* Posts by Flocke Kroes

2646 posts • joined 19 Oct 2007

VirusTotal bashes bad BIOSes with forensic firmware fossicker

Flocke Kroes Silver badge

Catch 22

There was a time when the BIOS was stored in a chip in a socket. You could pull the chip out, put it in your EEPROM programmer and compare it to a known good image. Back then EEPROMs were so small that you could not hide anything complicated inside them.

These days, you can fit a few operating system kernels into the boot flash chip. Enough space to hide the real contents and present a white-listed image to high level software. The chip is soldered down, so your only real hope of finding out what is actually inside is via JTAG.

If only the CPU had enough on-chip ROM to boot from micro-SD, and did not require over a GB of secret binary blobs to do anything useful.

You've seen things people wouldn't believe – so tell us your programming horrors

Flocke Kroes Silver badge

Re: IBM trainee programmer reduces 4-byte program to 2

There is a similar story about the true command. The old version was an empty file. The operating system looked at it, decided it had been told to do nothing and recorded the result as a success. Unfortunately, someone was tasked with adding copyright notices to all the scripts ...

Flocke Kroes Silver badge

@Martin an gof

To understand what is going on, you need to know about inodes. inodes contain all sorts of information about a file like size, where it is stored, creation date, permissions, owner and group. The fun thing that an inode does not contain is the file's name. A directory is a list of names and inode numbers. An inode can have multiple names by being referenced from different directory entries. You can create another reference to an inode with the ln command. The rm command removes the directory entry, and reduces the reference count by one. If the reference count reaches zero, the space allocated to the file is returned to the free space list and the inode is marked as unused.

When omxplayer opened the file, the reference count for the inode was incremented. When you rm'ed the file, the reference count remained above zero until omxplayer finished playing the file. This also explains how rm can delete itself, the C library and just about anything else that you thought would cause your computer to crash promptly if you deleted it.

Show us the code! You should be able to peek inside the gadgets you buy – FTC commish

Flocke Kroes Silver badge

Why are they investing a ton of money?

Libre software provides a huge selection of wheels available for free. There is no excuse for re-inventing them. Imagine a couple of logos available for IoT makers:

Logo1 means the device may contain security flaws and spyware which are a real pain for anyone but the manufacturer to correct. Updates might be available from the manufacture until he decides it is time for you to buy a new device.

Logo2 means the device may contain security flaws and spyware which can be corrected by any competent programmer. Updates might be available from any of competent programmers paranoid enough to check the source code.

A couple of decades ago, hunting for a device that deserved Logo2 was hard work, and at best gave you a very limited choice. A decade ago, you could buy routers with openwrt. These days you can buy drones with ArduPilot and children are making their own toys out of raspberry π's. There is still life in Logo1, but a decade from now I think it will be sold to only to governments because no-one else would be that dumb.

Hey, Intel and Micron: XPoint is phase-change memory, right? Or is it? Yes. No. Yes

Flocke Kroes Silver badge

That which we call a computer implemented invention ...

The idea of FinFETs has been around long enough for the patents to expire. When process shrinkage made FinFETs worth the effort, Intel called them 3D-transistors. I assume Intel's PCM will get a new TLA so it can be covered with fresh patents.

UK can finally 'legalise home taping' without bringing in daft new tax

Flocke Kroes Silver badge

The government gave a specific reason when they created the exemption

When I buy the right to listen to some music it makes no difference to the musician what technology I use to listen to that music. The musician has not lost anything, so the correct amount of compensation is 0. That was the government's clearly stated reason for the lack of compensation from the beginning.

Thanks to this ruling, we must now fund a quango to calculate how much each musician deserves and not pay them because the research ate the entire budget to arrive at a long list of zeroes.

Time for Orlowski to demonstrate the value of a compensation scheme. Lets see financial details of the existing compensation organisations: how much they collect and the amount - if any - that reaches musicians directly and not spent on their behalf on tasks like pointless litigation and lobbying for more pork.

