* Posts by Voland's right hand

2620 posts • joined 18 Aug 2011

Now Google backs everyone's favorite trade pact: The TPP

Voland's right hand
Silver badge

Re: TPP is BAD and there's only one solution

You forgot to add joke tags.

Trump (as any populist) will proclaim during election what the crowds want to hear. Expecting him to do anything about it or stick to any of his election promises in the realm of delusional.

9
1
Voland's right hand
Silver badge

Re: Can we even officially read it yet?

but I bet most MPs

You are mistaking the Eu version with the Pacific one. The Pacific is now public (so we can see what the Eu one will have in it), while the Eu is still NDA-ed.

1. I would not worry about it too much. With the current poll results, UK is going out of the EU so it will have to negotiate its own agreements with the USA outside the scope of the Eu agreement, so the fact that the MP has not seen it is irrelevant.

2. In the absence of Cameron pushing the Eu agreement it is totally dead in the water with the rest of Europe. That is one of the main (and real) reasons why we had as much as an Obama visit to show support. I am surprised that the liberals and greens on the continent have not figured that out and have not started cheering for BrExit for all its worth just because of that.

3. An outside-of-Eu UK will have to "negotiate" its own agreement with USA and frankly, I would prefer not to even contemplate what it will entail. Any ideas of such nasty things as Sugar Tax, Privacy, Democracy, Rule of Law, etc should be abandoned outright and we might as well disband the house of Parliament - the country will end up being run by Macdonalds and Google marketing departments. According to the UK-specific and "improved" version of said treaty (which the rest of Europe will tell USA to shove it where the sun does not shine). So from that perspective, did your MP see it or not is once again - irrelevant.

7
0

SLACKOUT

Voland's right hand
Silver badge

Re: The Cloud...

On the other hand, not many people complain that they don't have control over the gas works

The gas works do not try to upgrade their f*** API every 2 weeks. It is 75 mbar over 28mm pipe this week same as it was 75 mbar over 28mm pipe last week same as it will be 75 mbar over a 28mm pipe next week. It is not in perpetual beta and it will not be withdrawn the week after next because the company offering it feels like it has played enough and wants to switch a newer and shinier toys like delivering pumped sewerage instead of gas.

I suggest you actually try to grok the concepts of utility, universal service obligation and service guarantee next time before you try comparing anything offered by a Silly Valley Unicorn with a proper utility service. Regardless of the valuation of said unicorn and the amount of sparkles it has in its mane.

10
1
Voland's right hand
Silver badge

Re: The Cloud...

Lesser of two evils.

If you are in an typical large company and you have to choose between a cloud service and a service provided by your own IT department you are guaranteed to chose the lesser of two evils. Now which one is the "lesser" I am going to leave as an "exercise to the reader".

0
0

Eds off their meds: Does this headline REALLY need to be so astronomically long it can be measured in parsecs?

Voland's right hand
Silver badge

Re: NSFW

Do you work in a convent?

6
0

RIP ROP: Intel's cunning plot to kill stack-hopping exploits at CPU level

Voland's right hand
Silver badge

Re: Silver Bullet

No it will not.

Heap overrun exploits.

4
0
Voland's right hand
Silver badge

And last I checked, there are plenty of alternative ways around that

Recursion, see recursion.

6
0
Voland's right hand
Silver badge

And where you will store function call parameters?

Stack is not only for addressing, it is for function call params too.

What Intel is proposing is not far off - it is two separate stacks - one legacy - params and returns, and one only for return addresses. The so called shadow stack is very similar to what you are describing - a program can manipulate it solely via subroutine calls and returns.

By the way, this still leaves a large exploit category not covered - it is of little or no help with heap exploits.

3
0

TalkTalk says 8-month app outage lasting 'bit longer than we hoped'

Voland's right hand
Silver badge

IT is probably developed in their "innovation" lab

It is probably developed in their "innovation" (quotes intended and needed) lab seen behind their CEO in one of the interviews and featured widely on the register. The one with the VHS video player and the Windows 98 machine behind her.

8
0

Microsoft has created its own FreeBSD image. Repeat. Microsoft has created its own FreeBSD image

Voland's right hand
Silver badge

Re: Embrace, Extend, Extinguish...

Actually I think a BSD-derived TCP/IP stack first appeared in NT 3.5.

Correct. Then it slowly MSFT-bit-rotted to be refreshed again in the early Win2K development cycle. And a again a few times later. TCP fingerprinting knows no mercy - it shows exactly what you are doing and whose stack did you cut-n-paste when yours was not delivering.

In the case of BSD it is permitted by license and Windows has always complied with it - if you dig around you can find the relevant "copyrights" and mentioning of BSD in their licensing info.

10
1
Voland's right hand
Silver badge

Re: Embrace, Extend, Extinguish...

start to acquire enough knowledge to yet again try to copy Apple

They already have it and they have done it in the past. If you plot Windows development build TCP stack fingerprints going as far back as Windows 2000 they go through a "this looks exactly like BSD" moment every few years early in their release cycle. This is also the moment when the stack actually starts working too (this was the case with Win2K).

So what you are suggesting is nothing new, it is however mostly at low levels.

9
2

LISA Pathfinder free fall test beats expectations

Voland's right hand
Silver badge

Re: Location, location, location

L4 and L5 - yes. They are stable and even if you shove something a bit out of it, it tends to try to go back there.

While unstable, L2 is interesting because it is in perpetual shade with the smaller body providing it as it orbits the larger. L3 and L1 - not so much. They are both not stable and solar wind will probably push you out of them at the end of the day. So a long term competition for "real estate" at these locations is highly unlikely.

1
0

Surveillance forestalls more 'draconian' police powers – William Hague

Voland's right hand
Silver badge

Re: News at 10

Farenheit... 451...

18
0
Voland's right hand
Silver badge

News at 10

CodeBook based ciphers and their analogues are unbreakable to this day. Nothing new there.

They, however, are feasible only for a prearranged communication, not for on-off messaging. There is no session secrecy. You break it once, it is broken forever and you read all past and future messages.

It also requires zero technology so it cannot be defeated technologically.

9
0

US military tests massive GPS jamming weapon over California

Voland's right hand
Silver badge

Re: @Gray ... Military aggression

So what makes you think it cannot be programmed to use the classic cruise missile guidance methods such as TerCon? Laser distance to ground measurement can be done using 20$ parts from ebay nodays and jamming it is nearly impossible.

2
0

Marauding monkey blacks out Kenya

Voland's right hand
Silver badge

Re: Huh?

You are not familiar with the "smart metering" attack.

It is sufficient to turn 2-4% on/off at once with no prior notice for the grid to start shedding connections. If this is not calculated correctly (or in the case of an attack if the sequence of on/offs is malicious) the whole grid can collapse completely (*).

So all it takes is one monkey - either at a big enough power plant or one high enough in relevant government department. There is little difference between failing to protect the grid feed transformer and deciding to install smart meters with uploadable firmware into every house (and someone backdooring it with a trigger sequence).

The result is all the same.

(*)It is now 20+ years since I last helped my dad with computations in optimal control of grid load "management" so the 2-4% number is off the top of my head.

8
0

African IP address body exec half-apologizes for 'Whites are taking over' race-row email

Voland's right hand
Silver badge
Coffee/keyboard

Transparency? In Africa?

Read what you wrote.

Transparency in Africa?

Yeah, and I am colonel Mbongo Mbongo from the NIgerian Trustful Asset bank and I would like your assistance in a beneficial transaction of 10,000,000 dollars, that is ten million dollars.

4
2

Will you get reimbursed if you're a bank fraud victim? Brits think not

Voland's right hand
Silver badge

Re: I just say no

but for personal banking, not worth the security hassle

Try spending a few months a year abroad and/or having any or all of the following:

1. Assets abroad (real estate, car, whatever).

2. Relatives in need of regular financial support abroad.

3. Having to pay tax in more than one jurisdiction

That is not as uncommon as one would think - there are 2 million Brits according to official statistics who are in this position. In reality, the offiicial stats are probably an underestimate by at least 50%, because quite a few British pensioners pretend to be still living in Britain so they can continue drawing their state pension and benefits in Britain instead of having it transferred (to a net financial loss) to a Eu country.

