* Posts by DanDanDan

218 publicly visible posts • joined 17 Aug 2010


US govt talks up $2B X-ray photobooth to check its nuke weapon sims are right


Get rid of all nuclear weapons and kickstart World War 3? No thank you. 20 years separated WW1 and WW3. By the same timeline we'd be on WW5 by now without the invention of nuclear weapons and the game theoretic solution of them (Mutually Assured Destruction).

Arm co-founder: Britain's chip strat 'couldn’t be any worse'



I read elsewhere that it is no longer under the remit of the DCMS, but now under the newly formed "Department for Science, Innovation and Technology (DSIT)". Quite bizarre that it ever fell under the same department as sport in the first place, but at least it's been promoted to a sensible department now.

Linux remote root bug menace: Make sure your servers, PCs, gizmos, Android kit are patched


Re: So....all normal then?

Um... You neglected to mention all those routers that are running some version of embedded linux! That's a far bigger target, a far more important vulnerability, and a far more serious issue than some nerds' home DNS server.

Ransomware scum offer free decryption if you infect two mates


It's a bit late, but thank you very much for this. Worth keeping in mind just in case a relative contacts me. I'd be a bit worried what else I might dredge up from the deleted nether regions of their hard drive, but...


Do you mind sharing how you recovered 97%? I'm just curious because these things are usually all or nothing.

Top cop: Strap Wi-Fi jammers to teen web crims as punishment


Re: I wonder...

Assuming 2.4 GHz, for Aluminium, you're looking at 1.7 um as the skin depth. Generally a good idea to over-engineer, so 10 times the skin effect should attenuate the signal sufficiently. 17 um of Aluminium. The thinnest grade of aluminium is about 6 um which would probably work, but grab some heavy duty stuff and you're laughing. Or just use multiple wraps. In summary, yes, aluminium foil would work just fine.

Fedora 25: You've got that Wayland feelin', oh, that Wayland feelin'


Re: Try MATE if you can't stand GNOME 3

Multiple desktops work fine for me in Gnome 3. I must say I never saw the issue with Gnome 3, but then again, I wasn't an early adopter. I think I waited until 3.2 was released before I gave it a go. I found Unity just too big a paradigm shift to be useful. Things weren't where they should be.

My main gripe with Gnome 3 is that when you're in a folder and start typing the file name, instead of just selecting that file so you can do something with it (like move it to another folder), it opens up a "find file" search and starts spitting out other files with the same name from nested folders. Infuriating to say the least. Other than that though, it's fine.

Gone in 70 seconds: Holding Enter key can smash through defense


Re: Not the whole story:

Quite. This article is severely lacking in several key details.

"With access to the shell, an attacker could then decrypt Linux machines". The implications are that this decryption would be easy. The reality is that you'd have access to a root shell, with an encrypted hard disk. How useful this is depends on the specific environment, but at least for me personally: as long as the "hackers" can't access any of my personal info on my hard drive, this is no worse than them bringing their own laptop and plugging it into the right sockets (with the MAC address of the network card spoofed). If the network is hardened correctly, then it's No Big Deal.

Gaining access to an environment where you can't actually see or do anything is arguably not really useful at all.

Kids today are so stupid they fall for security scams more often than greybeards


Re: Wonder if they are any better at butchering stats?

Not to mention the discussion about how the study was done (people who have been scammed may be more likely to take part in the survey), the percentage of people of different age groups who regularly use the internet/dodgy websites on the internet (if millennials spend more time on the internet or torrenting, they're much more likely to be scammed). Altogether if the variables that were controlled for are not spelt out, the underlying data is less than useless. Not to mention the clickbait title.

"The proliferation of tech support scams on torrent sites could suggest millennials are more likely to encounter the ruses, though this is not mentioned in the report." - This report is attention grabbing nonsense to make the older generation feel good about themselves.

Pair programming – you'll never guess what happens next!


> boiling with so many "why the hell did you do that?" questions ... its simply unworkable for experienced programmers.

If your code is not understandable (or not commented), then it's not maintainable. I can see how pair programming would lead to more maintainable and hence bug-free code.

Tesla autopilot driver 'was speeding' moments before death – prelim report


Re: Dangerous attempts to fix stupid?

I think he must have been the first car there, otherwise the other cars in front would have been visible.

Unless the car in front slowed down and the Tesla switched lanes to pass it. That would also make sense. The car in front would block the rear of the truck a bit, and by the time the Tesla was in the outer lane, it might be difficult to see the truck because it's white on a white background.


Re: Not an AI

Agreed. I think "Nearly hit in the side door" means that it nearly hit the door, but instead hit the wheel arch. You'd need some sort of linguistics/anthropology degree or something to properly grok the syntax and sentence structure.

LIGO team may have found dark matter


Re: Sample size?

A plausibly plausible plausibility argument?


Re: Sample size?

It's an argument that something is plausible, not the argument which is plausible. There's a subtle difference.

Bloaty banking app? There's a good chance it was written in Britain


Re: Warm Braw

So this whole article is an advert? Great!

Microsoft joins Eclipse Foundation. Odd thing for a competitor to do


Embrace, Extend, Extinguish

Microsoft back to its old tricks I see! It is indeed a trap! My Pingu sense is tingling!

Surprise! That blood-pressure app doesn't measure blood pressure



Was sure this was going to 404!

Google robo-car backs into bendy-bus in California


Re: Bus vs. meat bag

Highway Code Rule 223

Buses, coaches and trams. Give priority to these vehicles when you can do so safely, especially when they signal to pull away from stops. Look out for people getting off a bus or tram and crossing the road.

The reason buses assume they have right of way is that they do. Other road users should always give priority (i.e. cede right-of-way) to buses coaches and trams. People really shouldn't be driving without knowing this!

What we all really need is an SD card for our cars. Thanks, SanDisk


Re: New sticky labels bought - need to find use for them

I think people are missing the point here. The aim of these SD cards isn't solely to play music from or store SatNav maps. It's also for Driver Assist Technology and data event recorders (i.e. crash information that manufacturers use to identify the causes of accidents, etc.)

These need to be robust, with proven long-lifetime, all the necessary additional automotive tests, suitable for low and high temperatures (so that they can survive said crash), withstand bumps and bashes (you don't want its connectors coming loose just as the car slips off the side of the road. These aren't aimed at consumers, but manufacturers. Automotive grade electronics equipment has a whole suit of additional tests. You can't pop any old diode into a power charging circuit these days, so why do so many people here think manufacturers will be content to use any old SD card?

OpenSSL fixes bug, gets dissed by German gov: That's so random ... not


Yup! I know that in certain applications (router firmware designers, I'm looking at you!) they used C's "rand()" function. During WPA2 auth (WPS in particular), a string of "random" characters is sent in the clear, followed by the "encrypted", sensitive data used for authentication. The rand() function can therefore be brute forced if you know roughly what the seed values will be (especially easy if srand(time(NULL)) is used.

People never seem to learn!

GCHQ’s Xmas puzzle proves uncrackable


Re: QR code?

"I'm pretty sure that finding a viable QR code in a picture is somewhat harder than encoding the information which is just a bit pattern, albeit a complex one."

There's a website that explains how you can do it. You don't need to build a laser scanner or anything else physical. Just apply the mathematics and run through the operations. You might need an ascii table, depending on how good you are at subtracting 96.



Re: QR code?

Encoding is much harder than decoding though for a QR code. It *could* be done manually if you didn't have a smartphone or computer...

Little warning: Deleting the wrong files may brick your Linux PC


Re: Not on the HDD - NSA

> As with the Intel Management Engine, I am fairly certain that the UEFI also had input from the NSA.


GCHQ creates Github repo, offers graph database code


Re: This repo.. Citing a Lack of Positive Effective Direct Action Leadership ....

The sad history of evident 21st century media failures though is proof positive of an inherent systemic lack of providing creative constructive abilities to slave services and servant administrations which might be fully reliant upon them.

Uh... come again?

I survived a head-on crash with driverless cars – and dummies


As a motorcyclist, it irks me when cars slow down to wait for a red light to turn green. It means the traffic never stops, and makes filtering through the traffic much more dangerous (I never filter through moving traffic). Given I can accelerate off the line much faster than a car, it's a bit annoying to be held up by cars (like when you're in a car, stuck behind a big lorry or bus or tractor). I'm not saying it's not a good idea, just that it'll annoy me :)

Oh dear, Microsoft: UK.gov signs deal with LibreOffice


Each and every one of your points can be solved without Microsoft lock-in, and are issues with any software migration. The fact that MS make it so much harder to migrate than other solutions is the main reason I can see for making the transition ironically.

Macros are barely even compatible between Office versions, so I don't really see that as a strong point. I usually see macros being used by people who don't know how databases work to perform functions (using a lot more code) that a database could do in a jiffy.

Without you going into specifics of what addins you use, it's tricky to say much more.

Sharepoint has terrible lock-in and could be replaced by a number of collaborative software solutions.

DRM for secure govt documents? How would DRM help? Honestly.

I'd argue that Libre Office is ok for advanced users, who know what tool to use for which job, but really basic people users should probably stick to what they know and let the world overtake them with more powerful, scaleable, transferable, automatable, open solutions.

FATTIES have most SUCCESS with opposite SEX! Have some pies and SCORE



Even a cylinder is a cubic function where as BMI is a square so your argument is pretty much invalid.

The increase of a cylinder with respect to length is actually linear. Double the length of a cylinder and its volume doubles. If you double the radius only, then it's quadratic. If you increase its length and radius in proportion, then after dividing by the length (as you would to calculate BMI), then it's back to quadratic again.

Microsoft replaces Windows 10 patch update, isn't saying why


"It skipped version numbers because of lazy 3rd party app developers in the time of Windows 95 / Windows 98 who coded applications to look for Windows 9*"

Ahhhhhh that makes more sense. I was under the impression it was to keep the alternating "Good OS" "Bad OS" that they've been working on since inception. And in order to release two Bad OS's, they needed to skip a good one.

Exploding Power Bars: EE couldn't even get the CE safety mark right


> all testing processes are a one time, and the fact "it could explode if used with a faulty lead" is true of any device, even jesus mobes.

Well I don't think that's quite factually accurate. I think the faulty lead could melt or set on fire. But just using a faulty cable should be protected against by the charging circuitry to prevent an explosion of the device.

Want Edward Snowden pardoned? You're in the minority, say pollsters


Re: Let's just say

Employment status:-

Employ: Private Sector 668 32%

Employ: Government 151 7%

Employ: Self-Employed 154 7%

Employ: Homemaker 236 11%

Employ: Student 68 3%

Employ: Retired 481 23%

Employ: Unemployed 166 8%

Employ: Other 140 7%

N 2064

Wait, what? TrueCrypt 'decrypted' by FBI to nail doc-stealing sysadmin


Encrypted copy of the encryption key? What key do you encrypt it with?

It's encryption keys all the way down.

UK.gov makes total pig's ear of attempt to legalise home CD ripping


Re: On the spot fines, trial run on trains!

Open ear headphones generally sound better and have better soundstaging. The cheap s***e sold by Apple doesn't live up to this, but that's no reason to ban good headphones just because some people are arseholes!

Police, firefighters, ambulances, hospitals: 20 per cent still rely on Win Server 2003


Great original reporting El Reg... unfortunately, I'm not surprised!

Buh bye fakers? Amazon tweaks customer product reviews system


They do this already. The problem is that the "supplier" review is too difficult to find, so people leave the review next to the product. Then when a better supplier comes along and sells the good product, no-one buys it because of the stupid people.

Then people complain about the supplier review next to the product and so the review gets removed and then people come onto the reg forums and moan about it like they're not the idiots. Ugh!

Vicious vandals violate voluminous Versailles vagina


Re: Correction.

Should HAVE!

First clue that your post would be clueless.

Amazon turns up spectacularly late to 'transparency' party, pours a large one


Re: No need

Ah... audits. Say no more! Those who can, do. Those who can't audit/train.


Re: No need

> Or slightly later when I asked my guys to recompile sendmail to mask the version number.

Ahh security by obscurity... no wonder you're posting as AC

OPEN WIDE: Microsoft Live Writer authoring tool going open source


Re: What licence?

So you go straight to 'Trap' without waiting to see what occurs rather than actually looking at the direction Microsoft do seem to be taking now-a-days?

Implying that Microsoft has a direction now-a-days. roflcopter

Facebook: Your code sucks, and we don't even have to run it to tell


Re: 1% Finished?

That's kinda the point of Open Source. We all (developers) need a good tool to check our code, so let's *all* work together on it to share the resource investment so we can *all* benefit. I like it. What's your criticism? They've done 1%, now all we need is another 99 companies to come along and work on it and it'll be done. I don't think that's unfair.

Don't panic. Stupid smart meters are still 50 years away


Why? Because it's super expensive for the perceived "convenience". No-one wants them and no-one needs them.

Women are fleeing from the digital sector, reckons UK.gov report


Another skill? It's just like a standard UML diagram; they both have arrows you know. Oh and, uh, yeah... can you consistently hit treble 20 in less than a week's time, only I promised the customer you'd have it ready for a product launch demo on Friday?

Obama issues HTTPS-only order to US Federal sysadmins


Re: Why?

>"checking the requirements for various items (passport application, driving license application, various benefits and tax breaks) would benefit more from a simple page, and a local cache than they would from encryption..."

So I know you're going on holiday soon so I can plan who and when to burgle. I know you'll be getting a new car in the not-so-distant future, so I can advertise accordingly. And I know what tax breaks you're looking into, so I know how many dependents you have and also have a reasonable handle on how much you earn.

In addition, I can splice your internet connection, adjust the content being delivered to you and give you advice that strongly encourages the use of my (paid-for) services.

There's almost no downside (HTTPS is easy as pie to set up these days and computers have long-since gotten past the point where you'll notice a performance hit). I don't see what your argument here is based on.

Facebook flings PGP-encrypted email at world+dog. Don't lose your private key


>""Do you understand asymmetric crypto at all?"

>Do you understand that Facebook are in the pockets of NSA and GCHQ?"

So that's a "no" then.


> Mark my words, if they got a letter through the door or a tap on the shoulder to show what you are writing to your friend via encrypted means, then they will decrypt that message faster than you could poke good ol' Zuck

Do you understand asymmetric crypto at all?

Thousands of 'lost data' reports mean we should ARM the ICO, says infosec bod


Re: Anyone else see the gaping hole?

> ViaSat sells encryption technology so it has a commercial interest in trying to drive demand


Creationist: The Flintstones was an accurate portrayal of Dino-human coexistence


Re: Got any more from this loon?

> Oh but his proof will be that someone wrote a book about it.

> And further proof will be found in that famous documentary 'The Land that TIme Forgot'

I saw a documentary about this once, set in the Stone Age, it concerned humans living in a town called BedRock.


Re: "Seriously? You think people who disagree with you should be murdered?"

Quiet down Big Nose!

SNAFU: Blighty's judges not trustworthy, says their own website


Re: Expired cert does not mean in the clear

"A spokesman from the Judicial Office told El Reg that people wanting to access their site should do so by clicking past the security warning."

Good grief!

"... just because a certificate has expired does NOT mean that the communications are no longer encrypted"

No, but it may as well. If I can't be sure who gave me the info, or who I'm giving it to, it hardly matters that it's encrypted at all!

VOTERS! This Election: Vote #Smart, Vote #Digital


How do we stop the loons...

... who think banning encryption has even a morsel of sense?

Finally, Mozilla looks at moving away from 'insecure' HTTP. Maybe


Re: If I'm not sending private details..

You clearly don't know wtf you're talking about. Maybe google will help.