* Posts by pdh

49 posts • joined 18 Mar 2014

Um, excuse me. Do you have clearance to patch that MRI scanner?


Re: "but when it comes to human life..."

> In banking, for example, you can accept a few glitches but when it comes to human life you cannot have that, of course

I'm surprised that anyone can say that with a straight face, given that hundreds of thousands of patients die from medical errors every year.

Off with e's head: E-cig explosion causes first vaping death



Anybody besides me wondering why FEMA of all people is investigating safety hazards from e-cigs? I would have thought that was the FDA's turf.

PC recycler gets 15 months in the clink for whipping up 28,000 bootleg Windows 7, XP recovery discs


Re: Can someone please explain


"There are 13 appellate courts that sit below the U.S. Supreme Court, and they are called the U.S. Courts of Appeals." There's a map on the page that shows the boundaries of the different appellate courts.

Microsoft Office 365 and Azure Active Directory go TITSUP*


Sometimes it's the right choice

> as those who said "no" would see it, they're probably right

Yes. If you're big enough to afford a proper IT staff, and the necessary software licenses, and redundant hardware, then maybe you can do it better in-house. But for smaller outfits the cloud often makes more sense.

Sure there's going to be occasional downtime, no matter how many 9's your cloud provider claims, and of course you still need to keep backups somewhere other than in that same cloud, but unless you can afford multiple competent IT people (more than one, since they tend to take vacations sometimes) and redundant hardware (elsewise you have a single point of failure in your one crucial server, and how long will it take to re-build the server when it eventually fails) you can probably get better uptime in the long run if you use cloud solutions.

It's like mains power: a few sites really do need a large onsite generator and etc so they can ride out multi-hour power outages, but that's very expensive. So most people just have enough UPS so they can run for a few minutes and then safely shut things down if the power doesn't come back quickly. Long power outages are rare enough that for most businesses it doesn't make economic sense to maintain your own fully-capable power-generation equipment. So it is becoming with IT.

There's more to blockchain than dodgy cryptocurrencies


> If it works, it will slot seamlessly into existing systems, and the users need never even know it's there.

Exactly. Blockchain is just a key-value database with certain special properties. If banks and etc find it useful, it will take its place in their IT environments alongside other databases that have other specific properties. The concerns about liability and protection of certificates and so on, they apply to the banks' entire IT estates and presumably come under the same regulatory requirements and legal structures. Blockchain is just one particular tool among many that may be useful to certain organizations, if their cost-benefit analysis justifies it.

SpaceX's internet satellites to beam down 'Hello world' from orbit



Figure roughly 1000 miles each way for low-earth orbit, depending on the exact orbit height... speed of light is about 186,000 miles per second, so 2000 miles takes about 11 milliseconds -- that is, it would take that much longer for a one-way data packet from ground station 1 to satellite to ground station 2 as compared to a perfect zero-latency link. If the internal processing in the satellites can keep up without introducing more delay, that's not too bad.

The blockchain era is here but big biz, like most folk, hasn't a clue what to do with it


Re: Who?

> Who actually needs their transaction records to be distributed?

Maybe think of it as "shared" rather than "distributed." Here's an example of why that's useful...

A few months ago my cellphone provider threatened to cut off my service because I hadn't paid the previous month's bill. I logged into my bank's website and I was able to see that my check had cleared several weeks ago, and the phone company had cashed it, so this was clearly an error on the part of the phone company.

However, because the three of us have three different databases (me with my checkbook, the bank with my bank account info, and the cellphone company with their information about my account) and since one of the three databases disagreed with the others, it took two weeks and several phone calls and a bunch of emails to straighten things out.

A trustworthy shared / distributed database can help prevent this kind of thing. We got everything corrected in the end, but the dispute resolution process could have been streamlined pretty substantially if my bank and the cell provider had a shared database that they both trusted.


Re: What it is

> But then blockchain becomes simply a distributed, crypto-verifiable database, right? And that already exists, right?

