* Posts by Ozzard

38 posts • joined 15 Dec 2011

Defense against the Darknet, or how to accessorize to defeat video surveillance

Ozzard
Mushroom

Next step: YOLOv2.1 trained on these

Great first step. Now the recogniser's training set needs to include people with these patches... and then the patches are defeated, and privacy folks need to find adversarial imaes against the next training set.

The arms race is on! (Icon to emphasise this)

GA'day, mate: Open the plonk, turn up a banger, Visual Studio 2019 is officially here (don't get too excited, Mac devs)

Ozzard

Vertical space

One portrait and one landscape monitor on my main dev box, each about 24" diagonal. The combination gives some surprisingly flexible options - I have a habit of moving output / find / watch / ... windows to the secondary (portrait) monitor, which still has plenty of room at the top for a useful amount of Firefox real-estate given the modern idiocy of most sites wasting loads of horizontal space.

Ozzard
Boffin

Eight meg? We used to *dream* of eight meg...

Back when I was a Student Apprentice at Racal in the mid-80s (complete with indenture papers), I drew the short straw for compute resources. I got the VT220 (not even a nice Wyse) onto our file server - a 2 Mbyte Sun-2/x80 (can't remember 180 or 280 without looking) serving ten diskless 2M Sun-2/50s and /60s, each with one user on the big screen and one on a Wyse, via good old thick-as-yer-thumb Ethernet.

That server was a wee bit busy.

I had a choice of vi (128k binary) or emacs (2M binary) as my editor. On a 2M machine.

Unsurprisingly, I learned vi. Those who remember their VT codes will also be unsurprised to learn that I used hjkl to navigate rather than the cursor keys; the editor could stall for several seconds at times, sometimes midway through processing a cursor key press, leading to it believing I'd pressed ESC, paused, and then ] ... whatever. Most irritating.

I still use vim on Linux, gvim on Windows; and I've rather liked the VS2019 previews, they've run remarkably well on my rather more modern dev box that probably cost me less than the VT220 would have done in 1985!

Campaigners cry foul over NHS Digital plans to grant policy wonks and researchers access to patient-level data

Ozzard

Excellent technical idea to standardise on SNOMED rather than the present patchwork of coding systems. It's sound, can be compositional based on a description logic model, and could in theory convey very rich information indeed.

Bonkers political idea to mandate centralised access to same. There are perfectly good federated data access systems out there that can provide just-in-time access to only the required data with strong legal guarantees about what it'll be used for (I know, I architected one). Use them and ditch the arbitrary centralisation. Oh, and break up EMIS while you're at it, as they've already got about half of Care.data along with a big chunk of your pharmacy data and have no compunction whatsoever about selling access to that.

I am just a mapper: Solar drones take to the skies above Blighty

Ozzard

Re: Battery life

I suspect that if you put the batteries inside the wing sections in a long sausage surrounded by a low-density foam, they'd be pretty well insulated - perhaps enough that you wouldn't need to run extra heater wires near them, given that they'll emit heat both when charging and when discharging. No idea whether that's how it's done, but it looks like the kind of design where you can take advantage of available space.

Congrats, Satya Nadella. In just five years, you've turned Microsoft from Neutral Evil to, er, merely True Neutral

Ozzard
Big Brother

I wouldn't mind if Microsoft still only wanted my money

It used to be that Microsoft wanted my money, Google wanted my data, and Apple wanted my freedom of choice. I could choose which to trade for toys in any given situation.

Now, I can't. Microsoft wants not only my money, but my personal data and freedom of choice as well. I'll still use it where I have to, but non-MS is becoming a much larger part of my life. Especially given Office 36whatever... oh yes, Office 503 Service Unavailable, that's it.

Begone, Demon Internet: Vodafone to shutter old-school pioneer ISP

Ozzard

Re: Migrate...

Zen does feel very much like Demon in its golden days - I'm by no means a networking novice and the questions I ask of their telephone helpdesk are rarely of the "turn it off and on again" variety. I've never, ever, needed to go past first-line support. Very good crowd. Yes, expensive, but I'll take that for the quality.

Heard the one where the boss calls in an Oracle consultant who couldn't fix the database?

Ozzard
Facepalm

Naming conventions

I know one person who named his hosts using common pronouns such as it and they, with job runners such as something and nobody. Conversation about these systems rapidly became impossible.

Ozzard

We need more generalists - join us, jooiiin ussss!

We need more generalists - increasingly difficult as the body of knowledge in IT grows by the day. Can I interest any readers in taking it up as a career? :-)

It's a really enjoyable job if you love learning, thinking, communicating, and having a pretty good idea of where organisational cock-ups tend to originate (hint: who would benefit from this situation?) and hence where to look for the root cause of the gotcha. Definitely not all technical, and really fulfilling to leave an organisation with people knowing more, communicating better, and (ideally) less siloed and more able to deal with future gotchas without external aid.

Warning: Malware, rogue users can spy on some apps' HTTPS crypto – by whipping them with a CAT o' nine TLS

Ozzard

Re: Precise timers are sufficiently available using a second thread

Aha! See also https://gruss.cc/files/fantastictimers.pdf - Fantastic Timers and Where To Find Them.

Ozzard

Precise timers are sufficiently available using a second thread

There was a lovely exploit described against Intel SGX earlier this year that could run in one SGX enclave (and thus not be spied upon by the host CPU) and attack the host or a second SGX enclave. SGX doesn't have precise timers, but *does* have the ability to use multiple cores. The developers implemented a precise timer using a thread that simply spun incrementing a memory location; it was several times more precise than the "precise" timers.

Any time you have access to more than one thread, you probably have a sufficiently precise timer.

PortSmash attack blasts hole in Intel's Hyper-Threading CPUs, leaves with secret crypto keys

Ozzard
Black Helicopters

Interesting watering-hole web attack here

Given that all the code has to do is run on a thread on the same core, I'd be interested to see whether one could use JITted Javascript in a browser window as the snooping code. Works fine inside a sandbox - it's only doing compute, after all, so there's nothing for the sandbox to stop. Just leave it running in the window, and see if you happen to strike gold with a crypto key.

Bonus points if you can use a spear-phishing or watering hole attack to do this on the browser of the sysadmin of an organisation you're targeting.

Boffin: Dump hardware number generators for encryption and instead look within

Ozzard
Big Brother

Re: Hey El Reg Peeps, Paper Author Here

Silly question: How easy might it be for a processor to recognise code corresponding to this algorithm and deliberately feed it predictable results, i.e. subvert the hardware to produce predictable RNG in common cases? If it's relatively simple in silicon terms, that feels like something of a risk.

Heatwave shmeatwave: Brit IT departments cool their racks – explicit pics

Ozzard

Re: Pffft Amateurs

My father worked as a maintenance engineer on "The World's First Supercomputer" - Atlas (see https://www.youtube.com/watch?v=6TRfy70DqD8 for some of his comments on modern washing machines). The machine cooling made a really good fridge for the (then new) Ski yoghurts.

Ozzard

Re: Just blow on it

Yeah, our -80C freezers in the lab are on the UPS and, for bonus points, have big CO2 cylinders behind that they can vent over several hours to keep cool.

Of course, at that point the entire floor's full of carbon dioxide and we don't have breathing equipment...

You wanna be an alpha... tester of The Register's redesign? Step this way

Ozzard

Fine in broad outline, nitpicks below...

With a headline as I post this - one article to the left, several to the right - it looks somewhat asymmetric as the image is not in the centre of the page. That's probably a good thing, except that there are no visual cues that the picture is associated with the left-hand story until you hover over the story or image. It'd be good to have a cue to that effect; my slightly Aspie brain doesn't associate image and story as it stands.

I still prefer more control over my vertical pixels. Any chance of a comfortable/cosy/compact setting (not that I ever use Gmail or anything, oh no) that squeezes the designer-grade whitespace out of the page and replaces it with minimal whitespace?

Please, please, *please* can we have rid of that floating top navbar with the ALL CAPS? As noted last time, it's been demonstrated to be less readable than mixed case; and once again, it's vertical pixels that I can't use for my own nefarious purposes.

Finally, any chance of an "advanced reader" option that blanks the stock images that adorn most stories, and their teasers on the main page, leaving only any that are genuinely related to the story? Once again, it's wasted pixels; I'm really not interested in seeing the same stock image that's been used for the last three related stories deployed again. It doesn't help me discern what the story is about; it doesn't convey information that is specific to the story; and in general it's schlock stock (where *do* you get your images from, as they're generally of rock-bottom creativity?!) If I could simply splat the images, that'd be great.

Thinking about it, maybe I should just make an override CSS and load it ;-).

Google's ghost busters: We can scare off Spectre haunting Chrome tabs

Ozzard
Boffin

Ooh, what a lovely DoS attack vector...

Imagine a little bit of Javascript on a drive-by that creates a thousand invisible iframes on the page and points each one to a page from a different domain...

Great news, cask beer fans: UK shortage of CO2 menaces fizzy crap taking up tap space

Ozzard
Boffin

It's hitting the biosciences too - and perhaps medicine

We've had a warning round that dry ice is scarce and may not be available when needed. Samples that need to be kept frozen in transit are usually shuttled round in an expanded polystyrene container under dry ice, so this has the potential to limit movement of tissue and plasma/serum samples at least.

(Pint of mild, please)

VMs: Imperfect answers to imperfect problems, but they're all we have

Ozzard
Windows

While poorly-written and legacy applications exist, we'll need containers for them

I spend a fair bit of my time these days as an architect for healthcare and bio projects. These aren't greenfield sites - anything but. They have software that can be fifteen years old, designed for operating systems that aren't supported any more. Applications often assume they're interactive and only one instance will ever run on the system at one time. This gets quite entertaining when you're trying to do bulk analysis of (say) 5,000 multi-gigabyte data files in the shortest possible time. But the applications are known to produce "correct" results and nobody wants to fiddle with them, so we have to find a way of running lots of them in parallel on modern tin.

Oh, and these are generally Windows applications, so VMs are far more useful than containers - though if anyone can point me at a system that can emulate Windows XP with Docker-speed process starts and low memory overhead, I'll be very interested!

Official: Perl the most hated programming language, say devs

Ozzard

R?

Perhaps not quite as bad as APL for write-only semantics, but R is really not a nice language in which to work.

Got that syncing feeling? Cloud's client-side email problem

Ozzard
Alert

I sync locally because I don't trust "cloud" providers

I store "in the cloud" because I don't trust my local machine.

But always remember what "the cloud" actually is: it should be called "other people's computers". I sync locally because I don't trust my cloud providers to be reliable and honest. As a result, I've never lost local data, even when a provider's gone bankrupt and suddenly my data isn't accessible to me any more. I've also never had to pay an unexpected bill because a provider has suddenly changed its T&Cs and held my data to ransom.

Sure, use other people's computers. But do the risk assessment on how much you trust the other people, and their computers.

Tanks for the memories: Building a post-Microsoft Office cloud suite

Ozzard
Black Helicopters

Offline for me, please - and Office is still the de-facto interchange format

I work with confidential information. I work with documents with very tight formatting for presentation that can't lose that formatting when round-tripped between multiple organisations. I work on trains in a hilly area of England with lots of tunnels. As I've said here previously (and been thoroughly voted down), I'll stick with the offline version of Microsoft Office. Office is still the de-facto document interchange format for anything that has even moderate formatting; it allows me to keep on editing my document even when going through a tunnel on the train; and I can be reasonably certain that what I'm doing is only sniffed by external agents when I choose to expose something over email or a file-sharing service, not every time I type a keystroke.

Hot news! Combustible Galaxy Note 7 to return as 'Galaxy Note FE'

Ozzard
Go

Decent price and stylus? I'd have one

Indecent price? No thanks. But I miss my Note 2 - I used the stylus quite a bit. I've not really been able to justify the cost of the later Notes, but could be persuaded at a fire sale price.

Twas the week before Xmas ... not a creature was stirring – except Microsoft admitting its Windows 10 upgrade pop-up went 'too far'

Ozzard

Re: M$ Long History

Sorry? Microsoft is about the committee? News to me - I thought it was about knifing the other guy in the back before he (almost invariably "he") knifes you. Open warfare between divisions. That kind of thing.

Your colleagues will lie to you: An enterprise architect's life

Ozzard
FAIL

Authentication? Feh...

Sometime, try working with lab hardware. We're presently dealing with one system where the only way to configure its auth that complies with ICH Good Clinical Practice is to use its own custom auth system. This consists of a single file, held on a Windows file share, that contains all usernames, passwords... and the audit log that holds records of user logins. It also has to run under a single Windows account as the hardware is controlled by the same program that presents the UI, not by a daemon/service, so a Windows logout stops the hardware in its tracks.

Yes, that's right, we now have an environment where anyone using any of those machines can swap in their own malicious auth file, tamper with audit records, or just do a Pott-ian Oopsie McFumblefingers and delete the thing... and we have no idea who to blame. And somehow the vendor considers this OK.

Avoiding Liverpool was the aim: All aboard the world's ONLY moving aqueduct

Ozzard
Boffin

If you want a view of a working boat crossing it...

... try this video of a late-'30s Claytons tar boat with a Bolinder single-cylinder 2-stroke engine. Tom Kitching (usually at the back in the video) and Edwin Beasant (usually at the front) were 2/3 of Pilgrims' Way, had been nominated for a R2 Folk Award, and decided to get to the ceremony at Salford Quays on Spey. It was February. It was a bit icy...

https://www.youtube.com/watch?v=_qxwCucEC_A

Some lovely photos there, Alun!

(P.S. Wot no 'old fart' icon?)

Win XP, Flash, Java... healthcare makes easy pickings for hackers

Ozzard
FAIL

I work with validated healthcare software. Much of the time, the reason software (and hardware) is never upgraded is because of the time and effort it would take to run the entire validation suite against a new version. This leads to some stupendously crazy situations. Let me give you an example.

In 2011, I tried to access a major vendor's cloud-based clinical trial system using Firefox. All I got was a pleasantly mid-blue page. No text, no images, no messages, nothing.

Then I tried it using Internet Explorer. This time I got a nicely centred blue message - along the lines of "Your browser is not supported. This software is validated for Internet Explorer 5.5 and 6 only." (Remember: 2011. IE5.5? WTF??)

Finally I cursed the deities of regulatory compliance (the FDA) and all those who worship them, fired up a Windows XP virtual machine on my box, and got in on IE6.

An entire major pharma company's fleet of Windows boxes - desktops and laptops - was held back to running Windows XP and IE6 because of this and similar applications. It was simply too expensive for the vendors to validate the software on each version of each browser.

Oh - and the reason Firefox didn't show the error message? The message was written by a piece of client-side Javascript... that used IE-specific techniques to show text. Inspired.

Chip company FTDI accused of bricking counterfeits again

Ozzard
Mushroom

Always mount a scratch monkey

Why oh why am I reminded of this old story?

http://edp.org/monkey.htm

You've seen things people wouldn't believe – so tell us your programming horrors

Ozzard

Re: rm -rf

Stock UNIX behaviour - a file's inode and data goes away when nothing uses it any more. Holding a file descriptor open to the file in a process is sufficient to keep the inode and data in place until the last reference goes, at which point it's reclaimed.

Clever folks, them Unix inventors. You'd almost reckon they'd thought of this case.

Ozzard
Boffin

Re: rm -rf /etc /bin /usr

Not a legend, by the way - I know the people involved in that. The "Alasdair" in the story has since done interesting things like devise Rosetta - the thing that let Apple move from PowerPC to Intel. Mario's worked on several generations of Sparc processor design. Smart cookies.

Bookstore sells some data centre capacity, becomes Microsoft, Oracle's nemesis

Ozzard

Trevor, surely Office sells Windows, not the other way round?

I know plenty of folks who'd love to migrate to a free OS, but they can't because:

- Microsoft Office doesn't run on the free OS;

- They can't afford to re-train their users in a new office productivity suite;

- Even if they could afford the training, they can't afford to lose being able to round-trip Microsoft Office documents to/from partners, clients and suppliers without loss of fidelity.

There's exactly one way to kill Microsoft: write a bug-for-bug compatible version of Office and release it for free. Not a "better version", not a "restyled user interface for easier navigation", but a drop-in replacement such that your average user doesn't even notice the change.

Reg lecture asks what’s so scary about 1.5 tonnes of metal with a mind of its own?

Ozzard

Beware brainwashing

I'd prefer a car that had a mind of someone else's - in particular, a someone else who I chose to rely on.

I think the danger of control unit / firmware replacement on vehicles that are out on the street overnight or are multi-tenant (driverless taxis and hire cars, for example) has been underestimated. Consider a replacement that was coded to work perfectly until a random time (perhaps years later) when the vehicle was doing 60+ MPH on a motorway, at which point it was designed to pull over to the hard shoulder, execute a braked turn, accelerate back down the hard shoulder until it was doing at least 70mph then pull out and aim for oncoming traffic.

Given the old adage that "if you can reach the hardware, you own the machine", I don't know how one can prevent this.

'To read this page, please turn off your ad blocker...'

Ozzard

NoScript, NoAdBlockerBlocker

Amusingly, I hadn't even noticed. I browse with NoScript turned on, and the Washington Post's blocker requires Javascript to run...

I cannae dae it, cap'n! Why I had to quit the madness of frontline IT

Ozzard

Good IT folks are very rarely good people people (and vice versa)

Getting an IT system working right is all about technical skills and attention to detail.

Getting a budget approved is all about people skills, negotiation and (frequently) knowing where the bodies are buried.

It's very rare to find all of these skills in the same person. The interface between the good technical folks and the horrible, gooey, backstabbing world of corporate politics is critical. You need someone who can understand and support the IT folks and also play the corporate game - and people like that who don't want to take advantage of the IT folks are like rocking-horse shit.

Five lightweight Linux desktop worlds for extreme open-sourcers

Ozzard
Boffin

twm? Old-school, I know

Am I the only person who still runs a raw X server and twm with the config file I wrote in the early '90s? I love the backwards compatibility you get from open-source software!

(Aside: what, no "old fogey" icon?)

The Shock of the New: The Register redesign update 4

Ozzard

Improvement - thanks! -

(Very occasional commenter, please be gentle... oh, what the heck, this is El Reg!)

Usual viewing environment: 24" 18:9 LCD. Every vertical pixel is precious!

Update 4's a considerable improvement on previous iterations - thanks to the design team, and a special thanks for making it possible to miss out the huge information-poor stock photos on the tops of stories!

As others have noted, I'd prefer a more information-dense front page. A typical old-school techie who grew up on green screens (once punched cards went away), I read very quickly (ALL CAPS less so) and it takes time to shift my brain between text and images, or even between significantly different text sizes. The current version gives me very little of what I want (text that I can process quickly to decide whether I want to view more detail), especially on a landscape screen.

I'd love to see the floating menu bar pinned back to the top of the page. As noted above, every vertical pixel's precious to me. Add in the design truism that ALL CAPS is harder to read at speed (check out the developer loathing of Visual Studio 2012 menus on Windows 8 if you think the vitriol here was bad) and my comment that I have to do a mental gear shift to read different text sizes, and you get the irritating situation that I've just lost some of the most scarce resource on my screen to something that I don't use and can't read.

All that said, *thank you* for continuing to iterate after release, and for being willing to take comments at all. A technical audience is one of the hardest to design for - there are many reasons for this, not all reflecting well on the audience - and rarely pulls punches on feedback.

Are driverless cars the death knell of the motor biz?

Ozzard

A hacker's paradise

I thought the same thing when I first saw the functioning driverless cars. Then I wondered how I'd feel getting into a car I didn't control and where I had no idea whether the control software had been hacked - for example, to drive just fine for thousands of hours and then randomly accelerate at a T-junction with a concrete wall on the far side of the junction.

I have no idea how I'd resolve that issue. Thoughts?

Microsoft copies Google with silent browser updates

Ozzard

Are MS rolling out IE8 or IE9 to machines running pirated Windows?

If MS is willing to roll out browser upgrades to pirated copies of Windows, the IE6 problem almost goes away. I say "almost" because I'm in healthcare, and am currently working between three organisations that are all stuck on IE6 or (in one case) IE7 because they have line-of-business systems that don't work in any standards-compliant browser.

Biting the hand that feeds IT © 1998–2019