* Posts by Duncan Macdonald

803 posts • joined 20 Mar 2009

Page:

US cybersecurity agency issues super-rare emergency directive to patch Windows Server flaw ASAP

Duncan Macdonald Silver badge
FAIL

How many ?

Despite the directive how many US government servers will still be unpatched at the end of the year ?

Icon for the US government ================>

Tencent in talks for 'longterm solution' to WeChat mess as injunction keeps the app alive

Duncan Macdonald Silver badge

Hopefully Nov 3rd will resolve the problem

If the Americans show a bit of intelligence and vote Trump out of office then most of his Executive Orders will be voided in January.

Up from the depths, 864 servers inside, covered in slime, it's Natick!

Duncan Macdonald Silver badge
Joke

Getting ready for Skynet

If the servers are in places that humans cannot easily reach then Skynet has a better chance of outlasting pesky humans.

Nvidia to acquire Arm for $40bn, promises to keep its licensing business alive

Duncan Macdonald Silver badge
Joke

Re: I see perpetual lawsuits

Please don't insult scumbags by comparing them to lawyers !!!

Forget Terminators, says US military, the next-gen AI battles will hinge upon net infrastructure, not killer robots

Duncan Macdonald Silver badge
Mushroom

Why wage war ?

There is at the moment only 2 large powers - the USA and China. If you look at the US Debt Clock (https://www.usdebtclock.org/ ) especially the amount of unfunded liabilities (over $154 trillion and currently rising at over $15 million per minute!!), it is difficult to see the US staying as a major power. Sooner or later the US will go the same way as the USSR - economic collapse. If the human race is very lucky then the US President when that happens will not be as stupid as the current one and will not launch nukes.

When the US collapses, it will take down the world financial structure - only China has a chance of weathering the storm.

China at the moment is propping up the US by accepting Treasury Bills that they know may become worthless, the reason - China wants to be self sufficient before the collapse occurs.

Icon for what could happen ==========================>

Classy move: C++ 20 wins final approval in ISO technical ballot, formal publication expected by end of year

Duncan Macdonald Silver badge

Re: Is C++ becoming too large and complex?

AGREED

The biggest problem with C++ is that it is too easy to make "write only code" ie code that no one except the author understands. The overloading of operators often makes it difficult to read a routine and understand it without reading the whole source (including all included files). With more contained languages (FORTRAN, C, BASIC etc) a subroutine could normally be understood on its own without needing to read thousands of lines in other routines. (When Z=X+Y; can mean anything from a simple addition of two numbers to merging two arrays depending on the types of X, Y and Z following the source gets difficult.) In my opinion a well written program is one that another programmer can easily take over without relying on external documentation. C++ makes it too easy to write programs that no one except the author can understand. (Sometimes even the original author can not understand the program!!!)

Snowden was right: US court deems NSA bulk phone-call snooping illegal, possibly unconstitutional, and probably pointless anyway

Duncan Macdonald Silver badge
Black Helicopters

Re: What is the point of the court ruling ?

The NSA has probably got enough blackmail evidence to ensure that it continues unfettered by law or decency.

"Hey Senator XYZ are you going to do as the NSA wants or are we going to release the evidence of you having underage sex ? "

Why cloud costs get out of control: Too much lift and shift, and pricing that is 'screwy and broken'

Duncan Macdonald Silver badge
Unhappy

Cloud is expensive

There are very few good reasons for using the cloud (aka other peoples computers)

1) Short term peak (3 months or under)

2) Providing a web service when a firms own internet connection is inadequate for the load

3) Keeping development staff well away from production systems

4) Temporary production run while own servers are out of action

For almost all other use cases, it will be cheaper to use own hardware. Try pricing the cost of a cloud service vs the cost of on site hardware before using any cloud service - you may be surprised at how few months it takes before the on site hardware is cheaper.

Other reasons for NOT using the cloud

1) Most cloud systems are owned by US companies - the US Cloud act allows the US government to access any data on the at will without notifying the data owner. For any company in the EU (and also in the UK if it continues to follow GPDR) this can lead to it being exposed to heavy penalties if personal data is exposed.

2) As all too many companies have shown it is far to easy to configure cloud storage security incorrectly leading to release of confidential information. This can again lead to GDPR penalties along with the other costs from the leaked data.

