* Posts by bazza

2052 posts • joined 23 Apr 2008

Yes, your old iPhone is slowing down: iOS hits brakes on CPUs as batteries wear out

bazza
Silver badge

Re: I wonder...

So the question is, if the battery is replaced does the OS take away the deliberate slow down?

Or is that an unanswered question, the answer to which might be a bit rubbish and Apple don’t really want to answer it?

10
0

NASA says New Horizons' next stop might have a moon

bazza
Silver badge

Three Cheers...

...for the boffins who constantly remind us that, whilst we do know quite a lot, really the universe is never going to run out of surprises.

Plus top marks for some first rate science, engineering, flying and teamwork.

I mention flying because it can’t be trivial to intercept the shadow of a rock that’s a few billion miles away. It’s not like there is a dark shadow racing across the ground to aim for. Plus it’s a really valuable trick that no other telescope in the world can do, so keeping it funded seems quite important!

Altogether now, hip hip?

23
0

Tech giants at war: Google pulls plug on YouTube in Amazon kit

bazza
Silver badge

Re: More of a loss for Google

And it’s seems that Echo has been a bit of a success, whilst whatever it is that Google are offering gets a market “Meh”.

That’s based on the fact that I know several people with the Echo, and no one at all with Google’s (ie a very scientific and objective measurement...).

So Amazon are winning it, Google aren’t. Kinda makes sense; you can’t really buy stuff from Google like you can from Amazon. Amazon has stuff sell, google don’t.

Google are like “yes you can buy from us, well really it’s a targeted search system not a buying system, we’ll cream off the top but any purchase is between you and the vendor leave us out of it don’t come to us when they’ve pinched your money and posted you a picture of a cabbage instead of the 1TB SSD you ordered no we don’t have our own distribution centres your items will all be delivered separately”.

Google are trying to get to the top of the market the lazy way, ie not having physical presences anywhere other than data centres. It shows. A mate has a Pixel phone, he cracked the glass, but there is no (or was not, may have changed now) spares distribution system or repair network he can go to to get it fixed (it’ll probalably be a market stand job). If it were Apple or Samsung there’d be no problem. Both are in the business of selling hardware and have the supporting infrastructure to suit.

18
1

AMD scores EPYC gig powering new Azure instances

bazza
Silver badge

Re: Team Red Winning Again

Seconded.

AMD’s encryption for VM guests is very interesting. You can trust that the host nor other VM’s can ever see inside your VM (if you accept the paperwork). That is quite a distinguishing feature, or so I’d have thought. Can’t get the from an Intel host.

3
0

WW2 Enigma machine to be seized from shamed pharma bro Shkreli

bazza
Silver badge

Re: Enigma

Yes, but what Alan Turing broke was the newer Enigma with the plug board, which had stumped the Poles. That was a very clever piece of thinking in his part.

The history has been firmly established for many decades now, and the Pole's hugely important role in the endeavour has been widely acknowledged for a very long time.

On the shoulders of giants and all that.

101
0

Expert gives Congress solution to vote machine cyber-security fears: Keep a paper backup

bazza
Silver badge

Going part way as you suggest - paper but machine countable - is a plausible option.

However the benefit of manually counted paper votes is that the result is harder to argue about, gives stronger attestation of the result. If a machine count were contested you'd then have to manually count it; that takes a lot of organisation and time to do if unprepared which is likely unacceptable in such circumstances. May as well be prepared, so why not do a manual count in the first instance...

At the end of the day it's all about perceptions. It maybe acceptable to a population simply to know that there is a permanent paper record and that a manual count could be done if required and individuals can verify that the vote they cast is recorded on their piece of paper. Personally speaking I'd be very interested in the design of the counting machine, because that's the place where something nefarious would be attempted.

4
0

Dawn of The Planet of the Phablets in 2019 will see off smartphones

bazza
Silver badge

Pocketalypse

Seems like we're heading back towards lugging laptops around...

26
0

Hey girl, what's that behind your Windows task bar? Looks like a hidden crypto-miner...

bazza
Silver badge

Re: Finally, a reason to move the task bar

Yet the same trick works on Linux and everything else too. It's the HTML/Javascript standards that allow this, and they're everything to do with Browsers, not operating systems.

18
1

Pro tip: You can log into macOS High Sierra as root with no password

bazza
Silver badge

It requires physical access so it's not a vulnerability. It doesn't matter how often I hear this one it makes me laugh. Somebody with physical access can access all your data and that's not a vulnerability? What exactly do you consider a vulnerability then?

