* Posts by Eugene Crosser

255 publicly visible posts • joined 20 Oct 2007


Elon is the bakery owner swearing in the street about Yelp critics canceling him

Eugene Crosser

I have little sympathy of Musk's way to dealing with his latest purchase. But regardless, saying that "freedom of speech means that government cannot tell people what they can and cannot say" is a misdirection. The principle was conceived in the times when nobody except government could enforce censorship. This principle works when the venue for the public discourse is a town square, funded by local taxes.

In this day and age though, when we collectively handed the "venue for the public discourse" to businesses, that are financed by advertises, it means that advertisers decide what can and what cannot be publicly said. Yes, it's not a limitation of the freedom of speech in the narrow legal sense: it's not the government that does the limiting. But the result is still the same: there is somebody who decides what it "OK" to say in public, and what is "not OK".

As long as the "venue for the public discourse" is a business, there cannot be true freedom of speech on that platform. (Even if it is funded by member subscription, it will be prone to the "dictatorship of the majority".)

(For the record, I've never had a twitter, or facebook, for that matter, account.)

You get the internet you deserve

Eugene Crosser

And this is why using ad blockers is a Morally Right Thing

No ad revenue - no incentive for _them_ to try attract views.

Right? Right?

Trees may help power your next electric car

Eugene Crosser

Cathodes or anodes?

> lignin just makes great cathodes

> to turn lignin into a hard-carbon material called Lignode, which will be used as the anode material

> anode entirely sourced from European raw materials.

> Northvolt said it will [...] produce more than 100GWh of cathode material

So, cathodes or anodes?

Moscow to issue HTTPS certs to Russian websites

Eugene Crosser

Re: Snooping? No.

Well, if they have control over the browser (a.k.a. the client is compromised), all bets are off. They don't need to bother about issuing any special certificates then.

Eugene Crosser

Snooping? No.

> As a bonus for Putin, it's rather easy for Kremlin spies to intercept, decrypt, and snoop on connections encrypted using certificates issued by the government. The more websites using Moscow-issued certs, the more connections Putin's agents can quietly monitor.

This is not how it works.

Having a CA under your control allows you to create a shadow site that browsers won't be able to tell from the original. It does not allow you to eavesdrop. Private keys are confined to the communicating parties, CAs never see them.

T-Mobile US figuring out international roaming on 5G

Eugene Crosser


... scenarios where international users don't want to connect to snooping public Wi-Fi networks, and prefer to seamlessly switch over 5G networks instead.

... and let cellular operator snoop on them instead.

Finally! A solution to 42 – the Answer to the Ultimate Question of Life, The Universe, and Everything

Eugene Crosser

Re: Disturbing

> a coat is a poor substitute for a towel!

I request and demand that our El Reg overlords provide us with a towel icon!

Looming EU copyright rules – tackling Google news article scraping, installing upload filters – under fire from all sides

Eugene Crosser
Eugene Crosser

It's safe to kick a dead horse

Nobody likes Google (this side of Atlantic, anyway). It's easy to rally against someone who is rich.

But neither politicians nor journalists dare to point their collective finger at those who are, under the current legislation, the real criminals here: those millions of uses who share content that they forbidden to share.

Is it because that's too hard to tackle them? Is it because that would make you rather unpopular among your readers/electorate? Or is it because the concept of "intellectual property", the way it is legislated now, does not sit well with the society at large?..

LG: Fsck everything, we're doing 16 lenses in smartphones (probably)

Eugene Crosser

Abstruse Goose | Camera Crazy


Elders of internet hash out standards to grant encrypted message security for world+dog

Eugene Crosser


- A private messaging protocol kind of covers the same use case as SMTP. So it can be used as a replacement (because there is no obvious way to protect metadata in SMTP).

- While metadata in SMTP is in the open, contents of the messages can be OpenPGP or S/MIME and thus protected.

Oldest swinger in town, Slackware, notches up a quarter of a century

Eugene Crosser

Good(?) old days...

