* Posts by Brian Miller

700 posts • joined 3 Jul 2007

Page:

NVMe SSDs tormented for months in some kind of sick review game

Brian Miller

Use a benchmark or compile a large project

Want to know disk performance? Either use a disk benchmark program, or else compile a large project. For instance, see how fast Gentoo will compile itself on your system. Copying a bunch of files using Windows Explorer is ... just not good.

0
1

Buggy vote-counting software borks Australian election

Brian Miller
Big Brother

What, me, do math?

"Counting votes under STV can be laborious, so some jurisdictions decide to just grab a random sample of votes and then use software to extrapolate results based on that sample."

Right, let's just make up numbers and use what best fits our fantasies. Both vote counting and math are hard, so we'll just skip over them. Nobody will mind...

At least the dead didn't rise from their graves and go vote.

Right?

22
0

Insure against a cyberwhat now? How the heck do we crunch those numbers?

Brian Miller

Hackers hack hacks, doped data dumbed down decisively

"We've just collected all the data on all hacks!" "Great! Now we'll get a printout of risk." "Funny, it says that everything's OK, and there's no risk. Oh, and our cat is flipping the bird." "How did the computer know that?"

Something like this would simply be a magnet for being vandalized. I wonder what the insurance companies are doing now to track "cyber attacks." Do they count all of the times a system goes down due to bugs? "Oh, we were attacked." Reality: we don't know how to code, so we're going to blame it on hackers. Will there be DOS mitigation insurance sold? This is just such a pathetic rabbit hole.

4
0

Bold stance: Microsoft says terrorism is bad

Brian Miller
Joke

"Redmond vows to pull terror content from services"

So does this mean that Microsoft will pull Windows off the market?

16
5

Linus Torvalds releases Linux 4.6

Brian Miller
Joke

Re: Driving me mad ...

If the Cars were Moving in Stereo, why can't Pi users drive in 3D?

0
0

Kazakhstan wins bid to get Mega IP address info on state secrets hackers

Brian Miller

Re: Mega has been dubious from the beginning

This isn't about keeping something secret, it's about publishing something to the world, and getting away with it. Perhaps the person in question should have used WikiLeaks. Now the Khazak government wants to know who is the culprit. Yeah, +1 on anonymous VPN and Onion, and using a public WiFi with a modified mac address.

1
0

Bots half all web traffic

Brian Miller

Um, so? And?

Of course there's a lot of bot traffic. How does anyone think search engines operate? "Hi, but could you just please push your content to us? Thanks!" Um, no.

I've written bots, from scratch. It's not that difficult to write a bot that "mimics" a person. What is difficult is keeping the bot on the site, instead of zipping off into the rest of the web. My bots could go through thousands of sites in half an hour. For what purpose? Because there's a lot of scam sites on the web, and it's easiest to let a bot analyze and score them.

It sounds like DeviceAtlas is selling something that analyzes traffic like fail2ban blocks repeated bad logins. You don't want your site spidered? Well, that takes a bit of analysis. That's all there is to it. Could you write up something yourself? Sure.

I've heard that more than one major shopping site has been broken by a bot that "clicked" on the "add to shopping cart" link, and wound up with thousands of items in the cart. Ooops! Bad bot! Bad site! So I can see a market for a product like this, despite the hype.

2
0

Apple, AT&T, Verizon named in $7bn VoIP patent claim

Brian Miller

Re: That patent seems so general

Isn't this stuff covered in the RFCs? RFC 3581 is from 2003. Surely implementing the RFC would violate these later patents?

0
0

Russia poised to unleash 'Son of Satan' ICBM

Brian Miller
IT Angle

But what processor?

But what's the gear on the missile? We need to know! After all, they may be using the Allwinner kernel. Wouldn't it be fun to root a missile in flight?

5
0

This is what a root debug backdoor in a Linux kernel looks like

Brian Miller

Wrong string search?

Maybe the devs fixed all of the "TODO"s in the code, but this wasn't a todo...

This is why wrapping dangerous things like this in #ifdef's is a good idea.

7
0

Qualcomm goes for the grey matter with neural net SDK

Brian Miller

Brains? Or ancient gods?

Are you sure Zeroth isn't actually an ancient Sumerian or Hittite god come again to soak up all the energy of people worshiping their phone idols? Fanboys would be such a fabulous target.

1
0

Japan's Hitomi space 'scope bricked, declared lost after software bug

Brian Miller

Design, test the design, code, then test the code!

There are just some things that really must be plotted fully out, and all of those little branches must be run down! Stuff like this is why writing software is called a "trade" and not an engineering discipline. (Yes, there was a court ruling about that.) I don't care what degree you have, web pages are not like writing this sort of code!

You want paranoid? It starts with using methodologies with names on them. Then applying those methodologies rigorously! There is no such thing as, "Oh, we don't have time for that." That's just a bunch of lazy bull****, and total failure means total loss.

Immediately after the re-orientation, Hitomi’s Inertial Reference Unit (IRU) observed a non-existent roll rate around the spacecraft’s Z-axis.

Then the system just goes with the known faulty data, instead of a reliable fall-back method. This should have been seen in the initial design, before coding took place. Hello, methodologies are the blueprint from which good code is derived!

What's really awful is that "live and learn" just doesn't apply when the practitioners never apply hard-won lessons.

6
1

Must listen: We've found the real Bastard Operator From Hell

Brian Miller

Snore...

I live next to railroad tracks. The sound of a freight train going round the bend on those tracks is appallingly wonderful. A mash-up of that, cats fighting, that slowed-down modem connection noise, Tibetan gongs, and whatever else thrown in should do nicely.

2
0

Pair publishes python framework for rapid router wrecking

Brian Miller

Re: So all consumer grade routers are shit.....

There's plenty of commercial-grade routers to be had for not much money. I bought a Cisco 550-series router for under $300. There's lots of choices.

As for roll-your-own, Ars Technica has one or two articles on how to do it yourself. Plus all sorts of web projects and tutorials.

Many consumer firewall-routers can work with the DD-WRT and OpenWrt projects. Check the databases, and see if you have something that fits.

0
0

Admin fishes dirty office chat from mistyped-email bin and then ...?

Brian Miller
Devil

Re: correct the addy

Correct the address, but in a way that it will go to a different recipient!

Of course, this only works if the original recipient's address is close to someone else. But since they can't type the address correctly, why not get that email on its merry way? "Gee, I see that email didn't go to its intended recipient. Too bad you typed in someone else's address..."

2
0

Pair programming: The most extreme XP practice?

Brian Miller

Works where applicable

I've done pair programming, and it works where it works, and it really doesn't work where it doesn't belong.

Given two top programmers, one will be busy writing code, and the other one will be saying, "yep, good..." over and over again.

Given two idiots, you will not get good code no matter how many more idiots you add.

Given a senior programmer and an able novice, it's a great way for the novice to learn. I endorse that highly.

The problem is that it's pair programming, in an open and noisy environment. There's a lot of distraction, which cuts down on productivity. There's the problem that the other guy can't even type.

Pair programming can be good, but it can also be a great way to lose people.

9
0

Bibliotheca Alexandrina buys a Huawei superdupercomputer

Brian Miller

New levels of WHAT???

"...a new level of creativity will be inspired and new horizons are arising in the research domain." Yeah right! Like flops upon flops for a flop of a project is going to do anything when the populace is rioting in protest and being shot or jailed for it. Sorry, no.

Now, what would a country need with 118Tf of computing power? Especially in a country where the bandwidth could be carried in a bucket more efficiently than going down the wire? Weather? Sunny. Physics? Pyramid test, they're still there, not floating off. Data mining? Cloud computing? It just seems to be a series of non-sequiturs.

1
0

If only hackers could stop slurping test and dev databases. Wait, our phone is ringing ...

Brian Miller

Patching bad practices with stupid fixes

The first big problem is that people are using sensitive data for testing, instead of making up proper test data. If good practices are adhered to in the first place, then hackers won't pick up all those juicy nuggets left carelessly lying about.

The second big problem is a stupid fix like this. instead of replacing sensitive data with valid bogus data, they think that developers and testers should still have access to the sensitive data! Wrong! Generate good test data, and then "fixes" will not be needed.

7
1

1,000 cats await stadium-sized sandwich bag launch

Brian Miller

Re: On the other hand...

Well, according to a study, they would be landing on something feet-first, and probably survive the fall. Cats twist around, and then flatten out. Above a certain height, they can slow themselves down enough so that their terminal velocity is actually survivable.

The real question is, will they be laser-guided?

2
0

This year's H-1B visa lottery jammed full in just six days

Brian Miller

Re: The system is being abused.....

True, the system is being abused. And it isn't only by the companies. I've heard of Microsoft referred to as being an employment program. And that's really how it's treated by many who work there! "We're giving them a chance..." is what I was told when I had a semi-honest talk with a fellow about it. Why was I having that talk with him? Because he had come to me with a job offer as a "reward" for my service. He just couldn't understand why I refused, so I had to go into the nitty gritty details of the concept of how a society works, and how bright people want to be treated.

Why do companies want foreign workers? Compliance. People with real talent will quit places that suck. They have opportunities because they have the skills that employers actually need. Dunces are dime a dozen, and dunces that can be abused and still stick around are mostly found through the H1-B program. If an H1-B worker quits, they have to go home. If they lose their job, they have two weeks to find another one.

Kill the program, and let society take its proper course. Microsoft claims that they will move their operations to Canada if the H1-B program is reigned in. Ok, so go for it! Microsoft (Ballmer) said the company would be moved to China if tax loopholes were closed. The real problem is that our government caters to the rich.

12
0

Power9: Google gives Intel a chip-flip migraine, IBM tries to lures big biz

Brian Miller

Interesting niches...

When IBM told Apple to sod off because Apple represented less than 1% of its chip sales/production, Apple went with Intel and became the largest OEM using Intel's CPUs. Now, what kind of a niche does IBM really have when they can do that? I remember IBM boasting that they could host the entire WWW on just one of their mainframes. Maybe they still can.

So IBM is a niche player in the commodity data center market. Now, where is it that they are the big player? They are selling CPUs hand-over-fist someplace, but where?

1
4

Bezos defends Amazon culture in letter to shareholders

Brian Miller

Highest turnover rate

I've been told by a recruiter that Amazon has the highest turnover rate in the industry. I believe that. I worked there for several months, and there's no way I'll go back. Horrid development environment that was broken most of the time, badly written and buggy code to work with, and an incompetent manager. And I keep getting recruiters from Amazon contacting me. Blech!

Now I'm working for a company where the turnover is incredibly low, and I have my own office.

Hey, shareholders, get a clue! Oh, yeah, they aren't canny enough to read El Reg.

12
1

Inside Nvidia's Pascal-powered Tesla P100: What's the big deal?

Brian Miller

Done that...

When I worked as a technician, I used a Celerity computer as a space heater, literally. The work shop was located in a room that used to house many mainframes, and the air conditioning was still turned up. Chilly wind tunnel, that spot. So I used one of the mini supercomputers to give me some warmth at the bench.

However, a couple of these, and you'll be on the bottom of the Top500 list!

0
0

Nvidia's supercomputer-in-a-box needs 3.2kW of juice

Brian Miller

They tried that...

Yeah, Microsoft tried that, back in the day. Windows on RISC. Poor MIPS and Alpha. Really, what's the point when the kernel isn't optimized for anything, really?