The article has been updated; the trick works from the command line too. So any application that an attacker can get run on the computer can get itself root privileges. So whilst there is no remote vulnerability, it's only one successful social engineering attack away from that.

Pretty dangerous I think, and that alone justifies the early and global dissemination of the news. Leaving this one to fester in private would have left all users everywhere very vulnerable to malicious software.

9
0
bazza
Silver badge

Re: How worse than Single User Mode?

Is it exploitable over a remote desktop connection? That would be worse.

According to the update to the article it can be done on the command line too. So not vulnerable to a remote attack unless the perpetrator can get something run on the computer first (malicious but otherwise innocuous app, etc). Fishing attack might open up the doors for that.

I have to say that between Apple and Intel we're seeing some stinking cock ups in recent times. It's almost funny. All we need now is for Windows or Linux to join in and we may as well throw every single computer in the planet into the bin. Apart from the ones running Solaris.

4
1

Summit for the readers who are hot for petaFLOPs: Server nodes flashed at SC17

bazza
Silver badge

Obligatory Comment

Yes, but will it run Crysis?

0
0

Royal Navy destroyer leaves Middle East due to propeller problems

bazza
Silver badge

Re: I knew it was a mistake

Or rather the routes used by the gas carriers from Qatar to the U.K. Aren't being watched over.

If that traffic were stopped we're in for a chilly winter here in Blighty.

21
1

Phone fatigue takes hold: SIM-onlys now top UK market

bazza
Silver badge

Re: Who gets paid for stating the bleedin' obvious ????

I honestly think I need to stockpile a few iPhone SEs for when my 5S finally dies (3 years old and no reason to replace it)

I see a lot of SEs around here. Lots of pluses - cheap, they work, they're not burdened with pointless frippery, small, battery life is ok. I have one at the moment. The OS / UI sucks, but I don't really care any more.

Probably getting a BB Motion - monster battery life. It's Android of course so that's another horrid UI...

0
1
bazza
Silver badge

Re: @m0rt

You say Blackberry, but I hear that my Priv will soon stop getting patches.

Maybe, but it is 2 years old now. To be talking about a cessation of patches on a 2 year old Android is nigh on unprecedented.

Most other Android phones seemingly drop off the manufacturer's radar after 6 months...

IPhone is different of course. BlackBerry is still sporadically updating BB10.

Hopefully the situation with Android will improve, with Project Treble in Oreo. For those manufacturers who don't put a thick skin on top of Stock Android, staying patched through Google's channels should become easier...

0
0

You're such a goober, Uber: UK regulators blast hushed breach

bazza
Silver badge

How about their self driver?

With this approach to IT security, and everything else, what do we think their attitude to bugs in their self driving car software is going to be? Reassuringly trustworthy? I think not...

So I won't be getting inside one.

1
0

Microsoft's memory randomization security defense is a little busted in Windows 8, 10

bazza
Silver badge

Which OS is stuck on x86?

Er, OS X?

Windows has grown an Arm variant quite recently, Linux is on everything, Solaris comes in Sparc flavours, and all the embedded OSes work on everything else too.

3
0

Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets

bazza
Silver badge

Re: If this wasn't meant as a deliberate backdoor...

I suspect it started off as a platform on which all the power management code could be run. The idea was that with the CPU looking after itself (power settings, cooling, voltages, clock frequencies, etc), you then wouldn't have to put all that code into the main operating system.

This was sensible, given that getting all that hardware management wrong could fry the silicon to a crisp. Offloading it to a separate microcontroller with a fixed binary blob meant that Microsoft, the Linux community, Apple, and every OS developer didn't have to do it themselves and get it right.

Then the feature creep started.

I'm sure that Intel's intentions where perfectly harmless. Being able to manage a server like you can (mount ISO images, see the console, all sorts of useful admin things can be done from afar) is incredibly useful. Just a shame the made a complete mess of it.

To be honest I can't see a way of implementing remote management of that sort without having an ME CPU bolted on the side with quite a lot of low level access. Though I don't see why that should need the ability to access all physical RAM, all Ethernet traffic, etc.

15
2
bazza
Silver badge

Re: Niche Market

Whitepines beat me to it.

Yes, OpenPower seems to me to be a very viable way to go. The CPU is genuinely the Central Processing Unit,

6
0
bazza
Silver badge

Who knows. Perhaps NSA saw what Intel was up to and simply decided to let them get on with it, knowing that they'd fsck it up badly to NSA's advantage.

Why bother coercing / cajoling Intel into slipping in a hidden backdoor when you know they'll build in aircraft hangar sized doors through sheer incompetence... So long as Intel stick to this idea of an ME, there's code there that will likely have flaws.

