Posts by Jerry

Yeah Right!

If Thales was interested in only having current information on its products onthe web it would voluntarily publish all manuals and specifications and maintain them as product development continued.

Instead we have zero publication and incompetent attempts at censoring old copies.

Netbooks are the perfect travel device

My household has three units, two Toshiba NB-550D and an Acer netbook (only because we couldn't get the Toshiba).

For travel they absolutely ideal. With the Toshibas at least you can plug the unit into your hotel HDMI screen and watch movies in full HD 1080p. Add a small wireless mouse and they are perfect for just about any task (the keyboard is fine even for my big fingers).

We all have larger older laptops but wouldn't dream of taking them on any trips. Tablets are not an option because the screen is all you get. No expansion to a monitor.

I think the main appeal of the tablet is the touch interface. Wouldn't it have been so much easier to release a version of a nettop with integral touch-screen?

Are you anti-European and anti SI?

11,190 km/s is European format for what the British or Americans would write as 11,190 m/s or 11.190 km/s

It's all in the comma / dot difference between European and British / American number usage.

Also 11,190 km/s is good SI usage, 11,190 m/s is not.

The k M G etc prefixes are used to make the numerical value fall in the range 0 to 999

I Use iView from Linux/Firefox no problems. What's the fuss

I've just segued to this article after watching a wide variety of iView content on my Centos 6 / Firefox platform.

What is the actual problem this article has 'revealed'

To be technical

The SIM is not the card you put in your phone. It is a computer program run by a very simple microprocessor running on the Integrated circuit device hosted by the plastic card or part card. the SIM program is ultimately owned by a Telco.

There has been a famous battlte between SIM card manufacturers and phone manufacturers over ownership. SIM card manufacturers wanted all applications to run off beefed up 'SIM cards' so the Telcos would maintain ownership of the composite entity'. Phone manufacturers won this battle

As it stands

I work professionally in the computer/communications related issues in the criminal justice system in Australia.

In my experience most local telecoms and internet data is retrieved via warrant issued at some reasonable time before or after an alleged offence.

The system has interception warrants (prior) and stored communication warrants (post).

What these warrants can't do is capture communications in real time from international providers. e.g. hotmail, nor any significant period after an event.

Data retention may well work for local transmission systems. For anything serious and seriously avoided there is no legislation that will help.

Australian legislation ignores totally the use of offshore mail providers. In addition, Blackberry phones are encrypted entirely in the path from local phone to local phone for data messages - as are skype calls.

As an expert in the area, items such as SMTP records and call detail records are very useful. These do not seem to be on the Australian Government Agenda.

Two classes of password

I have two totally distinct classes of password.

A single one that is used on almost every low security account - like The Register - and a series of highly secure and unique passwords used for any accounts that involve money.

The secure ones are recorded on my imap email account using high grade encryption. I access them using client-side sercurity certificates. My major risk point is that the client certificates are stolen. This is extremely unlikely to be tried by normal compromises and is certainly unlikely to succede.

I share the risk of keyboard sniffers - pretty much the same as any other access systems. I also use Centos/selinux as my workstation environment so that is unlikely.

Any compromise of my email account requires an intelligent agent to break my imap account (relatively easy) then to break my client security (hard) and then to intelligently locate my client-side certificates and use them correctly - probably impossible unless the attack is specifically targeted at me and my environment.

Interception

My business is working for bad guys subject to interception by Governement / Police.

It matters zero that the transmission system is secure. The comms devices usually keep a record of text communications. Capture of one device usually results in a complete evidence trail of sent and received messages. This includes encrypted messages.

What is actually needed is a read-once message system that uses a rolling encryption key that is not reversable. This means any intercepted message cannot lead to the decryption of any other message.

Such systems exist but are not yet widespread.

GPS

Simply drop a GPS receiver and transmitter on the summit and leave it to run for a few days. This will be very accurate.

They should also push a rod down through the snow to measure the snow height.

Wots a CIO?

I've been in a whole swag of industries where I use IT as a means to complete my particular task. I've never actually met a CIO though I've heard rumours they exist.

I've worked at the top level of Government including developing Whole Of Government ICT policy and strategy.

My best guess is that a CIO is perhaps responsible for ICT strategy in support for the corporate business plan. I understand that more often than not the CIO is subordinate to the CFO.

In an uber-well run organisation the CIO would be a vital part of the development and maintenance of the business plan. This includes anticipating organisational demands as well as anticipating technology changes and doing the SWOT analysis on existing and new Technologies.

I seriously doubt the CFO can do this. They are just accountants after all and have some minor skills at spreadsheets (I emphasise minor).

ICT is a reasonably fast changing environment and if an organisation doesn't keep up they risk being outpaced by competitors or, more usually, being fleeced by incumbent suppliers.

I can readily envision the big account managers of some suppliers working to knock out any effective CIOs and get the risk averse CFO to be the only decision maker in the organisation.

GPS 'n stuff

I've started working on very precise GPS systems as part of a safety system. It's been an awakening. GPS is not that good.

I use GPS & GLONAS combined and I see constantly how the receivers pitch the location all over the place. "20cm" units can have 5 metre excursions no problem as the constellation changes and the system has to start recalculating based on a new constellation.

Hijacking the drone doesn't need 75ns accuracy. It simply needs a local transmitter that transmits high power signals with a known phase relationship - which is varied to suit the purpose.

The receiver will keep on adjusting to the new constellations and in the meantime use inertial navigation to tide over the outages.

All that's needed is the occasional burst of multispectral/phase signal to allow the drone to resync and point its inertial system in the required direction. That's why the landing was flubbed. Precise control is not possible - though why it didn't use a microwave ground sensor I have no idea.

Workaround?

It simply needs the Studios to give limited copyrights to the ISPs for the sole purposes of verification of user's copyright breaches.

On the other hand, the ISPs will incur an expense to do this and may even breach implicit contracts with their users.

It really comes down to whether there is legislation (or commercial agreement) in place that not only exempts ISPs from monitoring copyright infringements, but also requires them to do so, and as a final element re-imburses them for the cost of doing so.

Graphs are 'fixed'

All these are tiny fractions of job ads. Well under one percent to maybe a couple of percent.

It's all down to selection of search terms by the writer. How about something useful like C++?

Nope. This is yet another pop-quiz by a totally out-of-touch author.

SIM?

I realise I'm a bit late here, but the SIM is not actually the chip ( called the ICC) but an application running in protected space on the ICC with its own microprocessor.

It has a challenge/authenticate role that takes network challenges and returns an authentication code.

What the patent seems to have done is move the challenge/authenticate function from the SIM to the phone. Perhaps the SIM is used for secondary identification?

This is not a new feature and is part of a massive battle to move control of the phone from the SIM to the phone. In simple terms, stopping the Telco getting the money and instead giving it to the handset manufacturer.

At one stagte *all* of the phone applications were meant to run off the SIM, or at least initegrally with the SIM. This meant the Telcos kept getting revenue as they were the SIM suppliers. This never eventuated as the phone manufacturers simply bypassed the Telcos.

This new innovation moves the final barrier to network access from the SIM to something under control of the phone manufacturer. All good to the phone manufacturers.

Little bit of insider info

In my line of work I've probably seen hundreds of NSW/AFP interception warrants for the period 2007 to 2010. Boy do I hate checking warrants!

A real difficulty is they way the Telecommunications Interception act has been changed progressively, so in each case I have to figure out what the appropriate law was at time.

At one stage in 2007 the cops were obliged to get a warrant for any intercept, except, that they could just ask the Telcos for the information anyway without warrant. Section 177 amendment at the end of 2007 means that now Telcos can give any information to the cops without warrant, but not if the cops ask for it (amazing but true)

I've seen plenty of Telecommunications Intercept warrants (record voice and metadata). Surveillance warrants (follow, video and bug the suspects), Stored communications warrants (harvest the switches for SMS & metadata post-facto). What I haven't seen yet is data interception warrants.

I actually think data interception should be used more often. The Police cases I see are easily attacked because of a lack of belts & braces approach to raids. (And I work for the bad guys..)

Compression strength?

Typical aircraft alloys have high to very high compression / tension strengths. Look at 500 to 600 MPa

Welding tends to screw this up - without post heat treating.

Putting a fraction of Scandium in isn't going goint to chage this patterm much. Whatever occurs a post heat-treat is required. This is standard for bicycle frames using 6061-T6 or 7000 series alloys.

Imagine heat-treating an entire wing or airframe?

MAC

I'd throw in the use of mandatory access control (MAC) as pretty basic to any strategy.