Icon for cloud users =========================>

Sounds like the black helicopters have come for us. Oh, just another swarm of FAA-approved Amazon delivery drones

Duncan Macdonald Silver badge

Re: "And it carried out a fully automated remote landing on an even larger plane, "

Fully automated landings have been possible on large aircraft for years - see the Wiki entry for Autoland (https://en.wikipedia.org/wiki/Autoland).

Intel, HP, Tesla, etc protest to US monopoly watchdog: Are you just gonna let Qualcomm patent-tax us to death?

Duncan Macdonald Silver badge
Mushroom

Really expensive - NOT

There was a previous article (on CNET) that said that Apple was paying $7.50 per iPhone for Qualcomm modems - ie a royalty rate of under 1% (on a device with a 40% net profit margin).

If Qualcomm was charging the rate that Apple charges in its app store - 30% - then the complainers might have a reasonable case but at under 1% it is hardly an exorbitant rate, (It is far less than Apple wanted for rounded corners!!!)

Be very afraid! British Army might scrap battle tanks for keyboard warriors – report

Duncan Macdonald Silver badge

Re: A battle tank is still cheaper than going to battle

For the UK however the prospect of it being in a land battle where MBTs would be of use is remote to say the least. A MBT in the UK is going to take weeks to get to the site of any battlefront by which time the battle will already have been decided. An A-10, Apache or equivalent can reach any potential battlefield in Europe in one day from the UK.

Duncan Macdonald Silver badge
Mushroom

Tanks are just targets without air cover

Any MBT can be taken out by an A-10 or attack helicopter. Without air cover, a MBT will not last on a modern battlefield. Look at what happened to Iraq's tanks once the allied air forces had air superiority. MBT's are useful for intimidating civilians once the battle has been won or going up against an enemy that has no air support but otherwise are just good ways of getting soldiers burnt to death.

All current MBTs have much thinner armor on the rear (as there is a limit to the practical weight of a tank) - the chaingun of an A-10 can chew through it - reactive armor is not much use against this gun. Many current anti-tank missiles are capable of seeking out and attacking the rear of a tank with dual stage warheads to defeat reactive armor - and these missiles can be launched from well beyond the range of the gun of a MBT.

A MBT is the modern equivalent of a battleship - a large fat target that can be easily destroyed by the right weapons - no navy has built a battleship since WW2 and there is not much point in building MBTs now.

Icon for what happens to a MBT on the battlefield without air cover.

If you want to hijack widely used JavaScript packages, try phishing for devs through these DMARC-shaped holes in key Node.js domains

Duncan Macdonald Silver badge
Stop

Use a non-web email client

A good non-web email client (like Thunderbird) that includes a view source (including all headers) capability makes it much easier to tell fakes from real messages. (I have received several messages purporting to be from TV licensing - but with an origin address ending in .jp it was obvious that they were fakes.) Web based email often lacks this important feature.

A bridge too far: Passengers on Sydney's new ferries would get 'their heads knocked off' on upper deck, say politicos

Duncan Macdonald Silver badge
Joke

Make use of the problem

Label the upper deck - POLITICIANS ONLY

50%+ of our office seats are going remote, say majority of surveyed Register readers. Hi security, bye on-prem

Duncan Macdonald Silver badge
Unhappy

Loss of human contact

With people working from home, they have far less human contact. This may not seem a bad thing in the short term - however many people marry others that they meet at work or pubs near to work. For many single people this is going to result in a far smaller pool of people at potential mates.

Another effect of the loss of human contact is feelings of isolation leading to depression. There is also the inability to escape annoying children/spouse/pets etc. Penny pinching bookkeepers may not count these costs but they will be felt by their workers and over time will result in a loss of productivity and higher staff turnover. People also tend to feel very little loyalty to bosses (and co-workers) that they never see or talk to.

Many years ago (I think it was in the 1960's) IBM did a study on the most productive office size. They found that 4 man offices were the most productive - large offices tended to have too many disruptions and single offices made it difficult to maintain focus on work. Working from home combines both of these problems - disruptions from others in the house and difficulty in maintaining focus.

Many companies will end up finding that working from home will cost them far more than their savings in office costs.

Money talks as Chinese chip foundries lure TSMC staff with massive salaries to fix the Middle Kingdom's tech gap

Duncan Macdonald Silver badge

Re: Just remember

Given the trading relationships and the Taiwanese investments in China and the huge tourist travel between China and Taiwan, it would seem that Taiwan acts to a large extent as part of China (economically if not actually ruled by China).

Duncan Macdonald Silver badge
Unhappy

Hopefully 2020 not 2024

I do not want the USA to collapse during my lifetime and I am not sure that it could survive another 4 years of the orange turnip.

Texas jury: Apple on the hook for half a billion dollars after infringing 4G LTE patents

Duncan Macdonald Silver badge

It is about time

that a failed appeal results in a doubling of the penalty. This might discourage the appeal,appeal again,appeal again tactic that Apple and many others use to delay payouts.

We spent way too long on this Microsoft, Intel, Adobe, SAP, Red Hat Patch Tuesday article. Just click on it, pretend to read it, apply updates

Duncan Macdonald Silver badge

The best fix for Adobe Reader

Is to use Evince instead. If all you want from Reader is to be able to read PDF files then Evince will do the job nicely. (Unfortunately Evince is not suitable for interactive PDF documents.) I have both on my system and Adobe Reader is only used 2 or 3 times a year to handle interactive PDF files.

If Adobe Reader is not run then the bugs in it are far less important.

What happens when holes perfect for spyware are found in the engine room of millions of Qualcomm-based phones? Let's find out

Duncan Macdonald Silver badge

Re: Why do us customers bother?

ARM CPUs seem to be more secure than Intel (admittedly not a difficult target). The DSP is an additional device in the SoC - and even there the problem does not seem to be in the hardware but in the poorly coded Qualcomm driver. Even a perfectly secure bit of hardware can be compromised by a faulty driver.

One thing that all too few companies realise is that it takes a different skill set to write low level software (OS and drivers) than to write application level code. Bugs in applications are far more easily patched and normally only affect the user of the application whereas OS and driver bugs affect every user of the device and are more difficult to patch. Because competent low level programmers are scarce and cost more than an Indian sweatshop programmer many companies do not use them resulting in problems like this.

(For a good example of the difference between good OS code and typical applications - look at the RSX-11 source code (available on the web) and the source of an application like GIMP.)

China slams 'dirty' America's 'clean network' plan, reminds world of PRISM snoop-fest exposed by Ed Snowden

Duncan Macdonald Silver badge

Re: It's all about the money

Hopefully the opinion polls are correct and Trump will be lose the election in November.

If Biden wins then in January a lot of Trump's Executive Orders will be cancelled.

USA decides to cleanse local networks of anything Chinese under new five-point national data security plan

Duncan Macdonald Silver badge
Happy

Short lived policy

If the current US Presidential polls are anything like correct then Trump will lose the 2020 election by a landslide. So in Jan 2021 Trump, his cabinet and most of his policies will be kicked out. (According to the FT, currently 308 to 128 in the Electoral College - see https://ig.ft.com/us-election-2020/ )

I hope the polls are correct.

Aviation regulator outlines fixes that will get the 737 MAX flying again

Duncan Macdonald Silver badge

Not big enough to carry Trump's ego. (On the other hand a hummingbird could carry his brain!!!)

So many stars, so little time: Machine learning helps astroboffins spot the most oxygen-starved galaxy yet

Duncan Macdonald Silver badge

Re: Are you sure?

The galaxy is estimated to have been only 10 million years old - heavy stars that can form the heavier elements would not yet have reached the stage where they emit much material containing the heavier elements. (Even the supergiant Rigel at 8 million years old has not yet reached the stage where it emits large amounts of heavy elements - this will not occur until it goes supernova.)

As the galaxy is a very low mass one, it may not have many (if any) supergiant stars - ordinary giant stars such as Sirus A have a life of hundreds of millions of years before they emit significant amounts of heavy elements.

US drugstore chain installed anti-shoplifter facial-recognition cameras in 200 locations – for eight years

Duncan Macdonald Silver badge
Unhappy

Re: "Humans are pretty good at spouting a lot of nonsense, too"

Unfortunately extreme stupidity is far too common in the human race.