Raptor Engineering are up to something interesting with OpenPower. Basically with the Power9 CPU from IBM being "open source", they're in a movement to do a completely open source computer (all the way down to the silicon design, board schematics, firmware, and of course the OS + software stack on top). It's all there for one's inspection.

No magic closed source firmware / ME there.

44
0

Belgian court says Skype must provide interception facilities

bazza
Silver badge

Re: Belgium is a tiny country

This is likely part of an eventual Europe wide reconsideration of OTT services as telcos. That includes Apple (FaceTime), WhatsApp (everything), Facebook (Messenger), Google (surely they have a message service somewhere but I don't bother learning the names because hey keep throwing them away), Instagram, Line, Snapchat, BBM, etc.

If that happens then the newly anointed Telcos will have to strike a balance between complying with LI laws and their current marketing / public positions vis a vis "privacy". Making a big fuss about privacy now may suit the public mood, but may put them out of business later when their privacy conscious users flee once they introduce LI systems.

Withdrawing from lil ol Belgium is one thing, from the whole of Europe dents the bottom line quite a bit. Belgium has simply set a precedent...

Skype's original peer to peer architecture is of course highly resistant to this kind of thing. An open source equivalent with no corporate backer would be very difficult to intercept. But there's no money in it for anyone, so no one organisation with sufficient marketing clout will ever promote such a thing.

5
0

BlackBerry Motion: The Phone That Won't Die

bazza
Silver badge

Stock-ish. They run the GR-Security Linux kernel. That's the one which is causing a certain amount of friction between Linux/GPL purists and GR (who serve people like BlackBerry that simply want an OS without a long list of known vulnerabilities).

Couple that with a secured boot loader, and it's still pretty solid, and they may have been able to carry over some of their cryptographic accreditations too (or at least be using the same libraries). AFAIK no one has managed to root BlackBerry's version of Android yet.

Their soft keyboard is very good (in my humble opinion). That's on their Android.

Hub is pretty darned good - though I think the deeper integration that was achieved on BB10 will be something that I'll miss.

Otherwise it seems to be a pretty stock Android experience. That is a good thing - it's easier to keep up with the deltas between Android versions.

Lost Forever

You may already know of the following - this'll serve as a record of what we once had as much as anything else...

BlackBerry Travel is a thing not carried over; in fact it's gone from BB10 too. It was a BB-branded front end for Worldmate, and for the seriously busy traveller it was very good; sorted out your flights, hire car and hotels for you, and coordinated with your colleagues too. Many a busy traveller swore by BB Travel for, well, a decade or more.

Worldmate has shut up shop rather than try and compete against Google (who, as is typical, have waded in to the travel market with an inferior but ubiquitous effort. Try booking hotels, flights, and hire car all in one smooth action with Google..).

Another thing that has gone, probably for good alas, is BlackBerry Balance. On BB10 this was effectively a multi-level security system that was the neatest solution to the BYOD problem I've ever seen. It is significantly better than Samsung KNOX. It was perfect for keeping both the User and Company happy. It suffered from being a concept that was pretty hard to grasp. Being BB10 only meant that there wasn't an Android / iOS equivalent to educate the world. There's very little possibility of doing something so rigorously developed as Balance on top of Linux, or iOS.

2
0

Brace yourselves, fanboys. Winter is coming. And the iPhone X can't handle the cold

bazza
Silver badge

But..

B, b, bu, bu, but it's so beautiful, it must be perfect, mustn't it?????

21
7

Google on flooding the internet with fake news: Leave us alone, we're trying really hard... *sob*

bazza
Silver badge

Re: Goggles

I got fed up of Google's poor search long ago. It's woeful. There's little point looking for specialised information these days. Quite often I want an exact string match; can't be done any more. Alta Vista, Alta Vista, my kingdom for an Alta Vista!

So I use Bing instead. No, it's no better, but at least I'm not feeding Google with fake confidence.

5
0

American upstart seeks hotshot guinea pig for Concorde-a-like airliner

bazza
Silver badge

There's also a lot of aerodynamic subtlety to the shape of Concorde's wing that was less obvious back then than today. And the wing was also, I think, quite difficult to manufacture.

So if the Soviets did have copies of the drawings, it might not have been readily apparent why the shape was how it was. So perhaps the Tu-144 came out a bit more flat-plated than Concorde owing to a lack of understanding of Concorde's shape and not wanting to simply copy it verbatum (if they had the drawings that is). Still, to get the Tu-144 into the sky was still quite an achievement, even if it wasn't totally successful.

