* Posts by MacroRodent

1449 posts • joined 18 May 2007

Page:

PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted

MacroRodent Silver badge

Re: "basically operated by one volunteer in charge of a small team of volunteers"

Or Linus on Linux ?

The team Linux is "lording over" isn't exactly small these days, and he is also no more such a critical resource many people think he is. Recall he took a longer leave last year, and his "lieutenants" kept things chugging along.

Can't do it the US way? Then we'll do it Huawei – and roll our own mobile operating system

MacroRodent Silver badge

Tizen Re: I suspect its a clone of Android

Samsung's Tizen didn't maintain compatibility and so hasn't really gone anywhere.

If both Samsung and Huawei started pushing Tizen, it could become the new standard with surprising speed! between them these companies are responsible for about third of the mobile phone sales.

Haha! Conformist 'Droids! Yep, that's what's most profitable these days, says Nokia

MacroRodent Silver badge

Re: Slight correction

Yes, but the wording is bad. Nokia the company still exists, is going strong, and has no stinking custodian. It irks me The Register keeps spreading the confusion (granted, other media often do so too, but we expect better of The Register, don't we?).

Ready for another fright? Spectre flaws in today's computer chips can be exploited to hide, run stealthy malware

MacroRodent Silver badge

I wonder if ghosts

... really are speculatively executed life?

Fool ML once, shame on you. Fool ML twice, shame on... the AI dev? If you can hoodwink one model, you may be able to trick many more

MacroRodent Silver badge

Datasets

Isn't there also a tendency to train AI:s with publicly available datasets like ImageNet? An attacker can improve his changes by using the same dataset to train his test adversary.

WWW = Woeful, er, winternet wendering? CERN browser rebuilt after 30 years barely recognizes modern web

MacroRodent Silver badge

Re: Eh, it's pre-CSS

I think it just did gif and that was it... or am I senile already?

GIF and X bitmaps. The latter was a textual image format common on the X11 window system at the time, really like a C header file that contains the bits in an initialized array, and #define:s giving the dimensions. So you could #include the file in your C program, and pass the array to a X11 drawing routine!

Return of the audio format wars and other money-making scams

MacroRodent Silver badge

Re: @Stumpy- MiniDisk? Bah!

Didn't someone already scan old 78 rpm disks into pictures, and then convert into sound? With optical scanning one could reconstruct how the groove squigled before scratches and dust.

Roses are red, this is sublime: We fed OpenAI's latest chat bot a classic Reg headline

MacroRodent Silver badge
Thumb Down

Premature fears

Article: OpenAI says it is withholding portions of the software to prevent it being abused to automatically churn out the equivalent of deep fake videos for the written word

Judging by the samples, a very, very premature concern. A human would do a much better job of faking someone's writing. In fact, this "AI" is very far from fooling anyone who reads more than a few paragraphs of the output.

Object-recognition AI – the dumb program's idea of a smart program: How neural nets are really just looking at textures

MacroRodent Silver badge

Re: "It's fake smart."

One often gets into similar situations in Finland. I would say a camera as typically installed has more problems than a human in the driver's seat. The combination of two eyes and head movement makes it easier to separate the snow from the real scene. But ultimately one must drive slover and remember that in snow, a car starts behaving more like a boat. Turning the wheel or braking has a delayed effect.

Fun fact: GPS uses 10 bits to store the week. That means it runs out... oh heck – April 6, 2019

MacroRodent Silver badge

Re: GPS is not this day and age

The ZX80 was limited even for its time, to keep the cost very low. Other home computers at the time had 4k or more RAM.

Patch this run(DM)c Docker flaw or you be illin'... Tricky containers can root host boxes. It's like that – and that's the way it is

MacroRodent Silver badge

Docker security

Actually, a couple of years ago, when first learning about Docker, I encountered various documents online warning that one should not rely on Docker providing any tight security isolation, due to the way it was implemented. In any case security was not the purpose of Docker. It was just meant to provide a self-contained service, to get rid of dependency Hell.

