Posts by diodesign

"with a whole bunch of problems moved to compile time"

s/moved to/solved at/ ;)

C.

Re: Re: He should have stuck to what he knows

FYI Marvin Minksy was in his 70s at the time of the assault, according to court documents.

C.

Re: Low Fluorine Tungsten?

You're in luck - it's patented! And on Wikipdia

Using fluorine with metals is not new at all. Uranium hexafluoride is used to separate U235 and U238 isotopes in centrifuges for nuclear fuel and weapons, for example.

C.

Vantablack v MIT

MIT got the number wrong, and issued a clarification. This new material absorbs 99.995 per cent of light, more than Vantablack (at 99.96%). We've tweaked our article to reflect that (no pun intended)

C.

"On what basis could they challenge the law in court?"

Uber claims it is not covered by the law. In its SEC paperwork, it describes drivers as customers: people using its app marketplace to sell rides to others.

This is partly how it plans to challenge the law: insist its operation doesn't fall under the law, then fight to ensure it does not fall under the law.

C.

Re: Small correction re. Android

Lucky you - quite a lot of Android users are still waiting for v10...

Also: don't forget to email corrections@theregister.co.uk if you think we've got something wrong. We can't read every comment, so we may miss this sort of thing. I've made it clear Android 10 is just out.

C.

Is there a system which transfers DNS queries over an unprotected HTTP connection?

No, it's a brain burp on our end. We meant unprotected DNS queries, not HTTP. HTTP on the mind. It's fixed.

Don't forget to email corrections@theregister.co.uk if you see anything wrong, and we'll fix it up right away. It's hard to spot requests for clarifications buried in the comments hours after publication: there's so much for us to go through while we're trying to get articles out the door.

C.

Re: Y^2?

Just a typo. It's fixed.

C.

Re: I just don't get these massive losses

For one thing, Slack said earlier this year it will spend $250m on AWS cloud hosting between 2018 and 2023....

C.

Hoovering

Brit speak for vacuuming

C.

Re:A word from Big John

"I got tired of being silently censored by the staff here for my political beliefs."

The fact people can read the above comment kinda shoots down your conspiracy theory.

C.

Re: A privilege escalation seems to me to be pretty critical

Sadly I think you've misunderstood. To exploit priv esc bugs, you need to already have access to the machine - the ability to write to the filesystem, in one case. At that point, you can do bad stuff anyway, like execute arbitrary code as the user.

To be clear, this is priv esc because you can either go from arbitrary file write to code exec, or user-level code exec to admin code exec if Steam is running as admin. If you already have admin code exec access to the box, this vulnerability is irrelevant.

What we're saying is, it's not as dangerous as an RCE like the RDP bugs. It's not great, it's not terrible.

C.

"each packet was sent only one hop"

According to the FCC, the equivalent TTL was infinity. These packets are not standard TCP packets, I believe, they are proprietary Infinera packets, at least over the management channel, anyway.

Each time one of the bad packets hit a node, the node spammed *all* neighboring nodes with the same packets due to the broadcast address. That's the main problem, not the TTL, IMHO.

C.

"It is written in Perl"

Indeed it is. And it's very nice Perl. Our tools are listed here:

https://www.theregister.co.uk/about/company/website/

C.

Re: AWS arguably shares some of the blame

In the past we've linked to this explanation

https://blog.cloudsploit.com/a-technical-analysis-of-the-capital-one-hack-a9b43d7c8aea?gi=197e3ae91d85

Though it's not confirmed exactly how the break-in happened.

C.

"have a nice cold pint, and wait for it all to blow over?"

Ah pretty much. S'wot happened when a power cut took out the SF financial district, including our old office. We sodded off to the nearest pub with working electricity and Wi-Fi - Vesuvio

C.

Re: Really?

The 200m claim was from the conference speakers. We're trying to clarify it.

C.

PCIe 4

Ah right, ok. She might be thinking of PCIe 4 expandability. I dunno.

In any case, I'm kinda more concerned about second-gen Epyc's RAM latency, which are offset by the large caches and prefetchers.

C.

Re: tedious pedant

"Hashing is not encryption"

Hashing is one-way encryption.

C.

Re: Tech insecure by design?

Don't take sub-headlines too literally - they are short on space and high on flippancy. It means tech in the context of AWS: whether Amazon's cloud is insecure by design because it may be that it's too easy for customers to lose control of their data. It's just a thought, not a solid accusation.

C.

"AWS should have to pay the employee"

I do believe AWS has refused to do this.

C.

Re: GitHub sued over data leak?

The alleged data thief posted details on how to enumerate and download CapitalOne's poorly secured S3 buckets on GitHub. That's about the closest connection.

C.

Hi, Mitch

> "still he holds on to a decent approval rating"

> decent approval rating

> decent

When compared to Jimmy Carter, perhaps

https://projects.fivethirtyeight.com/trump-approval-ratings/voters/

C.

Re: Inconsistent

I wouldn't worry about aircraft and spacecraft. Here's how Wind River characterized it:

"Connected devices leveraging standard VxWorks releases that include the IPnet stack are impacted by the discovered vulnerabilities. They primarily include enterprise devices located at the perimeter of organizational networks that are internet-facing such as modems, routers, firewalls, and printers, as well as some industrial and medical devices."

It's not great, it's not terrible. Not as terrible as some other publications have wailed.

C.

"RISC-V is coming from a standing start"

Oh yes, we forgot to emphasis that - just assumed everyone was on the same wavelength. RISC-V, as an ISA and community, is still very new compared to incumbents, and today's available silicon is currently up to about Arm Cortex-A50-series performance.

So there's everything to play for. Don't forget: Arm's CEO late last year told a room of journos, including those from El Reg, RISC-V was keeping Arm's engineers and salespeople "on their toes."

C.

Um

> > women driven out

> No one leaves a good job just because

Key words: driven out. Leaving against their will.

C.

Re: Why is this a 'news' story?

Also we've written about aviation software faults for years (see Register passim) because readers love hearing about engineering problems - and we're OK with this. Bugs and weird shit fascinate us.

C.

"the prepaid credit vending systems being down"

Ah, yes. We'll make that clearer in the opening sentences.

C.

"the Register is nothing without snark."

Bit like saying a steakhouse is nothing without steak.

C.

Re: 65 ton???

Yeah, it's a typo. We accidentally out a word or two. Don't forget to email corrections@theregister.co.uk if you spot anything wrong, please.

C.

Re: Nice Picture

I'd hope by now that most of our article images are tongue in cheek, or deliberately trolly, to raise a laugh. Like using Babylon 5 pics to illustrate JEDI contract stories...

C.

"If anything, it is a demonstration of how robust IPv6 can be in the face of such mistakes."

Hm, I see where you're coming from. We'll keep it in mind in future.

(Edit: Tweaked the article to include your counterpoints. Completely accept that IPv6 is vast, that it didn't break despite this error which is a good thing, and that more specific routes would have been used. As watchers of IT blunders on a daily basis, who see failures developing a mile off, we were concerned that no alarm was raised, and no fix was applied, for several days, which makes us contemplate more problems in future.)

C.

'knocking Cloudflare over'

Aw shucks. Don't let the other websites know, they'll only get envious.

C.

"Has whoever sold the domain actually got the money?"

According to the linked-to SEC filing, dated June 18, MicroStrategy received the money in cash on May 30 with GoDaddy facilitating.

C.

In what way was it offensive?

C.

Re: Can someone tell me why Venmo is a thing?

It's not that smooth in the US. Venmo is a thing because it's faster than anything else available. It also means someone can pick up the tab for a table of six and then request each person's share from them individually - the restaurant will not let you split it more than once.

C.

Re: "Is that the case?"

No. Paul, who writes our DXC stories, has never worked for DXC.

C.