* Posts by toejam

60 posts • joined 2 Feb 2016


China’s preferred Linux distro trumpets Arm benchmark results


"watching US news and seeing Govt officials, Reps and Sens defending Trumps U turns and contradictions has been fun viewing recently. In particular the way they will defend the party at all costs, logic be damned."

They have to. When Republican legislators are openly critical of Trump, they tend to be punished by loyal Trump voters during subsequent Republican primary elections, often failing to advance to the general election. It has happened enough times that the remaining legislators critical of him have learned to keep quiet if they want to keep their jobs.

F5 emits fixes for critical flaws in BIG-IP gear: Hopefully yours aren't internet-facing while you ready a patch


In years past before iHealth became a thing, it was very common for F5 Support to request access to your box for advanced troubleshooting. The setup utility optionally added a handful of IPv4 addresses owned by F5 to various config files to allow access. It "saved you the trouble" of throwing ACLs on your firewall for the devices. Maybe this is still an allowed process at some shops.

At my workplace, this would be a career terminating decision.

Microsoft takes tweaking tongs to Windows 10's Start Menu once again


Desktop Themes

I am surprised that the bean counters at Microsoft haven't floated the idea of a Plus Pack for W10 that includes a tool for changing the desktop theme to something other than the stock Windows 10 theme. Some of the code for legacy Windows themes is still in there as you can tease out the old 9x and XP style themes when you tweak the compatibility mode of a 32-bit exe.


Re: Classic Shell

Same here, at least on machines where I have administrator access. I have been trying to get Classic Shell added to the approved software list at work to no avail. At least the quick launch panel is still around.

Details of Beijing's new Hong Kong security law signal end to more than two decades of autonomy


Re: Terrorism Act 2006

Those independent judges are the key point. Just look at several recent decisions by the US Supreme Court that sent President Trump into a frothy Twitter storm. He was especially angry at his own appointees that didn't rule the way he wanted (at least in public).

I just don't see high ranking Chinese judges ruling in ways that would bring the same level of ire from the ruling party.


Re: Ah yes, the old "Endangering National Security" line

I recall about 20 years ago somebody once saying: "the Soviets gave their people personal freedoms before they had economic security while the Chinese gave their people economic security before they had personal freedoms. One of those paths is going to result in less disruption than the other when the oppression is dialed back."

It might have actually worked had Chinese leadership not gone the direction it did after Tiananmen Square.

Apple said to be removing charger, headphones from upcoming iPhone 12 series


Re: Low-voltage DC is just USB now

Sounds like the sticking point is the lack of voltage step-up circuitry in the laptop. My car charger peaks at only 12V on the output.

Looking at newer chargers hitting the market, I see a number of sub-60W models that include 20V output, so I wonder if the situation will change. Even if the drain exceeds the draw, it would be useful to have the ability to use lower current chargers in the event of an emergency.


Re: Low-voltage DC is just USB now

One complaint that I have with USB-powered laptops that many refuse to charge at all unless you have a full power charger. I've never had that problem with USB-powered phones, even with some very low power (<1A) charging ports.

There have been a couple of times when my Dell Latitude died on me and my 24W car charger was worthless since the laptop ignores anything under 65W.


Re: Low-voltage DC is just USB now

Not to mention that they're expensive, especially for the newer ones that support 18W charging USB PD or QC. I can purchase a 20-pack of standard mains receptacles for the price of one of those. They also tend to be a tight fit in many electrical boxes. And as you point out, the advertised power rating is usually for the unit in total, not per port.

They might be nice for hotels or guest rooms, but I wouldn't want them elsewhere.

RIP ROP, COP, JOP? Intel to bring anti-exploit tech to market in this year's Tiger Lake chip family


This is where the old 6809 got things right. You had one stack for program control and another for local data storage. If the data stack ended up with malicious garbage, the instruction pointer would still be restored to the right value after returning from the subroutine.


Re: Older programs ?

True, but if you protect all of the system and user libraries that get pulled into a process space, it should reduce some exposure.

While Huawei burns, Ericsson lands plush new O2 contract to help push 5G in Britain


Re: I've yet to meet anyone who cares about 5G

Actually, given the same frequency and channel width as a 4G-LTE network, a 5G-NR network should be a bit faster as it has some better encoding techniques.

But what makes 5G-NR really interesting is that it can utilize multiple carriers and that carriers for the uplink and downlink no longer need reside on the same band. This really comes in handy when you have a TDD band available where most of the time slots are allocated to downlink.

So your handset could use 703 – 718 MHz (band 28 FDD) to tower A as its uplink. But it could use 3300 – 3400 MHz to tower A, 3400 – 3500 MHz to tower B, and 3500 – 3600 MHz to tower C (band 77 TDD) as its downlink, with each tower allocating 90% of time slots to downlink. That's a massive gain in bandwidth.

US senators propose $22bn fund for new fabs on American soil because making stuff is better than designing stuff


Re: It's not the building or the hardware ..

This. The Phoenix metro tech industry dates back to the 1940s when defense contractors like Motorola set up shop. Intel, Western Design Center, Microchip Technology, Orbital, General Dynamics, and a host of other chip designers operate out of the metro.

And while the summer heat is brutal, the cost of living is half of similar metro areas in California. Other than its lackluster mass transit, the infrastructure is fairly comparable, if not superior in some ways (weather and fire related power outages are extremely rare, traffic is better).

That said, it is a cultural desert in addition to a literal one. It suffers from the same issues of urban sprawl as southern California. And the state's politics are complex and mired between urban progressives, rural libertarians, Mormon conservatives, senior/retiree/pensioner conservatives, left-leaning Hispanics, and rural bohemians. The state is slowly moving towards the left as the demographics change, but it is probably a good 20 years behind states like Colorado in that regard.


Re: Damn socialists

The difference between a fair and unfair subsidy comes down to who can apply for it. If it was open to any chip maker foreign or domestic, then it is fair. If it was only open to local businesses, then it is unfair.

Huawei launches UK charm offensive: We've provided 2G, 3G and 4G for 20 years, and you're worried about 5G?


I always thought the same thing. Huawei's gear has had a reputation for some time as being less than class leading in quality. Which means that the spooks in the West probably have a large cache of exploits that are unknown to the boys back in mother China. Seeing that gear being pulled out must be a mixed bag for them.

It could be 'five to ten years' before the world finally drags itself away from IPv4


If you have a sufficiently large block of IPv4 addresses, I agree. There really isn't a major technical reason to adopt IPv6 at the moment.

However, my employer is moving to IPv6 for a different reason: IPv4 addresses have value. They've slowly been selling off large blocks of them for some tidy sums. Eventually, the goal is to have both IPv4 and IPv6 addresses on the front of our public facing load-balancers, but to otherwise use IPv6 for most everything else behind it.


Re: If Only...

You don't need it to be backwards compatible. Systems have been using multiple network protocols for many years now. I used to work at a place that had both IPX and IPv4. Our NT boxes could use either. Also, there are numerous tunneling, translation, and proxy schemes for systems and applications that are not IPv6 aware.

The ultimate 4-wheel-drive: How ESA's keeping XMM-Newton alive after 20 years and beyond


Re: That is the frikkin' coolest Satellite/Telescope I have ever seen

If by interstellar star-ship, you mean a giant rocket penis, then yes.

You can get a mechanical keyboard for £45. But should you? We pulled an Aukey KM-G6 out of the bargain bin


Then you get edge cases like mine. I use a 20-year-old membrane keyboard from an old DEC Alpha workstation. It has a PS/2 plug and my motherboard has a PS/2 port, but my KVM only has USB ports, so I had to purchase a dongle to convert it.

Microsoft decrees that all high-school IT teachers were wrong: Double spaces now flagged as typos in Word


Re: I chose "I don't care"

Should we be using the "when HTTP_REQUEST" event for that or is the "when SYSOP_BOFH" event more appropriate?

Ofcom measured UK's 5G radiation and found that, no, it won't give you cancer


Too late, the change from HSDPA to LTE already killed us!

I'd really like to know what changes in the air interface makes 5G-NR so dangerous. Maybe some mischievous engineer read about the "killer POKE" from the Commodore PET days and decided to one-up the command when writing the new spec.

Oh wait, are they really complaining about the new millimeter cellular band that was opened for use in conjunction with 5G-NR? The same band that has been used for decades with radar, radio astronomy, and back-haul telecommunications? I'm sure they can point out all of the cancer clusters around those uses...

The self-disconnecting switch: Ghost in the machine or just a desire to save some cash?


> And this is one of the reasons why no one should have access to your stuff without, at the very least, you being notified beforehand.

Back when I used to be in field services, I once had to do an install at a colocation data center with a large number of civilian government customers. There was a great deal of security to pass through before reaching the raised floor. Once there, however, it was just one giant open room.

One of the site staff was giving me a tour and at one point I remarked to him what a bad idea it was not to have individual cages for each customer, which was the norm for the industry. I was actually shocked at the lack of physical separation.

Just my luck, a senior tech for one of those government customers was within earshot of my conversation. He didn't like what I was saying at all and voiced his displeasure to the facility's management. Shortly after, security approached me, escorted me out of the building, and informed me that I was banned for life.

About a week later, I was informed that the government customer I was there to do work for (a different one) had just installed a cage around their servers, the first for any customer in the facility. I got a laugh out of that.

LCD pwn System: How to modulate screen brightness to covertly transmit data from an air-gapped computer... slowly


Re: Ben-Gurion University

You may be able to compromise the computer before it is put into service (ie, during the build phase or during shipping from the manufacturer). You may also be able to compromise a third party who does have access to the computer after it is put into service (air gapped computers need patches, too).

I've been sent out to a few data centers that allowed vendors to bring removable media onto the secure data center floor, but then the media had to be disposed in a secure media shredder bin before leaving. A few of them even made me hand the thumb drive over to the guard before you entered the area to prevent slight of hand tricks - they would insert and remove the drive from the target device themselves and then walk it over to the disposal bin.

RIP FTP? File Transfer Protocol switched off by default in Chrome 80


Re: File Transfer Potocol

> FTPS and SFTP are both in their own way better that plain old FTP, and there are plenty of server options to make them tolerable, but they to have their drawbacks.

One of the biggest drawbacks with FTPS is that encrypting the control channel prevents firewalls from eavesdropping on data port commands, which breaks dynamic ACL/NAT logic for those secondary connections.

There are some ways around the issue, like telling the client to revert back to unencrypted control channels after authentication (see: CCC) or sticking with "passive" inbound data channels on a limited range of ports, but each comes with its own set of issues.

I had the [mis]pleasure of supporting FTPS for a finance company, so the CCC method was not an option. Worse, we were load-balancing several FTPS servers, so I had to find another way to glue the control and data channels to the same back-end server. I found that source IP address persistence did a well enough job for most customers, but a few had to muck things up by using a load-balanced outbound proxy server pool on their end. We used a /24 persistence mask so proxies on the same class-C were seen as a single client, but a few had to be cute and spread their proxy servers across totally unrelated ranges, which broke persistence. We had to set up a non-balanced FTPS server just for them. Total PITA.

Orange has an elegant solution to Huawei question in France: We'll stick with Nokia and Ericsson for 5G networks


Re: "The decision will please US authorities"

Not necessarily. It all depends on which "US authorities" you are talking to.

The better US intelligence agencies probably have a significant cache of vulnerabilities that they can work with. It might take more time to find them versus baked-in back doors, but Huawei has a reputation for poor code quality, so it probably isn't that difficult. So letting people think that the US doesn't have back doors is probably advantageous to their snooping of their others' networks.

The people and agencies that are upset with Huawei because of economic and nationalistic reasons are probably going to be the ones who are happy to hear this news. And I have little doubt that they were playing up the more sensational security threat aspect because nobody cares about boring corporate espionage and IP law.

What a terrible result from this year's Super Bowl. Can you believe it? Awful. Yes, we're talking about the tech ads


Re: 5g will connect emergency workers to hospitals?

Didn't the US push a fragmented 700 MHz band, in part, so that public safety could get a slice of the spectrum for their own use?

So if they're using Verizon 5G, how about if we dump the current band 12, 13, 14, 17, & 29 mess and just adopt one single APT band (28 for FDD, 44 for TDD) for 700 MHz.


You spoke, we didn't listen: Ubiquiti says UniFi routers will beam performance data back to mothership automatically


Re: Booo hiss to Ubiquiti

The Ubiquiti gear is starting to get popular among the "prosumer" crowd, so it is probably larger than you suggest. But I imagine that the WISP market is their main profit source. You have all of the CPE kit, sector antennas and APs, and possibly some backhaul radios. Those airFiber radios aren't cheap.

Take DOS, stir in some Netware, add a bit of Windows and... it's ALIIIIVE!


> I doubt any one could've afforded it. I remember in the mid-late 90s 2nd hand 72pin RAM was >$NZ50/MB. The machine could've addressed more, but my wallet wouldn't!

I had 1 MB in my Amiga 500 back in '88, as did most of my friends. By the early '90s, most of us had 2 to 4 MB in our PCs, STs, and Amigas.

I remember when Mechwarrior 2 was released in '95 because it required at least 8 MB of memory and I only had 4 MB in my PC. It was an expensive upgrade, but it wasn't prohibitive.


If you want to blame anyone for the limit, blame Intel. Had they used page aligned (256B) segments rather than paragraph aligned (16B) ones for the 808x, we would have had a 16GB address space for Real Mode programs rather than a 1MB one. The hack of banking switching memory above 1MB into the HMA would have been totally unnecessary.

Petition asking Microsoft to open-source Windows 7 sails past 7,777-signature goal


> chances of Microsoft open sourcing Windows 7 are zero

I agree. Besides the lost revenue and security aspects, it would fork the Windows ecosystem which would be disruptive. What happens when the OSS version starts adding API and KPI calls that Windows 10 doesn't have or purposely declines to add calls that have been added in Windows 10?

A less unlikely scenario would be MS licensing Windows 7 to a third party for long-term maintenance, essentially freezing the feature set but providing bug fixes and minor tweaks for new hardware. But you still have the issue of splitting the market in two. And there is also the profitability issue: since many people and companies are staying with Windows 7 because of budgetary reasons, how many of them are going to pay for continued service?

EU declares it'll Make USB-C Great Again™. You hear that, Apple?


Ethernet over twisted pair hasn't had the same pressures as USB regarding connector design. That's why everything from 10BaseT through 10GBaseT still uses the same 8P8C connector, even as the RJ45 cable it terminates has seen significant change. There have been connector alternatives like CX-4, but they were never that popular.

Meanwhile, Ethernet over fiber has had 5 or 6 different connectors to choose from over the years since the pressures have been different.

That said, I never understood why USB 1.x and 2.x needed six different connector types. And the new B and micro-B connectors for USB 3.x seem hackish. Stick with A and C for 3.x and higher.

Leaks point to Samsung Galaxy S20 Ultra with mammoth 108MP camera and ... what? 16GB of RAM


Use a laptop docking station. If I attach my Dell USB-C dock to my phone, it detects my keyboard, mouse, monitor, and GigE port. No need to fuss with any Bluetooth accessories.


If it supports 4K DisplayPort over USB so I can use it as a proper desktop, that 16 GB of memory might come in handy when I have several dozen tabs open in Chrome while in full screen.

Boeing aircraft sales slump to historic lows after 737 Max annus horribilis



That was done on purpose. Boeing signed an agreement with Southwest Airlines in which Boeing would receive a bonus on each 737 MAX sold if no simulator training for pilots was required.

The FAA was rather arbitrary in its decision making, so Boeing management pushed engineering to make as few cockpit changes as possible to reduce the risk that the FAA would require simulator training. That meant that the disagree light was omitted as a baseline feature. We know how that turned out.


Re: It's not just the 737...

There is a good chance that the managers who came from the military side of the house also came from the McDonald-Douglas side. That toxic culture was very prevalent over at MD and was probably one of the causes of their eventual failure.

When Boeing bought out MD, that culture came to Boeing. You can see the results in all of their latest aircraft.

A fine host for a Raspberry Pi: The Register rakes a talon over the NexDock 2


Re: Why some people keep on reinventing the ill-fated Palm Foleo?

Yup. I'd rather buy a USB-C laptop docking station for half the price so I could properly connect my device to my monitor, keyboard, mouse, and wired LAN.

Cyber-warnings, cyber-speculation over cyber-Iran's cyber-retaliation cyber-plans post-Soleimani assassination


Re: I almost hope it happens

The other question is if companies will just demand more fingers in the dike or if they'll step back and look at all possible ways the sea could engulf them.

My employer was hit by a likely state-sponsored DoS a couple years back. We did the typical post-attack expansion of capacity. But we also started looking at more non-traditional attacks, just in case that DoS attack was just a distraction. We had been quietly ramping up countermeasures against internal threats from disgruntled employees for years, but after the attack, we really started looking into state-sponsored espionage and sabotage. Stuff that was common practice just a few years ago can now result in immediate termination.

As to my first question, I have a bad feeling that most companies really won't step back unless the attack is devastating financially to them (or an unlucky competitor whose failure is now an example for all) or unless new regulation forces them to do so. And we all know how businesses love new regulations.

IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata


Re: idiot

A criminal must be right every time in order to avoid capture. A detective must be right only once to catch them. Smart people either go to extraordinary lengths to always be right or they understand the odds and just don't do the crime.

Smart speaker maker Sonos takes heat for deliberately bricking older kit with 'Trade Up' plan


Re: "my CD player and turntable are still going after more than 30 years."

> Well, EV's run on firmware. I guess they will be next. It will be very lucrative, a whole market of drivers who will be forced to upgrade

I could easily see a future where automakers and industry trade groups convince governments to enact certification requirements for firmware, else the vehicle is prohibited from operating on public roads for "everyone's safety". Sorry, your vehicle still hasn't been patched for CVE 2030-674. No roads for you.

Except that in many jurisdictions, I could also see a lack of safeguards that protect owners from firmware update costs, third party device interoperability changes, or outright abandonment. And don't even think of jailbreaking your vehicle to use a third party firmware, else you'll be the one in jail.

Now be a good consumer and go and replace your vehicle, home charging station, and all your accessories every few years like they want you to.

Never let something so flimsy as a locked door to the computer room stand in the way of an auditor on the warpath


Why go through the door...

I remember visiting a customer site that had a secure room protected by a mantrap. It had two reinforced metal doors and required two employee badges to enter or exit. They were making a very big deal about all the security once we were all inside. So I start tapping on the wall and notice that it is just drywall with an empty cavity behind it. I could probably kick my way through it in under a minute. For some reason, they weren't pleased with that discovery.

Even Windows 10 can't save the PC market as chip shortages, Brexit uncertainties bite


Re: Windows 10 can't save the PC market

Having a single code base for every platform was actually a good idea. In the good ole days, PC, mobile, embedded, and gaming all used their own forks of NT. They just executed that vision very poorly. Too many older Windows phones never received an upgrade, which pushed angry users to other platforms. Windows 8 had too much mobile emphasis. Too many bodies were thrown at unification while too few were thrown at new features.


Or even a consumer version of Win10 LTSB with a Win7 style Explorer, Start Menu, and window theme. I like most of the changes under the hood of Win10. I just hate the new UI, telemetry, and upgrade system/schedule.

Mozilla security policy cracks down on creepy web trackers, holds supercookies over fire


Re: About time

Why wait that long? Extensions such as "Cookie AutoDelete" can purge cookies as soon as a tab is closed.

What can I say about this 5G elixir? Try it on steaks! Cleans nylons! It's made for the home! The office! On fruits!


Re: US voters get what they vote for

Well, 5G *could* make the airwaves a little more efficient. The new 5G-NR protocol supposedly has lower latency and offers the choice of either FDD and TDD duplex schemes from the start (TDD came a little late to LTE). Given the asymmetrical nature of cellular traffic these days, I imagine that carriers and regulators may push to retire FDD channel allocations for TDD allocations.

Also, it'll bring some harmonization to the 3.5 and 3.8 GHz bands, which are currently a smorgasbord of differing standards from Ubiquiti, Cambium, and others.

Speaking of those bands, if the FCC wanted to spur a bit of competition, it would keep part of the 3.x GHz band for smaller operators, placing limits on the size of operators and making the areas smaller. Too bad that the FCC appears to be doing exactly the opposite, throwing smaller WISPs to the wolves...

Guys, geez... finally 5Gs: AT&T grows super-fast mobile net city rollout


5G needs many more base stations than the current 4G tech?

Not necessarily. While the new 5G-NR standard includes a bunch of new channels above 3 GHz that have shorter range, it also includes a subset of channels below 3 GHz that are currently used by 4G-LTE today. Range for those lower channels should be similar, allowing carriers to reuse their existing base station topology.

It's time for TLS 1.0 and 1.1 to die (die, die)


Re: TLS ? Our customers still demand ssl3 support

I've run into this issue a few times with ancient B2B devices. Luckily, there are SSL proxy devices on the market that can sit in front of a problem client or server that can step up from or down to depreciated crypto versions (or no encryption at all).

If I can take a Commodore 64 running a web server and protect it with TLSv1.2 and PFS, you should be able to do the same with your servers.

Look how modern we are! UK network Three to kill off 3G-only phones


Re: Forward thinking?

Many carriers want to reallocate their 3G bands for 5G services. Since 5G NR is supposed to use a new air interface and is not part of the LTE family, carriers will have to roll it out parallel to their existing LTE infrastructure.

The problem that I see is that most early LTE phones lack native VoLTE support. They use 2G/3G for voice. So when those older networks all go dark, not only will all of the 3G-only phones go silent, but so will a good number of 4G phones unless the carrier includes a VoIP app that can work over LTE data.

Here in the States where "branded" carrier-specific models are the norm, this will be made more difficult in that carriers generally refuse to support VoIP/WiFi-Calling on anything other than their own phones. They've baked their custom VoIP dialers into the firmware. So if you purchased a carrier agnostic model or brought your unlocked phone over from another carrier, you'll have to ditch the phone or find a third party VoIP service that works with downloadable app.



Biting the hand that feeds IT © 1998–2020