* Posts by SCP

211 publicly visible posts • joined 16 Aug 2016

Page:

Why the end of Optane is bad news for all IT

SCP

Re: Need a flower icon

Surely - "Tome of the unknown keyboard warrior."

Systemd supremo Lennart Poettering leaves Red Hat for Microsoft

SCP
Joke

Re: Depart, I say, and let us have done with you.

Perhaps it is project "B Ark"?

Is computer vision the cure for school shootings? Likely not

SCP

Sheesh! This is why things will not get better!

Over the years the problems with the other items you have mentioned have been recognized and steps taken to reduce the risks to children whilst also accepting that the items have general household utility. Things like child-proof tops on medicines and chemicals, restrictions on selling petrol/gasoline (only dispensed into approved containers); coupled with parental education programmes that raise awareness of dangers and steps that can be taken to protect children. Yes, guns should not be left where children could get hold of them - but that requirement is at odds with the perceived need to have a gun loaded and ready to hand in case "some shit happens".

Even for suicides things are done to reduce the risk. Back in the day you could buy paracetamol in jars of 100 - and suicides could chug a jar. Now they can only be bought in blister packs of 16 (and you are restricted to 2 packs). The limited numbers and blister packs slow people down enough that impulse suicides using paracetamol (and other non-prescription medecines) have been reduced. A determined and committed person can still do it, but someone having a crisis moment has their risk reduced - and it shows up in the numbers.

I said in my original post - the US has a range of problems that all stack up, but guns and the US gun culture are [IMO] part of the problem. The other countries you mention - less so; and they adjust their laws when problems emerge.

SCP

Yes - there are cases like these, and others such as family members being mistaken for an intruder and shot, people knocking on doors [albeit 5:00am] being shot through the door, various escalations based on "stand your ground" doctrine .

Whilst not a fatality this is an illustration of the level of improper gun handling problem faced: [military.com].

And there are further classics amongst the Darwin Awards.

SCP

The prevalence of arms in the US, its historical attachment to arms (via its constitution), widely held attitudes in favour of gun ownership, and a great many social issues give the US a very large set of problems in making a change.

There will always [for the foreseeable future] be incidents of gun violence; these can be found in most countries (examples were cited elsewhere in this thread) - but the number of incidents and the number of deaths in the US are staggering.

Limiting any consideration to "psycho's and criminals will keep their guns" overlooks a significant number of "avoidable" killings:

- Children killed because they got hold of parent's gun (which was not securely stored);

- Fender-benders and other minor altercations that turn into shootings because a gun is readily accessible;

- "Going postal" events;

- Suicides;

Yes, other issues are also involved in these cases, but widespread gun ownership is a contributory factor.

Making a start on gun control to address these areas would save many lives and needless tragedies. There will be setbacks, and the numbers will not magically drop to zero - but surely there is a need to see the statistics drop to something more akin to those found in Europe.

You need to RTFM, but feel free to use your brain too

SCP

Re: Doncha hate it...

You often find that once you understand the process you can often improve an old process to make it better/safer/quicker

I agree with your dislike of instructions without explanation - but explanations can also prevent critical steps being optimized away because somone does not understand their purpose.

Picking up on your "better/safer/quicker" point: too often I found cases where steps had been introduced into a process to address a problem that was occuring elsewhere (but could not be immediately corrected). Unfortunately the additional steps remained long after the problem had been rectified because the reason for the step being there was not made clear (and it was not immediately obvious that the step was redundant).

SCP

Re: Measure twice, cut once

If anybody tries to make out they do know everything and have nothing to learn are then they aren't all knowing and impressive, ...

As the pithy observation goes - "I'm not young enough to know everything."

Google engineer suspended for violating confidentiality policies over 'sentient' AI

SCP

Re: Hmmm...

Very rarely do we have examples of a conversation where the answer to "Are you sentient?" is "Beep, boop, no you moron, I'm a pocket calculator."

So it might not have an understanding of sarcasm! In some parts of the world that is almost a de facto mode of interaction.

Declassified and released: More secret files on US govt's emergency doomsday powers

SCP

Re: Might is right, in other words

"Whoops Apocalypse"

The TV series rather than the film!

The sad state of Linux desktop diversity: 21 environments, just 2 designs

SCP

Re: Not that unreasonable

Now, my computer doesn't have a CLI. Why would I want one?

rm -rf /

???

