* Posts by steelpillow

557 posts • joined 16 Jun 2016


At last, a kosher cryptocurrency: BitCoen

steelpillow Silver badge

Me too

I just started BitClown, only when I tried to upolad my website I fell into a bucket of whitewash.

Can GCHQ order techies to work as govt snoops? Experts fear: 'Yes'

steelpillow Silver badge

Off the leash

Seems to me that the curious case of the independent consultant being served a voluntary warrant is because, under the normal course of events, they would not normally be allowed to undertake such interference. It is a way of saying, "OK, boys and girls, you are off the leash." The telco itself needs stronger legal armtwisting, as it has more obligations to its users, so gets a compulsory one.

For fork's sake! Bitcoin Core braces for another cryptocurrency split

steelpillow Silver badge

Re: Where does the money come from?

The bitcoin itself is conjured up by the mining software. Presumably you mean where does the value come from? Answer: user confidence and trust. The value of a dollar bill comes from trust in the US treasury and confidence in its economy. So it is with Bitcoin. The more people trust the Bitcoin system and the more it gets used, the greater everybody's confidence it it and the value they are prepared to exchange for it increases.

There have been plenty of non-State currencies in the past. Salt was a common one for thousands of years. Bitcoin is just e-salt, really.

No, Apple. A 4G Watch is a really bad idea

steelpillow Silver badge

Wrong end up

The smart watch is approaching wearable smarts from the wrong end. Trying to cram a phone top-down onto your wrist just makes for a crap phone. Instead, start at the bottom - what are the watch manufacturers doing with increased processing power?

My advice to Apple - go buy the leading manufacturer of cute, upmarket gizmo watches and follow their nose not yours.

Re-identifying folks from anonymised data will be a crime in the UK

steelpillow Silver badge


"Oh, look, my AI Big Data analyser has just taught itself to recreate personal information from anonymised data and started selling it to our clients."

"Well, stop it, then."

"We have already, twice. It just keeps teaching itself new ways to do it."

"Is there no way to stop it?"

"Yes, tell it to stop adding value to our product."

" > @!...* < "

UK publishes Laws of Robotics for self-driving cars

steelpillow Silver badge

Data owners, ooer

@moiety: The "data owner" is a well-defined concept in infosec and refers to the person about whose activity or business the data relates. For example journey information belongs to the driver and any passengers. Hire cars must begin to pose headaches in this respect: who owns the "black box" recorder data, the vehicle owner or the driver, if it hasn't already been sold to Google by the manufacturer. :(

steelpillow Silver badge

The old chestnut

Missing is, "Any system containing critical safety functionality must never initiate a communications session with a system which does not contain such functionality."

It's the old "the server may not initiate a client session" rule, designed to contain any service compromise, which so many system designers struggle to come to terms with.

steelpillow Silver badge

9 out of 10

Oops, 6.4 has blown it: "Software adopts open design practices and peer reviewed code is used where possible. Source code is able to be shared where appropriate." So a Bad Bunny can cut rogue code, hide it in a "commercially sensitive" blob and refuse to let anybody else vet it. No no nooo!

It should read, "Software adopts open design practices and all code must be peer reviewed within one month of release. Source code is to be made publicly available and reviews of all third-party bug reports to be published alongside them."

That "one month" allows grace for urgent security patches.

Got that syncing feeling? Cloud's client-side email problem

steelpillow Silver badge

I'll tell you why

Because the longer you work in a big place, the less you trust the network and services to be up when you need them.

Sync means you can keep working while the IT guys are fixing stuff elsewhere.

I never saw so many crazy excuses as the pile of exemption applications when hotdesking was introduced. The most relevant here was; "I have to be available 100% of my hours. It takes over half an hour to update a workstation so I can work locally when the network fails."

Grab a fork! Unravelling the Internet of Things' standards spaghetti

steelpillow Silver badge

Re: shoot lower

"Internet of shit devices are effectively orphaned at point of sale."

You forgot the ones plugged in and pwned by the entire Internet within ten minutes.