Mostly right. It's a tamper-proof, permissioned, append-only distributed database. (Tamper-proof by virtue of the crypto.) If you've already got one of those then you probably don't need blockchain.


What it is

Lots of questions about what blockchain is good for in a business context...

Blockchain gives you an immutable (write-once) database which is sharable and permissioned. The use case is for transactions amongst business partners who today must each record every transaction in their own private databases. The basic benefit for blockchain in a business context is that participants can all share one copy of the transaction log, so everyone sees the same consistent data.

The features that blockchain adds, beyond what you'd get by sharing a traditional database, are these: You have cryptographic proof that the database isn't tampered with. The permission system means that participants can see only those transactions that they themselves are involved with. Smart contracts allow transactions to be proposed automatically, subject to confirmation by the parties involved in the transaction. And contrary to the way cryptocurrencies like Bitcoin work, the confirmation process does not have to be resource-intensive. (That resource-intensive confirmation process is central to how Bitcoin works, but it's not a fundamental requirement for blockchain in general.)

So the benefit in a business context is improved efficiency. A group of business partners who regularly interact with each other can share a single, permissioned, tamper-proof ledger, and routine transactions can be automated but are still subject to approval by the participants in the transaction.

How many companies actually need blockchain is another matter, but that's basically what it gives you.

Destroying the city to save the robocar


Re: Obviously the solution is....

> Poor weather is a barrier to cycle adoption, true, but it can be engineered around.

You've never lived in a cold, snowy city, have you?

I live in the northeastern U.S. in a city of 100,000. We get a lot of snow -- there's about a foot of it on the ground right now, thanks to last week's thaw which reduced the snow cover. The current temperature is 13 degrees F -- it was colder yesterday. Most of our roads have packed snow on them and there are many icy spots. If it warms up a bit, some of the snow and ice will turn to slush, thanks to the road salt that the city applies. Have you ever ridden a bicycle when temperatures are below freezing and the streets are a mix of snow and ice and salty slush?

Nevertheless, there are still a few maniac winter bicyclists out there, including a few of my friends (I'm a warm-weather cyclist myself). But they ride fat-tire bikes with studded tires, and they generally spend hundreds of dollars on specialized winter clothing. There's no way that any significant percentage of people would ride a bicycle in the winter in a place like this, even if it was motorized with a fairing and heated bars. (We call those "motorcycles;" they're common here in the summer, but not in the winter.) And there are lots of places like this.

CPU bug patch saga: Antivirus tools caught with their hands in the Windows cookie jar


Something I've been wondering about... There are people who run multiple AV products. Suppose AV #1 is OK with the patches but AV #2 is not. If AV #1 sets the key, will AV #2 proceed to brick the system?

Hyperledger 3 years later: That's the sound of the devs... working on the chain ga-a-ang


Re: no real use case ?

Two things: one is that there are reports from people who have checked the math, and they claim that the bitcoin energy consumption is nowhere close to what's been reported. As far as I know there's just one source for the sky-high energy estimates (Digiconomist) and they admit that there's no way to verify their numbers. See for example:


Second, bitcoin and blockchain aren't the same thing, although of course bitcoin uses blockchain technology. Bitcoin mining is CPU-intensive on purpose -- that's a design goal that's central to how it works -- but blockchain systems in general don't have to work the same way.

Tesla buys robot maker. Hang on, isn't that your sci-fi bogeyman, Elon?


Re: There's a slight difference

His fault; Musk himself blurs the distinction between robots and AI. From a speech of his this past summer:

“I keep sounding the alarm bell, but until people see robots going down the street killing people, they don’t know how to react, because it seems so ethereal.”

Combinations? Permutations? Those words don't mean what you think they mean


Re: re: pseudo-maths

> It's a Shriek (the exclamation mark in that equation)

When I was in school (decades ago) I also heard it called "admiration" -- that is, some people pronounced 3! as "three admiration." I was told that was a British thing (I went to school in the U.S.)... is there any truth to that?

Real Mad-quid: Murky cryptojacking menace that smacked Ronaldo site grows


Re: Misuse of Computer

> it would be useful for funding niche/hobbyist sites and would be OK with it provided the user is kept informed

If managed properly (maybe via "official" browser or protocol support) maybe this could be a way to do truly unobtrusive micropayments? I.e. I let you use 10% (or whatever) of my CPU cycles for the duration of the time that I'm visiting your website, and in exchange you show me no ads and you collect no data about me.

Power meltdown 'fries' SourceForge, knocks site's servers titsup


Re: Same everywhere

Re: doing an unscheduled test with no advance notice: eventually you *will* face this sort of test, whether it's your hand on the breaker, or the hand of Chaos. Given that this is the second time that SF has failed the test, it's hard to blame anyone other than SF themselves.

AI in Medicine? It's back to the future, Dr Watson


AI via neural nets and etc

Many of those who tried to build the first airplanes failed because they made aircraft with flapping wings, like birds have. But it turns out that even though birds fly very well, imitating them is not the best way to build a machine that can fly. Same thing with the horseless carriage -- our mechanical horses don't have legs like real horses do. And submarines don't swim like fish do. Based on this history, I suspect that if we ever succeed in building a machine that thinks, it will not do so using the same techniques that humans use.

Google routing blunder sent Japan's Internet dark on Friday



So a few errant keystrokes by an anonymous Google administrator can knock the third-largest economy in the world off the Internet? I honestly had no idea the Internet was this fragile.

Taken a while but finally here's the first proper smart-home gizmo


Double-edged sword?

> Following a firmware update sent late last week, the Trådfri smart lighting system will work with competitor Hue, Philips' wireless lighting system. Thanks to a more open approach taken by big tech companies, it also works with Amazon's Alexa/Echo digital assistant and the Google Home.

Does that mean that a security hole in any one of those systems other can now be leveraged to compromise Tradfri as well?

Firmware update blunder bricks hundreds of home 'smart' locks


Why an update?

It's a lock, fer the cryin out loud. I wonder why a door lock would need a software upgrade in the first place -- how complicated can the software be?

It would be interesting to see the list of bug fixes that the firmware upgrade was intended to address. Maybe the CPU in the lock is mining bitcoins for the company in its spare time, and they had to introduce new logic to deal with the recent bitcoin forking?

Astroboffins discover that half of the Milky Way's matter comes from other galaxies


A model is not a discovery

So they created a mathematical model and in that model, half of our galaxy's matter came from other galaxies. That's different from what I usually think of as a "discovery".

50th anniversary of the ATM opens debate about mobile payments


> Possibly someone will suggest tokens in various denominations that you can buy from a machine with your card - like £1, 50p, 20p etc.

Those tokens already exist; they are referred to as "money"

Amazon squares up to Walmart over boycott calls: Talk sh!t, get hit


> I know commenters here are rightly suspicious of big-business but to say "you can bet they're doing it" is tinfoil hat zone

I agree. If they were doing that, then a number of Amazon employees would necessarily know about it. If just one of those employees ever became disgruntled, that person could pretty much destroy AWS by spilling the beans. Way too risky.

Congressman drafts COVFEFE Act to preserve Trump's Twitter tantrums


@John: yes, sadly this kind of thing happens all the time. I lean toward the right myself, but I remember back in the fall of 2001, after 9/11, telling my like-minded friends that we would surely come to regret the Patriot Act and all its trimmings, as soon as some left-wing liberal became president and took control of the machinery. And sure enough...

"Will this still sound like a good idea when the roles are reversed and the other side takes power?" I wish more people considered that when making legislative proposals...


Quigley is as bad as Trump

> Nice one, Mike! Keep going!

Bah. He's as bad as Trump. He took a good idea and chose to frame it as a partisan taunt, wording it in a way that guarantees it can never pass a Republican Congress. That's just a stunt, it's not leadership.

If he was serious, he could and should have written the proposal using neutral language so it actually had a chance to be considered and maybe passed into law. But it so much easier to just bluster and taunt, isn't it? And people apparently love that, as evidenced by all the up-votes on the "nice one" post.


It's a good idea

Putting partisanship aside (something that Congressman Quigley should have done if he really wanted this proposal to be taken seriously), it's a good idea. I can imagine the knee-jerk responses -- Republicans trying to shoot this down because it targets Trump, Democrats trying to keep it going in order to annoy Trump -- but if the shoe were on the other foot -- if a Democratic president had taken to Twitter like Trump has -- you can imagine that the roles would be exactly reversed.

Many people do take Trump's tweets seriously, they're unquestionably a crucial element of the current political discourse in the U.S. Whether you agree with them or not, officially archiving them is the right thing to do.

BA IT systems failure: Uninterruptible Power Supply was interrupted


Re: If it got interrupted...

> I wonder how long it was since power and switching to secondary or backup data centres were tested.

I think it's been about a week.

Russia and China bombard Blighty with 188 cyberattacks in 3 months


Fuller disclosure

It would be interesting if accusations like these also included a line saying: "And in that time, we ourselves have mounted or sponsored X number of attacks against Russia and China, using the same definition of 'attack'."

Even if the number X is zero, it would be interesting to hear the government state that out loud, with a straight face. (And then to hear them explain why they believe zero is the most appropriate value of X.)

DDoSing has evolved in the vacuum left by IoT's total absence of security


Fining the manufacturers and/or users of IoT devices implicated in these kinds of attacks would be another approach.

'It will go wrong. There's no question of time... on safety or security side'


> It's actually very easy to inspect software. You just open the source code in your favourite editor.

Read "Reflections on Trusting Trust," by Ken Thompson.

Pacemaker maker St Jude faces new security flaw claims from biz short-selling its stock


Re: Surely this is almost the definition of insider trading?

According to the U.S. Securities and Exchange Commission website: "Illegal insider trading refers generally to buying or selling a security, in breach of a fiduciary duty or other relationship of trust and confidence, while in possession of material, nonpublic information about the security." So you'd have to argue that MedSec was in a "relationship of trust and confidence" with St Jude, which seems unlikely. They're slimeballs, but this isn't insider trading.

Internet of Things botnets: You ain’t seen nothing yet


> If the fridge was able to read this info and then you planned your meals for the week, it could tell you what you needed

I've seen comments like this in quite a few places... but does anyone actually pre-plan a week's worth of meals in any kind of detail?

And even the warnings about expiry dates don't seem all that useful. In my fridge, leftovers (rather than packaged products straight from the store) account for most of the stuff that's in danger of going bad. So the AC said, I'd have to tag them myself if I wanted warnings, which most people would probably be unlikely or unable to do. (How long does half of a tuna casserole last in the fridge? It depends...)

ESA's ExoMars Trace Gas Orbiter blasts itself closer to the Red Planet


Why is this the only thing we care about?

> The fascination with the Red Planet is driven by tantalising evidence that life may have once existed

This has always bothered me. I'd still be very interested in, and very impressed by, these remote exploratory missions even if we were absolutely 100% certain that life had never existed on other planets. I wonder sometimes whether we're missing out on other significant discoveries because of this over-focusing (in my opinion) on the Search for Extra-Terrestrial Life. Was there ever life on other planets in our solar system? That's a very interesting question, but it's not the only very interesting question.

Fear not, humanity – Saint Elon has finished part two of his world-saving 'master plan'


Re: In this case though, I don't think it's really the cost that's the big deal

Exactly! Many people don't realize that small-scale solar (a few hundred watts or less, as in the car-roof example) costs very substantially more than grid power. Or they don't realize that "it costs a lot more" means "it requires substantially more resources to build and maintain" -- because to a first approximation that's what cost is, a measure of the resources that are required to create and deliver something.

So choosing to put solar panels on the roof of a car actually wastes resources -- you're not helping the earth by doing that, you're just increasing your own resource footprint with a bit of conspicuous consumption. Telsa may well decide to offer the option anyway, but if they do it will be a marketing / business decision, not a sustainability decision.


Re: Reaching

I got 1 kWh by assuming that the roof of a car is about one square meter. Wikipedia says "Ignoring clouds, the daily average insolation for the Earth is approximately 6 kWh per square meter." Today's solar panels are about 15 - 18% efficient -- call it one-sixth, so on average you can expect to harvest about 1 kWh per day per car roof -- but only if the car is sitting under an unobstructed cloudless sky all day long.

There are are losses involved in taking the output from the solar panels to the batteries -- you have to adjust the voltage and depending on where the batteries are in their charge cycle you may have to control the current as well -- so the batteries won't actually get all of the energy that the solar panels capture, but I'm ignoring those losses for the purposes of this discussion. Like I said, the really big loss in a practical system comes from shade -- clouds and trees and such.

How did you arrive at the 65 kWh number?

When you think about it, 12 cents per kWh is just absolutely freaking amazingly low, especially when you consider the geographic reach of the system and the reliability that it manages to sustain, but that's the approximate average cost for grid power in the US today. I agree that it's not sustainable over the centuries if you have to get the energy from fossil fuels.


Re: Reaching

Thing is, you're probably not going to get half the average in the UK -- you'd probably be lucky to get one-fourth the average. Juan in Malaga will do better, but in a climate with average or worse-than-average cloudiness, you're not going to get as much power as you might expect. Have you ever tried it?

I have a panel similar to the one you link to, connected to a small charge controller to harvest the electricity and properly feed a battery. I've been using this setup to charge a couple of lead-acid batteries that run the lights in my one-room office (two 3-watt DC LED light bulbs) for over a year now, just as an experiment. I'm in the northeastern US, which is probably similar in cloudiness to you in the UK, and I'd be thrilled to get half of the theoretical maximum rated daily power from my panel. As it is, on a sunny day in the summer I can get about 80% of the rated output, for about 4 to 6 hours. Outside of those hours I get almost nothing, partly because of the angle of the sun and partly due to shade from surrounding trees and buildings. And on a sunny day in the winter I don't even get 4 hours of usable sun, since the it's so much lower in the sky.

Shade just kills the output -- any shade at all. Clouds, or trees, or buildings, or any other source of shade. One surprising aspect of solar panels is that if you shade even a small part of a panel, the output drops dramatically -- way more than you'd expect. A panel that's rated at 50 watts may output 40+ watts in full sun here where I live, but if you put half of your hand in front of the panel, shading maybe 5% of of the panel area, your output drops to 5 or 10 watts. This is why I don't think most people in most places would get even half of the maximum rated power -- is the entire roof of your car really in full sun half of the time between sun-up and sundown, on average?

South-facing solar panels on the angled roof of a house in a very sunny and treeless area -- those can work really well. Tilted to capture maximum solar energy, no clouds, no shade from trees or other buildings -- that's just ideal. But the roof of a car in most places, not so much. Based on my own experience, I just don't think you'd harvest enough energy to be worth the expense.


Re: Reaching

You get that 657 USD only if the sun shines down from a cloudless sky for 15 years, and there's never any shadow on the car, and it's never parked in a garage. How realistic is that? I bet you'd be lucky to get $200 worth of electricity in real life, which would just barely cover the cost of the panels.

Now if he really meant the roof of your house rather than the roof of your car, that's more sensible -- but with today's technology it's still not economically viable in many areas unless there's a subsidy involved.



I admire Musk's achievements to date, but some of this seems less than realistic. Solar panels on the roof of a car? If you do the math, the best you can expect from a car that's out in the sun all day under a cloudless sky would be about 1 kilowatt-hour per day -- about 12 cents' worth of electricity. Under real-world conditions you can expect to get considerably less than that. Hardly seems worth the effort.

Did mock cop bot trot on fraught tot? Maybe not


Re: I'm sure

Indeed... and it's convenient to know that they apparently don't have cameras, at least not yet. I wonder why that is? As someone else said, you'd think they'd have body-cams, for a variety of reasons (including liability in cases like this).


Re: That bot looks suitably menacing

I think they actually *can* pack heat in most places, but only if they're properly certified. Here in Pennsylvania, for example, you have to have "Act 235" training and certification to be an armed security guard. A mall could choose to hire Act 235 guards, but they'd have to pay those guards substantially more than minimum wage.

AWS works on 'urgent' deals for UK customers as £ dips against $


Re: The Pound in Your Pocket ...

> Those without two farthings or two cents to their name are screwed either way

But those who have debts that are denominated in pounds are winners, are they not? They owe less in real terms than they did three weeks ago.

Pollster who called the EU referendum right: No late Leave swing after all


Do-over poll

Indeed, but I personally would still be interested in a poll asking how people would vote if they could do it all over again. Here in the US, the media is full of stories about how most of the crazy Leave voters are already regretting their votes; I'm really curious to know if that's true or not.

Happy mode, sad mode, DevOps mode: Stop worrying and go bimodal



Maybe instead of bi- or tri- or quad-modal it makes more sense to think about a continuum. At one end, when a project or idea is new, speed and ease of experimentation are paramount. So move fast and sure, go ahead and break things from time to time when you're at that stage. But if the project succeeds, people start depending on it, and stability becomes more important. If you're doing it right, there's a natural progression rather than a fixed dichotomy.

This is true even for new, disruptive businesses. In the early days of, say, Uber or Twitter or Facebook, an occasional burst of unexpected downtime was probably quite acceptable if that was the cost of rolling out new functionality at a rapid pace. But now that those companies are successful and established, they're probably much less willing to risk unplanned downtime -- service disruptions now trigger immediate snarkery from world + dog + vulture. Or think about AWS -- an occasional glitch in some new experimental / beta service is to be expected, but we expect EC2 and S3 to remain stable and reliable all the time.

So you evolve -- you use agile when it's appropriate, and you use stricter change control when that's appropriate. Different processes and standards for different stages of the project's lifecycle -- a continuum as the risks and costs and opportunities change over time.

Lost containers tell no tales. Time to worry


This is not a new problem

Substitute "cron job" or "shell script" for "container", and everything in the article is still true. As someone else has already said, you have to monitor your servers, and know what's running on them -- same as always. Containers don't change anything.

Furious customers tear into 123-reg after firm's mass deletion woes


Re: Takes courage

You can't really trust those test -z's... if $1 and $2 are space characters, or slashes, or periods, (and I bet there are more), you still lose. And you probably can't afford to perform that careful testing procedure for every new set of $1 and $2 values.

Writing "rm -rf $variable" does require a certain hubris.

Vulture conservationists hatch cunning 3-D printed egg plan


Re: Diclofenac

It can end up in wastewater too -- our kidneys don't filter it all out.

One pane of glass to rule them all? Vanity – thy name is cloud management


Re: Some of the biggest beneficiares are hackers

To put it another way: who's going to be interacting with that single pane of glass? Is there any one person in your enterprise who has full permissions on all of those different cloud resources? Is there even a person who has read-only permissions on all of those resources? Should there be?

Quid-a-day Reg nosh posse chap faces starvation diet


Re: Bulk buying

Just store them somewhere cool and dry -- they'll be fine -- they'll keep for a very long time as-is.

I grew potatoes in the garden last summer and I got *lots* more than I expected. We keep them in a dark box in the basement (double-boxed actually, to keep the light out), and we're just now finishing them up.

They look kind of shriveled and they're sprouting, but once you cut off the sprouts and cook them (we either bake or mash them), they're perfectly acceptable.

MH370 airliner MYSTERY: The El Reg Pub/Dinner-party Guide


Re: Obviously

A Boeing 777 costs more than 3.5 tons of gold at today's prices, so the plane itself would still be worth more than the cargo.

Biting the hand that feeds IT © 1998–2018