* Posts by PaulVD

63 posts • joined 28 Jul 2010

Page:

Wired: China's Beidou satnav system, 35th bird in orbit. Tired: America's GPS. Expired: Britain's dreams of its own

PaulVD
WTF?

There is no such country as Taiwan ...

... and yet Taiwan is one of the first customers for a Chinese satellite positioning system. Gotta love the hypocrisy of today's Middle Kingdom.

Machine learning helps geoboffins spot huge beds of hot rocks 1,000km across deep below Earth's surface

PaulVD
Unhappy

Re: My guess is..

My bad - thanks for checking my arithmetic. I think I must have used a 10m thick crust rather than 10km.

PaulVD

Re: My guess is..

Not that much momentum. A large slab of rock 1000km x 1000km x 10km deep, being subducted at say 1cm a year, has about the same momentum as a 100-ton jumbo jet travelling at speed. And when planes crash, their momentum does not carry them very far down into the earth.

It is gravity, not momentum, that moves stuff around in the mantle, working on thermally-induced density variations. And ocean crust is largely solidified mantle material, so when it is subducted and melts again its density will not be terribly different from the mantle material that surrounds it.

But the discovery of vast hot spots down at the edge of our planet's core has got to be the coolest science of the year. (I'll get my coat.)

Moore's Law is deader than corduroy bell bottoms. But with a bit of smart coding it's not the end of the road

PaulVD
Facepalm

Amazing how many smart El Reg readers missed the point

The authors picked a really simple problem for which we have a lot of analysis and some very good solutions, and showed that a really poor algorithmic choice falls far outside the achievable frontier. No doubt they did a bit of searching over languages etc to find a really bad starting point.

But it is beside the point to argue that they should have used a modern BLAS library, a better language, and other optmisations that are obvious to all of us. They showed that there are design choices which make orders-of-magnitude differences to the performance of this very simple and well-understood problem.

But now, apply that to problems that are not well-understood and for which there are no conveniently pre-optimised libraries: the database structures from which you extract that complicated query, or the nonlinear pattern-matching algorithm, or whatever programming and software design task you get paid for. Can thinking more carefully about your fundamental approach to the data structures or the mathematics yield orders of magnitude improvements? Given that we can no longer count on major improvements in future processing speed, we will have to depend on improving our high-level thinking about data structures, algorithms, and suitable programming languages.

This is a very self-evident point, for which the authors have offered a correspondingly trivial example. My initial thought was that the article was not interesting enough to be publishable. But a surprising number of commentators have attacked the example and missed the underlying point, so perhaps the point is not as self-evident as it ought to be.

Bite me? It's 'byte', and that acronym is Binary Interface Transfer Code Handler

PaulVD
Joke

At least the manager was validating/sanitizing the inputs.

'A' is for ad money oddly gone missing: Probe finds middlemen siphon off half of online advertising spend

PaulVD
Trollface

A special offer to advertisers

If I read the article's terminology right, I am on the demand side of the online advertising business.

So I have a deal for the advertisers: I will stop demanding ads if you will stop supplying them. Everybody happy now?

We're going on a vuln hunt. We're going catch a big one: Researchers find Windows bugs dominate – but fixes are fast

PaulVD
Happy

Re: Howabout a breakdown of OS vs Browser bugs maybe?

Preferred safe browser: Firefox + Noscript, with cookies discarded whenever I close the browser (which is several times a day).

And every now and then I turn off Noscript while visiting el Reg, and click on any ads that appear.

Oh ****... Sudo has a 'make anyone root' bug that needs to be patched – if you're unlucky enough to enable pwfeedback

PaulVD
Joke

It's okay - Lennart Poettering is on to it

A sudo replacement is the next feature to be added to systemd.

Are you getting it? Yes, armageddon it: Mass hysteria takes hold as the Windows 7 axe falls

PaulVD
Gimp

Why are you being mean about my Win10 phone?

See title.

H0LiCOW: Cosmoboffins still have no idea why universe seems to be expanding more rapidly than expected

PaulVD

Re: Riddle me this:

The Hubble constant is the reciprocal of the age of the universe, about 1/(14,000,000,000 years). Since my height is rather less than 2m and my age about 70 years, over my lifetime the expansion of the universe has increased my height by about 2*70/14,000,000,000 m, that is 10^-8 m or 100 Angstroms.

