nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by Kevin McMurtrie

1643 posts • joined 15 Jun 2007

In a race to 5G, Trump has stuck a ball-and-chain on America's leg

Kevin McMurtrie
Silver badge
FAIL

THz broadband

The latest argument is that ultra-high frequency, ultra-high bandwidth will solve fixed broadband problems. Nevermind that the range is shorter than Cat 6.

5
0

Developer goes rogue, shoots four colleagues at ERP code maker

Kevin McMurtrie
Silver badge

So...

It seems the trillions of dollars of domestic spying isn't protecting us from terrorists very well. Perhaps it should be redirected towards health care, education, nutrition, and other things that help people from going crazy?

45
2

Judge: Georgia's e-vote machines are awful – but go ahead and use them

Kevin McMurtrie
Silver badge

Re: Scanning?

It's not just the number of positions that can get crazy in the US. Check out https://en.wikipedia.org/wiki/California_gubernatorial_recall_election#Results and be sure to expand the list to see all 136 candidates on the ballot.

Edit: No, that election wasn't hacked. It really was that bad.

8
0

US govt confirms FCC's broadband speeds and feeds stats are garbage

Kevin McMurtrie
Silver badge

Useless even if it was accurate

There's no grade level for service in the maps. Some ISPs use combinations of NAT, PPPoE, VPN tunnels, obstructive firewalls, and outdated equipment. That means no incoming connections, no peer-to-peer, unreliable UDP, unreliable VPN, no IPv6, and dwindling connectivity in the future. Think of old independent networks reselling old abandoned AT&T Uverse bandwidth.

0
0

FCC boss slams new Californian net neutrality law, brands it illegal

Kevin McMurtrie
Silver badge

Re: Typical

Well bribed legislators tell us that innovation requires deregulation while the sources of their income have lawsuit firehoses aimed at every emerging competitor. There is no free market.

Some of those "community broadband" plans that Pai & pals want to eliminate are actually EXTREMELY pro-competition. The city hooks up the fiber only for delivery. ISPs compete to deliver bandwidth through it to their customers. It destroys the typical US monopoly/duopoly telco lock-in.

NN can be repealed when consumers actually have competition from ISPs.

16
0

Probably for the best: Apple makes sure eSIMs won't nuke the operators

Kevin McMurtrie
Silver badge

Project Fi

The concept of destroying telco control isn't new. Google attempted to create an environment where phones could roam over multiple networks while routing telephone services through a consistent central point. I really liked the idea but the implementation had too many problems for me to try it. The biggest problems being that Google is a personal data collection corporation and Sprint's unreliable network was in the mix.

0
0

Apple in XS new sensation: Latest iPhone carries XS-sive price tag

Kevin McMurtrie
Silver badge
Facepalm

World's fastest old phone in the palm of your hand

"A $900 CPU and camera jammed into a $99 phone is just what I was looking for," said nobody. Why is 64 GB storage and 3GB RAM even an option anymore? Do iPhone users huddle around WiFi access points and urban cell towers so their cloud apps never stop working? What is a super-fast CPU expected to do when the rest of the phone might not have enough memory for gaming, augmented reality, or anything else that might be fun?

Oh right, just upgrade the storage. Apple's only charging $350 for a workable 512GB.

11
4

You know all those movies you bought from Apple? Um, well, think different: You didn't

Kevin McMurtrie
Silver badge

Should be illegal

It should be illegal to call it anything but a rental when permission-based DRM is involved. Downloading is NOT a solution for iTunes because permission to decrypt content must be re-granted from Apple on a regular basis.

I will never pay more than a single-use price for DRM content.

18
0

Python joins movement to dump 'offensive' master, slave terms

Kevin McMurtrie
Silver badge

Worker pools revolt

We make computers do the tasks that humans don't want so it's a bit silly to keep the coding terms friendly.

9
0

Look at me! Phone industry contracts nasty case of 5g-itis

Kevin McMurtrie
Silver badge

Re: And what is 5G?

Sprint is probably hoping T-Mobile rescues them. They did a spectacular job messing up their own definition of "4G" and the odds of successfully rolling out a new tech is slim.

1
0

Register-Orbi-damned: Netgear account order irks infosec bods

Kevin McMurtrie
Silver badge

You're not concerned about security if you're using Netgear. It's a bit late to complain about it.

Segev can create a technical support ticket that may provide access to internal builds. My experience is that the internal builds are hardcoded to allow telnet access on the default password. It's super fun.

18
0

Trend Micro tools tossed from Apple's Mac App Store after spewing fans' browser histories

Kevin McMurtrie
Silver badge

Re: Oh well, no worries

It's not time for an apocalypse, but definitely time for another tech economy collapse. As before, marketing is transforming from a tool to a product. It's an expensive infrastructure promising money for businesses while producing nothing at all for customers.

