* Posts by diodesign

3253 publicly visible posts • joined 21 Sep 2011

A few reasons why cops didn't immediately shoot down London Gatwick airport drone menace

diodesign (Written by Reg staff) Silver badge

Re: Bullets and shotgun pellets

Forgive us, a number of us vultures are of that generation where we were taught metric but grew up around imperial. Thus, 120 metres means more to me than 390 feet, but 8000 ft means more to me than 2.4km. I weigh 76kg but i'm 6ft 2in. It's a mess.

And I'll sort out the units.

C.

Joy to the vendors, HCI's day has come. And converged ... becomes less... of a thing – IDC

diodesign (Written by Reg staff) Silver badge

Re: Source Data guess

You've linked to IDC's Q2 analysis - which we also linked to. This latest article is about IDC's Q3 numbers. Aaron's seen them, analyzed them, and shared them with selected people.

C.

Mark Zuckerberg did everything in his power to avoid Facebook becoming the next MySpace – but forgot one crucial detail…

diodesign (Written by Reg staff) Silver badge

"this is a Brit publication written for Brits"

We're a Brit publication written for everyone, in a Brit style. Eg, a third of our readers this year are in the US.

C.

diodesign (Written by Reg staff) Silver badge

"this ought to be labelled an editorial."

The very first word in the article, in bold and blue, and on the front page, is: Comment.

C.

On the first day of Christmas, Microsoft gave to me... an emergency out-of-band security patch for IE

diodesign (Written by Reg staff) Silver badge

"MS have pulled the advisories"

Are you sure - the webpages are still up, and you can download the updates by hand if they're not in Microsoft Update.

Eg, for Windows 10 build 1809:

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4483235

Windows 7 / 8:

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4483187

C.

Microsoft: Come and play in our Windows SandBox

diodesign (Written by Reg staff) Silver badge

Re: Erkk!!!

It's a technical term (see Steve Knox's comment)

C.

It's beginning to look a lot like multi-threaded CPUs, everywhere you go... Arm teases SMT Cortex-A65AE car brains

diodesign (Written by Reg staff) Silver badge

Re: Spazturtle

Um, the very next sentence is...

"As in, each core can run two separate threads simultaneously"

I'll move the words around so as not to somehow confuse you.

Merry Christmas,

C.

Having swallowed its pride and started again with 10nm chips, Intel teases features in these 2019-ish processors

diodesign (Written by Reg staff) Silver badge

Re: Not what Intel has been saying for the past several years

FWIW... 10nm v1 (Cannon Lake) is dead and buried. It was impossible to see it through to mass volume. The integrated GPU in the CL Core i3 was disabled because it didn't work.The metalization was not viable.

Sunny Cove is v2 of 10nm, after going back to the drawing board.

C.

diodesign (Written by Reg staff) Silver badge

Re: Two thoughts

"it is largely Intel integrated GPU's that have sucked"

Yeah, fair point - I've made that distinction now. I pretty much meant that but didn't make it clear enough.

C.

diodesign (Written by Reg staff) Silver badge

Re: TSMC not at 7nm until 2019? Really?

See the comment by theblackhand and DougS. There's production, and then there's production.

We didn't say TSMC wasn't shipping 7nm in 2018 - the point was 2019 and 2020 are when it really kicks off for desktop and server-grade stuff, the things Intel makes and is the context of the piece.

I've tweaked the sentence to make it clearer, cheers.

C.

Supernovae may explain mass extinctions of marine animals 2.6 million years ago

diodesign (Written by Reg staff) Silver badge

It's millions - typo in headline :( (now fixed)

C.

HCL picks up Notes, spanks total of $1.8bn at Honest John's IBM software sale

diodesign (Written by Reg staff) Silver badge

Re: Do the people at El Reg...

Yeah, fair enough. Maybe we over-snarked.

C.

Total Inability To Support User Phones: O2 fries, burning data for 32 million Brits

diodesign (Written by Reg staff) Silver badge

Re: This is cyber warfare isn’t it?

Expired software certificate, apparently...

https://www.theregister.co.uk/2018/12/06/ericsson_o2_telefonica_uk_outage/

C.

Qualcomm lifts lid on 7nm Arm-based octo-core Snapdragon 855 chip for next year's expensive 5G Androids

diodesign (Written by Reg staff) Silver badge

Re: NE555?

855 reminded me of the old 555 [triv]

C.

DeepMind quits playing games with AI, ups the protein stakes with machine-learning code

diodesign (Written by Reg staff) Silver badge

Re: It's good somebody's doing this

That doesn't, TTBOMK, use machine learning, and instead uses the spare processor cycles on a lot of computers. Completely different project.

C.

Millennials 'horrify' their neighbours with knob-shaped lights display

diodesign (Written by Reg staff) Silver badge

"Sometimes I really appreciate local rag journalist"

Some of us used to be them. My favorite rejected crap headline was about a bunch of casino robbers...

'Aceholes'

C.

SEAL up your data just like Microsoft: Redmond open-sources 'simple' homomorphic encryption blueprints

diodesign (Written by Reg staff) Silver badge

Re: Benny

"Why would you want to use this if anyone could just come along and change your data (albeit without ever knowing what it was)?"

No one can "just come along" and change it - if you have unauthorized database access then if the DB is unencrypted t's completely game over, and if it's encrypted then at least they can't see the data. If someone breaks in and changes the database records, then roll back to a backup and seal up your network security.

The aim of this is to keep the data shielded and minimize risk.

C.

Customers baffled as Citrix forces password changes for document-slinging Sharefile outfit

diodesign (Written by Reg staff) Silver badge

Re: Question about weak passwords

"I'm a bit confused about the reasoning behind forcing password changes leading to weaker passwords"

I imagine it goes something like this: you start out with D9xTMffgH!#82 then D9xTMff then DxCitrixAgain and then ihatecitrix and ihatecitrix! and ihatecitrix123

etc

C.

It's nearly 2019, and your network can get pwned through an oscilloscope

diodesign (Written by Reg staff) Silver badge

Re: Credas

"the idea that someone could somehow gain anything useful from spying on a random oscilloscope"

Well, Target was pwned via its air-conditioning unit. I'm personally thinking you could use this to inject other systems - no one would suspect the scope - or infect it, wait for it to be transferred to another lab and then mess with stuff on that network.

Just use your imagination.

C.

See this, Google? Microsoft happy to take a half-billion in sweet, sweet US military money to 'increase lethality'

diodesign (Written by Reg staff) Silver badge

Re: Eh?

"Has the author failed to engage their brain before writing this?"

No - I think you're blaming us for the actions of tech workers? I mean, techies have been creating bad press and embarrassment for corps by kicking up a fuss over military contracts. It's a little surprising that MS has gone for it, in that context.

But as we say, Microsoft has shrugged off prev criticism.

C.

diodesign (Written by Reg staff) Silver badge

Re: How Many Times, El Reg?

Choo choo! Here comes the reality train:

"Bush and Obama did not have policies that resulted in the mass separation of parents and children like we’re seeing under the current administration"

https://www.factcheck.org/2018/06/did-the-obama-administration-separate-families/

C.

Gartner to wearables biz: Through failure comes success!

diodesign (Written by Reg staff) Silver badge

Re: Oh come on, stop it.

"Whatever Gartner are paying you to run their stories you should shun the income and drop the crap they are peddling."

We're not paid to run any Gartner stories. Like with all analyst predictions, take with the required amount of salt.

C.

Forget DeepFakes. This robo-Rembrandt with AI for brains is not bad at knocking off paintings

diodesign (Written by Reg staff) Silver badge

Re: The reality is ...meh.

Well, thing is, it's a) a research project b) it's one attempt at it. It's not a final project.

These things improve. I think people tend to forget that technology slowly comes together, building upon layers of work over time.

Bit like the ink from this printer AI.

C.

diodesign (Written by Reg staff) Silver badge

Re: robo-Rembrant [sic]

Blah, stupid late-night headline typo on my part. It's fixed - don't forget to email corrections@theregister.com if you spot anything wrong.

C.

WhamWham, bambam, no thank you, SamSam: Iranians accused by the Feds of orchestrating ransomware outbreak

diodesign (Written by Reg staff) Silver badge

Re: Oh...?

From the linked-to Treasury page...

"...these digital currency addresses should assist those in the compliance and digital currency communities in identifying transactions and funds that must be blocked and investigating any connections to these addresses.

"As a result of today’s action, persons that engage in transactions with Khorashadizadeh and Ghorbaniyan could be subject to secondary sanctions. Regardless of whether a transaction is denominated in a digital currency or traditional fiat currency, OFAC compliance obligations are the same."

Read into that what you will.

C.

NASA's Mars probe InSight really has Mars in sight: It beams back first pic after touchdown

diodesign (Written by Reg staff) Silver badge

Re: I Am Spartacus

Er, at the time of writing:

1. the only image beamed back was the crappy photograph *embedded* *in* *the* *story* so that's the one we went with. More have since arrived, we can link to them now.

2. mobile users don't see the article's top 'hero' picture so they wouldn't see the Mars image if it was used as the header picture. instead, we *embedded* *it* *in* *the* *story*.

3. the image was *embedded* *in* *the* *story*.

C.

Great Scott! Is nothing sacred? US movie-goers vote Back To The Future as most-wanted reboot

diodesign (Written by Reg staff) Silver badge

Re: 'Today's films are made to be "woke"'

I take it you haven't seen Adam Sandler's 'Pixels'. That wasn't particularly PC or "woke". neither was Ready Player One.

C.

3 is the magic number (of bits): Flip 'em at once and your ECC protection can be Rowhammer'd

diodesign (Written by Reg staff) Silver badge

"I wouldn't lose sleep over it."

Yeah, as we said, it's difficult to exploit. As seen with Meltdown and Spectre, it's easier to get someone to click on a link or run a fake Flash installer.

C.

diodesign (Written by Reg staff) Silver badge

"researchers can claim a repeatable demonstration"

Yes, that's exactly what's happened - confirmation. It's a demonstration of the attack. Just as it's one thing to say some software has a heap overflow, and quite another to develop an exploit to reliably and usefully exploit the flaw to achieve code execution.

To make everyone happy, I'll clarify it's a confirmation rather than a discovery.

C.

diodesign (Written by Reg staff) Silver badge

Re: They're not knocking ECC

No one's saying ECC is bad - not us, not the researchers, pretty much no one - it's just that if you thought ECC would stop Rowhammer, you're sadly mistaken.

As we wrote in the article:

"The boffins said that their findings should not be taken as a condemnation of ECC either. Rather, it should show admins and security professionals that ECC is just one of several protection layers they should use..."

C.

diodesign (Written by Reg staff) Silver badge

Re: Bravo! *slow clap*

"It must be a really slow day if this is news."

Where's your published paper on this, then, egghead? The point is showing that ECC can't stop Rowhammer attacks on adjacent RAM cells.

Also: the Meltdown vuln was stunningly trivial to exploit, and was staring people in the face for years, and was rightly heralded as a major find. Sometimes the obvious has to be pointed out.

C.

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you're visiting

diodesign (Written by Reg staff) Silver badge

Re: Ermmmm, been this way forever?

This is using the CPU cache to fingerprint pages from their memory accesses. It's a new technique to spy on browser tabs, which has been done in the past.

C.

diodesign (Written by Reg staff) Silver badge

Re: Seems to suggest JavaScript has some kind of access to the CPU cache

It has access like all software - it runs from the CPU cache thus it can measure how other stuff sharing the same cache is operating, and fingerprint it.

This normally requires precise timing, and thus requires access to high-precision timers that are being locked off from developers for this reason.However, this technique gets around that.

Check out the linked-to paper, it's why we link to original materials wherever we can.

C.

Infosec's Thanksgiving turkey triumvirate: Tesla, Tumblr, Trump (as in Ivanka)... and tons more

diodesign (Written by Reg staff) Silver badge

"Succumbing to 'gotcha' headlines."

Oh friend, you must be new here.

C.

(PS: The article spells out the situation. If you can't take the ribbing, Breitbart is back that way, snowflake ----->)

Symantec execs cooked the books to protect their fat bonuses, investor lawsuit alleges

diodesign (Written by Reg staff) Silver badge

Re: BuggerOff

If you nudge just enough into the right quarter, you'll qualify for the bonus - that's +/- $12m not $12m total - allegedly

C.

Linux kernel Spectre V2 defense fingered for massively slowing down unlucky apps on Intel Hyper-Thread CPUs

diodesign (Written by Reg staff) Silver badge

Re: Confused

It exists because it mitigates the Spectre Variant 2 security vulnerability. It hits performance because the mitigation in combination with Hyper Threading potentially slows down software.

So your choices are:

- a: enable mitigation for security reasons, enable Hyper-Threading, take the potential performance hit

- b: enable the mitigation for security reasons, disable Hyper-Threading because you weren't benefiting from it anyway

- c: disable the mitigation because you're not worried about the security issue, and enable Hyper-Threading

- d: disable the mitigation because you're not worried about the security issue, and disable Hyper-Threading because you don't benefit from it anyway

Most people will decide between a, b and c.

C.

Microsoft confirms: We fixed Azure by turning it off and on again. PS: Office 362 is still borked

diodesign (Written by Reg staff) Silver badge

"How difficult..."

About as difficult as it is for Microsoft to run Office for 365 days of the year.

C.

Don't read this, Oracle... It's the rise of the open-source data strategies

diodesign (Written by Reg staff) Silver badge

Re: "I'm not a programmer, but still"

Er, there are a ton of non-relational databases out there. Like MongoDB etc. In fact, these are gaining popularity so much that yeah, a distinction has to be made.

C.

Using a free VPN? Why not skip the middleman and just send your data to President Xi?

diodesign (Written by Reg staff) Silver badge

Re: anonymous coward

It's true VPNs are useful in China, which is why there's such an interest over there.

However, that doesn't excuse crap security. If you're using a stranger's VPN, you're placing an enormous amount of trust in that provider to not screw you over. With near-zero transparency, scrutiny or oversight, free VPNs are a privacy nightmare.

Edit: Oh yeah, don't forget all VPN providers must register with the Chinese government (see below, Google, etc), which is not... great.

C.

diodesign (Written by Reg staff) Silver badge

Re: Browsing history?

It depends on the VPN. Anything clear-text can be snooped on or tampered with to inject ads. Any DNS look-ups for host names will be visible. Some VPNs offer a free browser that may collect your browsing history.

The VPN app could install a root certificate and MITM your SSL/TLS connections, if the websites you browse aren't mitigating that.

We've tweaked the sentence to clarify it.

C.

Holy moley! The amp, kelvin and kilogram will never be the same again

diodesign (Written by Reg staff) Silver badge

"...using methods that can be replicated anywhere in this Universe."

Well, yeeeeeah... our planet is in this universe, at least it was the last time I checked ;-)

I kinda thought it would be presumptuous to say the constants would work everywhere in the universe. I expected a physics PhD to pop up and yell at us if we said "anywhere in the universe" because, I dunno, at least one of the constants used by the SI base units may not apply or change near black holes or other weird crap out there.

I don't know if people realize how much of a tightrope it is writing for a fair number of readers, most of them experts in a technical field. We try to get everything right within a reasonable time frame.

So anyway, that's why we thought "planet" would be a sensible non-offensive, non-triggering bounding box for boffins, seeing as humans aren't going much further into space for a while.

C.

Alphabet gives bipedal robots the Schaft 'cos no one wants to buy its creepy machine maker

diodesign (Written by Reg staff) Silver badge

"It does seem El Reg is quite keen to welcome our Robot Overlords™"

I dunno, we've run a lot of skeptical stuff. The acceleration hardware and libraries popping up are interesting, and some NN applications, too, in that new algorithms are interesting.

Whether or not AI is a good idea in the real world long-term isn't clear. I get the feeling no one gets VC funding for saying they use "heuristics" these days.

C.

John McAfee is 'liable' for 2012 death of Belize neighbour, rules court

diodesign (Written by Reg staff) Silver badge

Re: "than depicted here."

For various reasons (brevity, legal, etc) we kept it to the court document - if you click through to previous coverage, you'll find some more info.

C.

A new Raspberry Pi takes a bow with all of the speed but less of the RAM

diodesign (Written by Reg staff) Silver badge

Its built-in Wi-Fi.

C.

Brexit: UK will be disconnected from EU databases after 2020

diodesign (Written by Reg staff) Silver badge

Re: anonymous coward

> > We're just telling people what's going to happen.

> But Mrs May did that already. "brexit means brexit".

Sure dude, and here's what 'brexit' means (clue: see article).

C.

diodesign (Written by Reg staff) Silver badge

"Why is this being reported as if it's a surprise?"

It's only a surprise if it's a surprise to you. We're just telling people what's going to happen.

C.

Japanese cyber security minister 'doesn't know what a USB stick is'

diodesign (Written by Reg staff) Silver badge

"the mod queue seems a trifle arbitrary"

Some articles have been marked for hand-moderated comments, most not, eg this one, which is why your comment went through immediately.

Articles and users on manual-moderation mode have to wait for someone to be free to clear the queue; certainly I've seen the queue averaging 10-40 posts.

If you find yourself in the queue, it may be because you posted a correction as a comment, or had a comment recently rejected/removed. That'll put you in the queue for a while.

C.

'My entire company is without comms': Gamma's Horizon cloud PBX goes DOWN

diodesign (Written by Reg staff) Silver badge

Re: "my comment took much longer to get approved"

New comment posters are manually moderated at first to make sure they're not spammers. That means comments are in a queue waiting for editors with time between articles to run through.

C.

Scumbag who phoned in a Call of Duty 'swatting' that ended in death pleads guilty to dozens of criminal charges

diodesign (Written by Reg staff) Silver badge

Re: Cant they tell where the call was placed?

If you click through to the previous article, and pull up the grand jury paperwork*, you'll see it says Barriss "acquired an assigned telephone number from TextNow so it appeared to Wichita emergency personnel (with caller id) that defendant BARRISS was using a telephone with a '316' area code, the area code that includes Wichita, Kansas."

He used a Wichita number. FWIW US area codes are a little loose. Our San Francisco office has (650) phone numbers, which makes ppl think we are in San Mateo.

C.

* it's still here https://regmedia.co.uk/2018/05/24/barrissindictment.pdf

Bloke jailed for trying to blow up UK crypto-cash biz after it failed to reset his account password

diodesign (Written by Reg staff) Silver badge

Re: "CinemaSins likes to make fun when movies specify the countries of famous cities."

I know, and it drives me bonkers. Anyway fine - we won't spell out countries quite so much.

C.