* Posts by Phil Endecott

597 posts • joined 29 Nov 2006

Page:

UK data watchdog dishes out £600k in fines to 4 spam-spewers

Phil Endecott

> All will into administration within a month of the fine.

Dear El Reg, please can we have a followup article tracking whether anything grts paid, whether the businesses close down, and what the directors do next? Thanks.

22
0

Carphone Warehouse cops £400k fine after hack exposed 3 MEEELLION folks’ data

Phil Endecott

£320,000

if they pay by 7th Feb.

0
0

How to hack Wi-Fi for fun and imprisonment with crypto-mining inject

Phil Endecott

Re: Alternatively -

> You could offer "free" wifi with the cryptomining levy openly

> disclosed as the cost of using the wifi.

For some fraction of those customers, you're also paying for their electricity...

According to this: http://www.wired.co.uk/article/how-much-energy-does-bitcoin-mining-really-use

Bitcoin mining might cost of the order of 50kWhr per $ mined. But that might include custom hardware, and certainly has vast margins of error. Anyone have better numbers? Is Monero significantly different?

1
0

US border cops told to stop copying people's files just for the hell of it

Phil Endecott

Re: Goosey, gossey gander....

> US constitutional rights apply to everyone in the US according to the supreme court

Yes, hence the need for Guantanamo, Diego Garcia and other places outside the US where constiutional rights do no apply.

29
0

UK drone collision study didn't show airliner window penetration

Phil Endecott

Re: Plus Ça Change

> Insert almost anything you like for "XXX":

My current favourite value for XXX is DIY home electrics.

14
0

UK.gov pushes ahead with legal right to 10Mbps

Phil Endecott

> The 10M-30M range only applies to properties on copper lengths

> of 1 to 2.5km. If you're sticking a new cabinet somewhere that

> remote, then it will likely be prohibitively expensive to get power to it.

"That remote" ?!!! I'm on a cabinet that's about 2km from the exchange, in the middle of a major city. Max speed about 9 Mb/s. No fiber installed or planned, no alternative providers.

0
0
Phil Endecott

I get about 9 Mb/s; I bet it's magically 10.01 when THEY measure it...

3
0

Ubuntu 17.10 pulled: Linux OS knackers laptop BIOSes, Intel kernel driver fingered

Phil Endecott

> Why is this [a kernel driver for the SPI flash] even a thing?

Imagine that you wanted to write a Linux utility to reflash the BIOS. This would require some way for a user-mode program to access the BIOS flash. A kernel driver to do that is the obvious method.

See posts anove for why a Linux utility to reflash the BIOS is desirable...

13
0

Microsoft emergency update: Malware Engine needs, erm, malware protection

Phil Endecott

Re: Wider issue

> Otherwise how does it get even near executing files that it is checking?

Typically it could be something like: it was trying to copy N bytes from the file to memory, but N is misinterpretted as 255 instead of -1, so the bytes overwrite a location on the stack that contained a return address. So when the function returns it starts executing code from that address, which could also be from the malicious file.

2
0

Lap-slabtop-mobes with Snapdragon Arm CPUs running Windows 10: We had a quick gander

Phil Endecott

Re: Linux?

Does anyone know if the UEFI (or whatever) boot system is sufficiently relaxed that alternative operating systems can be installed?

4
0

French activists storm Paris Apple Store over EU tax dispute

Phil Endecott

You can buy iPhones from other outlets than Apple stores - e.g. John Lewis here in the UK. While I'm sure the wholesale price that they pay, and hence the markup, are commercially sensitive and not publicly known, someone in the industry could make a good guess.

That wholesale price is what the transfer-price for iPhones between Apple (China) (Manufacturing) Ltd and Apple (UK) (Retail) Ltd should be. Then Apple UK's accounts should show profit = sales minus VAT minus transfer price minus staff, buildings etc. They can also legitimately show payments to Apple (US) for o-erating the web site and licensing the Apple Store branding, which is harder to quantify. Then there's the tricky question of ongoing costs, i.e. providing iCloud services to iPhone purchasers in future years.

Presumably HMRC have people who spend their time doing back-of-the-envelope calculations like this and judging whether companies' accounts look reasonable.

IMO, Apple, as a company who sell physical goods, are much easier to study in this way than Facebook, Google and even Microsoft.

