* Posts by really_adf

156 posts • joined 21 Feb 2017

Page:

Guess who came thiiis close to signing off a €102k annual budget? Austria. Someone omitted 'figures in millions'

really_adf

It's not really about marketing (well OK, maybe a little bit.) Hard disk capacity used base 10 units once the average disk size got a little too big for conveniently using base 2 units, as they are a linear/serial storage medium which means a disk platter's capacity can be any number of bytes you like.

At the read/write head, hard drives are basically serial, but (for a long time) from the outside, they are random access devices addressed by sector. The capacity is actually any number of sectors you like. Sectors have a power-of-two size, as a natural consequence of the fact they are buffered in RAM. This may explain 1MB = 1,024,000 bytes being used for a while; this is the definition applicable to a "1.44MB" floppy disk.

Binary prefixes are a natural convention for memory chip sizes: they simplify expressing exact values because the chips have both a power-of-two addresses (a number of address lines) and a power-of-two data lines. Decimal prefixes are a natural convention for line rates: they simplify expressing exact values when, as is typical, a factor in the rate is a clock frequency defined with a decimal prefix.

The rationale for a convention is less clear-cut and often varies in other cases, such as hard drive sizes. This, I assume, led to kibibyte etc to disambiguate.

There's a new comet in town and you don't need a fancy multi-million-dollar telescope to see it. Just regular eyeballs

really_adf

Re: I'd like to see it

I'm in the middle of Austin. We see no stars at all. Just the Moon, Venus, possibly Mars and maybe, just maybe Jupiter at times

"Possibly Jupiter and maybe, just maybe Mars at times" is more likely. Put another way, if you can ever see Mars, you will be able to see Jupiter regularly.

The maximum apparent brightness is basically the same, but Mars is more variable. I think the primary reason for this is that the orbit of Mars is more eccentric. An instructive diagram and more here.

Coronavirus didn't hurt UK broadband speeds in March. Call of Duty: Modern Warfare, on the other hand...

really_adf

"Ofcom attributes the resiliency ... to their ability to scale with demand."

"Ofcom attributes the resiliency shown by broadband providers to their ability to scale with demand."

I'd have thought it's more down to daytime not being the normal peak for domestic ISPs; no need to scale (much) if capacity is already (mostly) there.

Fancy some post-weekend reading? How's this for a potboiler: The source code for UK, Australia's coronavirus contact-tracing apps

really_adf

I am sceptical that it has to have location permissions granted to use bluetooth.

https://developer.android.com/guide/topics/connectivity/bluetooth#Permissions

'Optional' is the new 'Full' in Windows 10: Microsoft mucks about with diagnostic slurpage levels for Fast Ring Insiders

really_adf

Re: How can "Diagnostic Data Off" and "Required Diagnostic Data" coexist?

Or is this like saying if you go out for dinner tonight, it's required that you dress a certain way—but you can still choose to stay at home instead?

I think that's basically the logic. I can see some sense in the wording by reading it from Microsoft's perspective, but surely the wording should have been chosen for the users' perspective. For example, "required" is the minimum required for any useful diagnostics.

I think off/minimum/full would be the most clear (to the user) options for the implied result of the choice. Whether the actual result matches this (ie whether "off" really means "off", as you mentioned) is a different matter.

Amazon staffer based just a stone's throw away from Seattle HQ tests positive for COVID-19 coronavirus

really_adf

Re: Doesn't check out

No, I don't think this virus is really as scary as people make it, the main problems are that it seems to spread easier and quicker than an influenza and that there is no vaccine.

...

Mortality seems to be comparable, so maybe we are overreacting a tad?

More infectious and no vaccine with the same mortality means more people dying, no?

Dual screens, fast updates, no registry cruft and security in mind: Microsoft gives devs the lowdown on Windows 10X

really_adf

Microsoft; you need to learn what legacy means before you can even think about improving Windows.

I think Microsoft know full well what legacy means, this is just the (wishful) thinking of one part of the organisation that is at odds with other parts, those being more in touch with reality.

Is it a make-up mirror? Is it a tiny frisbee? No, it's the bonkers Cyrcle Phone, with its TWO headphone jacks

really_adf

Re: On the plus side...

