566 posts • joined 3 Jul 2007
Profit wouldn't slip if they wrote better games
How many times has Halo been warmed over? Valve gave up on Half-Life. Fallout drags on and on. But how much have these really evolved from release to release? Not much. Basically the same game play, with different graphics and weapons. Whoopee.
Do we see artificial intelligence? No. Not even on the level of Eliza. It's pathetic, really. Why bother mashing the keys all over again when the game is just the same? I'd love to see something that was sketched out with the "Nonplayer" comic. But all we get is a slight variation on the same theme. Ooh, different clothes and weapons! Might as well be Sailor Moon wiping the floor with Barney the Dinosaur.
Everything has flaws
Everything has flaws, especially code that's just hacked together. The question is, how bad are these flaws? Is the flaw something that we can expect to be exploited by a script kiddie, or is it something that leaks data that requires mathematical analysis for it to be informative?
If the Tails distro has bugs in it like fleas on a junkyard dog, I want to know! Not only do public alerts tell us what's going on, but it gives those of us who code a chance to fix problems.
Boots on Mars and break a leg
Not only do we need a big rocket, we need some sort of artificial gravity on the way over! By the time the astronauts arrive, they'll have lost enough bone density to break their bones in the reduced Martian gravity.
Better to just send a pair of boots and a Playmonaut to Mars, and then call it a day.
Story behind Seattle layoffs
OK, the story behind the Seattle layoffs is that Microsoft is ditching its testers. This sounds like a joke, but it isn't. They figured that since 30% of the bugs are found by developers, 30% by testers, and 30% by customers, they'd just ditch the majority of the testers and have the developers do more testing.
Unfortunately, this means that the customers will now be finding 60% of the bugs.
The testers who do remain will be "focused" on testing "scenarios" of customer usage. Unfortunately, the management has no clue what these scenarios might be. A couple of years ago I was in a team that decided to go with "scenarios," and we were given no information about how a customer might use the product. I honestly regard scenario testing as entirely futile.
Microsoft just might as well go with the full cost-cutting finale of, "fire the smartest people because the cost too much."
Watch out for sneaky Argentinians...
And now Argentina makes a sneaky move for the rock in response to the Falklands...
As for RRS James Clark Ross, why shouldn't they be in the neighborhood? The antarctic is cold! Actually, I'm surprised they aren't in Tahiti or some such.
How the other (less than one-) half lives...
My, there's £19,999 I'll never spend! Nice that when you're viewing people (werewolves?) with yellow eyes you'll have great color. Maybe as you barricade the door and arm yourself with your custom hunting shotgun, you'll be able to take them on the rise after they smash down your door and leap for your throat...
Or maybe you'll have a better target for your Nerf Gatling gun.
According to other boffins, won't work
I saw the response to this from other scientists who actually study meteorology and climate. For some reason, the low mountains in the exact area these walls are proposed aren't doing anything to even slow down the formation of tornadoes.
However, if it were proposed to build a sculpture the same size, I bet it could get funding.
Oh, like the average muddlehead has a choice!
"Repelling cybercrime is not the responsibility of individuals." -- Amichai Shulman
Oh, really? Which part of, "DON'T CLICK ON THAT!" is somebody NOT supposed to miss?
A neighbor of mine, back in the late 1990s, bought himself a computer, and I helped him get set up with the Internet connection and all that. So he's browsing around the web, and there's a banner ad claiming that he has mail. So he clicks on that and lo and behold, the browser jumps to a site that he didn't actually want to visit. Well, duh!
I set my landlord's new notebook computer up for him. He calls me up, says he can't get to the Internet. I come over and take a look, and it's fine. Turns out that he thinks the Internet is Yahoo!, and if that isn't the start page, then there's no Internet.
We have crap OSes, browsers, etc., and nobody has a choice but use the things. The average person out there really does need to learn to lock the door and bar the windows, because that's what the environment is! The police are only part of the answer, but there's precious few among them who have the skills to do a serious net dive and parse apart a botnet or other network.
If it's the job of the police to secure the net, then it's the responsibility of Microsoft, et alia, to write good and secure software. And Microsoft and the rest should be fined, and hard, for not doing it! Using best practices means actually using best practices! Not publishing a book about it, and then writing the biggest bunch of crap code I've seen.
But the muddlehead is going to keep clicking on crap, because they are muddleheads, and all they've got to use is a crappy OS.
Intel catches up with 2006
DRC Computer Corp. and XtremeData Inc. were doing this back in 2006 with the Opteron. Not on the chip, of course, but as a coprocessor in another Opteron socket. It's pretty easy to find this with a web search.
Big = evil?
Although Google's informal motto is, "Don't be evil," it seems that as companies grow large, they grow corrupt. The latest has been Amazon's attempt to squash publishing houses, and Google is squashing independent music labels.
What this really means is that publishers need to ditch Amazon, and all artists need to ditch YouTube. When whatever alternates they land on get too big and become evil, then those get ditched and the artists move someplace else.
She reads El Reg!
Come on now, folks, she reads The Register! Now, isn't that just significant? In just a little bit she'll be able to correct her website by reading all of these erudite articles and comments.
So let's see the business plan here: collect gnomes, ... something else ..., and no profit at all.
OK, so I guess the whole idea needs work yet. Don't worry, the comments section is on the job! Don't worry, Lily, we'll definitely tell you how to do it right!
Just wait until next year!
Since there's nothing that anybody can actually do about the weather, just wait until next year to see who's right. None of the nations will stop their CO2 emissions until there's nothing to fuel the factories and power plants. After that, the lights will go out, and it'll be the dark ages (literally!) for all of us.
Doesn't the NSA have something?
With all of the data hoarding the NSA has been doing, don't they have something they can let the Secret Service use? "Look, we've got some great regular expressions posted on the wall here." "Does that work in Internut Exploder 8?"
Maybe the Secret Service should just outsource the problem to Amazon's Mechanical Turk. Oh, but you'd need people who speak English and can recognize sarcasm...
Bruce Schneier *doesn't* reveal what he'll use
An article from years back, Bruce Schneier says what he'll use. But as for what he's using now, he doesn't say. In fact, he writes in his blog, "I have no idea what's going on with TrueCrypt. ... I suppose we'll have to wait and see what develops." No word about his current disk encryption, if any.
Recently he posted that he bought a new notebook, bought with cash from a local store. I suppose if he's using Windows 8 Pro, then he could be using BitLocker. I do know from his blog that he doesn't use Linux, primarily because he's never bothered to learn it.
Certainly, everything is open for speculation. Ending a project for a "dead" OS is a decent reason as any, I suppose. I jumped from Win XP to Linux on my old notebooks, and I suddenly I got full performance again.
Re: Tape is dead!!!
Is it OK if the tape takes the tube instead?
Beware hokey religions and ancient mantras
“Why do you say we should not innovate?”
You'll never win when you try to challenge someone's hokey religion and their mantra of "innovate." They aren't solving problems, and they know it. They know that they are trying to suck down government money. They are going to give their stupid presentations until they run out of cash, and then find something else to wave around as their new banner.
Celebratory ice cream?
Will Ben & Jerry's be releasing Gravity Wavy? Or Big Bang Butterscotch?
Might as well file, the computers are in the closet!
I still have a couple of the systems gathering dust in the closet. So why not file? I can actually show the memory. They don't ask for any proof, though, like sales receipts. If I were them, I'd be asking for some proof of purchase. That would cut the claims down!
No real banks are messing with BitCoins
Anybody notice that no real banks are messing with BitCoins? And all of the sites that are screwing around with them can't write basic financial transaction software?
Protocol review? Hello?
How many times will it be before these "banks" review their transaction protocols? And how long before BitCoin users will read the terms of service, and not use a "bank" that declares they aren't responsible for what you store with them?
Rootkit playing tunes?
This sounds really bizarre. Why would a piece of malware literally toot its own horn? The whole purpose of a rootkit is to hide and be stealthy.
The second question is, what was it doing? The thing is, remote administration is not the way to go here. Admittedly, I'm one of those fellows who does know how to use a kernel debugger and a network sniffer, and I have a 16 port managed switch just for what's at my desk.
The first thing I would have done is, as Nigel 11 noted, run from a live CD and scan the drive. When a rootkit gets into the system, it then normally removes itself from the various process lists, or renames itself to something innocuous. The next thing I would have done is to look at the network traffic, using a different machine. OK, so I'm using switches that allow port mirroring, or else you'd have to keep a real hub handy. So I'd look at the network traffic. Today's malware usually wants to communicate on the network. So what's the traffic look like? Sending spam? Scanning? DDOS?
Something is fishy about just playing random tunes.
Re: Dedicated mining ASIC chips etc won't crack passwords without modification
To actually turn an ASIC chip in to something to brute force a password would require changing the ASIC chips in a big way, I'd guess. Not to say someone (read: NSA) wouldn't do that.
An ASIC can be altered by the person implementing it. There are many different types of ASICs, from ones that must be fabbed, to ones that must be programmed by a device programmer, to ones that can have their logic changed in the field. When the Opteron first came out, there was a compatible FPGA chip that could be dropped into a second socket, and could be reprogrammed for specialized tasks rather quickly.
As for breaking passwords, there was an article a while back on Ars Technica about using video cards for that task. So between rainbow tables, known passwords, dictionaries, and brute force, it's a bad time for conventional passwords. Especially 123456!
All your passwords are belong to us!
The guys who will really go for the used video cards are the ones who can profit the most from them. Got a database full of "encrypted" passwords? Not for long! Then they will be plain text passwords.
Of course, all of these video cards could be scarfed up by science! Yes, you have a research budget, but no supercomputer. What to do? Lay your hands on that cheap post-coin goodness!
Also, the user needs to click yes on the notice, "Do you trust this computer?" Most will probably say yes, but as mentioned, debugging needs to be turned on, and that is now "hidden."
Re: Haven't you seen Fringe ?
If the USB spy cam was like this one, then there really isn't a lot of volume there.
I'm not an explosives expert, but I think that C4 requires a detonator stick of some sort, i.e., a blasting cap to set it off properly. Doesn't it just burn otherwise?
So you'd have to have a tiny blasting cap, that might actually not do the job, and some HE, all in a very tiny space. Now, just taping it to the wall in the loo would only make it a noisy firecracker. Sure, it would cause the plane to land, but I doubt it would cause any injury. Perhaps it would cure constipation, though.
More training needed?
What's nuts for this is that people think that something very, very small can blow up an airliner. Anybody remember the anthrax mailings? People were freaking out about dust on the shelves.
Sense of adventure, sense of reality
"Men wanted for hazardous journey. Small wages. Bitter cold. Long months of complete darkness. Constant danger. Safe return doubtful. Honour and recognition in case of success. —Ernest Shackleton."
Shackleton was honest and had a sense of reality. For this program, neither the organizers nor the hopeful participants have any sense of reality.
"People wanted for fatal journey. No wages. Bitter cold. Long months of complete boredom. Constant danger. No safe return. Honour and recognition as a footnote in television history in case of non-fatal landing."
I'm guessing that we should wait to launch humans to Mars after we've built a decent space elevator.
Re: The law is not the answer
"The same way the law favours you when the Daily Mail steals your photo."
You mean like the fellow who finally won out against the Daily Mail, but it took years? (There's too many search hits for the Daily Mail stealing photos.) Sure, the law favors your, but it will take a lot of effort, and it definitely isn't as easy as clicking through a few forms and getting a payout.
Re: It's not the code that matters
Code well, and debug well! I've had to debug another fellow's code that did intermittent overwrites due to network buffers being allocated on the local stack. Of course after the function ended, the IP data still went to those locations! Eww!!!! One fellow I worked with constantly sabotaged my code. He thought he was "improving" it.
Not quite the first thing to take out...
A highly visible laser truck is going to be the first thing any enemy will want to take out.
Actually, it's the Signal Corp that is the first target. Shut down the enemy's communication, then lay into them.
Schneier blog already went into all of that
Theodore Ts'o, the original developer of /dev/random, also chimed in on the thread.
Too bad US traffic laws don't include the fact that people are responsible for their actions. When I was in Germany, I was told that if a child runs out in the street and gets hit by a car, it's the parent's fault for not training the child to stay out of the street. But one story sticks with me: protestors had "blocked" the road to a facility (nuke? I can't remember.) by lying down in the road. Then somebody, upon seeing this, jumped in their car, and drove down the road, full bore. Only seven or so protestors got their legs run over, and the rest had the sense to get out of the way. I was told that no charges were applied to the driver.
In Washington state, for a while it was fashionable to have protests on the freeway, until the legislature finally passed a law effectively banning the practice. Perhaps SF needs to do something similar.
Re: Nice idea
The Aladdin brand kerosene mantle lamp puts out something like 60W of light. I bought one, and when the power went out, oh is it great! My home looked like the power was on, but it was just a kerosene lamp. A standard wick lamp is quite a bit dimmer, though. Since I now live next door to the power company, the electricity rarely goes out.
The best alternative to the lamp is the Uco candle lantern, and I've lit my living room with one of those hanging from the ceiling light and using the top reflector. However, it's slightly more expensive than the gravity-powered light.
I can see this as a reasonable thing. Think of the alternatives: running a light off of a bicycle generator. The good generators are rather spendy, and that's for a first-world budget!
Re: All I can say is this...
And watch that long password fall to a dictionary attack. Ars Technica: “thereisnofatebutwhatwemake”—Turbo-charged cracking comes to long passwords, and How the Bible and YouTube are fueling the next frontier of password cracking. 1000 guesses per second is stupidly slow. Try 30 billion per second!
Shoot the drone when it's in range!
The drone isn't shot on the wing, it's shot on the rise. Let it deliver the package to the neighbor's house, then shoot it.
As for landing accuracy, I'm sure that a delivery drone would have a camera to observe for a landing target. The GPS just needs to get it within 15ft.
And as for drones out of 12-guage range, that's what the USB-activated Raspberry PI-controlled SAM is for.
Re: No video?
It's over in just six frames. Not enough for a video.
I love the hunting strategy: sneak sneak sneak NAB
Re: Keeping secrets...
Hmmm, tweets from the twitterati that nobody can read.
Is there a down side to this?
Why buy when you can rent?
Amazon throws together 26,496 cores, and gets ranked as #64 in the Top 500. Cycle Computing rented 156,314 cores for $33,000 and got a petaflop for 18 hours. Now, isn't that more effective than mandating the government has to fund everything?
Face up to it, web searches and cat videos will drive advances in computing, not the weather.
I'm shocked, shocked to find that ...
"I was quite shocked," he said on Friday. "They went and copied the iPhone."
Like Apple copied Xerox? Hello??
Re: The next giant leap
"And does anyone actually teach efficient software development anymore?"
You have a very valid point. When I went to college, we were taught multiple software design methodologies, such as JSP (Jackson Structured Programming) and Warnier-Orr. However, I've never met anyone at Microsoft who had ever heard of such a thing. Not JSP, but simply the concept of structured software design. Every single person I met there with a BS or above had no clue about doing anything except stupid tricks that didn't work on a real project.
JSP is like a hot chainsaw through soft butter when it comes to slicing and dicing stream data. I'd get asked, "how do you do that?" And I'd show them. And I'd get blank looks from people with glassy eyes.
