* Posts by DougS

12863 posts • joined 12 Feb 2011

Self-driving cars doomed to be bullied by pedestrians

DougS Silver badge

So they'll have a camera on the front

Take a picture of the jaywalker and send it to the cops, who will apply facial recognition to send you a ticket.

Not advocating for this to happen, but we all know it will....

Not call, Intel – not call: Chipzilla modems in iPhone 7s fall short

DougS Silver badge

75% drop at -108db

Well that's bad, but -108db is pretty much at the edge of a cell - where you'd see only one bar. It would be more interesting if there were more data points, like how does the iPhone 4 compare when "being held wrong". How about a few representation Android phones using Qualcomm's modem, as well as one of the non-US Samsungs using Samsung's modem.

A 75% drop is only 6 db. There's a larger variation than that just from the angle the phone is versus the direction of the tower. In the real world the phone is being held, facing a random direction (you don't always orient yourself towards the tower, do you?) and there is multipath if there are any hills or buildings about. Testing performance in a lab is one thing, but the Intel modem could be significant better than or significantly worse than Qualcomm's under multipath or other less than ideal conditions.

In sum, there's a lot of data missing from this to conclude that the Intel modem is something terrible and to be avoided. Personally I'd avoid it just because I figure my phone may have better resale value if it can be used on Verizon & Sprint's 3G networks versus one that cannot.

DougS Silver badge

Re: There's only two reasons Apple is doing this

CDMA is also used in China - the largest carrier in the world uses TD-SCDMA, alongside TD-LTE. Yes, those CDMA2000 standards are "only" 3G and therefore are technically outdated, but it will be many years before those are replaced in the US and China. Heck, we still have plenty of 2G in rural areas and it will be years before phones are able to remove support for that, let alone 3G.

Intel will justify the investment if Apple says "if you add this, we'll license 200 million a year instead of 20 million".

DougS Silver badge

There's only two reasons Apple is doing this

1) Leverage with Qualcomm for better pricing

2) Intel is eventually going to support CDMA technologies, and Apple will license the modem and build it into their SoC and have control over the baseband

Currently baseband code is controlled by Qualcomm on most phones, and this is what (supposedly, not sure if it has ever been actually proven) allows evil government agencies like the FBI to do stuff like call a phone and have it answer without any indication on the screen so it acts as a bug, and similar mischief. If Apple licenses the modem and writes their own baseband, they can insure that sort of thing is not possible.

Qualcomm is way too cozy with the Feds, so personally I'd be willing to give up a bit of cellular performance to prevent them controlling the baseband in my phone.

The question is whether this reduced performance is a hardware or software flaw. If the latter, then newer versions of iOS can deliver updated modem firmware to address the shortcomings. If the flaw is hardware, well wait til next year's model I guess - or if it is a problem for you buy the unlocked or Sprint/Verizon variants to insure you get the Qualcomm modem.

iPhone fatigue and fading Samsung. This planet is bored with big brand phones

DougS Silver badge

"Re-encoding to Bluetooth"?

Are you a moron? Audio is digital until it reaches the DAC at the headphone socket. If sent over Bluetooth or Lightning or USB-C it is digital a bit longer before it hits a DAC. No one and I mean NO ONE is re-encoding analog audio back to digital to be sent over Bluetooth!

Since Apple hasn't released their earpods yet it is a bit soon for you to be complaining about their audio quality. I have no idea how good/bad they'll be other than to say for sure they won't be as good as a pair of high end headphones. One other thing's for sure, and that's that you can get better quality getting the pure digital audio out of the phone and using a high quality DAC (in the headphones or in the cable connecting to the headphones) than relying on a phone's built-in DAC.

How Google's Project Zero made Apple refactor its kernel

DougS Silver badge

Re: As a non-programmer can I just quote Snatch?

iOS most certainly supports full multitasking. It just doesn't expose the full ability to apps.

Microsoft goes back to the drawing board – literally, with 28" tablet and hockey puck knob

DougS Silver badge

Re: Apple Bootcamp no longer supports Windows 7SP1 on newer iMacs.

If you can't boot into Windows 7 you could still run it as a VM.

Password1? You're so random. By which we mean not random at all - UK.gov

DougS Silver badge

'Social media' as the same level of importance as banking??

If you get into my Facebook account, you can't steal my money. If you get in my online bank account, on the other hand...

Email is sort of in between - often control of it will allow an online password reset though hopefully your bank would require more than that.

If they make stupid statements like this, they aren't contributing to a solution. Just muddying the waters even more.

Squeaky bum time for Apple: It hasn’t made enough iPhone 7 Pluses

DougS Silver badge

Maybe the supply shortage is BECAUSE of Samsung

I don't really the buy the "iPhone 7 plus is an alternative to the Note 7" since it implies the customer was not really invested in Android, but to the extent that Samsung defectors look at Apple, that would contribute towards the shortage of iPhone 7 pluses. Maybe they would only have a 1-2 week delay instead of 3-4 weeks if Note 7s had not been blowing up, who knows?

Burgundian iPhone wrecker hit with damages, suspended sentence

DougS Silver badge

6 years???

So if your wife bought you an iPhone 4 for Christmas 2010 and it stops working, you can get Apple to fix it? That's quite a reasonable warranty period for a car, but it is well outside the norm for consumer electronics at least on my side of the pond. Almost nothing sold in the US has a warranty longer than a year - even if you pay $5000 for an OLED TV.

Disaster in Cupertino: Apple only made US$9bn last quarter

DougS Silver badge

Re: In the grand scheme of things, only this counts:

Wall Street compares to their expectations, not Apple's guidance. The guidance for the NEXT quarter will be taken into account, but only as compared to their forward expectations.

i.e., Apple guides x.00, Wall Street expects x.50, actual results x.25 -> beat guidance but fell short of expectations so stock falls

Apple guides x.50 for the subsequent quarter, Wall Street expected earnings/guidance of x.25 -> Wall Street raises their expectations and stock rises but now Apple has a higher bar for the next quarter

DougS Silver badge

Re: In the grand scheme of things, only this counts:

EPS was exceeded, but revenue was slightly below expectations....there's always something!

Apple shot up about 10% in a week when Samsung's shit hit the fan, which seemed a bit excessive to me since I would expect mostly other Android OEMs would benefit, so it was probably due for a bit of a correction.

'Non-state actors*' likely to blame for Dyn mega-attack – US intel chief

DougS Silver badge

The US isn't going to waste its time taking an adversary's website offline. They might take a whole country offline before an attack, but generally are trying to steal data or accomplish other narrow goals without anyone knowing. When there's a DDoS, the "without anyone knowing" part is already out the window.

DougS Silver badge

And trying to steal data while leaving behind as little evidence as possible. As opposed to do a DDoS, which is pretty obvious when it happens.

LASER RAT FENCE wins €1.7m European Commission funds

DougS Silver badge

If you had a few feet of bare ground surrounding the field two laser scarecrows could handle the whole thing.

Unless you have hills. Don't know they not all cropland is flat?

Spoiler alert: We'll bet boffins still haven't spotted aliens

DougS Silver badge

Re: 234

Why should each star have only one laser? They could have a million laser satellites in orbit, all pointed at a different candidate star that might harbor life.

DougS Silver badge

Here's why it would be pointing at us

Well assuming the laser spreads out enough over such a distance that aiming at a star hits all the planets orbiting it, they could have a lot of lasers. Based on satellites orbiting and powered by their star, aimed at all the G type stars in their neighborhood. There needn't be any reason to assume they were deliberately choosing to signal Earth.

Of course, maybe the message isn't intended for us, but for a giant being that lives inside our sun - letting him know that after 65 million years, dinner is served once again.

DougS Silver badge

Re: The controversy doesn't matter

They're Canadians, we'll send them up to Ottawa to serve that warrant!

Google fibre: Subs up, Revenue up, expansion over

DougS Silver badge

Re: Legal Costs?

They did, but they knew they would. The reason they said was that the installs cost a lot more than planned, which is why they started looking at using wireless to deliver the "last mile". Not sure if the expansion being over means "real" Google Fiber, or even the wireless hybrid they started talking about recently.

The idea that they could give away free internet at lower speeds was always ridiculous. There is only so much data you can collect on people, and if you already have them via their mail, browser, search, phone, etc. being able to get at the internet pipe for further data mining probably doesn't add that much value for them. I imagine the data collected via Google Fiber sounded a lot more valuable when this was in the planning stages, and both Chrome and Android had tiny market shares.

This is not a drill: Hackers pop stock Nexus 6P in five minutes

DougS Silver badge

Re: iPhone broken too

The iPhone one required some user interaction: browsing a rogue site that was able to force the install of a rogue application, but that install didn't persist after a reboot so they didn't get the full payout. The Nexus was hacked via text message, and didn't require the phone to even be touched.

DougS Silver badge

Re: Yawn

Why the heck would they offer a $100K prize if they let you use an outdated version, so you could use code for existing exploits? The whole point is demonstrating novel hacks, not using ones that Google already fixed!

Low-power transistors hint at alternative to battery bonfires

DougS Silver badge

Re: Micrologic

When you hear talk about devices able to harvest energy from the environment, that's a HUGE clue that it is talking about IoT. They don't have screens, and will just send/receive info via wifi/LTE (and probably harvest their power from those same wireless frequencies)

Did Apple leak a photo of its new Macbook Pro in an OS update? Our survey says: Yes

DougS Silver badge

You hardly ever use function keys, so who cares? If they tried to do that with the parts of the keyboard you interact with all the time, then I agree it would suck.

Not sure there's much value, but I suppose I could see applications like Photoshop relabel all the function keys to serve purposes within the program, and power users might like that.

DougS Silver badge

Yes, because embedding a photo in an OS update and assuming someone will find it is great marketing.

DougS Silver badge

Re: MEH x 10

Apparently Frank is blessed with some sort of special X ray vision that lets him see inside the case of a laptop even in a photo, able to see what CPU it has, how much RAM, the display resolution and battery life.

If he can see the price too he can save us from having to read about it after Apple's announcement!

Uber's robo-truck makes first delivery of ... Budweiser in Colorado

DougS Silver badge

Robot delivered beer

So does that mean that when the truck shows up the pub owner is supposed to go out and help himself?

Of course not, they will still need someone to man the trucks and do that (and make sure random people don't just walk off with product) so what do you gain by not having a driver?

For deliveries to grocery stores where they will have a staff on hand to bring the beer inside that might work, but the self drivers will have to be pretty smart to back into the loading docks, wait in line behind other trucks (some of which will be human driven) and so forth.

And for our next trick, says Google while literally wheeling out a humongous tablet ...

DougS Silver badge

Why so damn heavy?

Some 55" TVs weigh barely a third of that. Does it have some gigantic battery in it so it can be used without plugging it in? If it does, that's really stupid!

It's nearly 2017 and JPEGs, PDFs, font files can hijack your Apple Mac, iPhone, iPad

DougS Silver badge

@AC - CVE counts

That's not particularly reliable for several reasons:

1) it varies by vendor whether a separate CVE is used for each individual issue, or one is used for a whole class of exploits or all security issues in a given subsystem

2) Apple files CVEs even for internally discovered issues, which few others do

3) having more CVEs means more issues were FOUND and FIXED, that doesn't mean the code is worse. If you didn't look too hard and found only two bugs in your code versus someone else who looks really hard and finds 20, it doesn't mean his code is 10x worse. It might mean you have a lot more unfixed vulnerabilities than he does.

DougS Silver badge

BSD "should" be seriously secure?

Why is that exactly? Does the BSD kernel have some magic support for preventing code that displays JPEGs from having exploits? Of course not, in fact no kernel has JPEG related code - which it shouldn't.

Which means that for holes involving JPEGs, PDFs, font files and the like it doesn't make a damn bit of difference whether you are running BSD, Linux, Windows or DOS for that matter. The security issues found in iOS, Android, and Windows are almost always at a higher layer. True kernel exploits are rare, so even if BSD was perfectly bug free it wouldn't help with issues like these.

DougS Silver badge

Re: Cupertino is ...

And keeping up with Google. Did you see the huge list of critical exploits fixed in the latest Android release?

This isn't an Apple problem, or a Microsoft problem, or a Google problem. No one is immune, no one is writing quality secure code. The question is, are software developers getting worse than they used to be, or are we merely better at finding such problems than we used to be?

App proves Rowhammer can be exploited to root Android phones – and there's little Google can do to fully kill it

DougS Silver badge

It only needs about 30-40 ms of hammering to exploit

If it does that intermittently, you probably won't notice.

DougS Silver badge

What about other apps?

Sure, Google knows about this app, but what if the author of Angry Birds put in something to do this in the background under certain circumstances? How is Google going to know?

DougS Silver badge

Re: I'm sure a lot or people would like to know

The iPhone 6 and older are probably vulnerable, though iOS is more restrictive about how it allocates memory for apps so it would be more of a pain to develop an attack but I'm pretty sure it is still possible. The newer iPhones use LPDDR4 and implement TRR, and are safe.

Hopefully Apple's app approval process would catch an app that tries to do this, but I have no idea.

Getting "root" on an iPhone 6 or 5S doesn't give you access to everything though, since the secure enclave manages encryption keys. The secure enclave uses encrypted memory, which is not vulnerable to rowhammer (because the address lines are scrambled, there is no way to tell which rows are adjacent to attempt an attack)

DougS Silver badge

ECC is not a defense

Rowhammer can flip multiple bits, so while it would take longer, the attack is still possible. If the phone's OS monitored corrected ECC errors they could tell something is wrong and kill the app (if it can identify the source) or panic the phone (if not) but ECC won't prevent rowhammer.

However, LPDDR4 supports an optional capability called target row refresh (TRR) that effectively eliminates the ability to exploit rowhammer. So no need to add ECC, just use LPDDR4 which newer phones have been doing anyway and make sure it supports TRR.

DougS Silver badge

There is no software defense possible

The presence of lack of updates won't matter.

Every LTE call, text, can be intercepted, blacked out, hacker finds

DougS Silver badge

Re: Has Everyone Forgot SS7 Hacks ???

Which I already said above. But what if you want to place a call to someone on a landline, or using a feature phone?

DougS Silver badge

LTE doesn't do calls in the same way as 2G/3G, since it uses the data network for calling instead of a separate channel. You need VoLTE, which newer devices support and carriers are starting to support in more and more areas.

If your carrier's coverage map shows HD Voice (at least in the US, elsewhere it may have a different marketingspeak name) in your area it will use VoLTE for calling between two supporting devices.

DougS Silver badge

Re: Has Everyone Forgot SS7 Hacks ???

There's nothing you can do about those SS7 hackers, they don't involve the device at all but the telco networks, and the vulnerabilities aren't even vulnerabilities as they are built into the protocol by design.

These will only get fixed if we get an SS8 to replace it. Maybe something is in the works, but given how much of this is proprietary it is unlikely we would even know if the replacement was secure or not. Hence my post above about not trusting cellular or SMS, and using VOIP or messaging software that provides end to end encryption if you are saying something you want a reasonable level of assurance is actually going to be private.

DougS Silver badge

Re: If you want security, don't use cellular standards

Erdogan didn't use Facetime because he cared about spying on his message. In fact it was the opposite, he wanted people to see it. The rebels followed the standard coup playbook of controlling government communication networks and radio and TV stations, but apparently forgot at least one independent TV station. He was able to Facetime with one of the reporters there and they basically held a camera up to the phone's screen to allow him to speak to the people, and got them to rise up in the streets and prevent the coup.

Any sort of video calling would have worked equally well, whether or not it was secure. Heck, he could have recorded himself on VHS if he had a way of getting the tape to the TV station.

DougS Silver badge

If you want security, don't use cellular standards

Make your call using Facetime or other VOIP applications that offer end to end encryption (not Skype, unfortunately Microsoft introduced a backdoor for law enforcement after they purchased it)

There is so much not publicly known about how the cellular network functions within carrier networks that using SMS or cellular calling means you can't be assured of security. Heck, you can't be assured of security even with end to end encryption, as you can't guarantee your device or the other party's haven't been compromised, that there isn't a bug in the implementation, or that there aren't undisclosed attacks on the encryption being used. But with end to end you at least have a fighting chance.

Using GSM/LTE or SMS you should assume anything you say has been recorded for posterity and act accordingly.

Google flying car spotted?

DougS Silver badge

A "flying car" that looks exactly like an airplane

But is more expensive since it has to handle VTOL would never be anything but a toy. Few cities would allow such things to land anywhere in city limits due to worries about power lines, noise, loss of control etc. nor would they allow something with wings sticking around to drive on public roads.

It is basically an airplane that can use a short runway, the only place it would be useful is if you lived in a rural area where you could land it on your property, but you don't have enough property for a proper runway for a small plane.

Murder in the Library of Congress

DougS Silver badge

If giving power to Google is the price of removing it from Disney, I'm all for it!

That 20 years was the difference between Mickey Mouse staying in copyright, or going public domain. You can bet that before long there will be moves from those people who think the more copyright the better to extend that another few decades as part of a strategy of perpetual copyright extension to keep Mickey under copyright forever.

Considering how much money Disney has made recycling stories that were in the public domain due to reasonable copyright terms in the past, it is well past due that they start giving back to the public domain!

What I'd like to see is a limited term like the original 28 years. You can then renew for another 28 years for $1 million. You can then renew another 28 years for $1 billlion. You can then renew another 28 years for $1 trillion, and so on. If you write the great American novel, you and your decendents can afford that $1 million to keep it copyright for another 28 years. If it is truly epic like Star Wars or Harry Potter, you can even afford the $1 billion. If you want to go for $1 trillion, be my guest, it'll help pay down the national debt!

But for most works, that $1 million would be way too much to pay, and any earnings it was making would be over long before the initial 28 year term expired.

Hacktivist crew claims it launched last week's DDoS mega-attack

DougS Silver badge

I don't buy it

If they were going to take credit, they would have done it right from the get go. Not wait around for a weekend and then announce it.

It smells like "well no one else has stepped forward, it was obviously someone who wants to remain secret, so let's take credit for it and falsely increase our hacker cred".

They haven't done anything even remotely like this before. It would be like a golfer who had won some local events suddenly winning the British Open. You simply don't make such a big jump all at once.

Is Google using YouTube to put one over on Samsung?

DougS Silver badge

Re: I'll be honest...

Comparing this to the iPhone 4 antenna problem is ludicrous. One was pretty minor (only if you were not in an area with good cell reception, didn't use a case, and your fingers covered the gap in the antenna band) and while inconvenient was not a safety concern. The other could harm or even literally kill you.

The reason Samsung had such problems is because it was a far worse situation, and while they did do a recall they made it voluntary until the US PSC forced them to make it mandatory in the US and they decided to follow suit in the rest of the world. They also botched the diagnosis, thinking it was the battery, and didn't do the recall at all in China. The replacement devices were just as explosive, as the original Chinese devices also turned out to be, because it wasn't the battery after all.

I saw an article this weekend that Samsung STILL doesn't know what caused it, and they've pulled a bunch of people off the S8 engineering team to help figure out what it is and as a result the S8 launch will likely be delayed. But that's probably a good thing, because if they don't fully understand what the problem was with the Note 7, they sure don't want to risk designing the same flaw into the S8!

DougS Silver badge

Based on the ad I saw this weekend for the Pixel

It definitely is aiming for Apple customers. If it didn't say it was for Pixel one could hardly be blamed for assuming it was an iPhone ad.

However, the number of people coming from iPhone to Android is relatively fixed. The Pixel is hardly a revolutionary "wow I've been wanting to jump ship from Apple for years, finally I can" phone. It is a decent high end Android phone but does not stand apart when measured against Samsung's S7 and pre-explosion Note 7 (yeah yeah faster updates, that's something that will sell Reg readers but the average consumer doesn't give a shit about and won't until there's a mass malware infection like what Windows had in the early 00s)

Basically in order to capture more of that fixed number of Apple customers leaving for Android, the Pixel has to steal the ones who would have gone to Samsung (and to a lesser extent other Android OEMs selling high end phones) instead. The explosive Note 7 fiasco helps a lot there, so it is in Google's interest to keep that in the forefront of people's minds for as long as possible. Making fun of it by showing videos of games using Note 7s as hand grenades is a pretty hilarious way to do that!

Microsoft: We're hiking UK cloud prices 22%. Stop whining – it's the Brexit

DougS Silver badge

@Roland6 - US dollar & oil

The tired old petrodollar conspiracy theory that has been shot pretty full of holes lately as oil transactions have been happening more in other currencies and less in USD over the last few years, but the dollar has only strengthened. Sanctions against Russia, Syria and Iran, black market oil sales by ISIS, etc. have all eroded the petrodollar but the US seems to be fine with that.

Since the US is now self sufficient for energy, there is less reason to care what currency oil transactions are conducted in. In previous decades when the US was buying oil from the Middle East and South America, it was desirable from the standpoint of the US economy to conduct transactions in dollars to eliminate exchange rate disruptions to already volatile oil prices. That's less of an issue today, as we have all the "tight" oil we need to maintain energy independence for a couple decades at least.

As opposed to traditional oil wells, it is much easier to respond to changes in demand or prices by shutting or opening fracking wells as needed so even if OPEC was able to regain market power they could not create the type of shocks they did in the 70s, at least not in the US.

Whether or not oil is traded in dollars or in some other currency mutually agreed upon by non-US parties, the US will remain a major trade partner of most countries around the world and the dollar will continue to be a major reserve currency alongside the euro, yen and yuan - and until the yuan is left to float free instead of having its exchange rate dictated by China, it won't fully take its rightful place as a major reserve currency.

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

DougS Silver badge

@jake - documented since 2005

Where you do you see that it is documented since 2005? When I click on the issues tab, everything is dated in the past couple days.

DougS Silver badge

Linus' sin wasn't "it doesn't do anything bad so I'll ignore it"

His sin was in not leaving comments in the code explaining "here's a relatively harmless bug I found but didn't fix because of XYZ".

Then maybe someone else would have decided to have a look at fixing it sometime in the past 11 years, or at least when the COW support was added someone would have thought "wait a minute, maybe that bug isn't so harmless anymore" and they would have fixed it before mainstreaming COW support.

No matter who becomes US president, America's tech giants are going to be quids in

DougS Silver badge

US "pass thru" corporate taxation

That's only true for S corporations, for which there are certain important limitations, such as that it can only have individuals and trusts as shareholders, not corporations, partnerships or non resident aliens. The biggest one though is the limit of 100 shareholders and only one class of stock, which prevents its use for big corporations like Apple and IBM.

The downside of an S corporation as far as earning income overseas is that since it is pass thru (i.e. passes through to the income taxes of the individual shareholders) it can't park money overseas. As an individual you pay US taxes on worldwide income, and whether you leave the money overseas or not does not affect you owing taxes on that income following the year in which it was earned.

Cheapest Apple iPhone 7's flash memory is waaaaay slower than pricier model

DougS Silver badge

Re: Parallel vs... not?

It could be confirmed if the speed of the 128GB model was measured and found to be around 4x the 32GB model and 50% of the 256GB model...

Biting the hand that feeds IT © 1998–2019