10
0

Brexit: UK gov would probably lay out tax plans in post-'leave' vote emergency budget

Voland's right hand
Silver badge

Why not

This idea is only slightly less delusional than the idea that Berlin and Paris will allow Europe financial affairs to be run from outside the Eu.

If we for one second assume that delusion to be in the realm of reality (very far fetched), yeah, sure, UK will be able to negotiate good terms with anyone. In fact, it can, in theory, negotiate better therms as the Eu cannot keep it on a short leash while it runs a "good terms or your assets get it" gambit.

The issue is that the idea of the London City after a Leave to be anything more than a glorified version of Virgin Islands corporate registry is exactly that - in the realm of "WTF are these guys smoking". Paris and Berlin will not allow that for a split second. That automatically removes any UK negotiating leverage in any trade negotiations.

When the City gets "nuked", some smaller hedge funds may survive (for a short time, then move). All larger financial entities including 99% of stock trade activity will move to Frankfurt within less than 2 years. With the relevant consequences for everything else (thank you Maggie for making the whole UK economy being wholly dependent on the City fortunes).

15
5

Wi-Fi hack disables Mitsubishi Outlander's theft alarm – white hats

Voland's right hand
Silver badge

Re: It seems

Giving people who have spent their career working in closed protected environments related mostly to system and process control (ECUs, controllers, etc) the task to write something which is exposed to the outer world and can be attacked at the protocol/message level.

The end results is that 99% of IoT and I-connected gadgets there are hackable with ease. Cars, smart meters, internet connected alarms and cctv - you name it.

15
2

UK Home Office is creating mega database by stitching together ALL its gov records

Voland's right hand
Silver badge

Close

Now you know why Theresa May agreed to A review,

Fixed that for ya - that is her standard Harkonnen modus operandi. Plan within plan within plan.

2
0

Tech titans demand free speech law to head off President Trump

Voland's right hand
Silver badge

Re: Southpark

One more option.

A man with some issues in the "fingers" department: http://www.theguardian.com/us-news/2016/may/07/donald-trump-penis-painting-ilma-gore

I am surprised Ilma Gore is not the first person on the list. Out of all Trump lawsuit threats, the threat to sue her and any auction selling her painting is possibly the most ridiculous.

1
0

Systemd kills Deb processes

Voland's right hand
Silver badge

Re: Broken expectations

This means you never had to work on an "adult" unix.

Unless your friendly local sysadmin turned job control off, SCO, AIX and other full spec Sys V + Posix implementations would all kill your processes on logout.

2
3

200TB proof cracks puzzler

Voland's right hand
Silver badge

Re: Not enough room in comment

Concur. Not a proof as such.

Proof of something in math should hold to rules of formal logic and be specified as a logical sequence.

What is being waved about is a dataset, not a proof.

0
3

HR botches redundancy so chap scores year-long paid holiday

Voland's right hand
Silver badge

it seems bofh.ntk.net no longer resolves

Indeed - as a result we do not have access to some of the best (actually better than BOFH) Simon's early rants like "Departmental Scapegoat Required" and the spoofs on Startrek Enterprise, etc.

5
0

$10bn Oracle v Google copyright jury verdict: Google wins, Java APIs in Android are Fair Use

Voland's right hand
Silver badge

Re: Oracle should be grateful

Dead no. Become a niche language - yes, definitely.

4
2

Bank in the UK? Plans afoot to make YOU liable for bank fraud

Voland's right hand
Silver badge

Re: Happy to be held accountable once...

The reality is that:

Bank will specify hardware: PC

Bank will specify software: Windows with bank sponsored malware (sorry, security software) installed via a bank affiliated download so that the bank gets its marketing cut. The favorite is some crapware named after some mutt variety.

Bank will specify development methods: Bangalore

Bank will specify location of operations: Bangalore

And you will have the responsibility. HSBC already tried that. More than once.

I tried to raise with them the fact that the way the have redirected to the co-sponsored download was open to cross-site scripting so _ANYONE_ could shovel a download to a customer PC through that hole and the customer would have accepted it as verified by the bank. This gives you the idea of the competence involved.

After spending 10 minutes trying to parse Bangalorian into English I gave up, close the account and moved to Nationwide.

