* Posts by An0n C0w4rd

354 posts • joined 20 Sep 2011


I spy, with my little satellite AI, something beginning with 'North American image-analysis code embargo'

An0n C0w4rd

Who are they fooling?

The Chinese probably already have a copy of all the tools that Uncle Sam paid countless $ to develop, and probably didn't pay for them. Somone with a Green Card working on the project took a flash drive holding the code with them while visiting their parents over the holidays.

SpaceX Crew Dragon: Launched and docked. Now, about that splashdown...

An0n C0w4rd

Missing word

Quote: "Champagne remains on ice until Demo-1 is bobbing about in the Atlantic"

I suspect no matter what happens, Crew Dragon will be bobbing around in the Atlantic. The question is whether it is *intact* or not...

An0n C0w4rd

Re: Landing

What I find more impressive is that when landing back on a pad on Terra Firma, instead of one of the drone ships, is that the booster is in fact aiming into the sea, and only once the onboard computers have determined that it has sufficient control does it move sideways to line up on the pad. Hence why a recent failure due to stuck control fins "landed" in the ocean instead of blowing up spectacularly near the launch site.

'They took away our Cup-a-Soup!' Share your tales of bleak breakout areas with us

An0n C0w4rd

Break room downgraded

They took away the foosball machine and the air hockey table, which was all the entertainment in the room. All they left was the fridge, microwave, a soft drinks machine (not free), and some tables

I got one of the CAD people to print out a huge sign on their plotter printer thingy that said "THIS SPACE INTENTIONALLY LEFT BLANK" and taped it to to the floor where the entertainment used to be. I think it survived months. Not sure when it got ripped up. May have outlived me in that building.

Hey mate, are you dense? Why, yes. Yes, I am, says the NAND in Micron's new client SATA SSD

An0n C0w4rd

Quote: "The 1300 uses 75MW"

75 MEGAWATTS of power?!?!?! Perhaps the MW should be mW instead?

Hold horror stories: Chief, we've got a f*cking idiot on line 1. Oh, you heard all that

An0n C0w4rd

Hardware mute buttons which didn't mute

At a previous job the support and sales teams had headsets (sorry, cannot remember the brand but I'd recognise them if I ever saw them again) which had a headset which could be disconnected from the adapter box and a mute button on the headset adapter box that sat on the desk next to the phone (there were 3 controls on the box, can't remember what the other two did)

Turns out that the mute button didn't actually mute the mic, it just made it quieter. People with good phones could still make out what was said. Can't remember how this was discovered, but I bet it was similar to the stories above. Agents were instructed to physically disconnect the headset in future and not use the not-quiet-a-mute button

Mobe networks battle to bring comms back after Hurricane Michael smashes US Gulf Coast

An0n C0w4rd

@ivan5 who fixes the duct if someone digs into it? who manages the notifications out the consumers of the duct? it sounds like a simple plan, but the devil is in the details. utilities aren't going to be happy waiting around for the village to do the duct replacement

An0n C0w4rd

Underground means either cut'n'cover, which has it's own challenges, or a horizontal directional drilling machine. Both are expensive propositions. If there are utility poles then it's much easier/cheaper to stick cables on the pole and (in most location) does not require permitting from the local government for the transit sections - the bit that goes from the pole to the customer may require some permitting, not sure TBH

Additionally, if it's underground then you're putting amplifiers and other electrical equipment either in manholes, utility ducts or ground mounted cabinets, which get flooded and knocked out. Not to mention the ever-present backhoe fade. No-one ever dug up a utility pole and claimed they didn't see it and it wasn't marked on a map. After 9/11 the VZ telephone exchange next to ground zero had all it's cables underground in massive ducts and tens of thousands of copper pairs got cut by falling debris

Burying the cables doesn't solve the problems, it just changes the ones you have to fix and perhaps when you have to fix them

Oh Smeg! Hacked white goods maker resurfaces after system shutdown

An0n C0w4rd

Will this go in the compilations of Smeg-Ups that accompanied the TV show?

Please forgive me, I can't stop robbing you: SamSam ransomware earns handlers $5.9m

An0n C0w4rd
Paris Hilton

<obligatory sexism>

quote: "The attacker is very good at covering their tracks and appears to be growing increasingly paranoid (or experienced) as time passes, gradually adding more security features into his tools and websites," Sophos reported.

Sorry Sophos, but why is it "his tools"? Why could it not be "her tools"? Or "their tools" to be more gender-neutral?

Airbus windscreen fell out at 32,000 feet

An0n C0w4rd

depends on the time between step 1 & 2. if the cracks propagated quickly then it may not have been an option. however SOP for visible cracking normally is descend to 10k ft

An0n C0w4rd

Re: Last time this happened...

@anonymous coward

Nope. The technician doing the job walked into stores, eyeballed the different screws available and found what he thought was the correct type, ignoring the recommendation of the stores officer as to what the correct type was

He got the right diameter and thread pitch but just a little too short to fully engage in the socket

(at least that's my recollection of the NatGeo Aircrash Investigation episode)

Typical cynical Brits: Broadband speeds up, satisfaction goes down

An0n C0w4rd

I would dispute the "all of them" statement. I've been satisfied with my occasional interactions with Zen cust svcs, although I wish they were open longer hours.

Noise from blast of gas destroys Digiplex data depot disk drives

An0n C0w4rd

Re: Safe for personnel?

When I worked in a facility that had a gas discharge fire system (FM200 from memory) we were told to get out of the room ASAP when the alarm went off as being in there when the discharge went off would likely blow out your ear drums and possible cause other problems also. Even people near the room weren't safe as for some reason they put windows in one of the exterior walls to a corridor so they could show off the contents of the DC. The glass wouldn't survive the discharge

Intel alerted Chinese cloud giants 'before US govt' about CPU bugs

An0n C0w4rd


So hang on, they say "Standard and well-established practice on initial disclosure is to work with industry participants to develop solutions and deploy fixes ahead of publication.".

Notice the word "all" missing. They were very selective with their notifications, with some OS vendors finding out around the same time El Reg did, while Mickeysoft and Linux had months of notice.

"In this case, news of the exploit was reported ahead of the industry coalition's intended public disclosure date at which point Intel immediately engaged the US government and others."

Right. Because giving people 4 days to write extremely complex changes to their VM systems is TOTALLY FINE.

Responsible disclosure my posterior.

Beat Wall St estimates, share price falls 5%. Who else but... AMD?

An0n C0w4rd

Re: I just do not understand

If you strip out the "extraordinary event" last year (the GlobalFoundaries write-down), the income was $255m profit for FY2016. Compare that to an income of $179m for FY2017. If Ryzen/Epyc/etc are selling like hot cakes then it would be reasonable to expect better profit margins. I suspect the street were also looking for better news for FY2018. The article here doesn't contain anything about any forecast, which is likely also what dinged the price.

I suspect Intel's stock price went up because they announce that they will have meltdown+spectre silicon ready later this year, and analysts expect all the cloud providers to refresh their servers to get rid of the problems. Remember that Dilbert cartoon where the PHB promised a bonus for every bug fixed? Intel just coded themselves a Ferrari - they instantly made all existing silicon undesirable. Customers can't put off buying new kit so Intel will keep churning out buggy silicon to customers and banking the profit, but the customers could want new silicon ahead of their normal refresh periods to get rid of the bugs, so Intel scores a MASSIVE win. All it has to do is make sure the legal costs are less than the bonus.

All aboard the Vomit Comet: Not the last train to Essex, but a modded 727 for weightless flight

An0n C0w4rd

Rubber duck

If I get on board a passenger aircraft and see a rubber duck in the cockpit, I'm getting off again....

IBM offloads Notes and Domino to India's HCL Technologies

An0n C0w4rd

Re: Notes wasn't a bad idea.

I suspect the Notes Applications is the one reason Notes still exists. Companies built their business processes around Notes Apps and it's too expensive to move off so they're stuck on the platform. It was certainly one of the big blockers to migrations off Notes in the companies I dealt with.

Dumb bug of the week: Outlook staples your encrypted emails to, er, plaintext copies when sending messages

An0n C0w4rd

Re: By design?

Is this the new FBI version of security?

Wonder why Congress doesn't clamp down on its gung-ho spies? Well, wonder no more

An0n C0w4rd

Re: Waste, fraud and abuse

Never happen

You know why? No politician wants to commit career suicide by voting to de-fund an agency that could prevent a terrorist attack, because if an attack happens then fingers will be pointed at the lack of funding.

It's the same reason that after every attack legislation is almost always passed to try and prevent another attack. Not because another attack is likely using the same method (apart from the truck attacks which appear to be the new favourite), but because they have to be seen to do SOMETHING. Even if it's completely ineffective, such as most of the security theatre put in place after September 11. Or the backscatter body perv scanners that were installed after the underwear bomber, that have been proved to let stuff past if you make it look like part of your body (e.g. fake belly).

An0n C0w4rd

Can't get congress to act on reports they can't see

One Congress-critter (can't remember whom) commented that one of the reasons that it's so difficult to get Congress to effectively review surveillance legislation is that the committees that review the secret reports cannot tell other members of Congress their contents, even in a general manner. They cannot take anything in to those briefings (so no notes or recordings), and there are never any nice handouts they can share afterwards.

So all those closed-door committee briefings? Completely worthless. The committee cannot report on what they were told, so the other people in Congress that get to vote on the legislation don't know about any transgressions (unless a whistleblower comes forward, and we all know how that ends), and therefore cannot do anything more than rubber stamp whatever the spy agencies want

I doubt any country is any better to be honest.

What's the biggest danger to the power grid? Hackers? Terrorists? Er, squirrels

An0n C0w4rd

Soldiers unaware of the Faraday cage

"In the same year, three Sri Lankan soldiers were electrocuted after a squirrel caused a fire that broke power lines – causing them to fall on the soldiers' vehicle."

From what I understand, the soldiers who died got out of the vehicle, and were therefore electrocuted. The other soldiers in the same vehicle who stayed inside survived.

An0n C0w4rd

Re: Or a shovel through a fibre/wire bundle

My favourite RFO* from a telco was that they found shotgun pellets embedded in the fibre. Someone had been taking pot shots at some fauna and had taken out the fibre instead. I guess it must have been hung from telephone poles, but can't remember to be honest

Yes, this was in the land where the 2nd amendment is used to justify way too much

* RFO = Reason For Outage

Search for MH370 called off after new theory about resting place is ruled out

An0n C0w4rd

Re: Commercial Aircraft Locations

@ The Man Who Fell To Earth

Hopefully accurate telemetry. I watched a 767 land at GLA airport a few years ago on a online plane tracker. Something in the ADS-B data path for the plane drifted as it held east of Glasgow while the runway was cleared of snow. Each loop around the hold patten the plane "drifted" a few miles north. In the end, when the landed at GLA the tracker showed in landing in the Trossachs! Probably badly calibrated inertial guidance system feeding the transponder. Since they landed safely, the cockpit crew must have been using a different navigation source, maybe relying on beacons instead of inertial navigation.

However, I agree. The Inmarsat data would have been much more useful had it included the ADS-B transponder data in a way that the cockpit could not disable. Doesn't have to be every few seconds like ADS-B, but every 15 minutes would suffice to narrow down the search area.

An0n C0w4rd

Assuming that the theoretical flight path from primary RADAR sources (after the transponder and ACARS systems were disabled) is correct, it is highly unlikely to have been an equipment malfunction. Equipment malfunctions generally don't route around populated areas and RADAR systems. If the plane was being controlled by someone, then routing around populated areas to crash land makes sense, but they never descended. If you lost radio comms, there are protocols in place for that (circle one way to say lost transmission, circle the other way to say lost both receive & transmit)

Autopilot could have flown the route, but only after someone told it to.

What's worse is that even if they find the wreckage they may still NOT figure out what happened. Even if the CVR & FDR survived, the CVR only records the last 30 minutes of cockpit noises. It was never designed for this scenario where something happened hours earlier. There is also no guarantee that the CVR and FDR weren't disabled also, there is (or was) a breaker in the cockpit that could be used to disable them. Not sure about the 777.

Flight 666 lands safely in HEL on Friday the 13th

An0n C0w4rd


Sorry to ruin everyones joke comments by asking a question, but what changes to European flight numbering? Are the going to 4 digit numbers across the board or something?

Europe trials air-traffic-control-over-IP-and-satellite

An0n C0w4rd

The last I heard (which was admittedly a few years ago) was that NASA had set up a test bed which simulated pilots in an ATC zone and all the ATC comms associated with that (lots of people running FSX in a lab with 2 way headsets, and an ATC with some kind of virtual radar view of all the planes)

The one point of ATC instructions over data comms is that pilots lose situational awareness. By having all instructions broadcast, there is a second level of error checking going on because if ATC tells a plane to fly an altitude, a plane already at that altitude can hear the instruction and relay any concern about a possible conflict.

With data based ATC comms that was lost

Probably more of an issue for approach/departure controllers around an airport rather than at high altitude, but it is still a concern

An0n C0w4rd

Re: Am I missing something here?


Repeating back "Turning to 270" doesn't mean that the pilot has done it, but it does mean that the pilot has heard the instruction and at some level understood it. Hitting "OK" on the flight computer doesn't indicate understanding or even that the message was seen

Apple's 'lappable' iPad Pro concept is far from laughable

An0n C0w4rd

Re: file

Or they could use the keyboard to do text selection

shift + left or shift+right selects text one character at a time

command + left or command+right selects from the cursor to the start or end of the line

option + left or option + right selects the word to the left or right

Intel's Broadwell Xeon E5-2600 v4 chips: So what's in it for you, smartie-pants coders

An0n C0w4rd

Re: will do methinks for a new Mac Pro

you can never have enough cores!

An0n C0w4rd

working TSX?

Quote: "while teasing developers with goodies like posted interrupts, working TSX,"

Surely that should be

"while teasing developers with goodies like posted interrupts, allegedly working TSX,"

Pretty much every Intel chip product of the last decade (and probably longer) has had multiple errata, I suspect most of them found after release. I think claiming TSX is working is a bit premature until it's seen in the wild for a while.

Lights out for Space Vehicle Number 23: UK smacked when US sat threw GPS out of whack

An0n C0w4rd

Telecoms companies

I'm curious, what telecoms companies rely on GPS for any timekeeping? Muxes and the like (at least the ones I saw) had no external clock/timing source, and POTS exchanges (even digital ones) have been around long enough to pre-date such clock sources so I can't see them relying on that either (I've seen a few 5ESS systems in the USA, didn't go into the details of the different inputs)

Mobile phone companies maybe?

Inside Intel's CPU-level multi-factor auth (and why we've got deja vu)

An0n C0w4rd

Quote: "It's supposed to help employees who are bad at remembering complex passwords"

It will do, until they lose their phone, or the system breaks and goes into some failsafe mode that needs the password, and they then need to remember their long and complex password, which they haven't used at all so they have no hope of remembering it

Wait until the system breaks for everyone at the same time and then watch the helpdesk melt.

Oracle Java 'no longer the greatest risk' to US Windows PC users

An0n C0w4rd


secunia PSI warns you (and also scans once a week by default) about out of date software. So I'm puzzled by people who have PSI installed and don't keep up-to-date. They clearly had/have an interest in patching their systems, else why install PSI in the first place? Maybe the Windows habit of hiding tray icons by default contributes to delinquency?

Thousands cut off from email after EE bungles domain renewal

An0n C0w4rd

all ee domains seem to be 1 yr renewals

orange.co.uk, t-mobile.co.uk, ee.co.uk, etc, all expire in 2016. guess they're short of money.

Sign of the telly times: HDR shines, UHD Blu-ray slides at IFA

An0n C0w4rd

Re: When HDR becomes prevalent ...

Maybe Sky will also quit using 50i outputs and give decent data rates for their encoding so the picture doesn't look so crap

Who am I kidding. Never happen.

Microsoft backports data slurp to Windows 7 and 8 via patches

An0n C0w4rd


anyone know how this is "hard coded"? Would blocking it on the DNS server work?

Chinese gang shoots down aerospace security with MSFT flaws

An0n C0w4rd

Re: Oh dear. Same old tricks still working.

CIO is probably not the problem. The CIO on their own is likely not sufficient to enact change as they still need to rely on budget approvals from other people. The CEO and the entire board of directors (including the chairman) need to be liable. Only then will START to change.

I am starting to think that people that say antivirus/antimalware/IDS and IPS are the wrong solution are correct. Antivirus/antimailware only work once the signature of an attack is known. Most IDS and IPS are set up the same way, look for known attack traffic and then respond.

No, you need to set up your systems to allow known legitimate traffic/files/applications and block everything else (i.e. whitelist good stuff, not blacklist known bad stuff). Only then will security start becoming effective.

German railways upgrade their comms tech from 2G to 4G

An0n C0w4rd


Recently read somewhere else a story about the Network Rail plan to switch the East Coast Main Line (between Kings Cross and Edinburgh) over to ERTMS, at least in the southern part of the route, due to European compatibility regulations


They specifically call out 2G based GSM-R as a problem. What's the bet that the Germans upgrade to 4G based radios and the UK subsequently installs a 2G based solution because we're idiots?

Never mind falling revenues, BT watchers, look at the footy offering

An0n C0w4rd

Re: Really...

"Apparently you need to have BT Internet service to take their TV!"

Not exactly a surprise. They can properly manage delivery of the service over their network (anything not picked up off Freeview is sent over IP). QoS and other stuff which allow you to prioritise delivery stops the second a packet leaves your network. Plus paying other broadband customers to deliver your TV service probably isn't in their model.

I have a sky box and it's plugged in to my home network, but I only let it through the firewall when I want to download a program. I don't want the damned thing sending/receiving data when I'm trying to do other stuff on my crappy bandwidth (the service itself is excellent, for a 10 year old tech, i.e. ADSL2+. pity NeverReach don't want to extend FTTC or FTTP to my street, and I'm not holding my breath for G.Fast to appear any time soon)

An0n C0w4rd

Re: It is NOT fibre ...

I know of a company which laid high speed Internet cables through some of the poorest areas of a given city just to pump up the "homes passed" figures. The people couldn't afford the basic service, let alone all the other stuff they were selling. It was mostly a waste of money, but it appeared good to investors.

The metric needs to be retired and replaced with something more meaningful which indicates the ability of the residents in the premises passed by a cable to actually afford one or more of the services provided.

Peering closer at 3D XPoint memory: What are Intel, Micron up to?

An0n C0w4rd

Re: Missed one mystery

To a degree it probably depends on the controller driving the chips. It looks like it could be more like RAM, but initial implementations may present it as a block device to aid adoption before trying to create new places in the storage stack for it.

It's OK – this was an entirely NEW type of cockup, says RBS

An0n C0w4rd


If that's true, then they don't appear to have much slack in the system. It should surely be able to process more than another 150k transactions per window without melting?

An0n C0w4rd

Re: Oh yes it is

I've yet to meet a piece of software that has no bugs. You can put in DR and backup systems to your hearts content, but a single line of code can bring the entire lot crashing down around your head.

Vapourware no more: Let's Encrypt announces first cert dates

An0n C0w4rd

1) free (basic, i.e. not the EV ones that give the green flag on the address bar) are already available and honestly not that complicated to get (installation can still be a pain)

2) so far no-one seems to have solved the underlying trust issue (i.e. can we trust that the CA issued that cert to the entity you think you're connecting to), other than relying on dnssec, which isn't widespread enough yet to make a noticeable difference (RFC 6698). Even DANE is not without potential issues, since it can be used to make phishing sites look legitimate ( see https://www.imperialviolet.org/2011/06/16/dnssecchrome.html )

HGST says its NVMe flash card will manage 750,000 IOPS

An0n C0w4rd

Re: Very cool

Unless my calculations are out:

743,000 x 4k read ops/sec = 2,972,000 kb/sec = a shave under 3GBytes/sec

160,000 x 4k write ops/sec = 640,000 kb/sec = 625 MBytes/sec write

Without pondering PCIe bus saturation problems (only using 4 lanes of PCIe so there should still be capacity, in theory) I've definitely seen applications that could chew through those throughputs, or make a pretty sizeable dent in them anyway. Netflix Open Connect comes to mind as one of the more obvious applications.

Plus, it's not just the IOPS you need to consider. It's the latency. Even if you can't hit the IOPS, if you reduce the latency of your application 5x or more, the cost could be justified in various situations where the read or write of that piece of data is a blocking action for something else, e.g. a database. If you have to hit the DB 20x to do one action, you just sped that action up tremendously.

Vodafone: So what exactly is 'ludicrous' about the Frontier report?

An0n C0w4rd

Not entirely sure OpenReach as part of BT is the problem

There is little incentive to lay competing cable to reach consumers in the UK. The logical choice would be cable companies, but despite a large number of cable companies springing up in the UK during my lifetime, Sky drove most of them out of business, and the few that remained went to Virgin Media which hasn't really done much to invest in reaching more homes.

A large factor in that is the cost of laying cables, because that involves digging up streets to put in new ducting.

Perhaps separating ducting from the rest of the infrastructure would help so companies can rent/buy duct access to run their own cable if they wanted to, thereby providing true competition for the last mile instead of just letting OpenReach dictate what the UK should be offered.

This ISN'T Net Neutrality. This is Net Google. This is Net Netflix – the FCC's new masters

An0n C0w4rd


So the real reason is revealed. The NSA lobbied the FCC to make sure that the companies that they scrape their data from are able to get the data to their warehouses from the consumers.

US air traffic control 'vulnerable to hackers' says watchdog

An0n C0w4rd


“Sophisticated terrorists could even steer planes into one another”

Really? Guess the Senator has never heard of TCAS then. You could probably try to get Cessna 152 and 172s to collide (no more than 4 people on board each plane), however they go slow enough that VFR visual scanning would normally catch the collision. Every scheduled passenger flight has TCAS by FAA mandate (and CAA in the UK, etc) which prevents that exact situation from happening.

You'd stand a better chance of CFIT (Controlled Flight Into Terrain) because there ARE some weaknesses in the prevention systems there, but you'd have to be in IFR conditions with no visibility and find a suitably steep mountain that wouldn't trigger the "Too low, terrain" warning until it's too late, at least until the GPS based terrain warning systems are available and generally used.

An0n C0w4rd

Re: Heathrow?

It is definitely LHR. You can see the T5 toast-rack configuration at the left and the T4 oddity at the bottom right. Must be an old pic because the new toast-rack for T2 is missing. I think the pic pre-dates T5C coming online actually.



Biting the hand that feeds IT © 1998–2020