* Posts by MJB7

481 posts • joined 27 Nov 2013


DRAM prices to drop 3-8% due to Ukraine war, inflation


Re: Coz war?

"People getting bombed on a daily basis don't buy new consumer electronics...."

This is true, but while Ukraine is a big country (40M approx), it's about a tenth the size of the EU or USA+UK, and while probably fewer Indians etc buy consumer electronics than Europeans, there are an awful lot of them.

So why is the war in Ukraine having an impact on global demand for consumer electronics?

Seriously, you do not want to make that cable your earth


Re: Writing printer drivers

One of my earlier tasks as a paid programmer was writing a plotter driver to connect our CAD package to a Benson plotter. There was some sample code, but "the bad news is that the comments are in French; the good news is that there aren't many of them"

Meteoroid hits main mirror on James Webb Space Telescope



_You_ hated the movie because it was so much worse than the original radio series or the books. On the other hand, I have a friend who thinks HHGTTG is brilliant _despite_ only ever have seen the movie.

DNA had so much of genius, that even when you filter out 90% of it, the result is still brilliant!


Re: Disappointing

What sort of shield would you suggest to protect against material moving faster than the stuff coming out of a shaped explosive charge (as used for making holes in tanks)?

The mitigation is to make sure (as best as possible) that the result is a mirror with a small hole, rather than a mirror with a bent surface.


Re: Mitigation Options?

Given the JWST operates at about 7K, and the coldest temperature ever recorded in Antarctica is well over 180K, warming the JWST to Earth's anything _like_ Earth's surface temperature would be utterly catastrophic.

Icon. Earth, compared to JWST.

OpenSea staffer charged with insider-trading of NFTs


Wire fraud

_Most_ criminal offences (theft, murder, etc), including vanilla "fraud", are offences against individual states. "Wire fraud" is unusual in that it is a federal offence (an offence against the USA), and so within the FBI's purview.

About half of popular websites tested found vulnerable to account pre-hijacking


Re: Password managers

I used to use a system like that (Actually, it was an add-in that hashed the root password and the domain together and then encoded the result). The problem is that when ebay was hacked, and forced a password reset, I had to use a different root password for ebay.

We can bend the laws of physics for your super-yacht, but we can't break them


Re: I love demands to do the impossible

Asking "what is <whatever>" absolutely _is_ ignorance. (The asker was ignorant of a fact.) However there's no shame in not knowing everything provided you ask for clarification, _and then remember it_.

(Forgetting something which you asked about a long time ago and haven't used since is OK too.)


Re: I don't see the fault... until

I'm British, and I did the same at first glance too, so it's not just an American thing.

Open-source leaders' reputations as jerks is undeserved


Re: Apropos responsibility...

Where do you get the idea that journalist has descended into SJW conspiracy theories? They report that some people object to Codes of Conduct on the basis that they are designed by SJWs. (I haven't checked the authenticity of the quote, but it seems entirely plausible.)

Full disclosure: I would be delighted if someone called me a social justice warrior.

Anatomy of a campaign to inject JavaScript into compromised WordPress sites


Re: Makes me yearn for GeoCities...

Feast your eyes on https://www.benz-holz.de/ then.

I haven't used them for a couple of years, but they are an entirely legitimate business. They are one of my potential suppliers for firewood and wood-pellets.

(I suspect somebody's child threw the website together for them 20 years ago, and it hasn't been changed since.)

An international incident or just some finger trouble at the console?


Dutch menus

Firstly, I am _amazed_ you managed to find a Dutch person who didn't speak excellent English - usually they are only to be found in pre-school.

Secondly, a Dutch restaurant needs an English menu to give to the German, French, Danish, Spanish, Italian, Polish, etc speakers who come in and can't read Dutch.

NASA's modified Boeing 747 SP SOFIA to be grounded for good


Re: I'm puzzled...

As opposed to Hubble which keeps falling towards the earth, but keeps missing. (JWST is a bit more complicated.)

Pop!_OS 22.04: New kid on the Ubuntu block starting to show real muscle


Re: East England

I agree that London is definitely in the South of England rather than the East - but not because the 0 meridian goes through London. The zero meridian is irrelevant. England is more to the west of the 0 meridian than to the east; Scotland _entirely_ so. It still makes sense to talk about eastern Scotland and the East Riding of Yorkshire (again, almost entirely in the western hemisphere)

Smart contract developers not really focused on security. Who knew?


The really shocking thing

Is that of the 16 who identified a bug, only six were able to fix it!


Re: When something is called "smart"

"Contracts", "homes", "meters" - yup. Seems like a pretty good rule of thumb.

Oracle already wins 'crypto bug of the year' with Java digital signature bypass


No. EC crypto is faster, both to sign and to verify, and _much_ faster than RSA for key generation (which matters if eg you generate an ephemeral key for each connection)

There is _no_ evidence that the NSA has found how to break EC in general. The dual-EC RBG back door was a very specific hack - and not applicable to EC in general. It's the difference between knowing the factors of a single large number (easy - because you generated it yourself from a couple of smaller primes), and being able to factor large numbers in general (hard).

Of course, I accept that if the NSA _had_ found how to break EC in general, they would do their damndest to keep that fact a secret - so absence of evidence is not proof of absence.

If you fire someone, don't let them hang around a month to finish code


Re: Support as a route to programming

Odd, people have been paying me money to write software for 40 years, and I am not sure I have ever met anybody who moved from technical support to programming.

Help, my IT team has no admin access to their own systems


Re: logon.scr

What OS was that on? Moving things in system32 requires full admin rights already these days (and has done since Windows XP).

Samba 4.16 release strips away more SMB 1


For those people wanting to run a Samba server for a Win98 gaming system - there is always the option to run the current version of Samba - it won't suddenly stop working. (You will want to disconnect from the internet first of course).

FIDO Alliance says it has finally killed the password


Re: Oh my God!

"I say partial for the bank, can as it wants you to authorise using their app. But after about thirty seconds it will offer to send a code via SMS instead."

You do know criminals have actively exploited banking login via SMS right? As in, this is not a theoretical exploit, real money has been removed from real bank accounts. You are _probably_ OK because there are now few enough people using SMS that it isn't worth the scammers while to pursue it - but suggesting SMS is more secure than a TOTP app is a joke.

Linux 5.17 debuts after 'very calm' extra week of work


Re: This one has lost me!

It's complicated, but it's really not unethical (at least in my view). It becomes sensible when the cost is predominantly in the development, not the manufacturing. Say there are two features A and B. There are X people who will pay x for both features, and an additional Y people who will pay y (y < x) for just feature A, but who won't pay x. It is quite often the case that Xx > (X+Y)y. If you _don't_ give the Y people feature B, but disable it somehow, you end up with just charging the higher price for the full featured option and the Y people get nothing.

Of course, it is _always_ the case the Xx + Yy >= (X+Y)y, (and equality only if X=0) so this is also a way for greedy manufacturers to extract every last penny - but people _do_ get the benefit of what they pay for.


Re: NEW (pseudo-) random number generator in 5.18?

That is reassuring. I particularly like the bit about "cleaning up the code and making the comments correct.

Doesn't stop me agreeing that it could do with very careful review though.

ExoMars rover launch axed over Russia tensions


Re: I don't get the problem for the launcher.

The launcher is not the problem. Elon would _love_ the publicity of a Falcon Heavy launch to Mars, and I'm pretty sure he could make logistics problems for a 2024 launch "go away".

The problem is the lander and descent stage. Remember that Mars has a 50% success rate at passively repelling invaders.

Icon: Lots of fuel required (and oxidizer)

OpenSSL patches crash-me bug triggered by rogue certs


Re: oh joy

Or you could just upgrade to the latest OpenSSL.

Also, not sure what the point of the "username" in your list is - a certificate is a perfectly fine identifier.

We have redundancy, we have batteries, what could possibly go wrong?


Black start

I believe the plan is to use Dinorwig and various hydroelectric systems to start the grid, and then bring up other generators in sequence.

Developer adoption is our priority, profits second, Cloudflare tells bankers


Re: 'deleting my post'

Negative comments about Cloudfare and El Reg are fine. Accusations of criminal activity by Cloudfare are likely to get taken down before El Reg gets a letter from m'learned friends. (They may be prepared to defend a libel action, but it'll be for an above-the-line story where the editor has had a chance to look at the evidence _before_ publishing.)

Toshiba's top investors signal strident opposition to planned two-way split

Thumb Down

Re: What would happen if...

Exactly as Pascal says: they can't withdraw their money from Toshiba, they can only sell their shares. If they do that all at once, the share price will fall. That will mean:

  • The board looks bad
  • If the board wants to raise more money by creating some more shares and selling them, it will be harder.
  • If the board wants to take over another company by issuing shares, they will have to issue more

However, from the point of view of the activist shareholders, the most important effect, and the reason it won't happen, is that they will lose a lot of money. Remember these investors don't care about truth, transparency, or justice - they just want to make money. (Tosh has a market cap of about $16B. 17% of that is ~ $3B, even a 1% fall in the share price is $30M !).

Footnote: Ye gods and little fishes but formatting a post with HTML is painful. When is El Reg going to get with the program and use markdown?

Fancy some new features? Try general-purpose Linux alternative Liquorix


Re: I'm confused....

Duke Nukem has shipped

Berlin Brandenburg has opened

JWST has launched

Jubilee line is going to open this year (pinkie promise)

Can't be long before HURD releases ... can it?

JPMorgan Chase readies for post-quantum security world


Re: I don't get it.

QKD hardware has been commercially available for _years_. QKD doesn't use quantum computers (which are at the toy stage).


Re: Post Quantum Security

"but that's not a long term solution." Yes it is. We know how to halve the effective key length of a symmetric key with a quantum computer - but that still leaves AES-256 (halved to 128 bit security) taking universe life-times to crack with an arbitrarily large computer.


Re: Post Quantum Security

"haven't heard of anyone producing even a theoretical model for the properties such an algorithm would have."

Then I don't think you have been paying attention. The NIST post-quantum algorithm competition reached the final stage last year, and has four key agreement algorithms and three signature algorithms.


The concern of course is that quantum algorithms is a _fairly_ new field, and somebody might come up with an approach that completely breaks one of them. On the other hand, somebody might come up with an algorithm to factor large numbers quickly tomorrow (which completely breaks RSA).

BOFH: The Geek's Countergambit – outwitted at an electronics store


Re: Electronics shop

Sob. Cambridge used to have a shop like that: H Gee of Mill Road - but it was gutted with fire 2019-07-15 and had to be partly demolished.

It's true that Mr Gee was well over-due retirement anyway, but it's still very sad :-(


Re: Attenborough?

David is a naturalist. He is also a very distinguished TV producer; he has served as controller of BBC2 and director of programming for BBC TV. So he spent quite a lot of his career looking through lenses too.

Car radios crashed by station broadcasting images with no file extension


Re: GIGO for the goddesses sake!

And another 90% of the blame ("blame" doesn't have to be conserved) to the people who decided the radio software didn't need to be upgradeable.

To err is human. To really tmux things up requires an engineer


Re: Step outside

You quotation does not back up your assertion that what the OP described is illegal in your jurisdiction.

"BRAKE CHECKING is an illegal action. It is when a driver ahead of you deliberately and unnecessarily brakes *hard*" (my emphasis).

The OP referred to a very light tap on the brakes - enough to flash the brake lights, not enough to slow the care. That cannot be described as "braking hard".

Out of beta and ready for data: 64-bit Raspberry Pi OS is here


Re: I just wish they hadn't renamed it.

They didn't have a choice. Raspbian never belonged to the RasPi foundation, and they wanted to tweak it (a lot). The original distro owner wasn't happy with them distributing something that _wasn't_ Raspbian _as_ Raspbian - so they changed the name.

(I will leave it to IP lawyers to decide whether they _legally_ had a choice. Even if it would have been legal to keep the name, it would have been a dick move.)

Alert: Let's Encrypt to revoke about 2 million HTTPS certificates in two days


Re: Would be really nice

Even better if they _reduced_ the default (and maximum) lifetime to 5 days. This would have several effects:

- Firstly, they wouldn't have to do anything in order to meet their five day deadline (because all the affected certificates would expire anyway.

- Secondly, even lazy verifiers that don't bother checking the CRL/OCSP will pick up the cancellation.

- Thirdly, _everybody_ would have to automate their certificate renewals (like you should anyway, but the automation may not handle an out-of-cycle renewal).

The only downsides I can see are:

- Let's Encrypt would need a _lot_ more servers. (Renewing every ?3? days instead of every ?80? is an almost 30-fold increase). (But they don't need to support CRL or OCSP.)

- If someone could take Let's Encrypt offline for a few days, it would wipe out a large chunk of the web.

Software guy smashes through the Somebody Else's Problem field to save the day


Re: Seals are surely the purview of marine biologists.

The Mammal Society is, like most charities is officially a company, so it has to have a common seal. The Mammal Society's common seal shows ... a common seal.

Google fixes bug that stopped some Pixel phones from making 911 calls


Re: Presumably only an American problem?

I think the test is actually `if number in {999, 911, 112, etc}`. In other words, if a Brit goes to Europe and dials 999, they will still get connected to emergency services. (And visa versa). This strikes me as a VERY GOOD THING; people dialling emergency services are extremely likely to be panicing.

Tesla disables in-car gaming feature that allowed play while MuskMobiles were in motion


Re: Back to horse-drawn buggies please!

It wasn't a form of transport except for the *very* wealthy. There are more horses now than there have ever been, and more people own horses than have ever done so.

In the middle ages, seeing a horse was like seeing a Ferrari today.

Fisher Price's Bluetooth reboot of pre-school play phone has adult privacy flaw


Re: Youth of today

It's a lost cause. Adults have been complaining about "the youth of today" since _at least_ the ancient Greeks. Strangely, the children seem to turn out OK in the long run.

James Webb Telescope launch delayed again, this time by weather


Re: Stakes are high

Provided you are not part of the launch team, have one of these to help relieve your stress --->

(And good luck with the rest of of the PhD.)

When product names go bad: Microsoft's Raymond Chen on the cringe behind WinCE


Re: Vixen

The German translation of "to fuck" is "ficken". I see no reason to suppose they don't come from the same root in proto-Germanic (which may well have meant "breed stock")


Re: Vixen

THANK you! My German has mostly been learnt at evening classes and in polite conversation with my neighbours, so my knowledge of profanity etc is a bit limited, and I was trying to work out what was wrong with "vixen", neither Leo nor Google were being any help - and I checked that they knew rude words but I was completely failing to pronounce "vixen" in my head as a German would.

What came first? The chicken, the egg, or the bodge to make everything work?



One of my friends (adult) children describes themselves as "ambiclumsly", they are equally inept with either hand.

Say what you see: Four-letter fun on a late-night support call


Re: The joys of the phonetic alphabet

There are some people (I've lived with one for >30 years) who are completely unable to understand anything in the phonetic alphabet. I think the problem is that the part of the brain which processes _words_ doesn't connect with the part that processes _letters_ (or at least not to send info _to_ "letters"). So if you ask them to type "Quebec Echo Delta" they can't untangle those words to get at the initial letter.

If you haven't met this before, it is _very_ confusing. "Q for Quebec, E for Echo, D for Delta" is better - but even then the flip-flop between letters and words is confusing for them.

Maker of ATM bombing tutorials blew himself up – Euro cops


Dereck Lowe on FOOF:

Up to date link for Dereck Lowe on FOOF:


also, while I'm at it:


Check your bits: What to do when Unix decides to make a hash of your bill printouts


Re: ASCII (US-ASCII) actually does stop at decimal 127

Yup. ASCII was 7-bit. And for some reason Prime engineers decided to fill the extra bit in an 8-bit byte with '1' - so text was always negative if treated as an integer. (I think this was to make bugs more obvious. Negative numbers tend to fail faster.)

Huawei CFO Meng Wanzhou admits lying about Iran deal, gets to go home


Re: Concerning

"proven liar" - I don't see any proof at all. She signed a statement that pretty much counts as an admission of guilt in exchange for being allowed to go home. Claiming that is evidence is a bit much of a stretch.



Biting the hand that feeds IT © 1998–2022