The body of christ
Turns out to be 98% gristle
584 posts • joined 7 Mar 2012
Turns out to be 98% gristle
West Midlands is the middle west, not middle east. Middle eastern would be Cambridgeshire. Do keep up.
BadUSB (and by extension, the hypothetical rooted android device) both create a dodgy USB device which interacts with the OS to do bad things. I know about that (I've built quite a few USB devices myself). They don't "attack the baseline controller", but act as a keyboard, disk - all normal devices that the OS would expect to see, but programmed in a way to attack the target computer by sending malicious keystrokes etc.
But this hack requires the USB device to interact with the Intel lights-out chip, not the OS. That was the point I was making: while the OS is running, the OS is in control of all USB communications and would (I believe) have to explicitly allow the device to communicate with the lights out chip. This is because USB is a single-master design, so you cannot have two USB controllers acting on the bus at the same time.
USB devices report themselves by vendor and product ID, so it's possible that the Intel management chip would intercept any USB devices of a certain type (the described JTAG-to-USB device) and not report them to the OS. Then, this attack would work against a running computer. But that's not what was reported.
Yeah. I'm just wondering that myself. If you have USB access you can probably also reach the power button, in which case - short of full disk encryption - you're pwned anyway.
Not sure I buy the hacking model of distributing USB disks with rootkits on them - yes, I've seen Mr Robot - I know that it's possible, but it's a bit specialised and doesn't scale well. Plus, I presume the stick has to be in the drive when the machine boots, no? It's not like if you plug in a USB stick claiming to be a JTAG interface it will somehow magically bypass the OS USB stack and go straight to the lights-out chip. That might fly with firewire but USB has only a single master.
In short, nice hack and Intel deserve a kick up the arse, but I don't see this being a major risk - unless it works without booting the machine, and with the software-simulated USB over XHCI as someone posited above. Then we're all fucked.
Essentially this is the plot of Calgary, a fine film with Brendan and Domhall Gleeson, Chris O'Dowd, Aiden Gillen amongst others. Not bashing bishops, I hasten to add, but the erosion of respect for the catholic church in Ireland. Well worth a watch
You joke but there's probably something to this. The normal pattern for a hack this size is gloating attribution, but this one was leaked to Süddeutsche Zeitung and no hacking crew has publicly claimed responsibility.
I imagine the moment when they realised what sort of data they had (and who it was on) was a bit of an "oh, fuck" moment.
> expect The Usual Suspects to come along shortly
Well you certainly called that: Big John was the very next reply, bringing his usual but-but-benghazi dross with him, with bombastic bob to follow. All we need now is Matt Bryant for the nutjob trifecta.
"WHILE PASSING THROUGH FL180, DURING THE DESCENT FOR A LANDING AT TAMPA, FLORIDA, THE AIRCREW HEARD A LOUD BANG AND THE RADAR SYSTEM FAILED. IT WAS AN OTHERWISE NORMAL APPROACH TO LANDING, IN CLEAR SKY, WITH NO TURBULENCE. THE AIRCRAFT CONTINUED TO HANDLE NORMALLY AND THE SUBSEQUENT LANDING WAS WITHOUT INCIDENT. A POST FLIGHT INSPECTION OF THE AIRCRAFT NOTED THE NOSE RADOME WAS DENTED IN AND CRACKED. IT APPEARS THE INNER PLY OF THE RADOME HAD SEPARATED FROM THE OUTER SHELL AND THIS RESULTED IN A TWO FOOT DIAMETER DELAMINATION, AND THE FRONT TIP OF THE RADOME TO CAVE IN. NO EVIDENCE WAS FOUND OF ANY BIRD OR OTHER FOREIGN OBJECT IMPACT. A REVIEW OF THE AIRCRAFT’S MAINTENANCE RECORD INDICATES THE SUBJECT RADOME WAS INSTALLED ON OCTOBER 21, 2003. FURTHERMORE, THE RECORDS DO NOT INDICATE ANY HISTORY OF RELATED PROBLEMS."
The only thing I'm not clear on is why they had to shout.
Good morning, that's a nice Blockchain.
You're in a hole Charles, for the love of god stop digging.
Thank you for your reply to an article on the risks to commercial aircraft from drones. It appears your point is:
[x] there is no proof it was a Drone
[x] that hitting a Drone is no worse than hitting a bird
[ ] this is just an excuse for governments to clamp down on drone use
[ ] the proposed response will only effect law-abiding drone users
[ ] blah blah freedom
[ ] some other innumerate or illogical argument.
to which I would reply
[x] your standards of proof are unreasonably high
[x] although the odds are small, the consequences of a crash are disastrous
[x] hitting a bird is not a risk-free event either
[x] just because one risk exists doesn't mean you should accept others [credit to first-page AC]
[x] this was no accident; the drone pilot deliberately acted this way.
[ ] some other piece of relatively simple deduction that appears to elude you, you wingnut
and in addition
[ ] otherwise your comment was well considered and thoughtful
[x] risk management. Try again when you understand what those words mean.
[ ] no, the moon landings weren't faked and yes, climate change is real.
[ ] with rights come responsibilities
[ ] back to school junior
[ ] I'm going to burn down your house etc.
You could not be more right.
Prince Phillip? What are you doing here?
On misunderstandings in Kibbutzim; a mate was there but his hebrew was terrible, and couldn't understand the hilarity when he asked how many carrots he should peel. Turns out the word for 'virgins" is very close to the word for carrots...
Pi Model B: £32
10" touchscreen: £50
SD Card: £5
Total: GBP116, which is USD180 or so at non-apple exchange rates. That's at the economies of scale that most hardware manufacturers could only dream of. Add in the vast quantities of free coverage for the Pi due to articles in the tech and non-tech press, the favourable distribution with Farnel/Newark they no doubt were able to negotiate based on quantity, and the fact that most of their software is written for free by the community.
Now compare to USD200 per unit for this device if you buy three of them.
So I'll need you to clarify where the massive markup is, because I don't see it.
Funny how the article specifically states the target market is people who don't have the technical ability or inclination to manage doing this sort of stuff over social media, and yet most of the comments are "I can do this with a Raspberry PI, XMPP server, static IP".
Yes, you can. I can too. But $600 so I don't have to fix it on my mum's computer when it breaks would be the best $600 I have ever spent, BAR NONE.
Yawn. You mean I can write a letter, perhaps, or make a phone call? Zip and email some photos perhaps?
Video calls mean Skype or Facetime. Practical photo sharing is going to require something more than email. All are going to require an account of some sort.
Personally I love this product, I can see the idea behind it and I would certainly buy three (in the UK), subject to a few key points:
1. I know they're making their money from hardware, subscriptions, optional extras or storage costs for media, not from selling me as a marketing opportunity to all and sundry.
2. It's got a good noice-cancelling mic and a very, very fucking loud speaker. Old people have bad hearing, doubly so when there are screaming children (unnecessary adjective, all children are screaming). If I'm going to sit across a table from this with my kids talking to my parents, I don't want every second sentence to be "sorry, I missed that".
I was going to post the same link. The LondonReconnections article is by far and away the best article on the topic I've read, although a bit slow as their servers are straining under the load.
The bankrolling issue is definitely a key point. As a friend once pointed out about the business he'd just run from, if you're losing 5p a transaction you can't make it up with volume. I presume Uber is aware of this and so are following the "expand to force everyone else out of the sector, then raise prices" model.
Croque Madame has an egg, not ham. WIthout either, I presume it's just a Croque....
I haven't actually used these currencies so I'm not sure how the "proof-of-stake" alternatives to "proof-of-work" are coming along, but it strikes me that the existing mining model is essentially insane; a frantic digital race to waste more power than the other guys to ensure your version of the truth prevails.
I'd only hire coders with a CS degree. Yes, anyone can knock out some functioning code, but engineering a maintainable product (or, much harder, part of a product) is a more formal discipline. I don't know if it's effectively taught as part of a CS degree, but I know you're not going to pick it up scripting websites in your spare time.
A few years ago I used to use an interview question I lifted from my first year CS course: I'd outline a Linked-List class, describe it's purpose and ask them to complete the "remove" method. About half my interviewees couldn't finish it, including a few with the degree (yes, I know that most languages come with a LinkedList class, but programming isn't just about assembling pre-existing blocks).
It would definitely evaporate during entry, but it would be trapped by gravity in the atmosphere. When the density got too high it would condense and fall as rain. Same net effect.
Estimated ass of the asteroid belt is about 3e21kg, 4% that of the moon. Mass of oceans is about 1.4e21 kg. If all the water turned up from asteroids, that's an awful lot of asteroids. Lets say they were 50% water back in the day, that's the entire volume of the current asteroid belt hitting us to supply enough water.
I have to admit when I started this reply I thought that was bollocks, but I suppose in a much lumpier early solar system those numbers aren't beyond belief. It would have made life on earth at the time a little awkward, glad I wasn't about.
It's not like the EU is forcing us to spend the rebate on chocolate teapots. The money will be spent anyway, probably on the same things that the rebate would cover anyway.
If we had full and complete control of everything (which we're aiming to achieve by closing our eyes and pretending we're the only ones in the room), I'd expect the percentage of that budget that would be spent differently would be fairly miniscule.
Boris, the human clickbait.
No downvote from me; I spent some years on drugs in London and I have to say it was simply marvellous.
I'm still amazed how many people misunderstand the meaning of "censorship", or think that freedom of speech means something more than just "you won't be prevented from saying it by the government". That's all it is - it's a very, very low bar. No-one has to help them do it, and although they have a right to say it, I'm very much OK with private citizens or corporations trying to stop them exercising that right.
The Daily Stormer can stand on a soapbox on a street corner and shout like all the other nutjobs. Presuming they can find someone to sell them a soapbox.
I've read four pages of comments, and the article, and I'm still not sure I get why the hatred for these is so vociferous. There are whole websites dedicated to people hating smart meters and 200 comments here that pretty much say the same thing: smart meters are 100% bad.
To sum up what I've got from these pages, people don't like smart meters because:
1. It probably won't save them any money - so they're no better off, but no worse off.
2. It may make the energy company more money - ok, they're 90% fuckers but as this won't cost me anything, good luck to them.
3. They may be turned off remotely deliberately. I thought I'd read that this feature was proposed but discarded due to concerns over liability (if they disconnect a dialysis machine, for example) - can't seem to find this now, but I have found an Ofgem Guidance Document outlining the process for disconnection, which is broadly the same as the current process except that they don't need to make a house call with two polcemen and boltcutters.
4. They may be turned off remotely accidentally - true, but we already live with this risk and call it a "power cut". Getting it turned back on will be a phone call.
5. The meter itself is shit and overpriced - this one I can understand but only on the grounds of "it could be better". I'm offended technically, but not surprised.
6. The meters get it wrong sometimes. First, that's no different to current meters - after reading my dual-tariff meter recently EDF tried to charge me several thousand pounds for the kinds of usage that would have melted the copper in my house. Utility company incompetence exists now and will continue unabated long after we all have smart meters. But smart meters can fix this with software, and the metering hardware, if anything should be more accurate, no? Modern technology and all that.
7. Smart meters give you cancer - ok, haven't seen that one on the Reg, but have seen it elsewhere.
8. They allow the energy company to know when you're using power to spy on you - true, but I'm struggling to care.
9. The might be hacked. Theoretically true, but many orders of magnitude less likely than anything else in the house being hacked for most consumers, and to what end? So someone can read your meter? This risk seems very low.
10. It's a one-off disruption to install - irrelevant in the long term.
11. The meters themselves use power so it's wasteful - OK, but at 4W a meter plus a bit more for the hub (which I believe is optional) it's not exactly going to single-handedly ruin the environment. More data centers being built to process this data is a bit spurious - if we're concerned about this, surely we'd be better off with a single monopoly and one large datacenter?
As for benefits - at a minimum:
1. It stops the nagging calls and knocks on door asking for meter reads, and it saves me banging my head on the hatch to my basement every few months.
2. It also removes the "estimated bill" boondoggle, which always seems to involved the utility taking £400 extra up front then paying it back to me when I close the account.
3. Assuming software bugs are fixed, it should be more accurate and less error prone.
The beef I understand most is that it's a wasted opportunity because they could be better technically, and that it's a typical government IT cockup: overpriced and poorly managed. True, but even with that I'm struggling to find more than a "meh" as an argument against (or for) smart meters. What have I missed?
"I ain't gettin' on no plane, fool" - maybe Mr T was right all along?
@samzeman, that might be one of the more well thought through comments I've ever read on the Reg. Sadly one upvote is all I can give.
I made exactly that decision when I bought our new Samsung last month - it has a power cable and an HDMI to a Raspberry Pi, and that's it. I want my screen to be as dumb as possible.
Having read this article today I am feeling rather smug about that decision.
It's not as consumer friendly, but if you're a Linux guy you should take a look at tarsnap. It's the first one of these cloudy backups I've found that does exactly what I'm after - it looks a bit amateurish, but google the guy who runs it before you write it off.
You're in the shipping lanes at night in a 24 footer near a busy port, and expect that you are somehow the stand-on vessel to a container ship - and you continued to believe this to the point where you had to gybe out of the way? The laws of physics trump COLREGs. Just stay out of the damn way, you'll live longer.
Hogwash. They have American-influenced Taiwan and Japan not far off, and UK influenced Hong Kong is not exactly distant either. As for the Chinese fearing a Korean Diaspora, you don't make any sort of case for it other than they're energetic. Unsubstantiated conclusion, wild conjecture, C-
I find as a rule, people accusing others of (hashtag) virtuesignalling tend to be largely defending their own right to be a complete prick. I do hope that's not the case with you, IsJustABloke?
It's been a while since I was on the roads in Russia, but I recall there wasn't much of it that wasn't in use: median strips, grass verge, you name it - they were all covered in cars. Some of them were still smouldering.
I was under the impression that these days vaping was largely he product of Big Tobacco - and why not? It's very lucrative, highly addictive, and likely to cause them a lot less grief due to relative (compared to cigarettes) lack of restriction on marketing and increased survival of their customers.
If I were BAT I would be hyping vaping like crazy (and they are: "Introducing Vype! Pebble Vaping Rocks!", google tells me). I know they're better that cigs, but I'm very uncomfortable about the way they're marketed.
I'm just waiting to for the next great 'Linux schism when it's announced Lennart Poettering is doing a new filesystem for Red Hat.
Don't even joke about that. Please.
Then I will wear my idiot label with pride.
If you feel political censorship is always unacceptable I'd suggest a little thought experiment: try to imagine any political group from, say, the last hundred years that history shows should have been shut down by any means possible, including censorship. If you can't find at least one, you're not trying. Start with Isis beheading videos if you're struggling.
Politics does not exist in a vacuum, and truly abhorrant behaviour should never be tolerated in the name of free speech.
Jest? No, just taking the pith.
Shall we try turning that around and we'll see if you can spot the problem?
- men relatively prefer jobs that involve working with their hands rather than more intellectual pursuits
- men have a harder time empathising with customers, with taking direction, with admitting mistakes.
- men on average focus on their career and money ahead of their families, and are more concerned with money and status.
Offensive? Maybe not. Amusing? Perhaps. Accurate? Obviously not: while I clearly could be describing any one man, I am by no means describing a typical one (and even to attempt to do so is absurd). But if you were in an organisation where 80% of the management were women and these opinions were in a manifesto from one of them, you could rightly be concerned about your chances for career progression.
For what it's worth, I enjoyed the article. Your point that the original author, in commenting on racism or sexism is talking on an area he has no experience of, is a good one. And the numpties you've managed to find pitching in with their 160 characters of hate are deserving of being singled out. Sadly there will be plenty to choose from.
"If you ever make a statement about what a broad group of people are like, especially in comparison to another group of people, you are going to be wrong." - not sure there's much to add to that. Well played Kieren.
Er, I think you'll find there are at least three possible reasons - the two you mentioned, plus the "well, she'll probably get pregnant so we should hire the guy" or "I'm not sure he'd fit into the team, probably likes hip-hop and has a slightly-too-urban accent, maybe we should hire the white one".
I do love a bit of original research. Well played El Reg.
I think of her as a white version of Abu Qatada ,or "Abu Hopkins" for short. Try it, it fits.
Ah, a story from Russia Today. No mention of the firm being run by Nazi sympathisers?
Perhaps we could have an icon for "the old fix-it-yourself chestnut", which would be ideal for comments like this. I'd draw one myself but have a headache, and am a bit busy trying to recreate paracetamol from the open-source description of the molecule. I have no expertise in the area, but all you need is the source, right?
Biting the hand that feeds IT © 1998–2017