1
0

NASA discovers black hole here on Earth – in its software budget

Brian Miller

Buy from big monolith or go open source

Really, guys, is IBM going to go out of business any time soon? Yes, theoretically one supplier could go out of business. But somebody hugely major? Come on!

The other avenue is to go all open source. Since NA$A is committed to writing a zillion lines of glue code, why not just make it all open source, and use open source? It's a public agency, right?

8
0

Spanish launch heroic bid to seize Brit polar vessel

Brian Miller

Re: Offended by Blas de Lezo...

Oh, my, I guess that they'll torpedo my suggestion for naming it, "George Washington".

4
0

Amazon ports Alexa voice assistant to Raspberry Pi

Brian Miller

Open source Sirius Cybernetics

"I'm sorry, I'm too depressed to answer you now. I've a terrible pain in all the diodes down my left side..."

Why bother with any of these when we can have truly "fun" digital assistants at our beck and call? Just throw on some voice recognition, and pipe through a modified version of Eliza.

1
0

Bloke coughs to leaking US military aircraft blueprints to China

Brian Miller
Joke

What, 'su -' wasn't a tipoff?

El Reg, what gives? Not one wisecrack about su /bin being able to get access to stuff? Hello? Waiting for Su Do to drop by?

Maybe we need more writers that can function at the command line.

16
0

iPad bricked by iOS 9.3? Don't worry, we'll get through this together

Brian Miller

Re: No problem here

Gee, I only agreed to let great and glorious Apple install an update! Silly me, and now the company iPad wants me to enter information that nobody seems to know. What apps are on it? Test Flight and our beta software. No, the Mac Mini that I was given wasn't the one where the iPad was originally activated.

Really, wasn't the iPad "activated" before the update? Will it download something automagically that will fix it? I have no idea.

0
0

How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript

Brian Miller

But did Kik's website go down?

It would have been truly karmic justice if by removing the NPM code, Kik's own website went down. Do they have a website? I have no idea, it just isn't worth the bother to look at them.

38
0

Google spews critical Android patch as millions of gadgets hit by Linux kernel bug

Brian Miller

Bought Nexus, where's the updates?

When I bought my Nexus, I figured that I'd be getting updates for a good while. Nope, nothing for Nexus 4. Android 5.1.1, and that's it. No more updates for you, go buy a new phone.

Or I could put the next OS myself, and do it every time they update that image. Or maybe I should run Cyanogen.

But what this comes down to, is that many many millions of devices are forever vulnerable. Gee, thanks, Google.

2
0

A Logic Named Joe: The 1946 sci-fi short that nailed modern tech

Brian Miller

Re: *Remarkably* sharp prediction?

I also read that story in a compendium. It was a very good story. A distributed search engine system, linking a global network of machines. Like a combination of Google and BOINC.

The science fiction of yesterday is all around us today. No, sorry, no flying cars, but I've seen one or two flying chairs.

3
0

Millions menaced as ransomware-smuggling ads pollute top websites

Brian Miller

Firefox and NoScript

Honestly, I have no idea why more browsers don't have script blockers like NoScript built into them. The web and Internet are so toxic, it's just pathetic. Turn off the capability to run scripts, and suddenly so many vulnerabilities just disappear.

Wanna build a botnet? Just buy some ad space, sit back and relax.

22
0

Is this Romanian man really 'GhostShell'? If so, he risks arrest

Brian Miller

My desk doesn't look like that!

Does anybody have a clean desk like that? I can't imagine anybody that actually does anything not having something on their desk besides a keyboard and mouse. Really!

And is he "GhostShell" or not? Well, he is in Romania, so getting arrested may not be a very high risk.

3
1

Here's what an Intel Broadwell Xeon with a built-in FPGA looks like

Brian Miller

Wanna play? Get it with ARM today.

This has been available on ARM chips for some time. The Parallella board uses the Zync SOC, which is dual-core plus FPGA. I remember years back that someone came up with a FPGA for Opteron socket boards.

