* Posts by Paul Crawford

3395 posts • joined 15 Mar 2007

Firefox doesn't need to be No 1 – and that's OK, 'cos it's falling off a cliff

Paul Crawford
Silver badge

Make privacy a USP

All products need a reason to succeed, beyond basic brand loyalty. Also known as a "unique selling point" to marketers.

So do what Google won't do: make privacy a big deal.

Make your default to block/separate tracking cookies, avoid browser fingerprinting by technical means (e.g. randomly dither the query-able factors, don't report plug-ins, report always the same OS/version "I am Spartacus", etc) and whatever else you can do to help (e.g. Duck duck go for search, or at least warn people about it). Offer ad-blocking as default (or the setup wizard to chose a matching plug-in), make a simple menu option to stop auto-play videos and animated GIFs, etc.

And FFS stop copying Chrome's every dumb-down-the-user move!

26
0
Paul Crawford
Silver badge

FFS?

"My eye is constantly distracted by the curvy tabs and the odd-sized and very dated-looking round buttons"

Really, is it that important compared to all of the other factors?

11
1

US vending machine firm plans employee chip implant scheme

Paul Crawford
Silver badge
Devil

Re: The end time...

Here? =>

2
0

The lady (or man) vanishes: The thorny issue of GDPR coding

Paul Crawford
Silver badge

Re: AE1B

"what could possibly go wrong?"

You did not have a tested working & encrypted off-site backup?

6
0

Q. What's today's top language? A. Python... no, wait, Java... no, C

Paul Crawford
Silver badge

Same here, Python is really handy for many tasks that otherwise would mean something like MATLAB or worse.

"If you can do C well then even Assembly comes fairly naturally" may be true, but even truer is that C is really a universal assembler - there are very VERY few cases when assembly is justified, and even in those cases the fact that it can be in-lined in many C compiler's extensions is good.

10
1

Crazy bug of the week: Gnome Files' .MSI parser runs evil VBScripts

Paul Crawford
Silver badge

Why am I not surprised? The Gnome developers seem to be hell-bent on breaking stuff and generally re-implementing things badly that were already solved problems. Instead of them wasting time removing features/functionality to dumb things down, perhaps they should spend more time on bug-fixing, reviewing security, and not doing dumb stuff like this example.

21
0

Yeah, WannaCry hit Windows, but what about the WannaCry of apps?

Paul Crawford
Silver badge

Re: Reaping what you (don't) sow.

It is not just the down-time of a reboot, as at least that can be scheduled, but you have the cost of some fault causing failure as well. Proper redundancy in the hardware/software should allow a painless continuity for both planned and unplanned events.

0
0

Let's harden Internet crypto so quantum computers can't crack it

Paul Crawford
Silver badge

Re: Possible deadly flaw - compromised software

"1) Encryption is compromised in some form at the moment.

2) The head of GHCQ was both incompetent and poorly briefed."

I doubt it, far more likely are:

3) Metadata on who is talking is more valuable for threat detection

4) Compromising most phones/PCs is easy as piss for them (just look how well WannCrypt spread, etc, using an exploit their mates at the NSA were hoarding) and yields the plain text with ease

6
0
Paul Crawford
Silver badge

Re: Possible deadly flaw - compromised software

"And more and more stuff is being done in hardware"

Of which you have no insight into. Not just the AES-acceleration but some using the "random number" generator in the Intel chips. Even if said number generator was genuinely random, how sure are we that Intel has not got some undocumented instruction that gets recent values (or keys for AES)?

Also the whole dodgy "management engine" issue that runs above your OS and may be Internet-accessible.

So yes, it is almost certainly easier to compromise the end-points than to actually break the in-transit encryption.

7
0

China's censorship cyber-missiles shoot down pics flying through WhatsApp, chat apps

Paul Crawford
Silver badge

Re: Moxie Marlinspike, what a noob

"the Signal protocol doesn't pad and obfuscate traffic allowing attachment stripping."

Sure we all want each text message to be a minimum of 2MB so we can hide images occasionally...

7
0

Iranian duo charged with hacking US missile simulation software biz

Paul Crawford
Silver badge
Pirate

Re: Pirate Bay

Do you think it will model canon ball trajectories?

3
0

Another Brexit cliff edge: UK.gov warned over data flows to EU

Paul Crawford
Silver badge

Re: UK space launches

"The Minister of State for Trade and Industry, Frederick Corfield, announced the cancellation of the Black Arrow project in the House of Commons on 29 July 1971", the UK joined the EC (later the EU) in 1973

As for heavy industry, all gone to CHEAPER countries. Same in the USA and most of Europe. How do you get that back without slashing worker pay and conditions to 3rd world levels to gain a foothold in that area again?

WTF are you on, maybe you should check your facts first.

19
0
Paul Crawford
Silver badge

Re: "have the same influence in the future as in the past"

"Better get your towels!"

On the beach this morning! Oh I cam to late...

0
0

Jesus walks away after 7,000lb pipe van incident

Paul Crawford
Silver badge

Re: You said it, man.

Not even Mary Magdalene?

20
3

IETF moves meeting from USA to Canada to dodge Trump travel ban

Paul Crawford
Silver badge

Re: Trump is a Troll.

"And its under threat from politicisation. Net neutrality"

Eh? How, exactly, is net neutrality a threat to the internet?

A threat to ISP profits perhaps, but hardly a threat to the functioning of the internet. Quite the reverse really.

18
1
Paul Crawford
Silver badge

Re: Didn't May say the same in Wales?

Probably, but no one was listening.

9
0
Paul Crawford
Silver badge

It seems to be an oddly US-centric aspect of how Americans see/idolise the president that you don't really get elsewhere. Its almost like criticising their father or similar.

Even something contentious like Brexit in the UK has less of a knee-jerk support for the leaders (e.g. many pro-Brexit commentards would not be so outraged by others pointing out the current PM is an uncaring cockwomble, for example, but would defend their political goal).

Even a symbolically powerful role like the monarch that also divides opinion fails to ignite the same pro-Trump/anti-Obama frothing as most UK 'republicans' may be against the idea of the monarchy but don't feel need to launch verbal rants against Liz herself.

23
2

What can you do with adult VR, some bronze gears and a robotic thumb? On a Friday?

Paul Crawford
Silver badge

Re: "Let me introduce the Sex Gauge"

Well El Reg already has already invented the "kilowrist" as a unit of bandwidth:

https://www.theregister.co.uk/2008/11/12/arizona_boffins_grasp_fat_pipes/

4
0
Paul Crawford
Silver badge
Linux

And for us Linux lovers we have the south-pointing penguin:

http://www.stirlingsouth.com/richard2/south_pointing_penguin.htm

You can never have too many penguins =>

11
0

Want to kill your IT security team? Put the top hacker in charge

Paul Crawford
Silver badge

Best advice

"The biggest mistake he sees companies making is also one of the most common – finding the best team member and making them the boss."

That applies SO OFTEN in science/engineering were the only option for a pay rise or other benefits within the company structure is to move in to some form of management. As a result many, many, companies end up losing a good engineer and gaining a mediocre manager.

57
0

Amazon mumbles into its coffee when asked: Will you give app devs people's Alexa chats?

Paul Crawford
Silver badge

Re: New battery

Exactly! A New android phone typically manages 36-48 hours!

0
0

Sleuths unearth 'Panic Mode' in Android, set off by mashing back button

Paul Crawford
Silver badge

REISUB

Yes, might be useful if Android did support the magic sequences:

https://en.wikipedia.org/wiki/Magic_SysRq_key

4
0

Set your alarms for 2.40am UTC – so you can watch Unix time hit 1,500,000,000

Paul Crawford
Silver badge

Re: Year 2106

Some system's C time libraries act as if they use unsigned internally so they work fine post-2038, but others are more pedantic or just obstinate and consider the "negative signed" range as invalid.

Certainly its a simple fix for a while for cases where you have a 4-byte space only (e.g. structures that have to map to a file) or some embedded stuff where 32-bits is still used to avoid the speed/power penalty of emulating 64-bit maths generally.

1
0
Paul Crawford
Silver badge

Re: Signed Integer

"So you can represent dates before 1970"

Not really, as many time_t related stuff uses -1 to indicate an error.

You have to remember that the likes of time_t was created for the computer's sense of linear time (for more general uses where date/time format was commonly used) so UNIX creators cared not about pre-1970 and 1970 was therefore as good an epoch as any since 32-bits (or 31 really) put the range so far in the future that no one cared. Similarly DOS time and FAT file systems don't do pre-1980.

8
0

AI vans are real – but they'll make us suck at driving, warn boffins

Paul Crawford
Silver badge

Re: Obvious study is obvious

"driver doesn't need those skills, so what does it matter if they lose them?"

Because for all the AI hype, there are still worrying gaps in current capability where the car will shit on the driver by saying "Ooops, can't handle this - you take over NOW!!!" with possibly seconds till impact.

