* Posts by gerdesj

1035 posts • joined 15 Aug 2009

Page:

Amazing new algorithm makes fusion power slightly less incredibly inefficient

gerdesj
Silver badge

Back in the day

When I was a lad at a school in Oxfordshire (*) in the eighties we went on a field trip to the local fusion reactor experiment. I seem to recall that they talked about orders of magnitude out from sustainable fusion rather than a factor of two. I remember seeing a graph of progress with a logarithmic Y axis and a fair way to go on the X axis.

They talked about "50 years away" (or was it 25 - that X axis was hard to interpret!) and I note that reasonably current articles in New Scientist still mention similar timescales. It will happen one day but it is rather expensive and rather hard to get politicians to sign off the vast sums needed for a very, very long slog.

(*) WTF Google - that's how its spelt - what's with the squiggly underscore?

0
0

Moneysupermarket fined £80,000 for spamming seven million customers

gerdesj
Silver badge
Childcatcher

Re: So why do BT still call?

"BT have been doing this for years..."

My landline has a PSTN<->SIP gateway on it that drops incoming calls. It is for emergency use only. The IAX trunks, when rung by a non whitelisted number, respond with:

"Press 1 if you think we'd like to speak with you or 2 to leave a voicemail. If you are making an unsolicited sales call then hang up."

Haven't had a sales call in years. A full PBX is a bit over the top for most people but you can buy reasonably cheap devices that will filter incoming calls with a simple setup.

2
0

Amazon may still get .amazon despite govt opposition – thanks to a classic ICANN cockup

gerdesj
Silver badge

What about

Create the amazon domain and put into a third party's hands to administer. Now the stuff flogger can have shop.amazon, Brazil can have br.amazon etc etc as subdomains.

Everyone happy - hooray.

Err not sure who gets www.amazon m.amazon or the inevitable amazon. A record. The last one will probably play merry hell with modern browser autocomplete/search things.

0
0

Crashed RadioShack flogs off its IPv4 stash

gerdesj
Silver badge

Re: 8 addresses, or 6?

"Plus trying to convince your upstream to route such a small slice"

I didn't realise it was even possible to get a /29 PI and expect it to be routed. Obviously it isn't impossible but if the routing tables fragment down to /29 then we will need some bigger routers!

It is much harder to aggregate lumps of IPv4 address space than it is to fragment it ever further. Think of the entropy. It will continue to fragment and each lump will become more and more "valuable" but IPv6 will take up some slack and eventually we will hit peak IPv4 value (I'm going to guess around 2020).

If you want a laugh, have a look at the huge numbers of address ranges on this and note how many bloody stupid little IPv6 ranges are also allocated: https://support.office.com/en-gb/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2 I stupidly tried to use one of those lists to tighten up a firewall rule set and giggled hysterically as another address was accessed instead by a DC syncing to Azure Connect that was close but not one of the documented ones. MS are shit.

4
6

Create a user called '0day', get bonus root privs – thanks, Systemd!

This post has been deleted by a moderator

gerdesj
Silver badge

"To exploit the issue, an attacker would have to convince an administrator – someone who already has root access – to install a unit file with an invalid user name. There may also be some risk in configurations where unit files are generated automatically."

I've already patched this one: I've asked all staff to refuse to engage with anyone on the blower asking them to create a systemd unit file line by line, character by character. I've also asked them not to click on anything thats looks like a systemd unit file in an email in Outlook or Evolution (for balance).

7
14

America throws down gauntlet: Accept extra security checks or don't carry laptops on flights

gerdesj
Silver badge

Re: How about if we stop making more terrorists in the first place?

Well you can fuck off pontificating and de-cloak, matey. The only reason for posting anon on here is to possibly preserve your karma. It certainly isn't going to avoid someone putting you into a certain table along with a lot of data.

Please be more tolerant of others. Please don't accuse all those people who follow a religion of being the same in thought, word and deed as those who do very wrong by their religion's scriptures/teachings or a very narrow interpretation of same.

Given your spelling, turns of phrase, the time etc I'm going to put you into the American box. Is that fair? Should I consider all Yanks as nob ends?

48
4
gerdesj
Silver badge
Childcatcher

"Or just don't go to America"

My thoughts exactly, except my daughter-in-law is a Yank (British now). I'll live without my lappy whilst visiting the in laws.

C'est la guerre.

16
0

Microsoft PatchGuard flaw could let hackers plant rootkits on x64 Windows 10 boxen

gerdesj
Silver badge

Re: ticking time bomb... tick tick tick tick BOOM!

"Sure, because the best way to have a user install your rootkit is to have them open a shell and type exact characters, after they have typed in the root password."

As you say, that would be one hell of a spear phishing job! You get someone to download a kernel module or save the attachment, find the console thingie, login as root on it and then run a pretty arcane command. Few Linux boxes have root passwords - OK: "sudo -i" will work on many if not most. The .ko will also need to actually work on the target system and avoid a few other mechanisms, eg module signing.

1
0

WikiLeaks doc dump reveals CIA tools for infecting air-gapped PCs

gerdesj
Silver badge
Gimp

Air gap with Windows gateways, you say (imply)

A real air gapped network has another device in between with no network access, doesn't run anything mainstream but is capable of scanning files and copying them from one media to another. Tripwire etc is involved and most of it is mounted read only.

The data on the secure side is converted to plaintext and is retransmitted, again, via two semaphore operators in a tunnel with the doors closed at each end during transmission. The final bridge is the recipient semaphorist typing into a TTY.

Wifey has started using something called "wifi" to get her docs and photos on our home LAN - apparently security is fine but inconvenient. The pigeons serving the offsite backups are starting to show signs of flagging under the sudden onslaught of data. I may have to upgrade to albatrosses to carry the new high capacity coded message canisters.

26
2

Numbers war: How Bayesian vs frequentist statistics influence AI

gerdesj
Silver badge

"In the real world t is better to rely on actual facts"

The real world doesn't work like that. Note that you missed out a letter which is almost certainly "i" to make "it". All readers of your missive will have had to apply some form of deductive (probability based) reasoning to fill in the gap. Those with a shaky grasp of English may have even got it wrong. That was easy to correct but this error is nearly parse-able without correction to get a different result than that which you intended:

"based on assumptions that mat not be provable"

0
0

Internet boffins take aim at BGP route leaks

gerdesj
Silver badge

Re: I guess a key question is how many of these things there are so how many to update

I don't know but I *can* use Google 8)

http://www.cidr-report.org/as2.0/ - answer: lots.

0
0

When we said don't link to the article, Google, we meant DON'T LINK TO THE ARTICLE!

gerdesj
Silver badge

Re: Not so easy...

"Who would be right?"

Due dill?

I get your point but I would suggest you include a few searches on your new name before using it.

30
6

Soldiers bust massive click-farm that used 500k SIM cards, 100s of mobes to big up web tat

gerdesj
Silver badge

and 347,200 SIM cards

Now that's big data - LOL, LOL, ROFL etc

Buying 350K SIMs will end up with a common data point somewhere along the line. If nothing else, there will be rather a lot of extra registrations to a cell tower or two.

5
1

Trump nominates a pro-net-neutrality advocate as FCC commish

gerdesj
Silver badge

Re: Man bites dog

Trump isn't completely daft and it would seem that he is discovering that running an entire country is not the same as running a business. Apart from anything else there are those pesky rules that are designed to keep madmen in check - even if they are the *ahem* leader of the free world.

When he stops tweeting shit, we'll know we have a president that you can do business with. You may not like his policies but he will finally become a man of the city (politician) and that is someone that you can work with. The odd, orange, tweeting plonker will eventually buckle down.

No-one is bigger than demos kratos, not even POTUS.

1
0

Internet hygiene still stinks despite botnet and ransomware flood

gerdesj
Silver badge
Childcatcher

"Considering the scarcity of public IP addresses"

Each one capable of supporting 65000 odd ports. Shodan and co don't care if you change from a well know to some other port, it will still find the service eventually.

3
0

Ever wonder why those Apple iPhone updates take so damn long?

gerdesj
Silver badge
Childcatcher

Whatever the reason given - it's bollocks

That is not the way you test a new filesystem out - it would amount to commercial suicide if you had any doubts as to its efficacy. You can't test a fs in a "fiddle with the current - test for a short while - put it back and crack on" - test.

There was another reason for this nonsense, whatever it is.

9
10

It's 2017 and Microsoft is still patching Windows XP+ – to plug holes exploited by trio of leaked NSA weapons

gerdesj
Silver badge

MS still cleaning up after Windows XP

When your dog shits in the park, you are expected to get the poo bags out, not whinge about how old he is and say: "well, he does that - here have a puppy".

27
8

Five Eyes nations stare menacingly at tech biz and its encryption

gerdesj
Silver badge

Re: Privacy of a Trrrst?

"as the older I get the more I think the US looked upon WWII as a business oppurtunity at least as much as a fight for their freedom"

The US's view on WW2 is rather different to ours in the UK - a visit to the Nation War Museum in NOLA brought that home to me. To the left pond mob, the war against Japan was rather more personal to the homeland than the war in Europe/Africa etc. The US military came over here in vast numbers and helped us and the other Allies out across rather a large swathe of the world whilst the vast majority of the war in the Pacific was US vs Japan.

You may be thinking of Lend-Lease which we only finished paying off quite recently (2002ish?) That is simply the way of things in war time. As far as I am concerned, some rather good mates turned up in the nick of time when the shit hit the airconn. I should obviously point out that there were many other countries who chucked their men and women at the effort that might not have bothered.

I will also point out that Tom Hanks was not there, despite "Saving Pt Ryan" and the NOLA exhibitions 8)

4
0

Donald Trumped: Comey says Prez is a liar – and admits he's a leaker

gerdesj
Silver badge
Paris Hilton

"My late father in law (a senior legal official) often said Lawyer is the olde Englishe spelling of liar."

Good on your father in law - I'd give him a +1 (insightful or funny) for that. However, without any source apart from my feverish noodle, I would imagine that lawyer is similar to say bombardier or halberdier ie a wielder of law.

I think that nowadays we spell old english "Old English" - no need for the extraneous e suffixes. You could wedge in a Ye as a definite article prefix to indicate antiquity but make sure you use thorn and not y as I have done (I can't find the bloody thing on my keyboard.) I'll leave whether it is Old or Middle English or something else to the experts.

13
8

Life is... pushing all the right buttons on the wrong remote control

gerdesj
Silver badge

"There's a simple solution."

Single with few visitors? Certainly, no kids. 8)

4
0

Fat-thumbed dev slashes Samba security

gerdesj
Silver badge
Linux

Re: Interesting...

Just to spell it out for Debian and derivatives, this will spit out the precise version installed:

$ apt-cache policy samba

Check eg here: https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7494.html

0
0

Last week: 'OpenVPN client is secure!'
This week: 'Unpatched bug in OpenVPN server'

gerdesj
Silver badge

Re: pfSense???

"So I'm quite right in thinking that the pfSense implementation of oVPN isn't affected by this one then?"

That is correct - pfSense has it's own web interface. It only uses the OpenVPN package itself.

0
0

Wannacry: Everything you still need to know because there were so many unanswered Qs

gerdesj
Silver badge

Email

The boke from Spanish Telecom said that an email was the source for them and frankly I believe him.

I really don't believe that SMB shares are exposed on the internet.

Do you know of anyone that does that - expose their fileshares on t'tubes?

0
0

Phishing scum going legit to beat browser warnings

gerdesj
Silver badge

"What is the difference is between Firefox being "released" and Chrome being "rolled out"."

I suppose it could be because Firefox is a dog and Chrome is a fat bastard 8)

(I use both)

5
0
gerdesj
Silver badge

"for free with nothing more than an email address needed"

SSL certs require a domain be registered and have a valid A record, not an email address. This means that significantly more effort is required which slows things down somewhat. It also means that we (the goodies) have more things to look out for to bounce or drop crap.

Free SSL certs are a damn good thing - I use a lot of them myself. Don't confuse encrypted with authenticated.

4
2

Three home security systems found to be vulnerable – if hackers were hiding in bushes

gerdesj
Silver badge

Re: Anything radio has vulnerabilities

"Because wires are so difficult to cut?"

They bloody are given how far underground I put them in conduit, good luck even finding out where they are without some pretty specialist gear. Above ground you'll be needing a pretty large sledge hammer to get through the steel reinforced conc post.

I'll probably notice all that.

4
0

Do we need Windows patch legislation?

gerdesj
Silver badge

"or else all the vendor will placed on a blacklist"

Journalism as a second language? 8)

13
0

Blighty bloke: PC World lost my Mac Mini – and trolled my blog!

gerdesj
Silver badge

Re: Cash on delivery

"you pay the delivery guy"

What? and miss out on the opportunity for the postie to drop kick it over your fence?

1
0

For now, GNU GPL is an enforceable contract, says US federal judge

gerdesj
Silver badge

"But is the GPL an internationally recognised contract?"

Yes it is a major thing in the civilized world.

"if they try and enforce it in places like Russia,"

Where?

3
0

Mozilla to Thunderbird: You can stay here and we may give you cash, but as a couple, it's over

gerdesj
Silver badge

Re: dominate corporate email client is Outlook.

Evolution has a perfectly functional EWS connector I've been using it for years on Linux. It would not be too much of a stretch to port it to Tbird, et voila: choice!

5
0

Cisco patches switch hijacking hole – the one exploited by the CIA

gerdesj
Silver badge
Childcatcher

Yes, sadly

All switches that cost more than say £200 that I know of all have telnet enabled by default. Its bloody crap. It's not as though sshd is expensive - its free!

Mind you, given the calibre of some of the "top end" switch fiddlers that I have come across, I am not surprised. Security Not My Problem seems to be a mantra rather than a character flaw for some.

2
0

How to remote hijack computers using Intel's insecure chips: Just use an empty login string

gerdesj
Silver badge
Childcatcher

Damage limitation

This problem requires some sort of direct network access. If you have a router based on a Dell/HP/IBM/whatever Core i5 or 7 and your WAN connection comes from the NICs that are onboard then this could be an issue for you.

eg, you repurpose an old server system (with AMT) as a pfSense based router and plug an on board nic into WAN. That NIC is not directly accessible by anyone other than your ISP - in theory. Mind you, who knows what is on your ISP's network anyway?

You get the idea.

4
0
gerdesj
Silver badge
Childcatcher

This snag is quite important, so I'll drop this here:

https://lwn.net/SubscriberLink/721586/9fc716f85d5cab39/

6
0
gerdesj
Silver badge
Childcatcher

Re: Pardon me while I throw-up

It is almost impossible to map all states to be honest and if you call external libraries (which is pretty hard to avoid) then you'll have to map those out as well 8) This is a bit of a blinder though, on what must surely be a code path that can be reasonably easily audited. As it is the gatekeeper then surely it shoudl warrant quite a lot of inspection.

Given how face-palmingly obvious it is and how long this has been out there we can assume that lots of cracking has been perpetrated via this channel. It is quite hard to not extrapolate to a conspiracy ...

19
1
gerdesj
Silver badge
Childcatcher

Linux?

The detection tool is for Windows only. Matthew Garrett knows what he's on about:

http://mjg59.dreamwidth.org/48429.html

5
0

Another career suicide as reporter leaves The Register for broadcaster

gerdesj
Silver badge

Bon chance

... mes brave.

You'll be swimming with the sharks now instead of flying with the vultures.

Sharks have teeth - keep yours sharpened.

1
0

'I feel violated': Engineer who pointed out traffic signals flaw fined for 'unlicensed engineering'

gerdesj
Silver badge

Re: Not regulated?

"That's because engineer is a generic term - in the UK, Chartered Engineer is probably what you're looking for."

Unofficially, the capital E is allowed for a shortened form of Chartered status - "Engineer", "engineer" is for the others.

In IT, I generally think of people who call themselves engineers as those who have managed to stop themselves from licking the keyboard. Engineers will at least have had the presence of mind to initiate some sort of health and safety or HACCP investigation before they start licking the keyboard or they will go for the screen instead. Anyone licking the mouse is obviously a user and not an engineer.

6
0

BOFH: This is your last chance. After this, there is no turning back

gerdesj
Silver badge
Thumb Up

Luckily ...

... I'm working from home. I nearly had to change my trousers after reading this episode. It needs a NSFW tag on it to avoid coffee splattered monitors and keyboards.

Could be a classic in years to come.

(Yes, reading el Reg *is* work)

20
0

China 'hacked' South Korea to wreck Star Wars missile shield

gerdesj
Silver badge

Network traffic

The funny thing about network traffic is you can't see it unless you bother. I wonder how many people who read this comment actually capture WAN traffic, let alone LAN, let alone actually analyze it.

If you do, then you might be qualified to comment on the article. Me? - meh - I'm not up to speed on the politics.

3
1

Wait – we can explain, says Moby, er, Docker amid rebrand meltdown

gerdesj
Silver badge

Upstreaming

"using Git terminology"

The term upstreaming pre-dates Git somewhat - bloody kids.

4
0

Doctor Who-inspired proxy transmogrifies politically sensitive web to avoid gov censorship

gerdesj
Silver badge
Childcatcher

"North Korea, China etc will just blacklist the so-called 'friendly' ISP's "

The blacklist for most Norks even allowed to see a computer is effectively !RFC1918. Basically the entire country languishes in an intranet.

4
0
gerdesj
Silver badge
Childcatcher

Re: Double edged?

"Could the software be used to frame someone? e.g. making entirely innocent content have the same profile as $notallowedcontent?"

The traffic streams could be made to look naughty at many external points but the browser cache would show legit content. If the state/ISP was going to frame someone they could simply fabricate evidence in the old fashioned way, or simply not bother and make it up.

What this thing does is try to allow someone to remain cloaked without looking obvious. VPNs are the usual cloak of choice but they do stand out, as do things like IP over DNS and other cunning ideas.

4
0

Super Cali goes ballistic, Uber drivers are stocious (allegedly!)

gerdesj
Silver badge

Re: Just when you think that it cannot get any worse at Uber........

"Thumbs up for the Mary Poppins reference"

We've got two for the price of one. Don't forget number five here:

https://www.theguardian.com/sport/blog/2008/dec/12/joy-of-six-headlines

0
0
gerdesj
Silver badge

Re: Stocious

Yay, the regular Super Cali headline 8) It's the gift that keeps on giving. Combine that with a large US state that can be shortened to Cali where weird shit and lots of other stuff happens and it will be a regular for the foreseeable future.

It's up there with the Private Eye "does anyone have a picture of an older man with a younger lady" for longevity but this one needs a bit of imagination to contort the headline according to the formula.

Wedging "stocious" in there is a work of near genius.

2
0

Payday lender Wonga admits to data breach

gerdesj
Silver badge

Re: APR! = interest

"Wonga's apr is undoubtedly very high but the apr calculation is complicated and designed to enable consumers to compare similar products on a like for like basis and is skewed when it is applied to something like short term finance as it is comparing it to 25 year mortgages and everything in between."

"I think for a 30 day loan of 1000 the amount to repay is around 1200 so a true interest rate of nearer 20%."

Try playing with the sliders on this: https://www.wonga.com/ eg borrow £400 for 31 days and payback nearly £500. Bargain! Note the thin white writing to the right of the illustration - ie you are up shit creek if you follow this path.

0
0

Customer satisfaction is our highest priority… OK, maybe second-highest… or third...

gerdesj
Silver badge

Re: BS 5216C:2005 Proof correction marks (Pack of 20)

"five of the loopy deletion mark"

It's a (ancient Greek) lowercase delta. If you ever come across a decently involved maths paper, you'll probably need a lie down and a lot of dried frog pills.

1
0

New plastic banknote plans now upsetting environmental campaigners

gerdesj
Silver badge

Re: One fairly serious alternative is ...

"Ghee"

How the heck did you get it in the tank? The stuff is solid unless you live in Death Valley. Spoon it in?

Why am I even asking this ... you did THAT for a bet! Around here we normally resort to spoofing for a round, in the bar. I hate think what you guys get up to when you get really hammered 8)

2
0

Bloke is paid to scour hashtags for threats, spots civil rights boss's tweets, gets fired, sues

gerdesj
Silver badge

Re: Oh what a tangled web we weave ...

"[1] I'd love to see a balestra lunge done with a 20KG maul.."

If you could hold a maul one handed and manage a lunge with the heavy end forwards then the target would probably only need one hit 8)

0
0
gerdesj
Silver badge
Holmes

Re: Oh what a tangled web we weave ...

I would have written my own comment, but I got confused as to where my ire should be directed, so I'm opting out.

You have hit the nail on the head with a fencing maul.

Beautifully played.

12
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017