* Posts by -tim

372 posts • joined 10 Jul 2009

Page:

Buy a Tesla for the good of Australia, say country's dino-burners

-tim

The duck graph is already starting to bite in Victoria as the 4 pm drop off of solar is currently offset by old coal plants that have to start heating up well before noon.

Another small issue with abandoning coal in Victoria comes down to who will protect the brown coal from wild fires if it isn't the power generators? Eastern Victoria has some places that are a wild fire away from a century of underground unstoppable coal fires.

0
1

Your security is just dandy, Apple Pay, but here comes Android

-tim

If it quacks like a duck...

These nice 16 digit tokens that everyone is jumping to as a way to bypass some PCI-DSS issues leave out one small problem. If it looks like a card number, from the PCI-DSS point of view, it is a card number.

It is amazing that we are still not using strong public/private key encryption to move data around the credit card networks.

0
0

Regulator okays Optus exit from HFC network

-tim

Re: What's going to happen?

Magani,

Your ISP's wholesale cost per megabit will go up quite a bit. The nbn might have to split some of the Optus segments which should speed up the network where local congestion is an issue. I wonder how they are are going to provided a wholesale network to existing Optus customers which are all currently on a network that has no ability to function as a wholesale network and can barely cope as a network allowing service resale.

0
0

US State of Georgia sues 'terrorist' for publishing its own laws ... on the internet

-tim

I wish the state the best of luck

I hope they manage to get this all the way to the US Supreme Court where it will be shot down for the next few decades. Some states that formed the US had already determined that concept of Crown Copyright was a bad idea by the early 1700s and had refused to pass any laws allowing it.

7
0

Bureau of Meteorology picks Cray-zy fast 1.6 petaflop supercomputer

-tim
Thumb Down

Will it run solitaire?

Do they need a better computer?

The BOM forecast aren't even close to the accuracy of about 20 other groups who do better every time?

The same BOM that clears the radar data every 6 minutes to restart the next pass at 6 levels rather than keeping the last N-1 levels and averaging it for continuous one minute updates?

This is the same BOM that can't arrange to continue the oldest weather station in Melbourne that is essential for the long term science of research of global recording temps for climate change because of a rent dispute involving groups who both want good science?

I haven't seen anything they can do that Win 3.1 machine can't cope with.

0
0

Pan Am Games: Link to our website without permission and we'll sue

-tim
Coat

Re: "...mockery..."

A good degree of mockery?

That wasn't even dodgy cert holding help desk level mockery. I would expect at least PFY level mockery from any Reg reporter.

2
0

BB10 AND Android? How BlackBerry can have its cake and eat it

-tim

I've just switched to blackberry

After years of playing with different smart phones and always going back to my old S40 Nokia I ended up with a BB Q10 and they do most things right. I used the phone for a week without ever signing up for an account with them and the hardware is happy to talk to my servers and my cloud. The only issues were that it had some trouble importing a few bizarre contacts, its IPv6 doesn't work with my home wifi router, and it can't use just DAV for its calendars and needs CalDAV. It did take some tweaking to the notifications since its default mode is "sleep mode is off mode" which is isn't the best someone on call 24x7. Its permissions for apps is much better too as you don't need to hack the thing to tell it "this app doesn't get that permission". The sand boxing seems to work very well too for both BB and Android apps. I like the real keyboard on a device that was just about as large as I'm willing to carry around.

5
0

Awoogah: Get ready to patch 'severe' bug in OpenSSL this Thursday

-tim

It looks like if you built something aginst the 1.0.1o or 1.0.1n and used the other shared library, someone might be able to do very bad things to your server. Until patch thur comes around, it might be wise to check that the version that is being linked aginst is the version that the programs were built aginst.

0
0

Wind River VxWorks patches some TCP sequence spoofing bugs

-tim

So my $20,000 NBX phone system still has this bug even if I reported it to the owning company at the time? And it still hasn't been fixed?

1
0

Triple glitch grounds ALL aircraft in New Zealand

-tim
Black Helicopters

Didn't the OOD books tell us about this?

Oh wait, the OOD books were about how we could model an aircraft and assume a helicopter was close using inheritance and not about the real world at all.

In the olden days, the flight controllers would write the data on a card and pass it from station to station based on where it was or their best guess if it lost communication. If all else failed, they could grab a pen and make a copy if the plane could be in more than one area.

Modern air traffic control assumes controllers know where everything is all the time. Old air traffic control assumed that the controllers had a good idea but when when things went wrong, all the pilots would continue to a plan and there were ways out when those plans didn't work out even if there was no communication. Oddly enough, one has had far fewer issues than the other with no gains in traffic between the two systems.

0
0

Oracle confirms David Donatelli hired to head hardware unit

-tim

History?

Sun grew because they sold a bunch of systems into computer science departments right before the dot.com bubble and the people who used those knew them as the fastest and best computers they had ever used so when a CEO asked, they recommended Sun. These days that isn't ture so the next generation of specifiers aren't going down that path.

0
0

The insidious danger of the lone wolf control freak sysadmin

-tim

Re: Internal wikis - do they ever live up to expectations?

Internal Wikis can work but only if you have a real librarian to manage it.

1
0

Disk is dead, screeches Violin – and here's how it might happen

-tim

Re: This will kill X blah blah blah!

I can't pop open an hard drive and read the bit stream using a jtag probe. I can with an SSD.

It isn't the controllers that fail, its the database the controller keeps about how it mapped the blocks that fails assuming the controller hasn't decided to EOL the drive. If a file system uses lots of extra data to checksum that, the blocks can be recovered and reassembled. There are off the shelf programs that can recover amazing amounts of data from scrambled blocks of even common file systems so I expect that it is easier to recover some data from a broken SSD than a broken spinning disk.

0
0

Don't panic. Stupid smart meters are still 50 YEARS away

-tim

Re: WHY. in other countries, are utilities ...

North American utilities have been using common form factor meters for years and those meters don't require any wiring changes to swap out.

When this was tried in Australia, there were several homes that had fires soon after someone touched the wiring since the old insulation broke off after being touched for the 1st time in decades. There is also the problem that many old meters had worn out and the new meters provided a huge shocking bill the 1st time they were read.

I don't understand why they don't start putting the smart meters on the poles where the customers can't tamper with them and the can communicate to the world with ease.

0
0

Les unsporting gits! French spies BUGGED Concorde passengers

-tim
Black Helicopters

Industrial espionage goes way back.

Espionage isn't just spying, but actively trying to adjust the outcome to help your side.

One of the first published cases of espionage was when buyers were sent to Portugal to drive up the prices of cannon balls by out bidding the Spanish even if they bidders never bought anything. The result was the Spanish ended up buying inferior product at an inflated price. There was a book published in the 80s or 90s with "C" on its cover that described the details but I can't remember the full name of the book or its author.

0
0

Mainframe staffing dilemma bedevils CIO dependents

-tim
Mushroom

It can't be useless, the power bill proves it

The only thing worse then special mailframe software to keep the big iron in place is special hardware. I used an IBM 3081 with custom hardware add ons. At the weekly status report meetings, the head sysadm used to report the uptime ($today - $install date) in some random time unit (like miliseconds, deca centuries, centi synodic months) which would be recorded and plotted by the manager who never questiioned or recored the units. The sysadm calimed it made the uptime graphs more interesting. Somehow I expect the old array of boxes are still converting power to heat and producing no useful results just like it was doing in the early 80s.

1
2

NBN build contracts rejigged, without Telstra

-tim
Coat

Who does the real work?

It cost about $85,000 to set up a van with the tools need to install and cerify fibre but the only people allowed to operate that equipment have to pass a long certifed test that mixes in a few industries for good measure. The current data cabling requirements include sections so installers don't drill into power in walls but that is just for the datacabling certificates. Electricians installing power points can't touch data cables without an extra cert and data only cablers can't touch the power at all. Working in the pits have other sets of requiements and dealing with pole mounted cable is even more. To get the good subcontract gigs requires several years of training and apprenticeship, the very expensive white van and a ROI that would worry a bank manager that holds a mortgage on a nearly paid off house.

0
1

Facebook farewells flaky SHA-1

-tim
Black Helicopters

Win/win? for who?

I can buy a $80 usb device that does 90 billion sha2 hashes a second from a bit coin vender selling me the slow stuff. What is weak and what is stong is still up in the air. The descracker built by EFF did 90 billion keys a second and cost 1/4 million.

0
0

Turnbull's Digital Transformers discover log files contain more than meets the eye

-tim
Black Helicopters

Prviacy act?

Sending what pages I visit to google is a violation of privacy act stuff. The government shouldn't be using outsourced web analytics packages that are covered under laws of a different country.

The PTV in Victoria already seems to see the need to send my planned journey details (including street addresses) to a company in Germany just so they can tell if my browswer is out of date.

0
0

Patch-crazy Aust Govt fought off EVERY hacker since 2013

-tim
Coat

Is that just electronic attacks?

Do the stats include people just walking off with servers?

1
0

Airplane HACK PANIC! Hold on, it's surely a STORM in a TEACUP

-tim
Black Helicopters

Say it isn't so!

Rockwell Collins says their new moving map needs to be connected to the ARINC bus for some features:

http://www.rockwellcollins.com/~/media/Files/Unsecure/Marketing%20Bulletins%20Rev1/BRS/MBAirshow%204000%20BRS110087.aspx

Virtual pilot's eye view using the aircraft's flight and navigation information. Requires pitch and roll labels to be available on ARINC busses.

0
0

Kiwi company posts job ad for Windows support scammers

-tim
Facepalm

Do they have a qualified candidate already?

I figured they turned one of their many received CVs into a job advert.

0
0

Take cover! Out-of-control Russian spaceship to smash into Earth within hours

-tim
Flame

It fell out of the sky.

https://blogs.nasa.gov/spacestation/2015/05/07/progress-59-update/

1
0

Mozilla to whack HTTP sites with feature-ban stick

-tim
Black Helicopters

Re: why, why, why... what is the point?

Why is simple, it allows the cert issuers to snoop on metadata. While there are ways to do certificate revocation that don't ask the CA everytime you talk to your bank, they aren't well supported. That meta data links your computer to the remote site and typically provides enough data to figure out what pages you went to with absolute certainty just by using the the netflow data (which your ISP is already collecting) combined with the CA's data. Oddly enough you can't do that with http without looking inside the packets. There is no plausible deniability with https as there are records it came from your computer, not your network.

Remember that all major CAs were founded by spooks. Some of them are much better at their jobs than most of the "security experts" on the net.

0
2

PayPal adopts ARM servers, gets mightily dense

-tim

Harder remote exploit vector?

The ARM is much harder to play games with when trying remote exploits as it tends to take many more complex steps than x386 code to acchieve the same hacker goals but they are steps that can be done.

I'll be happy with ARM CPUs for my server loads but I have concerns about how its many instruction sets can be used together to do return based programming when hacked. It would be much happier if I could mark a page a "instruction set type X only" to help prevent any random bit of data being used for remote exploits or even disable some of them on boot so they can never happen.

0
7

Debian ships new 'Jessie' release with systemd AND sysvinit

-tim
Facepalm

Re: systemd a copy of Solaris SMF

AIX was the 1st to try this and it failed. Solaris tried this is failed. Is there a trend?

SMF is a major reason why so many people dumped Solaris 10 (and failed to abandon Sol 9).

However, you only need a tiny little svc.startd program to grab a contract and sleep to the end of days and the old init system is still all there (even in 11.2). Even better, in 11.2 they rewrote all the SMF scripts using a new tool which means a bit of perl script should be able to turn them back in to proper init.d scripts. A modern 11.2 system can be stripped to less than 40 processes outside of what it is supposed to be doing. With 50 processes, it can be both a parent LDOM and root zone too. I've played with system where instead of isntalling pkg://minimal-server, i used just pkg://package.pkg and it is about the smallest sol 11.2 install that I think is easy to make.

1
0

Google: Go ahead, XP stalwarts, keep on using Chrome safely all YEAR

-tim

unsupported?

Tell me more about this "officially discontinued support for XP on April 8, 2014." because it seems to be that they are still supporting it, they just aren't doing it for free anymore. There are plenty of compaines that looked at the $200/year/machine support fee and signed up.

3
0

Daddy Dyson keeps it in the family and hoovers up son’s energy biz

-tim
Coat

Who is keeping score?

He gets points for making prototypes out of cardboard. The fact that his core tech is based on the same concept as a 1956 Filter Queen tech costs points. Since the old school metal one moves far more air at nearly the same pressure, the new plastic stuff isn't such a winer. Dyson also loses points for failing to certify any of their modern hepa filters. Is an H14 or U15 that hard to put in the marketing materials assuming the modern ones can even get close?

/mines the one with the vacuum gauge in the pocket

//and the dust in the other

0
0

Comcast: Google, we'll see your 1Gbps fiber and DOUBLE IT

-tim

2 gig is far behind the curve.

Google's stuff in Kanas City is lots of different technologies since it is an R&D project. All of them can do faster than 1Gig up/1Gig down. A friend plugged his google fiber link (which was supposed to go into his google device) into a 10g ethernet switch and it was getting proper packets. From what I can tell, they are running up to 10 x 100 gig links to each node and then that node is doing 1 gig ether or 10 gig ether or xPON or whatever as last mile. The basic fiberhood had 2 parallel 100 gig connections to 4 nearest and maybe 2 additional long haul connections far away. That is just a guess based on what I've seen in of their gear and packet traces.

1
0

Smart meters are a ‘costly mistake’ that'll add BILLIONS to bills

-tim
Flame

More Smart meter fail?

The 1st smart meters were the ones where they started transmitting so the guy at the meter spent about 10 seconds less at each meter and then someone spent a far longer time with batteries every few years.

The next take was the custom frequency/sms/whatever meters hacked into normal digital meters which is fine for areas with new rollout where there is decent network coverage but not so good in other places.

The local guys decided to roll out an IPv6 Wimax network for their meters which mostly weren't upgraded. Of course people figured out you could torrent over that network with a card removed from someone else's meter. With billions of IP address IPv6 didn't need security because the address space can't be scanned except that we know all 8 bytes of the /64 network number and 5 out of the low 8 bytes which means hacker search space is just a couple dozen million packets.

Then there is the radio in my brain crazy issues to deal with.

I figured a smart system would put the meters up on the poles were they can talk to each other without much in the way, hard to tamper with, fully under the utility control, cheaper because one meter could do many houses. It would reduce risk to burning down houses when the old meter boards had undetected flaws and there would be some redundancy when the new meter was reading far more power use than the old one because someone put in the wrong current transformers.

/two firey icons and no zappy ones?

2
0

Australian online voting system may have FREAK bug

-tim
Facepalm

Re: Ah, political speak...

It means your brown envelope campaign contributions are best delivered to hackers rather than the politicians.

6
0

GoDaddy float values puppy-bothering hosting company at £1.9bn

-tim
Devil

Deep pockets?

Public compaines tend to fold much faster than private ones when the lawsuits come in and they know the were wrong. How long before the 1st class action suit about "they stole our domains" happens?

0
0

A gold MacBook with just ONE USB port? Apple, you're DRUNK

-tim

No sockets or screws can be fine

I would be happy with no sockets assuming the thing is water proof enough to put in a dishwasher or the bottom of a swimming pool. Some how I don't think Apple will be doing that.

0
0

Juniper fights back against white-box world with high-performance silicon

-tim
Meh

A swing and a miss?

They failed to fix the largest weakness in the SRX line which was more low cost gige ports. You can have an EOLed SSG-140 with 26 gige ports and 8 10/100 ports all on their own zones. I like all my servers on their own zone since the ancient 3 zone Trust/DMZ/UnTrust model goes out the window when you can put 34 different zones in one small 1RU unit. If the 8 port cards weren't so expensive, I would be temped to use them for switches, particularly for the employees that loves to click on everything they find on the web and in their inboxes.

1
0

Telstra to let customers access their own metadata for AU$25

-tim
Devil

What call records?

Telstra doesn't store call records, they store billing records and now that some bright bean counter has finally figured out that it cost far more to process a billing record than it does to process a call, they are trying to change their traditional business plan of charging every call. That had the potential for making the ability to track calls go away so when they informed the police agencies that their metadata pool was about to be closed, the politicians stepped in and went down the legislation path.

0
0

Linux clockpocalypse in 2038 is looming and there's no 'serious plan'

-tim
Alert

Broken time?

I had a solaris server wake up in the mid 1800s and its loader wouldn't load shared libraries until the clock was set to something post disco time.

I haven't been able to replicate the problem since its very hard to tell a Unix system to set the hardware clock to that century and reboot.

0
1

Australian ISPs agree to three-strikes-plus-court-order anti-piracy plan

-tim
Facepalm

Who agreed?

Who are these jokers?

From their web site:

The Board consists of:

Not less than three (3) and not more than five (5) positions reserved for the High Revenue members as determined by the annual revenue of that Member during the most recent full financial year of the Company;

Their main guy seems to be a baby in the field except for the experience at People Telecom which was a $90m a year telco reseller.

Why is iiNet dealing with them? They used to keep better company.

0
0

David Cameron: I'm off to the US to get my bro Barack to ban crypto – report

-tim
Facepalm

Even the spooks don't want things that easy.

I propose we rename ROT13 the David Cameron Cypher.

0
0

FBI fingering Norks for Sony hack: The TRUTH – by the NSA's spyboss

-tim
Black Helicopters

So much for solid evidence

IP addresses? Aren't the NK IP ranges some of the most abused via BGP peering? A few tend to flop between SK and China. The last time I pinged one, they seemed to be about 10 ms from a server in Los Angeles.

If the spooks want people to believe them, may they should provide Dear Eater's porn or search history.

4
0

Broadband isn't broadband unless it's 25Mbps, mulls FCC boss

-tim

How about investment incentives too?

Take it one more step. Change the tax incentives so that the best incentives are only allowed for services that can carry 10g/10g today (going to 100g/100g in 4 years) even if it is too expensive every home user. With other steps at the points where the other newer forms of technology allow rollouts today. They should also take some ideas from the EPA Miles Per Gallon about how to measure speed of broadband.

0
0

Verizon wants to sell 'antiquated' copper assets, stick to wireless for voice

-tim

Not an aggressive rollout.

They used to have 63 million land lines. 200,000 a year isn't much even if they are up to 13 million already converted. At that rate, I can see why they would prefer to simply abandon the fixed line stuff.

0
0

TCL confirms plans to 'bring back' Palm – provided you tell it how

-tim
Pint

The palm was great for its day

One of its best feature was that it would work for months on a set of batteries. I even had a modem for mine and it would browse the web.

What I would love to see in a Palm or any other smart phone is a low power mode so it can run a long time where it can do basics like clock, calendar, todo list and wait for the phone to ring. Then if I need to run a smart phone app, it fires up a modern processor that does the fancy modern stuff and then when its done with that, reverts back to the slow but useful lower power mode. The same could be done by putting the "smart phone" in a virtual machine.

6
0

Brit iPad sellers feel the pain of VAT-free imports

-tim
Pint

A problem all over the world

Australia doesn't charge 10% GST on imported packages less than $1,000 because it cost more to do so than it collects but the local retailers are screaming about that. They scream so loud that number of people are boycotting them because of their spite so their sales just keep going down.

Many states in the US now ask how many dollars worth of things were bought online and then ask for sales tax on that but US sales tax only covers goods and not services and gets very tricky with things like software license.

Of course the worst tax of all is the tax on beer

1
0

Google unveils Windows 8.1 zero-day vuln – complete with exploit code

-tim
Thumb Down

More like a 90-day vuln

Is 90 days reasonable when part of that 90 includes many holidays? If code is deep enough, fixing bugs can often have nasty side effects resulting in dead-locking the kernel or worse. If the code was serverly broken, it might require a rewrite of major systems and the access control elements are spread far an wide in modern kernels.

I wish people would stop describing this type of thing as a zero day but I expect that ship has sailed. Microsoft has already had 90+ days to fix it. A zero day is a bug that is actively exploited before the coders know about it.

1
2

ISC.org website hacked: Scan your PC for malware if you stopped by

-tim
Facepalm

Staging servers?

What happened to the practice of doing your content on a staging server and then promoting it to a locked down web server that doesn't have any ability to do much of anything?

2
0

Australia's future tech news headlines ... for 2016!

-tim
Facepalm

Microsoft is still cashing in on the XP

I can see a story like this:

At $200 per machine for XP support, Microsoft is continuing to offer support for the next 5 years. Less popular products such as Win 3.1 and DOS 5 are also being supported for about double the price.

0
0

Ghosts of Christmas Past: The long-ago geek gifts that made us what we are

-tim
Happy

Happy Christmas memories

One of the best presents I ever received was a used 1950s Erector Set (like Mechano) when my father found his old sets in my Grandmother's attic. It had an A/C motor that plugged into the wall and was something like a 60W motor and enough torque to strip gears. It had so many more parts than the recent kit in a small plastic box. The old ones came in a huge steel cases.

In 1975 I ended up with a Tyco HO train set that let me extend the old loop I had had for years. That lead me to wondering how make proper signals lights on track segments and lead me in to the wonderful world of logic gates.

In the early 1980s I ended up with a Radio Shack CoCo and year later an Epson RX-80 printer. By the time the CoCo went into the dumpster, it was like Marvin the paranoid android, the only thing left was the diodes on the left side. The RX-80 still works.

3
0

UK flights CRIPPLED by system outage that shut ALL London airspace

-tim
Mushroom

Its progress! right?

I wonder how many ATC systems were written by people who learned Object-oriented programmingfrom Booch books where the common example was an ATC system that only a programmer would ever consider. ATC systems should never have to consider where the plane is and focus on where the plane might be. Otherwise things get odd when there are failures.

0
0

El Reg Redesign - leave your comment here.

-tim
FAIL

It is April fools day?

If you have to modify the java script to support browsers you are doing it wrong. If it doesn't work in IE 2.x, your designer should be sent off to work for the BOFH so we never need to see their bad work ever again.

1
0

Sony Pictures email hack: The bitter 'piracy war' between Google and Hollywood laid bare

-tim

Re: Are MPAA worse scum than RIAA?

The RIAA used to do good things. They used to help set and promote technical standards for recording and broadcast. Of course that was half a century ago.

7
0

Page:

Forums