Posts by Egghead & Boffin

Nothing new under the sun

I was a pilot in the RAF in the 80s at the height of the cold war and I can remember the outrage when the annual internal audit report said that the RAF had spent more on paper than it had on aviation fuel.

Y9ou forgot one sue of the soviet submarine fleet in the event of WW3. Sink the US transports bringing personnel and supplies across to man the pre-deployed equipment they stored in Europe. It's the Atlantic Convoy scenario all over again.

And that's why we have Security Architects, to work out how in the requirements capture and design phase of the project to mitigate risks as far as operationally possible and for lowest possible budget while enabling the operational business requirements in alignment with TOGAF design criteria.

You do all do it that way...right ?

Things have not 'deteriorated', they were always this bad. I was part of a team that looked at the security of these things and some of the PC tools about 6 or 7 years ago.They were truly awful then and I see no difference now. Avoid.

The extension of doom

At one company I owned the VOIP system and set up a second extension that all such calls were sent to because that was the number I always gave. It was a valid number, but not for a living person. I never listened to the voicemail.

A lot of the similarities in appearance are because of the demands/limitations of the aerodynamics and the engines. It's the same reason that so many different marques of car look so similar. Fuel efficiency in a car requires (among other things) low drag factors. Avoiding a large boom footprint likewise (high speed trains have an aerodynamic nose to avoid similar problems when passing through and leaving tunnels). The aircraft must generate enough lift for landing and take-off but not generate too much in supersonic flight, etc. Because of all this there are always going to be similarities in the appearance of supersonic passenger aircraft, no matter who designs and builds the airframe.

plummeting morale

I have friends who work there, and many more that used to. If you wanted to find the level of morale in those companies you would need a deep well drilling team and to go down at least 10,00 feet below sea level. Productivity has dropped dramatically because morale has sunk out of sight. Most people any good have already gone to other jobs.the good ones always volunteer for these programs first because they're the ones confident of finding something easily.

In addition to the comments already made about DFing in mountainous regions, all of which are correct, the actual properties of radio waves and they way they 'propagate' also need to be considered. There are 3 main principles:

1. Reflection: wave changes direction by bouncing off other objects.

2. Refraction: wave changes direction due to variations in the air (or other medium). Examples are cold and hot spots where the density of the air differs, and the Foehn effect creates this in mountainous areas.

3. Diffraction: wave changes direction by passing over sharply defined edges — often called the “knife edge effect”.

That part of NZ is nowhere near flat, so all of the above means that DFing the culprit is going to be very difficult without an airborne RDF capability. There are signal path anlaysis tools, used by the likes of military and civil sigint organisations, that's going to give you an approximate area for the source but repeaters will confuse the analysis. If the guy is smart he's using a tight beam to a repeater, making him very difficult to localise.

The official best English breakfast is served at my local caff - the Super Sausage. Winner of the Britains Best Cafe award in 2016. http://supersausagecafe.co.uk/ . No, I don't work there or have a financial interest but I do eat there regularly, as my waistline will confirm :-)

Two best quality pork sausages, 2 rashers of back bacon, hash browns, fried egg, mushrooms, beans and good black pudding. Add toast and a mug of Twinings English Breakfast tea for perfection.

As for the sauce - I prefer Rocket Fuel sauce, which comes from New Zealand (like HP but with more kick - plenty of spices) and English mustard for the sausage.

Point of order - fast jet cockpits are not pressurised, which is why the pilot wears an oxygen mask.

First, a rupture of the cockpit and sudden loss of pressurisation can cause more damage and misting of the canopy, resulting in loss of vision outside the cockpit. Not a good thing at high speed in proximity to other aircraft or combat.

Second if the pilot had to eject he would leave that pressurised environment and risk suffocation if above 10,000 feet AGL. The oxygen supply (of whatever sort) is built into the ejector seat so it goes with the pilot and keeps him alive. There's an altimeter built into the seat so that it won't fall away and allow the 'chute to deploy until it's reached an altitude at which the air is breathable.

In my RAF flying days (1980's) we received hypoxia and explosive decompression training in a chamber at RAF North Luffenham. The tradition was that you all went out for curry and real ale the night before. Lovely.... We also checked the oxygen flow tell-take every 5,000 feet (IIRC) of climb to check it was still working.

How can data, like traffic information or whether the road is icy, be non-sensitive and sent without concern ? Without the associated geolocation data it has no value. Nobody would know where the congestion or ice was.

I hope it's capable of recognizing that my face says I'm in a permanent mood of "If you try to communicate with me, you invasive piece of sh*t, I will smash you."

Are

All this will do is stop the people who aren't net savvy enough to download and use TOR.

UK encryption

I can tell you for a fact that his comments on weak encryption don't apply in the UK. I know, I worked on it. It's strong and end-to-end. It was reviewed and approved by CESG and several professors of cryptography. I can't speak for anywhere else, but ours is good.

Sorely missed

That has to be the most honest, and therefore best, obituary that I have ever read. Thank you. I still miss his articles and LOHAN updates, they were guaranteed to brighten my day. I hope someone has taken over the mantle of trying to get LOHAN into space in honour of his memory. I still have the T-shirt from the kickstarter and wear it regulalry. Please could we have a project update, penned in a suitably 'Hainesian' style ?

It's not a proper poll unless there's a 'Planey McPlaneface' option.

This is not the 'first battle in the new age of cyber warfare'

The cyber attacks on Estonia in 2007, which had the same perpetrator, were the first battle. Please keep up with the facts.

Algorithm arms race

If we knew how the algorithms worked we would all write CVs designed to get selected, and then they're back where they started. HR then have to refine the algorithm and so the cycle starts again.

Having said that, the Data Protection Act contains rights of the individual when subjected to automated decision taking. The right of subject access allows an individual access to information about the reasoning behind any decisions taken by automated means. The Act complements this provision by including rights that relate to automated decision taking. Consequently:

1. an individual can give written notice requiring you not to take any automated decisions using their personal data;

2. even if they have not given notice, an individual should be informed when such a decision has been taken; and

3. an individual can ask the organisation to reconsider a decision taken by automated means.

These rights can be seen as safeguards against the risk that a potentially damaging decision is taken without human intervention.

The rights in respect of automated decisions only arise if two requirements are met. First, the decision has to be taken using personal data processed solely by automatic means. The second requirement is that the decision has to have a significant effect on the individual concerned. I suspect the firms would all argue that not getting an interview is not a major impact. It would be interesting for someone to take such a case to the ICO Compliance Officers for a ruling...

Man, those old compilers were slow !

ICS CERT published this 5 days ago. Good to see you've got your fingers so firmly on the Pulse </irony>

To DAM (above) - if this allows commands to be sent outside those defined in the authorised command set for a shift operator or supervisor then it's most definitely a vulnerability.

Right to choose

I have a fundamental right to choose what I do, and do not, look at online or through broadcast media. If I don't want to see adverts in my TV programmes I either don't watch commercial channels at all or record the program and jump through the adverts (don't you love the 'skip' function on DVRS ?). I use Ublock (since Adblock sold out), ghostery and noscript to avoid wasting my time and bandwidth. Any site that uses adblocking detection is telling me that it no longer wants me to use their site.

I fail to see how any organisation that forces me to see their adverts is expecting me to a) like the experience and b) be inclined to buy their products. If you have p*ssed me off I am not going to be a customer.

I also agree with Kraggy, the adverts are all-too-often a means of infecting systems through insecure third party sytems. I choose not to accept that risk, but avoid it instead.

I am obviously in the minority, because I would rather pay than see adverts online.

I hope he remembers to add about 0.00000347 seconds (assuming a 3:30 'finish' time to allow for his orbital velocity causing time dilation to his clock, relative to those on earth, while he's taking part :-)

Exam season

The part about it being the middle of exam season isn't completely accurate. I teach distance learning students at part of UoL and our exams ended 2 weeks ago (mine sat theirs on the 6th of May). We're now marking the papers. Since the exams are 'sat and written' in the traditional way in exam halls and all exam instructions were sent out by post the impact on students ability to do their exams as a result of this DoS would be zero.