* Posts by as2003

220 publicly visible posts • joined 19 Aug 2010


Travis CI complains of 'significant abuse' of its free deal, creates new pricing that has developers riled


Maybe say "thanks" for years of a free service instead of "assholes!" for taking it away?

This kind of entitlement reminds me of the people who angrily complain about bugs in FOSS assembled by volunteers.

QNAP NAS user? You'd better check your hosts file for mystery anti-antivirus entries


Re: "redirecting google to bing"

Redirecting google to bing (or duckduckgo) may have worked a long long time ago, but it won't work now, for a variety of reasons. HSTS, invalid SSL certificates, unrecognised Host headers for example.

Huawei pens open letter to UK Parliament: Spying? Nope, we've done nothing wrong


Re: Imaginary conspiracy?

It may just be a handy excuse for what essentially amounts to economic sanctions, but it certainly has a whiff of hypocrisy. Does no one remember the NSA was slipping chips into Cisco gear, destined for foreign shores, not so long ago (and probably still does)?


Re: Don't confuse politics with engineering

How do you stop (or even detect) someone hiding a secret co-processor on the main CPU die?


If at first, second, third... fourth time you don't succeed, you're Apple: Another appeal lost in $440m net patent war


> USPTO signaled that it was going to shake up its rules and make it much more likely that it will approve more software patents

No no no no no no no. We're in this godawful mess because of the lax verification of software patents. This is only going to benefit lawyers and patent trolls, to the detriment of almost everybody else on the planet.

nbn™ CEO didn't mean to offend gamers, just brand them unwelcome bandwidth-hogs


Wasn't the network supposed to somewhat future-proof? And it's fallen over before it's even out of the gates? It's not even present-proof.

Besides the fact that gaming uses a fraction of the bandwidth that video streaming uses. Some games require less bandwidth than even audio streaming. Hilariously, this is even published on the NBN Co's very own website

Softbank's 'Pepper' robot is a security joke


Softbank have had over a year to fix things since IOActive revealed a bunch of problems back in Jan 2017.

Speaking of which:

> The researchers [...] decided that while there have been various one-off stunt-hacks of the robot, they weren't aware of any systematic assessment of Pepper's security

So they weren't aware of IOActive's work, and they don't seem to have made any attempt at responsible disclosure?

Good news: It's still legal for Apple to keep its MacBook, iPhone batteries from melting


Does the Patent Office have no obligation to check the patents it issues are valid?

Seems they'll just had out a patent to anyone with a check book, and let the courts pick up the pieces.

They are doing everyone a disservice if that is the case.

Cisco cancels all YouTube ads, then conceals cancellation


So, Cisco thought they'd try to capitalise on the recent YouTube hate bandwagon, and then either realised that's targeting the wrong demographic or, more likely, Google had stern word with them and coerced them into referring to Google by name?

Password re-use is dangerous, right? So what about stopping it with password-sharing?


No thanks

Privacy concerns aside, I doubt any of the big players will be bothered to implement this.

Besides, the average Joe typically stores their passwords in their browser of choice. This would be a much better place to detect and warn about password reuse.

France building encrypted messaging app for politicians


Liberty*, Equality*, Fraternity*

* for those in charge

Skype for Business has nasty habit of closing down… for business



4k screen resolution = 3840 x 2160 = 8,294,400 pixels,

2 x 4k screens = 16,588,800 pixels,

3 bytes per pixel = 49,766,400 bytes ≈ 50MB

How TF does that balloon to >4GB of memory usage?

I've always said Skype is a piece of garbage.

FYI: There's a cop tool called GrayKey that force unlocks iPhones. Let's hope it doesn't fall into the wrong hands!


I'm assuming Apple will get their hands on one of these devices, figure out what zero-day it is exploiting and issue a patch?

Transport for NSW scrambles to patch servers missing fixes released in 2007


I seem to have read a lot of articles that contain words to the effect of "IBM declined to accept responsibility, stating that...", but it's always IBM. Hmmmm.

I wonder if any redundancies have been made in the sales and legal departments. I doubt it.

Woe Canada: Rather than rise from the ashes, IBM-built C$1bn Phoenix payroll system is going down in flames


Re: The History Goes Back Further Than That

> The Auditor General however noted that the government of Queensland had pulled the plug much sooner

The project which was originally projected to cost A$6m was canned after the costs had ballooned to A$1.2b (yes, billion), and thousands of health workers had been paid incorrectly, the after-effects of which are still being felt years later.

It was a monumental disaster in every regard, and if that timeline is what classifies as "much sooner", god have mercy on Canadian souls.

Blackbird shot down, patent nuked by judge in Cloudflare legal battle


When is someone going to sue the patent office for issuing bullshit patents in the first place?

New strife for Strava: Location privacy feature can be made transparent


It's not the first time it's been said

Realistically, the only thing randomising the privacy bubble's width will prevent is security researchers writing blog posts.

Bike thieves tend to be more into bolt cutters and opportunity than statistical analysis, APIs and geometry.

If you value you your privacy, just set the entire ride to private, or just don't publish your GPS recordings at all.

Ubuntu reverting to Xorg in Bionic Beaver


Just to be clear...

This is not a change in direction. They are only reverting for 18.04 LTS, specifically because it is an 'LTS' release. 18.10 and onwards will be Wayland.

Like it or not, Wayland is the future, and a number of distros have already made the leap.

Electric cars to create new peak hour when they all need a charge


Re: EVs simply pay more for electricity

> I can drive 370,000 miles on the difference in price...

Indeed, but you're forgetting that the two cars retain some of their value and you can eventually sell them. You still make a valid point though.


Re: I've been pointing this out for years.

How long have you been yelling at the pro-Eastenders set for simultaneously putting the kettle on after an episode?


Re: Off peak?

Isn't that already the case?

Here's an idea: abolish "peak" hours and have cost inversely proportional to line frequency.

Then you can set your fridges and car chargers to pause when the frequency drops below 60 Hz or 50 Hz. In fact, you could do that without the pricing changes.

While you're preparing to carve Thanksgiving turkey, the FCC will be slicing into net neutrality


Re: Hmmm. Wonder about --

They wouldn't know what you were doing over your VPN, but obviously you'd only be allowed to use a VPN if you had subscribed to their "ExtremePro™" or "BizzPro™" packages, at a considerable premium.

Driverless cars will make more traffic, say transport boffins


Are they saying that because 'only' a third of people would consider sharing their car, congestion may increase? A third of people willing to share seems to be a lot higher than current rates of sharing.

And sure, people don't want to share their cars, but what if no one has cars because the self-driving fleets operated by the ubers of the future are so ubiquitous, convenient and cost effective?

Just going by the press release, it sounds like they are drawing some pretty wild conclusions that they have no right to be drawing.

Blame Canada? $5.7m IBM IT deal balloons to $185m thanks to 'an open bag of money'


Re: Hmmm ... I'm begging to sense a trend ...

So bad that the Queensland government implemented a ban on any new contracts with IBM

Sonos will deny updates to those who snub rewritten privacy terms


Re: Farewell Sonos

I was strongly considering taking the plunge last year. I'm very glad I didn't.

> It's not like if you don't accept it, we'd be shutting down your device

They say that, but I can guarantee you that in a year or so, their app will start saying something like "outdated firmware detected, please update your Sonos."

The future of Python: Concurrency devoured, Node.js next on menu



It's so you can load each page in a different tab and read them concurrently.

Dismayed by woeful AI chatbots, boffins hired real people – and went back to square one


> The abusive conversation lasted nearly three conversational sessions till (sic) the user realized it was humans.

What does it mean when a human fails to pass the Turing test?

Toyota, Intel, Ericsson team to get cars talking to the cloud


From a technical point of view it makes a lot of sense; a common framework will allow all sorts of beneficial features, like instantly sharing the emergence of a new pothole with all other road users, (including the robot built to go fill them). My car can tell your car that my front left tyre just burst and I'm about to veer into your path, all within a few nanoseconds of the type bursting. It could also be used to more safely organise car drafting each other for better fuel efficiency.

I wonder if Ericsson will be pushing Erlang.

Facebook COO Sheryl Sandberg: Crypto ban won't help trap terrorists


If only we could put this much effort into fighting things that actually pose a threat.

Heart disease, dementia, global warming, etc.

China's 'future-proof' crypto: We talk to firm behind crazy quantum key distribution network


Re: Just curious...

No, not possible.

How does your decryption algorithm know how many attempts I've made? I'm restoring from a backup every time I get it wrong.

Besides, your decryption algorithm is public knowledge (because no one in their right mind is going to use it unless it's been peer reviewed and is well understood), so I'm currently writing a program to do the decryption and just skip the bit about deleting (or 'scrambling') the message when I get the password wrong.

Fake Newspaper steals Reg design to spruik storage upstart


Re: Eh, give them a break

I'm not a lawyer, but I'm pretty sure this would be covered by fair use, especially considering how much the original design has been altered, so I don't think you can call it stealing.

As I said, I really don't think it's worth getting riled up about.