When you see all of the news/discussions saying automated cars need good connectivity, need accurate GPS/mapping, need road junctions/signs redesigned, and where insurers have got a cause proposed that implies you are only covered where the car is using automated driving for "appropriate conditions", it seems we still have some way to go.

10
0

Uncle Sam says 'nyet' to Kaspersky amid fresh claims of Russian ties

Paul Crawford
Silver badge

"AV software is the best possible agent to carry a cyberwar payload"

So not pushed Windows 10 updates then?

Or a complete lack of Android updates for many phones?

Or anything that involves interaction with Adobe software?

5
0

Two-factor FAIL: Chap gets pwned after 'AT&T falls for hacker tricks'

Paul Crawford
Silver badge

If you can reset the account with only access to the phone it is single factor, not two.

1
0

G20 calls for 'lawful and non-arbitrary access to available information' to fight terror

Paul Crawford
Silver badge

The problem is not even so simple. Yes they can block, for example, WhatsApp servers, but they would be stumped by any alternative app that simply used encryption over other channels such as SMS or email and banning those would be a step too far for even our muppets due to the impact on pretty much everything else.

It would also be pretty trivial to write a word-substitution app so the resulting cypher text had similar statistics to plain text and so would not be found by looking for high-entropy test.

4
0

Former GCHQ boss backs end-to-end encryption

Paul Crawford
Silver badge
Joke

Re: Hooray.... but..

"That means we either need to hide them from the OS makers"

You either forgot the state of the phone market, or forgot the icon =>

1
0
Paul Crawford
Silver badge

Currently they would hack in to a phone using any one of numerous vulnerabilities, and from there install whatever "back door" was needed. Generally this is a good approach, as in the least-worst for all of us, as it has to be targeted to the device in question (hardware / software version, etc) and is not universally available to anyone as a deliberate back door feature would be. Also widespread (mis)use would tend to show up and things would get patched*.

Down side to us is the then hoard vulnerabilities like "Eternal blue" etc that ended up in the NHS being screwed over, etc.

[*] - yes stop laughing and the majority of Android users like myself who get bugger-all patches even when bugs are publicly disclosed and in use.

4
0
Paul Crawford
Silver badge

@ Charlie Clark

That was my point exactly: the majority of "us", as in "UK citizens", voted for parties with a strong authoritarian bent and a distinct lack of technical knowledge on both sides of the house.

Some of us might have voted Lib-dem precisely because they don't want the big brother state, but finding others who have a clue is difficult.

9
1
Paul Crawford
Silver badge

Lets face it, most (all?) of the recent incidents did not rely on secure encrypted communications. The talking point was the 1st of the bridge nutters who sent a WhatsApp message shortly before, and even that was eventually traced and the recipient has AFAIK no terrorist connections at all.

So really we are mostly looking at a few angry and often not terribly bright people cracking, people who often were already known because folk at the mosque had reported them as trouble makers. So only a moron would put the majority at risk of cybercrime due to the actions of a minority where such a law would have made no difference.

Oops, we voted for them :(

31
0
Paul Crawford
Silver badge

But will our current shower of shit glorious leaders have the sense to listen to someone who actually knows about the issue, or do their usual dance to the red-tops' bile-spewing?

36
0

OMG, dad, you're so embarrassing! Are you P2P file sharing again?

Paul Crawford
Silver badge

"escort services, which are carefully targeted to the copyright infringer"

Escorts that provide a better experience due to a lack of DRM?

[*] DRM = dick restriction service, apparently a feature of some marriage-licensed models.

14
1

BOFH: That's right. Turn it off. Turn it on

Paul Crawford
Silver badge

Re: Hello. Is that the help desk?

Stop watching those "speciality videos" then, it does your eyes in! Eventually. After the wrist RSI has gone.

26
0

U wot M8? Oracle chip designers quietly work on new SPARC CPU

Paul Crawford
Silver badge

Re: Perhaps they've discovered the hardware is more important than they realized?

As already mentioned, a normal compiler will align structure members to avoid this sort of problem.

Unless you use some packing directive to override that sort of thing, and most commonly that is done for faster/simpler binary file access. So it could be to run other CPU's software more simply, or it could be to speed access to binary data created for/used by another CPU architecture.

Either way it is nice to see the SPARC is not totally dead, just a shame it is Oracle and their eye-watering prices, licensing terms, etc, in the way.

7
0

It's time for a long, hard mass debate over sex robots, experts conclude

Paul Crawford
Silver badge

Come now! Were you never at school and tittered about the debating club?

0
0
Paul Crawford
Silver badge

Re: Plastic Pal

"a bunch of mindless jerks, who'll be the first against the wall when the revolution comes."