The snap had been shot by my wife on her smartphone (Ugh) so it was in 3:2 format (re-ugh). I took care to re-frame it properly and change it to the proper 4:3 format for photographs, only to have the millenial shopkeeper tell me that she'd have to crop it as it was not in a standard format.

"Proper photographs" - that is, on 35mm film - are 3:2 (https://en.m.wikipedia.org/wiki/135_film). Hence 6x4 (inch) prints.

Who loves Brexit? Irish distributors ... after their sales jump by a third

really_adf

Re: Insurance

It’s very rare insurance predictions are wrong.

Natural selection: insurance companies making bad predictions die?

Physicists are rather giddy after creating a rare type of laser using laughing gas

really_adf

Re: Radar

Much more than twice the range, surely: reflection won't be perfect, and a "useful" return signal will be stronger than the minimum detectable.

Complete with keyboard and actual, literal, 'physical' escape key: Apple emits new 16" $2.4k+ MacBook Pro

really_adf

Re: Selective deafness

Most people who buy a computer (laptop or desktop) for work don't care so much about looks.

I'm not sure about "most"; I think it depends on whether you want to actually do work on it or because you are a superficial twat, eg many in sales, marketing and management.

Google warns devs as it tightens Chrome cookie security: Stuff will break if you're not clued up

really_adf

Re: Finger Printing and The DMCA

If corporations can have a law that prevents circumvention of the what they do to protect their data (DMCA), then why can't we have one to prevent circumvention of tracking and privacy tools/controls that we use to protect our data?

That's a very clear way to put it, and I can't see a reasonable argument against it. Have an upvote.

We read the Brexit copyright notices so you don't have to… No more IP freely, ta very much

really_adf

So that’s the end of cross-EU mobile roaming, then. Why would companies pay for this when they can pass the costs on to the customer?

The obvious answer is because none of them want to be the first company to start charging for EU roaming.

We're going deeper Underground: Vulture clicks claws over London's hidden tracks

really_adf

Re: Why obsolete?

According to the totally reliable Wikipedia it was five times more expensive to operate than on road vehicles (disputed by the Communications Workers Union who said it was only three times as expensive).

Could be viewed as: road vehicles should be three/five times as expensive as they are...

Sudo? More like Su-doh: There's a fun bug that gives restricted sudoers root access (if your config is non-standard)

really_adf

Re: As a ex sys-admin....

You should be able to assign administration accounts only the rights actually needed in a "JEA security" type model.

Err, that is literally exactly what sudo does (bugs aside). Its configuration says which users can do which things as which users. Such as "members of this (administrative) group may stop/start this service".

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they're typed over the network

really_adf

Why is SSH (as a protocol) singled out here?

Because it's by far the most likely way to access a machine with an application warranting the vulnerable infrastructure requirements?

Cu in Hell: Thousands internetless after copper thieves pinch 500m of cable in Cambridgeshire

really_adf

Re: A simple (but costly) answer

If 1km is worth 20k

At a guess: it's not 500m of cable = £10k, but a 500m stretch of (say) 10x 100-cable bundles = 500km of cable = £10k.

Allowlist, not whitelist. Blocklist, not blacklist. Goodbye, wtf. Microsoft scans Chromium code, lops off offensive words

really_adf

Re: This is stupid

I'm surprised not to have seen mention of Android's Log.wtf(), "Report a condition that should never happen."

They say piracy killed the Amiga. Know what else it's killing? Malware sales. Awww, diddums

really_adf

Re: This reminds me on Son May

Throatwarbler Mangrove: "... fundamentally, it's hard to work up the same level of outrage about "software piracy" as it is to do so about stealing food."

This, along with some other things you wrote, did make me wonder about any differences in society's views of "piracy" between software, music and video.

I think, of the three, music may be seen as more "personal" as opposed to "corporate" and therefore somehow closer to stealing food, although I have no basis for that.

It's so hot, UK needs to start naming heatwaves like we do when it's a bit windy – climate boffins

really_adf

Re: Shameless plug.

Downstairs is a bit more difficult

Huh?

Scientist, war hero and gay icon Alan Turing is new face of the £50 note

really_adf

I think I've only had one or two fifty quid notes in my possession ever

Same. Not so surprising when the current note was introduced, but seems strange when the inflation-adjusted value of a (rare) £50 note now must be similar to a (common) £20 note then.

Train maker's coder goes loco, choo-choo-chooses to flee to China with top-secret code – allegedly

really_adf

Re: "Which hasn't struck me as particularly advanced either"

And mixing passenger and goods traffic on the same lines is much more common. Which makes for a lot of specific rules in the signalling logic if you don't want to treat every train as the slowest heaviest goods train that line might carry.

Can you elaborate? It looks to me in the UK like passenger trains may have a higher speed limit, presumably if their braking is good enough, with the default limit presumably being for the heaviest goods train (both presumably for trains with the worst brakes in the worst conditions, plus margin). No need for special signalling logic in this case.

Mixed speed traffic is very obviously a headache for timetabling though, same as stopping vs non-stop passenger trains of the same type.

Metropolitan Police's facial recognition tech not only crap, but also of dubious legality – report

really_adf

Re: Help with "Innovative Solutions"

"Surely what matters with such cameras is what they do with the information."

Absolutely, but in general people seem to trust what computers say more than I think they should.

Yes, facial recognition may have prevented the tragedy in Stockwell, but the concern due to the above is how to ensure it doesn't end up causing more such tragedies because "computer says he's armed and dangerous".

Unfortunately, I fear the answer will come too late for some, but research like that reported here offers some hope that fear will not be realised.

Mmm, instant Java: Visual Studio Code 1.36 brings tasty updates – unless you run 32-bit Linux

really_adf

Indent guides

"Indent guides, vertical lines which connect items of equal indentation, are now optionally available in tree views such as those in the File Explorer."

So, more like they used to be (on Windows at least)? Maybe those GUI designers of yesteryear had a point after all...

The Eldritch Horror of Date Formatting is visited upon Tesco

really_adf

Re: Dates? Don't talk to me about dates...

... "Oh, it's ok", they eventually exclaimed. "We'll just delete any double-quotes from each line before we process it. And as we asked, you're sending the file with pipe delimiters, so we don't need to worry about escaping commas".

This story resonates with my own experience. Things like this seem to be increasingly common. I've gone past getting mad, now it just makes me sad...

Oblivious 'influencers' work on 3.6-roentgen tans in Chernobyl after realising TV show based on real nuclear TITSUP

really_adf

Re: iPhone?

Q. How do you know if somebody is a vegan.

A. They tell everyone.

Better, I think:

A. Don't worry, they'll tell you.

Have I Been S0ld? Troy Hunt's security website is up for acquisition

really_adf

Re: MFA

All of the MFA implementations I've seen so far are much less convenient than passwords and/or require information disclosure to unsavory companies.

All security is a trade-off with convenience. (Wouldn't it be more convenient if you just had your user name, with no password to remember?)

From a convenience/handing over data perspective, I've used:

- Mobile app notification: minimal inconvenience, who knows about data (though not an inherent issue)

- Phone call: slightly more inconvenient than an app for most, but you need to hand over your telephone number.

- SMS OTP: probably slightly more inconvenient than a phone call in most cases; again, you need to hand over your number.

- TOTP/HOTP and similar (RSA SecurID springs to mind): like SMS OTP except no data.

The only other option I'm aware of (am I missing any?), and looks very interesting to me, is U2F. This keeps the "no data" aspect of TOTP etc, while reducing inconvenience to be similar to a mobile app. From a security perspective, it also allows a lot of potential weaknesses affecting the above to be avoided.

Amazon Alexa: 'Pre-wakeword' patent application suggests plans to process more of your speech

really_adf

Re: How is this patentable?

I really hope the buffering isn't patentable. The technique for identifying the start of the sentence containing the wakeword could be novel.

Bad news from science land: Fast-charging li-ion batteries may be quick to top up, but they're also quick to die

really_adf

Re: Scanning...

It's worth noting that the average reader of the Register would probably enjoy a visit to the Diamond Light Source

I have been there, and concur. An astonishing amount of infrastructure around the (comparatively small) storage ring, yet minute compared to (eg) the LHC... (I know DLS and LHC have other differences apart from size.)

Let's see. Translation, facial recognition, running people over... What else can AI do? Ah yes, predict planet mass

really_adf

Humans, and I expect other animals too, seen to develop an innate ability to "solve" some mathematical problems apparently quite efficiently, eg predicting where a ball can be caught. Are there cases where this is effectively solving differential equations? (I don't think the example I gave is, but happy to be corrected.)

If so, does this kind of ability bear any resemblance to the machine learning in this article (or vice versa if you prefer)?

Boeing... Boeing... Gone: Canada, America finally ground 737 Max jets as they await anti-death-crash software patches

really_adf

Re: More of this to come

Red Ted: "In the automotive world the deaths happen in ones and twos, in aviation when something goes wrong [a plane-full may die]"

True of course, but aren't overall numbers higher for roads? And there have been high profile safety issues in the past, perhaps causing some deaths and many "lucky escapes", so similar issues seem likely to be picked up.

eldakka: "Not to mention that if you feel something is wrong with your car, bus, truck, you can just pull over to the side of the road and stop."

Again true, but in general, drivers are far less trained to deal with such situations; for some problems, probably less likely to realise until it's too late, and in some others, less able to react correctly to avert disaster.

F5 Networks buys into open source, hands over $670m for Nginx! Double Nginx! Infinity Nginx!

really_adf

Sometimes in English we use silent letters.

If you pretend the N is a silent letter, you get Jinx

Not sure about a silent N at the start of an English word. Between that and the fact "engine X" is so embedded in my brain, I'm not surprised I didn't get it, so thanks for that.

Although as the old adage goes, if you have to explain a joke, it isn't funny :).

really_adf

I'm definitely missing something with the headline. How is nginx supposed to be (mis)pronounced for it to make any sense?

Radio gaga: Techies fear EU directive to stop RF device tinkering will do more harm than good

really_adf

Re: What's the problem....

"None of which has anything whatsoever to do with this article, which is about regulations covering interference."

I disagree that it's unrelated. Playing devil's advocate, the argument I see from a few comments (but not sure I agree with) is that if there was regulation that ensured better security and support by manufacturers of devices with radios, then there would be less need for the custom firmware that the regulation in this article would prohibit, ie that regulation would be less of a problem.

"A smart heater should be exactly the same - no matter what clever stuff it does to decide when and how to heat up, it should be physically impossible to actually be dangerous no matter how the instructions are modified."

This amounts to saying that the hardware should be designed to prevent the problem. I agree, but this seems impossible for software defined radio.

How to make people sit up and use 2-factor auth: Show 'em a vid reusing a toothbrush to scrub a toilet – then compare it to password reuse

really_adf

Re: The elephant in the room

Thereby, how many tokens/application/etc we should carry around? Do some of those devices allow for different "identities" to avoid tracking?

I think this is the intention, if not a requirement. See the first paragraph here: https://www.w3.org/TR/webauthn/#intro

UK tech has a month left to bare gender pay gaps, but less than a fifth of firms have ponied up

really_adf

Re: Like for like figures please

The all-employee median pay gap has little meaning...

Oh, I think it has meaning, just not necessarily the meaning people will ascribe to it.

really_adf

Re: This is the "pay gap" that ignores the job title right?

Does it ignore the board, executive officers, etc. of those who rake in the most cash?

There's nothing I can see to suggest it does.

Since those groups are the highest paid, it would skew the numbers somewhat.

Because executives are so few in number, even if they are all the same gender, using median instead of mean means executive pay does not affect the result (if you assume it does not affect other people's pay).

Techie in need of a doorstop picks up 'chunk of metal' – only to find out it's rather pricey

really_adf

Re: Have you ever heard a story about something you did told second-hand?

It's when you go searching on Google for a solution to a problem, and find the solution that you posted yourself six months earlier, that you know your brain is not what it once was...

In my case it was a few years rather than six months. Maybe more understandable, but I didn't even recognise my own writing and it was some time before I realised...

Oxford University reportedly turns off its Huawei money tap

really_adf

Re: FYI

"Pcaps or it didn't happen"

Excuse me, sir. You can't store your things there. Those 7 gigabytes are reserved for Windows 10

really_adf

Re: Progress?

I remember the Archimedes 420 with a whole 4MEG ram and 20MEG hard drive.

I may be misremembering but I think the A420 was 2MB RAM and the A440 had 4MB.

The OS was in ROM though; 512KB for RISC OS 2, including CLI, GUI, and even a BASIC interpreter and ARM assembler.

The ROM jumped to 2MB in RISC OS 3, but that included the above plus several applications. Among them were a text editor (Edit), and bitmap (Paint) and vector (Draw) graphics.

(All IIRC.)

You were told to clean up our systems, not delete 8,000 crucial files

really_adf

Re: "by your implication, unix doesn't need any /tmp directories..."

why does unix require temporary directories to hold temporary files?

Apart from supporting cases where persistence beyond that last reference closing is desirable, it lets root control where the data are able to be (temporarily) stored through mountpoints and directory permissions (you must be able to create a file).

2018 ain't done yet... Amazon sent Alexa recordings of man and girlfriend to stranger

really_adf

What possible kind of 'human error'?

I'm confused, what possible kind of 'human error' could see the audio recordings of one Alexa, which I assume was working perfectly for the gentleman who owned it and therefore must have been integrated with his own account, delivered to a completely different account owner?

Occam's razor suggests to me:

1. Find Alexa ID(s) for requester from "account information" tool.

2. (Mis)type ID into "get recordings" tool.

London's Gatwick airport suspends all flights after 'multiple' reports of drones

really_adf

Re: It's Probably Just As Well It Wasn't The Airport In Essex.

Surely just "Standstill at Stansted"

You better watch out, you better not cry. Better not pout, I'm telling you why: SQLite vuln fixes are coming to town

really_adf

A gold standard

"SQLite was considered a gold standard in terms of secure coding"

Well, given that "Microsoft patched 16 such remote code execution flaws in IE, Edge, and Office less than a week ago" I don't see much damage to that view.

Ticketmaster tells customer it's not at fault for site's Magecart malware pwnage

really_adf

Re: Offsite scripts GAH!

"Firefox can't establish a connection to the server at wss://127.0.0.1:5900/"

IIRC there was an article here a while back that may explain this: part of tests to see if your computer/whatever looks like it has been compromised (VNC in this case.)

Can't find it now but a web search on that URL looks like it might explain more...

Kubernetes caretaker auditions for Hoarders; takes in another open source project

really_adf

Re: Why would anyone want to use any of this?

Like anything "new" it's almost a given that these things are being used, and certainly pushed, where (traditional) alternatives would be better, but as a partial answer: microservices can be used to support scaling; implementing them using Docker containers means you can scale quickly, and if using containers at scale, you need something like Kubernetes to manage it.

I'm yet to be convinced problems in my domain would be useful to build as microservices. I find Docker is useful for some things though.

DeepMind quits playing games with AI, ups the protein stakes with machine-learning code

really_adf

Re: It's good somebody's doing this

Because it's not like it's ever been done before.

Err, [email protected] is mentioned (and linked) in the article.

But on that subject, I'd be very interested in some more detailed analysis of how the approaches compare, if the task is as comparable as it sounds. There are hints in this article that it's good (winning the competition) and also bad (accuracy).

Check your repos... Crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week)

really_adf

Re: Javascript

... unspecified malware can be introduced through a repo the developer has no control over? Absolutely reasonable. It has happened multiple times so it must now be considered a known risk and you should have mitigations in place.

I think that's the point of version pinning mentioned in the article. This should force a change to a dependency to require manual intervention, thereby providing an opportunity for the change to be assessed to the desired level of detail.

But it's inherently manual so, in many cases, it won't be done at all, and in some, things will be missed.

LastPass? More like lost pass. Or where the fsck has it gone pass. Five-hour outage drives netizens bonkers

really_adf

Re: Another Day ...

I would be curious to see some actual numbers as to the the availability of typical in-house systems vs cloud based systems. In my, admittedly limited, experience with small businesses I am seeing less downtime with cloud based solutions than in-house ones.

I would also be curious. I also have limited experience but the main observation I would make is that when it's your own systems, you get to choose when you do the risky things that, sometimes, you will get wrong and cause issues for users. That choice can virtually eliminate, or at least mitigate, the impact when things don't go to plan.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020