* Posts by toejam

43 posts • joined 2 Feb 2016

The ultimate 4-wheel-drive: How ESA's keeping XMM-Newton alive after 20 years and beyond


Re: That is the frikkin' coolest Satellite/Telescope I have ever seen

If by interstellar star-ship, you mean a giant rocket penis, then yes.

You can get a mechanical keyboard for £45. But should you? We pulled an Aukey KM-G6 out of the bargain bin


Then you get edge cases like mine. I use a 20-year-old membrane keyboard from an old DEC Alpha workstation. It has a PS/2 plug and my motherboard has a PS/2 port, but my KVM only has USB ports, so I had to purchase a dongle to convert it.

Microsoft decrees that all high-school IT teachers were wrong: Double spaces now flagged as typos in Word


Re: I chose "I don't care"

Should we be using the "when HTTP_REQUEST" event for that or is the "when SYSOP_BOFH" event more appropriate?

Ofcom measured UK's 5G radiation and found that, no, it won't give you cancer


Too late, the change from HSDPA to LTE already killed us!

I'd really like to know what changes in the air interface makes 5G-NR so dangerous. Maybe some mischievous engineer read about the "killer POKE" from the Commodore PET days and decided to one-up the command when writing the new spec.

Oh wait, are they really complaining about the new millimeter cellular band that was opened for use in conjunction with 5G-NR? The same band that has been used for decades with radar, radio astronomy, and back-haul telecommunications? I'm sure they can point out all of the cancer clusters around those uses...

The self-disconnecting switch: Ghost in the machine or just a desire to save some cash?


> And this is one of the reasons why no one should have access to your stuff without, at the very least, you being notified beforehand.

Back when I used to be in field services, I once had to do an install at a colocation data center with a large number of civilian government customers. There was a great deal of security to pass through before reaching the raised floor. Once there, however, it was just one giant open room.

One of the site staff was giving me a tour and at one point I remarked to him what a bad idea it was not to have individual cages for each customer, which was the norm for the industry. I was actually shocked at the lack of physical separation.

Just my luck, a senior tech for one of those government customers was within earshot of my conversation. He didn't like what I was saying at all and voiced his displeasure to the facility's management. Shortly after, security approached me, escorted me out of the building, and informed me that I was banned for life.

About a week later, I was informed that the government customer I was there to do work for (a different one) had just installed a cage around their servers, the first for any customer in the facility. I got a laugh out of that.

LCD pwn System: How to modulate screen brightness to covertly transmit data from an air-gapped computer... slowly


Re: Ben-Gurion University

You may be able to compromise the computer before it is put into service (ie, during the build phase or during shipping from the manufacturer). You may also be able to compromise a third party who does have access to the computer after it is put into service (air gapped computers need patches, too).

I've been sent out to a few data centers that allowed vendors to bring removable media onto the secure data center floor, but then the media had to be disposed in a secure media shredder bin before leaving. A few of them even made me hand the thumb drive over to the guard before you entered the area to prevent slight of hand tricks - they would insert and remove the drive from the target device themselves and then walk it over to the disposal bin.

RIP FTP? File Transfer Protocol switched off by default in Chrome 80


Re: Guess I'm a fossil, then

That you want to hide your addiction to cat videos isn't the point of mandatory HTTPS. Keeping your session tokens (cookies or URI queries/fragments) secure and reducing the chance of MitM attacks are.


Re: File Transfer Potocol

> FTPS and SFTP are both in their own way better that plain old FTP, and there are plenty of server options to make them tolerable, but they to have their drawbacks.

One of the biggest drawbacks with FTPS is that encrypting the control channel prevents firewalls from eavesdropping on data port commands, which breaks dynamic ACL/NAT logic for those secondary connections.

There are some ways around the issue, like telling the client to revert back to unencrypted control channels after authentication (see: CCC) or sticking with "passive" inbound data channels on a limited range of ports, but each comes with its own set of issues.

I had the [mis]pleasure of supporting FTPS for a finance company, so the CCC method was not an option. Worse, we were load-balancing several FTPS servers, so I had to find another way to glue the control and data channels to the same back-end server. I found that source IP address persistence did a well enough job for most customers, but a few had to muck things up by using a load-balanced outbound proxy server pool on their end. We used a /24 persistence mask so proxies on the same class-C were seen as a single client, but a few had to be cute and spread their proxy servers across totally unrelated ranges, which broke persistence. We had to set up a non-balanced FTPS server just for them. Total PITA.

Orange has an elegant solution to Huawei question in France: We'll stick with Nokia and Ericsson for 5G networks


Re: "The decision will please US authorities"

Not necessarily. It all depends on which "US authorities" you are talking to.

The better US intelligence agencies probably have a significant cache of vulnerabilities that they can work with. It might take more time to find them versus baked-in back doors, but Huawei has a reputation for poor code quality, so it probably isn't that difficult. So letting people think that the US doesn't have back doors is probably advantageous to their snooping of their others' networks.

The people and agencies that are upset with Huawei because of economic and nationalistic reasons are probably going to be the ones who are happy to hear this news. And I have little doubt that they were playing up the more sensational security threat aspect because nobody cares about boring corporate espionage and IP law.

What a terrible result from this year's Super Bowl. Can you believe it? Awful. Yes, we're talking about the tech ads


Re: 5g will connect emergency workers to hospitals?

Didn't the US push a fragmented 700 MHz band, in part, so that public safety could get a slice of the spectrum for their own use?

So if they're using Verizon 5G, how about if we dump the current band 12, 13, 14, 17, & 29 mess and just adopt one single APT band (28 for FDD, 44 for TDD) for 700 MHz.


You spoke, we didn't listen: Ubiquiti says UniFi routers will beam performance data back to mothership automatically


Re: Booo hiss to Ubiquiti

The Ubiquiti gear is starting to get popular among the "prosumer" crowd, so it is probably larger than you suggest. But I imagine that the WISP market is their main profit source. You have all of the CPE kit, sector antennas and APs, and possibly some backhaul radios. Those airFiber radios aren't cheap.

Take DOS, stir in some Netware, add a bit of Windows and... it's ALIIIIVE!


> I doubt any one could've afforded it. I remember in the mid-late 90s 2nd hand 72pin RAM was >$NZ50/MB. The machine could've addressed more, but my wallet wouldn't!

I had 1 MB in my Amiga 500 back in '88, as did most of my friends. By the early '90s, most of us had 2 to 4 MB in our PCs, STs, and Amigas.

I remember when Mechwarrior 2 was released in '95 because it required at least 8 MB of memory and I only had 4 MB in my PC. It was an expensive upgrade, but it wasn't prohibitive.


If you want to blame anyone for the limit, blame Intel. Had they used page aligned (256B) segments rather than paragraph aligned (16B) ones for the 808x, we would have had a 16GB address space for Real Mode programs rather than a 1MB one. The hack of banking switching memory above 1MB into the HMA would have been totally unnecessary.

Petition asking Microsoft to open-source Windows 7 sails past 7,777-signature goal


> chances of Microsoft open sourcing Windows 7 are zero

I agree. Besides the lost revenue and security aspects, it would fork the Windows ecosystem which would be disruptive. What happens when the OSS version starts adding API and KPI calls that Windows 10 doesn't have or purposely declines to add calls that have been added in Windows 10?

A less unlikely scenario would be MS licensing Windows 7 to a third party for long-term maintenance, essentially freezing the feature set but providing bug fixes and minor tweaks for new hardware. But you still have the issue of splitting the market in two. And there is also the profitability issue: since many people and companies are staying with Windows 7 because of budgetary reasons, how many of them are going to pay for continued service?

EU declares it'll Make USB-C Great Again™. You hear that, Apple?


Ethernet over twisted pair hasn't had the same pressures as USB regarding connector design. That's why everything from 10BaseT through 10GBaseT still uses the same 8P8C connector, even as the RJ45 cable it terminates has seen significant change. There have been connector alternatives like CX-4, but they were never that popular.

Meanwhile, Ethernet over fiber has had 5 or 6 different connectors to choose from over the years since the pressures have been different.

That said, I never understood why USB 1.x and 2.x needed six different connector types. And the new B and micro-B connectors for USB 3.x seem hackish. Stick with A and C for 3.x and higher.

Leaks point to Samsung Galaxy S20 Ultra with mammoth 108MP camera and ... what? 16GB of RAM


Use a laptop docking station. If I attach my Dell USB-C dock to my phone, it detects my keyboard, mouse, monitor, and GigE port. No need to fuss with any Bluetooth accessories.


If it supports 4K DisplayPort over USB so I can use it as a proper desktop, that 16 GB of memory might come in handy when I have several dozen tabs open in Chrome while in full screen.

Boeing aircraft sales slump to historic lows after 737 Max annus horribilis



That was done on purpose. Boeing signed an agreement with Southwest Airlines in which Boeing would receive a bonus on each 737 MAX sold if no simulator training for pilots was required.

The FAA was rather arbitrary in its decision making, so Boeing management pushed engineering to make as few cockpit changes as possible to reduce the risk that the FAA would require simulator training. That meant that the disagree light was omitted as a baseline feature. We know how that turned out.


Re: It's not just the 737...

There is a good chance that the managers who came from the military side of the house also came from the McDonald-Douglas side. That toxic culture was very prevalent over at MD and was probably one of the causes of their eventual failure.

When Boeing bought out MD, that culture came to Boeing. You can see the results in all of their latest aircraft.

A fine host for a Raspberry Pi: The Register rakes a talon over the NexDock 2


Re: Why some people keep on reinventing the ill-fated Palm Foleo?

Yup. I'd rather buy a USB-C laptop docking station for half the price so I could properly connect my device to my monitor, keyboard, mouse, and wired LAN.

Cyber-warnings, cyber-speculation over cyber-Iran's cyber-retaliation cyber-plans post-Soleimani assassination


Re: I almost hope it happens

The other question is if companies will just demand more fingers in the dike or if they'll step back and look at all possible ways the sea could engulf them.

My employer was hit by a likely state-sponsored DoS a couple years back. We did the typical post-attack expansion of capacity. But we also started looking at more non-traditional attacks, just in case that DoS attack was just a distraction. We had been quietly ramping up countermeasures against internal threats from disgruntled employees for years, but after the attack, we really started looking into state-sponsored espionage and sabotage. Stuff that was common practice just a few years ago can now result in immediate termination.

As to my first question, I have a bad feeling that most companies really won't step back unless the attack is devastating financially to them (or an unlucky competitor whose failure is now an example for all) or unless new regulation forces them to do so. And we all know how businesses love new regulations.

IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata


Re: idiot

A criminal must be right every time in order to avoid capture. A detective must be right only once to catch them. Smart people either go to extraordinary lengths to always be right or they understand the odds and just don't do the crime.

Smart speaker maker Sonos takes heat for deliberately bricking older kit with 'Trade Up' plan


Re: "my CD player and turntable are still going after more than 30 years."

> Well, EV's run on firmware. I guess they will be next. It will be very lucrative, a whole market of drivers who will be forced to upgrade

I could easily see a future where automakers and industry trade groups convince governments to enact certification requirements for firmware, else the vehicle is prohibited from operating on public roads for "everyone's safety". Sorry, your vehicle still hasn't been patched for CVE 2030-674. No roads for you.

Except that in many jurisdictions, I could also see a lack of safeguards that protect owners from firmware update costs, third party device interoperability changes, or outright abandonment. And don't even think of jailbreaking your vehicle to use a third party firmware, else you'll be the one in jail.

Now be a good consumer and go and replace your vehicle, home charging station, and all your accessories every few years like they want you to.

Never let something so flimsy as a locked door to the computer room stand in the way of an auditor on the warpath


Why go through the door...

I remember visiting a customer site that had a secure room protected by a mantrap. It had two reinforced metal doors and required two employee badges to enter or exit. They were making a very big deal about all the security once we were all inside. So I start tapping on the wall and notice that it is just drywall with an empty cavity behind it. I could probably kick my way through it in under a minute. For some reason, they weren't pleased with that discovery.

Even Windows 10 can't save the PC market as chip shortages, Brexit uncertainties bite


Re: Windows 10 can't save the PC market

Having a single code base for every platform was actually a good idea. In the good ole days, PC, mobile, embedded, and gaming all used their own forks of NT. They just executed that vision very poorly. Too many older Windows phones never received an upgrade, which pushed angry users to other platforms. Windows 8 had too much mobile emphasis. Too many bodies were thrown at unification while too few were thrown at new features.


Or even a consumer version of Win10 LTSB with a Win7 style Explorer, Start Menu, and window theme. I like most of the changes under the hood of Win10. I just hate the new UI, telemetry, and upgrade system/schedule.

Mozilla security policy cracks down on creepy web trackers, holds supercookies over fire


Re: About time

Why wait that long? Extensions such as "Cookie AutoDelete" can purge cookies as soon as a tab is closed.

What can I say about this 5G elixir? Try it on steaks! Cleans nylons! It's made for the home! The office! On fruits!


Re: US voters get what they vote for

Well, 5G *could* make the airwaves a little more efficient. The new 5G-NR protocol supposedly has lower latency and offers the choice of either FDD and TDD duplex schemes from the start (TDD came a little late to LTE). Given the asymmetrical nature of cellular traffic these days, I imagine that carriers and regulators may push to retire FDD channel allocations for TDD allocations.

Also, it'll bring some harmonization to the 3.5 and 3.8 GHz bands, which are currently a smorgasbord of differing standards from Ubiquiti, Cambium, and others.

Speaking of those bands, if the FCC wanted to spur a bit of competition, it would keep part of the 3.x GHz band for smaller operators, placing limits on the size of operators and making the areas smaller. Too bad that the FCC appears to be doing exactly the opposite, throwing smaller WISPs to the wolves...

Guys, geez... finally 5Gs: AT&T grows super-fast mobile net city rollout


5G needs many more base stations than the current 4G tech?

Not necessarily. While the new 5G-NR standard includes a bunch of new channels above 3 GHz that have shorter range, it also includes a subset of channels below 3 GHz that are currently used by 4G-LTE today. Range for those lower channels should be similar, allowing carriers to reuse their existing base station topology.

It's time for TLS 1.0 and 1.1 to die (die, die)


Re: TLS ? Our customers still demand ssl3 support

I've run into this issue a few times with ancient B2B devices. Luckily, there are SSL proxy devices on the market that can sit in front of a problem client or server that can step up from or down to depreciated crypto versions (or no encryption at all).

If I can take a Commodore 64 running a web server and protect it with TLSv1.2 and PFS, you should be able to do the same with your servers.

Look how modern we are! UK network Three to kill off 3G-only phones


Re: Forward thinking?

Many carriers want to reallocate their 3G bands for 5G services. Since 5G NR is supposed to use a new air interface and is not part of the LTE family, carriers will have to roll it out parallel to their existing LTE infrastructure.

The problem that I see is that most early LTE phones lack native VoLTE support. They use 2G/3G for voice. So when those older networks all go dark, not only will all of the 3G-only phones go silent, but so will a good number of 4G phones unless the carrier includes a VoIP app that can work over LTE data.

Here in the States where "branded" carrier-specific models are the norm, this will be made more difficult in that carriers generally refuse to support VoIP/WiFi-Calling on anything other than their own phones. They've baked their custom VoIP dialers into the firmware. So if you purchased a carrier agnostic model or brought your unlocked phone over from another carrier, you'll have to ditch the phone or find a third party VoIP service that works with downloadable app.

Merger-hungry AT&T sued for price gouging by Texas ISP


Vertical integration

There is something to be said about prohibiting vertical integration within the media sector. This is how we're going to end up with giant media fiefdoms. A single company will own everything from the studio to the cable box under your TV. If your local television/internet provider doesn't have a studio of its own to use as a reciprocity tool, you're out of luck. And if the megacorp that provides your access gets into a spat with a rival megacorp, forget about subscribing to their media portal. With Net Neutrality gone, you'll be lucky to get a 360p feed.

FCC Commissioner blasts new TV standard as a 'household tax'



> The new (since ATSC switchover) definition of "fringe area" is apparently "50 km from city center".

Who would have guessed that switching from mostly VHF frequencies to mostly UHF frequencies would have had an impact on signal range?

My grandparents used to be able to pick up six analog VHF stations from over 125Km away. After the switch, it dropped to only two VHF-Hi stations (11 & 13), and only intermittently. Not a single UHF station made it that far.


Re: Who pays to use YOUR internet connection?

> My television is never getting connected to the internet.

I don't connect mine either. It seems as if most television manufacturers stop producing firmware updates after two or three years. I have no faith that they will remain secure. I have almost no faith that they were ever secure in the first place.

What scares me about ATSC3 is that there will be a large push to have televisions connected to the internet for authentication, interaction, and personalized advertisements. Yet I've heard almost nothing about data privacy, data retention, encryption, and firmware quality.

I dread the day that I have to run antivirus software on my TV or have to jailbreak it to run privacy and ad blocking add-ons.


Re: Is anything ever obsolete?

> I have a theory that one reason DVD took so long to get going was that left-pondians didn't have the advantage of an RGB connection via SCART.

Y-C component (S-Video) input was fairly common on North American televisions by the mid-90s. While not as good as RGB signaling over SCART, it was good enough for the televisions of the era when viewing DVD movies. I'd argue that cost was the initial barrier to adoption of DVD.

Where S-Video was noticeably inferior was with game consoles and home computers. The colorspace and chroma bandwidth limitations were more of a hindrance with true RGB/I sources.

Revealed: The naughty tricks used by web ads to bypass blockers


Re: On the other hand...

Same here. I use Ghostery, NoScript, and uBlock with Firefox and I didn't see any banner.

But I found that for many sites that block content with a banner, instead of fussing with the element blocker in uBlock, I can simply click on the Menu -> View -> Page Style -> No Style option and it goes away. If the page looks too weird without the styling, I just enable reader view.

iRobot just banked a fat profit. And it knows how to make more: Sharing maps of your homes


Re: Seriously....

The problem with those privacy statements is that they fail to clarify as to which customers they're discussing. Third parties buying up their data are customers, too.

I always get a kick when Facebook users refer to themselves as customers, when in reality they're more like the product...

Intel to Qualcomm and Microsoft: Nice x86 emulation you've got there, shame if it got sued into oblivion


@Simon Harris - "How the ISA was cleverly designed..."

Intel's heart was in the right place when they made many of their ISA and chip decisions. They just didn't execute them very well.

Imagine if segments on the 808x were page (256B) aligned instead of paragraph (16B) aligned. And had they released a 80186 core in a 8086 package. And had they released a 80286SX that made the MMU an optional external chip (like the MC68451 and '851). It would have made life prior to the 80836 cheaper, faster, and a whole lot less miserable (no need for EMS or XMS).

For all their past mistakes, the 80386 did resolve most issues. Flat memory, 32 bit registers, more orthogonal instruction set, V86 mode, paging, real/prot mode switching, etc...

It just sucks that neither Microsoft nor Digital Research released a proper 32-bit successor to DOS at the time. Imagine a lightweight text-mode version of Windows 95 back in '86. Instead, you had to muck with DOS extenders or go down the expensive path of a GUI-based OS, like OS/2 or Win 2.x/3.x. Yuk.


Digital Equipment Corp did it once...

My DEC Alpha workstations running NT4 all included a bit of kit called FX!32 that translated x86 binaries through a JITC translator into native Alpha code. It stored the results in a cache file so that subsequent executions didn't have to retranslate the same code. Translated programs ran at about 80% of the speed of native apps. It was such an important service that Microsoft included it in NT5/W2K. That is, until the Alpha was killed right around RC1.

This was back in '99, two years after the release of MMX. I don't recall if it converted MMX instructions. And it appears as if patents on MMX and SSE might be the sticking point.

Still, Qualcomm might be able to force Intel to license them based off of F/RAND rules if they can convince a judge that Intel's ISA meets the criteria of being an industry standard that requires licensing. Or they might withhold licensing future patents from Intel until they get a cross-license deal in return. I guess that's all up to the IP lawyers now.

What's 5G? Who knows, but Qualcomm's designed a modem for it


Re: fool around with 28 GHz

I don't believe that it can be turned into a viable mobile network. At best, it could be used to supplement microwave point-to-point backhaul links where there is clear line-of-sight.

Windows 10 will now automatically download and install on PCs


Upgrading my Vista laptop to Windows 10 would be a fantastic idea. Trouble is, nobody ever released WDDM video drivers for my laptop's chipset, so I am forced to use XDDM video drivers instead. Since support for XDDM drivers was dropped in Windows 8, I'd only have generic SVGA video support if I bumped to 10. Yuck.

I have a newer laptop running Windows 7, but I keep my old laptop around for traveling. It wouldn't be a huge loss to me if it was damaged or stolen.


Biting the hand that feeds IT © 1998–2020