Posts by Starace 352 publicly visible posts • joined 16 Jun 2007
From what I remember from having a poke at mine, the interface to the car was one PCB, the main processor is a different PCB, and there's a sort of shared memory datapool structure between them with fixed functionality/variable definitions.
So the operating system not only had no access to a CAN interface but the data that it could access was predefined and it had no way to vary it.
So I guess more of a data diode than a firewall?
If they haven't already got hardware in place then it's going to come as a shock to all involved just how difficult and expensive it will be to design, produce and qualify the bits for an aircraft.
Even when you already do avionics and related kit this is not a trivial job. And satellite trancievers for aircraft are a particularly nasty problem - I've heard the horror stories.
I have a horrible feeling someone has dived into offering this to customers without anything to back it up and are hoping to wing it as usual. Sadly for some things that doesn't work.
The thing with barbers, and certain other sorts of businesses, is they're great if you need to do a bit of laundry for your real cash generator.
That's one reason you see so many places of certain types pop up despite a total lack of actual demand.
Had some locally get shut down for it so not just an urban legend.
It was bad enough when they pulled this stuff with the data centre products, charging a massive premium for the hardware and then decided it was a great idea to start charging on top for you to actually use it. Puts you right off and makes you look for any possible alternatives. A bit like the reaction you have any time you get near Oracle.
I'd be happy if it was cost neutral somehow - others managed when their pure hardware play went to hardware plus subscription - but this stuff about $1000/user/year points away from that.
And $1000/year? They've started to believe the hype from their inflated GPU prices...
All these years later and they're still arguing and trying to get people to use it. Yet even shiny new stuff mostly ignores it.
They built a solution that's too complex to use and aims for a utopian ideal of all those billions of devices existing in a nice flat world where everything is individually addressable - and we know that isn't how the world works and never will be.
It might be antique but IPv4 is good enough and it works so it'll stay for most things forever.
Everyone with any interest in UKCloud already knew what was happening all those months ago and acted accordingly, even if El Reg decided to keep quiet. So that didn't help them at all and the self censorship was utterly pointless.
The big problem is that while they provide a specialised service that was useful for some things they're stuck in that unhealthy spot of being much smaller than the usual players - so not so useful for the bulk vanilla stuff - and at a scale where you might use them for niche or PoC but for bigger 'special' stuff you may as well roll your own private cloud solution as actually being better and cheaper and easier to manage. Been around that loop more than once, and it turns out renting cloud is surprisingly expensive and compromised, while building is quite reasonable and tunable. At least if your workload isn't transient and you have specific goals in mind.
It's not a nice feeling leaving a company and they were good at partnering but there comes a point where you need to go with what works best for you and doesn't add risk. For me that isn't AWS/Azure/whatever either - went a different direction - but the UKCloud thing just wasn't sustainable.
They did nothing wrong but it's an awkward place to be stuck.
They don't honestly believe that money is real do they? Just because something like Tesla was pumped to the $1trillion mark doesn't mean you can actually squeeze that cash out of Musk. It's amazing he's even managed to liquidate a fraction of his holdings so far.
Is it maybe possible that if no-one wants to pay for your support maybe it just isn't good enough? There's plenty of projects where the support is excellent and well worth it but also plenty where it's either worthless or just far too expensive for what it is. Especially when more than one person offers support.
If you want to be a commercial operation you need to provide commercial levels of service. Not suddenly decide you want to try to take your toys home because you think your one man band can charge like Oracle on a perpetual basis and others disagree.
You'd think all maintainers were saints from the way some of them talk. Some are. Others are bloody useless, and will leave all sorts of problems (and submitted fixes) hanging while they pursue whatever their current interest is without letting anyone else contribute.
There are projects that are basically baseline functionality these days & embedded everywhere where the concept is good, the support (commercial & otherwise) plentiful yet you still have core maintainers who basically refuse to maintain beyond their current pet feature, and when you start poking you find that what looks superficially well designed & documented with plenty of testing is actually a mess where the features don't work and the tests don't test. And when the bugs (and fixes) go in they'll sit forever ignored...
No one makes you do these projects and if you don't want to then fine. But don't scream because you went in trying to look altruistic and the cash you actually wanted didn't roll in. If you wanted money then choose a commercial model from the start instead of moaning that the grasping bastards aren't charitable enough.
If you do something and hand it out for free you can hardly expect to whinge when people use it; if you want to be paid for your efforts then charge, otherwise just accept that your stuff will be 'exploited' if you haven't excluded that option through a contract.
The other issue with projects with a small developer team - and especially when one or two people drive most of the dev - is that they tend to become very protective of their project and ignore or reject any offers of input. External bug reports and code submissions get ignored. So even when the evil corporate bastards spend the time to check the code, find the faults and provide assistance it doesn't get accepted.
Funnily enough lots of OSS does get plenty of support and submissions from corporates spending engineering time on them, it's only certain things that stay stuck with the 'volunteers' who own the project. So maybe it's a people issue not a philosophical one?
It was seeing the AGPL license and the locking down of the documentation and the strong arm tactics to push buying (expensive) licenses that made me jumpy.
I don't mind if it's a known quantity out of the box but it all felt very commercial for something that still leaves you to bolt together a solution from a pile of bits or having to rely on third parties for some sort of packaged solution.
Throwing lawsuits around isn't exactly brilliant either, especially if they look weak. I'll use your stuff if it's better.
For aerospace you tend to run a scheduler per core without any bells or whistles like speculative execution - or sometimes even caching - so you can maintain determinism.
But you don't need a special CPU for that. You just turn off the bits you don't need and run a bare minimum initialisation rather than using the OEM code.
If you want a simple CPU you just use it in a simple way.
As with many things it's a solution, then again you can achieve the same result much more easily in other ways - it's just a reference number lookup after all.
Most applications of blockchain are just an excuse to apply it but beyond the techno wankery are difficult to justify.
I guess it generates an easy story but it's still a solution searching for a problem.
Googlers think they work in an environmental where their specialness will be tolerated.
They're then shocked to find our they work for a giant corporate multinational that doesn't like people biting the hand that feeds them, or people making demands, or people search their networks for information.
They're worker drones, and whatever gender, colour or whatever they are Google *doesn't care*. They don't discriminate but they don't tolerate either.
I think some people want a nice free startup/academic environment and they're in totally the wrong place for that.
Seems a bit of a coincidence that the supporting 'evidence' comes from people with affiliations with a company that includes commodity whitebox servers among its products.
Or do the words 'Altera' and 'a major semiconductor company' not point in a very particular partisan direction?
If you want to run a compartmentalised containerised scalable workload on avionics there are already properly designed and standardised options available, with proper deterministic realtime schedulers underneath.
Though running a Kubernetes type setup on a mission support system might happen, you can put some odd things on stuff that doesn't affect flying or weapons. Though I'd still have thought security requirements might get in the way of Kubernetes being used.
So it's maybe possible to spoof the transmissions and get the system to respond as designed.
Just a shame it's utterly impractical to spoof the transmissions in any useful form except on the bench, and they didn't even do that. In other words more bollocks security 'research' pointing out a flaw that doesn't actually exist except on paper.
Also the not so minor point that they tried everything on a sim - shame that even on the Type 7 / Level D devices code for a lot of the (non-rehosted) systems is there to recreate the training effect and *IS NOT A FULL REPLICA OF THE REAL SYSTEM* so any results mean very little. Been there, wrote that, ran the flight acceptance tests... That said I remember using real TAWS boxes on sims before (which have built in TCAS) because it was easier than trying to process their terrain databases etc.
Pascal, it might help if you knew what you were talking about. All sorts of manufacturing already moved to (or already existed in) other countries.
Vietnam is a popular location right now, everything from Samsung phones to underpants come from there.
All we'll see is an acceleration of the moves away from China that rising costs and threats of tariffs had already kicked off.
The Varjo XR-1 does a pretty good job of AR, none of those stupid optics either - the optical combiner route is just never going to work well enough to really 'augment' reality.
Then again it is properly 'incredibly expensive' at €12k to get one in your hands. Plus the cost of something with enough grunt to drive it.
Excellent toy though if you're able to talk someone into buying one for you for 'development'.
Somewhere around here is a post I made which is somehow approved but hidden.
Basically good luck fiddling the buses from the Ford infotainment, the hardware is partitioned and the QNX bit has no access to CAN, it goes via datapool in shared memory to another board that can explicitly only read and write specific messages.
And you can't fiddle the infotainment software without either getting straight to the eMMC or having the correct certificate to sign any file you want to upload via the USB. But reading what's built into the factory image is easy because it's all in the upgrade packages you can freely download. There is/was a discoverable root password but the production image has no way to connect a debug console (doesn't try to start the ethernet dongle) so that's pretty useless too.
And funnily enough the CAN is all partitioned so you can't just wander around trivially, and some of the critical control buses are physically isolated. You can get around the general access security (though not the stuff needing privileged access) by reverse engineering the workshop tool protocols but that doesn't gain you much beyond what the workshop tool already does, except the ability to accidentally brick the modules.
Hur hur we canz hack it isn't quite as simple as it appears when it comes to actual exploits.
Yeah right.
It's one thing to emulate a button being pressed over the bus, it's quite another to make a module do something it's explicitly designed not to do - you'd have to replace the firmware with something utterly different and that's a whole other game.
If you're going to enter into the realm of fantasy there are easier ways to achieve the same result.
For obvious reasons the force required is set quite high to stop simple accidents, on the basis that when you really need to pull it you'll be motivated to do it as hard as you can until something happens.
On another note it's surprisingly easy to snap the steel cables inside the handles when you give them a suitable yank.
The sad thing with this story is that it's far from the first time someone has had a problem during a joy ride due to a long chain of carelessness, and also not the first time that things could have ended in an even worse way if not for a random event as things went wrong. At least they survived. I bet after the enquiry some were really feeling sorry for themselves.
Signed firmware is a nice feature to have.
It also has a significant cost impact if you need to select an embedded controller that supports the required features to make it work, and there's usually an impact on boot time and also on how long it takes to program the kit - not so much a problem for the customer doing updates but a big issue for manufacturing.
A lot of specialist effort has been expended looking at this and it isn't trivial to sort it out even for things that cost a lot more than a webcam.
It's also worth mentioning that while signed firmware is nice to have it's not going to protect you against a truly capable opponent, it just removes the lowest hanging fruit.
Given that the Starship assembly looks like the sort of setup that would embarrass a backstreet workshop in Kabul (blokes on iffy ladders with cables trailing around working in a tent), and that they've scrapped or unintentionally blown up everything they've built so far I'm not expecting a lot of Starship action anytime soon.
Now if he'd built something more like Sea Dragon instead of a shiny comic toy mockup there might be something worth looking at. Would have managed the super-heavy lift, reusability and steel construction and maybe even have worked.
Some people might wonder if their eagerness to throw their junk into the sky is linked to the planned IPO and lots of spare launch capacity as they seem to have a collapse in demand from paying customers?
Demos of the system actually working might be a good idea too? So far all we have is lots of highly visible satellites (accident or useful way of proving they're up there?) but not a lot showing their fancy network in action.
Not that I'm cynical but Musk is involved so...
So basically the same as we've had for a while now, SSD for the boot/system device and HDD for cheap bulk storage?
Sooner or later SSD will be cheap enough to use for everything but for the D: bulk cold store for all the junk had still has a role.
I do wonder though how many people know the difference between a cheap commodity SSD with low life & IOPS and a decent high grade NVMe one? A lot of the cheap stuff is slow garbage.
Not sure about elsewhere but around my way the specialist contractors we used on and off for years seem to have vanished in favour of a swarm of replacement contract staff shipped in from offshore.
Shame they're all absolutely useless, quite possibly worse than the last offshoring experiment from 14 years ago.
What an absolute shitshow this whole thing is turning out to be from whatever side of the contractor/customer relationship you sit on.
So yet again a small self-selected group decides that they think something is a bad idea and they'll forcibly stop everyone doing it because everyone else is just too stupid to think for themselves.
Centrally managed word/content filters next, tuned to a suitably Googly world view?
I'm sure I remember seeing a hardware analysis on this that blamed a voltage regulator reset on an integrated motor controller that was causing swings on the supply to the throttle sensors?
Pushing the wrong pedal isn't exactly rare but the statistics suggest something must be happening, and it being more than the idiots behind the wheel and overly rapid acceleration.
Everything GPT-2 has ever produced (like fake news articles) is quite convincing at the start then quickly wanders off into garbage.
It just isn't that good, and definitely struggles to stay on track. A convincing opening can just be cribbed straight from training data but getting past that...
That 'mini dstacentre' would be what, half a racks worth? Maybe a whole rack if you really wanted to push it and have lots of spares. Hardly extreme.
And you don't treat the possibility of no aircon by having no aircon; you have aircon, you have backup aircon, then you have contingency cooling. You don't just skip to the contingency straight away.
Not a big shock though, often the team budget for these things is actually derisory. And no one actually wants the jobs as the pay and conditions are rubbish as the expectation is that 'working in F1' is a reward in itself. Hint; after the first week it isn't.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
