* Posts by Mage

5419 posts • joined 23 Nov 2007

Aussie trams equivalent to 30 skateboarding rhinos

Mage
Silver badge

Re: "120 cycling Boris Johnsons"

How many Trumps is that?

1
0
Mage
Silver badge
Pint

Re: Standard Units

What sort of skate board?

I used two bargain basement priced skateboards my kids had abandoned to move an AGA style solid fuel stove/oven/water heater. On my own, though I had a lever. It had taken SIX large Hurley players (similar size monster to a Munster Rugby player, but more dangerous) to put it where I was moving it from, so yes I can imagine a Rhino using two skate boards or one modified model.

3
0

Will AI spell the end of humanity? The tech industry wants you to think so

Mage
Silver badge
Big Brother

simply refinements of technologies developed in the 1980s

Or even earlier.

It's more about databases and the interfaces. I don't see the strong AI that worries Hawkings anywhere. The winning at Chess, Jeopardy or Go is not AI, they are all refinements of single domain programs and bigger human curated datasets. I see other serious threats due to misuse of computer technology. Privacy, security, Cloud, DDOS and IoT based threats etc.

Siri, Cortana, Alexis/Amazon Echo, Google Home etc are parlour tricks, speech to text driving search Engines, just better versions of Hello Barbie or incremental development 10 years ago mobile phone or car radio voice control, simply needing less training than 20 years ago (though all inc Hello Barbie and Samsung TV now send the voice to servers, the internet connectivity and non-real time analysis to improve the model is creepy)

5
0

The cloud is not new. What we are doing with it is

Mage
Silver badge
Flame

Indeed not new

Just 1960s rented timeshare.

Except now stuff is being outsourced or run on "Cloud" which absolutely is a disaster waiting to happen.

No core business function, Point of Sale, Billing system. Infrastructure control, ATM, ERP etc should be "in the cloud" or even outsourced at all.

8
1

Wi-Fi commuter fears

Mage
Silver badge

Re: news?

Exactly why I set up a VPN server on my router. But it's not a solution for non-IT folk. It's not trivial.

1
0

Musk outlines plans for Mars

Mage
Silver badge

Heart of Gold spacecraft's 42

I think he reads too much comedy spoof SF to be making engineering decisions.

I'd advise anyone flying on his ships to take a white paint marker and Duck tape to disable selections on all the drinks machines.

Besides if his spacecraft are as hyped as his car's "autopilot" you want an alert human pilot too.

0
3

Chinese electronics biz recalls webcams at heart of botnet DDoS woes

Mage
Silver badge

Re: UPnP is a red herring in this thread

Not entirely as it's a really easy one. However you are right that even UPnP didn't exist there would still be a problem.

There is no complete solution. The Internet is going to get unreliable as if we are all living in some sort of post atomic war dystopian society. Add Facebook/Google etc slurping and outsource of core business function to the "cloud" when they should be in house, and the future looks unpleasant.

1
0
Mage
Silver badge

Re: What percentage returned?

"Why not have their ISP disconnect them? "

Its DDOS attack. How would the ISP know?

3
0
Mage
Silver badge
Unhappy

Re: Joe Stupid isn't smart enough to do everything you say

Given current design of the Internet and how a Firewall works and the desire of IoT makers to "phone home", if there was no uPNP, the instructions would explain how to put your entire LAN in the DMZ, or some other such foolishness.

I'd thought of having every router & gadget, phone, laptop, tablet etc have a short range two way IR link to exchange keys and settings, even then have unique key per device. It's simple HW & SW but the makers would object to the extra $2. Unscrupulous vendors would connect stuff in a way worse than today.

The design of Internet is flawed, assumed good users and well behaved devices. The design of eMail ignored spam issues on Telex, RTTY, and earlier Telegraph and added almost no security at all and missed out the idea of whitelists.

Systems never envisaged to be used by other IT Admins in responsible establishments.

There are sticking plasters, but no solution. The triple whammy of rise of IoT, outsource to cloud and giant Corporations stealing (or conning people into giving it) all our private info and usage and monetising it doesn't bode well at all.

If mobile credit balance, ATMs, Point of Sale, Infrastructure control, smart Meters, Retailer's stock ordering / ERP systems etc all outsourced to the "Cloud" and a that has many areas of mono-culture, what if DNS, Edge Routers, what ever is taken down by IoT or a bad patch released late Friday set to auto-install and propagate on the Cloud ...

Or timing of Exchanges, Datacentres, DTT, DAB, Mobile stupidly relying on cheap GPS instead of a local Atomic Clock (under $1000 now) and there is a flare that knocks out all satellite, inc GPS. One in the 19th C. was big enough. There was another that fortunately missed us!

We aren't there yet, but rushing toward it.

1
2
Mage
Silver badge

Re: UPNP is convenient.

For those that don't know (a minority here), VPN = Virtual Private Network. Properly done it adds and extra "network port" on your PC/Tablet/phone which is actually the VPN client software. It's creating an encrypted connection into your VPN server. It then can expose everything on you LAN as if you are on the LAN, or just stuff on the VPN Server, and/or the Internet as seen by your home LAN. So stuff on the internet that's blocked (due to local router / NAT rules of a University OR because you are in America and your home Router is in UK) is then visible via the home internet connection. So you can use VPN for four reasons:

1) Access stuff like POP/SMTP on your own ISP's mail server as if at home, securely in a WiFi cafe, possibly avoiding MiM attacks.

2) Access files or whatever on the VPN server, securely.

3) Access random device on your LAN as if you are on the LAN

4) Bypass geoblock or local port blocks.

If properly set up:

1) You need user/pass that is very secure to connect at all.

2) The data is all securely encrypted, possibly even good enough to block hypothetical quantum computers cracking.

The keys are made at home, and loaded on the device at home* so the classic problem of key distribution is solved.

[*You can write it on rice paper and eat it]

1
1
Mage
Silver badge
Happy

Amazing...

A company actually recalling IoT stuff for security.

AND they are Chinese!

5
0
Mage
Silver badge

Re: UPNP is convenient.

But like Autorun, ultimately stupid and not needed.

Either manually set up a port (but with sensible rules, to a sensible device or else your LAN is exposed), or a VPN. I set up a VPN server on an old PC and later on my router instead (Open WRT) and put it on port 80 so I could use home LAN to access email securely (or at all! I don't use Web based email) away from home, or other home resources. Why port 80? Because hotels, cafes, University especially may block various ports. They don't block 80, thinking it's only used for HTTP.

Not all VPN clients can use arbitrary ports. But I found one for Windows for my kids at Uni that did (this was 10 years ago).

3
3

App proves Rowhammer can be exploited to root Android phones – and there's little Google can do to fully kill it

Mage
Silver badge

Re: I'm sure a lot or people would like to know

It should be independent of OS, and essentially barely fixable in existing phones. It's a design issue of the physical RAM implementation.

I wonder what is the difference with the phones that are not affected?

2
0
Mage
Silver badge
Coffee/keyboard

Reliability

This suggests that even without malware, there is design flaw, such that data or program in RAM, of the users apps OR the OS can be inadvertently corrupted.

Even if it didn't lead to an exploit, this RAM flaw needs to be fixed!

6
2

Newly discovered cave-dwelling creepy-crawly is four times the man* you are

Mage
Silver badge

So...

What is the female like? Or is that the female too (Snails are both?)

1
0

Duck Google's data grab

Mage
Silver badge

" with user permission"

But can we trust them?

They have a HUGE web of data gathering.

They only stopped WiFi Slurp when

a) Caught

b) Android (esp.) & Chrome Browser and Chrome OS help continue slurp of location and WiFi info.

How meaningful are any of their statements.

The insistence on combining cookies, log-in etc on all the Google services (inc Google Doc, Maps, Youtube, Gmail) is totally obnoxious and evil.

They are worse than Facebook before this as Facebook is easily avoided. Google hosts fonts, analytics, javascript libraries, APIs etc for very many third party websites. SHAME ON THE STUPIDITY of site owners promoting Facebook, Twitter, pinterest and using Google services they could host themselves, in many cases the 3rd party sites use of Google certainly breaks the intention of EU dataprotection and cookie law even if legal.

I block all 3rd party cookies. Why is that not the default setting on browsers, they serve no honest purpose and never needed by user.

Noscript is also your friend to block domains.

I'm also a bit fed up with how general searches have loads of YouTube links and image searches have loads of pinterest links (who owns them and it's evil how hard it is to see where the pinterest image is "stolen" from.)

3
0

Hackers pop top 'secure' wireless keyboard and mouse kits, gain RCE

Mage
Silver badge

Re: Alternatively....

USB HID is such a broken thing security wise, maybe the USB mouse / keyboard is malicious. I'm not sure if a PS/2 mouse is safe.

A PS/2 keyboard could have a keylogger and intermittent mobile modem to report home built in?

I just can't see any advantage to a wireless keyboard or mouse anyway, liable to run out of battery at awkward time, the stupid keyboards sleep and miss your first few keystrokes, and wired is instant after PC / Tablet sleep, the BT types are slow to re-connect. If 2.4GHz and your WiFi is 2.4GHz and weak, it may make it weaker.

A USB mouse is £1 to £10 for a perfectly good one.

0
0
Mage
Silver badge
Devil

Even after it's fixed...

You buy some, do them up nice, add some software or a chip and ship it to your targets as free samples/presents/beta test etc. (It's been done and works better than "losing" USB sticks in the target's car park, though that works too)

Beware Geeks carrying Gifts this Christmas.

6
0

Is Google using YouTube to put one over on Samsung?

Mage
Silver badge

Google is emerging as a major rival in smartphones to Samsung

I don't think so. The new GooPhone is aimed at Apple customers.

Google makes money TWICE from Samsung:

1) Any licence fee to use the "Blob".

2) Android reporting to Google.

As one of the largest (or largest?) and flag ship supporters of the official Android ecosystem, why would Google want to damage Samsung or the Android brand (by association). My conspiracy theory is that Google was taking these videos down, not Samsung via DMCA notices. Samsung isn't Apple or the Thai Government. Then Google (or the minion that had acted without higher up authorisation) realised this was counter productive. Better to join the laughter than pull a Streisand?

5
1

Every LTE call, text, can be intercepted, blacked out, hacker finds

Mage
Silver badge
Windows

Re: I'm near retirement age and what is this

More like 30 years... of Mobile.

The entire history of Internet.

It seems designed in security is rare and working is rarer.

2
0

AT&T wants Time Warner

Mage
Silver badge
Devil

Delivery and Content

Combining content creation and owning channels is good. The UK idea of BBC divesting content creation is nuts.

Combining Content/Channels and a delivery platform is evil. We've seen that in Ireland and UK with Sky.

0
0

Today the web was broken by countless hacked devices – your 60-second summary

Mage
Silver badge

Re: Maybe..

" it uses uPNP to punch a hole in the router for itself. It announces its presence to several foreign servers, and it has a default telnet login of root/123456.

I've hacked the startup script (luckily writeable) to replace the hosts file "

Disable uPNP on your firewall / router.

Setup a VPN (properly) to your home network if you want to remotely access stuff on it.

3
5
Mage
Silver badge

Re: Maybe..

Problem is proving that the USERS/Owners suffered at all.

0
0
Mage
Silver badge
Coat

Re: "....big names including GitHub, Twitter, Reddit, Netflix, AirBnb ...."

No, but could be next time. They might come for El Reg.

"First they came for ..."

4
0
Mage
Silver badge

Re: Home Router Traffic

The most evil feature added after Autorun (Win95a and earlier Amiga) was uPNP, especially on routers!

It should be illegal to have uPNP on a router/firewall and have internet without a firewall. It's only a partial mitigation, but would stop most of current IoT compromise.

There is no complete solution.

4
0
Mage
Silver badge

Re: Maybe..

There is actually no solution to this.

2
0

Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert

Mage
Silver badge

Il

Capital i and small L

Never mind 1 I and l

4
0

Hewlett Packard Enterprise gives UK boss control of Ireland

Mage
Silver badge

Ireland as a UK region

I'm a bit fed up.

Try using Amazon in Ireland.

Or buy stuff sold in Euros or Dollars made outside UK without it having a UK middle man profit margin and UK sterling <-> Euro hedge, maybe on UK import and export to Ireland.

However HP became irrelevant to me when they took over Compaq and rationalised on the wrong products and bloated their printers.

0
0

Sky’s CEO drops MVNO bombshell at results conference

Mage
Silver badge

TWAIN scanner API/Drivers

Allegedly doesn't mean anything!

Why do people spell Laser with a "z" :)

1
0
Mage
Silver badge
Headmaster

MVNO

Actually over 1200 hits searching MVNO on forums here.

It does seem to occasionally cause confusion.

I remember in early 21st C reading a trade/professional Telecomms journal after a few years break and finding every article had myriads of undefined acronyms and abbreviations.

Given that this is a Tech site, I'm only partly sympathetic, which is why I bothered to explain.

Then there are acronyms like CAPI and SMB that change with time or context to mean something entirely different. Or BEREC, which in 1906 was British Ever Ready Electrical Company and in 1950s was British Ever Ready Export Company (a UK Ever Ready Division) and in 1980s briefly BEREC was the holding company for Ever Ready and BEREC.

BEREC is now:

Body of European Regulators for Electronic Communications (BEREC) was established by Regulation (EC) No 1211/2009.

Very annoying when searching for 1950s BEREC as there is really no sensible way to to date related searches, either on content or site creation.

It's nearly impossible to keep up to date. Maybe articles should mention once, what the abbreviation is for?

6
0
Mage
Silver badge

MVNO

Mobile Virtual Network Operator.

You'd easily guess as Sky has no mobile network and it's how Tesco and others work.

Some like Tesco have their own backend using only masts and backhaul and others are really just resellers with only a billing system (probably outsourced).

Technically, it would be best if there was ONE infrastructure per major geographic region and everyone was a kind MVNO. See also RAN, the idea that you'd roam to other operators even where you own operator has coverage, so as the load per channel / mast / sector is balanced. Can give x2 or more improvement in speed or capacity.

Dividing a scarce thing like spectrum between operators is totally daft and inefficient. It's not like Service Stations or baked beans factories in terms of competition.

4
0

Sysadmin flees asbestos scare with disk drive, blank pay cheques, angry builders in pursuit

Mage
Silver badge

Bursar

How you must hate that bursar. ^_^

I think I'd leave before the second annual sports day :(

2
0
Mage
Silver badge

Die Hard VII: Sysadmin

Excellent.

48
1

What will happen when I'm too old to push? (buttons, that is)

Mage
Silver badge
Pint

Not being old

Just realising there are better uses of time than watching blinking Blue LEDs (Red and Green was so 15 years ago).

You've realised the Emperor has no clothes.

7
0

AMD is a rounding error on Intel's spreadsheet and that sucks for us all

Mage
Silver badge
Unhappy

Sigh

How did we get here with Intel CPUs being so expensive? It can't be a properly operating market. There has to be a nasty explanation, underhand dealing, to explain such market dominance on overpriced parts.

10
5

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

Mage
Silver badge

Re: Whinging

And at the end of the day it wasn't exploitable unless you had rubbish security anyway, or physical access, as the computer has to be running suitable malware.

It was NOT an access hole or back door, but privilege escalation.

13
1
Mage
Silver badge

Mitigation

There has to be a malicious program running on your computer designed to exploit this. It's a privilege escalation.

It's somewhat less likely there is a malicious program already, on a workstation etc behind a firewall with no outward facing services and "Noscript" or similar on the Browser.

12
3

Third of Donald Trump's debate deplorables are mindless automatons

Mage
Silver badge

Twitter, Facebook: Freedom of speech?

I thought Adam's blog was daft. Everyone knows that Facebook & Twitter have to be PAID to deliver all your posts to all your followers.

Neither are public service broadcasters but advert funded exploitive parasites, except twitter isn't so good at it so is losing money.

0
0

Britain's fight to get its F-35 aircraft carriers operational turns legal

Mage
Silver badge

Re: It's like the blind leading the blind.

The USA approach (not dissimilar to Russian, Chinese and French) is to claim only their own laws apply, and not only to their own troops, but indeed to anyone else. Also they will define who is a combatant or civilian, not the Red Cross/Red Crescent etc.

I'm puzzled why if "Brexit" is about being in control of British sovereignty that they would ask anyone, or indeed why there are not plans to leave NATO and UN as well as EU (Swiss only recently joined*)

[*3 Mar 2002 ... Switzerland abandoned centuries of political isolationism yesterday by voting to join the United Nations in a cliffhanger referendum which had ... The Guardian. See also Wikipedia]

8
2

BYE, EVERYBODY! Virtual personal health assistants are coming, says Gartner

Mage
Silver badge

Gartner

Now I know Gartner are smoking something bad for health.

5
0

Is this the worst Blockchain idea you've ever heard?

Mage
Silver badge

Re: Blockchain and HMRC

The problem is that all services the public needs would collapse. Due to the fact it would take years to process each months taxation.

The tax revenue pays for lots of stuff people need. The MPs and Civil servants only actually spend a small percentage of what is raised on themselves.

Similarly if it was used for DRM, no-one would buy streaming services, downloads, subscriptions or physical media after a few days as it would seize up.

2
1
Mage
Silver badge

micropayment system

However Blockchain is the opposite to a micropayment system in almost every aspect of how it works.

9
0

IoT botnet swells

Mage
Silver badge

Re: Great. Just great.

It's Western marketing. The Chinese are only fulfilling the orders generated by Western Marketing wholesale and Retail.

Who owns Amazon, Facebook, Google, eBay, Maplin etc?

Where are the regulatory offices?

2
0

Will rush for New Radio compromise 5G quality?

Mage
Silver badge
Flame

Spectrum

The sub 1GHz, especially 800MHz and lower is cells that are too big for high capacity, high speed data. Only a cheap way to extend voice coverage at expense of capacity.

Above 2GHz, toward 3.5GHz radio spectrum becomes progressively more Line Of Sight. So 3.5GHz is only much good for roof top aerials or femto cells.

Above the 4.5GHz / 6GHz you are looking at only open plan offices pico-cells or air-point per room WiFi.

I've used 10GHz band terrestrial Fixed Wireless Broadband and both Ku Band (11GHz to 12GHz approx) and Ka Band (19GHz to 21GHz) gear, not just as a user, but both as RF Equipment design engineer and also evaluation of systems.

28GHz etc is fantasy outside of a room or open plan.

Very much in the media, stuff by Regulators etc is nonsense.

Mobile is viable between 900MHz and 2600MHz bands. The 2300MHz is the only useful new band in Europe.

Most of the existing 900, 1800 and 2100 spectrum is massively underutilised:

1) Cells too big

2) Split between multiple operators. Using one shared Infrastructure, or even "roaming" where an operator actually HAS coverage, would almost double capacity!

Regulators need to be forbidden to auction as this encourages weak licence conditions to make auction price go higher. Auctions are the enemy of efficient spectrum use.

Conventional badly applied theories of Competition benefiting Consumer damage Mobile performance and competition as it's NOT like making baked beans. Spectrum is too finite. They need to be only competing for customers by offering shorter contracts, better deals from the same wholesale properly regulated spectrum.

Subsidy of handsets by subscription is hidden hire purchase.

Also hidden is the overcharging on voice and text, subsidising data.

The regulators have totally messed up.

The FCC is messing it up for the rest of the world too, as does greed of royalty earners like Qualcomm wanting to sell new model chips for new bands. The proposal to have LTE on WiFi bands is driven by chip vendor greed and to an extent Mobile Operators (Femto cells without an expensive licence or bothering to co-ordinate channels).

700MHz and 600MHz are madness as the cell size can't be controlled and even larger than 800MHz which is poor for cell size.

You can't beat the laws of physics.

5
0

Just what Europe needs – another bungled exit: Mars lander goes AWOL

Mage
Silver badge
Unhappy

Re: Shame

It was though an experimental landing mechanism. The main mission is actually the satellite, the lander was only supposed to operate for a short period and establish if the landing tech actually works. Still, I agree it's a shame.

I hope they got some useful telemetry to unravel where it went wrong.

2
0

Microsoft reveals career-enhancing .PNG files

Mage
Silver badge
Headmaster

Re: Revenue generators. Full stop.

"I've said this before I am yet to see an individual with a certification from the likes of Microsoft or Citrix that can demonstrate a superior level of knowledge to an individual that's actually worked with the technology."

Actually sometimes the MCPs, MCSEs are worse, because you have to put MS Marketing Dept answers to pass, which not only conflict with real world common sense, but sometimes with MSDN/TechNet articles.

Very many of the "Official" MS exam ways of doing stuff are nuts.

IMO the MS exams (having passed four with high scores) are only of value to companies selling ONLY MS products picking MS friendly Sales people.

Some of the Cisco ones are a bit more useful.

" Until and unless they can make the exams real world examples where the solutions don't revolved around using only vendor technology and / or the way the vendor want you to do it in a lab environment, they're just noise."

Can't upvote that sentiment enough!

6
0

It's finally happened: Hackers are coming for home routers en masse

Mage
Silver badge

"It's finally happened"

Really?

I moved to my own custom router nearly 10 years ago because of SOHO/Domestic router security issues on routers sold in Tesco, Argos, Maplin and popular on commonly used online stores.

7
2

Who killed Cyanogen?

Mage
Silver badge

Partly Google & Partly Cyanogen

The Playstore access rules, Google app rules and their binary blob licence is a severe handicap for any 3rd party Android. However Cyanogen themselves seem to have messed up a bit too as well as alienating / ripping off some contributors.

4
0

This speech recognition code is 'just as good' as a pro transcriber

Mage
Silver badge
Devil

Re: Dodgy numbers?

Yes, it's actually garbage.

1) The real score on real world stuff will be lower.

2) Any competent Audio typist (that works with the same person) can beat a transcriber (remove source errors).

3) Perhaps they are comparing a real time stenographer? Even so it's a poor score.

Natural language parsing is the limit, it's simply nowhere near good enough to sport decent text to speech.

Dictation transcription (aka Audio typists), transscription not in real time of unknown source, speech/Film/TV/News subtitles in real time, and live stenography / shorthand with later transscription are all different activities. All rely on UNDERSTANDING the meaning as well as basic parsing.

This is shameless marketing.

4
1

HomeKit is where the dearth is – no one wants Apple's IoT tech

Mage
Silver badge
Devil

Also

IoT is mostly sold by accident? You buy the expensive coffee maker and it happens to have it?

Yes SOME people deliberately go out and buy Nest or an IoT door etc, rather than reliable traditional products from established suppliers that won't be closed by Google tomorrow or ditched by Amazon or Apple for something with more profit.

Amazon Echo and Google Home are madness anyway. Ask Harry Harrison's teddy.

Apple Homekit isn't as show-offable as their iPhone and iPad. I'm sure Apple can't understand why the apple TV (stupid name for something that's an over priced locked to iTunes streaming box with no screen) isn't the money spinner that iPod + iTunes was. I wonder do Apple actually understand why the iPod and then then the iPhone were so successful? It wasn't the price, security or technology.

iPod: The iTunes compelling content deal with Record Labels of selling tracks instead of full albums.

iPhone: The compelling Carrier deals with unlimited or massive caps, when all other smart phone users were paying a fortune per megabyte! Or even per second connect time!

It was never purely the technology or even the box, despite what Apple or Apple fans like to think.

There is simply no compelling reason to have an Apple TV vs a Roku, Chromecast, Amazon FireTV, PS4, Xbox or Sky Box.

There is no compelling reason to have an Apple Watch, unless you already have an iPhone and you want to look like you have a high disposable income (it's a product that should and does sell less than $60)

Why would anyone especially buy Apple Homekit compared to any other IoT, given that IoT is a minority sport in the first place? Hardly anyone will know you have it and it's not even shiny in an an Apple Store. It's laudable the commitment to security in it. I wish all IoT had it but elsewhere I point out that security is never coming to IoT.

11
5

Forums