* Posts by Frumious Bandersnatch

2193 posts • joined 8 Nov 2007

Perhaps the AIpocalypse ISN'T imminent – if Google Translate is anything to go by, that is

Frumious Bandersnatch
Silver badge

not quite at that AIpocalypse yet

I dunno. Maybe it indicates that the AI has developed a nascent sense of humour. Today it's telling us how to find a particular restaurant in a foreign town, tomorrow maybe directing us on how to fill our hovercraft with eels?

0
0

Oh no Wikiwon't: Russians plan own version of 'distorted' Wikiland

Frumious Bandersnatch
Silver badge

no mention of "conservapedia"?

http://www.conservapedia.com/Main_Page

I know there's Poe's Law and all that, but it seems that there are plenty of people who fall for this dross. Perhaps the Russians could fork from that instead of forking Wikipedia?

2
0

AT&T accused of Wi-Fi interception, ad injection

Frumious Bandersnatch
Silver badge

the "potential security problem" angle doesn't sound so weird

when you consider that this would be a perfect way for the various TLAs to track persons of interest arriving at airports. Just pay for ad space just like any other <insert your favourite scumbags here>

Paranoid, maybe. Weird, no.

4
0

'Web brothel' CEO, staff cuffed on prostitution rap – clue: the website is called Rentboy.com

Frumious Bandersnatch
Silver badge

a simple solution to illegal prostitution

Make it legal.

33
0

Prof Hawking cracks riddle of black holes – which may be portals to other universes

Frumious Bandersnatch
Silver badge

if your keys fall into a black hole ...

forget about them, man--they're gone.

(or maybe not?)

0
1

'Hans free' mobe gag crowned Fringe's funniest

Frumious Bandersnatch
Silver badge

I'd love to have a luxury yacht

I'd call it "Raymond".

(pronounced throatwarbler mangrove, natch).

3
0

Visitors no longer welcomed to Scotland's 'Penis Island'

Frumious Bandersnatch
Silver badge

re: Muff Divers

There's also a Feakle in Co. Clare. You wouldn't want to mix them up by mistake.

0
0
Frumious Bandersnatch
Silver badge

I think Peneston is Brittany should get a mention. 'Cos it sounds like Penistown.

Is that near Brest?

Anyway, I don't know anything about Scots Gaelic but I just logged on to say that "feis" (a festival) in Irish doesn't take the accent. We Irish would pronounce that something like "fesh". If it had a fada (the acute accent; I never knew Scots used a grave, but I assume it denotes the same sound change) on the 'e', it would sound more like "faysh". In other words, the fada changes the vowel from a short one to a long one.

1
0

High-heeled hacker builds pen-test kit into her skyscraper shoes

Frumious Bandersnatch
Silver badge

Re: Clever..

she dresses to distract and has no other space to store equipment

*snook*

0
0
Frumious Bandersnatch
Silver badge

Re: Huh?

shoes?

Taking a line from The IT Crowd, yes, "THE SHOES!" I wonder if this is where the hacker got her idea that men don't notice them?

1
0

Post-pub nosh neckfiller: The Ugandan 'rolex'

Frumious Bandersnatch
Silver badge

not so keen on your chapatis

They look altogether too thick and doughy.

If you're going down the route of making bread, nothing beats Malaysian roti canai. There's a bit of an art in stretching and folding the dough (like a pizza, but much thinner) but you can cheat with an oiled rolling pin (or clean wine bottle, natch) on an oiled counter. The stretching notwithstanding it lends itself well to some advanced preparation (mixing, kneading and proving and chilling the dough). It's also not too hard to whip up a quick lentil curry/sauce. The combination of the two is simply amazing. It's the perfect comfort food and great soakage after a night on the batter.

I've never made this myself, but after buying an electric griddle/flat-top in Lidl recently, it's high on my list (with okonomiyaki being the main other use I can think of). I reckon that ciabatta flour is a good bet rather than plain flour since it's higher in gluten and should give a better texture and be easier to work with. Lidl happen to sell those bread mixes, too.

The pics in the article reminds me also of Japanese tamagoyaki, which is basically a cross between an omelette and a crepe, but rolled up into a log and sliced. There's also a certain amount of skill involved in making them, but I gave it a shot recently and it actually turned out surprisingly well. It really needs katsuobushi, though (or Japanese dashi) for an authentic flavour.

2
0

Intel's Compute Sticks stick it to Windows To Go, Chromecast

Frumious Bandersnatch
Silver badge

Re: ARM without binary blob means no GPU

you cannot get any hardware graphics acceleration unless you use the binary blob

That's exactly what I suspected, Richard12. Someone talking out of his arse, I think.

2
0
Frumious Bandersnatch
Silver badge

Re: Yours will be for movies over ethernet?

re: OpenBSD runs without binary blobs and [Pi] is not an open system by any stretch of the imagination

I suspect that you're getting most of your downvotes because you're dissing the Pi (among other things), but I'd be interested to know which ARM platforms that OpenBSD runs on "without binary blobs". As I understand it, all ARM boards need a "Board Support Package", which basically seems to be the equivalent of the BIOS on a PC. Also, AIUI, these tend not to be open-sourced as manufacturers are in competition with each other and treat the inner workings as trade secrets.

The biggest problem with ARM and binary blobs, though, seems to be with the graphics infrastructure. ARM's own MALI drivers aren't open source so people have to try to reverse-engineer what they're doing and try to emulate them. Obviously the quality of the free drivers will vary depending on the specific platform.

So basically, just to reiterate, I'd be very interested in hearing which platforms OpenBSD works best on and, more importantly, whether it uses MALI (essentially this "binary blob" you're complaining against) or, in the case of a free driver, whether it's up to the level of the proprietary driver?

2
0
Frumious Bandersnatch
Silver badge

power over HDMI

I'm replying to both Ru' as above and also this part of the article:

As a note, the device can't be powered over HDMI. There is hope that Intel will implement this in future versions of the stick.

The 50mA figure is how much current the TV/monitor can take from the source (be it a graphics card or PVR or whatever). The TV does not power the source of the video signal!

I'm almost left speechless at how sloppy the article's author is here. It's fine that they don't know how HDMI works, but I'd expect any journalist worth his salt to do at least some basic fact-checking before submitting. And as for the "there is hope that ..." bit, who is it that hopes? Intel? The author? Random newsgroup posts? This unattributed passive voice bullshit is sloppy and lazy.

4
0

Adulterers antsy as 'entire' Ashley Madison databases leak online

Frumious Bandersnatch
Silver badge

so if I get this right

the list itself is adulterated? How ironic.

14
0

Cloudflare hiccup nudges Stack Overflow and others offline

Frumious Bandersnatch
Silver badge

Re: Something's wrong with the picture!

I think you're wrong. It's a brilliantly apt photo to go with the article once you realise that it's a random dot stereogram and can cross your eyes appropriately. It may take a while to get the focus just right, but it's definitely worth it.

2
0

Typewriters suck. Yet we're infinitely richer for those irritating machines

Frumious Bandersnatch
Silver badge

Re: Ah, spirit copiers.

hotwire polystyrene cutters

Is that like a hacksaw handle, a bit of narrow gauge wire and a 9v (?) battery? I think that I made one of those once. Good fun.

0
0

Random numbers aren't, says infosec boffin

Frumious Bandersnatch
Silver badge

re: In fact, if you were to start arbitrarily rejecting arbitrary output ...

Yup. Chi^2 test will tell you your PRNG output is bad some portion of the time. In the same way that PKZIP will sometimes be able to compress some truly random data.

I agree with AC. Rejecting results based on how non-random they look reduces available entropy.

1
0
Frumious Bandersnatch
Silver badge

what the world needs now ...

is "entropy, sweet entropy?"

Is it really the only thing that there's just not enough of (in /dev/urandom)?

a) use /dev/random, perchance?

b) chain output of a "good" message digest algorithm back into itself?

c) improve (b) by agreeing a nonce and using digest in HMAC mode?

d) "reverse-bias Zener diode" (a magic incantation I remember from many years back)

0
0

BOFH: My diary is MINE and mine alone, you petty HR gimps

Frumious Bandersnatch
Silver badge

Is that ...

the smell of superheated dust wafting all the way to mission control?

2
0

Flash deserves to live, says Cisco security man

Frumious Bandersnatch
Silver badge

Flash done right?

Flash's initial remit of making animation and context-sensitive graphics applications more amenable to graphic artist types was probably the main reason for its success. It's just a pity that at its heart it was just another general-purpose programming language (ActionScript). If you wanted the interactivity but not the ability to execute arbitrary code, it should be possible to move from a procedural paradigm to a more declarative one. It should be possible to write a provably secure "interactive graphics" platform in this way with a modicum of overheads (automatic stack and heap checks whether you want them or not) and neutering the language to eliminate any other "dangerous" operations (pointers or "evals" come to mine).

Of course Flash (and its design) come from a very different time (perhaps HTML5 is more akin to what I'm thinking of?) but it still begs the question about how it's still a bug-ridden piece of shit even after years of all these high-profile security problems...

1
0

The Lazarus Effect: Saved by Linux and Cash Converters

Frumious Bandersnatch
Silver badge

"perfectly standard USB keyboard"

Sounds like a trip to the BIOS to tick/untick the "Legacy USB support" option is in order. It also sounds like that was quite some time ago.

4
0

YOU! DEGRASSE! It's time to make Pluto a proper planet again, says NASA boffin

Frumious Bandersnatch
Silver badge

Re: Nomen est omen

re: Is "vegetable" a culinary or biological term?

I think you missed the point there, Ian. The OP said that "vegetable" is a culinary term and you disagreed by talking about fruit. What is this specific biological use of the word "vegetable" that you think that people are abusing? I think that, biologically speaking, "vegetable" is so broad as to be impossible to misapply. I think that, rather, your real beef is with people not knowing what a fruit is (and probably, by extension, the common fruit/veg dichotomy).

Personally I have no problem with a word having two meanings depending on context or field. I know that things like tomatoes (and other crops from the nightshade family apart from stuff like tobacco and potatoes whose fruits are poisonous), all the squash/cucurbit family, rose hips/haws and even beans are technically fruit in the biological/horticultural sense, but I've no problem with these things being "misclassified" in the fruit or veg aisles at the supermarket. No more than I mind people saying that "the Internet is down" or similar.

Reminds me of the saying (no idea who came up with it) that "knowledge is knowing that a tomato is a fruit; wisdom is not using it in a fruit salad."

As it is with fruit, the same could be said for Pluto. Some experts might use a specific definition of what a planet is, but it doesn't stop the general public having their own ideas, too. Who cares if a bunch of astronomers use the word "planet" one way? The only place where the "correct" definition makes any difference would be in exams, pub quizzes and dictionaries and, frankly, none of these holds any sway over me.

3
0

Galactic BIRTH: ALMA peers THIRTEEN BEELLLION years into Dawn of Time Itself

Frumious Bandersnatch
Silver badge

Re: This is maddening

Well you might not be able to see back beyond a certain point but people can hypothesise about the earlier stages and design high-energy experiments to test their theories. Apparently in the first few moments of the universe things existed as a "quark soup". Scientists are currently working to discover if it tastes anything like matar paneer. One recently commented, "I really hope it is--that would be super awesome."

4
0

Get root on an OS X 10.10 Mac: The exploit is so trivial it fits in a tweet

Frumious Bandersnatch
Silver badge

Re: The real culprit

Hmmm... I wonder why I got a downvote for the above. I didn't downvote the OP since he's stating an opinion and explaining his view. If I am wrong then a post explaining why would be so much more useful (for everyone) than a knee-jerk downvote...

Those who do not understand Unix are condemned to reinvent it, poorly--Henry Spencer.

4
0
Frumious Bandersnatch
Silver badge

Re: A simple temporary fix or am I missing something here?

But is a simple remediation just setting the /etc/sudoers file to be immutable?

Possibly, but since the bug allows you to append to any file, you'd be just whacking moles, figuratively speaking.

With the ability to append to any file, I could just write a new entry in the password file:

getroot::0:0:root:/root:/bin/bash

Then I could log in as user 'getroot' with no password, which should be effectively a synonym for the real root user.

Temporary fixes like this aren't really going to get you very far. Even if you lock down the most sensitive files, you just have to find a shell script that root will run at some point and that doesn't have an exit or exec command at the end of it. A quick check on my Debian system shows that /etc/cron.daily/0anacron fits the bill nicely. I could append something like:

EVIL=/home/frumious/.secret/shell

cp /bin/bash $EVIL

chown root $EVIL

chmod +s $EVIL

Then I'd come back the following day and run my new setuid shell ...

bootnote: fucking stupid cloudflare filters kept telling me that I'd been blocked when I was trying to write the above. All because I mentioned "slash etc slash passwd", I think. You guys need to turn off that shit. How are we supposed to discuss articles if we can't even talk about a key *nix file?

3
0
Frumious Bandersnatch
Silver badge

Re: *nix

i (sic) really hate that "*nix" nonsense. If you mean Unix then say Unix.

There was a time when there were lots of Unix-like systems, but none could be called Unix because it was trademarked and would have resulted in a lawsuit. The whole SCO thing was just the last in a long line of such lawsuits. If you know *nix, you'll know that * is the "Kleene operator", or glob symbol as it's more often known, so it matches most of the alternative names or distros. Xenix comes to mind, but you might consider Posix too. Since it's humans doing the pattern matching rather than machines, stuff like HP-UX and Linux match too.

Anyway, *nix is a much preferable shorthand than "Unix(tm)-like systems".

10
0
Frumious Bandersnatch
Silver badge

Re: The real culprit

Is the deliberately holed *nix security model

With respect, I understand your viewpoint but I don't think that the setuid mechanism is fundamentally broken. I think that it's a really elegant solution for the problem of privilege escalation.

All OSes need to have the ability to run protected or kernel-level code and means of making them available via userland in some way or other. Unix-like systems (the hint is in the name) have a unified approach where root can do anything and for the most part, barring obvious programming errors, this works. Neither does the setuid model preclude you from adding extra "boundary checks", as you put it, if you want to (*). If you want more fine-grained control (was it VMS that had "capabilities", for example?) then that can be implemented within the setuid program (or use regular file permissions; though I guess you don't like the user/group idea either).

By design, the *nix model is that if you are root you bypass all security checks.

This is the main thing I disagree with. You are forgetting that root does not exist in isolation. Yes, root can run anything, but setuid programs (and user/group permissions, as above) are the gatekeepers. So in fact, even though you say there's no "security boundary", that's not true: you don't get unfettered access to root, but can only do what the permissions and setuid programs allow. As I said above, these interfaces can be used to express any sort of security model you want.

This bug was particularly stupid since the golden rule of writing setuid programs is (probably, if there were a "golden rule") not to trust any user data, environment variables included. Oh, and for Gods' sake, make sure they're statically linked so that they can't be tricked with an LD_LIBRARY_PATH. So I blame the designers, programmers and review team, not the design of Unix. No-one with an understanding (and it's not difficult to understand) of how the Unix security model works should be making these mistakes. Nor would they be making the complaints that you're making, I feel.

(*) I may follow up on this in another post.

10
1

OpenSSH server open to almost unlimited password-guessing bug

Frumious Bandersnatch
Silver badge

Re: pam,pam,pam,pam,pam,pam,pam,pam,...

Nice to see that some people can still read Perl code. I was going to make a similar post but you beat me to it. Have an upvote.

