nav search
Data Center Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

* Posts by DougS

9867 posts • joined 12 Feb 2011

Android snoopware Skygofree can pilfer WhatsApp messages

DougS
Silver badge

Re: Skygofree spreads through web pages

If so, it is only one hack against a major site or major ad network away from infecting millions of devices.

0
0

Private submarine builder charged with murder of journalist

DougS
Silver badge

Only 15 years?

WTF is wrong with their laws? He planned to kill her, carried it out, desecrated her remains trying to hide his crime, and lied about it. If that's only 15 years what is rape, a couple years? Is mugging a weekend of your choice in jail and a $50 fine?

1
1

Drone crashes after operator failed to spot extra building site crane

DougS
Silver badge

@Chris G - cursory survey of the site

If you visited a construction site with a few cranes on it, then a few weeks/months later visited the same site, would you be able to easily tell if a crane had been added or moved?

Any drone operated autonomously via waypoints needs to have built in collision avoidance IMHO. They should not be allowed to operate autonomously otherwise. It is not just a problem of cranes, what about birds, other drones, hot air ballons, TV helicopters or whatever else might be in the area while the operator stupidly lets it follow waypoints like some sort of drugged up bloodhound?

1
0

UK's Just Eat faces probe after woman tweets chat-up texts from 'delivery guy'

DougS
Silver badge

Not having the customer's phone number won't help

He knows where she lives! Instead he'll show up at her door, or leave a note on her car (if it is a house with a driveway or a space marked by apartment number it would be easy to tell) which would leave her feeling even more violated.

Creepers are gonna creep, the only solution is to fire them immediately when this sort of thing happens.

0
0

Frenchman comes eye to eye with horror toilet python

DougS
Silver badge
Happy

Closed the door then opened it again?

I guess this is the real world version of turning it off and back on again and hoping that fixes the problem?

2
0

Ford giving 'leccy car investment a jolt to the tune of $11 BEEELLION

DougS
Silver badge

Re: A large proportion of people don't have a don't have a driveway

You'll need to speak to your municipal leaders about that, as you'd need "reserved" parking in front of your own house to insure you are close to where you have trenched a power feed to the curb in a lock box (to keep away freeloaders) or the city will need to install curbside charging (and billing) stations in residential areas. I imagine cities/neighborhoods where parking isn't a problem would adopt the former, and those with more contentious parking situations the latter.

0
0
DougS
Silver badge

You have to start somewhere

If you wait until a product is suitable for 100% of the market you will never release it. This is less of a problem in the US since most people outside big cities have garages, and while the charge rate may be slow with the typical circuits (you could upgrade the typical 115v/15A circuit to 230v/20A without changing the wiring) that's not a problem for overnight - once people get into the habit of plugging in whenever they park.

Most people in the US wouldn't want an electric as their ONLY car because of range problems - even with a supercharger having to wait a half hour every four hours of driving would be pretty annoying. But replacing one of the two cars the average US household owns, outside of bit cities like NYC or SF, or replacing one car in the whatever percent of UK households have a garage, is not an insignificant sized target market.

The infrastructure problems for those who park on the street, better charging for long distance driving (or better batteries so it is less of a problem) will get solved down the road (no pun intended)

6
5

Hawaiian fake nukes alert caused by fat-fingered fumble of garbage GUI

DougS
Silver badge

Their most recent test - the one that was confirmed as a fusion device - had a revised estimate of 250 kilotons. Far larger than Hiroshima.

While the US & Russia have larger weapons in their arsenal, they can be dialed to a range of outputs, so they probably wouldn't be used at their full multi-megaton potential unless some insecure orange dimwit was upset someone called attention to his small hands.

3
0
DougS
Silver badge

Re: Why the FCC is involved?

I believe the FCC would have jurisdiction over the national emergency alert system, which depends on the state run systems.

3
0
DougS
Silver badge

UI design 101

Make the common case (system test) easily accessible and the uncommon case (actual alert) jump through a hoop or two. If it is true they were the two options in a single drop down menu, and I guess no "are you sure" and "are you REALLY sure" to confirm that it is a real attack then obviously they didn't put any thought at all into this. But ideally it would be in its own menu item, not sharing the drop down with the test they do once a month.

Brother of a friend of mine was in Honolulu on vacation when this hit. He said his brother (who happens to a software engineer) immediately assumed it was a false alarm, and convinced his wife to stay on the beach while everyone else was panicking and trying to find shelter. Even if I thought it was real I would probably stayed there - better to die in a flash with a nice light show than to die slowly of radiation burns.

13
0

Meltdown/Spectre fixes made AWS CPUs cry, says SolarWinds

DougS
Silver badge

Re: the thing is they had all these chips running at 25%

If the hypervisor was planned for 80-100% 24x7 and they installed a patch that caused everyone's load to increase by 20%, they would be royally fucked!

I know of course the 25% was the vCPU, not the actual CPU which as you say will be more heavily loaded. The customers want low utilization in their vCPUs so they have spare capacity for when they hit their peaks. The provider needs to look at trends to insure they have high utilization (otherwise they have idle resources that are a waste of capital) but not too high - otherwise they could get caught with their pants down if something happens to trigger peak loads for their customers - like a major news item like missile being fired at Hawaii, a president being assassinated, a stock market crash, etc.

0
0
DougS
Silver badge

Re: the thing is they had all these chips running at 25%

If you want to have capacity for peak loads you need to be operating at much below peak most of the time. That's one of the main reasons for virtualization and cloud, after all.

3
0

Third NAND dimension makes quad bit bucket cells feasible

DougS
Silver badge

Re: Diminishing Returns

Fractional bits because you can't make a power of two jump mean even tinier increases coupled with everything being more complicated. I see zero chance of that ever happening.

1
0
DougS
Silver badge

Re: Diminishing Returns

It provides 33% increase in raw bits, but if you are using some of them for additional error correction and others for additional overprovisioning it may not add all that much. The case for "5LC" would be even worse, should they ever think about doing that.

0
0

Super Micro crams 36 Samsung 'ruler' SSDs into dense superserver

DougS
Silver badge

Hate to think about what this will cost

AFAIK Samsung hasn't even released pricing on those SSDs...

4
0

Junk food meets junk money: KFC starts selling Bitcoin Bucket

DougS
Silver badge

Just a publicity stunt

They aren't accepting bitcoin for anything, just a special product with a limited number available (so they don't get killed by the transaction cost)

I'm sure the bitcoin nuts will try to claim "look regular companies are starting to accept it" but they are not and will not. They just wanted to get some free publicity they wouldn't have got if they did an ordinary cut price special.

The bitcoin conference didn't accept bitcoin, that tells you all you need to know about how useless it is for normal transactions now. Cryptocurrencies may eventually succeed (I think a good use would be micropayments to web sites for viewing so they don't have to fight ad blockers) but bitcoin will not be the one that wins. It has too many problems inherent to its design that make it terrible for being anything but the tulip of the 2010s.

4
0

OK, Google: Why does Chromecast clobber Wi-Fi connections?

DougS
Silver badge

Sounds like it is caching all the requests while it is sleeping

Then sending them all out when it awakens. Must be fun for the people who rarely use it!

6
0

Boffins split on whether Spectre fix needs tweaked hardware

DougS
Silver badge

Re: ARM...

A53 is in-order execution which makes it both not vulnerable and smaller/less expensive. The latter is why it would have been chosen for those phones; Nokia and Sony wouldn't have heard about the issues until fairly recently but even if they knew back in June when Intel did that's not enough time to be in the "selecting a CPU" stage of designing a phone that would be on the market in early 2018.

9
0

'Mummy, what's felching?' Tot gets smut served by Android app

DougS
Silver badge

Re: And still...

So basically you use your smartphone like a flip phone with a bigger screen that plays chess? Hardly worth having a smartphone at that point...

A lot of the worst Android exploits in the last year or two were related to receiving MMS messages and browsing. If you do either (and you really can't control receipt of MMS messages unless maybe you can disable it) then you aren't as safe as you think you are, just safer than people running stock Android phones.

3
5

US shoppers abandon PC makers in hour of need

DougS
Silver badge

People won't replace PCs over Intel bugs

It isn't something to be overly concerned about versus the tons of holes that are found every year - the tons more that exist but aren't publicly known yet or have yet to be discovered at all.

I imagine this is what Gartner and IDC are telling their clients, because they always say "good times are around the corner" and predict rising PC sales, but if they are falling even when world economy is doing quite well and Windows 7's retirement date is rapidly approaching Meltdown/Spectre isn't going to move the needle.

It may result in enterprises and cloud providers replacing servers more quickly, since hit on VMs is far larger than the single digit performance penalties Intel is claiming. So I'd look for server sales to bump because of it.

4
0

BOFH: Buttock And Departmental Defence ... As A Service

DougS
Silver badge

COMPLETE walls?

Do they count as "complete" walls if they only go down to about a foot above ground? The bus shelters around here have 3 1/3 walls - they're rectangular with the long side facing away from the street having just a little stub on either side, along with a roof. But they don't extend all the way to the ground, I assume the gap is so the driver can see if there is someone in the shelter if they're not paying attention and don't notice the bus until they can hear it.

1
0

Apple agrees to pay £136m in back idiot taxes to UK taxman

DougS
Silver badge

Re: largest taxpayer in the world

The "corporations don't really pay any tax" argument is stupid. You could just as easily argue that you don't really pay any federal income tax either, since it is paid by your employer on your behalf and most taxpayers get a refund in the spring and not a tax bill.

1
0
DougS
Silver badge

Re: largest taxpayer in the world

Thousands of US companies have been leaving money overseas to avoid (technically delay since the tax was owed but not due until the money came back to the US) paying tax in the US on foreign earnings, which was perfectly legal to do. I assume you want the same 90% rate for Google, Microsoft, Facebook, GE, Gilead and all the other companies with tens or hundreds of billions parked overseas just like Apple?

The new tax law has a 0% rate for overseas income earned after Jan. 1 this year, which sounds like a giveaway until you realize that just makes the US corporate tax system work like that of every other country in the world.

0
0
DougS
Silver badge

Re: largest taxpayer in the world

They pay billions in taxes in the US - they are most definitely the largest taxpayer in the US. They have been claiming to be the largest taxpayer in the world for several years now, and no one has ever pointed to an example of a company that pays more.

So instead of laughing, put up or shut up - who pays more in taxes than Apple?

2
2
DougS
Silver badge

Re: "...the company has agreed..."

Paying taxes is always a negotiation because you prepare your own taxes. You pay what the forms you or your CPA prepared say you owe, and the tax authority may or may not question your preparation. If they do, you can defend all/part/none of your calculations, implicitly accepting theirs where you choose not to defend.

If they disagree with your defense of your preparation then you have to prove it to them (at least in the US - since the IRS are considered experts if you can't prove to them you're right, then by default they're right) and in the end you mutually on an amount and settle up.

If you ever receive a big bill that you owe more in taxes, and just pay it without question (unless you knew you were trying to get away with something and they caught you) then you're stupid. It is worth fighting if you and your CPA believe you're in the right, I know this from personal experience.

2
0

US House reps green-light Fourth Amendment busting spy program

DougS
Silver badge

Most of us would be billionaires if we got the head start he did with a father worth hundreds of millions.

3
0
DougS
Silver badge

Democrats are going to take the house this year, so what?

Won't make a bit of difference when the next vote for section 702 comes. Or have you not looked at who voted on which side and what parties they're from. It is a minority in both parties who are against this (true liberals and "libertarian" republicans, i.e. only those who care about individual rights) while the mainstream in both parties is firmly behind it - because they have done the political calculation and figure 'better safe than sorry' when it comes to giving homeland security whatever they want Constitution be damned!

3
0
DougS
Silver badge

Unfortunately there are too few who believe this in either party. At least if it could be turned into a partisan issue either the republicans would eliminate it now or the democrats would next time they have power. Since both parties agree with the bullshit, we're going to be stuck with it until another Snowden style leak shows the scale of it to the average person. Then maybe...

10
0
DougS
Silver badge

He acts exactly like all the news reports say he does

He believes whoever talked to him last. If Trump TV Fox News was off the air for a morning and Trump had to watch MSNBC instead, he'd be advocating for single payer health care by lunch.

He put on a real time demonstration of this with his televised "meeting" a couple days ago where Pelosi got him to agree to a clean DACA bill until one of the house republicans talked him down. I think he was hoping to disprove the accounts in the book, but all he did was convince arch conservatives like Ann Coulter that it was all true!

12
1

Should SANs be patched to fix the Spectre and Meltdown bugs? Er ... yes and no

DougS
Silver badge

Re: SANdemonium

No, they are all running either Linux or BSD, with at least one running Windows (the Clariion/VNX controller) I'm not aware of any that wrote their entire OS including the kernel for a general purpose CPU, which is what would be required for it to run ring 0.

If you are going to go to that much effort, you'll develop your own ASIC like EMC for the Symmetrix/DMX/vMax line. Obviously that has some sort of OS (Engenuity or whatever they call it now) but it isn't a general purpose CPU and you definitely aren't going to be able to run your own code even if it was vulnerable.

1
0
DougS
Silver badge

Re: Safe enough - IF no third party code

If an engineer at the company I work for were to create such a backdoor in software that shipped to a customer they wouldn't just be looking a dismissal, they'd probably be looking for a lawyer to keep them out of jail.

Agreed. The days of hardcoding a special field service password or Nintendo-style backdoor into enterprise hardware is over, the publicity if it is found out would be a killer - consider that for it to be useful your employees (some of whom will eventually become ex-employees) have to know about it!

Besides even the built-in backdoors that used to be common were just a way to get in as 'admin' (or sometimes "admin plus") if your customer forgot the password. Even if they dropped you down to some sort of shell, there's a long way from that to having the proper build environment to compile something that will run on it.

5
0

Of course Uber allegedly had a tool to remotely destroy evidence

DougS
Silver badge

Once Mueller's investigation of the Trump campaign is over

He should be a special prosecutor looking into Uber's business practices. They could do with a good old fashioned FBI anal probing.

0
0

OnePlus Android mobes' clipboard app caught phoning home to China

DougS
Silver badge

Re: Android privacy? Is that new?

Apple didn't send location information back to base, they were just collecting it in log files on the phone.

3
1

Ecuador tried to make Julian Assange a diplomat

DougS
Silver badge

Guess he should have colluded with the Trump campaign

Like Russia did. Then along with how Trump's people tried to act to drop Russian sanctions the moment they landed in the White House (which congress had to act to prevent happening) they would have act to drop the sealed indictment against Assange filed back in 2012.

2
1

Intel’s Meltdown fix freaked out some Broadwells, Haswells

DougS
Silver badge

Re: Remembering Snowden...

Why in the world do you think Meltdown is something the NSA etc. would care about? It allows reading kernel data, big deal. Any admin/root level exploit will allow that - the only thing different about Meltdown is that it is a hardware bug so if an affected CPU was running a super-secure OS (such as a formally verified microkernel like the one Apple runs in its secure enclave[*]) you could still attack it.

Just look at the list of CVEs for Windows and Linux that come out this year. All the admin level ones marked critical - of which no doubt there will be more than a few for each over the course of 2018 - are FAR worse than Meltdown, let alone Spectre, for those running Windows and Linux. If you exploit them you not only can read kernel memory, you can write it to your heart's content.

[*] Meltdown wouldn't work against Apple's secure enclave because the CPU is in-order execution and thus not vulnerable.

3
2

Brit transport pundit Christian Wolmar on why the driverless car is on a 'road to nowhere'

DougS
Silver badge

Why can't you program a bit of aggressiveness?

Humans manage to drive through busy areas with a lot of foot traffic by just easing forward bit by bit and essentially create their own gap by blocking pedestrians. Why can't autonomous cars do the same?

Not saying it will be EASY, this is yet another reason why I think they'll be practical to take over freeway driving (by that I mean you can sleep while it is driving) years before they can drive you from door to door in busy urban environments like London or NYC.

0
1

Stop us if you've heard this one: Apple's password protection in macOS can be thwarted

DougS
Silver badge

What I meant was it was not a security bug. Obviously asking for a password and accepting anything is broken, but if it only happens when you are logged in as admin it doesn't allow anyone access to something they wouldn't have anyway if you leave yourself logged in and unlocked.

It sounds very much like their previous bug where the password prompt accepting anything. Makes me wonder if it had the same buggy code with '=' instead of '==' copy/pasted from the same place. If so, hope they do a search this time in case there's more.

0
1
DougS
Silver badge

Yeah any "bug" for a user logging in with admin privileges and then leaving their computer without locking it first allowing access to their stuff is NOT a bug, IMHO.

Either the description in the article is wrong or whoever is complaining about it is nuts.

2
30

Apple hands Chinese iCloud to Guizhou-Cloud Big Data Industry

DougS
Silver badge

There is no "iCloud source code"

Apple used Amazon to store iCloud stuff at first before they built their own datacenters. They will be using this Chinese cloud provider, so there won't be any Apple IP involved. They just need a fat pipe, with hardware to decrypt the data when it reaches this cloud provider and then it will be stored on their cloud.

0
0

Ohio coder accused of infecting Macs, PCs with webcam, browser spyware for 13 years

DougS
Silver badge

Re: Aaaargh

'Cyber' is still very much a word in the FBI's part of the world. The FBI has a cyber crimes division, not a computer crimes division...

Even outside that word it is fairly well entrenched in the security side of IT. People get hired for cybersecurity positions, not computer security positions.

3
0

1 in 5 STEM bros whinge they can't catch a break in tech world they run

DougS
Silver badge

Re: Slight typo

Nah, a fuckup that big takes a majority of the executive leadership to sign off on it.

13
0
DougS
Silver badge

Re: Slight typo

She better be good if she's doing 19% of the entire company's leadership work! I'd need a nap.

15
0

Leaky credit report biz face massive fines if US senators get their way

DougS
Silver badge

Sure it will, it will make companies more willing to invest resources in preventing future breaches instead of just assuming they can take a brief public black eye when it hits the press and move on.

17
2

Watt? You thought the wireless charging war was over? It ain't even begun

DougS
Silver badge

Apple integrating Qi doesn't necessarily mean they have given up on Energous' strategy. Maybe they have developed something that will work both with Qi and with Energous. That would seem to make the most sense, since Qi has been around for a few years and Energous products will take time to be deployed (and probably be more expensive than a simple mat)

Perhaps Energous expected FCC approval in time for the iPhone 8/X launch and Apple wanted to tout distance charging but wasn't able to. There were rumors that the Homepod would have built in distance charging technology working at up to three feet - which is exactly the distance Energous recently got approval for. Perhaps the reason it was delayed was because Energous needed approval for the technology before Apple would be able to sell a device that incorporates it.

I think Apple realizes what everyone knows, that current wireless charging is nearly useless since it is restricted to a mat. Even at only 3' wireless charging would be a lot more useful, as it could be positioned near your workspace to charge not only your phone sitting next to you but your wireless keyboard and mouse. I doubt it will have enough power to charge a laptop, but maybe eventually.

0
2

Russia claims it repelled home-grown drone swarm in Syria

DougS
Silver badge

This is what we need to worry about

What I've been saying for the past decade every time I hear about billions and trillions being thrown away on F35s is that other countries like China and Russia are no doubt developing autonomous drones designed to attack in swarms of hundreds or thousands. Fighters will be useless against them because they've only got a handful of missiles, once those are gone they're sitting ducks. Ground based defenses will be overwhelmed by their numbers.

As they'll be built by advanced countries and not hacked together by terrorists on a shoestring budget, they'll be resistant to EMF attacks and designed to use dead reckoning if satellite guidance is lost. They might drop bombs, be bombs or simply do their damage via impact (very effective against fighters and bombers if they have a small solid propellant rocket at the rear for a quick boost to supersonic ramming speeds)

The US is doing nothing (publicly, at least) to counter this threat, because the Air Force is run by former flyboys who think men in seats is the way to wage war. They will be caught with their pants down if the US ever engages in a war with a real adversary, instead of the tinpot dictator of the year club in the middle east.

4
0

WikiLeave? Assange tipped for Ecuadorian eviction

DougS
Silver badge

Re: Here's a question

He'd probably be a lot happier living in Ecuador rather than living in a couple rooms in an embassy, even if he couldn't leave - I know I would! Presumably he is not destitute, so he could afford his own lodgings there and be self-sufficient. He'd be a lot less dependent on them than he is now, that's for sure!

2
0
DougS
Silver badge

Here's a question

I've always wondered, can't they remove him in a "diplomatic pouch"? Or is being able to smuggle people in/out in crates marked diplomatic a movie trope that doesn't exist in the real world?

6
0

Intel, Microsoft confess: Meltdown, Spectre may slow your servers

DougS
Silver badge

Performance impact in virtual machines

They should try the SYSmark benchmarks inside a VM to see what the performance impact is there. That's what matters the most for enterprise customers, who have fewer and fewer bare metal servers these days. Basically only big databases, even fileservers are typically run out of VMs these days.

6
0

With WPA3, Wi-Fi will be secure this time, really, wireless bods promise

DougS
Silver badge

Re: The new "Commercial National Security Algorithm"

Not with wifi or other open standards.

0
0

US Senators force vote on Ctrl-Z'ing America's net neutrality death

DougS
Silver badge

Re: "The floor of the Senate"

They want to, there just aren't nearly enough of them willing to fight over it. The ones that would be willing to fight a war over it are the ones who showed up in Charlottesville chanting Nazi slogans.

The 49% who voted for Trump, or the 35-ish percent who still support him are not all angry oppressed white men. Most of them are just conservatives who tolerate Trump as a means to an end because they see democrats as worse.

1
0

The Register - Independent news and views for the tech community. Part of Situation Publishing