Posts by Tom Paine 2262 publicly visible posts • joined 19 Aug 2008
I haven't much to add to the excellent obit (thanks Connor), except to +1 that Security Engineering is an absolutely essential book for the shelves of anyone with even a non-professional interest in infosec; and to note that one reasonable proxy for measuring his significance might be the number of times he was involved in stories reported here on the Reg.
(Sadly and inappropriately, I can't get DuckDuckGo to do the equivalent of the chocolate factory's "site:.." flag.)
https://www.google.com/search?q=%22Ross+Anderson%22+site%3Atheregister.co.uk
In the books, Doctor Doolittle would put a brick through s police station window every now and then, because in a cell he could get peace and quiet snd settle down to write another treatise on how the Pushmipullyou defecated, or giant sea-snails as submarine transport, and so forth.
I doubt that tactic would work very well these days though.
There was a mini outbreak of such attacks in France in the first few months following the Russian invasion of Ukraine. Thd Nordstream gas pipeline sabotage happened around the same time. I saw a fair bit of speculation ftom people eho know a lit about OSINT, geopolitics and covert ops, */but not much about carrier-scale networking/*, that it was Russian-sympathasising or controlled actors. (This was before the incredible people on Bellingcat's public Discord server established that Nordstream was probably down to an independent op by a loose cannon Ukranian oligarch; see the Nordstream thread over there for far, far more than you ever wanted to know about AIS, webcams at German yacht clubs and the like.) Then again, the Hairy Ivans really *did* have people running round Paris spraying Star of David symbols around the place. Pef the NATO Handbook or Russian Information Warfare, one of their major strategies is to spread so much confusion that people give up trying to figure out what's true and what's not, and disengage from what some academics call "politics" (including caring, or even having an opinion about, anything much going on in society.)
Also important to dudtinguish minimum mission success criteria from what the team think would be realistic, assuming a successful EDL. Eg for the MERs, the criteria was (among various other things) 90 sols of operation, but they'd have been hugely disappointed if they'd died after, say, 120 sols.
Nof wanting to start a heated debate, or anything, but -- the very short lifetime (compared to the time required for sub-lightspeed interstellar travel) of unmanned spacecraft is, for me, one of the obvious showstoppers for any prospect of human travel beyond the solar system*. Yes, I know the Voyagers are coming up on 50, and Mars Odyssey and various other uncrewed machjneshave kept running longer than expected, but (a) that's without yhe gigantic overhead of providing life support that could be maintained for tens ov thousands of years -- which also implies a population size sufficient to produce replacement engineers able to not just keep things running, but to improvisecsolutions to the inevitable unexpected / major breakdowns that would inevitably occur in time. I seriously doubt we could design build launch and operate a non-trivial unmanned spacecraft designed to survive a century, let alone three orders of magnitude longer timespans.
Anyway, merry Xmas ya filthy animals!
https://youtu.be/BoLloFY_Zik?si=capt-hatstand-and-his-performing-jellyfish
The "Marscam" (VMC), which IIRC was tacked on as a last minute (light) payload purely to monitor Beagle's deployment, was an early win for the citizen space-science community. ESA accepted spacenerd demands to leave it running restart it after 3 years' dormancy, and although its not a science instrument, I'm sure I remember science results came from it at some point.
https://www.esa.int/Enabling_Support/Operations/About_the_Visual_Monitoring_Camera_VMC
I have to admit I've always been sceptical about the sample return part*. Not that it can't be done, but with,what - eight successful landers, 4 being rovers, JPL (not NASA ;) ) has a lot of experience getting there, and none at all with coming back. It's a hard problem, and it would be pretty extraordinary if the whole architecture for MSR worked all the way through, first time.
Fortunately, Mars isn't going anywhere...
*Not as much as the insane idea of landing Starship on the moon (after 16 full-stack launches, no less, before leaving LEO. It'll never work, I tell you!)
I'm still waiting for enlightenment on how that literal clown car is road legal, even in the wild and woolly US. Surely they *have* some form of mandatory testing and type approval system that requires crumple zones along with airbags, non-impaley steering wheels, bans Boadacia-style whirly knives on the wheel hubs and so on?
Despite one of the most sophisticated data control regimes in the world, the US military can't prevent this sort of thing happening again and again. Meanwhile, Acme Paperclips plc spend hundreds of thousands on DLP "solutions". And people wonder why security people either get jaded and cynical, or (even more cynically) go along with such nonsense. I suppose it gets mortgages paid...
...also inserting an undocumented control combo that, when held down, resets the whole system. Gosh, those pesky hoodie-wearing kids, what WILL they get up to next? Perhaps they'll add code to brick the whole train once the next model comes out.
I suspect the problem there is a lack of suitable hard points for latches to, uh, latch onto. That said, it's a great idea for future science missions where the instruments could produce useful data for many decades as long as they're pointed accurately - fly a spacecraft bus designed from the getgo to eject the science instruments, comms, control systems etc for pickup by an independent, hot-swappable pointing and thrusting unit...
Hmmm, I don't remember ever hearing or seeing that concept before. This IS the internet, right? (What year is it? **Who's the President??** )
I have a strong suspicion that, even allowing for the beer mat doodle idea of mounting the Starship landing thrusters half way up, the huge mass of the thing will mean landing will kick up so much dust that the risk of serious damage will be too high -- even if they do figure out a way to get it to stay upright after touchdown, and assuming they can scope out a large enough flat area to avoid craters or rocks and land there without a big X target to aim at, *and* work out a way for it to take off again without a flame pit. (Which they won't.) The whole "Starship on the moon" idea was obvious, ahem, lunacy from the start, and I still can't understand what possessed NASA to go for it.
(Am I right that the first landing attempt will have a crew on board?)
Captain Pedant here.... Zero Day *vulnerability* - yes, that's a thing. But it makes no sense to use the expression for exploit code for a known vulnerability, presumably to imply that no blame should attach to an org popped by an exploit that hasn't been seen before, even if the vulnerability it attacks was known to the vendor and a fix or patch was available. Poppycock and bafflegab! Sig based IDS, EOR, AV and so on don't only look for the sigs of doecifuc exploit code, but for specific byte sequences that trigger the vulnerability, *whatever* the code that produces it looks like. Polymorphic malware is hardly new! If a patch was available but hadn't been applied, it's the victim who left themselves vulnerable. (OK there's wiggle room because it legit takes time to apply patches to prod systems; though figuring out how many corners to cut to get it done, depending on value of assets, probability of attack, risk if the update goes wrong, etc, is what risk management is for.)
JWST has indeed had several good hard stares at the exoplanets in the Trappist system. There's a Twitter* bot that just announces what it's observing.
Edit - just had a look to check the ac name (@jwstObservations) and as it happens it's observing Trappist-1 as I type. https://twitter.com/JWSTObservation/status/1597927843870261249?t=dzUJJFg9ld-_PzLwETMiWg&s=19
* (presumably soon to migrate to Mastodon along with everyone else who feels queasy giving and and comfort to the new Nazi-friendly regime over there. I'm still lurking but no longer interacting or tweeting, fwiw.)
Liquid hydrogen takes up too much space and hasn't the energy density to get anywhere near jet-A and the like. Absent an entirely unexpected breakthrough in battery technology - well, physics trumps technology, so It's either 'sustainable aviation fuels' (problematic in their own right) or we need to pack in 95% of mass aviation. Or the earth is doomed. My money's on doomed, TBPH.
.
I've been on plenty on/in online commumities that went south before - Slashdot and Full Disclosure, UMSF,.. but they all withered slowly on the vine, rather than going out with a bang. Today's mass goodbyes, REM filks, Toy Story 3 memes and the like is making me genuinely sad. Truly, you don't jnow what you've got until a gimp aquires it. (Register: please, never ever do that to us. You're the last place standing from the 90s.)
It's also where the precise model of missile was first publicly identified (and reliably attributed to Ukraine, as Russia apparently don't operate that specific variant) by 11pm, roughly 12h before that news broke 3lsewhere. (@UAweapons, if you're into that sort of bang-bang trainspotting.)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
