* Posts by Wim Ton

86 publicly visible posts • joined 24 Oct 2008

Page:

Debugging source is even harder when you can't stop laughing at it

Wim Ton

A colleague demonstrated a program inadvertently built with the debug warnings on. With a little-used menu, a warning "malloc first, you d*khead!" popped up. The customer (who was reasonably IT savvy) took it with a laugh.

Google splurging cash on UK offices to lure staffers back from the kitchen table

Wim Ton

Re: Outdoor workspaces

In Switzerland, a place with a roof is considered "indoor" for the Covid policy. Walls are not required.

Wim Ton

Re: Draconian?

Not exactly. The consequences for the baby when you catch Covid during pregnancy are worse than the rare side effects of the vaccination. In Switzerland, pregnant women are advised to get vaccinate for that reason.

Wim Ton
Headmaster

Re: Draconian?

In the old days, a test for TB was mandatory for teaching job.

£42k for a top-class software engineer? It's no wonder uni research teams can't recruit

Wim Ton

Decimation is a common process in digital signal processing. In general, it means "throwing away at least half of the samples". Depending in the sample rate and the bandwidth of the signal of interest.

Aircraft can't land safely due to interference with upcoming 5G C-band broadband service

Wim Ton
Thumb Up

Re: Frequency allocation

Done!

Wim Ton

Frequency allocation

I did not see aircraft altitude meters as an application in the C-band: https://en.wikipedia.org/wiki/C_band_(IEEE).

Cisco requires COVID-19 shots for all US staff – even remote workers

Wim Ton

Re: Get rid of the religious exemption.

Rebelling just for the sake of rebelling is more something for a 2 year old.

Hitting underground pipes and cables costs the UK £2.4bn a year. We need a data platform for that, says government

Wim Ton

The Netherlands have this as part of the land register for a long time. (Kabel en Leiding Informatie Centrum KLIC)

Still prone to errors: a draftsman told me he forgot a bit of a 20" water pipe in the corner of the map. Needless to say, that was the spot that was dug into with a huge fountain as a result.

A housemate had a holyday job with a digging firm. Near an airbase he encountered some cables that where not on his maps. He phoned and asked: "are these cables yours"? Answer: "We don't know, we won't tell and it is a secret anyway" "OK, so you are fine if I cut them?".Within minutes the military police arrived.

What do you mean you gave the boss THAT version of the report? Oh, ****ing ****balls

Wim Ton
Coat

A colleague inadvertently demonstrated a debug build to a customer. On a little used menu option, a message window popped up: "Malloc first, you d*khead!"

I'm diabetic. I'd rather risk my shared health data being stolen than a double amputation

Wim Ton

Re: (and doing what with it?)

AFAIK, the NHS cannot refuse to insure you based on your medical condition. Same in Switzerland and the Netherlands for the basic package.

Xero, Slack suffer outages just as Let's Encrypt root cert expiry downs other websites, services

Wim Ton

It is a business model for commercial CAs, they can sell you a new certificate every 2 or 3 years.

Furthermore, it is NIST folklore that keys must be changed at least every 2 years (preferably more frequent)

PwnedPiper vulns have potential to turn Swisslog's PTS hospital products into Swiss cheese, says Armis

Wim Ton
FAIL

How did it pass QA in the first place?

Hijacked, rampaging infrastructure will kill humans by 2025 – Gartner

Wim Ton

Re: Another SF prophecy clanks into life

Also worth reading: "Daemon" by Daniel Suarez and of course "Click here to kill everybody" by Bruce Schneier.

G7 nations call out Russia for harbouring ransomware crims ahead of Biden-Putin powwow

Wim Ton
Pirate

It sounds like Russia is reusing the concept of privateers, this time in cyberspace instead of on the high sees. (Obvious icon)

The AN0M fake secure chat app may have been too clever for its own good

Wim Ton

Re: How long ?

I first thought you referred to Switzerland.

US nuclear weapon bunker security secrets spill from online flashcards since 2013

Wim Ton
Holmes

Re: Really?

Never attribute to malice that can be attributed to stupidity.

Remember those wacky cyberpunk costumes in Hackers? They're on display in London this week

Wim Ton
FAIL

Re: Capsizing oil tankers via software

There was an accident of an oil tanker breaking in 2. The crew only unloaded the middle tanks, and the ship was not designed for such a bending force. Apparently, the warning software has a Norwegian UI, which was not understood by the Korean crew.

Imagine your data center backup generator kicks in during power outage ... and catches fire. Well, it happened

Wim Ton
Flame

Re: The weird part isn't the generator fire - shit happens.

My brother had a fire on his ship. Unfortunately, the cable from the emergency generator passed through the main machine room that was on fire. In the end he has to use a hand cranked emergency emergency generator.

Holes patched in Russian segment of the ISS though pesky pressure loss continues

Wim Ton
Flame

If the cracks exceed a "critical crack length" they can grow explosively. Proper pressure vessel design ensures "leak before break", as an early warning mechanism.

Imperva pretty adamant that security analytics aggregator product Sonar is not 'one dashboard to rule them all'

Wim Ton
Mushroom

The workings of Orlando Bravo.

https://mattstoller.substack.com/p/how-to-get-rich-sabotaging-nuclear

Someone tried to poison a Florida city by hijacking its water treatment plant via TeamViewer, says sheriff

Wim Ton
Stop

Re: @ The cur ... For the love of the wee man

For the use case of making status information remotely accessible, there exists a brutal device: the "data diode".

SolarWinds releases known attack timeline, new data suggests hackers may have done a dummy run last year

Wim Ton

Signed updates

Just curious: were the updates digitally signed?

How to leak data via Wi-Fi when there's no Wi-Fi chip: Boffin turns memory bus into covert data transmitter

Wim Ton
Big Brother

Re: Maybe Typewriters should make a comeback

The KGB performed some nice hacks on electric typewriters. And don't forget the dispose of the ribbon securely!

Wim Ton
Big Brother

Re: Better computer cases?

In the old days there existed special TEMPEST proof cases; with extra filters on all IO, finger stock to close the lid very well. To be sure, the Ethernet ran over glass fiber cables.

For every disastrous rebrand, there is an IT person trying to steer away from the precipice

Wim Ton
FAIL

Re: Oh yes...

I remember a case where page 10 and page 40 of the specification (all signed off) said the exact opposite, 3 man-months of work difference. Discovering this did not benefit my career.

H2? Oh! New water-splitting technique pushes progress of green hydrogen

Wim Ton
Flame

Hindenburg?

Forget Terminators, says US military, the next-gen AI battles will hinge upon net infrastructure, not killer robots

Wim Ton

<sarcasm>Isn't the current US government a satire?</sarcasm>

An Internet of Trouble lies ahead as root certificates begin to expire en masse, warns security researcher

Wim Ton

Re: Simple solution

For this reason we operate an own PKI. With the browsers restrictions on end certificates, customers have the risk of devices bricking themselves when stored too long.

Wim Ton
Go

Simple solution

That is why my companies' IoT products' certificates are valid to 31-12-9999. Our customers would be very upset if communication would suddenly cease.

Oh, and they are valid from 1-1-1970 to handle the case of the clock not set due to an empty battery.

A real loch mess: Navy larks sunk by a truculent torpedo

Wim Ton
FAIL

Re: At least the O-ring wasn't frozen this time...

Another O ring story: I worked for an oilwell service company. The instruments were housed in steel (or titanium) tubes, joined with union nuts. All the instruments had 2 60 mm O-rings to seal the joint, except one joint on one instrument used a 59 mm O-ring.

One day the inevitable happened, the 2 sized were swapped (they are hard to distinguish visually). Everything went fine till about 3 km below the surface. Then the signal disappeared. When retreiving the instruments, they were filled with water and all transistors and relays were completely flattened by the 300 bar pressure.

It is unclear why something designed to pump fuel into a car needs an ad-spewing computer strapped to it, but here we are

Wim Ton
FAIL

Re: "paymant cared"

Probably, the software contract was awarded to the lowest bidder from India.

It's time to track people's smartphones to ensure they self-isolate during this global pandemic, says WHO boffin

Wim Ton
Coat

Re: But I don't have a so-called "smart" phone.

Are you allowed to leave the house without a mobile phone?

What do a Lenovo touch pad, an HP camera and Dell Wi-Fi have in common? They'll swallow any old firmware, legit or saddled with malware

Wim Ton

Re: Reality

You only need to check a signature when activating an update, in which case a few seconds more or less hardly matter. After that, a CRC is fine to check for memory errors. Yes, I know you can change the FW to fit the CRC, but if you can change the memory you can also completely disable the check.

What's the German word for stalling technology rollouts over health fears? Cos that plus 5G equals Switzerland

Wim Ton
Trollface

<sarcasm>It is a well known fact that only the radiation of devices that you buy yourself is harmless</sarcasm>

Internet of crap (encryption): IoT gear generates easy-to-crack keys

Wim Ton

Re: The embedded gear is often based on very low-power hardware

That is why we (as an IoT manufacturer) inject externally generated key pairs during personalization. We use one of the Gemalto boxes as RNG.

Accept certain inalienable truths: Prices will rise, politicians will philander... And US voting machines will be physically insecure

Wim Ton

Why tamper with the voting machines

In the USA the fraud starts before the election; changing district boundaries to optimize voter distribution for the ruling party a.k.a. Gerrymandering.

Preventing voters that may vote for the wrong party from registering.

You go that way, we'll go Huawei: China Computer Federation kicks back at IEEE in tit-for-tat spat

Wim Ton

Re: Yay more standards

How about Switzerland? They are home to some international organizations already.

Enough about me, why do you hate Kaspersky so much? Revealed: Insp Clouseau-esque bid to smear critics as shills

Wim Ton

Jamal Khashoggi was murdered in Turkey.

Security storm brewing for Oracle Java-powered smart cards: More than a dirty dozen flaws found, fixes... er, any fixes?

Wim Ton

"a malicious applet has to be loaded into the card" Most Java Cards need a signature from the "issuer domain" to load an applet.

Jeez, what a Huawei to go: Now US senators want Chinese kit ripped out of national leccy grid

Wim Ton

Re: what?

Grid operators require remote control of large PV installations. However, if a miscreant manages to suddenly add or remove about 30 MW in a limited area, he could cause serious instability, up to a black out.,

Germany tells America to verpissen off over Huawei 5G cyber-Sicherheitsbedenken

Wim Ton

Re: I've asked the same old question time and time again.

If they would tell, they would give away too much information about their own capabilities.

Reliable system was so reliable, no one noticed its licence had expired... until it was too late

Wim Ton

Re: Remember Y2K?

If you wan to save memory space, you use a byte for the year. That would even outlast the *nix roll over.

Between you, me and that dodgy-looking USB: A little bit of paranoia never hurt anyone

Wim Ton
Mushroom

Re: USB bricker?

Stick the suspicious device in a cheap hub. Frying a 10£ hub is preferred to frying a motherboard.

Dutch cops hope to cuff 'hundreds' of suspects after snatching server, snooping on 250,000+ encrypted chat texts

Wim Ton

Re: "End-to-end encryption" isn't?

Depends how you define "end" :-)

Nikola Tesla's greatest challenge: He could measure electricity but not stupidity

Wim Ton

More scientists on banknote.

A previous generation of Swiss banknotes had Euler and Bernouilly on them.

https://en.wikipedia.org/wiki/Leonhard_Euler

https://en.wikipedia.org/wiki/Daniel_Bernoulli

who both wear wigs :-)

Dear America: Want secure elections? Stick to pen and paper for ballots, experts urge

Wim Ton

In the US, the fraud takes place before the election: meddling with district boundaries and trying to exclude people that could vote for the wrong candidate.

Ugh, of course Germany trounces Blighty for cyber security salaries

Wim Ton

Re: Switzerland

The parliament watered down the result of the referendum enough to avoid economic damage and to avoid to annoy the EU.

Fridge killed my baby? Mag-field radiation from household stuff 'boosts miscarriage risk'

Wim Ton

Re: MF - EMF

According to Wikipedia, the earth magnetic field is between 250 and 650 mG.

Admitted, rather constant.

We need to talk about mathematical backdoors in encryption algorithms

Wim Ton

Re: Layered encryption

The other reason was, that it was not known at the time if DES was a group, so encrypting 3 times with 3 different keys would be equivalent to encrypting once with a different key.

Page: