nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by diodesign

2117 posts • joined 21 Sep 2011

HCL picks up Notes, spanks total of $1.8bn at Honest John's IBM software sale

diodesign
(Written by Reg staff) Silver badge

Re: Do the people at El Reg...

Yeah, fair enough. Maybe we over-snarked.

C.

5
0

Total Inability To Support User Phones: O2 fries, burning data for 32 million Brits

diodesign
(Written by Reg staff) Silver badge

Re: This is cyber warfare isn’t it?

Expired software certificate, apparently...

https://www.theregister.co.uk/2018/12/06/ericsson_o2_telefonica_uk_outage/

C.

2
0

Qualcomm lifts lid on 7nm Arm-based octo-core Snapdragon 855 chip for next year's expensive 5G Androids

diodesign
(Written by Reg staff) Silver badge

Re: NE555?

855 reminded me of the old 555 [triv]

C.

8
0

DeepMind quits playing games with AI, ups the protein stakes with machine-learning code

diodesign
(Written by Reg staff) Silver badge

Re: It's good somebody's doing this

That doesn't, TTBOMK, use machine learning, and instead uses the spare processor cycles on a lot of computers. Completely different project.

C.

6
0

Millennials 'horrify' their neighbours with knob-shaped lights display

diodesign
(Written by Reg staff) Silver badge

"Sometimes I really appreciate local rag journalist"

Some of us used to be them. My favorite rejected crap headline was about a bunch of casino robbers...

'Aceholes'

C.

0
0

SEAL up your data just like Microsoft: Redmond open-sources 'simple' homomorphic encryption blueprints

diodesign
(Written by Reg staff) Silver badge

Re: Benny

"Why would you want to use this if anyone could just come along and change your data (albeit without ever knowing what it was)?"

No one can "just come along" and change it - if you have unauthorized database access then if the DB is unencrypted t's completely game over, and if it's encrypted then at least they can't see the data. If someone breaks in and changes the database records, then roll back to a backup and seal up your network security.

The aim of this is to keep the data shielded and minimize risk.

C.

1
0

Customers baffled as Citrix forces password changes for document-slinging Sharefile outfit

diodesign
(Written by Reg staff) Silver badge

Re: Question about weak passwords

"I'm a bit confused about the reasoning behind forcing password changes leading to weaker passwords"

I imagine it goes something like this: you start out with D9xTMffgH!#82 then D9xTMff then DxCitrixAgain and then ihatecitrix and ihatecitrix! and ihatecitrix123

etc

C.

19
0

It's nearly 2019, and your network can get pwned through an oscilloscope

diodesign
(Written by Reg staff) Silver badge

Re: Credas

"the idea that someone could somehow gain anything useful from spying on a random oscilloscope"

Well, Target was pwned via its air-conditioning unit. I'm personally thinking you could use this to inject other systems - no one would suspect the scope - or infect it, wait for it to be transferred to another lab and then mess with stuff on that network.

Just use your imagination.

C.

17
0

See this, Google? Microsoft happy to take a half-billion in sweet, sweet US military money to 'increase lethality'

diodesign
(Written by Reg staff) Silver badge

Re: Eh?

"Has the author failed to engage their brain before writing this?"

No - I think you're blaming us for the actions of tech workers? I mean, techies have been creating bad press and embarrassment for corps by kicking up a fuss over military contracts. It's a little surprising that MS has gone for it, in that context.

But as we say, Microsoft has shrugged off prev criticism.

C.

0
1
diodesign
(Written by Reg staff) Silver badge

Re: How Many Times, El Reg?

Choo choo! Here comes the reality train:

"Bush and Obama did not have policies that resulted in the mass separation of parents and children like we’re seeing under the current administration"

https://www.factcheck.org/2018/06/did-the-obama-administration-separate-families/

C.

3
1

Gartner to wearables biz: Through failure comes success!

diodesign
(Written by Reg staff) Silver badge

Re: Oh come on, stop it.

"Whatever Gartner are paying you to run their stories you should shun the income and drop the crap they are peddling."

We're not paid to run any Gartner stories. Like with all analyst predictions, take with the required amount of salt.

C.

0
0

Forget DeepFakes. This robo-Rembrandt with AI for brains is not bad at knocking off paintings

diodesign
(Written by Reg staff) Silver badge

Re: The reality is ...meh.

Well, thing is, it's a) a research project b) it's one attempt at it. It's not a final project.

These things improve. I think people tend to forget that technology slowly comes together, building upon layers of work over time.

Bit like the ink from this printer AI.

C.

2
0
diodesign
(Written by Reg staff) Silver badge

Re: robo-Rembrant [sic]

Blah, stupid late-night headline typo on my part. It's fixed - don't forget to email corrections@theregister.com if you spot anything wrong.

C.

2
0

WhamWham, bambam, no thank you, SamSam: Iranians accused by the Feds of orchestrating ransomware outbreak

diodesign
(Written by Reg staff) Silver badge

Re: Oh...?

From the linked-to Treasury page...

"...these digital currency addresses should assist those in the compliance and digital currency communities in identifying transactions and funds that must be blocked and investigating any connections to these addresses.

"As a result of today’s action, persons that engage in transactions with Khorashadizadeh and Ghorbaniyan could be subject to secondary sanctions. Regardless of whether a transaction is denominated in a digital currency or traditional fiat currency, OFAC compliance obligations are the same."

Read into that what you will.

C.

0
0

NASA's Mars probe InSight really has Mars in sight: It beams back first pic after touchdown

diodesign
(Written by Reg staff) Silver badge

Re: I Am Spartacus

Er, at the time of writing:

1. the only image beamed back was the crappy photograph *embedded* *in* *the* *story* so that's the one we went with. More have since arrived, we can link to them now.

2. mobile users don't see the article's top 'hero' picture so they wouldn't see the Mars image if it was used as the header picture. instead, we *embedded* *it* *in* *the* *story*.

3. the image was *embedded* *in* *the* *story*.

C.

5
0

Great Scott! Is nothing sacred? US movie-goers vote Back To The Future as most-wanted reboot

diodesign
(Written by Reg staff) Silver badge

Re: 'Today's films are made to be "woke"'

I take it you haven't seen Adam Sandler's 'Pixels'. That wasn't particularly PC or "woke". neither was Ready Player One.

C.

10
0

3 is the magic number (of bits): Flip 'em at once and your ECC protection can be Rowhammer'd

diodesign
(Written by Reg staff) Silver badge

"I wouldn't lose sleep over it."

Yeah, as we said, it's difficult to exploit. As seen with Meltdown and Spectre, it's easier to get someone to click on a link or run a fake Flash installer.

C.

8
0
diodesign
(Written by Reg staff) Silver badge

"researchers can claim a repeatable demonstration"

Yes, that's exactly what's happened - confirmation. It's a demonstration of the attack. Just as it's one thing to say some software has a heap overflow, and quite another to develop an exploit to reliably and usefully exploit the flaw to achieve code execution.

To make everyone happy, I'll clarify it's a confirmation rather than a discovery.

C.

14
0
diodesign
(Written by Reg staff) Silver badge

Re: They're not knocking ECC

No one's saying ECC is bad - not us, not the researchers, pretty much no one - it's just that if you thought ECC would stop Rowhammer, you're sadly mistaken.

As we wrote in the article:

"The boffins said that their findings should not be taken as a condemnation of ECC either. Rather, it should show admins and security professionals that ECC is just one of several protection layers they should use..."

C.

8
0
diodesign
(Written by Reg staff) Silver badge

Re: Bravo! *slow clap*

"It must be a really slow day if this is news."

Where's your published paper on this, then, egghead? The point is showing that ECC can't stop Rowhammer attacks on adjacent RAM cells.

Also: the Meltdown vuln was stunningly trivial to exploit, and was staring people in the face for years, and was rightly heralded as a major find. Sometimes the obvious has to be pointed out.

C.

28
8

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you're visiting

diodesign
(Written by Reg staff) Silver badge

Re: Ermmmm, been this way forever?

This is using the CPU cache to fingerprint pages from their memory accesses. It's a new technique to spy on browser tabs, which has been done in the past.

C.

1
0
diodesign
(Written by Reg staff) Silver badge

Re: Seems to suggest JavaScript has some kind of access to the CPU cache

It has access like all software - it runs from the CPU cache thus it can measure how other stuff sharing the same cache is operating, and fingerprint it.

This normally requires precise timing, and thus requires access to high-precision timers that are being locked off from developers for this reason.However, this technique gets around that.

Check out the linked-to paper, it's why we link to original materials wherever we can.

C.

1
0

Infosec's Thanksgiving turkey triumvirate: Tesla, Tumblr, Trump (as in Ivanka)... and tons more

diodesign
(Written by Reg staff) Silver badge

"Succumbing to 'gotcha' headlines."

Oh friend, you must be new here.

C.

(PS: The article spells out the situation. If you can't take the ribbing, Breitbart is back that way, snowflake ----->)

36
1

Symantec execs cooked the books to protect their fat bonuses, investor lawsuit alleges

diodesign
(Written by Reg staff) Silver badge

Re: BuggerOff

If you nudge just enough into the right quarter, you'll qualify for the bonus - that's +/- $12m not $12m total - allegedly

C.

2
0

Linux kernel Spectre V2 defense fingered for massively slowing down unlucky apps on Intel Hyper-Thread CPUs

diodesign
(Written by Reg staff) Silver badge

Re: Confused

It exists because it mitigates the Spectre Variant 2 security vulnerability. It hits performance because the mitigation in combination with Hyper Threading potentially slows down software.

So your choices are:

- a: enable mitigation for security reasons, enable Hyper-Threading, take the potential performance hit

- b: enable the mitigation for security reasons, disable Hyper-Threading because you weren't benefiting from it anyway

- c: disable the mitigation because you're not worried about the security issue, and enable Hyper-Threading

- d: disable the mitigation because you're not worried about the security issue, and disable Hyper-Threading because you don't benefit from it anyway

Most people will decide between a, b and c.

C.

2
0

Microsoft confirms: We fixed Azure by turning it off and on again. PS: Office 362 is still borked

diodesign
(Written by Reg staff) Silver badge

"How difficult..."

About as difficult as it is for Microsoft to run Office for 365 days of the year.

C.

52
0

Don't read this, Oracle... It's the rise of the open-source data strategies

diodesign
(Written by Reg staff) Silver badge

Re: "I'm not a programmer, but still"

Er, there are a ton of non-relational databases out there. Like MongoDB etc. In fact, these are gaining popularity so much that yeah, a distinction has to be made.

C.

0
1

Using a free VPN? Why not skip the middleman and just send your data to President Xi?

diodesign
(Written by Reg staff) Silver badge

Re: anonymous coward

It's true VPNs are useful in China, which is why there's such an interest over there.

However, that doesn't excuse crap security. If you're using a stranger's VPN, you're placing an enormous amount of trust in that provider to not screw you over. With near-zero transparency, scrutiny or oversight, free VPNs are a privacy nightmare.

Edit: Oh yeah, don't forget all VPN providers must register with the Chinese government (see below, Google, etc), which is not... great.

C.

21
0
diodesign
(Written by Reg staff) Silver badge

Re: Browsing history?

It depends on the VPN. Anything clear-text can be snooped on or tampered with to inject ads. Any DNS look-ups for host names will be visible. Some VPNs offer a free browser that may collect your browsing history.

The VPN app could install a root certificate and MITM your SSL/TLS connections, if the websites you browse aren't mitigating that.

We've tweaked the sentence to clarify it.

C.

23
0

Holy moley! The amp, kelvin and kilogram will never be the same again

diodesign
(Written by Reg staff) Silver badge

"...using methods that can be replicated anywhere in this Universe."

Well, yeeeeeah... our planet is in this universe, at least it was the last time I checked ;-)

I kinda thought it would be presumptuous to say the constants would work everywhere in the universe. I expected a physics PhD to pop up and yell at us if we said "anywhere in the universe" because, I dunno, at least one of the constants used by the SI base units may not apply or change near black holes or other weird crap out there.

I don't know if people realize how much of a tightrope it is writing for a fair number of readers, most of them experts in a technical field. We try to get everything right within a reasonable time frame.

So anyway, that's why we thought "planet" would be a sensible non-offensive, non-triggering bounding box for boffins, seeing as humans aren't going much further into space for a while.

C.

44
0

Alphabet gives bipedal robots the Schaft 'cos no one wants to buy its creepy machine maker

diodesign
(Written by Reg staff) Silver badge

"It does seem El Reg is quite keen to welcome our Robot Overlords™"

I dunno, we've run a lot of skeptical stuff. The acceleration hardware and libraries popping up are interesting, and some NN applications, too, in that new algorithms are interesting.

Whether or not AI is a good idea in the real world long-term isn't clear. I get the feeling no one gets VC funding for saying they use "heuristics" these days.

C.

6
0

John McAfee is 'liable' for 2012 death of Belize neighbour, rules court

diodesign
(Written by Reg staff) Silver badge

Re: "than depicted here."

For various reasons (brevity, legal, etc) we kept it to the court document - if you click through to previous coverage, you'll find some more info.

C.

1
0

A new Raspberry Pi takes a bow with all of the speed but less of the RAM

diodesign
(Written by Reg staff) Silver badge

Its built-in Wi-Fi.

C.

3
0

Brexit: UK will be disconnected from EU databases after 2020

diodesign
(Written by Reg staff) Silver badge

Re: anonymous coward

> > We're just telling people what's going to happen.

> But Mrs May did that already. "brexit means brexit".

Sure dude, and here's what 'brexit' means (clue: see article).

C.

11
0
diodesign
(Written by Reg staff) Silver badge

"Why is this being reported as if it's a surprise?"

It's only a surprise if it's a surprise to you. We're just telling people what's going to happen.

C.

22
0

Japanese cyber security minister 'doesn't know what a USB stick is'

diodesign
(Written by Reg staff) Silver badge

"the mod queue seems a trifle arbitrary"

Some articles have been marked for hand-moderated comments, most not, eg this one, which is why your comment went through immediately.

Articles and users on manual-moderation mode have to wait for someone to be free to clear the queue; certainly I've seen the queue averaging 10-40 posts.

If you find yourself in the queue, it may be because you posted a correction as a comment, or had a comment recently rejected/removed. That'll put you in the queue for a while.

C.

2
1

'My entire company is without comms': Gamma's Horizon cloud PBX goes DOWN

diodesign
(Written by Reg staff) Silver badge

Re: "my comment took much longer to get approved"

New comment posters are manually moderated at first to make sure they're not spammers. That means comments are in a queue waiting for editors with time between articles to run through.

C.

3
0

Scumbag who phoned in a Call of Duty 'swatting' that ended in death pleads guilty to dozens of criminal charges

diodesign
(Written by Reg staff) Silver badge

Re: Cant they tell where the call was placed?

If you click through to the previous article, and pull up the grand jury paperwork*, you'll see it says Barriss "acquired an assigned telephone number from TextNow so it appeared to Wichita emergency personnel (with caller id) that defendant BARRISS was using a telephone with a '316' area code, the area code that includes Wichita, Kansas."

He used a Wichita number. FWIW US area codes are a little loose. Our San Francisco office has (650) phone numbers, which makes ppl think we are in San Mateo.

C.

* it's still here https://regmedia.co.uk/2018/05/24/barrissindictment.pdf

8
0

Bloke jailed for trying to blow up UK crypto-cash biz after it failed to reset his account password

diodesign
(Written by Reg staff) Silver badge

Re: "CinemaSins likes to make fun when movies specify the countries of famous cities."

I know, and it drives me bonkers. Anyway fine - we won't spell out countries quite so much.

C.

0
0
diodesign
(Written by Reg staff) Silver badge

Re: Ledswinger

"I remember when 'biting the hand that feeds it' referred to a lack of reverence for the IT industry, rather than for the eyeballs that pay the staff's salaries."

I dunno, man. I think you're mistaken. I've been reading the Reg since 1999, and it's always been a bastion of tech eggheads who have no time for tedious pedantic bastards. And it still is.

C.

2
0
diodesign
(Written by Reg staff) Silver badge

Re: A note to USAian authors

"don't assume that the rest of the world is confused about which is the world city and which is the obscure USA town."

If we don't say it's UK/England then we get a load of comments and emails complaining that there's a London, Ontario, or London, France.

So thanks to you, we can't win either way. I almost want to wish you, and other tedious pendants, a most unhappy weekend.

C.

67
25

France: Let's make the internet safer. America, Russia, China: Let's go with 'no' on that

diodesign
(Written by Reg staff) Silver badge

Re: "It's now over an hour since you posted that & el Reg still hasn't corrected it."

That's because we have no time to read every comment - email corrections@theregister.com if you spot anything wrong so we can get on it fast.

Sorry about the cockup - sadly, these things happen.

C.

3
0

Brit boffins build 'quantum compass'... say goodbye to those old GPS gizmos, possibly

diodesign
(Written by Reg staff) Silver badge

Re: It's not a compass.

Nah, we're happy with quantum compass. It pretty much explains why in the article. The eggheads call it a quantum compass. It's not a traditional compass. It's a quantum compass.

C.

3
0

Western Digital: And when I pull the covers off, behold as NAND becomes virtual DRAM

diodesign
(Written by Reg staff) Silver badge

Re: Is two really three?

Yes, two. Consumer, and enterprise and commercial.

C.

1
0

Former Intel love rat Krzanich finds his calling, lands at biz that sells tech to car dealers

diodesign
(Written by Reg staff) Silver badge

Re: Del Boy?

Del also wore a sheepskin jacket - and BK isn't a used car salesman, he's selling stuff to other businesses and traders. That makes him more Del than Arthur, you plonker.

C.

4
0

Upset fat iOS gobbles up so much storage? Too bad, so sad, says judge: Apple lawsuit axed

diodesign
(Written by Reg staff) Silver badge

Re: Crappy SD != internal flash

Please read the next few words in that paragraph ("Given Apple's enormous purchasing power...")

Yeah sure, it's $50 for you to buy a bog-standard 256GB card. Not disputing that. But we're just not buying that Apple really has to charge several hundred dollars for its NAND without some kind of rude margin.

It's standard Apple. It charges $80 for a wireless mouse, FFS - our office has bought enough of them to know. Official RAM upgrades for Macs at least to be eye-watering. We call it the Cupertino idiot-tax operation for a reason.

C.

44
5

The Register translates VMware's VMworld Europe 2018 news into plain English – our free guide for every reader

diodesign
(Written by Reg staff) Silver badge

Re: you missed the REALLY important bit

I auto-tune out 'blockchain'

C.

1
0

Mything the point: The AI renaissance is simply expensive hardware and PR thrown at an old idea

diodesign
(Written by Reg staff) Silver badge

"there is something truly amazing"

FWIW it is an opinion piece by Andrew.F. Think of it as an antidote to all the hype.

While there is a hell of a lot of nonsense around AI at the moment, there are some interesting, and some rather crap, research projects and products, which we write about on a daily basis.

C.

1
0

Fight AI with AI! Code taught to finger naughty deepfake vids made by machine-learning algos

diodesign
(Written by Reg staff) Silver badge

Re: frank ly

"Did they test the final product with real deepfakes?"

Yes, see the paper. They tested it against DeepFake-generated videos including a fake one of Nic Cage as Harrison Ford from YouTube (fig 6). It correctly pointed out the Nic Cage one as fake.

As the article points out, it's not perfect as it's built from their carefully curated dataset, and needs to be tested against a much wider set of forged videos.

C.

2
0

'Pure technical contributions aren’t enough'.... Intel commits to code of conduct for open-source projects

diodesign
(Written by Reg staff) Silver badge

Re: James 47

"the definition of 'being an arse' is entirely subjective"

Well, it's not too subjective - it's about not excluding someone unfairly, and treating each other with civility, etc. I dunno if you've noticed but the laws of the land are also subjective in places.

Where or when does defamation begin? Threatening behavior? Disorderly conduct? Assault? Life isn't black and white; programmers love seeing things in black and white, and, well, there's the rub.

C.

2
0

The Register - Independent news and views for the tech community. Part of Situation Publishing