Re: OMG
Sweet!
Posts by Fred Flintstone
3108 publicly visible posts • joined 9 Jun 2009
Page:
Altered carbon: Boffins automate DNA storage with decent density – but lousy latency
Boeing big cheese repeats pledge of 737 Max software updates following fatal crashes
Friday 22nd March 2019 09:21 GMT 
Re: Just a tad pregnant
Airbus starts at least with a dynamically stable airframe (which is where all the 737 MAX's problems originate), and as its software has the last say instead of the pilot, redundancy is not seen as an afterthought but as a critical safety component (and, let's be honest, as the only way to get a FAA certification, at least one that's been done properly).
Last but not least, Airbus has decades of experience with software running the show, so by now they have a pretty good handle on where issues can arise and what to do to address them now before it ends up killing people. For Boeing to think they can quickly slap something together to fix a fundamental physical design problem and put that pretty much in charge over the pilot is unforgivable, especially since this was so critical to keep the plane in the air. It also raises MAJOR issues about the certification path for the 737 MAX.
Friday 22nd March 2019 09:08 GMT
Re: MCAS from a Systems Perspective
Thanks for that. I was just sent a link to a document written by a pilot who has also an IT background, and it makes, frankly, for horrific reading.
As a matter of fact, I preserved it, just in case Boeing tries to get it offline because it is a sane but wholly damning review of what happened, and why. I quote:
If I have not been clear, so far, let me say it succinctly.Boeing produced a dynamically unstable airframe, the 737 MAX. That is big strike #1.
Boeing then tried to mask the 737’s dynamic instability with a software system, similar to the systems used in dynamically unstable fighter jets (though those jets are fitted with ejection seats). Big strike #2.
Finally, the software system relied on systems known for their propensity to fail (angle of attack indicators) and did not appear to include even rudimentary provisions to cross check the outputs of the angle of attack sensor against other sensors, including the other angle of attack sensor. Big strike #3.
None of the above should have passed any muster. None of the above should have passed the “ok” pencil of the most junior engineering staff, much less a DER.
Go read it. After that, I suspect you won't go near a 737 MAX ever again, even after the patch.
New Zealand cops cuff alleged jackasses who shared mosque murder video, messages online
Silence of the WANs: FBI DDoS-for-hire greaseball takedowns slash web flood attacks 'by 11%'
Wednesday 20th March 2019 09:25 GMT
Is it against the law to rent a ddos service and point it at its own command and control servers?
The challenge is verifying is the legitimacy of the resources of a DDoS provider. If they generate that through their own resources you'd be OK, but DDoS waves are typically generated by co-opting other people's resources (websites, IoT, breached machines, routers - as long as it can talk online), and in that case you're funding a criminal enterprise.
Attacking yourself is perfectly OK, but you best accurately document the process of choosing your choice of provider so you can prove due diligence. A legit DDoS provider (if such beast exists) must be able to certify how it generates its traffic and how it ensures it remains focused on legitimate targets, and will also demand a permission form from you for the same reasons.
Click here to see the New Zealand livestream mass-murder vid! This is the internet Facebook, YouTube, Twitter built!
Sunday 17th March 2019 01:51 GMT
Re: Errr, censorship?
Silicon Valley has shrugged off all but the bare minimum of responsibility
There is only one SINGLE reason that moderation isn't as affective as it ought to be: the almighty buck. The whole almost frenetic drive to find some form of AI that can filter this is hiding a very simple but brutal truth: only humans can moderate effectively but. they. cost. money.
We can debate about the degree of monitoring and whether this would or would not amount to censorship until the cows come home, but I think we can all agree that zapping this event and similar (and reporting it) would not be a hard decision for anyone to take - how about we start there? Furthermore, it is not as if we are short on case studies where else things have gone wrong so the debate that MUST be had is not going to be uninformed.
However, again not doing anything because it may be difficult or likely make some people angry is IMHO not an option. As is not properly funding it by those who have been reaping vast profits over the years, and they can start with donating the money that was made during the display of these atrocities (or did you really think I forgot about that?).
This is the Send, encrypted end-to-end, this is the Send, my Mozillan friend
Microsoft changes DHCP to 'Dammit! Hacked! Compromised! Pwned!' Big bunch of security fixes land for Windows
Hipster whines at tech mag for using his pic to imply hipsters look the same, discovers pic was of an entirely different hipster
When 2FA means sweet FA privacy: Facebook admits it slurps mobe numbers for more than just profile security
Tuesday 5th March 2019 15:45 GMT
Yes, slimy shites. If somebody (a friend)has you in their phone contacts and they download the Faecebook app and accept the permissions requests, their contacts and your details are slurped by Faecebook. Some friend they are.
You might want to take into account that most people are utter innocents when it comes to privacy, they're no match for the conniving bastards that will use every psychological trick in the book to con people into giving permission to hand over details they should not share. It starts with roping in kids and establish the habit before they are old enough to judge their actions.
They're not bad friends, they are simply innocents who have their innocence used against them - the basis of every con job ever.
That's why you need to help them understand what FB is doing, in a language they can understand. Accusing people of something they're not even aware of is not going to help - we can (and must) do better.
Tuesday 5th March 2019 11:53 GMT
For Facebook, this is mere camouflage
(I'm repeating a comment I made earlier, just putting it in its own thread).
Google, Facebook, Microsoft, Facebook: they all want access to the one tracker we keep on us: our mobile phone.
Facebook owns WhatsApp, which is pure poison for your contacts: the first thing it does is give your entire address book to numbers to Facebook (it won't even work if you don't allow it to do that) WITHOUT needing to ask their permission.
Facebook asking for your number is thus just insidious camouflage: they most likely already have it. They just don't want you to realise that. I really don't buy it that they have not cross-linked those databases already, after all, there's money in it.
Tuesday 5th March 2019 11:44 GMT
Re: Google too
Google, Facebook, Microsoft, Facebook: they all want access to the one tracker we keep on us: our mobile phone.
THAT is why the use of WhatsApp is pure poison for your contacts: the first thing it does is give their numbers to Facebook - it won't even work if you don't allow it to do that.
This is why FB asking for your number is just insidious camouflage: they most likely already have it. They just don't want you to realise that.
USB4: Based on Thunderbolt 3. Two times the data rate, at 40Gbps. One fewer space. Zero confusing versions
Need a 1TB microSD for your smartmobe? Come April, you can free up storage space in your wallet and buy one
What did turbonerds do before the internet? 41 years ago, a load of BBS
A once-in-a-lifetime Opportunity: NASA bids emotional farewell to its cocky, hardworking RC science car on Mars
Friday 15th February 2019 10:41 GMT
Re: Wouldn't it be ironic
if in a few years a cylinder-like object crash lands onto the common and after the top slowly unscrews Opportunity appears and heat-rays everything in sight.
... aaaand we have winner, grin!
For me, that's the Comment of the Week - beautiful segue into War of the Worlds.
Well done (still laughing).
Google's stunning plan to avoid apps slurping Gmail inboxes: Charge devs for security audits
Monday 11th February 2019 15:08 GMT
Well, I can make that simple
To prevent mistakes, how about keeping your fingers simply out of people's email, Google? Just imagine what a shocking amount of pretence and fake certification efforts that would save.
What? Oh, that eats into your profit? Well, wouldn't it have been simpler to base your revenue on methods that are actually legal in the countries you operate, or am I missing something here?
QNAP NAS user? You'd better check your hosts file for mystery anti-antivirus entries
German competition watchdog tells Facebook to stop combining user data without consent
Saturday 9th February 2019 11:59 GMT
Re: "Facebook's position is that once they have the data, it's their data"
I'm starting to suspect that Google, Facebook et al will be all standing together against the wall when the revolution comes.
That would be the wall that Trumps is building then? That's about as likely to happen as Google and Facebook's executive team properly facing the music.
Apple puts bullet through 'Do Not Track', FaceTime snooping bug and iOS vulnerabilities
Friday 8th February 2019 09:01 GMT
The utter lunacy of Google
Google even have the nerve to suggest you should trust a plugin of theirs if you do not want to be tracked by their analytics.
Let me see, because I don't want my neighbours to hear what's going on in my house I will allow them to install a black box in my living room. Yup, sounds totally legit..
I will consider sharing data with Google, Facebook and all the other grubby e-stalkers (not allow, mind, just think about it) if their executives make all their own personal data available publicly - every last bit of it. "Publicly" because, as far as I'm concerned, that is what your data will be when it gets into the hands of organisations that either buy the laws they want, or see fines merely as the cost of business, not as a hint that what they do ought to change.
Pants-purveyor in plea for popularity: It's not just any pork push... it's an M&S 'love sausage'
What's that, Skippy? You want a taste of Windows 10 19H2? Oops, too late
Apple yoinks enterprise certs from Facebook, Google, killing internal apps, to show its power
Techie finds himself telling caller there is no safe depth of water for operating computers
Using WhatsApp for your business comms? It's either that or reinstall Lotus Notes
Ouch, Apple! Plenty of iPhones stuck in tech channel. How many? That's a 'wild card'
PSA: Disable FaceTime. Miscreants can snoop on your iPhone, Mac mic before you pick up call
Tuesday 29th January 2019 20:08 GMT
I wonder if you can track the incoming calls, though
As far as I know, an iPhone tracks every incoming call. The Imazing iOS management application for MacOS does more than just versioned, automated backups (although that's what I mostly use it for), it also backs up your call records and makes them accessible.
Call records include everything including FaceTime, so if you look at calls which aborted quickly you'll probably get an idea if you've been hit by this.
Worth a peek IMHO.
I can hear the light! Boffins beam audio into ears with freakin' lasers
French diplomat: Spies gonna spy – there aren't any magical cyberspace laws that can prevent it
Wednesday 23rd January 2019 07:40 GMT
Spying is OK as long as WE do it..
I figured I'd summarise the interview and the perspective of each participating country.
No, it is NOT OK. I can understand that, from your point of view, you want to leave the door open but no, it's not OK. If you want to make it OK, regulate it, ensure the regulation is applied and fines are issued to everyone who thinks the rules do not apply to them.
And I would still not be OK with it.
Clone your own Prince Phil, says eBay seller hawking debris left over from royal car crash
Mark Zuckerberg did everything in his power to avoid Facebook becoming the next MySpace – but forgot one crucial detail…
Friday 21st December 2018 11:44 GMT
Re: Facebook's shadow profile.
in my case of FB stalking i’ll privilege the IP cross-matching hypothesis
i created a burner FB profile for Tinder. new pix, slightly different name (same age (: ). my phone, a near death wifi-only Android never left home. FB app had never been activated on that phone before. i never surfed anywhere while logged into this FB on my browser. never friended anyone from it.
yet within days i had tons of friend suggestions for people i did know, but barely. somebody’s cousin or mother for example.
Actually, LikedIn shows the exact same behaviour. I created a new profile, pretty much blank. No CV, new contact details, different name, "joined" another company.
It took less than a day before it started to suggest, very focused, to connect to old colleagues.
Huawei exec out of jail, just as US accuses China of Marriott hack
Thursday 13th December 2018 08:41 GMT
I tend to mistrust these attributions
The problem I have with attributing hacks is there there is a difference between a hacker based in China/US/Ukraine/France/Russia which is who you always find in your typical website 404 log, and a government sanctioned operator/operation..
1 - I am *always* suspicious of casual tagging a whole group or country as it makes for lazy and unnuanced thinking;
2 - how can you tell the difference?
3 - how trustworthy is the claim? Making such claims is also subject to political manipulation.
4 - "bigging up" the alleged hacker may make it appear that the hack would have happened anyway, and from what I have seen so far, that really isn't a feasible excuse for Marriott. There's quite a difference between making a mistake and simply not paying attention at all.
Here's 2018 in a nutshell for you... Russian super robot turns out to be man in robot suit
Equifax how-it-was-mega-hacked damning dossier lands, in all of its infuriating glory
Wednesday 12th December 2018 09:49 GMT
Re: "Except it would had cost money to do so. Money not spent = profit."
The root cause?
Absolutely .
IMHO it ought to be the basis of any fine: make the fine many, many times more than the expense of doing it properly, of course retrospectively applied and aggregated. It's the only way I can see this become a concern for those taking the decision as it hits them in their pocket.
Further, make security audits mandatory as well as their publication for big organisations after, say, a 3 month period to fix the problems found, with an extra 3 month wait extension only available via a rigorous exception process to filter out the usual excuses.
Amazon robot fingered for bear spray leak that hospitalised 24 staffers
Friday 7th December 2018 08:47 GMT
Re: What are the 3 rules again?
1. A human employee may not reduce the profits of the Amazon corporation, or through inaction allow profits to be reduced.
2. A human employee must obey the orders give to it by Amazon except where such orders would conflict with the first law.
3. A human employee must protect their own existence as long as such protection does not conflict with the First or Second Laws.
Ooooh, that is a *classic*.
This is one of those moment I regret that I only have one upvote, so I thus nominate this one for Comment of the Week, for sarcasm in the face of adversity.
Well done.
:)
OneDrive is broken: Microsoft's cloudy storage drops from the sky for EU users
OneDrive Skype integration goes live aaand... OneDrive falls over in Europe
Saturday 1st December 2018 14:04 GMT
Re: WTF?
Quite.
I even have a more advanced process in place: we work on it together on a machine. Much quicker. This tends to happen after we spend some time scribbling on paper, the machine version is more for sharing with any third parties who would consider especially my handwriting as a form of encryption :).
Biting the hand that feeds IT
