* Posts by regregular

70 publicly visible posts • joined 1 Mar 2017


French pensioner ejected from fighter jet after accidentally grabbing bang seat* handle


Re: Double ejection

Indeed. Yet, it could be worse. A 1991 incident saw an ejection seat failure and the navigator stuck half inside half outside the aircraft with the parachute wrapped around the tail end of the plane.


"As the plane slowly decelerated, Baden looked up to see rest of Gallagher’s body buffeting in the wind. The navigator’s head snapped about he appeared unable to breathe. [...] Gallagher’s face was distorted with the force of the wind. His cheeks and eyes were bulging. His neck strained dreadfully with the attempt to stay with the plane. At his belly were the razor-sharp, jagged edges of the Plexiglas threatening to pierce his body.

Full Account w/ images:


Remember that Sonos speaker you bought a few years back that works perfectly? It's about to be screwed for... reasons


In other news, a US company just bricked their digital scales:


This flick-of-the-switch bricking needs to be regulated. Better yet, build a Internet-of-Stuff ecosystem that talks to a local hub first and foremost, a device that is owner-controlled and ensures that the gadget works until it croaks on its own (read: by means of normal planned obsolescence).

Boeing aircraft sales slump to historic lows after 737 Max annus horribilis


Not surprised. Friend of mine works in a dying biz... brick and mortar travel agency. Mostly customers of settled age that don't trust booking through this newfangled interweb thing.

She says customers have started inquiring what planes the trip is using. And once a Boeing is mentioned, even a reputable model like the 777 they start asking for different flight routes or abandon the destination for something different.

Elon Musk gets thumbs up from jury for use of 'pedo guy' in cave diver defamation lawsuit


Re: Surprised

The decision was in the hands of 12 people who were too dumb or lazy to find a way out of jury duty.

City-obliterating asteroid screamed past Earth the other night – and boffins only clocked it just 26 hours beforehand


Re: Nominative determinism?

Asteroid 2020 OMG/WTF would worry me.

Oh no, Twitter's gone down. How can we get the word out? Ah yeah, that's right. We have a website that works


I wonder if there are "post-outage" baby booms among millenials.

Ikea hopes to spare shoppers the one-way Helvete of its stores with ÅR app overhaul



Leftover screws. As if. The missing screws are those that do you in...

If you hear podcasting star Joe Rogan say something dumb, it may not be his fault – an AI has cloned his voice


It is slightly uncanny, but I believe it is a kind of "you knew before, so you were concentrating on the bits that sound off".

If this had been clipped into his regular podcast right after the commercials and before the guest intro I would not have batted an eye This tech is getting scary good.

Also, chimps vs humans in hockey sounds like an incredible idea and is no less stupid that WWE or cage fights. I'd watch the shit out of that.

What a meth: Elderly Melbourne couple sign for 20kg shipment of drugs, say cops


Man, turning in drugs to the fuzz is the real drug abuse.


We regret to inform you the massive asteroid NASA's all excited about probably won't hit Earth


Re: The stupids have started already

Religion is stupid?

>Jehovahs Witness voice>

Do you have a few minutes to spare? I'd like to come in and tell you about our savior, the flying spaghetti monster... >/Jehovahs Witness voice>

The peelable, foldable phone has become the great white whale of tech


They want their pholdable phablet phones back?

They will be thrilled to receive the one iFixit has torn down I guess...


Someone's spreading an MBR-trashing copy of the Christchurch killer's 'manifesto' – and we're OK with this, maybe?


Finding that PDF is literally one google search away.

Yes, there are some "dead" links here and there, suggesting some pressure on hosters or publishers for takedown.

But it is not exactly like NZ has a world-government like reach.

I helped catch Silk Road boss Ross Ulbricht: Undercover agent tells all


Re: Just starting to read and..

>> just take a minute to think about the full horror of that sentence

Am I the only one that thinks life in the slammer somehow sounds worse than death penalty? Maybe it is one of these things where you change perspective once it affects you, but I'd rather be dead than spend 50 or 60 years in the US prison system.

>> What he did was bypass the government's monopoly on deciding what we, as adults, can and can't do

That was strike one, but I would think they were equally scared about someone attacking the dollar, the only legal tender that almost universally works around the globe. A lot at stake there, and for many of the people involved back then Bitcoin and Silk Road were probably synonymous.


OpSec is hard. We are creatures of habit.

Well that's just spliffing: UK Amazon merchants peddling Mary Jane


>> no its still a controlled substance in the UK CBD and THC both are present in weed buds.

Presence in buds does not make something an illegal substance. Else Chlorophyll would be illegal as well. It is the other way around - buds are illegal because they contain the banned THC.

CBD is legal in the UK by now, if sold as a food supplement. Currently, CBD oil in the UK can only have a maximum THC content of 0.2%. Any CBD oil with a higher THC content remains to be illegal and use is prohibited.

Cops called after pair enter Canadian home and give it a good clean


Re: anti-crime


I like it. This should be done in the digital realm.

Find those unpatched plastic routers with known vulnerabilities on the internet, gain access and update the damn firmware.

Bug bounty alert: Musk lets pro hackers torpedo Tesla firmware risk free


It looks good on the surface, but it seems to be a shoddy compromise for PR looks mainly.

So, you can enroll IF you happen to have a Tesla and are a known security researcher. Put that into a Venn diagram and how many people does it leave you with?

And they will do OTA or reasonable actions at a service center, if deemed appropriate. That is such a dirty weasel-clause. To me it reads: If we can't OTA it, you're free to tow your car to the service center at your own cost. If you shoot out the control unit beyond what the Tesla diagnostic service computers can deal with you're on your own. If you genuinely brick the device beyond physical repair you're on your own.

How about: we will OTA or attempt to service the control units for anyone who requests it, even hobbyists. If you are a vetted researcher you can be assured to receive a replacement control unit if necessary and you are eligible to receive a set of control units to work them over in a proper bench setup at your hearts content, without freezing your gonads off in the cold garage.

That would be a worthy recognition of free security research.

Why Google won't break a sweat about EU ruling


Re: Look at all those wonderful alternatives insight.....Oh wait

Devils in the details of licensing. If Sony made a single device that had Android minus Google Suite they would not get licenses for the Google Suite for ANY other phones (and possible would break existing licensing on other phones WITH the Suite).

Any manufacturer with just one "free Android" phone in the lineup will be denied the Google Suite for all devices. And as we have seen, a phone / tablet without an App Store is quite useless to the general public (and it is called Fire).


The ruling doesn't attack Android in itself, nor does it "demand" the mother of all fork fragmentations.

It ciriticized a few points, changing those is very much in the realm of the possible.

a) Google as the default search provider.

b) Chrome as the default browser.

Both have no easy, well integrated ways of being switched for, say Opera and Bing or Firefox and DuckDuckGo. The EU took the very same offense with Microsoft, ruling that the deep integration of Internet Explorer sucks and consumers should have an easier choice of browser. Mind you, that was when getting rid of the "IE standard browser designation" required regedit.

The ciriticism of the app store integration is indeed flimsy, I guess they thought three is better than two and didn't think the implications of that through (patching vulnerabilties in system components makes the device safer, etc)

What can $10 stretch to these days? Lunch... or access to international airport security systems


The more I find out about the management of important and critical infrastructure, the more I get interested in building an off-the-grid house and taking up hunting.

The Notch contagion is spreading slower than phone experts thought


Re: Charge by wire

Even wireless charging requires a wire for the section between the power source and the wireless "base station" thingamajig you rest the phone on.

They could extrapolate their proprietary bullshit dollars from those things just as well. Deliver the wireless cake, and eat your bucks, as it were.

IBM bans all removable storage, for all staff, everywhere


"UPDATE: Since publishing this story we've heard whispers that IBM has taken note of staff objections to the removable storage ban, especially when doing software updates, and is considering making a few exemptions."

I can totally see IBM sysadmins lugging around a USB stick epoxied to a chain, which is attached to a brick in the future.

You know, like those gas station bathroom keys...

OK, deep breath, relax... Let's have a sober look at these 'ere annoying AMD chip security flaws


Re: Closed black box firmware

...an analyst who has already been implicated of market manipulation.



Also worth of note:

The company Viceroy Research has just recently been implicated in attempted stock market manipulation by german stock market / banking authority BAFIN (similar to US SEC).


This is very dodgy.

Germany says NEIN to purchase incentive for Tesla Model S


As soon as electric, german high-end sedans and SUVs trickle out of the manufacturers pipelines that price cap will mysteriously vanish, I am quite sure...

Tesla share crash amid Republican bid to kill off electric car tax break


>> yAccording to the article, Georgia had monthly sales of 1400 before cutting their own tax credit. It would only take 32 states with sales like that to hit the 530k figure. Apparently Georgia is fairly big in terms of population and economy so it may be a bit of an outlier, but given there are 50 states in total it's still not an obviously silly figure."

32 states at 1400 does not make it 530k. Still an order of magnitude off.


4bn divided by 7500 gives me a bit over 530k. There are that many electric vehicles sold in the US per year? Or does the same amount apply to hybrids?

Stealthy storage startup wants to fly read-write heads closer to disks



To my knowledge the head is not even actively positioned, but merely floats on a tiny cushion of air turbulence generated by the spinning disk. Also, a fingerprint on a disk surface would be twice as high in profile as the distance between head and platter. Any of those information tidbits wrong?

With active positioning you'd have to create a head capable of "sailing" undistrubed inside those turbulences, instead of being lifted above them.

Closing this gap even further in a mechanical device seems to be asking for trouble.

Australians still buy 100,000 feature phones a quarter



30k - 35k drug dealers nationwide that toss their phone about once a month?

Elderly people who keep losing or breaking them?

VW engineer sent to the clink for three years for emissions-busting code


Not that clever. It is literally reading one sensor - steering angle. If that remains stationary the jig is up. Supposedly some other parameters are checked for verification but that's it. No magic done.

San Franciscans unite to smite alt-right with minefield of doggy shite


Interesting point brought up... I too remember dog shit turning white over time from back when. It doesn't seem to do that anymore, at least I don't see it anymore (and I have a dog and walk him where other dogs roam, so I see a good share of aging turds).

What's up with that? Have there been any changes in composition of dog food or something?

10 minutes of silence storms iTunes charts thanks to awful Apple UI


Re: Not the first time... won't be the last...

So, like listening to vinylcrackle.mp3

A glimpse of life under President Zuckerberg? Facebook CEO's boffins censor awkward Q&A


So, if /r/science has such a very strict policy, and I support their right to do so and enforce it, should they not rename AMA to AMA(sti)* or something? It IS kinda misleading...

* Ask Me Anything (sciencey, that is)

An 'AI' that can diagnose schizophrenia from a brain scan – here's how it works (or doesn't)


Re: the elephant in the room

1. I have nowhere seen an indication that the falses were all false positives. They might as well have been all false negatives, although a split into false pos and negs is the more likely variant. Assuming a 50:50 split between pos and neg it would give a false positive to 12 percent. And it would "miss" the other 12 percent.

2. You're sort of assuming that this kind of brain scan is going to be mandatory for everyone. I doubt that anyone advocates this kind of method becoming even a routing screening in hospitals. It is just another diagnostical tool to be usedby medical professionals.

Las Vegas locks down ahead of DEF CON hacking conference


Maybe UPS has a smart tech guy who set up an machine with TAILS or a similar live read-only OS. Box is connected just to the Internet for fetching those mails with attachments and prints to a printer hooked up bia USB. No connection tomrest of machines / printers. If something b0rks salvation is just a reboot away.

That would probably the smartest solution. Apart from just placing a cheap Staples printer on the counter and telling DefConites to install drivers and just connect to their own machine.

Microsoft hits new low: Threatens to axe classic Paint from Windows 10


Re: Are you folks nuts or just whiners?

>> Is there anything Microsoft can do that you will applaud?

Yes, full source code release.

>> WTF do you guys want?

See above.


Will we see a Paint successor, maybe called OnePaint or CloudPaint, in which the ToS fine print states that everything created/modified with the tool automatically surrenders all copyrights to Microsoft?


Re: The end

Using Snipping Tool saves a few steps out of this even.

Yet seeing paint go sucks.

Human-free robo-cars on Washington streets after governor said the software is 'foolproof'


Foolproof. Indestructible. Unsinkable.

Cue Titanic jokes.

NASA brainboxes work on algorithms for 'safe' self-flying aircraft


I wonder how this will work in terms of "acceptance of the public". Sitting in a semi-autonomous car is already very bewildering, but you have the pedals and steering wheel right in front of you and you know what to do.

Now, with your butt planted in seat G02 and the plane taxiing to the runway, how many Xanax does it take to keep you calm?

Sons of IoT: Bikers hack Jeeps in auto theft spree


Re: Nothing to hide

Yep. Back when Europe had borders and expensive cars used to vanish towards the east of Europe it was supposed to be an easy way to verify whether VIN was registered as stolen.


Re: Not IoT related, just bad security

This is not 100% correct. I think your procedure applies only if all keys known to the vehicle computer are lost.

If you just lose one, you can order a replacement, it will arrive mechanically precut at dealership, and then the local dealer can use his diagnostic device to program the new keyfob into the vehicle. Procedure simplified:

1. Diagnostic device communicates to BMW central servers to get auth/leave audit trail

2. At least one keyfob known to vehicle has to be present for "authentication"

3. New keyfob is registered

4. Lost or broken keyfob is removed from pool

Unfortunately, BMW fucked it up majorly, and you can steal even the recent ones by using a handheld aftermarket piece of kit and generic transponder. Somewhere in the procedure is a way to bypass the "known keyfob present" requirement. IIRC from the tech analysis it had to do with shitty crypto implementation. It is possible to just a third key into the pool, bypassing the theoretically quite clever system.

There's youtube videos that show pros pulling that off, evidently on some models the interior motion sensors are too narrow, and you can smash a window, wiggle you arm to the diagnostic port without triggering the alarm, connect the handheld device, scramble the new key into the pool. Then you click the fob and off you go.


Re: Alarms

>> On most "modern" cars (15 years +) which are designed to be used with a remote key fob for unlocking, the alarm will be activated if you use the mechanical key to unlock the doors. To silence the alarm you then have to insert a registered/paired key into the ignition switch pdq.

Define "most", plesae. Most "modern american" cars? Because this does not hold true for ANY of the modern cars I have owned / driven in the past and had the need/curiosity of opening mechanically. That includes a 2006 Alfa Romeo, a 2003 VW, a 2012 BMW, a circa 2010 Audi A6. There is a trigger switch in the door lock assembly that will immediately trigger the alarm if you try to turn the lock brute force or if you try to pull the core out. But using a properly cut key to turn the lock without force has not set off the alarm on any vehicle I have ever seen (here in Europe). It in fact not only doesn't trigger the alarm (because door is opened) but it disables the "movement detection" sensor in the interior on all examples.

>> It actually makes sound logical design sense, as a mechanical brute force on the lock, or a forged key will trigger the alarm.

You are talking about two different things. Brute force (screwdriver) will sound alarm. A forged key is indistinguishable from a real one as far as the mechanical doorlock assembly is concerned. If the cut is right it fits.

The opposite is correct, if you have the legitimate key, but the keyfob lock/unlock is broken it would essentially mean the car cannot be used if it was indeed wired / setup like this. You could open the door with the mech key but the alarm would be blaring for no good reason at all.

You have to allow for complete failure of the keyfob electronics (dead battery, broken electronics) or you will have pissed customers swearing on $DEITY that they will never again buy a car from $BRAND. That is why the mechanical key is still part of the fobs. And the transponder for immobilizer is separate from the keyfob electronics and will allow starting of the vehicle so customer can haul himself home and replace battery or buy an overpriced replacement fob from dealership (and on being quoted the price he will then swear to $DEITY to never again...)


>> Seriously, where do you think the battery is, does that need another door to protect that?

It can go pretty much anywhere. And the article was not talking about unhooking the battery (which proper brands defend against by powering the alarm circuits with a small emergency power source NOT accessible from engine bay), but unhooking the alarm system. Because with the battery cut off you can't very well use the diagnostic port to register the duplicate key, can you, genius?

>> What if the alarm system box is in the cabin? What then? Is there a place on a car, or a device that will thwart someone armed with manufacturer knowledge and devices, AND a properly fitted key?

