* Posts by Paul Crawford

3482 posts • joined 15 Mar 2007

'No deal better than bad deal' approach to Brexit 'unsubstantiated'

Paul Crawford
Silver badge

But is it an incorrect analysis of the situation?

Yes we can walk away with WTO terms, and if we don't reach agreement in 2 years that is our only option (short of the other 26 agreeing unanimously to keep on talking). And while that might be good for the government in terms of appeasing voters fixated on immigration / free movement of people, it would be a serious blow to our industry that has major trading relationships with the EU after 40 odd years.

33
1

Wi-Fi sex toy with built-in camera fails penetration test

Paul Crawford
Silver badge

Re: mobile in their trouser pocket

Especially if its an exploding Galaxy model.

And no, I am not *that* pleased to see you!

4
0

Power plant cyber threat: Lock up your ICSs and SCADAs

Paul Crawford
Silver badge

Re: Really bad design

Air gapping also gets interesting when WiFi or Bluetooth enabled components come into the mix.

That is a rather odd way to think of "air gapping". Really if you are accessible from the outside by wired or wireless means you are more vulnerable. Even with secure protocols it would still be relatively cheap to jam such systems from short-ish distances. Detectable for sure, but easier than getting inside a plant and depending on your attack it might just be enough to magnify the general chaos.

0
0
Paul Crawford
Silver badge

Re: Really bad design

Or does it actually just need the attackers to get someone/something to carry their data into the plant, which is a whole different (and much easier) task, as Stuxnet and others have shown.

And you think some two-bit script kiddie can pull that sort of thing off?

Sure we saw Stuxnet as a major achievement in cyber-attack many ways, but if you have the combined might of USA & Israel determined to do something, it will be done. Or a bunker-buster bomb or three.

1
0
Paul Crawford
Silver badge

Re: Really bad design

Yes, but air-gapping rules out the 3 billion internet-connected devices out there from having a go and forces any would-be attackers to actually physically infiltrate the plant.

And that is a difficult and very high risk approach as whoever is caught (assuming not shot on sight) can't wave their hands and say is was the Russians/Chinese/USA/Israel/etc with little evidence to back it up.

0
0

Canadian court refuses to let Feds snoop on Megaupload servers

Paul Crawford
Silver badge

Re: What's he done wrong that others haven't

In short - not big enough and not American.

Take a look at the complaints about YouTube screwing over artists / producers since its inception and wonder if it did not have Google's might behind it and all that lovely campaign money to US politicians why it survived.

Edited to add: As Adam also raised the point - Google too has the ability to restrict copyright material but only if you sign up for a pittance from their services. https://www.theregister.co.uk/2016/04/14/you_and_your_wellies/

4
0

Mediaeval Yorkshirefolk mutilated, burned t'dead to prevent reanimation

Paul Crawford
Silver badge

Re: Help a foreigner, please

Used to see Æ symbol on older radios for the aerial connection. Oh how I miss my diphthong!

1
0

Is this a solution to Trump signing away your digital privacy? We give Invizbox Go a go

Paul Crawford
Silver badge

Re: VPN providers

Pays your money, places your trust...

Even if they do have a SECRET spying agreement, do you think that would extend to telling your local councillors or school board about anything you / family might have been up to? Do you think that those TLAs would share such spying intelligence with insurance companies or job recruitment agencies?

In short, do you think that would matter to most people's activities unless very dodgy and they have a high security clearance?

1
0
Paul Crawford
Silver badge

Re: VPN providers

"I can't speak for the VPN provider, I personally won't use them because unless they are in the Maldives"

You could do a little research such as:

https://torrentfreak.com/vpn-services-anonymous-review-2017-170304/

https://www.bestvpn.com/best-vpn-services/

(a bit advertorial, but they do cover country-of-origin in the pros & cons)

https://airvpn.org/

https://www.mullvad.net/

It is true that ultimately you are placing your trust in a VPN company instead of your ISP & government, but the flip-side of that is VPN providers depend on trust so they are more likely to honour that than ISPs that are (a) open to whoring you to advertisers, and (b) generally under the thumb of the government.

Which is another reason to ALWAYS get a VPN from another country - even if they do log your activity (against any stated policy) they are virtually guaranteed to demand a proper court order in their own country, and not answering some back-door surveillance law of your government. Oh, and don't forget to test your VPN with one of the many leak-detecting sites out there...

1
0
Paul Crawford
Silver badge

It sounds like a great solution for the technically-challenged that value their privacy.

