3725 posts • joined 15 Mar 2007
Re: david 12
It is true you could install a 3rd party NTP build for Windows for some time now (e.g. from Meinberg), but it has taken a LONG time for Microsoft to get with decent time-keeping.
But you are wrong about 90s UNIX systems, we had Sun machines in the mid 90s that had microsecond format clock reporting (via gettimeofday() calls) even though I think they actually used the RTC oscillator so had 30.5us tick steps from the "watch crystal" used behind them. So better than 100us there. However, it is possible that older Linux boxes were millisecond ticks but I did not have much experience of those until the mid 2000s by which time they were us resolution.
Also this was in a university setting so we had a 2Mbit WAN and reasonable delay stability in the 90s, though of course small businesses and home use was still often dial-up until the 2000s and that would set a significant limit on time setting.
NTP & networks
Incidentally it is not symmetric network delays that cause errors for NTP and similar, but asymmetric ones. NTP knows the round-trip time so it knows if the server is correct what the maximum ambiguity is, and with several servers (always recommended) a bad clock or strange delays on one path can be seen and rejected.
However if you have a system with an asymmetric delay on all paths (e.g. your ISP) then all clocks sources are biased by the same amount and so your server is set to a slightly wrong time. For example my home cable broadband system seems to have an asymmetry of around 3ms when compared to a local GPS-based server. As your round-trip delay is reduced (e.g. NTP server on LAN instead of over the WAN) then such errors are reduced.
PTP is not a "magic" solution to this dilemma, but as it runs on the LAN only and normally via switches that are designed to accurately transfer delay information and with network cards employing hardware time tagging you get greatly reduced errors in all of the locations that NTP sees as one 'blob' of delay, leading to much higher accuracy.
We already have well defined time scales for all cases, its just that many computer programmers don't know or care to use them.
For a smooth linear atomic time scale we have TIA where there is a fixed epoch and time is simply atomic transitions from that point. No Earth-related movement is considered at all. Internally GPS uses a similar idea, but its epoch matched UTC in 1980 and the offset GPS-UTC (which changes with leap seconds) is part of the broadcast information.
For Earth-related work we have always used one of the UT scales (UTC, UT1 and UT2) as they are related to mean solar time, and for as long as humans have bothered with time keeping the cycle of day and night has *defined* our sense of time and date. It is only in the last century or so that we have had access to clocks that are better then the Earth's rotational rate as a time base. Now we have some people saying:
"Keeping track of leap seconds is too hard for computers to do (i.e. lazy programmers ignoring the long history of time keeping) so lets get rid of them as who cares if mean solar time is no longer mid-day?"
But many people do care, and many systems relating to astronomy or satellite use already exist that are based around the previous internationally agreed definition of UTC being kept within 1 second of the Earth's rotation, so they would be broken by such a change.
Windows get proper NTP
Really what they are saying is Windows server 2019 gets the sort of NTP based time keeping support that *NIX systems have had from the 90s?
OK, the PTP support is a newer thing with most systems based on the 2008 spec but it also needs switches/routers that support it if you are doing it properly. As for Google's fugly fudge of time-smear - don't. Please just implement time keeping properly and actually test your systems on the infrequent but inevitable leap-second events.
Also what guarantees that the upgrades in 5-10 years will still fit the storage on budget IoT devices built now?
Re: Is it important?
Point is with FTTP there is no practical bandwidth limit on the infrastructure: change the end point transceivers (assuming enough backbone capacity) and you can get 1GB or possibly 10GB symmetric speeds. At least and order or more of magnitude faster than last-run over copper.
Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help
Russia has viable opposition parties?
Another big factor (if you pardon the pun) is the number of people using their phone for both the internet access part (i.e. user-name/password entry) AND for the 2nd factor (e.g. text message code) so once again the phone becomes a single point of failure in security terms.
Re: Symptoms of misguided policies
You are right about "collateral costs" but also we can look at the biggest addictions (smoking and alcohol) and see how they are managed around the world. Generally they are legally available so the quality is mostly 'safe' but with restrictions on sale, use (e.g. smoking bans in public buildings in many places), and advertising along with various campaigns to promote more responsible use.
Now it is not a complete success but overall it seems to be better to manage and tax it than to have prohibition and funding organised crime.
Ah yes, the 9/11 case that killed something like 1/10 of a year's worth of USA gun accidents (or substitute "road traffic accidents" if you are a NRA member).
Also it is pretty obvious in that case the perpetrators should have stood out like a sore thumb but human failings and department rivalry largely had them ignored, which is exactly the same sort of reasons why powers tend to be abused if no checks & balances are applied.
You seem to make the common mistake of thinking of the EU as a single body.
The EU commission is largely made of gov wonks and tend to do the same sort of shady back-room deals that most governments do, but at least their masters can join the tabloids in blaming the "Evil EU" for making them do what they were lobbying for in the background anyway. Just like the UK gov and the telco data retention directive, for example. These are the ones trying to put a plaster on the current EU-US deal.
Then you have the MEPs who actually do a public debate and (mostly) democratic vote as they don't have much of a party-political goal scoring agenda like most lower houses. These are the ones who seem to be standing up for individual rights, just a shame our own MPs seem to care for none of it.
It would be even better had we (the UK) not voted in wasters like Farage who, whether you are pro-EU or anti-EU, did SFA to help any UK interest in any debates or votes.
Re: 'The seemingly misbehaving app is the default messaging tool on Samsung's Android devices'
But at least they can't send back via the aerial, so by keeping the pointless fsckers off your network the hack would at worst brick the thing.
Re: £40 uputronics GPS
I think my PI + Uptronics GPS board can work stand-alone (no internet, though normally I use the 4 ntp pool servers as well) using Ubuntu with the PPS enabled. My ntp.conf has this setting:
# Add the NMEA driver using GPRMC (1) and 9600 Baud (16) mode.
# Also tell it to assume 117ms delay on RS232 and also to enable the 1pps correction using 'flag1'
server 127.127.20.0 mode 17 prefer minpoll 4 maxpoll 4
fudge 127.127.20.0 time2 0.117 flag1 1
Also needed to edit /etc/init.d/ntp to add on start the commands to create symlinks:
cd /dev ; ln -s ttyAMA0 gps0 ; ln -s pps0 gpspps0 ; cd /
Re: Time NTP was upgraded(See what I did there!)
"Transmitting it at 60 kHz RF is equally trivial."
At close range, yes. But not from far away as it takes a pretty big antenna to get any sort of radiating efficiency at 60kHz.
It all comes down to your risk assessment, while anyone on the other side of the world can poke at your systems via the Internet, getting up close and personal to fiddle radio clocks carries a higher cost and risk of being caught. Having a combination of sources allows you to pick out dodgy clocks (the "false tickers" in NTP parlance) and more than one radio type adds another layer.
But if you do see yourself at risk of a serious, planned and coordinated timing attack and it is of value you can get your own atomic clocks ("low cost" are Rb + GPS adjustment, or if you really must have the bast a few companies make hydrogen masers).
Re: Time NTP was upgraded(See what I did there!)
"And how reliable are GPS and radio clocks?"
Generally pretty good, but not totally spoof-proof which is why you normally have more than one receiver (for hardware redundancy) on site and also use a decent number of NTP servers for confirmation as well. I think Meinberg offer servers with both LW and GPS sources for added certainty.
"Another thing about GPS: it doesn't use UTC, does it?"
No, GPS internally uses an atomic time scale that was in-sync with UTC in 1980 as well as providing the stepped UTC-GPS offset to get UTC today. Any decent GPS module also provides the pending leap second information as well, but sadly these days quite a lot of cheap GPS modules only use NMEA strings to communicate and they don't report leap second information. Also the companies behind them seem to be populated by muppets that don't understand the products or service they are selling.
Re: Time NTP was upgraded(See what I did there!)
Lets face it - if your really REALLY depend on time to < 100ms or so accuracy (which seems to be the thing here - as I think trying to delay the NTP out/return by much more than that will lead to rejection anyway) you should get your own GPS receiver to have your own stratum-1 source.
Sure it is a cost but you can start from £100 (for a Raspberry PI and a GPS expansion board (e.g. from uptronics), antenna, plus a funky case) or get 1U servers for around the £1-3k mark depending on hold-over accuracy and battery back up features.
And you are doing what that needs super-accurate time? It is not a consumer problem as typically Windows machines are out be much more due to SMTP and (last I checked) ~1 week polling so if you are looking at fraud in the £M region from 100ms of fiddling why are you trusting it all through a single ISP, etc?
It seems the fundamental flaw appears to be they are trying to map the character stream in one language to another by the neural net, rather than decoding the words first using some dictionary and then learning how to map sentence to sentence?
Yes, OK, that is the easy way to set up a learning system so of course everyone would do that for speed...
Or the Viagra instructions where I misread "take 30 minutes before sex" as "take 30, minutes before sex".
Re: If you talk in your sleep
Last time I got my hair cut the lady doing it was chattering away about an "OK Google" type device and that it was in her bedroom. I pondered on what it might have heard (as she had just mentioned her boyfriend) and she went a very deep shade of red.
Apparently she never thought of it listening!
Better the Devil you know?
Just how much was she being paid?
What degree of training did she have on the capabilities (or otherwise) of the "automated driving" system?
Sadly they might, but really it should be whoever turned off the safety brake system and those who approved the change (or had failed to implement a change approval system).
As software reaches the point of actually and visibly killing people, those developing and testing it need to be held to the same standards that anyone designing a bridge, etc, would be.
What the "safety driver" was (or was not) doing is far less important than the safety/emergency brake system being turned off. Looking to blame them for the crash in some way is utterly missing the point:
1) The car should have detected and stopped for anyone in its path. To miss an adult & bike is an utter travesty of the system's claimed suitability for real-world use.
2) At what point did they test the car/configuration in a test range with typical objects?
3) Most believed the driver was there to take over if the car gave ample warning of a fault of situation it could not handle.
4) As seen in the Air France crash, even skilled pilots with minutest to react have real difficulties in taking over from an autopilot when conditions were too difficult for its capabilities.
Content creators have long been demanding a version of PDF that supports embedded HTML5-based media, interactivity and animation
For the love of $DIETY no, no and thrice no!
How many vulnerabilities have been in Acrobat reader due to the ability to execute arbitrary code? Please keep a document standard as that - something for reading and printing. Even the option for forms to fill in has piss-poor support and don't get me started on the shit that is the encrypted versions that only Adobe products can open.
No, fitting seat belts is just common sense.
Some really old cars don't have any points you can sensibly attach belt mechanisms to (or are so valuable as "original" you don't want to and don't drive much either), but probably most cars post 1950s are OK. In fact many had them as extra cost options until the law changed to mandate them, first for front seats and then also for rear.
No idea about Japan but if they have classic cars on the road it can't be the case.
The UK MOT test has changed over they years and got tighter (e.g. now a warning light for ABS or engine management fault is an automatic fail even if it passes brake efficiency/missions), but the underlying test criteria like seatbelts (must be sound if fitted, but not obligatory on old cars), exhaust emissions in terms of CO/particulates, etc, are those at the time it was first sold.
However, that MOT is based on the standards of safety equipment, emissions, etc, that applied at the time the vehicle was first registered.
This is a bit like saying ALL cars must pass current standards and so most over a few years old are then automatically off to the scrappers.
Re: obvious solution ...
Very true, but as always the problem is the same: money and convenience.
Some hospital staff need external internet access, and also internal. But no one will do a red/blue network and separate terminals for air-gapping it, or even a properly thought out system on common networking to have logically separate VLANs, white listed web sites, strongly sandboxed applications, etc, etc, because they already have a running and generally working system and don't want / can't tolerate the disruption of a massive overhaul.
Re: Can someone explain.....
Exactly, and it survives typical software scans for tampering or a re-install.
It is probably much much simpler and its why x86 persists, why Windows RT was doomed, and why practically all phones use ARM chips: Software.
No one really wants to recompile, test (yes, I know its a novel concept), debug and support existing software for a new product hardly anyone uses. And so the new product remains hardly used.
Re: Well, it's Microsoft
Just like Google?
Re: Hard as I try...
and mandatory programming standards
There's your problem right there.
Most likely their core developer efforts are about removing useful browser functions (firefox) or adding spying (chrome) instead, but then I'm a cynical bastard at heart.
I also have a love-hate relationship with the French: I love drinking their wine, hate eating their snails!
Re: We need a backup system
Keep them in a plastic tube then? Should improve the hang of one's trousers.
Just like the Spinal Tap airport security scene...
Probably team up with FIFA or the directors of the European Patent Office?
Re: FS@*! Windows
If any of said neighbours are attractive then you might also have the grumbleflick problem solved as well that way.
Re: cock shots
Here is the truth about cock shots from Red Dwarf:
And remove USA software?
Given the revealed spying of USA / 5-eyes on various EU nations, can we also expect a directive to eliminate any USA software that has built-in telemetry or remote access built in?
Re: World Gin Day
An oft-muted sentiment round here "it only hurts when you stop"
And elsewhere it only hurts when you start.
Turning off IPv6 will earn you geek creds if you are doing it specifically to avoid VPN leaks.
The fact that it is 2018 and VPNs leak on IPv6 is a rant for another day...
I wouldn't trust a LED, there is certainly some way to remotely deactivate it.
If the LED is simply a software status indicator then it is worth SFA. But correctly engineered the LED would be fed direct from the switched power to the webcam/microphone so it is an unambiguous indicator of the device being usable.
Sadly that is not how most things are done these days :(
Re: Plain text rudder commands is not a problem in itself
Maybe if insurance companies start to take notice of this sort of shit then maybe the shipowner might be forced in to using network segregation and a decent VPN for ship-related access?
Re: Facebook nagging
True, but then Apple could threaten to purge the FB app from its store/phones.
Now a lot of FB addicts might be unhappy, but a nice long detailed message from Apple to said users about what FB is doing and why might make them (and their higher-than-average spending to advertisers) think twice about using FB ever again.
One way or another, I would be happy to sit back with some popcorn and watch the fall out.
Re: I thought browser fingerprint hiding deserved a mention.
Sadly the Safari browser is only for iOS/MacOS now. But this is very much what Mozilla should be doing, instead of slavishly copying Chrome, in order to keep themselves relevant and possibly even desired.
Well if his name is Sergy its either that or being called a Meerkat.
Re: Impact on Segal's law?
And a man with 12 very, very good watches is much more sure than one with two?
"Today is all about software," said CEO Tim Cook in his opening remarks.
Have you tried asking the pro users who are going to other suppliers and Windows due to the lack of features on your pro Macbooks (such as several USB-2 ports, SD card reader, etc)?,
Also do they look out for bridges, trees, pylons, high buildings, etc, that might just be close to the road?
Re: Bye bye Apple?
Would this be an Apple's platform that stores everything on the iCloud and is handed over on request to any official government request?
Re: @bombastic bob
And UK [post-brexit]. I'd be *stoked* if there were a UK space program sending people to the moon. ('Thunderbirds are GO' - heh)
The UK is quite unique in developing its own launch technology, then abandoning it.
Also the UK went down the road of high-test peroxide oxidants which decompose in to oxygen and steam (sometimes explosively, and have killed US rocket researches and the unfortunate submariners on the Kursk). So I guess there is something rather fitting that we* made it in to space with steam power.
[*] we as in UK made satellite, not as far as astronauts unfortunately.