Feeds

* Posts by Bronek Kozicki

1118 posts • joined 6 Sep 2007

Page:

US Social Security 'wasted $300 million on an IT BOONDOGGLE'

Bronek Kozicki
Bronze badge
Joke

Re: Amateurs

I imagine this dialog:

Obama: duh

Cameron: amateurs ...

0
1

The answer to faster wireless is blowing in the wind

Bronek Kozicki
Bronze badge
Joke

it's all hot air

0
0

BT: Hey guys, we've developed NEW MOBE TECH! It’s called... 2G

Bronek Kozicki
Bronze badge
Megaphone

Hm, picocells .... can those work with SIP?

Now I want SIP phone gateway which would be also 2G picocell for my home, to make my SIP numbers available on my mobile when I'm at home and allow me to make (cheap) SIP calls automatically from my mobile. Because, honestly, SIP handsets rather crappy.

0
0

HP's Machine and IBM's $3bn R&D splash – aka how to survive Google

Bronek Kozicki
Bronze badge

Re: Do we need more original research into proprietary hardware?

These guys are planning to disrupt the market, before declining hardware curve drives them into the ground. This is good plan. Also, software has a tendency to expand to fill all available hardware, while occasionally delivering new important technology - so it is actually worth inventing new hardware to allow these new software technologies to be invented.

For example: massive parallelism still hasn't found good software solution, because existing model based on critical sections does not scale with program design (it forces tight coupling), while transactional memory might scale, but is inefficient due to poor hardware support.

0
0

Climate: 'An excuse for tax hikes', scientists 'don't know what they're talking about'

Bronek Kozicki
Bronze badge
Pint

@Ledswinger

This one is on me.

4
1
Bronek Kozicki
Bronze badge
Paris Hilton

It took all my willpower not to downvote you, but the weird thing is - I do not know where did that came from.

Should I believe in human-induced global downvoting trend? What if some disaster happens before it's too late?

So many questions ... thus icon.

0
0

Hey Intel – that new Pro 2500 SSD looks awfully familiar

Bronek Kozicki
Bronze badge
Holmes

Re: it's a step backwards

You got it backwards. It also does not help that one has to pivot the tables to actually compare anything. Here is handy table:

Model 1500 Pro, M2: active 140mW, idle 55mW, sleep 0.2mW

Model 2500 Pro, M2: same as above

Model 1500 Pro, 2.5": active 195mW, idle 125mW, sleep 5mW

Model 2500 Pro, 2.5": active 165mW, idle 55mW, sleep 5mW

You are welcome.

7
0

Microsoft: You NEED bad passwords and should re-use them a lot

Bronek Kozicki
Bronze badge
Thumb Up

Re: 2

Hah, the math makes sense, so my "arguable" turns into "definitely wrong". Thanks for proving it!

1
0
Bronek Kozicki
Bronze badge

Re: Password Managers?

Wasn't there a post the other day stating that they were also insecure and open to hacking?

They are IMHO, a single point of failure.

Yes, there was. Useful research but in case of LastPass , it's a FUD. The problems discovered have been fixed last year.

Although of course, it is risky to put all eggs in one basket, and I'd love to have something better to replace all these passwords. For now though, password manager used in a correct manner seems to be the best solution.

4
0
Bronek Kozicki
Bronze badge
Boffin

Re: Password Entropy

There are two problems with this 1. plenty of password fields have an unreasonably short limit on a number of characters in a password, thus preventing use of a reasonably long passphrase 2. it is arguable whether a passphrase (build from dictionary words) actually has large entropy, since it can be brute cracked simply in (dictionary size * variations)^(small N) tries, rather than characters^(large N)

1
5

Home Office threw £347m in the bin on failed asylum processing IT project

Bronek Kozicki
Bronze badge
Mushroom

Re: Crazy

For goodness sake, use icons as appropriate. I was thinking "joke alert", but changed my mind ... because your comment might very well be spot-on.

2
0

Major problems beset UK ISP filth filters: But it's OK, nobody uses them

Bronek Kozicki
Bronze badge
Megaphone

actually ...