The next "frontier" is software, and it's a frontier that has never kept up with hardware. What's the latest development? Everything runs as a scripting language so it's all "open." Stupid. But at some point we'll see a real OS for high performance computing, and the kernel, etc., will be really small.
Big difference between search and surveillance!
There's a big difference between watching what you do in public, and rifling through your stuff! Like the EFF, I'm disappointed in the Supreme Court. They chickened out. Who does the public go to for redress?
Cell phone yakking != good driving
I've seen this before. A driver, in the fast lane, went from 65mph to 50mph because he got a call on his cell phone. No brake lights, he simply took his foot off the gas and kept driving at 50mph with his cell phone in his hand.
Some people have very limited attention spans. Either they drive, or they talk. But they don't do both.
The IT angle? The computer should drive the car. Right off to the side of the road, and then shut off the engine.
How many Reg hacks does it take...
Why does it take the three of you to produce an article? And about a blog entry, no less.
Try this headline: "Muppet puts head up arse," or, "Internet found to work as advertised on the tin."
I'm sorry, Dave. I'm afraid I can't do that.
Love the wish list! Especially all the packet capturing.
Honestly, a lot of what you want is not software, but hardware. Seriously expanded hardware. "What was the traffic for the last five minutes?" On what again, on how many ports in the system? You want something that the NSA would love, and only the NSA would be able to pay for it. Routers have 256Mb to 512Mb of memory, and switches have practically none. And you want the last five minutes of traffic available for all of those ports?? Insert appropriate Cheech and Chong quote here.
The reason that you haven't seen things like this is because companies don't devote a lot of resources to creating monitoring tools. When I worked for a "very large" firm that produced such a package, the development team wasn't very big. What you have asked for is rather close to Los Angeles asking for fiber, WiFi, and unicorns for everyone.
Sure, what you want is technically feasible. But at what cost? "I want a fancy flying fortress for two Cracker Jacks box tops."
"I'm sorry, Dave. I'm afraid I can't do that."
Something for politicians!
Now, if only we could get these onto the necks of politicians, I think we'd have a much better government. Of course, they might need to be tranquilized and tagged first.
OK, so what can *we* do?
Motorola is assembling its X phone in Texas. So is the next phone we buy Motorola?
I buy green coffee, and there are a variety of certifications, like "Farm Gate" or "Fair Trade." But what do we do for consumer electronics?
Re: What happened...
You (the system administrator) can't test it before it's applied. (Well, I couldn't do that with McAfee a dozen years back.) The definitions go out automatically, because you'd be testing those definitions every day, and the sales staff are opening dodgy attachments right now.
The real question for the various AV firms, and they've all been hit with this, is how did it escape their testing??? Shouldn't this stuff be automatic? Shouldn't the testing come up and say, "hey, this borks a normal installation," and raise a big red flag?
Basic education first, fairy stories, and discipline
Here's how to get children into the technical fields: read them fairy stories, and then read them more fairy stories. The imagination has to be sparked, and it has to be done at an early age. The basics of education need to be addressed, and also both a work and a play ethic has to be instilled. There are very, very few children who do this, and then retain it later, by their own nature. Mostly the education system seeks to batter down young minds, and smash everybody into the same can and label.
Another thing is discipline. A cousin of mine related to me her experiences trying to teach grade schoolers. The children were jumping up and down on the desks, totally out of control, and of course she couldn't thump them to make them behave. How do you teach discipline to children without disciplining them? Writing quality code takes discipline, and to really pursue it as a career means that you'll have to have that discipline for 50 years. It's learning and adaptation.
Read the Ars Technica article about Lavabit's technology
This actually wasn't a very secure system. I'll take a pass on Lavabit's bits.
- Updated HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
- Peak Apple: Mountain of 80 MILLION 'Air' iPhone 6s ordered
- BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
- PROOF the Apple iPhone 6 rumor mill hype-gasm has reached its logical conclusion
- US judge: YES, cops or feds so can slurp an ENTIRE Gmail account