* Posts by c1ue

249 posts • joined 10 Nov 2015

Page:

Fancy some post-weekend reading? How's this for a potboiler: The source code for UK, Australia's coronavirus contact-tracing apps

c1ue

Schneier posted a thorough takedown of contact tracing apps

Scheier on Security for details, but a summary would be:

1) Apps can't tell if genuine contact was made or not (i.e. a wall between people)

2) Apps can't work if a person doesn't have a functioning smartphone

3) Even Singapore was only able to get 20% adoption rate

In the former case - are you going to quarantine 2 weeks based on this shoddy confidence level?

In the latter case - the app cannot provide any measure of security regarding exposure.

In the middle case - if even Singapore can't get more than 1 in 5 residents to install - why would anywhere else in the world, expect better? Except of course China...

So why bother at all?

'A' is for ad money oddly gone missing: Probe finds middlemen siphon off half of online advertising spend

c1ue

Re: No surprise, but what to do about it?

Yes and no. More appropriate would be 3+3=3 - representing the part lost to fraud...

Uber trials fixed-price hourly rentals for visits to the butcher, the baker and the candlestick-maker

c1ue

Re: The urban transport solution for coronavirus and afterwards

So what about driver protection?

And passenger protection if drivers get sick?

Because surely 1 hour of continuous exposure is safe.

Free users become losers as AI startup with AWS bills to pay pursues viral opportunity

c1ue

Seems like a doomed business model.

If it succeeds, Zoom copies it.

All your jobs are belong to us... Amazon is hiring 75,000 people but if you want US home groceries, tough luck

c1ue

I guess the real question is what will this ongoing coronavirus situation impact class relations going forward.

The salaried PMCs (professional, managerial classes) are the least affected: they're still getting paid and they can afford to order everything from Amazon.

However, the people who are paid poorly have just had their noses shoved into the fact that even their crappy jobs aren't reliable for the little money they do get.

The ones who have work: grocery, food delivery, etc get the bonus of playing the coronavirus lottery.

The many who don't...

Minister slams 5G coronavirus conspiracy theories as 'dangerous nonsense' after phone towers torched in UK

c1ue

As opposed to say, National Inquirer type newspapers, social media etc?

Hey, China. Maybe you should have held your hackers off for a bit while COVID-19 ravaged the planet. Just a suggestion

c1ue

Given China has been locked down since January 23 - what else do they have to do? /sarc

Don't believe the hype: Today's AI unlikely to best actual doctors at diagnosing patients from medical scans

c1ue

This shouldn't be surprising.

The deployment of political campaign style PR into pushing startup memes was deployed to perfection by Uber, and that hasn't gone un-noticed.

Self-driving truck boss: 'Supervised machine learning doesn’t live up to the hype. It isn’t C-3PO, it’s sophisticated pattern matching'

c1ue

Re: Tesla exists

The main benefit of Tesla's "AI" is that it is mostly killing Tesla drivers.

Not us innocent human pedestrians, bicyclists and other drivers.

c1ue

Re: Finally, a proper description of what the media dubs "AI" actually is

Robot drivers are subject to all manner of attacks which human drivers aren't bothered by including

data poisoning and spoofing.

How will actuaries react to that?

Forget James Bond's super-gadgets, this chap spied for China using SD card dead drops. Now he's behind bars

c1ue

Re: Money-laundering?

Incorrect. There are 2 levels of reporting - the $10K is a hard requirement but banks are supposed to report anything $2K up to $10K at the bank's discretion. I'd be shocked if this didn't happen frequently since it is mostly automated.

Resellers facing 'months' of delays for orders to be fulfilled. IT gathers dust on docks as coronavirus-stricken China goes back to work

c1ue

Re: Just an FYI

Deaths are the only hard statistic - and they are the numerator.

The denominator is unknown except that it is higher than the known confirmed cases.

However, what really matters is that the novel coronavirus has a dramatically different mortality rate depending on your age.

Over 60 - really not good.

Under 10 - basically 0 chance of death.

10 to 50 - under 1%

Chips that pass in the night: How risky is RISC-V to Arm, Intel and the others? Very

c1ue

Admirable effort but didn't think it through

The author did a decent job but didn't think it through.