SpaceX: launch, check. Landing? Needs work

Flocke Kroes Silver badge

Time warp to 1962

There was a plan called Sea Dragon. Unlike most rockets, Sea Dragon was made of thick steal and used simple brute force engineering. The idea was to launch it from the sea, and recover it for re-use after it crashed back into the sea.

If we really want cheap space travel, we should re-invent the NERVA engine.

Learn you Func Prog on five minute quick!

Flocke Kroes Silver badge

Re: Rule 3: Functions should be curried.

#! /usr/bin/env python3

from functools import partial

seq_7_10_13_16_19 = map(partial(int.__add__, 4), range(3,18,3))

If your only tool is a hammer, all tasks start to look like nails. Functional techniques are handy tools. Some languages provide a wide selection of tools without straining the syntax. Very often, you do not get a choice about the language. I think it is worth looking at how functional techniques are expressed in the language you are stuck with. If a task can be completed clearly and concisely with functional programming then you should not hammer the screws in.

Intel aims for PC-style position in drones, robots and wearables

Flocke Kroes Silver badge

Intel are really good at expensive processors

Intel will not be any good at cheap CPUs until selling a cheap CPU does not replace the sale of an expensive one. That day is clearly coming, but until then, I will be sticking with ARM and MIPS.

Philae's phinal phlop: Lonely lander didn't answer wakeup signal

Flocke Kroes Silver badge

Re: Doesn't Look Right

They must mean Digital Llama Radio.

Future Snowden hunt starts with audit of NSA spooks' privileges

Flocke Kroes Silver badge

Re: Shurley some mishtake

Beat me to it, but I was going to go with:

genisoimage -r /embarrassing/secrets/ | wodim dev=/dev/dvdrw speed=1 -

Richard Chirgwin's "sudo cp -R * /dev/DVD" has multiple problems.

If his account does not have access to the current directory, * will expand to *

sudo does not do shell expansion as the target user by default, so cp will be instructed to copy a file or directory called *

If * does not exist, cp will complain.

If * exists and is a file (or * expanded to one name), it will be copied to the /dev directory, and will be called DVD. (These days, /dev is tmpfs, so the file will end up scattered all over the swap partition)

If * exists and is a directory (or * expanded to more than one name), cp will complain that /dev/DVD does not exist.

/dev/dvd is the default DVD-ROM. These days, DVD-ROMs are rare, and /dev/dvd will probably point to the same place as /dev/dvdrw.

I am not sure what copying a file or directory to /dev/dvdrw would actually do. I hope it would cause a meaningful error message, but if not, I have confidence that recovering any data from the DVD would be a really unpleasant task - if possible at all.

I think it is possible to mount a re-writable dvd with a filesystem, and copy files and directories to the moint point. When I read about this (over a decade ago) there was a warning about packet writing being really slow. In real life, you were better off generating an ISO image and asking wodim to transfer it to the DVD as slowly as possible (x1000 speed DVD players and x10000 speed disks were marketing numbers and had to be treated as slightly less reliable that a statement from the home secretary.)

Stanford boffins snuff out li-ion batt blaze risk

Flocke Kroes Silver badge

Not really

It means that cheap, fire hazard batteries can be sold at almost the price of safe ones if the manufacturer / distributor sticks on a label marked 'UL 1642'.

Flocke Kroes Silver badge

Batteries that cannot catch fire are not so useful

Petrol catches fire easily and can explode. Easy to fix: replace petrol with wax cubes containing water. Your car can puncture the cubes one at a time to let out the water, then burn the wax in a steam engine. Perfectly safe. If there is an accident that dumps the contents of the fire box onto the fuel, sufficient water will be released to put out the fire. As an added bonus, the fuel weighs so much that the top speed of a car is unlikely to be much above walking pace and that will reduce the number and severity of accidents. The maximum altitude of aircraft would be reduced to a few centimetres (think hovercraft) so aircraft would no longer be able to fall out of the sky.

The big advantage of petrol is that it contains lots of energy with little weight. Over the years, the energy density of batteries has improved to the point that they can be used in situations that used to require petrol. The down side is that such useful batteries require precautions similar to petrol to avoid fires and explosions.

Swiss try to wind up Apple with $25k dumb-watch

Flocke Kroes Silver badge

Re: Sueball alert

Not just that, glass to the edge of the device, icons arranged in a circle, and the colour black. It is as if they did not know Steve Jobs invented the watch.

Intel lobs out new Core m3/m5 Compute Sticks, shouts 'Fetch!'

Flocke Kroes Silver badge

Re: Why two boxes?

If they are aiming for media PC, then they need to compete on price with a Pi. I agree about the lack of ethernet. Things that run on batteries are allowed wifi. Anything chained to a power socket loses nothing and gains sufficient to get an ethernet connection.

To actually use this thing as a computer, it will need a keyboard and mouse. From what I have seen of CEC, it can barely send key presses from the TV's remote to a device made by a different manufacturer. One day, you might be able to buy IRDA mice/keyboards, a TV that forwards IRDA to HEC, a graphics card that presents HEC as a network interface to the OS, and configure the OS to look for a keyboard and mouse on a network interface. In real life, your choices are bluetooth, USB, or 'Keyboard not detected, press F1 to continue' + 'Mouse not detected, click here to change'.

Does anyone have a use case that requires a bigger CPU than a Pi controlled via a TV remote control?

Flocke Kroes Silver badge

Why two boxes?

As is: the stick is bigger than an HDMI cable, so if it fits at all, it may block other HDMI ports. Behind the TV may get Wifi reception, but it is a bit far for bluetooth and useless for infrared. The USB port is pretty much restricted to a small, permanently attached memory stick or you end up with another cable tugging the device out of the HDMI port. The weight restrictions mean the undersized heat sink needs a fan.

The only practical way to use this thing is with an HDMI extension cable. If the CPU went in the power supply, all those problems get fixed at once. That just leaves justifying over double the price of a boxed, powered Pi with an SDHC card.

ISPs: UK.gov should pay full costs of Snooper's Charter hardware

Flocke Kroes Silver badge

Re: "UK.gov should pay"

I might just about tolerate a tax, but only if it is for the £250M. The politicians that vote for this useless rubbish should be made jointly and separately liable for the shortfall, and for damages and compensation to every terrorist's victim when an explosion was not prevented by excessive spying.

We're all really excited about new smartphones, laptops, tablets – said no one ever

Flocke Kroes Silver badge

Progress: minimum RAM is plenty

My old 1GB laptop had more than enough memory, but got retired when I could no longer get replacements for all the worn out parts. The new one has minimum RAM: 2GB. Two thirds of it simply buffers some of the contents of a ridiculously fast SSD. I have to replace the desktop today. A Pi 2 only has 1GB, so I might end up using over half the RAM quite often.

The first RAM upgrade I did involved pushing 16x 16Kbit chips into all the empty sockets. I think there has been plenty of progress.

If you want a USB thumb drive wiped, try asking an arts student for help

Flocke Kroes Silver badge

Over/under provisioning

Flash devices need more internal capacity than the number printed on the outside. They need a map of logical to physical sectors that has to be stored somewhere. They need to keep track of how often each block has been erased. Some sectors do not work on new chips and some will fail while in service so there have to be spares. Finally, the ware levelling algorithm can make better choices if it has lots of unused sectors to choose from. I have found devices where the capacity of the chips add up to 50% more than the advertised capacity.

There used to be a problem with second hand chips. Old devices were recycled leading to new devices that started with a large number of bad sectors, and those that did work had already gone through a large number of erase cycles. Under provisioning is still popular. The device will work fine if you only use a quarter or perhaps a half of the nominal capacity.

A full format that writes zeroes to all the sectors not used for filesystem metadata will identify many under provisioned drives. Some of the more cunning drives will try to identify the file system, and forget the contents of unallocated sectors to increase the pool of available blocks (or to hide under provisioning).

If 90% of your drives survive a full format then you have found a supplier who works hard to detect and demand money back for under provisioned drives before they reach customers (or you picked a file system type supported by some excellent firmware).

Using dd like 1980s_coder is close to a good answer. Drive firmware is likely to avoid storing duplicate data, so half a sector might store all the zeroes, and a few more would map lots of logical sectors to that compressed sector. For a while, some of your illegal porn and bombing plans will be stored on blocks scheduled for erasure, and the firmware will get around to that in due course.

I would love to use the trim command. The latest versions of the SATA, SDHC and USB command sets all include trim or an equivalent. SATA support is common and it even works on some devices (modern Linux kernels have blacklists and whitelists). A few USB devices claim to support trim. I have yet to come across a USB enclosure that forwards trim commands to a drive.

I like to write a sequence of random numbers to a new drive, and try to read them back. That spots under provisioning. Two or three complete drive writes of random numbers will probably erase my terrorist plans. One day deleting a file could result in trim commands that are promptly and reliably obeyed, but for the next decade, the only secure erasure strategy I have real confidence in is fire.

Apple had more CVEs than any single MS product in 2015, but it doesn't really matter

Flocke Kroes Silver badge


CVE counts have been used for manufacturing headlines for well over a decade. Mr Chirgwin did point out that their are many problems with just taking the numbers without thinking, and points out some of the reasons why. As alien overlords appear to stop reading after a few sentences, I'll slip in a disclaimer about selecting a conclusion first and arrange the figures to match for the following flame bait:

Windows YYYY Server gets worse with each release: 2003 has 23 CVEs, 2008 has 149 and 2012 has 155.

Windows 8.1 comes with Internet Explorer, and MS Office is typcally installed for a total of 422 CVEs, putting it top of the list.

Last time I saw figures like these, a number was quoted for Linux by adding CVEs for each distribution. Ubuntu+Debian+Opensuse+Fedora is 422CVEs. Add in a few less popular distributions, and Linux becomes top of the list.

If the last one had you giggling, cvedetails have a chart of total vulnerabilities by vendor. Adding CVEs for all the versions of the top 50 MS products together gives 1590 CVEs.

The only frightening thing I can see about the alien overlord is he has not noticed that programmers are well aware of how these numbers are abused. Apparently someone has bought a bunch of articles adverts that take these numbers seriously. Writers for The Register know that the vast majority of commentards will not be impressed by such rubbish. Even Orlowski didn't try to run with this.

Here – here is that 'hoverboard' you've wanted so much. Look at it. Look. at. it.

Flocke Kroes Silver badge

Re: For those who disabled Adobe Flash


Flocke Kroes Silver badge

Re: Which batteries

Taken from a quote from Elon Musk about electric car batteries. That was probably an unusual situation, but it was reasonably reliable number found with a minimal internet search.

Flocke Kroes Silver badge

Moore's law for batteries

A few years ago, batteries got about 20% extra capacity per year while the price dropped 20%. These days, the capacity figure is closer to 5% per year. The price reduction is harder to estimate because battery prices are now mixed in with fire bomb prices.

Physics limits battery energy density to about three or four times what you can buy today. Electric motors are about 80 to 90 % efficient, so room temperature super conductors, magnetic bearings and all possible advances in tech only get you another 25% at best. The complete board is 10kg. If we split that 50/50 for batteries and motors, and use magic massless motors, we can double battery weight and get to a theoretical limit of almost an hour in the air.

The big problem with the hover board design is it moves a small area of air very fast. You can get the same thrust for less power if you move a large area of air slower. At a guess, the model jet engines mentioned above use low temperatures to simplify the design, reduce maintenance and use cheap materials. Engines on big aircraft push cold air through the inside of the turbine blades made from high temperature materials so they do not melt. This allows a higher combustion temperature, which improves efficiency, so better power to weight ratio and less fuel used.

If you design a small turbine with similar features to a big aircraft engine and use it to spin a big propeller, you get a helicopter hover board that can fly for hours with existing tech. (Also requires a pilot's licence, regular maintenance and a really big bank balance).

Flocke Kroes Silver badge

Re: Comparison 36x electric fans with 8x mini jet engines

The specs we have for the electric product are 10kg board, 80kg passenger and 200kgf of thrust. I will assume that the average thrust is 90kgf, but that it is distributed unevenly among the fans to keep the board from flipping over.

The jet proposal has 8x 52lbf of thrust for a maximum of 189.1 kgf. If we assume the same 90/200 ratio to keep control, the mass of board + passenger must be reduced to 85.1kg. The jet engines require 25oz/minute of fuel each at full power. Scaling that by 90/200 because the engines are not set to full power all the time, six minutes of hovering time uses 16.34kg of fuel. Lets call that 8.17kg because the fuel tank starts full and ends empty. The engines are 2.51kg each. If we allow 0.34kg to provide a surface to stand on, and hold the engines and fuel tank together then we are down to 57kg for the passenger.

To match the electric product's 80kg passenger, we need 12 jet engines weighing 30.1kg and costing $51,540. Also 23kg (7.5 US gallons) of jet A1 1-K aviation fuel per 6 minutes of hovering. As well as burning a hole in your wallet, the jet's exhaust is 750°C, so it will burn your house down if you ride it indoors.

You ain't nothing but a porn dog, prying all the time: Cyber-hound sniffs out hard drives for cops

Flocke Kroes Silver badge

Re: Disk glue

Every time I have dismantled a disk, it has been held together with screws (I have not tried one full of helium yet). There are plenty of processes making and populating PCBs that could leave a smell, but none of them are unique to a hard disk controller card. My first hard disk (320MB was big in those days - full height 5¼") had a packed PCB that was the full size of the device. These days, the disk is a quarter the area, and the PCB is even smaller.

This dog in incredible. It would be interesting to see if the dog actually has any professional qualifications. If nothing had been found, who would have got the bill?

Free Wi-Fi for the NHS, promises health secretary Jeremy Hunt

Flocke Kroes Silver badge

Re: patented operations too?

Patents have already been granted for some medical procedures.

Who would win a fight between Cortana and Android?

Flocke Kroes Silver badge

Soon every gadget will be able to wreck a nice beach

Phillip J. Fry Demonstrates what speech recognition will be like in a thousand years: https://www.youtube.com/watch?v=4-vRpQ0YyYo

DEAD MAN'S SOCKS and other delightful gifts from clients

Flocke Kroes Silver badge

Anyone remember Tuttle, Oklahoma?

A city manager with '22 years in computer systems engineering and operation' failed diagnose a missing apache config file, and starts flaming.

Windows for Warships? Not on our new aircraft carriers, says MoD

Flocke Kroes Silver badge

Re: OK, I'll bite.

Windows ME

Flocke Kroes Silver badge

Re: Pedant alert

Will these ships become operational before they are scrapped?

Press Backspace 28 times to own unlucky Grub-by Linux boxes

Flocke Kroes Silver badge

Secure Boot

Secure boot throws away any hope of security. Old style BIOS is sufficiently small and stupid that it cannot do much more than read and execute a boot sector. Secure boot is huge. The chances are that the copy you have is based source code released by Intel, with whatever additions the manufacturer's government insisted on plus two huge binary blobs from Intel big enough to hide something that can man-in-the-middle an ethernet port and provide remote exfiltration invisible from inside the computer.

Bit locker keys can be read by an external device via a 1394 or thunderbolt DMA channel. If all else fails, reset the machine and boot from an external device. The keys can often be found in memory left over from the previous boot.

Securing a computer against physical access by a rich and determined attacker is really difficult. Grub's password feature is only a significant barrier if you have covered all the other bases.

Flocke Kroes Silver badge

Almost possible to use grub password

Some cases have intrusion detection switches. I can wire that to the erase CMOS nvram pin. Now I can close the case, configure the BIOS to boot, but only allow changes to the boot order with a password. Next up, enable grub's password feature so the boot options can only be changed with a password. Now encrypt the server's secret key and store the password for it in CMOS nvram.

The server's certificate is now more difficult to get at if the attacker has physical access. There are two more things you need to sort out: all USB ports should be disconnected (and wired to the mains). Also, add an X-ray detector and use it to trigger some thermite. (The police will first attempt access with a USB device, then take an X-ray to cut into the box without triggering the intrusion detection switch).

Now to actually use that grub password, you need a USB to PS2 converter inside the box, and use a bulkhead mounting PS2 connector to get the signals out.

Flocke Kroes Silver badge

Embedded system ...

... with a backspace key?

The whole idea of an embedded system is that it works without the assistance of a user. If grub is set to require a password on boot then after every power cut, some poor techie is going to have to trudge out to darkest nowhere, dismantle the box and solder in a keyboard before typing a password.

Samsung appeals to Supreme Court to bring patent law into 21st century

Flocke Kroes Silver badge

Re: past present and future

While we are looking at the past, why did the jury require Samsung to pay damages for a phone that according to that same jury did not infringe?

European Space Agency demos MARS LANDINGS BY DRONE

Flocke Kroes Silver badge

Re: small issue of air density

The fun thing with Dyson patents is to look at some history. A century or so ago, vortex separation was used in coal mines. Over three decades ago vortex separation was used in bus exhausts to reduce particulate emissions. There was a vortex separator at a sawmill where I worked long before Dyson invented the vacuum cleaner. Like everyone else involved in technology, I do not look at patents because they are obfuscated, obvious, describe antiquated tech badly and looking at a patent means triple damages for wilful infringement (and expensive nuisance litigation if you do something similar but non-infringing). So without looking at Dyson's patents:

Flywheel energy storage has been around for decades. The big advantage is the rapid discharge time, so to obvious uses are things like throwing aircraft off a carrier or powering a data centre for the few seconds between a power cut and the generators starting. There was a big step up in capacity per kilogram when people switched to composite materials. In 2004, NASA built one that could store 16kJ/kg. For comparison, super capacitors store 36kJ/kg, Lithium ion battery: 1800kJ/kg. Ham and cheese sandwich: 10130kJ/kg. The popular energy storage for a Mars rocket is Methane+Liquid oxygen which you can make from Mars's atmosphere if you bring a nuclear reactor and your own hydrogen. The resulting energy density compares well to a ham and cheese sandwich, so over 600 times better than a flywheel storage device built with an astronomical budget; eg: launch costs per kilo swamp the costs of expensive materials and expensive manufacturing processes.

If you are going to try flywheel storage for a Mars landing, the time to charge up your propeller is after you have slowed down enough that the propeller will not get vaporised by friction with the atmosphere, but while you still have enough speed and altitude for autorotation.

If Dyson were involved in space travel, I expect he would patent what other people are doing now and sue them when they start to make a profit.

FAA introduces unworkable drone registration rules in time for Christmas

Flocke Kroes Silver badge

Re: Police level trained

There is a wide range of police training. This is not the link I was looking for. The one I wanted was much clearer. For example, the link I could find says thirteen officers get shot but does not say if that includes the 8 that shot themselves, or how many of those 8 were accidental shootings. At first sight, it looks like the police shot more suspects than bystanders but the link I wanted split the 24 dog shootings into suspects and bystanders. I do remember that according to the statistics the safest thing for the bystanders to do was to reach for a concealed weapon and look threatening - if the police aimed for you, they were more likely to hit someone else. The safest thing for the actual suspect to do was to stand next to a dog. Innocent dogs caught more gunfire than suspects.

Many police forces train their officers until they pass a test, then practice stops for lack of time and money. As a result, gun nuts who practice regularly are often better shots than an average policeman. I am all in favour proficiency tests for people who want to own dangerous tools. 'Police level training' is not a clear standard, and in some states it is dangerously poor.

Samba man 'Tridge' accidentally helps to sink request for Oz voteware source code

Flocke Kroes Silver badge

Re: Is source code necessary to validate correctness?

Test cases sufficient? Ask VW.

Personally, I think this software has no value in elections until the source code is available for review. This also makes to possibility of secret illegal copying impossible: whoever copies it is going to have to provide the 'their' source code for verification, leading to immediate proof of illegal copying.

I like to idea of machines counting bits of paper, because that leaves a permanent record that can be verified.

Donald Trump wants Bill Gates to 'close the Internet', Jeff Bezos to pay tax

Flocke Kroes Silver badge

Get your popcorn

There are some Americans who only get their 'news' from Fox. When they occasionally get news from elsewhere, they assume it must be false because Fox and all their Foxed friends disagree. There are enough people like that to keep Trump looking like a possible candidate. The aren't enough people like that to get Trump elected president.

You can expect the hilarity to continue, as the extremes of the Republican party have shot down any candidate who appeals to more than one faction. We will continue to get half a dozen Republicans each speaking only to their own faction, with statements that sound utterly insane to everyone else.

If there is a way out of this, it has not occurred to anyone in the Republican leadership.

Flocke Kroes Silver badge

Re: Duh

Al Gore sponsored a pile of legislation that funded computing and networking research, and the precursors to the internet. He might well be a good person to talk to if you want to find places the US govenment can fund or cut to improve or destroy the internet. Republicans liked to say Al Gore claimed to invent the internet, but before repeating their delusions, it is worth checking snopes.

Per-core licences coming to Windows Server and System Center 2016

Flocke Kroes Silver badge

Re: One trivial windows program

Thanks to WINE, I have not bothered to replace it.

50c buys you someone else's password for Netflix, Spotify or ...

Flocke Kroes Silver badge

Almost worth it for an electronic component datasheet download account

Guesses like 'username' / 'password' are likely to get you in faster that filling out the enormous form. The form certaily wastes more than 50¢ of time. The only downside is the amount of time required to make a darknet purchase compared to the fun finding the stupidest combination of selections if someone has not setup 'username' / 'password' already.

Sued for using HTTPS: Big brands told to cough up in crypto patent fight

Flocke Kroes Silver badge

Re: The Dumbest of the Dumb ...

It is worse than that. Many in the lower ranks have brains, but the rules they are required to follow are insane and make them look like the dumbest of the dumb. Imagine if even half those people were doing something constructive instead.

Flocke Kroes Silver badge

Re: Loser shell company evades payment

Easy: Patent litigators must post a bond along with their first hint that a product might infringe their patent. $1000 per word and $1,000,000 per diagram in the patent should do it.

The other way to make progress is to say that if patent litigation starts in East Texas, then is all the proof you need that all the patents involved are invalid.

Microsoft makes Raspberry Pi its preferred IoT dev board

Flocke Kroes Silver badge

There was a reason these were given away free

Plan A: Arduino compatibility. Galileo could run Arduino software via in emulation. There result was hundreds of times slower than a cheaper, lower power Arduino board. There is simply no point in a big expensive CPU for applications that already work fine on an Arduino.

Plan B: Raspberry Pi competitor. Although Galileo's CPU is half the clock rate of a Pi, it does more instructions per clock, and works out about the same speed as a Pi B1 CPU. At twice the price, and quadruple to power, the only advantages Galileo had were one lane of PCIe and the ethernet port did not take bandwidth from the USB port. There are other ARMs in Galileo's price bracket with those features, and a Pi B2 has four faster CPU cores and the same GPU as a B1.

To enter the IoT market, Intel has to release a product at near cost that reduces sales of their higher margin products. So far, Intel has decided that a proper IoT product does them more harm than good.

Microsoft knows this move is a kick in the teeth for both of the developers using Windows on Galileo, but anybody using Windows for anything must know by now that one day it will be their turn. It could not have been a surprise.

Microsoft's OneDrive price hike has wrecked its cloud strategy

Flocke Kroes Silver badge

Re: Never had this problem...

I just priced up my home storage: between 0.25 and 0.30 US$ / month / 50GB depending on scale (dual redundant, replace every two years, includes electricity). The other bonuses are my setup does not suffer from slow internet days and I get two free (wimpy) servers. Microsoft would have a tough sell at one tenth of their new price.

E-mail crypto is as usable as it ever was, say boffins

Flocke Kroes Silver badge

'Easy' ways to get and validate keys

You can get keys with the magic command 'gpg --keyserver wwwkeys.uk.pgp.net --recv-keys KEY_ID'. Unfortunately, to work this out for yourself, you have to read the manual. You can get mutt to retrieve the correct key for a particular encrypted email by adding the following to '~/.muttrc':

set pgp_getkeys_command="/usr/bin/gpg --no-verbose --batch --quiet --recv-keys %r"

and by adding something like 'keyserver wwwkeys.uk.pgp.net' to '~/.gnupg/gpg.conf'.

There are similar settings for encrypting, decrypting, signing and verifying, each at the press of a button (plus typing in a proper password for decrypting and signing). Other mail user agents may or may not be as easy to configure :-)

The obvious way to get the right key is to meet in person and exchange keys - or at least key finger prints. The less obvious way is to read and understand how the chain of trust works.

Communicating private messages requires reading and thinking, so it is way too much effort for the average netizen. Dumbing it down just means people will think a picture of a key on a web page means it is safe to type in their bank details.

Google stock buy-back: You'll groan when you realize where that $5,099,019,513.59 figure came from

Flocke Kroes Silver badge

God's net worth

I did not expect to find a single clear undisputed value because the catholic church has many large properties which are difficult to put a price on and plenty of people would like a large or small number to support their propaganda. I did see plenty attempts at passing off misleading numbers (both sides), and some (over simplified) ways to value unique property were not even mentioned, eg:

(Tourist revenue - maintenance)/(Competitive return on investment)

After a quick search, I can clearly state that over a decade ago the catholic church either had for more or far less value than the current market capitalisation of Google, depending on where you look and what currency they were using.

Has anyone seen convincing, clear and honest official numbers? I bet Tim Worstall could do an article that leads to a spectacular flame war.

Another go with MIPS IoT: Imagination unveils new Creator board

Flocke Kroes Silver badge

Remember it's IoT

OK, _normally_ you need docs for open source drivers so you can keep the kernel up to date with security fixes. This is IoT, so security does not matter.

Microsoft boss Satya Nadella is paid $18m – and would trouser $20m if sacked

Flocke Kroes Silver badge


The bigger bonus for getting fired does suggest that was the plan, but as he was not fired he will have to try harder next year.

For mobile first equal, he inherited only a few percent market share. Any time he faces reality and does something with Android, he gets ranted and by the Lumia owners. Any time he pushes users to cloud first equal, he pisses of the desktop users. The obvious way to make money is to bump up the prices for locked in legacy users, and what a surprise, people scream when he does that too.

Somehow he has to balance between legacy support and securing a future. Any decision he makes will be interpreted as a recipe for catastrophe by half is divisional managers, business partners and customers. The monopoly is broken, so profits will fall whatever he does. Both sides will point at that and say it was his fault for not being 100% traditional and 100% modern.

The free software solution to problems like this is the project gets forked and users take their pick. If he could do that or something better at MS, then he would really deserve his bonus.

Apple may face $900m bill after A7 CPU in iPhones, iPads ripped off university's patent

Flocke Kroes Silver badge

Re: Apple thieves - what a surprise

Creating verilog code is expensive. Proving that some verilog does what you intended is really expensive. I agree that Apple should pay for all the verilog code they stole from the patent. A quick look at the patent shows zero lines of verilog and zero evidence the the verilog does what the patent describes.

There is some theory that one among the thousands of people who independently came up with the idea should be able get a monopoly on its implementation. If something is so obvious that no-one writes it in a technical journal, it is proof (to a patent lawyer) that the idea is unique and valuable. This dates back to the Dewar bottle.

A Dewar bottle is a delicate piece of lab equipment that can hold hot or cold liquids and keep their temperature roughly constant. A judge upheld the patent on a thermos flask (a Dewar flask robust enough to survive getting dropped) because the idea of making a Dewar flask robust would not have occurred to anyone but the patent holder. The judge pointed at a picture of a Dewar flask to show how different it was from a thermos. In the background of the picture you can see the thermos made by the lab-tech who took it on pic-nics to the delight and amazement of his family. The lab-tech, James Dewar and hundreds of other lab-tech and physicists knew that the thermos was to obvious to patent. The key quality that is required is the willful ignorance of a patent lawyer.

On another day, I would happily slag Apple for suing others who build things that Apple copied, but not for this.

Biting the hand that feeds IT © 1998–2019