I installed Slackware some time after SLS ceased to exist, and I got tired of rebuilding gcc and libc from the sources. I vaguely recall being a little grumpy about those fancy colour (cyan?) installation screens.

Eventually becoming a sucker for fancy cutting edge desktop environments, I jumped ship when Slackware dropped Gnome when it became dependent on dbus (if memory serves), and Patrick refused to succumb. In retrospect, he was probably right: it was dbus that paved the way for systemd. We still used Slackware on the servers in production at least until 2007 when I left that company, and they probably continued to use it for a while after that. Maybe even until now.

British egg producers saddened by Google salad emoji update

Eugene Crosser


As our online (and offline) world becomes more complex and grim, emoji designers are creating the kind of beautiful utopia we can only dream about.

Is the world where salad does not include eggs, and officers of law are armed with water pistols a utopia?

US websites block netizens in Europe: Why are they ghosting EU? It's not you, it's GDPR

Eugene Crosser

Re: Overreach

It's basically more rights for you, more obligations for them.

Your rights are worthless when they decide that it's easier to withdraw that to fulfil their obligations.

Informed consent is actually a good part, I have nothing against it.

But the "right to be forgotten" means the companies are back to the 90's w.r.t. data storage technologies: no (true) event sourcing, no blockchain. Data has to be mutable, and as a consequence, less reliable. All for the goal of "unlearning" information, that is theoretically unachievable.

Eugene Crosser

Re: Overreach

The principle of an EU citizen owning their data is a solid base.

The principle of an EU citizen owning their data means an EU citizen has the right decide what to do with their data. Including shipping it wholesale to any evil US or Chinese megacorp.

In this case however, the EU parliament says: "No, it up to us to decide what you can and what you cannot do with your personal data". Not cool.

Eugene Crosser

Re: Overreach

you have to take into account the purpose of the legislation

The road to hell is paved with good intentions. Purpose is not an excuse for idiotic implementation. "Right to be forgotten", please! If I committed your personal data to memory, will I have to undergo brain surgery when you request to be forgotten? The very idea is mind-bogglingly stupid.

Legal tech startup tries to haul 123-Reg to court over 24-hour backup claims

Eugene Crosser

Re: 24-hour backup...

Schrodinger's Backup: "The condition of any backup is unknown until a restore is attempted."

source: https://twitter.com/tessschrodinger/status/534042916264873984?lang=en

Ubuntu wants to slurp PCs' vital statistics – even location – with new desktop installs

Eugene Crosser

How it should have been handled

This is one time operation, after fresh install, right?

Instead of a stored "opt in/out" preference, it should be implemented as a window displayed at the end of install, saying "Are you OK if this information is sent to Canonical? That would help to improve Ubuntu", and showing all the data to be sent. That would look honest, and won't trigger false privacy invasion alarms.

IBM's chief diversity officer knows too much and must be stopped!

Eugene Crosser

Without any irony whatever, IBM's complaint notes...


Oh, and to IBM's credit, I've worked with a few female colleagues there who where very good engineers. Not a frequent occasion in most companies.

OK, Google: Why does Chromecast clobber Wi-Fi connections?

Eugene Crosser

MDNS just a _trigger_ for a router problem

> It should be noted that the router vendors' fixes are mitigations while the world waits for Google to patch Cast

This does not seem to be the case. A hundred thousand packet burst is an "unfriendly" behavior, good neighbours should not do that. But it may happen for a number of reasons, and network devices ought to be able to deal with it gracefully. Drop packets - OK. "Shut down some of router's primary functions" - not OK.

Devs see red after not seeing Big Red on Stack Overflow database poll

Eugene Crosser
Thumb Up

Re: Forget Oracle

Moving most of services on my personal systems from MariaDB to SQLite is one of my New Year resolutions. Definitely deserves higher visibility.

IETF protects privacy and helps net neutrality with DNS over HTTPS

Eugene Crosser

Re: Now this would be a great idea...

What @Charles 9 said, plus DNSSEC unfortunately only guarantees non-repudiation, but no secrecy. So it stays open to data harvesting (user profiling and surveillance), and to blocking on per-domain level (that governments love to do).

