* Posts by Duncan Macdonald

558 posts • joined 20 Mar 2009


Spektr-R goes quiet, Dragon splashes down and SpaceX lays off

Duncan Macdonald Silver badge

UK method is nicer

The UK method does give you time to look for another job while the pay is still coming in. It also allows time to arrange and hold a farewell party if desired.

The bosses do not like it because they are paying money for not much productive work but the (ex)employees have a slightly easier time financially - knowing that the pay will stop in 30 days is easier to deal with than if it stops immediately.

Duncan Macdonald Silver badge

Translations please

When you include a quote in a foreign language - PLEASE include a translation into English (or at least American !!) below the quote.

She will lock you out, livin' la Vidar loca: Enterprising crims breed ransomware, file thief into hybrid nasty

Duncan Macdonald Silver badge

Re: Information

Knowing the motherboard and BIOS version and Ethernet MAC address may give them the information needed for an future attack (some motherboard BIOS versions are vulnerable to crafted Ethernet packets - if the system has Intel "Trusted Computing" - aka NSA backdoor - with default password then you can own the system). Knowing how up to date the PC is with regards to patches gives an indication of how long a new zero-day exploit is likely to be of use against the system. Knowing which type of antivirus package is used makes it easier to design a new attack to slip by the package. The Office version helps in designing attack packages. Etc etc.

Duncan Macdonald Silver badge

Yet another reason to block ads

NoScript and AdBlockPlus (or equivalents) are required for sane use of the internet.

(BTW does the Register check all its ads to ensure that no nasties can creep in ?)

FCC tosses aside rules, treats Google to a happy ending following request for handy tech

Duncan Macdonald Silver badge

So what ?

The power level is tiny - +10dBm peak transmitter power is 0.01watt (10 milliwatts) - 2.4GHz WiFi allows 10 times the power 0.1 watts (100 milliwatts), 5GHz WiFi allows up 4 watts (4000 milliwatts) and 802.11ad (depending on use) allows 10 watts or more (at the same frequencies as the Soli equipment).

This seems to be a reasonable technical increase - the frequency band is so high (around 60GHz) that equipment not designed to operate at those frequencies is unlikely to be affected - this is unlike WiFi where much electronic equipment has components that can operate at the 2.4GHz frequency.

Dell EMC better watch out, HPE better not frown, Chinese server sales are talk of the town

Duncan Macdonald Silver badge

Another nice thought for Intel

The Chinese internal server market might well use the licensed copy of the AMD EPYC from Hygon if ARM is not suitable. Either way Intel loses.

Ho ho ho! Washington DC sends Zuckerberg a sueball-shaped present

Duncan Macdonald Silver badge

Now EU use GDPR

A fine 10% of FB global revenue (note revenue NOT profits) would be a good extra to add to FB woes.

They say software will eat the world. Here are some software bugs that took a stab at it

Duncan Macdonald Silver badge


Mismanagement is the number one cause of software problems. There is an old rule for all types of engineering (including software) - Fast, Cheap, Good - pick any two.

If you want Fast and Good then you need to pay for a top flight programming team.

If you want Cheap and Good then you need to allow a lot of time to testing and bug fixing before release.

If you want Fast and Cheap then you must accept that the quality will not be Good.

With most systems the (mis)management choose Fast and Cheap - and then express surprise that the result is not Good.

A side note -

Any program that accepts user input must assume that the input is malicious until proven otherwise - input data must be checked for correctness before being acted on. This old principle of defensive programming seems to have been almost completely disregarded in modern software.

Amazon robot fingered for bear spray leak that hospitalised 24 staffers

Duncan Macdonald Silver badge

Re: Risk assessment

WRONG - there should be as little as possible human contact with dangerous substances. Humans routinely fumble and drop items. For human safety keep them as far away as practical from dangerous chemicals.

Also it is worth noting that bear spray is not a very toxic material - it is very irritating but does not normally cause long term damage.

Falcon 9 gets its feet wet as SpaceX notch up two more launch successes

Duncan Macdonald Silver badge

Re: How do you launch 64 satellites from a single rocket?

Spring loaded - the satellites are loaded into spring loaded boxes and the door on the end is opened.

The standard CubeSat deployment box can handle satellites that are 1U (10x10x10cm) 2U(20x10x10cm) or 3U (30x10x10cm). One deployment box can handle 3U in total (one 3U or 1 1U and 1 2U or 3 1U). Multiple deployment boxes can be carried to allow for deployment of multiple satellites. Unlike the deployment mechanisms for bigger (and much more expensive) satellites, these simple deployment boxes usually leave the CubeSats tumbling after release.

(CubeSats are limited to 1.33kg/2.66kg/4kg for 1U/2U/3U sizes)

Apple heading for Supreme Court showdown over iOS App Store 'monopoly' gripe

Duncan Macdonald Silver badge

Re: BTW: What is Google's cut of app sales at the Play Store?

However Android app developers can sell apps outside the Google store and some do. It is also possible to install an old version of an Android app from an apk file if you do not like something about the current version. (In my case I prefer the UI of an old version of Aldiko (a bookreader app) so I have the old version installed and do not update it.)

Duncan Macdonald Silver badge

Alternative App Store

If Apple allowed ordinary users to install apps from other stores then there would be no case against Apple. It would be perfectly possible for Apple to allow third party stores with a warning (just like Android gives a warning when installing an apk from a third party). However Apple makes a lot of its money from its app store so it will not give users the choice until it is forced to. (After all if it lost then it might find its share price dropping !!!)

It would not surprise me to find Apple trying to find out how much it takes to bribe a group of judges.

Comparison sites cry foul over Google Shopping service

Duncan Macdonald Silver badge

FairSearch !!

Counsel for FairSearch, which represents the sites Naspers and Oracle.

The sole legal control and the majority of the funding for FairSearch comes from Oracle and Naspers.

(See https://www.politico.eu/article/oracle-naspers-fairsearch-google-lobbying-europe-antitrust-android-competition-margrethe-vestager/ for details.)

Net neutrality is heading to the courts (again): So will the current rules stand or be overturned (again)?

Duncan Macdonald Silver badge

Hoping for sanity from the US Government

Is like hoping to win the top prize on EuroMillions (except that the chance is much higher with EuroMillions (1 in 140 million not 1 in a googolplex)).

OnePlus 6T: Tasteful, powerful – and much cheaper than a flagship

Duncan Macdonald Silver badge

No headphone socket - no sale

The Pocophone F1 is much cheaper - basically the same innards and does have a headphone socket.

Between you, me and that dodgy-looking USB: A little bit of paranoia never hurt anyone

Duncan Macdonald Silver badge

Re: USB bricker?

That is why I was saying zener diodes - a typical USB bricker sends a high voltage negative pulse down the data lines. Because of the small space in a typical USB key the actual energy is unlikely to exceed one joule per pulse. For a negative pulse a protective zener diode will be forward biased and will easily clamp the voltage to under one volt without being strained. (A discrete zener diode is a lot less fragile than a sub 1 micrometer transistor in an integrated circuit.)

(For a positive pulse a 5.5v zener will clamp the spike voltage to under 6v which is still low enough to protect the ICs.)

Duncan Macdonald Silver badge

A paranoid mount option ?

What is needed is a paranoid mount option for USB devices - the OS would report to the user what the device says it is but would not execute any code on the device. If the device presents as having storage then a full virus scan would be executed on the storage and the results displayed. The files (if any) on the device would not be accessible until after the virus scan and the user acceptance of the scan result.

To allow for the possibility of a USB bricker device, all data and power lines should be protected by zener diodes (clamp data to +5.5v/-0.6v and power to +(maximum charging voltage +1 volt)/-0.6v)

YouTube supremo says vid-streaming-slash-piracy giant can't afford EU's copyright overhaul

Duncan Macdonald Silver badge

Re: So what?

I watch a lot of YouTube videos - and as far as I am aware none of them are pirated. A badly thought out copyright rule may remove one of my best forms of entertainment (certainly better than the rubbish on TV). There are also a lot of instructional videos on YouTube - if they are removed because of the EU copyright rubbish then that will harm a number of people who use them.

A number of media firms use extracts or single songs on YouTube to advertise their products (Sony and UMG are among the companies doing this).

YouTube is also the shop window for a number of media companies who use videos on YouTube to show their capabilities to potential new clients.

There is also a lot of performances of out of copyright songs uploaded by the performing artist.

There is an old rule in law which should be applied - it is better that 10 guilty men go free than one innocent man be jailed.

(Most of the current commercial films and music is so bad that there is no point in pirating it - even party political broadcasts are better!!!)

Intel peddles latest Xeon CPUs – E-series and 48-core Cascade Lake AP – to soothe epyc mygrayne

Duncan Macdonald Silver badge

Re: 6 cores vs 32 ??

Only the E 2100 series is available at the moment - the CLAP series are not due before 2019.

I was therefore comparing what is available (as something other than a PowerPoint presentation!!).

(The correct comparison with the top of the E 2100 series is a Ryzen 2700X not EPYC.)

Duncan Macdonald Silver badge

6 cores vs 32 ??

The EPYC has up to 32 cores, up to 2TB max memory and 128 PCIe lanes vs up to 6 cores and 64GB (128 GB later) and 16 PCIe lanes for the E 2100 series.

(Even the Threadripper 2950X has 16 cores, up to 1TB memory and 60 available PCIe lanes.)

The only advantage of the E2100 series is a higher clock frequency - for most server workloads this will fail to meet the performance advantage of the extra cores of the Threadripper let alone the EPYC.

The E 2100 series is NOT a competitor to the EPYC - it is not even much of a competitor to the Threadripper 2950X.

Bird, Lime, and Xiaomi face scooter sueball

Duncan Macdonald Silver badge

Blame the manufacturers ?

As both Segway and Xiaomi make the devices for personal non-commercial use and provide instructions that the commercial operators are not following (inside storage and inspection before use), I do not see what blame should be attached to the manufacturers. Their inclusion in the lawsuit seems just to be a way to hopefully get a bigger payout than is justified.

Blaming the manufacturers in this case is like blaming the maker of a sailing dingy because it sunk when the idiot user tried using it in a grade 5 hurricane.

EU Android latest: Critics diss Google's money-spinning 'cure'

Duncan Macdonald Silver badge

See who the critics are

Mainly paid by Microsoft which does not like the facts that Bing is third rate compared to Google and that Android phones succeeded where Windows phones failed.

From M$ perspective the "correct" outcome is for users to be forced to use Bing.

(At the moment the search engine use is about 10 to 1 in favor of Google - the reason being Google does it better and has less crud on its home page.)

The Chinese are here: Xiaomi to bring phones to the UK next month

Duncan Macdonald Silver badge

Pocophone F1

I hope the store will be selling the Pocophone F1 (esp the top version the 8GB/256GB Armoured Edition)

Ad blocking. All fun and games – until it gets political: Union websites banned by uBlock Origin

Duncan Macdonald Silver badge

Re: Filter lists suck

As I prefer NOT to run code from untrusted sites on my computer. I will accept the tradeoff that some sites are unusable.

With many millions of sites on the internet, any information that I want to get can normally be found on sites that still work without Javascript.

NoScript and AdBlock Plus (or equivalents) are a necessity for sane use of the Internet these days.

(As IE and Edge do not have good equivalents I do not use these browsers (and I have used the program control feature of the NIS firewall to deny them access to the internet).)

Duncan Macdonald Silver badge

Re: Filter lists suck

So your sites will never be used by me.

I use NoScript which blocks all Javascript from sites not on my whitelist.

If for some reason I have to use Javascript on a site that I do not trust then I fire up a VM with Linux running from a virtual CD (no hard drve). This way no matter how malicious the Javascript, it cannot damage my system. (Also all cookies and other tracking items are automatically deleted when the VM is shut down.)

RIP Charles Wang: Computer Associates cofounder dies aged 74

Duncan Macdonald Silver badge

Pity they met

If Wang had never met Russell Artzt then the world might have been spared Crap Alot.

So, about that Google tax on Android makers in the EU – report pegs it at up to $40 per phone

Duncan Macdonald Silver badge

Re: Locked out forever? - NO

The Google Play Store apk has been available for a long time - grab the latest version onto the phone and run it to install Play Store.

(Google wants as many people as possible to use the Play Store so they make it easy to install on Android phones that do not have it (some of the Chinese builds).)

Duncan Macdonald Silver badge


Main backer Microsoft (which runs the third rate Bing search service among its other products).

Is it surprising that they complain about Google ?

Well slap my ass and call me Judy, Microsoft's Surface Pro 6 is just as hard to fix as the old one

Duncan Macdonald Silver badge

Battery lifetime?

As it is non-repairable, as soon as the battery fails the device is landfill. (Maybe it will work connected to a power pack - however failing lithium ion batteries have been known to cause fires so it would not be trustworthy.)

This means that the Surface Pro has a life less than my £200 Android phone (a 2013 model THL W8S with a user replaceable battery).

The only good Microsoft hardware products have been peripherals (mouse, keyboard, joystick etc).

Stroppy Google runs rings round Brussels with Android remedy

Duncan Macdonald Silver badge

Re: Holding action - wrong

To update the full Android system on a phone needs a build of Android customized for the hardware on the phone - for example the kernel is different on a phone with a Snapdragon chip compared to on with a MediaTek chip. To produce a full upgrade for a phone needs knowledge of what hardware is in the phone (and in many cases the private key of the manufacturer to allow the upgrade to be permitted). Google provides the sources for the kernel upgrades but cannot compel the manufacturers to implement them.

Google has moved as much of the Android system as possible into a separate blob that it can update because the manufacturers were not updating the bits they had control over.

The march of Amazon Business has resellers quaking in their booties

Duncan Macdonald Silver badge

Amazon is like a very big supermarket

And just like the supermarkets wrecked the high street shops, Amazon is now wrecking the supermarkets.

In many cities there are only 2 ways for small shops to survive - one to sell a service rather than a product (eg hairdressers) or to provide goods in a more accessible manner than supermarkets (local shops with extended trading hours).

Amazon (and eBay) are taking the expansion prospects away from supermarkets. Supermarkets will continue to exist for products such as food but the high price items that they hoped would bring bigger profits (electronics etc) will instead be bought on Amazon or eBay.

AI's next battlefield is literally the battlefield: In 20 years, bots will fight our wars – Army boffin

Duncan Macdonald Silver badge

Re: In 20 years, US bots will fight wars against whom?

Israel has a technological lead - the Arab states have far more manpower (Egypt alone has over 11 times the population of Israel). Several of the Muslim groups have the destruction of Israel as part of their stated policy. If it were not for the slightly veiled threat of Israel's nukes then the surrounding states could destroy Israel with a human wave attack (or with biological weapons).

The MAD in this case is between Israel's nukes and the huge numerical advantage of the Arab states.

Duncan Macdonald Silver badge

Re: In 20 years, US bots will fight wars against whom?

What do you do against an opponent for whom MAD is an acceptable scenario?

You have 2 options

1) leave the opponent alone (and hope that Father Time or internal rivalries remove the opponent)

2) do a successful first strike (risky)

At the moment there is a worldwide MAD setup between the USA, Russia and China

There is a more limited MAD setup between Israel and the surrounding Arab states (if Israel looks like it is going under then it will nuke as much as possible of the Arab nations)

Basic MAD setups have occurred throughout history - where 2 opponents were sufficiently well matched that the result of a conflict would be that both were weakened (possibly to the point where a third party could conquer one or both).

I find your lack of faith disturbing, IBM: Big Blue fires photon torpedo at Pentagon JEDI cloud contract

Duncan Macdonald Silver badge

Single Bidder

For once the US government is showing some sense - when things go wrong they do not want multiple contractors pointing fingers at each other rather than solving the problems. Also there is a (slightly) higher chance of compatibility between the various systems if they are all provided by the same vendor.

Having 2 or more main suppliers that hate each other is a quick route to failure.

Surprising no one, Google to appeal against European Commission's €4.34bn Android fine

Duncan Macdonald Silver badge

New search engine ???

To provide a search function as good as Bing let alone Google requires a huge expense and a lot of time to populate the search engine. No new startup can hope to compete as a general search engine.

All that the court cases can do is to decide if Google or Bing is the dominant search engine. (My firm preference is for Google.)

Perhaps what Google should have done is to explicitly say that Android is not free but is paid for by the inclusion of the Google apps.

Location, location, location... technologies under the microscope

Duncan Macdonald Silver badge


For retail environments, a combination of tracking people by CCTV and identification by one of the other means (eg WiFi at the store entrances) could give good accuracy of what parts of the shop customers visit. Pairing this with WiFi by the checkouts could enable the linkage from WiFi to credit card numbers and from there to peoples name (with suitably placed cameras to catch the face of the credit cards).

Oracle cloud supremo Thomas Kurian extends temp leave to the heat death of the universe

Duncan Macdonald Silver badge

Re: Cloud is crucial to Oracle? I doubt that is really the case.

When did ANY Oracle product get stellar (or even good) support?

Oracle's problem is that many of its customers realize how badly Oracle gouges them and have been looking for alternatives. Other databases (and their tools) have got good enough that for many users moving away from Oracle is now possible. Even where moving existing applications is not currently viable, it is perfectly viable to make new applications (especially Cloud ones) use other suppliers products.

Sensible users will not want to extend Oracle's grasp on their organization by using Oracle's Cloud - even M$ is a better bet.

Intel boss admits chips in short supply, lobs cash into the quagmire

Duncan Macdonald Silver badge

Revenue increase ?

How much of the revenue increase is because of higher prices caused by the shortage?

(Shades of the old DRAM price gouging - drop the supply 10% - increase the price 50%)

Congrats on keeping out the hackers. Now, you've taken care of rogue insiders, right? Hello?

Duncan Macdonald Silver badge


There is someone who trusts Cisco software!!!

Duncan Macdonald Silver badge

Infrequent activities ?

Some jobs are only done infrequently (once per quarter or once per year or on an ad-hoc request). For an automated system to detect abnormal access but not give false alerts on infrequent valid access will be very difficult if not impossible.

Also the case of worker 1 being unavailable for some reason and worker 2 having to take his/her place on a temporary basis will cause a big change in the access patterns for worker 2.

There is also the question of who does the automated system report to - if the bad actor is the one who receives the reports then the system becomes useless.

Tick-tock, tick-tock. Oh, that's just the sound of compromised logins waiting to ruin your day

Duncan Macdonald Silver badge

Regular Training !!!

In most organizations, trying to get the bosses to pay for one off training is almost impossible and regular training is beyond a pipe dream. Also have fun trying to give the bosses security training - most will not agree to attend and those that do will not listen (or be able to understand).

Remember also most organizations try to use the cheapest workforce that they can get - do not expect the average minimum wage worker to understand security even if given a lot of training.

Any real life security system needs to cope with low IQ users who have had minimal training.

The grand-plus iPhone is the new normal – this is no place for paupers

Duncan Macdonald Silver badge
Thumb Down

Typical Apple

Selling overpriced tat to idiots.

Like a Rolex watch it says that the owner can afford to throw money away.

GDPR v2 – Gradually Diminishing Psychotic Robots: Brussels kills Terminator apocalypse

Duncan Macdonald Silver badge

Autonomous weapons

Have been around for ages - booby traps and area denial weapons (mines etc).

What is the real difference between an explosive triggered by an AI and an explosive triggered by a tripwire or motion detector.

High tech autonomous weapons already exist in the form of point defense weapons - once these weapons have been set to the armed state, anything that meets their threat definitions will trigger a response. (These systems often NEED to be autonomous due to the very short engagement window - human response is far too slow.)

What needs to be blocked (if anything) is AI controlled weapons that can move without human command.

Microsoft: You don't want to use Edge? Are you sure? Really sure?

Duncan Macdonald Silver badge

Block IE and Edge

I use the program control feature of the NIS firewall to block both of them (and Cortana) from Internet access. Until IE and Edge get a working equivalent of NoScript and AdBlockPlus, they are not safe for use on the Internet. Disabling them removes one of the biggest attack vectors on Windows 10.

Article 13 pits Big Tech and bots against European creatives

Duncan Macdonald Silver badge

As usual Andrew hates Google

See title

I hope that the EU Parliment has the guts to reject this directive again.

Nope, the NSA isn't sitting in front of a supercomputer hooked up to a terrorist’s hard drive

Duncan Macdonald Silver badge
Black Helicopters

Re: If both Apple and Google refuse to cooperate

A few unfortunate accidents or illnesses to the objecting directors or their families - the policy would soon change.

Duncan Macdonald Silver badge
Black Helicopters

Clipper ? - Intel ME

The Intel Management Engine looks to be the modern replacement for the Clipper chip.

Full snooping on the whole memory - internal network capability - able to override the OS - hidden source code (probably only shared with the NSA).

Almost all online Intel based computers with the Intel ME can almost certainly be controlled by the NSA if they wish. Secure encryption and decryption MUST be done on an offline computer with no network connection.

Huawei elbows aside Apple to claim number-two phone maker spot

Duncan Macdonald Silver badge

Re: "a 10% rise in food prices due to the weather"

The BBC has an article that says that food prices in the UK will increase by at least 5% due to this years weather - see https://www.bbc.co.uk/news/business-45317023 for more details

Judge bars distribution of 3D gun files... er, five years after they were slapped onto the web

Duncan Macdonald Silver badge

Why bother

The latest estimates say that there are more firearms than people in the US (and FAR more than the number of sane adults). Stopping the manufacture of a few crap guns when the full CAD files for guns such as the AK47 are readily available does not make any sense except as a bit of poor theatre.

Google shaves half a gig off Android Poundland Edition

Duncan Macdonald Silver badge

Old Linux ?

How many people remember the early days of Linux when it would run well on a 386 with 8MB ?

(OS, X windows, X term all fitting easily into 8MB)


Biting the hand that feeds IT © 1998–2019