123 posts • joined 13 Dec 2011
It's serious Jim...
I've had a fair bit to do with "infotainment" systems. The vehicle manufacturers don't really get hackability, even simple measures like reducing the attack surface are rejected in favour of functionality. One project demanded compatibility with over 60 varieties of photo/AV/container formats. Another response is simply "what can they do with it anyway", as though it would stop at mere annoyance. If there is a way to hack into the system there will be ways to monetise it, we just haven't seen them yet, though I could suggest ransomware, bogus service demands, premium phone services, contagion into connected smartphones, just as a kick-off.
As Charlie Cox would say, it's a nightmare in a bubble-car.
In other news...
The entire UK population's stolen "medical records" are being offered for sale. The management team of the rebranded National Health and Information Service has confirmed the theft of files and warned that neither the purchase nor publication of the documents would provoke a criminal complaint or a lawsuit.
Ahh, the wonders of policy-based evidence.
We've seen the evidence now, let's guess what the incoming policy to support it might have been..??
1) Herd all the European Patent Law into one stadium
2) Make it drink the cool-aid
3) Bring the EU and US systems "into line"
4) Increase the patent lifetime to 75 years
Makes 30 Trillion look like chickenshit.
The commentard "bonkers"
Thanks you kindly for another authoritative piece.
Re: Great Article.
I love this stuff, long been interested in the weirdo elements, Europium, the Erbium family, working out what these powdery grey metals are actually "for" .
Where else would you read that Hafnium is a by-product of Zirconium production?
Question though - what' s the Lithium situation really? Here seems to be one we might run short of. Can we have an numerate update Tim?
thanks for that - I wasn't aware of Beebem, sounds simpler for what I want.
Have you all seen the Java simulation of the 6502 core? - it really is "right down to the metal" - you can see the instructions being decoded on the metal lines.
why do DJ's use twitter?
so deaf people can hate them as well
Re: Edward Snowden?
Let us not forget the inherent security flaws that were built-in to the said protocols to facilitate access for the g-men, like the NSA "random number generator" - Dual_EC_DRBG.
Nor the fact that compromised encryption has been the only sort allowed for many years, and it is only a matter of time before the exploits become known first to the crims, then to the public cryptology community. (look at SAT solvers..)
~The fundamental issue centres around what citizens are permitted to do, and thus the effort needed to police them, and thus the degree of compromise built into their privacy.
We are not allowed to interfere with the governments and corporations through any sort of meaningful protest, instead we must watch the globalisation of, for instance, medicine (astra-zeneca-smithkline-beecham-etc-etc), the unbelievable abuse that is PFI, and too much more.
Legitimate contempt and protest must be suppressed or big money gets upset.
Re: too far?
If you worry about whether these new devices will work or not, don't...
We are already some way beyond even remote feasibility - the last lot used "a handful" of electrons (reckoned to be about 80) on the floating gate capacitance to store information for 40 years.
The new ones count these electrons into tens and give you three bits of information per cell.
.. and I thought I was bonkers...
I don't get it..
I'm wondering again how code gets written without bounds-checking, on "message length" parameters. It's not the first time is it?
Is the leaked data simply the junk that was in de-assigned memory? It looks kind of important stuff you might not want to write over - let alone send over the internet.
perhaps as a general rule, apart from the obvious bounds checking, one should clear all memory as it becomes (re-)assigned? - or better on de-assignment.
Perhaps generally these under-run or their over-run brethren should be detected and escalated as a general principle.
just suggesting, perhaps we could be a bit less crap at everything?
Re: Give us your ideas, too
correction, a maximum of six winners shall be awarded a peanut, the rest of yours idea are all belong to us.
Yes its a weird one this, I had to go and check the numbers - I was going to suggest that "time-of-flight" was where the other billions of years had gone, that's the normal answer to the very-old-stars-observed question.
Not in this case however, this star is only a few thousand light-years away, right next door on these billion light-year scales.
I wonder if it must be from an unusually sparse region of the universe that has not seen much if any star formation. Perhaps only relatively recently (in the last billion years) did this one have the mass to collapse into a star, accretion can be very slow if the primordial gas is thin enough. Is it a dinosaur born late?
The paper covers some more interesting theories, suggesting that all its neighbours must have self-immolated into black holes carrying all their iron etc with them - though normally even in the "full collapse" scenario a load of metals get spewed into space. The "gentle supernova" they propose sounds unlikely, even if it does then solve the Lithium problem.
Re: That book is excellent...
thanks, I just ordered it on your recommendation.
Re: A question for the astronomers
That's exactly what does happen, the "metallicity" of first-generation stars is zero - there are no elements heavier than Helium (astronomers consider oxygen and carbon to be metals).
