Re: Lottery winners earn more than you.
>>and went back to their day job
...or killed themselves. There is no sufficient reward for debugging other people's (peoples'.....?) crap code.
142 posts • joined 1 Jun 2010
>>and went back to their day job
...or killed themselves. There is no sufficient reward for debugging other people's (peoples'.....?) crap code.
Also, "Nigel Farage suggests UK may need second Brexit referendum to settle question of EU membership...."
Can this really be anything-can-happen Thursday?
>> Is that why Intel used MINIX for their other 2017-security-related-disaster ?
Intel security team meeting held back in the day, (all records erased):
"Guys, the lawyers say we're clean on any old x86 garbage. But the NSA access path - that's gotta be rock solid."
>Now will people believe me ?
I won't believe you, because you sound like a 'holier-than-thou' bellend. Just whinging on about how crap everything is helps nobody.
It's pretty obvious that if we're serious about security, we need open hardware *and* software. The question is how to get there with the hardware.
>> no-one gives a fuck about the Trimleys.
Worked at Schlumberger 1994-96. We had Mosaic and we were all in shock and aaawwwwwe. And yea, I can attest to the lack of f'ck about the Trimleys, even then. But because of that, I always imagined Suffolk had great Internet. Wrong it seems, unless you're a dirty energy monster.
I now have unreliable Internet, rather than low speed, caused by audible crap on the landline. The fault is 'intermittently persistent' and very annoying when the DSL connection drops just as the F1 lights go out.
The ISP tells me "If Outreach call, and they don't find the problem, we'll charge you." And I now say "I just don't give a flying f'ck any more....." and arrange Freesat.
Everyone's got a story.
Or a gambler.
OOps autocorrect - I think you mean autonomous.
But yea, no driver required. The ME is so powerful it doesn't depend on some piffling little driver. It is omnipotent. My Dell has a new BIOS version specifically to disable ME. Lucky ME.
>Give 1,000 monkeys typewriters, they'll write Shakespeare.
Question is, how long would it take before they write "Hey, hey, we're the Monkees."?
So is fake fake news, news?
We come for the angle, not the order. If you don't get that, one has to ask... why are you here? Alexa?
"Patching is already well under way."
There seems to be debate about whether the router and client both need patching. In a domestic setting, (DSL router serving pcs and phones), do we need to hassle the ISP for new router FW?
Once upon a time, we searched for ET. Ahhh innocent bygone days.
" this writer was asked to enter the 11th digit of a password to an online account that only contained nine characters."
This probably stems from another frequent failure in password specification. They always specify n_charsmin, but very rarely n_charsmax. Isn't it time there was a standard for this stuff?
I love that some people don't even get the question, let alone the answer! Hahahaha............oh my lord!!!!!!!!! \i'm falling off my chair
>> in the modern world where common sense has been removed and things are solely based on the accountants "lowest cost option" the companies set themselves up for this sort of situation
And in that world, it follows that there are individuals and companies which exist solely to post convincing fake reviews - the profits are enormous. Online reviews are entirely meaningless.
I take this line: If a company opts to sue for extremely thorough, independent, open, and free testing of its product, then it is insane and therefore to be avoided at all costs.
>>what's wrong with making money?
Nothing at all. But I said "..._just_ making money...". IMHO there's something wrong with humans who have that as their primary motivation. (Having said that, I suspect it probably wasn't Bill's primary motivation either, to begin with.) He's clearly a very bright guy. But he could have used that intelligence to improve the IT ecosystem for everyone. But he didn't. Instead, he made it a whole shedload worse, unimaginably worse, which, as stated, I find sad.
'Bill Gates says.............'
Why do we listen to this privileged pr'ck? Oh yea, he's rich. He's a rich tw't who was in the right place at the right time... to make money. He was not the least interested in improving the science and technology of computing, (which he hasn't), just making money, (which... yea... yea).
And that in my view, makes him a sad little man. Good hair though, for his age.
>>The consequence of higher peak and lower off-peak rates is that there is a magic proportion of power you have to use off peak to be better off.
I had a flat *in* Leeds, which had E7 with the original big chunky storage rads, the real deal. There was no gas, I was out all day, so the arrangement worked pretty well. I sold it, and later was shown around by the proud new owner. He demonstrated his 'app', which allowed him to monitor the consumption of his funky new standard convector panel heaters... no storage in sight and still on E7. I didn't have the heart to explain.
What an embarrassing wasted morning that was: on a new contract in Austria, I entered a default password, prior to a boot script changing the input language to German. To this day, I have to occasionally type 'Vozager123' to gain entry. Confound those Germans and their tricky keyboard mappings...
I heard the interview. It was striking - the interviewer understood the issues for a change. Hannigan was honest about the problem and its complexity. And basically he said what we've known for ages - it's not the data. It's the metadata which matters: who's connecting to whom.
When crypto can reliably hide your end points, things will start getting interesting again…
Also, 'ESTABLISHES PERSISTENCY'.
Is persistency the same as persistence? How about 'CREATES SELF-NON-VOLATILITENCY'?
>> but it would have been far more impressive had they pulled off the same trick against an x86 server running a busy workload
Indeed, but that's not the application at hand. Crypto is increasingly being done on small systems, smart cards, access control, IoT applications, etc. That's where the problem lies. So it's not clickbait, it's a real issue.
ARM, yes indeed, so embedded.
Most of the focus on securing high end embedded devices in e.g. smart cards, is now about disguising crypto activity. Such an application avoids using CPU crypto instructions (of which ARM has many). It will just wait on a reply from the dedicated crypto block, which is designed to emit a constant/ pseudo random noise and current consumption signature.
>>What a load of crap
Yea, 'cos anyone trying to warn up front of problems is a doom-mongering moron. Bit like those pesky fire regulators. I bet they're all remainers too, right? It's not like the emergency services or communications, or stretched NHS workers, or anyone who actually does a real job depend on sat nav in any way, right?
When IT manages to reliably construct large scale systems which actually work, instead of the repeated fiascos sucking tax payer dollars, then it'll have time to snipe.
For now, I'd keep a low profile. Sadly, It's not like govt. will take any notice, they seem to have rather a lot on. So no need to pooh your pants.
I think the analysis of failure is spot on. But we're missing the fact that one system is ‘high availability’, the other ‘safety critical’. Only reputation died at BA.
Ironically, the reasons for the failure are identical. But the bigger fault lies with NASA, by far. From what I remember, they *did* rip out and start again... which worked.... until Columbia.
Complexity is hard, and harder to manage, which is why managers don't do it.
The British Official Monster Raving Loony party is already fully across the AC issue. Manifesto proposal number 1. Cool on the outside:
To combat global warming and climate change all buildings should be fitted with air conditioning units on the outside.
"Twenty-two senators wrote a letter to the president when he was said to be on the fence about backing out. They received more than $10m from oil, gas and coal companies the past three election cycles"
James Inhofe, Oklahoma
Oil & gas: $465,950
John Barrasso, Wyoming
Oil & gas: $458,466
Mitch McConnell, Kentucky
Oil & gas: $1,180,384
John Cornyn, Texas
Oil & gas: $1,101,456
Roy Blunt, Missouri
Oil & gas: $353,864
Roger Wicker, Mississippi
Oil & gas: $198,816
Michael Enzi, Wyoming
Oil & gas: $211,083
Mike Crapo, Idaho
Oil & gas: $110,250
Jim Risch, Idaho
Oil & gas: $123,850
Thad Cochran, Mississippi
Oil & gas: $276,905
Mike Rounds, South Dakota
Oil & gas: $201,900
Rand Paul, Kentucky
Oil & gas: $170,215
John Boozman, Arkansas
Oil & gas: $147,930
Richard Shelby, Alabama
Oil & gas: $60,150
Luther Strange, Alabama
(Appointed in 2017, running in 2017 special election)
Orrin Hatch, Utah
Oil & gas: $446,250
Mike Lee, Utah
Oil & gas: $231,520
Ted Cruz, Texas
Oil & gas: $2,465,910
David Perdue, Georgia
Oil & gas: $184,250
Thom Tillis, North Carolina
Oil & gas: $263,400
Tim Scott, South Carolina
Oil & gas: $490,076
Pat Roberts, Kansas
Oil & gas: $388,950
Sum total for all 22 Republican signatories: $10,694,284
>> run c:\> start c:\$MFT\123 but I did that too and only a message box was shown wit a red x icon and ["Windows cannot find 'c:\$MFT\123'
Now repeat the command. I'm on 7. The first time, I too get 'not found', and no other symptom. But if I enter it again, the machine locks up.
OK suckers, here's watt I think:
For a hoover, efficiency is suckage per watt, per volume of dirt sucked.
The test should suck a calibrated volume of dirt, and measure energy used and time taken.
"A sensor puts the Siemens Q8.0 and Bosch GL80 models into low power mode in pristine conditions – such as a lab test – then ramps it up again for everyday use."
So it's clearly a defeat device, as per VW. What other function can it have?
I like Dysons - they're big and shiny.
'Traditional' Big IT is going from bad to worse. I predict the following: Google and their 'AI' algos. will step into this bleak, tumble weed, money sucking void. And Govt. will sigh with relief. Why? Because nobody in trad. Big IT has a f'cking clue how to make things better. Whining and whinging about how ignorant Govt. is changes nothing. Trad. Big IT has no f'king clue either. So, Google, bring it on. And we only have ourselves to blame.
Now, back to the snooker, which is also a bit crap.
Really? That's what you pick out of this story? Get a grip.
"Juicero’s mission is to make it dramatically easier and more enjoyable to consume more fresh, raw fruits and vegetables, and that’s a really tough nut to crack. "
...said in all seriousness. I think we know where the nuts went.
>>In fact you could offload the display to your phone or your watch.
...which is how IoT will eventually come of age: 1) a tiny local (bendy?) processor, low electrical and compute power, but with some HW crypto blocks and sensor interfacing, loosely coupled to 2) an arbitrarily complex display/GUI device - smart phone, lappy etc.
Until then, we can all sit back and enjoy the complete f'kwit entertainment show :0
>>Tesla were the first to prove to the Prius socks and sandals brigade that you could go electric without becoming the equivalent of a slow cyclist in the bus lane to traffic around you and actually have fun doing so <<
I agree with all that. Tesla proved 'buttock clenching' could go electric, and beat petrol at its own game, and hats off.
But the craziness is not about that. It's about the guaranteed insecurity and unreliability of the equivalent of a smart phone. This is a f'kin car, not Angry Birds. Why didn't Tesla stop with the buttock clenching thing? Why have they spoiled it with all the kiddy app/smart phone garbage?
They pushed too far and now are in danger of wrecking the whole thing, which is a shame. It also distracts from what really matters - the drivetrain, battery, etc etc. Just focus the f'k on that.
Is there some serious, open, detailed security analysis of these things? If not, then history tells us they *are* vulnerable. Presumably they use embedded 'secret' keys? And how is all that managed at the other end? Also, lots of other standard questions on proprietary ‘security’...
People, you're getting too hung up on the detail - there's only one news story here:
Hmmm. Arnie, he buy big, shiny, electric car. Hmmm. Arnie good. Hmmm. Big, shiny, electric car good. Hmmm. Me want big, shiny, electric car too.
>>reserved for freeloading scum who would never pay and pay and pay, but would just get one measily OEM license and keep it until the hardware died.
You mean like, I buy a product, and just expect the f'king thing to work....... Wow. Now there's radical. It'll never catch on.
Goddamn it - giving me stuff to think about which *matters*. I didn't go into IT for that.
>>because that money has to last 20-30 years in the field without any kind of maintenance.
Where did get those lifetimes? They are crazily optimistic.
How long does money last? That depends on the denomination of the note. A $1 bill lasts 18 months; $5 bill, two years; $10 bill, three years; $20 bill, four years; and $50 and $100 bills, nine years. Bills that get worn out from everyday use are taken out of circulation and replaced.
>>I too wonder how long it takes for those loony eco-warriers to work out
You sound like a Daily Mail reader from, let's say, the 1980s. Things have moved on. Someone screwed up by not foreseeing this mess. Yes, they screwed up.
>>and similar SANE reasons...
And now back in the real world...
I can only hope that after they factored in the potential costs of cleaning up the PR+social media mess and probable reformulation, it was still worth the risk of starting with tallow.
That's sanity, but I doubt that's what happened.
>>there is a trace of tallow in the polymer pellets used in the base substrate of the polymer
1) Why tallow - is there no synthetic option?
2) Why didn't the people who decide these things foresee the inevitable fuss?
Maybe a page was missing from the requirements spec.
"Qualcomm's been bitten by the bounty bug, signing on with HackerOne to offer up to US$15,000 for vulnerabilities in modems and processors."
The Qualcomm link:
"In order to be considered for a reward, submissions must correspond to certain types of software running on specific hardware."
Strictly it's not vulnerabilities in processors, although the boundaries are becoming increasingly blurred, what with microcode updates and other such distopian nightmares from the pits of hell.
>> to get away from mob justice from dicks like you.
Absolutely right. AC what a pillock.
Me, I'd give the teen a job, and mould him for my own nefarious purposes... And no, not that.
>>Didn't the IETF bloke just say stop making up new protocols to do the same thing? Same goes for libraries.
No. The protocol is the abstract behaviour e.g.
RFC: 793 TRANSMISSION CONTROL PROTOCOL
Only one of those is required (plus multiple revisions!).
The 'library' is the implementation. And there can can be thousands of those, depending on detailed platform requirements.
Unfortunately, in the security sphere, both the protocol and the implementation matter, which is why it's hard.
Is this different in nature from what has gone before? This is a mass random ability to extract cash from a huge number of accounts. This is not some jerk clicking on a dodgy email. Is it a zero day on the 2 factor authentication system? Are all the affected accounts accessed by mobile?
The frustrating thing is that we will never be told the detail. Whistleblowers blow, stop sucking.
I'm old and sad enough to remember trolls destroying comp.lang.c, in the late 90s. Back then, it was a venerable, respected font of knowledge, before StackExchange, where old school, real computer science people hung out. The arrival of the trolls was quite shocking. The arguments against the experts, and against long established principles and 'truth' were disturbing. It was the sheer effort the trolls put into their attacks, which made it different and new.
"Argument is an intellectual process. Contradiction is just the automatic gainsaying of anything the other person says."
"No it's not."
"Yes it is.”
But the trolls were not contradicting. They were arguing, but they were wrong. It was a good lesson in what was to come.
That's one creeping feature too many: a few excess uS spent in the MM thread, and the PFC thread will cause a major puff of smoke! Ahhh... those far off days of 'proper engineering'...
>>I think you are missing the whole point.
No, you are.
Being forced to stand opposite some hippy cretin wearing a "Tube Chat?" badge would massively increase social anxiety.
(Back in the day, social anxiety was known as the desire to 'punch someone in the face and run the f'k away' when they got too close, or worse, attempted any form of social interaction.)
>>6502 assembly language glitch...
>>...and in turn to overwrite memory used for other game functions, in effect "breaking" the game
These days, we use advanced, high level languages like C to do exactly the same thing...
Biting the hand that feeds IT © 1998–2018