I sort of assumed security was fixed later (have not followed closely) as Docker became popular, but apparently not.

LibreOffice 6.2 is here: Running up a Tab at the NotebookBar? You can turn it all off if you want

MacroRodent Silver badge

Re: I remember when...

Speaking of paper sizes, I remember the first released version of OpenOffice could not actually print (the relevant module probably contained some 3.party code that could not be open-sourced, and needed a rewrite). Of course, that was fixed soon, but it was a case or "release early" taken a bit too far.

MacroRodent Silver badge

Re: 646464

> You can always use the x32 ABI to make 64bit programs only use 32bit pointers.

The kernel developers have discussed removing the x32 ABI (see https://lwn.net/Articles/774734/ ) since practically nobody uses it.

MacroRodent Silver badge

Re: 646464

Of course, but I meant a compiler producing code for the same CPU architecture it is running on. Maybe sloppy wording on my behalf. I do know about cross-compiling, having worked on cross-compilers professionally.

MacroRodent Silver badge
Boffin

Re: 646464

By 32-bit compiler, I mean a compiler natively running on a 32-processor, or cross-compiling code for 32-bit processor. On such compilers, "int" and "long" are the same size, at least in all compilers I have used or heard of. (Nothing in the language spec prevents this), On 16-bit systems like the PDP-11 on which C was first implemented, "int" is 16-bit and "long" is 32 bit. Logically, one would have expected "long" to become 64-bit when going to 32-bit processors, but for some reason this was not done. (Probably some backward-compatibility concerns even back then).

The integer size assignment normally used on Linux and Unix systems on 64-bit systems is called LP64, and was chosen by some unix guru cabal back when 64-bit CPUs stated appearing, see http://www.unix.org/version2/whatsnew/lp64_wp.html

MacroRodent Silver badge

Re: 646464

Well, actually native 64 bit code ensures 32 bit cleanliness.

Not quite, I'm afraid. On 64-bit C compilers in Linux, "long" is a 64-bit type. On 32-bit compilers it is a 32-bit type. A developer working only on 64-bit systems will soon assume the 64-bit "long", instead of laboriously writing "long long" which would have the same 64-bit size on both systems.

(I believe 64-bit Windows handles this differently, and keeps "long" 32-bit for just-in-case backward-compatibility, which I think is wimpy).

MacroRodent Silver badge

646464

> Still clinging on to your 32-bit Linux installation? The team warns that after this version there will be no more Linux x86 builds.

No surprise there, major Linux distributions have dropped (or soon will drop) 32-bit builds as well. I expect soon popular software will be so full of "all the world's 64-bit" assumptions that keeping compatibility with 32-bit gets too laborious. Bit like porting software from 32-bit Unix computers to MS-DOS was a major pain back in the past.

LibreOffice patches malicious code-execution bug, Apache OpenOffice – wait for it, wait for it – doesn't

MacroRodent Silver badge

Re: Of course

The only argument for the split was that it was unclear what Oracle was going to do with it

As I remember it, other reasons included difficulty of getting contributions to OpenOffice, and an ultra-painful build system. After the split, the LibreOffice developers did a lot of cleaning up and replaced the build system. As a result, some LibreOffice releases are less bloated and faster than their predecessors, which is practically unheard of in software development!

The cleanups and refactoring probably also make it impossible to consider any common core. At this stage, the best solution is to just rm -rf OpenOffice .

El Reg eyes up Article 13 draft leak: Will new Euro law give Silicon Valley more power? Some lawyers think so

MacroRodent Silver badge

Study relegated to the X-files?

Bootnote: There was a German study that concluded copyright is beneficial up to around 20 years and definitely harmful after that.

Interesting. Never heard about that. Probably suppressed efficiently by the copyright industry...

OK, smarty pants AI. You can beat us humans at video games. But how about real-world puzzles like Jenga? Oh, oh no

MacroRodent Silver badge

Re: OK, I'll bite ...

What use? It is a limited model to help research the issues of making a robot operate in the physical world. The same way games like Chess were used to study more abstract problem solving.