... I might be tempted to filter IP traffic at home, but under following conditions:

* I own the box which does the filtering

* I decide what is being filtered

* I decide which of my home computers are affected by the filtering and which are not

* The box supports both IPv4 and IPv6

Anything else - f* off, it's my network and I decide what enters it.

10
0

Will the next US-EU trade pact prevent Brussels acting against US tech giants?

Bronek Kozicki
Bronze badge
Facepalm

Re: Please tell me I'm wrong...

Speaking about contract law, you might have spotted phrase similar to the following in contracts "if any clause of this contract is found to contravene local laws or be unenforceable, only such clause will be deemed void, while the remaining clauses of the contract will remain valid and binding", or to such effect. This is to prevent the whole of the contract becoming invalid if any of its clauses is found illegal. How does it happen that some clauses are deemed to contravene local laws? Because laws were made to protect citizens, for example by making it illegal to sell your body parts. Such laws are made by lawmakers, subject to government initiatives.

Now, if a company was to make a business model as an "agent for direct acquisition from donors and selling of human body parts for transplants", any contracts signed under such business model would be deemed invalid. Now, imagine what happens if companies are given the right to sue lawmakers for a reason that laws are hurting their profits. This means that companies can now shape the laws in their favour in order to maximize the profit, and this also means that they can legally force lawmakers to remove such laws which make the above mentioned business model illegal and invalid!

Welcome to the world where companies can force governments to remove laws which protect citizens, if such laws happen to hurt profits.

9
0

LibreSSL RNG bug fix: What's all the forking fuss about, ask devs

Bronek Kozicki
Bronze badge

Re: What is cruft, what is security, and can the LibreSSL programmers tell the difference?

It's been "fixed", by seeding RNG with your private keys. Thank you for such "fix", I'd rather not see something like this in a program I am using. Especially since OpenSSL is unable to provide a guarantee or verify that RNG subsystem is indeed trustworthy one and won't steal your private keys.

Remember, no library can fix security flaws of the underlying operating systems - at best it can work around them. If you want an illusion of security by deploying ever more elaborate workarounds that's your problem, but I'd rather leave it to people who know about security more than you do (or OpenSSL team does).

10
1

LibreSSL crypto library leaps from OpenBSD to Linux, OS X, more

Bronek Kozicki
Bronze badge

Re: Code size

No, they wouldn't. Code size is not the only thing that matters - coupling is the same, if not more important. Think of it as the possible number of permutations in a group of elements (elements being design artifacts, ie. functions in C language). In a design with qualities of a hairball (anything connects to anything), the number of possible permutations can be huge, despite the total number of lines "merely" going into many thousands (below million). In order to understand it, you need to read it all and then build mental model of everything there is. That makes for very high barrier to entry.

The purpose of good software design (each language provides own design tools for this, in case of C that would be private headers, static functions etc.) is to control and lower the number of possible connections, thus lowering the overall complexity and the cost of reading and contributing code - despite total code size remaining roughly the same, or perhaps even slightly larger (depending on design tools used).

Of course, LibreSSL didn't set to increase the codebase with design artifacts. They set to remove all dead code first, which obviously is a very good way to start such a project. They are also limited by public API of OpenSSL which makes lots of private functionality available to users unnecessarily. But they are to a good start and I wish them well, enough to setup monthly donation.

9
0

El Reg nips down IKEA's 'I've Got A Screw Loose Street'

Bronek Kozicki
Bronze badge

massive rock, you say? Something's wrong with my eyes, I read that word differently first time

7
0

Microsoft, Red Hat, IBM and others help Google build cloud Trojan Horse

Bronek Kozicki
Bronze badge

Microsoft?

I think this is the most interesting bit here - they are going to support containers (i.e. kind-of virtual machines) running inside actual Linux virtual machines running on top of Windows.

1
0

Metaswitch opens NFV code as Project Calico

Bronek Kozicki
Bronze badge

the question is ...

will it work with IPv6 ?

0
0

Oh SNAP! Old-school '80s Unix hack to smack OSX, iOS, Red Hat?

Bronek Kozicki
Bronze badge

Re: Very unclear

rm "Important File.ows" "shellscript.sh" "My \"Expenses\".ods" "-rf"

When writing C (or C++) program parsing parameters like the above, you will find that the last parameter "-rf" was passed by shell to your program without surrounding quotes. Thus this gained nothing :(

Of course you might be advocating that quotes surrounding parameters should be passed to program (also when put explicitly by the user) but I'm not certain that this is good idea. For one, how do you pass a filename starting with quotes to your program and make it understand that these quotes are part of the filename, not a decoration?

It is up to program to decide what is filename and what is option.

1
0
Bronek Kozicki
Bronze badge
Boffin

Re: Very unclear

The problem is parsing of filenames by traditional unix utilities, since "everybody" knows that if a filename starts with dash (i.e. - ) then programs will parse it as if it was an option. That's why some programs support -- after which everything will be interpreted as filename, even if it "looks" like an option.

As for actual vulnerability .... well if you are running shell scripts as root and these use globbing, and it never occurred to you that users might have files starting with a dash ... now it time to start checking these scripts.

9
0

'I don't want to go on the cart' ... OpenSSL revived with survival roadmap

Bronek Kozicki
Bronze badge
Holmes

Re: positively surprising

I tried to use OpenSSL in my own home project, and like everyone doing it I had to read some parts of the code, because it is very poorly documented. If you do C or C++ programming for a living, reading this code will yield a stream of "WTF" because the code quality is really, really bad. I do not remember much detail, but my impression at the time coincides with what you can read on OpenSSL Valhalla Rampage now. Tons of dead code, even more useless macros, plenty of unintuitive functions incorrectly replicating functionality of C library, support for long dead platforms, everything done on unsafe pointers with fancy allocators etc. Above all, I was really bewildered that this seemed to work. Didn't have time to dig deeper beyond making my project to use it in somehow correct manner.

4
0
Bronek Kozicki
Bronze badge
Thumb Up

positively surprising

This is surprising news and I hope they sincerely mean what they write. If indeed OpenSSL sticks to the plan to remove dead code and cleanup the rest, and also to improve its processes and response times, it would be great. In fact, that is exactly what the project needs

However I would not expect publication of a timeline any time soon. I do not think it is possible to tell how long it would take to clean up the mess that the code is right now, without spending significant time studying all the dark corners there are. Which is fine - take your time, but do it right.

OpenSSL demonstrated to the world that they take the critique seriously, now they need to demonstrate that they know what they are doing. Which means hard work and is good use for the money pledged to the project so far.

3
0

Keith McMahon, tech analyst, dies at 50

Bronek Kozicki
Bronze badge
Unhappy

sad news

condolences to family and friends.

1
0

Microsoft's anti-malware crusade knackers '4 MILLION' No-IP users

Bronek Kozicki
Bronze badge

Re: Own goal!

.... my email is not arriving today either, but I would not connect this with Microsoft.

0
1

Zero-knowledge proof crypto scheme divines truths from nothing

Bronek Kozicki
Bronze badge

Re: No E-Voting cannot be democratic

on the other hand, if voting was to be performed at the pooling station but replacing paper vote with computer terminal, it would certainly speed up vote counting. At the expense of making it vulnerable to vote manipulation in which case proof such as this might be helpful.

Still, I am not convinced it is worth the trouble. No matter how good your machinery is, if nothing is done about election fraud

9
0

Indie labels: 5 reasons why we're hauling YouTube before Euro antitrust watchdog

Bronek Kozicki
Bronze badge
Alert

as much as I hate EU

... I must admit that its competition commission seem to be actually doing useful job. Hope they show some teeth this time!

10
3

US Supremes just blew Aereo out of the water

Bronek Kozicki
Bronze badge
Unhappy

bad news

(no text here)

9
1

TIME TRAVEL TEST finds black holes needed to make photons flit

Bronek Kozicki
Bronze badge

well, all right

so what they tested basically was that in the presence of strong relativistic field (black hole, for example), wave function of a quanta can be replicated, without it collapsing first.

0
0

LOHAN in FIGHT to DEATH with brace of cantankerous canards

Bronek Kozicki
Bronze badge

Re: Alternate control method.

Ah yes, there is distinct lack of bearings around the axle mounting the wing. However, given the temperature in which this has to function (some -60 Celsius) I am not sure that this is a bad thing. Low temperature grease is the most important thing here, and forcing it inside bearings (to avoid any trace of water which would freeze) might be difficult.

0
0
Bronek Kozicki
Bronze badge

What type of servos do you use?

I bet there would be no rattling of any kind if you used something like this. Assuming your battery can provide enough current without melting cables or anything in between.

0
0

COSMIC BELCH from supermassive black hole stuns boffins

Bronek Kozicki
Bronze badge

Re: "Bad gas ... Artist's impression of a black hole"

Black holes are very messy eaters, some 40% material escapes it, and it is this escaping matter which is illustrated. Wikipedia article shows impression on a black hole in empty space (and very close, too), but this is not the the case here.

4
0

BlackBerry bottoms out: Vows to wow with new Berries

Bronek Kozicki
Bronze badge
Thumb Up

wish them all the best

I have private BB with keyboard and it's really great device for emails and messaging. I feels little long in tooth now, but I just do not want to switch to touch-only devices. Q10 missed some features and I hope they can fix it.

Also, I really hope that BB will continue to develop and support this great real-time and POSIX compatible OS which is QNX. But to do that, they need to survive.

1
0

Apple SOLDERS memory into new 'budget' iMac

Bronek Kozicki
Bronze badge
Joke

Re: Repairs

well, that is exactly what Apple PR will say:

With the new and revolutionary soldered memory chips, we give our users guarantee that no bad memory modules can be installed in the machine, first time in the history of IT industry

6
2

Today's get-rich-quick scheme: Build your own bank

Bronek Kozicki
Bronze badge

Re: Im in.

Ah, right. Overdrafts (and any other kind of lending for account owners). That's one thing such a bank wouldn't have.

This is obviously competitive disadvantage, but would it scare customers away? Perhaps not. The difference between such a bank and teapot is that you actually cannot rob a bank which keeps all the money at the central bank. I guess that someone might like this extra security.

5
1

Tor is '90 per cent of the net' claims City of London Police Commish – and he's dead wrong

Bronek Kozicki
Bronze badge
Pirate

Hilarious

This implies that if you put something on the internet but do not make it available to everyone, using all the appropriate protocols like unauthenticated http, DNS name under official root, easy to parse by search engines HTML format and no robots.txt , that makes you some part of the "internet underground".

Well I wish everyone was part of this "underground", it is high time we learned how to use the web without exposing everything to everyone.

49
0

Tom Hanks NICKED my COPYRIGHTED PIC, claims Brit photog

Bronek Kozicki
Bronze badge
Flame

@Fink-Nottle

If you dig deep enough, you may find some coal. Is that why you are doing this?

0
0

Car titans WON'T STEAL our tech, says Musk: DAMNIT, I'll GIVE IT to 'em

Bronek Kozicki
Bronze badge
Coat

This certainly

.... says a lot about confidence Musk has in Tesla technology. By contrast, it also says how insecure other large companies feel about their products.

The one with apple in the pocket, please.

0
0

S is for SMACKDOWN: Samsung takes Galaxy Tab slab war fruit-side

Bronek Kozicki
Bronze badge
Mushroom

Re: AMOLED screen ?

According to Wikipedia page, Nexus 10 has LCD screen. Now, look at AMOLED stated in bold letters above ...

2
0
Bronek Kozicki
Bronze badge

AMOLED screen ?

10.5 inch with resolution 2560x1600? I think that's first, in this price bracket. I wonder how bright the screen is, when viewed in full sun.

3
2

Tech companies are raising their game (and pants) post-Snowden

Bronek Kozicki
Bronze badge
Holmes

I upvoted John Smith on the basis that remaining "0.03% weakness" of the protocols has no technological basis, but sociological one. No matter how perfect your technology is, if someone with court order turns at your door, you have no choice but to cooperate. Of course ideally you should have no technological means for this, but in reality more than few protocols are built on trust (which can be subverted). Should these protocols be redesigned? Yes of course. Is this achievable goal? Not in 100% ...