Yes, it's a pain in the bum, but in the end it stops stuff getting out of hand. Individual applications and OS components may be compromised, but the flow-on effect is restricted to that application or component only.

SELinux from the NSA is the MAC system I'm most familiar with and for production systems it's pretty damned good.

Throw in a touch of process separation using the original Intel 'ring' security model and it's all pretty sweet. It's just a pity that Linux & Windows don't implement that at all, or only in the most basic fashion.

FRAUD

The NBN is nothing but a gigantic fraud designed to allow commercial content providers to deliver media content over a Government provided network ( I'm looking at you Rupert Murdoch & Foxtel ).

I spent several years commercially researching fibre systems for new developments and new apartment buildings in Australia. The basic facts are that they have no ROI that can produce a break-even in investement in under 25 years.

That's why no commercial operator has been in the least bit interested.

When a stupid Government steps in and provides the infrastructure (and believe me it's a massive infrastructure, equivalent to at least $4K per premise, perhaps a lot more) The only people who get benefit are the high volume content providers, and the only people who pay are the taxpayers.

The fake arguments put up about telemedicine etc are a total distraction. Any telemedicine needed can be done at local or regional access points. The rest is just so much hokum.

I have only just attended a meeting organised by the department of Prime Minister and Cabinet where the main thrust of the discussion was security requirements for businesses in the NBN era. The theory was the NBN would simply make attacks ever so much faster. Wow!

Business doesn't need the new massive bandwidth as they already have a comercially viable fibre network. Nor do the majority of consumers. The economic modelling is done by non-industry economists who have no clue of the commercial models and lump in the 'benefits' of all the 'new jobs' created to push the fibre out.

Throw in the public safety issue where ordinary phones cease to be reliable and simply shut down in power failures you have a repeat of the ill-though-out schemes such as the home insulation project that sounded good but in fact rorted money and killed quite a few.

It all averages out

The hypothesis assumes that all satellites are approaching the observation locations.

In fact the satellites spend half their time departing the observation locations.

The satellite reference frames shift from X+ metres per second to X- metres per second - after allowing for the orbital separation etc etc.

Using the quaint relativistic terms (I prefer Doppler myself) The average reference frame velocity is zero. Even if the satellite is offset to track not over the sites but to one side or the other.

Hence, nil effect.

Dimwits!

Can I just point out that these 'leaders' in solar energy chose to ride in impractical, unsafe vehicles that by some miracle are classified as bicycles.

What would be impressive is someone firing up a solar train that runs on steel rails and can actually carry useful cargo. There is a train line the whole way that would be ideal.

I envisage a train a10 or 20 cars long carrying passengers, goods, and for fun's sake an open air jacuzzi. I guarantee it will beat the sweaty cyclists in speed, and will actually be a realistic way to deliver goods.

Careening?

Careening is a technical term related to the scraping of ships hulls by turning them on their side.

Your journalist may have intended 'careering' but even that is not really adequate.

How about you employ some literate journalists who can describe the events technically and dispassionately?

CrackBerry

Have a look at this article on encrypted communications using Blackberry for riotuous purposes.

http://www.smartcard.co.uk/

Unfortunately a headline link as of October 3. Assume it will become a link with its own URL shortly.

Jerry

I live and work in Perth. I use Amnet on a continual basis (retail subsidiary of Amcom fibre) and encourage my clients to use Amnet and Amcom where at all possible. They have an extremely professional operation that craps over the the mainstream Telstra/Optus/iinet/service providers.

I earn nothing from recommending them. It's just good business for me to have happy customers.

Despite the cloud hype, I'm sure UWA will get a good service though I'm a bit unclear about disaster recovery - i.e. geographical dispersement of cloud servers.

How to generate a truly random one-time-pad?

If the one-time-pad is not truly random then attacks can be made against it. Back in the 1880s that would probably have been difficult, especially with any mechanical generation of the pad.

Second issue is generic. You need to keep both copies secret and you need to be able to deliver them securely to the recipient. Failure to do this has resulted in many breaks of one-time pad systems

selinux

personally I use all four of the DSD recommended procedures - except 'whitelisting applications' for which I have no idea what they mean.

I also run mail but not web countermeasures/cleaning.

The biggest defence is the right-royal pain in the bum selinux from NSA ( kind of the US equivalent to the DSD only bigger)

sever-side this is extremely effective but annoying as hell as app after app gets blocked, or even minor config changes break apps. This is 'easily' fixed but tiresome.

For non-linux clients, WIndows 7 is pretty good at defending itself. It's just the soggyware that causes problems by bypassing the OS - sort of understandable though.

@WORSTALL - fatal flaw

Hello Tim,

I'm afraid that you've got a fatal flaw in your logic about taxing carbon instead of something else.

The problem is. What if it works?? Net result is loss of income to the Government. What will they do to make up revenue? Raise taxes!

Even funnier is if it doesn't work. Net result - an increase in Government revenue. What will they do? Nothing of course. There's plenty of pet projects they can fund.

So the public will under either scenario end up paying directly or indirectly higher taxes.

The only win-win outcome is if the tax has precisely zero effect. So why have it in the first place?

P.S. Despite being a techie, I spent 3 years working as an economics computer modeler and forecaster for the Government. If only you knew as much as I know about how ineffective and how irrational proper economists are. La-La land!

Ethic correctness

As an antipodean I've noticed an awful lot of English 'historical' dramas set in the 1900s, 1800s 1700s etc that have a carefully selected set of South Asian and Carribean characters.

Now considering that most UK citizens with South Asia and the Carribean origins only arrived since the 50s I have to ask is this PC gone a step too far?

Your UK history is being rewritten in terms of 21st century demographics. Aren't you in the least bit worried?

No Video On Demand

Multicast is fine for pretimed streaming - I think it's used in 3G video channels for instance.

When you get to VOD you run into a problem as different people want to watch the same content at differen times.

In effect the network will become a copper based broadcast TV system.

What's going to be much more amusing is the hacks and DOS on the system. Multicast routers aren't all that clever so expect some monumental hacks.

Also, there are two types of multicast in the world CISCO and everyone else. I wonder who will get the gig (not) and how much they paid to get it.

I forgot to mention

This applies specifically to the 7xxx series CISCO touchscreen phones (I forget the specific number) but the ones with a colour touchscreen that you see on many famous desks.

It's "not a bug, it's a feature" as it is part of the XML API provided by CISCO where the phone can be controlled by http GET and PUT commands using XML to change what is displayed in the touchscreen and also provide a type of third party call control. One of the options is a 'silent' call placement

I work in the Emergency Services Industry in Australia

The Emergency Services in my location (Western Australia) have more bandwidth than they coud ever hope to manage.

Suitable bandwidth is dependent on location. Capital cities location can work with higher frequencies. Country locations require lower frequencies for long range transmission.

For decades Emergency Services have had priority on frequencies that meet therir operational requirements.

Throwing in TV frequencies will be a major challenge for Emergency Services to adapt to. They have a several year to decades response time to new technology. Trying to fit TV frequencies into their specific requirements will be a major problem.

Far better for them to use their frequencies more efficiently by using new technology. But wait 10-20 years for that to happen.

Vector-Raster 1980

I was using a Versatronic vector to raster graphic systems since at least 1980. It may well have been around before then. It was driven by Data General minis but obviously the package was availabe for DEC etc. The vector to raster was as upmarket as any modern graphics system and included splines and most of the elements in postscript but without the interpreter. Resolution was nearly as good as a modern photo-typesetter. In about 1983 I developed a hack so that high class graphics input could be rendered cheaply on dot matrix printers.

For me desktop publishing came via postscript. It was really easy - and quicker - t o write programs in Postscript and execute them on an LN03. After Postscript I loved Venture Publisher even more - as a techie and producer of computer generated manuals it was ideal. You could do so much automated stuff with it by use of style sheets and generation of the content by other processes.

I've yet to find another package that lets me do the same thing as easily. Every other package I've seen with the word 'publisher' is inflexible and/or crashes a lot.

Now runs at speed on pico servers

I'm waiting for the Centos release, but I know there is a single major improvement waiting for for me in RHEL6 for my Atom based servers and older laptops.

That is the disk drives will run at full speed, not at an IDE emulation speed of a couple of megabytes per second.

Finally I can get super-low power fanless serving happening at an acceptable speed.

I also run embedded equipment using Centos 5. Perhaps the new version will assist with better audio drivers? And/or memory/flash overlay?

Duct Tape?

Some of the covering looks suspicioulsy like duct tape.

Is this allowed under the rules? Or is duct tape officially recognised as a paper derivative?