Lets face it, most people have little to fear from the likes of GCHQ/NSA/FSB/etc because the majority of folk who are likely to be after them or pestering them won't be getting data from such agencies. However, if you are politically important or work high up in a 1$B business that is unlikely to be the same case, but then you would have some competent IT folk to take care of you and you would not use a skanky old Android phone would you?

Sadly many don't realise the long-term consequences of world+dog having all of their secrets on hand to monetize via advertisement or blackmail with down the line...

9
1

Kremlin-linked hacker crew's tactics exposed

Paul Crawford
Silver badge

Re: "...and an endpoint exploitation kit called Scaramouche."

Which is why the EU has invested so much in Galileo! Galileo!

2
0

BMW chief: Big auto will stay in the driving seat with autonomous cars

Paul Crawford
Silver badge

Re: Gotta agree with BMW here

"given Google and Ubers current attitude to regulations"

One major difference is the big software businesses like Google, etc, have never had to write or certify safety-critical stuff.

Just now they hare playing at testing cars on the road but at what point is it all going to be subject to the sort of analysis, testing and approval that companies that write for aircraft systems, etc, have to do? And if not, why not? Why should a motorised object that are more than capable of killing and maiming be programmed by the sort of folk who write web browsers that randomly fall over with "Opps!" messages and they think its ok?

5
0

BOFH: The Boss, the floppy and the work 'experience'

Paul Crawford
Silver badge

He is a student, with nothing to do on a Friday with the BOFH and PFY. Why go to the quicklime trouble when a simple challenge of crawl around the local pubs is going to wipe ant credible story from him?

7
0

Europe to push new laws to access encrypted apps data

Paul Crawford
Silver badge

Re: "you stand out like a sore thumb"

No, you just encrypt before using WhatsApp or similar. Unless they decrypt and check EVERY WhatsApp message then they won't see your message as having any unusual characteristics. By time they do it probably too late anyway.

Depending on how any back door is implemented the cost of decryption could be made very high, for example to thwart mass surveillance but keep to the letter of the law, so they would need to have prior knowledge of suspects to check and then you are back to square one - to crack the 2nd level of encryption you need to arrest them and so on to obtain the key, so its no longer usable for surveillance as the suspects know they are being followed.

5
0
Paul Crawford
Silver badge

This is the European Commission speaking, largely a mouthpiece for the various EU governments. As such the tech companies should call their bluff and force it to a vote on a law (with explanations of how such a back door won't be discovered and abused) to the European Parliament. Many MEPs don't share the same authoritarian streak and it might just get kicked back when the public realise how their own privacy is being screwed over.

26
0
Paul Crawford
Silver badge

It wont. Not one bit.

What it will do is try to pacify politicians screaming "something must be done!" to appease Daily Fail-style readers all over Europe.

31
1

Windows 10 Creators Update: Clearing the mines with livestock (that's you by the way)

Paul Crawford
Silver badge

When I read that my WTF meter went in to the "Oh, this is going to be fun (for a non W10 user)" region. Have we got enough popcorn standing by for those poor users who find they can boot their machine after some weasel-worded upgrade?

1
0

Virgin Media suspends 4 staff over misreporting connections

Paul Crawford
Silver badge

Re: My experience with Virgin Media has been reasonable

If you really want something stable and under your control - don't use any ISP-supplied router / wifi point.

Get something half-decent that supports an open firmware such as DD-WRT or Tomato (say Linksys WRT1900ACS or similar, maybe also a switch or fancier device to do both) and spend an hour or so reading up on it, installing and configuring it.

Don't forget to set up a separate IP range for "guest WiFi" so your visitors and any dodgy devices (like most Android phones...) are not on any moderately trusted internal LAN's range (also you can bandwidth limit that so they don't throttle your business use). You can also set up a VPN on such a router if you value your privacy, but depending on your usage it might be better to keep the VPN option for mobile devices and/or any machines you use for sensitive data and don't need top-speed or the fixed IP address.

0
2

BDSM sex rocks Drupal world: Top dev banished for sci-fi hanky-panky

Paul Crawford
Silver badge

Salem reunited

So we have an example of beliefs being used against someone, but because its not, for example anti-Semitic or anti-Muslim there is little legal challenge of it not any apparent need for those in charge to fully justify their actions. Even the accusation of witchcraft these days will get little mention.

Has his interest in Gorean role-playing caused any harm? Have there been any cases of play-partners presenting stories of abuse? If not the Drupal team should shut-the fsck up and get on with developing software, not acting as moral police for communities who are probably able to make their own minds up (no matter how odd it seems to most of us).

121
3

Ex-military and security firms oppose Home Sec in WhatsApp crypto row

Paul Crawford
Silver badge

Re: @ MNGrrrl

If I could up-vote you 100 times I would!

The sad thing is we are dealing with vain and ignorant politicians who want to appeal to the tabloid-reading masses and thing that a "technological solution" like backdoors will make that quick and cheap.

It won't, it will fail in its prime goal and cause untold damage to the millions of innocent law-abiding people who have a right to privacy and to secure business dealings.

11
1

Manufacturers reject ‘no deal’ Brexit approach

Paul Crawford
Silver badge

Re: It'll be fine

"European Council, in agreement with the Member State concerned, unanimously decides to extend this period"

And you can see all of the EU members doing this to help the UK out? Really?

26
0
Paul Crawford
Silver badge
Facepalm

Re: Speculating

EEA is the least-worst option for UK industry.

But it will piss off the right-wing voters who (largely) wanted Brexit and they are Mrs May' voter base for now.

What do you expect a politician to do? What is best for the country, or what keeps themselves on the gravy-train?

15
3

Trump's America looks like a lousy launchpad, so can you dig Darwin?

Paul Crawford
Silver badge

Re: Cubesats == more space junk

If put in low 250-350km-ish orbits they won't be up for so log to cause a junk problem.

Sadly many are in the 600-800km altitude range where they will be for decades or longer :(

2
0
Paul Crawford
Silver badge

Re: Fuel + oxidizer = thrust

If you look around you should find:

http://library.sciencemadness.org/library/books/ignition.pdf

Its an informal history of the development of liquid rocket fuels. It is an eye-opener of a read for anyone with interest and even a basic grasp of chemistry. Some of they stuff their considered and even tried just beggars belief! But given the original goal was to deliver terminal global nuclear destruction to the Earth I doubt the toxicity or handling problems were very high on the agenda of the day...

(Note the PDF won't show correctly in Firefox but looks OK in evince or probably other PDF readers of your choice)

10
0

Bloke whose drone was blasted out of sky by angry dad loses another court battle for compo

Paul Crawford
Silver badge

Re: I had my Glock on me

I suspect if you had just shot down some knob-end's toy you might be wary of a visit by said knob-end and some of his "hard when in a group" friends.

Personally I think America's gun laws are damn stupid, but when in Rome do as the Romans do...

8
0
Paul Crawford
Silver badge

Here was I thinking he was a simple knob for buzzing a family with his toy. Now it seems he has gone that extra litigious length to prove he is really a "grand knob of the 1st order".

152
4

Carnegie-Mellon Uni emits 'don't be stupid' list for C++ developers

Paul Crawford
Silver badge

Re: Oh, goodie!

"FORTRAN is basically a universal assembler"

Not really. While *ALL* compiled languages eventually result in assembly-level instructions, C is a slightly special case in that it allows quite easy means of arbitrarily addressing memory locations and interacting with asynchronous events such as signals/interrupts. It also has many bit-wise sort of options in terms of manipulating integers, bit fields in structures, etc, that are useful for hardware driver I/O, etc.

That is not part of the usual FORTRAN syntax nor (I presume, not used) COBOL. E.g FORTAN 77 had no memory allocation support, you had to define fixed-size arrays at the start.

0
0
Paul Crawford
Silver badge

Re: Coverity is decent

It is also available free to FOSS projects.

While there are numerous warning that can be ignored, the golden rule for all such code-profiling tools is to make sure you understand the nature of the warning before you fix it or ignore it.

Also worth a mention are some free (at least on Linux, maybe others?) memory checking tools like valgrind and the good old electric-fence library. While not checking your source code as such, they do help with detecting run-time memory errors such as double-free, leaks, etc.

1
0
Paul Crawford
Silver badge

Re: That's why an OS shouldn't be written in C/C++

Oh yes, most of the OS kernel should as it needs that sort of memory wrangling and I/O poking sort of thing.

Most of the user-land tools and utilises probably not...

3
0
Paul Crawford
Silver badge

Re: Oh, goodie!

Remember this: C is basically a universal assembler, created to allow an OS to be written in a largely machine-independent manner. As a result it allows all sorts of potentially dangerous actions (in particular pointers, but not helped by some of the more odd/obscure syntax that sticks around).

Rule #1) If you can't program in assembler with any degree of success then don't use C

Rule #2) C++ adds some better features, and adds some worse features

Rule #3) If safety is more important than performance or universal support use another language.

Rule #3.9999999) Don't use flaky Pentium FPUs

17
2

Microsoft loves Linux so much, its OneDrive web app runs like a dog on Windows OS rivals

Paul Crawford
Silver badge

Re: so why not just use Dropbox?

Because they can all spy on you?

If you are going to use cloud storage then go for one of the "zero knowledge" types like Sync, SpiderOak, etc, that allow you to hold the only encryption keys for your data.

7
1

Softcat purrs as customers buy early to dodge Microsoft hikes

Paul Crawford
Silver badge

In related news, sales of KY jelly reached record levels in December...

2
1

Error prone, insecure, inevitable: Say hello to today's facial recog tech

Paul Crawford
Silver badge

What?

" the faces of 125 million US adults have been stored in criminal facial recognition databases"

Is my arithmetic, etc, wrong or is that about half the US adult population?

1
0

Microsoft delivers secure China-only cut of Windows 10

Paul Crawford
Silver badge
Joke

Re: So...

Can we in the west get a choice of who spies on us please?

20
0

Linux-using mates gone AWOL? Netflix just added Linux support

Paul Crawford
Silver badge

Re: I would expect high quality ripping to be a problem for Netflix

Lets face it, you can already get high quality rips of practically everything on the torrent sites. This is unlikely to change those dedicated pirates one bit.

But for the rest of the world it makes sense, if you can get stuff legally and without hassle its worth paying a modest amount for.

17
0

Wang, bang, thank you, mang: Acer exec off to sell PCs for Lenovo

Paul Crawford
Silver badge

Good to see the crap-ware has not been forgotten by the decent press.

Maybe Lenovo could look at what users want and are willing to pay for, off the top of my head:

1) No crapware or shitty trials to clean off a new machine

2) Choice of OS perhaps? OK MS stopping Win7 ain't going to help.

3) Good screen size and resolution on laptops. None of the shitty <= 900 lines stuff.

4) Useful connector option: at least a couple of older USB-2 style, HDMI, Ethernet and maybe USB-C reversible types.

5) Some hardware switch to hard disable camera, microphone and wifi/bluetooth. Oh and status LEDs to match in a visible place (same for HDD activity and power LED - wtf were HP doing putting them on the side out of view?) so you know if on or off and don't arse around wondering what software is broken.

4
0

DNS lookups can reveal every web page you visit, says German boffin

Paul Crawford
Silver badge

Re: RaspberryPi + PiHole

Configurable, surely?

3
0
Paul Crawford
Silver badge

Re: How do you defeat against your own ISP recording your browsing history?

"But can you REALLY trust those VPN providers to actually have the servers located in the countries listed AND not talk to Five Eyes on the sly?"

In any absolute sense - no

But the probability that they do honour the privacy guarantee is much higher than the probability of my ISP preserving my privacy.

Also I don't really have much to fear from the "five-eyes" style of secret service spying, but I do have much to consider if I end up in some dispute with some petty local bureaucrat who can access my web history and I can't access theirs. That is the whole point - to reset that asymmetry in power that the snooper's charter provides.

4
0
Paul Crawford
Silver badge

Re: How do you defeat against your own ISP recording your browsing history?

very simple: use a VPN provided from another country, ideally one without odious retention policies.

Don't use the PPTP protocol as its pants in security, ideally use OpenVPN. Then check the VPN is doing its job by visiting one of the test sites (such as ipleak.net or check.ipredator.se etc)

But as others have pointed out, using DD-WRT or similar on your router plus ad-blocking will go a long way for this particular attack. You can even buy routers pre-configured with DD-WRT and VPN in there so all of your home devices get privacy (not too cheap though).

1
1

Google Spanner in the NewSQL works?

Paul Crawford
Silver badge

Re: What time is it?

Exactly, if you use NTP and lose the time server link you get drift, but if you have local stratum-1 servers (i.e. time-servers that get their time from an atomic clock either directly, or most commonly from GPS time-transfer) that simply should not happen.

Still, all that using 'time' as a marker does is reduce the window of uncertainty in any split-decision issues, its not like an atomic (computing sense) transaction counter or similar that could be used to eliminate it. After all, you will get some variation in packet delays from originator(s) to SQL-like server(s) so time is not an absolute marker for event order in this case, but if you know your worst-case error is only tens of microseconds then you can at least narrow the window of event/decision uncertainty to be resolved.

Also (back to another rant of mine) to Google time-smoothing - that is a bad idea, but only needed or possibly justified if you use time_t / UTC as your system clock. How do you guarantee drift at stable rates? Keeping all system clocks on atomic time (e.g. GPS, or TDT) avoid the leap-second issues and allows reliable syncing to an atomic-disciplined local clock.

