* Posts by Bitsminer

302 posts • joined 13 Sep 2017

Page:

Planning for power cuts? That's strictly for the birds

Bitsminer Bronze badge

Re: exploding caps

Ahhh water fuses.

Worked on an early prototype electric vehicle. The batteries were protected by water fuses (or is that fuzes?) from excessive amperage.

Well, they were protected most of the time.

Open source, closed wallets, big profits – nobody wins the OSS rock, paper, scissors game

Bitsminer Bronze badge

A lot of FreeBSD changes are freely given by commercial companies using it. Eg Netflix but also many others.

Those companies have figured it out. Let's encourage the others to adopt the same method.

5G frequencies won't interfere with airliners here, UK and EU aviation regulators say

Bitsminer Bronze badge

Re: Surely this is a simple approvals issue???

I'd rank it as a conflict of technologies. The radalts are based on frequency-modulated continuous-wave RF, and compare only the frequencies of the current emission against the reflection. There's no discrimination to verify the reflection is indeed your own signal reflected, and not something else.

Even if the 5G tech (which is digitally coded and far more sophisticated than 1930s era radalt) is completely within it's assigned band, there are causes of interference that are external to the radalt and the 5G transmitter.

Like, for example, a rusty fence.

Or anything else resembling a diode, such as any other nearby radio set.

The aviation folks are right to be concerned.

Google says open source software should be more secure

Bitsminer Bronze badge

money is not the way

Several commentards have noted the difficulties with "giving" money from $source to $sink, where $sink is defined as a developer. Taxes, attribution, delivery, etc etc.

Money is just one (ineffective) means. Remember, the goals are (1) reviewed and (2) corrected software.

Who best to do this? Software developers. Let them become socially responsible for reviewing, testing and correcting software as a moral obligation to society.

Kind of like lawyers doing pro bono, Doctors Without Borders, and so on.

Github has a summary of commits for each account. Make a new metric (management is by metrics after all). How many code reviews and corrections on other people's software has this account accomplished? If the account is outside an envelope of own commit rate, commit size, and contributed corrections then make them pay, or shame them into contributing more reviews, or deny them access to El Reg comment boards, or something social.

Don't Chill with the Big Boys.

WebSpec, a formal framework for browser security analysis, reveals new cookie attack

Bitsminer Bronze badge

Re: Coq theorem? Really?

It's a well-known mis-feature of the Coq-theorem-prover software.

Alternative-names

Previously covered by El Reg:

Coq_programming_language_change

US Army journal's top paper from 2021 says Taiwan should destroy TSMC if China invades

Bitsminer Bronze badge

No, not TSMC

PRC wants repatriation of Stinky tofu (臭豆腐). Nothing less will do.

(If you've never tasted/endured it, you are now forewarned.)

The year ahead in technology fail: You knew they were bad, now they're going to prove it

Bitsminer Bronze badge

"but hold on before splashing out on a new monitor for Eddie"

Ahh, the 1988 Olympics, starring Eddie the Eagle. A very sharp (eyed) fellow with legendary poor eyesight.

Eddie the Eagle

ASUS recalls motherboards that flame out thanks to backwards capacitors

Bitsminer Bronze badge

A reversal of fortune.

2021 in storage: We waited for a flash price revolution that never came... but what about creativity? We can't complain

Bitsminer Bronze badge
Pint

Thanks!

This article is an example of El Reg writing at it's finest.

Succinct, opinionated but with cause, and very well analyzed across vendors, technologies and markets and more.

+1 many times over.

It's the day before the grand opening but we need a firmware update. It'll be fine

Bitsminer Bronze badge

We always used to tell the newbs, 'You are the most qualified here because you have been taught all the latest stuff', hard to enunciate when your tongue is firmly in your cheek.

Which is also why the newbs got to visit the CEO's home on Christmas Day for to setup the new computer for his children.

