* Posts by bombastic bob

5200 posts • joined 1 May 2015

Web devs want to make the Internet of S**t worse. Much worse

bombastic bob Silver badge

Re: Wrong

"If you can't use/access it from your web browser, then you will have to download a native app for that."

so: PART of the fix is some _REAL_ security on the IoT device end, to _PREVENT_ unauthorized bluetooth-level access from an unauthorized client, PARTICULARLY a web browser running javascript exploit code downloaded from an infected embedded advertisement...

(or whatever)

seeing as I'm involved directly with TWO different bluetooth applications that run on android, and the device(s) that the android device controls, it's a major concern.

I can foresee unauthorized firmware loads happening... so THAT much has to be protected against.

October proves to be the cruellest month for Twitter staff as 350 more laid off

bombastic bob Silver badge

Re: And what is it really for???

/me thinks, irresponsibly...

Tw[a,i]tter. HUH! What is is GOOD for? Absolutely nothing y'all...

bombastic bob Silver badge

Re: What's it for?

"Both Twatter and What?App could easily be replaced by an IRC client that always connects to a certain domain."

EFNet is still pretty busy these days. lots of 'lurking' in the channels I'm in, however...

then there's USENET which has NO moderators. visit alt.hacker for some fun, as well as alt.os.linux.ubuntu and a few other linux-related newsgroups.

Yeah, WHO needs Tw[i,a]tter??

bombastic bob Silver badge

Re: Sometimes you get what you wish for.

"I can't stand it when some one says, "hash tag", and then adds something they think is funny."

it's funnier when you read it as 'pound' like




DMCA updated – toaster penetration testing gets green light in America

bombastic bob Silver badge
Black Helicopters

Re: couldn't agree more

"It's wishy washy so that if it goes to trial, they can get their top lawyers to drag things out for years, which most people wouldn't be able to afford."

And with "some of the more recent" wikileaks 'reveals', it seems that these guys have been in bed with 'certain politicians' for a VERY! LONG! TIME! indeed...

yeah, no WONDER it's a fsck'd-up law, interpreted by the various gummint entities via whatever 'whim' they have at the moment... [read: whoever PAYS them the most money]

bombastic bob Silver badge

Re: One small step for sanity!

cause and effect... you may have a point. Perhaps the politicians are getting nervous [having something in their closets they want to remain hidden, and NOT show up on Wikileaks]

bombastic bob Silver badge

Re: couldn't agree more

the problem with 'rulemaking' is that it's at the WHIM of some gummint official(s) who "feel" instead of think. And that's the problem with a tin-horn dictatorship, in lieu of a society ruled by law. All of those "grey areas" that enrich attorneys, empower gummint control freaks, and make our [the average Joe's] status 'uncertain' and/or 'uneasy'.

clear-cut laws WITHOUT need for this kind of 'interpretation' are more sane. What Con-Grab excreted from their collective rectums is what we have. dammit.

(DMCA should NEVER have been done in the first place - existing copyright laws were sufficient, especially when interpreted in the realm of 'fair use')

Samsung are amateurs – NASA shows how you really do a battery fire

bombastic bob Silver badge

Re: Falklands War

"if necessary they can be shorted and thrown at the enemy."

you, sir, deserve a beer!

('Up your Junta' indeed)

bombastic bob Silver badge

LiIon and LiPo - modern day 'Hindenburg'

You have to wonder if the use of Lithium in so many devices, because it's a lightweight battery material with high electrical density, is in ANY way similar to the use of hydrogen gas in airships, because hydrogen is twice as bouyant as helium...

it might be time to re-investigate aluminum-based electrodes within a battery. It's something I read about in an El Reg article some time ago...

bombastic bob Silver badge

Re: How much water?

yes, lithium reacts with water to produce hydrogen gas. oh, my!

But once you deplete the Lithium enough, and sufficiently cool everything, it would go out.

Remember, when putting out fires, you use a WATER FOG and not a stream. This has a cooling effect as well as the blocking out of oxygen, breaking 2 legs of the fire triangle. Water fog can do a LOT, even on a class D fire. Just don't spray it on live electrical equipment that's connected to the power grid...

But yeah, 'pissing' on it with a water stream is probably going to make things worse. It's probably why they dragged it outside so that the REAL firemen could do a proper job on it.

bombastic bob Silver badge

Re: Only 96 batteries

2000 batteries in a Tesla?

The number of batteries is less important than the energy density. However, a Tesla is more likely to have human occupants and be involved in an involuntary distortion of the basic structure of the unit [i.e. a car crash], and thereby expose one of the 2000 lithium ion [bombs?] batteries into a potential source for an inadvertent catastrophic disassembly event [read: explosion].

High density batteries would reach a high temperature faster for the obvious reasons of less mass and more energy applied to it.

In any case, it's a fair bet that NASA batteries have the highest possible density since they are intended to be launched into space, and rocket fuel is expensive.

'Hacker' accused of idiotic plan to defraud bank out of $1.5 million

bombastic bob Silver badge

"And this waste of skin can breathe in and out too?"

never underestimate the plans of the criminally minded... who will go FAR out of their way to try and do what this idiot [allegedly] did, but wouldn't lift a finger to get a REAL job...

[I have to wonder whether this guy was ALSO 'on the dole' in addition to the criminal activity]

bombastic bob Silver badge

Re: Clap Hans....

say it with an "80's euro-pop" sound and it works

bombastic bob Silver badge

Re: Does the word hacker even apply?

script kiddies think of themselves as 'hackers' but of course lack the REAL knowledge that they somehow gained from others to do their criminal acts...

bombastic bob Silver badge

I still have to wonder...

I still have to wonder as to whether use of REAL name/address etc. actually HELPED him get the initial $100k or so. There might've been some head-scratching over it, but apparently it wasn't scrutinized enough. Was the initial scrutiny something like "is this guy a REAL person? Well, nobody would be THAT stupid..."

bombastic bob Silver badge

Re: Well, no one ever said crooks had to be smart...

definitely an entry into the "dumb crook" file.

The new FCC privacy rules are here, and nobody is happy

bombastic bob Silver badge

Re: Partisan lines?

those would have been Republo-CRATS (i.e. 'establishment' country-club types) if they're not siding with INDIVIDUAL FREEDOM. Demo-Rats "for freedom" (quotes because they rarely ARE) might be ACLU types, though... in which case they'll PRETEND to side with individuals because it's what the ACLU wants them to do.

Question: did the Republo-Crats vote against it because it DID NOT GO FAR ENOUGH to protect individual rights?

On a related note, 'Tea Party' Republicans are ALL ABOUT individual rights. The 'establishment' Republo-Crats hate them. yeah, the R party is fracturing. let's see what a Trump win will do.

(and NOW I expect the howlers to send me downvote-shytestorm, thank you)

bombastic bob Silver badge

Re: economically beneficial uses?

"Instead, it would create a rigid regulatory regime that would limit the use of virtually all data that can be put to economically beneficial uses."

wasn't that the whole point? Because 'economically beneficial' to the ISP or its "partners" means "privacy violation" to end-users. OPT IN if you *WANT* that. Makes sense to ME.

I had to renew my MSDN today. I did it as 'guest' so I don't have to be tracked by "the store". There was a pre-checked checkbox to "receive other offers" which I _DELIBERATELY_ un-checked.

(I almost didn't renew MSDN. I had to REALLY justify in my mind why I actually NEED to continue to feed Micro-shaft $799 per year for something that's difficult to use effectively with my intarweb connection, and that THEY BROKE 2 years ago, and *REFUSED* to fix properly last year, though they DID fix their server to comply with the RFCs, so that I can hack it with 'wget' to get files bigger than 1G...).

Anyway - FCC gets "at least some of it" correct. A step in the right direction. 'Wait and see' mode for what comes next. I don't trust gummint to do ANYTHING except "gum things up" and pay off political favors in exchange for money.

Let's praise Surface, not bury it

bombastic bob Silver badge

Re: Your looking at the market wrong

"The market for selling PC kit might be slowing down, but market usage of PC's is not."

And the choir said, *AMEN*!!!

/me has been saying that for a while.

The PC market is a DERIVATIVE, not an INTEGRAL, of PC usage.

Looking at new PC sales to represent "the PC market" is like falling from a building and reaching terminal velocity, and THEN saying "Oh, we're not FALLING any more" because your velocity is not increasing.

Unfortunately, Micro-shaft derives their REVENUE from NEW SALES, which is why they panic and release things like Windows "Ape" and Win-10-nic, and virtually ABANDON 7 and earlier. It doesn't make THEM money. What they fail to realize is that THEIR OWN ACTIONS help to KILL the 'new PC' sales.

Microsoft goes back to the drawing board – literally, with 28" tablet and hockey puck knob

bombastic bob Silver badge

"The new hardware isn't really all that much better than the old hardware IMO"

and slapping Win-10-nic on it makes it WORSE than the old hardware.

bombastic bob Silver badge
Thumb Down

Re: The silver hockey puck works on and off the screen.

"You sound a little unhinged to be honest, and a bit of a grumpy old fart."

'grumpy old fart' - sounds like a snot-nosed MILLENIAL said that.

Sorry, I don't want to remove my hand from the keyboard to use the MOUSE, half the time, let alone stretch over to the screen and put it between my EYEBALLS and the display surface, at least PARTIALLY blocking what I'm trying to look at. A Wacom pad does just fine for the 'fine resolution' (pun intended) kinds of things you might need to do. why do you need a HOCKY PUCK directly on the screen? A pen on the screen makes more sense, but THAT was available in the 1970's!!

So the 'hockey puck' input device is YET ANOTHER "patent encumberance" attempt, to lock us all into something Micro-shaft can control and dominate for 20 years... [except it's FAIL]

I said this about Win-10-nic in general, Micro-shaft leveraging the OS to attempt [at some point] to use PATENTS to weed out the competition, putting themselves into a TRUE monopoly position, but thankfully Win-10-nic's interface isn't being universally accepted, just tolerated by the FRACTION of computer users who are willing to PUT UP WITH IT.

bombastic bob Silver badge

Re: Windows 10

"Apart from a few settings screens looking slightly different, Win 10 is cosmetically the same as Win 7."

*NO*, not even close - there's the 2D FLUGLY for starters, and anything "the metro" or UWP, and of course the "start thing" and its alphabetized 'you cannot shut that off' "all [cr]apps list" where most everything you look for either starts with 'm' or 'w' meaning 'scroll to the bottom to find it, every! stinking! time!'. and so on. yeah, don't get me started, I could write a NOVEL on what's wrong with Win-10-nic and why it's WAY different than 7...

bombastic bob Silver badge

wait until it gets a really big crack in it, like a phone that bends too easily...

(head-shaped, from head-slam-on-desk frustration - it's Win-10-nic after all)

I've arrived on Mars. Argggh, my back!

bombastic bob Silver badge

Re: A never-ending study on how to mess up humans...

nuclear rockets are an _AWESOME_ idea, until the protesters and enviro-wackos show up and sue you into oblivion...

(stupid anti-technology protesters and enviro-wackos - they need a CLUE BAT)

seriously, though, the ideal propellant would be super-heated steam made from ocean water, heated with some kind of nuclear reaction. A nuclear rocket could make that happen. Great for deep space, too.

bombastic bob Silver badge

Re: A never-ending study on how to mess up humans...

many science fiction authors have written about viable artificial gravity solutions. Perhaps the more obvious one could be the 'gemini tether' someone else mentioned.

OK here's the idea: Extend two "gravity modules" 10 to 20 meters, using very strong cables [like the ones used for elevators on Earth]. Provide an inflatable tunnel between them, made of the same stuff you might find on a typical work site, going down a manhole or something. It all collapses nicely for launch, acceleration, and deceleration. For the bulk of the trip, it's extended. Careful use of thrusters cold provide the spin, and get rid of it when it's time to decelerate. And sliding weights (computer controlled) could be used for balance, something you might find in an industrial washing machine for the spin cycle [if they're not just using water for the same purpose].

you don't need a full 1G, either. 1/4G or 1/2G would be better than 0G. And you can just minimize the disorientation that fast-spin might cause, rather than trying to eliminate it entirely. [many engineering choices are compromises between multiple ideals, like rounding off at 'enough' digits instead of calculating to ridiculous precision...]

In any case I remember reading books written in the 1950's that seemed to have most of these details worked out. Most likely some bright bulb could come up with a workable solution for a reasonable cost.

but, there's more MONEY in "researching", and the scientists who do the research will get to play with lots of cool toys at (public?) expense...

Smoking hole found on Mars where Schiaparelli lander, er, 'landed'

bombastic bob Silver badge

Re: It's WAR!

"Its not dead, its just pining for the fjords"

and still nailed to its perch [which must be what b0rked the landing operation]

bombastic bob Silver badge

Re: That reminds me...

"Of playing a game called Lunar Lander"

It could become a new training system for the European Space Agency...

have they landed on the moon yet? that might be an easier goal, less expensive, with a faster turnaround if they 'crater' another lander...

ARM: Hold my beer, we'll install patches for your crappy IoT gear for you

bombastic bob Silver badge

'pushed updates' - works so well for Win-10-nic

just thought I'd mention it...

Thanks, IoT vendors: your slack attitude will get regulators moving

bombastic bob Silver badge

the 'next internet' would most likely have all of the censorship that China and Saudi Arabia want, built-in. And the tracking the NSA wants. And ads, ads, ads, ads, ads, everywhere, in our faces, click-through and worse. And it would take over a decade to "plan", with an organization bigger than the U.N. and just as worthless.

I prefer the anarchy of what we've got, thanks.

bombastic bob Silver badge


heh, we'll start with Microshaft and Win-10-nic

bombastic bob Silver badge

Re: Après nous le déluge

certain aspects of CE, i.e. lead-free, requires that a lab analyze a ground-up device for the presence of certain materials like lead and selenium. FCC regs in the USA are a bit less restrictive, but you still have emissions and interference testing that you have to have done by a lab, for $$$$ [which helps weed out 'the little guy']. Obviously SOME of these regulations are necessary, as we can't have every poorly designed device in existence interfering with wireless reception [from AM radio to wifi], but at the same time it's a stumbling block for legit engineers to overcome.

That being said, there _IS_ some self-certification involved. In the USA the FCC fines can be incredibly expensive, a million dollars a day in at least one case I remember reading about. I'm not sure how you'd collect it on a foreign company, except maybe to confiscate anything they sell at the border.

bombastic bob Silver badge

Re: National regulation won't do a damned thing.

"How can American laws get Chinese companies to comply when a lot of them are coming through grey markets that are by design nearly impossible to regulate"

Somehow the Feds are managing to enforce copyright law and FCC regs, grey market or not. I figure it could be similar. And having such regulations violated by 'grey market' items is probably MORE likely if the gummint regs are somehow prohibitive for those who MUST obey them...

/me considers something about enforcing borders, U.S. Customs, and a wall

bombastic bob Silver badge

Why are there so many mostly slow-moving IoT security gatherings?

they're too busy justifying themselves with eternal meetings, "harumph harumph harumph" outrage, and the typical things that grind committee-based solutions to a 'monolithic' halt.

they need flames applied to their collective asses, for sure. But I don't think that gummint regulatory bodies are the solution. The only one that makes sense is a class-action lawsuit on behalf of the technology owners and the victims of the DDoS, if some kind of NEGLIGENCE can be proved.

As I mentioned earlier, the *kinds* of exploits that are involved are well known: hard-coded user/passwords or NONE! AT! ALL! listening on insecure ports (like telnet). Convenience for their firmware engineers is NO excuse for ALLOWING that kind of non-security in a modern intarweb-connected society, SPECIFICALLY if the devices were INTENDED to be "exposed to 'teh intarwebs'" in the FIRST place.

"A resonable person" would recognize the possibility that these devices COULD be compromised. I've seen several 'El Reg' articles regarding this [making fun of web connected light bulbs with no security, for example] so it hasn't happened in the shadows. It's been IN THEIR FACES for a while.

So NEGLIGENCE, In My Bombastic Opinion. I'd much rather see the courts fix this than the legislatures. Politicians can cluster-*BLANK* just about anything into 'worse than the problem', given the chance. I don't want to give them that chance.

bombastic bob Silver badge

Re: Write software that works OR be sued?

(re: making compilers and small dev platforms illegal, snark snark)

obviously don't want to go THERE either [snarkiness appreciated]. making it hard for independent developers is like removing guns from the hands of honest citizens: it does NOT stop crime [whereas, it could be shown, that people who CAN write software are perhaps MORE security-conscious about their IoT stuff]. Anyway, typical 'merkin '2nd ammendment' argument may apply here.

But that's kinda what regulations do, right? They make it so you have to be "one of the big boys" to play in the park, forcing you to comply with so many requirements that you can no longer play.

And, MOST (decent) jobs are created by SMALL businesses here in the USA... [it's what I do, engineering work, for those small businesses]

bombastic bob Silver badge

Re: National regulation won't do a damned thing.

sadly, "more regulations" won't do ANYTHING except

a) get in the way of new 'little guy' development projects [consider FCC and CE and other things that require expensive certification]. 'small business' killer.

b) complicate the process, ensuring that L[aw]YERS get all the money.

There are ALREADY liability laws in the USA. Perhaps they require a bit of tweeking, but if it can be shown (in a *cough* class-action lawsuit) that the IoT vendors were NEGLIGENT with respect to security and WELL KNOWN types of exploits, we'll get some REAL action.

Sadly again, more L[aw]YERS will be enriched in the process. Dammit.

Simultaneously, it's time to LIGHT A FIRE under the asses of any industry-based organizations [like the ones mentioned in the article] do do something *BESIDES* going "harumph, harumph, our asses are on the line, we gotta look like we're doing something, harumph harumph" "I didn't get a harumph out of you!" "... harumph" "you watch your ass!" [my recollection of the 'harumph' scene involving 'Gov Le Petomaine' (Mel Brooks) in 'Blazing Saddles']

Reports: Twitter chainsaw massacre redux on the cards

bombastic bob Silver badge

Re: What is this twitter thing?

"The sooner twitter is put out of our misery, the better"

although I, too, would love to see it die, I'm sure that the 'twits' will manage to keep it alive, somehow...

social media IS "the new heroine" for millenials

US DNC hackers blew through SIX zero-days vulns last year alone

bombastic bob Silver badge

Windows, Adobe Flash and Java vulnerabilities

Well, THERE's your PROBLEM!

Seriously, it's kinda known that vulnerabilities are traded on the dark web. It's also likely that the people doing this are NOT 'state sponsored', but may simply be 'anon' type activists. If you want to find them, you'd have better luck hanging out on 4chan or some similar place that 'anonymous' frequents. Pointing fingers at Russia is just Mrs. Clinton's latest distraction, since those leaks make her (and the DNC) look pretty bad...

(not saying that none of the 'anon' actors are NOT inside Russia, which may be true, but that they're probably not sponsored by Putin's gummint)

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

bombastic bob Silver badge

Re: There will always be another bug..

as a colleague once said: Fix one bug, grow 2 more.

bombastic bob Silver badge
Big Brother

Re: How did it all go wrong?


"A man who seems to have serious communication issues, to point where I'm willing to question his mental stability"

good job with the 'armchair psychoanalysis'. NOT.

Your attitude (my armchair psychoanalysis) reflects a person who is ENVIOUS of "the genius" and seeks to re-define genius as "a disorder" - like AD[H]D, some new flavor of autism, ass-burgers, whatever... something to be "cured" so that NOBODY is 'super' any more.

/me recognizes that in SOME cases, these 'disorders' may be real, but in MOST, I suspect it's simply "curing the genius" for his own good... and lazy teachers drugging johnny so his bored genius mind won't cause him to disrupt the class.

bombastic bob Silver badge

Re: "It's been patched and now..."

"Meanwhile, who knew about it and exploited it?"

you HAVE to ask? [probably everybody with military-grade hackers]

bombastic bob Silver badge

Re: Utterly inexcusable...

"Isn't this being a bit over hyped?"

yes, and no.

planes rarely crash. when a plane crashes, it's BIG NEWS, and gummint agencies, airlines, plane manufacturers, etc. go to work to prevent such things from happening in the future.

Same here. Linux security problems are RARE. When it happens, it's a big thing. Let's just get if fixed.

On a related note, embedded systems that cannot easily run binary executables will most likely NOT have a true vulnerability. So unless your IoT device or router has a COMMAND SHELL that is directly exposed to the intarwebs, it's not very likely to be exploited. [and if it DOES, the system architect needs to be sufficiently whipped with a Cat-5-O-Nine-Tails]

Third of Donald Trump's debate deplorables are mindless automatons

bombastic bob Silver badge

Re: OTOH, back in the Real World

"Bot Alert!"

yes, the downvote ratio for that particular post shows that the anti-Trump 'downvote bots' are all working.

bombastic bob Silver badge

Re: Third of Donald Trump's debate deplorables are mindless automatons ...

looks like the 'downvote bot' spotted a (remotely?) pro-Trump post. Howler monkeys again.

Donald Trump running insecure email servers

bombastic bob Silver badge

Re: He's just a candidate

"Right now his campaign is run just like a lot of misguided small businesses out there -- just enough IT experience to cause problems. They got email up and running and called it a day when it could send & receive."

sounds like a reasonable explanation to me.

Trump is a real estate guy, not an IT guy or an engineer.

(and he needs a BETTER I.T. staff - Micro-shaft servers? ew...)

It's finally happened: Hackers are coming for home routers en masse

bombastic bob Silver badge

Re: Who's responsible?

"Malicious traffic on a residential connection needs to be detected and filtered away by the ISP. The user needs to be warned and, if all else fails, disconnected"

until it's actually 'windows update' and it causes your win-10-nic machine to refuse to boot...

Or, worse, your streaming video from hulu stops playing. 'false hits' seem to be more common than REAL ones, like spam filters by Micro-shaft. They miss the spam, and round-file e-mails from Mom. And you can't "just shut it off"...

Yeah, 'just filter' the malicious content. if it were only THAT easy...

US reactor breaks fusion record – then runs out of cash and shuts down

bombastic bob Silver badge

Re: What is its maximum performance?

"No the answer is much much bigger"

And, you so wittily point out the core of the problem here: Fusion *RESEARCH* is being paid for. NOT Fusion reactor designs that make electric power and make money for investors.

Just pointing THAT out, too...

(you get what you pay for)

Microsoft tries, fails to crush 'gender bias' lawsuit brought by its own women engineers

bombastic bob Silver badge

the REAL problem is that hideous 'peer review' system

The REAL problem here is that hideous 'peer review' system, only something that an IDIOT could have rectally extrapolated from the bowels of hell.

Other than the obvious, that a handful of idiots who use their personal bias in reviewing others are skewing the results enough to make a difference [assuming those hired in management positions are LESS likely to do so AND are in a position of ACCOUNTABILITY if they DO], with no one to blame for the (alleged) bias and result-skewing, the system ITSELF is to blame.

It's kind of like relying on up/down votes to validate your point, rather than FACTS or LOGIC. Too easy for a handful of HOWLER MONKEYS to come along and sling poo (aka downvote en masse) a particular group or opinion, thereby creating an *APPEARANCE* of unpopularity, in an attempt to shame or discredit a perfectly valid opinion or position.

So I'll blame the SYSTEM, that IDIOTIC 'peer review' system that Micro-shaft has been using, a result of the former COO who was CANNED a while back...


It's a fair bet that THIS guy was responsible for a NUMBER of *FAILS* at Micro-shaft over the last decade or so since he's been around, *INCLUDING* GWX!!!

And so, by creating a (literal) *HOSTILE* environment within the company, they got what they asked for: A lawsuit by a couple of women who may *ACTUALLY* have a legit case, due to the HOSTILE 'peer review' system that somehow "downvoted" them OUT of promotions and raises!

Linux Foundation whacks open JavaScript projects umbrella

bombastic bob Silver badge

The problem with JavaScript in web pages...

The problem with JavaScript in web pages is that there is TOO MUCH of it.

Anyone who understands HTML could, in my view, use frames and/or tables to accomplish what hundreds of kilobytes of downloaded script (written by others) seems to do. If the only thing that your script does is MEASURE THE DISPLAY AREA and then set a few DHTML values, it would probably run FASTER and more CONSISTENTLY than "what's being done now".

This is another reason I use 'NoScript'. If your page requires scripting to display, I probably don't want to view the content. And if it loads "all that" from CDN's, it's probably for TRACKING or SPYING or generally IRRITATING me with ads.

bombastic bob Silver badge

Re: How about making it use more than one CPU core....

'troll' icon observed. heh.

bombastic bob Silver badge
Thumb Up

Re: Really?

"the industry would be better served by a project dedicated to replacing JavaScript with something better structured and more maintainable."

well said. multiple thumbs-up (but only one counted)

Biting the hand that feeds IT © 1998–2019