* Posts by JohnG

1635 publicly visible posts • joined 27 May 2007

Cloud engineer wreaks havoc on bank network after getting fired


Re: Amazing!

"sufficiently stupid as to view porn on the company laptop."

As someone who has been responsible for Internet connectivity and firewalls in a corporate setting, I am amazed at the people who use corporate infrastructure to download and view porn. The culprits have all been people with technical jobs, involved in systems and software development/maintenance. It turned out that one had lost his previous job for the same thing.

What DARPA wants, DARPA gets: A non-hacky way to fix bugs in legacy binaries


Re: How did they allow themselves to get into this position anyway?

When I was writing ITTs for a public entity, for a system procured on behalf of the European Commission, it was a prerequisite that all source code in operational systems would be included with deliveries and that the IP would be transferred to the EC. A side effect of this was that open source software could not be used in the operational systems.

It was similar when I was working in defence. If the ship and it's systems have a 25 year life time, the customer wanted the source or an escrow agreement to gain access to the code, in the event that the company went into administration.

Of course, it's all very well having the source but you then have to find people/companies to work with it. Typically, they will be wary of liability issues.

Surprise! China's top Android phones collect way more info


Re: As an owner of a Xiaomi

"Any way to stop this (without the purchase of another handset..."

For some makes and models, alternative firmware images are available, built on open source versions of Android. These carry the risk of bricking your phone if you get it wrong and installing such firmware will likely invalidate any warranty. The forums at xda-developers.com are a good place to learn what is available/happening for any particular phone.

Xiaomi reveals bonkers phone with bolted-on Leica lens that will make you look like a dork


To make this idea interesting, I think they would need to have things like a tripod mount, autofocus, aperture control and image stabilisation (and the battery pack to power all this) with the lens.

Personally, I quite like Xiaomi phones - they offer good features and performance at a prices considerably lower than the big name brands. And there's the possibility of alternative firmware (e.g. lineageOS) for those concerned about spyware.


Re: The ergonomic nightmare of mobile phone photography

This sort of combined camera/phone shares some problems with mirrorless DSLRs: The view screens of mirrorless DSLRs and phone cameras are subject to glare and reflections from ambient light, which is not the case with the eyepieces of conventional SLRs and DSLRs. Additionally, eyepieces of normal SLRs and DSLRs often have a focussing elements to facilitate compensation for problems like myopia (which is something I hadn't considered when I bought a mirrorless DSLR).

Starlink, shot by both sides in Ukrainian fracas, lives to fight on


The standard Starlink offering costs about $500 for hardware and about $90 per month and is for static use only. The recently announced service for ships has hardware costs of about $10k and monthly fees of $5000 per month. Perhaps the service used by the Ukrainian military is closer to the ship/yacht service. There would be added costs for the security involved: Starlink would know the current location of every operational terminal and therefore, of every Ukrainian military vehicle equipped with Starlink. They would be passing live intelligence data - no doubt, including live targeting information for Russian forces.

Tesla Full Self-Driving 'fails' to notice child-sized objects in testing


Re: You're supposed to...

"If they really expected people to do that they'd have sensors in the steering wheel to detect your hands and have a camera in the car to make sure your eyes were looking at the road."

Funny you should say that.... For some time now, Tesla cars have required drivers to exert pressure on the steering wheel at intervals based on the car's speed (essentially, drivers prove their humanity by resisting the sensible course chosen by the AI). Newer Tesla cars have cabin cameras and some hackers have posted videos which show that Tesla is experimenting with software to detect if the driver is paying attention to the road.

Tesla's software refuses to engage autopilot below 30mph and disengages (with a warning) if the driver forces the car past 90mph.


Is there a video showing these tests which includes a view of the interior of the Tesla (i.e. the driver, the steering wheel and the Tesla screen)? I haven't found one and I would have thought this would be essential for O'Dowd's claims to have any credibility (especially given that he isn't just someone interested in automotive safety - he owns a company which touts an alternative to Tesla's Autopilot & FSD).


Re: Comparison

Funnily enough, O'Dowd doesn't seem keen to make a side-by-side comparison with his own company's (Green Hills Software) offerings.

New UK product security law won't be undercut by rogue traders upping and vanishing, government boasts


I would have thought that most of the products arriving in the UK likely to be in breach of these rules would be arriving direct from foreign suppliers (mostly in China), sold via online markets such as Amazon, Ebay and Aliexpress. All of these platforms currently sell numerous products in breach of existing British rules and legislation, apparently with little oversight or interest from the authorities or the online platforms concerned e.g. mains appliances sold with plugs that don't comply with BS 1363. All of these regulations are toothless without a body in a position to enforce them. Trading Standards appear to be overwhelmed.

Smart things are so dumb because they take after their makers. Let's fix that


About that Tesla server outage....

These cars come with key cards or key fobs. If you choose to use the mobile app to unlock and start the car, a server outage is not the most likely problem. You are far more likely to drive somewhere without cellular connectivity for the car, your phone or both e.g. an underground car park. It's all fine when you are driving in but when you park up and leave the car, it will lock as you walk away. If the car and phone don't have cellular access, you won't be able to unlock it. Another problem is when your phone battery dies.

Government-favoured child safety app warned it could violate the UK's Investigatory Powers Act with message-scanning tech


That's nonsensical. This interpretation would imply that the systems and people engaged in filtering incoming and outgoing messages for malware, porn, disclosures of IP, etc., for any organisation would have to first get permission from both senders and recipients - and this is clearly not the case. When I was the custodian of security devices that blocked incoming emails containing malware or phishing, I didn't first seek permission from those who sent them nor from the intended recipients.

Lawsuit accusing Robinhood and Citadel Securities of colluding to stop GameStop shares from skyrocketing thrown out by judge


Re: But RobinHood did block buying Gamestop

"It seemed to me those who wanted to exploit the suckers were the ones encouraging gullible people to buy the stock, hoping to leave them carrying the can when it all imploded."

The stated goal of the chaps on the relevant reddit channel was to identify stocks where shorts had heavily oversold shares in certain companies, trying to push their value down. The idea was that if enough retail investors bought up the shares, the price would go up and the shorts would be forced to buy shares. Having sold far more shares than were in the market, the shorts would soon be competing to buy shares at any price. This worked with Gamestop and some hedge funds lost some serious money.

There were moral and emotional elements in the choice of Gamestop - many in the reddit group were familiar with the company and felt it was wrong that a viable company should be pushed into the ground by the shorts.

Robinhood and others lend/rent shares owned by their customers to shorts. By preventing customers from buying and allowing them only to sell, Robinhood were protecting the shorts at the expense of their trading customers.

So it is possible for Jeff Bezos to lose: Court dismisses Blue Origin complaint about Moon contract award to Elon Musk


I liked Musk's comment on the case a few weeks back "You can't sue your way to the Moon, no matter how good your lawyers are".

Assange psychiatrist misled judge over parentage of his kids, US tells High Court


Was Wikileaks leaks of Afghanistan patrol reports, without redacting details of informants worse than the recent leaks by western governments of details of those who worked for them in Afghanistan and then leaving them behind, in the scramble to leave the country?

Teen bought Google ad for his scam website and made 48 Bitcoins duping UK online shoppers


Criminals can use tumbler/mixer/blender services to obscure where the stolen funds have gone.

Nobody cares about DAB radio – so let's force it onto smart speakers, suggests UK govt review


The report stated that younger audio consumers "do not fully understand the choice of free-to-access services"

The DCMS don't understand that anyone can stream/upload their content on the Internet (free, paid by advertising, subscription), on their own or on some commercial platform (TuneIn, Spotify, Soundcloud, etc,) and they don't have to ask the government for permission or pay for any licence. Anyone can listen to stuff from around the world (subject to distribution rights, lawsuits, etc.).

Computer scientists at University of Edinburgh contemplate courses without 'Alice' and 'Bob'


This idea seems to based on the erroneous premise that only white Europeans are called "Alice" or "Bob". There are plenty of women in Africa and Asia called "Alice", even in countries where English is not the first language and one of the most famous "Bob"s of all time is Bob Marley.

Schools email marketing company told us to go away when we told them of exposed database creds, say infoseccers


The correct response would have been something like "Thanks for letting us know", not a polite variant of GFY.

Chiptune to brighten your afternoon: Winning 8-bit throwback music revealed


mind.in.a.box are an Austrian group with tracks "8 Bits" and "I love 64" that seem appropriate to this article.


US road safety watchdog decides against probe into Tesla battery fires


Yes - but the incidence of individual cell failures that cause fires is likely to be massively less than the incidence of all individual cell failures. Some individual cell may result in lower battery capacity and corresponding reduction in range and a few may result in the failure of an entire battery module and an undriveable car.

AIUI, a battery cell charged in accordance with the specifications can overheat if there are impurities in the electrolyte. But a cell overheating does not necessarily lead to fire.

Texas cops sue Tesla claiming 'systematic fraud' in Autopilot after Model X ploughed into two parked police cars


Re: Tesla's auto-pilot works flawlessley, Smoking cigarettes is good for you.

"Tesla is selling me a car with AutoPilot. So, I'm going to use my car as intended, I will engage the AutoPilot, take my hands off the wheel, close my eyes then sue the fuckers for selling me a thing that doesn't work as intended."

Tesla explicitly tell drivers that Autopilot is a driver's aid and that they must remain alert, aware and ready to take control. They also signal drivers to apply pressure to the steering, to indicate their presence at regular intervals.

The term Autopilot comes from aviation, where such systems maintain speed, altitude and bearing. Just as with Tesla, pilots using autopilot systems are required to remain alert, aware of their surroundings and ready to take control at all times.

"I'm going to sue Apple because they sold me a computer with an assistant that can respond to voice commands but when I told Siri to write my PhD thesis, she didn't"


Re: Yes it is Tesla's fault

Autopilot is a term to describe pilot aids in aircraft, which maintain constant speed, altitude and bearing and not systems which will avoid hitting objects in their path. It doesn't seem unreasonable to use the term to describe Tesla's driver aid.

While Tesla will sell an option for FSD, they are clear that FSD has not yet been delivered to anyone. (Personally, I think people are crazy to pay for something that doesn't exist and that they may never have). All drivers are also warned that Autopilot is just a driver's aid and that they should remain alert, aware and ready to take control at any time.

At the end of day, the driver is the one with the driving licence.

Infosys admits it still hasn't fully fixed Indian tax portal


Could Infosys outsource the portal problems to some experts abroad?

Royal Navy will be getting autonomous machines – for donkey work humans can't be bothered with


Re: What's the end result of incresingly asymmetric warfare? More terrorism?

"unless Russia is also suffering unreported cyber assaults"

Putin himself has complained about cyber attacks, the implication being that these were state-orchestrated attacks. It's probably fair to assume that many countries are both conducting and being targeted by cyber attacks.

Tech widens the educational divide. And I should know – I'm a teacher in a pandemic


Excellent online learning by local primary academy

My 8 year old son is at a local academy school and I reckon their efforts to provide continuity during lockdown were excellent - and this, despite having to cope with key worker children from other schools being dumped on them by the local council. For a group for people who were not IT specialists, I could not be happier with their work.

With two classes per year, they split teachers in each year group between an in-school class and an online class, using Teams. Children unable to work online from home (parents working, no suitable device, other home issues) were allowed into school. Eventually, the school were able to organise tablets for children who needed them.

In the online classes, cameras were required to be on and (because things started to get a bit too slack) children were asked to wear school uniform. Worksheets were available to download but the teacher would always keep pages on the screen for those who could not print them out. The interactive nature of the class run via video conferencing made the experience as close as it could be to in school learning.

A positive aspect of online learning was that children were able to talk with each other during break times or call each other after school - which was a big deal during lockdown. My son and his school friends became quite adept at organising play via video conferencing.

Of course, this was a primary school and I would think that secondary school learning is probably significantly more difficult to run online.

Like others have said, I don't think technology increases the educational divide but the lack of technology does. But this should be a driver to improve access to technology, not constrain the use of technology as a means to level the playing field.

Guntrader breach perp: I don't think it's a crime to dump 111k people's details online in Google Earth format


Re: All he did was reformat existing data

1. He acquired some data that he knew to be stolen, which listed names and addresses and other personal data;

2. He reformatted the data, to make it easier to interpret/use;

3. He published the stolen data to a wide audience;

4. He encouraged others to harass people on the database.

1, 3 and 4 are offences. 2 might be an aggravating factor for 3.

Norwegian student tracks Bluetooth headset wearers by wardriving around Oslo on a bicycle


How many Bluetooth headphones are capable of MAC address randomisation? Most are based around a single chip, which don't support MAC address randomisation.

Volkswagen to stop making its best-selling product for Wolfsburg workers: VW-branded sausages


This is the same CEO who got himself into hot water with "Ebit macht frei”.

Oh the humanity: McDonald's out of milkshakes across Great Britain


Pay and conditions

A number of current a former HGV drivers have posted comments and videos on social media about the HGV driver shortage: every one of them have described poor pay and conditions as being the primary reasons behind the shortage. Many have found jobs with better pay and conditions in other sectors e.g. warehouse work. While foreign drivers filled these jobs for a while, they soon realised that they could do better elsewhere.

How many people here would want to work long hours at or close to minimum wage, having rest stops in laybys smelling of piss and being fined for having overweight lorries due to bullying from their managers? The reason that there wasn't a shortage of of HGV drivers before the influx of cheap migrant labour from the EU is because HGV drivers used to enjoy pay and conditions that made the job worthwhile.

Hacking the computer with wirewraps and soldering irons: Just fix the issues as they come up, right?


Re: Computer O Level

I played a text version of Star Trek on a teletype attached to an IBM system at Exeter University in the 1970s. I seem to remember a message like "Yeoman Rand has just spilt coffee on the main console. Your shields are down and navigation controls are not working".

Wireless powersats promise clean, permanent, abundant energy. Sound familiar?


Ant City, IRL

Whenever I hear talk of ideas like this, I am reminded of Ant City

Das tut mir leid! Germany's ruling party sorry for calling cops on researcher after she outed canvassing app flaws


Re: Classical attack

Also, those responsible for the app have almost certainly breached German data protection laws. Ms Wittmann had also informed the relevant data protection office of the issue, prior to her publication. The police should have gone after those who released and operated an app which failed to protect people's information (despite claiming the opposite) - but they went after the person who reported the actual crime instead.

Ms Wittmann put her own report here (in German) AFTER the app was shut down: https://lilithwittmann.medium.com/wenn-die-csu-und-die-volkspartei-digitalen-wahlkampf-machen-6d9e245efefc

The UK is running on empty when it comes to electric vehicle charging points


From 2025, all new heating installations will have to be "low carbon" e.g. ground or air sourced heat pumps. Only existing gas or oil boilers could be repaired or replaced.

Similarly, no new open fires or wood burner installations will be allowed.


Slow AC charging and rapid DC charging

There are essentially two types of EV charging:

1. Slow AC charging

Typically, 32A at home overnight or at work, during a working day. Overnight charging allows EV owners to take advantage of cheap rates, when the grid has plenty of unused capacity. For most EV owners, slow overnight charging is probably 90% - 95% of their charging, as their daily drive will be within the range of their car.

For all the people who don't have off street parking and the possibility of their own EV charger at home, there really needs to be a slow EV charger at every possible overnight charging space (they cannot predict where they will park on the street). This is where a huge effort is needed, if the government hope to meet their goal.

2. Rapid DC charging, 50kW - 350kW

When travelling long distances, it isn't normally practical to sit on a slow charger for hours and EV owners want to charge for 10 - 30 minutes and then continue their journey. Relatively few EV owners use a rapid charger more than once or twice a month.

Tesla's Supercharger network (currently closed to all but Tesla cars) is widespread, reliable and needs no card or app for charge authorisation but other rapid charger networks have been flaky, with chargers offline or unable to authorise charging - but this situation is improving. Some rapid charging networks are ridiculously expensive.


Re: Hmm....

The Union of Concerned Scientists (USA) made a study in 2015 and published this report:

Cleaner Cars from Cradle to Grave

How Electric Cars Beat Gasoline Cars on Lifetime Global Warming Emissions


Their data is based on EV technology and US electrical generation of the time e.g. more use of coal in generation. Essentially, once you add in the production, storage and distribution impact of petrol or diesel (or hydrogen), battery EVs win hands down on well-to-wheel lifetime impact and the impact of battery pack manufacture is offset in six to sixteen months of driving.


Re: Hmm....

"And before someone calls me out for being a twat. why on earth are we not making smaller lightweight EVs built out of modern, strong materials that will still carry a battery but will be more suitable size and weight."

Early EVs were closer to this and were deeply unpopular and expensive. But battery packs are heavy and it is hard to make a small, light, sensible EV for a sensible price. Tesla decided it was easier to compete at the top end of the market, where the price of an EV battery pack and drivetrain is comparable to their ICE counterparts. Where people have money to burn on cars that can reach 60 mph in under 4 seconds, it is easier to make an EV with massive torque and acceleration, despite weighing over 2 tonnes. As battery prices fall, Tesla and other EV makers are heading towards more sensible cars.

Interestingly, Renault and some Chinese manufacturers have produced some very cheap (e.g. $9000) EVs for the Chinese and Indian markets but these models are not available or type approved for Europe.

I've got a broken combine harvester – but the manufacturer won't give me the software key


"The new UK rules, which mirror those in the EU, only force manufacturers to offer a subset of parts to consumers, such as replacement power supplies and remote controls for TVs. If you want to fix your dishwasher's drain filter, you'll be able to get the parts. The manufacturer won't have to give you the parts for more complex repairs like a drain pump."

Access to technical data and tools needed to repair and/or to manufacture alternative spares are often more important than whether or not the manufacturer will sell specific spare parts. The willingness of some Chinese manufacturers to copy often pre-empts right-to-repair legislation and forces OEMs to supply spares freely or face losing sales.

Ecuador shreds Julian Assange's citizenship


Re: Journalist prosecution

"Just a few of them: rape case was so weak that Sweden wanted to drop the case long time ago but was pressured by UK"

BS. Assange fled Sweden during a rape investigation and the prosecutors subsequently submitted an EAW to the UK for his arrest and extradition to Sweden. A UK court placed Assange on bail while considering Sweden's AEW and Assange chose to breach his bail conditions, which is an offence in the UK. At this time, the US government had not displayed any interest nor submitted any extradition requests to either Sweden or the UK. When asked about Assange, President Obama stated that, as far as he understood it, Assange had not broken any US laws. Assange could have gone to Sweden, had his Swedish lawyers pull the case apart, which would likely have never gone to court - and he could have gone his merry way. Instead, he stayed in the Ecuadorian embassy until the arrival of a US administration that was interested in his extradition.

UK regulator Ofcom seeks more powers to deal with mega constellations


OFCOM will no doubt be aware that they are now responsible for filing for OneWeb's satellites to the ITU and that the USA's FCC have already presented filings to the ITU for Starlink's initial 12,000 satellites and for future additional 30,000 Starlink satellites. And, as OFCOM provide the UK's delegation to the ITU, they must be aware that all of this is within the remit of the ITU and not that of OFCOM or any other national regulator.

Subcontractors working on CityFibre's £45m Derby rollout threaten to 'rip up tarmac' in dispute over payments


I was subcontracted to a European intragovernmental organisation for over a decade and prime contractors would often not pay for 6 - 9 months. The organisation eventually wrote some terms into their draft contracts that required primes to pay subcontractors with 30 day terms or pay automatic penalties, with the possibility of organisation paying subcontractors directly and putting late-paying primes on the naughty step. The primes suddenly managed to pay invoices within 30 days.


Local stores have been perpetually sold out of many materials. I found it useful to drive to stores with supplies of materials I needed to collect them myself - and this was typically about 2 hours away.

Things that needn't be said: Don't plonk a massive Starlink dish on the hood of your car


Starlink won't work on the move or outside your chosen/designated cell.

Perhaps he should have read the Starlink FAQs before bolting the antenna to his car:

"Can I travel with Starlink, or move it to a different address?

Starlink satellites are scheduled to send internet down to all users within a designated area on the ground. This designated area is referred to as a cell.

Your Starlink is assigned to a single cell. If you move your Starlink outside of its assigned cell, a satellite will not be scheduled to serve your Starlink and you will not receive internet. This is constrained by geometry and is not arbitrary geofencing."

Starlink won't work on the move or outside your chosen/designated cell.

Russia spoofed AIS data to fake British warship's course days before Crimea guns showdown


Re: Shipping channel

I think western governments have misjudged the determination of the Russian governement and of ordinary Russian citizens to hold onto Crimea. Navalny (America/Western Europe's favoured candidate for the Russian presidency) was asked if he would give up Crimea, if he were the Russian president - he said he would not. Just as in 2014, Putin's popularity would likely be boosted by a defence of Crimea.


Re: Just a FYI

"So its OK if the US army rolls out of Gitmo and takes Havana?"

There would be strong words in the UN.

If you remember, in 1983 the US rolled into Grenada (a British protectorate) and setup a new political party, which magically won the elections. Little was said and nothing was done about it.

But neither Cuba nor Grenada have a majority of American residents, whereas the majority of Crimean residents consider themselves Russian - and according to the UN, self determination is everything.


Re: Just a FYI

"Calais is a vital English base in our wars against the French, you can't expect us to give it up."

But 67% of the residents of Calais aren't British.

Three things that have vanished: $3.6bn in Bitcoin, a crypto investment biz, and the two brothers who ran it


Bitcoin mixers and tumblers

Would any of the funds entering a Bitcoin mixer and tumbler setup be legit? I could see some law enforcement agency descending on such an operation, inviting them to show where some specific Bitcoins had gone or be charged with involvement in the crime(s) concerned. A court might well decide that all the funds in such an operation are entirely the fruits of criminal enterprise and therefore, subject to seizure.

Racist malware blocks The Pirate Bay by tampering with victims' Windows hosts file


Re: Hostfile ?

The malware "installation" requests a privilege escalation, just like many legitimate software installs.


Re: Eh?

In 2012, a number of UK ISPs were ordered to block TPB by the high court. UK ISPs that were not included in that order probably worked out that they would likely end up defending (and losing) an expensive court case and be given their own court order if they did not fall into line.

Ganja believe it? Police make hash of suspected weed farm raid, pot Bitcoin mine instead


Re: As a local ...

Allegedly, the police seized about 100 "Bitmain Antminer S9" units.