* Posts by elDog

1090 publicly visible posts • joined 23 Oct 2013


Bermuda, your data, Google's gonna take your US data


How fast can 294,911 Brontosauruses talk to one another?

This seems to be the real limiting factor.

I can see the pulses going along quite well as each bronto (using the familiar) bites the next ones tail. But do they need to reverse direction to make it full duplex? Can the force of the bite convey additional non-binary data? Inquisitive minds, and all that rot....

Former CIO accuses Penn State of faking cybersecurity compliance


"We take these ... very seriously" - corporate/legalese boilerplate

I'm sure there's a keyboard shortcut to stuff the template into the document.

Oh, wait - the GPT models can produce better fluff than the $300/hour lawyers.

Watchdog urges change of HART: Late, expensive US biometric ID under fire


It's really hard to kill these types of projects. Remember Total Information Awareness?


It's still kicking and probably has many of the same corporations and players supporting it - and more importantly being supported by it.

"DHS envisions the system, initially projected to cost about $4.2 billion and to be completed by 2021." (Guess that has slipped by already.)

"Last year, a subsequent schedule adjustment and budget increase of $354 million left the project without a planned date of completion." (Nice work if you can get it!)

Washington left with chip on shoulder after Huawei exposes export loophole lapses


It's humorous to watch US House Republicans try to act like they know science and technology

when their whole purpose in non-governing is to prevent Americans from having a decent education.

MOXIE microwaved Mars air into oxygen, but now it's time for a breather


Re: Chemisty is not my strong suit....

I'm guessing that you've done the chemical mathematics correctly.

My slim remembrances from times past in chemistry was that O (the element) doesn't really float around freely in "nature" and that it will rapidly combine into the O2 of which you speak.

Microsoft: China stole secret key that unlocked US govt email from crash debug dump


"another issue it said has now been corrected"

This seems to be the common refrain in the Ballad of the Microsoft Excuses.

And, of course, we'll never know that it has been corrected. Until the next refrain is sung on the same problem.

Perhaps a their culture could embrace a better response than saying "sorry". Suggesting https://en.wikipedia.org/wiki/Seppuku

IBM says GenAI can convert that old COBOL code to Java for you


Skip the Java - go straight to Rust (or whatever the new flavor is today)

Java must be at least 30 years old already. The J2EE libraries that I worked with 15 years ago were creaking with their baggage.

Not sure I'd really like to see the output product from COBOL-68 (last version I knew) to a modern language. DATA DIVISION: OBVIOUS-123 meet obfuscation_xyz.

IBM describes analog AI chip that might displace power-hungry GPUs


Cut my baby teeth on a Pacer analog/digital system in the late 60s

It made a bit of sense to me - a bunch of analog devices to control flow and digital to supply the inputs and interpret the outputs. I think one of the primal examples was solving the traveling salesman problem almost instantaneously while the digital beast (IBM 7094) was still slogging along.

But the allure of working with just clean bits (on/off) was too much and the Pacer went out the door.


Lawrence Livermore lab repeats fusion breakthrough – yep, still kinda works


Sticking one of these NIF fusion reactors, and especially the ITER on ones rooftop

would guarantee that you'll never need to worry about heat or eleccy again! Under several thousand tons/tonnes of equipment you'll be insulated from any temperature fluctuations (well except the upcoming solar super-nova.)

Florida man accused of hoarding America's secrets faces fresh charges


This is not a joke. This is not a drill. This is the messiah for a whole bunch of idiots.

Not to sound apocalyptic about this stuff or anything.

I know you brits had your fling with BoJo but I think he's winged his way into oblivion (other than various lordships, etc.)

The US colonies still have a solid remnant suffering from partial genetic brain damage and will vote for a trump or bojo or their dead heros like Strom Thurmond or Mitch McConnell (is he dead?)

The pustule-faced trump seems to be able to milk his low-lying partisans for every $5 they have. One would hope that they couldn't pay for necessities like toilet paper if they didn't have those $5. No worries - there's shrubberies outside.

Important note: Humans can use AI to make music and still bag a Grammy


Fat chance enforcing these types of rules/restrictions.

Content is generated by a whole host of methods. Very little (if any) is original. Using an AI to craft a segment of a melody or even the vocals won't really be detectable especially once its gone through the normal blending and transformations. A fools errand just to make the "professional" societies look like they have an important part in the process.

Of course this applies to all forms of art - text, visual, music. And it's just going to get more intense.

(Speaking solely as a programmer who's artistic output is wonderfully exceeded now by the AI "helpers".)

RAM-ramming Rowhammer is back – to uniquely fingerprint devices


Everyone remember when you could turn a core bright red by flipping its state?

Back in the old days, the memory bits were represented by single magnetic donuts - my recollection is about 3mm. These lil bits were weaved into a large plane with cross-wires. Apparently, flipping a single bit on and off fast enough (milliseconds?) would heat the poor thing up until it expired.

In the only slightly less old days, we were able to achieve the same thing (destruction of memory) by flipping a unit of memory (then called a "word") - probably using the wonderful XOR operation.

I guess there wasn't much use for something like Rowhammer back then.

Twitter rate-limits itself into a weekend of chaos


Re: CEO of Twitter ... Linda Yaccarino

I'm sure that period of time will be called "Undergoing rehabilitation."

California man's business is frustrating telemarketing scammers with chatbots


Or, we could just say that the bots' human equivalences are biological

Husband and wife and children and others. We are already perfectly adapted to having these non-sense discussions.

It's time to mark six decades of computer networking


The obligatory "I was there at the birth...."

My first job (1968) was with a university department that was funded by ARPA - "The Socialization and Rapid Acculturation of Native Cultures" - all loaded by punch cards into the mainframe. Definitely not networked.

A bit later, I worked in Northern Virginia had an IMP (Interface Message Processor) as part of a testbed in the mid 70s. It was loaded with paper-tape and had the normal plethora of toggle switches to enter codes into memory.

A bit later I ended up with Berkeley and watched the incredible tsunami of innovation and interconnections that these networks opened up. Still amazed at the technologies and dismayed at the commercialization.

Identity thieves can hunt us for 'rest of our lives,' claims suit after university data leak


This does need to be taken much more seriously.

A lifetime ruined and a crappy credit score as a reward.

First of all, the credit scoring agencies are just as suspect for leaking personal information as many of the merchants.

But the company that accepts personally identifiable information (or other variations) should be held accountable for all the damage that can occur if that is used for nefarious purposes.

While this particular article is about exfiltrating this information, there are lots of situations where the companies in question also mis-use the information and cause harm (sharing with "trusted" partners).

I suggest a surety bond for every customer be placed in a trusted place (not sure what that is anymore) and any negative actions and pain-and-suffering penalties be paid from that accumulated bond. Probably $100,000 per customer? Also the officers and directors of said companies be held personally responsible for payments that exceed the bond amount.


Re: "SSNs are assigned at birth, and never change"

SSNs are not unique. They need to be re-used given the small range of possibilities.

9 digits, some of which are pre-allocated and possibly known by other means.

If there is a common hashing or encryption algorithm, easily deduced from the product of that algorithm.

Microsoft tries a deeper dive into Azure Firewall traffic


Apparently Microsoft also peeks into encrypted zip files the firewall may have more to do

Based on an earlier post today, it was revealed that Microsoft's practices also involve trying to open up encrypted zip files.

Perhaps this is only done when the nasty zip reaches the Azure folder and not done in semi-real time via the firewall, but the temptation to peek inside packets while in transmission must be strong.

Google sued over 'interception' of abortion data on Planned Parenthood website


The data you store in our cloudy appendages will be fondled.

Unless you (the consumer) has entered into some special non-sharing agreement. And unless your provider also has explicitly said that they will not share with *any* third party (including network and data services), your data will be examined. The robe will be removed, the probes will be inserted.

This is true for all the major vendors (Amazon, google, Microsoft/Azure, ...) Just today a story about how Microsoft actually opens password-protected zip files to look at the contents. That's getting pretty damn personal.

The USofA does have HIPAA (mostly written as if it's a large mammal: HIPPA) which protects (sort of) health information. Very poorly enforced and very hard to use.

Just to add the obligatory: As all of this data is munged together into these wonderful AI "models", your name, sex, last act, etc. may come bopping out - all without any way of attributing to any actual incoming data set.

Yee Haw - it's the wild west, again!

The future of cars may be self-driving EVs gossiping about their humans and traffic


And distracted with their gossip, pings, software uploads, etc.

I can just imagine being a passenger traveling down I-5 when the on-board computer starts its countdown for a critical software upgrade. 5-4-3-2-1-00000000000000.

Here's what the US Army picked for soldier-worn tactical USB hubs


"One could imagine that opponents are lining up for a try at cracking this."

If it hasn't already begun while it was still in some TS trials.

I'm still wondering if they have solved the problem of BadUSB (https://en.wikipedia.org/wiki/BadUSB) where a device gets to tell the host what it is, leading to some unintended consequences. AFAIK, there are no software or controller-resident solutions for this.

How Sandia hopes to accelerate US hypersonic weapons development


This is SOP. The government contracts with lots of small/medium/large companies

SOP - Standard Operating Procedure

It is totally normal for the US to contract out much of its R&D and most of the production. The thrust of this breathless article seems to imply that there is DANGER in doing this.

Yes, the sensitive information needs to be protected but that is true whether for a government employee (military service or otherwise) or civilian contractor.

No more feature updates for Windows 10 – current version is final


I'm thinking that Microsoft (and others) should start using complex numbers in their versioning.

You know, something with an imaginary component.

While I applaud their move to providing cloud-based services (when they work, when they are fully functioning), I think they are also pushing away a whole segment of lowly developers that targeted the Windows environment, or at least included it in their cross-platform releases.

Slowly, slowly, over the last 15+ years, I've migrated to another platform (not Apple based), and have found the tools and environment to be at least as good and much more useful for multi-platform development. Maybe that's why MS has pushed WSL, but it seems strange to have a bloated whale under a slim-and-trim OS just to try to stay on the same hardware.

Microsoft is busy rewriting core Windows code in memory-safe Rust


How long before the embrace, extend, and extinguish model sets in?

I'm thinking there's been a sea change at Microsoft.

For several decades most of MS's intellectual property has come by absorption from outside products and projects.

In the last few years there has been an apparent openness to sharing and be participatory rather than controlling.

I will welcome this while still harboring a sense that I'd better be checking the rear-view mirror fairly frequently.

Fancy trying the granddaddy of Windows NT for free? Now's your chance


And don't forget TPU and Eve.


TPU wasn't flexible to write real programs, at least for me. I needed some concept like array variables and couldn't find anything.

Open source Socket Runtime arrives, with aim to drop cloud as a dependency


Good interview, anaysis. Glad to see more P2P capabilities out there.

Removing the controlled/centralized servers from the equation allows a lot of flexibility. But it also means that there is no central repository of "truth" that can be used to restore state when needed.

I've found it ironique that the world beat a path from the big iron implementations to networked mini/micro solutions with a stop along the way for "client-server". We're mainly back in the client-server world again with most of our data and logic existing in the cloud, and controlled by the cloud operators.

Inside FTX: Jokes about misplaced funds, diabolical IT, poor oversight, and worse


Unfortunately, all of the funds I stored with FTX were worthless

I did have over 1,000 BTC at one point. I leveraged that to multiples of other coinbase and items. Ethererum was a good staging for some of these transfers.

I sent an encrypted USB drive to FTX with probably $100,000,000++ of digital coins. They did give me a digital receipt. But since then I have heard nothing and cannot access my gold.

Dear Amy - Am I screwed?

Welcome to open source, Elon. Your Twitter code just got a CVE for shadow ban bug


Just like some other sucking platforms, why not just stay off twitter?

(I didn't want to name specific platforms, but could suggest Windows, FaceBook, Lotus, Oracle, ....)

Some other forum-style web sites seem to have a lot of users that just post a twitter link. Following the link gets you into the musky world where I don't want to go. I rail against this but am told that "well, everyone posts their important stuff on twitter - we need to use it. Most of these posters are just too damn lazy to pick up some original content out of the tweet and include it.

Gripe, bitch, snarl, off to bed.

AI software helps astronomers deblur galaxies snapped by Earth telescopes


Give the AI model some psychedelics and let's see what ensues.

No need for telescopes or astronomers. Just lots of Starry Nights.

Version 100 of the MIT Lisp Machine software recovered


No love for Forth (or assembler in 10,000 variations?)

I cut my teeth on BAL on an early IBM 360 and haven't regretted a single new language learned since (excepting COBOL and RPG).

Also, don't forget JOVIAL (Jules Own Version of the International Algorithmic Language) which may have pre-dated Pascal (not sure.) We had to do our software prototypes in JOVIAL when the I-86 Ada compiler from DEC wasn't ready yet. Those were the days....

Lawyers cough up $200k after health data stolen in Microsoft Exchange pillaging


Excellent. Start fining companies that don't protect their clients' data.

In this case, the fines should be many times higher and the fees extracted should be able to offset the costs of the victims' time and expenditures.

There should also be a public registry of which firms/individuals have offended. This would probably be a bigger deterrent to future lapses in good judgement. A few $100,000 for big companies is just a bump in the "cost of doing business".

You've been pwned, how much will each stolen customer SSN cost you? How about $7.5k?


$25/hour in recompense for time spent by individuals trying to clean up this mess?

And how much are the doctors and lawyers paid per hour?

When I was gainfully employed my rate was 3 to 5 times that paltry $25.

UNIX co-creator Ken Thompson is a… what user now?


Re: Not shocked

But just like Gates's OS, Apple didn't really want to be seen as just another *nix variant until they had milked the proprietary OS angle for a few decades.

Personally, I'd love to see a large jump in the evolution of these server/desktop OS's that takes the best and leaves the accumulated cruft behind.


Not a bad record. I'll give him some slack for being in the Apple camp for too long.

Lot's of otherwise smart people like the walled garden and some very good tools. Good thing that many of us couldn't afford their offerings or they'd be much more popular.

I actually started coding in "B" (https://en.wikipedia.org/wiki/B_(programming_language)) after starting in assembler and FORTRAN on the GE architecture. It's been fun watching the evolution of these sets of languages and hardware capabilities for so many years.

Thank you, Ken.

Hands up who DIDN'T exploit this years-old flaw to ransack a US govt web server...


And just when I thought replacing all my Adobe Flash controls with Telerik

Who would of thought that a simple add-on control to the Microsoft stack could cause so many problems?

White Castle collecting burger slingers' fingerprints looks like a $17B mistake


I was sure White Castle was collecting customers' fingerprints

from the greasy wrappers. That sounds like a much more useful thing to do with those "food by-products".

Crooks copy source code from Okta’s GitHub repository


As long as it doesn't hurt the bottom line, these venture-capital funded companies don't care.

A large swath of the US gov't uses Okta for identify management. And the contracts must be huge.

Tying a breach like this to a loss of government assets and assigning monetary damages to the VC owners would be very difficult. There is no top-to-bottom accountability.

In the end the taxpayer is screwed by the perps via loss of identity and services, and then screwed by the gov't to try to remedy the situation. Win-win for some, lose-lose for us.

You can hook your MIDI keyboard up to a website with Firefox 108


Be really nice if the task manager had some customizations

Also, this is called "Process Manager" when it is brought up. The old "about:performance" is still there with something called "Energy Impact" - I guess somebody's attempt at mashing metrics into one item.

The only fields are "Name" (includes URL and tab name), Memory (!!! I have an entry labeled "GPU (42044)" which is listed at 5GB and uses 10-20% processor.). There appears to be a button on the far right labeled "Actions" which does nothing for me.

I'll always want more metrics. Please keep them coming.

What did Unix fans learn from the end of Unix workstations?


Wow - SGI and IRIX!

Now if you had one of those Cray-1 boxes to hook up you would have a fun room heater.

Guess which Fortune 500 brands and govt agencies share data with Twitter?


Twitter could be a threat vector for a foeign government?

"If Twitter itself were to ever suffer a breach, a foreign threat actor could leverage their control over Twitter's code to deface or hack these sensitive government websites," according to the report.

Since Melon Husk owns twitter it appears that the threat is already there. As Pogo once said: We have met the enemy and he is us.

Evernote's fall from grace is complete, with sale to Italian app maker


Re: Joplin

And it's open source with a very active community. You can run local-only or sync to any number of devices via most cloud services.

I do miss many of the UI features that I had gotten used to in Evernote. Since Joplin is Electron based it seems heavier and doesn't have as many features. Still you can't beat the price (0) and the support.

Wells Fargo, Zelle slammed by Liz Warren over rampant online banking fraud


EWS - Early Warning Services, Inc. - We'll let you know when the feds are investigating.

Something about foxes and chicken houses.

Major banks in the US teaming up to create a payment alternative to paypal (also a fox) and avoid scrutiny while chowing down on the chickens (clients).

Yum, yum. Capitalism at its best!

Hospital giant's IT still poorly a week after suspected ransomware infection


Perfect response. Wisht I had seen yours earlier.

Actually, I think all hell will break loose if the service guy is dispatched to fix our wetware.


Given that this is based on the Catholic faith, perhaps someone higher up can help?

I'm not sure if those types that Lord it over some of us have kept up with the latest in IT stuff, but perhaps a thunderbolt or two sent to the perpetrator's home?

Lloyd's of London cuts off network after dodgy activity detected


It's not a war, goddamit. It's a Special Military Operation. And Lloyds better cover it!

"Even before detecting a possible IT intrusion, Lloyd's has been in the infosec headlines since late August after making changes to its policies that will soon prohibit its syndicates from covering losses arising from certain nation-state cyberattacks and those that happen during wars."

Not only that, but if the USSR (aka the rump Russia) has declared certain areas of the world its own (Ukraine and most of the 'stans), then there really can't be a "war" - just another putting down of an insurrection.

Sounds very much like the plan in the USofA with the (r)epuglicon party playing the part of the putinistas.

With a tiny bit of legal chicanery, Lloyd's should be able to legally weasel its way out of any reimbursements.

Papa John's sued for 'wiretap' spying on website mouse clicks, keystrokes


Really? This is how much of the web works nowadays.

That loverly page you're looking at is built based on initial HTML and then modifications to the DOM (Document Object Model). Each mouse movement/click can cause elements in the DOM to be activated. Each activation may need to phone home to get the proper content to display.

Watching how long some bloke hovers his (or her) mouse over a particularly attractive part of someone's anatomy may get recorded, but "Only for improving our website and performance."

Cyber-snoops broke into US military contractor, stole data, hid for months


Re: Given the mentioning of two python scripts being involved, isn't the solution to disable python?

Thank you for a serious reply to my flippant comment. I've gotta stop doing that!

Python has become a very important language in systems that are powering the machine-learning world. In my little knowledge it seems that most natrual-language-processing (NLP) uses Python to run the low-level tools (mainly C/variants and CUDA logic.)

I might have expected perl to be the glue-type language but it got stuck in a mud-hole a few years ago.


Given the mentioning of two python scripts being involved, isn't the solution to disable python?

And of course, PowerShell, cmd.exe, etc.

And probably the .NET echo-system.

I think COBOL-68 is still OK, tho.

DeepMind uses matrix math to automate discovery of better matrix math techniques


I'm hoping that these superbots can tell us the meaning of '42'

And do it within a current human's lifetime. I understand that 42 was the answer to a silly question. Now I want to know what 42 really means - beyond that silly question and lots of maths.

Aren't we in the realm of designing an AI that can ask another AI a question that can't be answered - even if both are considered the "god" AI?

(This is based on the question: Can god make a stone so heavy that god can't lift it?)

..... Knew I shouldn't have had a glass with my lunch ...

How CIA betrayed informants with shoddy front websites built for covert comms


Hiring contractors to do important/sensitive/deadly work without oversight and accountability

I would say that you get what you paid for, but these contractors (their companies) are getting $200+/hour.

And there is no accountability to the contractors or even the gov't COs who authorized the work. So if 1 or 10 or 20 assets were compromised - what's the penalty?