* Posts by Paul Crawford

3733 posts • joined 15 Mar 2007

'Can you just pop in to the office and hit the power button?' 'Not really... the G8 is on'

Paul Crawford
Silver badge

Re: Long ago.

We have 5 nominally identical machines used for "industrial control" use, all around 6 years old now. But one of them turned out to crash at roughly 2-6 month intervals. Memory tests, etc, revealed nothing. Second time it happened it was at 9.30pm on a Friday night while I was out for a beer or three and I had to persuade the security guy to let me in and up to the top floor to push the reset button.

After that we put watchdog daemons on all of them (and quite a few other machines as well) and in practically every case it has saved physical intervention to restore operations.

Top tip - edit your settings so the machine just fixes any file system anomalies and continues, and is not sitting there prompting you to decide on the action. For example:

http://xmodulo.com/automatic-filesystem-checks-repair-linux.html

In general most modern file systems will be OK for any automatic repair, if not then you were going to have to reformat and restore your backup anyway...

18
1

Porn parking, livid lockers and botched blenders: The nightmare IoT world come true

Paul Crawford
Silver badge

Re: You're Doing Corporate WiFi Wrong

Any sane company has at least two wifi systems: one for user's own phones / visitors / IoT crap / etc, and a 2nd (or more) that is more locked down and only for approved corporate devices that need to access internal systems.

18
2

Now that's a dodgy Giza: Eggheads claim Great Pyramid can focus electromagnetic waves

Paul Crawford
Silver badge

Re: A wavelength of 200 ... metres

It was on 200kHz originally, but shifted a LONG time ago to be 198kHz as a multiple of the 9kHz AM band spacing.

We still have an old QuartzLock 2A off-air frequency reference that provides an accurate 10MHz from that LW transmission. Shows a little of the general wobbles (about 3E-8 at 1s interval) and day/night changes though, but if compared to the recent very stable GPS-based QuartzLock E8000 reference they agreed to better than 1E-10 over a day or two averaging.

6
0
Paul Crawford
Silver badge

Re: struggle to get good reception

Today, yes, mostly due to broadband interference and shit el-cheapo SMPSU.

But more seriously due to Radio Luxembourg stopping AM transmissions some years ago.

5
0
Paul Crawford
Silver badge
Gimp

Re: It was aliens wot did it

Oh dear, am I at risk of being penetrated by a Pointy Mummy now?

11
1

UK cyber security boffins dispense Ubuntu 18.04 wisdom

Paul Crawford
Silver badge

Re: Good idea.

A major factor is there is no root account. So you have to guess both the account name(s) that have sudo rights AND a matching password. If you ever look at your SSH/auth logs without any tight IP restrictions you will see lots of attempts to log in with names such as: root, admin, pi, test, oracle...

7
0

Another German state plans switch back from Linux to Windows

Paul Crawford
Silver badge

Remote use?

I find the argument that home users are "used to Windows" is odd these days, most non-technical folk I know of use tablets and rarely touch a laptop/desktop (gaming aside). At one point MS argued that the stable and predictable GUI was a big reason to stick to them, and for Win95/98/NT/2k/XP (without the Fisher-Price style, which was a simple option to select) that was true. But given the general fscking of the user interface over the last decade or two (from 'the ribbon' the the disaster that was win8) that is long gone.

Sure you can lock down a remote device, but that would not be a home user's device but a corporate laptop. Who would allow their work to administer and lock down their own laptop? To restrict the pr0n-browsing opportunity?

9
1

NXP becomes N-nixed-P, Apple snubs Qualcomm modems for Intel chips

Paul Crawford
Silver badge

Good to see NXP still there

The trend for borging semiconductor houses is bad for all: they asset-strip the acquisition for its most profitable lines and dump the rest. Not because they are not in-use by designers world-wide and valuable to many, but simply because they are not "profitable enough" for the new owners.

5
0

Windows Server 2019 tweaked to stop it getting clock-blocked

Paul Crawford
Silver badge

Re: david 12

It is true you could install a 3rd party NTP build for Windows for some time now (e.g. from Meinberg), but it has taken a LONG time for Microsoft to get with decent time-keeping.

But you are wrong about 90s UNIX systems, we had Sun machines in the mid 90s that had microsecond format clock reporting (via gettimeofday() calls) even though I think they actually used the RTC oscillator so had 30.5us tick steps from the "watch crystal" used behind them. So better than 100us there. However, it is possible that older Linux boxes were millisecond ticks but I did not have much experience of those until the mid 2000s by which time they were us resolution.

Also this was in a university setting so we had a 2Mbit WAN and reasonable delay stability in the 90s, though of course small businesses and home use was still often dial-up until the 2000s and that would set a significant limit on time setting.

0
1
Paul Crawford
Silver badge

NTP & networks

Incidentally it is not symmetric network delays that cause errors for NTP and similar, but asymmetric ones. NTP knows the round-trip time so it knows if the server is correct what the maximum ambiguity is, and with several servers (always recommended) a bad clock or strange delays on one path can be seen and rejected.

However if you have a system with an asymmetric delay on all paths (e.g. your ISP) then all clocks sources are biased by the same amount and so your server is set to a slightly wrong time. For example my home cable broadband system seems to have an asymmetry of around 3ms when compared to a local GPS-based server. As your round-trip delay is reduced (e.g. NTP server on LAN instead of over the WAN) then such errors are reduced.

PTP is not a "magic" solution to this dilemma, but as it runs on the LAN only and normally via switches that are designed to accurately transfer delay information and with network cards employing hardware time tagging you get greatly reduced errors in all of the locations that NTP sees as one 'blob' of delay, leading to much higher accuracy.

4
0
Paul Crawford
Silver badge

Re: Wellyboot

We already have well defined time scales for all cases, its just that many computer programmers don't know or care to use them.

For a smooth linear atomic time scale we have TIA where there is a fixed epoch and time is simply atomic transitions from that point. No Earth-related movement is considered at all. Internally GPS uses a similar idea, but its epoch matched UTC in 1980 and the offset GPS-UTC (which changes with leap seconds) is part of the broadcast information.

For Earth-related work we have always used one of the UT scales (UTC, UT1 and UT2) as they are related to mean solar time, and for as long as humans have bothered with time keeping the cycle of day and night has *defined* our sense of time and date. It is only in the last century or so that we have had access to clocks that are better then the Earth's rotational rate as a time base. Now we have some people saying:

"Keeping track of leap seconds is too hard for computers to do (i.e. lazy programmers ignoring the long history of time keeping) so lets get rid of them as who cares if mean solar time is no longer mid-day?"

But many people do care, and many systems relating to astronomy or satellite use already exist that are based around the previous internationally agreed definition of UTC being kept within 1 second of the Earth's rotation, so they would be broken by such a change.

7
0
Paul Crawford
Silver badge

Windows get proper NTP

Really what they are saying is Windows server 2019 gets the sort of NTP based time keeping support that *NIX systems have had from the 90s?

OK, the PTP support is a newer thing with most systems based on the 2008 spec but it also needs switches/routers that support it if you are doing it properly. As for Google's fugly fudge of time-smear - don't. Please just implement time keeping properly and actually test your systems on the infrequent but inevitable leap-second events.

8
8

Windows 10 IoT Core Services unleashed to public preview

Paul Crawford
Silver badge

Re: Updating

Also what guarantees that the upgrades in 5-10 years will still fit the storage on budget IoT devices built now?

1
1

'Fibre broadband' should mean glass wires poking into your router, reckons Brit survey

Paul Crawford
Silver badge

Re: Is it important?

Point is with FTTP there is no practical bandwidth limit on the infrastructure: change the end point transceivers (assuming enough backbone capacity) and you can get 1GB or possibly 10GB symmetric speeds. At least and order or more of magnitude faster than last-run over copper.

25
0

Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help

Paul Crawford
Silver badge

Russia has viable opposition parties?

11
2

Two-factor auth totally locks down Office 365? You may want to check all your services...

Paul Crawford
Silver badge

Re: 2FA?

Another big factor (if you pardon the pun) is the number of people using their phone for both the internet access part (i.e. user-name/password entry) AND for the 2nd factor (e.g. text message code) so once again the phone becomes a single point of failure in security terms.

14
0

US drug cops snared crooks with pre-cracked BlackBerry mobes – and that's just the start

Paul Crawford
Silver badge

Re: Symptoms of misguided policies

You are right about "collateral costs" but also we can look at the biggest addictions (smoking and alcohol) and see how they are managed around the world. Generally they are legally available so the quality is mostly 'safe' but with restrictions on sale, use (e.g. smoking bans in public buildings in many places), and advertising along with various campaigns to promote more responsible use.

Now it is not a complete success but overall it seems to be better to manage and tax it than to have prohibition and funding organised crime.

