* Posts by Flocke Kroes

2601 posts • joined 19 Oct 2007

Bash bug: Shellshocked yet? You will be ... when this goes WORM

Flocke Kroes Silver badge

It is nastier than that

Using the CGI attack vector, the web server will un-url-escape a string I supply and put it into an environment variable. The CGI script is expecting an unescaped string, so the standard does not provide a way to prevent my choice of string going into an environment variable.

Bash provides a mechanism to export bash functions to a bash sub-process. Bash assumes any environment starting with '() {' is a function. Defining a bash function is part of the bash language, and bash uses the bash interpreter to convert the environment variable into a function definition. The bad news is that the interpreter did not stop at the end of the function definition. Extra text in the environment variable after a function definition gets interpreted just like a bash script.

If a web server has a vulnerable version of bash, and a CGI script either written in bash or using a bash sub-process that receives the CGI environment then remote users can execute their own bash scripts with the authority of the web server.

The obvious places to prevent this are any of these:

*) make bash stop interpreting function definitions at the end of the function definition.

*) use something like fastcgi which passes parameters through file descriptors instead of environment variables.

*) Do not write write CGI scripts in bash AND ensure that the environment is sanitized before starting a bash sub-process.

Flocke Kroes Silver badge

Lots of sites have man-pages

The first google search I tried, three of the first four sites use a CGI bash script to return search results for man pages. Those sites either have already, or urgently need to replace bash.

Flocke Kroes Silver badge


If there was some way to remotely pass environment variables through bash, then yes, you might already have been screwed. I would expect that there is a patched version available for OSX by now. Go find it.

Flocke Kroes Silver badge

Important, but easily fixed

You do not need to get you vendor to tell you if you are affected. Just type:

x='() { :; } ; echo shellshockable' bash -c 'echo test'

If you updated your software last night (this morning for Rasbian) you will get:

bash: error importing function definition for `x'

My router says:

/bin/sh: bash: not found

Embedded systems often use one of the trimmed down shells available with Busybox. Ash and lash are not vulnerable.

This is important, as CGI passes parameters to through the environment, CGI scripts can be written in bash and it is easy to install vast amounts of software on a Linux system, some of which might still use '90s tech because it did not break every time a vendor required their users to buy an upgrade. If you need to test some embedded system without any obvious access to the shell, try a google search for your device's name with the word 'telnet'. If you actually find one that uses bash, and the vendor does not have new firmware ready by tonight, look for a replacement that can run openwrt.

Heatmiser digital thermostat users: For pity's sake, DON'T SWITCH ON the WI-FI

Flocke Kroes Silver badge

The usual trick

PHB asks for proof of concept demo software to get some investment. Funds are needed urgently, so "You can save time by not bothering with security." When that version is delivered, the software 'works', so it must be 'complete', and there is no need to waste time or money on changes that only matter to engineers. PHB will ship it as is.

Exercise-tracking app not QUITE fit for purpose

Flocke Kroes Silver badge

It has caused trouble once ...

... trying to buy a large TV. Someone claiming to be the supplier called me and asked security questions which I refused to answer on the grounds that I had no idea who she was. The concept that she had to prove her identity to me was beyond her. The supplier had no provision for a customer phoning in to answer security questions. The next supplier was just as bad. The third supplier would not accept my credit card because of 'failed transactions'. I ended up going to the shop and paying cash. I think that is far less hassle than someone getting a loan for me and withdrawing £40,000.

Flocke Kroes Silver badge

I thought date of birth was like a password

You do not give the same date of birth to different websites / companies / banks. You keep dates of birth in your encrypted password file along with email addresses and password recovery questions you got from strings /dev/urandom | less

Monitors monitor's monitoring finds touch screens have 0.4% market share

Flocke Kroes Silver badge

The 'thought' process is easy to understand

Microsoft's market is the desktop (with a few servers and one token super computer). The desktop market is dwindling in favour of phones and a few tablets. Phones and tablets are Linux and iOS, so if Microsoft do nothing they will become a small niche with prices shooting up as costs get divided by an ever decreasing number of users.