Europe completes first phase of silicon independence project

Bitsminer Bronze badge

Re: Is this an EU or Europe thing ?

(I've noticed this problem especially but not exclusively with some of our North American colleagues).

Your comment gives you a certain cachet.

New submarine cable to link Japan, Europe, through famed Northwest Passage

Bitsminer Bronze badge

Re: Who are the customers?

One option is to put your high-frequency traders in the middle of the fibre link, say, in Resolute. The data packets can meet in the middle between London and Tokyo (or Paris/Shanghai or what have you).

I'm sure the 198 current inhabitants of Resolute (English name), also known as Qausuittuq (ᖃᐅᓱᐃᑦᑐᖅ) would love to have the likes of a Wolf of Wall Street in their midst. Or even two.

VMware 2FA flaw can divulge that vital second credential to malicious actors

Bitsminer Bronze badge

Re: Bad Actors

You forgot Nick "Cageware" Cage, Bill "Shatbot" Shatner, and APT 699, aka Steven Seagal.

Over Log4j? VMware has another critical flaw for you to patch

Bitsminer Bronze badge

Re: It is a viscous plot

Double, double toil and trouble;

Fire burn and cauldron bubble.

Second Witch:

Cool it with a baboon's blood,

Then the charm is firm and good.

I expect "baboon" is the 17th century translation for "code monkey".

After deadly 737 Max crashes, damning whistleblower report reveals sidelined engineers, scarcity of expertise, more

Bitsminer Bronze badge

Re: Pilots were no longer in charge

I disagree--my understanding is the Boeing strategy was a sales strategy. The customers did not have to recertify the pilots thus reducing cost of ownership and eliminating the training cost of introducing a "new" aircraft model.

Remember, the -MAX did have to be recertified, which is one of the causes of the disasters, because the recertification process failed.

Bitsminer Bronze badge

Pilots were no longer in charge

The main concern I have with the MCAS design is that it took command and control of the aircraft away from the pilot. Initially, the pilots weren't even told this was possible, then one crash happened while pilots unsuccessfully fought the machine for control of their own damn airplane.

Never mind one vs three, or "it was a software error", or "Airbus did it sooner and differently".

The FAA (who lost all international credibility in certifying the 737-MAX) and Boeing (who lost a lot of money) let a few thousand lines of software run an airplane. Into the ground. Twice.

THAT was the failure.

ExoMars parachutes just about good enough to land rover safely on the Red Planet

Bitsminer Bronze badge

things weren't perfect

Ahhh, chute, it wasn't perfect.

Log4j doesn't just blow a hole in your servers, it's reopening that can of worms: Is Big Biz exploiting open source?

Bitsminer Bronze badge

what's hard

"Finding projects that need help and maintainers willing to help in exchange for money is hard."

No.

OpenBSD, OpenSSH, OpenBGPD, LibreSSL...

Python

There are other organizations that distribute funding and equipment for open-source software.

AWS postmortem: Internal ops teams' own monitoring tools went down, had to comb through logs

Bitsminer Bronze badge

multi-platform redundancies needed

In my neighbourhood, the local competitive phone companies use their competitor's mobile phones for communications with the office.

Because, you know, shit happens.

Would AWS take the hint?

Do pigs fly?

Chatter around GPUs for RISC-V is growing

Bitsminer Bronze badge

16 RISC-V extensions were ratified

So, it's not one standard, but dozens.

Good luck with that.

NASA's new black hole spotter makes it into orbit

Bitsminer Bronze badge
Boffin

X-ray specs

These aren't your standard bifocals.

The telescopes consist of 24 concentric shaped-conic sections. The x-rays come in at very small angles and are reflected onto the detector plates. They get around 300x300 pixels after several thousand seconds of exposure.

There are three parallel telescopes -- the "lenses" are a few meters away from the detectors so they have to be mounted on an extension bellows.

It's all very cool. The images will be amazing.

