Posts by sitta_europea 873 publicly visible posts • joined 29 May 2016
"Thorium is no safer than Uranium."
Well it depends how you look at it.
It's a lot harder to make nuclear weapons if you start with thorium (Z=90) instead of uranium (Z=92).
However you *can* make a serviceable weapon with just the uranium that you dig out of the ground (and then process).
Admittedly you have to process it quite a bit, and it costs a fortune, but you can do it. "Little Boy" used processed uranium.
It's easiest with plutonium (Z=94) but you have to make all of that yourself since there's none found in nature.
But with just thorium, you can't make a weapon at all. It won't work. First you have to make something that's a little bit heavier.
https://en.wikipedia.org/wiki/Thorium-based_nuclear_power
If Microsoft is really dealing with this kind of thing in a couple of days then I'm very pleasantly surprised. They seem to ignore all my abuse reports.
Microsoft is consistently one of the top five spam sources listed by Spamhaus.
As of 17 December 2022 they're in fourth place, with 1,872 listings in the SBL, some of which are years old. They're behind third-rate Google with 2,020, some of which are even older - years older - than Microsoft's worst efforts.
Here are the oldest five issues outstanding today:
SBL471344 -- 31-Dec-2019 -- 40.92.73.10 -- Abused / misconfigured newsletter service (listbombing)
SBL465577 -- 22-Nov-2019 -- 104.47.53.164 -- Spam source @104.47.53.164
SBL457222 -- 14-Aug-2019 -- 23.100.23.67 -- Malware botnet controller @23.100.23.67
SBL450544 -- 15-Jun-2019 -- 13.107.42.13 -- Malware distribution @13.107.42.13
SBL429716 -- 11-Jan-2019 -- 40.92.72.108 -- Abused / misconfigured newsletter service (listbombing)
Source: https://www.spamhaus.org/sbl/listings/microsoft.com
"...stop sending my tax returns to an address that I haven't lived at for 17 years?"
Heh, HMRC decided that our business had changed its name. Of course it hadn't, it's only ever had one name for 38 years.
It took two years to get it fixed, and then it was only because I'd registered as a software developer and in desperation I moaned about it to somebody with a brain on the HMRC dev team.
Well all right, but I can't help feeling a little disturbed by some of the content of the depositions:
"Boss ... has to realize that this isn't China where there is far more corruption than in the US. And asking for this type of information from his contact who works for the Federal
Govt, is technically committing a Federal crime where the punishments are very severe. ..."
"The A380 always looks like it has a massive smile on its 'face', I love them :o)"
First time I saw one in the air was before it was unwrapped for the public when I happened to be driving by Toulouse when they happened to be doing the first flight. I had no idea that it was going to happen, just lucky in a trainspotting sort of way. I thought it looked weird, but I'll grant you it does have a sort of guppy-like charm. And how many other passenger aircraft can boast of never having had a fatality?
" I support a small business with half a dozen mailboxes on on-premises Exchange 2019. The business owner has an aversion to anything cloud.
"On-premise Exchange's days have been numbered for several years"
What are the alternatives? "
I can provide one. It's called a Linux box running Sendmail with a couple of my own milters.
[quote]
Minister for Home Affairs and Cyber Security Clare O'Neil said the operation will "scour the world, hunt down the criminal syndicates and gangs who are targeting Australia in cyber-attacks, and disrupt their efforts."
[/quote]
There are some people over here at Stirling Lines who can probably help.
An article about a complete non-event, and a practically unrecognizable description of the ClamAV product is given in the article, which seems to have been written by someone who has no clue what ClamAV is about.
"ClamAV is a command-line virus scanner ..."
No, ClamAV is a toolkit. It happens to include a command-line virus scanner (which as it happens we only ever use here in development and testing).
"ClamAV itself only runs when invoked ..."
Like any other software in existence, you might say. The ClamAV package includes a daemon which can run 24/7 (and does, here, on its own separate server).
"...can hook into kernel notification APIs enabling it to monitor specific folders for any changes in their contents."
No, it does not look for changes in content. It can scan files on access which is why it uses the kernel notification facilities.
This is one of the most misleading articles I've ever read on TheRegister.
"...Sadly try that with many programs like web browsers and its a complete mess of rules and requests for stuff you really, REALLY wonder wtf the developers thought they needed to poke around all sorts of places in the OS just to play cat videos and brows the web."
I wish I could upvote that ten more times.
"...Is there any reason why memory safe can't be enforced in the C/C++ compilers?"
It doesn't have to be in the compilers.
I did it more than 30 years ago in C libraries for an accounts package that I wrote. For example I replaced malloc() with my own version, which did a bit more (and so admittedly sacrificed some performance) but made the use of memory allocation for the rest of the package entirely safe and guarded against any and all overflows. IMO it was the only way to tame what was otherwise an obvious footgun.
The package is still running, still sending invoices, now even making VAT returns. Never a crash that wasn't caused by the hardware or the underlying OS. When someone called one of the users about a credit note and said that there must be a bug in it, the user laughed out loud.
And what's all this about Java and JavaScript? Weren't some of the biggest recent disasters written in those languages (log4j, npm)?
You can demonstrate incompetence in ANY computer language.
"The smartest thing might've been to pay tax on it, hire a bunch of expensive lawyers..."
Not doing so must be the real reason he's been charged.
Who cares if somebody steals from a thief who stole from a thief who...?
It's like assassination and kings - they call it 'natural causes'.
"There was a report published in the 90s - The Busby Report I think - that said we weren't planning and building enough generating capacity."
Engineers in the nuclear power programme were saying the same thing in the 1970s. I was one of them. I joined the UKAEA hoping to build nuclear reactors for peaceful use - primarily power generation. More or less the the first thing our government did after I qualified was make it very plain that peaceful uses didn't float boats in Downing Street, so we were to build SGHWRs. Guess what SGHWRs are good at making?
Then people who planned no farther ahead than the next election cancelled even that programme, incidentally leaving me with no obvious career path, so I left.
"I seem to remember various people ... poo-pooing it. ..."
Yup, same thing happened in the 1970s.
Walter Marshall once said to me "You know I meet a lot of politicians in my job, an awful lot..."
He was quick to clarify with a smile that he didn't really mean that the politicials were awful, but somehow word got out. It wasn't me.
As far as I'm concerned what followed was the constructive dismissal of one of the brightest lights in power generation, and a truly staggering blow to British industry which continues to be felt to this day.
"I don't understand why the likes of Amazon & Facebook don't have their own massive turbines built off the west coast of Ireland."
If you're going to build something off the west coast of Ireland, would it not make more sense to use the tides?
After all, they're completely reliable and predictable years in advance.
[quote]
Unfortunately wrong. See this article from Nature that shows that the processing of salts from Thorium based MSRs can produce U233 far more safely than getting it from conventional reactors. U233 can be used pretty much like U235 for making bombs.
[/quote]
Except that you can't handle the U-233.
U-233 is invariably contaminated with U-232, which is hideously radioactive so you're looking at isotope separation down to ppm levels just to be able to handle it. Ask any Iranian how easy it is to separate similar isotopes down to that level. As for making bombs, U-233 is a lot more like Pu-239 than it's like U-235 but the impurity problems remain, and are much more serious for U-233 than they are for Pu-239 where the acceptable impurity is a few percent, not parts per million.
Oh - I *am* a nuclear physicist.
Just to put things in perspective: after a couple of decades, the total spent on ITER is about twenty billion.
The world uses ballpark 15 to 30 billion barrels of oil per year at a ballpark cost of 750 to 2400 billion.
So - even at wholesale oil prices - every few days we spend on oil what we've spent in total on ITER.
JET produced 16MW of fusion power in 1997. Not for very long, and it took 24MW to produce it, but that's a Q of 0.67 and given that record I'd have thought it worth risking a bit more than the shoestring funding that it's had since then.
Talk about getting your priorities straight...
[quote]
Just how much are x86 systems now crippled by the sum of all the mitigations since Spectre and now Ratbleed?
[/quote]
When I 'upgraded' a customer site running Debian on Intel NUC devices (Atom E3815) to the first kernel which had patched some of the early speculative execution vulnerabilities, the performance was at least a thousand times worse. They were clicking something on the screen and then going out for lunch.
To recover I compiled custom kernels without the fixes.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