Ignorance is treatable by education - stupidity is unfortunately not treatable (except by the Grim Reaper!!).

If you own one of these 45 Netgear devices, replace it: Kit maker won't patch vulnerable gear despite live proof-of-concept code

Duncan Macdonald Silver badge
FAIL

Netgear used to have a good reputation

Many years back I used Netgear switches at work - they were cheap and reliable and robust. I have since recommended their products to others as devices that work reliably. It unfortunately seems that the current management has decided that it is not worth spending money to keep a good reputation. With this move it becomes clear that they are now no better than "no name" Chinese firms.

With the US election coming up, when better to petition regulators for a controversial way to chill online speech?

Duncan Macdonald Silver badge

Unfortunately even that is no longer true. Surely the buyers could find politicians that would obey them while still having an IQ larger than their shoe size.

Suspected armed robber’s privacy was not infringed by cops’ specific cellphone tower data slurp, US judge rules

Duncan Macdonald Silver badge

Use burner phones

If you are going to do anything that the authorities do not like (from armed robbery to carrying a placard saying that Trump is an idiot) do not have your main phone on you. Just have a cheap burner phone that can make phone calls and do texts only. Dispose of the phone after the activity - do not use it for multiple activities. (As new basic mobile phones can be obtained from eBay for under £10 and a PAYG sim for under £10 at a place like Poundland this does not require a major investment.)

(As far as Trump &co are concerned the placard carrier would be the more important criminal !!!)

Nvidia may be mulling lopping Arm off Softbank: GPU goliath said to have shown interest in acquiring CPU design house

Duncan Macdonald Silver badge

What is the point ?

For Nvidia, if all they want is custom ARM designs then buying a suitable license from ARM would be far cheaper than buying the company. As ARM have recently brought out their semi-custom Cortex-X1 which makes it easier for its customers to get higher performance systems, there would seem to be little point to Nvidia trying to buy the whole company.

UK formally abandons Europe’s Unified Patent Court, Germany plans to move forward nevertheless

Duncan Macdonald Silver badge

Replace all the EPO officials

For the EPO to have any validity, all its senior officials need to be replaced. Do not leave anyone above the level of janitor from the current organisation and give it a proper set of rules that can only be amended with the agreement of the European Parliament to stop a future Battistelli from being able to do a power grab. Also change its constitution to be subordinate to the normal justice system rather than as Battistelli managed to argue independent from them.

Alternatively just abolish the EPO completely.

Everything must go! Distributors clear shelves of ALL notebooks in Q2, even ones gathering dust over last 12 months

Duncan Macdonald Silver badge

Still plenty of good used laptops on eBay

A quick look showed plenty of Thinkpad models for sale on eBay. Many of these are quite suitable for use for people working from home. (examples T430 i5-3320M, 16GB, 512GB SSD, W10 Pro, 12 month warranty £400 - T430 i5-2520M, 8GB, 180GB SSD, W10 £200).

HCL hardly noticed COVID – revenue and profit rose and further growth predicted

Duncan Macdonald Silver badge

Look at the number of Covid-19 cases in India

India has over 1 million confirmed covid-19 cases and rising by over 30 thousand per day. Given the lack of medical facilities for much of its population, the true number is probably at least ten times that figure. The big impact on India (and companies in it like HCL) will be over the next few months. The death rate in India will be higher than in most of the world due to poor medical provision, overcrowding in the slums and widespread extreme poverty.

Chips for Huawei are fried: TSMC stops shipping parts to Middle Kingdom mega-maker this September

Duncan Macdonald Silver badge
Mushroom

The sooner Trump is out of office the better

He is following the old story for unpopular Republican presidents - dream up some enemy and try to set the US against them and try to look strong in the process.

He saw how Bush rode the Gulf War to a second term and hopes to do the same.

Icon for what could happen if he lets his ego go too far. =========================>

Euro police forces infiltrated encrypted phone biz – and now 'criminal' EncroChat users are being rounded up

Duncan Macdonald Silver badge

Use offline encryption/decryption

Use OpenPGP or other good encryption program on a standalone computer (no network access) for the encryption and decryption. Transfer the encrypted messages by USB stick (or even floppy disk!!!) to and from a computer with network access.

For immediate communications use codes (not ciphers) on throwaway phones. (Codes are agreed words/phrases that mean something different to their normal meaning - examples "Alas Babylon" (from the book of the same name - means a nuclear attack is in progress) "Jean has a long mustache" (WW2 message to the French resistance - D-Day tomorrow)).

UN warns of global e-waste wave as amount of gadgets dumped jumps 21% in 5 years

Duncan Macdonald Silver badge

Require a 5 year guarantee

If domestic appliances (white goods as well as phones/tablets/computers) were required to have a 5 year transferable guarantee then the amount of e waste would be drastically reduced. Manufacturers would be forced to use components with better margins to avoid premature failure. It would increase the purchase price but would probably drastically reduce the total outlay over a 10 year period.

Happy privacy action day in California: If you don't have 'Do not sell my information' in your website footer, you need to read this story right now

Duncan Macdonald Silver badge

Of course there is an alternative

Do not collect the personal information in the first place - if no information is collected then there is no need for opt outs or messy information deletion.

Hey, Boeing. Don't celebrate your first post-grounding 737 Max test flight too hard. You just lost another big contract

Duncan Macdonald Silver badge

Re: First Flight Since The Grounding?

Yes - several 737 MAX 8 aircraft have been flown to suitable parking spaces. No passengers on the planes and the pilots knew what to expect from MCAS and knew how to disable it.

Duncan Macdonald Silver badge
FAIL

Re: One question

Flyable yes - but there is a part of the flight regime where the throttles have an unusual effect on the pitch. If the pilots are trained for this then no problem. However Boeing as part of its sales pitch to airlines said that no training was needed and the MCAS software would do the pitch correction automatically. We all know what happened then.

(Because the engines were moved far forward of their position in previous 737 aircraft, when the throttles are advanced the nose tends to pitch up - for part of the normal climb if uncorrected by either MCAS or the pilot then the plane could stall. Normally for all civil aircraft it is a certification requirement for there to be no such condition. Boeing might have got a waiver by requiring pilots to be properly trained for the changed handling - but then it would not have been able to sell it as "just a better 737". Instead by doing a sloppy job it killed over 300 people and cost the company many billions of dollars.)

Duncan Macdonald Silver badge

Re: FAA's Fall

Or if you are feeling nasty - await certification from the Chinese equivalent of the FAA. (With the current trade war being promoted by Trump this could be a very long time coming!!!)

Remember when we warned in February Apple will crack down on long-life HTTPS certs? It's happening: Chrome, Firefox ready to join in, too

Duncan Macdonald Silver badge

Re: Will this be a problem for embedded device certs?

Many embedded devices have their own server and certificate baked in at the manufacturing stage and can not be updated by the end user. They will be broken by this change to the browsers.

Browsers at a minimum need to have a setting that allows long lifetime certificates to be used.

CIOs will force SaaS vendors to limber up and get more flexible about contracts in the post-pandemic world

Duncan Macdonald Silver badge

How long till ServiceNow goes extinct ?

By telling all its customers that its contracts are non-cancellable and refusing to alter terms, it is building up so much ill-will that many (probably the majority) of its customers will never use ServiceNow again. Others that might have used ServiceNow will have seen how it treats its customers and will find an alternative supplier.

After huffing and puffing for years, US senators unveil law to blow the encryption house down with police backdoors

Duncan Macdonald Silver badge
Mushroom

OpenPGP

This software has been out for several years and provides strong encryption and the source code is available - how do these idiots propose to stop people using it. 7-ZIP also provides good encryption for RAR files.

These Republican idiots will not be happy until everyone has a surgically implanted recording device that captures their every thought.

Icon for what should happen to these idiots. ============================>

RIP ROP, COP, JOP? Intel to bring anti-exploit tech to market in this year's Tiger Lake chip family

Duncan Macdonald Silver badge
Mushroom

Older programs ?

Most systems have a lot of older code running as well as the latest most up to date stuff. An application obtained as a binary which the supplier has not updated will have a lot of branches that do not have ENDBRANCH as targets. The CET will have to be something that is turned on at a per application level with the default being off or many applications will break. (Given the extreme speed that some suppliers work, there will still be non conforming applications in 2040 !!)

Icon for systems that enable CET without checking for non-compatible programs.

========================>

Someone got so fed up with GE fridge DRM – yes, fridge DRM – they made a whole website on how to bypass it

Duncan Macdonald Silver badge
Thumb Down

Re: Advertent FUD - WRONG

Look at https://www.businessinsider.com/cities-worst-tap-water-us-2019-3?r=US&IR=T

for a description of the contaminated water supplies in several cities in the US. (Flint, Michigan was just one bad example).

Duncan Macdonald Silver badge
Thumb Down

Re: home use printer that doesn't dry up between uses

Dye Sublimation gave good pictures - at a price FAR HIGHER than inkjet. Any printed image (even a single full stop!!) used the same amount of the dye coated sheet as a full colour photo. I think that it died a death once inkjets got good enough except for specialized uses (like ID cards) where instant drying is an advantage.

(The used dye sheets are also a security hazard as they have a negative image of what was printed.)

Just use compatible inks or printers with refillable ink tanks.

China's silicon-self-sufficiency plan likely to miss targets due to Factories Not Present error

Duncan Macdonald Silver badge

China is supporting the US

China has a huge holding of US treasury bills (bonds for non-US people) and is accepting more. This is not because they think that the US bills are good investments - it is instead to prop up the US until China is self sufficient. Anyone who looks at the US debt clock can see that the US is heading for a major crunch. (Unfunded liabilities of over $147 trillion, national debt of over $25 trillion, federal spending over $3 trillion more than federal income, number of manufacturing jobs halved since 2000 etc).

When the bubble finally bursts, there will be a lot of destitute people in the US who have no food, no hope but will have guns - the result will make the US Civil War look like a friendly party. The collapse will cause a worldwide financial crash that will make the great depression look like a minor blip.

China is trying for self sufficiency in the hope that it can survive the crash - if it does then it will become the dominant world power.

Must not be the season of the switch: Someone flipped the you-know-what in global ethernet switch and router supply chain

Duncan Macdonald Silver badge

Cisco

And in my opinion this is the real reason that Cisco et al got the orange buffoon to try to block Huawei. Huawei was selling equivalent (or better) products than Cisco for lower prices thereby hurting Cisco's profits. (The NSA probably disliked Huawei because there were no baked in NSA backdoors.)

Moore's Law is deader than corduroy bell bottoms. But with a bit of smart coding it's not the end of the road

Duncan Macdonald Silver badge

Look first at the problem

Often a huge speedup can be obtained by spending a few minutes thinking about the problem before starting the design.

Many years ago the company that I was working for needed to do a lot of computation on a few days values from an Oracle database that had multiple years of data. The code that the consultants came up with worked - but would have taken over 2 weeks to produce the results as the main table was joined to itself in the query in a way that negated the speedup of the indexes. A bit of thinking and a much smaller table was produced by selecting only the required days from the main table and running the query using that table instead. That reduced the time required from over 2 weeks to under half an hour.

Another system was monitoring temperatures in a power station - the original spec had all the temps being monitored every second which was too much for the low performance mini computer of the time (early 1980's). A bit of looking at the items being monitored showed that many did not need a high scan rate (if the concrete pressure vessel temps are changing significantly in under 30 secs then it is well past time to run like hell!!). Changing the spec so that only the required items were scanned at high speed made the job easy for the computer to handle.

If you have a job that is going to heavily load a computer system then it is often worth spending some time to try to understand the problem (not just the spec) and see if there is any obvious inefficiencies in the spec that can be easily mitigated before starting coding.

Global bean-counting behemoth PWC tells vendors: Now would be a great time to audit your customers

Duncan Macdonald Silver badge

What a surprise

There is a reason why a nickname for PricewaterhouseCoopers was Prize Slaughterhouse.

Remember accountancy and consulting firms are NOT your friends - they are bloodsuckers along with lawyers and taxmen.

Repair store faces hefty legal bill after losing David and Goliath fight with Apple over replacement iPhone screens

Duncan Macdonald Silver badge

Apple

The only way that Apple can say that it loses money on its repair business is by saying that a repair stops the owner from needing to buy a new iDevice. If Apple had their way then any scratch would require the owner to buy a new unit.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020