* Posts by Richard Tobin

340 publicly visible posts • joined 13 Aug 2007

Page:

Dilettante dev wrote rubbish, left no logs, and had no idea why his app wasn't working

Richard Tobin

Re: Divers log

Another point - when I was at primary school, the way we were taught to write decimals was *not* 3.14159, but 3·14159 - with a middle dot. That makes it even less the case that 1.5 would be naturally interpreted as a decimal.

Richard Tobin

Re: Divers log

Bear in mind that in those days people were much probably much less inclined to treat numbers as decimals in general. We would write £1 2s 6d, 5' 8", 2lb 4oz.

During the run-up to decimalization in 1971 one of the things that they (the government, teachers, the BBC...) tried to drum into us was that a pound and five pence should be written £1.05 and not £1.5.

VPN Secure parent company CEO explains why he had to axe thousands of 'lifetime' deals

Richard Tobin

How is this legal?

Don't the customers have contracts? When did "we can't afford it" become a way of getting out of a contract?

Marks & Spencer admits cybercrooks made off with customer info

Richard Tobin

Stupid password requirements

They wont accept a password of 16 random letters and numbers because it doesn't include a special character, but they'd be happy with ABCxyz+1

Yolk's on you – eggs break less when they land sideways

Richard Tobin

Useful

I will make use of this result when next making an omelette.

Nip chip smugglers by building trackers into GPUs, US Senator suggests

Richard Tobin

Auditors??

"auditors would go around to datacenters checking that the GPUs' cryptographic signatures match the ones on file" - how are American auditors going to check data centres in China?

Teens maintained a mainframe and it went about as well as you'd imagine

Richard Tobin

DECwriter

We had a DECwriter as the console on a VAX 11/750 running Berkeley unix. Every minute a cron job printed the date so that we could tell when any output had happened.

One day we suddenly started getting an error for every command - something like "out of processes". We found that the console had run out of paper, and several hundred "date" processes were stuck waiting for their output to complete.

Soviet probe from 1972 set to return to Earth ... in May 2025

Richard Tobin

Re: Eventually….

Works here. Try this instead: https://www.wikidata.org/wiki/Q3211100#/media/File:Guggenheim_NOV2011_Cattelan_5.jpg

Richard Tobin

Re: Eventually….

At least it's unlikely that this will happen.

Nationwide power outages knock Spain, Portugal offline

Richard Tobin

No. There have been no even moderate solar flares for about a week.

You can see last few days' solar flux at https://www.swpc.noaa.gov/products/goes-x-ray-flux

BOFH: The Prints of Darkness pays a visit

Richard Tobin

"partially implement every networking protocol known to man, badly"

A fine example of this is that many Canon printers can't be connected to your wireless network if the network implements 802.11r, a protocol to speed up roaming between access points. The symptom is particularly bizarre - the printer just doesn't prompt you for the wifi password. The workaround is to turn off 802.11r, configure the printer, and turn it on again.

Tesla fudged odometer to screw me out of warranty, Model Y owner claims

Richard Tobin

They're self-driving, remember? You have no idea where they're going while you're asleep.

Pentagon needs China's rare earths, Beijing just put them behind a permit wall. Oops

Richard Tobin

Guess who else has rare earths? Ukraine and Greenland.

Apple Intelligence turned on by default in upcoming macOS Sequoia 15.3, iOS 18.3

Richard Tobin

But is it a cloud-based feature? Or does it run locally? Their past statements have not been explicit about this.

Apple called on to ditch AI headline summaries after BBC debacle

Richard Tobin

er what?

The BBC didn't show this headline. Apple did, attributing it to the BBC.

Huawei handed 2,596,148,429,267,413,
814,265,248,164,610,048 IPv6 addresses

Richard Tobin

It's not that many

My ISP gives me a /48, which is pretty common. That means that in theory I can have 2^80 devices, though more usefully I could have 2^16 subnets of up to 2^64 devices. Huawei's /17 would allow them to provide 2^31 = 2 billion customers with a /48, and that's not much more than the population of China. Not that I imagine that they want it for that.

There are lots of fun things you can do when you have an effectively unlimited number of addresses. I have a string of christmas tree lights with 250 individually-controllable colour LEDs - I could easily write a program that gave each LED its own address.

Eurocops take down 'secure' criminal chat system known as Matrix

Richard Tobin

Re: In other news.....

End-to-end encryption doesn't protect against interception in the phone itself.

BOFH: Don't threaten us with a good time – ensure it

Richard Tobin

Insurance increases your expected loss - how else would insurance companies make money? - in return for removing the possibility that your actual loss is much higher.

NIST: New smoke alarms are better at detecting fires, but still go off for bacon

Richard Tobin

Re: Not in kitchen

That's right.

"Smoke alarms are not suitable for kitchens but heat alarms are" - https://www.london-fire.gov.uk/safety/the-home/smoke-alarms-and-heat-alarms/

Lebanon: At least nine dead, thousands hurt after Hezbollah pagers explode

Richard Tobin

Re: Technology question

The battery is certainly the obvious place. It's heavy so a little extra is less noticeable, or perhaps they just reduced the battery capacity. It could even be introduced without the complicity of the pager manufacturer - offer them a good deal on several thousand batteries and they might well take it.

I haven't seen anything indicating how they were triggered. If the software was compromised it could signal to the battery without the need for extra wiring, for example by a pattern of power use.

ESA's Juice probe dances with Earth and Moon before shooting off to Jupiter

Richard Tobin

Re: "On August 20, the spacecraft will do it all again, this time around Earth"

It took the Apollo missions three days, not three weeks.

Client tells techie: You're not leaving the country until this printer is working

Richard Tobin

Re: Not as luxurious

"Many years ago while working for a small MSP" - Ruth Davidson?

It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0

Richard Tobin

Re: Why is it a loopback address?

It means all interfaces on this computer when bound as a server address. But this is about it being used as a destination, which should just be disallowed by the operating system.

Richard Tobin

Why is it a loopback address?

When binding a server address, 0.0.0.0 (INADDR_ANY) means listen on all interfaces. But what is the justification for it being recognised as the local host when used as an address to connect to? I don't recall ever seeing that documented, and what would be the point of 127.0.0.1 if 0.0.0.0 did the same?

Would you rather buy space broadband from a billionaire, or Communist China?

Richard Tobin

Re: Would you rather buy space broadband from a billionaire, or Communist China?

Well obviously it depends on *which* billionaire.

Faulty instructions in Alibaba's T-Head C910 RISC-V CPUs blow away all security

Richard Tobin

"If I use this instruction correctly and without any malicious intent on any other RISC 5 processor, then in these machines my code is completely broken?" This makes it rather surprising that the bug was not noticed immediately - or indeed in testing before release. Are there just very few programs that use the affected instructions?

Yes, I am being intolerably smug – because I ignored you and saved the project

Richard Tobin

Simple rule

Always take a photograph before you start.

Intel to deliver fix for Raptor Lake CPUs made 'unstable' by voltage snafu

Richard Tobin

Re: Too much complexity

The transputer did indeed demonstrate what could be achieved by a very simple processor in a big array, and the answer was "not much". For several years people enthused over it, but failed to produce useful solutions with it. It became clear that the vast majority of tasks just weren't amenable to being solved that way: they have parts that are inherently sequential, and even when parallelized need access to shared memory.

Nasty regreSSHion bug in OpenSSH puts roughly 700K Linux boxes at risk

Richard Tobin

glibc??

".... anything running glibc is probably vulnerable. ... The notable exception here is OpenBSD"

Surely the BSDs don't use glibc anyway?

Updated: according to https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt they haven't tested any other libc implementations.

Andrew Tanenbaum honored for pioneering MINIX, the OS hiding in a lot of computers

Richard Tobin

386

"many early internet hackers worked on the original MINIX, porting it from x86-16 [sic – this was an 8086 OS] to 68000 and SPARC"

The most significant work (at least in my opinion - I played a part in it) was getting a 32-bit x86 version running, and improving the system libraries to the point where gcc and emacs could run. That's what Linus built the first Linux with.

Tiny solid-state battery promises to pack a punch in pocket gadgets

Richard Tobin

TDK... oxide based...

... they're made out of old SA90 cassettes, aren't they.

Techie installed 'user attitude readjustment tool' after getting hammered in a Police station

Richard Tobin

User attitude readjustment tool

Usually abbreviated to "LART".

Starlink suffers 'degraded service' from solar storm but emerges intact

Richard Tobin

Not that unusual

The storm may have been the "[b]iggest in a long time" but it's not that unusual. It's the first extreme geomagnetic storm in 20 years, but that's because there weren't any extreme storms in the previous solar cycle, which was a rather weak one. The average frequency of extreme geomagnetic storms is 4 every cycle, so it's quite possible that we will have more in the next couple of years while solar maximum lasts.

See https://www.swpc.noaa.gov/noaa-scales-explanation for more information.

Meta lets Llama 3 LLM out to graze, claims it can give Google and Anthropic a kicking

Richard Tobin

Running it with ollama

Somewhat surprisingly I can run the 70b model on my 32GB Mac. As you'd expect, it's very slow: output takes about a minute per token.

The 8b model runs at a reasonable speed.

ASML ships another high NA EUV lithography machine to mystery client

Richard Tobin

Who wants to make their own chips?

Apple?

The batteries on Odysseus, the hero private Moon lander, have run out

Richard Tobin

Photo

Presumably the large white splodge is the sun, vastly larger than it should be because its brightness is overwhelming the camera. The crescent to the left of it is the earth (which should really appear much larger than the sun). And the white blobs above and below the sun are camera artefacts.

NASA warns as huge solar flare threatens comms, maybe astronauts too

Richard Tobin

Re: Too late?

Solar flares have both immediate and delayed effects on the earth. X-rays travel at the speed of light and can cause radio blackouts and also affect satellites in various ways. X-rays may remain at high levels for several hours - in this case the level was above M1 for about an hour and a half. Flares are often also accompanied by "coronal mass ejections" which can cause geomagnetic storms a couple of days later. There doesn't seem to have been a significant CME associated with this flare.

Leaked email: Unit4 ERP system leaves some school staff with 'nil pay'

Richard Tobin

Compensation?

Will they be compensating people who have been charged for overdrafts and missed payments because of this?

One person's shortcut was another's long road to panic

Richard Tobin

Re: Oops!

There's no reason to follow symbolic links in a program like this. If the symbolic link is to outside the relevant filesystem (or subtree), it shouldn't be followed. And if it's inside the filesystem, there's no need to follow it because you will look at the destination directory anyway.

Richard Tobin

Re: Oops!

This problem was encountered pretty much as soon as symbolic links were introduced in 4.2BSD. Each utility that traversed the filesystem (du, find, etc) had to have a flag added to indicate whether symbolic links should be followed. I remember a version of SunOS in the mid-1980s whose cron job to remove old files in /tmp followed symbolic links, with predictable results.

HP's CEO spells it out: You're a 'bad investment' if you don't buy HP supplies

Richard Tobin

Re: Security

I think it would only take a handful of design flaws. For example, the printer could trust a length field at the start of the serial number, so a malicious chip - even just an EPROM with more than 32 bytes - could provoke a buffer overflow in the printer firmware.

(I have no reason to suppose that they have such a bug - it's just an example.)

Richard Tobin

Security

"We have seen that you can embed viruses into cartridges, through the cartridge go to the printer, from the printer go to the network."

If this is true, then HP's printers are dangerously insecure by design.

Open source PostgreSQL named DBMS of the year by DB-Engines

Richard Tobin

SQLite

I wonder what their ranking system does to keep SQLite off the top (it appears to be 11th)? It's run on more or less every phone and computer in the world.

SQLite isn't good for everything, but if it does what you need, it has the great advantage that you don't run a server - the database file is instead mapped into your program.

British railway system is getting another excuse for delays – solar storms

Richard Tobin

Re: "constructed digital models"

The "equipment" in question is a block of railway line about a kilometer long, which is rather difficult to enclose in a cast alloy box, especially if you want a train to travel along it.

Leader of pro-Russia DDoS crew Killnet 'unmasked' by Russian state media

Richard Tobin

Axis nations

What???

Woman jailed after RentaHitman.com assassin turned out to be – surprise – FBI

Richard Tobin

Re: As George Carlin remarked...

"The curve is in no-way Gaussian" - this statement is meaningless unless you have a non-arbitrary scale of intelligence, which we don't.

These days you can teach old tech a bunch of new tricks

Richard Tobin

PCs? That's nothing

There are people out there making adaptors to connect BBC Micros to HDMI monitors: https://stardot.org.uk/forums/viewtopic.php?t=14430

China reportedly bans iPhones from more government offices

Richard Tobin

Perhaps it's the other way round

They don't want government employees using devices they can't crack.

X may train its AI models on your social media posts

Richard Tobin

microLenat

As the Jargon File notes, the standard unit of bogosity is the microLenat. The Lenat itself is far too big for practical use.

RIP Doug.

Page: