* Posts by Richard 12

6048 publicly visible posts • joined 16 Jun 2009

Ex-CIO must pay £81k over Total Shambles Bank migration

Richard 12 Silver badge

It's still highly unstable

Even this year there have been multiple times where one part or another of TSB banking has a little lie down in a corner for a few hours.

Just because on-prem is cheaper doesn’t make the cloud a money pit

Richard 12 Silver badge

Sysadmin still necessary

You need a competent sysadmin regardless of whether you're on-prem or cloud.

In fact, many would argue that having a competent sysadmin is more important for cloud because everything "cloud" is Internet-facing by fundamental necessity, and thus more exposed. Worse, you cannot implement a change freeze around a risky time for your business - cloud changes when the cloud supplier feels like it, not when you're ready for it.

And most of what you cite isn't a sysadmin job anyway, it's the building manager who looks after the genny, HVAC etc.

Twitter users complain 'private' Circle posts aren't

Richard 12 Silver badge

It's been like that for months.

In other news, it turns out that Twitter's systems were incredibly well built, as they've not failed completely and permanently after almost six months of abuse with nearly zero maintenance.

I'm very surprised. I thought they'd never reach Easter.

I guess corporate evictions take as long as residential ones.

Pentagon advised to get agile if it wants to keep up with evolving threats

Richard 12 Silver badge

Re: Sorry...

Needs, not what they wants.

Customers needs and wants are often orthogonal. If you deliver what they say they want, it rarely does what they actually need.

It often works better to ask them what they don't want.

CAN do attitude: How thieves steal cars using network bus

Richard 12 Silver badge

Re: I find it hard to care about this

Any such thing will quickly become easily available.

The hardware parts needed are standard and cheap, plus some firmware that will be trivially purchasable by those who know where to look

Richard 12 Silver badge

Modern cars don't have an ignition circuit.

Mine does have an alarm, as I discovered last night.

Richard 12 Silver badge

Re: Why

Compared to a MOSFET, relays are extremely low reliability.

A relay will do about 10,000 cycles.

MOSFETs will do far more than twice that every second, and they'll keep doing that until the doping drifts out of the junctions.

A well-designed relay will probably last about a decade. An average MOSFET will last fifty to a hundred years.

Of course, both will die if you do evil things to them - pitted and welded contacts, blow the top off...

Richard 12 Silver badge

Re: Why

None of those things require the headlights to have a data connection. The power controls could be anywhere.

My car has all of those things, and there's no data connection to the headlights at all. Only power, switched (and monitored for failure) by something else.

They have a data connection because it was convenient for someone to put the power control hardware inside the headlight module. And they have a bidirectional link to CAN because that's the only control protocol car manufacturers understand.

Hey Siri, use this ultrasound attack to disarm a smart-home system

Richard 12 Silver badge
Megaphone

Those who do not learn from Nyquist

Are doomed to suffer aliasing attacks.

Bank rewrote ads for infosec jobs to stop scaring away women

Richard 12 Silver badge

Re: So

Breast cancer has a rate of less than 0.1% - approx. 175 per 200000.

Small percentages are a lot of people.

Richard 12 Silver badge

Re: So

The thing is, that's known to be a massive oversimplification.

Humans like to invent buckets and pretend that everything fits into one of them, but reality is far more complicated.

There's no such thing as a fish.

Richard 12 Silver badge
Boffin

Re: @Richard 12 - So

The prevalence in the healthy population is not really known, because such tests are generally only done when there are problematic symptoms. XXY and XYY are estimated to be about 1/1000 live births between them - so about 333,000 people in the USA.

So that's a little more common than lung cancer (Source: Cancer Research UK)

And don't be silly. Do you lose your name when you die? It just means anyone who didn't ask before you died doesn't know.

Perhaps someone who did ask will write it on a gravestone. That seems a relatively common practice - "Father to ...."

Richard 12 Silver badge

Re: So

DNA doesn't specify gender either.

There's a significant subset of "obviously" female who have XY chromosomes and "obviously" male who have XX. It's usually because a couple of genes are in a rare location, but not always as conditions in the womb have a significant effect too.

That's before considering rarer chromosome counts, like X, XYY etc, and intersex.

It's one of the reasons genetics professors don't ask students to look at their own chromosomes, or sequence their own DNA. Genetics 101 class is not a great place to discover you have a "rare" genotype/phenotype combination.

In the end, the only way to be certain of someone's gender is to ask them. And to be prepared that the answer might be "I don't know".

Richard 12 Silver badge
Holmes

So they removed the impossible?

Far too many job ads include things like "five years experience in %TECH_RELEASED_IN_2023%".

Did this bank finally realise that means only liars will get interviewed?

When Google cost cutting goes molecular: Staples, sticky tape, and PC sweating

Richard 12 Silver badge
Pirate

Seems to me that the cost of multiple employees spending ten minutes trying to find staples for the important document they just printed, or half an hour re-collating the printout they dropped is far more than the cost of providing staples at every printer.

After all, there aren't many printers. It'd almost certainly save far more to remove one printer. Pick one where there's another printer nearby.

In the battle between Microsoft and Google, LLM is the weapon too deadly to use

Richard 12 Silver badge

Re: Pandora's Box, again

There's a very big difference between running a model and creating (training) one.

At least 6 orders of magnitude, in fact.

So while it is currently possible to run some quite large language models on bitcoin-mining class hardware, it is not at all possible to create/train one without access to Amazon, Azure, Meta or Google level computing resources.

There are probably fewer than ten organisations currently capable of training these things. They can be required to pause.

US Navy turns to hull-climbing bots to combat maintenance backlog

Richard 12 Silver badge

Re: Setup time

Setup only needs to happen once per ship, possibly even per class (depending), so it's a large saving the second time around.

Richard 12 Silver badge
Boffin

Re: One major issue.

These use magnets, on account of most* ship hulls being made of steel.

So yes, they absolutely would work for inspection in port. Probably not while under way, but port time is really cheap compared to drydock.

I'm also pretty sure these have been used for years, not entirely sure what's new.

* Minehunters need not apply. Splash.

Defunct comms link connected to nothing at a fire station – for 15 years

Richard 12 Silver badge

Re: Money for nothing, it's the best

When it's under $10 or so, a lot of people don't notice for a few months because they're too busy dealing with everything else. Especially if the description is vague.

After a few months, they notice and then the cancellation games begin. Some of these places won't accept a cancellation without the account number, which of course you don't have.

It can be extremely difficult to remove a recurring payment authority.

Judge grants subpoena to ID Twitter source code leaker

Richard 12 Silver badge

Re: Say 'cheese'

There's definitely the hooks available to do that, if you wanted.

Whether it's worth the hassle depends on what's in the repository, of course.

Micron writes off $1.43B in inventory as sales dive, claims only way is up

Richard 12 Silver badge

Re: Maths

A lot of that cost is "one-time charges", like the cost of redundancies.

Large workforce reductions are insanely expensive, the supposed "savings" never actually appear.

Richard 12 Silver badge
Coffee/keyboard

It'll swing back to desktops.

Laptops are horrific for long term use, they're already causing a lot of back, neck and shoulder repetitive strain injuries.

They're also a lot more expensive for equivalent performance, and the docks are now universally awful.

Plus keyboard crumbs killing the whole thing, of course. A keyboard can be shaken out, a laptop, not so much.

The long-term corporate trend will be back to mostly desktops - though probably primarily a mix of small form factor and all-in-ones, as in-service upgrades generally aren't needed.

It's ergonomics.

Germany sours on Microsoft again, launches antitrust review

Richard 12 Silver badge

"Another"

There, fixed it for you.

For whom the bell polls: Twitter voting is for Blue users only now

Richard 12 Silver badge

I would vote (c), but I can't because I'm not a subscriber.

US police have run nearly 1M Clearview AI searches, says founder

Richard 12 Silver badge
Unhappy

Re: "Crimes Clearview has helped solve include murder"

If they aren't saying, then the answer is somewhere between zero and one inclusive.

Also "helped" is a rather vague term. It includes "used but match was wrong", and "used, someone was beaten up and brought in for questioning but they had a cast-iron alibi on account of being a thousand miles away at the time, but it was definitely them that did it, just look at their skin colour".

Which is of course the other problem. Institutional racism is endemic in police forces and these tools are known to be exceptionally poor at matching minorities and darker skin.

Errors logged as 'nut loose on the keyboard' were – ahem – not a hardware problem

Richard 12 Silver badge

Re: Shipping 5h17

ICO and PE (exe, dll) files contain multiple different icons. ",0" says to use the one named zero.

This is even documented in a few places.

Note that you can even specify an EXE file and use some random icons out of it, eg if you want the recycle bin to look like an Excel document...

Watchdog: Broadcom buy of VMware may be bad for competition

Richard 12 Silver badge

Re: NSS: "Broadcom buy of VMware may be bad for competition"

Currently, hardware manufacturers share commercially sensitive information with VMware under embargo, so they can ensure their new products work reasonably well under VMware at launch.

Broadcom is a direct competitor to many of these manufacturers.

I'm sure you can figure out the problem.

If scammers use your AI code to rip off victims, the FTC may want a word

Richard 12 Silver badge

Context is key

Know your customers.

Richard 12 Silver badge

The primary or even sole purpose of some of these generative "AI" systems is to create fake stuff.

Animating a still and generating their voice, for example.

Microsoft freaks out users with Windows 11 warning: 'LSA protection is off'

Richard 12 Silver badge

Re: Hi Bill

Better to string them along for as long as you can.

See if you can get them to swear at you before they hang up.

After all, time they spend talking to the likes of El Reg commentards is time they aren't scamming someone vulnerable.

First-known interstellar Solar System visitor 'Oumuamua a comet in disguise – research

Richard 12 Silver badge

Re: One thought

Same reason that comets generate thrust.

The sun is only illuminating one side.

The exact thrust vector depends on the spin of course.

Europe's right-to-repair law asks hardware makers for fixes for up to 10 years

Richard 12 Silver badge

Re: What stunt will 'Elon the magnificent' play to get around this?

Though he does have plenty of prior history of self-destructive business decisions

Journalist hurt by exploding USB bomb drive

Richard 12 Silver badge

Re: If you really have to ...

It's only slightly more complex to trigger when the device enumerates as a keyboard or other off-the-shelf USB device chipset.

Better to do a proper sniffer test for explosives (and other dangerous things) in the mailroom.

It's not the first time someone has tried to murder a journalist using explosives, and sadly it probably won't be the last.

Cisco kindly reveals proof of concept attacks for flaws in rival Netgear's kit

Richard 12 Silver badge

Why the high score?

If the attacker has to be authenticated, then they're already the wrong side of the door and can do all kinds of things.

Seems to me that "Router administrator can execute arbitrary commands" is fairly low importance, given what else an administrator is supposed to be able to do anyway.

What am I not seeing?

Student satellite demonstrates drag sail to de-orbit old hardware

Richard 12 Silver badge

You latched onto the wrong detail there!

Energiser Lithium AAs apparently weigh ~14g each, so the battery mass alone was roughly 1kg.

I do wonder what they spent the remaining 4.5kg mass budget on. I was building 150g combat robots in my university dorm, and technology has greatly improved since.

Richard 12 Silver badge

Should have used Duracell

Bunnies don't like space!

Seems likely that the electronics failed because it was using AAs. The tabs on PCB mount AAs are subject to metal fatigue, quite weak and the AA can is quite massive. The vibration of launch likely ripped a few of them off the board.

Seen this a few times in handheld portable kit.

Bare lithium cells are much lighter and are flexible, so are easier to package for survival under high vibration.

That said, I suspect they used the AAs for sponsorship reasons and always knew they were a weakness that didn't really matter for the mission.

No reliable way to detect AI-generated text, boffins sigh

Richard 12 Silver badge
Terminator

Re: Too late for rules and ethics

The number is indeed negative. It's already practical to run these models on commodity hardware.

It's the same hardware, and a similar level of difficulty as Bitcoin 'mining'. Any of those rigs can run the model in a few seconds.

A powerful desktop takes a bit longer, but perhaps you're willing to wait a few minutes?

Fortunately, training the models takes something like six or seven orders of magnitude more computation - you have to run the model and the classifier several million times to compress the training material into it - so isn't feasible for most small governments.

NASA's space nuclear power program is a hot mess

Richard 12 Silver badge

Re: understandable

They do, and have landed on Mars quite recently.

They're quite small. 5kg of PuO2 is less than half a litre in volume - about 420cc

It's relatively simple to make a small box that you can whack extremely hard then drop from a great height into the sea without excessive damage.

How the Internet Archive faces potential destruction at the hands of Big Four publishers

Richard 12 Silver badge

Re: There are 200 people taking the course

For "PhD", read "degree".

Electronic loans are limited to single-digit copies too.

You may wish to read the article.

Richard 12 Silver badge

Re: The IA have themselves to blame

The marginal cost of maintaining a purchasable ebook is of the order of 1 cent a year.

And falling.

It's not even a rounding error.

Yes, it costs quite a lot to create an ebook. But assuming you want to sell any ebooks at all, it costs absolutely nothing to keep it available once created.

Microsoft to give more than microsecond's thought about your Windows 11 needs

Richard 12 Silver badge

Re: Edge

Xbox Game Bar is actually for screenshots.

Quite why they decided that is mystifying. I can only assume someone was very, very drunk.

Richard 12 Silver badge

I actually like "pinning".

The highlight is different to show whether it's running or not, it means those top few applications stay in the same order, and there's the Start+[1-9] (and Shift+Start+[1-9]) shortcut to switch/start them.

Avoids lengthy typing in the search that never finds anything or scrolling for days because subfolders don't exist anymore.

Admittedly, some of that is simply a workaround for how badly they trashed the start menu, and it's only useful for your top five or six applications.

Richard 12 Silver badge

It's the exact opposite

At the moment, there are no APIs for an application to pin itself. It has to be an explicit action by the user.

An application may only inform the system what should happen if the user chooses to pin.

This change will allow the application to demand that it be pinned, and repeatedly, continuously bug the user- with a standard dialog - until they acquiesce to shut the damnable thing up.

Hospital to test AI 'copilot' for doctors that jots notes on patient care

Richard 12 Silver badge

Re: doctors remain in charge, and should check and edit the generated notes if necessary

In reality, it's "can't".

I've seen far too many cases where people happily accepted and signed off minutes of meetings that were absolutely wrong.

And when you ask them if they're sure, they say yes.

And when you play them the transcript, they're shocked as it's absolutely not what they now remember, after reading the false minutes.

I believe there are several studies on this effect, though I could be misremembering.

AWS delivers a – rather late – major release of its homebrew Linux distribution

Richard 12 Silver badge
Facepalm

Why so hard?

This feels like they've given the job to a team of two, perhaps three people. You'd be mad to buy it, given the total lack of road map and obvious lack of support resources.

Why not simply offer whatever it is that Amazon themselves use?

It'd be cheaper all round, as then they could charge many times over for work they're already doing!

Now collapsed SVB's parent files for bankruptcy as Biden calls for stiffer penalties

Richard 12 Silver badge

Re: De ja Vue

It was supposed to be a bank, not an investment vehicle. Banks are required to give current account depositors their money at any time - so need a lot of liquid (or easily liquidated) assets.

Ten year bonds are pretty much as illiquid as you can get.

They also didn't pay any attention to who their depositors actually were. While they had many thousands of business accounts, most of them were effectively controlled by the same small number of VCs.

So when one VC gets worried about a bank, a thousand companies are required to withdraw everything, lest the VC lose their investment.

Richard 12 Silver badge
Holmes

Re: De ja Vue

Trump repealed the laws that would have prevented SVB from operating the way it did.

SVB was a major lobbyist to repeal those laws.

They would have immediately failed the "stress tests" had they remained in place, as they were completely exposed to even small changes in interest rates. You'd never get a mortgage or business loan if you operated like SVB, for example.

Funny how that works.

Microsoft's Copilot AI to pervade the whole 365 suite

Richard 12 Silver badge

Re: What about....

They may well already be doing that to train the next iteration.

They want a tool to summarise large documents, and a tool to write large documents from a summary.

Eventually they might realise the futility of this endeavour.

AI-generated art can be copyrighted, say US officials – with a catch

Richard 12 Silver badge

Re: Other issue

Current lawsuit material.

There's already multiple in-progress.

Here's how Chinese cyber spies exploited a critical Fortinet bug

Richard 12 Silver badge

The entire purpose of Fortigate and similar devices is to man-in-the-middle everyone in an organisation, so they are possibly the most valuable target possible for any miscreant.

Once they've got that, they can poison anything and everything.

There's no need to actually attack, they can just wait for users and administrators to download legitimate files and installers they need to do their work, then silently redirect them to whatever they wish, even signing their malicious payloads with the root certificates the IT dept carefully installed on everyone's computers to enable the MitM functionality.

Seems to me that Fortigate is the perfect trojan horse.