No, which is exactly my point, yound padawan. With a fitted key all bets are off anyway and it makes no sense that someone (allegedly) had to disarm some alarm system. So either there is shoddy reporting on the side of the DoJ that describe modus operandi wrong or some serious engineering idiocy.

>> All they needed to do was disable the primary alarm,

>> yes they needed to disable the alarm, THEN they needed to pwn the engine electronics security.

No, they SHOULD not need to do that. With a proper key the alarm should not go off. If your keyfob is out of juice or defective, opening the door mechanically with the cut key should not set off an alarm.

>> And so what. What if they just smashed and grabbed the car and hot wired it? Same thing,

Not really. That should set off the alarm. Just like tilting / rocking the car (think pulling/lifting onto trailer).

>> I say they did a fair job and a novel process. And nothing of value was lost!

I don't disagree, especially with "nothing of value" part. Because if the car is really engineered to bother it's customers with the alarm just because they dare to use a properly cut mechanical key I'd say good riddance. But, in reality, probably not even Mexicans would take possession of such shoddy lunacy, except for disassembling... oh wait, there you go.

>> Take the most advanced car and security; it can be thwarted with knowledge of the system, and that you can get to the vehicle and physically pwn it.

Without a doubt. But in this particular case, the not so uncommon case of a dead/defective keyfob would supposedly trigger the alarm even for the legitimate user. I mean, by including the cut key with the keyfob the manufacturer basically allows for this case. He says, well if you drop in a puddle, accidentally fire it from a spud gun or whatever, use the mech key, the transponder will disable the immobilizer even without power, well you're good to go. But if the DoJ is right Jeep thought differently, and I want to know who's the idiot here.

>> Duh. I've yet to see a car that can't be broken into. Do let Detroit know of your special knowledge, I'm sure they will hire you straight away! :P

Broken into will always work on a metal can with a huge amount of surface glass. And unfortunately driving away is also easy, even with high end brands. Because those idiots do not use proper protocols. It would be easy enough to thwart the "open the can and use diag interface to register new key then driva away" approach.


>> The DoJ believes that, armed with the duplicate key, a thief popped the hood of the car to disable most of the alarm system and open the door.

1. Really? If the alarm system wiring / fuse box is easily accessible through a popped hood that is a serious design flaw.

2. Why would you even need to bother? If you legitimately open the door by mechanically unlocking the door lock the alarm should not go off. If it did it would be another design flaw and defy logic.

Are Jeep vehicles really wired that idiotically?

So, you're 'ISO 27001 accredited', huh? Just saying so doesn't cut it


Re: Can be misleading

I am fully aware of the scope and requirement for the ISO9k family and have spent a good bit of time watching companies implement those a few decades ago (as a bystander, but still).

The problem is how ISO is represented. You are very likely a techie, or at least someone who looks behind shiny things to figure out how they work. Don't make the mistake of assuming that for everyone. There are far too many people who don't go that mile. Many of those wash up in management. ISO9k was rep'ed as "Quality Management Norm". That is the very problem. You can read it as "a norm to manage quality". As in "ensure quality".

That is FUD deliberately thrown into the eyes of decision-makers.

Eric S. Raymond says you probably fit one of eight tech archetypes


Re: Attempting to pigeonhole people has a major issue.


"You need about 16 starved pigs..."

BMW chief: Big auto will stay in the driving seat with autonomous cars


Re: Well...

<blockquote>Of course, (some of) the traditional car makers will survive. We've seen this before. Kodak may have destroyed itself but the line up of major camera brands today would be largely recognisable to someone from 50 years ago.</blockquote>

Well... Next to manufacturers of old (Nikon, Canon) you will find brands you never expected to make a car (Sony, Panasonic) and an absence of respected brands gone under... (i.e. Minolta, Konica). So yeah, it might be "largely" recognizable, but that 50 year time traveller might just wonder what the heck happened and how those reputed brands could have missed the turning of the tide.


Re: Well...

<blockquote>The big brands are not unaware of this shift at all, [...] the car business is far more diverse, and doesn't gravitate to one pole the way IT does. [...] If there's something you're not considering, I think it's how the average customer will treat autonomy. For personal transport, it's not a product category, but rather a feature. An important feature, but a feature nonetheless, and one that may not be too desirable outside of the unique traffic environment of the mass-transit-starved SF Bay.</blockquote>

It's true, the demands put towards a car are very diverse and change from region to region and between each customer. I can only regard trends I see developing here in Germany, and the trend here is towards not owning a car anymore at all. Many urbanites these days just register with a car-sharing service and pick up a car somewhere in the neighborhood when they need one. This is of course vastly different in the US where public transport is not as developed and where usually longer distances are involved. But with that generation autonomous driving seems to be very popular, because despite needing a car every now and then they are not keen on driving. And of course they are not at all brand-loyal, excited by horses or torque or in need of color-matched contrast stitched leather seats or legendary panel gaps. They don't own the car, they just happen to drive it whereever and want it to be as simple as possible. Autonomy is an important feature, while many of the other features that make the brand identity of certain manufacturers are losing importance very, very fast.

<blockquote>You drive a BMW. BMW does not make its own transmissions. [...] Similarly, everything in the interior of your car is made not by BMW, but by other companies: Adient (seats), Faurecia (dashboard trim), Magnetti Marelli (switchgear and instrumentation, and external lighting). [...] This is how the car business works. Most "innovative technologies" pioneered by car brands are from third-party suppliers who specialise in these things.</blockquote>

Exactly, thanks for reaffirming this, I brought up those exact points in a previous post in this thread (currently 5th post down from top).

<blockquote>So, let's say BMW wants to make autonomous cars on one side, and Uber/Google/whoever wants to make autonomous cars on the other. Whereas the Silicon Valley people have to source and build everything around their big feature to make a car from it, the likes of BMW simply has to find one of the many autonomous-vehicle companies and strike a deal with them to build that killer feature into a BMW.</blockquote>

Generally, you are right of course. Two points though: this can cut both ways. Silicon Valley cash reserves rival many nations annual GDP. There might just be a buyout of an established but struggling carmaker by the Valley that then starts to churn out the whatever-car. Valley likes to buy turn-key solutions and an established manufacturer will have all the machines, sources, personnel, dealership network and know-how. That is my point, making a car today is not black magic anymore. The autonomy development is, the rest is up for grabs on the market if you have the cash.

Also, if BMW sources the "killer feature" components from a 3rd party, how can they claim that BMW is / will remain in the driving seat regarding autonomous driving in the future. That is a major claim I am in disagreement with.

Also, there is the difference in company liability between the USA and Germany. In a nutshell, before something can be marketed in Europe, you have to conclusively prove that your product works as advertised, is safe and won't cause damage or hurt/maim/kill people. In the USA you essentially have a free-for-all situation where a company can throw a product out, but then if it fails and causes damage or loss of life the lawyers are rubbing their hands. I am not sure how that difference can be squared between a german manufacturer and a US supplier, especially when the determination of safety is so immensely complex. For tires, shocks or other products the determination is easily done in a lab prior to approval.

So, my point remains, I am relatively certain that the major german manufacturers will get seriously sideswiped in the not too distant future by a product with superior autonomous features that they thumbed their noses at before, like the Tesla. And playing the catch-up game on two fronts, electric mobility and autonomous driving might prove impossible and drive them into a tiny niche or bankruptcy. The arrogance displayed by the BMW bloke mentioned in the article is very uncalled for.

<blockquote>If it's "just mechanical engineering", why has Waymo/Google abandoned its grand plans to build autonomous cars, and partnered with Fiat-Chrysler instead? </blockquote>

The last I read about that is that Google does not plan to follow the completely autonomous vehicle without wheels or pedals any further and has shifted that branch of development off towards Waymo. Regarding the Fiat/Chrysler deal, the last bit I read was that Google took delivery of 100 Chrysler vehicles to enlargen their test fleet. This suggest to me that they are not quite there yet, but not exactly giving up either. I am not sure if this qualifies as a partnership. With those ugly LIDAR contraption on the roof of the Chrysler Pacifica vehicles I am very sure that this is not a pre-production prototype but just a technology testbed that could just as well have been delivered by any manufacturer. But maybe I misread that or missed specifics of that deal.