Wow, and I thought this thread would avoid discussing systemd

13
0

PCs will get pricier and you're gonna like it, say Gartner market shamans

Paul Crawford
Silver badge

Value for money?

Prices going up is not always a problem if you get a MUCH better machine from it. SSD is generally an improvement (except for big volumes of data) and more RAM is always needed to cope with the muppets behind web browser software, but also what of display quality?

Will see an end to shitty sub-HD resolution laptops? Will we ses desktops coming with worthwhile monitors like 2560 x 1440 at 27" as default?

13
0

New work: Algorithms to give self-driving cars 'impulsive' human 'ethics'

Paul Crawford
Silver badge

Re: Masturbation is never useless.

"masturbation is often useless."

Surely that is what Viagra was invented for? OK there is some risk of heart failure but we all have to go sometime.

3
0
Paul Crawford
Silver badge

Re: Mind my ass

"HM sends a pack of corgis to chew the developer's ass..."

Can we have this applied to more UK gov projects? Might just improve the on-time and on-budget chances.

3
0

Happy 4th of July: Norks tests another missile

Paul Crawford
Silver badge

Re: Preemptive strike

"Story goes that no-one knew at time that lithium in the lithium hydride broke down to tritium and made H bomb way more powerful than intended."

Nope, they know that well. The case was Starfish Prime, as described here:

https://en.wikipedia.org/wiki/Starfish_Prime

What they did not appreciate was the EMP mechanism, or if they did they did not realise it would cause damage so far away. And this was largely in the pre-semiconductor era where a few hundred volt spike was laughed off by a thermionic valve. Today even a smallish bomb could cause serious EMP damage to a lot of our critical systems that are not EMP-hardened for military use. More technical info here (PDF doc):

http://www.empcommission.org/docs/A2473-EMP_Commission-7MB.pdf

1
0

For all the chaos it sows, fewer than 1% of threats are actually ransomware

Paul Crawford
Silver badge

Re: fewer than 1%

1% of, say, 640 million vulnerability is 6,400,000

Thus if I have 5,000,000 vulnerabilities I have fewer than 1%

1
1
Paul Crawford
Silver badge

Re: fewer than 1%

Exactly, that 1% is already an integer value of some 6 million or so.

0
1

Bonkers call to boycott Raspberry Pi Foundation over 'gay agenda'

Paul Crawford
Silver badge
Joke

Path?

How do I know if a path is heterosexual or homosexual?

I mean I can sort of tell if a path is straight or curved, but that is not helping me know how the path feels about other well-trodden routes. Also how would such a path pass on its inclination?

Oh dear, now I have to contemplate if I like my asphalt...

13
1

How to pwn phones with shady replacement parts

Paul Crawford
Silver badge

Re: This is news?

I am also thinking, why would they do this? As in, why would a cheap repair shop be using more expensive parts to compromise phones that are probably mostly used by customers on lower budgets?

Sure it might make sense to do such a nefarious swap on some drug baron's phone to bypass security as part of a CIA sting operation, but I don't see enough general revenue for the risks to make a cheap repair shop go down that route. Not with Google already whoring most of your data from advertiser to advertiser as a "legitimate" business.

21
3

Shock: NASA denies secret child sex slave cannibal colony on Mars

Paul Crawford
Silver badge
Alien

School boy mistake

To assume you harvest alien sex slave's organs. You just periodically drain them of their bodily fluids at said orgies.

Really, where did this Robert David Steele guy get his education? OK boys, he clearly needs a refresher course (or three) of The Probe. Got enough lube in the ship's hold?

25
0

In touching tribute to Samsung Note 7, fidget spinners burst in flames

Paul Crawford
Silver badge

Re: Spinny things with loudspeakers?

Not sure, but he regretted nothing..

2
0

Fancy fixing your own mobile devices? Just take the display off carefu...CRUNCH !£$%!

Paul Crawford
Silver badge

Re: It's the way things are going

Time perhaps for a mandatory 5 year warranty including battery replacement at advertised rate/costs given with the initial sales price?

That would focus them and the buyers on the benefits of not selling easily broken shit and being able to fix stuff instead of throwing it away and getting a new device with even more data slurping built it.

21
1

Talk about cutting-edge technology! Boffins fire world's sharpest laser

Paul Crawford
Silver badge

Of course, don't you know that The Register is a well-known lesbian publication?

https://www.theregister.co.uk/2008/05/06/indy_reg/

9
0

Forums

Biting the hand that feeds IT © 1998–2017