Something like this is for specialized applications. Yes, Windows could use this, but it's not like its a general-purpose thing. You load your FPGA binary, and fire up the application that uses it.

5
0

Steve Ballmer: Get the Facts. I 'love' SQL Server on Linux

Brian Miller

Re: Windows on Linux next?

Microsoft could have released a Linux distro ages ago. After all, they had Xenix. But no, they're really good at going with a really half-arsed OS. But since they've come out with Windows 8 and 10, Linux now has a real opening because that new UI is so miserable to use!

Would Windows applications benefit from running on Linux? Yes! Part of my job long ago involved testing Windows products on Linux, under Wine. The installs took a fraction of the time that they did on Windows, and the applications ran much faster. People can joke about "Penguinistas" all they like, but benchmarks with extreme differences should make people notice.

Apple has shown that *nixes can be usable by the masses, and be the cool and "in" thing.

12
2

Hitchhacker's Guide to RSA clones conference badge with a towel

Brian Miller
Joke

Re: Really should be other methods of anti-counterfeiting

RSA is a massive security conglomeration, and the are acting like it!

Hack towel, gain entry.

The ideal would be, of course, to enter the conference wearing nothing but the towel!

0
0

Hillary Clinton private email server probe winding up – reports

Brian Miller

What was going through Clinton's head?

"Oh, hey, it's a bummer to have to keep all these papers in their secret and top secret folders. Let's pin them up on a bulletin board in the hall instead!"

Did nobody on her staff tell her that all of this was a very bad idea? Are the governments email servers really that bad? I know that at one time they were using Microsoft Exchange, maybe that's the reason all of this happened. Still, though, one would think that audits are carried out on a regular basis to prevent stupid things like this.

3
0

Facebook's Latin America veep set free by appeals court

Brian Miller

"What, you mean that this wasn't written by script kiddies?"

I do wish that those in power would understand things like math, but that wish would require several tons to pixie dust to implement. Nice that the appeals court freed him after only one day in jail, though.

0
0

Bruce Schneier: We're sleepwalking towards digital disaster and are too dumb to stop

Brian Miller

But too many devs don't give a s***

Last year I quit a company where the developers, literally, did not care about security or testing their software. Yes, testing and security was met with a literal sneer. And that was at a major retailer, where the team was writing web APIs!

So in this regard, Bruce is dreaming. Developers need to give a s*** on a personal level, and I honestly think that the majority don't care. Governments can legislate what they like, but I don't see anything that is going to cause sloppy developers to sit up and sharpen up their game.

5
0

We survived a five-hour butt-numbing Congress hearing on FBI-Apple ... so you don't have to

Brian Miller

Congress par for the course

"... the US Congress had an opportunity to force some truth into the equation. It failed to do so."

That's normal. The US Congress rarely forces truth into anything. If there is truth in a session, it's not a deliberate result or even intention.

No, it's all par for the course. Hot air in Washington, DC, global warming not blamed.

14
0

Cook moves iPhone debate to FBI's weak ground: The media

Brian Miller

FBI screwed up, wants fix

The FBI had the PIN changed for them. If they hadn't done this, they could have has access to all of the files on the phone, no problem. The phone would have done its automatic backups, and all would have been well and good.

However, the PIN has been changed, and it's going to take real effort on Apple's part to write a patched OS that will allow the FBI to use a USB connection to brute-force the PIN. Of course, Apple wants its phones (60% of its business income) to be seen as secure. Apple has the money to put up the fight, and I'm glad they are doing it.

Is this a 1st and 5th amendment issue? Well, if it's the only leg Apple has to stand on, then that's what they'll use. The government should not be able to coerce the private citizens to toil for whatever it desires. While this is about weakening security, it is also about slavery. What else is forced compulsion of labor?

1
0

Apple fires legal salvo at FBI for using All Writs law in iPhone brouhaha

Brian Miller

"the world will not end"

"So if we're going to move to a world where that is not possible any more then the world will not end, but it'll be a different world." -- James Comey

So he knows that the world will not end. And he also bloody well knows that first, the FBI is at fault for this problem, and secondly that very probably there's nothing on the device regarding terrorism. Did the Paris shooters use any encrypted technology? No, it was all normal messages.

No, the world will not end. And it will be the same world.

38
0

QLogic: Ready to get excited about an Ethernet adapter?

Brian Miller

"If I can't buy happiness..."

"Then I'll just have to rent it!" And I'm guessing that this adapter will be over $3000. Their 10Gb adapter is about $275, so for an order of magnitude more speed, the price will also be at least an order of magnitude more. Cutting, bleeding, spending edge.

1
0

Q: How many guns to arm nine coachloads of terrorists?

Brian Miller

Math time!

Let's see, at 54 passengers per coach, one weapon apiece, that's 8 coaches, as the ninth coach really would only have a few terrorists on it, so never mind it, really. But really, you'd have 303 armed terrorists, because you'd have a primary and a secondary weapon. So that's six coaches, with some room to spare.

But of course the real terrorists don't have weapons. They pass laws...

15
0

IP freely? Your VoIP phone can become a covert spy tool...

Brian Miller

Source article is more informative

There are actually two problems with the phones: #1, You can call from the web! #2, No password, or bad passwords.

Take a look at problem #1! The phone's web UI allows the user to place a call. The phone will automatically go on speakerphone, thus sending all audio out to the attacker. This isn't about sniffing the network traffic, it's about taking control of the phone and making it place calls without you noticing. At a minimum, this means that premium rate numbers can be dialed, racking up your monthly bill.

Problem #2 is same old, same old. Hopefully the phone can be set up automatically, like many VOIP phones. This needs to be done, and not ignored until later.

0
0

App for homeless says walking on water is the way to reach services

Brian Miller

Re: It is just me?

In Seattle, there's quite a few places where the homeless congregate to charge their phones. I don't know the approximate numbers of those who have a phone, just that a good portion of them do.

The real question is, was the data accurate? Were there actually local services that were not displayed?

Or is it an attempt to solve the homeless problem by getting them to swim to Tasmania, where the survivors will be eaten by Tasmanian Devils?

1
0

Berlin takes down ‘for sale’ sign over top Nazi’s love nest

Brian Miller

Trash heap

Why nobody wants it:

"At present there is no heating, no running water, there is serious damage to the facades, the roofs are falling apart and inside there is a lot to do too," Moehring admits, saying renovation costs would be "considerable".

It's a heap, so of course the best option is to raze it. House refugees in it? No, that would not do because the conditions would be substandard. I'm sure that there are enough refugees who have the necessary skills to do the work, though. Actually, that's a great option for a lot of unused government buildings. (And why is the government so intent on building more when they have so many vacant?)

1
0

If you want a USB thumb drive wiped, try asking an arts student for help

Brian Miller

Encrypted drives

A while back for grins and giggles I bought a couple of self-encrypted drives. Ones with keypads on them, so if I needed, I could use them with something other than Windows. The drives are slow. Sure, the manufacturers claim that the new models are faster, but there's a price to be paid for your data being encrypted before it gets written to the drive.

A problem with the Windows drives is that each of them wants to load a utility into Windows to access the data on the drive. So your Windows machine is going to wind up with a zillion utilities in it for all of those drives. And then what happens if your OS goes titsup? Bye bye bytes!

Currently both Windows and Linux have encryption for removable file systems. The user just has to be aware of them, and put them to use.

1
0

US Navy's newest ship sets sail with Captain James Kirk at the bridge

Brian Miller

Re: Stabilty

And cost! The program so far is over $22 BEELION dollars, with the Zumwalt's "unit" cost nearly $4 BEELION dollars. Is this running Windows for Warships? "Captain, it's a blue screen!" "Quick, reboot the computer before we capsize!"

Never mind an iceberg, the Navy has Windows...

13
1

Page:

Forums