* Posts by Destroy All Monsters

16005 publicly visible posts • joined 3 Jun 2008

Crashed Schiaparelli lander's 'chute and shields spotted

Destroy All Monsters Silver badge

Re: What happens

Goddammit, Vladimir!

Destroy All Monsters Silver badge
Headmaster

Re: What happens

What are you even talking about?

This is likely to be something in the ballpark of MISRA C. Or some Ada derivative.

When I orbited the general vicinity of the Galileo Software Development Gas Giant, these - and assembler - were the only ones listed as allowed in high-assurance cases. It's been some time though. Today, it is likely there is use of Esterel and/or Lustre for adequate descriptions.

Destroy All Monsters Silver badge
Coat

Re: Got those pictures just in time...

This is not red weed.

It is Schiaparelli's red shirt.

"Dead, Jim!"

Intel's new chip targets industrial IoT

Destroy All Monsters Silver badge
Holmes

"From video copy prevention HDCP2.2"

Someone at Intel is mixing up the "industrial IoT" and the "consumer netbook" marketing segments.

Good luck securing 'things' when users assume 'stuff just works'

Destroy All Monsters Silver badge

Re: Who bears the losses ?

But alarms are fecking useless....

Neighbors will just cower more deeply in their beds. Excellent.

Destroy All Monsters Silver badge
Holmes

Re: Security <-> Usability

Actually the latest IEEE "Security and Privacy" Magazine has a collection of articles about the "Security/Usability Tradeoff Myth"

Haven't had time to read them yet though.

Datto launches backup and disaster recovery technology to combat ransomware

Destroy All Monsters Silver badge
Pint

Re: Backupify

I will just notatallify your comment and engagify the rapidizing transmogrification of our language: PUNCH IT!

Now, where is my copy of "Standing on Zanzibar"?

20 years to get Amiga Workbench 3.1 update, and only a fortnight to get first patch

Destroy All Monsters Silver badge
Windows

El Reg should not have use that illustration .... depression gathering ...

Spoiler alert: We'll bet boffins still haven't spotted aliens

Destroy All Monsters Silver badge

Re: Instrument error?

Tagline: "It is never too late to read El Reg!"

Destroy All Monsters Silver badge
Headmaster

> Possibly back in the childhood of the universe.

That's 13 billion years. There will have been nothing back then (conversely, one of my pet ideas is that the superdense initial universe was actually fertile ground for large civilizational construction - but all of that would have been over in a few milliseconds as the environment cooled off; that's just by the by).

You would just look at stars in the galactic neighborhood. 1000 LY out or so.

Destroy All Monsters Silver badge
Headmaster

I'm just sipping my first coffee and what is this?

Why is there a photo of a dismantled humanoid/synthetic leading this story?

It's completely nonsensical to use that picturel. This is a standard "company" model, seen on all good spaceships that insist on a minimum of upkeep and synthetic assistance to the human crew.

And for our next trick, says Google while literally wheeling out a humongous tablet ...

Destroy All Monsters Silver badge
Windows

Re: Cue the grumps

This is all very true but where do I get the "successfull, cool, out there, distrumptive startup idea" DLC that goes with it?

Destroy All Monsters Silver badge
Windows

Re: is it 20 years since Xerox PARC proposed "ubiquitous computing"

The way it is going we will soon have automatic doors that do "woosh" sounds.

That time Brian Krzanich had dinner with Elon Musk, Marc Benioff, David Blaine and Lars from Metallica

Destroy All Monsters Silver badge
Windows

I'm too old for this crap

Krzanich said three things led him to decide to take diversity seriously

Unless there are serious reasons to suppose this will somehow magically improve products and service, I call cheap virtue-signalling. And maybe angling for Obama's tax largesse (I don't know, it wouldn't surprise me in the slightest).

The brains of Millenials and Progressives may light up with a serotonin rush when they hear of applied reverse racism and sexism in the tech industry (asians probably do not need to apply, they are kick-arse enough, so are jews, I suppose we are talking about people euphemistically called "tall") ... that doesn't mean it's necessarily and objectively a good idea.

In particular as as candidates to diversify the ranks are not easy to find.

And so we enter day seven of King's College London major IT outage

Destroy All Monsters Silver badge
Facepalm

Why RAID 6 stops working in 2019

WTF am I reading?

The problem with RAID 5 is that disk drives have read errors. SATA drives are commonly specified with an unrecoverable read error rate (URE) of 10^14. Which means that once every 200,000,000 sectors, the disk will not be able to read a sector.

So... are there any that are lower? Hint. Not SCSI, which are the same drives with a changed controller.

2 hundred million sectors is about 12 terabytes. When a drive fails in a 7 drive, 2 TB SATA disk RAID 5, you’ll have 6 remaining 2 TB drives. As the RAID controller is reconstructing the data it is very likely it will see an URE. At that point the RAID reconstruction stops.

I seriously hope that RAID reconstruction does NOT stop (aka. throwing the baby out with the acid bath), as there is a very nonzero probability that the smoked sector is not even being used.

With one exception: Western Digital's Caviar Green, model WD20EADS, is spec'd at 10^15, unlike Seagate's 2 TB ST32000542AS or Hitachi's Deskstar 7K2000

Oh...

Destroy All Monsters Silver badge

...or more of an issue.

Also, looks like the moderator is pretty frisky..

App proves Rowhammer can be exploited to root Android phones – and there's little Google can do to fully kill it

Destroy All Monsters Silver badge

Re: ASLR

> http://www.washingtonpost.com/sf/business/

Uh, oh.

WaPo polticis is shit already, no look to deeper into the "paper of record" eructions.

Destroy All Monsters Silver badge

Re: "exploiting the Rowhammer vulnerability present in modern RAM chips"

Yes jake you have been doing this since the 70s with the 64KBit mainframes, we know.

Destroy All Monsters Silver badge

Re: ECC is not a defense

Interesting. But in any case, ECC is ALWAYS good to have, too.

Microsoft: Watch out millennials for evil Security Essentials

Destroy All Monsters Silver badge
Gimp

Dell sends USB sticks to reload Windows?

I find this hard to swallow.

The best you get is a barely-functional, badly organized CD for machines that do not have a CD drive to "recover" software that "is already installed on your computer".

It's easier to demand a second helping of food from a concentration camp capo than properly install Windows on an already-taxed Microsoft WIndows machine.

Hacktivist crew claims it launched last week's DDoS mega-attack

Destroy All Monsters Silver badge

Re: Think I've found the problem....

DNS is pretty resilient and not a "single point of failure" at all.

Every LTE call, text, can be intercepted, blacked out, hacker finds

Destroy All Monsters Silver badge
Windows

I'm near retirement age and what is this

I'm starting to be not amused by the industry's shenanigans.

Still can't into security after 20 years.

Too many management mouths to feed and expensive super-conferences to attend??

Smoking hole found on Mars where Schiaparelli lander, er, 'landed'

Destroy All Monsters Silver badge
Holmes

Re: Andy Nonsense Malfunction now explained...

Mister Bryant, please! Still triggered by a mention of Sparc like a Pavlovian Doge after all these years. Don't you have some IBM overpriced software to laud?

Anyway, according to this little overview, the EDM is composed of two parts:

1) RTPU: "Remote Terminal & Power Unit installed on the underside of the Surface Platform and in charge of the Entry, Descent and Landing Sequence, not designed to survive the impact at landing as its job end at the shutdown of the landing engines." Interestingly, it seems to have no CPU, just FPGA logic .... ?

2) CTPU: "Central Terminal & Power Unit that is tasked with commanding all lander subsystems during surface operations, also directing power from the batteries to all powered components. It handles all onboard sequences, accepts science and housekeeping data, stores data and conditions data uplinks via UHF. The CTPU is built around a LEON Central Processor that represents the heart of a Processor Module which also hosts RAM and PROM memory, the onboard timer, a watchdog timer system, power converters and data input/output interfaces."

Very nice.

It seems that a LEON is "a 32-bit CPU microprocessor core, based on the SPARC-V8 RISC architecture and instruction set. It was originally designed by the European Space Research and Technology Centre (ESTEC), part of the European Space Agency (ESA), and after that by Gaisler Research. It is described in synthesizable VHDL ... The LEON project was started by the European Space Agency (ESA) in late 1997 to study and develop a high-performance processor to be used in European space projects. The objectives for the project were to provide an open, portable and non-proprietary processor design, capable to meet future requirements for performance, software compatibility and low system cost. Another objective was to be able to manufacture in a Single event upset (SEU) sensitive semiconductor process. To maintain correct operation in the presence of SEUs, extensive error detection and error handling functions were needed. The goals have been to detect and tolerate one error in any register without software intervention, and to suppress effects from Single Event Transient (SET) errors in combinational logic.

And also:

The Real-time operating systems that support the LEON core are currently RTLinux, PikeOS, eCos, RTEMS, Nucleus, ThreadX, OpenComRTOS, VxWorks (as per a port by Gaisler Research), LynxOS (also per a port by Gaisler Research), POK[ (a free ARINC653 implementation released under the BSD licence) and ORK+ an open-source real-time kernel for high-integrity real-time applications with the Ravenscar Profile.

Destroy All Monsters Silver badge

Re: Larry Niven short story collection Tales of Known Space - Eye of the Octopus

I remember an article by Wherner von Braun about a Mars expedition. The (large, manned, chromium rocketship) had (very large) wings to perform a smooth landing. Not sure what the assumed atmospheric pressure on Mars.

DARPA hands space junk spotting scope to US Air Force

Destroy All Monsters Silver badge
Alien

Well, it's an optical telescope. So at the same distance, it may spot a shiny softball or a dark & menacing petunia-adorned whale ...

And what will happen to the UFOs that hound the ISS (I saw it on YouTube!), will they simply disappear once spotted?

AT&T wants Time Warner

Destroy All Monsters Silver badge
Windows

I remember that one

Wasn't the Time-Warner merger the biggest crater of history ever? (till the 21st century started of course, and it's not over yet ... by far!)

The vague memories of silly lead articles in The Economist bubble up....

Today the web was broken by countless hacked devices – your 60-second summary

Destroy All Monsters Silver badge

Do androids dream of botnet-zombified electric sheep?

Destroy All Monsters Silver badge

Re: Late news

threatened to "attack Russia if they messed with the US"

Excellent. A cleaner is probably on the way to Sheremetyevo International Airport.

The miscreants' body will turn up swminning in some brownsite pond.

End of story.

Destroy All Monsters Silver badge

Re: Maybe..

governments traditionally don't operate at internet speed

Unless it is to exploit a moral panic to increase control in unsustainable ways for no good reason expect that "something must be done".

Destroy All Monsters Silver badge
Holmes

Re: Home Router Traffic

The graph of I/O bit-per-seconds?

Unless it was manipulated too...

I'm looking forward to an Advice Dog Meme flood on the subjet of IoT shit.

Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert

Destroy All Monsters Silver badge
Alien

Wickus!

I hope someone will make a YouTube video about websites secretly held by aliens that the govnmt doesn't want to tell us about.

Maybe with alien pr0nz excerpts.

Destroy All Monsters Silver badge

These certificates are much more expensive, because the CA has to do more manual checking of identity.

In the case of Comodo, they are also want you to sign a contract that is ridiculously unacceptable even to the non-legal eye ("if there is a problem, you pay us damages and we owe you nothing"), but that's just by-the-by.

Acronis: Yep, we're using blockchain for backup now

Destroy All Monsters Silver badge

Re: I see.

Seriously.

Thumbs down for an idea that stems from the 90s IIRC reading some IEEE mag?

Destroy All Monsters Silver badge

I see.

Nice. What took so long?

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

Destroy All Monsters Silver badge

Re: The very definition of technical debt

The problem with formal proofs is that they can ONLY apply in a very narrow set of circumstances.

This is untrue and an opinion from the 90's. High-reliability software running in clearly defined circumstances (and let's face it, kernel-level code is not exactly "real world" worthy; no need of neural networks here) is today passing through the appropriate formal mangler, likle for example avionics software.

Destroy All Monsters Silver badge

Re: Live with it, or not

We already knew there was "no such thing as perfect software", thanks.

Destroy All Monsters Silver badge
Holmes

Re: The very definition of technical debt

This nothing to do with technical debt, at least as far as I see. Where does the S/390 come in?

It has, however, a lot to do with a lack of formal methods (i.e. proving that code correct in the sense of fulfilling its specification) in an industry that prides itself on hacking complex systems "by mind alone" while features are being added like garlic to a greek roast lamb. This is bound to result in trouble, in this case entirely avoidable race conditions.

We are not going the refit the mentality nor the tools to the current code and developer base within the next 20 years, so there will be more of this on the menu. Brace for IoT!

Hack us and you're basically attacking America, says UK defence sec

Destroy All Monsters Silver badge
Holmes

Re: warning them not to target Blighty

This just in, it's like I'm really reading something from the Japanese High Command complaining about Chiang Kai-Check.

"We are concerned Russia's carrier group will support military operations in Syria in ways which increase human and civilian suffering," Stoltenberg said at North Atlantic Treaty Organisation headquarters in Brussels.

"This group may be used to... increase attacks on Aleppo," the former Norwegian premier told a press conference after talks with Ukrainian President Petro Poroshenko.

I don't know where Chocolate King is coming in here, but I guess NATO has its hand fully preparing for an attack against Mosul (unavoidable civilian casualties) instead of worrying about Aleppo where our ISIS and al Nusra allies are in a bit of a choke (bad, avoidable civilian casualties). Yeah, I know, it's all about "Assad must go", which probably justifies equipping the terror dudes with TOW and MANPAD and letting them terrorize the population. Probably.

Destroy All Monsters Silver badge
Holmes

Power projection in cyberspace:Yup, we got a beamer!

treaty requirement for them to spend two per cent of GDP on military spending

I always wonder what kind of utter waste of perfectly good oxygen came up with this "requirement". Apart from the fact that GDP is double-accounting (because what goes on the credit card goes into GDP, too, even if you have to pay it back later, after the elections) and manipulated numbers, you don't just set military infrastructure and preparation targets by stipulating that a minimal amount freshly printed "money" should flow to the Armani-wearing gentlemen which happen to be waiting in the lobby.

Fruity hacking group juiced by Microsoft's October patch parade

Destroy All Monsters Silver badge
Windows

Re: The

Thanks Vince.

Imma getting too old for this job. I think I will retire after the next Death Star project...

Destroy All Monsters Silver badge
Alien

The

Windows 10's efforts to push font processing into a special user mode that restricts privileges did not stop the exploit.

Am I reading this right? They have a special user mode .... for font processing? Can't be arsed to properly validate input? Is the code too spaghetti?? Is it running Turing-complete code from the Internet in there or something? WTF!!

"This is a very good solution but the code has the same bug in the TTF processing," Ivanov says.

The mind boggles. I think the lizard people are strong in Redmond.

And no, its is NOT a very good solution. It's an incrediably retarded "solution" for a problem that shouldn't exist.

meterpreter-style script

Yah, nice neologism! What is a "meterpreter"???

US DNC hackers blew through SIX zero-days vulns last year alone

Destroy All Monsters Silver badge

If these are "state actors" (I'm sold, these guys are NP-hard) we are beyond "legal". "Legal" is for the rubes.

To quote "Raw Deal"

Elevator Operator: Good evening, sir.

Mark Kaminsky: Down.

Elevator Operator: There is no down.

Mark Kaminsky: Hey, I'm not a cop. I'm a player.

Destroy All Monsters Silver badge

Re: Mostly

This will be going more often.

Don't expect different results with Microsoft Exchange Online.

Boffins exploit Intel CPU weakness to run rings around code defenses

Destroy All Monsters Silver badge
Pint

Neo code!

So you can guess the contents of the Branch Target Buffer from user-level software using timing? That's pretty meta. We might find that "destroy on read" Quantum Mechanics is Nature's surefire way to prevent any breakouts from Her Virtual Machine.

The hack takes advantage of the CPU's branch target buffer, a mechanism present in many microprocessor architectures including Intel Haswell CPUs.

In most CPUs since the 90's I would guess.

The paper has some recommendations though:

A hardware solution that would fundamentally mitigate the BTB-based attacks is to change the BTB addressing mechanism in a way that prevents exploitable collisions in the BTB. The attack against KASLR can be mitigated by using full virtual address for accessing the BTB, thus eliminating collisions between the user code and the kernel code. This would require adding extra bits in the BTB, as the tag size will increase significantly (by 17 bits compared to Haswell implementation for 48-bit virtual addresses). Alternatively, the BTB can use different indexing functions for user and kernel-level code. For example, a secret value can be added to the existing BTB hash function when the CPU is executing in the kernel mode. To prevent the user process from discovering this value and reverse-engineering the hash function, this value can be randomized during each system’s boot.

Just what Europe needs – another bungled exit: Mars lander goes AWOL

Destroy All Monsters Silver badge

Re: They don't want us

If there had been Boers on Mars, a good reason would have existed to pay an impromptu vist!

Destroy All Monsters Silver badge

Re: Yet another illustration that

3h of Capita ... in SPAAACEEE! background ambience

Destroy All Monsters Silver badge

No progressivism in space, please!

Destroy All Monsters Silver badge

Re: Yet another illustration that

Why not give it to CAPITA for best cheap experience?

'Doubly unacceptable' Swiss vegan forces his way into the army

Destroy All Monsters Silver badge
Gimp

Re: I'm confused.

"civil service mandates the wearing of leather"

Unlikely in a country with calvinist traditions...

Donald Trump running insecure email servers

Destroy All Monsters Silver badge
Mushroom

..and could we maybe discuss Lady McDeath's "stolen emails" instead?

Yeah, it's fantastic, isn't it:

US presidential candidate Donald Trump’s criticism of rival Hillary Clinton's use of a private email server while Secretary of State appeared to have rebounded on him.

It's pretty amazing that outright illegal behaviour engaged in while running the State Department, then lying about it, trying to shift the blame to Powell, and getting a free pass by law enforcement is now put on the same level as running an unsecure server when running for president (however ill-suited for that job, but the Clinton-level of "fuck everything that looks female" is there at least)

Says much about the sewer-grade "news reporting" one gets nowadays.

I'm actually expecting downvotes by Graun readers and progressive poseurs who can't wait to liberate Aleppo for the children by a no-fly zone.