The cinders from the first stars and a fresh supply of interstellar hydrogen make the second generation - and make more of them (there needs to be gain..) - and so on...
If you go several generations down this path then you get enough "metal"-rich junk to form planets etc.
I can see why the fundamentalists prefer their version of things... :-)
I'll second that.
Sounds a good idea to move on from BT, their adverts suck...
Thanks again for all your clarity and good lick with the new venture.
Re: re: that's when Betty is on most channels...
You're quite right, sorry.
Keith and Brenda it is.
FWIW, Charles and Diana were Brian and Cheryl.
Its funny how the nicknames fit them all much better...
Re: re: that's when Betty is on most channels...
what's wrong with "Brenda" ?
Phil and Brenda are well known to readers of Private Eye?
error - don't publish
I'v e hit the send corrections button a few times but the comment box still looks like it will be a comment not a correction...
the failed physicist, Yuri Milner, is the one who set up the prize, not either of this years winners...
That's a plus point, the multiple motors can suffer failure much like a RAID drive. Obviously you would need to double-up (or more) the battery and control systems, but that doesn't add much cost, the batteries are still the same volume/power, just split across 3 or 4 supplies. Making it safe with 75% or even 66% of lift is reasonable. I'll bet they're Switched Reluctance motors, huge power and speed and only one moving part, a funny-shaped lump of iron. Absolute bastards to control though, as I'm finding out...
Re: Are you sure?
I don't know what aspect of H+S your audiologist was referring to, here are a couple of facts:
H+S understands all about safe voltages, the SELV (safety extra low voltage) specification allows voltages up to 70V absolute max to be put onto touchable connectors, this is known to be safe.
Supplying mains power adapters to members of the public requires that they are EC marked, which in turn requires they are tested against a proof voltage of several kV, they conform to EMC requirements, they don't overheat and (i think) they are fused or in some way protected against overdissipation.
PAT testing is used in addition to this if the parts are to be used at a given premises - a school or factory or office - and checks that each of the relevant type-approved items is not faulty.
I suspect it is this requirement that stops them offering you your power supply. If I were them I would ensure it uses a standard micro-USB then it can be your responsibility to source and use the adapter.
Re: I'm Curious
I don't get it, the FM band is a worldwide simple standard. They can't easily sell it off because it would still want to be used for sporting events etc. In any case the bandwidth is small, only 20MHz all-told, and the useability is not good, you are reckoned to be able to use 1/15th for big transmitters (i.e. national networks), the figure for little low-power users cannot easily get below 1/4 due to the 4-colour theorem.
So, in all, maybe 5MHz of bandwidth in any given place. Get Tim Worstall onto it, he will agree that there is no exploitable resource here.
The DAB bandwidth, on the other hand is 174MHz-239MHz, or 65MHz, over three times as much. We currently use just seven of the available 40 bands, in London, broadcasting about 80 stations. I can't see us ever needing much more than this, if you really can't get enough christian thrash metal genre, then get a computer, or a life.
So, they could sell the DAB band, or half of it, for more money, it doesn't need such a long antenna, half what the FM band needs, but I can't think of a use for the bandwidth, given that there is "white space" radio spectrum coming along that allows all users to use what they like within reason and license-free. There will be no market at all for odd bits and pieces of RF-bandwidth when this comes in.
Don't bash DAB, it is a really good system, its hugely efficient in BW terms, allowing a national network using only one frequency and greatly reduced megawatts, it just needs more time. Also, sure, really don't abolish FM, there is no need to and no benefit forthcoming from it.
Re: 'Cersium' eh?
What's wrong with Caesium? - from the Latin word "caesius" meaning "sky blue"
Come on Reg, your a British site, and proud of it, adjacent vowels are not errors.
mass-spectrometers no longer have a huge magnet and a curved vacuum path, look up "quadrupole mass spectrometer" - no that's not four of them, its a clever oscillating field where only the particles that are neither too heavy nor too light (for their charge) are the only ones that stay on the beam line. They're about the size of a KT66 thermionic valve (tube).
Re: Impossible to forge?
Thanks for the offer, I will say what I like about the "smartness" of bankers, didn't they just knock on the door asking for 1.4 Trillion?
We all know how easy it is for investors to buy into a bubble, it can even be good policy if you're out early.
However, the list of failed products with "amateur crypto" technology is most alarming, look at http://en.wikipedia.org/wiki/Pirate_decryption for starters. Then have a look at MiFare, Megamos, all of the audio and video copyright protection schemes, the entire antivirus/PC security nightmare - then tell me that we're probably wrong to dismiss this latest breakthrough in analogue security.
Re: Impossible to forge?
Totally agree Phil, no need even to buy a worker, the authorisation can be simply monitored, decoded and replicated. Without Crypto i don't think there is any chance - even with, it is vulnerable because there is "one big secret" that is buried in every tag and every reader.
Good luck to 'em, if they're putting their money into technology that mere commentards know will be broken, I hope there's more to it than this.
BTW, have you all seen how clever holograms are these days - with a "reader film" that you view the hologram through, and see some secret text/image. Keeping this updated with new datestamped reader films is a simpler system.
Re: Please stop with the "Growing plants" thing
Opium isn't a plant.
Opium is an opiate derived from a plant.
Opium is the natural dried resin collected much like natural rubber from slicing the seed-heads of papaver somiferens.
The principal opiate in it is morphine. Opium is not an opiate, it contains opiates.
I'm no expert I have to say, but I'm pretty sure we read the intended font most of the time. There seem to be many ways to achieve this - with of course a fall-back to a substitute font if needed. there is much more detail here: http://blog.themeforest.net/tutorials/how-to-achieve-cross-browser-font-face-support/
The browser chooses the intended font, unless it can't. - Not really "it's" choice then, is it?
consenting adults in private
Absolutely, why should the state be concerned unless there are overriding public risk issues.
to see if the named fish responded?
The dolphin is not a fish.
It's an insect.
don't feed the bumpkins
Numpty - you're reading the article aloud to Mr A.C. Moron, nowhere did it mention access to hardware, nor any discussion of the benefits in living in shacks or cities.
On topic, the malformed SMS forces the SIM into a clever known-plaintext attack which only needs one rainbow table.- length equal to the DES56 signature, I think its a lot less than 2^^56 which would be beyond rainbow tables at 10^^17 entries. Does anyone know the signature length?
CND twitbook liberals masquerading as loyal commentards
Much as I appreciate Lewis's regular articles on hopeless decisions and moronic waste within the MOD, it's a bit naughty to get the retaliation in first regarding commentard backlash. I thought we didn't go in for 'ad hominem' arguments, web2.0 indeed...?
Much of what is discussed here is not really vote-winner politics, the Murdochs and Daily Mails seem to be able to define what that is, I prefer informed rational argument.
On that note, what would we actually do if someone lets off a nuke? Do we respond with Trident? Ever? Really? - I suspect the paperwork alone would kill us.
I say lets put the cold war behind us, big nukes got us through it but it was at a level of risk we should now be able to avoid. The thought of spending 25 billion on Trident scares me, we'd have nothing left to give the bankers, a much closer and more malevolent threat than rogue states.
They have expertise and market share, to ignore them as a player would distort the picture.
Blackadder had a word on this...
Queenie: Oh come now Lady Farrow, crying isn't going to help your husband now.
Nursie: No! Ointment! That's what you need when your head's been cut off! That's what I gave your sister Mary when they done her. "There, there" I said, "you'll soon grow a new one.
Queenie: Shut up Nursie
Re: How would the professor know though?
well put. Its an outrage that Sugar puts himself forward as some sort of computer guru, his philosophy always was simply beating the shit out of suppliers - for most of them it was their last deal. His affordable PC breakthrough was a fire sale of ill-conceived non-compatible PC things.
That said, I do find his judgement good, he sees through most or all of the cuntestants pretty easily.
As others bemoan, something with the germ of an original idea and some real progression would be so much better than all the vapid marketing bollocks.
Re: Another one?
"legal beagles" - what a fantastic strapline.
For those that don't have a tradition of fox hunting - the unspeakable in pursuit of the uneatable according to Oscar Wilde, beagles are the repulsive pack dogs that live in compounds eating the discarded carcasses of stillborn farm animals.
Once in a while, when their masters decide, they get to tear a real live functioning animal to shreds.
Not much like patent lawyers then...
Downvoted twice - any reason?
I can't see why, its a balanced presentation of the case for and against interlacing. Interlacing is an easy existing method of increasing framerate at the expense of "specmanship" resolution, but there are issues with exactly what information it holds that make it difficult to know how best to upscale or interpolate the video.
The article makes a good case for higher framerates and I agree totally. However we already have a solution that will halve the pixel count and double the framerate - its our old friend interlacing - a 1080i (note i not p) screen is what we need, within the existing frameworks, then move to higher non-interlaced framerates.
Interlacing is a really good method, only if the frames are shot at 48/50/60fps, like with a video camera - its rubbish if the source is 24fps film since the second field is simply delivered late. Interlacing with say 2 x 540 line (1080i) conveniently bridges the dilemna of motion and detail since on static shots its indistinguishable from 1080p.
It is justifiably unpopular in the codec world because you don't know if the two fields are part of a single exposed image or if they are two exposures, there is no easy way to benefit from the second field - shot at a different time - when trying to convert from i to p. . Also converting 1080p to 1080i looks blurry and is a waste of time since the temporal information is missing.
