 3.35 million) would if they were all charging at once using basic 3kW charging add an additional electricity demand of 10GW - more than the electricity consumption of London!!! Neither the generation nor the electricity transmission systems are even close to being capable of handling such an additional load.

Icon for those people who insist on replacing ICE vehicles with EVs when there is insufficient electrical power to charge them. ===>

Varda capsule proves you don't need astronauts for gravity-defying science

Duncan Macdonald

Re: How did they develop the capsule and heat shield?

As the capsule is a single use design, an ablative heat shield (as used on every manned mission between Mercury and Apollo) would suffice. The SpaceX requirement for multiple reuse requires a more complex heat shield system.

Some Intel Core chips keep crashing, game devs complain

Duncan Macdonald
Unhappy

Not surprising

Intel processors are being outperformed by AMD processors. To try to make the Intel processors look competitive they have to run the chips faster which cuts the timing margins. Instead of using speeds and power usage that are safe for every chip they are taking them to the bleeding edge of their capability - and like most equipment run at the bleeding edge there are failures. At least SO FAR the failures do not seem to be causing actual chip meltdowns. (But I would be uneasy about using them for critical calculations (financial or engineering) without down clocking them to increase the margins.)

Icon for users who applications give incorrect results ===>

Space nukes: The unbelievably bad idea that's exactly that ... unbelievable

Duncan Macdonald

Re: Whatever is behind the Russian space nuke scare :o

Pushing an incoming asteroid away with a nearby nuclear explosion is likely to be better than fragmenting it with a contact explosion.

If the asteroid was intercepted one month before impact, a velocity change of 10km/hour would be sufficient to make it miss the Earth. An intercept one month before impact would also be far enough from Earth that there would be no EMP problems for the satellites orbiting Earth.

That runaway datacenter power grab is the best news for net zero this century

Duncan Macdonald

Iceland

There is one obvious location with easy cooling and carbon neutral geothermal generation available - Iceland.

The low outside temperatures make cooling far easier than (for example) a datacenter located in Arizona.

There is a lot of untapped geothermal energy available in Iceland due to its location on the mid Atlantic ridge.

As existing datacenters take years of planning to arrange power etc, the requirement to build a small geothermal plant for each datacenter should not add much delay to the process of building a datacenter.

A lot of datacenter activities (eg AI training) can easily tolerate the additional few milliseconds latency for the data transfer from Iceland to mainland Europe or the US.

How 'sleeper agent' AI assistants can sabotage your code without you realizing

Duncan Macdonald

Javascript

Given the amount of Javascript included in so many web pages these days, the chance of some of it being vulnerable is unfortunately high even without AI. Even the Reg front page has almost 1500 lines of code - some sites have far more and the code is often obscured (eg the Google home page).

Scientists mull Solar Radiation Management – a potential climate-change stop-gap

Duncan Macdonald

CO2 absorption by iron fertilisation of the oceans

There are large areas of the oceans where the limiting nutrient for plant growth is iron. Adding iron to the low productivity areas of the ocean would cause an increase of CO2 absorption in those areas thereby lowering the atmospheric CO2 levels. One of the small scale tests in 2004 (EIFEX) showed a capture ratio of 3000 molecules of CO2 per atom of iron.

However many of the "Climate Change" and "Green" lobbies have opposed large scale trials because if successful it could reduce the perceived importance (and thereby funding) of the climate change lobbyists.

The amount of CO2 in the atmosphere is about 3.29 trillion metric tons which is an increase of just over 1 trillion tons since the middle of the 18th century.

This excess amount of CO2 equates to approximately 280 billion tons of carbon.

If the same capture ratio that was achieved in the 2004 EIFEX experiment could be repeated at large scale it would take approximately 440 million tons of iron to completely remove all the excess CO2 which is approximately 25% of one year's iron production.

War of the workstations: How the lowest bidders shaped today's tech landscape

Duncan Macdonald

Re: Sorry Liam, Not Even Wrong... -- Dave Cutler

I have done device driver work on RSX-11M - the kernel code that Dave Cutler wrote was very well written (and unusually even better commented!!). Getting a multitasking multiuser protected mode OS to fit into a memory footprint of under 32kBytes and making it one of the most stable operating systems I have ever used was a superb coding job. All the kernel code for RSX-11M was written in MACRO-11 assembler.

The only times that I have ever seen RSX-11M crash was due to hardware faults (or once someone pulling the mains plug out!!!).

The later VMS operating system for the VAX (and later Alpha) computers was if anything more robust. One VMS cluster that I was using had the leads from one computer to the disk controller pulled out by accident - the computer that had lost its direct disk access saw that another member of the cluster still had a connection to the disk controller so it rerouted the disk traffic over the Ethernet network to the other computer and thence to the disks. No user interaction was required - the only observed effect was a minor slowdown until the leads were reconnected at which point VMS resumed using the direct connection.

Many VMS clusters had uptimes of multiple years despite hardware faults and upgrades, computer replacements and OS upgrades.

If Dave Cutler had not joined M$, OS/2 might well have taken the place of Windows NT.

Duncan Macdonald

Multiple languages were and are needed

In the 1970's and 1980's I worked on process control using PDP-11 computers. With their low speed and limited memory, device drivers were normally written in assembler for minimum memory and maximum speed. However assembler is only suitable for smaller jobs - the application programs were written in higher level languages to make better use of the one part of computing that has not improved in performance - the human brain. At any one time a human can reasonably work on a module of at most a few hundred lines of code (one of the biggest reasons for the development of subroutines was to cordon off sections of code so that they could be developed independently). A hundred lines of a high level language (eg C, FORTRAN, CORAL-66, PL/1 etc) can easily be the equivalent of over a thousand lines of assembler.

One project I worked on was the monitoring system for the Dinorwig power station - the system had a single PDP-11/34 (1/3of a MIP, 248kB RAM and 4.8MB of disk storage) to handle about 5000 plant inputs, 6 line printers and 3 displays. This required tight coding to make everything fit and run fast enough - when it was replaced about a decade later with a DEC ALPHA system (over 100MIPs, 32MB RAM and 200MB of disk storage) there was no longer the tight coding requirement and the 12 man year initial development was reduced to a small fraction of the time.

With current computers the only places where assembler code is still used are in the early stages of startup (setting up hardware parameters and loading microcode), some shared high speed maths libraries and in some computer viruses(!!). Because of the HUGE speed improvement and the MASSIVE price drop since the early days, the best way to do computing projects has changed - a cheap £60 Android phone has a thousand times the speed, memory and storage of the Dinorwig PDP-11 system that cost the equivalent of well over £200,000 in today's money. The most expensive component is now programmer time. The FAST,CHEAP,GOOD - choose any two - has firmly gone to FAST and CHEAP for almost all systems.

UK may demand tech world tell it about upcoming security features

Duncan Macdonald
Black Helicopters

One time pad - with a twist

If you need to send a message that needs to be kept secret - encrypt it with a one time pad. (That is the normal bit.)

Then the twist - take an innocent message of the same length and derive a one time pad as the exclusive OR of the innocent message and the encrypted message.

If forced to decrypt the message by the police - use the derived one time pad to give the innocent message.

One defining feature of a one time pad is that the encrypted message gives no indication apart from the size of the original message content.

An encrypted string "bivbh jwhxjpwnkhtesq23" could decrypt to "Birthday party tomorrow" or "Bomb Moscow on Monday." depending on the one time pad.

Microsoft pins hopes on AI once again – this time to patch up Swiss cheese security

Duncan Macdonald
Flame

Use defensive programming

If Windows was coded with the same level of defensive programming as used to be common in minicomputer operating systems there would be far less security problems in it.

An example (in pseudo code) of the sort of coding that used to be common (taken from RSX11M operating system)

System function request from user program

Is the function number in range - if NO then reject the request

Does the program have the right to call the function - if NO then reject the request

Has the program passed the correct number of parameters - if NO then reject the request

Are all the parameters accessible - if NO then reject the request

If the above checks are OK then pass the request to the system function which (for most requests) will perform further checks and reject the request if any fail

The assumption should always be that any request is invalid and only if all checks are passed should it be acted on.

Unfortunately a lot of current code omits the vital checks resulting in security holes.

