* Posts by Peter Gathercole

2924 posts • joined 15 Jun 2007

CentOS back from brink of death

Peter Gathercole Silver badge
Coat

@AC "Just too many"

I can certainly appreciate many of the things you have said, indeed when I was reading it I wondered whether I had written it in my sleep until I got to the point about OSX.

You are, however, taking the Luddite view that I strenuously try to avoid. Yes, UNIX has been a good operating system (and my bread-and-butter) for the whole quarter century plus of my working life, but that does not mean that it will remain a good operating system forever. Like it or not (and I don't), genetic UNIX is now a dead end. Novell, SCO or whoever owns the AT&T code base now have no interest in reviving UNIXWare, HP/UX and Tru64 are legacy (thanks HP!) and the future of OpenSolaris is questionable, with the sands rapidly running out on Solaris for SPARC. This leaves AIX as the last actively developed AT&T derived UNIX (I'm ignoring the smaller companies, most of which are gone or going anyway).

OpenBSD, by the very nature of the court battle between Berkeley and AT&T that made it AT&T code free can only nominally be called a genetic UNIX (yes, I know about the V7 code base, I was around then), and I do not remember whether OpenBSD, FreeBSD, or NetBSD actually got SVID or XOpen accredited.

So what you now have is a diminishing number of marginally incompatible UNIX systems which adhere to a set-in-stone standard which is becoming increasingly unimportant, and Linux. If you look at where the technological change is coming from, it is certainly not from the UNIX community. Where have the latest X11 and graphics driver changes come from. How about the virtualisation technologies (and, yes, IBM use Linux as an enabler for their hypervisor). Web browsing, Multimedia, printer support, User interface. This work is all happening in Linux space and being backported on occasion to the UNIX base. This includes Perl, Python, Ruby, Apache and any number of other Open Source packages. And often, it is very difficult to compile these on AIX, at least, because of the number of additional libraries needed. This is a much more difficult problem than it would be on *ANY* Linux distro.

The number of people I now work with in UNIX space who EXPECT the GNU variants of the command set by default is now considerable. I keep having to bite my tongue to not remind them that GNU's Not UNIX, and they should not think that they are the same.

I work mainly with AIX, and I am finding that the number of pure AIX people I deal with is minuscule. Everybody who has an interest in computers outside of work is at least dabbling in Linux, if only to give them another career strand if and when AIX falls out of favour with the banks and government agencies.

So by all means immerse yourself in OSX as the closest thing to a genetic UNIX available on the desktop, but please do not regard yourself as a typical UNIX person. You're not any more. (Do you really use TWM as your window manager? I'll admit it's fast, but the word basic does not even start to describe it! If you do, you would probably feel very happy with fvwm on most Linux distros).

BTW. I'm currently playing with V7/x86. Now that is a true genetic UNIX, although not much use for watching DVD's. In case you are interested, it's running inside VirtualBox on Ubuntu 8.04 LTS, which is very suitable as a low maintenance Linux distribution.

Mine coat is the faded corduroy jacket with the leather elbow patches, and has the Lyons annotated UNIX V6 source in the inside pocket. Careful, it's like me, old and a bit fragile.

Peter Gathercole Silver badge
Linux

@Linux is not held back

Like so many things in life, one size never fits all.

Linux is in an awkward place at the moment, being the only real alternative to Microsoft's domination from top to bottom of the computing world. It is the only single OS that goes from embedded devices, PDAs and phones, desktop, server all the way to mainframes and supercomputer (I know OSX fits in many of these categories, but I have yet to see a supercomputer running it!). And before anybody shouts that it is not a single OS, I would suggest that it is more a single OS than Windows Mobile, Embedded Windows, Server and 7 will ever be.

But because of this, it needs diversity. The requirements of low power for portable devices, prettyness for the desktop and maximum instructions per second for HPC do not fit together in a single distro.

So, for the masses using Intel and AMD PC's, Ubuntu is desperately needed (support, ease of install and use, good HW coverage). For smaller devices Chrome and Android work. For servers, Redhat Enterprise, Debian, CentOS and SuSE. For bleeding edge development, Fedora. For HPC, any of the many custom distros used by IBM or SGI or Cray or NEC. And if you have a preference for another distro not mentioned here, please use it, with my blessing.

Where's the problem? There is no 'tearing apart' of the Linux developer community to support these, and while the publicised events at CentOS ripple the water, they will never really damage the perception of the people who use CentOS. And even if it does, I'm sure that most places using it would prefer to switch to RedHat Enterprise or a Centos fork rather than Windows.

The only problem I can see is making sure that the people behind the distros remain committed and engaged. This is what has happened at CentOS, and even if another path had been followed (CentOS forking), I don't believe any users would have suffered.

Unfortunately, it is not possible for the community supported model to offer all that established commercial OS providers can. We will see some distros fall out of favour (Slackware springs to mind). So we need players like RedHat, Novell, IBM et. al. as well to generate revenue that pays for at least some of the people who contribute to the core development.

All that happens in forums like this is really noise, albeit interesting in parts.

Surveillance camera hack swaps live feed with spoof video

Peter Gathercole Silver badge
Alert

Old, old, old.

ARP spoofing has been around as long as ARP and IP has been in use, i.e. a long time. Using it for VoIP and Video-over LAN is new, but merely a new application of an old technique.

Unfortunately, gratuitous ARP is too useful in device failover scenarios for it to be removed from the standard for all devices. The answer is to make sure that nobody has unauthorised access to the LAN, and of course when we say LAN here, we are talking about the routed segment that runs the same subnet as one of the end-point systems. This is why the technique is not applicable to the Internet as a whole.

SpinVox: The Inside Story

Peter Gathercole Silver badge
Unhappy

Mistified

In about 1984, I was shown a hardware speech recognition system attached to a BBC micro that could be trained for about 200 words reliably.

In 1990, I was shown a software system running on an Intel 386 system that would achieve about 80% accuracy when untrained, rising to over 90% when given some training.

In about 1999, I played around with Dragon Naturally Speaking and ViaVoice, both of which were able to do a competent job of turning speech into text, even if they only did basic syntactic analysis.

Each time, I was told that 'context sensitive, natural language recognition' was only a matter of 5 years away.

In the 25 years during which I have seen voice recognition working, commodity computing power has risen by something like 4 orders of magnitude, and DSP hardware that can do the majority of the work has become even faster, and significantly cheaper.

Why is it, then, that it is so impossible for this technology to work? And why do we not have home media centres, fridges and cookers that we can talk to? After all, an iPhone can listen to a song and name it with a high degree of accuracy. It's really just a matter of application.

I guess that it is just one of those unfulfilled technological dreams. Or possibly, the computer and device manufacturers don't want it, because it would start to make the GUI irrelevant, and slow down the pace they could re-sell us ever more pretty and more compute and graphics intensive operating systems and hardware.

God, I've been in this business too long.

Linux Foundation urges fans to sign up to Visa credit card

Peter Gathercole Silver badge
Linux

@AC "They never stop..."

...and all Windows and Mac users are corporate sop's, who slavishly buy anything from their favourite money guzzling multinational as long as it's shiny, yes?

I don't think either stereotype really fits the majority of people.

I use Linux because it is UNIX like, because of the intellectual freedom, and also because it's not encumbered by someone trying to extract as much money as possible from me as often as possible. This is not being a freetard, merely financial prudence. I have in the past paid for Linux distros before the Internet was fast. And I buy all my media unless P2P is the *ONLY* way to get it as a last resort (mainly deleted titles). And I waited a long time until Amazon got their MP3 store up and running (usable from Linux - Horay) before doing anything other than ripping CD's and LP's for music.

And I have credit cards. Mainly because (shock, horror) I have a family (a real one, with kids and all) and I need to even out money flow sometimes. Might consider swapping one to get one with TUX in my pocket. Might not though...

Japanese nuke lab erects 200 teraflop super

Peter Gathercole Silver badge
Thumb Up

@AC on SPARC's death

SPARC always was a published architectural standard. That's what Sun wanted when it created the original SPARC (I still have the launch blurb in a box somewhere). It never really wanted to be in the chip foundry business, but to use partners to license, develop and produce the silicon. Never quite worked out as they intended, but I believe that this fundamental way of working still exists.

I expect SPARC to out-survive Sun by some considerable time, especially if Oracle decide to cut the SPARC standard free, which is what it deserves.

Open-source hardware. What an interesting idea...

Digital Spy fights second malware attack

Peter Gathercole Silver badge

@Jusme

That Transfer-Encoding error is caused by using Firefox through a squid transparent proxy to view DS. It's been a problem for over a year. It was not clear if it is a DS, Squid or Firefox problem last time I looked.

Apple ends Palm Pre's iTunes charade

Peter Gathercole Silver badge
Linux

iTunes

As a committed Linux user, I have not been able to use iTunes even when I had a functional iPod (it broke!).

I started using Amarok for maintaining my iPod, and then discovered that I could buy music from Amazon's MP3 store using Linux, and plug the music into Amarok. The selection is quite extensive too.

I am now using a no-name Chinese media player, and Amarok handles this as well (although I miss the music organizer that the iPod had). It can also handle TCMP on my Palm Treo.

So, it should be possible to buy and run a Pre without needing iTunes.

Apple do not yest

Sir Alan Sugar hits eject button at Viglen

Peter Gathercole Silver badge
Coat

Viglen? A PC manufacturer?

If I remember correctly, they started by skinning TEAC bare 5.25 floppy drives in a plastic sleeve case, with appropriate wires and a 40/80 track switch, for BBC Micros. Not a PC product in sight then.

I've still got one somewhere, and it (and the BBC Micro) still worked last time I tried it (but the floppiess themselves are pretty patchy). Think I paid £199 for it, plus the cost of the 8271 disk controller kit and DFS ROM. Seemed cheap at the time, and it probably was, bearing in mind how many people bought them!

If you look, there is a battered copy of the BBC Advanced User Guide in the inside pocket. Thanks.

Designer pitches flat-pack power plug

Peter Gathercole Silver badge
Thumb Down

Why mains?

Why in this day and age have we not also got low voltage DC plumbed into houses? Put a 12V supply in, and you could almost certainly do away with the vast majority of the black bricks that litter our houses. It is much easier to go 12C DC to 9V or 5V DC in a compact manner (look at car devices), and once it is in as a standard, especially if it is a plugless track system, then small devices will be made to work from 12V directly and not need a step-down. We then no longer need bulky 230V 13A plugs!

This would also allow us to move from inefficient transformer/rectifier devices (the majority of cheap power supplied) to a more efficient larger central switch-mode power supply to keep all of the greens happy and reduce our power bills.

Only problem would be the high current demands of certain devices.

Peter Gathercole Silver badge

@Anonymous Coward

I said three carry the power, and a common neutral. 3+1=4. Yes? Please read the comment before posting.

Single phase. Yes, domestic properties just get a single phase. Commercial properties quite often get three phase, but this is used as three 230V feeds which go to different parts of the property, unless you have something like a mainframe or an IBM SP/2 (RIP). But even these (I believe) separate the circuits out to 3x230V into 40V(?) DC converters, and then distribute this around the frame.

When I was at college, we found that the two sides of our dining hall (where we had bands playing) were on different phases. Caused no end of earth-loop hum on the PA equipment we used until we worked out what was going on. And you could get quite a belt between the EARTHs of the two different sides, as they were earthed separately (we measured 120V AC between the earths).

When they say three wire single phase, I presume they mean 2+Earth. Normally, Earth is a local earth, with just 230V Live and Neutral on the cable from the electricity company.

If you have three phase, they also provide a neutral, thus requiring a four wire, three phase installation. Only specialist equipment runs 415V between phases, and this is not the norm for most sites, although I will probably get flamed for generalisation.

Peter Gathercole Silver badge
IT Angle

@Anon re: Earth and Neutral bonded together

No.

Typically AC is carried by the power company in three phase (i.e. three separate wires carrying AC power wrt ground with a 120 degree phase difference) and a common neutral. The effect of this is that when averaged out, the three phases should have a potential wrt ground of 0 volts, so the neutral wire should carry no power (it all cancels out), and will somewhere in the power infrastructure be grounded (but not in your house!).

Unfortunately, the real world is not so simple. Most inductive loads (read high power devices) cause a phase shift to the AC waveform, so the combined neutral may carry residual AC voltage, especially in a single phase installation. Also, when you are looking at power delivery to domestic houses, it is normal for each house to only be on a single phase, and the phases alternated down the street (so your each of your neighbours may well be on a different phase from you). This means that if you grab neutral, you had better be prepared for a shock, although it is unlikely to be a full 230V and *may* be negligible. It really depends on the difference in power consumption between you and everyone else attached to your local substation, and how good your regional electricity distribution company is at balancing the load between the phases.

This alternation of phases also explains why it is possible for some types of power cut to only affect some of the houses in a street.

Canonical responds to 'abusive' Ubuntu posts

Peter Gathercole Silver badge
Coat

Inappropriate comments on Reg. forums?

Humour aside, Can I claim the comments on the alternative meaning of Ubuntu as abuse? They are dis'ing my technical ability as a committed Ubuntu user.

I could do both Debian and Slackware, but basically I haven't the time. I use Ubuntu because it needs little time, not because I am technically naive (and also because it returns a superior user experience).

My cost is the one with the picture in the inside pocket of 30 years of Unix and Linux documentation on a shelf at home.

Windows 7 to push up netbook prices

Peter Gathercole Silver badge
Linux

@jim 45

Please don't take Asus's implementation of Xandros as a typical Linux. It's not, and I have already said so. Try Ubuntu Jaunty Jacalope. I think you will see that it is a world apart from Xandros, and I believe, easier to install (and use, IMHO) than Windows.

Your comment about a 'new user' has two possible meanings. A new to Linux but previous Windows user will see anything that is not Windows as different and possibly difficult. A new to computing user is unlikely to see any real difference in ease of use between recent Windows or Linux.

You just have preconceptions as a Windows user. I am a long term Unix user (since before Windows, and in fact PC-Dos), and I find Windows infuriating. But I am not so blinded that I cannot see the merit in what Microsoft and their numerous partners have achieved in usability. But just because Windows is dominant in the non-server market does not make it automatically best.

Many of the core 'features' of Windows (such as drag-and-drop) were actually developed by others, and some appeared on Unix and other OS's before Windows (look at Looking Glass on Unix) You might be surprised at what the Torch Triple-X could do back in 1985, and of course Sun, and Apollo in the workstation market.

I appreciate you making the effort with Xandros. Unfortunately, it was almost certainly the wrong Linux distribution for what you wanted (as would any of the niche distributions, or in fact, the Linux in a Tivo or any embedded system). You might draw an analog between EeePC Xandros and Windows Mobile Edition. I don't think you would enjoy getting that to run Firefox 3 either.

Peter Gathercole Silver badge
Linux

@jim 45

I'm not arguing any different about Xandros, but if vendors shipped with Ubuntu, you would have had a different experience.

The space issue, which is a feature of the way UnionFS was used, is one of the primary problems for the EeePC. It's good for a device that will rarely change, but not for a dynamic OS. This is one reason that Asus's implementation of Xandros was just no good for those who know, but very good for those who use the device as an appliance.

I think that your comment about 'no one really wants a frozen, nonupdatable snapshot of a system' is not actually true. In know a large number of people who once a system is as they want it, will never touch the configuration again. It's just that they are not in the technical community. Many people want to use a computer as a tool, not just as a means to itself. My father is still using IE 5.5 on Windows 95 OSR2, and he has no desire to update it. It does what he wants, and I'm sure that he is not atypical of a large part of the potential netbook market. (Please note I am not suggesting Win95 on todays netbooks, just illustrating a point!)

If you doubt this, just look at the stats. on the number of un-patched Windows systems out there, and patches are easy to apply.

But this market is not even getting the opportunity to buy into netbooks, because Microsoft's behavior, and negative comments are frightening people away from Linux.

I just wish that a netbook supplier would ship a good, major Linux distribution. Then we would see whether MS have really managed to capture this market. This has to be done before the Windows 7 tax appears, as afterwards will be too late.

Peter Gathercole Silver badge
Linux

Xandros

I, too, dumped Xandros on my EeePC 701, but this was because I wanted a full Linux, and although you could enable kickstart and a KDE desktop, it was sufficiently different (did anybody else try to work out how it started with you logged in).

I suspect that people who actually used the 701 as it was intended (the easy desktop) would be happy, but this was not me. Unfortunately, it was mostly people like me who saw the benefit.

Peter Gathercole Silver badge
Linux

@Brian Whittle

What do you think is difficult with Ubuntu? If you just want mail, word processing, spreadsheet and browsing, Ubuntu is no more difficult than Windows. You do not need the command line, the update manager just works (click on Update, and off it goes) and you do not need a degree in Computer Science to use it. Evolution, Open Office and Firefox provide the basics that home users need, and they are installed by default during a standard install.

Of course, if you want Outlook, Word, Excel and Internet Explorer, then I'm afraid that Linux is probably not for you, and you have been suckered in to the Microsoft way.

I've just put Jaunty on the IBM Thinkpad T20 (700Mhz Pentium 3, 256MB memory, 20MB hard disk) that I am typing on (it was mine some time back and I am re-cycling it for one of my kids), and everything, and I mean everything, just worked from the install disk including the Belkin wireless card, identified and installed during the normal graphical install process. This is a dual boot system, and even knowing the Lenovo/IBM website, I have been unable to identify all of the correct screen and graphic drivers for Windows. And there are no applications installed. Sure seems to me like Ubuntu is easier. And for such an underpowered system (even by netbook standards), it is surprisingly usable. I can imagine that Jaunty (or an easy peasy derrivitive) is very suitable for netbooks.

I did not have to resort to the command line, or edit a configuration file once. I would have no hesitation in giving such a system to my father, who is 80. I'm sure that he would keep it up to date better than the Windows box he currently uses.

So stop spreading FUD. Ubuntu is a viable alternative already. The only thing that may stop it is a lack of technical support in the suppliers and maintainers, and this is only because there is not enough market penetration to make it viable for them to skill up. It's really a chicken-and-egg situation, which is being made more complex by the anti-competitive practices that Microsoft engage in.

Futurama back from dead again

Peter Gathercole Silver badge
Thumb Up

Ditto Firefly

I still think there are Firefly stories. I want to know what was the back story for Shepherd Book was, and I'm sure that there were plenty of war stories for Zoe and Malcolm.

Did the comics add anything to this?

B5 is finished. The story is finished (as JMS intended, although slightly out of sequence), and the spin-offs do not stand up against the original.

RIP Personal Computer World

Peter Gathercole Silver badge
Unhappy

Gone but not forgotten

Don't know what to say. I've been a reader too long, and I will miss it. I treasure the first two collected Benchmark Specials that I still read.

I'm glad it was Guy who was able to write the obit.

Judge backs Halifax in Chip and PIN clone case

Peter Gathercole Silver badge
Unhappy

@Fraser

OK, I'm now worried. I think I always knew that some ATM's would use the magnetic stripe, but reading what you wrote makes me nervous.

Specifically, the same PIN is used for the Chip as would be required by a mag-stripe ATM.

OK, the PIN for the C&P is safe, as it is effectively used as one of the input keys to the challenge-response that the on-card chip uses, and is thus is not stored on the card.

So how does (and always has) the PIN for the mag-stripe worked? If this can be brute-forced in some way, does this not also compromise the C&P PIN?

Maybe I just have not understood how the mag-stripe authentication works, but it has to be checked by the ATM, and not every ATM in the world has my PIN stored in it. Is it one-way hashed in some way, or is it stored centrally and queried from the central repository each time the card is used. In the latter case, I sincerely hope that the telecoms traffic between the ATM and central repository is encrypted, and that every partner bank has the same high degree of security to ensure that it cannot be fraudulently queried or possibly snooped.

Asus Eee PC 1008HA Seashell

Peter Gathercole Silver badge
Linux

Linux on netbooks

There are two reasons why Linux on netbooks is loosing attention.

The first is that the versions of Linux shipped are, well, pants. I ditched Xandros, even after I broke out of the simple interface on my eeePC701. If they shipped a mainstream distro, things may be different.

The second is that Microsoft stomped on the market by allowing XP, a dead OS as far as Microsoft was concerned a few months earlier, to be cut down and shipped at effectively no cost, merely to prevent Linux getting a decent foothold in a part of the PC market.

One wonders if they will be as willing to give away Windows 7 when this comes alone. Or possibly they think they will have cornered the market by then.

From a customer perspective, if they can buy something familiar verses something different, both at the same price, I know what they will choose. Linux only had a chance in the mainstream when there was a price difference, and this was because they could be made with less memory and disk space and a free OS compared to a Windows system. Stop making the smaller ones just for Linux, and you will only sell Windows systems.

Firefox devs ask navels when to curtail Mac OS support

Peter Gathercole Silver badge
Linux

@Mike Flugennock

OK, you're a Mac Fanboy, so I should expect some of what is in your post, but...

...I think that you ought to go back and check what Linux distro you were trying. I suspect that it might have been one of the bare-metal masochistic distro's, or possibly one that was a little old. USB printers, for the most part just work on most modern distro's. Plug it in, and watch Linux tell you what the printer is, and which driver it will use.

And while it is the case that there are some codec's that may be difficult to find, they are probably equally difficult to find for OS 10.X, unless the vendor has explicitly provided them on the driver disk. And if this is the case, then probably the Windows codes will work inside a wrapper on Linux. If the vendors did some due diligence, and provided instructions as they do for Windows and OS 10.X, then you would see it is not Linux that was at fault, but the hardware vendors.

What is even more surprising is the fact that OS 10.X->Linux ports are not that difficult (OK, the screen API is different) but the rest is just *NIX like. So why no port?

I do take your point about applications, but this, again, is not Linux's fault. Just because an OS is free, some people have an expectation that all the apps. should be free as well (I accept that they can be called fretards, but this is not all Linux users). And some software vendors are afraid that if they use GNU tools to compile an app, that the app must be published under the GPL. Neither of these two statements are true. It is perfectly possible to port an app. to Linux and sell it. If there was a Linux port of Adobe Creative Suite, QuarkXPress, or FinalCut Pro, maybe more people (such as you!) would see Linux as an alternative, and it would start fulfilling it's promise.

Is this Linux's or the developers fault. No. They have made this excellent platform, and commercial companies have not taken advantage of it.

If you had a choice of buying a shiny Mac running OS/X, or the same hardware running Linux, with the same choice of software and drivers, but the Linux box was £50 or £100 cheaper, which would you choose? Many people would choose the cheaper option. And there must be significant numbers of Windows users who would make the same choice to avoid Vista. Why then will the vendors not see this as an opportunity, and start selling their wares for Linux.

Oh. I forgot. Microsoft are pulling the strings. They can make it difficult to develop for Windows by withholding Windows information an cheap licenses from developers who also produce Linux software, so few development houses can afford to sell Linux products. Why do MS not do that for OS/X devopers? Because without some competition, the US DoJ would slice MS up.

Microsoft security chief trapped in endless identity sales pitch

Peter Gathercole Silver badge
Black Helicopters

@Marcel van Beurden

Totally agree. Exactly as I see it.

Let's hope someone influential recognises this before it gets too late! Or maybe it is already... (listens for crisp rustle of donations to party 'election' funds)

Virgin Media sticks with Phorm

Peter Gathercole Silver badge
Thumb Down

Bottom of the Phorm

Our exchange has just been LLU'd. I should now be able to get a better high-download limit service than Virgin's ADSL service (everybody else running through BT Wholesale had hard limits that either could not be exceeded, or cost a fortune if you do go over).

After being a Virgin ISP customer for 12 years, I think the time to switch has come at last.

Researchers dissect world's first Mac botnet

Peter Gathercole Silver badge
Coat

It's obvious...

There are a group of people, which probably includes most non-computerate end users, who need a new type of machine. It must come with the OS and other software in ROM, and have every app they need installed already.

This way they cannot install something which could do damage. But equally, they would not be able to install the latest flash, Silverlight or any other flavour-of-the month add-on.

Can't stomach such a thing? No, I didn't think so. Nor will most users, although UMC's like the eeePC(s) nearly made it.

My coat is the one with the Amstrad Emailer box underneath it.

Mac and Linux Bastilles assaulted by new attacks

Peter Gathercole Silver badge
Linux

@AC on Funny how

OK, here is the difference.

On most Windows systems, people are running as a privileged user most of the time (they need to so their applications work). So if there is a hole in the browser that allows a remote-code exploit, it then has the required privilege to immediately add other back-doors, inject code into the core OS, and generally play havoc on the system in ways too many to mention.

On Linux, most users run as a restricted user by default. When they browse the internet, run applications etc, if there is a remote-code exploit, this code runs as a non-privileged user. So if it tries, for example, to write to /dev/mem, it fails. If it tries to change any system libraries, it fails. If it tries to change any binaries in system directories, it fails. In fact, pretty much everything damaging fails EXCEPT ON FILES OWNED by the user, which is their own data, and the configuration files for the apps they run.

Of course, it is possible to run most programs as root, but the normal state of affairs is that people don't. THIS IS THE DIFFERENCE.

By default, there is no way for code to cross the non-privileged/privileged divide without the user taking affirmative action, and unlike Vista, it does not ask for permission every two minutes, so as soon as it does, most Linux users will be wary.

Before you start, yes, it is possible to change the users path so that you run unintended programs, but normally, if you su or sudo, the path gets controlled again. Ditto the LD_PATH. Of course, you could try social engineering (go on, you really DO want to sudo this script I've dropped onto your system, even though you do not know what it does), but this is not a flaw in the OS. There really are people who know about security acting as gatekeepers-by-proxy for the dangerous things.

The UNIX model is not immune from exploits, but most of them are well known, and you can find out how to avoid them in any of the myriad of Linux or UNIX books that are available. Most distro's install pretty secure anyway, and they also contain information to avoid most of the pitfalls. And major distros patch new exploits as a result of code defects pretty quickly.

The plain truth is that *NIX security is too well understood to allow simple exploits any more. It's all in the pedigree.

Peter Gathercole Silver badge
Linux

FUD again

Before people start, the term "userspace" used in the PDF does not mean from a non-privileged process. It needs to be run as root or another ID with write permission to /dev/mem.

What "userspace" means here is a process run as a normal process controlled by the scheduler, and not added from inside the kernel codebase (like a loadable kernel module would).

Basically, all this technique is doing is re-vectoring one of the system calls, something that people have been doing for as long as table driven vector entry for system calls has existed. UNIX has done things this way since it first existed 40+ years ago (it was very convienient in the PDP/11 world, as it used the EMT instruction). The only real trick here is reserving memory in the kernel address space, and even this is not new (I could probably think of about hald-a-dozen candidates for locating the code off the top of my head).

Due to a design flaw in the MT10 magtape driver code in Bell Labs UNIX version 7 for the PDP/11 (circa 1978), we used to hang the tape device moderatly frequently. I used to go in and zap the lock bit in the driver status table using db (the original UNIX debugger) to use it again without re-booting. And the Keele Kernel Overlay system used to re-vector all of the system calls to allow segmentation registers 6 to be altered to point to the area of memory that had the required code, before actually jumping to it. This was all done in kernel space, of course, but show that the techniques are not new.

So. Stop frightening the ordinary users with things most of them will not understand, and just say that if you allow root access on your Linux box to any-old-code, expect your system to be 'pwned'

Peter Gathercole Silver badge
Linux

@alain williams

Most major distros actually ship with SEL turned off.

There are not that many applications that would break if it were turned on, but the administration of the Linux system would need to be changed. As a UNIX luddite, (and by this I mean someone who has been using it for so long that fundamental change appears abhorent), I can understand this, and I real uneasy about turning SEL on on my own systems. I am keenly aware that the UNIX security model, which Linux (pre SEL) copies almost exactly, has always been weaker than it could have been (although much better than Windows up to Vista). The MULTICS model that VMS and PRIMOS implemented would have been better from the start, but UNIX was intended to be lightweight compared to MULTICS.

But, as the major variant of UNIX that I use in my professional life is implementing Role-Based-Access as well, I guess that I will just have to learn to live with it.

Peter Gathercole Silver badge
Stop

FUD

And...

The MAC attacks are DOS attacks, and reading through the PDF on the Linux attack, firstly is it x86 specific, and secondly, to exploit it you need WRITE access to /dev/mem or /dev/kmem (it's slipped in to the end of section 3 that this is required, and the test here is being run from a # prompt, indicating root access).

*NIX security 101 states that these should be protected from write (and even read in many cases), for just this reason.

Of course, if your vector runs as root, then all bets are off, and there are innumerable ways of making a *NIX system do bad things, even if you have SE turned on.

Wi-Fi Beeb viewing may break law

Peter Gathercole Silver badge
Unhappy

Same for DVB for laptops

I had a similar conversation a few years ago when I was inquiring about a DVB tuner on a laptop. It is illegal if it is plugged in to the mains outside of the house that the license is for, unless that location has a license that covers it.

One of the most stupid pieces of legislation I have ever heard.

Also, if you have a shared occupancy dwelling, like a student house, you need a separate license for each room where one of the occupants has a television, plus one for the communal area. Talk about greedy. You can only have a multiple televisions in a house on one license if everyone is a member of the same family. So, if you have a lodger in your house, they need a license as well!

I'm not actually against the license, as it allows the BBC to do things that otherwise would not be done (I cannot fathom a situation where Rupert Murdoch controls what television programs are made), but the heavy handed and way it is applied gets my goat.

Also, in every mail, they asked me what the number of the television license was for my house. They would not take my word that I actually had a license.

IPS misses its ID cards for foreigners target

Peter Gathercole Silver badge
Black Helicopters

Scope creep.

I remember listening to a House of Lords debate on the ID card. There were strong feeling from the opposition and the cross-party benches that the ID database would suffer scope creep, because it allowed the legislation to extend the database to be passed by statutory instrument rather than having it debated in parliament.

This has always worried me, and now it seams to have been worth worrying about.

I endorse a comment above. I don't mind carrying ID if it actually helps me prove my identity. I just don't want it to be used to track my activities. Not that I do anything illegal, but....

Microsoft cries netbook victory against Linux

Peter Gathercole Silver badge
Flame

@Peter Day

Try using your Epson printer on Windows *WITHOUT* using the supplied CD or downloaded driver from Epson. I think you would probably have more problems than on any mainstream Linux.

Badger the printer providers to give you either an install CD for Linux, or instructions to configure the excellent built-in Linux printer subsystem (like CUPS) to work with a new printer.

Don't use different rules to compare Linux with Windows.

Mind you, I do agree on other peoples comments about Xandros. My (very early) Eeepc 701 is running Ubuntu Hardy (I've standardised on an LTS release), because I got tired of re-installing Xandros each time the UnionFS filled up. Don't think it's a generic UnionFS problem, more a problem with the way it was configured.

Boffins invent automatic net-hookup roboffinry machines

Peter Gathercole Silver badge
Alien

Goodness

When I read the title, I thought that amanfromMars had joined ElReg as a writer!

How gov scapegoats systems for man-made errors

Peter Gathercole Silver badge
Unhappy

Another view

There is a blame culture in the UK. As a result, there is continued effort to eliminate human error in many 'systems' (I'm using system in the generic sense). Too often, this is done by taking the decision making away from real people, and codifying it according to unvarying rules.

This is absolutely fine, but only as long as you catch EVERY possible situation that the system has to cover.

But when you get a situation that you don't cover, chances are that you will get an inappropriate result. In the meantime, your human people, who have become de-skilled (either by accident or design) because they don't have to make these decisions, are less likely to spot the inappropriate response (they keep being told that the 'system' will do the checking, so they don't have to). So they blame 'the system', and are in many cases correct in doing so.

The failure is in the creation of the rules in that poor requirements and systems analysis has been performed. This makes the 'system' flawed, but as a result of a human failing (it could be a systemic failure in the process that created the system in question - recursion here we come!)

Please note that this is not limited to computer 'systems' but can happen to any process. It just so happens that so many complex systems nowadays are centred on computers enforcing the rules.

British steam car completes final testing

Peter Gathercole Silver badge
IT Angle

Only the English...

... would take a fuel that works well in an efficient internal combustion engine, and use it to generate steam to propel a car.

Now if they could achieve that speed using heavy fuel oil, or even better, powdered coal, then it may have some merit!

Students Union reps vote to ban cheap booze for students

Peter Gathercole Silver badge
Alert

Cheap beer

As far as I remember (and it gets more difficult as time goes by), student bars still buy their beer from brewers, at whatever price the brewers charge. There is no difference in duty charged, and many colleges use profits from the bar to generate money that gets spent on other subsidised activities.

About the only scope I can see for beer being cheap is that they probably do not pay rent, rates or energy costs (these will be soaked up by the college or Union), and that the staff work for peanuts, or at least beer money.

So, as pointed out, where is there scope for significant price reductions over places like Wetherspoons. Setting a price above what is paid outside the college will just reduce the use of the college bars, at least in colleges in large towns and cities.

What happens in out-of-town colleges like Lampeter or Keele is a different matter, and one that it may not be safe to pry into!

Palm opens up, and goes back in time

Peter Gathercole Silver badge

PalmOS compatibillity - Great

I was pretty interested to start with. Now I'm sold.

Bring it on.

Battlestar Galactica eyes 'technology run amok'

Peter Gathercole Silver badge

@Adrian Waterworth re B5

Where B5 actually was better was that the story ARC was fairly well populated for all 5 series (OK, it got a bit messy when Time/Warner canned it at the end of Series 4, and the order of the stories was ripped apart).

This meant that meaningful hints could be seeded throughout the series, which when spotted led to a big Ahhhhhh moment that spanned the seasons. This is what made B5 seasons 2-4 compulsive viewing for those of us who actually followed the storyline. But each episode stood-alone enough to be watched in isolation. I admit B5 was a mixture of absolute brilliance (like the episode that was filmed from start to finish in one scene - "Insurrections in real time"), and complete pap (I tend to forget these!). But you must remember when calling it cheesy, that for the first series at least, the video effects were produced on "the video toaster", which was a network of Amiga PC's.

I lost track of BSG when Sky 1 dropped off of Virgin's cable service, and found that whenever I did get to see an episode, that what I was watching made very little sense. Partly my fault, I know, but it did not make it easy to watch. But it seams to me that each series had it's own ARC, and not a lot was carried across from one series to the next.

Now, from B5, all I have to say is... "Get the hell out of my Galaxy!"

Microsoft claims IE8 is 'a leap forward in web standards'

Peter Gathercole Silver badge
Linux

Point missed about MS contributed tests

Microsoft are obviously contributing tests to W3C that IE8 pass, but that Opera and Firefox fail.

It's probably the only way they can drastically improve their score compared to the others!

Asus Eee PC 1000HE netbook

Peter Gathercole Silver badge
Happy

Chicklet keyboard

Does anybody remember that the term 'chicklet keyboard' was originally coined for the granddaddy of all PC's (possibly the original non-hobbyist microcomputer system), the Commodore Pet 2001?

Still happy with my EeePC 701. Must check out Eeebuntu though.

Virgin Media to battle modem hackers

Peter Gathercole Silver badge
Happy

@AC re TDMA again

I follow all of your points, and I guess that I was simplifying things a bit, but it sound like a lot of effort, and synchronisation between different parts of the organisation, including putting engineers on the street physically fiddling with the cables. Must be some form of cost/benefit analysis on the value of this.

I'm not sure about the time-slot allocation technique for the bandpass filter. I'm fairly certain that they will not be "effectively connecting and disconnecting according to the time-slot allocation", but will have packet selection based on MAC, rather than an electronic time based switch. And it also does rely on being able to isolate the modem being investigated to a fixed carrier, preferably not shared with other modems.

I hate to think what the jitter of several dozen modems switching their bandpass filters on an off on a particular branch would be. Probably almost impossible to analyse.

Anyway, interesting discussion, as always on El. Reg.

Peter Gathercole Silver badge
Stop

@AC re TDMA

I'm not a cable engineer, but am interested in the subject.

I'm not sure that it is that simple. The cable network, even from the street boxes is a tree network, with many branches and bi-directional signal regenerators. The signal is not baseband, but true multi-frequency broadband (my, how that term is mis-used in the public space), with many customers appearing on the same branch of the tree. It is not a point-to-point network like the telephone network.

The modulation is a mixture of TDMA and FDMA, with modems switching frequency during normal operation, and possibly using more than one frequency carrier for the higher data speeds.

If you were to inject noise (that is, without disconnecting the individual tap from the network), you would take out ALL customers ON THAT BRANCH! If you wanted to try to make it more selective, you could try to identify the frequency currently in use, but you would still take out all the customers using that carrier on that branch, and that is assuming that the modems would not switch to another frequency. If you want to check each tap, you would have to physically visit each tap point. And you must remember that this is a shared infrastructure with their cable TV operation.

You may also get false positives. What happens if, at the same time as you trying to identify an illegal modem, a customer turns off their cable modem?

I'm not sure a TDR (if you mean Time-Domain Reflectometer) would help either. These are used to measure cable breaks by relying on reflected signals from the end of cables without load (un-terminated in the transmission line vernacular). In this case, the cable would not be un-terminated, but would still have a load on it.

In theory, if you knew the prorogation time of the signal on the wire, it may be possible to time a response to the modem, but I suspect that the quality of cable, number of taps, and even the moisture content of the soil around the cable may alter the inductance and capacitance of the cables to make this uncertain. We're not talking 10base5 Ethernet, or even telephone line twisted pairs here.

All in all, I expect that the cable engineers at Virgin Media, who actually maintain a cable network, to know more about the design and running of these things than a majority of us amateurs commenting in this thread. Give them some credit, because if they knew nothing, their whole network would grind to a halt very quickly.

Sun's Niagara gets Linux (again)

Peter Gathercole Silver badge

No common Hardware model for Sun systems?

What is it about the T1, T2 and Niagara that make porting Linux so hard? Do they not run Sparc code from older systems? Or is it that the memory model or I/O subsystems of the resultant systems do not match what has gone before.

I admit that I am not following Sparc developments that closely, because I work mainly on IBM systems, but as far as I am aware, and as a comparison, there is no real need to port the Power based Linux distributions onto Power6, the current ones just work. Of course, there is a quite high degree of commonality between Power5 and Power6 systems (and to older systems as well, as chrp is a a common model), and you have all of the built-in virtualization which may help to isolate the OS from the hardware. And you probably won't get the full benefit of new features, but it works.

Have SUN not got that degree of abstraction from the hardware?

Ubuntu gets pre-Koala cloud love

Peter Gathercole Silver badge
Unhappy

@Ash

I've now tried to set up Wireless on XP (don't know Vista, no space for it in my house) using Microsoft Zero Config twice, and each time I've given up, because I just could not get it to work. As soon as I used the vendor supplied tool, it worked fine. I could be missing something here, but Zero Config is a lemon as far as I can tell.

Of course, the Belkin, Linksys, and Dlink wireless apps are all different, so you cannot really say that it is Windows that makes it easy if you use their apps.

For Linux, the secret is to choose a wireless chipset that is well supported. Once you do this, Network Manager (for all it's other faults) works fine. Of course, trying to work out what chipset is used is another problem entirely.

I implore all hardware vendors to support Linux as well as they do Windows. Then people would not blame 'Linux' for it's hardware support.

IBM 'in talks' to buy Sun Microsystems

Peter Gathercole Silver badge
Coat

@avi re Sparc Thinkpad

Sorry. In case you hadn't noticed, IBM no longer own the Thinkpad brand, and the Lenovo/IBM joint marketing is in the wind-down phase, so no chance of a Sparc Thinkpad. I'm sure that there were Sparc laptops before (Tadpole? Solbourne?)

Not sure it would be work, any way. IBM had PowerThinkpad (830 and 850 models) with PowerPC 603e processors running AIX 4.1.3 (and, I believe WinNT on Power and even a Power OS/2 port) about 15 years ago, and decided there was no market for them. Mind you, they were real paving slabs (they were bigger than bricks) and very heavy.

Considering how much nostalgia gets written in these comments, isn't it about time there was a rose-tinted-glasses icon? That's what is in the top pocket of my coat, where I can find them easily.

Supercar maker pitches 'leccy sportster with stunning spec

Peter Gathercole Silver badge
Coat

'Supercar'

Is Mike Mercury around to drive it? And are the boffins "Professor Popkiss" and "Doctor Beaker"? Not sure about having a monkey in a shiny new car, though.

My coat is the anorak with the Fanderson badge.

Mystery chip found inside talking iPod Shuffle's earphones

Peter Gathercole Silver badge

...five connectors

If there is a chip, there must be some form of multiplexing going on because it will need some power. I suggest that common ground, left, right, power, and control signal. But there are tricks with variable DC offsets that could be applied, and it is possible to use one line for both power and control signal, but common ground would be easier.

Ethernet — a networking protocol name for the ages

Peter Gathercole Silver badge
Coat

Token Ring vs. Ethernet

Ahh, but with your 16Mb/s token ring installation using mechanical MAU's, woe betide you if someone in the building attached a 4Mb/s device. Instant mahem, with no easy way to isolate the problem, especially if you did not know the order of the desks on the 'ring (the dreaded 'beaconing' error message.)

This took out a major UK IBM support centre for a whole day (we had to rely on 3270 over co-ax using MYTE on the few desks that had PS/2's on them). We then were tasked with splitting the ring in two, with a bridge tying them together to make a single network, so that if the same thing happened again, only half of the desks would loose their network connectivity (and we had to duplicate routers, 3270 gateways, printers, etc.)

Mind you, trying to work out what happened when someone unplugged the terminator of a 10base5 ('thick wire') or 10base2 ('thin wire') Ethernet had it's own problems as well!

And does anybody else remember the 'jabber' light on early 10baseT twisted pair hubs (not switches). Often caused when someone plugged an RS232 terminal into a structured cabling port that was connected to a hub.

I always felt uneasy whenever I had to tap into a 10base5 thick wire cable. It just felt wrong to take what was effectively a drill (the 'tap tool') to the cable that you had spent so much money and time having installed.

Thank god we now have intelligent switches, with automatic isolation of noisy/broken cables, and proper switch mode to eliminate the need for CSMA/CD.

Slash your way inside Apple's Mac Mini

Peter Gathercole Silver badge
Paris Hilton

Dangling testicles

I always believed that the reason why testicles were on the outside was that the optimum temperature to keep stored wrigglers was a few degrees below body heat.

This is normally quoted as the reason why you should bin the Y-fronts or briefs for boxers if you are trying to procreate. Apparently, higher temperatures make male gametes lazy, like Paris on a sunbed, so they don't move as fast.

New in-the-wild attack targets fully-patched Adobe Reader

Peter Gathercole Silver badge
Thumb Up

Postscript

I once saw a Julia Set (often mis-identified as Mandlebrot) program written in PostScript. Send it to the printer, and wait for hours for it to spit out the page!

Biting the hand that feeds IT © 1998–2019