* Posts by Paul Hovnanian

1286 posts • joined 16 Mar 2008


Beware the fresh Windows XP install: Failure awaits you all with nasty, big, pointy teeth

Paul Hovnanian Silver badge

Distribution switch cabinet

We had a substation (115 kV to 12kV) go down coincident with a fire in a 12 kV switch cabinet down the road a ways. The linemen inspecting the wreckage located the remains of two very well done rats. Theory was that rats could jump onto and off of the bare bus bars with no problems. But when one saw his buddy passing by on an adjacent phase, they decided to touch noses. The resulting arc conducted enough current (and the individual circuit breakers were mis-coordinated) so that the high side fuses blew first and took out several square miles of power downtown.

After huffing and puffing for years, US senators unveil law to blow the encryption house down with police backdoors

Paul Hovnanian Silver badge

"In theory they could make non-USGov approved encryption software illegal"

So they have an apparently random bit stream. What is it and (assuming its a cryptogram) how was it encrypted? Is it on the approved list or not? And who has the keys? A smart operator could be exchanging poetry with an associate overseas. By the time the government has found the service provider/key escrow agent (necessary components of a 'legal' back doored system) they have made enough noise to alert the user that this channel has been compromised. And all they got was some prose about a man from Nantucket.

If enough people send messages back and forth with legal but non-TLA friendly interfaces, law enforcement will expend enough resources and make enough noise to render their intelligence gathering efforts useless. Microsoft (and its ilk) have built law enforcement APIs into their systems that, following the (electronic) delivery of a warrant, will provide instantaneous access to the requested message decryptions. Not so much for that mom and pop ISP that I use. Where Old Joe will have to rummage through a box of backup tapes in his shed to recover what has been requested.

US Department of Defense releases list of firms allegedly linked to the Chinese Army. Surprise surprise, Huawei makes an appearance

Paul Hovnanian Silver badge

Re: The Reg might note however


As opposed to a kekistocracy?

Huawei going to predict the future? Nope, say company leaders when asked about Joe Biden winning US election

Paul Hovnanian Silver badge

Best bet...

... is to watch Biden's pick for VP very closely. That's who is going to end up running the show.

Paul Hovnanian Silver badge

Re: Biden hardly gets a mention here in the UK

"If I was Biden's campaign manager I'd tell him to just say and do as little as possible"

That's what the (left leaning) mainstream media is doing as well. Biden walks up to the podium and starts a sentence. Then the network cuts over to a commentator to summarize his speech. So we won't have to watch him start to ramble.

Paul Hovnanian Silver badge

Re: Biden hardly gets a mention here in the UK

We can write in Bernie.

The girl with the dragnet tattoo: How a TV news clip, Insta snaps, a glimpse of a tat and a T-shirt sold on Etsy led FBI to alleged cop car arsonist

Paul Hovnanian Silver badge

Re: Police cars rest easier

"What I'm wondering is why the three letter agencies can't use investigation techniques like this to find terrorists"

I'm afraid that our law enforcement agencies just aren't equipped to do those sorts of analysis on an ongoing basis.

845GB of racy dating app records exposed to entire internet via leaky AWS buckets

Paul Hovnanian Silver badge

Re: "vpnMentor suspects the nine services share a common developer"

Stack Overflow copypasta strikes again.

After IBM axed its face-recog tech, the rest of the dominoes fell like a house of cards: Amazon and now Microsoft. Checkmate

Paul Hovnanian Silver badge

Re: Re:FR for the 'Chelsea Flower Show'

"it would give the largely white priveleged middle and upper class attendees a taste of what it's like to be under oppressive and intrusive surveillance."

Not so much. I may be wrong, but I doubt many attendees at the Chelsea Flower show will even notice its use. I may be showing my bias, but I doubt there are that many on the police BOLO (be on look out) lists at that event.

On this side of the pond, in spite of local and state restrictions on FR and ANPR, its the fed's TLAs that use it quite a bit. But in most cases, they don't trigger immediate apprehensions of suspects by either local or federal agencies. It's more for intelligence gathering. So those subject to the surveillance may never know.

Paul Hovnanian Silver badge

Re: Not quite equivalent

The Chinese have solved this problem, according to a few sources. So halt US development of this technology and their head start will be insurmountable.

'One rule for me, another for them' is all well and good until it sinks the entire company's ability to receive emails

Paul Hovnanian Silver badge

Re: Good riddance

Isn't this where the art of the ambiguous employee reference comes in handy?

"You will be lucky to get this individual to work for you."

They've only gone and bloody done it! NASA, SpaceX send two fellas off to the International Space Station

Paul Hovnanian Silver badge

Re: Perfect

"... suspicious loss of picture"

That's due to interference with the comm link caused by the booster exhaust. Or a poor edit when they switch to the Playmobil model video.

Linux-loving Windows 10 May 2020 Update squeaks in with days to spare before June

Paul Hovnanian Silver badge

Linux Loving?

"If you love something, set it free. If it doesn't come back, hunt it down and kill it."

- Anon.

Not going Huawei just yet: UK ministers reportedly rethinking pledge to kick Chinese firm out of telco networks by 2023

Paul Hovnanian Silver badge

At this point ...

... it might be easier to get the United States out of your systems. Perhaps not easier right now. But in the long run.

Galaxy S20 security is already old hat as Samsung launches new safety silicon

Paul Hovnanian Silver badge

Re: Anoonymous

"as long as they don't know who it belongs to"

It belongs to the individual whose biometric signature locked away inside matches.

[Hides chopped off digit of original owner as authorities close in.]

Chicago: Why I just grin like a dork... It's my kind of Bork

Paul Hovnanian Silver badge

So, when exactly ...

... does the next bus to SQL STATE arrive?

You can't have it both ways: Anti-coronavirus masks may thwart our creepy face-recog cameras, London cops admit

Paul Hovnanian Silver badge

Chinese technology ...

... won't work. All you Caucasians look alike.

Don't trust deep-learning algos to touch up medical scans: Boffins warn 'highly unstable' tech leads to bad diagnoses

Paul Hovnanian Silver badge

Re: What the fucketty-fuck?

"They are using AI systems to alter images?"

That made me think of the Google Deep Dream program. This takes an image or video, applies recognition to it based upon its training and searches for features that it thinks it sees. It then takes the original and modifies it slightly to make it conform to what it thought it saw. Do this iteratively and the program has quite the, umm, imagination.

And no. I don't think I'd want my oncologist examining my x-rays with whatever that computer must have been high on..

Driveway karaoke singer who wanted to lift lockdown spirits cops council noise complaint

Paul Hovnanian Silver badge


I suppose this will put a stop to my Der Ring des Nibelungen sidewalk performance.

It is unclear why something designed to pump fuel into a car needs an ad-spewing computer strapped to it, but here we are

Paul Hovnanian Silver badge

Re: I hated the pump ads...

Now there's an idea: Tesla ads on the fuel pump.

Sweet TCAS! We can make airliners go up-diddly-up whenever we want, say infosec researchers

Paul Hovnanian Silver badge

Re: But how?

"777s were grounded when their fuel gauges errored after the Gimli Glider Air Canada incident"

It was a 767. I don't think they were grounded, since the FQIS (Fuel Quantity Indication System) problem was already known and a manual work-around existed. Checking the fuel level with a dip stick. The whole running out of fuel incident occurred because of mis-calculations on the part of the flight and ground crews and other procedural problems.

You can get a mechanical keyboard for £45. But should you? We pulled an Aukey KM-G6 out of the bargain bin

Paul Hovnanian Silver badge

Re: So?

I hope that steampunk keyboard is coffee-proof. Because it's going to need it when you open your credit card bill.

Wakey-wakey! A quarter of IT pros only get 3-4 hours' kip – and you won't believe what's being touted as the 'solution'

Paul Hovnanian Silver badge

What is 'the cloud'?

It's basically hardware in a data center rack someplace plus a cookie-cutter O/S with basic tools (DBMS, web server, etc.). In my experience, these components have been the least of my worries when it comes to keeping me up at night. Most of the nightmares occur in the higher application levels. The one caveat to this is that many of these application level problems occur when someone (other than myself) takes it upon themselves to upgrade the lower level stuff, breaking my applications. And I get little or no say in the planning of that upgrade. Now I have to drop everything and test (and perhaps patch) against a new version.

I lose a lot less sleep with my own hardware and my own systems that I can manage on my own schedule. Even the data center isn't a panacea. One of the worst outages I witnessed in one of my enterprise app was when the data center people hired a bunch of contract techs to come in and clean up abandoned network cabling under the server room raised floor. Next thing we knew, production servers were dropping off line as they merrily went to work with their diagonal cutters.

Nine million logs of Brits' road journeys spill onto the internet from password-less number-plate camera dashboard

Paul Hovnanian Silver badge

Re: Ah yes, a 'fine'...

"You can't easily go to another council."

In the short term, probably not. But if people are deciding whether to move in (or out), this sort of behavio(u)r might weigh on their decision. Same holds true of businesses deciding where to open offices or production facilities.

Europe publishes draft rules for coronavirus contact-tracing app development, on a relaxed schedule

Paul Hovnanian Silver badge

Re: Meanwhile in the UK...

"rigorous enough to be identifying the majority of COVID-19 infections in a quick enough time"

And we are not likely to get that sort of coverage within a useful period of time. The best national coverage to date is Iceland, at 10% (the denominator is low). In a country with a sizable population, testing capacity will have to be huge since periodic retesting will have to be done. Last week, I may have tested negative. But since then, someone coughed in my face.

A more reasonable goal would be to test across a random sample of the population. A large enough sample to be statistically meaningful for epidemiological studies. But set aside the unreasonable goal of testing and retesting even a significant fraction of the population. The statistics will give the authorities what they need to know to lift travel bans and open up businesses while keeping an eye on the disease spread. All that will be needed is to pry a certain amount of the test capacity away from the VIPs.

And finally, the long term outcome of this pandemic is that practically everyone will get the disease. A few will die. Others will be immune or asymptomatic. Some will get a nasty cough and fever. Some of these will require hospitalization and maybe an ICU. But they will recover. All that needs to happen is to keep the treatment rate at a low enough rate so the number of cases at any time doesn't overwhelm the system until a vaccine is developed. Then, testing will no longer matter, as it will be treated much the same as a flu shot. Everyone gets one.

Stack Overflow banishes belligerent blather with bespoke bot – but will it work?

Paul Hovnanian Silver badge

Perhaps ...

... this will lead people to a much more high brow and subtle form of insults. Skills for which many past orators and writers were known and admired. But this will require a better command of languages for which Stack Overflow users have little expertise.

Washington state governor green-lights facial-recog law championed by... guess who: Yep, hometown hero Microsoft

Paul Hovnanian Silver badge
Big Brother

Address the issues up front

It's better that they propose legislation regulating the technology now than waiting for some police departments to deploy it as they want. And then have the privacy advocates try to fight it after the fact.

It's 2020 and hackers are still hijacking Windows PCs by exploiting font parser security holes. No patch, either

Paul Hovnanian Silver badge

Re: "a miscreant can include a malformed multi-master font in a document"

But in real operating systems the e-mail client, browser or any other applications run with the permissions granted to the user that runs them. And if configured properly, users (other than admin, root, etc.) don't have permission to mess with kernel data and trusted binaries.

Paul Hovnanian Silver badge

Re: Aaaaaah, yes. Another security hole in Windows.

"Note: Microsoft says it's C++'s fault."

It's a poor workman that blames his tools.

Remember that blurry first-ever photo of a black hole? Turns out snaps like that can tell us a lot about these matter-gobbling voids

Paul Hovnanian Silver badge

Re: Perhaps someone can explain something to dumb old me.

"how fast does gravity propagate"

In a static situation, gravity doesn't propagate. It's just bent space. When one removes or adds some mass, the change in that bend propagates at the speed of light. Much as a wave travels along the surface of a pond.

Paul Hovnanian Silver badge

Re: how fast does gravity propagate

"but then what *is* it about matter that escapes the black hole?"

The matter inside the black hole distorts the space around it. This distortion isn't dependent on the motion of a particle, so it isn't constrained by the speed of light or an event horizon.

All roads lead to Bork in Kansas as Windows puts on a show for motorists

Paul Hovnanian Silver badge

Is this ...

... the new Linux advertising campaign?

Closed source? Pull the other one... We love open source, but not enough to share code for our own app, says GitHub

Paul Hovnanian Silver badge

"So i guess this is aimed primarily at iPad Pros?"

That's still iOS, isn't it? Are there even decent development tool chains that run on that system? Never mind the developer-unfriendly interface.

Not exactly the kind of housekeeping you want when it means the hotel's server uptime is scrubbed clean

Paul Hovnanian Silver badge

Re: Who was really at fault?

Forget the hand-written warning sign. What they needed was to hang the standard 'Do Not Disturb' card on the doorknob. They have procedures in place to skip these rooms without incurring penalties.

Want to own a bit of Concorde? Got £750k burning a hole in your pocket? We have just the thing

Paul Hovnanian Silver badge

Repurpose into collectable pieces of furniture

Fastest lawn chair on my block.

I heard somebody say: Burn baby, burn – server inferno!

Paul Hovnanian Silver badge

Not the server room, but ...

... I used to work in an office that was maintained at 82 to 84 °F (28 °C). According to management, this was set "to save money on air conditioning costs". During the summer it was pure misery. During the winter it was sort of odd. But we assumed that the heat load in the building (people, lighting, computers, etc.) was so high that it just kept the building hot.

Then, we had the Nisqually Earthquake in the middle of winter. Operations were shut down for a week. When we finally did return to work, the building started out at 62 °F and warmed up to 68 °F by the end of the day. Pretty comfy. I asked one of the facilities guys what was up. It seems that they could not restart the gas fired boilers until a thorough inspection was conducted. So, no heat. Yeah, but what about the typical 82 °F? "We are not to touch the thermostat setting. Management edict due to air conditioning costs." But during the winter? You could put the AC setpoint at 82 °F and the heating setpoint at 66 °F. Turns out, the thermostat was too old to have two setpoints. And during the summer, it wasn't just delaying the AC from coming on, it was heating the building. But you couldn't tell the boss that. He was the kind of guy who would get red-faced and fly into a rage if someone challenged his edicts. And that included not going to the hardware store and picking up a new thermostat just to work around his orders.

It's Terpin time: Bloke who was SIM jacked twice by Bitcoin thieves gets green light to sue telco for millions

Paul Hovnanian Silver badge

After the first time ....

... my SIM got swiped, I'd clear all of the important stuff off my phone and out of any cloud backup servers.

Actually, this isn't correct. I wouldn't go walking around in public with $24 million in a wallet sticking invitingly out of the back pocket of my pants.

Shipping is so insecure we could have driven off in an oil rig, says Pen Test Partners

Paul Hovnanian Silver badge

It will be fine

So long as the front doesn't fall off.

NBD: A popular HTTP-fetching npm code library used by 48,000 other modules retires, no more updates coming

Paul Hovnanian Silver badge

Re: New is not always better

Won't someone please think of all of the CS PhD candidates who are submitting new languages (or redefining old ones) for their thesis?

Oh ****... Sudo has a 'make anyone root' bug that needs to be patched – if you're unlucky enough to enable pwfeedback

Paul Hovnanian Silver badge


... was implemented (poorly) to shut up a bunch of users who couldn't deal with password entries not echoing anything. This was the behavior of terminal based utilities since the first days of Unix. Part of the reasoning was that echoing anything back (like an asterisk) could allow a shoulder surfer to count the number of characters in one's password, making attacks easier. So patch requests were addressed with a WONTFIX. But the whining continued. And this is what we got.

If you cry long and hard enough, you can even get systemd.

Your mobile network broke the law by selling location data and may be fined millions... or maybe not, shrugs FCC

Paul Hovnanian Silver badge

Pssst, Vladimir.

Want to buy a list of people who pull into the CIA parking lot every morning at 8:45?

Artful prankster creates Google Maps traffic jams by walking a cartful of old phones around Berlin

Paul Hovnanian Silver badge

99 phones

All reporting a location within a few feet of each other? Maybe a bus. Or the biggest traffic accident Berlin has seen in some time.

So you locked your backups away for years, huh? Allow me to introduce my colleagues, Brute, Force and Ignorance

Paul Hovnanian Silver badge

We had an old Sun 'pizza box' workstation at Boeing that died. Just short of its weekly backup. I was walking by as the IT guy was explaining 'stiction' to the poor user, who was not thrilled with having to re-do a week's worth of work. I stepped up and said, "Well, there's nothing to be lost." Picked up the box, flipped on the power switch and gave the whole thing a violent twisting jerk. The disk spun up and I suggested that they run the backup right now.

Clunk, whirr, buzz, whine. Shared office space can be a riot and sounds like one too

Paul Hovnanian Silver badge

Re: Sometimes

Also known as a banjo mute.

WebAssembly: Key to a high-performance web, or ideal for malware? Reg speaks to co-designer Andreas Rossberg

Paul Hovnanian Silver badge

I predict ...

... that the only things which will benefit from the performance boost are the ads. I can turn JavaScript on and off right now and barely detect the difference in the function of many web pages. What really takes a hit is the advertisements popping up in front of the content I was trying to see.

You're not Boeing to believe this: Yet another show-stopping software bug found in ill-fated 737 Max airplanes

Paul Hovnanian Silver badge

"Boeing had just added code to allow the two flight computers to talk to each other – previously they operated independently." [italics are mine]

I suspect that this is at the core of the MCAS fix. And if it was the case that the FCs originally didn't have a communications link, this is a MAJOR software change. As anyone who has done asynchronous comms programming knows, getting the handshaking straight between two boxes is a non trivial exercise. Particularly if the underlying O/S and hardware was never originally spec'd to handle the kind of process preemption and interrupt handling needed.

Linux in 2020: 27.8 million lines of code in the kernel, 1.3 million in systemd

Paul Hovnanian Silver badge

Re: "It solves a problem that people have."

"One thing I can think of that systemd does that sysv didn't is "status management" where if a service dies, it will be restarted."

Look at the respawn option in inittab

One of the (many) things that I don't like about systemd is that it's authors seemed to have blundered ahead blindly, claiming that some utility or other "can't do that" without even reading TFM to find out that it in fact can.

Microsoft: Oh Christmas Tree, Oh Christmas Tree, my PowerShell has gone RC

Paul Hovnanian Silver badge

Re: Santa is not an elf!

Is he an a.out?

UK cops lost nearly twice as much of their own tech kit this year, says thinktank

Paul Hovnanian Silver badge

Re: What're the odds

"The three forces that haven't been included"

We would have audited them. But they could not be located.

Deadly 737 Max jets no longer a Boeing concern – for now: Production suspended after biz runs out of parking space

Paul Hovnanian Silver badge

"vs not having MCAS at all"

It's possible that the FAA won't let Boeing do that, short of re-designing the MAX's aerodynamics to make it inherently stable. Boeing, of course, will be pushing for a simpler software and training fix at this point. No third AoA sensor and related FC computer and certainly no changes to aerodynamic surfaces, engine cowlings, etc. The problem with the current design, to use an automobile analogy, is that it handles (in pitch) like a car with bald tires and bad front end alignment without the automated correction system (MCAS). And the FAA might not accept such a bad stability situation, even with pilot training. I'd like to be a fly on the wall in the Boeing/FAA discussions on this topic.



Biting the hand that feeds IT © 1998–2020