* Posts by Twanky

630 publicly visible posts • joined 17 May 2017

Page:

Oh no, that James Webb Space Telescope snap might actually contain malware

Twanky
Black Helicopters

"By looking at the URL strings we can determine that the binary file was leveraging a DNS data exfiltration technique by sending unique DNS queries to a target C2 DNS server."

So therefore DNS over HTTPs/TLS won't protect you from this. Given that it's trivial to set up a few SOA name servers for temporary domains, the DNS requests can be split across multiple domains and recombined once logged. Requesting unique TXT or other records from your DNS over HTTPS provider will happily pass those requests straight to the malicious/compromised SOA DNS servers.

Intercepting DNS requests by DNS relay servers within the LAN at least allows local logging or filtering of requests to unauthorised domains. DNS/HTTPS bypasses this potential control.

Compound that 'remembers' phase transitions could have uses in computer memory

Twanky

Re: This is the kind of science I love!

I have an unfortunate* habit of keeping nearly every book I buy. I'll have to dig those out of their packing cases from the last time we moved house about 10 years ago.

*She who mustshould be obeyed uses a stronger word than 'unfortunate'.

Nuclear power is the climate superhero too nervous to wear its cape

Twanky
Boffin

You know how dangerous that stuff is? It dissolves more or less everything!

Twanky

Re: Deaths are not the only metric

If you have an alternative that doesn't involve drastic negative changes to our accepted way of life...

To a great extent it does not matter whether the proposed solution involves drastic changes to people's accepted way of life or not. If enough people can be convinced that the changes are 'worth it' then they might go along with it if there's no credible alternative - but how many are 'enough people'?

Any approach which could be expressed as 'if you've got them by the balls, their hearts and minds will follow' is doomed to failure.

People have a long history of fighting over scarce resources. If we don't or can't provide enough energy for the people there will likely be trouble. We've become used to the idea that domestic energy is a 'right' - but too few understand that it's a right that must be in balance with people's other rights.

Twanky
Facepalm

Superheroes

Tsk. You can't see them 'cos they're invisible.

Twanky
Joke

Yes, we should ban chemicals.

(where's Paris when you need her?)

Twanky
Flame

Re: "Of all the non-carbon energy options we have...

...yet to be born generations who will have to live with, and maintain _our_ ...

^This

applies in so many areas of our lives. Deforestation, releasing unsustainable amounts of pollutants burning fossil fuels, not leaving enough fossil hydrocarbons for future needs, driving agriculture into monoculture. The list is long.

Even government financial borrowing to be 'paid back' by future citizens falls into this category. My grand-children's future taxes paying interest on government bonds so we don't have to pay the full current price of the gas we're addicted to.

Twanky
Boffin

Re: Bang On - except the death stats

'...used by the regulators for predicting harm... ...is completely wrong and has no scientific basis...'

If only our regulators (governments and civil service) would make decisions with sound scientific bases - and even re-examine past decisions.

$2.8m gene therapy treatment is America's most expensive drug ever

Twanky

Re: Non-affordable for the non-rich

while not exactly a 'cure' for diabetes, it's extremely easy to prevent

Partly agree: Type 2 should certainly be managed this way while there is some insulin still being produced by the patient. Type 1 is different - especially in the young. Fixing Type 1 would be amazing, but as I say below, I don't think the industry would be interested in a cure. They'd prefer a new expensive treatment for the rest of the patient's (long) life.

Twanky

Re: Non-affordable for the non-rich

What happens when they have a $1 million treatment to cure diabetes

It depends who you mean by 'they'. Academics would love to research it and get their research published. They might even want to benefit humanity by defeating a medical scourge. However, the big pharmaceutical companies would have little to no interest in pursuing any breakthrough; they don't want to cure people. They want to keep treating them year after year. Given that many academics are funded by big industry they won't get funding to research something their paymasters are not interested in.

Australian wasps threaten another passenger plane, with help from COVID-19

Twanky

Re: Maybe it's me being a bit dim

It's not dim to ask a question.

You can't put a mesh over a pitot tube. It's a highly polished tube which uses the Bernoulli effect to measure the difference in airflow between between its tip and across it's surface. If you put a mesh in front of it you won't get a laminar air flow which will make it very unreliable. They mount them pointing forward and ahead of anything which will make turbulence over its surface.

Many years ago I had a vacation job polishing hundreds of the damn things (not aircraft grade) to a 'perfect' finish. My supervisor laughed at my initial attempts and showed me the difference between my efforts and a properly finished pitot at high magnification.

Google tells Apple to 'fix text messaging' in bid to promote RCS protocol

Twanky
Pint

what happened to...

https://www.theregister.com/2018/03/27/open_source_takes_on_facebook/

Pull jet fuel from thin air? We can do that, say scientists

Twanky
Pint

Re: Anyone got any more paper napkins?

Yes,

I can't find (or be bothered to look further) for the reference I found for a 747's fuel consumption. I've just looked and found a very different number of 18,000 gallons in 5 hours. Assuming these are the undersized US gallons that's about 16365924 cc/hr - or approximately 31,256.5393 grapefruits.

Cheers.

Twanky

Anyone got any more paper napkins?

At 15kW they hope to be able to produce Kerosene at 20% efficiency.

Combustion energy of Kerosene is about 36MJ/l

So they need 36*5 = 180 MJ = 50 kWh to produce 1 litre of Kerosene.

For 15kW they focus solar energy onto a 16 inch aperture (square?) and average 2,500 solar equivalents. So their collecting reflectors are 16*16*2500 = 640,000 sq inch or 413m2.

To get 50kW they need 1,376m2 of reflectors

1,376m2 of reflectors should produce Kerosene at 1 l/h

A 747 jet burns kerosene at about about 136,000 l/h

To get 136,000 l/h they need about 187km2 of reflectors.

187km2 of reflectors to keep one 747 fuelled. Assuming the jet only flies the same number of hours the converter can run each day. Remember, this is at the suggested 20% efficiency - they've so far only got 4%

Nancy Pelosi ties Chinese cyber-attacks to need for Taiwan visit

Twanky

Re: ... the likes of TSMC turned Taiwan into a vital source of technology

It's an example of the dangers of shortterm-ism. If PRC moves in on Taiwan and somehow avoids a shooting war with 'the West' then TSMC and the like will be a valuable asset for about 5-10years. After that period, manufacturing closer to 'home' will have become more common. If they move in and a shooting war starts it will be valuable until its facilities are 'taken out' as strategic targets by one side or the other.

Let's do whatever we can to try to avoid either scenario.

Twanky

Here's the problem.

China doesn't like that language, but has lived with it for over four decades – during which time the likes of TSMC turned Taiwan into a vital source of technology on which the US relies. US commerce secretary Gina Raimondo recently stated that losing access to Taiwanese tech would crash the US economy into a recession.

So, stuff Taiwan produces is vital to the US (and elsewhere, of course), but they (we, 'the West') also don't want to stop buying stuff from or selling stuff to PRC. Trade is good for international stability but vendor lock-in is a stupid mistake.

Post-quantum crypto cracked in an hour with one core of an ancient Xeon

Twanky

Re: Cheaters!

I'm pretty sure it's supposed to be a $5 wrench.

Twanky
Thumb Up

Re: Ancient?

From time to time I've looked at what the pay-back time would be to replace my server - mostly in terms of power savings. Previously I've decided that I probably won't last long enough. With current energy prices and lower component costs (if we can get them), I'm now not so sure.

Time for some more spreadsheet arithmetic on my prehistoric laptop.

Twanky

Ancient?

Stuff circa 2013 is ancient? New stone (silicon) age perhaps? I'm still using a 2010 Dell laptop most days. Admittedly, not for cryptographic research.

...the rest of you... keep banging the rocks together.

NASA to send prototype robot surgeon into space

Twanky
Alien

Re: Robotic surgical overlord

"...but not as we know it"?

Like Ubuntu, just a bit less hassle: Linux Mint 21 'Vanessa'

Twanky

If

...you have a well-specified 32-bit machine that you can't affordably upgrade,

Please correct me if I'm wrong but I don't think it's feasible to 'upgrade' a 32-bit machine to 64-bit.

I think what you mean is 'if you can't or won't throw it out and replace it with something newer'.

Indonesia sparks outrage by blocking PayPal, gaming sites, for compliance oversight

Twanky
WTF?

compliance oversight?

Really? Do we really believe the likes of Paypal forgot or didn't know about some new legislation in a country where they operate? They tried to ignore it - and it looks like they're too big to fail so the government had to back down.

