* Posts by John H Woods

3577 publicly visible posts • joined 14 Nov 2007

UK to stop children looking at online porn. How?

John H Woods Silver badge

Re: Stupid or lying?

"You don't get to be in the top 0.1% by being stupid."

I'm afraid a certain number of things: private schooling (and the old-school tie links), nepotism, cronyism, parental wealth (and the consequent ability to do N years of unpaid internships amongst other things) mean that really it very much is possible to get into the top 0.1% whilst being stupid even if not because of it.

Furthermore, characteristics such as charisma (especially media-facing), (apparent) sincerity, ability to form soundbites, knack of detecting the source of power and willingness to suck up to it are all very much more important in this line of work than intellectual horsepower. It seems to me that what you actually need to be (and to do) to become a UK MP almost tends to preclude the kind of people who would contribute most as our representatives and legislators.

John H Woods Silver badge

Re: Wanna stop kids looking at porn?

" ... the fictional rubbish that makes up porn fantasies." --- msknight,

Yeah, have you ever tried getting a washing machine repair man round within five minutes of phoning?

(yes I know it's an old one ...)

John H Woods Silver badge

What's the point of blocking porn...

... when many of the parents clamouring for it allow their primary schoolers to play 18 certificate games?

Ofcom must tackle 'monopolistic' provider BT, says shadow digital minister Chi Onwurah

John H Woods Silver badge

Re: Competition is great...

"Virgin reach most UK homes with their network." -- AC

Well I think it's only just over half, so 'most' might be technically accurate but it's a bit misleading.

The Nano-NAS market is now a femto-flop being eaten by the cloud

John H Woods Silver badge

Re: Agreed on all counts

Pascal, I agree with all this but I think RAID5 is a very, very bad idea at these disk sizes. If one of your drives failes, a single Unrecoverable Read Error on one of the other three drives is going to kill your array. If you are using WD 3TB Reds, with a URE probability of 1e-14, and one drive fails, the chance you can rebuild your array is less than evens [1].

Add to that your rebuild time (days, I should think), you have a significant possibility of a second disk failure (especially if you haven't sourced your disks from different batches).

In my opinion you'd be much better off using RAID10 [2] and getting 6TB. You've lost 33% of your capacity but really increased your data safety. Although of course, RAID <> Backup :-)

[1] Chance of success, simplifying somewhat, is no better than the chance of reading each bit successfully (1-prob(URE)) raised to the power of the number of bits 8 x number of disks x capacity of disks; i.e. (1-1e14)^(8*3*3e12)= 48.7%

[2] Although I'd be tempted to use RAIDZ2 rather than a HW RAID10

Coding is more important than Shakespeare, says VC living in self-contained universe

John H Woods Silver badge

Re: Tell me

"Tell me ... why learning Shakespeare is so important?"

You aren't -- or at least shouldn't be -- taught Shakespeare to enhance your writing style, even though it may help. And perhaps it may not help you, but perhaps there's an author you admire who would say it helped them?

Anyway, the reason it's still around is that enough people think it's great. Same reason people still watch Casablanca; enjoy box sets of Blackadder; listen to the Beatles; play retro video games; read Dickens; etc. etc. You get taught it in school -- or at least should be -- to get an opportunity to see if you, too, might enjoy it. Unfortunately the way it is taught sometimes adversely influences that.

We should also remember that the Arts make serious money in the UK, so even if you only measure utility through monetization (I don't) there is still value to be had.

John H Woods Silver badge

"I replied to an article entitled "Coding is more important than Shakespeare", stating that I prefer coding." -- Bahboh

I agree that those are the first words of the title, but its meaning is altered by including the phrase after the comma (just like this sentence).

You stated: "My own creativity is expressed not through writing plays, but through writing code to make programs." That's absolutely fab, I'm glad for you and completely understand where you're coming from. In fact, I doubt anybody here would criticise you for that. But, more pertinently, the article does not imply such criticism, so your response to it is at best irrelevant (like saying says "I'm a vegan" when someone asks if there's a doctor in the house) and at worst a misinterpretation of the argument it contains. That, in your original comment, confirmed by your misquotation of the title in this one, is the reason I question your comprehension.

Then you say "I am surprised that the Register does not think that is a valid use of my time." Now where do you get that from? Even if you agree with VK that all literature lessons should be replaced with coding lessons, you cannot sensibly claim that people who reject this premise must think that coding is not a valid use of anybody's time. This is why I impugn your grasp of logic.

John H Woods Silver badge

Re: Shakespeare? who is he anyway?

"The difference is, of course, that not knowing the things that you mention doesn't imply ignorance, whereas a lack of appreciation of the wonders of Shakespeare's language apparently does." -- Bloodbeastterror

It tells me that either you haven't had the opportunity to enjoy Shakespeare, or you have, and have decided you don't like it. Neither of these would lead me to conclude you are an ignoramus. But let me try something on you [I've changed the line breaks so it's more obvious how it reads]:

The quality of mercy is not strained;

It droppeth as the gentle rain from heaven upon the place beneath.

It is twice blest; it blesseth him that gives and him that takes

This means that mercy cannot be compelled: it has to be freely given and, when it is, it benefits both the recipient and the originator (it's actually a plea for a character to show mercy whilst understanding that the same cannot be demanded). The first line, however, could also be used to attack an apparently generous decision that was actually not a free choice: a shopkeeper acting as if they are doing you a favour by exchanging a faulty item, or whatever.

Now your response:

a) I understand it now, but I still don't like the archaic language, this isn't for me.

b) cool, I didn't realise Shakespeare was so great / relevant / beautifully written!

c) actually I disagree that's what it means, doesn't it mean ... ?

d) I still think it's overrated, and probably not so relevant to modern society.

e) who gives a shit? Nobody should learn this crap, they should concentrate on $SUBJECT because that stuff matters and this doesn't!

Only one of these answers would lead me to the view that the respondent was an ignoramus.

John H Woods Silver badge

Re: Shakespeare? who is he anyway?

"If even 5% of El Reg readership, or even the general public, could name the play from which these now-everyday quotes are taken I'll eat my hat." --- BloodBeastTerror

I think you might be underestimating the commentardariat. The plays are not incomprehensible - watch Baz Lurman's film "Shakespeares Romeo and Juliet" and tell me you don't understand it. Sure some people use their knowledge of Shakespeare to show off, but that doesn't mean that others don't enjoy it.

The real flaw in your premise is that it doesn't imply any valid conclusions. 95% of the El Reg readership, or the general public, couldn't name all the bones in a horse; all the particles in the Symmetric Theory; all the storage array technologies; the artists of the Precisionist school; the key mineral bearing ores; the human oncogenes responsible for most cancers; etc. etc. Does it mean that nobody should know this stuff? If we consider useful knowledge to be restricted to that which 95% of people know, eventually nobody would know anything (although civilisation would have ceased long before that point).

John H Woods Silver badge

"My own creativity is expressed not through writing plays, but through writing code to make programs ... I am surprised that the Register does not think that is a valid use of my time." -- Bahboh

If that's indicative of your grasp of (a) comprehension and (b) logic, I hope I never have to come across any of your code.

National Pupil Database engorged to 20 million individual kids' records

John H Woods Silver badge

Re: Remove names

"A full postcode is far too much information" -- Tromos

Correct: it applies to, IIRC, an absolute maximum of 70 letter boxes. [Edit, maybe 80. But still not very many when you have other identifiers to narrow it down].

Hold the miniature presses: Playmobil movie is go

John H Woods Silver badge
Joke

Re: @Simon Harris - Lego movie and lego batman, star wars etc

"But will it be 187.5% better?" -- Graham Marsden

No. It will be 87.5% better, or 187.5% as good as the original. But I'm wondering if this is a rather one-dimensional approach to comparing the two?

Don't mention the F word: Adobe releases Animate CC

John H Woods Silver badge

Re: Bah!

Ali Um Bongo: "Up to two thirds" and "under two thirds" are functionally equivalent... to them wot can actually do English

Mathematically yes. But they can carry a suggested value judgement; for instance, generally speaking, people will use "up to two-thirds" when the ideal would be greater and "under two thirds" when the ideal would be lower.

Ex-TalkTalker TalkTalks: Records portal had shared password. It was 4 years old

John H Woods Silver badge

Re: Not just Talk Talk

^^THIS

Unfortunately the banks, utilities etc. and everybody who is always nagging customers to "be safe" have been the principle agents in softening up people to the point they'll answer all manner of personal questions on the phone. I never [1] take such calls.

[1] I'd be prepared to take a call from an entity that could prove it's identity, and we all know that it is technically possible, but I have yet to come across one that actually can.

We're going to use your toothbrush to snoop on you, says US spy boss

John H Woods Silver badge

Ahem...

... shouldn't the NSA be operating to tighten the security of these things to protect US consumers?

Security? We haven't heard of it, says hacker magnet VTech

John H Woods Silver badge

IANAL(BIPOOTI) and I think it is extremely unlikely that there is any country on earth which allows contractual terms to overrule its national legislation. Certainly in the UK it is absolutely the case that it really doesn't matter what companies put in their contracts, if it contradicts the law, it's dead in the water. Restocking fee? No. Must be returned in original packaging? No. etc.

Don't Fedex your tapes, people! We're so fast it's SANdulous – WANrockIT

John H Woods Silver badge

@SolidSquid

In that case, rust is only about 8TB/Kg, compared to about 30TB/kg for SSDs.

100 tonnes of Samsung 850EVO 2TB SSDs at 66g is 3EB which I rounded [1] to 2EB; 100 tonnes of WD Red 6TBs at 753g is only 0.8 EB

[1] We probably need packing overhead but, in any case, when I'm guestimating I like to go for what I call 'currency logs' in other words, chose a 1, 2 or 5 then a number of 0s. I find this is a good compromise between the intuitiveness of 'order of magnitude' and the difficulty of, in situations like this, getting enough precision for even 1 significant figure (although I've never really been sure whether the choice for first digit should include '8').

John H Woods Silver badge

"How does it compare with FTPing a tape image? Or even the classic "747 full of DVDs (or Bluerays)"

The bandwidth of a 747 full of media is well in excess of 10TB/s [1] so the raw transmission time for 1GB is less than a millisecond. A motorcycle courier can manage 1GB/s (i.e. 10Gb/s) London to Edinburgh.

Ping time is several hours though!

I cannot remember a time in the past (nor envisage one in the future) when any networks had a higher bandwidth than the movement of contemporary physical media.

[1] A 747 can carry 100 tonnes of cargo (I think), a 2TB SSD weighs less than 100g including appropriate packaging, meaning that is 2 Exabytes per Jumbo, say 8 hours for a LON->NYC flight time and 2 more hours handling time, around 50TB/s unless my maths is letting me down.

Government hails superfast broadband deal for new homes

John H Woods Silver badge

What is "superfast" broadband? Does it just mean > 12Mb/s of ADSL on POTS?

I'd say 2(N+1) Mb/s, where N is the number of bedrooms in a property, should be the absolute minimum.

Forget Tiger Woods – here's Cyber Woods: Robot golfer hits hole-in-one during tournament

John H Woods Silver badge

Re: Robotic golfers

"Can this be weaponized & used in the war against [whatever]?" --- allthecoolshortnamesweretaken

Isn't that the robotic cricketers ... ?

* nod to the memory of the genial genius who brought so much pleasure to so many of our lives

Brit spies want rights to wiretap and snoop on US companies' servers

John H Woods Silver badge

Robust Protections?

Do they really mean the possibility that Theresa May will say, oh, no I don't think that's justified in this instance? Because if so, maybe they'd like to buy another bridge ...

Cisco's purple princesses gush workplace joy

John H Woods Silver badge

Re: meanwhile, at my place of work...

never mind grey, mine went away!

Who wants a quad-core 4.2GHz, 64GB, 5TB SSD RAID 10 … laptop?

John H Woods Silver badge

Re: RAID 10 ? Why not RAID 5 then?

Because nobody in their right mind uses RAID5. It went over the usability horizon about the time that disk capacities started exceeding 100GB and their costs came down. *dons downvote armour*

[Edit: seriously guys, get 2 diskfulls from 4 in RAID10, or 3 from 4 in RAID5? Is 50% more capacity really worth risking needing a full rebuild when you hit an Unrecoverable Read Error? During which another URE would kill you? When UREs are have a probability of 1e-13 --- wasn't so much a problem when disks were small, but that's 1 error per 10TB]

Universal Credit slammed by MPs: Late programme branded 'unacceptable'

John H Woods Silver badge

Squaring the circle

They are trying to formalise a logically inconsistent ever worsening complex mess. They should have spent the time and money on rationalising the taxation and benefit system, not trying to build a system to automate the impossible.

Random ideas sought to improve cryptography

John H Woods Silver badge

Re: Reliable way to check the output

Compression before encryption is good practice to remove excess (entropy lowering) redundancy. But although lempel-ziv compressibility is a good test for high levels of redundancy, the lack of the same is a necessary but not (nearly) sufficient property to judge the input as random.

John H Woods Silver badge

Re: Way back when

It wouldn't take long to find a sequence of digits of Pi... Google Bayer Moore algorithm. In fact if you can get any chunk of a one time pad with moderate entropy it's not that hard to search a large canon of alphanumeric sequences. Google "no very favourable idea of the age" and you'll find Austen's Northanger Abbey in no time.

John H Woods Silver badge

"Can you guarantee your mirrors are 100% non-bias?" -- TechnicalBen

Sorry to harp on, but this doesn't matter because you can debiass it (see my earlier post). What would matter is if the mirror had a memory. But then on the the upside you would probably win a Nobel Prize.

John H Woods Silver badge

Re: Willing to sell

"Then the spooks start firing fast neutrons at your house, to adjust the bias in your random noise generator." -- AC

LOL but (and this is relevant to some other side-channel attacks) if you use the Von Neumann de-biassing method above, all they can do is slow down your RNG. Bombarding you with neutrons might actually improve the quality of the output, but I guess slowing it down (and hastening your personal End-of-Life) might be an approach if they get desperate!

John H Woods Silver badge

Re: Verification not generation

2nd line of article, my emphasis:

"The recommendation NIST's put up for discussion covers the design principles and requirements for random bit generators, and tests to validate entropy sources."

Gideon 1, my emphasis

""Verification not generation ... It's interesting how many Commentards didn't understand the article."

Errm, yes?

On a more serious note, given the difficulties in verifiability (not just doing it, but doing it in a way that is widely understood), I think verifiable generation (quantum & other physical methods proposed above by commentards including myself "who didn't understand the article") would be a better approach than new methods for verification. Given that there are any number of deterministic sequences (e.g. digits of pi, mentioned above) that satisfy all existing tests for randomness and (as far as my limited mathematical understanding goes) are likely to continue to do so, verifiable generation seems to me a much more promising area than verification of deterministic generators.

John H Woods Silver badge

"For the past year, I've been running tests on a couple random number generators. I grab a random 32-bit integer form it, each number is plotted on a 65,536 x 65,536 bitmap. Each time a number comes up, its pixel's color is bumped up by one. Every so often, the bitmap gets saved to an external storage array so that the image can be viewed from another machine, any number that is favored by the RNG will show up as a different color in the resulting image." -- Crazy Operations Guy

It's a good first attempt at RNG visualization but I'm afraid it is rather flawed: a quick example will show why: what if you replaced your RNG with a counter? It is lack of correlation between one bit and the next (more exactly that any given bit in no way depends on any of the previous history) that is the crucial thing rather than a completely even coverage (as explained in my earlier post you can extract a smaller number of perfectly distributed random bits from an imperfectly distributed random source as long as each bit is independent.

John H Woods Silver badge

Re: Silicon solution

This sounds right to me --- the sort of device that you can plug into a USB port to read, but made from simple components (capacitors, resistors, transistors) that you can verify (or assemble yourself). I've seen some circuit diagrams but we really need something very simple indeed. People add complexity to circuits by adding clever stuff to ensure random weighting* but this seems unnecessary and adds the kind of circuitry that could disguise randomness-subverting badness.

Maybe what we need is something physical that we can verify by eye -- like a lotto ball machine. We just need something that can generate numbers much faster. Perhaps a shaker full of tiny particles, read by a CCD?

* if you have a random bit stream which is suitable in every respect other than weighting (ratio of 1s and 0s) you can create a perfectly weighted stream from it by sampling non-overlapping pairs. I think it was Von Neumann who invented this - you read bits pairwise, discarding all pairs where the bits are equal. You convert the remaining pairs into 1s and 0s using the code 01->0; 10->1 (or vice versa) and bingo, you have a bit stream balanced perfectly 50:50 into 1s and 0s. This is because if the bits are independent then the probabilities of 01 and 10 are equal, whatever the probabilities of 0 and 1 (and hence 00 and 11, which have unknown probabilities, are discarded).

'International tax' needs reform. Google's chicken bill makes me chuckle – comms guy

John H Woods Silver badge

Barron insisted that the £130m arrangement for Google to pay its back taxes between 2005-2014 was not a sweetheart deal. He said: “Identifying what the economic activity is, what the added value in the UK is, is a difficult business and that is what we have been working out with HMRC over the years and all the discussion about [a] so-called permanent establishment.”

Are Google and/or HMRC are prepared to show the steps and figures in this "working out" because if not it's easier to believe that it is is a sweetheart deal.

UK taxpayers should foot £2bn or more to adopt Snoopers' Charter, says Inquiry

John H Woods Silver badge

if they collect every ICR ...

... a foreign power or bad actor can effectively run a DDoS on that system by infecting British network devices and either (a) vastly increasing their ICR production rate (a few orders of magnitude wouldn't be too hard); and/or (b) creating ICRs that will raise red flags (e.g. to known suspect sites).

Loons in balloons: Google asks FCC to approve Net plan

John H Woods Silver badge

Re: In my area

"They start off at ground level, or didn't you realise that?" --- Pompous Git

If they climb like normal weather balloons, at about 5m/s, they'll be out of range of all but the sniper sights of sober sharpshooters within a few minutes. As we are talking about a 100 day lifespan, they'll be spending (coming down as well as up) well under 0.0001% of their lifespan within projectile range. Even less if they are launched at night, without notice, from an area with a reasonable perimeter.

So, yes, I did realise they start off at ground level but they are hardly more vulnerable to drunken shooters than if they were launched out of planes or magically spawned in mid-air.

John H Woods Silver badge

Re: In my area

"This would probably be viewed as aerial target practice by some inebriated locals." -- NotBob

... I think even with the steadiest hand going you'd be unlikely to hit one with anything other than a SAM

UK Home Sec's defence of bulk spying: We 'found' a paedo (we already knew about)

John H Woods Silver badge

Re: So with *all * that time to prepare and the whole of the Home Office to help her out.

"There is another sort of proverb that says "Wer glaubt, daß Abteilungsleiter Abteilungen leiten, der glaubt auch, daß Zitronenfalter Zitronen falten", but so far I couldn't come up with a translation that really works. Sorry. Anyone who wants to give it a try?" --- allthecoolshortnamesweretaken

How about ...

"Expecting the brains of the Department (company, division, group) to be in the Head of the same is like expecting to find pants in the pantry"

John H Woods Silver badge

"Theresa May isn't stupid, far from it she's a shrewd political operator..." -- Adam 52

Well; most politicians, however 'shrewd', are certainly not all that far from stupid. Success as a politician, regretfully, relies on some other qualities rather more than intelligence. To some extent, possessing it, let alone demonstrating it, is often regarded as a bit of a disadvantage.

Facebook tells Belgian government its use of English invalidates privacy case

John H Woods Silver badge

Re: English?

@TRT that is genius. I look forward to telling someone their argument is hemidemibiscuit. And @ElReg can we have a quarter biscuit icon to indicate the same?

'Printer Ready'. Er… you actually want to print? What, right now?

John H Woods Silver badge

Re: Printers are evil.

"Cant give exact folder names as i am currently sat on toilet" --- psychonaut

Am I the only one who thinks it's inconceivable that someone who knew all the foregoing could not RDP to his machine from the throne?

John H Woods Silver badge

Re: I can point you to some code

Emacs and LaTeX. Everything else sucks - often not just to use, but in terms of the ugliness of its output. It's only been the last few years of a what, two decade?, life that MS Word has been able to produce documents that aren't almost immediately identifiable as the ill-formatted output of the same.

US rapper slams Earth is Round conspiracy in Twitter marathon

John H Woods Silver badge

Re: The thing to do with these kooks

"Why are such ideas so attractive to certain individuals" -- Jonathan Richards 1

Best answer I've seen (on FB recently) was that "conspiracy theories help dumb people feel they are smart"

Cops hate encryption but the NSA loves it when you use PGP

John H Woods Silver badge

Re: An old but solved problem

"Is there not a program which conceals the encrypted message within a jpg or other image file?" -- Donchik.

Yes, there are several --- search "Steganography." More to the point, if you conceal it within an original creation of your own (i.e. there's no way to compare the picture to an 'original version' out on the web) you can post it publicly on Facebook, Tumblr or any number of well known places and, providing you have enough friends/watchers then they cannot even see to whom it is addressed.

Axe to fall on staff at IBM's Global Technology Services 'this Friday'

John H Woods Silver badge

Re: Stock manipulating by the execs again

If you're senior enough to be able to order redundancies, and you have stock in the company itself, isn't that almost insider trading? It's certainly a conflict of interest of some kind.

Show us the code! You should be able to peek inside the gadgets you buy – FTC commish

John H Woods Silver badge

I'm not sure I can understand the engineering diagrams of my car ...

... but I know if it is found to suffer from a serious safety design flaw I am, to a greater or lesser extent, protected (viz. large numbers of recalls we have seen).

The problem with a closed source device such as a router, with a massive security hole in it, is that it seems to to fall between two stools: there's very little the user can do check that it is safe, or keep it so, and I'm not aware of anyone who has tried to enforce supplier or manufacturer liability. Not even in the UK, where I'm guessing the Sale of Goods Act should allow you to at least return the device to the retailer.

Perhaps the information required to manage such a device oneself (firmware unlock keys, source code, etc.) should be placed in escrow with consumer organisations so that it can be released if the manufacturer goes under (or just stops supplying updates). But I still think that the detection of certain malfeatures, such as a hardcoded backdoor, should be a matter of manufacturer liability.

Sainsbury's Bank web pages stuck on crappy 20th century crypto

John H Woods Silver badge

Re: Prosecution required.

"Negligence = duty + b[r]each + damage. Someone can sue as soon as they suffer damage" -- ThomH

Sure, that's what's required to prosecute the guys who fsck'd up the crypto ... but making the statement isn't negligent, it's dishonest. IANAL but surely there's another offence which covers making false claims about financial services? Doesn't seem to me that it would be acceptable to imply that your customers were adequately protected when they were not. Any actual lawyers got a view on this?

John H Woods Silver badge

Re: Model M

I'll pay the postage if you send it to me!

John H Woods Silver badge

Prosecution required.

Someone, hopefully multiple someones including the budget holders, should face internal disciplinary action for the bad state of crypto. However, the person who made this statement "Customers visiting the Sainsbury’s Bank website can rest assured that they are protected at all times by multiple layers of online security" should be prosecuted; the statement is simply false, and they have hoped to have worded it in such a manner as to attempt to escape being caught in an outright lie. But the purpose of the statement, in the context of the established facts, is to deceive. And the purpose of that deception, at this moment in time, is to falsely reassure customers that their financial details are adequately protected.

If Sainsbury's or their PR department fancy suing me for libel, I'm happy to provide my details, and I look forward to hearing from them.

Five technologies you shouldn't bother looking out for in 2016

John H Woods Silver badge

Re: Year of Linux?

"Well then, where are all the games? No serious gamer would use a Linux desktop" -- Charles 9

No serious gamer would use a machine from PC world costing a few hundred quid either --- they're likely to be spending that (at least) on their graphics card(s). If that's out of your budget and you're still a serious gamer you are looking at self-build or buying from a specialist. Whilst I agree (and personally regret) that it's almost Windows or bust for headline games, these are not the kind of users that are being discussed here.

Apple backs down from barring widow her dead husband's passwords

John H Woods Silver badge

"Half the key"

is a figure of speech, hopefully. There's a lot of flexibility here: you can "split a key" into n pieces and require m of them for decryption, without any loss of security. So you could, for instance, create 10 keys and distribute them round your family, but only require 4 of them to unlock your stuff.