Red Hat acquires Permabit to put the squeeze on RHEL

steelpillow Silver badge

Re: Beer

"I thought another reason was that you can't BOOT into a ZFS volume unless ZFS support was baked into the kernel, as it's the only thing running at boot time."

There is a world of difference between baking in support and compiling in ZFS itself. The first of these allows you to boot from a ZFS mount, the second allows you to do it faster.

steelpillow Silver badge

Re: Beer

Speed. The whole point of getting rid of intermediate layers and moving stuff closer in to the kernel is speed. That is what RHEL customers want but OpenZFS cannot deliver.

steelpillow Silver badge

Re: Licensing sense

The article may not say it, but then the article does not say that the sky is blue and bears dump in the woods either.

steelpillow Silver badge

Re: Didn't Stop Canonical

Legal opinions offered to Canonical and the FSF differ. When so many of your big-money enterprise clients are also the big Oracle licensees, would you want Oracle taking you to court and arguing that the FSF disagree with you so you must be wrong? Think of the damage a little spiteful hanky-panky could do to your bottom line. Even if you were to win, it would be cheaper to play safe and buy a Plan B.

Canonical are less hooked on Big Enterprise + Oracle database than Red Hat are, so the risk to them is similarly less.

steelpillow Silver badge

Licensing sense

It makes sense if Red Hat are using the Permabit code as a way to bring ZFS-compatible functionality into a GPL-compatible codebase. Oracle's CCDL may be FOSS but it is still thought incompatible with the GPL, so to get ZFS compatibility into a monolithic (high-performance) kernel compile you cannot use OpenZFS but need to clean-sheet it. Basically, "why sit down and write new code when we can buy someone who has already done that and just re-license it?"

What sort of silicon brain do you need for artificial intelligence?

steelpillow Silver badge

No, the marketing dept need only to hide the fact that the AI can't perform at lightspeed and wow everyone and their dog every second of the day. Nor is even a single idea necessary - take another look at said marketing department.

Seriously, we won't know how to build AI until we understand the problem. And we won't know we have understood it properly until we have built an AI that really is. Comparing today's architectures is a bit like comparing flatworms with slime moulds (oh, leave the poor marketing department ALONE there, will you) and asking which is going to evolve into birds.

steelpillow Silver badge

Oh look, no squirrel

This is all a plot to make MS droids work harder. With the pi driving away all the squirrels, they will no longer be distracted from their desktops.

FreeRADIUS fragged by fuzzer – by invitation – and fifteen fails found

steelpillow Silver badge

C is a [value judgement of choice] language for security

C is as good at security as the programmer writing it.

So what is obviously needed is a security-minded IDE that embodies security best practice and enables goofs like me to turn out good, secure C. Built in goof alerts, stuff like that.

Can/does such a thing exist?

'Many' ways to create artificial intelligence. Just ask the UK's AI businesses

steelpillow Silver badge

Re: AI or expert system?

An expert system has only one function, say diagnosing medical symptoms. General intelligence can pick up new functions whenever it wants, like we can. Whether we describe some artificial systems as "intelligent", even though they do not have general intelligence, is a matter of wordplay between the sales team and the philosophy graduates.*

* Darn, most of the sales team ARE philosophy grads. I give up.

steelpillow Silver badge

Top end

Great summary. Will be interesting to see how the current crop get labelled in hindsight. Back in the day they said, "Oh, computers aren't AI, they are just programming, they'd need to beat humans at chess or something like that." So they did. "Oh, that's not AI, it's just clever programming. A robot that can trundle round a strange room and plug itself in to recharge would be needed." So they did. "Oh, that's not AI, the skill is pre-programmed. you'd need big data and unpredictable machine learning." So they did. Will the future say, "Oh, that's not AI...."?

NASA flies plane through Earthly shadow of Kuiper Belt object

steelpillow Silver badge

Re: I'm lost

Not really. It was the shadow of a different sun and nothing to do with New Horizons. In more common terms it was a transit event, in which the MU69 passed across in front of a distant star. The magic was in predicting it and getting the plane to the right place at the right time.

steelpillow Silver badge


They should (re)name their ship "Starshadow"

European Telecoms Standards Institute emits mobile edge APIs

steelpillow Silver badge

Re: By all means, let's expand the users attact surface exponentially

Hey, you beat me to it. Let's run a sweepstake on when they host their first DDOS attack.

But you know what users are like, "Hey, that improves usability. Uh... no, I don't know how to spell security, don't be so...."

Still, until AI gets better at cybersecurity than humans, some of us will always live in an expanding jobs market. :)

Feelin' safe and snug on Linux while the Windows world burns? Stop that

steelpillow Silver badge

Reality check

Windows is of course the natural entry point because it has the biggest click-first-think-afterwards user base. It is also an inherently less secure user environment with less sandboxing, APIs which reach deeper into the OS and file management, etc. etc.

Linux has its enemies and its vulnerabilities. It has rough parity with Windows in web server space, each Windows box tends to host more sites, though many of those may be inactive. You can prove what you like from those statistics.

Nevertheless, more Linux servers have rootkits installed than its user base realizes. And you can include the poorly-quantified but generally vast IoT in that.

So for ransomware go Windows, for DDOS bot go Linux.

Now, about that vulnerability reporting-patching thing. Open Source products such as Linux and most of its apps get heavily scrutinised and many holes reported and, usually, promptly patched. Closed source products such as Windows and most of its apps get little scrutiny, reported vulnerabilities are often kept secret and unpatched for periods of years. Note how hole discovery tails off as a Linux product matures, while the same cannot be said of Windows products. Given the same crap code for v1.0, the Linux code base is much better at securing itself over time. Those CVE stats record only the surface activity, not the underlying strength. Rejoice in the activity of the Linux community.

Of course, any given device is only as secure as its OS installer makes it, and here the Linux-grabbing cheapskate gadget makers unravel all that good work. You can never fix human nature and stop dumbos clicking unsolicited email attachments, but what the IoT desperately needs is security standards and government legislation to enforce them.

Fresh cotton underpants fix series of mysterious mainframe crashes

steelpillow Silver badge

Re: Don't give me no static ...

@Terry 6: When you climb out of the driving seat, hold on to the door latching stud on the main bodyshell. (wipe off excess grease first!)

The static builds up only as you pull your butt away from the seat and work is done pulling apart the two layers of different-charged materials covering each. If you ground yourself back to the vehicle, you create a return path for the electrons and no charge can build up. The current passing through your hand is negligible and you won't feel it.

I went through all kinds of trailing gizmos behind my motor before I figured this out. I felt it made all those years as an EMP test engineer worthwhile.

The Psion returns! Meet Gemini, the 21st century pocket computer

steelpillow Silver badge

Ups and downs

Some of the design criticisms made here are not valid, IMHO. The Gemini is not a normal mobile phone and should not be expected to behave like one. There should be no need to use the screen when making a standard phone call. The voice assistant and external mic button ought to mean that you can make voice calls - well, with your voice, like this: >Press< "Gemini, call the office": a totally natural thing to do. The front camera is not for selfies! It is, or ought to be, part of the office setup, along with the keyboard, for those occasions when Gemini is open on a table or desk and a video call is useful. Especially valuable for global conference calls, so you can see who is talking. The keyboard in the promotional shots is an old Series 5 one grafted onto mock-up hardware, the production one will be different.

The one sour note is the smell of BS. Crowdfunding is well above the minimum ask, yet already the main man is giving us the "Honest Joe" softening-up treatment. It is tragic to think that the best mobility tool since the Series 5 may have been hijacked by a de Lorean of the IT world, but no way am I risking my cash until I know EXACTLY where all the rest has gone so quickly and why.

steelpillow Silver badge

Full moon shines on Martin "Dracula" Riddiford

So very, very wanted! Best keyboard designer on the planet returns from the grave, hurrah!

(The reason why phablet+clamshell+keyboard never cuts it? Bloody awful keyboards, that's what.)

The two old bugbears, screen quality and lack of air interface, gone.

OS/UI will be the interesting bit, I wonder if MATE will prove usable.

Debian 9 feels like home with security upgrades and a flaming vulpine warming your toes

steelpillow Silver badge

Re: Stop claiming that secure boot is evil just because you can't undestand it.

@Christian Berger. No need to feed the troll. Just let the sunlight do its job.

steelpillow Silver badge

Re: firefox

"It a nickname for the red panda (Ailurus fulgens) not a burning fox. It is related to the raccoon"

Oh, I thought it was a fictional MiG fighter stolen by Clint Eastwood.

steelpillow Silver badge

Re: Nice changes-

"Shame about the SystemD..."


I am now torn between Devuan Jessie and Debian Stretch. Or, I could be lazy and wait for Devuan Stretch. Um.

steelpillow Silver badge

Re: Stop claiming that secure boot is a security advantage...

Secure Boot is not about either the boot sector or a secure chain for the user. It is about a secure chain for the commercial proprietor of certificate provision. The conflict of licensing ethos this creates is enough to stop Debian in its tracks, and rightly so.

As a user, there are several easy workarounds - even if the hardware provider locks SB down.

Consequently, as a Black Hat there are several easy workarounds....

Gartner confirms what we all know: AWS and Microsoft are the cloud leaders, by a fair way

steelpillow Silver badge
Thumb Down


This looks like paid advocacy to me. Where are the market share statistics to bring it back to reality?

Debian devs dedicate new version 9 to the late Ian Murdock

steelpillow Silver badge

Sysvinit and Devuan

Will be interesting to see whether any of the Good Things produced by the Devuan fork work their way back into Stretch + sysvinit, and ui/app developers stop assuming systemd is installed.

Oh the irony: Government Digital Services can't pay staff because of tech problems

steelpillow Silver badge


Well, there you go.

You screw your staff - so they walk. D'oh!

You walk away from your boss's payment system - so you don't get paid. D'oh!

I know, why don't we outsource the bosses as well as the staff? I mean, it follows the same logic....

Google to give 6 months' warning for 2018 Chrome adblockalypse – report

steelpillow Silver badge

Who in their right mind? Oh...

Pay to disable adblocking? What adblock user in their right mind would pay to have adverts thrown at them? Oh, of course, I forgot, these are Internet users, a lot won't even know that they have it enabled. Sigh.

Microsoft founder Paul Allen reveals world's biggest-ever plane

steelpillow Silver badge

Half way there

Twin fuselages make for a clean payload space without massive undercarriage. The split tail removes any risk of interference or contact if the payload gets mardy, either before or during launch. It's becoming a classic configuration for space launchers. ISTR Rutan has retired from Scaled Composites, nevertheless I find the most surprising thing about this ship to be how conventional it is in other respects.

Main problem is that nobody has yet built a sensible orbiter on this scale that can launch horizontally: the structural, and hence weight, penalties of turning a coke can on its side are surprisingly large. If this beast finds a customer to do it justice, that will be the real breakthrough.

Telecoms fail in UK takes down passport scanners in Australia

steelpillow Silver badge

Single point of failure

One lonesome data centre storing the world's passports?

Repeat after me:

"In a critical system there should be no single point of failure.

"In a critical system there should be no single point of failure.

"In a critical system there should be no single point of failure.

"In a critical system....

Oh, and by the way, if the data centre had burned down, is there even an offline backup in another location? Have they exercised the recovery scenario?

Debianistas get Jessie mass package update

steelpillow Silver badge


So, OwnCloud is "unsupportable". What's that about? I know a few corporate users who will be worried.

Leaked: The UK's secret blueprint with telcos for mass spying on internet, phones – and backdoors

steelpillow Silver badge

Who is this Mr. Mass?

So, the government want to be able to spy on named individuals, subject to the Home Secretary's personal signature on each warrant. Much like demanding that the Post Office allow them to read the mail of named suspects, even if the envelope is sealed and locked in a van. Oh, my, they can do that already, is there no hope for mankind? (Be sure to encrypt your holiday postcards, boys and girls. We recommend a onetime pad passed by a different route.) But who is this named individual, "Mass", the surveillance is targeted at? Is Mr Mass the new Mr Big, or what?

After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts

steelpillow Silver badge


Rhetorical question: so, is it easier to patch every SS7 link on the planet, or to squash rogue telcos under more and more red tape until you feel safe from blame again?

FTP becoming Forgotten Transfer Protocol as Debian turns it off

steelpillow Silver badge

Re: Filezilla

Same here. And it supports SFTP, so I can use it outside the cage, too. :)

steelpillow Silver badge


Presumably by HTTP they mean HTTPS, otherwise you have gained nothing but a wider attack ecology. What do they think is wrong with standing up SSH/SFTP?

systemd-free Devuan Linux hits version 1.0.0

steelpillow Silver badge

Re: More honest questions

@keithpeter many thanks for the links. Next Debian install I'll opt out of SystemD and trust apt to pull it back in as a MATE dependency. I don't care if some silly blob sits on my HD and does nothing, I've been doing that myself for years.

steelpillow Silver badge

More honest questions

I dumped GNOME a few years back and switched to MATE. SystemD unnerves me for reasons discussed but the old way is, to be honest, a bit clunky for the 21st century.

First, has MATE had the sense to steer clear of SystemD as a dependency?

Second, and please don't blow my head off, it's just an idea, is it practicable to fork SystemD and castrate its excesses to create a genuinely clean init subsystem?

Another ZX Spectrum modern reboot crowdfunder pops up

steelpillow Silver badge

SAM Coupé beat them all by decades

Great projects, love the look of the Next. But one fatal flaw: folks are forgetting about the very first hardware emulator, the SAM Coupé. It had built-in emulation of all the Speccy variants, using a mix of hardware and software, along with a much-enhanced SAM BASIC, equally enhanced hardware and pluggable expansion bays. Although relatively short-lived, it grew a significant fan base, several software emulators such as Sim Coupé and even now, new hardware add-ons are still appearing (e.g. www.samcoupe.com ) If you want to tap into the full fan base / talent pool, you need to recreate the Coupé. Who knows, if Bruce Gordon is still around he may be willing to help out.

Dyson backs Britain plc with $2.5bn AI and robotics investment

steelpillow Silver badge

Airblade, airfield, airware

Whenever I look at a Dyson airblade fan or hand dryer, I think of the Rockwell XVF-12 VTOL jet which had airblades in its wings - it's obvious why he has now acquired an airfield. (If only).

Bring it BACK... with MODs! Psion 5 storms great tech revival poll

steelpillow Silver badge

Go Psion!

Bought the last (only?) S5 for sale in Worcester the day it was launched. Loved it to death. Phablet + bluetooth keyboard comes almost close enough but crashes and burns on the screen and keyboard.

That letterbox display was a killer: wide and pocketable at the same time. Yes letterbox is brilliant for email and browsing and and light office stuff as well as feature films. Never mind the quality, feel the width (anybody remember?)

And the keyboard. Perfect feel, exact minimal size for decent functionality. No portable keyboard since has even come close. And to make the form factor work, it really needs to.

My ideal spec: widen it another 12 mm (same as my old cheque book, remember them?), make it 20% thinner with a modern battery, colour, WiFi+Bluetooth+4G+LTE. Sod the memory slots, that's what the cloud is for. Not rocket science, just usability.

Two words, Mozilla: SPEED! NOW! Quit fiddling and get serious

steelpillow Silver badge

Re: Classic Theme Restorer

Yet another Classic Theme Restorer user here, one of those poor old dinosaurs who actually appreciate a productive desktop.

Would be interesting to know the proportion of FF users who have installed CTR. Any FF statisticians out there?

Prepare your popcorn: Wikipedia deems the Daily Mail unreliable

steelpillow Silver badge

Reality check

Wikipedia cheerfully admits that it is unreliable and refuses to cite its own pages. Would that the Daily Mail or El Reg were so forthcoming.

There is a story that when a researcher compared Wikipedia with the Encyclopedia Britannica, they found fewer howlers, page for page, in Wikipedia. Now, where can I get that story reliably verified....


Biting the hand that feeds IT © 1998–2019