To avoid that, Microsoft must enter the phone/tablet market at any cost - no matter how many desktop users they drive to distraction. If they fail, people will use Libreoffice on their phones and desktop users will have to install it too because Microsoft need to maintain incompatibility. The plan was to require third party developers to convert their software to a touch interface so the same software would work well on a tablet and a desktop. The plan is obviously catastrophic, but Microsoft were that desperate. Now the costs are clear Microsoft will back off until the next big disaster.

When people start plugging their phones into a keyboard and monitor to write documents instead of buying a desktop, you will see TIFKAM wheeled back out with the same results as before.

Spies would need superpowers to tap undersea cables

Flocke Kroes Silver badge

The big advantage of working under water ...

... is the enormous cost. You could hide all sorts of dodgy expenses in a budget like that.

The power supply is really easy to deal with. Send a fishing boat out to drop a sharpened anchor on one side of the cable and sail to the other side. You then have plenty of time to install your tap while the cable's owner dispatches a repair ship.

Wanna keep your data for 1,000 YEARS? No? Hard luck, HDS wants you to anyway

Flocke Kroes Silver badge


Without power, an SSD will eventually collect more bit flips than the error correction can recover. With power, the firmware can read through all sectors, and re-write the ones that were hard to read. Eventually that re-writing will wear out all the reserve capacity and the device will lose data. The manufacturers can plot a graph of life time verses temperature for high temperatures and extrapolate a guess at the life time for sensible temperatures. Real figures take years to collect, and by that time people have moved on to the next generation of technology.

Ages ago I read about an archive project that wrote new firmware for their disk drives. The firmware automatically distributed copies of the data across the array and monitored the health of the other drives. As long as people swap worn out drives for new ones, the data should stay in the archive, and upgrading to newer technology can be done one drive at a time. The most obvious points of failure are lack of funding and someone accidently deleting everything. I still have more confidence in that lasting 50 years than 1000 year optical disks.

'Windows 9' LEAK: Microsoft's playing catchup with Linux

Flocke Kroes Silver badge

@Def - case insensitive file systems

Most of the users I have met have difficulty typing file name at all. They click on file names, so there is no issue with them typing them with the wrong case. In the unlikely event that a user ever types a file name, the mail user agent or word processor or whatever could do a case insensitive search if a case sensitive search fails. By all means, put such functionality into the file selector of whatever tool GUI tool kit you like so applications behave consistently. All of this can work fine, without the file system driver knowing a thing about unicode.

Now take a look at what happens when some utterly clueless PHB says that the file system driver has to do case insensitive matching. For example 'dz'. If your browser and font system are reasonably modern, that example should look like 'dz', but if you try to select just the d or z, you should get none or both at once because dz is a single letter. If you capitalise a whole word that includes dz, you need a DZ. If you only want initial capitals then you need Dz. Things go rapidly down hill when you come across dž, ʥ, ʤ and ʣ (look closely and you will see the letters are closer together in ʣ than in dz). Unicode has plenty of stuff like this, and the number of corner cases grows with each version.

Outside the Microsoft ghetto, operating systems can handle dozens of different file systems. Putting this crap into every file system driver would be insane. Even worse, when a file system driver updates to a new version of unicode, some things that used to match will stop matching and other previously distinct names will match. Piles of automated software that used to work fine will start breaking depending on the file system in use, the version of its driver and the language used to name files.

Years ago, Microsoft software put the clocks back an hour at the end of daylight saving time. Because Microsoft thought is was a good idea for the system time to be the same as local time, an hour later they put the clocks back again, and again... That bit of stupidity caused a day of pandemonium in each country that uses daylight saving time until the problem was fixed. On the plus side, the failures were sufficiently widespread and synchronous to hit the news so people understood what was going on, and how to deal with it. Case insensitive file system drivers problems do not hit entire countries on the same day, so they do not make the news. There are still people out there who do not understand why that badly designed feature is such a can of worms.

DARPA-backed jetpack prototype built to make soldiers run faster

Flocke Kroes Silver badge

DARPA has a budget problem: How to spend it fast enough

Jets are loud. Small jets are really loud. I bet this one just screams 'shoot me' to everyone within a mile. After running a mile, the soldier is knackered and has a hefty burning hot jet pack with no fuel strapped to his back.

CNN 'tech analyst' on NAKED CELEBS: WHO IS this mystery '4chan' PERSON?

Flocke Kroes Silver badge

The other trick that stumps all hackers

Turn the keyboard upside down and type: pɹoʍƨƨɐd

Discovery BATTLED 2-foot-long WEE ICICLE on first mission - 30 years ago today

Flocke Kroes Silver badge

Much easier to understand if you know what temperature is

Temperature is proportional to the average energy per particle. Touch a piece of metal on a cold day, and it has lots of cold particles. Your fingers warm them up, and they warm up the ones next to them so it takes a long time to heat the metal under your fingers up to near you body temperature. If you touch a piece of sponge on a cold day, as it is mostly air it has far fewer particles. Air conducts heat badly, so the heat stays near your fingers. Air expands when heated, becomes less dense and floats away drawing fresh cold air into place. Sponge traps air in place, so there are no convection currents. If you touch a piece of metal and a piece of sponge both at 1⁰C at the same time the sponge feels warmer because the part of the sponge in contact with your fingers gets close to body temperature very fast.

Space is almost empty, so its temperature depends on a tiny number of particles. As there are so few particles, there is nothing to conduct heat from on place to another. In a circular orbit, the force of gravity gives precisely the acceleration required to go round in a circle. Everything falls together, so hot air does not rise in orbit and there are no convection currents.

This is a bit of a problem for an astronaut in a space suit. Live humans produce about 100W of heat when idle. If this stayed inside the space suit, the temperature inside would rise until the astronaut died - then it would keep rising until the bacteria decomposing his body died too. You can demonstrate the solution by quickly pumping up a bicycle tyre. The end of the pump gets hot because compressing air increases its temperature. Likewise, when air expands its temperature falls. Space suits pump heat to one place, and let the air slowly leak out there. The hot air carries heat away into space, and its expansion into vacuum cools the space suit.

The last thing we need to understand before we make wee icicles is the boiling point of water. Water molecules attract each other, and that attraction keeps most of them together. The fastest ones can escape from the others and fly off. The fastest ones are the ones with the most energy, so when they go, the average energy per particle falls. Those of you who are still awake will remember that average energy per particle is proportional to temperature, so when some water evaporates, the water left behind gets colder. Evaporation is only half the story. Water molecules in the atmosphere bounce all over the place, and some of them crash into puddles of water. The attraction between water molecules pulls them in hard and increases the velocity, which is a type of energy. When the number of water molecules leaving by evaporation is much higher than the number of water molecules arriving by condensation, the water boils. Reducing the pressure reduces the number of molecules that can arrive by condensation, so the water boils at a lower temperature.

If we still taught physics in school these days, people would understand what happens when an astronaut flushes the toilet. When the urine is piped out into space, the pressure falls and that reduces the boiling point. Boiling pee looses its most energetic particles so its temperature falls until it freezes. As space is almost empty, its temperature does not matter as heat cannot conduct or convect from space to or from the wee icicle. Heat can move in space by radiation. Solar radiation can heat an icicle and that heat cannot escape by convection or conduction into space. The only thing keeping the icicle cool is when the most energetic water molecules leap off into space. Eventually the icicle becomes thin enough to break off without damaging anything.

NASA to reformat Opportunity rover's memory from 125 million miles away

Flocke Kroes Silver badge

Re: Patch Tuesday

They have Sol Martis.

BOFH: The current value of our IT ASSets? Minus eleventy-seven...

Flocke Kroes Silver badge

You know inventory day is approaching ...

... when every set of scales goes missing at the same time.

PFY: "You want me to count these washers?"

PHB: "Yes."

PFY: "Really count a bag full of washers?"

PHB: "Yes, we must have a complete and accurate record of our inventory."

Bin: "Clonk."

PFY: "We have 0 washers."

PHB: "Did you just throw that bag of washers in the bin?"

PFY: "Yes. I will order a bag of 1000 tomorrow. It will be cheaper than counting them."

PHB: "Fine."

Now I know... if there are no scales on the shelf in the calibration office, bring your own set in tomorrow.

One step closer to robot butlers: Dyson flashes vid of vacuum sucker bot

Flocke Kroes Silver badge

This being Dyson ...

In five years time, Dyson will sue Roomba for patent infringement. Oh wait ... that would be like Apple too.

HP: We're still running the ARM race with Moonshot servers

Flocke Kroes Silver badge

1 & 2 GB Arms

There is now a selection of 1 and 2GB 32 bit Arms. Take a look here.

At those prices, techies can play with them and get a feel for what they are capable of. When a task matches a machine I have tried, I can select a 32-bit ARM with confidence and save money and power compared to a low end X86.

I have yet to even here rumours of cheap 64-bit Arm boards. Perhaps something will turn up in 2016.

Super Cali signs a kill-switch, campaigners say it's atrocious

Flocke Kroes Silver badge

@Eugene Crosser

Put the IMEI in PROM and no-one can change it. Change the firmware so it does not read the PROM and and the IMEI is whatever the firmware decides it should be. The real danger of this law is it requires UEFI or something equivalent so you cannot jailbreak your phone.

Cleversafe CEO: We would tell you about the 8TB drive, but...

Flocke Kroes Silver badge

When 2MP is or isn't enough

If you are looking at the whole picture, 2MP is fine. If you step up close to the picture, ideally the part you are looking at should be about 2MP, so the full image should be bigger. 4k TV is pointless because you look at the whole screen. A 4k monitor can be pointy if you like to have 4 x 2MP diagrams in front of you at the same time.

6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)

Flocke Kroes Silver badge

Click back?

I set middle click to open the link in a new tab and not switch to it. I middle click on the links that look interesting, then close the tab. Waiting for a page to load is thoroughly last millennium. "Clicking back" and waiting to a page I have already seen to reload sounds like a complete waste of life. Have Facebook users really not learned Noddy level browser use, or is this the brainfart of a PHB?

Red Hat: ARM servers will come when people crank out chips like AMD's 64-bit Seattle

Flocke Kroes Silver badge

I agree, I would rather have FDT than UEFI

UEFI usually means no documentation, soldered down firmware, hoping for vendor updates to remove some of the bugs and praying the device does not get bricked during a firmware update. Lack of UEFI means there may or may not be good documentation, and the firmware may or may not be on standard removable media. I have been voting with my wallet. I am sure I am not the only one because the embedded system market has been creeping and lurching in the right direction.

Claim: Microsoft Alt-F4'd Chilean government open-source install bid

Flocke Kroes Silver badge

So Microsoft is saying ...

... buying proprietary software cannot be justified.


Flocke Kroes Silver badge

I thought I recognised this as previously debunked junk

I went to the website, pointed my browser at 'theorypaper9-4.pdf' and got and empty file. wget says 403 forbidden so the EmDrive fully lived up to my expectations. There is a 'principle of operation' page. The diagram has changed since last time.

Before, the magic chamber was a triangle, and the mathematics showed that the force on the roof was smaller than the sum of the forces on the other two sides. The mathematics conveniently used scaler addition, even though all three forces were in different directions. The correct mathematics would have summed the vertical components of the three forces and got the inconvenient result of 0. Despite the glaring defect in the mathematics, the project was still funded by the UK government.

This time, the picture is a trapezium, and the hand waving fuzzy argument talks about an EM wave with a 'large velocity difference at the reflector surfaces'. Electromagnetic waves all travel at the same velocity in vacuum. To get a velocity difference, you need two different materials, or a mixture of materials that smoothly changes composition with distance. As reading the theory is forbidden, I can only guess at the technique used to hide the defective mathematics. The way I would do it is to focus on the radiation pressure from reflection at the two ends and not mention the force on the (unshown) graded material in the middle.

Don't even THINK about copyright violation, says Indian state

Flocke Kroes Silver badge

They are just following the UK's existing laws

According to the MPAA, bootleg DVDs fund terrorism. If you are suspected of terrorism in the UK, you can be held without being charged for 28 days (The plan was for 90 days but we have been spared that for the time being).

Intel's Raspberry Pi rival Galileo can now run Windows

Flocke Kroes Silver badge

What software will it run?

Back when X86-64 was shiny and new, Windows did not run on it. Eventually Microsoft ported Windows. 64-bit drivers usually arrived when manufacturers released new products and all Windows applications were 32-bit for years for compatibility with the large installed base of 32-bit machines. AFAIK, Windows developers now target X86-64. What happens when you try to buy 32-bit software for Windows?

MPs to gaze upon biometric data industry's ID-gobbling tech

Flocke Kroes Silver badge

Of course new laws are required

1) A finger print left by a 3D-printed fake finger at a crime scene should be sufficient to convict anyone but a politician.

2) A phone company should be able to use your finger print with your bank if you forget to pay your bill.

3) All biometric data should be sent to GCHQ in case they need to impersonate you.

4) Wearing a Theresa May face mask should be an offence punishable by summary execution because you must be a terrorist.

Did I miss anything?

AMD's first 64-bit ARM cores star in ... Heatless in Seattle*

Flocke Kroes Silver badge

X86 RISC core

Intel tried non-x86 instruction sets before. Have you even heard of the i860 or i960? (Both died last millenium.) The Itanium was an unusual type of success: its announcement caused delays and reduced funding to improve existing competitive 64-bit RISC architectures. Intel won that battle before the Itanium was even delayed - let alone released as an over-priced low performance power hog. Although specialist applications were created for these CPU's, they never got economies of scale because the vast majority of customers had bought x86 binaries with no source code and did not want to buy them again - even if they could.

When AMD created AMD64, Intel copied it promptly and disabled the implementation. I think they did not want to encourage people to code for the architecture, but wanted to be ready in case it was successful. The first AMD64 CPU was released in April 2003. Linux support was ready in 2001, and X64 Windows was sold in March 2005. Sometimes new hardware even had 64-bit Windows drivers. Occasionally, developers would release 64-bit Windows software, but there was no sense of urgency.

Even if the RISC core inside Intel X86 CPUs was binary compatible from one generation to the next, Windows developers release software for new architectures slower than continental drift. In the free software world, Debian officially supports 11 different CPU architectures and has unofficial support for 9 more. (You can have confidence in AMD64, ARMEL and ARMHF. Expect anything from speed bumps to road blocks if you try to do anything useful with the other 17.)

New architectures only get Windows support five years after free software on them is so successful the Microsoft decide the need to compete. Free software targets architectures with a good price/performance ratio - especially at the low end of the market where hobbyists can pick up some cheap hardware are re-purpose it.

Intel are the world leaders in exorbitantly priced CPU's. From Intel's point of view, every cheap CPU sold means an expensive CPU isn't. They are the wrong people to introduce a new architecture, and decades of experience has hammered that lesson into their skulls.

Windows 8 market share stalls, XP at record low

Flocke Kroes Silver badge

Bye bye UEFI

I am currently using a 1GHz armhf. It is fine for writing letters, answering email and web browsing. It is silent, tiny and under £100 - with keyboard, mouse and monitor from a dead AMD64 PC. There is a choice of these things, and none of them suffer from UEFI. (They all use forks of Das U-Boot showing various levels of hurriedness, ignorance, inexperience, lack of documentation and repair by skilled hobbyists.)

A newly released ARM small cheap desktop comes with Android or Ubuntu. Installing the distribution of your choice requires the ability to solder on serial port so you can talk to U-Boot. Machines that are a year or two old will have instructions on the web that can be followed by anyone able to read man pages.

