* Posts by TJ1

152 publicly visible posts • joined 16 Jun 2011


Musk's latest X-periments: No more headlines, old posts vanish, block gets banned



I don't use the thing but as described in the article this sounds like information generally used by accessibility support tools such as screen readers will be lost - is that the case? In many jurisdictions there is a legal requirement to ensure equal access to services for those with accessibility needs.

Moscow makes a mess on the Moon as Luna 25 probe misses orbit, lands with a thud



Reading this I thought that it puts India ahead of Russia in space capability. Naturally that led to re-ordering Russia's importance in the world:


Note: not sure how Brazil got to be first but it must be something to do with Carnaval

After fears that Europe's space scope was toast, its first images look mighty fine


Spot the gap!

ESA publishes some really good high resolution photographs of the STM (Structural and Thermal Model) and in some of them it is possible to see there is a platform that the tubular sunscreen connects to, then a gap, then below it the instruments (this organisation can be seen in some sketch/CAD diagrams of the instruments found elsewhere).

The gap between instruments and platform appears to be covered with flaps of gold foil which in some photographs are unclipped and others partially clipped. It looks likely that when the telescope is oriented such that the solar panels aren't aimed perpendicular to the sun, light can pass the edge of panels and is supposed to be reflected away by the tube and these foil flaps. It is possible that one or more foil flaps isn't correctly overlapping - that would explain why light pollution only occurs at specific angles to the sun.

See this and its list of "Related" images:


Oracle pours fuel all over Red Hat source code drama


The way the rest of of us do - by the statements made by the originators of the license(s) and what has become "custom and practice" for publishers (developers/programmers) that choose those licenses.

Rocky Linux claims to have found 'path forward' from CentOS source purge


Most is GPL 2.0

linux$ grep --exclude-dir=.git -rn '^// SPDX' | cut -f 3 -d \ | tr -d \(\) | sort | uniq --count | sort -rn

11993 GPL-2.0

9562 GPL-2.0-only

5926 GPL-2.0-or-later

3322 GPL-2.0+

511 BSD-3-Clause

309 MIT

273 ISC

120 LGPL-2.1

50 BSD-3-Clause-Clear

29 GPL-1.0+

13 LGPL-2.1+

13 Apache-2.0

7 Zlib

4 LGPL-2.1-or-later


3 BSD-2-Clause

2 LGPL-2.0+

Lawyers who cited fake cases hallucinated by ChatGPT must pay


Re: One word


When it comes to Linux distros, one person's molehill is another's mountain


Snaps and the fin' FOSS....

... stands for Freedom.

No matter how much freedom of choice you give, someone will always want more. Don't give them that freedom and they'll happily just get on with what they're given (e.g: Apple, Microsoft).

Tinkering with the desktop stuff always strikes me as rearranging the deck-chairs on the Titanic whilst it's sinking :)

Snap is there to allow software publishers to push out frequent changes to their software including more recent library dependencies than are in the 6-monthly Ubuntu releases, and to avoid having to learn Debian style packaging or deal with the discipline of getting their project accepted into Debian (Ubuntu's upstream) so that it flows into Ubuntu.

Some of the issues with snaps and specifically Ubuntu:

0. Critical vulnerabilities in core libraries are fixed once in the apt world and managed by a distro-wide team of maintainers. In Ubuntu there is a dedicated paid security team; in the snap world if multiple snaps embed their own versions of the affected library firstly you may not know, secondly you're reliant on swift and correct fixes and publishing of updates, and thirdly the 'team' responsible for doing those things may only be a single person publishing in their free time.

1. Core packages moving from apt repository to snap, making life difficult if one choses to remove snapd (affects -server (e.g. lxd) as well as -desktop (e.g. gnome))

2. Delivery system (snap store) is closed source. Unable to set up alternatives, or local 'stores', as is possible with apt repositories

3. Canonical controls the delivery mechanism and acts as gatekeeper

3. Mixing of open and closed source packages in the same repository (no pockets so one can easily avoid closed-source for example)

4. Lots of manual work required to obtain source code of open-source packages (see https://merlijn.sebrechts.be/blog/2020-08-17-verify-snap/ ) in contrast to: "apt-get source $package"

5. No easy way to replicate the build environment of a snap and do reproducible builds, in contrast to "apt-get build-dep $package; apt-get source $package; cd $package-$version; fakeroot debian/rules binary"

6. Reporting of bugs is not centralised via bugs.launchpad.net as it is with all Ubuntu apt packages (which also includes all package version build histories, build logs, changelogs, and source repositories)

7. Variable or lack of (professional) support. Ubuntu Advantage / Pro paid support packages do not cover snaps in the same way as they cover the apt repositories. Pro covers 2,300 packages in the Ubuntu Main repo, plus an additional 23,000+ packages in the Ubuntu Universe repository for 10 years. ( https://ubuntu.com/pro )

Autonomy's Mike Lynch loses battle against extradition to the US on fraud charges


Caveat Emptor (Buyer Beware) ?

The whole episode doesn't look good for either side. Some facts that often don't get stated make the current status more understandable.

Although originally a UK company (Autonomy Corporation PLC) it listed its shared on the US NASDAQ exchange so financial oversight was a US concern as well.

Evidence from the various trials and audit reports appears to show that HP C-level and directors curtailed or ignored due diligence reports and advice from their own financial people regarding value

HP offered a 79% premium on the share price when it made its offer in August 2011 (share price ~ US$23.50, offer US$42.11)

In October 2011 HP bought 87.3% of the shares (~242,222,749) for US$10.2 billion (giving the balance sheet valuation of ~US$11.7 billion)

If HP hadn't offered and paid the premium then the value of the company at time of offer was ~US$6.5 billion

HP C-level and directors must have decided that paying 79% premium was worth it based on projected revenues.

Evidence seems to show that methods, information and supporting data for recognising sales, and projected revenues ,was manipulated within Autonomy senior leadership.

Auditors for Autonomy signed off on the accounts that incorporated the disputed methods and information.

Starlink opens final frontier for radio astronomers


Ironic naming

So Go-Low will be ultra "high" whereas 'star'link has gone very low in Earth orbit.

The hunt for catchy names goes on :)

Rebel without a clause: ISP promises broadband with no contract


!no contract

Of course there is a contract - what there may not be is a commitment to a minimum length of contract, with the minimum being what you pay in advance for, which is usually a month. In this case the cancellation notice required is 30 days (section 18).


Boeing signs off design of anti-jamming tech that keeps satellites online


Re: How it works!

It replaces the Jam with Honey, so they use percussive honey instead.


How it works!

"Data protection is achieved by using a bit-cover process before frames are grouped into information blocks for encoding. The DVB-S2 short block code [4] is used as the primary forward-error-correction (FEC) mechanism. This provides a fixed 16,200 bit encoded block length based on a combination of LDPC and BCH techniques with resulting rates ranging from 0.19 to 0.88 and supporting approximately 10 dB of link SNR fluctuation for a given symbol rate and modulation.

Codeword data is grouped into symbols and multiplexed across many hops, where a hop is the duration of time a transmission stays at one frequency before “hopping” away to another frequency. The hops are then permuted in time. Together, these features provide increased resistance to transient jamming or interference."

Implementation and Testing of the Protected Tactical Waveform (PTW) Brian J. Wolf, Member, IEEE, and Jacob C. Huang

Linux kernel 6.2 promises multiple filesystem improvements


ZSYS due to be removed from Ubuntu installer

See "[FFe] Remove zsys from installer " https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1968150

Arrest warrant issued for Do Kwon – the man blamed for 'crypto winter'



Nothing more need be said.

AMD admits its Ryzen mobile naming scheme is a mess, promises to clean it up


AMD - ever heard of semantic versioning?

So we'd go from Ryzen v5.19 to v6.0 around now? :D

Japan's NTT claims it's built 1.2Tbit/s optical comms that sip power


Scpetical? No way! 1000km!?

I was expecting there to be a catch in all this since NTT doesn't mention the ACTUAL distance record they broke, but after a bit of ducking (DDG) I find that the the distance record for 800Gbps was 970km in September 2020 [0] and that has probably been surpassed since, so this new technology from NTT is definitely a significant advance - especially as it seems to be out of the R&D stage and looking for scaling into production.

[0] https://opticalconnectionsnews.com/2020/09/ciena-breaks-800g-distance-record/

Oh no, that James Webb Space Telescope snap might actually contain malware


Re: Aliens

Who needs UFOs when you can hitch a ride on a JWST image from just after the Big Bang (or should that be the Insipid Flatulence -IFO )?

US Army drone crashes hours ahead of breaking flight duration record


That's FSD for you!

Who decided to pay the $10,000 extra for the Tesla full-self-driving (FSD) option AND allowed an over-the-air, in-the-air, upgrade!?

Google shuts off IoT Core services shortly after announcing API stability commitments


Another successful outcome...

... for Google.

With each passing product it becomes ever more abundantly clear that the only purpose of those products and services is to Vacuum up data about people, things, places, and the relationships between them, to feed the Google advertising engine.

Once they've wrung the good stuff out of a product or service they cancel it - it was never about providing service to a user (or possibly - gasp - even a customer!)

Dinobabies latest: IBM settles with widow of exec who killed himself after layoff


Lawyers decide

I suspect the lawyers make the decision, not the complainant.

If the case is taken on a contingent basis with no-win,no-fee then the lawyers get to decide. I doubt the complainant is paying the lawyers out-of-pocket for this.

Upgrading what might be the world's oldest running Linux install


Re: LVM over RAID over LVM

If this OS install has grown over time with in-place incremental upgrades it makes a lot of sense. Logical Volume Management (LVM) has gained features over the years that probably were not available when LVM was first adopted.

Physical > LVM > RAID >LVM is probably due to LVM not supporting RAID modes originally so likely it is Multiple Device (MD) RAID - probably RAID-1 mirror.

My guess would be originally the install was on a single HDD. As more storage is required it is far easier to manage it flexibly via OS (e.g. LVM) services rather than hardware RAID. So, add in more physical HDD/SSD, "pvcreate ; vgextend" and then "lvextend" for those volumes needing more space.

So over time, without any major OS re-installation, using several physical HDD/SSDs, the host has a RAID mirror with OS and data volumes on top.

Nowadays LVM supports RAID modes natively (using the kernel Device Mapper (DM) MD RAID functionality under the hood) so the additional layer could be removed whilst the OS is operating without too much trouble (I've done this on multiple systems over the years). This is one of the delights of using LVM - being able to re-shape storage architecture quite fundamentally whilst the system is live (including more exotic options like adding iSCSI block devices as LVM PVs to create remote mirrors).

I've also done a similar live migration from 32-bit to 64-bit in-place (original 2007 install, host still in operation). Once the kernel is switched to 64-bit it supports both 32-bit and 64-bit user-space. At that point you can create a 64-bit chroot install with all the required packages followed by copying over configuration files package by package and switching the running service from the 32-bit to 64-bit in the chroot.

Eventually you've a 64-bit kernel with a base 32-bit core running all 64-bit services. At that point the boot configuration can be pointed at the 64-bit root file-system (a Logical Volume) and the system rebooted.

When doing this it helps to actually upgrade the 32-bit packages to the target OS version first so that the package upgrade scripts handle most of the per-package configuration file changes for you. If skipping several OS releases it's unlikely we could rely on that to correctly handle all changes and would have to manually check and review each package configuration. Once that's done the switch from 32-bit to 64-bit should be straight-forward.

NASA's CAPSTONE silence down to a software flaw


Re: Whats Happens If

That's due to those Turtles - there is no evidence that any Turtle ever wrote a software bug!

Arm's $66bn sale to Nvidia is off: Deal collapses after world's competition regulators raise concerns


making this the biggest *non*-deal in the semiconductor market

Corrections brought to you via ARM (Automatic Reframing of Meaning)

'Now' would be the right time to patch Ubuntu container hosts and ditch 21.04 thanks to heap buffer overflow bug


Not distro specific; Linux kernel before v5.16.2

Distros will be backporting the fix from mainline [0] and/or the v5.16.2 stable tree [1]

author Jamie Hill-Daniel <jamie@hill-daniel.co.uk> 2022-01-18 08:06:04 +0100

committer Linus Torvalds <torvalds@linux-foundation.org> 2022-01-18 09:23:19 +0200

vfs: fs_context: fix up param length parsing in legacy_parse_param The "PAGE_SIZE - 2 - size" calculation in legacy_parse_param() is an unsigned type so a large value of "size" results in a high positive value instead of a negative value as expected. Fix this by getting rid of the subtraction.

[0] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de29310e8aa03fcbdb41fc92c521756

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.16.2&id=8b1530a3772ae5b49c6d8d171fd3146bb947430f

JavaScript dev deliberately screws up own popular npm packages to make a point of some sort


Re: Quantity of Downloads vs Requires

Agreed about the numbers - but my primary point is the sheer complexity of verifying the combined effect of the sheer number of dependencies in most large applications, especially where there is a frequent commit cadence across the application and its dependencies.

Also, in respect to CI/CD those won't be doing a rebuild and test cycle on each commit or PR on all those dependencies - or randomising the test harness to reflect real-world client connections.

I can easily imagine one of the many dependencies introducing subtle, conditional, behavioural changes that don't do anything different when in a test environment but could trigger malicious payloads on very specific request parameters (IP address, referrer, user-agent, date/time, request parameters, etc.).


Widen the horizon - also affects live web, GoLang, Perl, Rust, etc.

I fully agree with sentiments regarding the typical Javascript eco-systems with regard to pulling in miscellaneous dependencies without review although I feel the language itself (sans strong typing) is as good or bad as any other, depending on the project requirements.

I get most upset by 'live' dependencies in web-sites to third party served code - the code being served can be trivially modified by the server based on the requesting user agent identity, IP address, and other heuristics, to deliver a highly targeted malicious payload that the web-site/application developers could never trigger.

For $deity's sake copy and serve the verified code/resource to your own server on the same domain as the primary resource!

However, a similar dependency eco-system exists with Rust crates and GoLang imports.

I was quite interested in certain GoLang projects until I dug deeper and two things stood out in particular to me and my requirements:

1. On Linux, code making syscalls needed (at the time I reviewed it - may have changed) to run a C-language co-process to call into the kernel. This aspect introduced some 'interesting' complexities and rather spoiled some of the GoLang promise (and performance - learned via 'crun' - the C-language alternative to 'runc').

2. In typical projects the source-code has an alarming number of "import "github/user/project" which relate to external dependencies fetched using "go get ..." so these external dependencies (and the graph of dependencies in a typical application-level project) have a similar security/review cycle issue.

Similar issue for point 2 in Rust Crates. Each Cargo.toml may well include lines of the form "some_external_library = { git = "https://github.com/SomeRandomAccount/SomeExternalLibrary" }"

Same applies to Perl with CPAN and others.

It seems to me there's a seesaw sliding-scale between Convenience and Trust and currently the scale is tipped too far in favour of Convenience.

Trust comes from reviewing the code - either yourself or your team, or by people you trust (typical web of trust). For example in Linux distributions we typically favour the package maintainers with implicit Trust when installed dependencies.

The problem, and challenge, for 'import the latest from $pseudo_random source' is the lack of a web of trust for each version/release/commit.


Quantity of Downloads vs Requires

Slight tangent, but related to a point that BinkyTheMagicPaperclip brings up previously: "Never, ever, blindly pull the latest version into your product without thorough testing"

"colors.js is incorporated into almost 19,000 other npm packages and gets 23 million downloads a week."

This scares/worries the systems engineer in me.

If on a WEEKLY basis 23,000,000 downloads (requires/imports) are being done across ~19,000 dependencies, and if a similar relationship holds for other critical dependencies, that seems to suggest a huge number of projects frequently iterating builds and deployments.

Bearing in mind this is a single package the security vulnerabilities of this practice seems stark across the Node.js ecosystem.

Nothing's working, and I've checked everything, so it must be YOUR fault


That's one heck of a long day out!

"One of our lot promptly did so within 5 years of the start..."

Aircraft can't land safely due to interference with upcoming 5G C-band broadband service

Black Helicopters

Re: no C Band 5G within 15 miles of an airport f

Apparently not that simple - helicopters frequently fly at or near the 500 foot minimum altitude and rely on ARNS altimeter to avoid CFIT (Controlled Flight Into Terrain).


Underlying Technical Details

It's important to understand that ARNS (Aeronautical Radio-Navigation Service) operates in the 4200 - 4400 MHz range for transmit and receive. The issue appears to be a combination of ARNS receivers being sensitive to (strong) signals outside the immediate band and the cellular base-station signal strength in 3700 - 4000 MHz.

Historically the band has been used for low-power services that do not suffer 'bleed' so ARNS receiver design especially didn't require tight band-pass filtering.

Frequency Allocations: [2] slide 7

3700-4000MHz Fixed Mobile

4000-4200MHz Fixed Satellite

4200-4400MHz Aeronautical Radio-Navigation

"It should be understood then that any interference that is unpredictable and that can mix with the linear FM waveform, thereby causing the radio altimeter to mistake the mixed signal as terrain has the potential to cause a radio altimeter to report a false altitude. "

[0] page 9 "1.1 Radio altimeter modulation and receiver sensitivity"

Affected Fleet:

"All FAA Part 135 helicopters are now required to have an operational radio altimeter

◦ Approx. 22,000 operational civil rotorcraft

◦ Some FAA Part 91 aircraft require altimeters for certain operations such as Cat II ILS, etc.

◦ Approx. 34,000 general aviation/private aircraft

◦ All large passenger aircraft

◦ Approx. 7000 US based civil aircraft

◦ Plus international carrier"

[1] slide 5 "Equipage and operation US National Example"

[0] ITU-R M.2059-0 "Operational and technical characteristics and protection criteria of radio

altimeters utilizing the band 4 200-4 400 MHz" https://www.itu.int/dms_pubrec/itu-r/rec/m/R-REC-M.2059-0-201402-I!!PDF-E.pdf

[1] "Radio Altimeter Interference" https://www.icao.int/NACC/Documents/Meetings/2018/RPG/RPGITUWRC2019-P08.pdf

[2] "FAA Radar Altimeter and Compatibility with 5G presentation" https://rotor.org/wp-content/uploads/2021/08/FAA-Presentation-RA-5G-Industry-Forum-July-2021.pdf

Expired cert breaks Windows 11 snipping tool, emoji panel, S Mode features, other stuff


Re: Good job MS hasn't heard of Let's Encrypt

It was a joke, but seeing as you missed that part, I never mentioned contacting letencrypt.org (shouldn't that be letSencrypt.org) but "phoning home" as almost all Microsoft software seems to do - to Microsoft.

If the signing certificate expired every 3 months and the system hadn't phoned home to Microsoft to fetch updates in that time things would get 'interesting'.

Scary that this appears to pre-suppose all Windows systems must be online regularly, and have to re-fetch signed applications even if the code hasn't changed (unless the signatures are detached and it can just fetch the new signature).

That could equate to a lot of bandwidth!


Good job MS hasn't heard of Let's Encrypt

Don't phone home for 3 months? Sorry, your applications will not start!

(not sure how much of a joke this actually is!)

Google's 'Be Evil' business transformation is complete: Time for the end game


Make it 52 parts...

... with UPPER and lower case - and possibly some 'punch'tuation too!

Here's a list of the flaws Russia, China, Iran and pals exploit most often, say Five Eyes infosec agencies


It's in the name!

So, if it has "Secure", "VPN", "net", "IP", or "Microsoft" in the name don't trust it !?

Privacy activist Max Schrems on Microsoft's EU data move: It won't keep the NSA away


Re: Remind me please

Being regularly pi^h^rained on ?

If your internet wobbled last weekend, you have Vodafone India to thank for it

Thumb Up

Sporting errors...

"...should have been using well-known techniques that stop this sport of error ..."

Irony of Typos :)

NASA's Mars helicopter spins up its blades ahead of hoped-for 12 April hover


Re: Fingers crossed

Someone warn Gatwick airport so they don't close due to 'reports' of UFOs!

After ten years, the Google vs Oracle API copyright mega-battle finally hit the Supreme Court – and we listened in

Thumb Up

And the winner is ... Fair-Use (Google)

Decision: https://www.supremecourt.gov/opinions/20pdf/18-956_d18f.pdf

‘Radiation upset’ confused computers, caused false alarm on International Space Station


Has somone been taking...

... the piss?

You wouldn’t know my new database, she goes to another school: Oracle boasts of earthshattering tech the outside world cannot see


Re: autonomous database definition

But is it level 5 autonomous fully self-driving or more like a possibly-level-2-but-take-your-eyes-off-and-it-crashes ?

I'd guess the latter!

Intel's SGX cloud-server security defeated by $30 chip, electrical shenanigans


OS updates often do apply microcode updates

At least on most security-conscious Linux distributions, microcode updates are applied early in the boot process; usually they're prepended to the initial ramdisk image (initrd.img) or equivalent and installed by the kernel, or earlier by GRUB with an additional "initrd /boot/microcode.cpio".

Debian and derivatives have packages intel-microcode and amd-microcode.

Post Office coughs £57.75m to settle wonky Horizon IT system case


Re: What was the ping fix?

This transcript of the trial [0] seems to show the Ping Fix was a correction to the Horizon system involving reconciling of Camelot/Lottery transactions which originally were not handled by Horizon - the Ping Fix is apparently the addition of functionality to Horizon that relies on data provided by Camelot but still didn't get it right:

"PG so lottery and paystation weren’t part of the original Horizon design and that introduced the pre-PING issue of mistakes between terminals and post-PING it introduced the issue of dodgy TAs and integrity of the datastream?

AB yes"

From that transcript it seems like originally the Camelot/Lottery transactions were reconciled almost manually at PO HQ and in doing so introduced lots of errors, and after the Ping Fix were/should have had Transaction Corrections (TCs) but those often did not receive Transaction Acknowledgements (TAs) or TCs and TAs were applied in error - the meaning of the acronyms is not spelt out there so I may have those wrong..

Sounds to me like the whole mess was due to transactions from branch A being mixed up with some other branch due to the poor system integration and reconciliation of transactions.

"AB confirms the situation of really important transaction data (as wrt to this last example) not appearing on Credence and ARQ logs (relied on in court by the Post Office to prosecute Subpostmasters) has not yet been corrected"

Overflow or signed integer ID field error anyone?

[0] https://threadreaderapp.com/thread/1107591068974047235.html

After four years, Rust-based Redox OS is nearly self-hosting

Thumb Up

Re: 3 seconds boot time?

Many times slow boot (or more accurately, time to reach "graphical.target") is due to waiting for the "network-online.target" which will only be reached on most laptops once the/a WiFi network is found and connected.

This is usually a side effect of configuring a Network Manager (WiFi) connection to be available to all system users which causes it to be brought up before desktop log-in is reached.

However, for the more general case systemd provides useful tools for identifying where boot-time delays occurred:

systemd-analyze critical-chain

systemd-analyze blame

By default these assume "--system" but with "--user" the user session start-up can be analysed separately.

"critical-chain" is the most useful when one service is delaying others, such as when waiting for a network connection to become available. The numbers show the @when and the +duration of each unit. E.g: on my laptop it takes +5.649s for the WiFi connection to be established:

graphical.target @11.614s

└─multi-user.target @11.614s

└─kerneloops.service @11.579s +34ms

└─network-online.target @11.570s

└─NetworkManager-wait-online.service @5.919s +5.649s

└─NetworkManager.service @5.419s +403ms

└─dbus.service @5.158s

└─basic.target @5.091s

(Bug alert: seems like ElReg's CODE and PRE tags do not preserve layout - the above should be indented and each line shouldn't be wrapped in P tags)

As always

man systemd-analyze

details many more useful reports and visualisations of the boot process and how to interpret the output.

Christmas in tatters for Nottinghamshire tots after mayor tells them Santa's too busy


"Lies to Children"

Should have told them about the Hogfather. Brings back warm memories of Discworld. Thanks PTerry.

Dammit Insight! You just had two big jobs to do on Mars and you're failing at one of those


When the Martians won't give you the finger...

... and that's all it needs on top of the HP³ to give gravity a boost.

You better get a wiggle on then: BT said to be mulling switching off UK's copper internets by 2027

Thumb Up

BT dig up copper before thieves do!

Reports suggest spending £30 billion - that is the ball-park of what most experts believe the cost of delivering Fibre To The Premises nationwide would likely be.

According to reports in 2014 when the Government was first consulting on switching off the analogue network, and later in 2018 when BT/Opereach began consulting about withdrawing the Wholesale Line Rental (PSTN) products in favour of VoIP [2]:

"Most of the telephone network is owned by BT, some 75 million miles of wire, worth between £2.5bn and £5bn according to a 2011 estimate by Investec bank"

There was disagreement by BT at the time over the original Investec estimate that the copper could be worth £50 billion so it isn't clear what the current value is but it looks like, if it can be extracted cheaply, it could fund part of the switch to a full fibre diet, err, network!

Let's not knock the target - if it transpires BT/Openreach does want to rapidly convert to a full-fibre network (finally) including rural areas - cheer them on, even if the reality is it cannot be delivered to an unrealistic timetable; once the ball is rolling it is going to gain momentum.

As someone on the end of 2km of (quality) copper with VDSL hovering around 10Mbs/0.9Mbps I for one welcome the fibre overlords!

Cali court backs ex-Apple engineer who says he invented Find My iPhone and Passbook


Re: Prior Art

The way I read it Apple are claiming there was prior art *from within Apple* to show that other employees had already done what Eastman is claiming he invented.

WTF is Boeing on? Not just customer databases lying around on the web. 787 jetliner code, too, security bugs and all


One Network to Rule Them All

And we can believe Boeing are 100% correct both in hope and via proofs and evidence because...?

... of how bug-free the Maneuvering Characteristics Augmentation System (MCAS) has been proved to be?

Train maker's coder goes loco, choo-choo-chooses to flee to China with top-secret code – allegedly


Device(s) cloned by immigration/customs at O'Hare?

According to the indictment:

"j. On or about November 18, 2015, defendant YAO travelled from China to O'Hare International Airport in Chicago, Illinois. At the time, he had in his possession over 3,000 unique electronic files containing Company A's proprietary and trade secret information, including nine complete copies of Company A's control system source code and the systems specifications that explained how the control system source code worked."

Unless Yao was arrested at O'Hare how is this known unless Yao's devices were cloned and the images later inspected ?

Or is this sleight-of-hand wording to imply Yao was carrying those documents through the airport? Note the indictment uses the term "in his possession" which isn't the same as "carrying" - potentially all this means is Yao is alleged to still have copies of those trade-secret documents after ceasing to be employed by Company A. It could be this wording is being used to satisfy the 'inter-state' requirement for bringing charges.

Amazon: Carbon emissions from our Australian bit barns aren't for public viewing


Profit Margins

I agree with others that this data should be published, but in terms of guessing what Amazon's reasoning is, I'd suspect it might have to do with revealing to its competitors what their energy cost is and therefore, indirectly, what their margins are. Energy is probably the largest ongoing operational expense for a data centre so small differences in efficiencies probably represent several % points of profit margin.