Only one thing for it
Us fleshbags will end up with no job prospects apart from writing trashy robo-dramas (and maybe landing an odd "token human" role, if we're lucky) à la "All my Circuits" for our benevolent overlords.
Posts by Frumious Bandersnatch
2662 publicly visible posts • joined 8 Nov 2007
Page:
Rich professionals could be replaced by AI, shrieks Gartner
Take a sneak peek at Google's Android replacement, Fuchsia
Tuesday 9th May 2017 14:07 GMT
Re: A wonderful name
Blimey. I've never seen so many downvotes for someone making a valid (and interesting) observation on English spelling/pronunciation. Is pedantry dead here on The Register?
You can have my upvote, partly because I just noticed your post after I made a similar comment. We're both in this together :-/
Realistic Brits want at least 3 security steps on bank accounts
Today's bonkers bug report: Microsoft Edge can't print numbers
Uncle Sam backs down on slurping passwords from US visa hopefuls
Saturday 6th May 2017 14:27 GMT
Re: Social Media? Sorry, don't use any.
They can have my FriendFace profile if they want.
Hmmm.. I suddenly have the urge to drink another can of Cuke.
How to remote hijack computers using Intel's insecure chips: Just use an empty login string
Saturday 6th May 2017 13:13 GMT
strncmp ... love it
I love the irony that if they had used strcmp instead, there wouldn't be a bug. Ironic because the programmer probably thought "shouldn't use strcmp... that might be insecure or cause a crash". Probably a form of hypercorrection. It's not strcmp's fault if another bit of your code fails to null-terminate a string.
Still on the subject of strncmp, surely it would be a good idea for the compiler (or a debug version of the C lib) to warn if the call is/can be a no-op? Obviously, I can think of some places where this might have a valid use (like exiting from a partitioned search when you've either found the right string or end up with a partition size of zero; checking which case it was can be deferred to outside the loop) but for the most part, a no-op wasn't what you expected, so it probably indicates a bug like this one.
Spend your paper £5 notes NOW: No longer legal tender after today
Huawei used cheap-as-chips chips in some P10s, now buyers want to boil it in oil
'I feel violated': Engineer who pointed out traffic signals flaw fined for 'unlicensed engineering'
Saturday 29th April 2017 10:22 GMT
Re: Engineering?
Addendum: The above assumes that you want to be at a full stop immediately after leaving the intersection. Not very practical, but at least you shouldn't get a ticket for breaking a red light.
Yer man's argument may be just that, from what I gather from a re-read of the article. If you don't aim to have v=0 at the exit point, but instead decelerate down to some minimum speed and then maintain that through the intersection, you obviously travel further in the same amount of time. Same idea, just different piecewise integration:
◼◣
◼◼◼
Columns are for reaction time, constant deceleration and constant exit speed. There are a couple of extra variables (final speed and how long you will travel at this speed, the product of which tells you the distance from the exit to where you will stop your deceleration), but if you set that product to be half the distance through the intersection, then you should be safely in control of the car and not trying to brake and turn at the same time.
As before, calculating dT is simply adding up the areas of the rectangles and the triangle, so it's still basic trigonometry.
Saturday 29th April 2017 09:43 GMT 
Engineering?
Looks like Applied Maths to me. It's hardly "engineering" by any sane standard.
Start with a simple d = vt equation, take safe-braking distances and reaction times from the Rules of the Road (or US equivalent) to find the deceleration curve, graph it out in t and v, then do piecewise-integration (calculate area of some rectangles and a triangle and add them up) to find total distance travelled dT. Calculate the length of the journey between passing the traffic light and leaving the intersection as one quarter of the circumference of the intersection dI (or consider it to be two legs at a right angle, to be on the safe side) and show that dT - dI, which is the furthest you can be from the intersection in order to safely traverse it, is greater than 0.
The only "engineery" thing here is measuring how big the intersection is, but he could do that with OS maps.
Disclaimer: I am not an engineer!
Linux Mint-using terror nerd awaits sentence for training Islamic State
Another career suicide as reporter leaves The Register for broadcaster
Kali Linux can now use cloud GPUs for password-cracking
Friday 28th April 2017 18:22 GMT
Re: Linux kernel doesn't support Realtek RTL8812AU
I think you missed this bit of the article.
That still doesn't make sense to me. Either you're running Kali on a "modem" like those listed (in which case, you can use the wireless hardware), or you're communicating with these things as external devices (in which case, kernel support for the chipset is irrelevant; you talk to them over the standard 802.x network protocols).
Either way, this part of the article is very poorly worded.
Sneaky 'fileless' malware flung at Israeli targets via booby-trapped Word docs
Friday 28th April 2017 16:39 GMT
Re: Well, we'll look for the house with no numbers.
Yeah, but a running process is <program that's on disk> + <data that's only ever in working memory>. Spawn a shell, install a program in its data space and your solution won't work.
Other posters above suggested that switching the machine off will deal with it. But what if it's a kind of APT ("advanced persistent threat") that can find other local machines where it can also run in memory, maybe even using different exploits or propagation methods? This can act as a backup in case the first machine is power-cycled, then re-infect it using the original exploit when it comes back up. Just like the ancient "Robin Hood and Friar Tuck" hack, except that there's no persistence if both machines are turned off at once.
Putting on my black hat for the moment, not persisting on disk can be a great way of avoiding detection. It's great for initial stages of an attack because you can use it to passively monitor a target network and use that info to plan for future attacks. Chances are this won't trigger any internal tripwires, and even if the probe is found, it won't reveal very much. From there, you can use a variety of different payloads, each working together stealthily using ideas of "quorum sensing" and "oblivious agents".
Quorum Sensing is an idea from bacteria, where individual bacteria take cues from the environment and begin to change their own secretions. The ultimate expression of QS in bacterial colonies is that they can regulate gene expression, so that they become more efficient at thriving in the environment. Apply that analogy to malware and you get to the idea of individual bits of malware using subliminal channels to announce their presence to each other and coordinate with each other to a degree. A simple example of a subliminal channel in a network might be to interact with a caching proxy (be it a web proxy or memcached database proxy or whatever) somewhere on the intranet. By looking at timing differences in responding to a request, each malware agent can basically pick up environmental cues to detect each other's presence. There are doubtless tons of other ways they can implement subliminal channels over innocuous-looking traffic.
Oblivious Agents are bits of code that have an encrypted payload. They take a set of input parameters (such as environmental cues, as gathered above, but it could also include things like the time or the host IP or whatever) and combine them to form a key. They use that key to do a trial decode on the encrypted payload, and if the decrypted message is valid (eg, by checking that it has a valid checksum), they execute it. They're called "oblivious" agents because they don't know (and don't reveal anything) about what exact set of triggers are needed to run a particular payload. And, of course, a defender can't easily decrypt the payload, either. Neither does it have to have just one payload, nor does all the logic have to be confined to being stored in a single malware agent: a payload could be just sending out a certain environmental trigger that ultimately serves to self-repair the swarm, delete itself, or start enacting some new strategic phase.
All of this is much more suited to a spear-phishing attack against a high-value target. It's still fascinating to think about how you could apply techniques like this against certain businesses, banks, military installations or whatever. If it can lay more or less dormant and inactive over a long enough time, there's no telling what it could do. It could, eg, find some long-term persistence technique (so that it can re-infect at a later time if it's discovered), or use a variety of environmental cues, eg, noticing lots of extra emails being sent or other seeing other signs of activity to guess that a North Korean missile site is about to conduct a nuclear test, or even just have some other internal resource (like git repo, active directory server, SCADA system or whatever) as the real target, and delete the bridgehead system once it's done its job.
Hmm. I think that having that black hat on for too long has affected my brain ...
FTP becoming Forgotten Transfer Protocol as Debian turns it off
Thursday 27th April 2017 02:27 GMT
"no caching"? Hmm.
I was going to complain that most people use something akin to apt-cacher-ng or squid on the client side, anyway. But then, realised that FTP doesn't have a standard way of getting file metadata, particularly the HTTP-like "last-modified" data that's crucial for avoiding downloading (mirroring) stuff you already have. Sure, running "dir" works, but there doesn't seem to be a standard way of presenting all the fields ...
Overall, probably a sensible move. Still, with FTP disappearing it does make me feel just that little bit more antiquated.
Drone maker DJI quietly made large chunks of Iraq, Syria no-fly zones
Wednesday 26th April 2017 16:02 GMT
Re: Why Just War Zones?
Why not ...?
I know that you're probably just asking rhetorically, but you got me thinking of what sort of algorithms and data structures you'd need to scale up the number of no-fly zones. As the number increases, you obviously hit a practical limit if you do a linear scan on them.
I reckon quadtrees, possibly with some sort of arithmetic or wavelet encoding of the number of NFZs in each sector.
Reg reader offered £999,998 train ticket from Cambridge to Horley
Wednesday 26th April 2017 15:16 GMT
Re: More guidance needed
Funnily enough, I also started thinking about how to do differential equations when I saw the word "exponentially" in the article. AFAICR, differentiating ex with respect to x (can't do fancy LaTeX or mathml markup here) is ex. "Exponential" means that we have a superincreasing sequence since the dy/dx (slope) at each point is constantly increasing (approaching infinity) in the x direction.
It doesn't make sense to compare two numbers and say that the second is an exponential increase over the first. There's no curve (or an infinite number of curves), just a straight line between two points, so "exponential" doesn't apply.
There may be an order of (base 10) magnitude between the two prices, though, which would be mathematically correct.
(Yeah, I know, I'm being really pedantic here. That's why I'm making a comment, not using the "make corrections" link.)
High Court hands Lauri Love permission to appeal extradition to US
Irish Stripe techie denied entry to US – for having wrong stamp in passport
Jimbo announces Team Wikipedia: 'Global News Police'
CompSci boffins find Reddit is ideal source for sarcasm database
Monday 24th April 2017 11:48 GMT
wasn't using sarcasm at all... but irony
FTA:
Since sarcasm often involves humans stating something opposed to their beliefs or wants
Oops.
<sarcasm>Typical Yanks. Can't tell the difference between irony and sarcasm</sarcasm>
<sarcasm><irony>Finally, something to learn Americans to speak English good</irony></sarcasm>
Alaska dentist 'pulled out patient's tooth while riding a hoverboard'
Q. Why is Baidu sharing its secret self-driving sauce? A. To help China corner the market
Friday 21st April 2017 16:35 GMT
cloud privacy issues
Are these self-driving cars going to be uploading any part of the video feed with a Windows-style "telemetry" excuse? Would such data be able to be aggregated across many self-driving cars to identify and track other cars on the road, either through their license plates or tagging and tracking other vehicles while they're in your field of view, and using the cloud part to fill in for discontinuities ("white van was tracked until point A, then lost; another sighting at point B is consistent with being the same white van, ...").
An autonomous driving system obviously needs to be able to be aware of other vehicles and make sure that it doesn't forget that they could still be around (temporarily in a blind spot or obstructed from view) before making manoeuvring decisions, but surely there are issues if these data are being aggregated in near-real time in a cloud somewhere.
Also, why stop at tracking vehicles? Surely it would need to have awareness of pedestrians, too. Maybe the current crop of cars are more suited to highway driving or driving somewhere like the US, where vehicles have right of way, so ignoring pedestrians who might suddenly walk out in front of you might make sense (until you have to go into collision-avoidance mode). For city driving, though, and in countries where jaywalking isn't a crime, surely they'll have to follow the same rules as for human drivers. Part of that is being able to figure out where pedestrians are or might be, and reading their intent, at least to some degree. Obviously, simple things like seeing that they're very close to the kerb or partly on the road is a good sign that they're looking for an opportunity to cross(*), and that can be handled by simple physical rules based on distances/location. However, reading intent is often much more complicated. If you want computers to be as good as humans, you're going to have to include things like how they act (do they turn around to look at the road as they approach a crossing, or look up at a traffic light), and figuring out where their attention is directed.
All this analysis of pedestrians (and tracking them, obviously) probably won't make it into first-generation cars, so in the initial (training) stages at least, manufacturers are going to be slurping a lot of so-called telemetry data. You can't say that blurring faces or whatever is a solution because they will need facial features to do things like gaze tracking or to judge how aware the person might be of traffic (or, eg, they're talking on a mobile phone or texting rather than paying attention to other things). The easiest thing is just to slurp everything they can, but if real-time tracking is the norm from the outset, it's hard to see how spy agencies or whatever (or even just traffic police) wouldn't want to tap into that and make sure that they continue to be able to use the system even after the AI part has been trained and downloaded as a set of real-time rules that can run on the car.
I'm sure that these sorts of concerns would definitely be looked at in Europe or the US, but in China? Somehow, I don't think so.
* another, unrelated scenario with self-drive cars strikes me. If you're coming to a crossing and you see someone that you know (or think you know) and make eye contact and give them a nod or something, how are they going to interpret that? Maybe they don't know that you're not the driver. If you were the driver, they could take your gesture or general demeanour as giving them the OK to cross the road in front of you. The car's not going to understand that...
Zuckerberg's absolutely mental: Brain sensors that read YOUR MIND at 100 words a minute
Thursday 20th April 2017 01:08 GMT
web 3.0 direct, from our brain to yours at 100wpm
... that old servant Ines told me that one drop even if it got into you at all after I tried with the Banana but I was afraid it might break and get lost up in me somewhere because they once took something down out of a woman that was up there for years covered with limesalts they're all mad to get in there where they come out of you'd think they could never go far enough up and then they're done with you in a way till the next time yes because there's a wonderful feeling there so tender all the time how did we finish it off yes O yes I pulled him off into my handkerchief pretending not to be excited but I opened my legs I wouldn't let him touch me inside my petticoat because I had a skirt opening up the side I tormented the life out of him first tickling him I loved rousing that dog in the hotel rrrsssstt awokwokawok his eyes shut and a bird flying below us he was shy all the same I liked him like that moaning I made him blush a little when I got over him that way when I unbuttoned him and took his out and drew back the skin it had a kind of eye in it they're all Buttons men down the middle on the wrong side of them Molly darling he called me what was his name ...
Stop asking people for their passwords, rights warriors yell at US Homeland Security
Regulate This! Time to subject algorithms to our laws
Monday 17th April 2017 17:46 GMT
Re: Plase stop using the word algorithms
I totally agree, Ken. We should be talking about "automated processes" or the like.
It seems to me that the only thing that needs legislating here is in the realm of data protection (or FoI) requests. Let's say that someone is refused insurance cover. I think that it's quite possible and reasonable to make a data request asking the organisation to clarify the factors leading to the decision. I'm pretty sure, though not certain, that this sort of request is allowable and that it should receive a reply.
However, once you start using automated processes, there is a great risk that the organisation being asked for such information will, deliberately or not, seek to obfuscate what their processes are. You'll just get a response "computer says no". If you kick this up to the ombudsman or whatever, there's every likelihood that the organisation will argue two main points: first, they'll say that their algorithms are a trade secret, and second, they'll say that the cost of satisfying the request is excessive. I don't think that the first point needs much comment, but for the second, it's quite possible that they'll be able to make a good excuse: since software is so much more complicated than manual processes (which they'll no doubt have documented as part of their quality certification or whatever), the cost to audit it will be so much more. Since data requests can legally be refused on grounds of cost, this will end up with more data requests being refused, with little or no recourse.
So, as a result, I think that the only changes that need to come about are to ensure that the same transparency standards are applied to automated processes as manual ones. This needs to happen both in terms of privacy/FoI legislation and non-legislative areas, such as ISO quality standards (which I assume is immune to Brexit).
Good job, everyone. We're making AI just as tediously racist and sexist as ourselves
Sunday 16th April 2017 18:03 GMT
other uses of the data
I've often thought that this sort of collation of data could be very useful for language learners.
There are plenty of basic things that scanning corpora like this can turn up. You can have some basic stuff like collocations that existing in the target language (eg, "take" and "bath" form a collocation in English) and distinguish that sort of association from more conceptual linkages. For example, when "president" appears, you're likely to see more vocabulary related to countries, laws, government, debates and so on, as well as particular current events or issues. More or less what the article says about "spaghetti" appearing more often with "food" than "shoe".
Besides being able to group new vocabulary and presenting related words to be learned together, in context, a computer-aided learning tool could use the data in a lot more ways, eg:
- grade vocab (and reading material) by frequency, to avoid overloading the learner
- build up a profile of what a person knows (and how well), including both vocab/grammar patterns and general knowledge (eg, "Trump" is a "president")
- automatically generate all sorts of review/comprehension questions based on the material
- be a lot more user-directed, letting them follow up areas or reading material that they're more interested in
- maybe even generate synthetic reading/teaching/testing material using events/grammar/vocab/common knowledge that exists within the corpus (eg, simple sentences stories or scenarios)
Maybe it's too much to expect a machine learning system to do all of this unsupervised, but still, you could have it at least generate different kinds of material and use crowd-sourcing to weed out errors or re-train the thing. Lots of ways to have a hybrid human/computer system.
The other big use that I've often thought about is automatic classification of documents. I've got tons of PDF files downloaded from the net, but no actual filing system for them. One simple way of clustering similar documents together is to do a frequency analysis of the words in the document and then to get rid of all the most common words from the language (like "it", "for", "and", "the", etc.). The remaining top ten words, say, should help to give a very good idea about the topic of that document. Basic statistical clustering like this should help a lot to find relevant/related documents on a given topic, but there seems to be so much more that could be done with AI/machine learning techniques.
Back to the Future 2: Gasp! America's trade watchdog discovers the risks of 'free' movies
Canonical sharpens post-Unity axe for 80-plus Ubuntu spinners
Wednesday 12th April 2017 22:59 GMT
Re: Reboot
... shouldn't be needed.
The kernel loads itself into memory at the start and then, apart from loadable modules, it doesn't need to re-load (page) itself from disk. The only thing that stops working after installing a new kernel is hibernate. That fails (in the sense of starting to hibernate, but not going through with it) because on the next reboot, a new kernel is in place and it wouldn't make sense to reload the memory image belonging to an old kernel.
Regular programs/services should also be restartable without needing a reboot. Even upgrading loadable kernel modules on the fly is fine because they are (like the kernel) just loaded once and the init system (or something like dbus) knows about dependencies and can restart affected parts of the system in the right order.
Apple wets its pants over Swatch ad tagline
Wednesday 12th April 2017 03:25 GMT
"gramatically incorrect phrase"
'tis the Register, forsooth, where thinkly different knaves do with such smacking of chops pour such scorn 'pon such frutious ventures that all most righteous and perspicacious men couldst but call them what they are: butchers!
Qualcommotion: Sueball return alleges Apple 'pay-to-play' deal
Mark Shuttleworth says some free software folk are 'deeply anti-social' and 'love to hate'
Eric S. Raymond says you probably fit one of eight tech archetypes
US govt ceases fire in legal spat with Twitter to unmask anti-Trump 'immigration official'
Microsoft's new hardware: eight x86 cores, 40 GPU cores
'Evidence of Chinese spying' uncovered on eve of Trump-Xi summit
Revealed: Blueprints to Google's AI FPU aka the Tensor Processing Unit
Thursday 6th April 2017 19:39 GMT
Re: So about par with the (soon I hope) new Parrallella chip.
Hmmm. I didn't know that Adapteva were bringing out a new model. Last time I checked on their website (around a month and a half ago?) the whole effort looked pretty moribund. While reading this article I was tempted to start messing around with my 16-core board again.
We know what you're thinking: Where the hell is all the antimatter?
Ubuntu UNITY is GNOME-MORE: 'One Linux' dream of phone, slab, desktop UI axed
Thursday 6th April 2017 01:31 GMT
ding dong, the witch is dead
Well, one of them anyway.
Hopefully people will start looking at GTK3 in general and systemd. Unity (along with Mir) and GTK3 were the main reasons I abandoned Ubuntu long ago. There's still that fucking metastasis that is systemd to extricate from the heart of Debian-based distros.
FCC Commish: Hey, don't look at me – Congress should sort out net neutrality mess
Thursday 6th April 2017 01:16 GMT
"Google dominates desktop search"
Reading that paragraph, and the following one (rebutting his point by looking at the cost of the service they offer) you completely missed out on the more salient fact: You don't have to use Google to search, whereas most people are effectively in thrall to one or two ISPs. Google represents a captive market only insofar as customers are unaware of the options available to them.
Trump sets sights on net neutrality
BOFH: The Boss, the floppy and the work 'experience'
Friday 31st March 2017 15:52 GMT
maths trick
When subtracting two numbers that are the same except for some transposed digits (say 35 vs 53), the result is always a multiple of 9. The difference between 53 and 35 is around 20, so pick the multiple of 9 that's just less than that. So 53,000 - 35,000 can be quickly calculated as 18,000 with no need to do awkward carrying or the like.
Biting the hand that feeds IT