Oz Feds reveal distribution model behind backdoored 'An0m' chat app spread by crims

Bitsminer Bronze badge

On the contrary.

The sophistication of a multi-level distribution system seems a little bit beyond the normal day-to-day of a police agency. I wonder who they subcontracted it to? Mary Kay perhaps?

Don't panic about cyber insurers pulling up the drawbridge, says Lloyd's

Bitsminer Bronze badge

"War is what I say it is"

After 9/11, we got stuck in Europe trying to get home. Had to buy new air tickets.

The "travel insurance" declined to pay on account of "it was an act of war". Said nobody except GWB some months later.

The insurance industry tout says things like "Insurance companies have the burden of proving an exclusion clause applies".

Only if you drag them, kicking and screaming, into court. And fight them, for several years. At your own expense. Over the meaning of "reasonable".

Luck to you!

Graviton 3: AWS attempts to gain silicon advantage with latest custom hardware

Bitsminer Bronze badge

a challenge for x86 chip vendors

AWS compare against their previous generation, as does almost everyone else. Unless it's a fake comparison (hello Intel).

But we need competitive benchmarks. Is anyone posting SPEC benchmark results? Or anything?

And, is posting benchmark results even permitted by their TOS?

Chill out to the sounds of an expert typing on a variety of mechanical keyboards

Bitsminer Bronze badge

Taeha also has a YouTube channel

How long before a DMCA takedown request?

UK data watchdog fines government office for disclosing New Year's gong list

Bitsminer Bronze badge

Re: Government secrets and personal throwaways

News flash -- ICO punishes HM Civil Service for disclosing a list of former Civil Servants sacked for disclosing lists of Honours.

Visiting a booby-trapped webpage could give attackers code execution privileges on HP network printers

Bitsminer Bronze badge
Pint

Re: Malware or just a link to the firmware update site?

Aaaaand the winner is....

Bitsminer Bronze badge

Re: Malware or just a link to the firmware update site?

Pro-tip: When you run out of magenta, and printing is paused because "no colours remain", you can either (a) reboot or (b) find the Services app under Windows Administration, and restart the Print Spooler service. Printing should then begin.

There is probably a CMD-line incantation to restart the Print Spooler too.

Extra points for those who can explain why it's called a Spooler.

You, me and debris: NASA cans ISS spacewalk because it's getting too risky outside

Bitsminer Bronze badge

Popularity

Nobody goes outside the ISS anymore -- it's too crowded.

UK intel chief says MI6 must outsource innovation – and James Bond's in-house 'Q' is nonsense

Bitsminer Bronze badge

Re: Fear the frightening foreigner!

our economic environment is now controlled by other count[r]ies

Welcome to the New Colonialism. All your Factories are Belong to Us!

Warning: China planning to swipe a bunch of data soon, so quantum computers can decrypt it later

Bitsminer Bronze badge

"intelligentized warfare"

Chinese AI systems, presumably trained on artificial turf using artificial bullets, won't be immune to the usual issues with the current crop of "learned machines": a 20% chance of raining on the wrong fellow's parade.

For example, automated translation systems can get things wrong, and nobody dies. In a battle, the misinformed or misconfigured AI can kill everybody. Not the kind of thing you can hand-wave away.

It's going to be a hot century.

Alleged Brit SIM-swapper will kill himself if extradited to US for trial, London court told

Bitsminer Bronze badge

Re: "he might commit suicide, making his an "exceptional" case"

It's not a gulag for the non-violent. Just ask Lord Black.

https://en.wikipedia.org/wiki/Conrad_Black

Sheffield Uni cooks up classic IT disaster in £30m student project: Shifting scope, leadership changes, sunk cost fallacy

Bitsminer Bronze badge

But inevitably someone would try to automate that 3-ring binder. And another 30million later it would still not work correctly.

Wondering what to do with those empty offices? How about a data centre?

Bitsminer Bronze badge

toast

The average human is about 100 watts. The average office ventilation is intended for two humans and a laptop, so, maybe 400 watts.

