* Posts by Duncan Macdonald

384 posts • joined 20 Mar 2009

Page:

The lady (or man) vanishes: The thorny issue of GDPR coding

Duncan Macdonald
Mushroom

How many decades ?

How long before 50% (let alone 100%) of companies comply with the regulations ?

For fun - just imagine 1% of the users of Microsoft products query M$ for the data that M$ hold on them (or the same for Google !!!).

How many firms are going to go back over their archival backups to delete individual's data ?

Accounting records have to be kept in the UK for a number of years - how does this interact with the GDPR? If a user requests that his data is deleted - does this then have to happen when the retention period required by tax lax expires?

1
0

Let's harden Internet crypto so quantum computers can't crack it

Duncan Macdonald

Possible deadly flaw - compromised software

For a closed source implementation (eq most Windows programs) there is a danger that a deliberately weakened random number generator is used. If the public/private key pair is generated with only 32 bits of randomness instead of 2048 or 4096 then breaking would be easy for the NSA. This would not be easily apparent to the users of such compromised software as all the key exchange protocols would proceed as normal.

Note such a flaw could already have been placed in IE/Edge at the request of the NSA and there would nothing to indicate the problem to users. (Make 96 bits of the 128 bit AES encryption key depend on the other 32 bits and the NSA has an easy decryption job.)

11
2

Former GCHQ boss backs end-to-end encryption

Duncan Macdonald

Re: progress - hiding endpoints

If you use Usenet newsgroups then you can hide the destination of a message. A newsgroup message is a one to many broadcast. If a busy newsgroup is used then it becomes almost impossible to detect who is the intended recipient.

4
0

Students smash competitive clustering LINPACK world record

Duncan Macdonald

AMD EPYC

How many P100s could you stick onto an AMD EPYC processor ? (And how big would the case and PSU need to be to handle them all !!! )

2
0

NHS WannaCrypt postmortem: Outbreak blamed on lack of accountability

Duncan Macdonald
Flame

Staging servers - Equipment control

The NHS has a lot of computer controlled equipment that is mission critical (eg CAT scanners). Until (and unless) the supplier of the equipment has confirmed that a particular Windows update is safe, the NHS would be risking the continued use of the vital equipment if it performed an update. (If the supplier has gone out of business or no longer supports the equipment then there is a real problem.) I do not blame the NHS for use of old software for such equipment.

However the NHS also has a LOT of CRAP OBSOLETE software that relies on things like IE6 and ActiveX because no one ever was prepared to pay for it to be upgraded. This is the fault of the NHS and its paymasters who have left it with insufficient money to handle day to day activities let alone needed software upgrades.

6
0

Search results suddenly missing from Google? Well, BLAME CANADA!

Duncan Macdonald
Mushroom

No results for Equustek

What will happen to Equustek if Google complies with this order by not returning ANY results for a query that includes the word EQUUSTEK ?

This will probably kill Equustek as they would lose so much business.

1
2

Researchers solve screen glare nightmare with 'moth-eye' antireflective film

Duncan Macdonald

Not suitable for touchscreen devices

Even a trace of grease from fingerprints is going to be enough to kill the anti reflection property. This would only be suitable for a NON-touchscreen device such as a wall mounted TV.

3
1

Look who's joined the anti-encryption posse: Germany, come on down

Duncan Macdonald
FAIL

Offline encryption ?

If you encrypt/decrypt the messages on an offline system with no internet connection and use a good encryption package (eg OpenPGP) then there is NO way that the messages can be decrypted in real time. (The only decryption that can be done depends on forcing the the key from the recipient - for example by torture.)

11
0

Microsoft founder Paul Allen reveals world's biggest-ever plane

Duncan Macdonald

Re: "1) Starting at 30000 feet instead of sea level - equivalent to over 400 m/s"

Simple - gravitational energy - a body falling from 30000 feet in earths gravity would attain a speed of over 400 m/s in a vacuum. This energy will be provided to the rocket by the plane rather than by burning its own fuel.

The 400 m/s extra from equatorial launch probably includes the gain from not needing the orbital plane correction - the rotational velocity change between the equator and Cape Canaveral is about 200 m/s. I was not sure of the amount of energy consumed by the correction which is why I showed it as ??? .

I am not a rocket design engineer so I did not know how much advantage the reduced atmospheric pressure would give to the performance of the engine so I left this out of the list of advantages.

0
0
Duncan Macdonald

Big advantage - no need for launchpad

Existing large rockets need big expensive launch facilities - with a lot of unoccupied land around to handle the occasional large bang.Doing an air launch over an ocean removes the need for the ground based launch facility. There is also the advantage that the rocket can start in the desired orbital plane rather than having to expend fuel to allow for the difference between the desired orbital plane and the launch site (eg an equatorial orbit when launched from Cape Canaveral wastes quite a lot of fuel due to the launch point being over 28 degrees north of the equator.) For an equatorial orbit there is an additional 200 km/h advantage from launching from the equator rather than Cape Canaveral from the earth's rotational speed.

The speed benefits

1) Starting at 30000 feet instead of sea level - equivalent to over 400 m/s

2) Equatorial launch (instead of Cape Canaveral) - equivalent to 200 km/h

3) Plane velocity - around 200 m/s

4) Orbital plane correction - ??? km/h

There is an additional benefit from an air launch - the maximum dynamic pressure will be reduced as the spacecraft will be in thinner air than for a ground launch for any given supersonic speed.

0
0

BA's 'global IT system failure' was due to 'power surge'

Duncan Macdonald

Access from India

Could it be that the support team that is now in India cannot access the systems to restart them ?

Restart often needs hands on staff to push buttons and enter initial commands.

5
1

EU ministers approve anti-hate speech video rules

Duncan Macdonald

Easy to meet the 30% local content

Just include footage from local traffic cameras - boring as hell - but so what it is local content!!!

(If traffic camera footage is not available for some reason - use videos of cattle or sheep grazing.)

If they want to include "artistic" performances then see if any churches would like any of their services videoed. Also see if local TV news services would like their programs copied onto Netflix etc.

6
2

DJI: Register your drones or no more cool flying vids for you

Duncan Macdonald
Flame

Disposable email address

Anyone who wants can set up a use once and throw away hotmail or gmail account for the registration and use a name and address from the electoral roll. The only people who will be badly affected by DJI are the law abiding majority - anyone intending to break the rules will use a fake registration.

1
0

Flying robots are great... until they meet flying humans, anyway

Duncan Macdonald

In rural areas drone deliveries could be useful to reduce the number of van miles per package. In built up areas there is usually a number of nearby deliveries that can be covered efficiently by a single van but in farming areas a delivery van may have to travel multiple miles between each delivery.

My own proposal - within one mile of an airfield no drones above 250 grams unless operated by a qualified pilot with the agreement of the local ATC - between 1 mile and 3 miles from an airfield drones restricted to 100 feet above terrain (land, trees or buildings) - elsewhere restricted to 1000 feet above terrain. A drone under the direct control of a qualified pilot can exceed these height limits with the agreement of the local ATC.

The 250 gram derestriction allows drones that are too light to damage an aircraft to be used near an airfield - small camera drones can even be used to inspect parts of an aircraft that are otherwise difficult to see (eg tail fins ). (250 grams is less than the average weight of a London pigeon.)

2
0

Mozilla to Thunderbird: You can stay here and we may give you cash, but as a couple, it's over

Duncan Macdonald

Apart from security fixes - why change Thunderbird ?

It works - and its default of blocking remote content is useful for dealing with junk emails.

What useful enhancements can you think of for Thunderbird ?

8
0

M6 crowned crappiest motorway for 4G signal

Duncan Macdonald

Re: Fun fact. -The toll road is useful

I use this road when I am journeying from my home in North London to my relatives on the Isle of Skye. The reduction in journey time and petrol usage more than outweighs the toll charge (which at £5.50 for a car is less than the cost of 1 gallon of petrol - even a HGV is only charged £11.00)

1
0

RootMetrics finds provinces stagger to 4G

Duncan Macdonald

In parts of the UK even 2G is unavailable

In parts of the scottish highlands it is not possible to even make a mobile phone call let alone an internet connection. (In January this year in the town of Portree on the Isle of Skye there were parts of the town with no mobile phone coverage - and Portree is the largest town on Skye.)

3
0

How their GDPR ignorance could protect you from your denial

Duncan Macdonald

Conflict of legal requirements ?

The GPDR requires removal of personal data in some circumstances but audit and other legal requirements often require holding data for years. Audit requirements often need an unaltered copy of a database to be kept for several years. Which takes priority - legal requirements to keep records or legal requirements to delete records ?

5
1

BezosBux: Amazon gets into scrip game with Cash scheme

Duncan Macdonald

Amazon Gift Cards

Why not just use Amazon gift cards - they are available at most major supermarkets and have been for years. I use them to avoid giving Amazon my credit card details.

3
0

WikiLeaks exposes CIA anti-forensics tool that makes Uncle Sam seem fluent in enemy tongues

Duncan Macdonald
FAIL

Re: Attribution is a myth

If you send the data back using a Usenet group then there is no way to tell who the receiver is as news servers propagate the information across the internet. Like broadcast radio it is effectively impossible to tell who the listeners are. The only disadvantage is that the relay time from a message being added to Usenet to it appearing at a distant server can be minutes (or even hours) instead of the fraction of a second for a direct TCP or UDP link.

For example an encrypted RAR file could be added to the alt.binaries.etc newsgroup using GigaNews in one country and then at some future time be read using NewsDemon in another country.

5
1

Windows 10 Creators Update: Clearing the mines with livestock (that's you by the way)

Duncan Macdonald

Re: What MS giveth MS taketh away

If you set the startup type of the Windows Update service to disabled then windows updates will not occur until after you have re-enabled the service (disabling the Background Intelligent Transfer service can stop other unwanted data usage as well). Note - just stopping the service is not enough - the startup type has to be set to disabled or windows will restart it.

0
0

One in five mobile phones shipped abroad are phoney – report

Duncan Macdonald

Re: Oh no!

THL make quite decent Android phones - mine is a THL W8S which for a 4 year old phone has a nice spec and very good display.

3
0

As of today, iThings are even harder for police to probe

Duncan Macdonald

Re: Is bit-rot a real phenomena? - SHOULD

Yes data SHOULD be backed up - however what proportion of users actually back up their data - probably no more than 1% of the users that have not already been bitten by lost data. If Apple (and others) wanted to add a useful new feature to phones (and PCs) - make them do an automatic backup whenever they are connected to the internet by a fast WiFi connection.

0
4

How Ford has slammed the door on Silicon Valley's autonomous vehicles drive

Duncan Macdonald
Mushroom

Security ???

If a link to the CAN bus is provided - will it be a secure read-only link ? If not then it is only a matter of time before rogue (or badly coded) smartphone apps cause crashes as there is effectively zero internal security on the CAN bus.

27
0

Today's WWW is built on pillars of sand: Buggy, exploitable JavaScript libs are everywhere

Duncan Macdonald

Yet another reason to use NoScript

NoScript and AdBlockPlus reduce the amount of Javascript executed in the browser thereby lowering (but not eliminating) the chance of encountering a problem.

20
2

This ONE easy cloud trick is in DANGER. Why?

Duncan Macdonald

Management enforced cost reductions

The worst type of mess to deal with is where the development team was fired to reduce costs. When this happens the documentation (if any) usually is lost at the same time, the status of the applications (development, testing or production) is unknown, institutional knowledge is lost (must run application A before application B etc) and the result makes Internet Explorer look like a perfect program.

If you are given the job of trying to sort out such a mess - do yourself a favor and look for another job (unless you enjoy pain or you can get a VERY high hourly rate).

1
0

Shamoon malware spawns even nastier 'StoneDrill'

Duncan Macdonald

Re: Mitigation?

For effective browser security use a VM running from a Linux live CD ISO. Do not give the VM any persistent storage and restart the VM for each new browser session. If the VM does not have access to any of its host's file system then even the most heavily boobytrapped web site should be unable to cause damage.

5
0

Microsoft wants you to plan a new generation of legacy systems

Duncan Macdonald

Factory automation

For factories with PC controlled equipment, this could be very wothwhile. No one wants to throw out a half million quid piece of equipment because its controlling PC is running an obsolete OS. Many factories have W98 PCs running standalone machines which is acceptable if they are not networked. Modern equipment however is designed to be networked so long term support is highly desired.

5
0

Did your in-flight entertainment widget suck? It's Panasonic's fault, claims software biz

Duncan Macdonald

Panasonic has blocked other third party products

Panasonic blocked the use of third party batteries in some of its cameras which forced the owners to pay through the nose for its own brand. I can easily see it doing the same thing again if it thought that it could get away with it.

See the following article in the reg for more details about the batteries

https://www.theregister.co.uk/2009/06/25/panasonic_battery_drm/

14
0

Frustrated by reboot-happy Windows 10? Creators Update hopes to take away the pain

Duncan Macdonald

Disable Windows Update service

If you disable and stop the Windows Update service then no windows updates will occur until you reenable the service.

Another way of preventing windows updates is to change the properties of each of the network connections to "metered" as windows should not now attempt to download updates over an expensive connection.

Using either of the above methods gives you control of when updates occur.

6
0

Samsung phones, Apple's iPhones are 'overpriced', says top Huawei exec

Duncan Macdonald

Still overpriced

Unless you play a lot of games when the extra graphics power of a high end phone might be justified, there is no point in paying over £200 for a phone. There are a lot of generic Android phones with good displays, lots of storage and micro-SD compatibility for under £200 - only pay more if there is some specific feature that you need or if you like wasting money.

10
0

Boeing seeks patent for mobile device case with built-in fire extinguisher

Duncan Macdonald

Water

A better alternative might be to have a small water container (say 10mm thick) on the top and bottom of the tablet. This would absorb a lot of the heat if a battery failed reducing the impact on the plane. CO2 and/or Halon would not be very effective in puting out a Li-ion fire as such a battery is a self contained firework - it will continue to burn in the absence of atmospheric oxygen.

4
1

Germany, France lobby hard for terror-busting encryption backdoors – Europe seems to agree

Duncan Macdonald

openpgp

There is already strong encryption available - OpenPGP - that is open source so any attempt to insert a backdoor would be easily detected. Anyone that needs strong encryption to evade law enforcement can already obtain it and all the wishfull thinking of the worlds politicians cannot stop it.

16
1

Intel scales Atom to 16 cores, updates Xeon SoCs

Duncan Macdonald

Clock bug ?

Will these chips have a showstopper bug like the C2000 Atom's clock bug?

After the way that a lot of firms were burnt by the C2000 fiasco, I would expect some resistance to the use of the new chips (and probably some very tough contract terms covering any problems).

2
0

Connected car in the second-hand lot? Don't buy it if you're not hack-savvy

Duncan Macdonald

Factory reset - default passwords and security

The factory reset may well be wiping all the customisations and resetting the security - however it is probably also going to reset the access ccodes/passwords/security tokens to the original values. If the original owner did not change them (if possible) on purchasing the car then any of his/her apps that had remote access to the car would still work. For a pre-owened car with remote access to be secure REQIRES the new owner to immediately change the access codes etc or to disable the remote access (eg by removing the antenna or wrapping it in foil).

2
0

Human memory, or the lack of it, is the biggest security bug on the 'net

Duncan Macdonald

Reuse of passwords

Like many people I have a number of accounts - but many of them are for sites like the register where the consequences of a hack are insignificent. For such sites I often reuse simple passwords - for other sites with financial data (eg PayPal) I use strong passwords that are unique to each site.

An easy way to generate fairly strong memorable passwords - concatenate a car registration number, a friends name and the name on a bit of equipment.

eq XNO123SWendyHUDL2 (not a password that I have ever used!!!)

2
0

Evolved DNSChanger malware slings evil ads at PCs, hijacks routers

Duncan Macdonald

Best protection ?

For users about the best that can be done seems to be removing Flash and using NoScript and AdBlockPlus and setting your PC's DNS entries to use Google's public DNS (IP addresses 8.8.8.8 and 8.8.4.4).

The fix that is needed is to for all sites to stop linking to external ad supplier networks - all ads should be hosted on the main sites website and have NO SCRIPTING of any sort. (Possibly the way to enforce this would be to make sites liable for any damage caused by their code or code from other sites that they serve to users)

(If you are on windows 10 and cannot remove Flash from the Microsoft browsers - make yourself safer by using a different brower (Firefox or Chrome) and if you have a firewall with program control (eg Norton) then block IE and Edge from all internet access.)

8
0

Solar-powered LoRa IoT node: Nice idea but it won't replace batteries

Duncan Macdonald

Supercapacitor ?

A supercapacitor can be recharged hundreds of thousands of times. The energy storage in a supercapacitor is tiny compared to that in a battery but should still suffice to keep a solar powered IoT node alive during the night.

9
0

Cheap virtual box hosters – Amazon's Lightsail is out to destroy you (yes, you, Digital Ocean)

Duncan Macdonald

What is the point ?

Unless you have a very intermittent large demand - why use a cloud service?

For any reasonably predictable demand on-site equipment is almost certain to be cheaper (except for web hosting if you have a poor internet connection).

(Taking the pricing given by Platypus in his Yawn comment above - 2 cores 2GB RAM and 40GB SSD works out to $240/year - a new 4 core 4GB RAM 128GB SSD Lenovo B50-10 Laptop can be purchased for £280 on ebay - in less than 2 years this system will cost less that the lightsail setup while being twice as powerful as the lightsail setup. )

Also using an onsite server means that your data is not exposed to the NSA and whichever US companies they feel like selling it to.

5
0

Behold, your next billion dollar market: The humble Ethernet cable

Duncan Macdonald

Only 1 billion ?

With all the cabling in computer centers and connections to desktops/printers/etc I am surprised that the annual cost of the cables is that low. (As always however the cost of the cables is tiny compared to the cost of installing them - routing cables is labor intensive.)

2
0

Search engine results increasingly poisoned with malicious links

Duncan Macdonald

NoScript and AdBlock+

NoScript and AdBlock+ are now essentials for sane use of the internet.

I do not have Flash in any browser that I use - and as I cannot remove it from Edge I have blocked Edge (and IE and Cortana) from any internet access using the program control feature of Norton Firewall.

If an ordinary site is unusable with Noscript or AdBlock+ then I remove it from the sites that I visit.

6
0

Ageing GSM crypto cracked on commodity graphics rig

Duncan Macdonald

Re: Not a problem

The A5/2 cipher is MUCH WEAKER than the A5/1 cipher - it fact it is so bad that the GSM association prohibited its inclusion in new phones back in 2006. The A5/3 cipher is far stronger than the A5/1 cipher and is used in GPRS / EDGE mode. Note if you make a voice call anywhere with a poor signal then fall back to GSM mode with its poor security is likely.

2
0
Duncan Macdonald

Re: Is it me...

If the table is arranged as a ordered list then a binary search would find the answer in no more than 42 reads. With an SSD this would take well under 1 second.

As the rainbow table is not exhaustive (as it is far too small), several bits of the key must be determined by a computation (maybe by brute force) and this is what would take the bulk of the 9 seconds.

(An exhaustive rainbow table would require 2^64 entries - many exabytes.)

9
0

DNS devastation: Top websites whacked offline as Dyn dies again

Duncan Macdonald

Use old cache data ?

If the public DNS servers algorithm was changed to continue to use the entries whose TTL had expired if it was not possible to get a reply from a master DNS server would that have any severe effects ?

(I am thinking of providing responses to users with a 60 second TTL and requerying the master DNS servers at 60 second intervals until a response is received.)

0
1

NSA, GCHQ and even Donald Trump are all after your data

Duncan Macdonald
Mushroom

Waste their time

Send lots of heavily encrypted messages that when decrypted turn out to be bits of the Bible or Koran.

A few non-encrypted message attachments that contain weapon or rocket details extracted from public US documents should ensure that the spooks try to decrypt the rest of the messages. Send the messages to an Iranian embassy for even more amusement.

5
1

Open-source storage that doesn't suck? Our man tries to break TrueNAS

Duncan Macdonald
Thumb Down

Re: @TP

However the performance of 150MB/sec is so low that it cannot support more than one moderate server.

Either the disks have crappy performance or the server has horrible software. The network interfaces would allow for 2 GB/Sec per controller so the network efficiency is only 7.5 percent (or if both controllers can be used together then the network efficiency is only 3.75 percent).

In fact the performance is so low that the 10GbE connections are unnecessary - a bonded pair of 1GbE links could handle the 150MB/sec throughput.

As the system has only a single SSD for the L2ARC then it is only moderately high availability as the performance will degrade badly if that SSD fails - for a true high availability system there should be NO single point of failure

1
0
Duncan Macdonald
Thumb Down

Why hard drives and a storage server ?

With only 3TB of disk storage - what is the point of using a storage server with hard drives. Using 4 local 1TB 850 Pro SSDs would provide far better performance (and even better performance if the application server supports PCIe storage). The best case of 150MB/sec is pitiful compared to even the cheapest consumer SSDs.

3
2

Decade-old SSH vuln exploited by IoT botnet armies to hose servers

Duncan Macdonald

Best fix - DO NOT BUY IoT devices

With the current state of play IoT devices are for IDIoTs.

If for some strange reason you want an IoT device then connect it to a wireless network that has NO connection to the internet.

3
1

Nuke plant has been hacked, says Atomic Energy Agency director

Duncan Macdonald

Re: PDP-11

Training ENGINEERS yes - training COMPUTER SCIENCE GRADUATES no.

Confront a modern computer science graduate with a system with no GUI, code written in assembler and low level C and watch him (or her) run away as fast as possible.

Most (if not all) computer science graduates are unable to conceive of a system that is expected to run UNCHANGED for 20 years.

For critical industrial systems it is far better to get the coding done by engineers than by computer science graduates.

10
0

Firefox to doctor Pepper so it can run Chrome's PDF, Flash plugins

Duncan Macdonald

Re: unsafe at any sandbox

The play/pause/seek/volume buttons can be part of the viewer - not the script supplied by the website. (If Windows Movie Player can implement these functions when playing a .wmv file then there is no reason why a Flash viewer could not implement these functions when playing a Flash video file.)

For most users of Flash - it is only used to play videos. For these users a crippled Flash that completely ignored all the scripting commands would be adequate. (Getting the website to change to HTML5 <video> would be better - but do not hold your breath.)

3
2

Page:

Forums

Biting the hand that feeds IT © 1998–2017