SCP

Re: Not that unreasonable

Look at the choice: automatic or manual. That's two choices, not hundreds.

When leaping into the hire car for a business trip I found it was always a good idea to check where reverse gear was sited and what interlock mechanism was used to prevent inadvertent engagement before setting off.

Fully automated AI networks less than 5 years away, reckons Juniper CEO

SCP

Re: 2 + 2 = 5

Yes it is possible to "prove" that 2 + 2 = 5, but only if an intermediate result which makes use of a questionable use of zero is glossed over.

The proof of that I saw involved a sneaky disregarding of a negative square root. Very sweet (but I do enjoy false proofs)!

SCP

Re: 2 + 2 = 5

I thought it was:

2+2=5 for sufficiently large values of 2.

John Deere tractors 'bricked' after Russia steals machinery from Ukraine

SCP

Re: Two wrongs make a right

However, in this case rendering stolen products inoperable is not something that should generally be regarded as unacceptable (for example getting a stolen phone's IMEI blocked).

Perhaps I should have titled the comment "Two wrongs make a right?" [NB the "?"] to emphasise the dubiousness of the phrase - something I addressed in the body of the comment. I was looking for an "edgy" title - so mea culpa.

In the general case "two wrongs" do not make a right - but in this case John Deere do not appear to have commited a "wrong" [- at the request of the "owner" [the dealership from which the tractors were taken] they rendered them inoperable. That they were able to do so was by dint of a feature that would also be open to misuse by John Deere - and many believe it is misused to prevent "fair use and repair".

SCP

Two wrongs make a right

It is probably good that these Wagons of Mass Production are taken out of the wrong hands.

John Deere win this one on a lesser of two evils basis - but that does not make the "feature" good.

Meetings in the metaverse: Are your Mikes on?

SCP

Re: Come Into My Dull Meeting Metaverse

A very enjoyable read to start the Bank Holiday weekend - thank you.

Considering the advances in AI I feel, a re-working of this NTNON classic seems overdue: [youtube]

US Army may be about to 'waste' up to $22b on Microsoft HoloLens

SCP

Re: Just what a grunt in a muddy trench, in the rain needs ...

"They'll also be radio silent ..."

When they need to be, at other times I they might benefit from interactions through the squad comms link to provide better tactical awareness [e.g. visual cues as to where the rest of your squad is]. I would think that having a "look and shoot" capability to bring artillery/air strike support down on a target might be welcomed if in a bit of a tight spot.

SCP

Re: If or how?

The OIG might be right to express reservations about the amount being spent if there are significant uncertainties in the plans - but helmet mounted technology could bring many advantages to the soldiery.

For many years Western forces have had advantages such as night vision and thermal vision - but that is now becoming ubiquitous. Such stuff is readily available in the civil marketplace - maybe not as high-specced, but does close the gap.

To maintain a tactical advantage innovation is required - and improving real-time situational awareness and integrated operations is a significant one.

Warfare is brutal and unpleasant - but I would rather our side had all the advantages, because the alternative is even less pleasant.

Google bans third-party call-recording apps from Play Store

SCP

Re: Interesting

With voice telephone based customer services being much the only way to get in touch with many companies. call recording can be a very useful method of making a record of these interactions - useful should a dispute arise.

One could also see call recording being useful to someone receiving haarassing/threatening calls.

For normal calls, if you are very indiscreet when speaking with a casual 3rd party you perhaps ought to think about your own actions. If friends record personal conversations then perhaps that friendship needs some re-evaluation.

I think most on here have few objections if apps state what they do, do only what they say, and are controllable by the user. Taking issue arises where apps do things sneakily, or omit significant details from their description [e.g. we will store your data on our servers and may use it for any other purpose], or are difficult to control [e.g. turn off _completely_ when desired].

When the expert speaker at an NFT tech panel goes rogue

SCP

Next Fake Thing

The wild world of non-C operating systems

SCP

Re: Modula 2

"Back in the 80's people weren't so fixated on one chip architecture, ..."

And for those too young to have been there - a case in point was the Transputer and Occam from Inmos.

FIDO Alliance says it has finally killed the password

SCP

Re: I've been saying they should do this for years

"No one is forcing you to use this ..."

