Posts by diodesign

Re: I need help to decipher this article!

> What on earth is "a dynamic purchasing system"?

I've added it to the article. It's standard UK govt jargon for an electronic purchasing system that new suppliers can join at any time. That's the dynamic part.

> what the hell do they need an AI for even if it did exist?

There are loads of applications machine learning can be used in. Spotting patterns in road traffic, optimizing emergency service shifts, predicting supply and demand. YMMV. You'd hope there is human oversight involved so the computers don't run amok.

> Isn't the country broke?

No. The UK is still in the top 10 richest countries by GDP.

C.

Exploitation

It's too much hassle to exploit in real-world scenarios given the slow rate of exfiltration and that the code to abuse spec-ex is non-trivial (bar Meltdown, perhaps), and that there was an immense amount of engineering work poured into closing the side channels (or attempting to).

Thus, if you're an exploit developer, you'll probably go back to attacking bugs in the Windows kernel or tricking people into running email attachments as administrator - it's far easier.

That isn't to say it's been a complete waste of time. If Meltdown, and the Spectre variants that can be exploited via a browser or virtual machine, hadn't been addressed, I think there would have been shenanigans by now.

I think, perhaps, it's a case of this: if nothing was done, someone would find a way to leak stuff from browsers or virtual machines at least; and if mitigations are in place, no exploitation happens, and people wonder what all the fuss was about.

One thing it's done is highlight the semiconductor world's rush to put speed over security, and also the holes in Intel's SGX.

C.

Re: Is El Reg georestricting stories?

Further to add what Marco posted, out of the 500-ish stories we typically publish a month, a handful are marked US, UK, or Australia-only on the front page.

It's mainly so that, for instance, if you live in America, you don't wake up to a UK-dominated front page about stuff you've never heard of, and vice-versa.

You can still find all stories in the Latest News page and other pages that aren't regionalized. And in future, we'll adjust the homepage design so that all the news is listed but the stuff we want to highlight is tailored for where you are in the world.

C.

Re: Cult?

As in, it's a cult classic. Which it is.

C.

Buying on day of quarterly report

Probably expected the share price to go up. Buy low, sell high, etc.

C.

Watts

Yeah, 10^23 W or 100 sextillion watts.

C.

Editing

A lot of us are really burnt-out this month. And I can honestly say quite a few of the typos were mine while working late into the evening.

"Some of even ended"

That's fixed.

BTW I'm not asking you to work full-time for us. I'm asking for an email, please, if possible. Think of it as a pull request. Maybe we can make it easier to report errors, in article or via a form.

"Would be easier to make a list of the El Reg article that DON'T have any errors"

Software has bugs, articles have typos. We're not perfect and we're quite a small team, relatively speaking. We're trying our best.

C.

Point of order

The treaty states:

"If a State Party to the Treaty has reason to believe that an activity or experiment planned by it or its nationals in outer space, including the moon and other celestial bodies, would cause potentially harmful interference with activities of other States Parties in the peaceful exploration and use of outer space, including the moon and other celestial bodies, it shall undertake appropriate international consultations before proceeding with any such activity or experiment."

Which we take to mean the treaty frowns upon the use of potentially destructive force without consultation, which may have happened here. We've expanded that part of the article with our thinking.

PS: Please email corrections@theregister.com if you spot anything you think is wrong in an article so we can take a look immediately.

C.

Re: Are those numbers right???

Yes, from the paper:

"The companion has a projected physical separation of 320 au" and the other "is orbiting the primary at 160 au"

If you think you've spotted something wrong, don't forget to drop corrections@theregister.com an email.

C.

America

"black kids shoot each other at a rate well over white kids"

This is a rather overly-simplistic view of quite complex societal failings involving poverty, prospects and living conditions, all stemming from discrimination, ultimately driving or forcing young, impressionable people into dangerous and regrettable situations.

C.

Re: Re: What is the point ?

Fair point. It does feel like Arm's backed into a corner.

C.

Holy URL, Batman

All our slip-ups, er, moments of genius are deliberate irony.

C.

Re: Hello? Anyone? Am I invisible?

PoC means non-White in the US.

C.

Wording

It means the same thing - it's to give you a specific list of services to monitor for activity. Admittedly, DNS, HTTP and TLS are quite heavily used in normal business but the point is: you don't have to go looking for weird ports or obscure protocols.

C.

Reply all

When a tech vendor or some other organization writes to us to complain about an article, they like to CC in their lawyers and insist they stay CC'd, presumably to scare us into thinking this is a Potentially Big Problem.

And, depending on the tone and weight of the complaint, sometimes I enjoy replying with those uninvited guests flicked off the CC list.

C.

Re: MIPS

I think in all honesty MIPS is looking a bit dead in terms of future generations using it. Sure it's still out there in a load of chipsets...

...but university courses are teaching RISC-V as an example CPU architecture now as it's pretty close to MIPS and all open-source and royalty-free yadda, yadda. In fact, the Berkeley team came up with RISC-V because they didn't want to teach MIPS internals any more, Arm wouldn't provide an academic core they could pull apart in an open way, so they made their own.

If you want to go beyond FPGAs and simulations, RISC-V does have a downside in that you're fairly limited for SoC suppliers. SiFive, Greenwaves, Microchip, Kendryte and NXP spring to mind, though.