On the other hand, tunneling DNS in a TLS session is only practical when you already have a persistent connection, otherwise latency will be unbearable. And that means, this approach only works inside the browser, when you are looking at a website with lots of external links, to resolve these links. Meaning, all the surveillance that your ISP or government did on you is moved to Google and Facebook.

Whether this is a good or bad thing is up to you to decide.

British snoops at GCHQ knew FBI was going to arrest Marcus Hutchins

Eugene Crosser

Special Relationship

Pretty much like here:

The Sandbaggers S01E07 Special Relationship

Eugene Crosser


Well, this may sound like tinfoil hat talk, but it actually starts to look like one of two things:

  • Spooks (US or British) need to coerce him to do some job for them, or
  • They want to teach him (and maybe others) a lesson after he'd refused to do some job for them.

It looks like all they have against him is the old blog post, some code from which was found in Kronos (which is no surprise), his tongue-in-the-cheek remark that "selling it would be illegal", and his visit to the shooting range. And as in the US this nonsense can get you in jail for many years, so it had to be on the US soil to be a convincing threat. Easy bail conditions that he got speak for the first option.

Eugene Crosser

Re: Rules

>Nice set of rules you're teaching there guys

Spooks (like any governmental organisation) fear the competition much more than the opposition...

Linux kernel hardeners Grsecurity sue open source's Bruce Perens

Eugene Crosser

Re: Seems fine to me

>isn't refusing future service within Grsecurity's rights since any business can refuse future service to anyone for any reason?

IANAL, but it looks to me that when they make non-redistribution the condition of continued business, they do impose restrictions to the redistribution rights. By giving a "fair warning", they make it obvious. If they stopped the service without warning, the client would have to prove that denial to continue service was a response to re-distribution, and that would be the evidence of additional restrictions.

In my eyes, this is not much different from, for example, a state saying: "you have the right to free speech, but if you execute this right, you will be denied of health service in the future".

DeepMind says it's given AI an imagination. Let's take a closer look at that

Eugene Crosser


>DeepMind says it's given AI an imagination.

Nah, it's imagining it.

Russia, China vow to kill off VPNs, Tor browser

Eugene Crosser

Re: Resist with crowdfunded RPNs...

>Is it feasible to develop a communications device that is visibly discrete, can be easily setup (or is signal-homing once directed approximately), can connect to multiple nodes, detects if a previously-established/trusted connection has been intercepted, and can present the link as an IP network?


Eugene Crosser

Re: Will The UK Follow Their Lead ???

> I highly doubt western companies would allow "their" government to implement such VPN bans.

Note that that rules are designed to not harm businesses, western or Russian: they can implement censorship and then it is OK to use the VPN.

Still seems pretty difficult (read: impossible) to enforce such a rule as long as VPN servers can be hosted at big cloud providers' infrastructure.

Tech giants flash Russia their code blueprints in exchange for access

Eugene Crosser
Thumb Up

If security of their products rely on secrecy of the source code, they have a bigger problem that Russian spies. I'd say, it's a good thing if it at least somewhat incentives them to go and clean up their source code.

The internet may well be the root cause of today's problems… but not in the way you think

Eugene Crosser

Good and clever, until you stumble upon something..

Can we please have some journalists who are capable of analysis, but are not as blatantly partisan as this:

There are large groups of people in the United States who believe a range of views that are clearly and obviously wrong: dinosaurs existed at the same time as Jesus; there is no such thing as climate change; people's sexuality is some kind of deity-imposed punishment; anyone should be allowed to buy a gun.

No? Oh...

Highly available? Of course you are. But did you download DRBD?

Eugene Crosser
Thumb Up


Was building HA fileservers back in about 2004 (or so). The driver was a bit unstable for our heavy load (for the time), and I had quite back and forth with the guys reporting bugs and testing the fixes. Wonderful guys to work with, very responsive and diligent. I ended up with rock solid setup that was running on dozens of servers for many years henceforth, never gave us any trouble. Quite refreshing after flaky propitiatory HA "solutions".

Very pleased to hear about their success!

Boffins name 12 new types of cloud in first Cloud Atlas since 1986

Eugene Crosser


There was at least one other Cloud Atlas published in 2004...

BOAR-ZILLA stalks Fukushima's dead zone

Eugene Crosser

"...picked up radiation doses that make them a very dangerous meal."

Where is Lewis Page to challenge this claim?!

(Yes I know he is not with The Reg anymore.)

One IP address, multiple SSL sites? Beating the great IPv4 squeeze

Eugene Crosser

Re: Thumbs up, but have to respectfully disagree with some things

> A) I'm sorry, NAT has a purpose. That purpose is renumbering. SO I'm not listening to anything else you have to say about IPv6. Your opinions are now invalid.

Renumbering, yeah... I guess it should be possible to do IPv6 NAT for that, which would just rewrite the prefix, without touching the port. It will be easier to implement, more robust (because stateless), and work for port-less protocols without any special arrangements. Still have to deal with the packets that have addresses in the payload (like ICMPv6 Destination Unreachable etc.), but much less ugly than IPv4 NAT mess. Did not check if a standard exists.

> B) You don't have to have one certificate with all the domains on your server using my method. Only one certificate per server {} block. Each server {} block gets it's own cert and you can have multiple server {} blocks point to a single backend server, if you want.

I really fell behind on this one.

Eugene Crosser

Thumbs up, but have to respectfully disagree with some things

> ...the real barrier to adoption is that consumer-facing ISPs in many parts of the world still aren't handing out IPv6 addresses to subscribers.

Indeed. For some reason, this fact is often overlooked, while other less important obstacles are undeservedly highlighted.

> NAT breaks the end-to-end model obsession that is responsible for most of the horrible things about IPv6.

As long as you consider withdrawal from NAT addiction to be the most horrible thing about IPv6...

> NAT is a fantastic means horribly hacky way of plopping an entire network down behind a single IP address and making individual servers behind that IP available on different ports.

And it is only possible because the original design accidentally overbooked for the port namespace, and underbooked for the address namespace.

(Perhaps, the concept of classless subnetting should have been extended to include the port part... Though dealing with ICMP and other non-TCP-or-UDP protocols would be tricky. And it is too late anyway.)

> cd ~/letsencrypt DOMAINS="-d example.com -d www.example.com" /root/letsencrypt/letsencrypt_gen

Except you will have to use one certificate for all domains hosted on your server. Which kind of defeats the purpose of TLS, at least in part.

There have been suggestions to make it possible to pass the `host` indication before the TLS handshake, but none of them took off, to the best of my knowledge.

IPv6 vulnerable to fragmentation attacks that threaten core internet routers

Eugene Crosser


The article goes to some length to explain what are atomic fragments, but does not emphasize enough the DoS mechanism in play here. Specifically, according to the RFC, the practice of blindly dropping IPv6 packets with extension headers is so widespread, that if an attacker ticks the victim into producing such packets, it will have disruptive effect.

Idiot millennials are saving credit card PINs on their mobile phones

Eugene Crosser

Re: Encryption?


I keep all my passwords (couple hundred I think) and pins (a dozen) on the phone, encrypted under master password in OISafe. 55.

Millenials, you are saying...

Why Tim Cook is wrong: A privacy advocate's view

Eugene Crosser

Not exactly a "design flaw"

> What appears to be involved is a design flaw.

Not so much a design flaw, as a hardware deficiency of an older iPhone model, i.e. lack of "Secure enclave" in the model in question. This guy provides a very plausible analysis.

Router configurations suck (power out of mobile devices, that is)

Eugene Crosser

> Does this mean I would have to wait and average of 4.25 (worst case 8.5) minutes before my phone can connect to a new network?


When a device connects to a network, it may, and usually do, send "router solicitation" multicast packet, to which the router(s) respond with "router advertisement" instantly. "Gratuitous" RAs are there to ensure that things are eventually corrected if the process did not work first time.

Canonical and Spain's BQ team to put Ubuntu on a tablet

Eugene Crosser

Right direction, wrong choices.

I am definitely the target audience for this sort of device. I currently carry an x200 series ThinkPad with me (and use an old-school deskside box at home). I want my next "luggable" computer to be a tablet running a full Linux distro, accompanied by a BT keyboard/mouse.

But it will definitely not be this one. It is specced as a cheap Android tablet. To be useful as a "portable workstation" it must have no less than 250 Gb of storage. To be useful as a tablet, it must have GPS. If Android-specced hardware was acceptable for me, why would I want a BQ when I can get a Nexus or a Z tablet and install Ubuntu there?

Learn you Func Prog on five minute quick!

Eugene Crosser

currying and partial application are largely orthogonal

At least in Haskell parlance, currying and uncurrying is conversion between a function that takes an argument of a product type (typically a tuple) and a function that takes multiple arguments of the types of elements of that product type

uncurried_func :: (Hight, Weight) -> HoleSize

curried_func :: Hight -> Weight -> HoleSize

The only connection to partial application is that you need a function with multiple arguments, so if your original function was uncurried, you will need to curry it before you can use it for partial application.

Anyone using M-DISC to archive snaps?

Eugene Crosser

Never on the shelf, always live.

Take it from someone who's been there for a long time.

As others mentioned, it's not the durability of the media, it's the mere existence of the technology. By the time you need to read the archive, you find that there is no compatible hardware anywhere but in a museum.

On the other hand, when it's on a NAS plus in the "cloud", you are forced to keep up with progress. When the NAS gives ghost, you'll have to get a current piece of tech, and restore all your data there. When the cloud provider dies you'll have to move to a new one.

Just make sure that you keep three copies "normally", and no less than two during the migration.

'Wipe everything clean ... Join us ...' Creepy poem turns up in logs of 30 million-ish servers

Eugene Crosser

X-Clacks-Overhead anyone?

I wonder if they checked how many of the responses contained the "GNU Terry Pratchett" message. (They did get one from my server...)

Cyber-terror: How real is the threat? Squirrels are more of a danger

Eugene Crosser

A little more than a month passed, and ...

--Cyber Attacks Allegedly Targeted Power Stations in Ukraine

(January 1 & 4, 2016)

A cyber attack last month in Ukraine caused a significant portion of the

country's power grid to go offline. The SANS Industrial Control System

(ICS) team has obtained a sample of the malware allegedly used in the



-- SANS NewsBites Vol. 18 Num. 001

Google wants to add 'not encrypted' warnings to Gmail

Eugene Crosser

Yeah, right.

Rather than fussing about largely useless TLS SMTP, Google ought to make better effort to support PGP in its webmail client.

The internet's Middle East problem: Who is going to do something about Whois?

Eugene Crosser


I think ICANN chaps are doing their job marvellously. They are keeping layers and politicians (and journalists) debating with them, and getting angry at them, and demanding change, while the Internet chugs quietly behind, unscathed.

Perhaps the AIpocalypse isn't imminent – if Google Translate is anything to go by, that is

Eugene Crosser

They are on it

The robots, the algos, unrestrained aren't about to take all our jobs. Simply because they're not yet very good at doing things which we humans do without much effort, which is to distinguish between different potential meanings of words and put them into context on the fly.

This project strives to solve exactly this problem. Not yet there, but...

Bruce Schneier: 'We're in early years of a cyber arms race'

Eugene Crosser

I think Schneier was mixing with generals and politicians a bit too much lately. All that talk about nation states, military and police... "Cyber-enemy" is border-less. And the defence ought to be border-less. And actually, it already is, in case not everyone noticed. Attempt to bring in national interests and national forces to the discussion is just a desperate attempt by the said generals and politicians to stay relevant.

Eugene Crosser

Re: @1980s_coder

> Until they turn the electricity off.

And leave "them" without the battlefield? They won't, where's the fun in that?