Of course, local space-time is heavily distorted by all of the matter around me, so this calculation is only illustrative.

Kiwi tax probe squeezed $25m out of Microsoft – now it's Oracle's turn

PaulVD

Re: Alternative Minimum Tax

NZ has an interesting wrinkle, which is probably what gave the taxman leverage in these cases: if the authorities consider that a tax arrangement unduly lessens the tax otherwise payable, they can simply set it aside and work out the tax differently. In principle, this is a horrible idea, because it means that no one can really work out with any certainty what tax is due. But it means that people who try to be too clever by half are likely to wind up on the wrong side of a big bill.

PaulVD

Staff that work in NZ pay tax in NZ on their salaries, just like staff employed by any other firm. This issue is about how much tax the company that employs them should pay in NZ (instead of in other countries).

Bad news: 'Unblockable' web trackers emerge. Good news: Firefox with uBlock Origin can stop it. Chrome, not so much

PaulVD
Happy

Re: I'm forced to wonder

Firefox has had this for years. Options > Privacy & Security > Cookies and Site Data. Check "Delete Cookies and Site Data when Firefox is closed" then click "Manage Permissions" and note any sites that you want to "Allow" to retain cookies after you close Firefox.

You will no doubt need to clear all existing cookies to start fresh.

Voila! All functionality (logins, shopping baskets, whatever) works during a session. But when you close Firefox everything is gone unless you agreed to retain it. No distinction between first-party and third-party.

It does not solve every problem - you probably need NoScript to block fingerprinting, for example - but it consistently wipes out persistent cookies that you did not ask for.

Fairphone 3 stripped to the modular essentials: Glue? What glue?

PaulVD
Thumb Up

On my shopping list

For when Microsoft stops supporting my Windows phone in a few months (yes, that says what part of the market I occupy!)

Not so much for repairability, as for its ethical sourcing of materials and components.

Fix LibreOffice now to thwart silent macro viruses – and here's how to pwn those who haven't

PaulVD

Re: Defaults...

Ditto on Linux Mint 19 / LibreOffice 6.5.2. Logo is available as an extension, but not installed by default.

God DRAM you! Prices to slide more than 40% in 2019 because chip makers can't forecast

PaulVD
Coat

Re: Crystal ball

No doubt the number was truncated for publication: if the fall had been 20% in the first 173 days of the year (to 22 June), then extrapolating to the full 365 days would have given 42.1965% for the full year. But presenting a forecast to that much precision would have been silly.

Red flag: Verify to be marked 'undeliverable' by gov projects watchdog

PaulVD
Facepalm

I am already able to safely and securely access both private and public online services

I use a password manager.

SpaceX reveals chain of events that caused the unplanned disassembly of Crew Dragon capsule

PaulVD
Mushroom

That's why we do the test

To explore how the real world differs from our understanding of it.

(Icon shows test result in this case.)

I don't have to save my work, it's in The Cloud. But Microsoft really must fix this files issue

PaulVD

Re: I could train 1st line to be fluent in 'user'

Forget AI - what the world needs is Artificial Users.

Switchzilla rolls out Wi-Fi 6 kit: New access points, switch for a standard that hasn't officially arrived

PaulVD
Black Helicopters

The backdoor is not required by the standard, but is allowed in the implementation.

Northern Virginia cements spot as bit barn capital of the world with jigawatt capacity

PaulVD
Headmaster

Re: Jigawatts? Only for flux capacitors in DeLoreans. . . .

(1) "rare and archaic pronunciation of Gigawatt with a soft 'g' sound". Also such rare and archaic words as Giant, Giraffe, ....

(2) "Jigawatts are often referred to in Internet forums in order to make fun of someone's electrical knowledge." So that's why El Reg used the word, of course.

Aussies, Yanks may think they're big drinkers – but Brits easily booze them under the table

PaulVD

I call bullshit on these statistics

"... each additional chain outlet is associated with a 35.3 per cent increase in intentional injuries, including assaults, stabbing, or shooting ..."

Some years ago, New Zealand allowed wine and beer to be sold in supermarkets. There are several hundred supermarkets in New Zealand. Conservatively supposing that this increased the number of chain outlets by 200, then 1.353^200 means that intentional injuries must have increased by a factor of more than 10^26. I am sure we would have noticed even a much smaller increase in injuries (say a factor of 10^5, which would leave everyone in the country injured every day).

But when an alcohol academic can quote a frightening number in support of his wowserism, the fact that the number is nonsense is no consideration. After all, modern journalists can safely be assumed to be innumerate (always excepting our favourite Vultures, of course).

"Rum: Generically, fiery liquors that produce madness in total abstainers." Ambrose Bierce, The Devil's Dictionary.

Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs

PaulVD
WTF?

There are 203 passwords in my password manager

Most of them unique, and many of them used maybe a couple of times a year.

No rules for password complexity, passphrases, or other similar solutions come close to dealing with the problem that I have to remember 203 of them, and I have to remember which memorable phrase was used for which site or account login. It ain't going to happen.

One of my banks supplies a dongle for two-factor authentication, and a few sites offer my phone as a second factor. But carrying round a keychain full of dongles is not going to happen either.

There is simply no alternative to a password manager.

Oz auditor: Number of times failed government biometric project met a milestone = None

PaulVD
FAIL

So, how much is PwC going to be sued for in respect of their incompetence in working out the requirements?

Tens to be disappointed as Windows 10 Mobile death date set: Doomed phone OS won't see 2020

PaulVD

Actually, I still think the phone is quite nice. I will certainly keep using mine up to the end. Having previously owned a couple of slurp-phones Android devices, I am not looking forward either to returning to them or to paying the Apple tax.

IBM: Co-Op Insurance talking direct to coding subcontractor helped collapse of £55m IT revamp project

PaulVD

Agile waterfall

It is a new development methodology known as Agile Waterfall. This is also the technique adopted by people who go over Niagara Falls in a barrel, and the success rate is similar.

Google logins make JavaScript mandatory, Huawei China spy shock, Mac malware, Iran gets new Stuxnet, and more

PaulVD

If Google can prove it is human...

... then I will submit myself to its ReCaptcha test.

'He must be stopped': Missouri candidate's children tell voters he's basically an asshat

PaulVD

Re: It's Missouri

Sounds like a good precedent: maybe the Democrats could nominate a dead man (or woman!) as their next Presidential candidate.

Yes, Americans, you can break anti-piracy DRM if you want to repair some of your kit – US govt

PaulVD

Re: Status?

Go back and read the story. Congress delegated this specific power to this specific agency - to be exercised only once every 3 years.

Ex-UK comms minister's constituents plagued by wonky broadband over ... wireless radio link?

PaulVD

Spokesperson was telling the exact ruth

"We're sorry to hear about the issues with broadband in Fernham, and we'd like to reassure residents that we’re doing all we can to resolve the matter."

(1) We are indeed sorry to hear about this. We had hoped that nobody would tell us, so that we would not need to do anything about it. We are not, of course, sorry that there is a problem.

(2) We would like to reassure residents. However, we are not in a position to reassure them, because we are doing as little as possible.

HTC U12+: You said we should wait and review the retail product. Hate to break it to you, but...

PaulVD

Re: 40 Year Old Lesson?

"But the Chinese consumer industry is relatively young and so is going to recycle ideas that never made it to commercial production in the West,"

Except that HTC is from Taiwan, not China. I know, China says there is no difference; but when it comes to experience of consumers, there should be.

Windrush immigration papers scandal is a big fat GDPR fail for UK.gov

PaulVD
Facepalm

Shredded?

"their dog stumbles across the shredded Windrush documents blowing around in a skip somewhere."

What makes the author think they were shredded rather than just dumped? It would be consistent with the rest of the sorry mess if they were just dumped in the skips with the other construction rubble.

Cyber-coin crackdown continues: Commission charges couple crypto-currency company chiefs concerning 'conned' customers

PaulVD
Thumb Down

He always needs insurance against the loss from his calf dying (or he takes the risk himself). The hedging contract gives him insurance against changes in market prices, nothing else. If he hedged the risk with an option, he can walk away from it at no cost. If he took out a futures contract, then with no calf to sell he becomes a speculator: he pays out for the difference between the contracted price and the market price at the intended delivery date (and if that is in his favour he wins money back).

Security pros' advice to consumers: 'We dunno, try 152 things'

PaulVD

That's lousy advice too. I have 209 different passwords currently in my password manager. Even if I had 209 individually memorable passphrases, I am never going to remember which one belongs to The Register. Much safer to copy and paste "pYsuuRM-jr5q".

Linux kernel community tries to castrate GPL copyright troll

PaulVD
Stop

Re: Non-GPL feature

You don't want to use the GPL'd library? Be my guest - nobody forces you to use it. Write your own code for those functions, and you can do whatever you like.

But if you want to re-use code that somebody else has written to save you the cost and bother of re-doing all their work yourself (and doing it properly, which is often hard), then you do it on their terms. If they are fans of open source, their terms may include that you have to add your new product to the open source pile. Like it or lump it.

Or pay damages, of course.

Review pins blame for Medicare ID breach on you. All of you

PaulVD
Big Brother

Simple, except for a slight legacy issue

Withdraw all existing numbers, and issue everyone with a 256-bit code, unstructured except for a check digit or two. Record the new numbers as a QR code on a plastic id card, so that they can be read by standard handheld scanners.

Make it a criminal offence for anyone (including the Government) to store these numbers. Instead, require the number read to be salted with the organisation's name and then stored as a SHA-512 hash value only. The hashed value works just as well as the raw number as a key in the database records for the organisation.

Then (1) the numbers can be used freely within one organisation but records cannot be linked from one organisation to another; the authorities cannot correlate your tax records with your health data using this code. (2) Stolen hashes are of no value to anyone. (3) If a dump of stolen hashes comes to light, it is possible to identify with certainty the organisation whose security was at fault. (4) Banks or other organisations can use the identifier if they like, but cannot link data acquired from elsewhere to expand their knowledge about you.

From a consumer protection point of view, what's not to like? There is, of course, the slight problem that legacy databases will have to be restructured to use a different key. Also, it shifts power away from bureaucrats and corporations to consumers. Oh, that's a fatal disadvantage; it will never fly.

Has AI gone too far? DeepTingle turns El Reg news into terrible erotica

PaulVD

Re: so this is automated buzzword bingo ?

It was Richard Strauss. Google says that the story was "Art Work" by James Blish, in Science Fiction Stories 1956. I am not quite that old, so it must have been anthologized somewhere.

Far out: Dark matter bridges millions of light-years long spotted between galaxies

PaulVD
Joke

False false colours

Surely the colour should be black where the density of dark matter is greatest?

New Zealand puts the bite on Apple over taxes

PaulVD
Facepalm

Please use the right sheep

If you are running a story on New Zealand, and decide that you really need sheep to illustrate Apple's tax affairs, please source a stock picture showing Romneys or Correidales. And they should be on hillsides rather than in a European farmer's lane.

Other than that, NZ has Goods and Service tax instead of sales taxes and, yes, it is a tax on consumers not on Apple.

For corporate tax, NZ has the same laws as most countries (but not the US) - companies pay tax where they are incorporated/resident. If Apple runs its NZ affairs through an Australian firm, it pays profit taxes in Australia. Likewise, when I sell consultng to a US client, my company pays taxes in NZ, not in the US.

Windows PC spy nasty dormant for three years, mutates and resurfaces

PaulVD

Patched long ago

The original vulnerability was patched in 2012; the later one was patched by MS15-033 in April 2015.

So this nasty affects stupid people and stupid organisations only. Apparently such targets can be readily found in the US and Africa, as those are the currently affected regions.

Geo-boffins say 'quake lifted bits of New Zealand by 8 metres, moved at 3km/second

PaulVD
Mushroom

Re: So how was New Zealand created?

Oh yes, there is a long history of earthquakes. And don't forget the volcanoes in the North Island. The Oruanui Eruption (26,500 years ago) was the biggest eruption anywhere for the last 70,000 years. Auckland is built on a volcanic field: lots of pretty little hills, with new ones popping up every now and then. The last was about 600 years ago.

But tsunamis seem to come most often from quakes elsewhere in the Pacific, typically Chile.

Google Pixel pwned in 60 seconds

PaulVD

Re: Four Seconds

Easy: if you could patch all of the flaws in Flash, Flash would not work at all.

Even in remotest Africa, Windows 10 nagware ruins your day: Update burns satellite link cash

PaulVD
Go

Maybe I missed it...

But I didn't notice anyone saying they had sent a few bucks to help this outfit with their bandwidth needs in protecting wildlife in one of the most godforsaken parts of the world. (And the various people with guns are variously Muslims, Christians, and Animists; poaching and murdering game wardens is an all-faiths activity there.)

So, for the record, they have $50 from me. Any other takers? Just follow the link in the story.

Insure against a cyberwhat now? How the heck do we crunch those numbers?

PaulVD

Many commentards don't understand insurance

Look at your fire insurance policy; it will exclude, for example, acts of war. The last time Britain got into a big war, half [sorry, lots of] the houses in London caught fire. No insurer can actually pay out that scale of losses, so they exclude them from the risk covered. Somebody else, the insured or the Government, has to bear these risks.

The insurance spokesman no doubt understands this about insurance, but does not understand cyber security. It is perfectly possible to insure against the odd idiot who leaves a laptop in a taxi, because this is standard idiot behaviour and the industry has lots of data on that. But cyber attacks are much more like warfare, in that people are actively working to create losses. If some unknown vulnerability is discovered and exploited, half [sorry, lots of] the companies in Britain could suffer big losses. The insurers cannot actually pay out for this, and last year's data on cyber attacks is pretty much useless for predicting next year's losses due to new kinds of attacks.

So the insurers want data that actually won't help them, and that will create new risks. The insurers will either have to become cowboys, making promises that they cannot honour, or will have to exclude liability for most active attacks. That would rather defeat the purpose of cyber insurance.

Earthquake-sensing smartphone app fires off early alerts of disaster

PaulVD

Done this already

I was part of the Quake-Catcher Network for several years - small sensor mounted on the floor with my desktop analysing accelerations and sending packets to Stanford. Apparently proved the concept well, and my setup reported on several quakes, but maps of user locations showed that the network was over-represented where lots of tech people live and under-represented where most earthquakes happen. It seems that the grant ran out, and the network is no longer really active. Maybe this will replace it.

The Mad Men's monster is losing the botnet fight: Fewer humans are seeing web ads

PaulVD

How many clicks is fair payment?

El Reg won't let me pay directly (as I do for various other websites) and with Firefox/NoScript I can't see any ads. So I started up IE, found a couple of ads (only for things I would never buy, unfortunately) and clicked on them in order to feed the vulture.

I don't mind doing this now and again, but it raised the question in the title. Presumably clicks are more valuable than just views - so does a couple of clicks a month provide fair support?

Verisign warns new dot-word domains could make internet unstable

PaulVD
Big Brother

Context: the law is an ass

The point is that this is a regular filing to the Securities and Exchange Commission, as part of which the company has to discuss any material risks to its business. These boilerplate filings are written by corporate lawyers, and their purpose is to ensure that no matter what happens "we warned you of that risk, so you (investor) can't sue us."

This does not mean that anyone technically competent at Verisign actually expects a problem, just that the lawyers get paid for imagining possible problems.

Microsoft cracks personalisation without prying

PaulVD

Firefox does it better

I set Firefox to accept all cookies - no questions asked - and then to discard them all automatically at the end of the session regardless of their expiration instructions. Voila, no tracking, except for sites which I am comfortable adding to my whitelist (such as theregister.co.uk, of course).

IE's cookie handling is intrusive and complex; if I reject cookies for a site, it may not work during the session, and if I accept cookies then they are retained unless I hunt them down manually afterwards. Bloom cookies seem designed to reduce the impact of this poor UI design; not a good approach for the user, although it may suit MS's commercial interests.

Files aren’t property, says US government

PaulVD

@moiety

Then keep them on your own computer.

Ten netbooks

PaulVD

Re: Windows is not the enemy of netbooks

An afterthought: in case of theft, my netbook's hard drive is completely encrypted using TrueCrypt. So everything, including the operating system files, has to be decrypted on the fly, which is a tax that I don't impose on my desktop machines. Even with that overhead, the netbook's performance is perfectly adequate.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020