Akamai: We stopped record DDoS attack in Europe

Twanky

Perhaps your computer was too busy doing something else for someone else?

Decentralized IPFS networks forming the 'hotbed of phishing'

Twanky

Re: Bit rich to blame ipfs

^

This.

'Dear valued customer, we can't even be bothered to send you this message from our own servers but click on the links anyway which will take you to some other server which isn't ours either and fill in the survey with lots of your personal information... Ta everso. Trusty Trusty Co.'

Beijing residents blast COVID surveillance device

Twanky

Appealing...

I'll assume you meant appalling.

You need to check your sources. Using a medium term trend of mid-year mortality from 2010-2018 and comparing the 4year period 2019-2022 Sweden is 1.05% down on trend while Norway is 0.53% up, Denmark is 4.31% up and seems to be having a really bad 2022 (for Denmark 2022 is currently more than 11% up on trend).

Why not include 2019 in the trend? There's a significant dip in mortality for UK and Sweden (and some other countries) in 2019. Many of those people who we might have expected to die in 2019 died in 2020 or later.

Sorry it's a late reply - I had to go retrieve the data and do the arithmetic.

Twanky

Re: re: Fortunately the left's constant calls for constant harsh lockdowns went mostly ignored.

Oh I say, well played.

However, it is vitally* important that we do not allow our politicians, experts and other leaders to start revising what they said and did especially in the early part of the epidemic. This applies everywhere, not just in the UK.

Dominic Cummings {spit}, for example told a parliamentary inquiry in May 2021 that he 'hit the panic button' on 11 Mar 2020 and that the Prime Minister ordered the lockdown 'at least three weeks too late'. 'Ordering' the lockdown 21 days earlier would have required all the processes that preceded it to be started at least 21 days earlier - and that would only work if Parliament as a whole felt the same sense of urgency as it eventually did when it passed the Bill 'without division' in just 6 days (including a weekend... gotta have weekends off, you know). So the Coronavirus Bill would have to have been introduced on 27 Feb 2020 (when there had been 3 Covid deaths in UK, but none had been registered) and enacted on 5 Mar 2020 (on that day two Covid deaths in the UK, still none officially registered). The Scottish Parliament would have to have given their Consent on 4 Mar (Scotland's first Covid deaths were on 12 Mar 2020).

From his own testimony Mr Cummings was convinced to 'hit the panic button' by reports which predicted half a million deaths in the UK. I've no idea if that was just a preview of Imperial College's rubbish 'Report 9'** - probably not - but we ought to find out and remember.

Various politicians of all stripes, medical, industrial and Union leaders all clamoured for urgent, unnecessary, action. These must not be forgotten.

*I hesitated before using the term 'vitally'. Yes, it is a matter of life and death that we don't forget who wanted to make this cock-up even worse.

**'Report 9' would have to have been published 21 days earlier too - on 24 Feb 2020.

Twanky

Re: I don't want to wear it.

Peng Shuai?

Twanky
Flame

If you're advocating unprecedented lockdown how wrong is acceptable?

For those still wavering over whether Imperial College's 'Report 9' was useful:

Warning: This analysis contains more numbers that are not just dates. Big numbers - you will run out of fingers.

Report 9 predictions published on 16 Mar 2020:

1) Peak of about 22 deaths per 100,000 people per day in GB = 14,340 deaths/day

2) Total of 510,000 deaths

The report says:

Epidemic timings are approximate given the limitations of surveillance data...

Observation:

3) Epidemic deaths started in early March. The first day with more than 1 death was 5 Mar 2020.

Best fit Gompertz curve for the above three constraints:

cumulative_deaths = 510000*EXP(-15.13*EXP(-0.07645*dayno))

Where dayno=1 is 1 Mar 2020.

