nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by Paul Crawford

3848 posts • joined 15 Mar 2007

Peak tech! Bacon vending machine signals apex of human invention

Paul Crawford
Silver badge

Re: The best bacon

I agree almost 100% - but would go with smoked every time.

4
0

And the next 7nm laptop processor will be designed by In, er, AM, um, Qualcomm: The 64-bit Arm Snapdragon 8CX

Paul Crawford
Silver badge
Gimp

CX

Or the iconic Citroen of the mid 1970s?

I prefer the Citroen SM myself =>

3
1

It's nearly 2019, and your network can get pwned through an oscilloscope

Paul Crawford
Silver badge

Re: FFS

Really, if you have someone on the inside of your network then messing with a scope is not going to be the most productive way of causing chaos, not by a long chalk.

9
0
Paul Crawford
Silver badge

Re: Bigger problems here?

Lets face it, your development lab should be pretty much fire-walled off (or even air-gapped) from the rest of the world anyway as you have no idea what will be on it. Not necessarily malicious, but while developing products and messing about there is a very high chance of dumb shit happening and you don't want that leaking (or even as simple as IP address conflicts).

19
0

Sorry, we haven't ACLU what happened in sealed 'Facebook decryption' case, but let's find out

Paul Crawford
Silver badge

Re: @tfb Gendered Connectors

Earth pins (in the socket) are just weird--anyone care to hypothesise (or explain) why they were invented?

No idea, but two thoughts are:

1) It was an after-thought added to an existing design when folk realised how much safer earthed systems are.

2) It prevented the mating of a non-earthed plug to force upgrading to match the infrastructure (where as a 3rd hole would not).

3
0
Paul Crawford
Silver badge

Re: gender benders

Can't just swap pins for holes without changing the wiring

You can on a coaxial connector.

1
0

Forget DeepFakes. This robo-Rembrandt with AI for brains is not bad at knocking off paintings

Paul Crawford
Silver badge

Re: robo-Rembrant [sic]

And you would not believe what Hieronymus Bosch will do to your ass. Getting medieval is only the start...

6
1

Tape vendors feel the cold, clammy hand of AWS on their shoulders. Behind them grins the Glacier Deep Archive

Paul Crawford
Silver badge

Re: Retrieval time

And said time also depends on your bandwidth and the volume of data to be restored. Unless you are just re-populating an AWS instance, of course.

1
0

Sacked NCC Group grad trainee emailed 300 coworkers about Kali Linux VM 'playing up'

Paul Crawford
Silver badge
Gimp

Re: Probably sits at home...

Mind probes? That is not the sort of probing I suffer from at home =>

1
0

Boeing 737 pilots battled confused safety system that plunged aircraft to their deaths – black box

Paul Crawford
Silver badge

I think it was the opposite - the pilots *assumed* the plane anti-stall would stop it stalling, but below a certain hight it disengages as it *assumed* they would only fly that low in an attempt to land.

7
0

Blighty: We spent £1bn on Galileo and all we got was this lousy T-shirt

Paul Crawford
Silver badge
Facepalm

"Brit taxpayers had shovelled £1bn into the programme from which they would now be locked out due to rules we insisted on and which we then decided to become non-compliant with"

Fixed his statement for him...

It is sad and stupid, and the loss of privileged access to Galileo is also sad and stupid but entirely predictable.

80
2

Bordeaux-no! Wine guzzling at UK.gov events rises 20%

Paul Crawford
Silver badge

Re: Chef!

Some of the English fizz is actually very good, and at a recent blind-compare Champaign versus sparkling wine tasting I was at they were pretty much on a par according to most of those present. As always, chose a wine based on two simple test results:

1) You like the taste.

2) You are prepared to pay the corresponding price.

Simplez!

5
0
Paul Crawford
Silver badge
Pint

Valpolicella Allegrini

The Valpolicella Allegrini is actually a pretty decent wine, and they do a couple of others of note (I was at a tasting once where one of the Allegrini wine maker was present to show off her wines).

Feeling like I need this sized glass of wine today =>

4
0

Germany pushes router security rules, OpenWRT and CCC push back

Paul Crawford
Silver badge

Re: "Support for open firmware is, arguably, a niche consideration at the moment"

Maybe if the gov mandated at least 5 years of security fixes after end-of-sale they might change their tunes on supported open software. Oh, and big GDPR-like fines if they don’t deliver just to encourage a bit of proper compliance.

38
1

Using a free VPN? Why not skip the middleman and just send your data to President Xi?