22
0

Dropbox gets all up in your kernel with Project Infinite. Cue uproar

Voland's right hand
Silver badge

Why kernel driver?

What's wrong with fuse?

8
0

Two weeks ago Salesforce had an outage. Now it's outsourced to AWS

Voland's right hand
Silver badge

Re: the endless blame-game opportunities

Amazon, who outsources

Dude, what are you smoking?

It is the real success secret in cloud. It is called DIY and Eat Your Own DogFood. Down to the last nut and bolt in the power distribution unit of the bitbarn and last line of software. Even if it looks more expensive at one particular level it cost saves elsewhere.

That is why Google, Amazon and Facebook (with Azure catching up) have been so ridiculously successful from an infrastructure perspective. This is also why all vendor w*nkfests like HPs and Dell's miserable attempts at cloud have been miserable failures. When you outsource a blame game you also outsource the margin with it. You also now pay for the vendor ensuring that the blame is least likely. Example - do you see a vendor slotting a MB on a pizza tray without an enclosure in your bitbarn? F*** no - their own risk control will not allow it. And the cost adds up. At every level. So when Uncle Jeff comes around for your bacon you suddenly realize - your "cloud" built out of boxes which you outsourced to Quanta, Foxconn and Asus running software which you outsourced god knows where else, connected via routers and switches you bought from Cisco and built inside barns you hired and leased instead of owning (and so on) cannot compete.

Outsourcing for a customer works only at _SMALL_ scales. The moment you get into the Amazon and Co territory the economies come from in-sourcing the whole stack. And owning it - all the way to the land under it (inclusive of the f*** mineral rights).

3
0

Seattle Suehawks: Smart meter hush-up launched because, er ... terrorism

Voland's right hand
Silver badge

Re: Check this out:-)

How the f*** did this get granted in the first place?

This is just a boilerplate design for a generic gateway which has been produced by various manufacturers for years. Sagem was shipping such a device 7+ years ago (with a slightly different protocol set, but pretty much identical designwise).

There is absolutely _NOTHING_ inventive here. It fails the novelty test, it fails the prior art test, which f**** cretin has granted this and why are our fees (and for USAisians - taxes) being used to pay his salary.

Oh... I geddit... Search and replace with software defined - same as it was done by plugging mobile everywhere 5 years ago and Internet everywhere 10 years ago. In any case - a Eu patent examiner will laugh his arse off if you submit this as an application and slap you on the head with it.

2
0

Hardware sizzles for HPE – and brings home the bacon

Voland's right hand
Silver badge

Very interesting

Doubly interesting considering that most computer and network hardware shops have posted a fairly soft quarter.

0
0

US nuke arsenal runs on 1970s IBM 'puter waving 8-inch floppies

Voland's right hand
Silver badge

Re: Programming skills .NE. programming languages

Exhibit A.

You got the wrong reference. Should have pointed here. Syntax is about the same, so is readability.

2
0
Voland's right hand
Silver badge

Re: Programming skills .NE. programming languages

"NAG Fortran Library. E02 - Curve and Surface Fitting" and have to select which of the 26 methods is most appropriate

That is in the realm of math now. That is a different story - 40 years ago, math was taught to CS undergrads almost on par with the people who studied just math. That is no longer the case as classes on the magnificence of Java w*nking have to be fitted in the program. That is why someone who has graduated with CS 40 years ago probably will smile and grab the correct subroutine out the library before even finishing his coffee. One of today CS products - I doubt it.

16
0

Microsoft's Windows Phone folly costs it another billion dollars

Voland's right hand
Silver badge

Nominative determinism

Oy, in several languages neighboring the location of Microsoft Mobile Oy is used to signify pain being inflicted on the subject.

Classic case of nominative determinism.

8
1

ISS 'nauts to inflate pump-up space podule

Voland's right hand
Silver badge

It is either that or going in an origami.

When you compare origami and balloon in terms of technical complexity, the origami definitely looks like something more likely to go wrong.

2
0

Former Sun CEO Scott McNealy has data on 1/14th of humanity

Voland's right hand
Silver badge

Re: I buy golf clubs all the time because I think they will improve my game

Typical Silicon Valley CEO - total inability to measure ROI.

That is normal, your stock or unicorn horn value in the valley is not proportional to ROI or any of your financials for that matter. For that you have to STOP being a Silicon valley company and become a global company. Sun never made that transition - it was born as a silicon valley company, it grew as a valley company and it died as a valley company somewhere inside the bowels of Oracle. While it sold stuff around the globe, its mentality never grew beyond the valley borders.

1
0

Gillian Anderson: The next James Jane Bond?

Voland's right hand
Silver badge

Re: " will have to to beat off stiff competition"

Pierce Brosnan's "I thought Christmas

That was quite tame compared to Roger Moore's "Miss Godnight is coming up" and Q's comment in Moonraker "He is attempting reentry".

3
0

Snowden: NBN leaker raids a 'misuse' of Australian Federal Police

Voland's right hand
Silver badge

Re: @Voland

Err what???

Exactly that. It was a more than once a month flight for several years by the way.

After the incident at which she called them c*nts and refused to provide said c*nts with low altitude forecast for Air America style weapon smuggling in the North Caucasus, the airport authorities had a more "compliant" met officer given the task to supply those flights with forecasts and NOTAMs and she was re-assigned to back-office duties until retirement.

In any case, based on this (and other) first hand documentary evidence, we have to thank the Russians for their patience.

If someone shipped 100+ transport aircraft flights of heavy weapons as a "donation" to IRA UK would have probably used Trident on them 10 times by now. USA under similar circumstances - not probably, definitely.

1
0
Voland's right hand
Silver badge

Russia, who is now being blamed

You unintentionally used the correct language. For the purposes of our own sabre rattling idiots it is essential to blame them so that more money can be apportioned to the war cause.

To put it bluntly, there is 20 years of intentional escalation at work here and it is not Russia who started it.

My mother has a framed copy of a service reprimand on display in her living room for calling a Lithuanian pilot a c*nt in the course of her duties as a senior met officer. The Lithuanians were running cargo flight was supposedly carrying "cucumbers" (that definitely needs quotes) from a civilian airport in a NATO country to Dnepropetrovsk (you can have a look where is that on the map). The Lithuanian asked for a low altitude wind shear and visibility forecast for Hankala (that is on the outskirts of Grozny - you can also see where it is relative on the map). He was unlucky - that is where my mother served for several years before retiring on medical grounds so she explained him exactly what he is (Пиздюк) and now proudly keeps the reprimand on her wall.

That was right around this: https://en.wikipedia.org/wiki/War_of_Dagestan and you know "cucumbers" are essential for supplying the necessary "vitamins" for such benevolent excursions to your neighbors.

So sure, we can and should blame them for quite a few things. After all - they have done them. However, we should also assigned the blame to everyone in NATO who has shipped ex-Warsaw pact surplus weapons to terrorists around their borders for 20 years (with active support of 3 letter agencies throughout).

7
2

Norton bans kernel.org

Voland's right hand
Silver badge

It is a threat

You are about to download software that will make our bugware unnecessary and you will stop paying us protection racket subscription. You think we will not flag THAT as a threat. It is a threat of course. To us, not you.

3
0

Google security man reveals Allo will encrypt chats - sometimes.

Voland's right hand
Silver badge

Yeah, and I am the tooth fairy

Google deliberately sabotaged end-to-end IM encryption for years.

It continues to ship google talk aka hangouts clients on Android and in their Chrome browser that are not just "not enabled", they are outright hostile to OTR2 forcing people to turn it off or make it not enabled by default. It has been doing this for 5+ years now too.

2
0

Troll seeks toll because iPhones work

Voland's right hand
Silver badge

Apt name for a bottom feeder

Corydoras is a genus of catfish*. Bottom feeder. Very fitting name.

Got two of them. Cute buggers when little, not so cute when they grow up (will eat on the QT anything that does not swim out of the way).

23
0

Coders crack Oculus DRM in 24 hours, open door to mass piracy

Voland's right hand
Silver badge

Re: Why would they?

Why would they?

The whole DRM on oculus has nothing to do with games. Oculus is being bolted down so it cannot be used for porn. From that perspective, they do not care a lot if their DRM was broken so that their content is played on another device. Now playing non-DRM-ed content on their device - different story.

This is not something Oculus originally intended by the way. It came after they were Tzukerborged. I guess that the droid boy is more prudish than we thought.

10
0

Malaysians using South African cards pinch US$12.7m in Japan

Voland's right hand
Silver badge

Re: Disaster Waiting to happen

Maybe this will (at long last) kick the japanese bankers...

This is still small change

It will take this happening on a daily basis for them to fix it.

In addition to that, reporting such losses up the command chain and reflecting them on the accounting sheet in that particular location can be career detrimental. Cough, Cough... Olympus... Cough, Cough... Toshiba... Cough... Cough...

1
0

Your next server will be a box full of connected stuff, not a server

Voland's right hand
Silver badge

They do not

All CPU architectures out there when running flat out (as a well spec-ed server farm generally does) have very little advantages over each other. The rumors of Power being err more powerful (pun intended), arm consuming less power, etc end up being very exaggerated.

Arm's "less power" comes to play when it is idle. Same MIPS at full flat out Intel will use times more power in idle. That is a mode of operation which you will see in consumer equipment, media boxes, house server, etc. You will not see it in most datacenters nowdays. VMs, Cloud and Big Data have changed the way they are run. 10 years ago, servers were run at a fraction of their capacity to ensure they have enough spare grunt to handle incoming requests. Now they are run in an almost mainframe fashion where there is a low priority VM set with a batch processing job always crunching something in the background.

4
1

Ukraine clamps carders

Voland's right hand
Silver badge

Small fry did not pay its dues

Small fry which did not pay its dues. In a cleptorcracy you should never forget to finance the benevolent funds of your friendly policemen and politicians.

2
0

Challenge! German drives from South Africa to Norway in nine days

Voland's right hand
Silver badge

Turkey, Bulgaria, Serbia,

He either:

1. Had special arrangement to pass borders bypassing the queue as well as special arrangement for all Serbian motorway tolls

2. Could do 4h less on this time.

While it is not as bad now as in mid-summer or during the refugee mayhem, going through Serbia is slower than going through Romania for mere commoners because:

1. Motorway Speed limit is 120km/h and is policed quite strictly. Romanians are at 130 with bugger all policing.

2. There is a 20-40 min queue at each Serbian toll unless you chose some really ridiculous times to travel - like 3 am.

3. There is up to a 7km queue on the Hungarian border where the border control while not kicking you outright (that is a journo prerogative), will try to make sure you regret traveling through there.

Compared to that taking any of the routes through Romania ends up faster despite being 150km longer and with much less motorway.

0
0

If you know what's good for you, your health data belongs in the cloud

Voland's right hand
Silver badge

Re: What an utter load of tripe

So, without 100%, 24/7 connectivity, a notification system has the value of tripe?

You missed one important adjective. REALTIME. So that should be: So, without 100%, 24/7 connectivity, a REALTIME notification system has the value of tripe?. Actually, not even that - tripe makes for a fine soup (works well on hangovers).

Example - I am severely allergic to half of the plants out there including "peanut level" intolerance to wheat, barley, rye and even rice. When I need to whack that epipen needle into my thigh and call an ambulance I on average have less than 5 minutes to do so. If that notification is not there within a minute or two, it arrives to an unconscious body which cannot whack the eipipen. If it arrives past the 5 minutes mark it would arrive to a phone attached onto a dead body.

Thankfully, I do not rely on notifications from the cloud for stuff like that. If I was, my SWMBO would have cached my life insurance already.

3
0
Voland's right hand
Silver badge

Re: What an utter load of tripe

I am NOT keen on sharing

"Share" in google-talk where the dictionary definition is: "Bend over for inspection and we shall extract whatever we would like out of you to monetize". Definitely. 100% with you.

Feed of medical data into a long term running profile to which _ONLY_ my GP has access on a daily basis - different story. Providing that to a medical professional with whom I have made an appointment based on a referral from my GP conditional on the appointment being setup - different story again. Emergency services getting access in a medical emergency - different story again. I will _PAY_ for that. Directly, indirectly (as a tax or as a part of medical insurance fees). Without thinking for a second.

There is however _ONE_ condition - that CLOUDY marketeers, admen and other slimy scumbags never ever get their hands on it.

7
0

Forums