There are those who are trying very hard to force things like this upon us. I am continually nagged to provide a mobile phone number for a banking account - because the government has ruled they must apply a 2FA. Problem is mobile reception around these parts is iffy and I would need to travel to a spot where I could receive the code then hurry back to avoid getting timed-out.

Some banks don't accept a landline number, some do; some allow you to authenticate with one of the banking card readers and your bank card (my preferred approach). Things might improve (I complained to the bank about not accepting landline numbers - but it was a limitation of their IT, it might get fixed in an update that might come out later this year. I know: astounding incompetence - but that is the reality of the situation, and this is only the part we can see. What horrors lurk beneath?).

Unfortunately the choice of bank does not solely rest on whether or not they allow my preferred choice of authentication - so it is not so easy to simply take my business elsewhere.

SCP

Re: I've been saying they should do this for years

"... within the time limit I specify (so you don't need to re-auth yourself to login to a different site two minutes after you last authenticated yourself) ... "

Would that mean that a malicious application could monitor for an authentication event, then initiate its own interaction with another of your secure services and receive an authentication code from your phone?

I am sure _you_ are sufficiently careful and knowledgeabe to avoid malware running on your systems - but others might not be.

SCP

Re: Microsoft already nailed this

You are right that security and convenience are trade-offs. For convenience I just leave myself logged in to this site and rely on the screen-lock password. Simples! Not such good security - but adequate for my concerns.

For my banking I use a private browser session, unique passwords (well I do that anyway - PWSafe), whatever 2FA protocol they are mandating (except mobile phone), and I log out afterwards and shut the browser down. Not so simples, but not bad. Better security.

How legacy IPv6 addresses can spoil your network privacy

SCP

Re: Every molecule can have its own IP address

"If we have to randomize our v6 IP address on a daily/hourly basis to avoid tracking, doesn't that greatly diminish the value of having such an expansive address space?"

An advantage of such an expansive address space is that your randomly chosen IP address is very very very very unlikely to collide with someone else's randomly chosen IP address. This would make the actual operation of any such system much more efficient since "re-try" events would be very rare.

AI drug algorithms can be flipped to invent bioweapons

SCP

Re: One good thing

"So we should leave this in the hands of private enterprise?"

Could you clarify what you mean by "this".

I would be more than happy for TPTB to take legal action against those making credible attempts to develop and produce [in this case] toxic agents with the intent to cause harm. This would seem to be covered by the sort of anti-terrorism legislation widely adopted by many countries.

I would be unhappy for TPTB to seek to ban the use of AI technology from general access.

Unfortunately far too many government officials seem keen on the latter sort of approach.

The original article seems more like the result of something intended to generate publicity for the outfit behind the "research" than any genuine concerns for a new security threat or a breakthrough development in the use of AI.

"Experts have sounded ..." pah! More like "3rd rate self-publicists". Sheesh - the Vulture definitely playing to its red-top banner here (or is the whole article a troll - in which case 'Well played Katyanna')! Perhaps write an article on the deady poisons that can be obtained from common plants.

Why Nvidia sees a future in software and services: Recurring revenue

SCP

An interesting decision ...

I must admit I am not entirely convinced on the arguments, but then my spending on software is rather parsimonious at best, and I prefer to own things (like CD's) rather than pay-per-play.

I could see how it might work in the car-leasing model - where the software costs would all be rolled-up into the lease and would naturally expire at the end of the lease. I could see how it might work for those who routinely change cars every couple of years (e.g if the car price is fixed and the high-end features are costed appropriately) - but this does not give much of an assured life to the software income. It might work for very high-function software (such as self-drive) where a mandatory software update and maintenance cost might be incorporated into the servicing regimen.

My concerns include that hardware goes out of date pretty quickly compared with the lifetime of a typical car - so it seems likely that aging cars might be incapable of running the latest software releases to an acceptable standard. I am not convinced that those buying in the second-hand market would be happy paying premium software prices for poorly performing software.

I am also entirely unimpressed with the quality of in-car software (thanks Nissan) - the basic stuff like the engine management seems fine, but high-end stuff like the Sat-Nav and "entertainment" system are poor (the Sat Nav is just naff [e.g. can't bulk load POIs], the RDS traffic info does not work, the entertainment system has locked up a few times, and even the engine stop/start system has failed on at least 3 occassions - necessitating a full ignition turn off and back on again to get started [good job I was a software engineer].

Overall I do not see me being an early adopter - with the possible exception that I might lease my next car (as I expect to try EV and would want to be shot of it before any battery issues develop).

So an interesting and brave decision.

Startups competing with OpenAI's GPT-3 all need to solve the same problems

SCP

Re: where is this Internet of which they speak?

"the generated patterns/word sequences would resemble turn of last century (1900s) language"

Thou say'st that as tho' t'would be an unsavoury thing, innit.

Use Zoom on a Mac? You might want to check your microphone usage

SCP

Re: Watching the watchers watch the watchers watch

The watchers might well have a watch (as might the watcher's watchers), but these watches might not be the watches that the watcher's watchers are watching. The watchers are also on watch (watching what watchers watch) and it is this watch that the watcher's watchers are watching on their watch. Smart watches might also need a watcher and a watcher's watcher who, on their respective watches, will watch what the watch and the watcher does to see if anything is watching what they should not be watching. So I suppose a watcher's watcher could be watching a watcher's watch on the watcher's watch using the watcher's watcher's watch when they are on their watch.

I hope that has helped clarify things.

When forgetting to set a password for root is the least of your woes

SCP

Re: Nobody told me I wasn't allowed to do it.

Randomized (or even methodical) input testing based on zero knowledge can be automated using fuzzing techniques.

Deeper testing of a system requires an understanding of what it is meant to be doing and an knowledge of the ways in which things can go wron. It is this element of engineering that is often overlooked by implementors and is a skill that those who excel at testing have an affinity for. Good testers should always have this different viewpoint of the system. Some of their task can be completed without an understanding of the system - but system knowledge can also be used to inform testing.

However, all this does not build in quality, but should be _part_ of a process that assures quality (and QA should be checking that that process is being properly applied). If testing is finding more than infrequent design and implementation errors that is an indication that the execution of the design/implementation is flawed. Simply patching up those errors is unlikely to result in a good quality system.

SCP

Re: Nobody told me I wasn't allowed to do it.

"Yeeeeeees... This is what QA is *meant* to do."

Well, not necessarily. There is a line of reasoning that boils down to "you can't test-in quality" (or more fundamentally you can't bolt it on. Testing can detect and remove flaws - but at best a low test failure rate might indicate good quality. Quality is a result of sound planning, development and implementation using processes that aim to prevent or quickly eliminate defects and errors.

In this line of thinking Testers test - ideally they should be good engineers familiar with the system and be well read on testing methodologies. Quality Assurance is concerned with making sure things are done in accordance with the appropriate standards and procedures, by suitably skilled people - they might even run key reviews (though not be the subject matter experts). They [should] report independently from project management and [theoretically] are free from the project delivery pressures of the project team.

In reality quality is everybody's responsibility if you want to build a high quality product.

Bouncing cheques or a bouncy landing? All in a day's work for the expert pilot

SCP

Re: Serial to VGA? All you need is an adapter!

Training cudgels!

SCP

Re: Dell!

Ah, memories of BBC B function key strips; DEC numeric keypad overlays for EDT; Acorn function key strips.

<sigh/> Nostalgia ain't what it used to be.

SCP
Happy

Re: In the pilot's defense...

"Directions of travel are handled separately."

Certainly are if you are VIFing.

Tesla driver charged with vehicular manslaughter after deadly Autopilot crash

SCP

Automation has led to significant improvements in safety within the aviation industry - though there have been accidents; the demonisation of robots is often overhyped. The cages you mention are more to keep the humans out rather than the robots in.

In the incident being reported the two tragically killed were the innocent victims and it is with them that our sympathies should lay. Nothing in the aftermath of this is going to return these people to their families and friends; no punishment is going to wash away the hurt. The only possible positive would be that by making people face the consequences of their actions things are changed. In this respect I feel that both the driver and Tesla need to consider, and be held accountable for, the consequences of their actions.

Open source isn't the security problem – misusing it is

SCP
Joke

Every dark cloud has a silver lining ... which is a backdoor that is ajar.

SCP

Re: six million flies

And typically the costs of meeting these standards is not cheap [even if you exclude buying the standard in the first place]. There was an OpenDO project (https://www.open-do.org/) that aimed to address some of the challenges - but that looks to have stalled/died around 2015 (still some useful pointers to work being done).

SCP

Re: log4j works as specified

A problem is that, as a code production driver, functionality often over-rides all other drivers. Quality and maintainability would be lucky to get a look-in.

The advancements that have been made in automated code analysis over the decades I was working still very rarely get a look-in - and these are quite capable of finding significant faults in code.

(A problem [IMHO] is that the tools often require the developer to adapt their approach to design and code writing to be better suited to analysis and avoid numerous "warnings". The unwillingness to adapt to improve is reinforced by cost metrics that favour churning out quick solutions using familiar approaches.

It is worth noting that there is a flip side in that pedantically adhering to particular strictures on design/code writing can preclude some neat and efficient solutions that would reduce the overall risks in a programme.)

SCP

Re: log4j works as specified

"Exactly. None of the proposals mentioned in this article would have had any impact on it."

If by "it" you mean the security issues arising from the use of log4j, I would agree. The article, however, is noting one of the problems of rectifying an issue once it is found - namely that it is difficult to know whether and where the software of concern is in your build.

It is the post-event clean-up that the proposals seek to address by allowing corrective actions to be efficiently and effectively applied.

I think SJVN [author] is right to be cautious as to when a good SBOM might be realised. To my mind the challenge will not be for the "fair wind" case, but in establishing a robust solution that will satisfy security needs (e.g. prevent falsified SBOMs).

Boffins' first take on asteroid dust from Japanese probe: Carbon rich, less lumpy than expected

SCP

The most worrying thought going through an engineer's mind:

"that's odd"

SCP

Re: Ooooo Laaaaa

Hey Marvin, let's fire up the X-2 and hop litely over there to check it out.

SCP

Re: Box of Legos

To borrow from a couple of other great philosophers debating the great issues of the day:

"The way I see it, these days there's life, right? and, ages ago, there wasn't life, right? So, there must have been a moment when there not being life went away, right? and there being life came along. So, what I want to know is: How did we get from the one case of affairs to the other case of affairs?"

"It was too much effort not to have life"

Which given the enormity of space and time, and the proclivity of carbon chemistry to do interesting things seems a reasonable conclusion to draw.

SCP

"fails to address the fundamental question of 'where was that?'."

As Richard Feynman noted, “I would rather have questions that can't be answered than answers that can't be questioned.”

Panspermia might or might not be the origins of "simple life", but at least we can explore the idea without the unpleasantness of yore. Progress!

SCP

Whilst agreeing with the overall sentiment I feel that "absolutely fuck all happened" overlooks some very interesting developments in cellular life during this period. It is very unfortunate that more evidence of how life evolved during this period is not reserved in the record. Admitedly it took a wee bit of time.

The development of our knowledge in cellular and sub-cellular processes has yielded many interesting insights and holds out the promise of much more to come.

New submarine cable to link Japan, Europe, through famed Northwest Passage

SCP

Re: Who are the customers?

"the speed of light in a vacuum is much faster than the speed of light in optical fibre"

Reduced latency in long haul is also one of the benefits expected of Hollow Core Fibre (but still in trials so probably not an option here).

£42k for a top-class software engineer? It's no wonder uni research teams can't recruit

SCP

Obviously a bintodec mistake interpretting 1 in 10!

After deadly 737 Max crashes, damning whistleblower report reveals sidelined engineers, scarcity of expertise, more

SCP

Re: The article leaves out important details

"Please read more about these accidents."

I have as I had a professional interest (but no direct involvement with 737-MAX).

SCP

Re: The article leaves out important details

Neither sets of pilots responded to the MCAS failure in accordance with training since there was no training about MCAS - the pilots were not even aware of the system; a deliberate aspect of the Boeing "design" to avoid pilot training costs.

One set of pilots got lucky freelancing a solution to the problem, the others (and their passengers) did not.

To suggest that this is anything other than a failure by Boeing and those responsible for certifying the system as safe is a travesty.

Behind the headlines: <https://www.afacwa.org/the_inside_story_of_mcas_seattle_times>

Intel's mystery Linux muckabout is a dangerous ploy at a dangerous time

SCP

Re: All of this is speculation – but valid speculation.

[speculation] - "to take to be true on the basis of insufficient evidence"

Is it not the intransitive form in this case - so "to meditate on or ponder a subject".

Also for valid - "1 : fair or reasonable"

Page: