Posts by Jon 37

Re: Great murder choice.

Various states are/were planning on it:

https://www.nytimes.com/2018/05/07/health/death-penalty-nitrogen-executions.html

(Disable Javascript to avoid the paywall).

Re: The engineer's careers

I agree. But in the interests of accuracy, this isn't (quite) a "3 year old safety directive".

The Safety Bulletin from Boeing was 12 March 2019, so 2 and a quarter years old.

The Airworthiness Directive from the FAA, the regulator who has authority over Boeing, was 16 January 2020, so 1 and a half years old.

The FAA obviously didn't think it was urgent, they gave everyone 3 years to comply. And that time hasn't run out yet.

Re: only SOME of the 28 mill is going to charity?

The money is going to Blue Origin, not Jeff Bezos personally.

Building and testing and launching the rocket wasn't free. It was an investment made in the hope of making money by selling tickets in future. Like the way every other startup company works.

28 million is actually not that much compared to how much has already been invested in this.

Be thankful that some of the money is going to charity. Don't begrudge the company it's revenue.

Re: Sounds Like...

Since they already have a working and debugged design that they have already manufactured, launched and operated once, can't they just make a new Hubble and launch it?

Note that I don't mean an "improved" design, I mean a straight copy but with the mirror shaped correctly this time. We know that an "improved" design is expensive and time consuming. We know that Hubble, as-is, is doing good science, but will fail soon.

I'm wondering how much a new Hubble would cost compared to the price of a servicing mission.

Re: Urban Legend or Semantics?

To see one example of this: Open Google Maps, in satellite mode, go to Australia and zoom so Australia is roughly the size of your screen. Now look at the oceans to the south-west or south of Australia. You'll see a bunch of lines crossing them. Zoom in on the edge of one of those lines.

Each line is where a ship has gone through the ocean with the right equipment to measure the depths in high resolution. So you'll see the high resolution data there. The rest of the ocean is "blurry", because there is only low-resolution satellite data available.

They use sonar that scans a distance either side of the ship's course, hence the width of the lines.

South west of Australia is a good place to look, because of the search for MH370. They did a lot of mapping looking for the remains of the aircraft on the seafloor, and it looks like that data ended up on Google. (Looking for an aircraft underwater is done by measuring the sea depth at high-resolution, then looking for an aircraft-shaped bump in that data. If something looks possible, they send down an ROV to take images of it). You can clearly see many of the rectangular search areas.

Re: designing a T-shirt to celebrate 30 years of the software

It's clear that they've already chosen a T-shirt printing company and a blue T-shirt, and may even have pre-ordered the T-shirt stock. The requirements are taken straight from their supplier's requirements for ready-to-print artwork, for the printing service they've selected.

> it relies solely on accounting, and that can have local differences.

True. But the US has standardised medical billing codes, so it's just about how they are used. And most hospitals will want to bill the maximum justifiable amount, although they may have varying success with that.

Re: Here here

Sadly, there are far too many device manufacturers who drop a whole Windows PC into their product. Then fail to update it. This includes fancy electronic measuring equipment (oscilloscopes and more specialist kit), it includes multi-million-pound medical equipment, computer controlled manufacturing equipment, and lots more.

Re: Foot in mouth

Did that really need the ISS, or would a small one-off disposable satellite have worked just as well? I doubt the astronaught on the ISS did much more than unloading it, plugging it in and turning it on.

I mean, sure we have the ISS there with all its systems and regular freight flights, so it was probably cheaper to do it that way, if you ignore the costs of building and running the ISS (since they would happen with or without that mission). But if you figure the total cost to NASA then the ISS was an expensive way to do non-human science.

The only real justification for the ISS is learning about crewed spaceflight for some future crewed space mission.

Re: Trusting trust

OTP has a very long history ... of being broken because people don't follow the rules:

1) The OTP must be generated in a truly random fashion.

2) The OTP must never be reused.

Breaking either of those rules means you end up with no security whatsoever against a determined attacker.

OTP also has the key distribution problem - you have to give the person you're talking to a copy of the OTP ahead of time, in a secure manner.

If you are disciplined enough to follow the rules, then OTP is secure.

Re: 90 days

After re-reading, I think you're mistaken. There's two separate scams here.

The BOFH personally arranged for 10 high end laptops to be delivered directly to "the user" and then sold by the company for 70p.

The BOFH was surprised to hear that Dave has retired at the same time as a bunch of untracked laptops that had been delivered to Dave went missing. The number of laptops is not specified - it's however many they bought less the 20 that came back and the 10 that the BOFH bought. It's implied that it is a lot.

Re: re: Cuddles: Complexity: Another nail in the coffin...

"Stream ciphers", one of the common kinds of encryption algorithm, work by taking a key and generating a long string of pseudo-random numbers from that key. That then gets XOR'd into the data.

It's the same algorithm to encrypt and to decrypt. (Like how ROT13 is the same algorithm to encrypt and to decrypt, except a lot more secure).

So it's certainly possible that a core bug results in the specific sequence of instructions in the pseudo-random-number generator part giving the wrong answer. And it's certainly possible that is reproducible, repeating it with the same key gives the same wrong answer each time.

That would lead to the described behaviour - encrypting on the buggy core gives a different encryption from any other core, so only the buggy core can decrypt it.

Re: Free tears

OK, so you could document that "once you reach your spending cap we will stop your services (and stop you from launching new ones) as soon as possible. Due to usage reporting not being instant, it may take up to 15 minutes from going over your spending cap until we stop the services and block new services from starting. You must pay for your usage during that time. If, due to systems failure, we fail to stop the services, you don't have to pay for your usage after the 15 minute period, unless we can show that you knew there was a systems failure and deliberately abused it."

Re: TTFN?

Ta Ta For Now.

A way of saying "goodbye".

Re: Licensing, annual support fees, statutory damages and share of profits?

They don't honestly expect a full payout on all the theories they've advanced. But they can ask now for profits, since the profits were allegedly made by breaching the Oracle agreement. And if their other theories are thrown out in court, they can't come back and ask for profits later, it has to be in the original complaint.

US court procedure is that they're supposed to list all their possible claims up front, and then some may be knocked out as the litigation progresses. They're not allowed to add surprise new theories at the last minute. They can only amend their claims if NEW information turns up (or if they screwed up with how they wrote the claims they can fix that). This makes things simpler for the other side, they know what they're defending against.

Re: system or config?

The question is, does the software allow them to be configured in the "right" way? If not, that's a software issue. Presumably they wouldn't be switching suppliers if it was something that could be easily fixed with a configuration change.

Re: $5 million for criminals

Paying a ransom is aiding and abetting computer hackers. You're also funding them to do more hacks. People who pay should be subject to criminal charges and thrown in prison.

Re: Hmm

I think the grandparent wants you, and the other downvoters, to recognize sarcasm...

Re: Open source stuff should be free ...

$4k a month is $48k/year. Less taxes. Depending on where you live, that may be a very low salary for a developer or project manager role. There are cheap places in the world, but then there are places where you might struggle to pay your living expenses (rent, bills, health insurance) with that little cash.

If he's in California and working as an experienced full time project manager, and adding significant value, then $131k/year isn't too unreasonable. Similarly for a full-time developer.

Re: Best just make a full size scalextric

Most highways already have perfectly good dashed white lines painted on them, separating the lanes. They should just work with autosteer. There's no need for anything "special".

Recharging the car with a slot in the road has been done, but it's complicated and expensive and really not worth the hassle. Just stop for a coffee and a loo break, and let the supercharger recharge your car while you're doing that.

> BTW what happens if two driverless cars meet each other on a single track road?

No such thing. There's driver assistance, but no fully driverless cars yet. When there is, it's unlikely that they'll be driving down single track roads at least to start with.

Re: hope I'm missing something here

> WTF if you are emulating an instruction set why not use the one systems already running on and your developers already know?

3 reasons:

1) The amd64 instruction set is hideously complex and hard to emulate. Mainly because of backwards compatibility. While knowing nothing about the eBPF instruction set, I can confidently say that it's a lot simpler than amd64.

2) The advantages of amd64 are: You don't have to run it in a VM, you can just run it and have huge security holes, so that advantage is not actually useful. And: your developers already know it, although if you try to pick a sane safe subset then you lose that advantage as the developers have to learn what's in the subset and what isn't.

3) If you want to design a "safe" language, you don't start with an unsafe one and fix the holes you know about, you'll miss some. You start with a new, simple, well-defined language and try not to introduce security vulnerabilities as you go.

Later.

Switching volunteers is easiest. OpenReach have done a bunch of them, for people who wanted FTTP broadband.

Switching people who are getting a new service anyway is next easiest. They are in contact with their provider to book the install, it's just going to be a slightly more major job. That's where OpenReach are now.

Switching people who are resigned to it is harder, but still OK. You message them and tell them they need an appointment and they book an engineer.

Switching people who don't want any of this newfangled Internet stuff is going to be hardest, it will take a lot of persuasion. That's where Smart Meters are right now. (See: All the ads for Smart Meters and how they magically save energy).

Some people will flat refuse to switch, OpenReach will have to cut them off. That will be a PR nightmare unless OpenReach are careful.

Blockchain is all about creating something that can be sold. Whether that be mining or NFTs.

Unfortunately there's no intrinsic value to the things being sold. They are only valuable because people believe that they are. It's a speculative bubble where those who get out at the right time will make a fortune, and others will lose loads.

Re: Next time they have someone shooting in a school or supermarket...

In a real school shooting, the robot is expendable. If it can safely find the gunman, then it gets destroyed, then I'm OK with that.

Treating a single bullet wound (that is non-fatal or just not immediately fatal) in the US medical system probably costs more than the robot.

There are probably more cost-effective solutions. Though the "digidog" can push through heavy swing doors, and with the optional robot arm it can even open doorhandles, which other drones can't.

Actually, it assumes the app will work most of the time for most people. If it happens to fail for you, tough. Go use the non-app option, if there is one and if it's accepted. It won't be accepted everywhere, no matter what the government says. Most likely, you need to go buy a new phone so you can use the app.

Re: And may they experience the same hell the rest of us

Blockchain is a public record-keeping system for when you can't trust any one person. So you get a load of people using their computers to keep the records, and deliberately design the system to be hugely inefficient using loads of computing power. The system is designed so that over 50% of those people (measured by "amount of compute power") would have to collude to subvert the system.

For Bitcoin & clones, this is a not-totally-unreasonable approach. You can have a money transfer system that no one party can control. Although the environmental impact is horrible.

For everything else, it's a stupid design. There will always be one party you can mostly trust, who can run a centralised database. If you want to stop people fiddling the records, there are simple cryptographic approaches to detect that, and there is always the option of running your own server with a copy of the data. (E.g. see how Certificate Transparency Logs work).

Unfortunately, everyone has a video camera in their pocket. And while you might get away with unobtrusively releasing a single bird, releasing a hundred at the same time would probably be noticed. Especially if you hold regular races, and advertise online when you're going to be having the next race...

Also, if you keep doing this, at some point they'll just start fining the ferry operators, or threatening fines. That will mean that the ferries will stop accepting lorries full of pigeons.

Re: The Real Story from Texas

Isn't Tres Amigos vapourware? I couldn't find any reference to it actually being built, just grand plans.

Re: How long can a MEV function ?

For the first one, they claimed 10 years planned lifespan, so two 5-year contracts.

Windows 10 version 1607. Almost 4 years ago. Though it's optional and defaults off, for compatibility with old apps that might assume the 260 limit would always be there. Link below tells you how to enable it.

Also, Windows NT has supported file names up to 32767 characters from the start, but only if the app does a bunch of horrible things. (The app has to call Windows APIs with Unicode path strings only, using absolute paths only, and it had to prefix the path with "\\?\").

https://docs.microsoft.com/en-us/windows/win32/fileio/maximum-file-path-limitation

Re: "Earlier this year it slashed the length of support perpetual licence holders could expect."

It was a *perpetual licence* but not an entitlement to *perpetual support*.

No software vendor can keep providing free patches for their old software forever. The cost of providing future patches for a period of time is included in the purchase price. So *some* limit is reasonable.

Though I'd argue that bug fixes should be provided for 6 years from date of purchase, at least in the UK. Physical goods that were defective when sold have to be fixed if the purchaser notices the fault within 6 years of purchase (Consumer Rights Act 2015). I think the same should apply to software. Sadly, no software vendor provides patches for that long.

Re: Is that not the future of CPUs anyway ?

The RAM is one of the first things you want to bring in-package.

The RAM bus is dog-slow, it has to be to work with only a few hundred pins, each of which is limited in speed due to having to work over a few inches from the processor to the DIMM, and through five connections (CPU->Socket->PCB->Socket->DIMM->RAM chip). It's also limited because RAM interfaces are standardised, while overclockers may custom tune their RAM speed, that isn't done for normal PCs.

This means that in modern processor designs, the RAM speed is often the biggest bottleneck.

Using HBM or similar lets you put the RAM dies on the same "interposer" as the core, just a centimeter or so away. It also lets you run a thousand or two wires to the RAM chips. This makes them much faster. Since they're permanently attached together, you don't have to worry about standards so much, so long as the system is designed together to work reliably.

Note that Google will probably never upgrade the memory on their servers. So they don't care about the "upgradability" advantages of separate DIMMs.

Yeah, the police like clear-cut crimes.

"Having sex without the woman recording consent on the app" is a nice easy thing to prove in court. And it doesn't matter whether the woman actually consented but forgot to record it on the app, or consented on the app but changed her mind, or was coerced into using the app, or had her phone grabbed so her attacker could set the setting on the app, or consented to something different from what happened. All those cases have a nice easy travesty-of-justice outcome that means the cops don't have to do much investigating.

In contrast, the current law is a lot more nuanced.

What's more, due to the requirement that Starlink satellites focus the beam at the ground station, they have to know where it is. And the ground station has to know where it is to focus the beam at the satellite, so it probably has GPS built in.

So the system has GPS coordinates for each ground station, and can just refuse to work with ground stations in China, or in any other country where Starlink doesn't have a license.

Don't know why the author of the article made this a big thing.

Re: speed quoted is NOT correct, 800MBps is not brisk

I agree.

Wikipedia ( https://en.wikipedia.org/wiki/LPDDR ) says that it's 6400Mbit/s per pin, with the choice of 32-bit or 64-bit bus width. Multiplying 6400Mbit/s per pin times the 64-pin bus width gives your 51.2 gigabytes/second figure.