10
0

Soft eng salaries soar by 25 per cent – and, oh yes, devops is best paid for non-boss techies

Kevin McMurtrie
Silver badge

Re: From the "no shit, Shirlock" files:

Shifting off 8-5 to avoid traffic started 20 years ago and there aren't many clear times left. There's no traffic from 11pm to 5am but those aren't good hours for me, and that's only 6 hours. Sadly, very few workplaces allow telecommuting.

0
1
Kevin McMurtrie
Silver badge

Re: From the "no shit, Shirlock" files:

That would be 20 miles of crude public transportation or car drivers using their cellphone while occasionally looking up to see if traffic has moved. Set asside 90 to 120 minutes a day for it.

0
0

Google skewered in ad sting after Oracle-backed bods turn troll

Kevin McMurtrie
Silver badge

Technicality

Google censors what their customers see, not what they post. From outside of Google you see big piles of spam from Google mail servers and billions of Usenet spams from Google Groups servers.

3
0

I've seen the future of consumer AI, and it doesn't have one

Kevin McMurtrie
Silver badge

I'm a creepy marketing device. Tell me about yourself!

Consumers will use AI when consumers control the AI processor and its data. Right now, "AI assistant" is just a facade for personal data collection.

1
0

Hundred-million Kiwi Oracle project on hold after Deloitte review

Kevin McMurtrie
Silver badge

Why Oracle?!?!?!

You could have an in-house team to build it and maintain it for half as much. It would work and there'd be no rabid lawyers. Hell, many Silicon Valley geeks would move to NZ in a heartbeat in exchange for a living wage and fast Internet.

23
5

Thunderstruck: Azure Back in Black(out) after High Voltage causes Flick of the Switch

Kevin McMurtrie
Silver badge

The magic of the cloud

Trust us, you don't need to know where your compute power is hosted. It's virtual, safe, and infinitely distributed. We swear it's not all ending up in one place.

15
0

DraftKings rides to court, asks to unmask 10 DDoS suspects

Kevin McMurtrie
Silver badge

Re: SHOULD they be allowed to ?

The complaint is missing a LOT of details. It describes a DDoS but doesn't say what attributes of that were actually used. It could have been UDP with spoofed addresses, it could have been a highly targeted application attack over TCP, or it could be that their Node/React coder accidentally instructed several customers' browsers to attack.

2
0

Hackers latch onto new Apache Struts megavuln to mine cryptocurrency

Kevin McMurtrie
Silver badge

Y2K called

It wants its XML/JSP/Java EE monstrosity back.

https://struts.apache.org/getting-started/hello-world-using-struts2.html

0
0

Huawei elbows aside Apple to claim number-two phone maker spot

Kevin McMurtrie
Silver badge

Re: There's noticeable value ... upgrading from a $200 or $300 smartphone

Like cable TV, it's all about the bundles. You want microSD, headphone jack, and a lot of LTE bands so the phone works in urban US, rural US, and Japan. $400 in other features come along for the ride.

2
1

Android data slurping measured and monitored

Kevin McMurtrie
Silver badge

This is nothing

Wait until Google unleashes free self-driving cars. Observation and persuasion become physical.

0
0

Apple tipped to revive forgotten Macbook Air and Mac mini – report

Kevin McMurtrie
Silver badge

Re: Aren't the server parts of MacOS server being killed off?

MacOS Server is essentially a small app suite so there's little reason to kill it. It's a pretty nice front-end for aging Unix tools that are otherwise difficult to configure with significant prior experience.

A better question would be whether or not open source keeps supporting MacOS as it drifts away from the usual FreeBSD.

3
0

Australia blocks Huawei, ZTE from 5G rollout

Kevin McMurtrie
Silver badge

Huawei does have some espionage in their history and Chinese phones usually do contain questionable features. The now-dead ZTE Axon 7 has "MFVKeyguard" that's completely hidden from ZTE's apps and permissions lists. Chinese phones always come with a "Weather" app that wants to track your location even when you're not using it. It would be no shock if cell tower hardware came with extra services or "accidental" vulnerabilities.

Likewise, don't buy cell tower hardware made by Google, Amazon, Microsoft, or Apple.

7
0

Juno this ain't right! Chinese hackers target Alaska

Kevin McMurtrie
Silver badge

Just Tsinghua University?

They should get that firewall checked out. You should normally see the entire country of China attacking non-stop.

4
0

Google bod wants cookies to crumble and be remade into something more secure

Kevin McMurtrie
Silver badge

Re: Stamp on Java?

It's like I'm reading a Wired article by accident.

8
1

Oracle: Run, don't walk, to patch this critical Database takeover bug

Kevin McMurtrie
Silver badge

It's okay

No hacker wants to face an Oracle licensing violation audit.

14
0

Brain brainiacs figure out what turns folks into El Reg journos, readers

Kevin McMurtrie
Silver badge
Boffin

Stimulates the caudate nucleus

I have a new way to describe certain people.

1
0

Clap, damn you, clap! Samsung's Bixby 2.0 AI reveal is met with apathy

Kevin McMurtrie
Silver badge

Not AI if it can't learn to go away

My first two days with a new Samsung was an infuriating experience of dismissing shovelwear pop-ups. The phone literally couldn't be used because it would pop up advertisements for Samsung Cloud or start an app experience walk-through. None of it could be turned off by normal means. I would have returned the phone the next day if I hadn't found an app to disable it all. Count me in the "not impressed" group when there's a newer and more intrusive Bixby

8
0

The age of hard drives is over as Samsung cranks out consumer QLC SSDs

Kevin McMurtrie
Silver badge

Re: QLC? It's not the one for me

Digital is a huge waste of power and bandwidth. It takes about 7 parallel digital circuits to match the precision of one analog circuit. When it comes to mathematics, digital needs massive gate arrays and microcode to perform the same task as a handful of analog components. Propagation delay hits big digital circuits pretty hard and workarounds further increase complexity. Analog computers are still alive and well for any time speed and efficiency is more important than precision.

I suspect the AI singularity will happen when analog and digital processors are efficiently merged together. Last time I read about it, flash cells were going to be the parameter buffers between the two.

6
0

Click this link and you can get The Register banned in China

Kevin McMurtrie
Silver badge

Re: Fake news?

There are documentaries that have gathered a good number of photos from the protest's aftermath. I don't have the stomach to examine the photos enough to see if tanks did that or not.

4
0
Kevin McMurtrie
Silver badge

Best firewall evah

I'm going to put that on my webserver to see if it blocks all the brute-force attacks from Chinese networks.

86
0

Game over for Google: Fortnite snubs Play Store, keeps its 30%, sparks security fears

Kevin McMurtrie
Silver badge

Define "safe." Don't immediately kill you, sure. Search for any popular title in Google Play Store and note how many impostor apps there are. Even if you find the right one, it's likely a gateway for advertising malware. I've seen ads pretend to be a homescreen. I've seen spearphishing ads simulating a specific application's upgrade screens so that it can trick you into downloading an impostor app. There are apps full of 1-star reviews saying it's malware yet Google says it's OK.

No security is lost without Play Store. If anything, people will have an easier time identifying fake apps without it.

20
6

Well, this makes scents: Kotlin code quality smells better than Java

Kevin McMurtrie
Silver badge

Smells like code analizers

Sniffers need a sniff.

I've worked at a place that enforced certain metrics before a check-in could continue. One metric was that you can't have constructors with too many arguments, even if they're for ORM. You couldn't access class fields without getters and setters, even if that class was private. Complex branching was forbidden, but it was analyzed from optimized bytecode rather than the source. Bit shifting a number by 32 failed with the assertion that "32 is a magic number." On the other hand, 250 lines of nested streams and lambdas, so deep that not even an IDE understood it, was OK.

16
0

Amazon, ditch us? But they can't do without us – Oracle

Kevin McMurtrie
Silver badge

Pissing on customers

Oracle should have negotiated a better deal when Amazon announced plans to leave. Instead they brag about how much Amazon is paying and how screwed they would be with another solution. Amazon is definitely leaving now.

13
0

UK cyber security boffins dispense Ubuntu 18.04 wisdom

Kevin McMurtrie
Silver badge

Just updated a personal server

The installer somehow trashed the apt dependency tracking so it spewed errors, said my computer was in an inconsistent state, then the system crashed. Thanks! Some time in the console got the installation resuming. After that, I noticed that live services had their configuration files significantly changed. It wasn't secure at all and I cleaned up as fast as I could. AT&T even sent me an email saying unsafe ports were open. The installer should have turned off every service that received major configuration updates but it left them on. The worst was Samba. Samba was supposed to offer only encrypted CIFS, and it was set to all interfaces. The update turned on all the DNS junk while Samba was still on all interfaces.

2
0

Boffins: Mixed-signal silicon can SCREAM your secrets to all

Kevin McMurtrie
Silver badge

There's a small chance that this is an issue with the circuit board. Chips usually have completely separate analog and digital signal grounds. This separation is supposed to continue onto the PCB except for a single point bridging the two. Most PCBs immediately connect it all together instead. This means that one part of an analog circuit might have a signal reference that fluctuates with digital power consumption more than another signal reference. The difference between the two references is a ground loop and it ends up contaminating the analog signals.

You'd think that a few millimeters of a copper trace carrying current would all be the same voltage but it's not. Audio circuit designers need to take great care with this even for low-end equipment.

15
0

Criminal mastermind injects malicious script into Ethereum tracker. Their message? '1337'

Kevin McMurtrie
Silver badge

HTML5

I thought HTML5 was the cure by keeping code separate from content. The server produces static pages. JS requests data separately, builds HTML elements, then places the data into text attributes. At no point does user-generated dynamic content get into the executable or structural areas.

2
2

Insecure web still too prevalent: Boffins unveil HSTS wall of shame

Kevin McMurtrie
Silver badge

And this is exactly why HTTP should support digital signatures. There's tons of content that's always in public view and there's no need to keep it secret. You just want tamper resistance. SSL slows down low power devices.

4
0

Google Chrome: HTTPS or bust. Insecure HTTP D-Day is tomorrow, folks

Kevin McMurtrie
Silver badge

Certified authentic malware

All the advertising malware, all the malware in Google Play Store, all the cheap certificates that don't declare an owner, and all the server-side break-ins hardly make HTTPS a cure for anything. About all it's good for is preventing US ISPs from injecting more ads, malware, and trackers.

9
0

Either my name, my password or my soul is invalid – but which?

Kevin McMurtrie
Silver badge
Trollface

New password: Z?+>&d-*OT[,AwIHLuiM

And simply click "Forgot password" if I come back.

0
0

Friday FYI: 9 out of 10 of website login attempts? Yeah, that'll be hackers

Kevin McMurtrie
Silver badge

Re: Checks out

Upvote for this. The odds of successfully guessing a password are inconsequential when the cost of performing the guessing is zero. Cutting off the networks supporting criminal activity is required.

3
0

Doctor, doctor, I feel like my IoT-enabled vacuum cleaner is spying on me

Kevin McMurtrie
Silver badge

Useless warranties

There needs to be a global effort to categorize software bugs as manufacturing defects covered by warranty. Idiot of Things makers might take notice when their entire shipped inventory is returned as defective and all the money is gone.

With a crap vac like this, you can literally see the looks on their faces when it's all returned.

18
0

Official: The shape of the smartphone is changing forever

Kevin McMurtrie
Silver badge

Easy fix for the small display

Holographic displays are coming, right? https://www.theregister.co.uk/2017/05/19/worlds_thinnest_hologram/

My self-piloting flying car, which is powered by batteries having 100x the capacity of LiPo, is already using holograms for its AI assistant.

1
0

Samsung touts bonkers-fast 8 Gbit DRAM for phones, AIs

Kevin McMurtrie
Silver badge

I don't think I've ever had problems with the on-board storage being too slow. Most Android software is poorly written and is its own bottleneck. What's the planned use?

microSD cards are annoyingly slow but you can take my microSD slot when the onboard storage is the size of microSD cards 2 years in the future.

1
0

Who's leaving Amazon S3 buckets open online now? Cybercrooks, US election autodialers

Kevin McMurtrie
Silver badge

Re: How?

You don't want authentication on your credit card theft and money laundering operation. Being in possession of the login would be an easy conviction. It's harder to figure out what's going on if bots, researchers, and random curious people are poking around in it.

On the other hand, Robocent wasn't very good at hiding the owner. Hopefully some lawyers are sniffing around in the data right now.

1
0

Samsung’s new phone-as-desktop is slick, fast and ready for splash-down ... somewhere

Kevin McMurtrie
Silver badge

Media player

It might make a decent home media player if it can play at least 1080p without cooking itself. If it can do that without a shitty 1980s UI, massive lag, and constant crashing it's already much better than a Roku.

1
1

Techie sues ex-bosses, claims their AI avatar tech was faked – and he was allegedly beaten up after crying foul

Kevin McMurtrie
Silver badge

Totes legit

Can't rotoscope but it can correctly model an avatar with hair for the unseen part of a head.

10
0

Revealed in detail: World powers stuff spyware kit, how-to guides in dodgy nations' pockets

Kevin McMurtrie
Silver badge

Spying to make happy customers

What isn't spyware these days? It's hardly regulated and most people don't mind if their software phones home with unspecified data. Most people don't even mind if that spyware is buggy and can be re-purposed for new uses.

5
0

Apache Cassandra at 10: Making a community believe in NoSQL

Kevin McMurtrie
Silver badge

Off to a bad start

I had to use Cassandra in 2011 and it was awful. Maintaining data consistency was a nightmare and it crashed constantly. Searching for documentation often produced photos of porn actresses sharing the same name. I'm hesitant to research the topic now at work.

0
0

The Register - Independent news and views for the tech community. Part of Situation Publishing