Posts by corestore 422 publicly visible posts • joined 13 Jul 2007
"1/5 OpenTofu recently got a cease & desist letter from HashiCorp claiming copyright infringement. At the same time, an online publication made the same accusation.
These claims have *zero* basis in fact. And because the code is open source, you can see this for yourself!"
https://twitter.com/brikis98/status/1778460863285854635
I'm surprised such an entirely bogus story slipped through El Reg's expert hands!
First, deltree does not 'delete the windows system'; it will delete ANY subdirectory tree you *tell it to delete*.
Second, chkdsk doesn't mystically identify 'important data' you may want to keep; rather, it checks the entire filesystem *integrity*, and identifies and may try to repair any *corrupted or truncated* files. It's the DOS equivalent of fsck really.
"Flight two of the Starship Super Heavy improved on its predecessor, but only if you imagine that your self-driving electric car did not crash into a tree and catch fire. Instead, it made it a bit farther down the road, and then caught fire."
Now I'm NO Musk fanboy; the guy is an egregious wankpuffin with an ego the size of a small planet. But I'd have to call that a rather negative tone.
The first launch was a complete clusterfsck.
The latest attempt was an 'almost worked'. The booster apparently performed pretty much perfectly, but the attempt to boostback and recover it resulted in loss of control and was terminated by a manual RSO destruct command, AFAIK. The upper stage apparently performed pretty much perfectly, but was terminated by a computer-initiated auto-destruct command for no particularly obvious reason.
When you think how many Falcons they blew up in their early days, they actually seem to be on a pretty good trajectory with this latest toy.
I've driven recent model Teslas. The automation - lane keeping and adaptive cruise control is essentially what it is - worked very well.
I think part of the problem here is that some drivers simply have a higher tolerance for risk than is healthy; self-driving systems are not yet fully autonomous, and are made available with warnings that human surveillance must be constant, and driver intervention may be required at any time - but some drivers, after a certain amount of experience with the system, are lulled into paying a greater reliance on it than is healthy; their tolerance for risk is higher than that of the manufacturers, or the NHTSA. Familiarity breeds contempt, and the system is used in ways that were not intended.
The *other* problem is the whole notion of 'partial automation'; we KNOW some drivers will evince the behaviour described in the previous paragraph, they will ill-advisedly rely too much on the automation, and accidents will happen. Give we know some will do this, I'm by no means sure these kind of interim solution partial automation systems should be offered to the public at all. I'd be more comfortable if the systems were SAE level 3 or higher - but AFAIK no level 3 systems are currently offered to the public?
Not so.
I SAID we located the last NK nuke test from NZ, using predominantly NZ data; such a big bang is very well detectable around the world, or at least the hemisphere it occurs in.
A nuke weapons test cannot be hidden. There are systems designed to detect any such thing, and they are proven to work and work well, under CTBTO auspices.
You don't NEED to "hack into" anything to get earthquake data because the data is public! For any decent sized earthquake you will get data, and solutions, from multiple international sources, including Chinese ones. The Global Times 'explanation' is, frankly, cod. You can't "infer" an "underground cavity" of that nature from seismic data. Seismic tomography is very much a thing, but it operates on MUCH larger scales.
And if you want to know the "regional geology" there will be a bazillion papers published on that subject.
Note I'm not saying the story isn't true; I don't know; I'm just saying it *seems* unnecessary. And I'm not saying spying doesn't occur; it undoubtedly does.
There's nothing remotely secret about seismic data, and it can't be hidden because seismic energy doesn't respect national borders; we detected and located the last NK nuclear test from NZ :-)
Here in NZ, all our seismic data is freely available in real time - https://www.geonet.org.nz/data/access/FDSN - and I would be surprised if it was any different in China; they're also part of FDSN: http://fdsn.adc1.iris.edu/networks/detail/CB/
So there's no NEED to 'spy'.
About 15 years ago I bought an SGI Onyx system (big high-end workstation) from a guy, who had bought it at public auction but never got it going.
I had to incant some very obscure runes to nuke the PROM password, get it to boot single-user, and hack root, but I did it. And what did I find?
The machine had come out of GSFC - Goddard Space Flight Centre. NASA. And they hadn't wiped it! It has previously been a web server - sprecher.gsfc.nasa.gov - came with a bunch of NASA stuff installed: webservers, internal NASA tools - Earth Observing System Data Gateway etc - user credentials, personnel stuff, Oracle databases - fascinating stuff!
Pic of the thing: https://pbs.twimg.com/media/DuvjScpU8AAhxvk.jpg
"Intel's 3D Xpoint persistent-memory technology has immense promise, even if currently it's struggling in the market. This grade of non-volatile memory can be used literally as memory – it can be fitted into a server's DIMM slots, rendering off-board interfaces such as NVMe obsolete."
Ye Ghods, they've invented the core store!
...for 20 years at least.
If *any* organisation gives a damn about privacy, the simplest step they can take is to *not store the information in the first place*!
Why would a newspaper log the IP address of everyone who reads a story in the first place?! I mean you can wave arms about cookies and targeted ads and goodness knows what else, but why keep that log file? That's data you simply shouldn't have.
That might possibly 'get' the post office prosecutors, although it could be argued that since the PO was privatised they're no longer 'in a public office', and it wouldn't touch the Fujitsu employees who were equally central to this.
No, I stand by my suggestion of 'reckless prosecution' - although perjury could also apply to individuals.
...a criminal offence of 'reckless prosecution', along similar lines to 'reckless driving'.
Prosecutors and witnesses, as in this case, have the power to destroy lives as effectively as a dangerous driver - and when their conduct in using those powers amounts to recklessness, they should face similar penalties, including imprisonment.
And this, I think, is one of those very rare cases where the conduct was so serious and persistent that it could be argued the proposed law should be applied retroactively.
Briefly, those numbers ARE subject to a certain amount of woo, mainly because Autopilot is primarily engaged on highways, which are subject to lower crash rates anyway. So that's a little beside the point.
My main point was all about the *human* factors; the *perception* amongst at least a subset of drivers that using Autopilot at a higher level than SAE Level 2 automation on highways is 'safe enough' for them - despite that use leading to occasional spectacular, and generally fatal, wrecks.
And this is by no means confined to self-driving; there's a substantial difference between the levels of safety that highway and vehicle engineers consider acceptable and attempt to deliver more generally (in terms of fatalities from whatever cause per million miles etc), and the *range* of levels of safety different members of the public find tolerable.
This isn't about what we should or shouldn't 'allow' or what marketing people do or don't do; this about how the end users actually *use* whatever products we give them.
On a purely personal level, I'm... uneasy... about the existence of any level of automation between Level 1, adaptive cruise control, and level 4 FSD. Either you take full responsibility for the course of your vehicle, or you take none, and doze off happily.
This prompted thought:
"The US National Transportation Safety Board in its report [PDF] on the incident said the probable cause of the crash "was the truck driver’s failure to yield the right of way to the car, combined with the car driver’s inattention due to over-reliance on vehicle automation…""
I'm sure this - drivers not paying attention - happens a fair bit more often than Tesla would care to know or admit. And yet the stats show that, even now at level 2, letting Autopilot do the driving is significantly safer than doing the driving yourself.
Could this be a case of the market anticipating the regulators, and drivers feeling comfortable enough with the automation to let the car do the driving and not pay attention? At least on the highway? It's marketed as level 2, it's intended to be used at level 2 - but at least some drivers seem to be comfortable using it at a higher level than that, in a way that was not intended, and the resulting accident rate is within the bounds that people (rather than regulators) find acceptable?
Of tilt were enough to disrupt the operations of the machine?!
I once had an IBM System/38 (google it) fall off the liftgate on the back of a truck. The whole thing dropped ~ 4-5ft onto concrete, landed on its back.
Damage? Broke the cast alloy hinges holding the back doors in place.
Dragged it upright again. It powered up no problem and IPLed (booted) and ran just fine.
https://www.youtube.com/watch?v=2cAWArBXRhE
IBM quality.
Are you serious?!
The PM's position throughout, and that of the Tory party and many of their supporters, is that this was NOTHING to do with Brexit; it was just a normal prorogation leading up to a normal Queen's Speech, and it was a complete and total coincidence that it covered a period when Parliament would have been very engaged in scrutiny of the executive, and possibly legislating, over Brexit, and it was just an accident of timing that it was for five weeks instead of the usual five days.
THAT WAS THE LIE.
It was transparently obvious to the dogs on the street that it was a lie, a complete load of cobblers, and the Scottish courts saw right through it instantly.
One the best tweets came from The Guardian's political sketchwriter:
"Amazed that so many Brexiters who insisted the prorogation was nothing to do with Brexit are now adamant prorogation being declared unlawful is an attempt to stop Brexit"
I believe they hit the nail on the head with a very satisfying thump.
I don't want sycophants, and as my post makes clear, I'm not one. I've had a Samsung phone too - and the crap on that made me want to go back to the plain vanilla no frills Google Android experience.
No sycophants - but this is a bit too much like a hit piece. IMHO.
Really can't agree with the tone of this article. I'm sure some customers have had issues; I'm sure you could find similar issues with various phones from *every* manufacturer - but you wouldn't run quotes saying they 'shouldn't be in the hardware business'!
I'm not a Google fanboy by any means, and I've had a couple of issues with phones from them too. But I've had had Google phones since the very first Nexus, and I'd honestly recommend them to anyones shortlist.
They do need better international support however. Had issues with a Pixel 2 while overseas. Under warranty, no problem, they'll replace it, right? Wrong. They said sure we'll replace it - when you're back in the USA. But that won't be for a couple of months? Tough. They apparently have no ability whatsoever to ship a replacement phone overseas; they need to do better on the international service and support front.
We're far far beyond merely 'disgusting' which is, as you said, very subjective.
As the Chief Censor here in NZ, the video, and his 'manifesto', were "designed to inspire, encourage and instruct other like-minded individuals to carry out further attacks."
That is why they have been, rightly, banned.
"Those core staffers are split into siloed departments, and only have access to their own department's databases with every request to look outside their immediate area of work reviewed by an administrator."
"...A programmer who gets authorization to learn about the addressing structure has to demonstrate a separate need to know to learn the instruction set. The avowed aim of all this red tape is to prevent anyone from understanding the whole system; this goal has certainly been achieved..." - Internal IBM memo commenting on the security procedures for the *failed* FS project.
There may be more to this than meets the eye. Reports of multiple sightings of multiple drones, from ~9pm through to at least ~3am.
That's probably not some kid being stupid, or a prank. That's starting to look like we need to at least consider the possibility of a planned attack on infrastructure; a takedown of the airport. Maybe even a rehearsal; now imagine the same thing happening at several airports across the southeast; chaos cubed.
I found someone had made a webpage of my original usenet post documenting the procedure for posterity!
http://www.sgidepot.co.uk/onyxnvrampwd.html -
How to clear the NVRAM password on an Onyx/Challenge
By Michael Ross and Chris Patterson (MCE)
1. Enter POD mode using the debug options as documented my Ian Mapleson at:
http://www.futuretech.blinkenlights.nl/chalonyxdiag/syscontroller.html
Note that the POD prompt will only appear on a terminal connected to the console (tty1) port - the GFX display will remain blank.
2. At the POD prompt, type 'zap'.
The PROM password is now clear, you can type 'io' to start the PROM monitor, from where you can now access the command monitor, install software, etc. etc., without a password.
3. Don't forget to disable POD mode again before rebooting!
'zap' is documented in the POD prompt help screen (type '?' for a list of POD commands), but the description is something very innocuous, like 'reinitialise environment', and gives no clue to the fact that it blows the PROM password away!
NOTE: 'zap' also blows away your entire configuration. So when you go into the PROM monitor, console is set to tty1 not GFX, your boot/root/OS devices may well be wrong - my setup was defaulting to boot dksc(0,....) when the disks were all on dksc(1,...) etc. etc.
So be sure to review and fully understand your configuration BEFORE using 'zap', if at all possible (I know, it's kinda hard since you're locked out of the command monitor).
Thanks to all who helped!
Mike
http://www.corestore.org
Back in the late 2000s, I bought an SGI Onyx workstation on eBay. The previous owner had bought it at government auction but didn't want it so moved in on. My gain. Nice upgrade from my previous Crimson.
I had to research some pretty obscure hackery to bypass the BIOS password, which enabled me to boot single user and hack root. And what did I find? A NASA machine; from the Goddard Space Flight Center in Washington DC. And they hadn't wiped it! Judging from what I found, its graphics had been outclassed by newer machines, but they repurposed it as a server; it was full of Oracle databases, personnel stuff, and a bunch of internal websites etc. Fascinating stuff! Pic for any doubters:
https://pbs.twimg.com/media/DuvjScpU8AAhxvk.jpg
Astonished they let that out without wiping it first!
How does this interact with 2FA? Is that still secure, if it's turned on?
Presumably any attempt to actually *use* these access tokens would generate a 'new login from unknown device' warning from FB? I certainly always see that when I try to login from a device I haven't used before. Is that warning a default, or something you have to set up when you configure security? I can't recall.
Greatly impressed with the Pixel 2, greatly unimpressed with Google support.
Mine, 2 months old. Just failed. Won't charge - and when I unplugged the charger cable after trying for 5 mins, the metal part was so hot it almost burned my hand. Phone very hot too, after just 5 mins attempted charge. Google happy to offer warranty replacement - but not until I'm back on US soil - 'tough, you'll have to do without a phone for a couple of months; we can't ship overseas'.
It's a fairly premium product; it deserves premium service. Does no-one in Google have the wit to stick a phone in a box and slap a shipping label on it?!
I didn't say or mean anything like that; please don't put words in my mouth.
My primary point (which I thought was obvious from the 'Canute Syndrome' opening) was the sheer futility of thinking national courts can control the borderless internet with suppression orders or injunctions. That entire concept is in its death throes.
What boots it for NZ courts to forbid NZ media (and individuals) from disclosing details of a court case when everyone else on the internet, from Baltimore to Bangalore, can publish with impunity because they're *not subject to NZ laws*? (and everyone in NZ can read the resulting publications of course).
My secondary point was to make a stand against this encroaching... balkanization of the internet. You don't like the 'right to be forgotten'? You want your search results uncensored? Just use the US Google servers - but that shouldn't be *necessary*.
I think it's a lot simpler than that, DavCraw.
The legal term for this kind of injunction is 'contra mundum' which means, literally, 'against the world'. Someone seems to have taken that very literal meaning and run with it. What it actually means in practice of course is 'against anyone within the jurisdiction of the court' - and UK courts don't have jurisdiction overseas; the wording simply refers to an injunction that applies to everyone in the UK, whether or not they've been formally served with it, as distinct from a normal injunction against certain named people or organizations.
...of what I call 'Canute Syndrome'. There isn't a little local NZ internet for little local NZ people, and courts are going to have to come to terms with that. NZ has very strict 'suppression orders' at times; not too long ago, a fairly prominent politician went on trial on certain eyebrow-raising criminal matters (historical allegations I believe) which would have been front-page news in any other country. In NZ, the entire case was suppressed; the media could only report on it in the vaguest possible terms (and without so much as hinting about the identity of the politician, or even that he *was* a politician, it was just 'a prominent New Zealander appeared in court...') thanks to sweeping suppression orders that applied before, during, and after the case.
We've seen similar stupidity here in the UK, most preposterously when the then Attorney General insisted that the injunctions issued by British courts protecting the new identity of Jon Venables applied to the entire world, and that they made it a crime for anyone, anywhere to publish any information concerning the matter - which is of course facially wrong and fractally nonsensical; how could he purport to suggest that a British court could override the first amendment in the USA, just for starters?!
(Interestingly, every time the story comes up, every UK newspaper report I've seen mentions that injunction, and continues to parrot the line about it having jurisdiction over the entire world, uncritically. I wonder why; they *must* know it's a load of rubbish!)
I think you miss part of my point.
This is a case where the company has very publicly demonstrated failure to keep some very important personal data safe; that's _why_ the story has been such a big deal.
I'm asserting that, quite apart from the general principle, such cases are ones where 'severe breakdown in trust' _overrides_ any concept of 'legitimate interests' and would (or should) allow the subject to compel the deletion of data. It's especially egregious in the case of credit reference agencies, as the subject has NO direct contractual relationship with the agency; they're not in any sense a 'customer' of the agency, and they're not free to 'take their business elsewhere' in a free market.
That's why credit reference is an example of a special case where 'legitimate interests' is (or should be) FAR less compelling even under existing law.
Well if it's possible for anyone to delete their data, the presence or absence of that data can no longer be relied upon; it'll break entirely away from the 'everyone leaves a data footprint' way of thinking that seems to have grown up with remarkably little question or oversight.
If we're sufficiently angry about this, can we tell Equifax "I don't trust you to hold my data; I require you to delete every piece of data you hold on me"?
It would seem a reasonable request in the circumstances - but is it possible? If not, data protection laws are worth very little. We need the ultimate sanction, as individuals, of being able to easily compel companies and organizations to delete all identifiable data they hold on us.
Since when does the FCC regulate satellite launches?! Wouldn't that be down to the... FAA or something?
And, there's a space treaty which has been in force for a long time and which places the responsibility for regulating commercial space activities on the country *from which they are launched*.
Americans sometimes have funny ideas about this stuff - I seem to remember a small kerfuffle a few years ago where the US purported to assert the right to regulate the sale of satellite images, even when they were taken from a foreign-owned satellite and offered for sale overseas.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
