nav search
Data Center Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by Jack of Shadows

2764 posts • joined 11 Jul 2014

Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about

Jack of Shadows
Silver badge
Pint

Re: Core issues

Great job explaining this then. I didn't meet TLB's until the late '80's for personal computers. My hats off to that team finding this and a really, really nice use of Machine Learning.

6
0

In huge privacy win, US Supreme Court rules warrant needed to slurp folks' location data

Jack of Shadows
Silver badge

Re: Literalist vs Living

Not too many people are willing to go out on there own to read what the Founding Fathers wrote as their intent and expectations with respect to federalism and individual protections. It certainly doesn't help that most have never heard of them in Civics, if that's still a required course. The main reason I did so is I wanted a firm understanding of my military oath and all the constitutional law relevant. And it's a bit of fun seeing what corkscrews and in that history.

One interesting addendum: Chief Justice John Roberts is the appointing authority for all FISA court judges. I'm waiting to see what he does there in the future.

4
0

Amazon staffers protest giant's 'support of the surveillance state'

Jack of Shadows
Silver badge

Re: Hmmmmm

Exactly. I believe it was "Citizen of the Galaxy" that drove that point home. I do not check either my ethics nor my morals for any reason and that has been made abundantly clear to anyone that might need reminding, especially my chain of command.

2
0

Schneier warns of 'perfect storm': Tech is becoming autonomous, and security is garbage

Jack of Shadows
Silver badge

Re: ahum, dumb fucks ?

"Dumb fucks" hasn't ever come out of my mouth, no idiot, moron, and any other synonym. I might "think" it, but that's as far as that goes. I started being a teaching assistant at the university at age 13 and along the way learned the different ways people approach things. Once I have it nailed, explanations about what happened, what they expected to happen, and how they should try to do it in the future a real time saver. It's an investment forward. I sure as Hell know that my bosses appreciated that approach. It's in all my evaluations. I like teaching. That "aha!" moment is priceless. Literally.

I also spent a quarter century as a sysadmin, sysop, and technical adviser on CompuServe in multiple fora. I've no respect for people that treat others poorly. Yes, it seems a Sysiphysian task at times, but again, guiding others is a good reason to do that job. And, quite often, you'd see those people jumping in to help others.

Lastly, Ive worked in a dozen fields of engineering, half dozen of analysis, and whatever else the Navy required. The only box I notice is the one people assume separates them which doesn't really exist. It's all math, of several types, but relationships between things are what you need to understand. Change the units, use a different constant or three, and poof! You can translate approaches between different fields. It just so happens, once you show someone that trick a time, or three, they "get" it and start using it themselves.

Finest complement I was ever given was by the Chairwoman of the Department of Statistics and Computer Science. At the beginning of the quarter she pointed at me and said if they have any trouble, see me. Lots of smiles around as if it was a joke. She said next, I could explain things if they didn't quite understand what we just went over.

So, "dumb fucks" is something you won't here me say.

2
0

Trainee techie ran away and hid after screwing up a job, literally

Jack of Shadows
Silver badge

Re: He started a new life

Pretty much the same here. I let people know up front what I can't do well, or at all. On the flip side, I'm more than willing to do what I do well for others. Building up banks of favors is a fine US Navy tradition and I built up a lot.

Curiously, you don't want me on power tools either. Now if you want an glass clear waxed deck (floor), I do those very nicely indeed. That's above and beyond engineering, bordering on magic.

20
0

Skynet for the win? AI hunts down secret testing of nuclear bombs

Jack of Shadows
Silver badge

Re: Need a test signal...

Understood. TPTB would throw an total shit-fit if I even try to go to one of the "evil countries." That's a shame as I rather like Hong Kong.

3
1
Jack of Shadows
Silver badge

Re: Need a test signal...

Proud, here at least. Born, bred and absolutely insane.

4
0

Oracle's new Java SE subs: Code and support for $25/processor/month

Jack of Shadows
Silver badge

Only Java here is for Android Studio. That's no loss at all.

4
0

Big Cable unplugs Cali's draft net neutrality protections yet AGAIN

Jack of Shadows
Silver badge

Re: Google. AI faster!

No, it's "why vote for the Lesser Evil." Sweet Meteor of Death is my personal favorite.

Back on topic: Little known it seems but the wacky California Initiative process, where the California Constitution can be amended by popular will, is the direct result of just this type of corruption. There existed a Gang of Five millionaires back in the second half of the 1800's that owned the Governor and pretty much all the legislators. [Mark Hopkins and Leland Stanford I can recall off the top of my head.] An initiative process was forced into the Constitution and it's been there since.

It's become far more interesting to see how it has played out in the last fifty years with the introduction of special interest money and mass media. We'll have to see drops out of political process if the Net Neutrality groups decide to take it direct to the voters.

4
0

By gum, that's chewy: Samsung's NF1 fattens M.2 card capacity with wider gumstick format

Jack of Shadows
Silver badge

... ad toss in the datasets which see semi-[regular use and you get to 20 TB here. That's completely ignoring the 10K and MLC flash.

I'll be dead before this comes within reach.

0
0

Dixons Carphone profits drop 24% amid hack 'n' high street struggles

Jack of Shadows
Silver badge

The 21st century sure has become a Godsend for those of us with disabilities. Even factoring in the delivery charge, which is offset by the cost of whatever transport is available to us (they call it HandyRide hereabouts). Or, God forbid, the cost of a taxi.

3
0

US Supreme Court blocks internet's escape from state sales taxes

Jack of Shadows
Silver badge

Re: Er ....

I've concluded that someone, or several someones, will have developed a nice niche. Word of warning, though. I'd lay good odds that Amazon is already sitting on this and more than willing to rent it to you. For a price.

6
0

How a tax form kludge gifted the world 25 joyous years of PDF

Jack of Shadows
Silver badge

Re: I find PDF highly useful

Considering I just ran into a .pdf with malware embedded, I'd bounce pdf's here as well. One of my tripwires caught it, thankfully.

2
0
Jack of Shadows
Silver badge

Re: Format of choice for immediate offline reading, easy sharing or simple portability

Same here for engineering documents. Even if larger than screen size of my tablets, they scroll just fine. The same for any type of analytical output for what they're now calling data science. The standard used to be TeX, PDF is serving as a useful replacement where there is zero tolerance for rendering a page. Anything besides TeX and PDF don't have enough of a guarantee to bother with, and yes Microsoft, I'm looking at you.

Aside: I really did like DPS on the NeXT. I'd be using it now if I could find a way to readily rip and replace the rest of the desktop. Menus, docks, etc. are already setup the NeXT way. Nobody even thinks of using my machines. Too weird.

7
0

HPE: You want full-blown enterprise software on our Edge boxes? You got it

Jack of Shadows
Silver badge

Re: A solution looking for a problem

It really was well served. First the promise to invest $4bn into the R&D on this project. Followed next with the unveiling of Microsoft et al. support out the gateway. Still, I'm puzzled about intent. Again, still.

0
0
Jack of Shadows
Silver badge

Whatever you are doing at "the Edge" will have to high enough return on investment or this is a loser's game. I can see the cases where this may hold. That's a hellacious hardware to be positioned outside the datacenter. Whether business can is an open question.

Anyone else one elephant in the room? How theft-proof is this going to be?

1
0

Please tighten your passwords and assume the brace position, says plane-tracking site

Jack of Shadows
Silver badge

Re: Great site

I keep a weather eye on ICE, CBP and DEA flights. They always fly right over the freeways here while out and about. I presume that their targets never check-6.

1
0

Atari accuses El Reg of professional trolling and making stuff up. Welp, here's the interview tape for you to decide...

Jack of Shadows
Silver badge
Pint

Re: Oh how the might have fallen...

*Forget professional trolling, Atari and Amiga owners have been trolling each other since before "trolling" was a thing...

Hell, yes! What was the twinky OS you had called? GEM? My sister ran that on here C= 128.

Very good times. Have one on me -->

21
0

Tesla fingers former Gigafactory hand as alleged blueprint-leaking sabotage mastermind

Jack of Shadows
Silver badge

Re: Tripp?

The Tripp-Lite conspiracy?

Sorry Tripp Lite. I still love you.

0
0

Private sector needs a little sumthin' sumthin' to get it sharing threat intel – US security chap

Jack of Shadows
Silver badge

Re: Not feeling it

Given economic history, I've been hoping that the insurance industry get to it. They are flawed in some ways* but nothing like with government regulation which often results in regulatory capture.

*- As my Mother puts it: All any insurance company would like to cover is "pig iron, underwater for fire." She once long ago worked for TransAmerica.

1
0
Jack of Shadows
Silver badge

The only breaches that have happened to me were OPM and the Veterans Administration. Trust the government?

1
0

JURI's out, Euro copyright votes in: Whoa, did the EU just 'break the internet'?

Jack of Shadows
Silver badge

Copy & Paste Journalism

I wasn't paying much attention to the effect on Google; they're a mega-corp so good luck with that. What I found more interesting is looking at all the ways publishers can negatively effect their competitors. There's an awful lot of copying, snippets true, going on out there. If published snippets can be detected, and they can in roughly the same way as music, what happens then? Plagurism is very much alive and well.

0
1

Azure admins free to sync their teeth into database-spreader tool

Jack of Shadows
Silver badge

If we are to reduce Consistency to Eventual Consistency (maybe, whenever), there are far better choices amongst the NOSQL (as in Not Only SQL) out there. Then it comes down to what "neat feature" suits best for your implementation.

1
0

Hot new application for blockchain: How does botnet control sound?

Jack of Shadows
Silver badge

Re: Something to be Terrified of and Terrorised by All Human Media Accounts/Programming Channels.

Of all the things I've lost in this long life, I miss my mind the most.

1
1

Mellanox flushes three directors at behest of activist investor

Jack of Shadows
Silver badge

I can't figure it out here. It's not like Mellanox is in some vibrantly exciting market niche. Okay, some of their stuff gets a nerdgasm here, but rarely for anyone else.

2
0

HPE CEO pledges $4bn Edge R&D splurge

Jack of Shadows
Silver badge

I'm certain that they can't possibly pull it off. Not enough money especially as they'd need to buy at least two firms. They've also serious lack of in-house talent in two of the required areas of knowledge and I've doubts on two more. This is seriously cross-cutting domains and it's going to make them bleed.

As I'd rather not provide them with a business plan, I'll leave it at that.

3
0

Microsoft Azure Europe embraced the other GDPR: Generally Down, Possibly Recovering

Jack of Shadows
Silver badge

Re: MTBF vs Blast Radius

No, they aren't directly interoperable although there's a few players out there that can build across providers. However, if you are doing your design correctly, everything should be loosely-coupled which mitigates things a bit. The problem, as I see it, is that they're holding it wrong: the providers and the clients.

4
3

Verizon promises to stop selling its subscribers' location data... for now

Jack of Shadows
Silver badge

I'm beginning to like being invisible more and more.

6
0

Cisco snags potential customer-sniffing biz for an undisclosed sum

Jack of Shadows
Silver badge

Re: Next up...

Right. As I do not carry any sort of tracking/bugging device, I suppose I'm never to have customer service again. Yay! I'll avoid doing a five-finger discount, since they'll be tracking the items through their RFID tags.

3
0

Senior judge: Put AI in charge of reviewing social media evidence

Jack of Shadows
Silver badge
Holmes

I'm waiting for this to travel over here in the US. How would you handle the defendant having a right to face their accuser?

As for the AI/ML question, you've got people assuming that the trained software knowing the context of whatever it is analyzing and nothing could be further from the truth. Any meaning about what the inputs, as well as the outputs, are assigned by humans. It's just like the case of male being assigned the value zero and female assigned to one. Or is that supposed to be red is zero and green is one? Outputs work the same way. Just because you throw a metric fuckton of data at a collection of processors doesn't mean anything at all.

I know, preaching to the converted. From my very first consulting contract to the very last project I've done professionally, predictive analysis, machine learning, and artificial intelligence have been tools used where it made sense. Thinking about it,,,, yeah, bring it on! I can see $$$ testifying for the defendant whenever AI/ML is used anywhere in a case. One of my statistics professors used to make a ton of money testifying for either side of a paternity suits. That he could argue either side should tell everyone how accurate those were back in the early '70's.

3
0

Apple hauled into US Supreme Court over, no, not ebooks, patents, staff wages, keyboards... but its App Store

Jack of Shadows
Silver badge

Re: My gut feeling about the paying process

No, not meant to be rhetorical at all. May go the heart of whatever decision comes from the Supremes. Sometimes, okay, rarely do you find immediate sense in any legal decision. There are times, admittedly few, where it's just this simple.

0
0
Jack of Shadows
Silver badge

Re: My gut feeling about the paying process

Just for interest, since I'm not involved anywhere in all this. What/Who does the receipt listed say billed you for your shiny new app?

3
1

PC nerds: Can't get no SATA-isfaction? Toshiba flaunts NVMe SSD action

Jack of Shadows
Silver badge

Re: What about endurance?

Already out there for quite some time. Some of the cards that take more than one M.2 drive do interesting things similar to RAID0.

0
0

Strip Capita of defence IT contract unless things improve – Brit MPs

Jack of Shadows
Silver badge

Re: A cynic writes...

"First you blind them, then you kill them." Really doesn't matter who is doing what to whom. Anyone expects any non-local links to work in any dust-up is a fool, really doesn't matter whether up above to down below.

2
0

Hortonworks Data Platform update flicks on containerisation

Jack of Shadows
Silver badge

Re: Meh...

Yar, except my list started in reverse of your order.

0
0

Yubico snatched my login token vulnerability to claim a $5k Google bug bounty, says bloke

Jack of Shadows
Silver badge
WTF?

Internal politics at Yubico involved? I have two keys myself, and not sure what to make of this.

3
0

Pwned with '4 lines of code': Researchers warn SCADA systems are still hopelessly insecure

Jack of Shadows
Silver badge
Mushroom

Re: Do not put these systems online then?

They can fire me, then have escorted off the premises. They can't overrule me. On some things (safety hazards of all sorts), I have absolutely no give and that's always been the case, from a very young age, long before I started learning all things nuclear. Which was probably why I was picked for that job. Hell, I've chewed out an Admiral one day. Rightfully. Never heard a word back from the chain of command.

1
0

It's roundup time – like scouring the local paper for pics of your kid, but with storage firms

Jack of Shadows
Silver badge
Thumb Up

I love this article already!

"... whether that's sick new tech,..."

No mail capability on this device. I do think y'all should use this fragment from now on!

0
0

What's all the C Plus Fuss? Bjarne Stroustrup warns of dangerous future plans for his C++

Jack of Shadows
Silver badge

Re: Code style

Concur. That's part of the future support capability in whatever I do. It's highly likely, for one reason or another, some one else is going to try something with what I've crafted. Why should I make their life Hell? I also keep the complexity level low, not stupid but useful. APL (J now) is a favorite of mine but I'm used to using maths most everyone else doesn't know exists.

2
0
Jack of Shadows
Silver badge

Re: Disagree....

Rust has caught my eye as well, and for the same reason. If you or I dare to open the parts of my drives containing all compilers, scripting languages, RAD tooling, basically most everything usable over the last 45 years of software development, it's an impressive stack. When doing a job, I get the general requirements, budget, time, and a list of anything already used in-house. [It's extremely likely some other person is going to support this down the road.]

I collect languages and/or libraries like lint (pun fully intended). Look in the toolbag. Does X fit this job spec? Put in the useful widget stack. Otherwise, goto next. I've got better things to do than argue around evangelism of any sort.

[The last time I was evangelical, it was the Amiga.]

5
0

Developer’s code worked, but not in the right century

Jack of Shadows
Silver badge
Happy

Well usually, you find out that I do that kind of thing fairly regularly. Most all of the machines here have floppy controllers. Still. When I say I do legacy, I mean it.

2
0
Jack of Shadows
Silver badge

Re: Because computer dates are numbers but real dates aren't

That's an "assumption" you'll find in bold type in a highlighted box in my code. I really don't "expect" anyone to be using dBase II, III or Clipper but "it's the military, stupid." God, that's going back to things I still shudder about.

3
0
Jack of Shadows
Silver badge

Re: timestamp is a date format

No joke here. You'll see files with yyyymmdd encoded in the file name for those items that consist of semi-regular snapshots. Usually the Friday Squid Blog on Bruce Schneier's 'blog. I've other troves, but the one that drove the format.

2
0
Jack of Shadows
Silver badge
Holmes

While I can't speak to supermarkets but while I wore the uniform, we had a unique format for dates on requisitions. You took the last digit of the year and tacked that in front of the day in Julian format (YDDD with DDD being count of days since first of the year.) I had all kinds of fun coding around that. Not just getting a valid date into the supply system, I also had to be able to reverse that from normal calender that we use for all other purpose. Lastly, I needed to be able to do arithmetic in this Julian. Almost forgot. All of it had to be validated (sanity-checked) as I do create contracts for everything I've ever coded and ruthlessly enforce them.

F*ck this up and it's a general courts martial that results. Good fun.

19
0

AWS seeks ‘startup launch’ experience for end-user services

Jack of Shadows
Silver badge

Just curious

No mention of VMware om AWS as a possible tie point?

0
0

Hmmm, we can already seize your stuff, so why can't we shoot down your drone, officials mull

Jack of Shadows
Silver badge

Re: I would have done a full rant, but why waste the effort.

I'd send the thing out with pulling the pin as the last task before takeoff. It's what we do with military planes/helicopters/.... Then it's simply a matter of removing the restraint on the grenade handle when you want to do a delivery. It's always easier to release a restraint than active pulling or any other action.

Me? I wouldn't even bother with a mere hand grenade. With the right precautions, I can let my fingers do the walking at the local uni to get proper recipes. [As if I didn't have a ton of chemistry, chemical engineering and other engineering references already.]

1
0
Jack of Shadows
Silver badge

Re: I would have done a full rant, but why waste the effort.

He loves it when new people drop by. He lives in a camper so being resource contrained isn't a surprise. A maker's maker.

Twitter: @Glytch

YouTube: youtube.com/glytch

WWW: glytch.tech

0
0
Jack of Shadows
Silver badge

I would have done a full rant, but why waste the effort.

The ISIS drones dropping hand-grenades? As if that's been bought over the counter. It's not even that hard to design and build one's own. The software is available in the torrents (I checked), parts available from numerous sources, locally or via the 'net, cash or credit. As if anyone keeps track of who's buying these parts. Lastly, you have ROS for running the beast. If you want spiffy, 3D-print the covers.

For anyone that say's you can't, just check YouTube. One of the people I track has done all this on the cheap.

3
0

Deck the halls with HALs: AI steals the show at Infosec Europe

Jack of Shadows
Silver badge

"Known AI-facilitated attacks have yet to actually happen but security firms are nonetheless taking the threat seriously and preparing for what might come around the corner.

TFTFY

1
0

US regains supercomputer crown from Chinese, for now

Jack of Shadows
Silver badge

Re: Recycling

I can't really say definitively but the one's I know about in academia are kept around for "lesser tasks." Which cuts down, somewhat, on the pipeline for the new machine.

Aside: "Zacharia said he was confident US scientists would be able to hit that milestone." Involving the Intel that just had to go back to the drawing board on these new exa-FLOP machines 'cuz the CPU's couldn't cope? Good luck with that.

2
0

The Register - Independent news and views for the tech community. Part of Situation Publishing