The average rack of servers is about, oh, maybe somewhere between 3 kilowatts and 50 kilowatts, depending on your budget.

Sure, put your rack in my old office. And be sure to supply something to cook like sausages or toast for the 6 minutes the rack will stay powered before catching on fire.

ChaosDB: Infosec bods could pull anyone's plaintext Azure Cosmos DB keys at will from Microsoft admin tools

Bitsminer Bronze badge

Horizontal Bop

Bob Seger, 1980.

https://youtu.be/JbmxmGMuVQo

The new Microsoft Azure theme song.

Rolls-Royce set for funding fillip to build nuclear power stations based on small modular reactor technology

Bitsminer Bronze badge

not so scalable

Some of the American companies started at 30MWe or even 10MWe and are now talking 100+. It seems the cost of pumps, monitoring, etc not to mention the engineering is not proportional to output power, so to make any kind of money the price has to exceed the costs. And price does scale with output.

And the regulators! They will write more regulations, not fewer, in spite of the "simplicity" of the designs. The regulatory burden will make these uneconomic as regulation becomes multi-national, hence a UK design will need to meet both UK and whatever-you-have-elsewhere regulations. N*N, as we say.

It may be too cheap to meter but not too cheap to regulate.

Intel pays VIA $125m to acquire its x86 design talent

Bitsminer Bronze badge

Re: Hello round peg, meet pentagnal shaped hole

Oi, 100 people divided into $125M is....a down payment on a house, each.

So now we know the acquisition cost of a chip designer. Wow, just wow.

Hibernating instrument on Hubble roused as engineers ponder message problem

Bitsminer Bronze badge

metastable donkeys

Place one donkey exactly in the middle between two identical stacks of hay.

The donkey will starve to death trying to decide which stack to eat first.

Sheffield University scales back student system after Oracle integration stumbles

Bitsminer Bronze badge

30%

30 per cent of the scope will remain undelivered, this does not pose a major risk as many of the requirements are no longer relevant or viable...

Changing or deleting 30% of your requirements in 5 years is mind-bogglingly....little. I would have expected 1% per month, or 60% after five years. And a competent system management team with a budget to match that rate of change. But, you know, "magic" is defined as anything beyond your understanding.

I suspect the problem is really that education, like medicine, sees IT as an asset to be purchased once and thereafter neglected, like a building. Instead, IT is a liability that needs to be continuously supplied with attention, care, adaptation, nurturing and money. Lots of money. Like a Hollywood starlet.

Trojan Source attack: Code that says one thing to humans tells your compiler something very different, warn academics

Bitsminer Bronze badge

Re: 100% code coverage testing

Code coverage testing = (# lines of code tested) / (# lines of code present) x 100%.

But the bidi "bug" or transmutation of code can change the number of lines by (a) commenting them out invisibly to the developer and/or (b) rendering them unreachable, also invisibly to the developer.

Hence my "...oh". The metric is...ummm....not reliable to detect the bidi bug(s), as the "code" might not be. And if you use a different tool than the compiler to measure it, well, then you have two problems.

(I had previously submitted a lengthier reply, but once it got past El Reg's Perly gates, it seems to have fallen onto the floor of the second level of Hell, only to be lost and near forgotten.)

Bitsminer Bronze badge

Left-click to compile

Sounds like a good argument for requiring 100% code coverage testing......oh.

SoftIron now slinging servers with artisanal firmware and an auditable bill of materials

Bitsminer Bronze badge

Rewelding the supply chain

Had to buy a set of equipment for delivery to a certain highly paranoid customer. They insisted no parts be "made in PRC".

It was a problem since the disk drives had been very clearly labelled as made in that place.

So we asked a used-equipment dealer/reseller if they had the same model of disk drives but made elsewhere. Turns out they did. The OEM couldn't fix their own supply chain but a reseller could. (And yes we verified the point of manufacture of the drives carefully). (And the customer pointedly didn't care about receiving pretested hardware!)

Ransomware criminals have feelings too: BlackMatter abuse caused crims to shut down negotiation portal

Bitsminer Bronze badge

Redefine IoT

Welcome to the Internet of Thugs.

Unhappy customers and their own tricks used against them, REvil ransomware gang reportedly pulled offline by 'multi-country' operations

Bitsminer Bronze badge

means and ways

Reading the official Joint Statement of the 30 countries, there are some interesting quotes:

...uneven global implementation of the standards of the Financial Action Task Force (FATF) to virtual assets and virtual asset service providers (VASPs) creates an environment permissive to jurisdictional arbitrage by malicious actors...

"Arbitrage" is an interesting word. Used by multi-national traders to make money on the differences between stock markets, commodity markets, and currency markets. Used by tax lawyers to make money reducing the taxes for corporate clients (hello Ireland, hello North Dakota), And used by national governments to influence their friends and rivals for access to markets, commodities, taxes and now virtual currencies.

We will consider all national tools available in taking action against those responsible for ransomware operations threatening critical infrastructure and public safety.

Since "all national tools" includes intelligence, enforcement, diplomacy, and armed forces (not necessarily in that order), the statement essentially draws a line in the sand beyond which any and all "tools" will be used against the malefactors. Naming the issues: "critical infrastructure" and "safety" defines the line. However, may I point out that my "critical infrastructure" (hello Starbucks) is not the same as your "critical infrastructure" (hello food supply chain).

We will leverage diplomacy through coordination of action in response to states whenever they do not address the activities of cybercriminals.

A bit of bureaucratic phrasing, but it means "if you don't go after your cybercriminals, we will go after you". With multi-national coordinated action. See above.

I'm looking forward to hearing about how REvil was taken down.

Research finds consumer-grade IoT devices showing up... on corporate networks

Bitsminer Bronze badge

Re: News at 9....

And we spell Security with an F.

What, there's no F in Security!

(Repeat until done.)

Intel teases 'software-defined silicon' with Linux kernel contribution – and won't say why

Bitsminer Bronze badge

Re: Licenses

Licensing CPU features would potentially give Intel more revenue

Larry, is that you?

LAN traffic can be wirelessly sniffed from cables with $30 setup, says researcher

Bitsminer Bronze badge

Re: New? Bwahaha!

The soviets compromised a number of IBM Selectric typewriters at the US Embassy in Moscow.

https://www.cryptomuseum.com/covert/bugs/selectric/

Modifications were invisible and could not be detected without x-rays. The transmitted data was slightly ambiguous but all of a document could be read or inferred.

Presumably any IBM Selectric in use by US armed forces or intelligence or diplomatic groups was at risk of compromise.

Russia-based criminals are still the UK's number 1 cyber-foe, NSO Group's wares a 'red flag' says NCSC chief

Bitsminer Bronze badge

70

That's either too many, or too few.

Clearview CEO doubles down, claims biz has now scraped over ten billion social media selfies for surveillance

Bitsminer Bronze badge

"Bill of Rights to guard against the powerful government we had just created"

Aye, there's the rub.

The US Constitution, the UK unwritten but allegedly valid constitution, and other Bills, Declarations, Offerings and Scripts all offer one thing:

Defence against the Government.

But Google, Facebook, Amazon, Alibaba, Twitter, and their likenesses are not Government but are trans-national corporate tax-minimizing sub-national "actors" with seriously risk-laden power. And only law, not unbreakable "Constitutions" can limit their power.

Good luck with that.

Zoom-o-cracy: Wales MP misses vote, allowing COVID-passport rule change, blames the IT dept

Bitsminer Bronze badge
Windows

It could have been worse, way worse

https://www.thesun.co.uk/news/14657129/mp-caught-naked-zoom-parliament-canada/

(No, don't bother to click the link.)

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022