Re: Great!! So we can all slag off the Register whatever their T's n C's say
I love that some people don't even get the question, let alone the answer! Hahahaha............oh my lord!!!!!!!!! \i'm falling off my chair
129 posts • joined 1 Jun 2010
I love that some people don't even get the question, let alone the answer! Hahahaha............oh my lord!!!!!!!!! \i'm falling off my chair
>> in the modern world where common sense has been removed and things are solely based on the accountants "lowest cost option" the companies set themselves up for this sort of situation
And in that world, it follows that there are individuals and companies which exist solely to post convincing fake reviews - the profits are enormous. Online reviews are entirely meaningless.
I take this line: If a company opts to sue for extremely thorough, independent, open, and free testing of its product, then it is insane and therefore to be avoided at all costs.
>>what's wrong with making money?
Nothing at all. But I said "..._just_ making money...". IMHO there's something wrong with humans who have that as their primary motivation. (Having said that, I suspect it probably wasn't Bill's primary motivation either, to begin with.) He's clearly a very bright guy. But he could have used that intelligence to improve the IT ecosystem for everyone. But he didn't. Instead, he made it a whole shedload worse, unimaginably worse, which, as stated, I find sad.
'Bill Gates says.............'
Why do we listen to this privileged pr'ck? Oh yea, he's rich. He's a rich tw't who was in the right place at the right time... to make money. He was not the least interested in improving the science and technology of computing, (which he hasn't), just making money, (which... yea... yea).
And that in my view, makes him a sad little man. Good hair though, for his age.
>>The consequence of higher peak and lower off-peak rates is that there is a magic proportion of power you have to use off peak to be better off.
I had a flat *in* Leeds, which had E7 with the original big chunky storage rads, the real deal. There was no gas, I was out all day, so the arrangement worked pretty well. I sold it, and later was shown around by the proud new owner. He demonstrated his 'app', which allowed him to monitor the consumption of his funky new standard convector panel heaters... no storage in sight and still on E7. I didn't have the heart to explain.
What an embarrassing wasted morning that was: on a new contract in Austria, I entered a default password, prior to a boot script changing the input language to German. To this day, I have to occasionally type 'Vozager123' to gain entry. Confound those Germans and their tricky keyboard mappings...
I heard the interview. It was striking - the interviewer understood the issues for a change. Hannigan was honest about the problem and its complexity. And basically he said what we've known for ages - it's not the data. It's the metadata which matters: who's connecting to whom.
When crypto can reliably hide your end points, things will start getting interesting again…
Also, 'ESTABLISHES PERSISTENCY'.
Is persistency the same as persistence? How about 'CREATES SELF-NON-VOLATILITENCY'?
>> but it would have been far more impressive had they pulled off the same trick against an x86 server running a busy workload
Indeed, but that's not the application at hand. Crypto is increasingly being done on small systems, smart cards, access control, IoT applications, etc. That's where the problem lies. So it's not clickbait, it's a real issue.
ARM, yes indeed, so embedded.
Most of the focus on securing high end embedded devices in e.g. smart cards, is now about disguising crypto activity. Such an application avoids using CPU crypto instructions (of which ARM has many). It will just wait on a reply from the dedicated crypto block, which is designed to emit a constant/ pseudo random noise and current consumption signature.
>>What a load of crap
Yea, 'cos anyone trying to warn up front of problems is a doom-mongering moron. Bit like those pesky fire regulators. I bet they're all remainers too, right? It's not like the emergency services or communications, or stretched NHS workers, or anyone who actually does a real job depend on sat nav in any way, right?
When IT manages to reliably construct large scale systems which actually work, instead of the repeated fiascos sucking tax payer dollars, then it'll have time to snipe.
For now, I'd keep a low profile. Sadly, It's not like govt. will take any notice, they seem to have rather a lot on. So no need to pooh your pants.
I think the analysis of failure is spot on. But we're missing the fact that one system is ‘high availability’, the other ‘safety critical’. Only reputation died at BA.
Ironically, the reasons for the failure are identical. But the bigger fault lies with NASA, by far. From what I remember, they *did* rip out and start again... which worked.... until Columbia.
Complexity is hard, and harder to manage, which is why managers don't do it.
The British Official Monster Raving Loony party is already fully across the AC issue. Manifesto proposal number 1. Cool on the outside:
To combat global warming and climate change all buildings should be fitted with air conditioning units on the outside.
"Twenty-two senators wrote a letter to the president when he was said to be on the fence about backing out. They received more than $10m from oil, gas and coal companies the past three election cycles"
James Inhofe, Oklahoma
Oil & gas: $465,950
John Barrasso, Wyoming
Oil & gas: $458,466
Mitch McConnell, Kentucky
Oil & gas: $1,180,384
John Cornyn, Texas
Oil & gas: $1,101,456
Roy Blunt, Missouri
Oil & gas: $353,864
Roger Wicker, Mississippi
Oil & gas: $198,816
Michael Enzi, Wyoming
Oil & gas: $211,083
Mike Crapo, Idaho
Oil & gas: $110,250
Jim Risch, Idaho
Oil & gas: $123,850
Thad Cochran, Mississippi
Oil & gas: $276,905
Mike Rounds, South Dakota
Oil & gas: $201,900
Rand Paul, Kentucky
Oil & gas: $170,215
John Boozman, Arkansas
Oil & gas: $147,930
Richard Shelby, Alabama
Oil & gas: $60,150
Luther Strange, Alabama
(Appointed in 2017, running in 2017 special election)
Orrin Hatch, Utah
Oil & gas: $446,250
Mike Lee, Utah
Oil & gas: $231,520
Ted Cruz, Texas
Oil & gas: $2,465,910
David Perdue, Georgia
Oil & gas: $184,250
Thom Tillis, North Carolina
Oil & gas: $263,400
Tim Scott, South Carolina
Oil & gas: $490,076
Pat Roberts, Kansas
Oil & gas: $388,950
Sum total for all 22 Republican signatories: $10,694,284
>> run c:\> start c:\$MFT\123 but I did that too and only a message box was shown wit a red x icon and ["Windows cannot find 'c:\$MFT\123'
Now repeat the command. I'm on 7. The first time, I too get 'not found', and no other symptom. But if I enter it again, the machine locks up.
OK suckers, here's watt I think:
For a hoover, efficiency is suckage per watt, per volume of dirt sucked.
The test should suck a calibrated volume of dirt, and measure energy used and time taken.
"A sensor puts the Siemens Q8.0 and Bosch GL80 models into low power mode in pristine conditions – such as a lab test – then ramps it up again for everyday use."
So it's clearly a defeat device, as per VW. What other function can it have?
I like Dysons - they're big and shiny.
'Traditional' Big IT is going from bad to worse. I predict the following: Google and their 'AI' algos. will step into this bleak, tumble weed, money sucking void. And Govt. will sigh with relief. Why? Because nobody in trad. Big IT has a f'cking clue how to make things better. Whining and whinging about how ignorant Govt. is changes nothing. Trad. Big IT has no f'king clue either. So, Google, bring it on. And we only have ourselves to blame.
Now, back to the snooker, which is also a bit crap.
Really? That's what you pick out of this story? Get a grip.
"Juicero’s mission is to make it dramatically easier and more enjoyable to consume more fresh, raw fruits and vegetables, and that’s a really tough nut to crack. "
...said in all seriousness. I think we know where the nuts went.
>>In fact you could offload the display to your phone or your watch.
...which is how IoT will eventually come of age: 1) a tiny local (bendy?) processor, low electrical and compute power, but with some HW crypto blocks and sensor interfacing, loosely coupled to 2) an arbitrarily complex display/GUI device - smart phone, lappy etc.
Until then, we can all sit back and enjoy the complete f'kwit entertainment show :0
>>Tesla were the first to prove to the Prius socks and sandals brigade that you could go electric without becoming the equivalent of a slow cyclist in the bus lane to traffic around you and actually have fun doing so <<
I agree with all that. Tesla proved 'buttock clenching' could go electric, and beat petrol at its own game, and hats off.
But the craziness is not about that. It's about the guaranteed insecurity and unreliability of the equivalent of a smart phone. This is a f'kin car, not Angry Birds. Why didn't Tesla stop with the buttock clenching thing? Why have they spoiled it with all the kiddy app/smart phone garbage?
They pushed too far and now are in danger of wrecking the whole thing, which is a shame. It also distracts from what really matters - the drivetrain, battery, etc etc. Just focus the f'k on that.
Is there some serious, open, detailed security analysis of these things? If not, then history tells us they *are* vulnerable. Presumably they use embedded 'secret' keys? And how is all that managed at the other end? Also, lots of other standard questions on proprietary ‘security’...
People, you're getting too hung up on the detail - there's only one news story here:
Hmmm. Arnie, he buy big, shiny, electric car. Hmmm. Arnie good. Hmmm. Big, shiny, electric car good. Hmmm. Me want big, shiny, electric car too.
>>reserved for freeloading scum who would never pay and pay and pay, but would just get one measily OEM license and keep it until the hardware died.
You mean like, I buy a product, and just expect the f'king thing to work....... Wow. Now there's radical. It'll never catch on.
Goddamn it - giving me stuff to think about which *matters*. I didn't go into IT for that.
>>because that money has to last 20-30 years in the field without any kind of maintenance.
Where did get those lifetimes? They are crazily optimistic.
How long does money last? That depends on the denomination of the note. A $1 bill lasts 18 months; $5 bill, two years; $10 bill, three years; $20 bill, four years; and $50 and $100 bills, nine years. Bills that get worn out from everyday use are taken out of circulation and replaced.
>>I too wonder how long it takes for those loony eco-warriers to work out
You sound like a Daily Mail reader from, let's say, the 1980s. Things have moved on. Someone screwed up by not foreseeing this mess. Yes, they screwed up.
>>and similar SANE reasons...
And now back in the real world...
I can only hope that after they factored in the potential costs of cleaning up the PR+social media mess and probable reformulation, it was still worth the risk of starting with tallow.
That's sanity, but I doubt that's what happened.
>>there is a trace of tallow in the polymer pellets used in the base substrate of the polymer
1) Why tallow - is there no synthetic option?
2) Why didn't the people who decide these things foresee the inevitable fuss?
Maybe a page was missing from the requirements spec.
"Qualcomm's been bitten by the bounty bug, signing on with HackerOne to offer up to US$15,000 for vulnerabilities in modems and processors."
The Qualcomm link:
"In order to be considered for a reward, submissions must correspond to certain types of software running on specific hardware."
Strictly it's not vulnerabilities in processors, although the boundaries are becoming increasingly blurred, what with microcode updates and other such distopian nightmares from the pits of hell.
>> to get away from mob justice from dicks like you.
Absolutely right. AC what a pillock.
Me, I'd give the teen a job, and mould him for my own nefarious purposes... And no, not that.
>>Didn't the IETF bloke just say stop making up new protocols to do the same thing? Same goes for libraries.
No. The protocol is the abstract behaviour e.g.
RFC: 793 TRANSMISSION CONTROL PROTOCOL
Only one of those is required (plus multiple revisions!).
The 'library' is the implementation. And there can can be thousands of those, depending on detailed platform requirements.
Unfortunately, in the security sphere, both the protocol and the implementation matter, which is why it's hard.
Is this different in nature from what has gone before? This is a mass random ability to extract cash from a huge number of accounts. This is not some jerk clicking on a dodgy email. Is it a zero day on the 2 factor authentication system? Are all the affected accounts accessed by mobile?
The frustrating thing is that we will never be told the detail. Whistleblowers blow, stop sucking.
