* Posts by asdfasdfasdfasdf

14 publicly visible posts • joined 26 Nov 2014

Arm CEO warns AI's power appetite could devour 25% of US electricity by 2030


Re: Wait, so...

LOL - no an EV draws way less power than heating your oven (and way less than if you have an immersion heater)

I doubt that you bought a PEV. I can tell from your political bias.

Dumping us into ad tier of Prime Video when we paid for ad-free is 'unfair' – lawsuit


Re: Question is...

I think the answer is that it depends on how many adverts you watch. Ads are of the order of $0.30 for 1000. So if you watch 30,000 adverts they're onto a winner.

The real problem is that there isn't enough advertising $$$ to go around. Hence all the scam adverts on YouTube, etc...

Why do IT projects like the UK's scandal-hit Post Office Horizon end in disaster?


Building software is hard...

...and Governments aren't any better at it than anyone else. The advantage of private companies is that there is a vague hope that one make of car/phone/airplane isn't a total disaster. Not guaranteed there either, of course.

One problem with America's chip ambitions: Not quite enough staff


Re: How are salaries?

That used to be Star Trek, but there hasn't been any Star Trek since the mid 90s....

SCO v. IBM settlement deal is done, but zombie case shuffles on elsewhere


There was never any SCO code in Linux...

Ignoring the fact that Novell owned the UNIX copyrights and that both SCO and Novell licensed all Linux code to everyone under GPL on their websites, SCO never presented any code in Linux that wasn't followed up and proven to be independently written.

My theory is that someone at SCO copied chunks of Linux code into SCO's code base, and they didn't realise it was that way around until *after* they started the lawsuit...

Windows kernel vulnerability disclosed by Google's Project Zero after bug exploited in the wild by hackers


Re: Really?

"My question is how do they know it's being exploited in the wild if it's a local exploit? "

What Google do is run honeypot clients that go around the Internet to see what happens. Presumably they hit a website that broke through a Chrome (or whatever) zero day, and then ran code that used this vulnerability escalating to Local Admin.

Any one security vulnerability is fairly limited, but most attackers are smart enough to chain several together.

Open access journals are vanishing from the web, Internet Archive stands ready to fill in the gaps


Re: OA publishing

"journal where the journal's employees have read a lot of papers"

That's how I *thought* these things worked. It actually turns out that not only do Journals not employ reviewers, they don't even pay them. To publish in a journal, you also have to peer review other papers for the journal.... ...and you don't get paid for it.

Nervous, Adobe? It took 16 years, but open-source vector graphics editor Inkscape now works properly on macOS


Inkscape has it better than GIMP

Photoshop is far more embedded than Illustrator, though. It is much easier to convince people to try Inkscape. Photoshop is basically a verb.

The Register's 2018 homepage redesign: What's going on now?


Too few articles shown at the same time...

On mobile at least, the new site only shows 5 or so articles at a time. The old site could show 30 or so. Also on the old you could scroll left and right to make navigation much faster.

Basically it’s the mobile site curse - one very long vertical list.

Want to get around app whitelists by pretending to be Microsoft? Of course you can...


Wow... an administrator can...

Replace system DLLs and Registry keys? In an absurdly complex scheme to mess up signature validation?

Who knew?

Or they could install their own trusted root certificate, but that wouldn’t fill up 15 pages of pdf.

CloudFlare drinks the DNSSEC kool-aid, offers it on universal basis


Publicly visible database

Because DNS is publicly visible and has ttl caching, it is reasonably easy to spot someone hijacking. Also anyone can run DNSSEC, you don't need to trust the root authorities (although who you'd rather trust is an interesting question)...

In any case, at least there is only one DNSSEC chain, you won't get someone "accidentally" signing a certificate for www.Google.com or *. If all else fails, why not do what you do at the moment ***and*** use DNSSEC?

Apple preps summer bonking bonanza for Brits


The tech industry...

...is about to do to consumer banking what it did to music and book shops.

Facebook security chap finds 10 Superfish sub-species


Re: Certificate Pinning in DNS guys!

It's actually fairly easy to set up DNSSEC...

dnssec-keygen -K <keydir> -a RSASHA256 -b 2048 -f KSK mydomain.com

dnssec-keygen -K <keydir> -a RSASHA256 -b 2048 mydomain.com

dnssec-signzone -e +1y -K <keydir> -o mydomain.com zoneFile

And past the output of this in the parent zone (alongside your NS record).

dnssec-dsfromkey <KSK.key>

UK boffins: We'll have an EMBIGGENED QUANTUM COMPUTER working in 5 YEARS


Re: Emulation

Quantum computer emulators exist, but you don't get the efficiency.

It's a bit like having to emulate multiplication by adding number a+a+a+a+....+a. You get the right answer, but it's **slow**

Quantum computers use superposition, which is a little like white-light being made up of different colours all doing their own thing, so the level of parallelism is going to be another slow thing to emulate.

If you think about it, classical computers are basically just NAND gates glued together, it's not surprising that they fundamentally can't do everything...