Eh, give them a break

I can't even find it on their website so its clearly not a core design element, just a quick bit of throwaway design. Besides, the value of the reg is in it's content, not its design.

And who is stealing design from whom? The 'red masthead' style of tabloid existed long before El Reg ever did. It's even been stated by Reg staffers that the design intentionally apes the British tabloid.

Just take it as a compliment.

In after-hours trade on Monday, NYSE deployed test code to production


Maths is hard

In what universe does 123.456 get rounded to 123.47?

Researchers blind autonomous cars by tricking LIDAR


It's important to do research like this, but I feel they may be overstating the seriousness of this attack.

An autonomous car is going to rely on more than the reading from a single LIDAR; It's going to be combining readings from multiple ultrasound sensors, multiple optical cameras, radar, wheel position and speed sensors, etc, etc, etc.

This attack seems less of a threat to human safety than just shining a laser pen into the eyes of a more traditional meat-based driver.

Virtual reality audiences stare straight ahead 75% of the time


Why though?

Why is it so important to encourage people to look around? If I'm sat on a sofa, the last thing I want to do is have to look at something directly behind me.

You know what they want you to see back there? Justification for this latest boondoggle.

You're all too skeptical of super-duper self-driving cars, apparently


Re: I'm in charge of me

You set an impossibly high bar. Automated cars will never be 100% error free.

There are 35,000 road deaths in America every year. If automated cars could even halve that number would it not be wise to mandate the use of automated cars? How many human lives is driving autonomy worth?

Raspberry Pi sours thanks to mining malware


Re: I just hooked it to the DMZ, and it's fine...

The joke's on the hackers: it turns out that all the vulnerable Pis were actually honeypots run by security researchers.

Phiendish phisher gets phive years in phederal for $2m phlights phraud


"cyber hacker" - the worst kind of hacker

Shock horror: US military sticks jump leads on human brains to teach them a lesson


Calling it early

Strong contender for headline of the year.

Ewe, get a womb! Docs grow baby lambs in shrink-wrap plastic bags


I can't help looking at that sack and think of The Matrix.

Colliders, containers, dark matter: The CERN atom smasher's careful cloud revolution


Re: in the control center photo

I've found that photo being used in articles from as early as 2010, with the photo possibly taken on 2009-10-23. Which incidentally is 6 months after mainstream support for XP ended, but about 5 years before extended support ended.

Microsoft's new hardware: eight x86 cores, 40 GPU cores


> 40 (yes forty) GPU cores

How does that compare to an Nvidia graphics card that has thousands of 'CUDA' cores?

Banking group denied access to iPhones' NFC chips for alt.Apple.Pay


If the decision (and subsequent appeal) had gone against them, I wonder if Apple would have just ceased iPhone sales in Australia rather than re-architect their security model and hardware. It looks like very roughly 3% of iPhone sales happen in Australia.

How to leak data from an air-gapped PC – using, er, a humble scanner


Re: Is this some James Bond-esque fantasy ?

I'm hoping this article is a satirical look at the recent surge of papers being published on rather ridiculous out-of-band attack vectors.

"researchers have shown they can exfiltrate data by blinking an HDD led."

"researchers have shown they can exfiltrate data by vibrating a cd rom in a certain way"

"researchers have found they can exfiltrate data via ultrasound, assuming speakers are attached"

All of which assume they've compromised the computer in the first place, and are close enough to pick up vibrations and sounds from it. Thus making it all a bit redundant.

Let's replace Ethernet with infrared light bouncing off mirrors!


All the three-letter-agencies rubbing their hands in glee. Looking forward to the day they can float a few motes of dust into the beam-path and eavesdrop on the comms with some binoculars.

AT&T ready to trial latest attempt at pumping internet over power lines


I'm imagining comically enormous powerline adaptors plugged in at either end

This bot shorts stocks when Trump tweets (don't fret, the profit is used for good)


Animal cruelty?

If you're going to donate your profits to charity, wouldn't the ACLU be a much more appropriate recipient of said funds?

Ham-fisted: Chap's radio app killed remotely after posting bad review


I doubt it. This is a truly terrible way of responding to criticism, and I think most companies are smart enough to realise the negative PR would cost them far more.

Ye Bug List


I don't know is this is a recent configuration mistake, or it's always been like this, but HTTPS isn't available across the site; even login is posted across an insecure connection.

No excuse to not be mandating HTTPS in this day and age,

Netflix flattens bug that allowed account p0wnage via voicemail



Seems to me carriers not adequately protecting users' voicemail is the bigger problem here.