I'm old and sad enough to remember trolls destroying comp.lang.c, in the late 90s. Back then, it was a venerable, respected font of knowledge, before StackExchange, where old school, real computer science people hung out. The arrival of the trolls was quite shocking. The arguments against the experts, and against long established principles and 'truth' were disturbing. It was the sheer effort the trolls put into their attacks, which made it different and new.
"Argument is an intellectual process. Contradiction is just the automatic gainsaying of anything the other person says."
"No it's not."
"Yes it is.”
But the trolls were not contradicting. They were arguing, but they were wrong. It was a good lesson in what was to come.
That's one creeping feature too many: a few excess uS spent in the MM thread, and the PFC thread will cause a major puff of smoke! Ahhh... those far off days of 'proper engineering'...
>>I think you are missing the whole point.
No, you are.
Being forced to stand opposite some hippy cretin wearing a "Tube Chat?" badge would massively increase social anxiety.
(Back in the day, social anxiety was known as the desire to 'punch someone in the face and run the f'k away' when they got too close, or worse, attempted any form of social interaction.)
>>6502 assembly language glitch...
>>...and in turn to overwrite memory used for other game functions, in effect "breaking" the game
These days, we use advanced, high level languages like C to do exactly the same thing...
Absof'kinlutely. I worked on GSM mobiles, way back when Japan came to the UK just to get the application processor to talk to the DSP. The West now goes East for an order of magnitude higher level hardcore smarts. Wow. How it's all turned around.
ᗅᗺᗷᗅ, not ABBA.
>>but sometimes doing things the right way gets compromised due to wanting to >>drive down cost...i.e. making the payment terminals cheaper.
Yes, and also compromised by inappropriate speed optimisations: an extra 13 digits to create a properly safe MAC, all going over NFC, could be seen as taking a few ms too many. Usability always trumps good security.
This is fun - it's a fair bet Apple use the same system.
>>If you use ‘smart’ Bluetooth locks, you're asking to be burgled
It's funny because it's true.
>>it has TWO, read em, TWO functions. On and Off,
For a bit of romance, it's sometimes useful to set something in-between...
The anger can be focussed far more widely than IoT. I don't want to go all hippy, but since consumer culture began, we've been buying crap we don't need. This is just one more insane example.
Also, security is not done well on PCs. So why would we expect it to be done well on IoT, which has huge platform constraints?
This whole thing was inevitable, like the next financial crash.
/> Hippy mode off.
>>These devices (and I have some myself) are behind firewalls
And so is your computer, so that's ok then. What *can* everyone be worried about. Beats me.
Add that to the list of ludicrous Bluetooth applications, along with the BT padlock and BT electric toothbrush.
Being bored one day, I used Amazon Customer Questions & Answers forum to ask if the toothbrush also has Ethernet. I was earnestly and with great sincerity informed "No, sorry, it does not."
>>Leavine Family Racing (CSLFR) has admitted paying off ransomware runners after one of its main test computers got infected with Truecrypt malware.
That's TeslaCrypt, not Truecrypt.
But Babbage dreamt of a mechanical same thing:
The Analytical Engine incorporated an arithmetic logic unit, control flow in the form of conditional branching and loops, and integrated memory, making it the first design for a general-purpose computer that could be described in modern terms as Turing-complete. In other words, the logical structure of the Analytical Engine was essentially the same as that which has dominated computer design in the electronic era.
Babbage been there, done that, (in theory).
Create a .js file containing:
and just click on it in Windows Explorer. The rest follows.
'Windows Script Host' execution environment is enabled by default because it lets people 'do stuff'.
>>takes up his entire living room!
...not to mention life.
>>just over 11 transistors per RAM bit
Discrete - that is seriously impressive.
Good Luck to all obsessive hobbyists - that's how the ball gets rolling.
Can you say Boutiqueers? I don't think that's allowed these days - depending on where you stress the syllables.
Siemens Healthcare has long been a laughing stock- so I guess this insanity suits.
Biting the hand that feeds IT © 1998–2017