1
0

Even Microsoft thinks Outlook is bloated and slow

Frumious Bandersnatch
Silver badge

oo-er missus

No time for the old "in-out". I'm just here to read the meter.

1
0

The Register's resident space boffin: All you need to know about the Pluto mission

Frumious Bandersnatch
Silver badge

Re: 'Young ' surface

It's a shame New Horizons didn't carry a magnetometer

They should have sent McGyver instead. Need a magnetometer? There's got to be plenty of other bits and bobs aboard that he could use to whip up whatever instrument might be needed at any given time.

1
0

Happy NukeDay to you! 70 years in the shadow of the bomb post-Trinity

Frumious Bandersnatch
Silver badge

frotz!

Sharp words between the superpowers. Tanks in East Berlin. And now,

reports the BBC, rumors of a satellite blackout. It's enough to spoil

your continental breakfast.

But the world will have to wait. This is the last day of your $599

London Getaway Package, and you're determined to soak up as much

of that authentic English ambience as you can. So you've left the tour

bus behind, ditched the camera and escaped to Hyde Park for a

contemplative stroll through the Kensington Gardens.

Palace Gate

A tide of perambulators surges north along the crowded Broad Walk.

Shaded glades stretch away to the northeast, and a hint of color

marks the western edge of the Flower Walk.

9
5

Bitcoin fixes a Greek problem – but not the Greek debt problem

Frumious Bandersnatch
Silver badge

no control [...] over the amount of Bitcoin in circulation

Well, actually, there is a mechanism, albeit not one you can fiddle with quickly or in both directions. That mechanism is the difficulty level associated with "mining" a bitcoin. The system (IIRC) works to a schedule to make it gradually more difficult, but if there was some sort of central bank equivalent charged with manning the levers, there's no reason why it couldn't push out the schedule for increasing the difficulty. The net result would be equivalent to quantative easing, except that of course it would be be miners printing the "extra" money currency rather than a central bank.

I don't think that Bitcoin could work if the difficulty level was allowed to be reduced since that would be a fast track to devaluing it asymptotically to zero. Still, I wouldn't put it past the ability of some clever designers to come up with a new "alt" currency that does allow a kind of central bank role that could effectively control the rate at which new currency could be created---say by making it index-linked, perhaps?

1
0

Hands off, Apple! Irish dev studio sues over alleged iWatch infringement

Frumious Bandersnatch
Silver badge

Re: I love it when Apple...

but are Probendi actively using the trademark or are they just a patent troll?

You know that trademarks and patents are different things, right? IANAL, but I think that the laws around trademarks are such that if you don't actively defend them, you risk losing them. AFAIK there aren't any similar rules for patents so failing to sue for patent infringement (or sitting on it until it becomes more worthwhile to do so) doesn't invalidate your rights as a patent holder. If I'm right on these points then there shouldn't be any such thing as a "trademark troll".

Far from being a troll, I'm pretty sure that Probendi are pretty much forced to take action here.

7
0

Microsoft sprints to finish, emits possible Windows 10 RC build

Frumious Bandersnatch
Silver badge

" ... customers will start to receive on 7/29," Gabe Aul wrote

With Aul, there are more than 12 months in a year?

I don't know why this sort of thing ticks me off so much, but it does. Why can't international companies use unambiguous date formats in their announcements, web postings and such?

7
0

Nokia Networks is going to make zer Vaterland's trains run on time

Frumious Bandersnatch
Silver badge

Re: Make the trains run on time????

Misleading headlines seem to be getting to be par for the course here these days. There's no Mussolini angle mentioned in the article at all.

4
0

We tried using Windows 10 for real work and ... oh, the horror

Frumious Bandersnatch
Silver badge

Re: That desktop wallpaper looks...ominous

Very. My first thought was "Event Horizon".

3
0

Pwned Hacking Team tells cops, govts to shut down software

Frumious Bandersnatch
Silver badge

ta an piast tar éis casadh

Reminds me of this old phrase I remember from Irish... literally, "the worm has turned".

1
0

Cunning goldfish avoided predator in tank for seven years

Frumious Bandersnatch
Silver badge

Re: Sport fishing?

And a sushi knife.

I never heard of koi sushi so I thought maybe they don't taste good. Turns out that people don't eat any freshwater fish due to the risk of getting parasites. The Wikipedia page on raw fish dishes says:

Traditionally, fish that live all or part of their lives in fresh water were considered unsuitable [...] due to the possibility of parasites

I never knew this but now it makes sense to me that certain fish like mackerel (aji, saba), eel (unagi) and maybe others that are commonly seen on sushi are always cooked first...

1
0

Hi-res audio folk to introduce new rules and weed out impure noises

Frumious Bandersnatch
Silver badge

Re: Monty....

re: http://www.xiph.org/video/vid2.shtml

I didn't watch the video. I would have expected someone to give this link ("24/192 Music Downloads...and why they make no sense") instead ...

1
0

Apple pulls Civil War games in Confederate flag takedown

Frumious Bandersnatch
Silver badge

Re: Fast track to offense

Apart from historical reference this Confederate flag belongs with that swastika - in the trash.

What's wrong with the swastika? I personally like it. It's just a pity that some nutjobs decided to appropriate it for their own ends and that as a result we've been denied it ever since. Making it illegal is as senseless as making the symbol '福' illegal.

2
0

This whopping 16-bit computer processor is being built by hand, transistor by transistor

Frumious Bandersnatch
Silver badge

Re: If you really want to go off-piste ...

re: hydraulic computers, there was MONIAC but I'm not sure if it counts as hydraulic (involving water pressure in some useful way) or a computer in the usual sense.

What prompted me to reply, though, was that I just recently came across the idea of a hydraulic ram pump. Sounds like it would make an excellent component in this speculative machine.

Now you've got me thinking about powering stuff with water in Minecraft :(

1
0

Swordfish fatally stabs man after man stabs, fatally, swordfish

Frumious Bandersnatch
Silver badge

Re: GOOD

I wonder if J R Hartley used to receive abuse and death threats?

Probably not, but even if he did, it's kind of hard to kill a fictional character. I can't see them running follow-up ads like that.

1
0

Cheesy video shows ex-Gooners pronouncing 'Huawei'

Frumious Bandersnatch
Silver badge

wha[t] way do you really pronounce it?

(sorry, I don't click on video links... did I guess right?)

2
0

Heroic German rozzers rescue innocent lamb from sordid brothel

Frumious Bandersnatch
Silver badge

Is it OK to say

that that's one mighty cute lamb in the article?

4
0

100s of Virgin Media customers hit by handset repair glitch, telco admits

Frumious Bandersnatch
Silver badge

can I upvote the article?

It deserves it for the Dylan Moran/Black Books pic alone.

1
0

Attack of the dinky drones! US military creates ROBOTIC CARRIER PIGEON

Frumious Bandersnatch
Silver badge

PASSENGER PIGEONS!?

Passenger pigeon's been extinct since 1914!

Oh, you said "carrier". As you were ...

1
0

You say you want a musical revolution. Actually, have three

Frumious Bandersnatch
Silver badge

suddenly it was possible [to have] a pop song without harmony

If that was in 1991, then I guess Napoleon XIV must have been some sort of visionary? That came out in 1966 and although the wiki link doesn't mention it, I recall reading that he was denied composition rights (iirc) because it didn't have any of the usual elements of a "song", most notably not having any "notes" (no pun intended, it's all just glissando with no fixed stops). I think that the link here might explain that in point 5... he lost certification from the American Society of Composers, Authors and Publishers.

Also, while I'm talking about pre-dating, how about Blondie (Rapture, 1980) and Gil Scott-Heron (TRWNBT, 1970) as rappers/proto-rappers? And obviously there were tons of electronic artists before the 1983 cutoff (like Bruce Haack, but many before him, too). Less eclectically, Telstar was a massive hit in 1962...

2
1

Forums

Biting the hand that feeds IT © 1998–2017