* Posts by Doctor Syntax

16449 posts • joined 16 Jun 2014

Smartphones' security enhancements just make them more dangerous

Doctor Syntax Silver badge

"Over the holidays I bought Apple’s newest, shiniest face scanner."

Boasting, confessing or complaining? My usual reaction to "Posted from my iPhone".

£185k in fines rain down on dodgy PIs and claims firm for illegal data slurp

Doctor Syntax Silver badge

Re: I dunno

"It's difficult to work out how the end-user client could have requested private information"

It's not stated that they (assuming you mean the insurance company) did. More likely they handed a case to a claims adjuster and the claims adjuster decided to take a short cut.

You GNOME it: Windows and Apple devs get a compelling reason to turn to Linux

Doctor Syntax Silver badge

"I don't think the author really understands why people choose not to use linux, it's not because of the window managers."

It's because they don't know any better?

Doctor Syntax Silver badge

"lack of good tools for GUI development. VI and EMACS are not exactly wonderful tools for that."

That's why they're not used for GUI development - there are much more suitable options for that. For text file wrangling, however, if you really have to use Windows you'd be well advised to install vi.

Doctor Syntax Silver badge

"While having nothing much against Microsoft's operating system per se, in terms of sheer usability it strikes me as a throwback to the 90s"

A throwback to the 90s to early 2000s would be fine. That's when they got it right give or take a few things such as multiple workspaces.

Doctor Syntax Silver badge

Re: So, 2018 will be the year of the Linux desktop because of Gnome?

With you until you got to Android. Android? Seriously?

Doctor Syntax Silver badge

"I look at gnome every few months, but it still looks like a poor win 8.1 shell clone to me."

I thought that was Unity.

Doctor Syntax Silver badge

Re: Discuss

"I don't suppose that many people running Mint are using anything other than Cinnamon or Mate"

KDE

Amazon coughs up record amount of info to subpoena-happy US government

Doctor Syntax Silver badge

Probably the half they didn't respond to they didn't respond to anyway because the subject had left their data wide open.

Your connection is not Brexit... we mean private: UK Tory party lets security cert expire

Doctor Syntax Silver badge

Re: Another autoplay video!

You think it's just another autoplay video but what's being installed on your PC while it's playing?

Doctor Syntax Silver badge

"Funnily enough, Rudd is one of the Cabinet members rumoured to be safe in her role."

Nothing funny about it in either sense. The HO would fight tooth and nail to keep her. She doesn't understand when she's talking bollocks so she sounds convinced and convincing if you don't know better. Plus she's following the exact line that the main Home Sec in Downing St wants her to follow.

It gets worse: Microsoft’s Spectre-fixer wrecks some AMD PCs

Doctor Syntax Silver badge

"Don't confuse ignorance with apathy."

Don't confuse apathy with intention.

This is why we need home users beta testers.

US border cops told to stop copying people's files just for the hell of it

Doctor Syntax Silver badge

"reasonable suspicion" can be translated as not white or foreign breathing

FTFY

Qualcomm joins Intel, Apple, Arm, AMD in confirming its CPUs suffer hack bugs, too

Doctor Syntax Silver badge

"So where is IBM statement about and Power8 and Power9 in this?"

Writing it's been ousourced as there's nobody left in-house to deal with it. Then it goes goes to the lawyers to be reviewed.

Doctor Syntax Silver badge

Re: The same bug.

You might find this helpful: https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/

Here come the lawyers! Intel slapped with three Meltdown bug lawsuits

Doctor Syntax Silver badge

Re: @SkippyBing

"But (of course) safety-critical systems are (or, at least, are capable of being) developed to higher standards than 'normal' software."

And what's the point if the H/Wit runs on isn't?

Doctor Syntax Silver badge

Re: Should Intel (and other chip makers) be held responsible for hardware flaws?

"It's an interesting one, but I don't personally think that Intel should be held liable for this, as it's not an intentional bug."

So if you catch a nasty dose of food poisoning the restaurant with the poor hygiene shouldn't be held responsible because it wasn't an intentional bug?

Yahooooo! says! its! email! is! scrahoooo-ed!

Doctor Syntax Silver badge

Re: Coincidently...

"World spam seems to be down 10%. Interesting."

Now we need gmail and outlook to be down to take out the other 90%.

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

Doctor Syntax Silver badge

Re: Opportunity to sell more CPUs?

"I'm not sure why the Intel share price has dropped, at the moment they seem to have a prime opportunity to sell more of their faulty tat and then sell us supposedly fixed tat."

It's because they have competition, AMD, and this is making that competition look good. Why else would the Intel PR response be trying to make it look as if all CPUs are equally affected?

Doctor Syntax Silver badge

"waiting for Oracle to have anything authoritative to say on this matter."

We know what they'll say. "You're using more cores to run the same workload. Pay up."

Doctor Syntax Silver badge

Re: Error?

"using CAPITALIZATION for emphasis"

You have alternatives such as bold and italics which are socially acceptable.

Doctor Syntax Silver badge

Re: Itanic, S/Z

"S/z because there are simply better things for a mainframe to do than speculatively execute code"

There's a post above, a couple of hours older then yours, pointing to a Red Hat note saying System Z is vulnerable.

Doctor Syntax Silver badge

"Switching off speculative execution (if it's possible) will kill CPU performance. Some of the reports say that current CPUs can execute several hundred instructions whilst waiting for a single memory access request to main memory. That's a lot of lost CPU performance if you switch off speculative execution."

That doesn't stop better architectures restricting speculative execution to what they're allowed to see. Nor does it stop software architectures from being designed to better security standards.

Doctor Syntax Silver badge

"what happens when people realize there's no point in buying anything from any of us anywhere in the near future...?"

That realisation will be followed by another: we have work to do Right Now and everything's running slower; quick, order more kit. There'll be celebrations in the sales depts right now, especially in AMD. Intel? Looking for the leftovers if AMD can't keep up with orders. It's a good time to be selling memory, motherboards and everything else as well.

Doctor Syntax Silver badge

"Personally, I'm going to stick to my old faithful Z80"

I liked the Z80's trick of having two sets of registers and an instruction to flip between them. Very quick context change, no need to save registers or the like. Combine that with flipping between caches and mix in some notion of security rings and it could stage a come-back.

Doctor Syntax Silver badge

Re: That defence does not stand to scrutiny

"My guess is that AMD is about to get a serious inventory issue with not being able to print enough of them."

Subcontract production to Intel?

Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs

Doctor Syntax Silver badge

"Nothing posted on the BSD sites."

Since I posted that FreeBSD announced they're working on it but they didn't get the notification until December.

Doctor Syntax Silver badge

Re: Dont for get supporting hardware..

"don't forget your routers, raspberry's, and all that wonderful IoT stuff many are based on (Broadcom) ARM Architecture"

ARM's site lists the affected processors. AFAICS Pis aren't amongst those affected. As per a previous comment about stuff you control - the embedded processors shouldn't be exposed to random stuff off the net.

Doctor Syntax Silver badge

Re: Maybe we dodged a bullet?

"Lots of fundamental development process rethinking required in the semi-conductor world required."

Or go back to some old ideas.

Does anyone remember the Z80? Two sets of registers and an instruction to swap between them. It made for quick context swaps. There were no security advantages, of course, because back then there was no concept of security rings on an 8-bit processor.

The same thing could be adapted to the modern world. Two sets of registers and two sets of cache (OK, for any given number of transistors it would mean reduced cache sizes for each half). That would mean that an independent address space could be kept for the kernel with only a single instruction to swap the context with one set having security privileges. Extra Brownie points if the cache split can be tuned to suit workloads. There might even be scope for adding more sets for quick changes between running processes.

Linux Mint 18.3: A breath of fresh air? Well, it's a step into the unGNOME

Doctor Syntax Silver badge

Re: I wuv MSFT

"Never tried Linux Mint but I know I wouldn't like it."

Those of us who use Linux normally also get dragged in to fix friends' and relatives' Windows problems. So, when it comes to Windows we know we don't like it. In my case I even spent the last few years of my working life developing for it. Glad to be shut of it.

Doctor Syntax Silver badge

"Another change is that the Synaptics touchpad driver has been replaced by libinput. Practically speaking, this should have no effect for most users"

One change: SWMBO's new laptop has the mouse buttons built into the touchpad. That leads to a tendency to leave a finger of one hand resting on a button whilst trying to steer the pointer with the other hand. Chaos. Once I sussed that the distros that didn't have that problem used libinput instead of synaptics I could just install it on the preferred distro.

So, yes, a practical change but a good one.

Amazon: Intel Meltdown patch will slow down your AWS EC2 server

Doctor Syntax Silver badge

Re: maybe it's time to re-consider server-side inefficiency

"And, are Django/JS even in the crosshairs of the heavy KPTI CPU losses?"

I think BB's point was that if you were losing performance from Meltdown mitigation you might be able to reclaim it elsewhere by optimising userland.

And we return to Munich's migration back to Windows - it's going to cost what now?! €100m!

Doctor Syntax Silver badge

Re: Its not just the cost either...

"EU law says they can't. What US law says isn't relevant."

US govt. version:

US law says they can. What EU law says isn't relevant. Where is it? Oh, there. Doesn't make any difference.

Doctor Syntax Silver badge

"Munich, the only place in the world, where you can make charges of taking brown envelopes disappear with brown envelopes."

Doesn't that happen in other places? E.g. although the term "fine" is often used in press releases SEC investigations seem to involve a "settlement" with no wrongdoing acknowledged.

Doctor Syntax Silver badge

" In truth, the software licences are never the big line items in a business process improvement project."

They can, however, be a recurring cost and a nasty shock after a software audit. And, of course, an ongoing management cost in terms of trying to keep track of them.

Doctor Syntax Silver badge

"Brown envelops for city officials or free holidays in Seattle ?"

Maybe they're just into bondage.

Doctor Syntax Silver badge

"For example, proprietary formats such as MS Office that you cannot read on other packages."

Where, at least in the past*, that included older versions of the same MS Office application.

*I wouldn't know if that still applies. I haven't needed to use it for years but still find the LibreOffice opens any MS documents I get.

Maplin Electronics CEO ups stakes for steak house

Doctor Syntax Silver badge

Re: It's a crying shame......

"The B&Q of electronics. Have an upvote."

No need to be rude about Maplin like that. B&Q have had customer service on the downhill run for years.

Doctor Syntax Silver badge

Re: It's a crying shame......

"I am an old-fart now"

Not if you can remember then from your childhood. My original electronics shop had the owners Baird receiver on display.

Azure VMs borked following Meltdown patch, er, meltdown

Doctor Syntax Silver badge

Re: Yay! Welcome to the Cloud

"Oh, and 'test' is a 4-letter word"

User testing proceeding according to schedule.

Open-source civil war: Olive branch offered in trademark spat... with live grenade attached

Doctor Syntax Silver badge

Re: The most disturbing thing...

"On one memorable occasion, a Mike" etc

Now you're just taking the Mick

Jocks in shock as Irn-Bru set to slash sugar and girder content

Doctor Syntax Silver badge

Re: How to be English in Three Easy Steps

"time to start on the Xmas single malt collection."

Why were you delaying?

Doctor Syntax Silver badge

Re: Lateral Thinking

"Can't the 'traditionalists' just add a teaspoon of sugar to it when they open it?"

That's what I thought. And then I saw the problem. They need to drink it to steady the hand enough to pick up the teaspoon.

US Homeland Security breach compromised personal info of 200,000+ staff

Doctor Syntax Silver badge

Seems to me to be more in the "oops, no foul intended"

Except then when it was taken out of the office it wouldn't be subject to the strict and rigorous protection against unauthorised access and copying it would have had in the office. Or something like that.

Cool disk drive actuator pillar, Seagate – how about two of them?

Doctor Syntax Silver badge

How about increasing the throughput by using smaller drives and more of them, throwing in a few spares at the same time? We could call it Redundant Array of Inexpensive Drives.

Doctor Syntax Silver badge

Re: So...

"Seagates's split actuator thing perform the same as two half-sized drives in striped raid-0?"

Yes, providing you don't mind both of them failing at the same time.

Wannabe W1 DOW-er faked car crash to track down reg plate's owner

Doctor Syntax Silver badge

"They have internal combustion engines in Bristol now?"

IIRC they used to have SOHC 2l engines back in the days when there were still side-valve engines in use.

Doctor Syntax Silver badge

Re: And what about the DVLA?

"the rigmarole of a check"

The "rigmarole" could include requiring the crime number as per the OP and making 1 in N checks with the police. It's called "having a process in place".

It raises the question of how DVLA will respond to further requests from this guy's office in future. If they really do make the thorough checks which now seem appropriate it could cost him a packet.

We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare

Doctor Syntax Silver badge

Re: What's Not Mentioned .....

"$30 billion charge on VW for their dieselgate affair"

That was an entirely different situation. VW isn't a US business.

Doctor Syntax Silver badge

Re: AMD not vulnerable

"Probably made a mistake while copying Intel microcode."

It's not microcode. It's hardware hardware. Do pay attention at the back.

Biting the hand that feeds IT © 1998–2019