Paul Crawford
Silver badge

Own VPN?

Setting up your own VPN might look like a great solution but it is not as clear cut. For a start you probably end up renting a "machine" somewhere for always-on connectivity and a fixed IP address which will cost more and/or also have the question of who has physical access to it.

Then you have the privacy issue that if its your own machine you have no plausible deniablity, whereas a shared VPN provider has many customers with the same apparent IP address. Finally you have the other reason that many folk use a VPN - to avoid geoblocking etc, and if you want the same you might need to set up hosted machines in a few countries at some cost and, again, the issue of trust in those.

So while you are putting a lot of trust in your VPN supplier you might still be better with a third party providing you take a bit of effort to select one that suits your use-case and are willing to pay for it as somehow every service has to be paid for...in money or in privacy.

5
2

Holy moley! The amp, kelvin and kilogram will never be the same again

Paul Crawford
Silver badge

Re: yard/mile on our roads for some strange reason

Because of the extraordinary cost of changing all signs and then having to deal with most cars in the UK having mph as the only (or dominant) scale for a decade or two afterwards.

1
0

Facebook's CEO on his latest almighty Zuck-up: OK, we did try to smear critics, but I was too out-of-the-loop to know

Paul Crawford
Silver badge

You are far too kind!

16
0

5.. 4.. 3.. 2.. 1... Runty-birds are go: 12,000+ internet-beaming mini-satellites OK'd by USA

Paul Crawford
Silver badge

Re: mesh together

And hopefully in a low enough orbit that they burn up in ~5 years no matter what.

12k at launch, probably 2k unresponsive after 1-2 years and no active option to track them or to manoeuvre them..

4
0

Can your rival fix it as fast? turns out to be ten-million-dollar question for plucky support guy

Paul Crawford
Silver badge

And free() doesn't

Unless you were Nelson Mandela

5
0

This just in: What? No, I can't believe it. The 2018 MacBook Air still a huge pain to have repaired

Paul Crawford
Silver badge

Never seen on for real but you could give it a try - no worse a gamble the most. Also you can put your own distro on it as it uses relatively 'open' hardware so practically every Linux will have working drivers for all parts.

0
0

UK rail lines blocked by unexpected Windows dialog box

Paul Crawford
Silver badge

Re: Um

Yes, like your data...

38
0

International politicos line up to get shot down by Facebook

Paul Crawford
Silver badge

I would happily spend the next couple of years on a "MP answer tour" in exchange for a billion or so dollars...

2
1

Dell upping its margins again: Precision 5530 laptop will sting you for $13m. Yep, six zeroes

Paul Crawford
Silver badge

Re: And that's ...

Got any pies to go with it?

13
1

Macs to Linux fans: Stop right there, Penguinista scum, that's not macOS. Go on, git outta here

Paul Crawford
Silver badge

Re: However, we can report that Ubuntu runs an absolute treat on a Dell XPS.

In the USA Dell sell the "XPS Developer Edition" that comes with Ubuntu installed and a previous commentard said Linus uses one, so I guess they do check their chips & drivers all play nicely. In the UK they don't sell this specific version.

However Dell UK do offer various models with Ubuntu pre-installed from a cheap Inspiron to the XPS range.

3
0
Paul Crawford
Silver badge

HP 2xx is the entry level stuff with very plastic-y feel

Is very true, but then I was looking for an almost disposable laptop for friends who kept trashing their own both logically (viruses, etc) and physically ("Oh, the screen is broken after I stood on it. Last two times I stood on it the screen was OK"). So a low cost model and Linux was one route. The other being a Chromebook but then you are ALWAYS slurped by Google.

22
0
Paul Crawford
Silver badge

Indeed, either look for something liker one of the Linux friendly lot like Entroware, System76, Purism, etc, or others like Dell that dabble a bit. Or even a cheap HP and wipe the supplied OS.

Edited to add - search for "HP 255 G6 Laptop 3KX70ES" comes with FreeDOS and can be had for £210 (not very fancy hardware spec through).

49
1
Paul Crawford
Silver badge

Re: SecureBoot Bites Again

it seems that Apple is first there

Not quite. Microsoft' ill-fated Windows RT tablets did not allow other OS to be booted, the requirement mentioned is only for x86-based machines.

31
0

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)

Paul Crawford
Silver badge

Re: The issue is changing the password...

This is all about convincing the firmware in the disk itself that you are an authorized user to see the decrypted content of the data on the drive.

Basically this. In fact it is another example of a system storing the "password" in plain text. Really the SSD sector encryption key should never be stored in non-volatile memory, hence it should not be possible to simply bypass it by a firmware change. It should be generated on demand from the stored part and the user-supplied pass phrase.

If you need to change your pass-phrase then you decrypt using the old one, check its OK (e.g. CRC as part of the stored 'key') and then re-encrypt using the new pass phrase.

4
0
Paul Crawford
Silver badge

Re: The issue is changing the password...

That is the usual argument for most data-at-rest encryption where you have a fixed random encryption value and your password simply protects that so a change of key is simple and fast as you don't have to decrypt and re-encrypt all of the data using the past and new keys.

But who would have assumed the same of a disk? I always assumed that your PC (e.g. BitLocker mentioned) would present some high entropy key to the disk and if you changed password that key would be unchanged, as would a software implementation of disk encryption. After all you don't really expect to have the SATA bus, etc, snooped upon during operations. If you do its kind of game over anyway...

17
0

Russia inches closer to launching a crew again while NASA waits for a delivery from Germany

Paul Crawford
Silver badge

Re: send the Orion-ESM combo beyond the Moon to check it out

Its a real-world (or real-space) test doing what it is supposed to do, in the sort of sequence it is supposed to follow.

You would not drive a new design of car around the bock a couple of and then declare it fit to compete in a rally, would you?

5
0

Android fans get fat November security patch bundle – if the networks or mobe makers are kind enough to let 'em have it

Paul Crawford
Silver badge
Gimp

Re: Yep my android updates last night

My phone saw one OS update after 6 months and none for years since. Yes, it gets play-store patches, but bugger-all from the manufacturer.

Bit of a Google fanboi? =>

16
1

Cyber-crooks think small biz is easy prey. Here's a simple checklist to avoid becoming an easy victim

Paul Crawford
Silver badge

Re: Size matters

To some degree the main difference is a "larger" organisation will typically have some or all IT support in-house and as a result typically will have policies for networking, patching, backups, etc, that are planned around good practice.

I say "typically" as we regularly see the big boys being shafted and often due to lax practices...

But the SME lot usually have no real IT support internally, maybe some bod whose job it is to arrange support/purchase, etc. And as already pointed out, you get many differing categories of user and business with the vast majority being based around folk with no real computing expertise. And no, being able to use an excel macro is not computer expertise! Hence solutions of using differing software, OS, network segmentation, etc, that would be argued about by the legions of commentards means absolutely nothing to them.

Most of what is needed to get SME in to a safer area therefore requires such expertise and that means paying folk to help set up stuff, train staff, deal with incidents, etc. Sadly that is seen as a pointless expense by many until they get shafted.

0
0

UK and EU crawling towards post-Brexit data exchange deal – reports

Paul Crawford
Silver badge

Re: I'm confused

What am I missing?

That post-Brexit we will be in a different legal position. Not just the loss of the "national security" get-out on slurping, but also that we might change our laws or interpretations as part of the Henry VIII bill being pushed through, and that we[*] have already stated we won't be bound by the European Court of Justice decisions.

So those on the other side will need to assess what we are actually doing when the laws have settled.

You did not think that simple logic and common sense would prevail? It hasn’t so far...

* = The government. Not necessary an indication of the people's views

10
1

'He must be stopped': Missouri candidate's children tell voters he's basically an asshat

Paul Crawford
Silver badge

Re: You can't save all of 'em ...

Indeed, good to see his children have seen through his shit and are brave enough to say so in public.

61
6
Paul Crawford
Silver badge

Re: Hmm

The media

9
3

US Republicans bash UK for tech tax plan

Paul Crawford
Silver badge

Re: Friends

Americans do.

America, maybe not.

38
0

Boffins have fabricated microscopic sci-fi tractor beams for real

Paul Crawford
Silver badge

Re: Photons are massless, but they have momentum

The thing about the em-drive is that the photons/EM waves are internal, so if (and its a big 'if') it works then it is defying the normal requirement for momentum transfer outside of the spacecraft, etc.

But you can use a light/heat source or radio to act as a (very weak) drive since the emission of radiation has a momentum transfer effect as it propagates away.

Edited to add: Seems the commentards further down the page have already answered as such!

1
0

Apple's launch confirms one thing: It's determined to kill off the laptop for iPads

Paul Crawford
Silver badge

Many moons ago I was in a Stormfront store in the UK looking at the Apple macbook pro and I almost bought one, But shortly after they had a new model and it lacked the things I needed: RJ45 networking, USB-2 peripherals, built-in DVD drive, etc.

So I decided to buy a mid range Linux laptop From Entroware instead. Yes, it lacks some key features I might like, but it is mine. it does what I tell it to. And it cost a lot less, the remaining money which I spent on loose meals and nice women.

55
3

EU Android latest: Critics diss Google's money-spinning 'cure'

Paul Crawford
Silver badge

Odd, I would have thought the commentards here would like to see Google having to offer a "price" for their data.

5
1
Paul Crawford
Silver badge

A "fair" solution is Google charges for the software at the same price for everyone and every-phone, and then pays users to opt-in to access their data at a given rate per location point shared, etc.

5
7

Woman who hooked up with over 15 spectres has found her forever phantom after whirlwind romance and plane sex

Paul Crawford
Silver badge

Re: Dear God,

I have an ex from Belgium, so I think I know where you are coming from...

4
0

Britain's rail ticket-booking systems go TITSUP*

Paul Crawford
Silver badge
Coat

These jokes are running out of steam now.

6
0

Top AI conference NIPS won't change its name amid growing protest over 'bad taste' acronym

Paul Crawford
Silver badge
Pint

Alas, as a Scotsman I was hoping it would be about a measure of whisky.

An unusually large measure for spirits =>

26
0

Official: IBM to gobble Red Hat for $34bn – yes, the enterprise Linux biz

Paul Crawford
Silver badge

Re: Mauve?

Mauve alert, are you sure sir? It will mean changing the light bulb!

18
0

Americans' broadband access is so screwed up that the answer may lie in tiny space satellites

Paul Crawford
Silver badge

Re: so...

No, it is never that simple and re-entry predictions are still not accurate for various reason (early on the difference in drag from differing atomic species along with the variation in solar atmospheric heating as sun spot activity, etc, changes, in the final orbit or two due to tumbling satellite orientation and bits coming off changing the drag characteristics).

But if you increase the area/mass ratio it falls in faster under all condition, so in a sense it is easy to see how to make it decay quicker.

1
0
Paul Crawford
Silver badge

Page 56 of this PDF has an approximate answer to the expected lifetime question:

https://www.ofcom.org.uk/__data/assets/pdf_file/0025/107557/Satellite-regulation-teach-in-event.pdf

Precise answer depends on the mass/area ratio (i.e. drag coefficient of sorts) along with the Sun's activity in driving the upper atmosphere.

9
0

Should a robo-car run over a kid or a grandad? Healthy or ill person? Let's get millions of folks to decide for AI...

Paul Crawford
Silver badge

Re: brake or steer

The problem with brake and steer is you only get up to 1g acceleration in any direction, so by changing direction (i.e. sideways acceleration) you have to give up some along-track acceleration (i.e. braking).

In almost every case you really want to lose that forward momentum as that is what causes the damage ultimately, hence the priority to brake. Of course there are some situations where a swerve could avoid a collision with a small object (human, animal) that appears suddenly and within the minimum braking distance, hence this discussion of what to do if the consequences of such a swerve would be another collision (e.g. mounting the pavement, hitting another "class" of small objects, or hitting a vehicle coming the other way).

To some extent I agree with various commentards who say the AI should always stick to the road and no doubt would not get bought if it did not preserve its passengers. So basically the swerve-to-avoid should only be done if it is moving to another lane of the road that will not apparently cause a collision, otherwise those who walked out without attention have to face the best-case braking (which for an automated car is likely to be better than a human in terms of reaction times and willingness to reach anti-lock operation).

Ultimately this sort of morality debate is not what I worry about, it is the reliability of AI to actually drive correctly in the first place!

12
1

'The inmates have taken over the asylum': DNS godfather blasts DNS over HTTPS adoption

Paul Crawford
Silver badge

There is more to the internet than web browsers, but here we seem to be seeing a split where the web browser will get https for DNS (adding even more code bloat) and quite probably see a different world to anything else (such as VPN client, SSH, BitTorrent clients, etc) that rely on conventional DNS for name resolution. Bad.

But equally why has the DNS world not addressed this privacy problem?

6
10

SQLite creator crucified after code of conduct warns devs to love God, and not kill, commit adultery, steal, curse...

Paul Crawford
Silver badge

Re: Does it even define what it means by "God"?

Laughing so much I'm double'd up!

I know, it was a long shot...

3
0

The Register - Independent news and views for the tech community. Part of Situation Publishing