Results:

Note the report covers 'GB'. England, Wales and Scotland. So the Reality numbers do too.

a) 9 Mar 2020: Reality: 13 cumulative, 5 daily. Report 9 calc: 254 cumulative: 115 daily.

b) 16 Mar 2020: Reality: 153 cumulative; 53 daily. Report 9 calc: 5,941 deaths; 1,770 daily.

c) 23 Mar 2020: Reality: 1,006 cumulative; 202 daily. Report 9 calc: 37,603 cumulative; 7,036 daily.

d) 28 Mar 2020: Reality: 2,969 cumulative: 507 daily. Report 9 calc: 86,087 cumulative; 11,347 daily.

e) 31 Mar 2020: Reality: 5,072 cumulative; 819 daily. Report 9 calc: 123,962 cumulative; 13,176 daily

f) 5 Apr 2020: Reality: 10,357 cumulative; 1,203 daily. Report 9 calc: 194,281 cumulative; 14,339 daily (peak).

g) 8 Apr 2020: Reality: 14,251 cumulative; 1,450 daily (peak). Report 9 calc: 236,774 cumulative; 14,003 daily.

The data available from a week before the publication date of 'Report 9' showed it was catastrophically wrong. Lockdown still went ahead on 23 Mar even though further data also supported the view that it was complete bollocks.

What was the evidence that persuaded the government to order the lockdown?

Twanky

Re: Classic

Yes, most of those numbers were only available in hindsight. Our government can maybe be forgiven for being panicked into imposing the lockdown on 23 March. But not for 5 Nov 2020 and 6 Jan 2021.

For such a major decision and huge expense they should have checked the evidence they were being given far more carefully. I still have not seen convincing evidence that lockdown worked.

For example: Imperial College's 'Report-9' was demonstrably wrong before it was published. It was only given credence due to the eminence of the authors - not the evidence in the report.

Their later 'Report-13' published on 30 Mar 2020 contained this:

In China, strict movement restrictions and other measures including case isolation and quarantine began to be introduced from 23rd January, which achieved a downward trend in the number of confirmed new cases during February, resulting in zero new confirmed indigenous cases in Wuhan by March 19th.

Quoting figures from China destroys what little credibility they had.

Twanky

I'm glad to see that you're backing the 'slow it down until there's a vaccine' line. It was the only credible argument at the time.

Evidence: I'll show you mine if you show me yours...

I'll go first.

Summary:

  • The course of the first wave of Covid (1 Mar 2020 - 31 Aug 2020, 6 months, 184 days) in England and Wales using the measure of date of death occurrence as provided by ONS, fits a Gompertz (epidemic) curve very closely.

    • The Gompertz curve describes the average effect of the conditions over the whole six-month period.
    • If our interventions were beneficial we should see a decrease in mortality during their effective period and (relatively) an increase outside of that time - averaging to the 6-month Gompertz curve.
  • The peak death rate was on 8 Apr. This is the steepest part of the Gompertz curve.

    • The peak of deaths must have been preceded by a peak of infections.
    • We should expect there to be a delay before any change in infection rate showed in the death rate.
  • There were slight deviations from the calculated Gompertz curve. Sometimes the real death rate increased faster or decreased more slowly than the calculated curve; ie it was worse. Sometimes the death rate increased slower or decreased faster than calculated curve; ie it was better.
  • There are 4 dates of interest at which the death rate changed from worse to better than the calculated rate (or vice-versa). We might assume that something had previously affected the infection rate to cause those changes in death rates.

    • From 9 Mar reality was better than the calculated death rate.
    • From 31 Mar a change for the worse.
    • From 19 Apr a change for the better.
    • From 26 May a change for the worse.
  • We should expect the death rate to be worse than the overall calcuated curve before the effect of any beneficial interventions and better afterwards.
  • If the lockdown on 23 Mar had any beneficial effect on infection rates it must have shown in the death rate change from 19 Apr. There is no other date after the lockdown when the death rate began to improve relative to the calculated best fit curve. It's a small effect though.

    • 19 Apr is 27 days after lockdown. 27 days must be the time it took for the effect of lockdown on infections to show as a slowing of the rate in subsequent deaths.
    • 27 days before the peak death rate on 8th Apr was 12 Mar. This must have been the peak of infections.
    • 12 Mar is 11 days before the lockdown. Infections were already past their peak and declining by the time of the lockdown.

      • Therefore the lockdown in England and Wales was unnecessary and had minimal effect on infection and subsequent death rates.

Other observations:

  • If lockdown did not cause the improvement from 19 April then it had no observable beneficial effect at all and so was unnecessary and ineffective.
  • 27 days before the first few deaths is early February - this is when the infection began spreading in England and Wales.