0
0

Linux laptop-flinger says bye-bye to buggy Intel Management Engine

Phil Endecott

Re: Alternative?

> ARM is probably going to be your best bet for a system

> without a crap management sub-system running on it.

My 8-core Thunder-X ARM motherboard (MP30-AR1) has an additional processor to provide remote management. Since it also provides the main VGA video output, disabling it might not be a great idea.

1
0

Wondering why your internal .dev web app has stopped working?

Phil Endecott

Are any comentards going to admit to using .dev for internal purposes, as described in the article? I've never come across it, but then I don't get out much. Would be interesting to know if it really is widespread.

5
0

Pro tip: You can log into macOS High Sierra as root with no password

Phil Endecott

GOTO FAIL;

12
0

Exim-ergency! Unix mailer has RCE, DoS vulnerabilities

Phil Endecott

Confirmed, chunking is disabled by default in Debian Stable:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882648

3
0

10 years of the Kindle and the curious incident of a dog in the day-time

Phil Endecott

Re: if Amazon provided a copy of the Kindle version when you bought a proper book,

> the actual manufacturing cost of the electronic version is fraction of a

> single percent of the print version's price

The 20% VAT largely makes up for that, though.

(This should change eventually.)

3
0

iPhone X: Bargain! You've just bagged yourself a cheap AR device

Phil Endecott

> Tits on trees.

NSFW: https://oglaf.com/isle-of-tits/

0
0

It was El Reg wot won it: Bing banishes bogus Brit bank banner ad

Phil Endecott

"We would like to show you a description here but this site won't allow us to."

I love how the real site seems less legitimate due to this line under the page title.

6
0

Weekend dealbook: Cavium to Marvell, Toshiba denies ASUS

Phil Endecott

APM X-Gene also sold recently

Cavium isn’t the only ARM server processor vendor to change hands recently. APM, who made the X-Gene, were bought by MACOM at the start of the year. They have now spun out the X-Gene part of the business; it’s now owned mostly by Carlyle Group, an investment company.

I’ve no idea if this is good or bad - nor whether Marvell+Cavium is good or bad. Anyone have any deeper analysis or what it all means?

0
0

Audio spy Alexa now has a little pal called Dox

Phil Endecott

> Why would I want to make that specific device mobile?

So you can take it on a train, to the pub, restraunt etc. and record other peoples' conversations too.

(How long till that actually happens?)

4
0

Qualcomm is shipping next chip it'll perhaps get sued for: ARM server processor Centriq 2400

Phil Endecott

And also AMD's abandoned ARM chips.

A significant factor is the fab process; these are 10 nm, while the AMD chips and X-Gene were on 40 nm. That's a huge difference, Not sure about thunder-x.

4
0
Phil Endecott

Comparison with Thunder-X and X-Gene would be useful.

Please can I have one with perhaps just 8 or 16 cores?

4
0

If your websites use WordPress, put down that coffee and upgrade to 4.8.3. Thank us later

Phil Endecott

PHP FFS

In your "Perl the most hated programming language" story I was going to going to vote "No, PHP is even more disgusting". But then I saw you also had Visual Basic as an option, and that has actually caused me even more pain.

Honestly all three should be nuked from space.

3
6

Chinese whispers: China shows off magnetic propulsion engine for ultra-silent subs, ships

Phil Endecott

I can't believe this story is still here.

The linked press release talks only about a "permanent magnet motor", not a megnetohydrodynamic drive.

Where did this come from, except the author's imagination?

N.B. posting "fake news" stories makes me less likely to believe anything else that appears on the site.

0
0
Phil Endecott

Re: Wait, what?

I agree, nothing in the linked document talks about magnetohydrodynamic drive at all!

Read it yoursleves: http://eng.mod.gov.cn/news/2017-10/25/content_4795721.htm

1
0

NHS could have 'fended off' WannaCry by taking 'simple steps' – report

Phil Endecott

Re: Easy to mitigate

"152 Simple Steps to Stay Safe Online"

https://www.theregister.co.uk/2017/10/24/googles_security_advice_we_dunno/

0
0

Sex harassment scandal scoops up Silicon Valley's Slimy Scoble

Phil Endecott

Re: Some advice from my mom...

> she may tear off your balls

Apparently your mum was wrong; I think these arseholes have discovered that generally women do not tear off balls in this situation, and that's why they continue.

16
0

Google emits tools to make cross-platform HTML apps less tragic

Phil Endecott

Obligatory XKCD

https://xkcd.com/1174/

11
0

Wanna exorcise Intel's secretive hidden CPU from your hardware? Meet Purism's laptops

Phil Endecott

Re: For decades now

>A hardware reset took the program counter to a defined

> memory location and started executing code there

To give one example of the difficulty of that, the DRAM controller needs to be set up first. So you need to interrogate all of the DIMMs (RAM modules) via their i2c interfaces and ask them their capacity, speed etc. and then program the control registers in the DRAM controller to match. Until you’ve done that you don’t have any RAM. So you have various tricks, such as having a small block of on-CPU RAM that can be used while the main RAM is brought up. Or maybe a mode where the on-CPU cache behaves as RAM initially.

There are plenty of other similar issues. The ROM containing this start-up code, for example. Clocks are now under CPU control, so you need code to run to turn on the clocks and set the right frequencies. Even power supplies are under software control, so that power management (sleep modes etc.) can work.

For a few years it was made to work by having things power on in some sort of “safe” lowest-common-denominator configuration, but that really doesn’t scale to the complexity of modern systems. So instead, there is a small separate processor that comes on first (and can boot in the sort of simple old-fashioned way that you describe, because it’s simple enough to do so), and it brings up the main processor, Subsequently it doesn’t need to do much except perhaps adjust clock frequencies and core voltages depending on workload.

This is all good.

The only issue is that it is locked down and unverifiable.

15
0

Legends of the scrawl: Ordnance Survey launches augmented reality tool for maps

Phil Endecott

Re: OS map data is free

> You can download the OS data and maps for free, in multiple scales

Not exactly; you can’t get the Landranger and Explorer maps for free.

What you can get for free includes “Vector Map District”, a 1:25,000 product that is somewhat comparable to Landranger, and “Terrain 50”, which is contour lines. By combining these with footpath data from Open Street Map it’s possible to make something that’s almost as good as the paper maps but considerably cheaper. As it happens this is what I do for a living: http://ukmapapp.com/

0
0

Lucky Canada. Google chooses Toronto as site of posthuman urban lab

Phil Endecott

On the plus side...

It does seem to have a distillery.

5
0

You're doing open source wrong, Microsoft tsk-tsk-tsks at Google: Chrome security fixes made public too early

Phil Endecott

Re: Does Microsoft's approach not imply...

> two repositories are necessary

Isn't this exactly what git is supposed to be good at?

0
0

You can't find tech staff – wah, wah, wah. Start with your ridiculous job spec

Phil Endecott

Re: Not knowing how to look can make it hard to find

"I have software deployed in C, C++, C#, Go, Python, SQL92, JavaScript, TypeScript and Kotlin on 4 different embedded ARM architectures plus Linux, Windows and FreeRTOS.

Can I remember the exact syntax, APIs, class libraries etc for all of them off the top of my head? Of course not."

I'd hope that you'd be able to get close to the right suntax for whichever one of those you claim you were using last week.

And I'd also hope that, unlike some of the interviewees I've seen, you would not totally freeze up and refuse to write anything at all in that situation.

2
0

Neutron stars shower gold on universe in big bang, felt on Earth as 100-second grav wave

Phil Endecott

Re: Missing answers

> What if this event happened in our Milky Way galaxy

> which has billions of neutron stars

Size of our galaxy = aprox 1e5 light years diameter; this event was approx 1e8 light years away, so a similar event in our galaxy would be about 1e3 times closer. Due to the inverse square law, the intensity of the radiation would be 1e6 greater. But that's still tiny:

According to section 6.1 of

http://iopscience.iop.org/article/10.3847/2041-8213/aa920c

the total gamma ray energy released was about 3e46 erg, with a peak luminosity of about 1e47 erg/s.

(1 erg = 1e-7 J,so that's 3e39J and 1e40W respectively.)

1e5 light years = approx 1e21m. Surface area of a sphere of that radius = about 1e43 m2.

1e40W over 1e43 m2 is 1mW/m2.

That compares to solar energy reaching earth of about 1e3 W/m2, i.e. a million times more. (Not gamma rays admittedly.)

So I don't think this sort of event happening "somewhere in our galaxy" is a worry. It would need to be a lot closer.

0
0
Phil Endecott

Get it right.

"At 0841 ET (1241 UTC) on August 17, LIGO picked up the longest gravitational wave signal detected to date, named GW170817, and a short gamma ray burst"

The gamma ray burst was detected by the Fermi gamma ray observatory, a space telescope.

Not by LIGO.

9
0

Combinations? Permutations? Those words don't mean what you think they mean

Phil Endecott

> Assuming your data set is large, and there are many visits to the

> website, you're likely to apply machine learning (ML) in your

> investigations.

Nope.

I'm just going to use "a program".

Or is "machine learning" just how people spell "a computer program" these days?

6
0

Supreme Court to rule on whether US has right to data stored overseas

Phil Endecott

Wouldn’t it be great if there were some significant European email provider for people to switch to instead of US gmail, hotmail, outlook, yahoo, icloud etc. I think the closest we get is gmx.de.

(Hilariously, my iPad autocorrected gmx.de to gmail.com!)

5
0

El Reg was invited to the House of Lords to burst the AI-pocalypse bubble

Phil Endecott

Neuroscience

My guess is that gaining a better understanding of how brains work would be one of the better ways to spend AI money.

9
0

'Israel hacked Kaspersky and caught Russian spies using AV tool to harvest NSA exploits'

Phil Endecott

> That should catch 'em all right?

There was an old woman who swallowed a horse...

She'd dead, of course.

6
0

Et tu Accenture? Then fall S3er: Consultancy giant leaks private keys, emails and more online

Phil Endecott

Re: Oooohhh Nooooo

> I cant imagine why you would ever want public access to bucket storage.

You can implement websites directly using S3.

3
0

Blade Runner 2049 review: Scott's vision versus Villeneuve's skill

Phil Endecott

Great visually, but IMHO it would have benefited from a bit more plot. Or a bit more depth to the plot.

Last film I saw set in LA was Lala-land. Quite a contrast!

0
1

How much for that Belkin cable? Margin of 1,992%?

Phil Endecott

In some cases, these crazy prices will be due to, for example, the purchase actually being a pack of 100 but logged as a single item. Or 50m not 50cm.

Ignoring outliers and looking at the 10th percentile would be more informative.

4
0

Here's a gentle guide to building JavaScript AI in web browsers. Totally not a scary thing

Phil Endecott

> "The image recognition processing is not done on the PC, I'll wager."

> And certainly not in javascript in a web browser. It would probably

> take an hour just to process a single image.

Wrong. This runs in the browser, using WebGL to access your GPU for hardware acceleration.

1
0

What is the probability of being drunk at work and also being tested? Let's find out! Correctly

Phil Endecott

0.90 vs 90%

My guess is that they've correctly calculated that the probability is 0.90, and then just written 0.90% without multiplying by 100.

3
0

Home Sec Amber Rudd: Yeah, I don't understand encryption. So what?

Phil Endecott

Re: Rudd

> What happens when the old car that the 17 year old buys needs

> a new battery - will they be refused ?

Same as under 16s not being allowed to buy disposable razors.

3
0

Microsoft shows off Windows 10 Second Li, er, Mixed Reality

Phil Endecott

Windows 10 Fall Creators Update

Anyone else read that as "Windows 10 Fail Creators Update" ?

10
7

Dnsmasq and the seven flaws: Patch these nasty remote-control holes

Phil Endecott

In my quick look at the Google security blog I wasn't sure whether "remote" meant "from the outside internet" or "from another machine on the local network". For example, the DHCP bugs are surely only going to be exploitable by local machines, right? Do DNS bugs require that the attacker is controlling replies to DNS requests that I make? That would be tricky if my dnsmasq is forwarding to my ISPs DNS, for example.

2
0

It's a real FAQ to ex-EDS staffers: You'll do what with our pensions, DXC?

Phil Endecott

> That's 25 years of full-salary paid back to you.

No, it's not full-salary; it's typically about a third of that.

1
0

'Alternative network provider' CityFibre boosts sales 36%

Phil Endecott

> If you think of "customer premises" in terms of "University Halls

> of Residence" or "Office Block with 35 tenants",

The connections near me are more like "office with 6 people" or "small primary school" or "hooiday inn express". I guess they're at the bottom end, but there must be some very large customers to make the average that high.

0
0

Trump's tax tease will be a massive payday for Valley tech giants and their shareholders

This post has been deleted by a moderator

Page:

Forums

Biting the hand that feeds IT © 1998–2018