The OBD~II connector is a good starting point to probe the in-car system, that bit of it that you are attacking, directly. There are several papers that document how to move such an attack onto a corrupted music file, and then on to a fully wireless exploit through inevitable flaws in Bluetooth stacks. The killer is that once you can send CAN packets around you can entirely reprogram most things in the car - assuming you can get through the "hobbyist" grade security.
Try googling and reading the document titled: cars-usenixsec2011.pdf
"We modiﬁed a WMA audio ﬁle such that, when burned onto a CD, plays perfectly on a PC but sends arbitrary CAN packets of our choosing when played by our car’s media player".
They went on from there to a number of wireless attacks, the time-to-break depends on a number of factors, mentioned in the paper and hey, not a single hammer was used in the whole exercise.
Absolutely, loathsome scum the lot of them.
Are we going to get carpet-bombed with shite advertising concepts for trade and investment now?
Fridays are bad but death rates rise 6% in one day on Black Wednesday - in June, when the new crop of junior doctors are unleashed. Still, you can't moan too much, it is free after all.
Why did you get downvoted for well-researched unbiased input?
Its easy to say that these people are idiots, they clearly aren't - though it is possible they have been duped.
I'm rather hoping they haven't.
Thanks for that - glad to hear its in use now, took a while though didn't it?
Where's all the cheap Titanium then? Surely anything is better than the existing Ti process. I shall look it up,
Re: Has anyone actually read the paper?
> Nonsense. There's nothing like enough energy there to rule out chemical processes.
have a look at my earlier comment and calculations. The energy density in the reaction vessel is beyond Hydrogen.
It cannot be chemical but it might be electrical with a sneak wire.
Re: "It's presumably converting its mass into energy."
small addendum, sorry... the chamber volume was 20mm bore, so my worst case figure is now 263 MJ/L
Still 1.8 times better than the best though.
Re: "It's presumably converting its mass into energy."
sorry - it cannot be down to stored CHEMICAL energy in the device. The whole point is that it is stored NUCULAR energy.
Re: "It's presumably converting its mass into energy."
My calculations suggest it is really converting mass to energy:
The average energy output was 816 Watts - this was calculated using questionable methods but importantly the control (dummy cylinder) when fed with 810W produced a very similar temperature.
The average power input was 235W, the test duration 116 hours.
Therefore the device showed a nett energy output of 67kWh or 243MJ. simples.
The reaction chamber volume was quite small - a 5mm bore 33cm long.
The secret powder that was in there was measured as 0.3g only - barely a coating. The researchers rounded this up to a figure of 1 gram. I will evaluate also a worst case figure of 57 grams - if the bore was packed with solid Nickel.
The energy densities are quite astonishing, considering petrol is the most energy-dense common substance at 50MJ/kg, with hydrogen (in any phase) on its own at 145MJ/kg.
I calculate 800 Giga-Joules/kg if the 0.3g figure is to be believed.
My minimum (using 57g) is still 4200MJ/kg - about 29x solid hydrogen.
the researchers claim 183600 MJ/kg - with a few other worst cases in there, I make it 242GJ/kg.
It could be all down to "fiddling the electric" - but it cannot be down to stored energy in the device.
I'm not sure you're right on that. If you patent, for starters it lasts only 20 years, secondly you have to reveal the details - then others can extend the work possibly putting you out of business with their improvements.
Take Rolls-Royce, they only patent what others can deduce from reverse engineering, if the secret is hidden in the manufacturing process they keep it trade secret.
Look also at "the Cambridge Process" for producing cheap Titanium - patented, sold to Carlyle group by Blair and shelved indefinitely to protect vested interests.
Re: Please pass the Fluke TrueRMS DVOM
Good point, you read it so I don't have to (I'm at work)
Assuming no fraud with the meter, like changing the sense resistor, then a simple long duration test will soon exceed the kWh/kg of known battery technology. The DC-in DC-out test is fundamentally even harder to defraud.
Why are so many commentards getting violent over the matter?
Be cool, do the tests, play no part in the screeching self-censorship that paid science has to abide by.
we told you so...
how about, expiring DRM formats give you a voucher to redeem against a good old DVD? - you still have to cover the mechanical and distribution cost of the DVD, but then you get a hard copy.
Alternatively, a token that allows you to download an "illegal" DRM-free copy of the film without risk of prosecution, since you've paid the royalty?
- Review Is it an iPad? Is it a MacBook Air? No, it's a Surface Pro 3
- Game Theory The agony and ecstasy of SteamOS: WHERE ARE MY GAMES?
- Hello, police, El Reg here. Are we a bunch of terrorists now?
- Kate Bush: Don't make me HAVE CONTACT with your iPHONE
- Worstall on Wednesday Wall Street woes: Oh noes, tech titans aren't using bankers