* Posts by DCFusor

852 posts • joined 12 Oct 2013


Take your pick: 'Hack-proof' blockchain-powered padlock defeated by Bluetooth replay attack or 1kg lump hammer

DCFusor Silver badge

Re: Sounds familiar

LPL totally rocks - and counts the prep time most often.

But here, I think we have a relevant saying I first heard from Bruce Schneieir -

(paraphrased) - Anyone can create a code they can't break themselves.

Taking that one more step of indirection - these guys probably couldn't come up with a replay attack themselves. You'd have to understand BT a little, rather than just buy a chip and stick it in, and then use apis from a pre-written framework library for some app. The inner workings of such things may as well be magic to most people - even developers, though they don't like to admit it.

As to the hammer, well...(it's probably noisy)

Often the lock isn't even the thing you bypass. Deviant Olam..hinge pins, under door tools, and the rest of a long list.

I've seen massive locks on a chain link fence that a decent set of wire cutters would make a hole in. Or just pliers to untwist the twist ties holding the chain link to the posts..

Oracle customers clamor for its hardware. Yup, hardware. It can't build Exadata fast enough

DCFusor Silver badge

Re: Entirely predicatble (and predicted):

Well said - I've said the same here, probably not as well.

I DID manage to retire awhile back.

From this perspective, it's (mostly) amusing.

Always remember how much is supported by the churn - which will always encourage further churn - those ad bucks, PR paychecks, even online tech sites. It might even produce employment that is noticeable in the same scale as the tech itself! And talking about stuff is generally less risky than actually doing it.

No, Kubernetes doesn’t make applications portable, say analysts. Good luck avoiding lock-in, too

DCFusor Silver badge

Re: Tradeoffs are a constant, getting them right is the key

Yup. But given much of what I see reported here, as well as observe on my own, restating the obvious can easily be a positive service to many.

There are whole columns here on The Reg that are, roughly speaking, about "oops of the dumbest sort".

Common sense....isn't.

What price security? Well, for the US ban on Huawei/ZTE kit it's around $1.8bn, and you're going to pay most of it

DCFusor Silver badge


FWIW, a couple billion might look big to some people who don't know the US 2020 fiscal budget was:

"The federal budget for the 2020 fiscal year was set at $4.79 trillion."


I don't know if that includes the extra couple trillion of stimulus recently spent. It doesn't include the underfunded medicare/SS, I believe.

At any rate, 1.8e9 / 4.79 e 12 = .0004, which times 100 is .04%.

Wow, that's a huge deal. /sarc

Snowden was right: US court deems NSA bulk phone-call snooping illegal, possibly unconstitutional, and probably pointless anyway

DCFusor Silver badge

Re: What is the point of the court ruling ?

They've been at this quite awhile - it's not the current admin's fault at all, other than them letting it continue. They sure didn't start it.

Makes sense, this does, says US appeals court as it swats away Oracle's protests in $10bn JEDI contract spat

DCFusor Silver badge

I feel safe not.

If our national security is going to depend on "enterprise grade cloud" service, we need not worry about foreign attacks, it'll fall over on its own, examples abound. All an adversary need do is watch and wait...

Physical locks are less hackable than digital locks, right? Maybe not: Boffins break in with a microphone

DCFusor Silver badge

Re: LockPickingLawyer

Dilbert on the topic:


All too true.

Experian says it recovered and deleted data on 24 million South Africans after giving it to random 'marketing' person

DCFusor Silver badge

Re: I think Experian has had enough chances

They do have too much power.

I've discovered that if you don't have a rating - you fall off their records after some years with no use of credit and always paying any bills (no strikes on that permanent record your mom warned you about) -

Then the US social security administration will not let you create the standard "MySSA" account online for dealing with the various issues one encounters with social security.

No big deal?

Well, with the paperwork reduction act, they no longer really have facilities to handle you any other way. Yes, there's a phone number - you wait for an hour after an insane - 45 minute tour of the system with a robot asking questions, to get to someone who doesn't normally deal with customers and doesn't know why their phone rang. This may be good, no one else gets through because they hang up during the 2 hour wait - or their battery runs down,, and the person is often nice as they aren't on a firing line all the time.

I've had doctors demand some info from the SSA "this week" for qualifying for a particular fee schedule - and the only way I can get that is ask via mail in writing - takes about a month.

I called SSA to find all this out - the rep said "well, if Experian or Equifax doesn't have you, we have to assume it's some kind of ID fraud, everyone legit is a debt slave".

The US government doesn't know their own citizenship. Let that sink in.

Virtue is therefore penalized, and a private agency has far too much power. There's less than a snowflake's chance in hell this will change - they also sell the governments of the world data on you that they couldn't get legally otherwise, and it's the kind of data that makes Google, MS and others look like they are selling catnip in the marijuana market.

The definition of Fascism used to be some sort of crony public-private partnership. Dunno why people are just now using that word again - it's been quite a few changes of political power and this kind of thing has been going on for all of them - not just the current objects of hate.

Aw, Snap! But you should see the other guy – they're in dire need of a good file system consistency check

DCFusor Silver badge

Re: Rocket science or crash

So, a chrome failure (app) and a hard drive issue (hardware) are now blamed on the opsys?

Windows sour grapes.

Ed Snowden has raked in $1m+ from speeches – and Uncle Sam wants its cut, specifically, absolutely all of it

DCFusor Silver badge

Re: Treason

Do you seriously believe that those other governments the 5 eyes spy on didn't know all of that stuff, down to details Ed didn't even know himself?

Sounds like misplaced pride in ones own demonstrated (lack of) competence to me.

It's surely fair for the US to get the money - after all, they did all the work to commit the crimes that Ed profited by explaining. Obviously finding them, putting one's life at risk to perform a public service in informing us how little our own governments follow the laws they punish us for coming near is a worthless non contribution.

As an aside, some of us find it hilarious how low-thought people are who _don't_ recoil at our narrative controlling masters blaming the Russians or other boogymen du jour for anything whatever negative. I thought we paid our own guys to protect us from such things - warn us before the fact at least, among other duties, so in effect, they're admitting that they are not competent or in collusion with enemies themselves and are taking our money and freedom for...look what we get in return...

Linux kernel maintainers tear Paragon a new one after firm submits read-write NTFS driver in 27,000 lines of code

DCFusor Silver badge

Yeah, but...

20 years ago real NTFS support would have been worth a ton more, and perhaps justified a lot of effort to add it. Now it's borderline obsolete...

Some lucky web developer just scored $20k to scour Facebook out of Neil Young’s website

DCFusor Silver badge

All social media

Seems to be attempting to "screw with the election" - haven't seen any exceptions. Actually, all media, period. Even tech sites have writers with obvious agendas who put spin on things.

Too bad we let schools do to much of raising kids, and that schools don't teach critical thinking - it's not part of making the easily manipulated citizens they want.

Now it's backfiring, depending on your view.

And that's the thing - I'd bet Neil thinks some other platform is fine, since it tickles his own biases. I see this all around - if they agree with out, they're telling truth, otherwise they're evil purveyors of propaganda.

Common sense isn't. Projection rules the day these days - and it's really obvious to anyone not caught up in it themselves. Seems so easy to notice and accuse "the other side" of whatever you're most familiar with - because you do it.

As if that whole 2 sides thing wasn't an utterly false dichotomy.

"Would you rather we controlled your very thoughts? The other guys just want all your money so you live in poverty".

Surely there are other possible choices, maybe not readily available - the big club is rigged, but those are unacceptable.

The future of signage is here, and it wants an update

DCFusor Silver badge

Even Microsoft

Has become a linux fan! Not only are they trying to emulate it internally, and make it easy to develop for, but they're obviously

also giving users a not so gentle push to get off it for anything that matters.

Now why you'd want to develop for and run software for a reliable opsys on windows, instead of natively on the reliable one, I dunno. But MS never did make too much sense. WSL seems to be an example of that, at least to me. Hard to see why that even exists except to temporarily keep people on windows enough to collect fees for office licences.

Pay ransomware crooks, or restore the network? Guess which way this city chose after weighing up the costs

DCFusor Silver badge

Re: I wonder if...

The selfish part was doing lousy security. Now the taxpayers pay, not the entity deciding to pay ransom - it's not their money, so yes, selfish in that sense.

By refusing to take a stitch in time, they let their constituents pay the nine.