UEFI is not a barrier for desktops. Just do your research before purchase just like you had to for graphics cards and Wifi last decade.

KDE releases ice-cream coloured Plasma 5 just in time for summer

Flocke Kroes Silver badge

Is there any evidence that Wayland is an improvement?

There have been dozens of attempts to replace X11 with something more streamlined, without the network overhead. In the past, these projects have fizzled when the developers discovered the slowness came from the biggest applications that used X. X dates back to 1985, so it had to be efficient to run on the computers of the day. It has been optimised for decades. Wayland developers will have difficulty beating that, and if they do, their hard work will be hidden by every ground sloth application that requires 128GB on a 32 core 8GHz liquid helium cooled gamer's rig to run as fast as an anaesthetised ant.

Flocke Kroes Silver badge

Lies, damned lies and messing with popcon data

A couple of decades ago, about 60% of Linux developers used KDE, and about 60% used Gnome [Note to Windows users - switching to a different desktop environment in Linux usually requires about three mouse clicks, or you can run several at once and change which one controls the display/keyboard/mouse with <CTRL><ALT><Function Key>]. I was curious about what the current figures are, so downloaded some popcon results, which you can see below. Before that, here are some of the reasons why my results are thoroughly bogus:

1) Only machines with Debian installed report to Debian Popcon. I am sure plenty of people use Unity on Ubuntu, but only one Debian Popcon user uses Unity.

2) Popcon is optional. Lots of people do not install it, or they disable it.

3) A Debian package gets a vote if one of its executables is executed in the last month. (Some votes are missed because the executable is on a file system mounted ro or noatime.)

4) I have picked a package as a proxy for desktop environment use. I may not have selected the most appropriate package.

5) Multi-user computers get one vote per environment used, no matter how many users use each environment.

perl-base 152772

xserver-xorg-core 66660

gnome-panel 19654

xfce4-panel 11163

plasma-desktop 8990

openbox 4488

lxde-common 3407

mate-polkit 1884

fluxbox 855

fbi 313

cinnamon 247

ratpoison 105

kdelibs4c2a-trinity 98

unity 1

perl-base got the most votes. It is a proxy for the number of computers reporting to Debian Popcon.

xserver-xorg-core is an attempt to count desktop/laptop machines, missing out servers.

fbi is an attempt to count the number of people using Linux virtual consoles instead of Xorg.

kdelibs4c2a-trinity is Trinity (fork of KDE 3 from before the KDE developers started shitting on their users)

My attempt at getting modern figures shows 29% use Gnome, 17% use XFCE, 13% use KDE (plasma-desktop) and 43% use Xorg without Gnome or KDE. The only conclusions I trust from these figures are that both Gnome and KDE developers are good at driving their users away, but KDE developers are slightly better at it. KDE developers should not win a prize until we can find a way to compare them to TIFKAM developers.


Flocke Kroes Silver badge

Orbital gecko porn studio was fixed yesterday


Don't put that duffel bag full of cash in the hotel room safe

Flocke Kroes Silver badge

If everyone has their own number ...

I like to start early and get things done before people arrive and ask for help. On my last day, I had to wait for someone else to arrive because my number had already been deleted. As you would expect, he had forgotten his number because he never had to use it before. There we were with the bungler alarm screaming waiting for someone else to turn up and cancel the alarm. Just on the off-chance, I tried 1066 and the alarm turned off. Given enough people, someone will pick 1066 if they are not allowed to use 1234.

British cops cuff 660 suspected paedophiles

Flocke Kroes Silver badge

It means all videos get a unique id

When a video is identified as child abuse, Google and Microsoft can remove it from any server they control and remove it from search results.

Running the Gauntlet: Atari's classic ... now and then

Flocke Kroes Silver badge

For me, the game changed when someone said ...

"Wizard now has ... extra fart power!"

Microsoft: You NEED bad passwords and should re-use them a lot

Flocke Kroes Silver badge

There has to be a maximum password length ...

... or someone will test the site to see what it does with 1MB passwords.

I thoroughly agree that the maximum length should be printed in large friendly letters near the prompt, preferably with a list of allowed characters. Anyone tried 'パスワード'?

Flocke Kroes Silver badge

@moiety: Try downloading the data sheet for a chip

Some manufacturers require that you create an account before you can download a data sheet. They really need your false name, fictitious address, name of your first pet and the premium rate phone number of your favourite charity. I keep a list of these things handy in case someone else has not already created an account for 'username@example.com' with password 'password'.

There are times when a simple common password is the best choice.

UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill

Flocke Kroes Silver badge

there will be a list

The place to look for it is at www.theyworkforyou.com.

I just searched for "Data Retention and Investigatory Powers bill" and it shows as "upcoming business" for today. Give it a while, and you can find the list of MPs willing to put up some token resistance against the all-powerful GCHQ.

LOHAN seeks stirring motto for spaceplane mission patch

Flocke Kroes Silver badge

A couple of entries in my sig file seem appropriate today

Cogito nimis ergo demens sum.

Si hoc legere scis nimium eruditionis habes.

Flocke Kroes Silver badge

Per pigritiam ad planetas

Why does Google translate always pick one of the other meanings of a word when I translate back to English to check?

Adobe Flash: The most INSECURE program on a UK user's PC

Flocke Kroes Silver badge

Flash on Linux

There is a free software implementation called gnash, so Linux users are not dependent on Adobe.

That AMAZING Windows comeback: Wow – 0.5% growth in 2015

Flocke Kroes Silver badge

How to prefer XP to 7/8

XP machines were competitively priced. Wiping of XP and installing Debian is easy. Show me a modern Windows box for under £100 (excluding monitor, keyboard and mouse) that I can conveniently wipe and install Debian on.

Microsoft's insistence on 'secure' boot convinced me to keep old X86 hardware going until low priced ARM became fast enough. My last ex-XP machine will be retired next week and replaced by a faster 4 core 1GHz (Fanless!) A9 ARM (That is were the £100 price point came from).

Flocke Kroes Silver badge

Re: Gartner

I thought Gartner predictions were for sale, and if you didn't buy, they would predict growth for your biggest competitor at your expense.

MPAA, meet the Streisand effect: Picture ass. slaps Reddit with takedown

Flocke Kroes Silver badge

Viral advertising

Some people will never pay for films, so advertising links to torrents causes no loss of revenue from them. Some people like to try before they buy, so Streisanding this corner of reddit increases revenue.

Google adds 'data protection' WARNING to Euro search results

Flocke Kroes Silver badge

Just tried it

If I ask for google.com, I get redirected to google.co.uk. To go to google.com, I have to click on the link to it at the bottom of the google.co.uk page. For all I know, Google has worked liked this for ages. Anyone know for sure when this started?

Ofcom to BT Openreach: From now on, you'd better kill 70% of gremlins within 2 days

Flocke Kroes Silver badge

Do they still charge for technical support calls?

Excellent revenue stream. 45 minutes minutes of dull music waiting for someone to answer the phone and tell me to call the other number. 45 more minutes waiting for someone to tell me to try the first number again. So Ofcom say they can only keep this up for two days. What is to stop them fixing the problem, waiting a day then breaking it again?

Freeze, Glasshole! Stop spying on me at the ATM

Flocke Kroes Silver badge

I prefer the infra-red camera trick

After the victim has typed the PIN and taken away the hand used to hide what he was typing, take an infrared photo. The most recent key pressed glows brightest.


David Cameron wants mobe network roaming INSIDE the UK

Flocke Kroes Silver badge

Solved this last millennium

Get a channel islands SIM.

If Google remembers whom it has forgotten, has it complied with the ECJ judgment?

Flocke Kroes Silver badge

Getting into orbit does not protect Google

If a government wants to fine orbital Google, they can add a Google tax on Earthlings who buy adverts.

Google slings SSD persistent disks at huge 'n' hungry servers

Flocke Kroes Silver badge


Why bother when Google have the key?

Biting the hand that feeds IT © 1998–2019