* Posts by Si 1

441 publicly visible posts • joined 13 Jun 2009


BOFH: I get locked out, but I get in again

Si 1

Re: PFY's responsibilities

Swapping the mouse and keyboard dongles is a clever one. They'll all be trying to login for the morning but it will keep saying their password is wrong, plus their mice will seemingly not work yet the cursor will randomly move on its own!

How not to write about network security – and I'm speaking from experience

Si 1

Re: Not to blame all founding fathers

I think the problem is how widely adopted all these protocols are now. Just to take SMTP as an example, there's so many mail servers and clients out there, it's virtually impossible to make a change to the standard without making email incompatible with servers/clients that haven't been updated, not to mention old computers and phones which no longer get software updates so would be permanently unable to receive emails. So obviously the path of least resistance is bodge a few fixes around the edge (like DKIM and spam scanning) and just leave the protocol itself unchanged.

BOFH: The PFY has won an award … for outstanding service?

Si 1

Re: Next step...

It still makes me chuckle that mischievous individuals had corrupted that AI into a hard right culture warrior within a day of it going live!

Tesla driver blames full-self-driving software for eight-car Thanksgiving Day pile up

Si 1

Re: Hmmmmmmm myxipix2

Where does it say it crossed multiple lanes in the article? If it’s been reported somewhere else, that’s fine but it’s not mentioned here and would be quite a crucial thing to mention. Did El Reg miss that or is this not actually true?

Si 1

Re: Hmmmmmmm myxipix2

I don’t know about the US, but in the UK, if you crash into the back of the car in front of you it’s your fault, not the fault of the driver in front. There could be any number of reasons he performed an emergency braking manoeuvre, it’s your responsibility to leave a large enough gap in front that you have enough time to react and stop before hitting the car in front.

That all these drivers failed to do that shows that humans really aren’t very good at driving safely. It should also be noted that the Tesla didn’t hit anything, the only ones causing accidents here are the human drivers.

While I’m sure the Tesla self-driving mode has plenty of shortcomings, (MKBHD did a great video of recording his drive to work with his Tesla in full autonomous mode), I think this incident says more about other drivers than the Tesla.

Why I love my Chromebook: Reason 1, it's a Linux desktop

Si 1

Steam Deck

I can’t say I’ll be switching to a Linux desktop any time soon, but I’ve been very impressed with the Linux desktop mode on Valve’s Steamdeck. Aside from the fiddliness of an on-screen keyboard the OS has loads of great features, supports all the compressions types I’ve thrown at it (Windows still can’t do anything other than zip files) and Flatpak makes installing stuff a breeze. Not to mention pretty much every Windows app I’ve thrown at it has run, no matter how old.

Intel's Gelsinger talks up 'systems foundry' era of trillion-transistor chips

Si 1

Re: 1T Transistor Chips

Indeed. It’s a sad sight that Intel are reduced to putting the parts together that were manufactured by other fabs. I’m still unsure if Intel’s complete failure to keep up with process shrinks is down to complacency or they just don’t have the best engineers any more.

Amazon has repackaged surveillance capitalism as reality TV

Si 1

Re: Apathy is the problem

You seem to think Ring cameras are constantly recording- they aren't. They're motion activated and you can specify the distance from the camera at which motion triggers them. Even then, I've found they're only good at spotting movement about 3-4 metres away.

You say your other neighbour opposite is 4 metres away, which seems unlikely. I know we have some narrow streets with terraced housing in the UK but even then when you factor in pavements and a road it seems unlikely to be just 4 metres.

Finally, the picture quality of the doorbell is only any good up close. If you think it can see in through windows and resolve details (even if they're allegedly 4 metres away), you're sorely mistaken.

Still, I'm sure this won't stop you from being the self-appointed Pedo Finder General for your street...

British intelligence recycles old argument for thwarting strong encryption: Think of the children!

Si 1

Re: Dear government

Ooh, I like that. I need to remember it the next time someone lobs the “nothing to hide” cliche out.

Small nuclear reactors produce '35x more waste' than big plants

Si 1

Re: Does anyone want cheap and reliable energy?

Burying nuclear waste underground is a perfectly safe means of disposal. Where do you think radioactive materials come from in the first place? There’s pockets of radioactive material all over the globe that are mined for reactor fuel. Or is Mother Nature working for the Pro Nuclear Lobby now too?

Your snoozing iOS 15 iPhone may actually be sleeping with one antenna open

Si 1

Re: 2 Minds

This is the other side of the coin on the right-to-repair. iPhones are basically worthless to steal as they get remotely locked and are essentially a brick that broadcasts their location to authorities. That said, until fairly recently they could still be dismantled for valuable parts but now that Apple marry most of the expensive components, they’re not really worth stealing either. So while it makes repairing a phone much more expensive, it does make them less nickable (until someone works out how to break the activation lock!)

Intel plans immersion lab to chill its power-hungry chips

Si 1

Re: Has Intel considered reducing the power consumption ?

It feels like we’ve come full circle from when Intel’s Pentium 4 ended up running too hot. IIRC one solution they were looking at back then was for micro channels throughout the CPU for liquid to pass through so it could be more efficiently cooled.

I never heard about it again, so either that was when Intel dumped the Pentium 4 and went back to the Pentium 3 architecture or they never got it to work right.

Web devs rally to challenge Apple App Store browser rules

Si 1

Re: Ignoring the insincere nonsense that is the Epic Game's antitrust lawsuit...

Honestly, I like the walled garden. I can recommend iPads and iPhones to non-technical relatives and not worry about them installing things they shouldn't or doing something to break them. The worst issue I've had to solve was someone turning on the rotation lock.

I'd spend hours on the phone trying to fix their Windows machines, since recommending Apple kit I rarely have to deal with any problems.

While I do see the advantages of breaching the walled garden, it's not enough for me to want to deal with all the headaches. They'll be installing things willy-nilly from the inevitable Facebook App Store and wonder why the battery life is terrible because Facebook have the microphones running all day.

BOFH: On Wednesdays, we wear gloves

Si 1

What's a cement pond? I tried googling it and the best I could find was a reference to the Beverly Hillbillies.

Microsoft gives Notepad a minimalist makeover to match Windows 11 style

Si 1

Does it know about UNIX linebreaks yet?

I admit it’s been ages since I’ve used notepad.exe, but does it still put everything on one line when the linebreaks don’t come with a carriage return?

I basically stopped using notepad about 22 years ago when the code for my university final year project got so big it exceeded the maximum file size notepad supported. Downloading Editplus over a 33k modem as a replacement wasn’t fun.

iFixit prises open the iPhone 13 Pro, claims 'any display replacement knocks out Face ID'

Si 1

Re: Not tied to the phone... but...

While I’m sure restricting users to getting their repairs from Apple certified outfits was the main goal, this does have the benefit of making iPhones worthless to thieves. In the past the Find My lock was a good deterrent but phones could still be sold for parts. Now they’re not even worth it for parts if they won’t work properly when transplanted into another device.

Apple emergency patches fix zero-click iMessage bug used to inject NSO spyware

Si 1

Re: Apple screws the pre-iOD 13 customers

Every device from the 6S onwards is compatible with iOS 14. If you're still using an iPhone 5S it came out in 2013 and the iPhone 6 was 2014. You can ditch Apple if you like but you'll likely find Android devices get even shorter support times (I'm still bitter Google dumped support for their Nexus 6 after just two years).

Si 1

Re: Autocratic governments, that's a broad brush nowadays.

Scotland already had one referendum. How many are going to be held until you get the answer you want?

Sort-of Epic win as judge kills Apple ban on apps linking to outside payment systems

Si 1

Epic Greed

It seems Epic got greedy trying to abolish payments altogether and ended up only slightly better than before. I know Apple aren’t popular around these parts and the 30% charge is excessive, but I do think they should receive some sort of recompense considering they host the app, distribute the updates, provide the APIs, development tools, etc. They are a business and not a charity after all.

It will be interesting to see how Apple handle this. I’m sure they will try various tricks to discourage people using external payment platforms, like being extra picky about approving apps, maybe making changes to the T&Cs so that only reputable payment platforms can be used, etc. I’m sure they’ll be looking for ways to skirt this judgement.

The judge in this case was very impressive, she really seemed to know her stuff and wasn’t in the least bit afraid of calling these mega-corps out on any bovine excrement they would throw out.

BOFH: But soft! What light through yonder filing cabinet breaks?

Si 1


I especially loved passing off the Proliant 6500 as a bit of recent equipment!

Arm chief hits out at 'ill-informed speculation' over proposed Nvidia buyout

Si 1

Where was all this concern when ARM was being sold off to SoftBank several years ago? That seemed to sail through with nary a peep.

UK digital secretary Oliver Dowden starts national security probe into proposed Arm-Nvidia merger

Si 1

Should never have been sold in the first place

If ARM is that important to national security then the government should be buying it. Whenever a UK company gets bought all that ever seems to happen is the IP gets retained and all the jobs go elsewhere. I know ARM is currently still based in the UK, but how long is that really going to last, under Nvidia or Softbank?

Sure, Dave might seem like he's avidly listening to this morning's meeting, but he's actually doing a yoga routine

Si 1

I’d be quite happy going back to the office...

... once we’ve got autonomous vehicles that let me kip on the back seat while it wastes its life stuck in traffic jams.

BOFH: Time for the MMOCC. You know, the Massively Moronic Online Christmas Call

Si 1

"We've signed up to a multi-presence company”

"We've signed up to a multi-presence company that does everything for you – all you have to do is install the app."

Until it goes wrong and then it’s IT’s problem to fix something they weren’t consulted about...

BOFH: You might want to sit down for this. Oh, right, you can't. Listen carefully: THIS IS NOT AN IT PROBLEM!

Si 1

Re: I'm fondly remembering the time years ago

Were they computer tissues? Y'know for wiping screens and stuff?

Apple's T2 custom secure boot chip is not only insecure, it cannot be fixed without replacing the silicon

Si 1

Evil maid would have got away with it too...

... if she had a memory stick that was USB-C and not A.

Apple takes another swing at Epic, says Unreal Engine could be a 'trojan horse' threatening security

Si 1

Re: No "Good Guys" here

I've seen it suggested that Epic didn't expect Google to boot them off the Play Store which is why the lawsuit and pre-meditated media campaign were all targeted only at Apple. Of course it could just be it's because Apple is where they make most of their money (apparently a significant percentage of Fortnite players are on iOS) and aren't too bothered about what happens on Android.

I was also surprised to see Microsoft file some sort of notice that they support Epic's case when they also charge 30% for digital games on the Xbox store. That seems like something that could come back to bite them in the future...

Rip and replace is such a long Huawei to go, UK telcos plead, citing 'blackouts' and 'billion pound' costs: Are Vodafone and BT playing 'Project Fear'?

Si 1

So they can’t install the new kit and get it running before switching the old kit off? Sounds like a load of excuses to avoid removing the Chinese spyware from their networks.

Beware the trainee with time on his hands and an Acorn manual on his desk

Si 1

Re: punchlines

I get that when I boot up my Dreamcast and because the clock battery is flat it always thinks it's a brand new console on launch day in 1999.

Conspiracy loons claim victory in Brighton and Hove as council rejects plans to build 5G masts

Si 1

Great find!

Thank you, that's such a useful find, I will no longer have to go out wearing tinfoil on my head to keep the negatively charged electramowhasits from entering my brain.

Y2K, Windows NT4 Server and Notes. It's a 1990s Who, Me? special

Si 1

Re: Even to this day...

That's a good idea although I recently had a situation where users were receiving emails from a system I maintain and I could find no evidence that my system had sent it. After looking at the mail headers and finding the sending IP I discovered there was a duplicate of the live VM running right down to the same hostname! It was merrily pulling in data and sending out order updates all on an old copy of its database.

I don't know who spun that server up or why, but you should always beware that some dodgy sysadmin hasn't cloned your test server from the live one and you're actually on the wrong server! ;)

Open-source 64-ish-bit serial number gen snafu sparks TLS security cert revoke runaround

Si 1

Re: Confusion due to lax use of terminology in RFC?

Yeah, I don’t understand this, why did they use a signed 64-bit integer when negative numbers are never used?

Dutch boyband hopes to reverse Brexit through the power of music

Si 1

Re: Slightly wrong.

The world would also go on if we just left the EU. All this cliff-edge nonsense is blown out of proportion.

Si 1

Re: Brussels is evil I tell you!

My nickname for Classic FM is Advert FM, as it always feels like there’s more adverts than actual classical music most of the time!

Microsoft polishes up Chromium as EdgeHTML peers into the abyss

Si 1

I for one welcome our new Chromium overlords

Actually, no I don’t. I’m quite shocked the author thinks web developers wants a rendering engine monoculture. I rarely bother to test all the browsers these days because compatibility and standards compliance is very good, unlike the bad old days where I’d need to test every f***ing version of IE and write custom CSS hacks for it.

I don’t want to go back to the bad old days of zero web innovation or progress, MS ditching Edge can only be a bad thing.

Black Friday? Yes, tech vendors might be feeling a bit glum looking at numbers for the UK

Si 1

I’m not surprised everyone has stopped caring. The first year most retailers were caught by surprise and had to actually discount stuff to get in on the game and the next year was somewhat similar, so there were some real bargains on offer.

Now though, the shops seem to have got wise to consumers expecting bargains this time of year and are making sure they get in plenty of tat they can flog cheaply on the day (well week) rather than losing money on stuff people would actually want. Consumers have noticed and aren’t all that bovvered about the day any more.

Cookie clutter: Chrome saves Google cookies from cookie jar purges

Si 1

Why do people still use Chrome? It’s just a massive piece of spyware, I keep all of Alphabets domains (that I know of) permanently blocked.

BOFH: Their bright orange plumage warns other species, 'Back off! I'm dangerous!'

Si 1


I'm surprised the boss wasn't rushing into mission control to beg the BOFH to help sort out the mess he's made of their GDPR preparations. I'd imagine taking a fire axe to the marketing email server and blocking Mailchimp would prevent most of the organisation's drones from breaching the rules.

Meltdown, Spectre bug patch slowdown gets real – and what you can do about it

Si 1

Are we sure gaming won’t be affected?

Lots of games these days are “open world” which means the system is constantly streaming new chunks of the landscape from disk.

I would imagine those sorts of games would be affected by this, as a general example they try to predict where the player will go next and often stream in the next area they think the player will visit. If the player then turns around the game has to hurriedly dump what it has loaded and stream in the data for the other direction.

BOFH: Don't back up in anger

Si 1

Re: New technical terms.

The latest version can go as high as 6 micro-gauss but you need a Bayesian compatible GPU to provide the additional processing power needed for the double ROT-13 calculations.

Basic income after automation? That’s not how capitalism works

Si 1

Re: Fallacy

Thank you, you have very eloquently conveyed exactly my concerns that people may not be able to re-train for a new type of job when their old one is automated. Sure new school leavers may be qualified to supervise and manage the machines and therefore balance the employment figures but the old workers won't just vanish into thin air, they will be the ones left on the scrap heap.

While it's not an exact comparison, I think a good real world example is the closure of various British heavy industries in the '80s. Most of the workers in those industries were unskilled and when the coal mine/steel mill/factory closed there weren't any new jobs in the area that they were qualified for and they weren't able to re-train for anything else. I could see automation doing exactly the same thing.

Google Pixel: Devices are a dangerous distraction from the new AI interface

Si 1

iOS 10 adoption

You're a bit behind on the iOS10 adoption rate, it's reckoned to be 54% already with 38% still iOS9 and 8% on an earlier version.

Brexit would pinch UK tech spend but the EU wouldn't care – survey

Si 1

Re: Leave the Conman Market before its too late!

@LegalAlien The UK imports far more from the EU than it exports to it (and those exports have been dropping for over a decade now as the EU contracts). The UK constitutes between 0.5% and 1% of each EU country's economy, so if the EU decides to put up trading blocks they will only be harming themselves when we reciprocate.

The UK economy contracted by about 2.5% during the 2008 banking crisis, so how bad will it be on the continent if every economy contracts by 0.5% overnight? If the EU is mad enough to block trade with the UK they would only be harming themselves in the process.

One more thought: If the EU really is so vindictive and malign towards countries leaving, then surely we are better off getting out from being controlled by them?

SSL's DROWN not as bad as Heartbleed, still a security ship wreck

Si 1

Re: Is TLS vulnerable or not?

If your server still accepts SSLv2 connections and you've used the same private key to generate your SSLv2 and TLSv1.2 certificates then you are vulnerable.

If for example it's an Apache web server and it's configured to accept SSLv2 HTTPS connections then a hacker could theoretically use the weaknesses in SSLv2 to reverse engineer the private key being used. Once they have that, they can decrypt all TLS traffic as it's using the same private key.

In practice, this means bombarding the server with SSLv2 connections to work out the private key and then the hacker needs to be able to capture any TLS traffic to your server so that they can decrypt it. That's a lot easier said than done.

The simple solution is just to disable SSLv2 support on your server (unless you know you need it). This seems to be a fairly complex and difficult to achieve hack (unless you're GCHQ) so it's not the end of the world if you haven't yet disabled SSLv2 but I would definitely recommend reviewing what versions of SSL/TLS you currently allow and disable any that aren't needed.

All eyes on the jailbroken as iOS, Mac OS X threat level ratchets up

Si 1

Re: iOS Jailbreaking is a good thing...

I used to jailbreak but there's just no point any more. iOS does everything I need with only emulators being missing from the App Store... and I can get those now by just building them in Xcode (Provenance is especially easy). There's really no need to jailbreak these days other than to prove you can...

Mozilla releases iOS app version of Firefox browser for world+dog

Si 1

Re: If it is using webkit...how is it different from Safari?

I don't know about Firefox on iOS but with iOS 9 you can get plenty of content blockers from the App Store for Safari.

IT contractors raise alarm over HMRC mulling 'one-month' nudge onto payrolls

Si 1

Re: Not about IT?

Yes, this is more my take on it as well. Employing people as contractors has become an easy way for companies to easily avoid any of the responsibilities of an employer and to be able to get rid of people without having to give any notice or pay redundancy.

I'm currently working as a contractor for a company who have a hiring freeze on, I would prefer to be an employee but there's just no chance of that.

Alumina in glass could stop smartphones cracking up

Si 1

Hello, Computer

Just use the keyboard...

Mostly Harmless: Google Project Zero man's verdict on Windows 10

Si 1

I see where you're coming from, but I think the problem with UAC is that while it does prevent nasties being able to run silently it doesn't fix the fact that once that app has been given permission to run it can do anything it wants to the system.

The registry for example is basically a one-stop-shop for everything on the system and has no concept of restricting apps access to their own area. The entire registry is there for the taking. Likewise there's no jailing an app to its own directory or preventing it overwriting files or programs in other areas of the disk.

UAC is less of a security feature and more of a button to absolve MS of any responsibility if the program you're running messes your system.

While it would break compatibility with loads of applications I think MS should look at moving away from the registry and start jailing apps to their own install directory. Sure there will be plenty of times where apps will need access to external resources but I think that could work a bit like Android/iOS where you can decide what features an app can access like the camera or contacts.

Apple's big secret: It's an insurance firm (now with added finance)

Si 1

I'm sorry but I used WinPho devices back then and they were sluggish, fiddly shite. Tiny buttons and overcomplicated screens that required a stylus to poke, a browser that might have run Flash but barely reached IE6 levels of compatibility and apps that just stayed open in the background using up all the RAM until you waded through several Control Panel screens to manually kill things.

WinPho might have ticked a lot of feature boxes back then but they were all so badly done that it was a rubbish device to use. Plus the Athena was gigantic, it was hardly something that could be slid into a pocket like most phones or the iPhone. Oh and the iPhone 2G was made of aluminium too.

I do applaud MS for building Windows CE, it managed to cram all the essential elements and APIs of the Windows desktop into a portable device which was an impressive feat. The only problem with that though was they failed to recognise that on a mobile device you need a simple and fast interface that doesn't require getting out a stylus or poking fiddly little buttons. For all its flaws the first iPhone's multi-touch interface made it a pleasure to use on the go.