1
0

A router with a fear of heights? Yup. It's a thing

Paul Crawford
Silver badge

Re: Less air to insulate a PSU

Nope, just checked and it is IEC 61000-4-5 for lightning and industrial surges. Category 4 is 4kV / 2kA surge typically modelled with a double-exponential 8us rise time and 20us decay time.

Somewhere I remember reading that generally normal 220V/240V main is limited to around 6kV peak in any case as the wiring and sockets, etc, tend to flash over if you get more than that incoming (say farm at end of long overhead wires).

0
0
Paul Crawford
Silver badge

Re: Less air to insulate a PSU

Its voltage gradient that matters, i.e. (volts)/(distance). Going from 2000m to 5000m typically involves a 48% increase in creepage and clearance distances for PCB design, etc.

Edited to add @imanidiot - its not just the operating voltage, which can easily peak to a significant fraction of 1kV in a SMPUS, but also the need to pass a 6kV lightning surge test for typical safety reasons. That is why most distances are several mm (e.g. 8mm or more) for mains clearance, etc.

3
0
Paul Crawford
Silver badge

Re: Less air to insulate a PSU

Wrong, the ionisation voltage drops with pressure until you get really low (like near-vacuum) when it rises again. Its a risk for satellite HPA design, for example, as high-Q filter coils and similar with high voltages can arc wile it de-gasses, but stops once it really is a space-level of pressure. Which is why neon bulbs are at low pressure...

https://en.wikipedia.org/wiki/Paschen's_law

Also of note is the Chinese safety standards (stop laughing at the back!) specify to 5000m, not the more usual 2000m for UL.

1
0

Bloke cuffed after 'You deserve a seizure' GIF tweet gave epileptic a fit

Paul Crawford
Silver badge

Re: settings-autoplay=off

There was a time, I distinctly remember it, when web browsers had simple menu options to disable autoplay and animations. Opera was very good at that sort of nicety.

Until the went as a chrome re-skin, of course. And Mozilla decided to chase Google in the "lets dumb down the browser" competition.

14
0

An under-appreciated threat to your privacy: Security software

Paul Crawford
Silver badge

Pays your money, places your trust...

Same for many aspects of security & privacy, a lot comes down to who you can place some trust in to help keep your own stuff safe.

When using a VPN then do you trust the provider more than your ISP? Maybe, depends on your ISP and gov of course. More than "free wif-fi"? Almost certainly if its a half-decent paid provider. But in every case you would still use an encrypted link like https or SSH, wouldn't you?

When using any AV or end-point service capable of seeing inside your network and gathering data with admin privileges? It a much higher bar to meet, you really have to trust them to:

1) Not screw up and bork the OS

2) Actually stop malicious actors with a high probability

3) Not to leak your secrets deliberately or through incompetence

7
0

Intel touts bug bounties to hardware hackers

Paul Crawford
Silver badge
Joke

"Intel Security (McAfee) products are not in-scope of the Intel bug bounty program"

Why the surprise? Probably would have bankrupted them...

1
0

Canonical preps security lifeboat, yells: Ubuntu 12.04 hold-outs, get in

Paul Crawford
Silver badge

Re: On the plus side

They only support version to version, or LTS to LTS, so you can't skip one.

So 12.04 -> 14.04 works, but not 12.04 -> 16.04

Or 12.10 -> 13.04 but not 12.10 -> 13.10

0
0
Paul Crawford
Silver badge

Re: On the plus side

The distro-upgrade usually only works if you have a fairly simple mount arrangement, I have tried it and sometimes it works a charm, other time it failed miserably on machines with odd mounting setups and/or MD RAID in use.

My advice is always put /home on a separate partition, and if you have the space leave a blank ~50GB one as well. Next distro comes along, install it in the unused partition, and once working edit its /etc/fstab file to mount your old /home partition again.

Once happy, you can overwrite your old root partition when yet another new distro is available.

1
0
Paul Crawford
Silver badge

Re: Same old story

16.04 is the obvious way to go...but it has stupid systemd-related problems that are still not fixed "out of the box" a year on. Such as:

NTP failing because ntpdate is taking longer https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1577596

Shut-down/reboot scripts hanging for ~1m30 https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1594658

Stuff added in /etc/modules being ignored because its in a blacklist (e.g. watchdog drivers) which is fscking stupid - blacklisting is supposed to only apply to auto-detected modules. https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1535840

2
0

Zombie webcams? Pah! It's the really BIG 'Things' that scare me

Paul Crawford
Silver badge

Re: @ Solarflare

Ah, so that is where all those Martian packets are coming from...

6
0

Forums

Biting the hand that feeds IT © 1998–2017