I worked at AMD just before the Y2K era: the reason AMD had a brief resurgence was that Intel took a generation to ramp towards power efficiency - which AMD ignored and kept focusing on raw compute. The resulting faster AMD processor didn't matter though, because Intel just sliced the cost of top line processors knowing that AMD couldn't churn out enough product in its one fab to significantly change market share.

How does this matter regarding RISC-V? The issue is modern process complexity. The architecture is an important step, but arguably less important than the ability to transform theoretical performance - compute and power/heat efficiency - into reality. While AMD's fabless approach has removed the single fab bottleneck from 20 years ago, the barrier to being able to put in the engineers, test chips and know how to derive product is reinforced by modern $10M+ mask costs.

There will never be more than a handful of startups that can afford even a single tapeout, much less the stream needed to validate a top-end processor.

Or in other words, RISC-V is interesting but has zero chance of turning back, or even slowing down, the ongoing maturation of the processor industry.

Coronavirus conference cancellations continue: Google and Microsoft axe WSL and Cloud Next

c1ue

I attended RSA - it didn't look empty at all.

The cancelled conferences are going to hit the SF economy pretty significantly.

Maersk prepares to lay off the Maidenhead staffers who rescued it from NotPetya super-pwnage

c1ue

Is this just Maidenhead, or a more general Maersk budget cutting?

I note that world trade is significantly suffering due to fear/precaution over nCOV/novel coronavirus - both in terms of supply chains breaking from China production interruptus and from fear of contagion affecting freighter (from China) docking. As evidence - there appears to be a container shortage in the US.

As a shipping company, Maersk is certainly going to be affected.

Is this Maidenhead move a cost cutting just in that group, or part of an overall change?

It's only a game: Lara Croft won't save enterprise tech – but Jet Set Willy could

c1ue

AS400 by any other name

Not at all clear to me why this article was written.

If we're going to talk about 8 bit CPUs like the ZX Spectrum - modern systems can perform software emulation to replace legacy DOS, Windows and Mac. All you then need is a copy of the software and some form of pipe to pull the data out of the legacy box.

I'd think the real problem lies with Big Iron systems that fundamentally don't work like x86 architectures, i.e. the PowerPC AS400 systems.

While you can software emulate PowerPC, the emulation cannot replace the hot swap, highly parallel and other architectural features of AS400 OS+PowerPC systems - and it isn't entirely clear to me that an FPGA could easily do the same either. This is disregarding potential copyright/patent issues IBM may have.

Internet's safe-keepers forced to postpone crucial DNSSEC root key signing ceremony – no, not a hacker attack, but because they can't open a safe

c1ue

Re: Ironic yes

Iron-ic

Astroboffins may have raged at Elon's emissions staining the sky, but all those satellites will be more boon than bother

c1ue

If balloons are economically feasible, why are satellites?

Again, how about some numbers rather than "ooh its cool".

What's the expected throughput? What's the expected latency? How much will the ground-side connection hardware cost? How will privacy/security be observed?

c1ue

Very weak article

If the author were really trying to convey value as opposed to sat'splain, the economics of the satellite internet access would have been talked about.

Instead, a very thinly disguised "progress" and TINA "there is no alternative" farrago.

LCD pwn System: How to modulate screen brightness to covertly transmit data from an air-gapped computer... slowly

c1ue

To be fair, you could do a lot with the combination of frequency modulated data and using G and B pixels.

He’s a pain in the ASCII to everybody. Now please acquit my sysadmin client over these CIA Vault 7 leaking charges

c1ue

The timeline and details, to me, implies a physical server or desktop.

But the question then is: why would super secret stuff be on a single physical server or desktop, as opposed to a centrally managed cloud device?

This matters because the evidence talked about all appears to be endpoint - there is hardly any, if any, network data.

Whatever superuser access the defendent may or may not have had - surely he didn't have the ability to access and modify network logs?

And now, here's Cli-Mate 9000 with the weather... Pattern-recognizing neural network tries its hand at forecasting

c1ue

Circular Reasoning

Training an AI on the output of a machine simulation is literally circular reasoning. You get all of the biases, errors and lack of granularity of a model plus the bullshit marketability of AI.

'Cyber security incident' takes its Toll on Aussie delivery giant as box-tracking boxen yanked offline

c1ue

Sounds like a ransomware attack to me.

Two billion years ago, snowball Earth was defrosted in huge asteroid crash – and it's been downhill ever since

c1ue

Re: Hmmm

Dust is possible, but I'd look more towards induced volcanic eruptions contributing greenhouse gases.

Wave goodbye: DigitalOcean decimates workforce as co-founder reveals lack of profitability, leadership turmoil

c1ue

Re: Impressed with the service but........

Not at all surprising.

I've helped LE take down cyber criminal gangs that were using a DO VPS as command and control, even though the operations were in a different continent.

How a Kaggle Grandmaster cheated in $25,000 AI contest with hidden code – and was fired from dream SV job

c1ue

Re: One of life's losers...

I understand what you're saying, but in this case - the gold medal is accompanied by gold.

Not so much the Kaggle gold, but the extra work and pay that the #1 position yields.

So it isn't necessarily an ego thing as Pleskov says as it more likely is a financial thing:

Kaggle Grandmaster, hire me!

Spanking the pirates of corporate security? Try a Plimsoll

c1ue

Compulsory bug bounties? How do compulsory bug bounties relate to a decent backup strategy? Looks like a blatant attempt to talk one's own book.

Google and IBM square off in Schrodinger’s catfight over quantum supremacy

c1ue

A huge question which I see is: ok, the present Google machine has 56 qubits = 2exp56 size solution set.

How do you verify that an algorithm is working correctly over this range of solution set? Existing systems can't seem to do a very good job of testing/quality control - will quantum magically change this situation?

I wonder because once you start going into the 2exp100+ range - this is literally the million monkeys on typewriters for a million years scenario. Makes hash collision really interesting - in cryptography, for example.

Tragedy: CES squeeze forces frequent flier hotshots into economy hell

c1ue

Re: This is why

Mostly no longer true. Most airlines are awarding frequent flier miles based on spend.

c1ue

I should note that United frequent fliers are automatically entered into the lists for upgrade. There are upgrade capabilities which guarantee an upgrade if availability is there, but the upgrade generally occurs long before the lists. The lists are also available online at united.com - examination of flights departing many hours from now will shown significant numbers of upgrade list people as soon as they check in.

It isn't that all 183 or whatever passengers were DYKWIA - likely most didn't think it would happen.

This story is based on inaccurate assumptions.

Canada's .ca supremo in hot water after cyber-smut stash allegedly found on his work Mac ‒ and three IT bods fired

c1ue

Re: Question for the community

To be clear, I think most companies' policies is that any personal data put on a work computer is:

1) No longer subject to personal privacy laws

2) Is not going to be officially supported by the company - i.e. backup, recovery, IT help etc

I don't think I've seen policies that prevent all personal use of the computer - these are impossible to enforce, or at least enforce without being extremely intrusive.

Ultimately, if the issue was that the IT people didn't want to move the data because it was personal under 2), that's one thing. If the issue was objection over the material itself - this seems odd since it shouldn't matter if the material is sexual or just a lot of saved games of Minecraft - particularly since there is no mention of said CEO showing this to anyone.

c1ue

Question for the community

Having personal data on a work computer is generally against policy, but isn't inherently improper or illegal, right?

My question is this: the people doing the transfers clearly were perusing the data on said executive's computer. Isn't this also against good IT practice as well as potentially against IT policy?

There is likely all manner of sensitive information on a CEO's computer - work as well as anything else. Is it acceptable that an IT person tasked with data transfer is looking at any of it, for any reason? I'm talking not just about personal pics, but work evaluations of other employees, corporate budgets, board level reports, discussions with potential partners, acquirers or acquirees etc.

If this is not proper or acceptable, the reporting of personal pics on said CEO's computer would be like a john complaining to a policeman that the prostitute he solicited ran away with the money without giving sex...

How much cheese does one person need to grate? Mac Pro pricing unveiled

c1ue

Look on Ebay

There are Mac Pro Tower desktop boxes that are decade plus old but sell for $1000 still.

I recently processed a 2006 era Mac Pro Tower: 10 GB Ram, 500 GB HD - owner said it was bought for US$12K.

