* Posts by -tim

605 posts • joined 10 Jul 2009

Page:

Watt the heck is this? A 32-core 3.3GHz Arm server CPU shipping? Yes, says Ampere

-tim

Re: Locked Up?

"I was aware that IBM manufactired, and offered for sale, data centre servers built around the PowerPC architecture."

IBM and Sun opps... Oracle still make same fantastic insanely powerful hardware. The problem is nearly no one has a problem where they need that much power. Both of them also have the problem that you can no longer start small. Sun's last server comes in sizes that are the price point of a very nice new car, a very nice house or very nice house in the Bay area. There is no way the future decision makers will ever get to play with that sort of hardware so there isn't much research being done about making use of some of the newer concepts like fully compressed and encrypted memory. The very big machines from last year can map tends of terabytes of a file into ram and then go through it with a thousand threads. What that is cool, it isn't a problem most companies have.

0
0

No, that Sunspot Solar Observatory didn't see aliens. It's far more grim

-tim
Boffin

Standard procedures?

Did the FBI want to copy all the images on the local servers too? Observatories tend to have lots of images.

4
0

Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS

-tim
WTF?

PCI-DSS? Where?

If your web form uses javascript and processes credit cards, it must be audited to comply with PCI-DSS specs. It looks like someone's PCI auditors missed that part. I wonder if version 3.3 will start to clamp down in useless javascript on payment forms.

17
0

Raspberry Pi supremo Eben Upton talks to The Reg about Pi PoE woes

-tim

Compliant but non-functional?

We have 8 devices that claim to be 802.3af compliant power providers. Most of them work with most devices we plug in but there appears to be no rhyme or reasons why some devices won't talk to some providers. There have been situations such as 20 supposedly identical devices plugged into switch A and 16 work but 4 don't. Plug them into vendor B's switch and a different 4 don't work. We even have a Mobotix camera that used to work on most switches but now only works on just one port on one Cisco switch.

5
0

Python joins movement to dump 'offensive' master, slave terms

-tim

"I had to change the terms whitelist and blacklist from an internal server-side application over 15 years ago. [...] I thought it was silly but NBD, I changed it to redlist and greenlist and carried on."

So now your going to upset the Indians and the Hippies?

73
2

Strewth! Aussie ISP gets eye-watering IPv4 bill, shifts to IPv6 addresses

-tim
WTF?

Re: Finally?

Internode no longer supports IPv6 on the HFC (aka cable TV) NBN as they are simply reselling TPG service there.

1
1

Experimental 'insult bot' gets out of hand during unsupervised weekend

-tim
Coat

Where is that window?

We had a lab full of shiny new Sun 4 workstations. I found out that there was no protection of the window position of other peoples sessions and I could detect which window was active. The result was a program that moved their active window towards the edge one pixel every second. In the days of 1024 pixel screens, it didn't take long for it to be very annoying.

6
0

Incoming NBN boss inheriting regulation, service headaches

-tim
FAIL

I'm shocked...

A overgrown cable tv network Isn't' a good data network? Who would have thought that might happen?

I've been telling people to buy a new NBN connection and cancel the other one once it has been proven to work rather than take advantage of migration. I've meet way too many people who are in that group of no phone or data for weeks.

Even with HFC, the network should be build like a peering network, not a cable TV network on steroids.^

^ back end complexity, it sure isn't a comment on the speed.

1
1

Apple tipped to revive forgotten Macbook Air and Mac mini – report

-tim

I've been waiting to buy one for a long time

For me to buy a computer, I demand replaceable hard drives (yes 2 need to fix in the box). I have to have expandable ram. 16 gig just isn't enough for some workloads. I would like the thing to have so many ports it looks like a USB switch. I like the internal power supply and I don't care about the size. It would be nice if I can get 6+ years out of it.

Why don't they roll these out in time for the start of the University class semesters?

7
0

Get drinking! Abstinence just as bad for you as getting bladdered

-tim
Pint

Lies, damned lies, or statistics?

Everyone knows that self reporting numbers tend to be off a bit. Perhaps a Reg hack can go out and do some real investigative reporting. I want them to be out there drinking with some of the people that self report and report just how right or wrong their self reporting is. The Whitehall surveys are where a great deal of the data about "normal drinking" comes from.

6
0

SMS 2FA gave us sweet FA security, says Reddit: Hackers stole database backup of user account info, posts, messages

-tim

Re: Should have used a hardware dongle

If it can be mathematically reduced to "something you know" and every hardware token can be, it is not 2FA in the formal sense. In my case I have a list of token IDs in a database. If they get stolen, then whoever stole them can pretend to be any hardware token I've issued.

The real problem is that any proper 2FA system needs to integrate into older hardware. Sysadmins need to log into things like switches and routers and firewalls and many of them just don't have proper hooks and many that do can be tricked with things like fake radius servers. Most 2FA solutions are windows only or support a very limited amount of hardware. The old OATH and HOTP systems could be done on just about anything but like the old RSA tokens, once you have the secret keys, it isn't anything other than an annoying one time password.

3
3

Now that's a dodgy Giza: Eggheads claim Great Pyramid can focus electromagnetic waves

-tim

Re: Mystery?

I expect the Pyramids at Giza were built two sides at a time with minor bits on the other two as it was built up. That fixes the problem of having a completed pyramid very soon after the death of a Pharaoh. The different chambers also end up near the middle at different times as well. I've seen marks that appear to have been made from logs supporting the outer lip of the casing stones on the Red and Bent pyramids that would imply they put the casing stones on from the top down. I think the evidence that the casing stones were removed and reused to be lacking as the angle they were cut happens to be a suitable angle for archways yet there aren't any examples of it being used that way.

3
0

Your 60-second guide to security stuff Google touted today at Next '18

-tim

Re: Two-factor while holding a gadget

The phone is only holding something you know... if you could remember 2048+ bit number. Depending on your legal requirements for two factor authentication, it may not count as something you have.

1
1

Fukushima reactors lend exotic nuclear finish to California's wines

-tim
Flame

They missed a source

It turns out the trees are very good at concentrating cesium and now that more of them are being burned near wine country, all that lovely cesium from the cold war that has been concentrated in trees is now being released into the air when those trees burn. The wines from down under seem to have less of an issue but it did show up with the major fires in the last decades. That mostly flat line on their graph is heading up towards the right if the scale is changed. One report from downunder was trying to understand why home fireplaces are releasing more of the stuff than forest fires. Last winter in Europe, most reporting stations are seeing a year on year increase in radiation in the air.

6
0

Fork it! Google fined €4.34bn over Android, has 90 days to behave

-tim

Re: Big fines are just a cost of doing big business

What would happen if the court required that they issue $5 billion worth of shares at a $0 share value on a given date based on the prior days closing price? I expect our new AI stock market overlords might have something to say about that type of fine that might have company directors looking to keep everything above board.

4
1

Google to build private trans-Atlantic cable from US to France

-tim
Coat

Re: If the Atlantic is so narrow...

The water pressure must be squeezing it smaller.

5
0
-tim
Pint

How many repeaters?

Undersea cable was about $7 per meter for the deep sea stuff a few years ago. The real cost is the repeaters that are every 100 to 200 km along the line and used to cost about $1,000,000 each.

I would hope that Google would put in more fibers and have them bypass the repeaters for real world research on long links. A decade ago there were 12,000km links in labs but way too slow. If I were them, I would be putting in the normal repeaters for 4 pairs and then at least a dozen pair bridged the whole distance terminated in rooms somewhere at each end were researches can test real links with new equipment.

0
0

Oracle cuts ribbon on distributed ledger service

-tim
Facepalm

Why?

Because as a business I with audit requirements, the first thing on my christmas list is a distributed ledger... for reasons.... I guess.

I think some of the hype of block chain has to be from someone who has figured out the "split islands" problem and wants governments to consider blockchain as secure so they can run several sets of books. While I don't have the computer power to play that game, there are plenty of billionaires who do.

0
0

You wanna be an alpha... tester of The Register's redesign? Step this way

-tim
Pint

Geolocating options to turn it off?

I would love to have https://www.theregister.co.uk/uk as well as https://www.theregister.co.uk/us and https://www.theregister.co.uk/oz which would turn off the geolocated story selection.

3
0
-tim

Re: How about...

If your going to fix the commenting, consider running a private usenet server as the real backend. It fixed all the problems most comment systems have but it addressed them decades ago.

3
0

‘Elders of the Internet’ apologise for social media, recommend Trump filters to fix it

-tim
Pint

RFC number?

Too bad RFC-666 has already been taken.

At the current rate RFC-31337 won't be assigned for about a century.

1
0

Tech support chap given no training or briefing before jobs, which is why he was arrested

-tim

I was working at a USAF base and the CPU module wouldn't plug into a machine even though the test report said it had been working at the factory. I was in the data center late at night when the Lt Col asked what I was doing and I mentioned that I needed to cut the metal bracket just a bit but I needed to protect the board from the metal shavings and that had to be in an anti-static environment. He suggested I take it home after learning I did have the proper tools. I told him there is no way I was going to take that out of the machine room without the proper paperwork based on cost per ounce, it was more expensive that nearly everything else on the base there were were some very expensive things on that base.

4
0

Microsoft: For God's sake, people, cut down on the meetings!

-tim

Re: Then there are the Meetings about a meeting to set the agenda for another meeting

Most companies are at the opposite edge of the spectrum with no records and no agendas. I've been telling middle-managment that any meeting that doesn't have an agenda and minutes isn't a meeting, it is a waste of time. I figure they will find the middle ground for about two meetings sometime in the next decade and then swing all the way to meetings about a meeting to set the agenda for another meeting.

2
0

It's 2018 so, of course, climate.news is sold to climate change deniers

-tim

Re: Nothing worthwhile in the post-2012 gTLDs anyway

You don't need to delete the gTLD, you need to point them to a mostly useless zone file that provides the proper info for the anti-spam filters. That zone file should also point www.@ to a local web site that says "computer says no" while counting the people trying to visit while providing reports of people most likely to click where they shouldn't.

6
0

Two-factor auth totally locks down Office 365? You may want to check all your services...

-tim
Facepalm

2FA?

There are strict rules about proper 2 factor authentication that you must pick two out of the set of 1) Something you know, 2) something you have and 3) something are. Most compliance frameworks require the "pick any two" but not two of the same.

Mathematically most of the "Something you have" turns out to be "something you know" and if that can be shared in any way such as restoring it to a new phone. All that you have done is doubled down on the "something you know" even if what is known is too much for more people to remember. One of the key bits of "something you have" is that it needs to be unique. Once you can duplicate a token system on a phone for example, that fits in as something known, not something held and should be treated as a hopefully strong password sorted in a password vault.

A major issue with 2fa, is that all the old systems stuff needs to be tied in and most of the newer solutions just can't be made to work with older hardware which introduces major weaknesses in the total system. If the corporate phone systems is controlled by 4 digit pin or a core router can be asked to shift packets around where they aren't meant to go, the rest of the system might have already been compromised.

18
0

Boffins want to stop Network Time Protocol's time-travelling exploits

-tim
Pint

Re: Time NTP was upgraded(See what I did there!)

"Sure it is a cost but you can start from £100 (for a Raspberry PI and a GPS expansion board (e.g. from uptronics), antenna, plus a funky case)"

We did that with the £40 uputronics GPS hat. I thought it was about 4 times better than the old server we had been using and then I looked closer at the numbers and it appears about 4,000 times better than the older one which was a decade old server that spent its days saving CCTV data on spinning rust. The GPS sits in the warehouse on a beam under one of the plastic skylights. The problem with the hat is it confused FreeBSD boot process since that didn't like the NMEA strings and the 1PPS driver in NTPd can't cope with adjusting the local NMEA clock so for a non-Internet NTP server, you want two Pis and one with a battery back clock to keep the time when power gets cycled.

2
0

And that's now all three LTE protocol layers with annoying security flaws

-tim
Facepalm

So much more to come

I do like the customization option where the carrier can tell a modern phone that the "2G" it should be displayed in the corner showing that a Stingray clone has capture the connection should be displayed with an icon that happens to have "99G" or whatever on it.

0
0

No more slurping of kids' nationalities, Brit schools told

-tim

Re: Killing the patient

"What language is spoken at home?" does not require "What country were you born in?" to be answered.

It might. Knowing a kid is from Spain means they will speak different Spanish than a Mexican schoolmate. It can also be useful to let teachers know about kids that were from different sizes of a war zone.

Perhaps a better solution is get the UN to come up with a resolution that makes it illegal along the lines of a war crime to use children in border disputes and make it very clear that the Nuremberg defense isn't an acceptable defense.

4
0

Time to dump dual-stack networks and get on the IPv6 train – with LW4o6

-tim
Meh

So just like the network my phone uses?

My phone uses an IPv6 only network but only hands its application an IPv4 address. We were heading in the direction of admin interfaces are IPv6 only starting about 3 years ago.

Every once in a while I get sick of the tracking/ad/scam games and turn off IPv4 on my computer. It works much better for me most of the time and most important sites work fine (hint, hint, El Reg).

The rollout of IPv6 in Oz is hampered by the fact that most of the competent IPv6 players were bought out and their new owners never had IPv6 working properly resulting in everyone using the overgrown cable tv network flavor of the NBN requiring ugly hacks to do IPv6 at all.

5
0

BlackBerry KEY2: Remember buttons? Boy, does this phone sure have them

-tim
Meh

Still missing two buttons?

They should fill up the empty two keys with a red and green button that can be reprogrammed.

I want the OS to be able to lie to apps. If it insists on geo location or a mac address, have a box where I can fill in a lie. I also want to be able to do wifi scans and network pings which are two things my q10 doesn't do properly.

4
0

AI is cool and all – but doctors and patients don't really need it

-tim

AI expensive?

Some AI is expensive but most is not. The skin tumor detector will get very cheap as its rollout scales. Back in the 80s AI was used to find traits, then that was reversed engineered to determine just what it was looking for and that reduced to a simple algorithm. All that modern AI has over the stuff from the 80s is that we now have far more compute power to make the initial findings.

1
2

Men are officially the worst… top-level domain

-tim

Run your own DNS servers

If you run your own DNS server, don't use the typical root hints but use it for .com, .net, .org and country codes you care about. Then all the others just go away. It is amazing how much stuff gets blocked using this technique.

5
1

Worst. Birthday. Ever. IPv6's party falls flat

-tim

Re: Follow the $

"It's probably worth pointing out, in a 'Captain Obvious' kind of way, that a /64 is BIGGER than the entire IPv4 address range"

That is the type of thinking that isn't helping IPv6 rollouts.

A /64 is the IP equivalent of the class C network in old IPv4 networks. A /64 is ONE network that happens to allow a nearly infinite number of hosts on it. In my talks about IPv6, I tend to describe a /32 as a Class A and a /48 to /56 as a class B. Nearly every host in the world should be on a IPv6 /64.

0
0

BlackBerry Key2: Clickier, nippier, but how many people still want a QWERTY?

-tim
Unhappy

Still missing some buttons...

The thing needs a red and green physical buttons.

1
0

BOFH: Their bright orange plumage warns other species, 'Back off! I'm dangerous!'

-tim

Re: Yellow vs Orange hi-vis

I was speaking to a retired tailor who was looking for a project for a apprentice tailor when the question of orange vs yellow came up. I was hoping to get a nice custom tailored suit made. If the jacket is orange, should the shirt be yellow and the tie reflective? Just how thin should the reflective pin stripes be?

6
0

Waiting for 100 Mbps NBN on wireless? Errr, umm, sorry about that

-tim

Re: They got 100Mbps wireless in Iceland (country)

jonfr,

One of the odd things about Aussie spectrum is that when the commercial and military bands were set up by NATO after WWII, they were split so the US and Canada military used European commercial frequencies and the European militaries used the US commercial frequencies so when NATO was activated, they wouldn't step on each others radios any more than usual. Australia managed to get parts of both and fast forward 50 years and there is a complete mess with things like most of the 4G is following European practices while the rural areas are following the US practices. That means things like half of the 900 mhz band is used for mobile phone coverage even though it is the only cheap frequency to run very rural wireless internet with. By very rural, less than 50 customers within 50 km of the tower.

0
0

You love Systemd – you just don't know it yet, wink Red Hat bods

-tim
Coat

Those who do not understand Unix are condemned to reinvent it, poorly.

"It sounds super basic, but actually it is much more complex than people think," Poettering said. "Because Systemd knows which service a process belongs to, it can shut down that process."

Poettering and Red Hat,

Please learn about "Process Groups"

Init has had the groundwork for most of the missing features since the early 1980s. For example the "id" field in /etc/inittab was intended for a "makefile" like syntax to fix most of these problems but was dropped in the early days of System V because it wasn't needed.

47
1

IBM bans all removable storage, for all staff, everywhere

-tim
Trollface

Terminology?

Perhaps its time to make some USB memory sticks with a "USB DASD" on them and charge a small fortune for them.

13
0

Leave it to Beaver: Unity is long gone and you're on your GNOME

-tim
Coat

Re: New Linux poweruser here ...

In the early days of unix there was a script called /etc/rc.init that started everything else. init's job at that time was run rc.init or a shell and clean up after programs that ended. Then run levels (single user/admin mode) were introduced by AT&T after the AT&T/BSD/AT&T split/fork that created System V. IBM's AIX included an early concept of having a program doing smarter things that the early init and scripts and that was considered heresy by the greybeards. The init system in Solaris 10 also caused a great deal of strife and caused a number of people to abandon it or stick with Sol 8/9 (which are still supported as containers under 11.3).

Systemd was intended to fix the init problems of the laptop while the old init.d (/etc/rc2.d and /etc/rc3.d) were much better for dealing with older larger servers which would hardly ever reboot and didn't have their hardware disappearing and new stuff reappearing all the time. Most of the major critics of early systemd (and Solaris svcs) were sysadms who just ran servers. The system V init (like solaris) for the sun comparable laptops made by tadpole was an absolute nightmare as it needed to make use of run-levels a,b and c to deal with going in and out of power saving or sleep modes and it didn't have to cope with usb devices showing up. The dependency tree of a modern init system is exceptionally complex and there is current research in the field. The SysV inittab had names for the purpose of a makefile like dependency tree but wasn't properly used showing this problem goes back to at least 1983.

What I expect will happen is that one of the BSD groups will figure out how to do more modern init system correctly for the range of hardware between tablets and servers, have their init work with the existing rc.d/init.d/svcs/systemd config files. Then systemd will get relegated to something like the contract manager under solaris and in time disappear.

1
0

Apple grounds AirPort once and for all. It has departed. Not gonna fly any more. The baggage is dropped off...

-tim

Re: One of their best products.

Just how am I to use a wireless keyboard in any industry that requires security audits? I pointed out to my former bank that the wireless keyboards that let them type in account numbers and PIN could be picked up outside their building.

16
1

Ozzie Ozzie Ozzie, oi oi oi! Tech zillionaire Ray's backdoor crypto for the Feds is Clipper chip v2

-tim

Re: Making Non-compliant Encryption Illegal

"2. Designing a secure encryption algorithm (especially one that is provably secure) is hard; many, including skilled cryptographers, have tried and fallen short."

The scary part of that statement is designing secure encryption is the easy part of what governments want.

Moden encryption uses new keys very often and generation, transfer and selection of those keys is a far more difficult problem than the simple block ciphers. The key escrow techniques used way back in the days Clipper wouldn't be considered anywhere outside of a high school programming class or congress.

5
1

Oracle pledges annual Solaris updates for you to install each summer

-tim
FAIL

I guess its time to dump sun hardware forever

Not only are the older systems out of the running on 11.4, it now appears they have less than a year of useful life left on 11.3. This includes systems that they were selling new less than 6 years ago. The last patches for Solars 9 were 3 years ago and that would run on hardware made in 1995. Solaris 11.3 was back to the point of being useful as a server after the Solaris 10 mess and the ZFS stuff is far ahead of what is running in Linux today.

1
1

They're back! 'Feds only' encryption backdoors prepped in US by Dems

-tim
FAIL

They don't understand that Clipper has sailed

Everything ever encrypted with the Clipper chip can be decoded by non-gvoerment types. Yet the politicians won't think of the real risks.

7
0

Let's go to Mars, dude: Euro space parachute passes maiden test

-tim
Boffin

Re: not a fluid dynamics expert but...

Austin Meyer, the author of the flight simulator X-Plane set it up to simulate flights on mars:

http://www.x-plane.com/adventures/mars.html

The synopsis is that it is hard. Inertia problems are compounded by low gravity and thin air. It requires massive amounts of energy to take off and arresting gear to stop.

2
0

Apple, if you want to win in education, look at what sucks about iPads

-tim
Coat

Never underestimate students with hardware.

A group of students were talking on the train about a few IT problems and solutions for them. They were virtualized the locked down school system so it looks like the machines hadn't been tampered with.

These students who appear to have been about 12 years old also found a way around the anti-plagiarism software by simply including the entire assignment notes into their work. Since every student is doing it, the scores started showing every student was about 30% plagiarized and if they included direct quotes from the teacher they could get that score into the 70% range where the instructor simply ignored the score.

2
1

Super Cali goes ballistic, Starbucks is on notice: Expensive milky coffee is something quite cancerous

-tim
IT Angle

Wonderful California

They require a specific sign designs for restrooms that seems like it was intend to troll the visually impaired. Nearly every sign in the world has a triangle dress shape for women and not a triangle for men. California goes and does the reverse. Apparently the signs were designed by an IT person as well.

1
2

'Tis the season: Verizon first in line to flog Palm phone resurrection

-tim

Re: Great Stuff!

My palm pilot can do phone calls. Unfortunately only via the land line modem module while plugged into my phone line or else I might be using it today.

I'm hoping that the Raspberry Pi 4G hats start to get cheap. I expect iPhone and Android's days would look numbered if we could get real hackable phone hardware into the hands of lots of creative people. Too bad the price of a 4G embedded module tends to run around £250.

5
0

We need to go deeper: Meltdown and Spectre flaws will force security further down the stack

-tim
Boffin

More to come?

There are people who have exploited this to read the entire details of the hidden "security" processors and they are busy writing papers for the next next security conference or selling 0day exploits. If you can get data into L1 cache and can convince a second core that it needs the data real bad, it will get scribbled back to RAM and that makes it game over particularly if the cache line has the permission tables for the master virtual memory table.

0
0

Galileo, Galileo, Galileo, off you go: Snout of UK space forcibly removed from EU satellite trough

-tim
Boffin

Why not use the Downunder system?

I expect the day before Galileo goes live with a full constellation, someone might announce the Antipodean version that uses pulsars that are already out there as the main clock ticks. Such a theoretical system would use far more complicated maths but what is the difference between a 12th order 3d polar polynomial and an 18th order when it also works on the moon as well as Proxima b?

The very ironic thing for the Galileo consortium is the fact they tweaked Dr Parkinson's Navstar (aka US GPS) system just enough that the chipsets have to isolate the pulsar pulses in hardware lest they get confused. Those pulses have been used to measure RF energy patterns from pulsars to map parts of distant stars down to about 2 meters. There is also the real world issue that it is very hard to jam signals that smart phones can pick up inside even with something on the order of -450 db signal loss.

9
0

Bitcoin's blockchain: Potentially a hazardous waste dump of child abuse, malware, etc

-tim
Facepalm

Still no malware?

So why hasn't some BOHF included the EICAR virus test file yet?

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018