* Posts by AlanB

24 posts • joined 2 Mar 2011

Found yet another plastic nostalgia knock-off under the tree? You, sir, need an emulator

AlanB

Re: Imagine anything as efficient

Apollo's first workstation worked around the 68000 limitation by running two processors, with the second one slightly behind the first, and swapping between them on a page fault - the second one didn't have to recover its state, because the MMU had already done its work when the first one hit the fault.

https://en.wikipedia.org/wiki/Apollo/Domain#Models

Boffins crack smartphone location tracking – even if you've turned off the GPS

AlanB

Re: Old news

This doesn't just work if you've turned off the GPS, it works with saved data if you don't have cell connections to triangulate, for example in airplane mode.

(Only if you later make a connection that the app can send data on, or your phone is seized, but if you never make a connection, why have a phone at all?)

Smartwatches: I hate to say ‘I told you so’. But I told you so.

AlanB

> Hint to turn left .. ring of LEDs

Sort of wrist mounted equivalent of https://www.smarthalo.bike/ ? That might work. Not that I'm totally convinced by the SmartHalo, even though riding a bike obviously is a case where "why not just take your phone out of your pocket and look at it" isn't that convenient.

(Another is swimming. Not for maps/navigation, but with my glasses off I can't read a clock on a pool wall. I haven't actually tested the swim lap counter app on my Pebble original (£50, charge once a week) yet, but it was one reason for buying it.)

You've seen things people wouldn't believe – so tell us your programming horrors

AlanB

Re: rm -rf /etc /bin /usr

See also the classic tale from 1986 at http://www.ee.ryerson.ca/~elf/hack/recovery.html

"Meanwhile James had made for our tape cupboard and had retrieved what claimed to be a dump tape of the root filesystem, taken four weeks earlier. The pressing question was, "How do we recover the contents of the tape?". Not only had we lost /etc/restore, but all of the device entries for the tape deck had vanished."

"Alternatively, we could get the boot tape out and rebuild the root filesystem, but neither James nor Neil had done that before, and we weren't sure that the first thing to happen would be that the whole disk would be re-formatted, losing all our user files. (We take dumps of the user files every Thursday; by Murphy's Law this had to happen on a Wednesday)."

KeysForge will give you printable key blueprints using a photo of a lock

AlanB

Re: Key blank != Key (MD5)

MD5 was designed as a cryptographic hash, not merely as a CRC. https://tools.ietf.org/html/rfc1321

New OpenDNSSEC doesn't want you to ... ride into the danger zone

AlanB

Versioning

While HTTP/2 does exist, as others have already said, this is about version 2.0 of an _implementation_ of a protocol, not versions of the protocol itself.

OpenSSL hasn't had a 2.0 release (1.1.0 is in beta), but has had many releases over the last seven years, and is very widely used. Netscape Security Services is now at 3.21, but that doesn't mean it's three times as widely used as OpenSSL. Mostly this just shows that different open source projects use different release numbering schemes, and can't be directly compared.

(The same is true of protocol versioning. That SSL had versions 2.0 and 3.0 and TLS is working on 1.3, doesn't mean TLS isn't used as much as SSL was, it means that TLS designers had learnt from SSL mistakes, and haven't had to introduce a totally incompatible version.)

Amazon just wrote a TLS crypto library in only 6,000 lines of C code

AlanB

Re: Bit iffy on some of the details

NaCl isn't designed to be a general purpose crypto primative library.

See e.g. https://news.ycombinator.com/item?id=7590299 for why it would be largely useless here.

Taylor Swift snaps up EVEN MORE pr0n domain names

AlanB

Re: Office.porn

Scary fact - Clippy porn, sorry, "erotica", actually exists - http://boingboing.net/2015/03/17/an-erotic-novel-about-clippy.html

Fatally flawed RC4 should just die, shout angry securobods

AlanB

Re: Other reasons it has not been dropped

Still draft - https://datatracker.ietf.org/doc/draft-irtf-cfrg-chacha20-poly1305/

Not yet supported by Mozilla, in part because of that - https://bugzilla.mozilla.org/show_bug.cgi?id=917571#c19

It's got a very long way to go before being as common as RC4.

Ford to save you from BIKE FITNESS HORROR

AlanB

Re: all the wheels?

If the plan is "two people unpack goods from the van onto the bikes", then the more space the bikes take up, the fewer goods fit in, and the fewer local bike deliveries you can do with one van load.

Jamie Oliver serves up steaming pile of malware

AlanB

Re: Shuttered?

> (of a person) giving their name to something

Which would make him the eponymous Jamie Oliver (i.e. having web site, TV series, restaurant named after him). The reverse usage seems to be well established though.

If you think 3D printing is just firing blanks, just you wait

AlanB

Re: Something for the weekend?

> Try investment casting. It's much quicker.

And more than one 3D printing service does already offer wax printing for exactly that.

(As well as various laser sintered metal options.)

Google devs: Tearing Chrome away from OpenSSL not that easy

AlanB

Re: Could this happen with LibreSSL too?

Chromium uses OpenSSL on Android, and Chrome might be dropping NSS for OpenSSL on all platforms:

https://docs.google.com/document/d/1ML11ZyyMpnAr6clIAwWrXD53pQgNR-DppMYwt9XvE6s

It may be ILLEGAL to run Heartbleed health checks – IT lawyer

AlanB

And https://blog.mozilla.org/security/2014/04/12/testing-for-heartbleed-vulnerability-without-exploiting-the-server/

AlanB

It is possible to scan for Heartbleed without accessing anyone else's data:

https://twitter.com/ivanristic/status/454515948553129984

Indestructible, badass rootkit BadBIOS: Is this tech world's Loch Ness Monster? VOTE NOW

AlanB

> Why would malware need to communicate with another machine, which would already have that malware installed, especially if over such a short distance?

Send new updates, and/or repair malware which has been half removed.

And send _back_ sensitive information which was carefully being kept on an air-gapped computer, but put on it in the first place using USB sticks, one of which turned out to have been infected.

That degree of low-level cross platform USB driver bug compatibility seems far fetched though.

Buy a household 3D printer, it'll pay for itself in months!

AlanB

Re: Does this use the same plastic that everything seems to be made of these days?

There are 3-D printers that will do metal (laser sintering). Not at the home hobbyist level though.

http://www.3ders.org/articles/20130529-china-shows-off-world-largest-3d-printed-titanium-fighter-component.html

Blazing new comet may OUTSHINE THE MOON in 2013

AlanB

Why impact craters are round

Because the crater is formed when the impacting body vaporises.

http://www.scientificamerican.com/article.cfm?id=why-are-impact-craters-al

How gizmo maker's hack outflanked copyright trolls

AlanB

Re: I suspect

> With a little repurposing this becomes an HDMI stripper

From the analysis linked to by the article: "It can’t easily be turned into an HDCP stripper since that would require a lot of rework of the internals. "

LOHAN eyes hardcore partner's impressive girth

AlanB

> partially blocking the exhaust nozzle of the rocket motor?

When he says "without a burst plug or other means to retain internal pressure", presumably a burst plug is something that will block the nozzle during ignition but reliably rupture in a consistent manner once pressure has built up.

How hard would it be to add one to the design?

Orange Monte Carlo budget Android smartphone

AlanB

Unlocked ZTE Skate

http://www.clove.co.uk/zte-skate

£220, so if you're confident that the Orange branded one can be unlocked cheaply soon, buy Orange.

MIRACULOUS new AIRSHIP set to fly by 2013

AlanB

Heated gas

Farmer's Riverworld had a balloon with heated gas for extra lift, based on Verne's story. (The aliens had carefully designed some barrier mountains to be just impassable with conventional hydrogen or hot air balloons using the available technology, but hadn't thought of using hot hydrogen. (Helium wasn't available in the setting.))

And there was (I think) a AC Clarke story featuring hot hydrogen balloons heated by naked flames - perfectly safe, since the burners used tanks of pressurised oxygen as "fuel" to burn in a hydrogen atmosphere, where neither unheated hydrogen nor helium would give any lift at all.

Five amazing computers for under £100

AlanB

Orange San Francisco

http://direct.tesco.com/q/R.210-0058.aspx still lists it at £99.97

Might be more once it's back in stock though....

Portsmouth redefines the Olympic-sized swimming pool

AlanB

And Cambridge's old pool, too

Cambridge's old Parkside pool was 33 1/3 m long, nowhere near the Olympic 50m, with or without timing boards or tiles.

See also http://www.iankitching.me.uk/history/cam/parkside-pool.html

Biting the hand that feeds IT © 1998–2019