Tenfold electric vehicles on 2030 roads could be a shock to the system

Duncan Macdonald
Happy

Re: And then there's Insurance

My suggestion - Jaguar XF 3.0 V6 - top speed over 150mph - and models available on eBay from about £3k (a small faction of the cost of the battery pack for any EV).

Cisco zero-day bug allows router hijacking and is being actively exploited

Duncan Macdonald

This is what happens when you replace Huawei with Cisco

See Title

ROBOT crypto attack on RSA is back as Marvin arrives

Duncan Macdonald

Add random delay to error responses ?

As the attack works by sensing the time differences in error paths perhaps one fix might be to insert a random delay into error responses. It would not slow down normal operation just the normally infrequent error processing.

The home Wi-Fi upgrade we never asked for is coming. The one we need is not

Duncan Macdonald
Unhappy

Re: Too pessimistic - Not always

One friend lives in a recently built property with plasterboard internal walls - UNFORTUNATELY this plasterboard and the plasterboard on the external walls has a layer of aluminium foil on the back making internal WiFi problematic and mobile phone calls do not work unless right by a window.

Power grids tremble as electric vehicle growth set to accelerate 19% next year

Duncan Macdonald
FAIL

Re: If have the extra power to refine more petrol...

Not even close - the majority of the energy used in an oil refinery is thermal energy - and guess what - it is an oil refinery so they get the thermal energy by burning oil.

The push to EVs has the following major problems

1) The cost of EVs is still far higher than the cost of ICE vehicles

2) There is insufficient generation to handle a significant proportion of EVs even in windy periods where wind farms deliver maximum output (and during calm weather wind farms produce zero electricity).

3) Even if by some miracle the electricity generation was available, the distribution system is not sized to handle the additional load. The biggest problem is with local distribution in towns and cities - the cables and transformers are not sized for the additional load. As (in the UK) urban electricity distribution is done with underground cables the majority of urban roads would need to be dug up to replace the cables with bigger ones.

Current UK peak electricity demand is just under 50GW - approximately 0.75kW per person in the UK. Medium rate domestic EV chargers charge at about 7kW. There are over 33 million cars in the UK - if all were EVs charged with domestic chargers overnight the peak electricity demand by the EVs alone would be well over 200GW - over 4 times the current peak demand.

Because wind power is unreliable (the UK does get some calm days most years with very little wind power available) there has to be sufficient conventional generation (coal,oil,gas,nuclear) to cover shortages.

One further note - EV ranges are always quoted for mild conditions when the vehicle is not using heating or cooling - with an ICE vehicle heating is effectively free as it uses the waste heat from the engine - for an EV the power for heating comes directly from the same battery that powers the motor reducing the range considerably.

We all scream for ice cream – so why are McDonald's machines always broken?

Duncan Macdonald
Mushroom

Re: Limiting choice is anticompetitive

Winning a federal election (Congressman, Senator or President) requires the expenditure of far more money in advertising than will ever be paid in salary.

As a result only the very rich or people sponsored by the very rich can be elected and the sponsors expect to get their money back in the form of laws and contracts that favor them.

Therefore a lot of US law favors the rich and big businesses - anything that favors the ordinary people rather than the rich is unlikely to be passed (and if it is passed then it is likely to be delayed for a long time and watered down to have as little impact on the rich as possible).

Icon for what should happen to politicians that abuse the public's trust (95%+ of senior politicians) ========>

Boffins reckon Mars colony could survive with fewer than two dozen people

Duncan Macdonald

Why do people call a small outpost a colony ?

Any settlement can only be considered a colony when it can survive without ongoing resupply. On Earth (with air, water and food available) the minimum number for long term survival seems to be about 2000 - fewer than that and inbreeding becomes a problem (smaller groups have survived when there has been a trickle of new people arriving).

On Mars (or the Moon) the lack of critical resources (air, water, food etc) requires a lot of high tech equipment for survival. This requirement for high tech means that resupply from Earth will be needed until the equipment can be produced locally. The number of people needed to produce such equipment means that the smallest self sustaining colony on Mars would need over a million people. Any smaller group would be doomed to extinction if the supply from Earth was cut off. When it was no longer possible to repair or replace a bit of vital equipment the settlement would start to die.

Let's play... Force off the power to someone else's datacenter systems

Duncan Macdonald
Mushroom

Time for a simple cron job

Turn the data center power off then on again every 30 seconds - and just see how long it takes to REALLY damage the data center equipment. My guess is less than 10 minutes before things break.

Icon for the equipment after 30 minutes of power cycling ===========>

How to get a computer get stuck in a lift? Ask an 'illegal engineer'

Duncan Macdonald

Similar problem

The computer had to be moved from goods in (in the basement) to the 4th floor - unfortunately the goods lift only went up to the 2nd floor so the personnel lift had to be used. The computer itself would not have been a problem (a PDP 11/34 with 2 RK05 disk drives and a CAMAC crate) but it was in a CEGB electronic equipment rack.

The CEGB (UK Central Electricity Generating Board) had had a number of nasty incidents at power stations under construction where racks full of expensive equipment were damaged or destroyed by bad construction drivers. So the CEGB made a requirement for all power station electronic equipment racks that they should be strong enough to protect the equipment if they were rammed by a jeep doing 20mph !!

Needless to say such racks were HEAVY - the lift refused to move with the rack inside!

After removing the front and read access doors the lift would travel to the 4th floor - but it stopped about 6 inches short making it impossible to get the rack out.

After a few curses a hack was tried - the lift was taken back to the basement then taken to the 5th floor then down to the 4th floor and pushed out as soon as the doors started to open - thankfully that worked.

(For any ex-CEGB workers who are interested - this was the Dinorwig development computer system and the incident happened at Laud House in the 1970s.)

Unfortunately there is no heavy weight icon !!!

FBI boss: Congress must renew Section 702 spy powers – that's how we get nearly all our cyber intel

Duncan Macdonald
Mushroom

Section 702 WILL be renewed

By now the various agencies (NSA,FBI,CIA etc) will have so much dirt on US politicians that they will be able to get it renewed.

FBI agent to US Senator "Will you vote to renew Section 702 or will we release the videos of you having underage sex ? "

Given the nature of US politicians, the FBI have probably got potent blackmail material on most of them.

Icon for what should happen to corrupt politicians (well over 90% of them) ============>

Chips ahoy! US and China locked in self-destructive battle of trade restrictions

Duncan Macdonald

Military spending

There are too many US politicians that depend on "lobbying contributions" (aka bribes) from the defense industry. The US spends more on "defense" than the next 12 countries put together. If there US had no perceived conflict then the "defense" spending would drop which would make the executives and shareholders of the defense industry unhappy.

Russia's military power is a small shadow of what the USSR had at its peak and apart from its nukes has no real way to threaten the US. China is so far from the US (7000 miles coast to coast) that the logistics of one of them attacking the other is hopeless. China's navy is so small compared to the US navy that even it trying to invade Taiwan would be difficult and any more distant objectives would be impossible.

If the US reduced its military expenditure to what was actually needed for defense it could probably save over $400 billion per year - but the politicians would no longer get their bribes and the US unemployment would jump as the military would have fewer people and the defense industry would shed jobs.

China has so far made only token responses to the US trying to cripple its high tech industry - my belief is that China is playing the long game - expecting the US economy to collapse under the weight of its debts sometime in the coming decades (to see why - look at the US Debt Clock ( https://www.usdebtclock.org/ ) - the unfunded liabilities are currently over $192 trillion and rising by more than $1 million every 4 seconds and there is a lot of other bad news there).

Suit alleges Oracle oversold and under-delivered on NetSuite software

Duncan Macdonald
Mushroom

Oracle misleading customers ?

Surely you jest - after all Oracle is a fine upright company that would never mislead or sell faulty software!!!

/sarc

Icon for what should happen to businesses that mislead their customers ========>

UK smart meter rollout years late and less than two thirds complete

Duncan Macdonald
Flame

Remember - "smart" electricity meters can turn off your supply

All UK "smart" electricity meters have a built in relay that can disconnect the power. The main reason that the government wants "smart" meters is not for benefits for consumers but to ensure that the "unimportant" people can have their electricity turned off leaving enough power for the "important" people anytime that there is an electricity shortage.

The metering function does not require a remote disconnect - it was insisted on by the UK government to ensure that the "important" people never had power outages.

(The smart meter would cost less to make if instead of the relay it just had a wire link so there was no remote disconnect facility.)

Icon for the lying B*S*A*D* who falsely promote "smart" meters ==========>

US senators and spies spar over Section 702 warrantless surveillance

Duncan Macdonald
Mushroom

Do not expect 702 to die

Three letter agency to politician

"If you do not re authorize Section 702 then we will release the videos showing you having under age sex."

Given the apparent total lack of morals in senior politicians, I think it very likely the three letter agencies have serious blackmail data on enough politicians to get Section 702 re authorized.

Icon for what should happen to corrupt politicians (over 90% of then) ========>

The challenges Intel faces to compete with TSMC, Samsung

Duncan Macdonald

Tape out costs

As it takes hundreds of millions of dollars to tape out a complex chip, Intel is unlikely to find many customers until after its new FAB lines have proven themselves (if they ever do). This will add a delay of 6 months to a year (or more) from the 20A FABs coming online to the point of first commercial customers. Unfortunately for Intel - the tape outs are specific to a particular process - one for TSMC 2nm will not work on Intel 20A and vice versa. For a customer the choice is between investing over $500million on a TSMC tape out from a manufacturer with a good success record or over $500million on an Intel tape out from a manufacturer with a poor success record.

Intel will probably have to massively subsidise its first customers - or it will not get any.

Ford in reverse gear over AM radio removal after Congress threatens action

Duncan Macdonald

Re: The only question remaining is ...

Many smartphones have FM reception capability when used with plug in headphones - using the headphone lead as the FM antenna. Unfortunately while the length of a headphone lead is a reasonable match for the FM frequency band it is a very poor match for the AM frequency band. (FM around 100MHz AM around 1MHz). Very good signal processing would be required to get good audio from an AM antenna that was under 1m in length unless very close to the transmitter. The aerials inside a smartphone are so small that they are a VERY BAD match to the AM frequency band which would result in a very weak signal for the electronics.

To quench AI's thirst, the way we build, operate datacenters needs to change

Duncan Macdonald

Look North !!

If the datacenters are located in cold locations (Alaska, North Canada, Iceland etc) then cooling becomes trivial. (Iceland also has the advantage of cheap geothermal electricity.)

(Unfortunately there is no icon for freezing !!!)

Let white-hat hackers stick a probe in those voting machines, say senators

Duncan Macdonald

If you want secure elections

then DO NOT use computers to count the votes.

A manual system (as used in the UK) is inherently immune to computer hacking.

FYI: Intel BootGuard OEM private keys leak from MSI cyber heist

Duncan Macdonald

One good point

For anyone who wants to tinker with the firmware on their own device - if it was one of the affected MSI systems then they can now do so.

India bans open source messaging apps for security reasons. FOSS community says good luck

Duncan Macdonald
Flame

Re: We do have rights

Except that very few countries view the UN declaration as anything other than a bit of waste paper.

(examples - the NSA spying on US citizens, the FSB spying on Russian citizens etc)

"Rights" are only meaningful when the governments choose to adhere to them.

Duncan Macdonald
Flame

Rights - Peons have no rights !!

As far as governments worldwide are concerned citizens have no rights - they are required to support their governments without protest.

(Can you think of a living politician that you would be happy to leave alone in your house with valuables on display ? Yet they have life and death power over huge numbers.)

Dump these insecure phone adapters because we're not fixing them, says Cisco

Duncan Macdonald

The US government has become less trustworthy than China

All the US politicians are interested in is their own power and fortune - they do not care about anyone who is not at least a multimillionaire. The UK security services examined the source code of many Huawei devices and found many examples of poor coding but no evidence of any deliberate backdoors. (However the UK government still went along with the USA when it exerted pressure to ban Huawei.)

Huawei devices had two major problems as far as the USA was concerned - they were cheaper than the equivalent Cisco devices and they did not have NSA backdoors baked in.

America ain't exactly outlawing gas cars but it's steering hard into EVs

Duncan Macdonald

Not practical

Shutting down carbon based generation (coal/oil/gas) in 15 years is not practical.

To replace the current carbon based power plants would require the building of a huge number of nuclear power plants. With the exception of a few small areas in the world (eg Iceland) the renewable energy sources are either very limited (eg hydro) or not constant (wind/solar/tidal). As people still need electricity on a calm winters night there has to be sufficient conventional (coal/oil/gas/nuclear) generation to cover the load.

There is not the capacity to build the required number of nuclear power stations in 15 years - probably not even in 25 years.

Duncan Macdonald

Re: Current EV battery technology is unsustainable

Garage petrol filler hoses dispense power at around 17 megawatts not just one megawatt (30l/min @ 34MJ/l)

Duncan Macdonald

Distances

Many people in the US drive much longer distances than UK drivers. EVs are impractical for a single day drive of 600 miles or more due to both the time taken to recharge and the limited number of fast recharging points. A typical petrol car can be refueled in about 5 minutes and be good for over 400 miles - an EV that uses a rapid charger may manage a full recharge (good for about 200 miles) in about an hour but if only a lower power charger is available then the full recharge time will be several hours.

600 mile journey

Petrol car - driving time + 5 minutes refill time

EV - driving time + 2 hours recharge time (rapid charger)

EV - driving time + 12 hours recharge time (slow charger)

Also the electricity has to come from somewhere - places with charging points that do not have a high power grid connection will need a local generator to be able to run rapid chargers (at over 100kW each). This is almost certain to be a diesel generator producing its own CO2 emissions.

As many US politicians are aware of these facts, I expect the proposed EPA rules to be rejected by Congress.

SHEIN has the look of America's next tech-meets-geopolitics fit-up

Duncan Macdonald
Unhappy

Typical Americans

US firms hate successful competitors - especially from other countries.

I would be willing to bet that most of the firms behind Shut Down SHEIN also get their products made in sweatshop factories in places with very little regulation.

A more accurate complaint from Shut Down SHEIN would be "this foreign company is beating us at our own game so politicians please destroy it".

Critical infrastructure gear is full of flaws, but hey, at least it's certified

Duncan Macdonald
FAIL

Agreed - AIR GAP is still the best practice - but unfortunately all too often boneheaded senior management insist on remote access even when there is zero need.

Many earlier plant control systems had no internal security - the assumed air gap between the control system and the outside world was their security - then a PHB insists on remote access :-(((

Icon for people who connect an unsecured control system to the internet =====>

Germany clocks that ripping out Huawei, ZTE network kit won't be cheap or easy

Duncan Macdonald
Mushroom

Re: Pots and kettles in dark places

The US had two reasons to try to eliminate Huawei

1) Huawei kit was cheaper than the equivalent Cisco kit and Cisco donated a lot of money to US politicians

2) Huawei did not preinstall the NSA backdoors

Chinese spying was never a reason - just a slightly plausible excuse

Icon for what should happen to politicians that put their bank account over the well being of their country (99+ of all politicians)

===============>

It's official: BlackLotus malware can bypass Secure Boot on Windows machines

Duncan Macdonald
Happy

Re: Even the manufacturers hate secure boot

Turning Secure Boot off has its advantages - it stops the Windows 11 malware from installing !!

Thunderbird email client is Go for new plumage in July

Duncan Macdonald

Keep the old interface and do NOT get rid of its special features

The current interface is simple to understand (and explain to others).

The main advantages of Thunderbird are :-

1) Local database which allows offline use and no message expiry

2) No automatic opening of remote sites (unlike most email clients) which blocks a lot of crap

3) The ability to view the source of any email (including all its headers) if you are suspicious of the email

4) The interface had remained stable for many years - unlike all too many bits of software whose UI changes almost daily

(I dislike unnecessary UI changes so much the I am sticking to an old version (68) which has a UI that I like.)

Microsoft swears it's not coming for your data with scan for old Office versions

Duncan Macdonald

Re: Strange way to respect user privacy

You probably have about as many Linux users in your company as Windows users - they just do not realize it as all Android devices have a Linux kernel.

Gootloader malware updated with PowerShell, sneaky JavaScript

Duncan Macdonald
Mushroom

Browser code execution

If browsers were just that without the ability to run code then the vast majority of these attacks would not be possible.

Unfortunately advertisers want the ability to execute code on the users computers (where the cost is born by the users) rather than on the servers (where they would have to bear the cost) and also want to be able to extract as much data about the users as possible..

For a safe browsing experience the browser should only execute HTML with no scripting or invoking other programs - however almost all sites now require the browser to support active scripting (shades of Internet Explorer and ActiveX!!). Now often even the website authors do not know what code the users are being asked to execute as their code pulls in code from other libraries which then pulls in further code.

It is getting to the point where the only safe way to run a browser is in a VM with no persistent storage using a Linux live CD (or DVD) image.

Even with Noscript, Spybot S&D and Norton Security (and using Firefox instead of IE or Edge) all too often browsing seems like treading a path through a minefield!!!

Icon for what should happen to the people who insist on browsers having active scripting ============>

Renewables are cheaper than coal in all but one US location

Duncan Macdonald

Downvotes

The Reg should have a way to downvote articles that are so selective in their quoting of "facts" just like comments may be downvoted.

For a level playing field - no subsides for wind or solar and no carbon penalty for coal/oil or gas. If this is done then wind and solar are hopelessly uneconomic except in remote off grid areas.

Also the price paid for wind and solar generation should be penalized due to its unreliable nature (solar is zero at night and low on cloudy days, wind power output varies widely (from zero in calm to a maximum at medium-high wind speeds then dropping to zero when the wind speed is too high for the generators)).

Watch Rocket Lab lift off from US for first time, put radio-sniffing sats into orbit

Duncan Macdonald

Little competition

Given the difference in lifting capacity between the Electron rocket and the Falcon 9 - LITTLE competition is correct.

The Electron rocket can lift 300kg to LEO whereas the Falcon 9 can lift 22,800kg to LEO. (Roughly the difference between a motorbike pizza delivery and a full UPS van.)

Intel chairman exits just ahead of next financial report

Duncan Macdonald
Unhappy

Any tech firm that kills R&D kills itself

Any firm that makes profits by its products being better than those available from its competitors needs to keep ahead of those competitors. If the competitors are doing R&D to improve their products (as AMD did with its CPUs) then the firm also needs to do R&D to keep ahead.

Intel thought that they had effectively killed AMD by having somewhat better products and using some dirty tricks (eg maths libraries that used fast code on Intel CPUs and slow code on all others).

Intel then cut back on R&D and spent the money that could have gone into R&D on shareholder dividends and executive pay. When AMD CPUs became competitive with Intel's then better than Intel's, Intel was left in the position of needing to do a lot of R&D to catch up - unfortunately for them however Intel had got rid of much of its R&D teams.

Expect Intel's net profits to continue to decline for several years unless they bite the bullet and invest a lot in R&D at the cost of immediate shareholder dividends.

Icon for Intel shareholders =========>

Biden seeks out Dutch support for blockade on Chinese chip industry

Duncan Macdonald

Bullies

The US wants to cripple every possible competitor so they can be the rulers of the world.

The best thing for the Dutch to do would be to remove their EUV export ban - tell the US that they are not the rulers of the world.

Wyoming's would-be ban on sale of electric vehicles veers off road

Duncan Macdonald

Far too little money

The NEVI program is supposed to give under $24 million to Wyoming for EV charging points over 5 years. Fast chargers (Level 3 - 480v DC - 1 hour to full charge for a car) cost around $40,000 per port so the budget would only pay for 600 ports (ie 600 vehicles being charged at once). Even though Wyoming has a low population it would need far more chargers than 600. Slower chargers (Level 2 - 240v AC - 32 miles range per hour of charge) are much cheaper at an average installed cost of $5,500 per port but each vehicle occupies a charging port for much longer (several hours for a full charge). Even only using Level 2 chargers the NEVI budget would only fund 4400 charging ports which is still insufficient for Wyoming (1 charging port per 130 people!!!) .

(Costs are for public charging ports according to Future Energy - https://futureenergy.com/how-much-do-ev-charging-stations-cost/ )

Page: