Posts by diodesign 3261 publicly visible posts • joined 21 Sep 2011
"Why is it that The Reg publish the tiniest grainy photos of products, when a full resolution copy exists?"
Because we sometimes forget to link to the full-res - and forget that you can't click on the main top image to expand it.
FWIW our articles - the content written by journalists - are input and edited as raw HTML in our publishing system, which then sticks stuff like the mast-head, headline, comments link, and so on, automatically when the article is published.
The top image of articles is automatically inserted: we can control the URL of the image, and whether one appears, but it's always non-clickable. If we want to make the main image clickable, we have to manually hide it from the top and embed it lower down in the piece.
In other words: if there's no link to a larger version of an image, someone forgot to put the anchor tag in. If the top image isn't clickable, and should be, someone forgot to move it down into the article.
Drop us an email to corrections@theregister.co.uk if you think we've screwed up so we can fix it immediately.
I've moved the top image down into the article and made it clickable.
C.
You need to be a black-belt in reoccurring inside jokes to work around here.
It's partly to annoy pedants, and partly a send-up of publications (including El Reg TBF) that accidentally mix up pictures of TV shows, airplanes, battleships, old computers, actors, etc, in headlines and images.
C.
I think it was more checking they were operational.
FWIW, ICANN has the ability to override protections and literally drill its way into accessing the KSK HSM but it's rather obvious if that were to happen.
The point being that IANA/ICANN staff can check security systems but there are tamper-proof protections and other layers to prevent actual access outside of a ceremony, unless you brute force your way in, which is, shall we say, detectable.
C.
It's fairly trivial facial recognition - it's the scale and the source of the training data that's causing people to kick off.
Here's how I'd do it. You take 3 billion pairs of images scraped from online profiles and URLs to those profiles. You train a convolutional neural network – or a series of networks – to map images to their source profiles. To make life easier, assign each profile an ID number. Thus a particular face will map to ID 1000, another to ID 1001, and so on.
So when you show it a face, it predicts what the correct profile ID should be. Thus if you show it an image it hasn't seen before, it will try to map it to the closest matching face and its profile ID. You then turn that ID number into a profile. You now have a suggested identity for that input face.
The neural network can output profile ID numbers with a confidence value, so a face could return ID 1001 90% confidence, ID 3000 70% confidence, ID 2000 10% confidence, etc. Just take the highest two or three.
Depending on the training and input data preparation, the training process and the network architecture, it'll be accurate or not very accurate.
As for the scraping: buy a lot of cloud instances and parallelize your curl fetches, crawling webpages, building a graph network.
C.
PS: Cache a copy of the page per URL so that if profiles disappear online, you still have a copy. These pages will contain stuff like names, personal info, links to other profiles owned by the person, etc
1. We like to think it's obvious to Reg readers that 75% (it's actually 77) is low. Didn't seem worth making too much hay about it.
2. Kieren wrote 3 great articles on Tuesday, and we at the back edited a load more. We're always pushed for time, there are always improvements and extra work that can be done, and we have to ship a product at some point. Sometimes you have to call it and run it, and move onto the next thing that needs covering.
C.
I've heard rumblings that a chunk of the data center sales are or were due to banks and cloud builders replacing processors with those with mitigations built in.
But it's mainly Intel auctioning off chips to hyperscalers ordering 1m parts a year, I reckon.
C.
The original complaint is way out of date - the legal battle has changed over the many years it's been running. Various claims have changed, or been thrown out.
I recommend reading the latest appeals court ruling: https://regmedia.co.uk/2018/03/29/oracle_v_google_opinion.pdf
The original is here: https://regmedia.co.uk/2010/08/13/oracle_complaint_against_google.pdf
C.
For bare metal, you can use what's called the core library, and a few others, that provide primitives and basic structures. There's no IO nor heap allocator: you have to implement that yourself.
If you pull in a third-party library that expects to use std library primitives, you're out of luck in a core-only environment. It's not the end of the world: not all libraries require std. Ones labeled nostd will work with core.
std expects there to be an OS underneath providing stuff like heap allocation and IO. With bare metal, there is no OS. You are the OS. Core doesn't require an OS. Core expects you to provide things like the heap allocator.
So, with core, you're not totally on your own, you get some support, you just can't use dependencies that require std, and you have to provide stuff like memory management.
Compare std: https://doc.rust-lang.org/std/
to core: https://doc.rust-lang.org/core/
Core gives you a lot, along with common data structures in the alloc library, but not all of std.
C.
FWIW you still have to obey Rust's borrower rules in unsafe code. You also wrap unsafe { } around unsafe code so you can find and audit it easier - whereas with C/C++ any old pointer could be wild.
Unsafe IO port access on Rust looks like this:
unsafe { *(0x10000000 as *mut u8) = c };
..for writing a character to a serial port at 0x10000000, say.
I've done a fair amount of low-level Rust dev in my spare time and it's helped me write much better code, so much so, I am terrified about the thousands of lines of C I've previously written.
I'm not on the Kool Aid, though. It's frustrating that a lot of the ecosystem uses the standard (std) library, which is unavailable on bare metal. Thus, you may find a third-party library that will save you reinventing the wheel, only to find it's reliant on std and you can't use it.
C.
It's pretty simple: the databases were found by the folks at VPNmentor. Sometimes they give a publication or outlet a heads-up before going live with their findings. Sometimes it's us, sometimes it's a rival. In this case, it may have been the BBC. If not, then the BBC spotted the blog post before us.
We'll get onto it this week. In fact, we're planning a month-long series of insecure databases to demonstrate that this stuff is rife on the internet. Everyone is exposed.
Edit: Here's the latest S3 leakage: https://www.theregister.co.uk/2020/01/15/open_s3_buckets/
C.
Yeah dude we know.
Every day, we have to make decisions on what stories to write up: what can be completed in time before something gets too old. Stuff has to be prioritized. There also has to be a healthy mix of stories, it can't all the the same stuff everyday.
So if there are enough Linux world patches to fill a monthly roundup, then that may be the best way to summarize it, because we may not have the time or people to write a story every time a patch arrives.
Obviously, the latency in rounding up the patches is non-optimal, and critical ones could be written up immediately because they prioritize over other stories.
C.
Your Pentium from the 1990s is, like, single core, right? So there's space on the die for cache. With 64 cores, you can't bung too much on without producing dies that smash your yield targets.
Look at it this way: there's a total of 4MB L1 cache, 32MB L2, and 256MB of L3 in the 3990X.
And despite leaps in processor technology, it's likely today's software still works comfortably within 32KB working sets anyway, what with the latency issue DougS mentions above in mind.
C.
Hi,
We disable comments on sponsored content - or advertorials in other words - for a few reasons.
One is that this move separates the content from our own independent articles. Sponsored content is commissioned by advertisers and produced externally to the El Reg news team; we don't endorse it. We don't want readers to think it's part of our normal output, and one way to make that clear is to switch off comments.
You say we're "breaking with a system of journalistic feedback," which proves my point: the pieces aren't journalism. It's paid-for content, produced outside the news team, and funds our actual journalism, which is independently produced.
C.
Well, citizens are US persons so we're not wrong. Citizens are a subset of persons.
Bear in mind, spelling out "individuals who are United States citizens or lawful permanent residents, or are located in the United States" every time ruins sentence flow and headlines, and we like to keep things snappy around here.
But anyway, I've tweaked that to just peeps. Thanks for the feedback, and don't forget to email corrections@theregister.co.uk if you spot anything wrong.
C.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