C.

"No competent C developer...."

I give you exhibit A: The Windows Server DNS server. Heap buffer overflow in C code with SYSTEM privs --> root RCE. See Patch Tuesday this month.

C.

(Yeah, I know the comment above is a stack overflow; same sort of principle.)

"If a policy is turning out to be ineffective, you change it"

Can you read the article? The bit about how the policy was put in place with no consultation or other grown-up processes designed to develop well-rounded, beneficial strategies. It was doomed from the start and injected a lot of stress into people's lives.

Enough of the hysteria? How about enough of the apologizing for idiotic government.

C.

"More informative than the article, in fact"

Please bear in mind we're trying to summarize a paper without reproducing all of it. That's why we link to the original paper.

Thanks for all the feedback, we'll tweak the article.

C.

"Obama left the US without stockpiles of PPE"

Fact check.

C.

Re: That much downtime?

Just assume any value after Office is correct. I'd ask our tech team to make an automatic randomzier for the headline but they seem rather busy on actual functionality.

PS: corrections@theregister.com works well for any typo :p

C.

More detail

Unfortunately, we're going on what the NASA people said on the phone call. If the report emerges, even in a redacted version, we'll go over it.

I imagine it's something like Boeing using a traditional waterfall development process, and SpaceX using an Agile process. At a guess.

C.

Style guide

It's our emerging style, in line with AP et al, to cap up White and Black when referring to race.

C.

Northwest

Thanks - it's fixed. Don't forget to email corrections@theregister.com if you spot anything wrong. That way we can fix stuff as soon as it comes in; there's some latency in reading article comments.

C.

May the odds forever be in your favor.

C.

NFC?

We're double-checking -- it does appear to have NFC. Don't forget to email corrections@theregister.com if you spot anything wrong so we can fix things right away.

C.

"Oh, no, forgot, no anti-BREXIT slant possible."

We did cover it here.

We'd love to cover every story possible immediately, though bear in mind we've only got 13 full-time writers and editors, a total of 16 regular contributors and editors, across three continents.

We make a lot of noise for quite a small team compared to others.

C.

Re: Re: Brexit sat-nav eh?

"My problem is the appalling coverage the press has been giving to all things government to the point where I and a large proportion of the population now reflexively assume that anything in the press that is negative about the government probably isn't true."

I'm afraid to tell you that it really is that bad. We're not going to sugarcoat it. If we let things slide, they become the norm.

C.

Re: Behnken is not a NASA astronaut

He most certainly is a NASA astronaut.

C.

Re: So will Tor be using Comcast for DNS? Will my VPN also start going through my ISP?

No, Tor routes DNS through Tor. Your VPN will work as usual. But Firefox, if you use the default and are on Comcast's broadband network, will send its DNS via Comcast over HTTPS.

Bear in mind most or many subscribers send their plain-text DNS via Comcast anyway, due to their cable modem's DHCP setup, so for them this is no change except it's via HTTPS and Moz has made Comcast swear it'll be nice.

In a way, DNS-over-HTTPS was an opportunity to shield DNS lookups and route them where you want, but instead, yeah, nah, Comcast will just handle it anyway.

C.

Re: The facial recognition report has said outright there were no grounds for arresting anyone.

"A quick google of Robert Williams' name will turn up a copy of the report spat out by the facial recognition system."

If you're referring to this, that's not a direct output from the software – as far as I can tell – it's internal paperwork generated by the police, with a big note on it saying this is just a lead.

The way the officers went about confirming the lead – apparently showing it to a guard who didn't witness the crime – was, well, sub-optimal.

C.

Protests

Nah, it's 90%+ peaceful protests. What you see as riots is people fighting back after the police lose their cool and fly off the handle unprovoked. If you live in the cities where protests are taking place, it's pretty obvious.

C.

"The article is therefore of no real technical enlightenment"

Lovely, so can I put you down as 'undecided' on our reader feedback survey?

C.

"you see them *everywhere*"

Cool, that's not what's happening here. It's pretty blatant. If there were 101 types of far-right coded references, I could see where you're coming from. But there aren't, there's 2 (or 3 if you include HH as well as 88).

Denial isn't a river in Egypt, friend.

C.

Re: Details?

We're chasing that up. Cognizant told us so far:

"It involved certain personal information related to some current and former Cognizant personnel and individuals involved in corporate transactions."

Edit: It's folks in and outside the US.

C.

Re: CPU

It's dual *vCPU* -- there's probably one processor inside it, multiple cores, two of which are available for customer use.

I've made it a bit clearer where we mean physical and virtual processor cores.

C.

Re: What's an "un-carrier"?

See the linked-to article in the story. Un-carrier is T-Mobile US's slogan to distance itself from the other main carriers. As in, it won't treat you badly like the big players, and will offer you features the others can't, allegedly.

In America, T-Mobile US is third place to Verizon Wireless and AT&T, pre-Sprint merger.

C.

Re: Baffled

Other way around -- baffling is more inclusive than crazy, says Google. I've clarified that sentence.

C.

"If there is no word for slavery, how can those you enslave fight against it?"

You use it in context. This isn't hard.

C.