* Posts by Crypto Monad

505 publicly visible posts • joined 14 Dec 2017


UK Online Safety Bill to become law – and encryption busting clause is still there

Crypto Monad Silver badge

Re: Why?

It's not hard to find, and it has consequences for the whole world if it passes.

https://bills.parliament.uk/bills/3137/publications -> https://bills.parliament.uk/publications/52368/documents/3841

An order requires the provider to:

(i) use accredited technology to identify terrorism content communicated publicly by means of the service and to swiftly take down that content;

(ii) use accredited technology to prevent individuals from encountering terrorism content communicated publicly by means of the service;

(iii) use accredited technology to identify CSEA content, whether communicated publicly or privately by means of the service, and to swiftly take down that content;

(iv) use accredited technology to prevent individuals from encountering CSEA content, whether communicated publicly or privately, by means of the service; or

(b) to use the provider’s best endeavours to develop or source technology for use on or in relation to the service or part of the service, which [achieves those purposes]

"Accreditation" of the technology is punted to the Secretary of State in 126(12) and (13):

(12) For the purposes of this Chapter, technology is “accredited” if it is accredited (by OFCOM or another person appointed by OFCOM) as meeting minimum standards of accuracy in the detection of terrorism content or CSEA content (as the case may be).

(13) Those minimum standards of accuracy must be such standards as are for the time being approved and published by the Secretary of State, following advice from OFCOM.

So at least the standards have to be published, and are not kept secret. It's unclear to me whether the notices themselves will be published, and/or whether the recipients of such notices will be able to publish their existence.

However, note also 126(5):

A notice given to a provider of a Part 3 service requiring the use of accredited technology is to be taken to require the provider to make such changes to the design or operation of the service as are necessary for the technology to be used effectively [my emphasis]

That is: not only could WhatsApp be required to implement client-side scanning, they could even be told to stop using end-to-end encryption, if that were to interfere with the government order.

Crypto Monad Silver badge

Re: Don't Understand......

> Everything I send is privately encrypted BEFORE it gets into email or WhatsApp or....!!

If you choose to PGP-encrypt everything before you paste it into WhatsApp, well good for you, but it's probably best not to brag about it. Plod can demand your decryption keys, and you can be jailed for not providing them.

For most people, they use the WhatApp client application directly, typing their message in or attaching images to it. The WhatsApp application then encrypts the message before sending it to their servers and on to the final recipient, who is the only one with the decryption key.

WhatsApp supply both the client software and the servers as part of the service they provide. The government will be able to order them to put content scanning in the WhatsApp client, and if it gets a positive match, it will send a notification to the mothership.

There's a more complete description of Apple's version of the technology, in FAQ form, here.

In Apple's case, the on-device scanning is only triggered for photos that you choose to upload to iCloud. It scans them as part of the upload process, on your device, against a database of CSAM hashes which is downloaded locally to the device. Just as the UK government wants. In fact, this bill could have been worded exactly to require Apple to do something they decided *not* to do under public pressure.

(Note: there is a separate feature for general nudity detection in messages, which notifies parents if their children are sending or receiving nude photos. Don't be confused by the two types of scanning).

The iPhone 15 has a Goldilocks issue: Too big or too small. Maybe a case will make it just right

Crypto Monad Silver badge

Re: While the world slowly turns n burns.

I didn't downvote you, but when did it last get an Android security update?

Apples to apples: Boffins find a way to make e-waste edible

Crypto Monad Silver badge

If this is a high energy process, then you'd better build enough dedicated green energy capacity to drive it. Otherwise you'll be displacing other green energy users, which means generating extra CO2 or nuclear waste. Then you're just trading one kind of waste for another.

Probe reveals previously secret Israeli spyware that infects targets via ads

Crypto Monad Silver badge

Re: Insanet only selling to Western nations?

it is also the fact we now allow arbitrary code to run on our machines in the form of Javascript, etc.

I won't argue with that, not to mention Word macros, Excel macros, WASM etc.