So none of this surprises me, if the target market is the graphics/video editor.

PSA: You are now in the timeline where Facebook and pals are torn a new one by, er, Borat star Sacha Baron Cohen

c1ue

The general points are valid, but the problem is that the specific issues being decried aren't clearly as objective as these spokespeople say they are.

For example, I watched a video of John Stamos talking to at Stanford about the challenges which Facebook has moderating content.

He put up 2 examples, after talking about how some of his investigators are ex-NSA.

The problem with his example is that the display of hate-mongering ads isn't necessarily ideological.

Wired published an article in 2017 (Inside the Macedonian Fake News complex) about a bunch of young people in Macedonia have been publishing exactly such ads - specifically targeting the 2016 election - purely in order to make money. They had very poor English and no ideological agenda - but the economics of online advertising is what drove their activity. Even the content they published was sourced from others; they simply chose what they deemed the most "effective" for clickbait purposes.

So there are at least one Macedonian town's worth of such muckrakers. Why should that be the only one?

Then there's the scale of which "the Russians" are supposed to have done ill. That may well be true, but it is still not clear to me how the $100,000 of spending by the RIA somehow significantly mattered vs. the $1.8 billion spent online - $1.1 billion by the Clinton campaign and $750M by Trump. We're talking literally 0.01% of the spend (vs. Clinton) - an addition of 0.013% to "pro-Trump" ad spend.

Note that Stamos said that the data on spend ($100K, RIA, ads used etc) was all from his team - so he can't claim ignorance as the the provenance of this figure, nor should he be ignorant of just how much revenue Facebook generated as a result of 2016 presidential spending.

Note that overall political spending in 2016 was $10 billion...

Welcome to cultured meat – not pigs reading Proust but a viable alternative to slaughter

c1ue

This entire vat-grown fad is nonsense

The cost of agar - what is used to grow stuff in petri dishes - was $35-$45 a pound before a shortage hit.

That's the beginning bottom limit of what any "grown" meat is going to cost: the feedstock.

Then there's the economics of growing 200+ pounds of meat per American - half of which is not-poultry = 60 billion plus pounds per year per percent of market share. The washing and refilling of growth containers. The monitoring and harvesting. The transport. The quality control. The extra processing needed for texture.

This entire sector is Theranos level bullshit, except for the tiny sliver that understands it is selling $200 burgers to virtue signaling rich people.

A better comparison is the algae grown replacement for oil that was "hot" not so long ago: where's that gone?

Nowhere, because the scale simply isn't achievable by non-magical means. Even having a variety of algae that could directly spit out oil, the capability to farm enough algae, harvest and process to replace even 1% of oil consumption at even 10x prices vs actual oil is simply utterly impossible.

Rekognition still racist, politicians desperate over deepfakes, and a good reason to go to (some) music festivals

c1ue

Progress! At least the black athletes are being identified as human, albeit criminal human.

The earlier AI machine eyes were seeing gorillas...

Would you open an email from one Dr Brian Fisher? GP app staff did – and they got phished

c1ue

Re: Do you use one of these popular passwords?

biometrics is not a great idea. What do you do once that data is stolen? Going to change your DNA?

Tesla has made a profit. Repeat, Tesla has made a profit – $143m in fact

c1ue

Q3 profitable due to an over $150M decrease in operating expenses vs Q1 or Q2. Plus ongoing $100M+ revenue from regulatory credits, $134M in Q3.

More importantly, their gross margins - even when "profitable" - are 5%-ish. That's worth more stock value?

Welcome to the World Of Tomorrow, where fridges suffer certificate errors. Just like everything else

c1ue

You're right, but missing the point.

The app is there to spy and collect Big Data on every user.

The interface to the hardware device is the shiny lure...

Who you gonna call? Avaya grabs $500m investment from RingCentral to cut whopping debts

c1ue

This is confusing to me. RingCentral is doing reasonably well, but this deal seems like they're plowing all their cash and a lot of their stock valuation into Avaya.

I guess it makes sense if RingCentral is basically buying Avaya's customer list, but this looks like a guppy swallowing a whale: RingCentral is giving $500M to Avaya when their annual revenue is $800M. The stock part makes more sense - it is way up,

WeWork, but We don't IPO: Self-styled techie boarding house calls off cursed stock offering

c1ue

WeWork is Enron combined with a Ponzi scheme.

Enron because the long term leases enriched the early investors - who happen to own buildings which WeWork leased, which increased in value after the WeWork leases dramatically reduced vacancy rates.

Ponzi because it is very clear that WeWork founders are cashing out like mad - both JPM and Softbank money. Getting while the going is good.

The unit economics are awful: they're selling $1 for $0.05 in the first year - and what is even more amusing is that we've already seen a "coworking" rise and fall: look up Regus' journey.

WeWon'tWork: CEO Adam Neumann enters Low Earth Orbit to declare, I'm outta here

c1ue

WeWork increasingly looks like an extraordinarily public SPV to pump up the value of its investor's (and CEO's) real estate holdings.

Look at the early investors and also who owns many of the high profile buildings WeWork leases.

The scam would be: a building with a low vacancy rate can be worth literally multiples of a building with a high vacancy rate. An investor who put $10M in WeWork, but had WeWork lease their New York building, would see the building's value increase $50M or more. Sell building, reap cash, wait for WeWork to fail and stick the new owner with a high vacancy building.

Whether WeWork IPOs, for these investors, is largely irrelevant.

It is also interesting to see JPM's involvement with Neumann and WeWork...since JPM also represents a lot of these real estate ownership groups...

Those furious gun-toting Aussies were just a glitch. Let's try US drone deliveries, says Wing

c1ue

Re: This should be good

Its time for the aerial area denial kickstarter: balloons with wire tethers that go up 250 feet. That'll take care of the drones flying overhead...

c1ue

Re: Seriously

Organ transplants? Quite a stretch. I can just see a warehouse full of refrigerated organs waiting for transport.

In real life, the numbers of organs transplanted, in any given area, are so few as to be laughable. Not to mention the donors tend to be from far, far away - hundreds to thousands of miles.

Drone delivery sounds great except it is just more crap for the 0.1%

Woman sues Lyft, says driver gang-raped her at gunpoint – and calls for app safety measures we can't believe aren't already in place

c1ue

Re: Cameras

Sounds good in theory.

In practice, capturing, uploading and storing 10-15 hours of video, per driver, per day is a ginormous cost and may not even be technically possible at massive scale.

Consumer ransomware insurance? You could be painting a target on us all for avaricious crims

c1ue

Re: The real crime is that no one does backups anymore

Some people do backups, but attackers will go after the backups too.

700km on a single charge: Mercedes says it's in it for the long run

c1ue

So $40,000 to $75,000 in batteries, plus EU0.30 per kwh = 30 euro per charge up vs. 1.40 euro per liter for gasoline.

Not at all clear that this is a win - even at German gasoline prices.

Average german fleet mileage is 13 km per liter, so 700 km reach = 75.4 euro in gasoline vs. 30 euro per charge plus the capital and interest costs of 36K to 67K euro in batteries.

Yep, definitely luxury.

Mystery database left open turns out to be at heart of a huge Groupon ticket fraud ring

c1ue

Not really clear why having an unsecured instance is more secure from an opsec perspective.

After all, someone is paying for that instance, no?

Loss-making $15bn hipster chat biz Slack suddenly less appetising to investors as it predicts deeper losses

c1ue

Re: I just don't get these massive losses

One obvious guess is cloud costs.

I don't know if Slack operates its own data centers, but very possibly not. In which case, it can get hammered by cloud costs both due to freemium model and due to even paying customers loading ever more non-chat stuff (pics and what not) into their Slack channels.

Security is also probably a serious issue because Slack is basically an overgrown web app.

The top three attributes for getting injured on e-scooters? Having no helmet, being drunk or drugged, oddly enough

c1ue

There are more people injured than riders.

At least in San Francisco, motorized vehicles (except handicapped scooters) and bicycles are prohibited from being used on sidewalks.

Yet the people who ride the scooters don't know that. So they don't wear helmets and they also endanger actual pedestrians.

Note I say this as a person who has put literally thousands of miles on my own electric scooter - riding in the street with the bicyclists.

Then there's the scooters lying around everywhere: blocking sidewalks, doors, driveways etc.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020