* Posts by Richard 12

2188 posts • joined 16 Jun 2009

Legion of demons found in ancient auto medical supply dispensing cabinets

Richard 12
Silver badge

That's not the reason

The reason is that the product pre-release life cycle is incredibly long.

Medical products go through a very lengthy period of pre-release certification, and so it can easily be five years after development began before it even ships.

So even if you start at the bleeding edge, it's way behind by the time it first ships.

0
0
Richard 12
Silver badge

Re: Wonderful options available...

Or use the Embedded version in your embedded systems, as that is supported for far longer.

Windows XP Embedded is still supported.

That said, I have seen a lot of embedded systems using the desktop version...

5
0

Apple's fruitless rootless security broken by code that fits in a tweet

Richard 12
Silver badge

Re: No magic bullet

you may have a system where root needs to administer the actual computer, but you wouldn't want the root user to have full control over the system; for example you may have sensative information on there, which the systems administrator may not be authorised to read.

Permissions cannot solve that, ever.

If a user has full control over the computer, then that user can always look at the content of any file they want - worst case, they can go look at the raw bytes on the disk.

The only way to secure data against unauthorised access is to encrypt it and keep the decryption key secret - and not on the computer.

That has no bearing on what "root" or "admin" privileges mean.

1
1

That one phone the FBI wanted unlocked? Here are 63 more, says ACLU

Richard 12
Silver badge

Perjury is a crime

When does the FBI legal team face prosecution?

34
0

Bash on Windows. Repeat, Microsoft demos Bash on Windows

Richard 12
Silver badge

Re: It will have the same limitations

Windows doesn't need very much to be POSIX compliant, so they may well have added the missing bits.

- Sufficient to run, albeit not necessarily with decent performance.

3
0

Microsoft introduces yet another Skype for Windows 10

Richard 12
Silver badge

They have to be quick

Or either WhatsApp or Snapchat is going to eat their lunch.

My wife no longer uses Skype to talk to her parents as it became "too hard" for them to use it, so they have moved on.

0
0
Richard 12
Silver badge

Re: With all the random changes of direction at Redmond-

That's just a rebranded version of Lync as far as I can tell.

It's even bug-compatible.

0
0

Let’s re-invent small phones! Small screens! And rubber buttons!

Richard 12
Silver badge

Very odd choice

The four places that are really easy to hit with a mouse are the screen corners as they're infinitely deep, so let's put the "lose everything" button in one of them.

- and the "Start" button inexplicably a couple of pixels away from the corner in one Windows OS, I forget which. Snatched crushing defeat from the very jaws of victory.

The more recent removal of title bars is actually a pretty decent idea as it makes the toolbar buttons infinitely tall.

W8/10 further complicated it as the corners are quite hard to hit on a touchscreen.

2
0

Wait! Where did you get that USB? Super-stealthy trojan only drives stick

Richard 12
Silver badge

It can clearly only be a directly targeted attack

As presumably the Trojan is inside something the user expected to find on the stick - otherwise they would not run it.

Perhaps part of a "System Restore" function for the particular air-gapped system that's either being repaired or being wiped for sale?

0
0

Comms 'redlining' in Brussels as explosions kill up to 30 people

Richard 12
Silver badge

More importantly, such checks create a target

The queue for the security check.

Which will now contain many more people than the queue for the actual tube, train or bus ever had, crammed into a smaller space.

In other words, that kind of thing increases the danger.

2
0

Apple Macs, iPhones, iPads, Watches, TVs can be hijacked by evil Wi-Fi, PDFs – update now

Richard 12
Silver badge

Re: NIght Shift

The theory behind the 'night shift' is sound and has been tested quite extensively.

"Warmer" colours are soothing (fire, candlelight, sunset), while bluer colours like the D50 and higher colour temp used in LED backlights cause a waking response, resetting the body clock.

Mamy people suffering SAD are helped by a bright high colour temp light during the day to keep their body clock in sync during the dark winter months.

There have been Android apps to do this for years.

It's odd that Apple are so far behind though, this is the kind of thing I would have expected them to jump at it years ago.

10
0

Astronaut trio blast off to space station with ... er, rearview mirror toy?

Richard 12
Silver badge

They've always done this

It's the approximate spacetime curvature indicator.

It's both more obvious and less likely to give erroneous readings than the other more precise units in the instrument panel.

6
0

Apple engineers rebel, refuse to work on iOS amid FBI iPhone battle

Richard 12
Silver badge

Re: I smell fish

Apple know how their phone backup system works, and clearly the FBI do not.

Changing the password was an obviously stupid thing to do - when I change my backup password, my phone suddenly can't make backups! Shocking, I know.

The remote wipe is a command sent from an Apple server, and is thus quite easy for Apple to block.

I'm sure that Apple have done so several times after receiving a lawful court order.

Apple have also already handed the FBI the content of this person's iCloud backup.

The case really looks like it's either the FBI trying to cover up their incompetence and then ending up in really hot constituiinal water by mistake, or a deliberate attempt to subvert the rule of law.

Personally I think it's both.

8
0
Richard 12
Silver badge

Re: It's likely I'm missing something.

You have several embedded computers with built-in keys that cannot be easily circumvented with physical access in your wallet.

The chip in a chip'n'pin does this.

The hardware is specialist but also very cheap.

9
0

'Just give me any old date and I'll make it work' ... said the VB script to the coder

Richard 12
Silver badge

Char isn't 8 bits

The C and C++ standards don't require it to be, and so you cannot assume that all compilers will actually do that.

Char also isn't signed or unsigned. The compiler can choose!

MAX_CHAR and CHAR_BIT exist because the compiler can make char (and int and long) as big as it likes. As does CHAR_BIT.

C89 was a mess. If you actually need the size to be right then you needed compiler checks to confirm the size of char etc.

At least C99 fixed that nonsense by adding int8_t and friends.

Shame that VS2008 didn't support them!

0
0

Clear November in your diary: SpaceX teases first Falcon Heavy liftoff

Richard 12
Silver badge

Re: still rockets

We'll need good rockets and lots of in-space manufacture and assembly experience to build an elevator.

Even if we actually could manufacture the appropriate material, it'll take a lot of launches to get the factory on-orbit.

1
0
Richard 12
Silver badge

Re: Potential

Doesn't count unless it's real.

Energia only flew twice - and succeeded once!

SLS has never flown.

Saturn V went rather well but cost way too much to attempt again.

6
1

Feds tell court: Apple 'deliberately raised technological barriers' to thwart iPhone warrant

Richard 12
Silver badge

Re: Single case Today --- ?? tomorrow...

No, there have already been two cases in court.

The other was refused by the judge.

Perjury is a crime. Time to prosecute the DoJ.

11
0

Dead Steve Jobs is still a crook – and Apple must cough up $450m for over-pricing ebooks

Richard 12
Silver badge

Nah, it's offset against tax

The guns and stockings are legitimate business expenses

As is the fine... Hang on, are businesses really allowed to count fines as reducing profit for tax purposes?

0
0

Software dev 101: 'The best time to understand how your system works is when it is dying'

Richard 12
Silver badge

Re: Is it just me ..

I would have more confidence.

It means they're actually testing the limits, not just spouting off a marketing specification.

10
0

McAfee gaffe a quick AV kill for enterprising staff

Richard 12
Silver badge

Only locally

Which doesn't help much.

0
0

Blah Blah blah ... I don't care! To hell with your tech marketing bull

Richard 12
Silver badge

Re: 2 solutions to your gripes.

Most "create installers" tools are pretty awful, and a lot do the wrong thing by default.

It doesn't help that most of the documentation is obtuse, and some is wrong.

That's before running into "virus scanner decided part X was a virus and silently removed it" problems.

Software installation is insane. Why is it still so hard?

1
0

Apple: FBI request threatens kids, electricity grid, liberty

Richard 12
Silver badge

Re: "it be used only on government or Apple premises"

"it be used only on government..."

Exactly. We already know how good they are at keeping electronic data secret.

We also know that given the chance, they'd use Apple's keys to backdoor every iPhone in the USA.

12
1
Richard 12
Silver badge

Re: Using a Phone to Control the World Is Mad

People's email is on their phone.

Including internal corporate "email" that normally only resides in corporate servers and has never been transmitted unencrypted.

Including information about private systems, that may include passwords.

Including access to password reset facilities.

That's before you consider the social engineering promise of being able to call someone from the CEO's actual phone.

And the general phishing opportunities if you have the entire contents of their phone.

14
1

AMD to fix slippery hypervisor-busting bug in its CPU microcode

Richard 12
Silver badge

Re: The really incredible thing is...

It's lucky that it was in a VM.

A guest taking down the host is a big and clear WTF!? as it's supposed to be impossible.

In an organisation that knows what it's doing, that's an immediate "We need to know why" - it's a serious bug!

4
0

How the FBI will lose its iPhone fight, thanks to 'West Coast Law'

Richard 12
Silver badge

@Bazza

And the other hundred or so requests currently pending?

And the millions of requests this would unleash?

And the fact that every other country in the world would immediately demand the same ability?

This isn't a slippery slope. It's an actual cliff that the FBI are currently pushing us over.

18
1
Richard 12
Silver badge

Re: Brain Encryption

Further to that, whether the US Government can force a software writer to write something that they fundamentally disagree with.

That's the nub of the free speech argument. Is the US Government permitted to force a legal person to say what the US Government wants?

3
0

Ad-blockers are a Mafia-style 'protection racket' – UK's Minister of Fun

Richard 12
Silver badge

You have confused cause and effect

The only - and I mean only - reason why people install an adblocker is because they are annoyed by adverts.

By making advertising more annoying, more people are annoyed by them and install an adblocker.

The only way this spiral can be broken is to make adverts less annoying.

If you believe otherwise then you understand very little about human behaviour.

5
0

More and more Brits are using ad-blockers, says survey

Richard 12
Silver badge

Re: Like it or not...

The advertising industry deliberately chose to ignore the wishes of the majority.

I am happy to let my browser download adverts that do not move, do not cause content to move, do not flash, do not make any noise, do not attmept to download anything else whatsoever and do not cover any content.

Basically, I'm happy to accept static images and/or static text. Just like Google used to serve when it first launched.

I only got an adblocker when adverts started moving around and making noise.

Almost everyone who has an adblocker decided to get one because of an advert that they found untenable - and most will never, ever disable that blocker.

0
0

We survived a five-hour butt-numbing Congress hearing on FBI-Apple ... so you don't have to

Richard 12
Silver badge

Re: Yes, you CAN remove the "non-volatile memory".

A brute force attack on this type of encryption would take many trillions of trillions times longer than the age of the universe.

https://m.reddit.com/r/theydidthemath/comments/1x50xl/time_and_energy_required_to_bruteforce_a_aes256/

If you don't believe me, do the maths yourself.

2 raised to the power of 255 (half the keyspace) is a very, very big number.

10
0
Richard 12
Silver badge

Re: Trey

They are asking for universal access.

To use a daft analogy that Congresscritters might understand:

Apple have built a pretty secure safe. It's almost impossible to break open that safe without destroying the contents.

The FBI want Apple to make a special lockpick they can use to open one of these safes.

However, that lockpick must, by definition, also open all safes of that type and once built it is trivial to copy.

Furthermore, the FBI have acted dishonestly throughout.

They claimed that the lockpick and the legal force used to create it would only be used for this one case.

Both of these are simple lies. It appears they now accept the latter.

They also did not allow Apple to present arguments to the judge when they asked for the order against Apple.

Put simply, this is a huge overreach by law enforcement.

20
0

NASA funds new supersonic airliner research

Richard 12
Silver badge

Re: Supersonic flight

Concorde did make money, but simply didn't have enough routes.

It was limited to EU to New York because of the boom.

If it could have been used for more routes then it'd probably still be flying.

The cost means that I'd probably never have flown on it, but there are plenty of people who would.

14
0

Investigatory Powers Bill to be rushed into Parliament on Tuesday

Richard 12
Silver badge

Re: Media really operating on 1 cylinder

Snoopers charter isn't a Tory policy.

It's a Home Office policy.

Most of the content of this Bill has been put forward in every recent Parliament with only minor changes - Labour, ConDem Coalition and Conservative.

One wonders why that particular set of civil servants are so keen on these mass surveillance powers.

What is it that they have to hide?

5
0

Microsoft scraps Android Windows 10 bridge, but says yes to Objective-C compiler

Richard 12
Silver badge

Re: Contemporary Microsoft Thinking

If true then they burned the wrong bridge.

The "run apk in simulator" approach could have worked - and can't have been that difficult given that Android simulators already exist for development use. Even ones that handle graphics acceleration.

An Objective-C compiler might be more fun to write, but it will be much harder and more difficult to use. A project is more than just a compiler...

0
1
Richard 12
Silver badge

They really have missed the point

If the app has to be rebuilt, then nobody will bother.

This would only ever have been used if the developer didn't need to do anything more than submit it to an app store.

If a developer wants to develop in a cross-platform manner that requires work on all platforms, then they will use a cross-platform toolkit.

They won't develop in an outdated language and then burn a few weeks trying to port it.

3
1

My devil-possessed smartphone tried to emasculate me

Richard 12
Silver badge

I turned it off within two days

Shortly after I realised that I hadn't received any calls at all since T-Mobile had enabled it.

1
0

'I bet Russian hackers weren't expecting their target to suck so epically hard as this'

Richard 12
Silver badge

Re: Dude: this is just wrong

Iterators are slightly slower and usually harder to read.

The former usually doesn't matter, the latter always does.

Readability trumps most things. Be nice to You-from-the-future.

They probably think you're an idiot, but hopefully you can make sure they don't think you're malicious.

1
0

FBI v Apple spat latest: Bill Gates is really upset that you all thought he was on the Feds' side

Richard 12
Silver badge

Re: I don't quite get it...

Incorrect.

They are being asked to create a toolkit that can be used to unlock all iPhones of that model, on demand.

Consider the following question:

How could Apple test that this software works?

Can't test it on the target device without risking wiping it by mistake.

So the software can be applied to any and all iPhones. By definition.

On top of that, we already know of over one hundred other petitions for this.

So no, you are simply completely wrong in broad and in detail.

1
0
Richard 12
Silver badge

They are asking for a vulnerability to be created

Right now no back door vulnerability exists. The FBI want Apple to make one.

There are two major problems with this, one technical and the other legal.

1) Once a back door vulnerability has been created, it will become a target for malicious actors to steal and other Governments to demand access to (making it easier to steal). Eventually they will succeed, and then all iPhones of that hardware are pwned.

2) If a US technology company can be coerced into created a back door vulnerability in one product, all US companies can be coerced into making a back door vulnerability in all their products.

Which then exposes all US products to (1)

Thus if the FBI get what they want, nobody can ever trust any US product ever again.

3
0

Triple-murderer prisoner keeps mobile phone in his butt for a week

Richard 12
Silver badge

Re: "why don't prisons just jam mobile phone signals?"

Because it affects those outside, and probably won't even work.

Jamming is done by transmitting a "wrong" signal that's strong enough to make it impossible to detect legitimate signals.

It is physically impossible to limit the jamming to within prison walls due to actual Physics.

So there will be large areas outside the prison where phone signals are jammed.

On top of that, reliably jamming throughout a complex shaped space with lots of metal and other RF reflectors/absorbers is basically impossible.

There will be "live spots" in the prison where the jamming doesn't work but external signal does.

Most probable places for these is inside some of the the cells...

You can ask the mobile phone companies not to cover the prison. This is more effective but also means that there won't be any mobile signal within a few miles of the prison either.

1
0

Dan Kaminsky is an expert on DNS security – and he's saying: Patch right God damn now

Richard 12
Silver badge

Re: Buffer overflows in 2016 are an embarrassment

They can't.

The OS can do something - and does with ASLR and killing a process that tries to access memory the OS doesn't think it should.

The next line is the standard C/C++ runtime libraries, such as glibc, msvcrt etc.

These do the allocation and bounds checking.

If there is a bug in OS or standard libraries, then any application can have trouble.

That's before considering bugs in actual applications.

Memory management is a very hard problem in general.

Recently I've been banging my head against a memory management bug in a commercial hardware driver - which glibc detected.

I can't fix it because it's closed source.

28
1

How to build a plane that never needs to land

Richard 12
Silver badge

Re: 5kg is a lot of payload

Lenses are still heavy - and are unlikely to get much lighter due to the physics of optics.

A camera sensor with a tiny lens is useless at that distance. Even assuming fixed focus it needs a really wide aperture to be any use - and a telephoto lens adds a lot more glass.

2
0

iPhones clock-blocked and crocked by setting date to Jan 1, 1970

Richard 12
Silver badge

Re: If the Phone Network time ...

It's not NTP.

Not sure what it is, but it also includes timezone data.

Been on one ship that had a set of not-yet-properly configured femto-cells, and it confused the heck out of my phone.

It could get five hours ahead simply by walking through the ship!

3
0
Richard 12
Silver badge

I'm reasonably sure they don't

There are a lot of bugs in "big software" that automatic regression testing should have found.

It also seems to be quite difficult to get good testers in general - it seems like many just want to follow The Procedure and do nothing else.

Which rather crushes the enthusiasm of the ones who don't.

2
0

Boffins freeze brains, then thaw them – and they're in perfect order

Richard 12
Silver badge

Washed out over several hours

So they're definitely totally dead before starting to freeze them.

Pickled even.

This is not the cryonics you're looking for.

12
0

US Congress locks and loads three anti-encryption bullets

Richard 12
Silver badge

If any Eve can decrypt

Everyone can decrypt.

It doesn't matter who the first Eve is, very soon it is all.

I have a great idea. We give the keys to a member of Congress.

They will soon be kidnapped, tortured and murdered, by a miscreant who really wants those keys.

Then we change the keys and give them to another member of Congress.

We keep doing this until we run out of politicians who want to hold the keys, then we canforget the whole idea and go back to living in the real world, where only Alice and Bob have keys.

The problem solves itself. It's quite elegant.

31
0

Don't touch that PDF or webpage until your Windows PC is patched

Richard 12
Silver badge

Re: As if we still needed reasons...

show me a drop-in replacement for Excel capable of operating any given complex, macro laden spreadsheet in full, without deviating from the behaviour of the version of Excel in which it was created

Excel doesn't do that either, new versions just quietly changes your results when you open the sheet.

Because it's stored in an opaque binary format, you can't even spot it until it mysteriously costs you.

If you want full, unchanged results you can't ever change Excel version. Ever.

18
1

Security? We haven't heard of it, says hacker magnet VTech

Richard 12
Silver badge

Re: Uh ?

Not even that.

They have now publicly stated that they do not intend to comply with the Criminal Law.

Dear ICO, please "educate" them.

When you're done, EU Information Commission, please also "educate" them.

5
0

Scary RAM-gobbling bug in SQL Server 2014 exposed by Visual Studio online outage

Richard 12
Silver badge

How do you mess that one up?

The query explicitly states that it will return one row at most!

How does a memory optimisation ignore the explicit limits set in a query?

7
1

EU could force countries to allocate 700 MHz band to mobile by mid-2020

Richard 12
Silver badge

Screwing over PMSE yet again

How about we withdraw that from the EU Parliament for the next week?

See how they cope with no radio mics and no simultaneous translation services.

1
0

Forums