Delta wings are often disliked by some aviation design communities. They can suffer from a lack of controlability at slow speed (the pitched up wing masks the control surfaces at the rear from the air flow, so no control). The fix is canards. The Americans went off deltas some time ago; SR-71/A12, B58, F106, etc are all quite old. In contrast the British (Javelin, Vulcan, Concorde, Typhoon) and French (endless Mirage's, Rafale, Concorde) liked delta wings. Concorde also had weird drag / speed characterstics; as the speed bled off and the aircraft was pitched up to maintain altitude, the thrust would have to be increased; tricky stuff.

For all things techno-geaky about Concorde, it's well worth ploughing through this extensive, multi year thread on PPRUNE.

9
0
bazza
Silver badge

Bon Voyage

Good luck to Boom. It'd be nice to see a supersonic champagne tasting session once more (i.e. very civilised). The problem is engines, hopefully they'll be allowed some military power units; very expensive to develop from scratch...

8
0

Oracle ZFS man calls for Big Red to let filesystem upstream into Linux

bazza
Silver badge

GPL2? Think of the *BSDs!

Unless the code is released under GPL2, it cannot be integrated into the Linux source code. There's been enough fuss already about using it as a separately provided kernel module.

The problem I see with that is that once it's released under GPL2, will it continue to be released under the more permissive license that helps out, for example, FreeBSD? It would be a real pity if ZFS went to GPL2, and GPL2 alone, because it would seriously screw things up for the people who are already using it elsewhere.

It could be multi-licensed of course, but license fragmentation can easily lead to source code fragmentation too, unless absolutely every contributor is commited to releasing their efforts under multiple licenses.

10
1

Ubuntu 17.10: We're coming GNOME! Plenty that's Artful in Aardvark, with a few Wayland wails

bazza
Silver badge

Re: Looks tempting

@Bombastic Bob,

I too have never found X to be a problem. GTK is a miserable pile of ordur.

I think if one is doing a lot of work that involves a load of texture maps in 3D, the pipe does become a problem. Hence moving away from that architecture. However...

Internal DMA

Of course the only reason why a pipe is problem in that circumstance is that it inherently involves memory copying, a lot of context switches back and forth (especially for large amounts of data flowing), a so forth. However modern Intel CPUs have features that would completely eliminate that problem; internal DMAs. A pipe-like facility could be implemented around internal DMAs, which would be lightning fast (indeed, very fast), and would take far less CPU time to shift data from a client application (e.g. texture maps) to a display server's internals. If mailbox semaphores were possible (I don't know if they are on an Intel platform) the DMA could even ping off a semaphore post to wake up a display server once new data had been provided by the client. Et voila, a client server architecture with far more bandwidth (by definition, the best possible bandwidth) and zero context switches in/out of the kernel.

A thin layer on top would all this to optionally pump client data down a real pipe or socket (for remote servers).

What do you think? A good idea?

It seems that no one involved in replacing X is stopping to think whether or not the client-server model could be retained. I think they've blundered straight on into replacing it with a fairly crude driver architecture without casting an eye around to see what hardware facilities now exist to improve the existing client / server architecture. It'd be a great pity if all that nice DMA silicon that Intel now put in their CPUs ended up not being used by an updated X server for *nix.

8
0
bazza
Silver badge

Popcorn / Fireworks / World War 3

From the article:

A lot of companies would never have admitted that the vision of convergence wasn't what people wanted. That's the sort of move that takes guts and honest appraisal of what you're doing, what's working and what's not. The GNOME project has never displayed that kind of thinking. And as far as I can tell, it operates on nearly the opposite premise. It's to early to say, but I predict conflict down the road. Keep a bag of popcorn handy, I believe there will be plenty of fireworks to watch.

GNOME is particularly objectionable. Seems typical of the projects with heavy duty RedHat involvement these days. It's like they thought, let's take everything that's good about a desktop and minimise it or, preferably, throw it away altogether. God knows what all that bloaty code is for, but it's not giving me the desktop environment I want.

8
0

Malware hidden in vid app is so nasty, victims should wipe their Macs

bazza
Silver badge

Erm, aren't they called firmware viruses?

I seem to recall Lenovo put something into some of their device driver firmware that would reinstall bloatware. Or something like that. Ok so that's not a Mac, but then Macs and PCs aren't so very different.

40
2

Facebook tackles race hate problem head on with programming tool

bazza
Silver badge

Out of Date

Neat idea, but this kind of concurrency problem has been sidestepped altogether decades ago. Concurrent formulations such as Actor Model and, more importantly, Communicating Sequential Processes are 1970s ideas. The latter in particular is highly relevant to anyone wanting code that executes concurrently which is provably free of deadlock, livelock and spinlock problems as well as having zero memory sharing errors. There's even a process calculus for it.

CSP was briefly fashionable back in the 1980s, early 1990s (Inmos's Transputers, Occam), but is now alive and well in languages such as Erlang, Rust, Go, Scala. Of those, Rust in particular looks really good (no runtime needed, ideal for all sorts of software and not just desktop applications like web browsers). I'm perverse, choosing to do CSP architectures in C/C++ (I have to have a library...).

This is clearly the way to go for future developments. Sticking with the old "lets share memory and guard it with a semaphore" is not faster to run, is a lot longer to debug (even with tools like this from Facebook), and is prone to stinging you in the arse years down the line when some unexpected sharing issue finally occurs for the first time.

It is also inherently limiting when one wants to scale up a piece of software across a whole network of computers; Actor Model or CSP channels can be network connections; shared memory / semaphores cannot. Shared memory architectures fundamentally require an SMP computer; that's increasingly becoming a bottleneck in future CPU speed improvements; massive chunks of modern Intel CPUs, and especially AMD CPUs, are dedicated to synthesising an SMP environment from an underlying NUMA architecture.

Whereas CSP / Actor Model architectures are entirely happy with NUMA. A computer that is a pure NUMA machine would be a lot more power efficient (or faster, depending on how you want to adapt).

4
2

BlackBerry Motion lurches into UK stores

bazza
Silver badge

Yep...

...I'm buying one. I was seriously tempted by a KeyOne, but this one does it for me.

3
0

Aviation industry hits turbulence as Airbus buys into Bombardier’s new jetplanes

bazza
Silver badge

Re: Missed a point...

You missed one important Point on this - the plan is to assemble the C series for the American markets at Airbus's factories in the US in order to try and avoid the American tariffs on the C-series. It will be very interesting to see how that plays out.

Whilst the tariff is now a consideration, apparently Airbus and Bombardier were talking about a deal before the tariff was announced. Now, that's either excellent judgement on their part as to how the trade dispute would pan out, or there's more at stake than that.

The C-Series is such an excellent fit against what Airbus is already manufacturing and selling that a deal between the two companies was pretty strong. Airbus had an effective gap in their catalogue (the planes they were offering in the class simply weren't selling). Bombardier had the right aircraft, with certification and excellent in-service reports, but lacked the ability to take it to the world and swamp the market. Put the two together, et voila! A very strong line up, and the manufacturing capacity and financial muscle to make it a world beater.

A consequence of the deal might be that they can sidestep the US tariffs. However, I think that what is more important is that the C-Series is now a serious contender in the world market. And the world market is far larger than the US market. Doing well in the USA would be nice of course, but the real prize (one now within their reach) is the global market. Win that, and losing out in America won't really matter at all. Win that, and the existing Bombardier and Shorts Brothers factories will be kept pretty busy (Airbus haven't got lines lying idle in Europe to soak away the work).

Also everyone is forgetting that the tariffs are yet to be imposed. That issue is in itself not settled until the new year, when the US government determines whether or not Boeing was "damaged" by the under-pricing the US government says they found.

Boeing's Mistake

All the nice things we can say about the neatness of an Airbus-Bombardier tie up can also be said about a hypothetical deal between Boeing and Bombardier, if not more so. Bombarider's design is clearly excellent, and Boeing are in dire need of an excellent design to compete in the single aisle market. Why oh why oh why were Boeing more focused on grinding Bombardier into the dust than on recognising the opportunity represented by a financially stressed but technically competent Bombardier? Pride? Over-Confidence? These are dangerous traits.

Airbus have clearly sweet talked Bombardier (and importantly their family shareholder who still have a lot of influence in the company) in a way that Boeing never even begun to consider. Boeing's aggressive trade stance was probably the final straw that forced Bombardier (and the family, and other shareholders) into realising that the future lay in a deal, not in independence.

Now that the deal is announced one has to conclude that the future of the design, and by extension the Bombardier company, employees, etc. could very well be far larger than they ever dared hope for. It's a case a 50% slice of a 2000 airframe program being more valuable than 100% of a 500 airframe program. And given the quality of the design there's no reason to suppose that it won't get to be that big over the coming decades.

