* Posts by David Eddleman

217 publicly visible posts • joined 20 Jun 2007


IBM slices UK GTS contractor rates

David Eddleman


As a former member of IBM GTS in the US, we saw this all the time. Now that they're employing the same methods overseas in the legal manners they can...yep, squeezing as many pennies out of the non-BRIC(A) countries while shifting more or the work there.

And slowly, Big Blue begins its decent...

Kaspersky Lab to create new OS 'to save the world'

David Eddleman

Re: I can't believe this

Why not VMS?

Because it's VMS, that's why. If you've ever had to use it, you'll know why.

Japanese boffins unfurl banner above newly-discovered Element 113

David Eddleman

I propose...


And for isotopes? Naquadria.

Hobbyist builds working assault rifle using 3D printer

David Eddleman

Re: Edit for the author:

There's actually no legal definition of 'assault rifle' in the Federal courts, AFAIK and IANAL. I can't speak about state laws since those are just as varied and silly.

The ban that you're thinking of is the "assault weapons ban", which is silly since before that bill came around there was never any talk of "assault weapons".

David Eddleman

Edit for the author:

"AR-15 class assault rifle"

The AR-15 is, by design, semiautomatic only. It is not an assault rifle. The introduction of a lightning link, auto sear, or any other technology to make it fully automatic or have a selectable fire mode (other than "safe" and "semiauto/fire") is completely non-standard.

"the style of gun the US military has called an M16"

The M16 shares the direct impingement system of the AR-15, and some of the aesthetic differences, but that's about where the similarities end. The M16 has additional parts that enable it to fire in either fully automatic or burst fire mode (depending upon the model) as well as the ability to still fire on semiautomatic (without the so-called M16 parts kit, a rifle that had the auto-sear/lightning-link/etc. would only fire on automatic).

"The lower receiver of a factory-produced AR-15 is usually made of metal, typically stamped aluminum."

Incorrect. Most AR-15 lower receivers are milled & machined from a solid piece of aluminum. Some are forged, although those are less desirable due to structural weaknesses.

Fun note: most people were thinking it would blow up since lately there have been attempts at making a polymer lower receiver (rather than aluminum or steel), but most of them end in abject failure. Some rather spectacularly.

David Eddleman

Re: Barrel

Accurate enough to avoid having the bullet spin out of control, or better yet, spin at such a rate that causes it to fragment in the air. As can happen with overspin on lighter bullets.

David Eddleman

Re: For those w/o time in the military:

".223 caliber is better known as 5.56 mm"

Incorrect. 5.56x45 is actually .224 caliber. Aside from having a slightly different casing dimension, it operates on a higher pressure. Loading a 5.56 into a .223 weapon might work, but you run a serious risk of destroying the firearm in the process. .223 works no problems in a 5.56 weapon however.

The bolt is not serialized here in the US. Only the lower receiver is. That's because the lower receiver is recognized, by the BATFE, as the firearm itself (the upper and other parts are not, just the lower receiver).

Indian outsourcers Infosys outsource to WISCONSIN

David Eddleman

Re: Oh, great.

Bethany: Were they sent to Hell?

Metatron: Worse. Wisconsin. For the entire span of human history.

*Disclaimer: lived in WI for a year and a half.

India crowned global spam-spewing zombie king AGAIN

David Eddleman

Not surprised

India has poor security and ISPs that simply do not care about their subscribers sending spam out. The major Indian ISPs are denied at my firewalls as a result. Totally not surprised.

David Eddleman

Re: India??

Or those who use softfail in their SPF entries. Which means messages are flagged but absolutely nothing happens.

Reloaded Doom 3 shoots onto shelves this autumn

David Eddleman

Well now...

"an armour-mounted flashlight"

Guess the devs realized that people really wanted the Duct Tape mod as that was hugely popular. Makes sense, don'tcha know.

Japanese boffins plumb darknet for cyber attack alerts

David Eddleman


"The checks and balances of democratic governments were invented because humans themselves realized how unfit they were to govern themselves. They needed a system, yes. An industrial age machine. "

"Without the use of computing machines they had to arrange themselves in crude structures that formalized decision-making. A highly imperfect and unstable solution."

"Observe your motivations for breaking the arbitrary laws of the current government."

...has NO ONE played Deus Ex? Do they not remember how well things turned out when a system named Daedalus was turned on and began to monitor the world's connections?

Intel CEO predicts DOOM for fab industry and competitors

David Eddleman

Re: What shareholders want to hear

Yes and no.

SPARC and POWER have two great advantages over Linux/Windows and x86/64: hardware compatibility. Linux, Windows and every other OS, application, and more that's built for that platform has to stand up against a dizzying array of hardware options.

With SPARC and POWER and ... you have one manufacturer of hardware and one developer of the OS (and generally a small number of developers for supplemental OSes). That means that your compatibility is higher. You also usually have *very* good service contracts with those people, so you can call out and have someone in your doorstep in 2 hours or less with replacement hardware, they're certified and know how to deal with it. Getting a response like that from a x86 vendor is hard, and costs a lot of money on top of what you buy.

One of the things I think that Linux needs to work on is hardware detection and interaction. Compared to Solaris and AIX, it sucks (and I say this as a Linux fan and user). Naturally some of this comes down to the earlier issue with fragmentation and large number of items to be compatible with et al.

FBI seizes Mixmaster servers

David Eddleman

Liability and negligence

Yeah, it's likely someone being a bellend.

But, it doesn't mean they can discredit the threats entirely. If one of the 90 are real, and they're ignored and someone does bomb the college, guess what? They're liable and guilty of gross negligence.

AT&T to allow unlocking of out-of-contract iPhones

David Eddleman


Doesn't do a lot of good for CDMA network customers, who typically deploy UICCs into their phones. Which IMO is a bit of a scummy deal, as it locks the phone to the carrier and requires all manner of reflashing and such to get it to work on another provider.

People say SIMs are dead...nope.

It's why I switched to a GSM carrier and got a phone with a removable SIM card and is dual band (pretty much only necessary here in the US, thanks to dual-band airwaves...CDMA used to be loads better than GSM, but lately that has fallen flat).

I can take my phone to any carrier, pop a SIM (or one of the removable UICCs) and get it over to them. Lot of flexibility in that regard, and that's why T-Mobile have offered me good rates and good service for my area.

China blames web for gun smuggling crims

David Eddleman

32,000 bullets?

Well, no harm then. Without a casing, primer and powder, they're just bits of lead.

Lead in China...wait, I've seen this one before.

Visa dumps Global Payments after it flashed 1.5m US card numbers

David Eddleman


"You are compliant, and then if something [like this] happens, by definition you're not."

Err, no. PCI compliance is a set of standards. Just because you get broken into doesn't mean you lose compliance. It says when you patch, how often critical vulnerabilities have to be applied, etc. It provides a *best effort* methodology. A system is never hack-proof, there are always zero-day exploits and more found.

If the *founders* of PCI:DSS consider getting hacked into a measure of being not in compliance, then the methodology is broken and needs to be reworked. Most ricky-tick.

Kelihos zombies erupt from mass graves after botnet massacre

David Eddleman

Why not...

If you were to pull a Superman III and steal a large sum of money from a bank and escape to a nation that doesn't have extradition, you probably wouldn't get off scott free. If the bank's big enough, you can bet that money that the bank or other financial institution will send a hit squad or mercs to kick down your door.

Why doesn't MS/etc. just do the same thing? Hire investigators or teams to find where these people live, kick down their doors, and put two in the head? Or for the more Paragon route, get the authorities involved. Would solve the problem a lot more efficiently than just sinkholing a swathe of machines.

Google asked to bin autocomplete results for Japanese man's name

David Eddleman


<name of song/movie/etc> download

If they do filter it, they do a piss-poor job.

Hardware hacker rigs up VR for Skyrim

David Eddleman

Better than Skyrim!

Use this for sims, like MechWarrior! Rather than Kinect, you could hook it up to a joystick/throttle console and use that. MechWarrior 2 had support for motion-tracking headsets and would adjust the cockpit view based upon it -- your pilot would literally look around the cockpit as you moved your head. Falcon 4.0 is already famous* for having TrackIR/FreeTrack capability. But to actually simulate a F16 cockpit's equipment would be, well, difficult...

*Sort of.

Rutgers student guilty, faces 10 years for webcam spying

David Eddleman


"He hasn't lived long enough to have any experience with homosexuality or gays,"

Um. He's an adult. Last time I checked, you needed to be an adult or have adult permission to be in college. Not to mention this is a message that Ravi sent the fellow before he jumped:

"I've known you were gay and I have no problem with it. In fact one of my closest friends is gay and he and I have a very open relationship. I just suspected you were shy about it which is why I never broached the topic. I don't want your freshman year to be ruined because of a petty misunderstanding, it's adding to my guilt. You have a right to move if you wish but I don't want you to feel pressured to without fully understanding the situation."

He KNEW that he was gay and had a friendship with a gay person. Yeah, no, he was an asshole, a sociopathic one at best, and I hope the fellows in prison pass him around, I hope he turns into a good wife there.

Smartphone users sue Apple, Facebook over mobile app privacy

David Eddleman

"Foursquare ... mobile applications that invade users' privacy."

Well, um, yeah. An app that makes public posts on social networking sites when you check in at a place. Every time I see someone check in at a place using Foursquare and similar, I link them to pleaserobme.com

It's like people are aware of but completely ignoring these things.

Gamers pledge almost a million dollars for Wasteland sequel

David Eddleman

Re: Go the minecraft route

Also the same way for Mount&Blade, which is an utterly brilliant game that has some of the best mounted combat I've ever seen. Early versions were alpha & beta, with low or no prices, and those who pre-ordered earlier on had lower prices on the end product. Also all of the essentially free beta testing.

Xbox Live glitch resets players' scores

David Eddleman

My take on it...

Even as an occasional Xbox player (just got Forza 4 for the 360 only because it's not available for the PC!)


Council spunks '£100k on how to wash your hands' vid

David Eddleman

Re: There are plenty of blokes...

Indicator lights. If violation of that was an instant point here in Texas it would cease to be a problem.

For my take on it, go to Youtube and look up "Shoot em up no signal".

And yeah, sadly, seen the same thing re: wiping/pissing and failing to wersh yer hands. Seems like that and saying please/thank you is going the way of the dodo...

SimCity to return after 10-year holiday

David Eddleman

Re: re: complicated

Don't forget the roads adviser in Simcity 2000 who, if you decreased their budget by as little as 1%, would spout "HOW DARE YOU CUT OUR BUDGET YOU WILL PAY" -- and then bomb collapse roads. Jailing or firing that bearded SOB would be a great way to get things done.

Election hacked, drunken robot elected to school board

David Eddleman


They need to do the same thing they do on Nevada state voting machines -- random inspections, any discrepancies found and the machine is shut down and investigated, background checks on all devs, board of inquiry for the public to use, and more. Nevada voting machines are more secure because of this, and because there's serious penalties for fuffing about with them.

Asus peddles three-in-one smartphone, tablet, netbook

David Eddleman

Re: Pen headset

"The distance between genius and insanity is measured only by success."

Samsung warms up smartphone operated oven

David Eddleman
Thumb Up

Brilliant, actually

As someone who does a fair bit of cooking, this would be a great idea. I typically don't need recipes read to me by my phone (usually just turn on Netflix and watch something while I'm cooking). Being able to start/stop the oven from random parts of the house, as I need to, would be good. Of course, one of the key things about going in person to start/stop the oven is looking at what's inside. WIthout a camera...well...

Foxconn allegedly hid underage workers from inspectors

David Eddleman

"Foxconn does not employ"

But what about interns, vocational training and more? Those are not situations where people are employed, just working for work experience, etc.

We're! not! a! social! network! yells! Yahoo!

David Eddleman

Not a social network?

Then what the hell have they been doing with Profiles (then Pulse, now Profile (singular))? Seriously, if that's not social networking, at least some decentralized methodology, then someone there has no clue what a social network *is*.

Megaupload honcho sprung from slammer (for now)

David Eddleman

I bet...

He must wait N days to get on that boat, and must unscramble some words to cross the gangplank.

Brazilians unveil Microsoft SkyDrive's secret – revealing pics

David Eddleman

Can't compare Skydrive with Dropbox

Dropbox is meant for rapid movement of small files, via a drag-and-drop interface. Like text files, music, and more. SkyDrive is meant more for long-term storage of many things, such as office documents, team projects and more. Comparing them is apples-and-oranges. Yeah there's some citrus in both, and are both fruits, but they ultimately are different things.

FCC hangs up on 4G broadband biz LightSquared

David Eddleman


FUD (Fear, Uncertainty and Disinformation)

What FUD stands for depends upon who you ask. I've always heard it to mean "Fouled Up Disinformation". Replace "Fouled" with the word of your choice (just like FUBAR).

What's in the box, Windows sysadmin?

David Eddleman

There's a flaw there, @Goat Jam

Windows Server does not require you to install IIS. It comes with it, but you are free to uninstall (or not install) it if you don't need it. Sorry, but that whole argument falls apart when the exact same logic is applied in reverse.

1/10, must try harder.

eulampios, top is pretty lacking in what it displays. In general, it displays CPU and memory % usage, which is great, but if most of your programs are displaying low usage of those but the reported system load is high, you likely won't be able to find out what's causing it with top, ps and more -- that requires tools outside the preinstalled set (or at least the preinstalled sets I've seen). Every time I've seen high system load but no obvious process causing the issue, it's likely an I/O contention issue, and there's no preinstalled tool that handles I/O monitoring reporting like vmstat, iostat, sar, or more.

tl;dr - the point I'm making is that neither OS has all of the tools a sysadmin worth their salt needs or has to make their job easier.

David Eddleman


You can apply that first paragraph to Linux or any other OS. There's a wide variety of updates and tools that one must throw on there to be useful. Windows comes with a webserver - Linux does not (it requires software from Apache to do so).

Linux also needs tools to get proper resource monitoring and collection going. Some of it isn't third-party, but until you've tried to pinpoint why your box is going haywire without sysstat or a tool like htop, sar, or vmstat, you start to realize just how much other stuff you need to bolt on to get some of the same flexibility.

David Eddleman

Hey now...

I am a Linux geek, as I primarily admin Linux, but I do Windows as well when needed. Windows definitely has it's purpose -- Linux can't do half the job Windows does at managing multiple workstations across multiple offices/countries with automatically replicated settings between servers.

IT guy answers daughter's Facebook rant by shooting her laptop

David Eddleman

$1 a pop?

.45ACP is not $1/cartridge. I've bought ammo that was that way, mostly because it was primarily manufactured in countries that no longer exist (and the stuff I bought was American made -- low demand, high quality so high price). You can find it for around $.20/cartridge, even less if you reload your own cartridges.

Steerable bullet aims for mass army deployment

David Eddleman

Or not.

12ga shotguns have a bore somewhere in the range of .60, rather than .50 (the exact number escapes me at the moment). You can't fire a round smaller than the bore reliably. Best case? You'll destroy the barrel or damage it beyond use. Worst case? You'll break it and injure yourself. Someone doing this deserves what happens to them.

David Eddleman


A rocket is self-propelled but the difference between a missile and a rocket is guidance. A rocket is dumbfire or with minimal guidance, whereas a missile can be guided through television feed, wire feed, IR, GPS, image recognition, and more.

Cyberwar report: Israel, Finland best prepared for conflict

David Eddleman


"according to a McAfee-backed cyber-defence study."

What's the point of taking it seriously? This is from a company, that for the longest time, would hand out "hacker safe" medals to websites that were vulnerable to XSS attacks and SQL injections. Their definition of "cyber defense" or "security" raises serious questions about their judgement.

For example, rating Spain, France and Germany in the same category as Denmark and Estonia? Those three alone account for about 30% of the infected machines in Europe alone, and about 20% of the global market (Germany is the worst offender in that list).

Why is Brazil rated higher than Mexico? In the entire LATAM region, Brazil has more infected hosts than Mexico by a factor of almost 20.

India should be rated a single "star", giving them 2 1/2 is way too good.

Why am I looking at infected hosts? Because what bloody good will the best external-facing firewall do you if you have a scourge within the inside, ready to strike out and do damage from within? Absolutely zero.

Make the claim that it is an end-user problem. It certainly is -- but who allows those users on? The ISPs and telcos, who help to set security policy within the country as they set and configure the infrastructure. If ISPs took a more active approach to security inside and outside, they'd be better off and ranked higher. Any entity that takes either an apathetic or ignorant view of internal security doesn't have a good policy in place.

Virus-slingers abuse WordPress vulns, dose punters with exploit

David Eddleman

Breaking news!

"Malware-spreaders are hacking into vulnerable WordPress-powered sites in order to drive traffic towards pages loaded with exploits."


WordPress is the crappiest piece of software I've worked with. Most people overload it to hell with plugins and wonder why it performs like crap, and plugins contain all manner of vulns and issues.

One of the most common exploits with WordPress is .htaccess injections, throwing redirects and other base-64 obfuscated crap into there.

NASA launches Facebook game for space nerds

David Eddleman

Look at Mexico

http://www.kerbalspaceprogram.com -- developed by an indy studio in Mexico. And it does a damn good job of simulating rocket launch, trajectory and even orbit. C'mon NASA, even *Mexico* is beating you on this one.

Much of the human race made up of thieves, says BSA

David Eddleman


"The evidence is clear: the way to lower software piracy is by educating businesses and individuals about what is legal – and ramping up enforcement of intellectual property laws to send clearer deterrent signals to the marketplace."

Um, no.

The way to lower software piracy is twofold:

1) Offer competitive pricing. Why is it that every new game that comes out is $60 and every new movie is $30? Make them competitive. Obviously you need to make a profit and pay your workers, get funding for your next release, etc. But why are distributors still using this static pricing chart? It seems like Valve have their heads out of their asses by charging a variable amount on games (they didn't charge $60 for HL2: Episodes 1 and 2! Still too much IMO for what you got, but it was far more reasonable.) based upon how big and the re-playability of games, and regularly run specials where they're discounted. And this competitive pricing works around the world, where instead of charging the same $200 for a copy of Windows 7 (which exceeds the annual salaries of some people in some countries), offer a stripped-down or reduced-use model for a lower price, or work on some deals with the government there to distribute them at a lower cost to the citizens.

2) Quality control. I certainly wouldn't pay $60 for some games or $30 for some movies, simply because they're of so poor quality. It forces the studios to present works of quality. I'm not talking about regularly producing epics, I'm talking about making them well worth the money. If I don't know if a product is going to be worth the money, you can damn well be sure I'm not going to shell out for it unless I know I'm going to be satisfied with the purchase. To use a particular parlance in some circles: vote with your wallet.

Just when you thought it was safe to enter the data centre

David Eddleman

New keyboard

Forwarding address will soon follow. :)

Facebook honeytrap used in Belgian hypermart blag

David Eddleman

So true...

Especially @Fake Ninja. I've had friend requests from people on FB before that I didn't know. So I sent them a message asking who they were, how they knew me, etc. Bots don't reply back, so then I ignore them.

Recently met a friend that I knew online at her place. For safety I texted the address to a coworker and let him know where I was going (as it was away from home) just in case it went sour. Thankfully nothing happened (and it was a very good time!) but safety ahead prevented things from going sideways.

Slack bank practice creates opportunity for phone phishing scams

David Eddleman

@Sam Liddicott

Doesn't work. If there is a man in the middle, there will be a noticeable pause after you give the details. A bank that's asking you the question (that's legitimate, mind you) will be looking at the question and answer at the same time, so the actual delay will be <2 seconds for the person to respond. Every company, be it bank or otherwise, that's asked me to verify details can give answers in a heartbeat or two.

Five cuffed over $37m heist of Google flash chips

David Eddleman


Love that style -- get a thumb from me.

But seriously, I also did see the "automatic rifles" bit and wondered how they know. Kudos, at least, to El Reg for not using the term "assault weapon".

US Marines splurge on Brit troops' armoured pants

David Eddleman

Ballistic armor in a good location

I'm glad to see that they're starting to make protection for the one area that's largely been unarmored until now. Which is a shame, too -- being hit in the thigh can be just as deadly as in the chest, particularly if it strikes you in the femoral artery.

Sure, it's not true ballistic armor, but it's a step in the right direction. While I doubt anyone's going to start sticking rifle plates to their legs, why not take the current tech a step further? Kevlar or aramid underweave and stop/mitigate the two biggest threats to that area: shrapnel and ricochets?

Russia files charges against alleged penis pill pusher

David Eddleman

Sure, really.

"but Gusev has been accused of operating a business without registration".

And by "registration" they mean "kickback".