Posts by Hargrove

Re: I fail to see...

I'm an old microwave component engineer who spent the last 45 years as a systems engineer. In other words, I have lost most of what I ever knew about the subject. But, from what little I do remember, I found the quality of the discussion is impressive.

@JeffyPoooh is right on the mark.

I'm reminded of a conference I attended where a professor from a major US university truncated his presentation to introduce a revolutionary new invention for eliminating household electrical wiring that his graduate students had discovered. This new discovery had the astonishing ability of being able to transmit electrical power through the standard construction gypsum wallboard interior walls.

He then showed a picture of the prototype, which consisted of two large coils on either side of the wall, one driven by the power source, the other hooked to a light bulb. No one in an audience of about 400 people had the temerity to point out the obvious. . . that his geniuses had re-invented the resonant air core transformer. I would have, but I was too busy wiping up the coffee that I had just spurted out my nose.

Re: @ Deltics:

Noted, and well said.

Re: Wouldn't it be cheaper ...

@ Marketing Hack

"the role of the DoD as a jobs program extending into every congressional district in the U.S!"

This WAS DoD's role. It has a higher calling now. That is to ensure the continued transfer of the wealth of the People of the United States to special interests as expeditiously as possible, under conditions that ensure that neither those who govern nor the special interests they serve can be held accountable for as much as a dime of it.

Cybersecurity operations--conducted behind a veil of the highest classification levels--provide the perfect vehicle. The reality is that DoD has, for decades now, been critically dependent on Commercial Off-the Shelf Technology (COTS) information systems. The expertise and knowledge needed to address cybersecurity must come from the civil sector.

The USG is funneling billions of dollars into what amount to administrative processes to collect massive amounts of data the end result of which is to be able to certify that systems are certified by virtue of having been certified by certification authorities certified to certify that the data was certified.

At the same time the government appear to be going balls to the wall to make it illegal for the private sector to develop and deploy effective cybersecurity technology.

Re: They're probably being realistic.

"If Intel and Nvidia have any sense, they'll be marketing the Broadwell-E chips release, and Nvidia's new architecture in Q2/Q3 as ideal for VR. You'll need all the power you can get."

Virtual reality in high end simulation has, to some extent, been a target market of the chip manufacturers for a couple of decades. And as Binky. etc. rightly notes, the need for all the computational performance you can get has been a driving function.

The idea of virtual reality tele-presence, is a completely different application. No amount of computational performance at the node is going to compensate for network latency and bandwidth.

I've not tracked the field for several years, but my suspicion is that even for telerobotics, where you can have dedicated data links, there are tradeoffs that militate against the use of immersive VR in real R.

Re: Let's help you out then :)

Modern information technology has inherently changed the nature of global society, including the diversity and capabilities of the diffuse threats to the members of that society. I've yammered on at some length in El Reg Fora about what I characterize as the breach of the social contract between those who govern and the governed. The essence of this contract is that the governed cede to those who govern certain rights and freedoms in return for a greater good.

Now, I'll concede that given the radical technological and social changes of the past 50 years, changes to some of the terms and conditions of the social contract are doubtless in order. But it is critical that the result be a valid contract. That is, the parties must reach a meeting of the minds on the adequacy of the quid pro quo and there should be equity and balance regarding the consequences of violations of the terms and conditions. In the case of physical search and seizure those conducting the search had names and faces, and left physical evidence of their passing. There was, at least in theory, some possibility of holding them legal accountable for trampling a citizens rights.

That is not the situation we face here. Over the last couple of decades, the federal government has systematically built a firewall around its activities. The terrorist threat has been used as an excuse to create a web of laws and draconian penalties pursuant to executive orders authorized by law. At the same time the government has drawn an impenetrable veil of classification around its information operations. Finally, in the US at least, the federal government, through the offices of the Justice Department have succeeded in marginalizing state and local law enforcement officers, constraining their actions, and making every act subject to intense monitoring and scrutiny.

Before citizens cede any more authority to the federal government, the terms and conditions of the revised social contract must include some serious restraints and limits on the power of federal officials. Actions of federal officials must be closely monitored and those who overreach and abuse their authority must be held accountable and severely punished. The rights of a People are sacred. Abuses of authority should be criminal offenses, and the consequences should be dire. As an example, in addition to civil and criminal penalties, consequences should include a life-time ban on employment in any position funded in whole or in part, directly or indirectly by taxpayer money, and forfeiture of income exceeding some reasonable multiple of the established national minimum wage,

It may be that the People will, at some point, decide to cede authority to those who govern. But first last and always that should be the People's call and not, as appear to be the current case, an extra-legal dictate of some unaccountable federal official.

Never forget Miriam Carey. To the best of my knowledge her killers have never been identified by name. All we know is that they were federal officers and they were fully exonerated. This being an IT forum the following side note may be of interest. I just Googled Who shot Michael Brown. The query returned 259 million hits led by a photo of Officer Darren Wilson. The query Who shot Miriam Carey returned 401,000 hits, and no names. As the kiddies are wont to say: "Do the f---ing math!"

Re: Awesome

Related to this comment, nobody uses hacking tools that do the coding for you either?

If this article represents the state of the art 'mongst the white hats. the black hats have it made.

Re: The problem is that Critical Thinking is not taught in School

Theology? Critical thinking? Those things don't go together.

No. but they can and should. The question of whether Shakespeare was right when he penned "There is a divinity that shapes our ends . . ." and the reality (or lack thereof) of Einstein's Central Mystery are fundamental theological questions. These are worthy topics for critical thought.

The natural philosophy of folks like Penrose and Hawkings is, in a real sense, critical theology, even if the logical conclusion (logical in the sense of formal logic) is that God does not exist.

Religion has given has given "God or the gods if there be such", and by extension, theology, a bad name. My personal conclusion, after some 70 years of pursuing such questions, is that the only intellectually honest stance is radical agnosticism (Motto: I don't know; you don't either; it doesn't matter.) The answer to the great question "Why?" is the one my Grandfather gave me when I was 3, and every time I asked thereafter. . .To make little boys like you ask questions.

Why study if the end is not certain knowledge? I can only answer for myself. The exercise has enriched every aspect of my life, and I have enjoyed a rich full life.

Re: I saw one of these proposals recently

Mr. Greenwood's post makes a critical point. The reason this "was/is not unexpected" reflects the inherent nature of the insurance business. The insurer needs a sufficient base of data to be able to predict the probable outcome with a high degree of precision and confidence.

And, in this regard, cyber insurance is not simply new. . .the nature of the risks and losses it deals with are radically different in kind from any other activity. Using auto liability as a analog (admittedly a poor and trivial one, but the best I can come up with at the moment) writing a cyber insurance policy is like trying to ensure a fleet of cars where the number, location, and design of the road system, and the size, numbers, as speed limits of the vehicles for any given span of time can vary by orders of magnitude, in ways that cannot be predicted, and where 90% of the drivers are unlicensed.

To be economically viable insurance coverage must be limited to those risks and losses that can be reliably predicted based on hard statistical data. Given the reality of the global cybersphere, that means limiting the coverage to virtually nothing.

It's crystal clear that this is headed down the same path as Affordable Health Care. Companies and individuals are going to be required to have cyber insurance, the terms and condition of which will allow the insurance industry to extract high profits for insuring very little in practical terms.

Re: before 1927 it was not even possible

Reality rears its ugly head. A most enjoyable thread of discussion!

@ a_yank_lurker.

Did you mean to say Traffic analysis does NOT require decryption? From the context that's what I infer.

(An aside. . . If so, just last week I made the identical ommision in something I sent to a colleague. I sent him a correction. He responded that he had read what I meant, with the missing NOT, without noticing that it wsas missing. Such is the nature of the medium.)

Re: Genuine question!

Oh Joy! Some people do still speak my language!!

Re: Thank you for this useful service

Well bloody f#@King hell!

First, I second RRs sentiment in spades. We cannot fight what we cannot see, Situational awareness is a first essential step.

The broader issue is that the background update process goes on continuously, from multiple vendors. At least some of these, according to the information the third party vendors provide, may include bug fixes and updates unrelated to the security vulnerability fix. The code is considered proprietary.

The bottom line is that the users, including large entities who operate ISP/Hosting services, government data bases and now the everlovin' f--ing cloud, have no visibility into what the actual system configuration looks like and what the code actually does.

Security demands situational awareness. And we have none.

Problems often present in that worst of forms. . . intermittent.

I live in a third world county in Virginia, USA, and am limited to satellite internet. The closest nodes in the internet are in the Richmond--DC--Baltimore corridor. And, I'm using W8.1 What could possibly go wrong.

I spent the better part of day earlier this week trying to track down why nine out of ten of my e-mails were timing out on the outgoing server. The answer from my ISP was, we know there's a problem, we just haven't been able to track it down. I know of a similar situation with a DoD site. It refuses to deliver pages to certain users. The service desk has been able to confirm have these users have authorized access that the system is recognizing and accepting. The answer--we know this happens for some number of users, we don't know why. In this case, reality rises to bite us in the butt. The guv needs for a contractor to fix the problem. There is no contract.

In the meantime, users get to piss away countless hours and money trying to troubleshoot problems that may, or may not, be on their system.

As a user, with a lot of history but waning chops in this technology, I find this insane.

For the Register, we of British heritage, are a proud lot. Please speak (or write) the language. Just because some fumble fingered jackass makes a typing error, doesn't mean that it needs to be adapted as the queen's English. All the jargon and geek (or in this case leetspeak) does is force us crotchety old men to look the damned term up. The technical jargon that is over my head, I don't mind. Smarter folks than I are communicating important things to one another. But pwn? Olease!

NB. pwn may, in fact, not be due to fumble fingers. The writer may be stuck with the version of the MS ergonomic keyboard I'm using--which for my convenience has changed the size and repostioned keys relative to the MS ergonomic keyboard it replaced.

It is to weep.

Re: Never mind Betteridge's Law, you cynical mob

"Also isn't Big Data, just the marketing speak for Data warehouse. Like "The Cloud" is for visualization."

My take is that the Cloud has more to do with storage than visualization. But I may be wrong. I find The "Cloud" to be a very nebulous concept. I'm pretty foggy on it.

Big Data, specifically big data analytics, however, are perfectly clear. Once all the data is in the cloud, one simply applies Harry Seldon's principle of pychohysteria to craft a preternaturally intelligent semantic query to extract "THE ANSWER" to any question from "The Cloud."

So far the answer to every question has been "43,"

There are still a few bugs in the system

Re: You gotta love the EU!

Concur vehemently with the sentiment. However, regarding "The elite's plan . . ."

Not sure that they have one. The special interests that comprise the oligarchy before whom every government knee must bend are more akin to a swarm of termites, acting instinctively to consume and destroy.

And in a complete non sequitur. . . The title of this piece is pure genius.

Re: @codejunky Ha

The idea of Linux for the elderly (I myself resemble and resent that remark) is a good one.

The assumptions of the IT industry. . . that everyone has a systems administrator to call on AND is able to spend upwards of 500 to 1000 US dollars every other year to buy a new system is nonsense. Computing is evolving to provide more instant gratification. However, for serious information management, the technology is beginning to melt down.

Only users who are computer expert (computer literate and computer savvy isn't good enough any more) have a fighting chance.

As others have commented, being forced to use the cloud for APPs, which seems to be a universal objective of the industry, has serious issues. Particularly, so if some of the more draconian and predatory licensing practice migrate to the cloud.

For the reader who commented that they had bought their applications. . . Only in a world where common sense and morality applied would that be the case. But alas, we do not own the APP; we just have license to use it under conditions specified by the vendor. I have the distinction of being the only person I know who actually reads the damned things. They can easily run to tens of pages, and are written in such arcane an convoluted legalese as to defy understanding.

My guess is that in the not too distant future the terms and conditions of licensing will require users to cede ownership of their own information to service providers, retaining only limited use right to what they have produced.

The good news is that anyone who wants to download a selfie of their junk to social media, will be able to do it with two clicks (three if they count undoing their belt.)

@Charles Manning:

Well said. Part of my day job is assessing new technology. In the past several years our bright young scientists have invented radar (exactly as the Brits did it in 1938); Kichoff's law for Voltage (and with it the multi-battery flashlight); the air core transformer. The first two were granted new US Patents. The USTPO also within the last couple of years granted a patent for a scalable device to extract unlimited power from any point in the universe.

There are many new things under the sun that weren't in the texts back in the day when I was in college. On the other hand the accumulated wisdom of many centuries of human scientific development was. The phenomenon Charles's comments points to--the overwhelming propensity of today's scientists to presume that their ignorance of a concept means it must be novel represents that deadliest combination of human attributes--arrogance and stupidity.

root of the problem

I don't know the specifics of this case, but a general observation on the American scene.

In recent decades changes in legislation, and making the patent office's funding fee-based, have resulted in a sharp deterioration in the technical integrity of the process. Hypothetical concepts---even those violating all known principles of science and engineering--can be patented. Any claim that can be hung on the theoretical concept may be granted. And, by law, the granting of the patent (in the US) is de facto proof of the practicability of the concept. (I got this in writing from the patent office in response to a question regarding a patent for a scalable system to extract unlimited power from any point in the universe,)

This creates a situation where those who do the hard work of actually building and developing something are at the mercy of trolls who have done nothing more that patent an idea.

Re: I hope you include all religions there

First, a sincere apology to Mr. Pott for my speculation on his personal experience. It had no place in the post, and I sincerely regret including it.

I went back and looked at the original post and found that Mr, Pott did, indeed, include a statement, that

It may not be the exclusive preserve of religious nutters to want to peek into every aspect of the lives of others

in response to which I will offer a less-than-sincere apology for my stupidity in not recognizing this as a thoughtful and well-articulated discussion of authoritarian mindset outside of religion, and retire from the discussion.

Re: How quickly the hornet-squad attacks

Well said @elDog

The court document referenced in the article is required reading if anyone wants a better sense of how this tragedy (and it does have all the attributes of a Greek tragedy) occurred.

Unarguably the general showed abysmally poor judgment, professionally and, one strongly suspects, personally. In agreeing to this settlement, however, the General took the only honorable option. And, while it is out of character for me so say so, it appears that the government not have behaved so badly.

The court documents lay out the criteria for what generically constitutes classified information. Information that is potentially seriously damaging to the nation's security frequently appears in unclassified articles. It may well be that only a handful of cleared individuals within the government have the knowledge to understand the significance of the information. But it occurs.

The inverse also applies: Information copied verbatim from unclassified literature very frequently winds up being marked as highly classified in government documents.

Good security practice demands, then, that speculation regarding the potential classification of information be neither confirmed nor denied.

The court documents imply that the General's personal notes did not carry any formal classification markings, and thus, were not subject to formal document control. What the plea agreement concedes is that the government could, beyond any reasonable doubt, prove that information in the General's notebooks revealed information that has been deemed classified and properly marked in the formal sense.

Several things stand out about this case. The government is not claiming that an actual compromise of the information to persons or entities hostile to the US occurred. The general is conceding that his actions did, in fact, constitute violations of security procedures. And there is absolutely nothing to be gained, and much to be lost by pursuing confirmation or denial of the actual classification of the General's personal notes.

Mais, bien sur!

We just announced that we track all Canadians downloads, which although illegal is necessary to protect us from terrorists.

C'est bien necessaire. Il s'agit de terrorisme domestique!

Vive Quebec libre! A bas legalite! Aussi l'egalite! meme net neutralite'!

C'est drole, n'est-il pas!

Un Anglais.

Vigilantism

@cornz 1

When the courts fail, in some cases, there is a moral case to be made for vigilantism..

Have a care, sir! This is a slippery slope you put us on.

And a valid point of discussion that demands much more serious attention and discussion than it receives.

The poles of the discussion are well represented by two statements attributed to John Adams, both of which I accept as adding value to the discussion: The first, from the 1780 Declaration of Rights in the Constitution of the State of Massachusetts. That statement, since removed, read: "The right of a nation to kill a tyrant in case of necessity can no more be doubted than to hang a robber or kill a flea."

This sentiment echoes the milder language in the US Declaration of Independence's statements that governments exist for the purpose of securing the rights of the people, and declaring the People's inalienable right to act when governments fail in that purpose.

It is hard to envision a more avid defender of the People as the sole legitimate basis for government authority than Adams. Yet he is also quoted as saying, "The proposition that the people are the best keepers of their own liberties is not true. They are the worst conceivable, they are no keepers at all; they can neither judge, act, think, or will, as a political body." This echoes Plato's equation of true Democracy and mob rule as the worst possible form of government.

These statements capture the inherent conflict between the need for institutionalized government to protect the rights of the individual from mob rule and the rights of the People to protect those same rights when governments fail.

I firmly believe that the principles articulated by the founders of the US Republic are eternal and as valid as ever. There is a strong argument to be made that those who now govern in the US do so for the benefit of special interests, and that government has ceased to be effective--some believe has already failed, or is on the verge of imminent failure--in its primary role as protector of the individual rights of the People. (Never forget Miriam Carey.)

At the same time, those of us with a natural bent toward vigilantism need to temper our inclinations. People arguably have the moral right to act to preserve freedom. But the means must also be morally appropriate.

The same IT that has proven to be such a threat to privacy has given the citizens unprecedented abilities to organize and change the government through the electoral process. At this juncture the people still have both the means and the opportunity to change the government, if they have the will.

The process of changing the government and unwinding the damage done on behalf of special interests will take, I believe, at least two generations. I also have a mild concern that those who govern, having established the legal framework and acquired the requisite number of armored combat vehicles for domestic use, will resort to forceful repression.

I also believe that although that possibility exists, the probability of its occurring is small. That is a bridge can be safely left for burning if and when necessity demands.

In the meantime, compliments to @cornz 1 for having had the courage to broach this subject.