Airbus's 60 Year Free Ride

Since February 1987 Airbus have not really had to touch the design of the A320 to keep it competitive. Only recently have they NEOised it. And now they've picked up a better design with lots of growth potential for $1.00. This will see them through for another 30 years, probably. This has got to count as the cheapest ever R&D budget spent in maintaining market share.

Boeing has had 30 years to come up with a 737 replacement design that would actually make Airbus sweat, but hasn't done so. This is a ridiculous, decades long failed strategy by Boeing. And now look what's happened. Airbus has taken another leap ahead for the price of a coffee.

Develop and Compete, or Die. Perhaps Boeing don't believe in Evolution?

Timing

The timing is significant. We're about 9 months from the Farnborough airshow; that is an ideal period of time in which to go to potential customers, show them the plans, and get a few sales lined up for announcement at the show. The deal between Airbus and Bombardier is itself not scheduled to close until H2 2018, but I don't think that'll matter.

Reportedly there's already been some hurried analysis by various fleeting planners. There's probably a lot of operators out there tempted by the C-series, but were nervous about Bombardier's ability to fulfil an order. Now that concern has all but gone away, and with Airbardier likely willing to let some early orders go through at knock down prices, the C-series is suddenly back on their radar scopes. There's real financial advantage for the early buyers, so I expect the phone lines will be a bit busy in the next 9 months.

7
0

WPA2 KRACK attack smacks Wi-Fi security: Fundamental crypto crapto

bazza
Silver badge

WEP is broken, but I fear that it might now be better than WPA2! So far as I know it takes a little bit of effort to break WEP.

This flaw in WPA2 seems to be trivial (at least from the point of view of computational complexity) to exploit.

Oh the irony if the short term fix is to turn on WEP...

1
0
bazza
Silver badge

Re: Security is dead, long live security

Noooo... Most manufacturers will use this as an excuse to push a new model out within the month!

The cynic in me points out that if that's what they do, they'd be having to repeat it after the standard finally gets fixed (for that is where the problem sits). And if I know anything, it's that standards don't get changed very quickly at all.

1
0

FCC Commissioner blasts new TV standard as a 'household tax'

bazza
Silver badge

Re: Is it wrong ..

If you're referring to the transition from analogue to Freeview, I think that was done quite well.

Freeview was around for a long time before they finally switched off the analogue signal. And a basic Freeview box was pretty cheap (I think there were even some help to buy schemes for the disadvantaged). Plus undeniably it was a big improvement.

There's some people using 1930's TVs with a Freeview box. Not bad for backward compatibility (ok, they're using a scan converter too...).

The trouble with having done that is that the reasons to upgrade beyond that become significantly less compelling to the end users. Freeview is still Freeview, which is excellent, plus they've managed to sneak in a couple of HD channels. That's all been handled reasonably well.

And of course what they're doing in America is the equivalent of turning off Freeview altogether and starting from scratch. Doing that here would result in the Daily Mail exploding in indignation...

28
0

Qualcomm offers concessions to secure NXP Semi takeover

bazza
Silver badge

And Freescale had a dominant position in telephone exchange equipment with PowerQUICC. And there's still some niche users of their PowerPC range of CPUs who will want guaranteed supply (i.e. Uncle Sam, who has a way of insisting on these matters,,,),

NXP do a whole load of stuff that I can't see Qualcomm being interested in at all. Worrying times.

0
0

BlackBerry's new Motion will move you neither to tears of joy nor sadness

bazza
Silver badge

Re: USP

At least BB, imperfect though they are, have been reasonably good at getting Android patches out to their customers. Some other manufacturers just don't seem to bother.

So far as USPs are concernced, that alone is about the only thing that would ever convince me to give Android a go.

2
0
bazza
Silver badge

Re: Barf!

BlackBerry's Hub is excellent, by far the best messaging client out there. If it's a bodge, it's only because Android is too lame to allow Hub to be integrated into the UI as deeply as it was on BB10 (where it is truly excellent).

10
1

Shhh! There's a new BlackBerry and... no, we've said too much

bazza
Silver badge

Re: Not a Blackberry

Well, what is a BlackBerry then? A Z30?

I have one of those, it's excellent as a phone and a messaging device, though even that is being eroded by the lack of a lot of social media apps. For the years I've used BB10, the thing that really makes a BlackBerry for me is their Message Hub. Which you can get for any Android phone.

Trouble is a lot of Androids I've played with are, well, yeeeuurrrkk! Especially Samsungs. Android's approach to app permissions is a real turn off; Nougat fixes that, which means a Keyone or newer (they've not put Nougat onto a DTEK60 yet).

I wish BlackBerry would do an iOS version of Hub, because iOS's own messaging (which I'm currently using) is shit.

The Keyone is pretty good based on people I know who use them. But I don't want a keyboard. This new phone look ideal, though obviously not as good as an up to date BB10 phone with a rich and rewarding app ecosystem.

Interesting Phones

If you want an interesting phone, one of the guys who was involved in the fantastic Psion 5 is now involved in some effort to do a modernised version of that. Running Android (boo), but even so it could be interesting.

1
0

RAM, bam, awww ... man! Boffins defeat Rowhammer protections

bazza
Silver badge

Re: Why the emphasis on software mitigations?

Unfortunately, it seems that the reason the hardware is "vulnerable" in the first place is because the operating margins of SDRAM are pared so far back to give us what we also want: high speed, low power memory. AFAIK there's no real hardware fix for this; high speed higher power memory doesn't work (the speed is achieved in part due to the lower operating voltage).

So yes, we can have memory resilient to rowhammer attacks, but it's like that this would also be slower; and that's a tough marketing proposition at the moment. ECC memory helps somewhat - it becomes harder to exploit the physical effect undetected - but it is still vulnerable to a denial-of-service style attack (the memory can still be changed, but now you have memory faults cropping up and a crashed computer).

There's other hardware deficiencies in our computing hardware. The behaviours of cache subsystems in almost all CPUs mean that Address Space Layout Randomisation can be defeated pretty easily - The Register has carried articles about this being achieved in <1minute in Javascript in a browser.

ASLR is important in defeating things like browser exploits, and it's defeat may eventually cause Javascript to become to be seen as dangerous as things like Flash, Java plugins. That would be a disastrous outcome. The vulnerability is also in the hardware - in how caches permit timing attacks against ASLR - but again the fix is unpalatable; it means a slower CPU.

Stop Executing Everyone Else's Code

To me the real fix is to stop allowing other people to execute any code they like on our computers. Browsers are a major vector for this - Javascript in web pages. It's asking for trouble. A better way is to not allow execution of someone else's code on our own computers.

Yes, that changes the web a lot - it means server side execution is all that is "safe" - but ultimately it's the only way to guarantee that exploitative software does not get run on our vulnerable hardware.

15
3

Musk: Come ride my Big F**king Rocket to Mars

bazza
Silver badge

New York to London by rocket? Ok it's a short flight time, but the journey time will be terrible. First get to the boat. Then motor out to the rocket. Then put on a spacesuit. Then get in the rocket, shut the door. Then complete all the pre launch checks. Then whooosh bang up into the sky and back down again. And then the reverse process. I reckon the whole thing could be slower than flying.

Concorde was very fast of course, but one of the lesser known aspects of Concorde travel was the ground arrangements. They had a dedicated 10 minute check in (none of this 3 hours early nonsense. Though of course they had a lovely lounge if one wished to arrive early). They had dedicated baggage, customs and immigration queues on arrival. Saved about 3 hours airport time off the journey too. So whilst Concorde itself saved about 3 hours, the overall service loped another 3 ish hours off the time too, or about 6 hours quicker.

BA were (still are) running a similar service from London City. Ok it was subsonic, but overall still 3, 4 hours quicker than an ordinary flight from London Heathrow (City airport is very handily placed). The new C series from Bombardier is very interesting because it can manage London City to New York without having to refuel at Shanon in Ireland on the way, saving another hour or so.

I reckon Musk's half hour rocket would take a ton of time...

31
1

BlackBerry reveals slim profits as Dolby-isation of brand marches on

bazza
Silver badge

Blackberries have, like everything else, been made in China for a long time. Their trick is for the OS to be able to cryptographically verify parts of the hardware and boot loader sequencing. The OS (certainly their classic OSes BB10) would refuse to run if it didn't like what it saw.

That's what set Blackberry apart in the eyes of government users; they'd thought about checking the integrity of the hardware and firmware. A bit like a PC's Secure Boot today, but for a phone. It makes tampering very difficult.

0
1

Hi Facebook, Google, we think we might tax your ads instead – lots of love, Europe x

bazza
Silver badge

Ouch!

Harmonisation of tax rules is effectively handing over full sovereignty. You can no longer spend money on what you want because you cannot choose how much to collect.

Whilst the EU technocrats might favour it, there's not been one single national government in Europe that's expressed a view in favour of such a move (AFAIK). It is as much a political union as anything else, and no national prime minister or president seems keen on giving up their control entirely...

5
0
bazza
Silver badge

Easy

The tax would be levied on the customers of Google, Facebook, etc, not on Google or Facebook themselves.