0
0

Japan's DOCOMO suggests wearable SIM cards

Bronek Kozicki
Bronze badge
Facepalm

Security nightmare

I can imagine this happening to clients:

Boy asks his girlfriend: hand me my phone, will you?

Some time later after breakup: I've got all your contacts copied to my phone and will stalk you forever

Unless of course they make it secure, because we all know that technology companies have security of their users always in the first place, right?

0
0

When will Microsoft next run out of US IPv4 addresses for Azure?

Bronek Kozicki
Bronze badge
Joke

Re: Then why doesn't Microsoft use 169.254.0.0/16?

There, I fixed it for you - see icon.

2
2

Dell exec: HP's 'Machine OS' is a 'laughable' idea

Bronek Kozicki
Bronze badge
Thumb Up

Re: Expected response from Microsoft minions Dell and The Register.

Absolutely agree. One just cannot reconcile aggressive timeline against effort required to write a new OS. It does not compute and leaves everyone pretty confused.

Unless the idea is to make a new OS under GPL and heavily borrow from Linux (or perhaps more liberal BSD, like Apple did). That would be very interesting and might just make the deadlines (only slightly pushed back, by just few years).

2
1
Bronek Kozicki
Bronze badge

Re: Truth hurts

IF there is a new open source OS then the odds of it surviving are pretty high. None of the above are open source, but look at Haiku (I didn't say "... and prosper").

1
0

Panasas: Avoid lengthy RAID re-builds - use our dodgy-file tart-up tech

Bronek Kozicki
Bronze badge

Thanks for explanation - I can see that RAID6+ is really misnomer here ..

0
0
Bronek Kozicki
Bronze badge

Re: A new RAID level that scales redundancy...

I like what you are saying, but there is one RAID schema where redundancy keeps up with the number of drives added. Unfortunately it's also the most expensive of them all, it's called RAID10. I'd preferred if they developed what you call "RAID 7".

However, the more interesting thing here is that by coupling HDD redundancy logic with the filesystem they repeated what ZFS does and to a good effect, i.e. much shorter rebuild times. The rebuild time is when your data is most vulnerable, so making it shorter also helps.

Also, if this trend is followed then perhaps live snapshots, checksums and self-healing will be too. I hope I live long enough to see these in general purpose consumer hardware - delivered and enabled by default.

0
0

Microsoft challenges US gov over attempts to search overseas data

Bronek Kozicki
Bronze badge

Re: Why Not

... because Microsoft headquarters are in US. Thus anything presented under US law may be binding to the company as a whole.

2
3

IPv4 addresses now EXHAUSTED in Latin America and the Caribbean

Bronek Kozicki
Bronze badge
Joke

Re: A Win Win solution!

In a way, there is "backward compatible solution". It is called "dual IP stack".

1
0

HP starts a memristor-based space program to launch ... THE MACHINE

Bronek Kozicki
Bronze badge

Re: As someone who has been around HP a lot over the years

I hope too.

If they can build nonvolatile memory with pico-seconds latency, they will also have to reinvent CPUs because disproportionate majority of die space is currently sacrificed to dealing with latency (all 3 level caches, multiple pipelines, cache synchronization protocols etc). Luckily there was a time when processors speeds were bottleneck, not memory (fond memories of Z80 ...) so the knowledge is there, somewhere.

Also for an operating system to make the optimal use of this new speed, it would have to be written specifically to optimize for low CPU utilisation (because this is where bottleneck will be once again) rather than for cache-friendly memory accesses. For (what we currently call) modern software, this is actually large change in direction. Given the very ambitious plan I hope they won't write a whole new OS from scratch, and will rather improve Linux. For the same reason, I pray they do not abort this project prematurely.

Which they will be tempted to do, since planned delivery dates seem a little unrealistic to me.

4
0

Google: Why should we pay tax when we make 'intangibles'?

Bronek Kozicki
Bronze badge
Megaphone

My suggestion to Google

Do not pay taxes in any developed economy. If they have temerity ask you to, "threaten" to move all your engineering to Somalia. And headquarters too.

See how seriously this argument will be taken.

1
0

Page: