Posts by Vic

Re: "the network issue"

And yes I've been called out of hours to fix a network issue with a PC in $Important24/7ServiceArea which required the network cable being plugged back into the PC.

Years back, I used to support a Health Authority network. This wasn't ethernet - it was all serial comms[1], routed through statistical multiplexers in nodes (usually in hospitals). The users were generally paid piecework, so keeping the terminals running was important.

One hospital had a particularly troublesome terminal that simply would not work. They had on-site support, who'd "tried everything", so I was called out to do a node shutdown and statmux replacement. As this was a disruptive job, it had to be done out-of-hours.

I always turned up a little early for that sort of work - it makes it easier to ask any questions you might need of staff who are about to go home. So I was at the terminal long before shutdown, with the on-site guy by my side. I had a quick shuftie around - yes, the terminal was powered on. Yes, the brightness was turned up[2]. I then decided to ask the local guy whether or not the serial cable ought to be laid unconnected on the floor, or whether it might actually work better if plugged into the wall port...

Vic.

[1] Yes, I'm that old.

[2] I had another callout which turned out to be the brightness control, so I always checked that.

end users only experience the symptoms of an actual problem, but they report what they think the problem is to the Service Desk

I was talking to a test pilot at Boscombe Down a few years back. He had a very nice take on reporting.

If he reported that an aeroplane had too small a rudder, the manufacturer would supply him with an aircraft with a bigger rudder. If it turned out that that didn't fix the problem, he was on the hook for the custome build.

If, however, he reported the problem - that the rudder had insufficient authority - it was down to the designers to fix the fault. That would usually mean a bigger rudder - but it was someone else's responsibility to make that call.

Vic.

"A war on Philip Morris would be much more effective, amd very much cheaper and safer to boot."

Nope. They tried declaring war on booze in the 1920's. Guess what? People would rather ignore the laws of their country than abandon their vice.

I didn't say it would work - just that it would be more effective than their "War On Terror".

War on Drugs ring a bell? We've bee putting trillions into the problem

That's because we've been putting trillions into creating the problem. An artificial pinch in the supply of something people want leads to an increased price - that's basic economics. If the price is high enough, the profit margins are sufficient to warrant some very risky behaviour - and so the drugs gangs are born. It would be trivial to take them out of business simply by undercutting them to the point where the trade is no longer profitable.

But that's different from putting some effort into getting people to take driving more seriously; a temporary removal of the driving licence has quite an effect.

If he feels he MUST get attention by any means necessary, then nothing will stop him

I said "major cause", not "single cause". This attitude is endemic in the way governments seem to work these days; they seem to want to find a single factor that will make the difference between unicorns frollicking in the streets and a plague of toads. Very few situations in life are truly caused by a single factor, and those that are have already often been tamed.

Vic.

Re: Is this a good analogy?

Does it just boil down to the process not being in place to restrict law enforcement access, or is there some other genuine issue?

Yes, there is some other genuine issue. It doesn't work. Mathematics doesn't care whether or not you are authorised to do something - if you've got the keys, you can decrypt the comms.

For this crazy scheme to work, you've got to have everyone in the world - including th bad guys - using your dual-keyed algorithm. That means both eliminating the current algorithms that don't fit this model - all of them - and also convincing every country in the world - even the ones ou really, really don't like - to keep it that way.

And even if you do achieve this utopian global accord, you've then got to hand the master keys out to all those countries, to distribute throughout their "law enforcement"[1] agencies as they see fit. That means that all those rogue states - North Korea, for example - has a master key that can break into all messages sent by their population. That's great for repressive regimes. It also - and this bit is monumentally important - means that those same rogue states have a master key that can break into all messages sent by your population. Try running a business when the Chinese can break into all your on-line communications, including your VPNs.

Now hopefully, the above should show you why even attempting this is stupid beyond belief. But we've only just started - it gets worse. This world has a class of people known as "criminals". They're bad people. They're also often rich people, and often powerful people. And many of them would like to be able to listen in to, say, your banking session to steal your credentials, since that would allow them to open your bank account and take all your money. And all they need is a single copy of the master decryption key - which, as we've seen above, has now been distributed to every country in the world, and from there to a large number of people within that country[2]. If any single one of those recipients is susceptible to corruption, or even to simple threats of violence, the key is now in the hands of the criminals, and nothing is ever safe again.

You could, of course, make a fresh set of keys when this occurs. That's a monumental effort, and would likely require months or even years to propagate around the world. And it wouldn't prevent captured historical messages from being decrypted, nor would it stop the same breach happening again - there is that much value attached to a single key that can deliver the whole of the Internet into the hands of its posessor; it truly is the One Ring...

Vic.

[1] Ha!

[2] If the key is only held by a small number of people in each country, there will necessarily be a backlog; you've got a choke-point in the flow of message decryption. So it will be duplicated, because that means a higher throughput, meaning less latency from request to decryption. Law enforcement[1] agencies like things to happen quickly, because it means there is less delay in the evidence-gathering process. You've going to get duplication, and on a massive scale. In each country.

How do you tell your citizens that they are under perpetual existential threat from rogue, undetectable threats and there's sod all they can do about them?

You don't, because that would be simple scaremongering.

Add up every single fatality, ever, in any coutry, that is down to terrorism - or even suspected to be so. Now compare that to the provable deaths from tobacco; you won't need many months of figures from any paritcular country you might choose to meak it quite clear that, if saving lives is your goal, then terrorism is the wrong target[1]. A war on Philip Morris would be much more effective, amd very much cheaper and safer to boot.

What happens when one man gains the capacity to ruin civilization and has the will and determination to actually do it.

That's exactly the scenario we're all trying to avoid - but the next one along will just kjeep repeating the same mantra of "encryption evil"...

Except most of them are the result of single-human factors: a chaos factor considered too difficult to really treat.

It's only too difficult because the will is not there to do so; were it to be considered a problem as heinous as terrorism, and the budget made available accordingly, it suddenly wouldn't be so difficult. The results would certainly mean more lives saved per $currency spent than waging a war in the Middle East. But none of this is about saving lives, it's all about control.

It's a "crap happens" situation, much like getting struck by a bolt out of the blue.

This is a defeatist attitude, and is explicitly singled out as a cause of bad driving in Roadcraft. Once you have accepted crashes as "accidents", they will occur. This is why the abbreviation "RTC" is now used, rather than "RTA"; calling it an "Accident" implies that no-one is to blame.

Vic.

[1] It's arguable - and I would do so - that inflating the terrorism problem is in fact a major cause of terrorism; the UK had a deliberate policy during the '70s and '80s of downplaying terrorist incidents perpetrated by the IRA This is very effective; there were fewer such incidents than there might have been had each one led to blanket TV and newspaper coverage. Today, any insignificant occurrence is treated as Terrorism until proven otherwise; such an elevation of status means that a certain type of individual is actually attracted to that sort of activity. Thus running around, Chicken Licken-style, actually contributes to the problem, rather than resolving it.

A letter or two of apology to Pan Am wouldn't go amiss.

A letter of thanks that they've been shown the error of their ways would be rather welcome. I, for one, am unapologetic for what I've done...

Vic.

Re: Okay... let me be the first to do this here...

I think you should have linked to the twats page. If enough people do, they might start to understand...

Vic.

Re: Not that this will make using Uber safer

"his insurance covers him for operating as a taxi driver"

So he can just have social, domestic and pleasure insurance policy?

Did you read the bit you quoted?

It he's only got SDP insurance, it doesn't cover him for operating as a taxi driver.

Vic.

Re: Meh

;; ANSWER SECTION:

[vic@perridge ~]$ dig +short txt bengummer.com

[vic@perridge ~]$

That's a shame...

Vic.

Re: Meh

Most people don't have the technical skills and/or financial means to setup and, more importantly, maintain their own email server.

I disagree. It's not a particularly onerous task.

However - and this is critical - is is a maintenance task. I get properly sick of beancounters who decide that they're going to dispense with my services because their email works just fine, then whinge a few months later when it no longer does - it's an ongoing task; it needs a little effort on a continuous basis.

Vic.

Re: Meh

Also my detection rate is 100 fucking % with 0 % false positives

Then you have an insignificant amount of mail and/or users.

The brick-wall spam filter is impossible. You can't even get humans to agree on what spam is, so it is impossible by definition; one man's spam is another man's legitimate email.

Vic.

Surely a pin on a stick is all you need for a reasonably controlled descent?

Nope. It might start reasonably well, but as you approach the ground, the air pressure increases, leading to the balloons shrinking, with a corresponding[1] loss in buoyancy. This means that the speed of descent increases, meaning that the rate of change in air pressure increases, ...

So a pin on a stick would get you a descent, but the words "reasonably" and "controlled" aren't really appropriate...

Vic.

[1] As the density of air increases, you will obtain more upthrust from a given size of object (Archimedes' principle), but this will not balance the loss of volume; the difference between the internal and external pressures in an elastic balloon increases as the balloon size decreases (Laplace's Law). Thus you would increasingly lose upthrust from each balloon as you descend through the atmosphere.

So is this driver code hard-baked into the kernel? What if I don't have an AMD GPU? Do I still get to use up RAM for what sounds like a large chunk of driver code? Or is it actually an optional kernel loadable module?

As with all drivers, that's up to whomever builds the kernel. For most distros, that means it's a loadable module - you only get it if it can do you some good.

But if you want to bake it into the kernel, that's a build-time option you can choose if you think it makes sense for you. Most people won't.

Vic.

Linux on a laptop? *Shudder*

I've done it for many years, on various platforms. It's rather good.

I won't run Ubuntu on bare metal anymore

Nor I. But then Ubuntu != Linux.

Vic.

Re: Damn you lucky bastadges.

I want a *new* machine, one that I won't have to upgrade for at least five years

I have a bag of shite. The BIOS is dated 2009, so I've had it about 4 years, after my neighbours threw it out. I expect it to last at least another year, making the 5 years you're after.

It cost me £9 for a new power cable. I could probably have got that cheaper if I'd looked a little harder.

Hardware is much more resilient that many people think. The trick is to understand when the black smoke has run out, and when it's merely a software fault masquerading as a terminal failure...

Vic.

We don't need a ton of processing power, just a dual/quad core

God, I feel old. this sort of statement still amazes me...

When I was doing silicon design, we had 2x 100MHz SPARCs for the entire 7-man department...

Vic.

Re: So use ApplePay

Notice how many shops now have card only self service tills in the UK?

Nope. I don't think I've seen any such shops...

Vic.

Re: Oh god

his solicitor advised him that the light from the Sun takes 1000 years to get to the Earth

If nothing else, that would demonstrate that the solicitor is clueless...

Vic.