So if you're a French car dealer looking to advertise to French customers on Google, some money has to flow from your bank account to pay for it. That flow can be taxed. The actual destination for the cash is almost irrelevant.

Evading such a tax would be hard; you can't stop the tax authorities looking at the ads you've bought and reaching conclusions about your company tax returns.

6
1

BlackBerry's QNX to run autonomous car software

bazza
Silver badge

The usability or lack thereof of a car's infotainment software is largely unrelated to the kernel underneath. Any modern kernel running on a decent SoC should be capable of delivering an excellent experience. It's a matter of supreme unimportance if there is a Linux, QNX, BSD or NT kernel under it all.

Someone over at ARSTechnica did a review of ICE systems, and if my memory is correct the QNX ones generally had smoother animations, smoother transitions. Having a hard RTOS certainly helps prevent any jittery movements.

I think one if the big reasons why QNX is popular in that space is that there's good support teams that can help get BSPs right, and it's what a lot of other automotive places use too. It means less time setting up BSPs and hardware, more time writing ICE software, and a commonality across the industry which helps with staffing.

There's companies do that (BSPs, support) with Linux too, but they don't themselves own the OS and so are not in control of its technical development. Linus wakes up one day with a great idea, could be a big fork.

1
0

You've been baffled by its smart thermostat. Now strap in for Nest's IoT doorbell, alarm gear

bazza
Silver badge

Does This Count as CCTV?

If I've read this right there's a camera on the door bell that is operating all the time, performing facial recognition, reporting visitors back to you.

That's a CCTV system. And you'd have to put up a sign saying so to be able to legally use it in the UK.

Overpriced Tat?

I currently have a Nest thermostat. I ditched it's schedule learning as soon as the weather started turning cold and the heating started coming on at weird times of the day. Useless. Now it's just a glorified way of switching on the heating before I set off from the airport to come home.

None of this Stuff Is Going to Work Whilst we Build Houses this Way

The need for a low voltage wire was interesting. It betrays a wider problem in the IoT space; power. Almost everything I've tried has been severely hampered by being battery powered. Radiator valves, burglar alarm sensors, you name it. They would all work a lot better if they could be supplied with 12VDC from a mains powered source.

None of this Stuff is Going to Work Whilst we Write Software this Way

Of the stuff I have that is mains powered, it's then let down by the software. Frankly, it's all a bit shit. Burglar alarms, power switches; it's all pretty rubbish in some way.

The one thing about Nest is that their software is reasonably OK, apart from the auto-scheduling. But on the whole the IoT world just doesn't understand software, and what it's got to do.

9
1

Regulate, says Musk – OK, but who writes the New Robot Rules?

bazza
Silver badge

Re: Liabilty? No difference!

If you take the phrase:

“If an autonomous system acts to avoid a group of school children but then kills a single adult, did the system fail or perform well?”

and replace "autonomous system" with "human driver", what you almost certainly have is a case of Driving Without Due Care and Attention, or Causing Death by Reckless Driving. It's an open and shut case of driving too fast for the conditions. You're supposed to be able to anticipate that the group of school kids might move so as to be in one's way. If they already were in the way (say, crossing the road on a blind corner), the driver has no defence whatsoever.

So if an autonomous system does it, the manufacturer of that system has failed to build in enough anticipation into the machine's abilities. If it happens just once, all our self driving cars will then start crawling through town at a snail's pace, just in case.

==EDIT==

Er yes, what Pete 2 said.

The difference is that I think humans are far better at anticipating what other humans will do than any machine will ever be. A group of well behaved school kids walking tidily down the pavement emits a completely different set of warning signs to a bunch of kids mucking about. You're wary of the former, you're down right paranoid about the latter.

1
0

It's September 2017, and .NET lets PDFs hijack your Windows PC

bazza
Silver badge

Re: Just say no to software developed using unsafe languages like C/C++

...and what does he think Java, .Net, Linux, WindowsNT kernel, web servers, etc are all written in?!

12
0

Another reason to hate Excel: its Macros can help pivot attacks

bazza
Silver badge

Re: Waddyamean 'Another reason to hate'?

No, I won't accept this. Slurs on Word or Excel are unfair, unwarranted, and ridiculous. Such excellent pieces of code should be loved by all, marvels of usability and usefulness.

At least, that's how they are compared to Visio.

14
0

Solaris update plan is real, but future looks cloudy by design

bazza
Silver badge

Sparc Emulator?

Previous efforts have been, well, how can I put it, sluggish?

2
0

Forums

Biting the hand that feeds IT © 1998–2018