Feeds

* Posts by John Smith 19

9089 posts • joined 10 Jun 2009

US mobile firms cave on kill switch, agree to install anti-theft code

John Smith 19
Gold badge
Gimp

Oh how handy. Remote backup.

That will save some NSA bandwidth.

All the data in one place.

Feature creep anyone?

1
0

Lavabit loses contempt of court appeal over protecting Snowden, customers

John Smith 19
Gold badge
Unhappy

Another good day for an out of control government bureaucracy

Another bad day for a law abiding society that cares about privacy and proportionate surveillance.

11
0

Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google

John Smith 19
Gold badge
WTF?

Creepy

If you're wondering do I mean Eric or Steve for legal reasons I'll let you decide.

1
0

Akamai scoffs humble pie: Heartbleed defence crumbles, new SSL keys for customers

John Smith 19
Gold badge
Unhappy

The more I learn of OpenSSL the more I wonder about the the idea of

"Release a core set of functions, then role out more over time (or prioritize heavily used ones first)"

It seems if they had left the heartbeat message handling till later they might never have done it at all.

0
0

EFF: Feds plan to put 52 MILLION FACES into recognition database

John Smith 19
Gold badge
Meh

Hold up. I thought I read a story about the FBI *disbanding* it's face recogwork because..

It didn't work.

IIRC The programme had been running since about 1963 and never got > 50% accuracy.

So what's changed?

Either the FBI work was way behind the SoA or someone had convinced the FBI they can do better.

Much better.

0
0
John Smith 19
Gold badge
Unhappy

Re: The road to Dystopia

"Merkel will probably put the STASI and NSA recordings of her own phone conversations IN THE SAME SENTENCE!"

We can but hope.

1
0

Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run

John Smith 19
Gold badge

@squigbobble

"I'd rather have a hydrogen leak than some of the other propellants like hydrazine. At least it's effectively non-toxic (with a lower toxicity than oxygen) and disperses quickly, leak detection is probably a pain in the arse though."

True, although GHe is not actually a propellant.

"Are SpaceX using LHe to cool the LO2 tanks?"

No. Helium liquifies around 4K, 1/5 that of Hydrogen. Gaseous Helium is mostly used for tank pressurization (although O2 tanks can be pressurized by boiling some in a heat exchanger on the engine) and providing the driving force for activating valves.

0
0
John Smith 19
Gold badge
Unhappy

Re: Helium is *very* hard to seal systems against

"For me, that is the reason why hydrogen powered cars are perhaps a bit of a dead end. But maybe the problem can be solved somehow - we will see."

Actually the fact the compression or cooling of the H2 consumes maybe 3x the energy stored in the tank probably has more to do with it.

2
0
John Smith 19
Gold badge
Boffin

Helium is *very* hard to seal systems against

It's why it's used for leak testing systems.

High pressure puts the tightest seal under stress.

Helium x high pressure x complex system --> b**ger to seal.

6
0
John Smith 19
Gold badge
Trollface

Re: Say what?

"How the hell did they develop a helium leak in the first stage? More problems for this troubled program."

Do not feed.

4
0

Discovery time for 200m WONDER MATERIALS shaved from 4 MILLENNIA... to 4 years

John Smith 19
Gold badge
IT Angle

Looking at some of the diagrams it looks like

They make up graded alloy strips where one or more of the elements varies along the length.

The strip is then laid on top of what looks like a plate with holes in it. At this point I'd guess they put the whole lot in a furnace and connect it to a high pressure supply.

They then try to blow bubbles with the metal.

Biggest bubble seems to win.

BTW I suspect the problem with quantum chemical tests is 1 simulation will take hours and the effect is (I suspect) non linear, so extrapolation does not work.

0
0
John Smith 19
Gold badge
IT Angle

I'm used to abstracts actually *telling* me what the reports about.

The core problem is not that bad. for a 3 element alloy (94 elements)^3

But now multiply the percentages to give (94 * 100)^3

Is is a physical strategy?

Is it a clever hack on the quantum mechanical calculation algorithm?

Who knows.

And BTW yes I think you could find some Merkins who'd pay $1000/club.partly because a) they really want to play good golf and b) Because they can.

Of course if that discovery process was skewed to start with the cheaper elements.....

0
0

Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker

John Smith 19
Gold badge
Unhappy

Yes. I think Heatbleed will be the latest "guy who just left did it" excuse.

Even if it wasn't.

2
0
John Smith 19
Gold badge
Unhappy

Re: Mumsnet: "By parents for parents"

"My cow-orkers caught me while eye-bulging... I would rather be caught on 4chan, but I LOLLED!"

Oh no you wouldn't.

You really wouldn't.

1
1

Did a date calculation bug just cost hard-up Co-op Bank £110m?

John Smith 19
Gold badge
Unhappy

Data arithmetic is *tricky*

But the question has to be how long has this been going on?

This suggests a software upgrade gone titsup.

0
0

Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ

John Smith 19
Gold badge
Gimp

In the US his counterpart flat out lied to Congress with *no* comeback

So the bar for behaving like a right s**t is pretty high.

The chief spookocrat who was behind the Snoopers Charter had a degree in Theoretical Physics from Cambridge but I doubt this one will have even that level of technological awareness.

Process For Facial Recognition and store.

3
0

Spy-happy Condoleezza Rice joins Dropbox board as privacy adviser

John Smith 19
Gold badge
Unhappy

@Trevor_Pott

"For the record, just talked to the Sync.com folks. Yes, all client data is in Toronto. The main website proper is on Amazon, but once they have gotten some things sorted locally, that will be going into their refurbed Canadian datacenter too."

This might be the first (but I doubt the last) reaction to the admission the NSA spy on everyone.

I think the ultimate challenge for a secure cloud system would be to allow search/query/update of a database whose records are encrypted.

Sadly I have no idea of how to make that work.

0
0
John Smith 19
Gold badge
Unhappy

Re: Don't spread doublespeak from the ministry of love - it's torture, not waterboarding.

Technically it's "virtual drowning."

But if you want to see a nice example of the real thing I recommend the film "Battle of the V1"

Just because it's virtul doesn't mean it won't hurt like a motherf**ker.

1
0

Bored with trading oil and gold? Why not flog some CLOUD servers?

John Smith 19
Gold badge
Unhappy

Well cloud capacity *is* a commodity so some sort of commodity market seems possible

How well it works.....

Hmm.

1
0

OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts

John Smith 19
Gold badge
Unhappy

@Yes Me

"No. The world took a wrong turn many years ago (in the early 1980s) and ignored the known fact that languages without strong typing, rigorously enforced at compile time, are dangerous. In particular they're subject to array overrun bugs."

I wonder if any one remembers C.A.R. Hoare's Turing lecture on the subject.

Hoare worked for (IIRC) Ferranti on their Algol compiler in the 60's, which had proved popular back when assembler was still a popular mainframe programming choice and efficiency was a very big issue. Development had been such a PITA that they had included array bounds checking by default. Once they got a working compiler they asked their customers if they'd want it switched off by default to save the performance hit.

The customers said "no."

The customers had worked out that what they gained on run speed they lost on developer debugging time.

Of course processors are around a million times faster, as are main memories.

0
0
John Smith 19
Gold badge
Unhappy

Michael Wojcik

"You cannot assume the data from the peer is well-formed. Period."

Exactly

It seems 99% of the trouble seems to be with people incapable of understanding this simple idea.

0
0
John Smith 19
Gold badge
Thumb Up

Re: @Vic

"I wrote a lint tool for Z."

Hmm.

Respect.

0
0
John Smith 19
Gold badge
Happy

Re: @Gene Cash

""clever grep scripts." is static code analysis."

I think things have moved on a bit since then.

At least, I hope so.

0
0
John Smith 19
Gold badge
Unhappy

Re: @Gene Cash

"Never catastrophically failed sure, but *never* failed in any way that required a reset? "

Correct.

The team built both the OS and the "application" software. The system was 4 way redundant (unlike Ariane 5 with's master/slave system) and implemented cross checking of IO and synch pulses.

"Certainly at least one well known rocket crash was down to faulty software: http://en.wikipedia.org/wiki/Cluster_(spacecraft)"

Firstly the Ariane software was not built by IBM Federal Systems (who BTW were the role models for the CMU Capability Maturation Model Level 5 for how software should be developed) and secondly the failure was a failure of change control.. They reused the Ariane 4 software with a policy of leaving software modules in. The module that crashed the processors was not even a core module. A5 was designed to allow much greater movements at some parts of the flight. The software (that should have not been running at that point in the flight. A failure of requirements management) thought the rocket was going haywire and crashed the master processor. The slave processor then crashed in a cascade failure.

BTW Ariane 5's software was AFAIK written in Ada.

In fact I'd say the Ariane5 CLUSTERf**k (as I like to think of it) was more a management than a software development failure.

Which IBM FS were also pretty good at.

0
0
John Smith 19
Gold badge
Unhappy

Let's note a few things

Internet protocols are complex

They run at low levels, so VM's (and the languages that use them) are not a good idea.

They should have minimal impact on what the users doing (IE be "efficient" in terms of resources)

Having said that my instinct would be a) Write it as a state machine in one of the available tools b)Profile the code to determine where (if?) it's too slow/big and c) Hand tweak the code carefully. (re measuring to make sure my "fixes" didn't make it go slower instead).

I personally think that anyone who knows where their code is going to run slow is wrong, and IIRC all I've read about code tuning agrees. There are probable candidates but no more than that.

Without re-starting the "language wars" I think there are probably better languages out there than C/C++ but it's about critical mass. C/C++ has it. In an ideal world the development community would have had some kind of (global) competition and chosen the best system development language.

Yeah. But in this universe things work a little differently.

To recast the old line in development terms "I wouldn't start by learning C if I wanted to develop reliable secure internet software" Some say the compilers for the Bliss (BCPL Like) language produced the most optimized code ever, partly due to the fact that Bliss has no goto statement, but who programs in Bliss?

Changing languages is not an option, at least for this generation of software.

OTOH C/C++ does have security and warning features in most compilers if you use them and don't ignore them.

0
0
John Smith 19
Gold badge
Unhappy

@AlanS

"The fault is not checking that P is appropriate to B and could occur in any language; other languages with bounds checking have been suggested in other threads but you still need a constructor - if the implementer uses "byte data[P]" rather than "byte data[B-2-1]" you have the same bug. "

I was going to suggest an assertion but if padding is allowed then that won't work.

Pity.

0
0
John Smith 19
Gold badge
Unhappy

@Tom 7

"ADA! Was that the one they used to blow up that rocket?"

No that was what the fules who wrote the software used.

A fool with a tool is still a fool (and probably a bit of a tool).

2
0
John Smith 19
Gold badge
WTF?

@Vic

"> Well there are 25 other letters in the alphabet...choose one.

Not Z. Please, $deity, not Z."

Someone has built a Z compiler?

Impressive.

0
0
John Smith 19
Gold badge
Happy

@Lis 0r

"After Mistress has kicked the 10 shades of shit out of you and your miserable poor excuse for some source, she might deign to generate a binary from your code."

Stop complaining.

You know you love it.

4
0
John Smith 19
Gold badge
Unhappy

Re: @Gene Cash

"Static Code Analysis. The first time you run it on your code base, have spare undergarments to hand. It's not foolproof, but it is another tool that is inexpensive to slip into your build system and automate."

I think in the late 70's, when they started writing the Shuttle code it did not exist. It was all code reviews and clever grep scripts.

0
0
John Smith 19
Gold badge
Flame

If "noone" is resposible for code review guess what ...

No one does it.

FOSS only works properly if the users don't just sit back and stuff the latest release through compile.

I'm especially looking at network hardwar mfgs, you lazy, greedy bunch of ba**ards who built a business on someone elese work and di f**k all to contribute.

13
0
John Smith 19
Gold badge
Unhappy

@Gene Cash

"Also, outside of the Linux Kernel Mailing list, has anyone ever seen a code review actually catch a problem? I sure as hell haven't.

I take it you are unaware of how IBM Federal Systems wrote the code for th Shuttle.

Coder review was were the key to finding the bugs.

But what really lowered the bug rate was using that information to identify the pattern of that bug and pro actively look for other instances of that pattern and verifty they did not have the fault as well.

That's why the software never failed in 30 years of use.

12
0

SpaceX Falcon tests HOVERCRAFT tech – despite ISS outage

John Smith 19
Gold badge
Boffin

MDM is not a computer

The top level MDM's have IIRC on board 386'x (but they might have had an upgrade).

Otherwise Multiplexer/DeMultiplexers collect data or receive commands through a pair of network links and route them appropriately. I think they have some kind of internal filtering and caching functions but they don't actually have an on board processor.

0
1
John Smith 19
Gold badge
Unhappy

Re: ohoh

"Until the US pork machine got involved, the shuttle was intended to be air-launched from a manned mothership, in much the same way as Virgin Galactic are planning."

No. what screwed the STS design was the Office of Management & Budget's requirement that no yearly expenditure exceed $1Bn. IE not enough for 2 different stages.

That budget profile is completely unlike any real space (or indeed large infrastructure) investment programme.

With only enough money to develop 1 complete new stage and engine the design was one of only (possibly) 2 that could be afforded.

All the other designs went in the trash with that funding profile.

0
0

Canadian taxman says hundreds pierced by Heartbleed SSL skewer

John Smith 19
Gold badge
Meh

Hmm. 6 hour window.

That's impressive.

And only 900 records lifted.

I had an Uncle who owned a small dairy farm I helped out on sometimes.

I'm getting that "farmyard" smell

6
0

NASA to unsheath GIANT ASTEROID SPACE PROBE

John Smith 19
Gold badge
Thumb Up

First step in turning an asteroid into an RV for cruising round the solar system?

Where radiation is concerned you've got 2 options.

a) Haul hundreds of tonnes of shielding up the gravity well

b) Dig into a passing 'roid and enjoy a couple of metres of solid rock as you cruise around the solar system, with plenty of space to mount PV panels, stores etc.

(Cautious) thumbs up, but it's a long way to launch day.

1
0

Obama allows NSA to exploit 0-days: report

John Smith 19
Gold badge
Gimp

'a clear national security or law enforcement need'.”

Or indeed merely "want"

2
0

Brit boffins use TARDIS to re-route data flows through time and space

John Smith 19
Gold badge
Unhappy

Bound to be taken up with enthusiasm

It sounds great for ISP's and a pretty s**t deal for consumers.

I anticipate immediate adoption by the top 5 ISP's in the UK*

*Which still leaves about 450 that might do better in the local area.

2
1

US taxman blows Win XP deadline, must now spend millions on custom support

John Smith 19
Gold badge
Unhappy

By now I'd expect *all* line of business apps to be browser based and desktop OS neutral

Now the software that calculates John Q Publics tax bill is about as proprietary as it gets and I think the one thing that was guaranteed to change was the desktop.

OTOH modern browsers are powerful components that put quite a lot of functionality on the desktop in a way that's portable if properly designed.

Or will we be seeing this mess all over again in 5? 10? years.

2
0
John Smith 19
Gold badge
FAIL

Doing it was always going to be a stupendous feat of logistics, but

Planning for it IE scanning all the PCs for differnt patterns of installed apps, building standard images, identifying apps that demands IE 6/7/8/whatever (and re-desinging them so they don't) should have started years ago.

And remeber one small details.

The US Government had no money.

It takes (US readers only) your money to do this.

Care to guess who's paying MS for that extended XP support?

1
1

So you invent a wireless network using LEDs, what do you do next? Add solar panels. Boom

John Smith 19
Gold badge
Unhappy

The smart pricing label.

"eInk labels on the shelf-edge?"

Probably. But now that's taken care of you've got the hard parts.

a)Eliminate battery replacements (the stores don't want to do it, even it's every 5 years and no, you can't wire the shelves, it limits their freedom to change the layout)

b)Minimize the additional wiring to individual lamps (ideally 1 chunk of hardware doing all the lamps at once).

People have chased this idea "on and off" so to speak for decades and AFAIK no one has fielded a system that lasts.

I'll suggest a few pointers. a)You can't expect total commitment from day 1, so the system has to cope with transisitonal situations of trial and partial fitouts of shops. b)I'd suggest the protocol support a "delayed display" mode so all the labels are updated and a signal (or time stamp) switches them all simultaneously c)As more shops go 24 hours don't rely on a "down time" period for recharging, updateing etc.

It may seem a trivial application but to make it work (and work profitably) calls for very high grade multi disciplinary engineering skillls.

OTOH the market is (potetially) every large shop in the world.

0
0
John Smith 19
Gold badge
Unhappy

Oh, it's a *light bulb* comms channel.

This dates back at least as far as PARC's "ubiquitous computing" idea of "plaques" and tablets linked by an IR network in every room. Back then they were looking at IrDA data rates but one must move with the times.

The key benefit seems to be LED ceiling lights already exist as trasnmitters so no new holes in the ceiling (although you'll have to run the data cables to them and add the power modulating hardware).

Historically this has been tried with flourecents with "smart ballasts" and the killer app is believed to be the near real time up date of price labels on the edges of supermarket shelves (which is a real PITA for large supermarkets) if the price/complexity/reliability problem can be solved.

Which so far it has not. So no instant offers "for 1 hour only" moving along the aisles.

BTW didn't "Ionica" have a go at line of sight wireless broadband some years ago in the UK? I think they went titsup.

If this thing has a really unique benefit I can't see it.

1
0

ROBONAUT to find feet after Monday ISS supply mission

John Smith 19
Gold badge
Unhappy

Actually better roboitcs may be one of *the* key enablers for BEO exploration.

Now if they only kept up that focus on say on orbit cryogenic propellant management, they might actually start going somewhere.

0
0

Dropbox defends fantastically badly timed Condoleezza Rice appointment

John Smith 19
Gold badge
WTF?

Drop box (US based) --> US Laws --> THE PATRIOT Act --> Privacy f**ked

As for putting her on the board? WTF?

Drop box may have an idea and people may (I've never used it) like the interface.

But Trust them? Are you nuts?

2
0

Adrian Mole author Sue Townsend dies at 68

John Smith 19
Gold badge
Unhappy

Wow, dead at 68

Which today is pretty young.

0
0

Reprieve for Weev: Court disowns AT&T hacker's conviction

John Smith 19
Gold badge
Thumb Up

Real crime.

Making large corprations security look rubbish.

Which it was.

(Cautious) Thumbs up for this

12
1

US government green-lights data swapping for security firms

John Smith 19
Gold badge
Unhappy

Did they ever?

When there's money to be made running an oligopoly little things like laws rarely seem to get in the way.

3
0

Astronomers spot hint of first EXOMOON, possibly

John Smith 19
Gold badge
Thumb Up

Staggering.

Look at the pace this technology has advanced.

From "maybe we might find an exo planet or two" to "we think it's an exo moon."

2
0

Scandal-hit Co-op Bank's CIO hits eject button after one year

John Smith 19
Gold badge
IT Angle

@Stuart 22

"But it is an awful shame they have screwed up so badly and the management lacks the guts to sort themselves out. As ever its the employees and members who will suffer most. That's why i'm keeping my money in the Bank at the moment. The staff have been great, they don't deserve this."

I think the business of the mass sacking of the Co-op's insurance sales arm, when it turned out they were taking advantage of a software bug known to senior management for years.

0
0
John Smith 19
Gold badge
Unhappy

Um, Co-op Bank now 70% owned by US Hedge Funds and VC investors.

IOW "Co-Operative" in name only now.

Yout might also note their CEO turned out to be a Ketamine popping (among other things) Methodist minister with a liking for hookers of both sexes.

Unfortunatley he also turned out to know f**k all about banking (but people thought he was a nice guy).

When you take the "Co-operative" out of "Co-operative Bank" you're not left with much.

2
1