* Posts by Milton

880 publicly visible posts • joined 14 Jun 2016

Page:

How can airlines stop hackers pwning planes over the air? And don't say 'regular patches'

Milton

Beware the idiots

Beware the idiots (some in the national security apparatus; many politicians, though it's a tautology in their case) who would like to be able to remotely take control of an aircraft suspected of being hijacked. The topic has been revisited by morons several times since 9/11, and more recently MH370's disappearance.

And if you think that can't happen, there are greedy airline bosses who have seriously suggested reducing flight crew to *one* pilot, and even wondered aloud if they could allow plans to be completely automated¹.

Now, Reg readers are smart enough to know that when an robocar fails, it can fail-over to drift to an embarrassing stop at the side of the road, at the small risk of maybe four or five people; whereas a roboplane may fail into the ground at 500 kts, at the major risk of 600 people (in the aircraft alone). It's an important difference, but greedmongering executives and imbecile politicians are easily blinded by cash and flattery, so ... like I said, beware ...

¹ Yes, the obnoxious pillock O'Leary: how did you know?

Sure, Face ID is neat, but it cannot replace a good old fashioned passcode

Milton

It's all about Purpose

Apple are not the only manufacturer to use their marketurds to deliberately confuse and mislead customers, so this is not an anti-Apple dig except insofar as it is the most high-profile recent offender.

The problem is that fingerprints and face-id are not only not the same as PIN, they are actually for different purposes. It's a mistake (a deliberate one by Apple et al) to conflate "*quick* access for me" with "access *only* when I approve".

Fingerprints and face-id provide a means of quick access which works for the user while making it unlikely that anyone else in the vicinity can get the same ready access to the device. Some effort is required to copy fingerprints, and bit more still to replicate faces. It's perfectly obvious that both are insecure given that the Stasi can physically coerce you into swiping a finger, or even more easily just wave your own phone at your face, to unlock. More sophisticated black hats can copy prints and so on, which makes both technologies quite useless for those with real secrets, against whom professional resources would be worth deploying.

PIN, on the other hand, while being inherently slower and more fiddly, fills the "access *only* when I approve" purpose. Using a 10-digit mixed-alpha-symbo-numeric passcode gives you around 3 sextillion options (3x10^18) which, even if we assumed the phone's code was so poor as to allow endlessly repeated tries every millisecond, would take a mean time of over 40 million years to successfully brute-force. And of course, while the Stasi can fingernail the PIN out of you, that requires time and effort and some damage, a risk and investment that goes far beyond simply waving the device's camera at you. Even Trump's imbeciles at Homeland Security know better than to leave torture marks on journalists. (And of course, a properly secure device will allow a purposely incorrect passcode to permanently wipe its contents, so that the paranoids and spooks can trash the data even while the splints burn down to the quick.)

So I submit that we're missing the point with blanket dismissal of fingerprint or face-id, and should be more specific in our criticism.

Face-id and fingerprint are fine for quick, easy access and very poor security.

Long, random PIN/passcode, well implemented on an properly encrypted device that does not allow repeated rapid brute-forcing, is the only truly secure system if you really need secrecy.

And bear in mind—no one should need to be told this in 2017—leaving stuff on your mobile device like bank details, stored passwords, automatic logins, may well count as "needing secrecy". You don't necessarily need to be a spook or a Guardian journalist.

The enemy of decent security is laziness, when you come down to it.

Metal 3D printing at 100 times the speed and a twentieth of the cost

Milton

Revolutionary!

Many of the somewhat carping comments here seem to have either not finished reading the article—which does *not* pretend that every form of metal-object manufacturing will be obsolete next year—or are focussed on high-strength, high-durability use cases which are, for the moment, excluded. Yes, it probably will be a while before we're making trustworthy HP turbine blades using 3D printing, but in the meantime I think I go along with another commenter who suggested that this new facility would be a really useful extra capability to supplement all the other stuff we do currently.

I was particularly struck by the point about reducing the number of moving parts in certain assemblies. Let's think of that as "separately manufactured and then tediously linked together" parts, and it becomes easier to see why a 100-piece assembly might be functionally replicated as a 10-piece one. The article itself makes the point that a functioning hinge can be printed as an integral item, instead of making the base plates, pins, then slotting them together etc, and when you consider the mechanical complexity of some bits of machinery ... it's not difficult to see why imagination and ingenuity can let you replace an item that once required 100 different bits to be made and assembled by something requiring only 10. I'd be surprised if young engineers will not find ways to massively improve on traditional designs, producing equivalent functionality cheaper, lighter and better. Not every metal engineered part has to support a London bus.

In passing, mention of Nasa immediately made me think of Item One in the packing list for the next manned Moon or Mars-shot: a couple of top-end multi-material 3D printers, a tonne of various ingots, and the data needed to repair or remanufacture every critical part of the spaceship, suits, habitats—to be used by astronauts/colonists who've been trained to design and make new stuff as needed, too.

Plus, of course, the data and materials needed to make additional 3D printers ;-)

UK.gov: IT contracts should be no more than 7 years. (Not 18, Fujitsu)

Milton

Missing the point

How about "Government contracts should be managed by well-qualified, skilled, experienced and properly informed managers"?

Or "No politician or government employee shall, for a period of at least 7 years after leaving the government or civil service, benefit from any relationship of any kind with any entity which has tendered for government work or performed it within the last 7 years"?

Or "Instead of being predictably, serially, perpetually ripped off by vast consulting groups and suppliers of extremely dubious competence, the government will forge a high-standards in-house IT division to build excellent capability in delivering realistic, effective solutions within a security-conscious environment oriented toward the public good"?

Or, in fact, ANYTHING that will actually begin to rid government IT procurement of incompetence, corruption, waste and failure?

No, thought not.

Instead, let's just fart around with some PowerPoint dross and pointless gestures first, then see if we can arrange for whoever's our minister this week to get the promise of a six-figure "advising" sinecure for half a day a fortnight on the board of whichever three-letter bunch of liars are next in line to gorge on the taxpayers' cash, shall we?

Coinhive crypto-jacking increasingly pops up in top 3 million websites

Milton

Feeling mean?

If you're feeling mean, I hope that someone will come up with a piece of code that infects the allows the miner in turn, allows it to run but corrupts it, feeding subtly incorrect results so that the parasites responsible find that their effort *and* their time has been wasted.

Self-driving bus in crash just 2 hours after entering public service

Milton

Sigh ...

And, as a matter of interest, did a single news outlet today use the headline—

"Self driving bus bumped by careless human after just two hours in service"?

—or does every single site have to say "Self driving bus CRASHED", thereby (a) exaggerating what was a mere ding, and (b) leaving the clear impression that the bus did indeed itself crash, rather than just being dented by a clown who wasn't looking in his mirrors?

If this is how blameless fender benders are reported, it's going to be a long road to any kind of realistic public perception of automated vehicles.

Perhaps we should have a rule that requires every report of a particular type of event to include comparative stats for similar ones.

So, we'd have—

"Three minor blameless collisions involving automated vehicles in the UK today. Plus five deaths, 27 injuries and 165 writeoffs caused by human drivers."

—and—

"Seven suspected deaths from hideous awful terrifying evil drugs in the UK today. Plus 317 people died of alcohol-related illness and accidents."

Pity the poor headline writers and their infantile scaremongering.

Facebook's send-us-your-nudes service is coming to UK, America

Milton

Limited use case?

So if you happen to have access to photo(s) of you, which you believe are also in the possession of an ex/other (why would *you* have copies?), and if there are few enough of them to make this upload practical, and if Facebook doesn't set too low a limit on the uploaded quantity for any one customer, and if you trust Facebook to permanently delete the copies you send, and if you're willing to have total strangers in the form of FB employees vetting what you send (because it simply *cannot* be a fully automated process, for reasons that surely don't need to be belaboured), and if legalistics don't require FB to be able to retrieve all images anyway (think: kiddie porn), and if you trust the security and integrity of ANY internet company (cue hysterical laughter), then it's likely that if your ex does try to mischievously upload embarrassing photos to FB—they won't be able to.

Except of course, such photos probably violate FB's ToS anyway, so the miscreants will have uploaded them somewhere else where that entire fraught, unreliable and not to be trusted process wouldn't help in the slightest. Because, lest we forget, Facebook is not the internet. It's just the shallow end.¹

¹ Though not, admittedly, as shallow as Twitter, the definitive paddling pool for 'tards.

Google, Volkswagen spin up quantum computing partnership

Milton

Uh oh

This could bring great things, but based on the track record of the companies involved, this will boil down to a quantum computer that really isn't, hyped with a mountain of fluff and weasel words, backed by a marketing campaign to convince punters that there is, in fact, a quantum witch behind the curtain of flashing LEDs. Google will take care of begging, borrowing or stealing the data required to feed the system and exploit victi—, sorry, customers, and VW can handle faking the results to help them sell cars (whether this ultimately kills people or not, so long as it makes money).

And if that sounds cynical, consider Don't Be Evil's history with data, and VW's with a massive fraud designed to help them sell excessively noxious cars that have contributed to pollution deaths across the world.

The fact that quantum computing, right now, is amusingly both there and not there, just adds to the worry that we're about to be victims of another cloudy, AI-type hype-avalanche.

Scientists think they've found primordial goop whence life first sprang

Milton

'"The 'simplest' ideas are typically the most desirably [sic] as they suggest pathways to life that are more plausible," said Brian Cafferty, a postdoctoral researcher at Harvard University in Cambridge, Massachusetts.'

Actually, you need to be careful about that assumption. First, "simple" in a chemistry sense does not necessarily mean "most probable". Sometimes the overall energy changes make a complex reaction more likely than simple one. Second, "simple" certainly does not necessarily mean "most enduring" in the sense that its results will last long enough for other downstream reactions to occur reliably.

I suspect you'd have no trouble concocting a plausible primordial gloop and watching dozens of high-probability "simple" reactions lead absolutely nowhere for years; whereas a complex one, possibly of vastly lesser likelihood in your test environment (but, in statistical terms, inevitable over the course of, say, a million years) could spawn all sorts of highly durable and multiplying goodies.

This is another way of saying that one thing we absolutely cannot replicate in a test tube is time. No one knows whether self-replicating molecules occurred within the first Suitable Gloop Year or the ten millionth one. Because we cannot replicate time, but we desperately want results, it's dangerously easy to slip into the trap of aiming for results that can only fit in our tiny timeframe: which leads promptly to seductively wrong assumptions about "simplicity", because we're likely to see only the high-probability "simple" reactions.

(Worse: if the experiment spectacularly succeeds, but the initial "seed" reaction is later analysed as freakishly unlikely, e.g. 1 in 10^20 probability—does that mean that (a) it's a lousy candidate for the origin of life, (b) the PhD candidate cheated, (c) it "proves" life could be kickstarted with a trllion times as much gloop and ten million years of stirring? In short, we'll only prove practical and likely origins for life if they are so amazingly probable that we can replicate them with tiny test samples and infinitesimal time frames. Anything else leaves the door swinging wide open, still ...)

Our oldest mammalian ancestor named after British pub landlord

Milton

In other news ...

In other news, a hitherto unsuspected evolutionary throwback was discovered on the Brexitic Cliffs of Dover. Scientists are baffled by the vaguely burger-patty-shaped, primitive single-celled organism which consists almost entirely of carbohydrates and fat held together by gristle, and which genetic analysis suggests is of British origin, finding the European ecosystem too hostile to bear as it thrives in an atmosphere of used cooking fat and stale urine.

The specimen, preserved in cheap alcohol, following recent conventions has been named Martinus Imbecilicus Wetherspooni.

Transparent algorithms? Here's why that's a bad idea, Google tells MPs

Milton

Trust!?

If the "key issue is trust" then I suggest the discussion is already over. Don't Be Evil deserve no more trust than any other sizeable organisation. It's surely no longer even debatable that large institutions such as governments and corporations develop the behaviours of psychopaths, where, unless subject to indepdendent oversight , they become ever greedier and less moral in their decision-making and policy. Hasn't the planet witnessed this about a billion times during the course of human history?

The reason we have the separation of powers in modern western democracies, and the reason America's founding fathers insisted upon ironclad freedom of speech and freedom of the press among other things, is the simple knowledge that without checks and balances, governments go bad. (It is, after all, exactly why Trump and his GOP lickspittles are assaulting the press, abusing the judiciary, trying to ignore scientific truth etc).

The reason civilised free-market societies have regulation, especially consumer protection, is the hard-won knowledge that otherwise, corporations can and will say and do anything to score an extra buck at the expense of the customer. Go look at some Victorian-era adverts for such things as "dimple scoops" if you need examples of how horrible things can be. The behaviour of the tobacco industry, food manufacturers with respect to sugar and car manufacturers most recently over diesel cheating, demonstrates quite clearly that corporations in the pursuit of profit will revert to shockingly barbaric, amoral behaviour if allowed to.

Only a blindfolded idiot would "trust" Google. Google exists to pick your pocket, not do you any favours. It didn't break into WiFi networks and harvest data during its StreetView patrols (and then lie, lie and lie some more about it) because it had your best interests at heart. It did it for money and power.

There are good reasons, based on history and human nature, ALWAYS to demand transparency and to hold institutions accountable to high and independently-verifiable standards. Frankly, only fools and scoundrels pretend otherwise.

Oh Snap! Rap for crap chat app brats in nine-month $3bn scrap flap

Milton

Re: Why can't you or me ....

"Maybe you're ants or something?"

In the words of Mycroft Holmes, "goldfish".

And the goldfish are like tiny sharks, driven by sentiment, primaeval cunning, limitless greed and lacking anything resembling rational reflectiveness.

Hence Snap, Uber and other soulless attempts to squeeze cash from people for services at best pointless (Snap) and at worst loathsome (Uber).

'Lambda and serverless is one of the worst forms of proprietary lock-in we've ever seen in the history of humanity'

Milton

Re: I'm wondering on how efficient this all is

Grotesquely inefficient, if your metric is Work Done vs CPU Cycles Utilised, but that's only part of the picture.

Yes, it is kind of horrifying when you look at the staggering amount of resources that folks spin up to achieve simple tasks these days—hey, let's import this 373Mb library code so I can use it for that (one) function for my 21Mb applet—but everyone in the industry knows perfectly well that we are producing unconscionably bloated software to run on ridiculously powerful systems with labyrinthine layers of management and stratospheric levels of abstraction ... BUT, it's *also* true that, often enough, this allows relatively clueless coders to make things work fairly reliably: look at the number of clumsy developers, who don't even understand optimisation (and often don't really understand what they're doing), churning out business applications that still manage to work ok and perform within acceptable time constraints. You're buying their ability to be "useful" by giving them levels, layers, error checks, CPU and RAM beyond the dreams of avarice, and hand-holding to a fare-thee-well.

From a corporate management point of view, if you don't want to pay for lots of really skilled developers, and if you couldn't care less what a weighty millstone of dependency you're hanging round your successors' necks long after you've taken your "cost-saving" bonus and fled, then this massive inefficiency and waste just does not matter. What matters is you can reduce the headcount while increasing the proportion of cheap monkeys therein, and still get barely acceptable results.

The sting in the tail, of course, is that your business ultimately becomes little more than a host, bled more and more by its IT providers as the dependency becomes entrenched and irreversible, and not even constant price hikes, major outages, data loss and theft and consequent damage to your business—much of it, at root, the result of excessive complexity bringing you ever more points of failure and vulnerability— is sufficient motivation to dig you out of the situation you're in. The cost of changing providers, who will have done everything to lock you in while constantly pretending exactly the opposite, is simply too high: you have neither the skills, the knowledge, the experience, nor even the ability to create the architecture to jump ship. We've seen this model so frequently with "simple" outsourcing—whereby a company's systems and data become hostages to your outsourcing company and you cannot sack them no matter how bad they are—that it should be surprising that executives are not *incredibly* careful and sceptical about "cloud" ...

... but, as anyone paying attention during the last 100 years has undoubtedly noticed, greed drives all virtues and common sense right out the window.

For fanbois only? Face ID is turning punters off picking up an iPhone X

Milton

Adults vs Fanbois ... again

It seems that those who are reasonably technically literate, especially with any exposure to security issues, understood very early on that face recognition was a clever gimmick answering to the by-now-classic definition of a "solution in search of a problem". Like so much internet-related BS, a daft idea—whether it's a connected kettle, fruit juicer, Bluetooth front door lock—produces something which is not only unnecessary, it's actually worse than what preceded it.

I won't rehearse at length the reasons why, because if you fall into the adults category, you know that a brain-stored 10+ alphanumeric character mixed case password, implemented in a device that (a) stores it securely, and (b) denies repeated fast brute forcing, is essentially uncrackable within the lifetime of the universe. Whereas leaving your fingerprints on every shiny surface you touch is unwise, keeping your password written on the ends of your fingers is daft, and crayoning it on your face is even stupider.

But neither science nor logic are of interest to Apple's marketurds, and, worse still, they also don't signify with the status-obsessed lemmings who are paying eyewatering sums for iPhone X ( people whose main concern, having acquired an X, is now to find anything made by Abercrombie that features a special "iPhone X pocket" to go beneath the huge, garish "Look everyone I pissed cash at A&F!!" logo).

In short, the iPhone is marketed as a status symbol, not on the basis of function or value—and for that reason, it will sell well to those who desperately want status, and fondly imagine this is the way to "get" it. Evidence-based, logical assessment doesn't stand a chance against gormless sentiment.

Equifax execs sold shares before mega-hack reveal. All above board – Equifax probe

Milton

"Different story now"—no, not really

"So now that these dishonest and libellous accusations have been shown to be false, those who made them will be equally as voluble in retracting them and making amends...? No, I didn't think that would happen either."

But the accusations were clearly neither dishonest nor libellous, given that there was reasonable suspicion about the nature and timing of the events, and given that the company felt obliged to conduct a formal investigation.

Also, you'll note that "cannot be proven" is not the same as "shown to be false": this investigation was not a formal criminal trial, merely an internal enquiry conducted to very different standards.

So, not dishonest; not libellous; not false. Therefore, no retraction, no "making amends".

Anyone with a grain of common sense will consider the circumstances, which even the most charitable apologist would agree stank like a week-dead haddock, and form their own conclusions. One may hope that when these executives soon choose to resign, reasonable observations upon their honour and integrity will be high on the list of considerations for future prospective employers.

First iPhone X fondlers struggle to admit that Face ID sort of sucks

Milton

Tech's worst instincts

Tech's worst instincts are on full display here.

1. "Solve" a problem that doesn't exist. People were not crying out for a new way to authenticate their devices. They already had touch, and PIN.

2. The "solution" is technically advanced—but actually worse than what it's supposedly replacing. Face isn't reliable, but in any case has the glaring weakness that it's now even easier for the Stasi to get into your device. They just show You to It.

3. Even the previous "solution" was no good, in this case. You leave fingerprints everywhere. You probably wouldn't do that with your PIN. Lifting and copying prints isn't even hard, and fooling touch ID has been shown repeatedly to work.

4. The original solution was actually the only effective one, when implemented correctly. A random PIN of at least ten or a dozen characters, hashed and secured within the device, which in turn would not allow fast repeated attempts, could withstand any attempt save mining the PIN from your brain.

Watching Apple use wonderfully advanced tech and the full force of marketing to lead the ignorant into buying something more expensive and worse than what they had before might stand as a perfect analogy for what's wrong with tech. Whether it's the constant barrage of ill-informed rubbish about non-existent "AI"; the endless security, privacy, performance and reliability nightmare of "cloud"; the avalanche of problems brought by the Internet of (Unnecessary) Shit; or cutting-edge software solving confected problems by making them worse—until people demonstrate more intelligent scepticism about the relentless activity of marketurds versus their real daily needs, we're gonna see a lot more of this crap.

Google: We don't have a quantum computer yet, but we have a compiler

Milton

If it can work ... When?

Notwithstanding some crayoned drivel by 'Rebel Science' (FYI "I personally cannot understand something" is NOT the same as "Science has got it wrong") I'm still wondering when quantum computing will exit the fusion energy scenario - always 10 years away - and actually achieve something of value better and faster than traditional silicon.

Working on a molecular modelling system some years ago we discovered that a bunch of GPUs[1] orchestrated in parallel by a smaller number of fast CPU cores became surprisingly effective if you broke down the tasks the right way - the sweet spot for us was to realise that "good enough" simulations could be run effectively orders of magnitude faster than "perfectly correct" ones.

Perhaps the tolerance of approximation makes this a particularly good candidate for quantum computing ... But it'll be interesting to see when qubits can produce results as good as what we were getting from a relatively cheap (<six digits £) pile of silicon, and at what price.

[1] Uncontroversial now, of course, but startling to us back then. I personally learned a lot about the significance of correctly defining the "atomic task" for GPU code, that is, the smallest individual task you'd set, after which further tasks became interlocking, summarised, aggregated etc.

Wanna exorcise Intel's secretive hidden CPU from your hardware? Meet Purism's laptops

Milton

We need companies like Purism

While I won't address all the tech details here, I will submit that the modern age absolutely needs organisations like Purism, as much as we need a free press, separation of powers in government, independent judiciary, free speech - the human right to dignity, privacy and the basic right *not* to treated like an exploitable commodity.

Whether Purism specifically ticks all the boxes is less important than that we support the principles of security, freedom from snooping, government overreach and corporate spying.

So I wish them well. "Apple, but ethical" - excellent. Next up, "Google but not evil" and maybe one day "Social media, by grown-ups".

Didn't install a safety-critical driverless car patch? Bye, insurance!

Milton

Good riddance to an entire industry

Seems to me that the death knell of the auto insurance industry has started to toll. It'll take time, to be sure, but when you factor in—

* Robo-cars will have orders of magnitude fewer accidents than those driven by people, 50% of whom become idiots as soon as they're behind the wheel. The remaining accidents will rarely lead to expensive claims because of lower speeds.

* Insurers will cease to insure individuals because the latter have turned into passengers and there is very little for actuaries to do: some people being born now won't ever have a "driving record".

* Soon enough the risk and consequential damage disparity between human- and robo-driven cars will force most drivers off the road either by law or through prohibitive premiums. There will also be a cultural sea-change, to the point where the majority of people will prefer *not* to ride in a human-controlled vehicle.

* The premium-hiking manipulations of insurers will cease, for the above reasons and because your premium won't be doubled because you got nicked once two years ago for speeding, or failed a drug test, or ran a red light (whose enforcement cameras, in some jurisdictions, are actually paid for by insurance companies to increase offence rates so that premiums can be raised). Or because you've had your 55th birthday and had a no-fault accident, leading to a tripled premium next year.

* The highly lucrative area of disputed claims will largely vanish, as black boxes and cameras will tell all. Insurers *and* their ambulance-chasing parasites known as lawyers will stop cashing in.

—it's hard to see much point in having hundreds of insurance companies all pitching their "unique" and "special" products (which are designed with bells, whistles and mostly valueless "extras" to make it impossible to compare like for like on price), none of whom will make significant profits any more.

By which point the government might as well create a national transport insurance agency, integrate it completely with vehicle licensing and taxation, and put any surpluses back into the Treasury.

As arguably the only industry even more corrupt and dishonest than banking, it will be a case of good riddance to auto insurance.

ARM chip OG Steve Furber: Turing missed the mark on human intelligence

Milton

Suspect assumptions

All in favour of the science and I'm sure there will be much to learn from these massively parallel endeavours.

That said, there are at least two glaringly suspect assumptions here:

1. That because the human brain works with a lot happening in parallel, a computer must do so to the same level. This ignores the fact that silicon and the qubits that will eventually arrive on the scene have matchless power and many strengths that the squishy grey jelly simply does not. One reason the brain works with such parallelism is because it cannot clock at, say, 5 GHz. Jelly cannot do it. Silicon can. Insofar as the brain's parallelism is a compensation for its many other weaknesses, it is unwise to become too obsessed with parallelism for its own sake. This runs the risk of learning the wrong lessons from the human brain and can easily become a blind alley.

2. That the animal brain is something we should faithfully emulate ... but why? Animal brains are evolved, not designed, and include a great many of the errors, inefficiencies, redundancies and circuitously superfluous kludges that evolution produces because it does not and cannot think ahead. You wouldn't design a robo-giraffe with a wasted length of neural wiring its neck, as evolution caused to happen: you'd think ahead, *design*, and do it better. The human brain is shockingly easy to deceive and manipulate, constantly forgets and makes mistakes, is quite capable of holding beliefs contradicted by objective fact and rationality: what's the point of including all the weaknesses and bad stuff? Why try to replicate the human multiple-reinforced-connections way of storing memories (which gradually summarises, simplifies, erodes and sometimes completely fictionalises them) when technology can put ever-tinier terabytes of RAM and petabytes of storage in your hands, to be managed by software that will store far more data more accurately than a person ever could?

If you do succeed in creating something with the processing power and *processing style* of a human brain, it will have to have emotions: fear, hunger and lust being near the top of the list, since they keep an organism alive and provide it with motivation. Without feeling, you have a computer, not a mind. Even assuming you can implement this in a non-organic substrate, and even assuming that this is not merely a software emulation of those feelings (therefore, still a computer), what do you do next? Answer: you're either a son of a bitch who's imprisoning an innocent child, or you spend the next 20 years getting stuck in an ethical thicket, because you've created a consciousness, something which probably ought to have freedom and citizenship and agency ... and the latter will be definition include the capacity to decide to do harm or good.

In sum, attempting to build a truly human brain is probably impossible and almost certainly horribly unwise. Yes, by all means let's continue creating awesomely powerful computing devices, they may be our salvation. But where brain and mind is concerned, the ambition is in more than one way quite doomed.

(And yes, I am purposely conflating brain and mind in this comment, which in this context is not necessarily a reductive fallacy.)

Raspberry Pi burning up? Microsoft's recipe can save it and AI

Milton

What story?

RPi can get hot when maxed. A fan + heatsink combo sorts it. Latter can be bought, integrated into a case that positions it just right, for a few quid on Amazon. Well, duh.

Is this a "news story" because Microsoft just discovered what the rest of have known for years?

I'm beginning to wonder if an entire category of "news" was invented about 10 years ago, in which something utterly pedestrian and already in wide use is hyped and ballyhooed as soon as MS or Apple "invent" it again.

If the internet's infinite supply of column inches simply *has* to be filled, may I suggest you deploy clickbait headlines (which El Reg can practise its signature sophomoric puns upon) followed by a stream of random gibberish and a bad photo of a cat?

After all, the headline "You'll Never Believe 5 Ways Microsoft Are Idiots" doesn't actually need any follow-on content, does it?

Kaminario wheels out model that makes K2 flash look well flash

Milton

Salesreptiles and Marketurds

Just so we're clear ... are there *any* readers of El Reg who believe a single, solitary syllable uttered by anyone in sales and/or marketing?

In fact, is there any sentient human being working in any capacity for any organisation on Earth who even bothers to listen to the torrent of misleading drivel (at best) and outright lies (frequently) excreted by sales and marketing people?

What are they even *for*, except to waste perfectly good and increasingly scarce oxygen?

Man prosecuted for posting a picture of his hobby on Facebook

Milton

It's the Age of Stupid

In the Age of Stupid, you get people who should know better doing and saying the most bonkers and cretinous things. And they're not all US presidents, either.

Common sense is often over-rated, but when it is completely missing—wow, you do notice.

The Google Home Mini: Great, right up until you want to smash it in fury

Milton

Don't Be Evi— Stasi

Even the East German Stasi secret police might have blushed before installing an always-on mic in every citizen's house.

Now the lemmings are paying for the privilege.

Grant Shapps of coup shame fame stands by 'broadbad' research

Milton

Oxygen Thief

Even the mildly enthusiastic tone of the interview can't conceal the fact that Shapps is basically a self-promoting, bumptious yet rather mundane spiv.

He actually contributes nothing of value in exchange for his continued theft of oxygen.

WPA2 KRACK attack smacks Wi-Fi security: Fundamental crypto crapto

Milton

Mitigation

El Reg has managed to split the comments on this by having two articles on the same topic (viz. https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/) so pardon me if I briefly repeat my query to the assembled commentariat.

Assuming that updates are not going to fix this problem—which seems a fair assumption, given the nature of the flaw, the overall uselessness of manufacturers, the cluelessness of Joe Average Householder and the heroic incompetence of corporate IT security teams—what do we see as reasonably practical mitigation? The much-ballyhooed fact that the attacker has to be within wireless range (well, duh) does not make much of a defence: others have already mentioned the prospect of wardriving/drive-by hacking. And in many neighbourhoods you can see at least half a dozen WiFi networks from your own living room.

It seems the exploit can be parlayed into access to one's LAN, which surely ought to fill a few hearts with dread, if correct. I was considering restricting ALL WiFi access to "Guest" status, i.e. allowing internet use only, which isn't perfect if my neighbours want to leech on my connection, but at least offers some protection for files. Thoughts, anyone?

WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug

Milton

Clarity, please?

Wouldn't be the first time I have exhibited some density, but what I've read so far (El Reg and some slightly more hysterical MSM stuff), I remain unclear about the likelihood of successful penetration of a WiFi-enabled network. Perhaps we need to wait for the presentation to have full visibility.

There's a difference between—

* Any dolt with a run of the mill laptop and a downloaded exploit can hack into my home LAN in five minutes, potentially to gain access to NAS and/or surf nasty websites on my account

—or—

* A knowledgeable and disciplined tech expert using a £3k laptop can, if he's lucky, break in and do the same after 24 solid hours of persistent attack

... because the former implies that profitable wardriving and drive-by hacking might become a common and truly troublesome thing, whereas the latter suggests I need worry only about those who already *know* I have secret plans and clever tricks on my system¹.

Most of my LAN is wired for performance and security reasons, but like most people I have family and guests with mobile devices who need WiFi access.

It sounds like a sensible preliminary precaution would be to ensure ALL WiFi devices can connect only to the Guest network (which I normally use, of course, for visitors), so as to at least keep adversaries off the LAN. I'd be interested in any commenters' thoughts on this or other temp fixes/approaches?

¹ Yeah, as if.

Elon Musk says Harry Potter and Bob the Builder will get SpaceX flying to Mars

Milton

But it's a lousy analogy, Elon

"A rough analogy is that we are trying to build the equivalent of the transcontinental railway."

Unless the transcontinental railway was required to transport, on its very first trip, all the infrastructure, tooling, factories and starter material to build *another* railway for the return trip, then no, there is very little similarity. In fact it's an analogy so useless as to be dangerous—which is the mistake people have been making about interplanetary travel since Tsiolkovsky's first wet dream.

The problems of huge distances, utterly hostile and completely unforgiving environment, enormous chemical rocket energies requiring bleeding-edge engineering with limited contingencies, simply monstrous energies required to transport pitifully tiny payloads ... even managing a local bus-stop 240,000 miles to the lo-gee Moon for a few days required the resources of the world's wealthiest nation state. Mars is exponentially harder and much, much more dangerous because of its distance *and* the fact that this varies so much. Rescue is not an option.

I'd love to see proper off-world operations, interplanetary exploration, asteroid mining (Lagrange habitats even), and and all the rest that's needed to get our eggs out of this one fragile basket that we are destroying so fast—but the use of rockets for the heavy lifting seems like such a dead end. Even partly reusable ones.

With a five-year international effort costing (adjusted dollars) less than Apollo, we could launch 20,000 tonne Orion-style nuclear ships and put enough mass and people onto Mars and the Moon to have instant colonies big enough to have a chance of long-term survival and actually be useful. Warheads can be made clean enough that there wouldn't even be any particular fallout risk on Earth. Perhaps instead of faffing about with glorified fireworks, we should be serious, use the technology that's just been lying around, and just Get Out There at last?

FCC Commissioner blasts new TV standard as a 'household tax'

Milton

Re: 3D

Are there are any manufacturers still producing 3D TVs for *any* market? I thought it had reached its useless-gimmick date and had been abandoned by all.

I picked the wrong week to quit sniffing Gluon: Amazon, Microsoft hope easy AI dev tool sticks

Milton

Re: Rushing for developers

AI does not even exist as a thing, beyond the excited babbling of our marketurds, but we're gonna pretend there's some in this box. Especially if we can con gullible journos into conflating neural nets and/or machine learning into "AI".

Twitter: Why we silenced Rose McGowan after she slammed alleged sex pest Harvey Weinstein

Milton

Twitter Toilet

Graham Linehan is right, Twitter is a toilet - puts me in mind of the ones on Temple Street in Kowloon on a busy evening - and the only surprise is that non-toilet-dwellers spend so much time and energy apologising for it and making excuses.

Do you really think there's any value, beyond witlessess egotism, to sharing your 140-characters of superficial dross?

Get a life.

Dell makes $1bn bet that IoT at the edge can kill cloud computing takeover

Milton

A deeper truth, perhaps?

Is there perhaps a deeper underlying truth here: to wit, that a great deal of functionality that's been stuffed into the "cloud" does not, in fact, need to be there and could run just as well, and with less latency, on the ridiculously powerful systems we have in our pockets and on our desktops? And of course, in our cars?

How many cores running at how many GHz accessing how many billions of bytes of memory should we need to perform these tasks? We've gotten slow, lazy and sloppy, writing colossal bloatware because Moore's Law lets us.

You *can* strap a JATO bottle to a cow and accelerate past a racehorse ... but you're still riding a cow.

Q. Why's Oracle so two-faced over open source? A. Moolah, wonga, dosh

Milton

Short version:

Short version: Soulless greed-driven scum will say literally ANYTHING.

Then, having jettisoned anything resembling ethics and conscience, all they need is people either (a) stupid enough to believe their self-serving propaganda, or (b) who can be purchased by the bushel—which is where CIOs and politicians, respectively, come in. It's a perfect ecosystem of short-termist greed and epic folly.

Since about 1992 Oracle really ought to have been subtitled, like a movie: "Buyer's Remorse".

'We think autonomous coding is a very real thing' – GitHub CEO imagines a future without programmers

Milton

Hype overdrive?

Notwithstanding that AI doesn't exist and machine learning works only in extremely specific cases, I submit that the gulf between "There are oodles of libraries (of widely varying, often questionable quality)" and "Robots will write all the code" is absurdly vast.

And of course, GitHub might have some incentive to hype such an overblown prediction. I think a positively enormous pinch of salt goes with this.

Microsoft is Putin a stop to Russian-sanctions-busting IT resellers

Milton

But if you wanted to weaken Russian computer security

If you actually want to weaken Russian infosec - which is a principal mission of NSA, for one - surely you'd be more than happy to have them using Microsoft stuff? Why give them incentives to switch to more secure (i.e. any other) OSs and software?

Rattled toymaker VTech's data breach case exiting legal pram

Milton

Just because you can—

Just because you *can* connect your kids' toys to the Internet of Shyte doesn't mean there's the slightest point in doing so.

And I am constrained to point out that education in the UK today is significantly worse than it was in the 60s and 70s, before the internet came along. I was born in the 50s, and had children late, now in Uni and secondary school, so I've had abundant opportunities for comparison. Meddling by successive and increasingly stupid government ministers has done huge damage.

My kids and I are significant internet users and I am a techie ... and yet I have perceived no real educational advantage to them from the internet's existence, despite connected homework and all the other gimmicks that appear to be a substitute for communicating understanding. Pretty pathetic really.

Hitting 3 nanometers to cost chipmaker TSMC at least US$20 billion

Milton

Re: Desirable

You make some fair points about the geopolitics of this, and Trump is indeed a dangerous moron (I'd be moderately surprised if there is a single regular reader of El Reg more ignorant or foolish than the Mad Orange Infant), but "you won't let us arm ourselves" is an odd observation: last time I counted, the US had sold many tens of billions in military kit to Taiwan, including pretty much the full spectrum across air, sea and land.

For this reason, and geography, Taiwan would be an immensely costly invasion for the mainland and, indeed, might be a no-win: even a combined arms parachute- and amphibious-assault across the straits would be a slaughterhouse: for one thing, it's relatively easy for the defenders to concentrate massive artillery on a landing zone with short distances and supply lines, while the aggressor has air- and sea-borne lines to keep up. A Chinese invasion, even with the inevitable aid of fifth columnists and infiltrators, is not a guaranteed success, even *if* the US Pacific Fleet doesn't stick its oar in.

I've thought for a while that if things get too nasty, it's a lot more likely that the mainland would try an air and naval blockade of the island instead. Taiwan's biggest port is on the western, mainland side of the island; the ranges work even for air interdiction; China can claim to be "peacekeeping" until it opens fire; and it has some political cover given that even the US has always (gutlessly, IMHO) sustained the one-China policy. If such a thing occurred, you'd have to rely on Trump to conduct a clever, mature, nuanced approach to the crisis to avoid triggering a major war ... in other words, there would be a major war, hindered by President Tiny Hands sticking his even smaller fingers into strategic matters he understands about as well as garden snail.

So, yeah, let's hope that Taiwanese fabs can maintain a magic "hands-off" aura ...

Calm down, Elon. Deep learning won't make AI generally intelligent

Milton

Guilt relieved

I've occasionally felt vaguely guilty about my monthly tirades on these pages about "AI" being nothing whatsoever of the kind—always in response, it must be said, to a journo gormlessly repeating some crap PR BS from marketurds at FB or Google or Tesla or {enter wannabe here} and saying "AI" as if it meant what it said or indeed offered anything new but a rebranded chunk of bloatware.

So today the remorse is eased a little: it is good to see some informed and healthy scepticism about "AI". There are so many reasons why the stuff touted as "AI" today is NOT intelligent by any human definition that it has become wearying to see the public and journos uncritically lapping it up.

But before you all start to relax, there's that other bit of pesky marketurd-excreted drivel known as "cloud": mad, bad and thoroughly dangerous to know, the gateway drug to surrendering your privacy, control, security and core competences ... a cheap (it isn't) and simple (it's not) fix which may yet eat you alive. ;-)

PS: Remember the lessons of outsourcing: if your senior executives and board are drooling at the prospect of doing something, it is axiomatically a bad, lazy, foolish, ill-considered, improperly analysed, naive, dumb, shortsighted choice, probably influenced and induced by an infestation of slippery salesreptiles, that will at best pay *them* a "cost reduction" bonus before gutting your company's skills and finances. (No, you really didn't need me to remind you of this.)

The axeman strikes again: Microsoft has real commitment issues

Milton

Quelle surprise?

There is something almost sweetly quaint and naive about people *now* saying they don't trust Microsoft, considering that sentient individuals must surely have realised about the time of ME that this was a chancer company, which has always "innovated" on the back of others' ideas, often with software it bought out or copied, pushing inferior, shoddy product out of the door in a desperate (and, it must be said) largely successful attempt to keep hostage those users who simply couldn't be asked or didn't even know there were better, cheaper, more reliable ways to compute.

It's beyond belief that anyone believed MS-BS about phones and the laughable UWP during the first bout of propaganda, but for there to be anybody left with faith in MS, let alone the extraordinary fact that so many individuals and businesses which should know better actually trust that company with their most important and frequently confidential data... bizarre. Staggering, and truly, truly bizarre.

I assume it all really comes down to "Microsoft is all we know about" plus "We're too lazy to change our ways".

Oath-my-God: THREE! BILLION! Yahoo! accounts! hacked! in! 2013! – not! 'just!' 1bn!

Milton

Meyer; Yahoo; riddance

Meyer; Yahoo; riddance. In a good world, we'll never hear either of those names, and their wretched association with greed, deceit and towering incompetence, ever again.

Home Sec Amber Rudd: Yeah, I don't understand encryption. So what?

Milton

Sneering is well justified

If you don't know WTF you're talking about, Ms Rudd—and that's a problem that extends well beyond your ignorance of tech to many other topics, and well beyond yourself to many other mouths-on-sticks in Westminster—then Shut The F**k Up.

Techies and experts of many other stripes—the same people that another odious little Toryturd, Michael Gove, boasted to have"had enough of"—are entirely and absolutely *sick* of listening to bloviating ignorami in politics mouthing their shyte on topics they know nothing about, scoring their cheap, childish points.

We think you are actually rather stupid, poorly educated, jumped-up little twerps whose ambition vastly exceeds your ability ...and, Ms Rudd, you do nothing to demonstrate otherwise.

Forget the 'simulated universe', say boffins, no simulator could hit the required scale

Milton

Unconvinced

I do not say we are living in a simulation, but I'm not 100% convinced by the narrowness of the explanation given. As others here have said, if a simulation includes (a) programmatically influencing the "thought" processes of those being simulated, (b) is capable of summarising what is *purportedly* ineffably complex, and (c) uses a degree of randomisation which we are *encouraged* to view as quantum weirdness, then I don't see that our apparent perceptions of the universe can be trusted as proof that it ain't a simulation.

Indeed, you might even argue that presenting the appearance of quantum ineffability (weirdness, if you like: or anything that hinges from Einstein's observations about "spookiness") is a very neat way of making it impossible for the Simulated to prove that that is what they are. If the rules presented as fundamental by the simulation had stopped at Newtonian, classical mechanics, then sometime between 1700 and 1905 we'd have penetrated the fiction and the game would be up.

In short, you can't disprove a simulation theory by assuming that the perceptions those doing the disproving are NOT being interfered with. Indeed, it would seem a logical contingency to apply.

Ancient fat black holes created by belching Big Bang's dark matter

Milton

Scepticism IS science

Answering some of the more dismissive remarks here, I'd suggest it's fine to be sceptical given that when you come down to it, that is the very essence of science: for every hypothesis there must ultimately be some solid evidence, testability and predictive power before it becomes a theory we can put some trust in. Cosmologists do seem to be willing to challenge each others' hypotheses: it's just that dark matter (and dark energy) are currently the least implausible models for explaining the universe's "missing" mass—and whatever is causing it still to expand. And we do have conceivable candidate particles for dark matter, such as neutrinos, though there may be others the Standard Model hasn't yet identified.

But yes, there are alternatives, even those considered a little outre like MOND. Seems to me it is quite right for scientists to offer their hypotheses and bash away at them to see what fits the observed facts and what doesn't. I confess I'm a teensy bit worried about "dark" - this and -that because of the lack of evidence and the obvious worry that it's a bit easy to say "And then we invent something to fill the gaps" ... but the fact that we can't prove it yet doesn't mean it ain't true.

And for anyone who's paying attention, we probably have a long road ahead, given that the universe of cosmology and physics generally is still beset by unsolved questions, curiosities and outright weirdness, whether it's entanglement, the Koide equation, proton decay (where is it?) or vacuum energy and the Cosmological Constant. Argument fuelled by healthy scepticism is necessary, as is the willingness to correct blunders.

Bear in mind, for just one example, that for some years in the late 30s it was believed that what we now call a muon (which is an elementary lepton, kinda chubby electron) was a meson (a two-quark hadron). This was a mistake and took time for science, by theory and experiment, to fix it. But it was fixed. Science is a healthy process, so let's keep the ideas and challenges flowing.

EasyJet: We'll have electric airliners within the next decade

Milton

Electric airliner? Not yet.

I don't think even the most optimistic predictions for battery development will get us to power densities even one order of magnitude that of JetA1, and there's the question of just how safe such batteries would be: arguably a complex next of microscopically layered fragile cells has more chance of going wrong than a tank of kerosene. Materials tech, especially for fan and HP turbine blades has come a long way to produce amazingly efficient and powerful high bypass turbofan engines: it's hard to envision a ducted fan using electricity alone producing 50,000-100,000lb static thrust.

So I'm very sceptical you'll see airliner-sized planes powered entirely by electricity in the next 30 years.

That said, I'm surprised more work hasn't gone into greater electrification of planes, particularly with respect to landing gear. Putting regenerative electric motors into the wheel hubs seems a reasonable first step. You save oodles of tyre wear by spinning up the wheels just before touchdown. You claw power back to the batteries during the rollout, braking regeneratively. You shut down the thirsty engines and taxi using electric power. Before take off, no tractor needed for pushback. Electric taxiing till you're within say 5 minutes of takeoff. Possibly even electric assist during the takeoff run. You have to carry electric motors and bigger batteries, but fuel and tyre wear savings will offset some of that, and since you've *got* bigger batteries, use them for more on-board and control functions instead of bleed air and hydraulics. The possibilities are interesting and this would seem a sensible incremental step towards greater use of electricity aboard planes.

MoD brainbox repo opens up IP treasure chest for world+dog

Milton

Patentable?

The only item mentioned that seems plausibly patentable is the antenna. But there seems, in the UK and US at least, to be a vast gulf in the way the patents process is supposed to work (diligent and properly sceptical research by subject matter experts well-paid to do an important job) and the apparent reality (toss coin—unless applicant is major, wealthy corporation in which toss coin till it comes up heads).

Out, damned Spot! Amazon emits Echo ball with screen, inevitable ever-listening mic

Milton

And how soon before they won't even pretend to need a warrant?

So governments, using the pretext of terrorism, have arrogated to themselves the ability to read your mail and spy on your browsing history, inspect your phones, tablets and laptops, demand encryption keys and so on and on and on. Legislation that was supposedly for specific limited purposes has had a bus driven through it to the point where even local councils use purported anti-terror powers to spy on ratepayers. The concepts of due process, judicial oversight of warrants, probable cause and the rest have been constantly diluted.

None of it, of course, was the slightest use in preventing yet another disaffected lame-arse from failing to construct a workable bomb, or stopping a bunch of idiots without passports, plane tickets or knowledge of chemistry failing to build a "two phase liquid bomb"—shock! horror!—most terrorists, thank heavens, are useless, incompetent losers and the few that are not will be using solid encryption long after some ministerial imbecile has buggered up the internet by insisting on "back-doors" for everyone else. Then again, once in a while half a dozen law enforcement types can infiltrate a community and goad some semi-literate, gullible jackass to say he might consider blowing up an airport, one day ... if only he knew how to build a bomb and had the bus fare—and just like that, a massive terrorist plot has been foiled.

Even when the PIRA was actually dangerous, and causing more havoc on a weekly basis than we see now from one year to the next, politicians had the decency and good sense not to give the terrorist what they wanted, understanding that a healthy society is NOT a police state.

Thirty years ago there would have been proper outrage if the government said it would read all your post, check all your library books—and install microphones and cameras in your house.

Now you are buying them yourself.

Mom, mom! Make China stopppp! US govt gripes about Beijing's internet censorship to WTO

Milton

" ... forced to install spyware ..."

"... forced some citizens to install spyware on their mobile phones."

While in the west, the cud-chewing masses buy spy devices directly from the internet giants so that they can place them on the kitchen table to facilitate the online ordering of bits of overpriced shiny plastic garbage they don't need, and to save themselves the incredibly onerous labour of using a touchscreen to select the music they want to listen to.

Milton

Re: Why thw silly headline?

Because El Reg, for all its many excellent features, apparently thinks that inane juvenile punning and infantile repetition is an asset, rather than an eyesore which the adult readership steadfastly tries to overlook in our search for worthwhile news.

The stupid, unfunny headlines probably seemed brash and fresh 20 years ago? Now ... just tired and so transparently lame.

Firemen fund sues Uber for dousing shares with gas, tossing in a match

Milton

Re: And who is the brilliant investment manager ...

"This is a pension fund, right? They're supposed to be cautious and mindful with other people's retirement money. Where exactly does Uber figure in this picture?"

It doesn't figure nearly as much as you'd think. The problem with pension funds is that the people making the investment decisions get paid, and get paid plenty, out of your carefully-saved money, whether or not the return is positive. They may get *more* if the investment does well, but if it does not—if an Uber happens, or there's a banking crash, recession or whatever—then *you* are the one who really takes the hit.

If you wanted a really prudently-managed pension fund, you'd ensure that the people making the decisions had their own money at stake, so that if they bad a really bad or greedy call, they'd be first to suffer.

Boeing slams $2m on the desk, bellows: Now where's my jetpack?

Milton

Oh come off it

Twin-engined commercial airliners have oversized, over-powerful engines. Why? because they have to be able to climb out safely even if one engine flames out permanently and completely at the worst possible moment, just after V1 (speed of no return: you gotta take off). If certified for ETOPS240, one engine has to be able to keep the plane aloft for four hours above the ocean, to get you to land, if the other fails.

It is unthinkable that a personal flightpack would be much less safe than a commercial airliner, for the same reason you'll never see large numbers of heavy (>10kg) drones over built-up areas or other concentrations of people (whatever shyte Amazon comes out with). That's because with large numbers the probability approaches certainty that people on the ground will be regularly maimed and killed by falling hardback "50 Shades of Crap" compilations.

The economics of delivering shiny tat mean that you simply cannot fly a fleet of thousands of drones to the same safety levels as commercial passenger travel.

And you cannot make affordable flightpacks for public use to the same standard as commercial airliners, not only in this case because of economic exigencies but also because you'd need two engines, *each* separately capable of flight. The weight penalty makes the concept hopeless. You can't expect them all to have parachutes, since however easy that activity looks, it is not—and even the best parachutists would think twice before jumping over a busy city. (Even jumping a well-trained parachute company onto uneven terrain is expected to cause significant casualties.)

None of which even touches on the question of user training; carrying enough luggage (backpack, laptop, books, shopping?) to make the trip worthwhile; collision avoidance (with each other/drones/buildings/birds/Flight BA009 on finals); traffic control; certification; refuelling points; safety checks ... all in all, while the idea might be trailblazing some low-cost engine technology, as a concept for mass travel it is beyond stupid.

Page: