* Posts by Tom Paine

2231 publicly visible posts • joined 19 Aug 2008

NASA geeks code new tricks to model rocket plumes and avoid a lunar dust-up

Tom Paine


I have a strong suspicion that, even allowing for the beer mat doodle idea of mounting the Starship landing thrusters half way up, the huge mass of the thing will mean landing will kick up so much dust that the risk of serious damage will be too high -- even if they do figure out a way to get it to stay upright after touchdown, and assuming they can scope out a large enough flat area to avoid craters or rocks and land there without a big X target to aim at, *and* work out a way for it to take off again without a flame pit. (Which they won't.) The whole "Starship on the moon" idea was obvious, ahem, lunacy from the start, and I still can't understand what possessed NASA to go for it.

(Am I right that the first landing attempt will have a crew on board?)

Musk tells advertisers to 'go f**k' themselves as $44B X gamble spirals into chaos

Tom Paine

Anyone remember the great Charlie Sheen meltdown of 2011?

This is better.

4,000 days of Curiosity: Rover still 'strong' despite worn joints, vision issues

Tom Paine


Was it really? Wow, how time flies.

North Korea's Lazarus Group upgrades its main malware

Tom Paine

Re: Why not share the source code?

May I gently suggest that some slightly deeper, more imaginative wondering might provide you with the answer?

Rackspace blames ransomware woes on zero-day attack

Tom Paine

"Zero day exploit"?

Captain Pedant here.... Zero Day *vulnerability* - yes, that's a thing. But it makes no sense to use the expression for exploit code for a known vulnerability, presumably to imply that no blame should attach to an org popped by an exploit that hasn't been seen before, even if the vulnerability it attacks was known to the vendor and a fix or patch was available. Poppycock and bafflegab! Sig based IDS, EOR, AV and so on don't only look for the sigs of doecifuc exploit code, but for specific byte sequences that trigger the vulnerability, *whatever* the code that produces it looks like. Polymorphic malware is hardly new! If a patch was available but hadn't been applied, it's the victim who left themselves vulnerable. (OK there's wiggle room because it legit takes time to apply patches to prod systems; though figuring out how many corners to cut to get it done, depending on value of assets, probability of attack, risk if the update goes wrong, etc, is what risk management is for.)

JWST snaps first chemical profile of an exoplanet atmosphere

Tom Paine


JWST has indeed had several good hard stares at the exoplanets in the Trappist system. There's a Twitter* bot that just announces what it's observing.

Edit - just had a look to check the ac name (@jwstObservations) and as it happens it's observing Trappist-1 as I type. https://twitter.com/JWSTObservation/status/1597927843870261249?t=dzUJJFg9ld-_PzLwETMiWg&s=19

* (presumably soon to migrate to Mastodon along with everyone else who feels queasy giving and and comfort to the new Nazi-friendly regime over there. I'm still lurking but no longer interacting or tweeting, fwiw.)

Rolls-Royce, EasyJet fire up first hydrogen-fueled jet engine

Tom Paine

No. Problem!

Liquid hydrogen takes up too much space and hasn't the energy density to get anywhere near jet-A and the like. Absent an entirely unexpected breakthrough in battery technology - well, physics trumps technology, so It's either 'sustainable aviation fuels' (problematic in their own right) or we need to pack in 95% of mass aviation. Or the earth is doomed. My money's on doomed, TBPH.


NASA awards $60m to Texas biz for 3D printing future Moon base

Tom Paine


$10m a year for six years? Sure, that oughta do it.

World's richest man posts memes as $44b Twitter acquisition veers off course

Tom Paine


I've been on plenty on/in online commumities that went south before - Slashdot and Full Disclosure, UMSF,.. but they all withered slowly on the vine, rather than going out with a bang. Today's mass goodbyes, REM filks, Toy Story 3 memes and the like is making me genuinely sad. Truly, you don't jnow what you've got until a gimp aquires it. (Register: please, never ever do that to us. You're the last place standing from the 90s.)

Tesla reports two more fatal Autopilot accidents to the NHTSA

Tom Paine

Autonomous cars

And this is a perfect illustration of why the fully autonomous general purpose cars hype from 5 years or so back was never going to amount to anything. Just like AI, it was never anything but marketing BS and techno-utopianism.

Tom Paine

Re: Another goat?

Well, up to a point. What's the point ANY automated control system if you have to keep your hands (and feet) on the controls and attention on the road and other traffic around you?

Worried about your datacenter carbon footprint? Why not put it in orbit?

Tom Paine

Re: Low carbon?

Not that it isn't a ridiculous idea, but actually radiative cooling is a long-established technology for spacecraft, crewed and otherwise.

Tom Paine

Why not?

Because it's a lunatic idea, for at least half a dozen very obvious reasons.

Elon Musk issues ultimatum to Twitter staff: Go hardcore or go home

Tom Paine

Re: Waste El-Reg Space

It's also where the precise model of missile was first publicly identified (and reliably attributed to Ukraine, as Russia apparently don't operate that specific variant) by 11pm, roughly 12h before that news broke 3lsewhere. (@UAweapons, if you're into that sort of bang-bang trainspotting.)

Tom Paine

Re: Easy choice Elon

Correct, but those aren't the people getting kicked off. Instead, out-and-out Nazis are being welcomed back.

RIP: Kathleen Booth, the inventor of assembly language

Tom Paine
Thumb Up

Excellent obit

...and the first, and so far only, mention I've seen of Booth or her work. Thanks, Registrarians.

SpaceX reportedly fed up with providing free Starlink to Ukraine

Tom Paine

Just an observation

https://twitter.com/MacaesBruno/status/1579500448226357250?t=HzPmx8dzsRtNvJrf_JOudg&s=19 ...

How Wi-Fi spy drones snooped on financial firm

Tom Paine

Re: I think we're reaching a point...

Amen. So glad I'd bailed out of infosec just before the first lockdown. My guess is that the opportunities that various bad actors took advantage of (from mass remote working) have only just started to show up in public.

Morgan Stanley fined $35m after hard drives sold with customer info still on them

Tom Paine

Re: Data destruction is fun!

Ahhh, so they were looking fof the HDs then. Interesting....

Tom Paine

Re: Haven't they seen Mr Robot

I once spent a relaxing afternoon verifying a few crates of old HDs were indeed going through a manually operated device rather like an inverted axle jack. Slow, but very thorough.

Tom Paine

(MS have been owned by JPMorgan since the 2008 crash, though AFAIK they're relatively independent organisations below the levels in thd JPM buildings where you need an oxygen mask to survive.)

By Jove! Jupiter to make closest approach to Earth in 70 years next Monday

Tom Paine

Re: Maybe its just me

Well, to be fair they're great for outreach - Dobson was the original, sidewalk astronomer, as well coming up with the design that bears his name.


Tom Paine

Couple of points for inexperienced skywatchers

1. Jupiter is the very bright "star" currently visible in the east / south east sky in late evening, say 9pm - midnight. (It's still visible of the rest of the night, of course, but I assume most here are tucked up in bed dreaming of optimised data sharding strategies or router configurations at that time of night.)

2. The amateur pic does indeed show the what can be achieved with a relatively high-end hobbiest telescope these days, but the levels of light pollution, airborne dust and of course clouds and haze gave a huge effect. You won't get an image like that from a back garden in a huilt-up area, no matter how expensive your gear :)

Uber explains how it was pwned this month, points finger at Lapsus$ gang

Tom Paine

Re: PR Checklist

Ta-da! Matt Blaze ftw.


Tom Paine

Re: Denying an MFA request

I'm a bit out of the loop, but are these MFA systems just "someone tried to login to your account, wax if you? [Y/N]" if so, serves em right for believing vendor BS -- or just not caring. Even a 6 digit code sent by SMS would be more secure than Y / N.

Your job was probably outsourced for exactly the reason you suspected

Tom Paine

Re: Welcome to

"Gouging" seems to be what I was taught as supply and demand in A level economics.

Tom Paine

It me!

...though the cunning plan to get my boss promotion by saving money by replacing expensive me (snr security bod) in central London with a group of nice, but highly inexperienced 20-year olds in Manila on £16k didn't work out too well... I heard he was sacked six months after I was made redundant. Which was, well, not much consolation TBPH.

SpaceX crewed flight to ISS delayed by damaged rocket

Tom Paine

Re: Unfortunately

There were some awesome close escapes. STS-93, with the ice cool Eileen Collins commanding, is jy fave - just pipping Young/Crippen flyingbre-entry manually, with the aft lift flap wrecked by overpressure when the SRBs fired af launch.

Note: the low fuel level auto engine cutout just before MECO was due to a fuel leak; the auto shutdown was there because LOx turbopumps go explodey when they suddenly find they're ducking vacuum rather ggan cryogenic liquefied gases. Buf that's just the icing on the cake after the massive failures at launch... enjoy.

Have to say this recording always chokes me up a bit, because everyone you hear knows the entire crew might die at any moment.


We've got a photocopier and it can copy anything

Tom Paine

Re: That's so stupid...

Found it - nicked it - spent it.

Tom Paine

Re: Don't know if it's just that my coffee hasn't kicked in yet...

Professor Donald Trefusis approves that message.

Elon Musk had secret twins in 2021 with Neuralink exec

Tom Paine

Re: Population collapse....

Paid for by... Marxism?

Tom Paine


The man has a diseased mind.

British intelligence recycles old argument for thwarting strong encryption: Think of the children!

Tom Paine

Just like ID cards...

...and AI, it's an idea that comes around every 15 years or so.

Belgian defence ministry admits attackers accessed its computer network by exploiting Log4j vulnerability

Tom Paine


This, plus the generally cynical disinterest in security at most orgs*, is one of the main reasons I burned out after 20y in the trade.

* the ones prepared to employ me, anyway; obvious risk of sample bias... tho the list of employer logos branded onto my flesh includes some huge and systemically significant orgs. US mega bank, .org handling thousands of public and private sector megacorps’ data, fin servs big wheels.

Tom Paine

Ggl “red Molotov more complicated”.

Tom Paine

Re: And that would precisely *not* work

When it comes to Infosec, very little works in the modern world.

Tom Paine

Re: And that would precisely *not* work

For some value of “few”.

Tom Paine

Re: Old school.

It’s not the everyday people’s fault; it’s their management and their org’s Board of directors.

Tom Paine

What makes you think there IS a solution?



Tom Paine

Agile hasn’t helped security, but don’t kid yourself that finding a new methodology - or reverting to waterfall or wtvr - would solve the problem.

Tom Paine

Old man talking, gather round

Apart from refs to agile, Rust and so on, Every comment above could have been found on a bug related Reg story 20 years ago.

The attack marks the first occasion that a NATO country's defence ministry has fallen victim to the flaws.

Yeah, well, that’s just your opinion, man. And “...as far as we know”.


NATO have been pwned many, many times before. (Hint: NATO is not, *itself*, a military org. No, really, it’s not. Surprised me, too.)

Veteran vulture Andrew Orlowski is offski after 19 years at The Register

Tom Paine


...for forcing me to go read the actual science of climatology so that I /knew/ the denialist BS was BS, rather than merely strongly suspecting it.

I stopped reading El Reg for, what, 5? 6? years because it was so enraging. Delighted to find the new-old-Reg doesn't make me want to take bite out of my coffee mug any more.

PS ...but bring back the "Integrity? We've heard of it" and "YOUR PC is broken and I'VE got a problem?" schwag!

UK Ministry of Justice secures HVAC systems 'protected' by passwordless Wi-Fi after Register tipoff

Tom Paine

Re: This is the fault of whoever installed it

Lowest bid? This is public sector procurement we’re talking about...

What you need to know about Microsoft Windows 11: It will run Android apps

Tom Paine

Re: Windows

I've been up-votong comments like this for what seems like decades. Wait.. it IS decades!

Shit I'm old. Still, it's nice to see CDE living on, in a manner of speaking.

Tom Paine

Re: Windows

How old are they?! AIUI TPM has been mandatory since Vista. Those desktops almost certainly have it; it's just not enabled in the BIOS or whatever the cool kids call it these days.

Facebook CEO puts picture of himself wearing too much sunscreen on new board

Tom Paine

Thats a thing?

Too much salad, I mean sun cream? Whenever I feel lazy and go out without it I remember a bloke down my local with a literal hole in his head (he likes to whip his sunbhat off to show it around) resulting from skin cancer prob due to time in the forces spent in various sunny locales.

Space Force turtle expert uncovers $1.2m Cape Canaveral cocaine haul

Tom Paine

"shouty nose sherbet" - v gd!

"Turtley unaffected" - well over the line; I shall be writing to my MP about this outrage!

NCSC chief: Ransomware is more of a threat to Britain than hostile nations' spies

Tom Paine

Ooh, 512 bit security, where can I buy one of those?

Cuffed: Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops

Tom Paine

So you could say it's a case of...

...Clop clipped?

(I am so very sorry)