Posts by Stephen Booth

SSH NOT a problem

I'm not saying I'm in favour of the scheme but I don't see any problem in principle supporting the basic concept of encrypted home directories with ssh. Its only a convention that requires ssh authorized key-files to live in the home directory.

The encrypted directories could have some unencrypted envelope meta-data. You can put the ssh public key in that.

SSH also does not have to use public keys it can delegate to the normal PAM library. As users are going to have to put in a password to decrypt the diretory anyway you have already lost all the benefits of using public key authentication anyway might as well just prompt for a password.

Supporting encrypted directories where the key is only present when the user is logged is a good (and not new) idea. Taking a religious position that all information about the user must be encoded in one of these is just making things over complicated.

Not your normal outsourcing

Everybody is talking about this being outsourcing and they should have stuck with their in-house tech people.

My reading of this is that they are switching between two outsourcing suppliers. They lost any in-house system when TSB was spun out and were being held over a barrel by lloyds so they hired somebody to create a replacement platform and got shafted again. Probably because the bank does not have its own technical staff to evaluate the solution properly.

The lloyds in-house techies who were running things till last week are probably still at their desks business as usual.

Compare with Raptor not Merlin

The real comparison with SpaceX hardware is with the new Raptor engine not the production merlin.

Raptor uses the same fuel as BE-4 and is at a similar stage of development (Raptor first test fire was last year)

It does look like Space-X have dialed back their target thrust for the Raptor so current indications is the BE-4 is the larger engine but this is the first test-fire it is almost certainly not running at full design power yet. They probably do have to come close to their target because they don't have the flexibility that SpaceX has to redesign the rocket.

IT angle

You are missing the IT angle to this. Some of the STOR generators (our 2MW for example) are Data-center backup generators. It makes economic sense and ensures the generators go through more test cycles than they otherwise would. And if the grid is going to be unstable its much better that the power grid people switch us over to backup before the problem becomes critical.

not the right recommendation

"with four in five not requiring the use of a capital letter and a number/symbol."

The thing that is important is entropy. Requiring particular characters does not help with this much it is a stupid hang over from the days when only the first handful of chars in a unix password were significant so using the full character set was a good idea.

If you enforce special chars all you get is "password!" instead of "password" same with all the other hard to obey password rules everyone uses one of a small number of common fixes to bypass the rule.

Probably the most important rule to enforce is the minimum legal length of a password.

Quicker to re-org than build a datacenter, also network

"However, the fact that data resides in the UK may be false reassurance from a data protection perspective, since the US government argues that if it is in data centers belonging to US corporations, it still has right of access to that data."

Under the current structure the US government claims this right. If Amazon wants the option in the future to relocate and escape this problem it can probably do so quicker than it can build a data-center.

The other issue is the network. Amazon marketing will tell you that you can place your data anywhere in the world and access it over the internet. This won't work for anything latency critical and if everyone moves to amazon the owners of the trans oceanic cables will know exactly where to go to ask for more money.

Everyone knows that Amazon gets huge economies of scale with large data-centers. There must be a point of diminishing returns after they get to a certain size (amazon must have the best handle on where this point is). Once you get to that point you open additional centers at places of good network connectivity (and cheap power) the uk scores highly on the first of these less so on the second. Maybe they they have some clever idea about how to power it.

Does the market apply to all wages

Though I'm sure the market applies to low paid jobs I'm not sure it always applies at the top.

Sure there are some talented individuals who build their own companies from scratch and have a huge responsibility for the value of the company. However in many companies the size of the company is so great that a small number of unjustified large payouts at the top have no impact on the market price of the shares. On the other hand any attempt to oust the current management would impact the share price so the shareholders and the market as a whole turns a blind eye. As long as only the small number of people at the top have their hand in the till the market does not care. These people are not being paid for the value they add to the business but are taking a "commission" out of the value of business that crosses their desk.

Interesting question for a future article, are commission based rewards good for the health of a market or do they encourage volatility for its own sake? Compare and contrast a Tobin tax and a traders commission.

What version are you runnign anyway

Win7 professional does not get the update anyway. If you actually gave your users a proper

business grade OS in the first place your users would not be tempted.

Phones and tablets are not PCs

The assumption in this article is that MS has to succeed in the phone space.Yes the decline in the PC market is partly due to a certain class of PC user finding a new class of device that fits their needs better. This is a fragmentation of the sector into two markets. Just because people used to use horses for travel and the plough does not mean the future belongs to a unified tractor-car hybrid. Tractors and cars might be made by the same company and use the same basic technology but its not the same product. Apple does ok making a phone and computer the same way Honda does ok making tractors and cars but they are different products. Not every car/tractor manufacturer has to make both and nobody succeeds with a unified solution even if some of the parts are the same. In fact market fragmentation is better for business because apple can sell you a phone and a laptop if you need both.

Phone/music-player/camera combination seems to work as a combination because they are all portable devices you want to carry around and separate devices would compete with each other for pocket space.

Microsoft can't seem to do phones. Apple have never done much in the games console space they both compete in the PC space. Once upon a time Microsoft managed to expand their market by making windows a server as well as a desktop OS and this has resulted in a fetish for using windows as a solution to every problem. Its not.

Rental not Retail

Kindle unlimited is rental not retail.

You get access to any book on the "unlimited" list while you continue to pay the monthly subscription.

Stop paying you lose access.

Paying by pages read might make sense in this model.

However my personal choice is to pay for each book I choose to read. I seem to be reading a lot of the self-published books at the moment because the buy price is generally pretty low (below my why-not threshold)

On the whole I don't think I'm paying extra other than when I really get into a book and go through the 7 book series. In which case I'd rather the money went to the author.

Not the end of the world

Running ANY programming language inside the web-browser is a bad idea. The more capable the language, the worse idea it is. If you can change the web-site applets can trivially be changed into jnlp downloads solving the problem. If you need to access an applet based interface that has not been converted then just open another browser when you need to (you could even write a stand alone program specifically for running java applets from web pages). Lets face it java applets never integrated well with the surrounding web-page so losing the ability to start them seamlessly is no big loss and easily worked around.

Patch?

I think "Patch" implies that the software binary needs to be updated in the cloud providers. Thats misleading.

The bug is in the browsers. If the server is CONFIGURED to allow weak ciphers to be negotiated then a man-in-the-middle attach can be used to force a buggy browser to negotiate a weak cipher even if it is configured not to.

The server can prevent this from happening by a configuration change only. Of course removing support for weak ciphers in future releases is also a good idea. It also means that its even more unforgivable that services are sill accepting these obsolete ciphers because it just means nobody bothered to change a config file.

Apps are not the product

Office 365 is the product. The number of potential users for a cloud based office suite does not change depending on the relative popularity of android and IOS. The only difference occurs when one platform becomes so unpopular that client support for it no longer influences the choice to use office 365.

I don't think the recent reversals are anywhere close to that yet.

Support for android is not about shifting large numbers of apps but saying office 365 is device neutral.

Ah that explains it

Fast flux, must be why the virgin media DNS servers have been locking up so much over the last week,

IT angle

Our data center has an agreement with the power supplier that gives the power company remote control to switch us onto our backup generators at times of high demand. Not a huge power capacity from their point of view (couple of MW) but useful for short term spikes. From our point of view it helps ensure the system gets tested more frequently and its probably better to be switched over cleanly before the problem fully develops. Making better use of the distributed generation capacity at customer sites is now much more technologically feasible than it used to be. I't won't do anything to address the lack of bulk capacity but it will help ride through shorter events.

End of the law but not the end of the line.

Yes the exponential increase in the cost of fabs mean that Moores law is close to the end if not already ended. At some point we will be able to builder smaller transistors but there just won't be any point.

We will have to get used to a minimum cost per transistor just as we have got used to a maximum practical clock speed. However there are plenty of worthwhile ways of improving computers to explore other than just blindly throwing more transistors at the problem. None of these are going to give us decades of exponential improvement but they are worth pursuing. The good news is that once the transistor process (with its huge fab costs) stops taking centre stage then it becomes possible for smaller companies to innovate and compete.

The GPGPU market is an example of this. Floating point performance in increased over conventional multi-core by using smaller compute units and using a greater fraction of the transistors for floating point units.

Chip stacking won't reduce the cost per transistor. Each layer needs to be manufactured and you may ruin some good layers by bonding them to flawed ones. However it may reduce energy consumption and drastically improve the communications between different components.

The future is going to be interesting.

DDR3 DDR4 or something else?

The external Centaur chip opens up other possibilities as well. Such as the Hybrid Memory Cube.

At the High end like Power8 its a smart move. The basic concept has been proposed before (e.g. RAMBUS) but the additional costs of additional components has always been a problem at the low end.

With much of the mass market shifting down to low power portable devices the DIMM memory market is going to suffer so I think there is room for innovation at the top. IBM are obviously not committing to anything other than DDR3 but they have kept their options open.

DRM is key

I doubt a prior art argument will hold up.

OK phone-to-phone gifting is not new but this is phone-to-phone gifting of heavily DRM'ed content from an on-line store without letting the store lose control of the content and its difficult to prior-art (verb ?) apple in that area.

Of course that means that gifting non DRM content by NFC would not be covered as it does not involve downloading the content from a content store.

Somebody should quickly patent exchanging drop-box download links by NFC. Heck you could probably even get it to work without an immediate network connection by generating a unique transaction identifier and then have the giver upload the data when they next get network and the receiver poll until the data is available.

Intel to manufacture ARM?

Does this include the Altera processors with embedded ARM cores?

Windows <-> Android

Provided MS don't try too ape the apple approach too closely developers might find it possible to share common code between windows8 and android.

There seem to be tools out there to do cross platform app development its just that apple really don't like them

to be used for the iphone.

Its the apple no-emulators rule that makes it necessary to develop every app twice. A 3 way ecosystem does not necessarily require 3-way app development.

Mitigation

If the web-site logs people out when the ip address presenting the session cookie changes then its going to be a lot harder for the attacker to do anything useful with the cookie even if they can steal it.

You might get spurious logouts if your device re-connects to a network with dynamic ip addresses but that is probably acceptable in cases where you care about security.

Makes sense in hindsight.

The Cloud virtualisation and HPC markets are all about large numbers of tightly integrated cores.

From Intels point of view it makes a lot of sense to integrate the network onto the CPU (either directly or via a chip stack) and with AMD going this route they can't afford not to.

If the CPU manufactures start integrating networks then the independent HPC network vendors are doomed in the long term.

Cray needs Intel so its a much better deal to sell them the technology than to try to compete with them.

EBL the 3D printer of chip manufacture

"E-beam lithography itself is pretty straightforward," Liebmann said. "We all sort of qualitatively understand how this all works. And we all also understand that the biggest problem is throughput. What all of these systems are working on is massively parallelizing the system to get to a point where you can begin to make this profitable."

EBL may not have the throughput for profitable mass production but as I understand it you don't have to make masks either so the cost should be similar for small volumes and prototyping as it is for large volumes.

Just as 3D printers (much more expensive than mass produced injection mouldings) open up new possibilities EBL might already be interesting for the low volume specialist designs that currently use FPGAs. Maybe what we will see is the current small number of dominant chip designs built in huge global fabs being replaced by a wide range of custom designs printed to order. This might make things profitable even if there is a big hiccup in the expected price reduction with each processor generation.