For robots to be useful outside factories, they must be prepared to deal with objects and materials that were not specifically designed to be handled by them.

Holy crappuccino. There's a latte trouble brewing... Bio-boffins reckon 60%+ of coffee species may be doomed

MacroRodent Silver badge

Re: Umm... nope.

Sure, that xkcd graph was certainly smoothed, which is reasonable when presenting trends over 1000:s of years.

VERY well-known post-WWII drama of 30yrs sharp global cooling ...

Where can one see that? A graph from NASA (https://climate.nasa.gov/vital-signs/global-temperature/) shows a little upward peak around WW2, after which the steady upward trend that existed before the war seems to resume.

About the times of William the Conqueror, we already are above the circa-1000 temperatures according to several graphs. Greenland is not yet green again, but it probably is in a few decades. We shall see about the snow in Norfolk. It may get rarer, but on the other hand snowfall is also affected by weather patterns, which may change so that despite the warming, you still get snow in winter. In Helsinki where I live, there actually tends to be more snow if the Gulf of Finland has remained longer uncovered by ice due to a warm autumn. More moisture gets picked up from the open sea compared to an ice-covered one, and falls on the land as snow.

MacroRodent Silver badge

Re: Umm... nope.

Yes, temperatures rise and fall over thousands of years, like in this timeline. But see the jump at the end? After the time industrialisation started big time? Any connection?

https://xkcd.com/1732/

(btw I agree about the desirability of nuclear power)

MacroRodent Silver badge
Thumb Down

Re: Umm... nope.

Why would climateologists do otherwise? They simply follow the money,

If a climate scientist wanted riches, it would actually be far more profitable for him to help the fossil fuel industry prove there is no human-caused warming.

Looming EU copyright rules – tackling Google news article scraping, installing upload filters – under fire from all sides

MacroRodent Silver badge

Ambient music

I don't think any technological solution helps, unless we get a strong AI that totally understands the context. For instance, suppose I shoot a bit of video in a party with some popular hit playing loudly in the background, so that almost nothing else can be heard in the soundtrack. A filter would block it, as the soundtrack would be exactly equivalent to a piece of copyrighted content, but this would be fair use. I did not put the music there, it was part of the natural background. I guess the clip could not be shared unless I removed the sound.

Apple hardware priced so high that no one wants to buy it? It's 1983 all over again

MacroRodent Silver badge

As a dev system?

I seem to recall that in the very early days of the Macintosh, you needed a Lisa to develop any software for it. (This from a some computer magazine article at the time).

Do you feel 'lucky', well, do you, punk? Google faces down magic button patent claim

MacroRodent Silver badge

Re: Was that a good idea?

2017 < 2019

Maybe, maybe not. Around that time, the rules for computing the term of patents in the U.S were changing from the time of granting to the time of filing, and the patent term changed from 17 to 20 years, and existing patents could pick whatever would produce the longest term. And there can be continuations of the filing. So figuring out when a patent expires is not so simple. A system designed to keep lawyers occupied...

MacroRodent Silver badge
Boffin

Re: Yiddish?

Yes, it is a separate Germanic language. Its most famous user was probably the writer Isaac Bashevis Singer, who won the Nobel Prize in Literature in 1978. He wrote the original works in Yiddish and translated them to English himself.

MacroRodent Silver badge

Was that a good idea?

> specifically Joe Belfiore's patent for "Intelligent automatic searching" which he developed while working for Microsoft

So, can MS now sue them next? (Of course it is possible, even likely they have a cross-licencing deal that covers this).

RIP 2019-2019: The first plant to grow on the Moon? Yeah, it's dead already, Chinese admit

MacroRodent Silver badge

Re: Puzzled

There is probably no terrestrial plant that can handle that (aside from perhaps Antarctic lichens, but they aren't plants, strictly speaking). In northern latitudes, many plants survive winter, but the temperatures never get as low as in the lunar night, and they prepare for it during the summer and autumn: drop leaves and pump valuable stuff to roots like most trees do, or it is only the root system that survives.

Seeds might survive, but in the Chinese experiment these apparently had already germinated.

So their can is full of totally dead things by Lunar morning.

Oh, SSH, IT please see this: Malicious servers can fsck with your PC's files during scp slurps

MacroRodent Silver badge

The sound of a ball dropping.

Quite a ghastly problem in software one relies to transfer files safely. In particular, I am disappointed no official OpenSSH fix has been released, even though they have known about this for months, they at least used to have a very good reputation in security.

Wanted – have you seen this MAC address: f8:e0:79:af:57:eb? German cops appeal for logs in bomb probe

MacroRodent Silver badge
WTF?

Re: Am i being thick...

I was about to ask the same thing (but then, I may be thick also, at least if you ask my missus).

Typical! You wait ages for a fast radio burst from outer space, and suddenly 13 show up

MacroRodent Silver badge

> I'm presuming they don't need to worry about a forced windows 10 creators update..

Don't worry, massive scientific computations like that a usually run on Linux.

My 2019 resolution? Not to buy any of THIS rubbish

MacroRodent Silver badge

The Playmobil angle

> Choose-your-own-adventure entertainment

Yes, the Black Mirror episode was a bit underwhelming (a bit fun when you choose the "sign" on the main characters screen to be "Netflics"). There was a Playmobil film about pirates that implemented this idea just as well on a DVD, had it once borrowed for the family.

Apple blew my mind – literally, says woman: MagSafe plug sparked face-torching blaze, lawsuit claims

MacroRodent Silver badge

Re: Her Lawyer quite obviously studied chemistry in the US education system

> The mask itself, likely made from a plastic polymer of some sort, would be a fine ignition source.

Doesn't this mean the real problem is the material of the mask? It should have been made of something that does not burn in pure oxygen.

Heard the one where the boss calls in an Oracle consultant who couldn't fix the database?

MacroRodent Silver badge

Re: The Hot Shot Database Team

Reminds me of the about only SQL application I made, calling MySQL from a command-line program. Fairly simple, just two or three tables. One operation was entering a lot of record from a file into the tables. Worked fine and quickly locally for even a quite large file. Released it and soon people from a China office complained the enter from file operation took hours. Turned out the latency killed it, the db was in Finland, so each MySQL command paused for the round trip, waiting for response, and several were needed per each entry! But fortunately I found a fix that made the speed tolerable: pack the per-entry operations into a stored procedure, and call that with the data to be entered. It was also possible to send several (around hundred) of these calls in one MySQL api call.

Slap for Slack chat app after US, Canada chaps zapped in Iranian IP address map whack

MacroRodent Silver badge

Re: Weaponizing potential

Isn't Slack just a chat client? Something that should be implementable in a megabyte or two, even if you write it in Java.

A few reasons why cops haven't immediately shot down London Gatwick airport drone menace

MacroRodent Silver badge

Re: How about a high power laser burst ?

How about focused microwaves? Would fry the electronics -> drone falls.

Silent night, social fight: Is Instagram the new Facebook for pro-Trump Russian propagandists?

MacroRodent Silver badge

Petrol on flames

The propaganda did not create the divisive issues, but it certainly did its best to inflame them, and manipulate the discussion. If an arsonist sets a house on fire, a bystander is guilty too, if he proceeds to pour petrol on the flames.

Apple iPhone X screen falls short of promises, lawsuit says

MacroRodent Silver badge

Re: Does anyone have eyes that good?

And in any case the display quality is one of the very few things about a phone you can judge by your eyes before buying it.

Boffins build blazing battery bonfire

MacroRodent Silver badge

Re: Interesting idea

without climate change, most climate researchers would not have a job

Unlikely. There were climate researchers long before this became a hot item. Hard to say how much it has affected the number of persons working on it, but I doubt it has even doubled or something like that. By contrast, without homeopathy there would be no homeopathists at all. Another difference is that climatology is a science, where evidence makes or breaks theories. Not like pseudosciences, where "researchers" concentrate on confirming the particular fallacy. If global temperatures started falling, and it would continue falling for years, the climatologists would eventually admit they were wrong. But nothing would convince homeopathists that all they see is at best the placebo effect.

MacroRodent Silver badge

Re: Interesting idea

1/ : yes. While truth is not determined by majority vote, I find it completely absurd to believe 99.9% of climate researchers have been persuaded to join a global conspiracy promoting a fake climate change problem.

Now you, too, can snoop on mobe users from 3G to 5G with a Raspberry Pi and €1,100 of gizmos

MacroRodent Silver badge

Acronyms

Seriously? I didn't notice, but then, I work with telecom where documents very nearly consist of acronyms only...

Sysadmin’s plan to manage system config changes backfires spectacularly

MacroRodent Silver badge

Re: SCCS hits you

Tag expansion also happens in RCS, CVS and Subversion (in the latter it has to be enabled in the properties of the file). The difference is that the tag trigger notation in these ($id: ,,,,$ and some others) stays in the file, in SCCS the magic strings expand to version numbers without the triggering character sequence.

Git lost this feature, because it is seriously contrary to its idea of identifying versions with a hash of the file contents. Expanding a version tag would make the file be of a different version in the eyes of Git. A loss, because the embedded file version numbers have often saved my sanity by allowing a compiled program identify what file versions it has been put together from.

MacroRodent Silver badge

SCCS hits you

The version control system must have been SCCS, which was for years the standard tool for this on Unix. It has this weird default of removing the edited copy of the file when you check in the changes. There is an option to immediately check out the read-only copy, but it is not the default behaviour.

Google internal revolt grows as search-engine Spartacuses prepare strike over China

MacroRodent Silver badge

Fork in the road

This is just one example of the grand challenge western civilization is facing now. Do we have the guts to stick to the hard-won principles of human rights and the rule of law, or do we sell them for a bowl of soup, like Esau in the Bible?

[Gets down from the soap-box, picks up the sign saying "Repent!"]

GCHQ pushes for 'virtual crocodile clips' on chat apps – the ability to silently slip into private encrypted comms

MacroRodent Silver badge

Re: End-to-End and Open Source

Exactly. It is not proper end-to-end encryption, if someone can silently add a middleman or a "virtual crocodile clip".

Boeing 737 pilots battled confused safety system that plunged aircraft to their deaths – black box

MacroRodent Silver badge

Re: Lack of systems thinking

How do you know that 2 sensors malfunction if they show reasonably close values? True story, happened to an Airbus A321 in 2014.

A really tough problem. Perhaps using sensors of different design, hoping that if they fail, they don't fail in quite the same way?

MacroRodent Silver badge

Re: Hey software, get the fuck out of the way!

Sounds like that angle of attack sensor should be triplicated. How else can the software decide which sensor is bad, if both produce plausible values (one being wrong, but not impossibly so).

- And the same for goes for all other safety-critical sensors.

Forget DeepFakes. This robo-Rembrandt with AI for brains is not bad at knocking off paintings

MacroRodent Silver badge

Re: I have zero problems

Paintings are three dimensional objects and a photograph rarely does them justice.

Depends on the style. Old masters worked with very thin paint layers, and their works are pretty much 2-dimensional unless viewed with a magnifying glass. Slapping on lots of paint became fashionable only in the 19th century.

Even then, a well-made photographic copy, especial if printed on canvas and framed, is very convincing from some distance.

Check your repos... Crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week)

MacroRodent Silver badge

Re: Javascript

> Much as I dislike Javascript, how is this specific to Javascript? This could have just as easily been an obscure Perl module or C library that is a dependency for something widely used.

Could hit Perl, perhaps, but in the case of C (or C++) there is no tradition of automatically pulling dependencies off the web whenever you build. Your program typically depends only on libraries that either are part of the platform, or ones that you explicitly install beforehand. In the latter case they usually come from a vendor, or (typically in Linux or BSD) from the curated and digitally signed collection of packages the distribution maintains. These mechanisms make slipping bad code in harder (Not impossible, but much harder).

Page:

Biting the hand that feeds IT © 1998–2019