21
2
Paul Crawford
Silver badge

Re: Warrants

Ah yes, the 9/11 case that killed something like 1/10 of a year's worth of USA gun accidents (or substitute "road traffic accidents" if you are a NRA member).

Also it is pretty obvious in that case the perpetrators should have stood out like a sore thumb but human failings and department rivalry largely had them ignored, which is exactly the same sort of reasons why powers tend to be abused if no checks & balances are applied.

32
3

United States, you have 2 months to sort Privacy Shield ... or data deal is for the bin – Eurocrats

Paul Crawford
Silver badge

Re: unfortunately...

You seem to make the common mistake of thinking of the EU as a single body.

The EU commission is largely made of gov wonks and tend to do the same sort of shady back-room deals that most governments do, but at least their masters can join the tabloids in blaming the "Evil EU" for making them do what they were lobbying for in the background anyway. Just like the UK gov and the telco data retention directive, for example. These are the ones trying to put a plaster on the current EU-US deal.

Then you have the MEPs who actually do a public debate and (mostly) democratic vote as they don't have much of a party-political goal scoring agenda like most lower houses. These are the ones who seem to be standing up for individual rights, just a shame our own MPs seem to care for none of it.

It would be even better had we (the UK) not voted in wasters like Farage who, whether you are pro-EU or anti-EU, did SFA to help any UK interest in any debates or votes.

4
0

Dear Samsung mobe owners: It may leak your private pics to randoms

Paul Crawford
Silver badge

Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'

But at least they can't send back via the aerial, so by keeping the pointless fsckers off your network the hack would at worst brick the thing.

4
0

Boffins want to stop Network Time Protocol's time-travelling exploits

Paul Crawford
Silver badge

Re: £40 uputronics GPS

I think my PI + Uptronics GPS board can work stand-alone (no internet, though normally I use the 4 ntp pool servers as well) using Ubuntu with the PPS enabled. My ntp.conf has this setting:

# Add the NMEA driver using GPRMC (1) and 9600 Baud (16) mode.

# Also tell it to assume 117ms delay on RS232 and also to enable the 1pps correction using 'flag1'

server 127.127.20.0 mode 17 prefer minpoll 4 maxpoll 4

fudge 127.127.20.0 time2 0.117 flag1 1

Also needed to edit /etc/init.d/ntp to add on start the commands to create symlinks:

cd /dev ; ln -s ttyAMA0 gps0 ; ln -s pps0 gpspps0 ; cd /

2
0
Paul Crawford
Silver badge

Re: Time NTP was upgraded(See what I did there!)

"Transmitting it at 60 kHz RF is equally trivial."

At close range, yes. But not from far away as it takes a pretty big antenna to get any sort of radiating efficiency at 60kHz.

It all comes down to your risk assessment, while anyone on the other side of the world can poke at your systems via the Internet, getting up close and personal to fiddle radio clocks carries a higher cost and risk of being caught. Having a combination of sources allows you to pick out dodgy clocks (the "false tickers" in NTP parlance) and more than one radio type adds another layer.

But if you do see yourself at risk of a serious, planned and coordinated timing attack and it is of value you can get your own atomic clocks ("low cost" are Rb + GPS adjustment, or if you really must have the bast a few companies make hydrogen masers).

9
0
Paul Crawford
Silver badge

Re: Time NTP was upgraded(See what I did there!)

"And how reliable are GPS and radio clocks?"

Generally pretty good, but not totally spoof-proof which is why you normally have more than one receiver (for hardware redundancy) on site and also use a decent number of NTP servers for confirmation as well. I think Meinberg offer servers with both LW and GPS sources for added certainty.

"Another thing about GPS: it doesn't use UTC, does it?"

No, GPS internally uses an atomic time scale that was in-sync with UTC in 1980 as well as providing the stepped UTC-GPS offset to get UTC today. Any decent GPS module also provides the pending leap second information as well, but sadly these days quite a lot of cheap GPS modules only use NMEA strings to communicate and they don't report leap second information. Also the companies behind them seem to be populated by muppets that don't understand the products or service they are selling.

8
0
Paul Crawford
Silver badge

Re: Time NTP was upgraded(See what I did there!)

Lets face it - if your really REALLY depend on time to < 100ms or so accuracy (which seems to be the thing here - as I think trying to delay the NTP out/return by much more than that will lead to rejection anyway) you should get your own GPS receiver to have your own stratum-1 source.

Sure it is a cost but you can start from £100 (for a Raspberry PI and a GPS expansion board (e.g. from uptronics), antenna, plus a funky case) or get 1U servers for around the £1-3k mark depending on hold-over accuracy and battery back up features.

And you are doing what that needs super-accurate time? It is not a consumer problem as typically Windows machines are out be much more due to SMTP and (last I checked) ~1 week polling so if you are looking at fraud in the £M region from 100ms of fiddling why are you trusting it all through a single ISP, etc?

26
1

Potato, potato. Toma6to, I'm going to kill you... How a typo can turn an AI translator against us

Paul Crawford
Silver badge

Spelling check?

It seems the fundamental flaw appears to be they are trying to map the character stream in one language to another by the neural net, rather than decoding the words first using some dictionary and then learning how to map sentence to sentence?

Yes, OK, that is the easy way to set up a learning system so of course everyone would do that for speed...

3
0
Paul Crawford
Silver badge
Thumb Up

Or the Viagra instructions where I misread "take 30 minutes before sex" as "take 30, minutes before sex".

23
0

Not OK Google: Massive outage turns smart home kit utterly dumb

Paul Crawford
Silver badge

Re: If you talk in your sleep

Last time I got my hair cut the lady doing it was chattering away about an "OK Google" type device and that it was in her bedroom. I pondered on what it might have heard (as she had just mentioned her boyfriend) and she went a very deep shade of red.

Apparently she never thought of it listening!

20
0

The strife of Brian: Why doomed Intel boss's ex86 may not be the real reason for his hasty exit

Paul Crawford
Silver badge

Better the Devil you know?

5
0

Cops: Autonomous Uber driver may have been streaming The Voice before death crash

Paul Crawford
Silver badge

@ 2Nick3

Just how much was she being paid?

What degree of training did she have on the capabilities (or otherwise) of the "automated driving" system?

8
0
Paul Crawford
Silver badge

Sadly they might, but really it should be whoever turned off the safety brake system and those who approved the change (or had failed to implement a change approval system).

As software reaches the point of actually and visibly killing people, those developing and testing it need to be held to the same standards that anyone designing a bridge, etc, would be.

17
9
Paul Crawford
Silver badge

What the "safety driver" was (or was not) doing is far less important than the safety/emergency brake system being turned off. Looking to blame them for the crash in some way is utterly missing the point:

1) The car should have detected and stopped for anyone in its path. To miss an adult & bike is an utter travesty of the system's claimed suitability for real-world use.

2) At what point did they test the car/configuration in a test range with typical objects?

3) Most believed the driver was there to take over if the car gave ample warning of a fault of situation it could not handle.

4) As seen in the Air France crash, even skilled pilots with minutest to react have real difficulties in taking over from an autopilot when conditions were too difficult for its capabilities.

26
32

How a tax form kludge gifted the world 25 joyous years of PDF

Paul Crawford
Silver badge
Facepalm

Content creators have long been demanding a version of PDF that supports embedded HTML5-based media, interactivity and animation

For the love of $DIETY no, no and thrice no!

How many vulnerabilities have been in Acrobat reader due to the ability to execute arbitrary code? Please keep a document standard as that - something for reading and printing. Even the option for forms to fill in has piss-poor support and don't get me started on the shit that is the encrypted versions that only Adobe products can open.

71
1

It's time for TLS 1.0 and 1.1 to die (die, die)

Paul Crawford
Silver badge

No, fitting seat belts is just common sense.

Some really old cars don't have any points you can sensibly attach belt mechanisms to (or are so valuable as "original" you don't want to and don't drive much either), but probably most cars post 1950s are OK. In fact many had them as extra cost options until the law changed to mandate them, first for front seats and then also for rear.

0
0
Paul Crawford
Silver badge

No idea about Japan but if they have classic cars on the road it can't be the case.

The UK MOT test has changed over they years and got tighter (e.g. now a warning light for ABS or engine management fault is an automatic fail even if it passes brake efficiency/missions), but the underlying test criteria like seatbelts (must be sound if fitted, but not obligatory on old cars), exhaust emissions in terms of CO/particulates, etc, are those at the time it was first sold.

1
0
Paul Crawford
Silver badge

However, that MOT is based on the standards of safety equipment, emissions, etc, that applied at the time the vehicle was first registered.

This is a bit like saying ALL cars must pass current standards and so most over a few years old are then automatically off to the scrappers.

3
2

Um, excuse me. Do you have clearance to patch that MRI scanner?

Paul Crawford
Silver badge

Re: obvious solution ...

Very true, but as always the problem is the same: money and convenience.

Some hospital staff need external internet access, and also internal. But no one will do a red/blue network and separate terminals for air-gapping it, or even a properly thought out system on common networking to have logically separate VLANs, white listed web sites, strongly sandboxed applications, etc, etc, because they already have a running and generally working system and don't want / can't tolerate the disruption of a massive overhaul.

25
0

How to stealthily poison neural network chips in the supply chain

Paul Crawford
Silver badge

Re: Can someone explain.....

Exactly, and it survives typical software scans for tampering or a re-install.

0
0

Now Microsoft ports Windows 10, Linux to homegrown CPU design

Paul Crawford
Silver badge

It is probably much much simpler and its why x86 persists, why Windows RT was doomed, and why practically all phones use ARM chips: Software.

No one really wants to recompile, test (yes, I know its a novel concept), debug and support existing software for a new product hardly anyone uses. And so the new product remains hardly used.

14
0
Paul Crawford
Silver badge

Re: Well, it's Microsoft

Just like Google?

13
2

Boffins offer to make speculative execution great again with Spectre-Meltdown CPU fix

Paul Crawford
Silver badge

Re: Hard as I try...

and mandatory programming standards

There's your problem right there.

The problem is the "need for speed" and the fact the world+dog now expects to run javascript in web browsers. So the malicious code comes from any web site that is vaguely compromised (such as advert channels) and that today is "normal". Web browsers can (and partly may do) things to disrupt timing which is the underlying exploit route, but I doubt they are willing to break stuff that is already out there to shore up hardware design flaws.

Most likely their core developer efforts are about removing useful browser functions (firefox) or adding spying (chrome) instead, but then I'm a cynical bastard at heart.

23
0

Meet the Frenchman masterminding a Google-free Android

Paul Crawford
Silver badge

Re: French!!!!!!

I also have a love-hate relationship with the French: I love drinking their wine, hate eating their snails!

17
1

Bank of England to set new standards for when IT goes bad

Paul Crawford
Silver badge

Re: We need a backup system

Keep them in a plastic tube then? Should improve the hang of one's trousers.

Just like the Spinal Tap airport security scene...

2
0

ICANN pays to push Whois case to European Court of Justice

Paul Crawford
Silver badge

Probably team up with FIFA or the directors of the European Patent Office?

21
0

Microsoft says Windows 10 April update is fit for business rollout

Paul Crawford
Silver badge

Re: FS@*! Windows

If any of said neighbours are attractive then you might also have the grumbleflick problem solved as well that way.

10
1

UK.gov online dating tips: Do get consent, don't make false claims or fake profiles

Paul Crawford
Silver badge

Re: cock shots

Here is the truth about cock shots from Red Dwarf:

https://www.youtube.com/watch?v=0ofl_UP3apM

2
0

Citation needed: Europe claims Kaspersky wares 'confirmed as malicious'

Paul Crawford
Silver badge

And remove USA software?

Given the revealed spying of USA / 5-eyes on various EU nations, can we also expect a directive to eliminate any USA software that has built-in telemetry or remote access built in?

41
1

In defence of online ads: The 'net ain't free and you ain't paying

Paul Crawford
Silver badge
Gimp

Re: World Gin Day

An oft-muted sentiment round here "it only hurts when you stop"

And elsewhere it only hurts when you start.

0
0

Have to use SMB 1.0? Windows 10 April 2018 Update says NO

Paul Crawford
Silver badge

Turning off IPv6 will earn you geek creds if you are doing it specifically to avoid VPN leaks.

The fact that it is 2018 and VPNs leak on IPv6 is a rant for another day...

2
0

What got breached this week? Ticket portals, DNA sites, and Atlanta's police cameras

Paul Crawford
Silver badge

Re: hmmm

I wouldn't trust a LED, there is certainly some way to remotely deactivate it.

If the LED is simply a software status indicator then it is worth SFA. But correctly engineered the LED would be fed direct from the switched power to the webcam/microphone so it is an unambiguous indicator of the device being usable.

Sadly that is not how most things are done these days :(

6
0

Crappy IoT on the high seas: Holes punched in hull of maritime security

Paul Crawford
Silver badge

Re: Plain text rudder commands is not a problem in itself

Maybe if insurance companies start to take notice of this sort of shit then maybe the shipowner might be forced in to using network segregation and a decent VPN for ship-related access?

3
0

Forums

Biting the hand that feeds IT © 1998–2018