* Posts by John Smith 19

16327 publicly visible posts • joined 10 Jun 2009

Police procurement deal means cops pay more

John Smith 19 Gold badge
Joke

Police on the receiving end of an extortion racket.

That is all.

PLCs a prison vulnerability: researchers

John Smith 19 Gold badge
Unhappy

@Rocketman

"If you don't have physical security for your control systems then you don't have security."

It's the little things. Household alarm boxes tend to have a microswitch wired to the cover to trigger the alarm if someone takes off the lid.

But how many "Professional" alarm systems put something like that on all the *junction* boxes?

If you have a lot of people with lots of people with time on their hands and a *real* interest in breaking the system (IOW the prison population) you'd better plan for defense in depth.

John Smith 19 Gold badge
Happy

@Charles Manning

"But are prison security systems really built with over-the-counter PLCs? I'd have expected them to be controlled by access control systems."

What did you think these "Access control systems" *are* built out of?

Custom CPU boards?

Custom PLCs?

These companies are *primarily* systems integrators of pre built hardware. The ability to do this *properly* is a significant skill but as always if someone can identify the hardware used they'll be a manual for it somewhere.

Swede cuffed for cooking nuclear reactor on kitchen stovetop

John Smith 19 Gold badge
Happy

AC@ 00:43

"Had an argument with someone a while back about the legality of a nuclear coffee table, seems that even a non functioning but authentic looking device will get you a visit from the MiB'"

There is usually quite a difference between "authentic looking " and "non functioning "

"authentic looking " could be viewed as a piece of creative art.

I'd be *very* surprised if you could get a "non functioning " physics package anywhere.

But either way some people might find it a tad provocative.

SpaceX set to send supply ship to ISS in November

John Smith 19 Gold badge
Happy

@Andus McCoatover

"That's SERIOUSLY quick development!!! →"

I would caution people that docking will only go ahead if *all* tests in the first part of the flight are "nominal". Any under or over performance would be grounds for NASA pulling the plug and Dragon returning to earth.

The original Dragon launch was Dec1 2010 and the COTS2 launch was scheduled for around June this year but then reports started to surface that the final date for changes had been put back and Musk stated they were hoping to merge the COTS 2 & 3 flights together.

I guess the sticking point was Spacex's view that if you meet all the milestone in 2 flights but do it in 1 flight you should receive *all* the milestone payments (seemed fair to me but this is the US govt they are dealing with).

Note that a lot of this will be down to Spacex's pre-planning. If you *know* ahead of time you're going to want to go crew rated you put in the wiring and plumbing during the build as *standard*, along with the mounting hard points for seating, control panels etc.

They make a point that *all* Dragon capsules have a window. Point is if you leave it out of the cargo version you now have two *door* designs to design/test/manufacture and keep in inventory. Why bother?

I suspect that the understanding of the *true* cost of having multiple versions of stuff, and the savings to be had by just stacking multiple *copies* (or different sized versions of the same stage) together are *key* features of why they have done so much at *relatively* low cost so quickly.

Note that this will *not* be the crew rated Dragon as it won't have the launch abort system, which they've only been funded for since April this year on a 30 months schedule. That said it's not impossible they may have already started to work up to it and try out a few bits and pieces on Dragon. *Provided* the core test are successful Spacex usually try a few extra test maneuvers of their own. IIRC they had a go at putting the 2nd stage onto a GTO for COTS1

John Smith 19 Gold badge
Boffin

@ravenviz

"Shouldn't they try docking with something else first? Or at least do a dry run?"

No. COTS1 was the dry run for launching Dragon.

They've just spent several months getting NASA to *allow* 2 flights to be merged into 1.

There's this thing called computer simulation that allows people to practice doing things *before* they do them. Spacex have probably run 100s of these *already*. They will run quite a few more before launch.

BTW Both the European ATV and Japanese HTV docked with ISS on their *first* launch.

John Smith 19 Gold badge
Happy

AC@19:28

Spacex has a multi-billion dollar supply contract to the ISS and Dragon can carry cargo and humans. It's the *only* US transport that was designed to do this.

The last Russian price for a Soyuz trip is $60m a *seat*. Spacex are talking $80-100m for the *whole* package.

They've also got Bigelow's "space hotel" models on their launch manifest.

Dragon was not developed *just* for NASA use.

John Smith 19 Gold badge
Thumb Up

the early indications were it was going to take off late October and dock about Dec 8th

Looks like they have negotiated with NASA to knock that down a bit.

I wonder if they managed to get the payment for *both* the flights. Given up to now it's been payments for milestones reached they deserve them.

it will be slightly over 1 yr from the 1st Dragon flight to that point, which is pretty impressive.

Still no word on first launch of its Taurus2 competitor.

Russia: 'We'll dump the ISS into the sea after 2020'

John Smith 19 Gold badge
Happy

AC@10:02

Assuming you're not a troll let me explain.

There is *no* launch vehicle that is a)crew rated and b) big enough to hoist a *returnable* crew rated payload to geosynchronous orbit. Communications satellites go on *one* way trips to that orbit. ISS is at the *top* of the Shuttles altitude range and was part of the reason for the development of the "Super Lightweight" version of the expendable tank. This disregards a slowish trip through the inner Van Allan radiation built at c 1000 Km.

Doing it is a problem in physics and engineering but doing it *repeatedly* in an affordable and *reliable* manner is a very difficult problem in economics. the last mission BEO which *returned* was "Stardust". You might like to find out how it came down.

Spacex have talked of a for profit "Apollo 8" style trip on their Dragon capsule on Falcon Heavy (multiple orbits of the Moon, then return) which *would* be in the same sort of delta v range *but*

a) Falcon Heavy has not flown yet (Simple fact. No reason to think it won't or at the predicted performance level)

and

b) Dragon is not crew rated and will need a dozen safe flights and a fully tested crew escape system before it is. The crew escape system is funded (by NASA) and in progress. Again there is no reason to think Spacex cannot deliver what is needed at the spec required.

The US went to the moon 40 years ago. it shut down production of the Saturn V in 1968. The NASA designed SLS is not expected to fly a crewed mission before 2021 (*if* NASA *keeps* its existing budget and it does not get cut. You may have heard the US Govt is on a bit of an economy drive at the moment).

If you know of a large, capable, relatively inexpensive crew rated launch vehicle that can fly this mission and is in production you should talk to NASA.

John Smith 19 Gold badge
Happy

@Alan Firminger

"Until another nation gets people into space and back, the Russians have their foot on everyone else's windpipe. Just like keeping Europe warm in winter."

Well that will depend if Spacex can achieve 12 successful cargo deliveries to ISS *and* complete the crew rescue system on the budget NASA has given them

If so they estimate they will be ready to carry people by Oct 2013 or April 2014 at the latest.

That's a big *if* of course. Other options will be the crew rating of the Atlas V for Dragon, CST-100 or the NASA MPCV

The NASA SLS is looking at a first crewed flight for MPCV in 2021, given present NASA budget levels. Presumably by then a crew rates MPCV will exist for it to carry.

Of course Europe *could* upgrade its ATV design to human rating and add a heat shield to support down mass. Something like the ARD.

John Smith 19 Gold badge
Happy

@Beachrider

"FWIW, the Russians have supported the ISS better than the EU. I am always amazed at EU pundits taking swipes at the commitment of Russia and the USA when the EU commitment is SOOOOO much softer and SOOOO much less money."

You might like to keep in mind that Thales Alenia based in Turin, Italy *built* 1/2 of the habitable volume of ISS.

http://www.thalesaleniaspace-issmodules.com/

They are also building the pressurized section of the OSC Cygnus cargo carrier based n the MPLM. Now due to have it's *sole* test flight sometime in Q112 on the 2nd flight of the Taurus2 launcher.

Eliminating the European, Japanese and Russian hardware contributions would leave a pretty small station.

John Smith 19 Gold badge
Happy

AC@08:58

"CERN loves the attention, but there are more international science facilities than it, that we (well, you) the British taxpayers fund :) ILL, ESRF, ITER, ..."

Thank you. I suspected there were more but I was not sure. ITER is the only one I recognise though.

John Smith 19 Gold badge
Happy

Hmm. 1 upvote but *two* downvotes.

Care to explain your complaints?

John Smith 19 Gold badge
Happy

@pete 2

"Compare that with the scuttle. Not only is it expensive to build,"

"The funding profile allowed by the OMB was *completely* unlike any real large scale project."

"but it costs a packet to service between each flight. That's what killed the concept: its high maintenance costs and long turnaround times."

The maintenance cost is an *outcome* of the development budget. It is *no* accident.

"In fact the shuttle has cast a long shadow over american space development. Even 40 years ago there were plans for much more fuel-efficient aerospike engines"

Not just plans. A 250 000lb thrust H2/O2 (not flightweight) was built and ground tested. A later 25Klb flight weight engine was tested by the UASF but severely damaged in ground tests. It's probably sitting on a shelf in a back office somewhere.

But MSFC *wanted* to go with staged combustion as *all* Russian engines of the time used it and they had *no* experience of it. The USAF had using storable propellants. Turns out using LH2 is *much* harder than a Hydrazine.

"and better solutions than ceramic tiles as reusable heat shields. "

NASA's *absolute* insistence on the *lightest* weight TPS (partly because neither engine mfg delivered what it was *expected to deliver in performance) made tiles the winner. Everything was sacrificed to this.

"Sadly, projects like VentureStar were canned in order to keep the pork flying"

Wrong. X33 allowed LockMart to hoover up c$1.1Bn which should have gone to companies with *no* existing launch vehicle to protect and who would have been *very* motivated to deliver a working design. Instead LockMart played the procurement process like a violin and strangled *effective* competition at birth. NASA did that to themselves.

"If the right people had made the right technical decisions some time around 1970,"

Nixon wanted to kill the space programme. He took his VP's report and threw away *everything* but the Shuttle.

" there could now be a much cheaper space programme, regularly flying SSTOs to multiple in-orbit destinations - possibly even further. "

We'll never know. So deal with what the situation is now.

"The whole space programme was only ever about appeasement: either the population, the media, the aerospace industry or local politicians."

Otherwise known as the stakeholders. US citizens were *never* one of those groups, they were just meant to fund it.

A little history helps to understand where you're going and why you got here.

John Smith 19 Gold badge
Happy

Possibley the *bigger* news

NASA look closers to letting Spacex combine their 2 test missions.

This has been ongoing (IIRC) since late when the NASA administrator announced in a press briefing he was going to have meeting about that decision the following day.

I guess at NASA you have to have a meeting about having a meeting to decide something. Not quite the "We always ended a meeting with a decision" approach of Apollo/Saturn.

Incredibly combining 2 short missions seems to need a 6 week mission instead.

But it's still a (small) step forward.

John Smith 19 Gold badge
Boffin

There *are* alternatives.

Firstly the US *owns* the ISS (AFAIK but IANAL). But in space it would appear *access* is 9/10s of the law.

There have been *proposals* to operate it as a "National Laboratory" (although AFAIK all the US ones in this category are involved in nuclear research) or for the more internationalist view to convert it into an international facility. The nearest equivalent of which seems to be CERN (are there others?)

Note that despite *all* that money spent the US came to closed cycle life support *very* late in the game and AFAIK most of their work has drawn *heavily* on Russian work in this field, making ISS water *the* most expensive bottled water in the solar system at c $15000/litre.

Relocating it to Geo is a lousy idea unless you're really going to configure to act as a construction base for a power satellite, but you now have a re-supply and a radiation problem to deal with.

An interesting notion would be to put it in a cyclic or "elevator" orbit between the Moon and Earth, picking people and stuff up for dropping off at the Moon. I think Buzz Aldrin suggested this (and something like it has come up in a Stephen Baxter novel?)

Making it happen *without* a huge bill for new hardware development would be the tricky bit.

AFAIK ELV fairings *are* big enough (now) to accomodate new modules for the design. Weather it would be cost effective to use them is another matter ("Cost effective" in the terms of govt programme is a bit different to what normal people are used to).

John Smith 19 Gold badge
Happy

@404

"They wasted no time at all stripping the remaining shuttles to be sent to museums..."

Calm down dear.

NASA is on a tight schedule.

Where do you think they will be getting the SSME's for the first 4 SLS launches from?

Anonymous hacks US gov contractor, airs dirty laundry

John Smith 19 Gold badge
Happy

Anyone *heard* of mantech before?

Just asking.

Although I think they're about to get a lot more famous.

Hope they aren't computer security specialists.

DIDO: snake oil or wireless salvation?

John Smith 19 Gold badge
Happy

My BS detector is pinging.

My 2nd thought was "An AP for every users."

An Australian Politician for *every* user.

I never knew Aus had so many of them.

'Missing heat': Is global warmth vanishing into space?

John Smith 19 Gold badge
Joke

"compared the empirical evidence against six climate models."

Crikey. Compared *actual* data with the soothsayers prognostications.

He is an unbeliever

Burn him!

BSkyB hands out £1bn, board backs James Murdoch

John Smith 19 Gold badge
Joke

@Mike Richards

"Perhaps they'd like to start paying some tax on their income?"

Oh now come on old boy that's a bit harsh.

Paying taxes as *well*.

Besides, Junior's probably started putting a bit aside in case of any "unexpected" legal bills due to practices that *might* come to light (but which he was *wholly* unaware of) while running his part time job at News International.

World first: UK boffins print out working 3D aeroplane

John Smith 19 Gold badge
Happy

@Disco-Legend-Zeke

"...a similar printer can use water in an inkjet print head to moisten clay microparticles."

That suggests something fairly temperature resistant but very light.

It also offers the possibility of closed cell cavities so water resistant as well.

John Smith 19 Gold badge
Happy

An internal laser printed isogrid.

I think it might also be the *smallest* laser sintered isogrid anywhere.

BTW one of the DIY versions of these machines uses 25lbs of sugar for the working material.

Ingenious and I imagine quite tasty as well.

No doubt BAE will stick 3 noughts on the price and try to sell it to the MoD.

John Smith 19 Gold badge
Happy

AC@ 17:27

"Could it be that CAD and manufacturing techniques aren't as good as the Old Ways?"

No. "The old ways" or "coach building"included shimming bits that were borderline into place and regular use of the rubber headed mallet. It's called "panel beating" for a reason.

It's also why the tolerance buildup on each aircraft made *probably* up to 1970's varies widely.

CAD systems expect straight lines to *be* straight and curved lines to be *exactly* curved. They work.

It seems BAe did not realise this on the Nimrod MR4 balls up, designed *all* their jigs to fit the first aircraft and (OMG who'd have thunk it) they did not fit the *second*.

Cabinet Office government-by-Facebook plans probed

John Smith 19 Gold badge
Unhappy

@BTCustomer

"How do they propose to keep my data out of the clutches of the US Patriot Act?"

Simple.

They don''t.

They are probably not even *thinking* about it.

John Smith 19 Gold badge
Mushroom

"an independent, trusted provider "

"independent" as in a US based privately held corporation subject to the PATRIOT act.

"trusted" as in headed by a CEO who believes the *idea* of privacy is nonsense.

It would seem Maude has proposed this because

a) He is deeply ignorant of information security and data protection but has been promised that this will save the UK govt lots of money

b) The data fetishist civil servants (those with that pathological desire to know *everything* about *everyone* 24/7) behind the National ID Card (or rather the National ID *Register* which was the cradle-to-grave surveillance tool) have been telling him what a good idea it would be, fight against terrorism, crack down on benefit scroungers etc.

or both.

No need to ask no need to know summed up the ID card but with Facebook sniffing round might I suggest something shorter.

"Facebook. F**k right off"

John Smith 19 Gold badge
Thumb Up

@Is it me

"Hmmm, wasn't that what the National Identity Card was all about, but this time the government wants it done by Faceless American corporations or two faced banks."

Exactly. Although last time they wanted IBM to handle the database.

John Smith 19 Gold badge
WTF?

Facebook an "open platform" like Windows

Icon expresses the level my jaw dropped when I saw that.

UK's first Stealth fighter in successful catapult test

John Smith 19 Gold badge
Happy

@Jmeu

"I think European countries should stop dreaming about that powerpoint plane and look at plane whose abilities are proven "

True

But none of those are made by BAE.

Who will play "We *must* protect British jobs at *all* costs" card as usual.

After all it beats building stuff other countries want to buy.

MPs slam government's 'obscene' IT spend

John Smith 19 Gold badge
Flame

7-10x *more*

Not just a *little* more expensive.

7-10x more.

I like the title of the report but *boy* did it take a long time to work out *that* bit of (what It'd like to think of as) "Common " sense.

Koreans produce $3m glow-in-the-dark dog

John Smith 19 Gold badge
Happy

"substituted with genes that trigger fatal human diseases"

The perfect Ninja attack weapon. Give the killer mutt to your enemy and go off on a business trip while arranging to have said hound fed with the special doggy treats converting it into a lethal biological weapon.

Alternatively the perfect gift for parents who suspect their offspring have too short an attention span to cope with a pet. Once they get bored slip fido the antibiotic and instant drama, leading to the vet being the bad guy as "There's nothing we can do to save him."

OTOH perhaps he just meant this gives researchers a better tool to control *when* a disease is expressed in their experimental subjects and (perhaps *more* interestingly) if you "switch off" expression does the condition go away?

I suspect that like German Korean is quite precise but the translations can sound a bit brutal.

ARM scooping in cash but remains cautious

John Smith 19 Gold badge

@Chris Evans

I think I saw one of their people speak about their work here.

http://www.youtube.com/watch?v=AXD7RlqVzdI

John Smith 19 Gold badge
Thumb Up

@borkbork

Good lord, there really *is* another one.

John Smith 19 Gold badge
Unhappy

ARM is impressive, but why is it the *only* example that is that successful?

Who are the *other* UK fabless semiconductor companies?

John Smith 19 Gold badge
Meh

@mittfh

"...if Acorn Computers ever regretted spinning ARM off into a completely separate company? :)"

Perhaps.

They certainly *never* undervalued their hardware.

The only company that matched their pricing was Apple.

Acorn is history. ARM is still in business.

SecurID breach cost RSA $66m

John Smith 19 Gold badge
FAIL

$66m sounds *way* too low.

LockMart is *huge* and AFAIK almost entirely a govt con-tractor.

That would suggest damm near everyone would need a replacement token.

Starting there and going down their customer list (*how* many banks?) I'd suggest they worked some *very* doubtful accountancy moves to get the figure down that low.

While it *might* be accurate their very poor ongoing PR on the subject continues to leave a very bad taste in the mouth and the suspicion that a lot *remains* to be said.

It's like the head office moved to a little town called "Denial," somewhere in the USA.

'War texting' hacks car systems and possibly much more

John Smith 19 Gold badge
Boffin

How many bytes does it take to signal a car start?

Aren't PGP keys between 8 and 16 bytes? More if they have to be recoded into a different character set but still *well* within the length of a single text.

As for GSM telemetry going with the GSM8 alphabet seems to be anything goes, it's completely open (but 1120 bits max *including* the key)

That's quite a few valve/pressure/temperature readings with proper compression.

Just a little something to kick start some thinking.

Military chip crypto cracked with power-analysis probe

John Smith 19 Gold badge
Boffin

*much* bigger than just aerospace and military

These are high end FPGA's and IIRC these one incorporate an ARM processor as standard (not a macro, it's on on chip hardware).

Using this method you can copy the output from the bitstream ROM's used to *configure* the rest of the array.

So you can copy the design (into your chips), and in principle reverse engineer it, which is IP theft and counterfeiting.

But it's not clear to me (not read the paper) if that allows you to substitute your *own* design by replacing the configuration ROM's. if so that is the ability to add logic to act as a hardware trojan.

to cache key info (for example) for later transmission through a low bandwidth secret channel.

Or to act as a sleeper to re-configure the hardware on receipt of some kind of trigger message in the data it's processing.

This technique is a version of "Traffic analysis" which has been conducted at least since WWII. M Gales comments about randomising the power usage pattern (flattening it also works but that would just make the occasional dips and spikes *more* significant) apply but that only works for *new* chips with the re-design.

US Navy orders laser machine guns

John Smith 19 Gold badge
Happy

@GougedEye

"Someone please tell the Yanks that they are broke. "

Not *quite* broke.

The US govt has about 1 week to raise it's borrowing limit (on what *it* borrows) above 13 Teradollars.

So far the Democrats wish to continue with tax rises and their shot at putting in a healthcare system that works for *everyone* while the Republicans want want to *cut* taxes and dump that and any welfare they can, being pushed heavily by various assorted Tea Party sponsored babble and drool cases.

Meanwhile *everyone* is playing the blame game.

If they don't reach agreement it's going to Greece, Italy, Spain, Ireland, United States in *rising* order of defaulted debt repayment, with the US out front by a *very* wide margin.

Don't you love the smell of fear in the air?

John Smith 19 Gold badge
Unhappy

A whole new range of options

To have a friendly fire incident with.

Where the US military is concerned *always* keep close to them.

It won't stop a friendly fire incident, but it will take a few of them with you.

UK data watchdog 'looking into' Google+ mission creep

John Smith 19 Gold badge
Mushroom

Looking to get that "Identity verification" contract from the British govt.

Looking to start early.

No, I don't want a "relationship" with your corporation anymore than I want a "relationship" with the bar staff at my local drinking establishments.

I give them money. They give me alcohol.

That's the level of relationship I want with Google.

UK Govt refuses to ban shale gas 'fracking'

John Smith 19 Gold badge
Joke

Does anyone hope you can use lasers to do this.

Then the request "Get me some big fraccing lasers" will seem quite reasonable.

John Smith 19 Gold badge
Happy

AC@22:42

Interesting about being in Quebec.

I had not realised the regulations were as lax as in the US.

However in the US Shrub got an "Exemption" clause to both the Clean Air and Clean Water acts.

BTW this story applies to the UK, where environmental pollution regulations are somewhat stricter.

Stuxnet clones may target critical US systems, DHS warns

John Smith 19 Gold badge
WTF?

OMG builds a digital loop to spoof the control system while the hardware destroys itsself.

And the core is generic.

Which raises an interesting question.

Is this a failed sucker punch at Iran.

Or could it be (like the Washington anthrax attack) an attempted wake up call to get people to take the threat *seriously*. By analogy with the Washington anthrax attack that would make the *most* likely developers a (very) unscrupulous security software supplier.

Or both?

John Smith 19 Gold badge
Unhappy

@Mark 65

"Someone in a glass house threw some very large stones when they wrote this code."

But it looked like *such* a good idea at the time.

So elegant.

So simple.

So what could go wrong?

After all these <insert suitably derogatory racist epithet> are *far* too stupid to reverse engineer it and either re-target it on systems *we* use, let alone insert it into *our* systems.

I doubt those who built stuxnet will *ever* have to fix the trouble their little "prank" will cause.

Canon crossbreeds mouse with adder

John Smith 19 Gold badge
Meh

Very clever

Why do you need one again?

Does it allow you to do numeric input when you're over a numeric entry field perhaps?

'Directory traversal' attack becomes premier hack tool

John Smith 19 Gold badge
Thumb Up

@Lee Dowling

"Seriously, directory traversal (i.e. not bothering to sanitise inputs, chroot folders - either via the calling app or via the OS -, etc.) and SQL injection (not bothering to sanitise inputs, PUTTING FECKING SQL STATEMENTS IN DATA YOU EXPECT TO RECEIVE AND ACT UPON!) - those are the most ridiculously stupid things to have yourself vulnerable too."

Wise words. And yet despite the basic *simplicity* of the advice people *still* keep f**king it up.

IT boss jailed for plundering Scottish library

John Smith 19 Gold badge
Joke

Has to be asked.

Did they call him "Dingo" Dinham?

Only dingos are know to scavenge things that aren't theirs. Rabbits, small children etc.

'Up to' broadband claims out of control, says Ofcom

John Smith 19 Gold badge
Flame

So delivery improving slightly but lies *about* the service being delivered grow massively

Ofcom should grow some and start putting ISP's on a leash.

Get them to specify what *percentage* of their customers get this super duper service and what *fraction* of the time they get it in those adds.

Otherwise it looks like El Reg readers will have to start hitting the ASA with a clue stick.

Stop promising BS you don't (and *cannot*) deliver.

Hacking scandal starts to spread beyond News Corp

John Smith 19 Gold badge
Joke

I doubt El Reg has *ever* hacked anyone's voice mail

But I'm not *entirely* sure about that.

As for the rest . .