However, even just opening an image can be enough, for example when there are bugs in image decoding libraries. There's no separation between "program" and "data", and the complexity is mind-blowing.

Airbus takes its long, thin, plane on a ten-day test campaign

Crypto Monad Silver badge

Re: An interesting experiment

> even the A380 production line came out of retirement.

Citation needed? Existing planes are coming out of mothballs, but I haven't seen an announcement about production restarting.


Crypto Monad Silver badge

Re: MAX anyone?

> the plane constrains the maneuvers the pilots can do

Although the older A300 and A310 were apparently used more-or-less unmodified for the ESA's zero G "vomit comet"


Crypto Monad Silver badge

"a target of approximately 100 hours flying time over ten days with no systems power-down"

They won't catch the Boeing bug where the plane needs to be rebooted after 51 days then...

Boeing 787s must be turned off and on every 51 days to prevent 'misleading data' being shown to pilots

Crypto Monad Silver badge

Re: Am I surprised?

> I wouldn't do that. I would not name an aircraft company "Kaboom!" or "Oopsidaisy Aircraft".

Or a parcel delivery company called "oops", I mean, "ups"?

I once saw a car from a driving school called Impact School of Motoring. It had a large dent in the back. (I promise it's true, but I wish I had taken a photo)

Linux 6.6's in-kernel SMB networking server graduates

Crypto Monad Silver badge

Re: Age Old Architectural Mistake Coming Home to Roost?

> getting rid of the networking to userland now, before it's too late

It's been done - see VPP and DPDK.

But I don't know if anyone has plugged in any endpoint network apps, as opposed to just routing packets.

Scientists trace tiny moonquakes to Apollo 17 lander – left over from 1972

Crypto Monad Silver badge

I bet the original "250 degrees Fahrenheit" figure is +/- 10 degrees at least, even if that was at a single point on the surface.

Hence the translation to "121.1°C" is completely spurious, by about 2 significant figures. The "~" sign implies that this was rounded from an even more accurate figure!

From browser brat to backend boss: Will WASM win the web wars?

Crypto Monad Silver badge

Re: Welcome back Java promise!!!

Sadly, many network and server admin tools were (or even still are) provided as Java applets. Examples include various server ILOs with Java-based remote console, and the Cisco ASDM management interface for their ASA firewalls.

The server vendors have generally moved to HTML5, but Cisco remains a relic of the past.

It was always a pain trying to get a compatible version of JVM and Webstart which worked with them, *and* which didn't violate Oracle's licensing terms (*), *and* which didn't reject the applets due to code signing issues or other problems.

Apple stopped shipping Java way back, from macOS 10.7.

(*) In many cases you would be prompted to download a newer version of Java SE. However, only Java SE 8 8u202 and earlier were free; anything later than that exposes your entire company to a per-seat licensing cost.

A license to trust: Can you rely on 'open source' companies?

Crypto Monad Silver badge

I think Elasticsearch will be the one to watch here.

Does Elasticorp have enough loyal existing customers to carry them forward? The limited open source license arguably gives them a warm fuzzy feeling that they're actually getting something in return for their subscription.

Or is the Opensearch fork going to be where the real work is done, and ultimately tempt the paying customers away from Elasticsearch entirely?

Cost of gallium goes up after Chinese export restrictions land

Crypto Monad Silver badge

Re: Retaliation

In the very arena you would expect responsible, level-headed people to operate, it's all being handled by a bunch of kindergardeners who only know how to throw the toys out of the pram.

True: but better a trade war than a real war.

Not call: Open source gurus urge you to dump Zoom

Crypto Monad Silver badge

Re: how long before Jitsi disappears ?

Making your own git server be discoverable isn't a major problem. There are project home pages and search engines.

The problem is that Microsoft will discover it, and will still scrape the content to feed its AI.

Curiosity finds evidence of wet and dry seasons on ancient Mars

Crypto Monad Silver badge

Re: Life's history

"They find some isolated spot with very few people around, then land right by some poor unsuspecting soul whom no one’s ever going to believe and then strut up and down in front of him wearing silly antennas on their head and making beep beep noises.”

Caltech claims to have beamed energy to Earth from satellite

Crypto Monad Silver badge

Re: Misdirection

> 1 milliwatt per square centimeter

Converting to more conventional units, that's 10 watts per square meter. (Compare to ~1kW per square meter for direct solar irradiation)

This means you'll need a receiving antenna 100 times larger than the equivalent solar array working at peak capacity; or 10 times larger than one working at 10% capacity (e.g. on a cloudy day). There's a possibility it could work at night too, although the satellites would have to be able to keep out of earth shadow, and/or relay power between themselves.

At that power density, the "2GW" proposed from the article would need 20,000 hectares (200 km2) of receiver. Even if that can be done with a wire mesh that doesn't obstruct the sky, so the ground underneath can be used for other purposes, that's an absolutely vast construction.

And of course, you still need to buy the kilometer-square solar array, plus microwave power conversion. And more importantly, launch the whole mass into space. And then keep it in orbit (or replace it when it de-orbits).

AWS is running a 96-core, 192-thread, custom Xeon server

Crypto Monad Silver badge

"We've asked AWS and Intel to confirm that spec is correct" - or just fire up an instance to see!

Also dmidecode (although less useful if it's not bare metal)

AWS: IPv4 addresses cost too much, so you’re going to pay

Crypto Monad Silver badge

Re: IPv6-mostly?

Whether it's NAT44 or NAT64, it still requires CGN to reach the majority of the Internet.

NAT44 means they have to give your device both an IPv4 and an IPv6 address. With NAT64, they only have to give your device an IPv6 address.

By the way, you don't need DNS64 any more, if your device has an embedded CLAT - which is true for iOS and Android, and macOS if you send it the appropriate signals via DHCP and RA options. In fact, you can even open a page by IP address like and it works fine over a pure IPv6 connection. The CLAT embeds the IPv4 address inside an IPv6 prefix used by your NAT64 device.

Crypto Monad Silver badge


There's a nice write-up from RIPE about what happens if you run an "IPv6-mostly" network.

TL;DR: with modern Android/iOS/macOS devices it works quite well. If this level of interoperability had been specified 25 years ago, maybe we'd all be using IPv6 instead of RFC1918 behind our routers.

Unfortunately, since the vast majority of Internet content is still only on IPv4, you still need a NAT64 in your network. That's the fundamental problem: it means everyone still *needs* an IPv4 address, whether or not they use IPv6. But once you have an IPv4 address, there's little incentive to deploy IPv6, since everything of significance is already reachable via IPv4 (bar a few cat-feeders and Loops Of Zen)

NASA mistakenly severs communication to Voyager 2

Crypto Monad Silver badge

Re: Off topic

> 300 baud is way worse than tedious.....I gave up on Prestel in short order!

When I used Prestel, it was 1200/75 (down/up). A system where I could type faster than the modem could send my keystrokes :-)

Intel adds fresh x86 and vector instructions for future chips

Crypto Monad Silver badge

I was a big fan of 6800 and 6502, but IMO the pinnacle was the 6809. Two 16-bit index registers: luxury!

Crypto Monad Silver badge

> Surely having 10 byte sequences just to encode new register references cant be good for performance and memory usage ?

It's an arguable point, but these days by far the slowest part is fetching data from DRAM, and that's most efficiently done by long burst reads into cache. Once the cache is warm, generally that's where the code will be executing from.

Some instructions being "long" are offset by common instructions being "short", and by the fact that you'd need to use multiple "short" instructions to achieve the same result as one "long" instruction.

> Isnt it time for a new cpu isa which stops the need for this terribly inefficient encodings ?

Well, ARM, MIPS and RISC-V are there for you to use. ARM seems to be doing pretty well at the moment: MacOS, Linux, Windows all run natively on it. But if ARM tighten the licensing screws too much, RISC-V could take off in its place.

Intel tried with Itanium, but failed.

Crypto Monad Silver badge

Re: Far too many x86 instructions

With the fire extinguisher to handle speculative execution

Why do cloud titans keep building datacenters in America's hottest city?

Crypto Monad Silver badge

Re: ... a capacity of 32 million megawatt hours....

Well, logically they could be talking about the total amount of energy the plant will generate during its operational lifetime. But I doubt it.

As a complete guess, they might mean that it generates 32 million megawatt hours *per year* - which would be about 3650 megawatts, on average.

What they say, and what they mean, don't necessarily coincide. But really, it's the job of journalists to get this stuff right.

UK government faces calls to end IR35 double tax anomaly

Crypto Monad Silver badge

Re: IR35 is only "necessary" because dividends are taxed at a lower rate than earned income.

Perhaps the answer, then, is to tax Dividends (and Capital Gains) at the same rate as earned Income?

And perhaps add National Insurance on top as well.

I think it's a good idea - indeed to combine income tax and national insurance too. Then make earned and unearned income treated the same. I see two main sticking points:

1. The hidden tax of employer's NI contributions, where a company pays 13.8% of the salary for the privilege of hiring an employee.

2. Double taxation of corporate profits (i.e. company pays corporation tax, then the recipient of dividends also pays income tax)

Crypto Monad Silver badge

make tax understandable

Hmm: that would be from the party which *didn't* introduce a 62% marginal tax rate for people earning between £100K and £125K? No no, all they did was taper the personal allowance for people earning over £100K.

Because that's completely different, right?

(The 62% includes 2% national insurance, now no longer capped, and is basically just income tax under a different name)

Goodbye Azure AD, Entra the drag on your time and money

Crypto Monad Silver badge

Re: Meaningless Product Rename

> By ditching the AD moniker for ID they are able to ditch having to replicate in the cloud all the features they currently support on prem

I don't think they ever did replicate them in Azure AD. They had a completely separate product called "Azure AD Domain Services", where they basically spun up some VMs of Windows Server to act as your domain controller.

Ex-Twitter employees owed half a billion in severance, says lawsuit

Crypto Monad Silver badge

Re: Nearly 600% reduction in staff and...

The baseline of the percentage is what you started with, not what you ended up with.

* If you start with a pound, put it on a horse, and end up with nothing, then you have made a 100% loss.

* If you had ended up with 50p, then you would have made a 50% loss.

* If you had ended up with £2, then you would have made a 100% profit.

Hence if you start with 1000 people and end up with 200 people, then you can either say that your staffing level is now 20% of what it was before, or that you have lost 80% of your staff.

Broadcom asserts VMware's strategy isn't working and it basically needs rescuing

Crypto Monad Silver badge

Re: "VMware alone can't get that job done"

If it's that much of a [REDACTED] pile of shite, surely the regulator would be doing Broadcom a favour by not letting them waste their money on it?

Microsoft whips up unrest after revealing Azure AD name change

Crypto Monad Silver badge

Re: To Marketing: a Boot to the Head!

Perhaps Microsoft could try marketing advice from plain-speaking Yorkshireman, George Whitebread:


Methane-spotting satellite that gives true readings of industry emissions hits skies in 2024

Crypto Monad Silver badge

Re: The usual misinformation and obfuscation

> Surely we should be diverting all the funding from climate 'science' into the 'renewables' lobby so they can waste it building more windmills and solar?

In what sense is building wind turbines and solar "wasted"?

The reserves of oil and gas under the planet are finite: sooner or later we'll run out. We'd better have something ready in time for that.

And no, I don't expect nuclear fusion ever to give power which is cheap *or* clean, let alone both.

Crypto Monad Silver badge

Re: The usual misinformation and obfuscation

I think the poster was trying to say that the CO2 concentrations are high over the Amazon and Africa (*) - not the satellites.

And India is famous for its sacred cows.

(*) How true that is, I don't know.

InfluxData apologizes for deleting cloud regions without performing 'scream test'

Crypto Monad Silver badge

Re: It seems like a mistake they won't want to repeat

That claim would have to be on some sort of *implied* guarantees of service - which might work in a consumer court, but not in B2B, where parties are expected to read the contracts they sign.

I haven't seen the contract itself, but I'd expect that it has clauses that explicitly disclaim all consequential damages; that compensation is limited to service credits; that they have the right to cease the service by providing X days notice; and that serving the notice via E-mail is treated as sufficient.

That doesn't mean that they were not jerks. At minimum they should have had brownouts prior to closure, identified the customers still using the service and helped them to migrate, and even at the end they should have *switched off* the service but not *deleted* anything for at least a month.

However, you can be sure that there will be no redress in court for those affected. Maybe some private deals will be reached, but only to sweeten those customers to stay with influxdb and not walk to a competitor.

Canonical takes its LXD 'containervisor' back into the house

Crypto Monad Silver badge

Here's the backstory: the lead developer of LXD has decided to quit Canonical.


Crypto Monad Silver badge

Browser-based GUI

... is actually built-in since lxd 5.14. Nothing to install, just turn it on:

snap set lxd ui.enable=true && snap restart --reload lxd

I don't think we have to worry too much about it going in-house. Debian Bookworm has imported lxd already, and Canonical always were the main developers, and are claiming it will remain under Apache 2 licence.

NASA 'quiet' supersonic jet is nearly ready for flight

Crypto Monad Silver badge

Re: As much political as technical

I used to live in Fulham in the late 1990's, and twice a day you had to pause for a minute as Concorde went overhead - it was impossible even to speak to the person standing next to you.

But we're not talking supersonic booms here - just regular engine noise. Those were *damned* noisy engines.

RAM-ramming Rowhammer is back – to uniquely fingerprint devices

Crypto Monad Silver badge

Re: Why?

Plus: you'd have to allow the fingerprinting software to be installed on the computer you're probing (e.g. the thing which you suspect of being a bot). But if it's a malicious actor, it will fake its own fingerprint results.

I can only see this sort of fingerprinting being used by software vendors to enforce licensing - much in the way that they used to write intentionally bad sectors to floppy disks in the 1980's.

Ariane 5 to take final flight, leaving Europe without its own heavy-lift rocket

Crypto Monad Silver badge

Re: All of our eggs are going into one basket.

However it would be thrown into the garden, and when you open the box you'd find the Atlas V has been replaced by a lorryload of cat food.

It's 2023 and memory overwrite bugs are not just a thing, they're still number one

Crypto Monad Silver badge

"Clean and neutralize your inputs, people. You can't assume all your users are nice."

No: all user-supplied data can be handled safely. The real answer is, don't blindly interpolate user-supplied text inside some other specially structured text (e.g. SQL or HTML) without the necessary escaping.


sql.execute("select * from users where name='" + name +"';")


sql.execute("select * from users where name=?;", name)

Sanitising inputs, e.g. to reject single quotes inside names, is not the solution, and rejects valid values ("O'Hare" for example). You just have to handle your user data properly.

There are some interesting language developments to help enforce this, distinguishing programmer-supplied literal strings from user-supplied data. e.g.


Rocky Linux details the loopholes that will help its RHEL rebuild live on

Crypto Monad Silver badge

Re: making them Red Hat customers, at least briefly

I expect the next step will be that the SRPMS will become extremely hard to get hold of: not included in the cloud base images, not available to 'developer' accounts, and only available to "Super Platinum Plus" customers on $10K+ subscriptions. (Essentially, under the same sort of terms that you can get Windows source code).

As for clouds, they don't even need to make the kernel binaries visible within the root filesystem. Hypervisors can boot from an external kernel image and initrd.

Chinese balloon that US shot down was 'crammed' with American hardware

Crypto Monad Silver badge

"crammed" with off-the-shelf components that could have easily been purchased online

... and which were all manufactured in China, for American companies.

Virgin Galactic finally gets its first paying customers to edge of space

Crypto Monad Silver badge

Re: Cheaper?

Virgin is far more expensive (the Vomit Comet costs about the same as a first-class transatlantic flight), but the zero G lasts a little bit longer.

I'm unsure about exactly which research projects are enabled by zero G that is longer than 20 seconds, but less than 6 minutes.

Bosses face losing 'key' workers after forcing a return to office

Crypto Monad Silver badge

Re: employees were happy (31%), motivated (30%) and excited (27%) to be in the office

It would be clearer and more accurate to say:

* 69% of employees were not happy to be in the office

* 70% of employees were not motivated to be in the office

* 73% of employees were not excited to be in the office

Lawyers who cited fake cases hallucinated by ChatGPT must pay

Crypto Monad Silver badge

Re: $5,000 Fine ... a Pittance for an Attorney

I would have thought that Contempt of Court would be a minimum offence here. I guess it depends on whether they were knowingly submitting made-up citations to bolster their case, or simply lazy and incompetent in not checking what ChatGPT returned. But even lazy and incompetent lawyers need to be punished.

The key point here is: ChatGPT is not a search engine. It's an engine for generating plausible-sounding text.

This is a real example:

"Yes, light is much faster than mobile signals. Light travels at a speed of approximately 299,792,458 meters per second in a vacuum, while mobile signals travel at a much slower speed through the air, usually in the range of a few hundred meters per second to a few kilometers per second, depending on the type of signal and the frequency used.

For example, the speed of electromagnetic waves used in mobile communication networks, such as those used for cell phones and Wi-Fi, is typically in the range of 3 x 10^8 to 3 x 10^9 meters per second. This is significantly slower than the speed of light and is due to various factors, such as the frequency of the signal and the properties of the medium it travels through.

While the speed of mobile signals is fast enough for most everyday uses, it is still much slower than the speed of light. This is why information sent via light, such as through fiber optic cables, can be transmitted much faster than information sent wirelessly through mobile networks."

This authoritative-sounding style is almost intentionally designed to deceive.

Red Hat strikes a crushing blow against RHEL downstreams

Crypto Monad Silver badge

> These are EXPENSIVE products and they may never support non-RHEL installations

Somebody running an "EXPENSIVE" product probably won't object to paying a small amount extra to IBM for an RHEL licence.

But if the upshot is to start pushing the mainstream users into other distros, and then the vendors start supporting some of those distros too, it could be an own-goal for RedHat, with a smaller and less technically-savvy customer base. We'll see.

Gen Z and Millennials don't know what their colleagues are talking about half the time

Crypto Monad Silver badge

“Let's think the unthinkable, let's do the undoable. Let us prepare to grapple with the ineffable itself, and see if we may not eff it after all.”

― Douglas Adams, Dirk Gently's Holistic Detective Agency

Crypto Monad Silver badge

"You want to 'take it offline'?"

Or as used by the previous generation:

"You want to 'take it outside'?"

Can noise-cancelling buds beat headphones? We spent 20 hours flying to find out

Crypto Monad Silver badge

Re: Old school here

Are the headphone an unofficial "do not disturb" signal?


I will sometimes put a card in my shirt pocket saying "NO MEAL PLEASE", when I'm boarding a flight at 1am and don't want to be shaken awake by someone who thinks I want dinner at 2.30am.

Debian 12 'Bookworm' is the excitement-free Linux you've been waiting for

Crypto Monad Silver badge

Re: About time!

A big USP of Debian 12 is that it will include a native deb-packaged version of lxd, a container management tool which gives you in effect "lightweight VMs"

lxd is developed by Canonical, and although originally it was distributed as regular .deb, they switched over to snap (which is also Canonical's baby) and dropped the .deb packages entirely, making it incredibly hard to troubleshoot. Debian now gives a way to have snap-free systems with lxd.

Ubuntu still leads the pack for ease of running ZFS on Linux though. You can do it with Debian, but your system will have to re-compile the DKMS modules every time you update your kernel.