    • When the infection count is very low, statistical methods (such as the 27-day average lag between infection and death) are more prone to variation.
  • The change for the worse on 31 Mar is slightly puzzling.

    • 27 days before 31 Mar is 4 Mar. Did someting happen at the beginning of March that might increase the infection rate?

      • We might have expected the news of the first few deaths to influence people's behaviour to decrease infections.
    • I've shown that the peak of infections was on 12 Mar; did something happen about a week earlier to make things slightly worse?
    • 31 Mar is also 8 days after the lockdown. Was there something about lockdown that could have such a quick (bad) effect on death rates?

      • The Coronavirus Act 2020 (which became law 2 days after lockdown) introduced changes to the death certification process which made it easier for doctors to certify Covid as a cause of death. My guess (it's no better than a guess) is that this slightly boosted the Covid diagnosis rate.
  • The change for the worse on 26 May is also puzzling. 27 days before 26 May is 30 Apr. What happened at the end of April that might increase the infection rate?

    • Could the explanation be as simple as lockdown fatigue? People feeling that lockdown had gone on for too long (5-6 weeks by that time)?
    • The effect on death rate is of the same (small) magnitude as the presumed effect of lockdown - but in the opposite direction, of course.
  • Lockdown restrictions were gradually removed during June.

    • We might have expected a corresponding increase in death rate from early July but this was not apparent in the data.
    • Was this because many people had already abandoned lockdown restrictions from late April?
  • As a confirmation of the method of using a Gompertz curve for our analysis: Using a measure of excess weekly deaths as compared with the 2010-2018 trend also shows close matches (making allowances for weekends and public holidays) to Gompertz curves for each sex and age group 65+.

Supporting information:

  • Daily Covid death counts are included in the ONS 'Deaths registered weekly in England and Wales, provisional' dataset (download from https://www.ons.gov.uk/peoplepopulationandcommunity/birthsdeathsandmarriages/deaths/datasets/weeklyprovisionalfiguresondeathsregisteredinenglandandwales). The data can specifically be found in https://www.ons.gov.uk/file?uri=/peoplepopulationandcommunity/birthsdeathsandmarriages/deaths/datasets/weeklyprovisionalfiguresondeathsregisteredinenglandandwales/2020/publishedweek532020.xlsx.
  • The calculated best fit Gompertz curve has the formula: Cumulative_deaths = 51990*EXP(-12.36*EXP(-0.05665*dayno)) where dayno=1 is 1 Mar 2020.

    • The largest deviations of reality from the calculated Gompertz curve amount to +2.3% to -2.7% of the calculated total death count.

Twanky

Are you drawing a distinction between the severity of the lockdown in Wuhan and elsewhere in Hubei and China as a whole and that implemented in England and Wales?

If so, you are right, of course. Until the UK Parliament passed the additional law the government didn't have the power to order the curfew. Thank goodness they didn't go any further.

Twanky

Re: That strap.

Yep.

Twanky
Facepalm

Yes, we did copy China. Not their future policies from 2022 but their recent past policy from 2020.

I am, as you well know, referring to their lockdown policy in Wuhan and beyond.

Since you mention the vaccine: I personally think it's been a remarkable success.

There is, however, no convincing evidence that the lockdowns have been a success - but there is evidence that it has not been (at least, in England and Wales)..

Twanky
Flame

Yes.

So why did we copy them in March 2020?

Twanky

Re: You sure?

What happens if you have a hot bath or shower?

Elevated temperature recorded = SWATmedical team at the door.

IT departments often regret technology buying decisions

Twanky

Re: I will never understand

But... We must save money, at any cost!

Twanky

Re: Huh?

Competent secretaries/PAs won't tell you any secrets - but if you tell them your secrets and problems their bosses often become more sympathetic. Funny that.

Intel's net positive water use only tells part of the story

Twanky

Re: Lies, damn lies, and statistics

Shirley a gallon is 10 pounds of water? Or 8 pounds if you must... but I don't see where 8.345 pounds came from? Heavy metal contaminants? Dissolved helium?

Also, unless you want a visit from the reg standards bureau I think you need to recalculate the volume as 74,254,027.9469 chickens' eggs (approximately).

Everyone back to the office! Why? Because the decision has been made

Twanky

Remote working...

Or as we used to call it in the 90's. 'Working'.

Oracle lands London council deal for £12m ERP project

Twanky

The local authority, one of 33 London borough councils...

No London borough council will have truly unique needs when compared to the other 32. A common solution with a common implementation would be most appropriate. The only difference should be the migration to get away from the legacy systems. Boroughs could even co-locate/share and get economies of scale.

That said, Oracle??? Really?

NSO claims 'more than 5' EU states use Pegasus spyware

Twanky
Devil

Re: "carefully contracted to only permit legitimate use"

Of course you can get it - they bugged his phone so that they could work out the maximum price he was willing to pay to snoop on the terrorists in Ukraine... all you need to do is pay NSO enough and they'll share that info with you.

Of course, it might be a good idea to go back to using a feature phone after the deal.

icon: careful who you sup with --->

Twanky

The software exists. The methods to remotely install it exist. Do folk really believe NSO are the only people who can do this? Anyone reckon USA or China hasn't got this capability in home-grown (or 'acquired') software?

Password recovery from beyond the grave

Twanky

Re: Legal issues

Yes, I'd like to have inserted the crowbar of common sense ...somewhere.

The bank already had seen my proof of LPA a few years previously - which was why they had allowed me to manage her accounts. What brought the spirals to a close was a copy of the death certificate, Mum's Will and my ID documents.

What I wanted when I called was a pointer to my role in their procedures.

What I thought was particularly crap was the bank 'managers' willingness to take a shortcut through their procedures - and potentially lay the blame on me..

Twanky
Facepalm

Re: Legal issues

Yes.

That means you can't call up and freeze someone's bank account but you can call up and apparently disable their attorney's access.

However, as was shown the LPA authority was still working - even if it was invalid.

Twanky
Pint

Re: Legal issues

...rights of the deceased...? I think these also cease at the time of death.

I had Lasting Power of Attorney over my Mum's financial affairs in the final years of her life. I was also one of the Executors named in her Will. When she died I phoned her bank to 'freeze' her account and was told, not unreasonably, that they couldn't just take my word for it over the phone but that as I had stated she was dead my LPA was no longer valid - and that they had 'made a note' of the call. They asked me to either write to them or attend a branch in person.

Next day I visited a branch of the bank with all the required details and personal ID. The duty 'manager' duly 'froze' the account. I commented that that had seemed very quick and easy and he told me he had used my LPA authority to do it (no, I had not given him any passwords). I pointed out that my LPA was no longer valid and that I'd already contacted their call centre so there was a 'note' on the system. He looked distinctly embarrassed as he hastily reversed the 'freeze' and then went though a much longer process to do it according to the bank's official procedures.

It was a Friday and I think he had Beer O'clock in mind.

I know death is not a subject people like to dwell on, but a not-too-hidden link to a guide on banks' web sites on what to do would be very useful.

Microsoft delays next Exchange Server release to 2025

Twanky
Devil

Re: Three years?

...run the uninstaller for the old version of Exchange, then display a message thanking you for "upgrading" to Office 365?

It's far more complicated than that: First it's got to merge all the private shared mailboxes into one massive open to all mailbox. Then it's got to trim all the unshared mailboxes to the default 250Mb limit. Ideally, it then needs to identify the CEO's mailbox(es) and remove the content of all messages older than 2 months but not the headers. Only then can it issue the message that it has successfully upgraded.

To cut off all nearby phones with these Chinese chips, this is the bug to exploit

Twanky
Angel

Have you tried switching it off and on again?

FTFY

Twanky
Big Brother

...booming mobile security market

...in large part to the increase in online mobile payments, the use of mobile devices for tasks that involve sensitive information – such as banking information and credit card and social security numbers

My bank keeps trying to get me to download their app for my phone. I keep wondering why they think my phone is secure. What do they know about my phone that I don't?

Elon Musk orders Tesla execs back to the office

Twanky

Re: Ego Musk

...if he does get Twitter then he probably will do no more than destroy it than change the world.

Destroying Twitter might well change the world. For the better, obviously.

How the hell did we reach the point where politicians attempt to offer sympathy to victims of violent crime via Twitter?

Shanghai lockdowns to end, perhaps easing tech supply chain woes

Twanky

Re: Hooray! The lockdowns are ending...

You call them cunts just because they're rich? Or you assume anyone who is rich must be a cunt?

Page: