Re: Fast Integral Reactor.
I'm quite suprised no-one has thought of storing nuclear waste on the moon.
That didn't work out so well in 'Space 1999'.
Posts by Frumious Bandersnatch
2662 publicly visible posts • joined 8 Nov 2007
Page:
Nuclear waste spill: How a pro-organic push sparked $240m blunder
Atmel stoops to an 'all-time low' in Internet of Things battle
Wednesday 1st April 2015 13:32 GMT
Re: Transducer supply
I was thinking something similar when someone above mentioned radiators. They may be the lowest-power chips yet, but I guess we're not going to see these powered by thermopiles especially if they're an active part of a thermostat system.
The other thought that struck me was the ROTM angle. It's a little bit frightening that they now have the capability of running in "sleeper cell" mode for decades, just biding their time waiting ... waiting ...
It's the FALKLANDS SYNDROME! Fukushima MELTDOWN to cause '10,000 Chernobyls' in South Atlantic
Encryption is the REAL threat – Head Europlod
Tuesday 31st March 2015 13:54 GMT
Re: de Boise principle
I don't know this de Boise of whom you speak, but it was Cardinal Richelieu who said
If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.
Could mass surveillance possibly have any unintended consequences? Nah, surely not...
Tuesday 31st March 2015 13:28 GMT
Blame the tech companies?
What an utterly idiotic thing to say. We don't need tech companies at all to use encryption. Pretty much all the algorithms are publicly available and there are lots of free, open source implementations. Using encryption isn't hard for even beginner programmers thanks to these two points. For example, here's a really short Perl script (not mine; his) to do RSA:
#!/usr/bin/perl
# RSA Encryption example by Phil Massyn (www.massyn.net)
# July 10th 2013
use strict;
use bignum;
use Math::Prime::Util ':all';
# == key generation
my $p = random_strong_prime(256);
my $q = random_strong_prime(256);
my $n = $p * $q;
my $phi = ($p - 1) * ($q - 1);
my $e = 257; # need to figure out how to calculate it
my $x = $e ** 1;
my $d = $x->bmodinv($phi);
# == encryption
my $message = "hello world";
my $m = (join ( '', map (sprintf ("%03d",ord), split (//,$message)) )) + 1 - 1;
my $c = $m->bmodpow($e,$n);
# == decryption
my $M = $c->bmodpow($d,$n);
print join ('', map(sprintf("%s",chr), ($M =~ /\d{3}/g))) . "\n";
Complaining that the tech companies are the problem is just ass-backwards. The reason that they are implementing end-to-end encryption is that their customers (ie, us) are demanding it. One of the main reasons we are demanding it is as a direct result of the kinds of revelations (not just from Snowden) about mass surveillance. We demand the right to privacy, but if we're not being listened to, then it's our choice to use encryption and the tech companies are just responding to that.
What a tool...
(sorry about the way that < and > got messed up in the above; that's the fault of the comment entry system)
Microsoft update mayhem delays German basketball game, costs team dear
Tuesday 31st March 2015 13:17 GMT
Re: Linux
Agree on the Linux comments, but you could still probably get stuck waiting for a disk check ("this disk has gone too long without being checked"...). Probably won't take 15 minutes, especially on a laptop, but it goes to show that Linux isn't totally immune from "randomly" locking you out of the machine for several minutes at boot time.
Kind of off-topic: kexec support in Linux kernel is cool, particularly on machines with very slow BIOS startup (eg, my old Dell PowerEdge)
Smart meters are a ‘costly mistake’ that'll add BILLIONS to bills
Monday 30th March 2015 18:35 GMT
This could rapidly become "convert an edited photo of their current mechanical meter into a meaningless number" and "cost customers tens of pounds rather than hundreds".
When I read this part of the article I immediately thought of something like SecurID. Have the display present both the units-used counter and some cryptographically-generated hash or time signature (like a HMAC involving the current time, the value of the counter and the serial number of the meter). Of course, once the meter is in people's hands, you're bound to find someone who has the skill needed to hack the device (eg, to find the secret serial number) but the vast majority of people won't.
I agree with the people who suggested the smartphone app idea. Done right it would be vastly better (and more secure) than "smart" meters that need to be networked.
Without wanting to blow my own trumpet (too much), I'm sure I could knock up a proof of concept for this in an afternoon with a Raspberry Pi, a small screen and a mobile phone. Just use QR code libraries on the Pi and phone and you've got a fault-tolerant reader (QR includes error correction) that can automatically send an SMS reading to wherever. Of course, this is probably way too easy. I'd have to massively over-engineer it for the government to have any interest in it.
Belgium to the rescue as UK consumers freeze after BST blunder
Monday 30th March 2015 13:43 GMT
Re: Timestamps
in the hour where the "clocks change" as you could get either 2 or 0[*] time-crossing occurrences depending on the direction of the change
Some systems can be configured to change the time gradually (eg, if the `date` program has a -a option on some *nix systems, or using the adjtime(3) system call), but changing the apparent rate at which time changes introduces different problems. On the whole, changing it gradually probably breaks fewer assumptions that people might make in their code but I would guess that this Nest problem would still manifest either way.
Layla enjoys a Sanskrit makeover: Clapton set to become one of several Gods
Wednesday 25th March 2015 15:16 GMT
Govinda
So if this is a hit, it'll only be the second one in Sanskrit. As Wikipedia has it, the Kula Shaker version is "unique in being the only British Top Ten hit to be sung entirely in Sanskrit."
(so I guess that also means that Sanskrit isn't just a written language, to answer Identity's post above)
Noobs can pwn world's most popular BIOSes in two minutes
Telly chef Jamie Oliver in embarrassing infection double shocker
Tired of IoT hype? Internet of SLUGS and SPIDERS is the reality
Get yourself connected: GrovePi+ Starter Kit
Friday 27th February 2015 06:21 GMT
Re: argh!
they still don't even teach the fundamentals of AC theory either.
I blame that Thomas Edison chap. Electrocuting elephants? Who could stoop so low?
(probably the guys that kill them with LSD, if nobody minds me answering my own rhetorical question)
Prawn cocktail offers hot new way to make solar cells
Hoping for spy reforms? Jeb Bush, dangerously close to being the next US prez, backs the NSA
Mozilla's Flash-killer 'Shumway' appears in Firefox nightlies
Tuesday 17th February 2015 16:28 GMT
re: Scylla and Charybdis
Not a response to your post, AC, (though I agree), just a comment to say that this particular classical reference seems to be cropping up in the register quite a lot recently. Or maybe I've just got a case of Baader-Meinhof syndrome...
site:forums.theregister.co.uk scylla charybdis (151 hits)
M0n0wall comes tumbling down as dev throws in the trowel
They've finally solved it: Schrödinger's cat is both ALIVE AND DEAD
Who's come to fix your broadband? It may be a Fed in disguise. Without a search warrant
Japan's death threat hacker collared ... BY A CAT
Thursday 5th February 2015 17:20 GMT
Re: COPS! In the US, the beat you to death. In the Japan, you must confess.
Standard operating procedure over there, I hear.
I don't know why you're getting downvotes, as what you say does seem to be accurate. From the Wikipedia page on the Japanese Criminal Justice system:
Confession in Japanese criminal investigationMany Western human rights organizations alleged that the high conviction rate is due to rampant use of conviction solely based on confession. Confessions are often obtained after long periods of questioning by police as those arrested may be held for up to 23 days. This can, at times, take weeks during which time the suspect is in detention and can be prevented from contacting a lawyer or family.[3]
And here's a link to a BBC article on the same topic that also suggests reasons why people confess.
These were the two top links when I searched for "japanese police confessions", btw, not just links I cherry-picked to support the argument.
Win! The Ultimate Cash 'n' Carrion Survival Kit
Toshiba packs NUMERIC KEYPAD onto self-bricking USB drive
Thursday 5th February 2015 04:04 GMT
Thanks, but ...
I think I'll stick to embedding powerful electromagnets in my door jamb, Cryptonomicon style...
(What do you mean magnets don't work on flash memory? OK, it probably won't work on regular drives either)
Smartphones merge into homogeneous mass as 'flagship fatigue' bites
Sunday 1st February 2015 15:57 GMT
Re: Flag-sized
with advanced hyperbolic LTE and phase array GPS that works on Titan and other small moons
As everyone knows, you should always save hyperbole until you really need it. In this case, I approve, though I suspect that the natural evolution you are looking for is bigger hands/pockets rather than "man purses".
Ugly, incomplete, buggy: Windows 10 faces a sprint to the finish
BOO! Grave remote-code exec flaw in GNU C Library TERRIFIES Linux
Thailand: 'The nail that sticks up gets hammered down'
Sunday 25th January 2015 20:06 GMT
Re: It is
出る杭、not 出る釘。
Maybe they're both right? I just looked up the expression in Jim Breem's dictionary and I got kugi/nail (or spike), whereas Wikipedia's list of Japanese proverbs lists kui/stake. Might be an issue of the phrase "doing the rounds" (going out of one language and then being brought back in in a slightly different form). The different versions might be due to mishearing, perhaps (an example of an "egg-corn", maybe?)? I can imagine "kugi" sounding quite a lot like "kui". The hard "g" sound might not be very distinct with some speakers, with only a slight glottal or nasal sound to distinguish it? Anyway, I don't really know because I very rarely heard the expression in Japan and I don't remember whether it was kui or kugi, to be honest.
Hollywood vs hackers: Vulture cracks Tinseltown keyboard cornballs
Thursday 15th January 2015 15:43 GMT
Re: Magic USB sticks
Actually, the "magic USB stick" might be (unintentionally) more plausible than you give it credit for.
ISTR that there was a bug in the PlayStation 3's USB device driver that allowed a "malicious" USB device to overflow a buffer and execute arbitrary code, thus owning the machine. Lately, there's also been a similar hack for OS X, though it requires rebooting the machine with the hacked device plugged in. It's pretty easy these days to find small machines with a USB OTG port that can be programmed to act as any USB device to test for bugs on the target machine's USB device handling and if you find an exploit, you can probably find an even smaller (ie, thumb-drive sized) machine to deploy the hack on.
Of course, I did say that films including this plot device were only "unintentionally" plausible. Then they go and ruin it by "downloading" many terabytes of data onto a device that can't possibly hold that much data. Or any time that a sysadmin plugs an unknown device into their PC/laptop, when really they should know better (didn't the top boffin do that in Skyfall, too? Facepalm!).
Microsoft cracks personalisation without prying
FBI fingering Norks for Sony hack: The TRUTH – by the NSA's spyboss
Ukraine PM: Hacktivists? C'mon! Russian spies attacked Gov.DE
What an ACE-HOLE! This super-software will whip you at poker, hands down
Friday 9th January 2015 15:06 GMT
Re: So What?
think they may have called it the gambler's fallacy?
Doubling down on a loser is called a martingale (strategy). In probability, the word has various specific meanings, but the term used does derive from the earlier meaning in gambling.
Actually, with infinite resources (and no limit on the bet), doubling down on loser always wins eventually.
Saudi Arabia to flog man 1,000 times for insulting religion on Facebook
Want to have your server pwned? Easy: Run PHP
Thursday 1st January 2015 19:36 GMT
Re: And the alternative is ?
Doesn't your argument give weight to the fact that what you just described is actually what most people want from a language? For me, that would be the definition of good.
LOL. Yes, kind of. I guess it is a good language overall, but it's not a patch on Perl, IMO. I just find PHP to be too verbose and boring to actually like it. I think that the original context was about being good for security, among other things, and as I said, Perl's -w and -T checks put it head and shoulders above the competition.
Mind you, maybe I'm a bit perverse in my (programming) tastes. I love constructs like Duff's Device and the Schwartzian Transform and have been known to use them when appropriate.
Thursday 1st January 2015 17:22 GMT
Re: And the alternative is ?
PHP is popular because it is good.
Nah, I don't think that it's because it's good, but because (IMO) it's relatively easy to write code in, has good documentation, the feature set is well-suited to the task of web programming and its syntax is easy for people to get to grips with (somewhat like Basic or Pascal). It also seems to be be the sort of language that appeals to managers in that the code is fairly easy to understand and maintain so you can treat programmers as a fungible resource.
The security problems tend to be more with the server than the code itself (at least historically), but as with any web programming language, developers still need to be aware of the basics of writing secure code in the first place. So no insecure "eval" statements or calls to external programs, always assume that user-supplied data is hostile and always use prepare/execute instead of naked SQL queries. I'm sure that there are other common security pitfalls, but I'd guess that the majority of them stem from those three points.
As for me, I much prefer Perl. I dislike the verbosity of PHP, but the main reason that I think that Perl is better is down to the -w and -T options. Perl is much better at helping you understand the unintended consequences or potential bugs in your code. Taint checking in particular makes it very hard for you to write insecure code, since it won't even let you run the thing if it detects that you're not sanitising your inputs correctly.
I've never used IIS or ActiveX, so I can't comment. I don't think that Java or Flash are even real competitors due to (a) needing browser plugins and (b) those plugins having a terrible history of insecurity.
30 years ago today, the first commercial UK 'mobile' phone call was made
Thursday 1st January 2015 17:36 GMT
Kenny Everett did a sketch, istr
He was mocking the size of these things years before Mr. Jolly.
I can't find a link, but ISTR it started off with a yuppie either buying or showing off his new mobile/satellite phone and going on about how small it was. It was actually pretty small, but then the reveal comes and we see that he has to lug around a small cart with either a huge battery or huge antenna.
Mind you, those shows were about 3-4 years before the 1985 date in the article, so maybe I'm misremembering...
German minister fingered as hacker 'steals' her thumbprint from a PHOTO
Tor de farce: NSA fails to decrypt anonymised network
Tuesday 30th December 2014 04:33 GMT
Re: Timing...
all this will do is slow down the network
Yes and no. If you delay packets by a random amount, then yes, the network slows down. If, on the other hand, you replace a FIFO scheduler with one that merely randomises the queue order, then throughput is maintained*. Slowing down the end-to-end routing of packets through the network like this will impact the users, though the network throughput is unaffected.
* a simple example scheme which has a 1/2 chance of delaying the head packet in the queue if it's the first time it's been seen, and a decreasing sequence of probabilities 1/4, 1/8, 1/16, etc. each subsequent time it's due to be sent will mean packets may wait in the queue indefinitely (with infinitesimal probability), but on average will take 2x as long to get through it (sum of infinite series 1 + 1/2 + 1/4 + ...), not taking the probability of the replacement packet being sent into account...
Hipsters ahoy! Top Ten BOARD games for festive family fun
Why the chemistry between Hollywood, physics and maths is so hot right now
Saturday 20th December 2014 16:43 GMT
needs moar science?
Film makers and script writers (especially in Hollywood) mostly seem to have no idea at all about the science behind the films they're making. Sometimes, though very rarely, I do see something where they get the science mostly right. I can only really think of three films that stand out because the science part is believable and actually adds to the enjoyment...
Proof (2005). OK, more about maths than science, but the premise is totally believable as is how they figure out who wrote the proof in the end. Also, the rant about jojoba oil and how hair is dead raised a chuckle.
The Arrival (1996). Charlie Sheen plays a SETI action hero in this alien invasion conspiracy film. Best science bit is where he builds a telescope array out of "borrowed" TV satellite dishes. Just when you're thinking it can't work because they're pointing the wrong way, you see him taking control and steering them all. Hooray for making radio interferometry a plot device.
Primer (2004). All the science and engineering talk is slightly gobbledegook, but at least it has the ring of authenticity about it. As for the actual time travel, it gets my thumbs up because apparently the only slightly possible way we might have of making it work is to go back to the time and place where we built or turned on the first time travel device (but we can't go back any further). There was one glaring mistake, but I can let it slide because the film worked as a whole. The error was when they were removing the two 12v batteries. Going from 24v and removing one 12v battery gives 0v, not 12v, because the batteries were in series. Schoolboy error!
Honourable mentions:
Virtual Nightmare (2000). A made-for-TV virtual reality film. In most such films, the VR is just a convenient McGuffin or excuse to indulge in special effects (eg, Matrix, Lawnmower Man). Watching this has aspects of an Asimov or PKD short story, along with reminders of They Live, Stepford Wives among others. Thumbs up because the rationale for the virtual world pretty much works, unlike, say, the Matrix's terrible "humans as batteries" premise. I just happened to see this on TV one day, and I think that it deserves to be better known.
Limitless (2011). Like the previous one, this is more sci-fi than real science. I'll even let it off for oft-repeated lie that "we only use x percent of our brain". Gets a mention because I like the kind of sci-fi where the advanced technology has clear downsides and isn't just a panacea (eg, like in most of Star Trek).
Pi (1998). Again, more sci-fi (and maybe supernatural) than science, but I'm giving it a mention due to the fact that the protagonist is at least trying to follow scientific methods. Not sure whether the auto-trepanation at the end is more phrenology than neuro-science, but it's satisfyingly in keeping with the science vs mysticism debate running through the rest of the film.
I know that film-making has a large dose of make-believe (even biographical stuff or things "based on real events"). It's part of the implied contract when we sit down to watch something. Based on the above (maybe—feel free to disagree) I think that it is possible to tell a good story and not offend the critical, scientific mind too much. There's probably won't be that much food for thought in this film, but maybe enough that it'll be worth watching as a historical/science-based flick rather than a straight romance/drama. It's worth remembering what Hawking himself said about A Brief History of Time, that (paraphrasing) each formula included would halve the readership. He ended up with no formulas at all (<pedant>apart from that one</pedant>), so we probably shouldn't expect that much hard science from the film either.
Kepler's STILL GOT IT! Space telescope spots SUPER-EARTH 180 light years away
Sony Pictures hack is Hollywood's 'Snowden moment' say infosec bods
V. R. R. Stob's magnificent saga A Game Of Dog-and-Bones
Untangling .NET Core: Open source for Windows, Mac, Linux
Nork-ribbing flick The Interview AXED: Sony caves under hack terror 'menace'
30,000 people buy a box of BOVINE EXCREMENT
Wednesday 17th December 2014 15:52 GMT
Re: "...and maybe some beach-front property in Switzerland."
There are beaches in Switzerland.
This is a big part of the reason I read el Reg. Its commenters are quite nicely aligned to where I live on the pedant-curmudgeon spectrum.
Biting the hand that feeds IT