If you can read this, your Windows 10 2004 PC really is connected to the internet no matter what the OS claims

DCFusor Silver badge

It's a trend

Anyone else notice that if you click on the voice search (microphone) icon on google's home page that it works fine in chromium, but in any other browser, it reports "no internet connection"? As in, how did I get to that page without one.

You're testing them wrong: Whiteboard coding interviews are 'anti-women psychological stress examinations'

DCFusor Silver badge

Re: I interview tecnical personnel occasionally

I like the way you think. That's pretty much the sort of thing I used to look at.

DCFusor Silver badge

Re: but this can't be true

It's been awhile, but the last time I accepted applications for the good jobs I had, I was flooded, just overwhelmed with applications. So many that even though a huge majority weren't as good as they tried to claim - resume padding was already an art widely practiced, there were many excellent prospects that were plenty good.

Coding skill is not the only thing you need in a coder!

A procedure that ditches most all of them is fine, as long as the one that's going to do the outfit good makes it. It may accidentally toss out a few good ones, but I couldn't hire them all anyway.

And my killer question - hopefully not sexist or anything else-ist - was "what do you do in your spare time with this skill set - what do you love doing?". A blank stare, no hire. An enthusiastic response, hired - even if it wasn't something amazing. People who love what they do will become great at it regardless of where they are at now. People just looking for a sinecure, any job, in it for the money - they will cost more than they are worth.

We did really well as an outfit, and our customers often asked me "where did you find these people" and were jealous. It must not have been a stupid method. And we did make plenty of money, but we concentrated on being the best and the money followed. Our enthusiasm for solving customer problems made sales and made our promises stick.

Report: CIA runs secret cyberwar with little oversight after Trump gave the OK, say US government officials

DCFusor Silver badge

Re: Twitter Hack

Meaningless for the numerate and informed. $100k for an election campaign? Are you thinking local dogcatcher?

Needs more work as a theory, even the flat earthers wouldn't go for that, would they?

FYI Russia is totally hacking the West's labs in search of COVID-19 vaccine files, say UK, US, Canada cyber-spies

DCFusor Silver badge

Vaccines are not money makers, historically. Try again.

DCFusor Silver badge

Re: Why?

Yeah, despite the downvotes you got, and I'll probably get, it seems hypocritical to claim you're all about saving lives, but then not just sharing what you know that might help.

Does everything have to be about war and hate?

Those things do help people in power justify their continued power, but it doesn't seem like they help us as much as simple, and traditional, scientific sharing of knowledge we can all build on - the shoulders of giants - does.

Why is it bad for someone else to possibly learn how to cure or prevent this nasty? In truth, even clutching a solution to your chest only buys you a little time before it gets reverse engineered anyway.

So short sighted and petty. Disgusting.

When a deleted primary device file only takes 20 mins out of your maintenance window, but a whole year off your lifespan

DCFusor Silver badge

Re: Speaking about the f*ing manual...

I've had the same thing happen with a '66 chevy staton wagon, when it was around 4 years old (giving away my age) as a teenager.

Got half a mile in the wrong car, noticed some things weren't quite right, came back to the grocery store to see the other fellow trying to start my (dad's) car and failing....

At least back in the day in pastoral USA, it was only an occasion for some laughter.

Nowadays, it'd be charged as auto theft or something.

Fans of Deviant Olam (he uses that name on youtube and conferences) know that virtually all Ford crown victoria police cars, and hence taxis, are keyed the same....and you can buy that key on ebay.

Linux kernel coders propose inclusive terminology coding guidelines, note: 'Arguments about why people should not be offended do not scale'

DCFusor Silver badge

Re: Loaded words replaced by euphemisms

When I architect and then code a "master-slave" protocol, my use of those words makes mere human slavery look like weak tea indeed.

My master might also be a the creator, controlling the very existence of the slave, and the universe in which it exists. More like a god than a mere owner.

The slave has an utterly abject existance. Unlke in human slavery, I don't have to feed it, I pay no penalty, even economic, for killing it. (oh, there's another word).

And I'm going to execute that master code, which will in turn cause the slave code to be executed. I might burn it into a memory device first.

Perhaps, as CS Lewis mentioned in his space trilogy, the problem is that some things are just too definite for words? It's the human use of master and slave that is crap, not the software one.

But I guess like the transformation of the meaning of "hacker" from someone who was good at creating or finding unexpected uses for things into "cracker" - essentially a trespasser - we'll have to suck it up, and oops, there's another phrase of questionable derivation.

It's only a flesh wound (M Python) and we can't win. Just being right isn't enough around the snowflakes, and appeasing them will work for us about as well as it did for Chamberlain

Those who destroy history just make it easier to repeat. IF you're too easily offended to even learn it, well, here we go again.

The Moon certainly ain't made of cheese but it may be made of more metal than previously thought, sensor shows

DCFusor Silver badge

Water has a really high dielectric constant too. Hmmm. "assumptions"

Linux Mint 20 isn't exactly bursting with freshness but, hey, there's kernel 5.4 and it's a long-term support release

DCFusor Silver badge

Re: Colour inheritance?

And huskies. But I can't see....

DCFusor Silver badge

Re: Form or function?

"It just works" was the killer app for quite awhile for some fruity firm.

Now the rest of us can have it without the idiot tax.

I like Mint/Mate for that, and stability is tops.

Like a vehicle I own - reliably boring. Kind of a nice feature for a tool.

Doesn't make for exciting click-bait for reviewers, and as soon as they say it, someone will carp about incompatibility that occurred before most college students were born and deny it.

But for people who just need something that works so they can get on with productivity...it's kind of nice.

Adobe about to pull the plug on Creative Cloud freebie 'at-home' access for students

DCFusor Silver badge

Sound like you're just too lazy to learn any alternatives . No one who had learned a few would make such blanket statements.

You overstepped and infringed British sovereignty, Court of Appeal tells US in software companies' copyright battle

DCFusor Silver badge

Re: Before all the American bashing....

This american cheered when the judge in the DVD Jon case said "wait, DMCA isn't a law in Norway" - to the astonishment of our legal system....

Microsoft claims AWS has used new JEDI mind trick with secret contract objection filing

DCFusor Silver badge

Could this be a demonstration that now the Military Industrial complex has more power then the military itself?

The military can't seem to write their own code and manage their own IT. That's sad enough, and it should be a priority to gain that competence, frankly.

I don't think our security interests are best served by various vendor shenanigans that both MS and AWS are known for.

Yes, I know that "national security" is often used on contexts that have nothing to do with the average citizen's security, and often means the job security of some bureaucrat or contractor - or a way to classify wrongdoing so no one pays consequences. I'm using the naive understanding that they actually care about us.

And now we see that they can't even contract the job out to he desired supplier, and this isn't the first time for that - IIRC there was a contract for Air Force tankers that got reversed awhile back, as the company that thought they were entitled to the work but didn't have the best bid, fought in court till they got the contract anyway - over the arguably better original selection. Citation here (without the gory details that perhaps show the corruption better): https://en.wikipedia.org/wiki/KC-X

'A' is for ad money oddly gone missing: Probe finds middlemen siphon off half of online advertising spend

DCFusor Silver badge

Re: Well this is a step forward

Reminds me of an ex I'll call Zeno.

Half of what's yours is mine.

Half of what's left is mine.


Senior MP tells UK Defence Committee on 5G security: Russia could become China's cyber-attack dog

DCFusor Silver badge

Re: Finally gone for broke

I'm reminded of this quote, the truth of which doesn't seem to be affected by who is in power, or the country - it's nearly the same everywhere and everywhen.

“The whole aim of practical politics is to keep the populace alarmed (and hence clamorous to be led to safety) by an endless series of hobgoblins, most of them imaginary.”

― H.L. Mencken, In Defense Of Women

It seems the MIC worldwide, that great self-licking ice cream cone, that almost always gets its way, is just doing the old money seeking behavior so prevalent these days, and not unique to them.

Baby Diesel? Little d'Artagnan? There is another child of Musk in the world

DCFusor Silver badge

Joule or Max(well) seem appropriate.

Dell to unleash hybrid server/storage boxen that can run virtual machines

DCFusor Silver badge

Re: The power of marketing..

It's been funny watching the wheel turn, again and again.

Mainframe with thin clients...

PCs on premises

Cloud (mainframe with thin clients)

Is one of the rotating wheels - all you need is marketing to rebrand things and call them "new".

This is just another instance of a local server that has enough storage to, um, serve something.

Seems all too large a fraction of one's expertise has to be "read through the marketing BS".

I'll get my coat...

Microsoft decrees that all high-school IT teachers were wrong: Double spaces now flagged as typos in Word

DCFusor Silver badge

Re: It may be a US "standard", but...

Yep, software is MY servant, not the other way around, and this is trivial to handle in software any way you'd like.

I don't need a nanny - in my workflow, or from my government. Just don't.

We're in a timeline where Dettol maker has to beg folks not to inject cleaning fluid into their veins. Thanks, Trump

DCFusor Silver badge

Re: Suggestion

So, we're afraid to blame the educational system for failing to educate people enough to make things like this not a problem?

Oh, that would require effort to fix, and it's easier to blame some current clown than to apply accountability to ... huge numbers of indoctrination system promoters from several generations past.

After all, we all know they were perfect. The history they (re)wrote about themselves, which was pushed into you at public school instead of useful knowledge, says so.

When will this become the fault of an educational system that graduates people who can't balance a checkbook, don't know enough to know how to start a business, and increasingly can't do simple reasoning, simply don't know diddly about how things work, and are completely dependent on someone else, in this case a politician, to know what to do?

I think partisans are looking in the wrong place if they actually want to solve the problems here.

If people were taught critical thinking - vastly useful in all domains other than being simple to con followers of dishonest leaders (but I repeat myself) - perhaps they'd just laugh at the idiots (and better ones would be available to elect) and move on.

Till then, we'll have to depend on Darwin to reduce the stupidity I suppose.

Seems brutal but it does work.

Spyware maker NSO can't claim immunity, Facebook lawyers insist – it's time to face the music

DCFusor Silver badge

Indeed. One is reminded of Gilbert and Sullivan's line; "I've got a little list, of those who won't be missed".

I wish it was a shorter list.

Signal sends smoke, er, signal: If Congress cripples anonymous speech with EARN IT Act, we'll shut US ops

DCFusor Silver badge

Re: I think it would be rather splendid

However, this government is known IT-utterly-incompetent, and the military is just now outsourcing all its IT and even secure stuff to ...Microsoft (or Amazon, depending on whose lawyers win).

The crypto is the easy part anyway - See Bruce Schneier and friends. It's avoiding all sorts of pitfalls and side channel attacks that is hard. Ask Intel about that one.

One wonders, however. Since it's well known that the agencies can pretty much compromise any device - and therefore get plaintext before (or after) either "end" of end to end encryption...and even though they complain, it seems the FBI can buy exploits to get into those "locked phones" and does so just before they lose in court (more than once!) - maybe this is all just a smokescreen to make people THINK they don't already have the goods - they just want the messaging platforms to do all the work of screening, and take the blame in the event of failure.

Official: Office 365 Personal, Home axed next month... and replaced by Microsoft 365 cloud subscriptions

DCFusor Silver badge

Re: "deepen your connection to the people in your life"

Until something like "the job's not done until non subscription software won't run" comes along.

Broadcom sues Netflix for its success: You’re stopping us making a fortune from set-top boxes, moans chip designer

DCFusor Silver badge

Re: I hope the judge gets pissed at Broadcom...

Think how much that'd be worth on pay per view!

Google reveals the wheels almost literally fell off one of its cloudy server racks

DCFusor Silver badge

Re: I must say I'm surprised....

Something along the lines of "the more complex you make things, the easier it is to stuff up the plumbing"?

I've run into that one a few times. Either false positive or false negative can really mess up your day.

Grab a towel and pour yourself a Pan Galactic Gargle Blaster because The Hitchhiker's Guide to the Galaxy is 42

DCFusor Silver badge
Thumb Up

A code

One of the many benefits of THHGTTG is that once you know it - and some friends do as well - you have a code, moderately secret, with which to communicate.

We see it here on the Reg all the time - a fraction of a line from the series will bring a relevant response from all those clued in.

Few works have had this wide power to transmit context with few bits. While there are some tag lines from popular movies that do the same - none have more than a couple of them that are useful - Hitchhiker's stands out as the most prolific by far (in my opinion).

Friends and I (at least those who are hoopy froods) use this, Firesign Theatre, and some lines from popular movies in our banter to great amusement, and of course humorous confusion of those present but not in on it all.

Thanks, Mr Adams!

'Unfixable' boot ROM security flaw in millions of Intel chips could spell 'utter chaos' for DRM, file encryption, etc

DCFusor Silver badge


Projection is all over government and politics. You always accuse the other guys of doing what you damn well know you're guilty of yourself. Rampant in the US just now, but it's not exclusive and not new.

Brexit Britain changes its mind, says non, nein, no to Europe's unified patent court – potentially sealing its fate

DCFusor Silver badge

Re: The lawyers will be fine.

Pointing out what's legal in theory is fine.

Now, in practice, the bigger money wins all too often. That should be clear by now.

Sure if it's ridiculously obvious, the "right thing" will be done.

On the other hand, a good patent lawyer can often blur things enough to easily thwart the spirit of the law.

One could argue that the reality of two classifications - spirit and letter - are what feed lots of legal beagles.

To paraphrase a well known politician when put on the spot - it depends on what the definition of design is.

Death and taxis: Windows has had enough of clinging to a cab rooftop in the London rain

DCFusor Silver badge

Re: The real big joke

Rats, I only get one upvote. ;~}

Hooray for ublock and similar. And for lazy sites that can't figure out how to host their own, making rejection by source address easy.

Third time's a charm, maybe: Bankers suing Oracle over claims of exaggerated cloud sales have another go at convincing skeptical judge

DCFusor Silver badge

While it's perhaps nice to have standing to attempt to punish Oracle in court, it's also amazingly stupid.

Invest in a baby-seal-clubbing operation? Have you no morals at all? It's not like their behavior is unknown, even to finance types (in the big outfits, they are stuck with the junk).

And then to sue an outfit also famously litigious as well as famously dishonest, but with a record of winning in the courts?

Who did due diligence here? On anything at all?

Yeah, I know, pension funds (or mutual funds) have no morals either, but if Oracle is the only way to make money, I'd look for a better job.

I'm sure there are other ways to keep grandma and pa on better than cat-food.

Assange lawyer: Trump offered WikiLeaker a pardon in exchange for denying Russia hacked Democrats' email

DCFusor Silver badge

Julian didn't kill himself?

DCFusor Silver badge

Re: His name is Seth Rich

Here they are so sure of what they want to believe, they jump on anything that works their confirmation bias.

As it turns out, JA's lawyer flip-flopped on this, and the WH denial was not a lie. But almost no one here will go with the truth,as demonstrated with downvotes on every comment that tells it - no matter how easily verifiable. I read:

"Update: The story appears to have changed dramatically. According to Assange's lawyer, Rohrabacher, it was him that informed Gen. Kelly that "Assange would provide information about the purloined DNC emails in exchange for a pardon," but never heard back from the White House.

So, unlike Sky News entirely wrong fake news headline..."

See World News for this update.

Uncle Sam: Secretly spying on networks around the world without telling anyone, Huawei? But that's OUR job

DCFusor Silver badge

Re: The harder the US pushes on this


It seems the government can no long rely on _all_ of us being uninformed or unable to detect hypocrisy.

Maybe this internet thing did do some good?

NBD: A popular HTTP-fetching npm code library used by 48,000 other modules retires, no more updates coming

DCFusor Silver badge

Waiting for the woodpecker

"The JavaScript ecosystem is simply too large, and the dependency graphs too interdependent, for anyone to get an accurate picture of how much of the remaining dependence on request anyone should actually be concerned about."

This brought to mind the old saying - "if architects built buildings the way programmers build code, the first woodpecker to come along would destroy society" - or something like that.

While I could rag on Javascript specifically, there's no need as it's far from unique in this regard. We're cruising for a fall...

Startup Mycroft AI declares it will fight 'patent troll' tooth and nail after its Linux voice-assistant attracts lawsuit

DCFusor Silver badge

Just checked it out, as it would be cool for my LAN of things on my homestead.

But it's a huge nope - it can't be used standalone on your LAN, it needs to talk to the mothership over the inet to do anything.

So, just like all the other IoT scams - you wind up utterly dependent on someone else - who might go out of business, decide to charge you rent to use your own stuff, have various security issues that you can't trivially block by just not giving the thing outside access....and so on.

Open source doesn't have a ton of meaning in this case - it's not open in any meaningful sense though you could read the code - if you have years.

"C'mon kid, the first one's free"



Biting the hand that feeds IT © 1998–2020