* Posts by Loud Speaker

467 posts • joined 30 Jan 2015

Page:

Oracle pledges annual Solaris updates for you to install each summer

Loud Speaker
Bronze badge

T1, T2 and T3 completely obsolete - send to landfill now!

Having declared Sparcs T1, T2 and T3 completely obsolete, implying no longer a source of profit, Does the Shower of Shit plan to allow firmware patches for them to be freely distributed to people with these systems so a future generation of users can learn the benefits of their architecture at home, or is their commitment to "dog in the manger" philosophy of suing people who are so impertinent as to look at their software, so great that they prefer to demonstrate that the best way to improve your ability to stand on your own two feet is to cut off your legs at the knees?

2
0

They're back! 'Feds only' encryption backdoors prepped in US by Dems

Loud Speaker
Bronze badge

Re: There is no God given right to digital security

In other words:

Anyone who believes that their financial transactions are protected over the internet is in for a reality check? Thought as much. Someone should tell Amazon and Barclays Bank.

Incidentally, OTPs still work, whether you use a pen and paper, or a shell script. I think you will find MP3s and PNGs work quite well as OTPs. (random() is probably better). The trick is saying which file and getting a copy to the other end. Its not difficult, but I will not disclose my methods without being paid ;-)

4
0

Terix boss thrown in the cooler for TWO years for peddling pirated Oracle firmware, code patches

Loud Speaker
Bronze badge

Racketeering

How is this even legal?<p>

Racketeering is legal in America, apparently.

8
0

One solution to wreck privacy-hating websites: Flood them with bogus info using browser tools

Loud Speaker
Bronze badge

Re: Spam-fighting?

I would rather like to be able to pay a few cents for something that would silently throw Google away! And Facepalm, and the twittersphere.

0
0

For some reason, you lot love 'em. So here are the many ThinkPads of 2018

Loud Speaker
Bronze badge

Re: thinkpads do it for me

I have a T61

So do I.Two in fact.

Which brings up the question - do any of the new thingies have Ultrabays? Somehow not mentioned in the reviews.

0
0
Loud Speaker
Bronze badge

Re: QC

Lapptop

Guaranteed to avoid Elks

0
0

Microsoft reinvents Massive Arrays of Idle Disks for Azure, 'cos IBM tape ain't enough

Loud Speaker
Bronze badge

Speed?

As someone who has been a tape user for over 40 years, I do not recall ever selecting tape "because it is fast".

However, IME, the life of hard disks which are constantly spun up and down will be short, nasty and brutish. And the power consumption during spin up is huge, so there may not be a net saving anyway. (I had an early example of RAID with 5 1/4" drives that claimed to take a kilo-amp for a microsecond during spin up. I doubt the power supply could source that, but it seemed to work. RFI was a problem though.

3
0

Any social media accounts to declare? US wants travelers to tell

Loud Speaker
Bronze badge

Re: I'm Amish.

Never realised being Amish was so much fun.

Can I join?

36
0
Loud Speaker
Bronze badge

legal?

Surely it is illegal to even ask for this under the GDPR?

8
1

Details of 600,000 foreign visitors to UK go up in smoke thanks to shonky border database

Loud Speaker
Bronze badge

Re: Problems

I suspect they're only there as a backup to the electronic controls.

Obviously needed, owning to total inability to engage competent subcontractors to do anything electronic involving data - other than lose it.

2
0
Loud Speaker
Bronze badge

Re: Guardian has more details.

> Most third world countries don't have Victorian terraced houses, and generally better weather....

Nor do they rely on on-line buzzword matching for recruitment of technical experts to local jobs

(although quite a few rely on "uncles" already in the company for talent spotting)

2
0

10Mbps for world+dog, hoots UK.gov, and here is how we're doing it

Loud Speaker
Bronze badge

Re: We put a man into space/landed on the moon? between 1961 and 1969.

Please can we put BT into space between now and the year 2069.

Hell, why not make it permanent.

0
0

Bots don't spread fake news on Twitter, people do, say MIT eggheads

Loud Speaker
Bronze badge

Re: Whats the point to this experiment?

It seems no one has yet pointed out that Twitter specifically targets twits.

It is possible that media targeting the marginally sane may respond differently from media for the self-selecting insane,

1
0
Loud Speaker
Bronze badge

Re: Choosing to believe...

Is that not the case for most people?

Maybe most in some cultures. In the west, there is a strong tradition of supporting positions by reference to established facts and logical structures. However, this is far from universally the case.

In many cultures, support for deference to authority is a much stronger. Often, in these cultures, age is a measure of authority. Hence statements by elderly (possibly orange and/or demented) gits trumps arguments by well informed young specialists.

Deference to authority is particularly strong when literacy is low, or where facts are complex - people unable to grasp complexity often refute its existence to defend their stance.

For Example, Boko Haram are militantly opposed to the very concept of rational argument (as in use guns against anybody presenting a rational argument). They are not alone. (We are 118)

1
0

Boring. The phone business has lost the plot and Google is making it worse

Loud Speaker
Bronze badge

Re: Form factors

I used to have a phone with a decent screen form-factor, replaceable SD cards and battery.

Ohl, I still use it, because the new stuff has not got any of the essential features.

Phone manufactures are in a foot shooting competition, and they are all winning!

7
0

EU aviation agency publishes new drone framework. Hobbyists won't like it

Loud Speaker
Bronze badge

Re: Home use

I am quietly confident the plod can't tell a joule from Jules Holland, and I doubt I can do much better. However, I have a good idea what 1.2kg hitting me at 18m/s would feel like, and I don't want it.

I have flown a small drone (under 250gms) , as have others of my family, and it is pretty hard to predict who will get hit next.

1
0

Guess who else Spectre is haunting? Yes, it's AMD. Four class-action CPU flaw lawsuits filed

Loud Speaker
Bronze badge

There were discussions on Usenet about speculative execution in the 1990's.

7
0

Charity accused of leaving sensitive notes behind after office move

Loud Speaker
Bronze badge

Re: Paper Trail

uploading it to a cloud

As in "set fire to it"?

- need - more - coffee -

0
0

Six things I learned from using the iPad Pro for Real Work™

Loud Speaker
Bronze badge

Surely it's horses for courses.

I can say with complete confidence that horses are not much use in the North Sea.

I am somewhat less confident that Windows is suitable for "real work". Fake work, maybe.

4
0

Hate to ruin your day, but... Boffins cook up fresh Meltdown, Spectre CPU design flaw exploits

Loud Speaker
Bronze badge

Re: Oh that's just great

Except that "out of order" cpus do not inherently have a predictable instruction execution time, even in a single thread environment, and Intel's threads are "virtual" ie not dedicated - which is where these bugs originate - which means if the CPU is hard at work on multiple threads, unless you have control over what all of them are doing, timings are being actively randomised,<p>

I am not saying "don't panic" I am saying "you only need to panic a small amount, and quite slowly" - there is time for a cup of tea first.<p>

OTOH, since Intel did this deliberately, you might want to go to another supplier next time.

14
2

Tech giants' payouts go to everyone but affected citizens. US Supremes now urged to sort it out

Loud Speaker
Bronze badge

Re: Is it really "economically infeasible"?

Am I being naïve?

Yes. This is a privacy case. If there is a list of victims contact details and back accounts, and the penalty for leaking them is not up to a fraction of a chocolate bar for each offence, then obviously, those details will be sold within the hour.

4
0

UK web grocer Ocado takes £500k hit after robo-warehouse tech splurge

Loud Speaker
Bronze badge

Yes.

I have just developed some software of my own. It cost me $37, and it was delivered on time and to spec. But I don't work for Ocado or the government.

0
0

Open source turns 20 years old, looks to attract normal people

Loud Speaker
Bronze badge

Re: Amiga

I was using BSD in 1977 so was I, but it was not free in those days. You paid quite a lot for the licence (or some else did - in my case GEC).

1
0
Loud Speaker
Bronze badge

Re: Amiga

Free distribution was normal before Bill Gates. Its a simple as that.

He wrote a famous letter saying "the programmer deserves to be paid" a few months after he ripped off the author of what he renamed to DOS.

12
1
Loud Speaker
Bronze badge

Re: "it was mostly white guys."

and you pay people based on their WORK QUALITY

Then how do you explain Windows?

4
4
Loud Speaker
Bronze badge

Re: Open source is leading to single source

Open source is a totalitarian dream. It means you can't have competitive advantages

So there's only one Linux distribution, and the BSDs are not different operating systems?

More and more developers just reuse some bad library, or copy shitty code.

Would not dispute that shitty developers have shitty processes, and expose their shitty code to public view, for others to copy. But eventually, some of it gets fixed.

I think you will find that closed source is far worse - not only is shitty open source code copied without crediting the actual authors, it is not updated when the open source version is fixed.

Because writing their own code is too expensive and time consuming. affects closed source every bit as much as open source - probably more so - many open source contributors write the code because they want the code, and then open source it so others will help maintain it. (I speak for myself here). Closed source code is just not fixed. (Have you ever phoned in a bug report to MS and got a fix?)

10
1

UK data watchdog whacks £300k fine on biz that made 9 million nuisance calls

Loud Speaker
Bronze badge

So roughly the equivalent of "a slap on the wrist with a soft pillow".

(Sounds like the potential title of a reggae song by Si Cranstoun. - maybe I need more coffee).

0
0

You can't ignore Spectre. Look, it's pressing its nose against your screen

Loud Speaker
Bronze badge

Re: Reaping what you sow

the skeletons are coming home to roost.

featuring Wallace and Gromit?

2
0
Loud Speaker
Bronze badge

Re: No shared CPUs

For reliability you want your VMs spread across hosts and data centers.

For security, you might not!

If your organisation is big enough to have more than one building, you can have a server closet in each. Hell, if you are a CEO, you probably have several closets big enough to hold a rack full of servers, and desperately need a reason why your entire mansion should be tax deductable expense: put an Enterprise scale server in one and network it to your galactic HQ. It justifies the cost of food for the enormous, man eating dog you need for security. Saves on the heating bill too! With some creative accounting, it probably even covers a pink pony for your daughter as well.

(But remember 77dB is QUITE LOUD!)

2
0
Loud Speaker
Bronze badge

Re: No shared CPUs

You might as well just use... your own server.

but ...

DevOps

1
1

FYI: Processor bugs are everywhere – just ask Intel and AMD

Loud Speaker
Bronze badge

Re: Even the 6502 - The early 16 bit chips like the 68000 had bugs

That was the "Halt and Catch Fire" instruction.

Very useful in military applications where you did not want you software leaking from chips with on board ROM.

2
0

Lenovo's craptastic fingerprint scanner has a hardcoded password

Loud Speaker
Bronze badge

Re: Thinkpads are great!

I have Several Thinkpads with Linux and/or OpenBSD on - are you sure they are safe?

(I doubt this fix will be enough to make Windows secure).

2
3

Perv raided college girls' online accounts for nude snaps – by cracking their security questions

Loud Speaker
Bronze badge

Re: The very definition of "security by obscurity"

Use your password manager (e.g. Keepass) to generate 'passwords' for these fields and store the questions and answers in the notes box attached to username and password.

You are ignoring the people using Meltdown to access your password manager. This is not a good plan. Use Post-it notes. The old ways are the best!

14
1

Intel alerted computer makers to chip flaws on Nov 29 – new claim

Loud Speaker
Bronze badge

Re: Entered in the record

June is still earlier than October

Not in Intel's world, evidently.

9
0

Oracle says SPARCv9 has Spectre CPU bug, patches coming soon

Loud Speaker
Bronze badge

Re: Confused, SPARC vulnerable or not?

Any news on Sparc V9 running OpenBSD?

0
1

UK taxman has domain typo-squatter stripped of HMRC web addresses

Loud Speaker
Bronze badge

Fork Handles to you sir!

3
0

US shoppers abandon PC makers in hour of need

Loud Speaker
Bronze badge

Re: everyone replaces their PCs

You can't really replace multiple large screen setups with a tablet.

Well may be you can't and I can't, but PHBs and MBAs are quite capable of it. That is how they justify those huge bonuses.

0
0
Loud Speaker
Bronze badge

Re: everyone replaces their PCs

Ten year old screens can to 1280x768*, just like the new ones, and the 10 year old cases are a lot more robust than most of the modern junk. I can see why people are not in a rush to upgrade.

* or you can get a netbook with an 800x600 screen from PC world if you are really desperate.

0
1

Intel AMT security locks bypassed on corp laptops – fresh research

Loud Speaker
Bronze badge

Re: Intel need to stop shoving cr*p into their designs

Does Intel actually have a department dedicated to finding bugs<P>

Possibly. The problem would appear to be that they have a great many departments dedicated to implementing bugs.

0
1

'Mummy, what's felching?' Tot gets smut served by Android app

Loud Speaker
Bronze badge

Re: santa

I think you fail to realise that Google search results are "personalised" based on browsing history. (Same applies to the original complainant).

However, I fail to see why Google stops at throwing the developer off. Surely they should be reported to the police for exposing the youth of today to reality

2
1

No wonder Marvin the robot was miserable: AI will make the rich richer – and the poor poorer

Loud Speaker
Bronze badge

Re: I don't understand the problem here?

Throughout 99.9% of their existence, humans have lived a subsistence life. Surely they can return to that while the rich reap the rewards of the system they have gamed to their advantage?

Of course they can - provided the population returns to what it was 2,000 years ago. (ie 99.9% of the population dies).

0
0
Loud Speaker
Bronze badge

Re: AC

The only negative i see is that the further robotisation of the workforce sucks for the people who lose their jobs. Everyone else benefits.

You are correct - but it is a matter of proportion - like if 99% have no jobs (and not much food), and 1% that is everybody else has all the robots, then the people without jobs may decide that "it sucks" is not how they want their life - and, guess what, they can make their own robot, called "Madame la Guillotine" and address the problem in the traditional way.

I suspect that Rednecks with guns are more dangerous than French peasants without trousers - Trump may yet be trumped!

0
2

WD My Cloud NAS devices have hard-wired backdoor

Loud Speaker
Bronze badge

Re: I wonder if Marketing will ever learn.

I don't want to purchase shit.

Then presumably you wont by anything with "Cloud" in its name or description - it tells you all you need to know.

2
1
Loud Speaker
Bronze badge

Re: it's the 21st century and they're still...

I would expect a little bit of Quality Assurance

That's OK, we will be off your lawn real soon now.

0
0

We translated Intel's crap attempt to spin its way out of CPU security bug PR nightmare

Loud Speaker
Bronze badge

Re: AMD not vulnerable

Computer architecture has historically assumed that you controlled your computer and the workload that ran on it.

Unix has historically assumed it was running on the University computer, and every single intelligent student was hell-bent on hacking it.

Large machines prior to the advent of Wintel faced similar levels of attempted assaults - by people who had detailed knowledge of the architecture - including schematics, and many years of assembler experience with the knowledge that National security was at risk (or possibly CISC :-).

The combination of developments that is Intel, MS, high level languages and the concept of a personal computer mean that machines developed with the security needs of an Apple ][ are now able to exceed the throughput of a Beowolf cluster of Crays.

This took place without anyone thinking there might be a need to re-examine a few assumptions and review security consequences of incremental changes (or they did, and were told to keep their mouths shut).

1
0
Loud Speaker
Bronze badge

Re: Mixed signals on CPU's

My memory may be a bit weak in the management areas due to lack of coffee, but AFAICR:

* a Memory Management Unit - everything after the 8086

* a memory cache - everything after the 80386

* a branch predictor - Probably Pentium 1 and up

* Supervisor & User modes - everything after the 8086

I think there is slightly more to the story than what you said. Specifically, the issue

depends on how the MMU works, and how it is used.

I have not been involved in CPU design for over 30 years BUT:

I would not expect user mode code to have any way to be aware of the MMU's internal

operation.

* The MMU should disallow access to all virtual pages not in use by the current task.

* Addresses in the current user address space not mapping to physical memory should map to either a virtual address saying "illegal access" or to one saying "You will need to swap me in before you can read me"

* there should be NO way to access physical memory that does not go via the MMU - not even for speculative instruction or data fetch.

The bug reports seem to describe noticing that a speculative fetch that goes unused causes a delay which can be used to identify the value of data FROM THE DELAY. I dont understand this. If the speculative address names is not in cache, then how is fetching it speculatively justified?

Conclusion - This is not MMU - this is cache management - which SHOULD do a similar thing to what the MMU does BUT ISN'T DOING IT. The bug is (partly) that you can read data in the cache that is not yours. This is not really a risk UNLESS: There is some way to find out whose it is.

While MMU pages are normally 4k bytes, cache lines are more like 16 bytes. Fetching 16 bytes from "somewhere", with no way to find (or control) which page of whose address space they belong to is not a significant risk, although obviously undesirable. In normal circumstances, your next attempt to do this would probably fetch from a completely different page in a different task.

Clearly we are not being told the whole truth here.

It seems more like there is a way to FORCE the caching of other people's address spaces and make that visible to you. That gives you security on a level with a Commodore Pet. If so, then yes, Intel may have to replace every CPU since on chip caching (probably Pentium 1).

4
0

UK.gov admits porn age checks could harm small ISPs and encourage risky online behaviour

Loud Speaker
Bronze badge

Re: "blocking ... between 1 and 50 sites a year"

What we have here is an example of "Dimocracy" government by the dim, of the dim, for the dim!

2
0

Qualcomm joins Intel, Apple, Arm, AMD in confirming its CPUs suffer hack bugs, too

Loud Speaker
Bronze badge

Re: The same bug.

The CISC vs RISC was about wat is the performance bottleneck: if instruction decode is costly, then RISC is faster, if memory access is the bottleneck, CISC is faster. With pipeline to mitigate instruction decode cost, and cache to mitigate memory access, the decision is less clear.

Throw in out of order and speculative execution, and it all becomes an even bigger muddle,

When Seymour Cray did speculative execution it was limited to 7 instructions, and a context switch would lose the lot anyway. Now, Intel are doing more than 200 instructions, the gravy thickens. What was secure for 7 instructions and no cache is not necessarily secure for 200 and two levels of caching. Someone SHOULD have realised the scale of what can happen in 200 instructions - while checking out that the speculation was logically sound. They had from about 1980 to the present to investigate.

However, all the older CPU designers privy tp discussions about this in the 1980's have now retired - probably in part because "computers are new, and old people won't understand" based age discrimination. (For those who don't know - computers date from 1949 - and some of us still remember the first one - EDSAC 1 and talked to the people who built it).

Allowing bypass of access validity checks in the name of speed was about as sensible as saying "we won't have a store detective in the checkout area because it would increase checkout queues and cost money". Even Poundland knows that is not the way to a successful business.

7
0

Here come the lawyers! Intel slapped with three Meltdown bug lawsuits

Loud Speaker
Bronze badge

Re: Data breeches

Are they the ones with pockets big enough for full height 5 1/4" hard drives?

17
0

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

Loud Speaker
Bronze badge

Nonsense. You obviously have no experience of Oracle: Sparc is not susceptible - so pay an extra 30% for no reason at all!

2
0

Page:

Forums

Biting the hand that feeds IT © 1998–2018