[HN Gopher] So long and thanks for all the bits
___________________________________________________________________
So long and thanks for all the bits
Author : fangorn
Score : 186 points
Date : 2022-11-09 13:51 UTC (9 hours ago)
(HTM) web link (www.ncsc.gov.uk)
(TXT) w3m dump (www.ncsc.gov.uk)
| tomcam wrote:
| First party thanked is the vendors
| mellosouls wrote:
| _I've got to give a special mention to everyone in the NCSC and
| wider GCHQ because they're just awesome._
|
| precedes that.
| wwalexander wrote:
| lifeisstillgood wrote:
| The comments about Heartbleed and OpenSSL suggest (to me) his
| behind the scenes thinking:
|
| Airplanes don't fall out of the sky because transport safety
| boards do the analysis and the manufacturers follow their advice
| - the idea is only one planet crashes per type of mistake.
|
| Well it's hard to get a group of open source developers to follow
| cleanroom techniques for free. I am guessing that the thinking is
| to fund the identified OSS groups.
|
| Which is nice...
| [deleted]
| AnIdiotOnTheNet wrote:
| So maybe a B-17 pilot can explain: From the image, I can't see
| what the problem is. If you reach for the gear switch to put the
| gear _down_ , but hit the flap switch instead and put the flaps
| _down_... shouldn 't that be just fine? Wouldn't you want the
| flaps down during landing anyway? Shouldn't putting the gear down
| cause more drag than the flaps, so you're already prepared for
| any changes there too?
| chanandler_bong wrote:
| I'm confused as well. I can't imagine a B-17 landing without
| flaps. I am a pilot, but never flown a B-17, so take it with a
| grain of salt...
|
| You'd want both the gear and flaps down on landing, so both
| switches would be in the down position. If the switches weren't
| in sync, e.g. you need one switch up and the other down for
| landing, _that_ would be a problem.
| kayodelycaon wrote:
| From what I remember from a WW2 training video, you begin the
| landing 1/3 flaps. If you're close to stall speed, the drag
| from unexpected full flaps could be enough to stall the
| plane.
|
| In the reverse hitting flaps up before gear up is likely to
| cause problems.
| KeyXiote wrote:
| 101010, just for a fun reference I found this interesting mostly
| unrelated aside to the op and the connection to the book/movie
| reference from Hitchhiker's Guide, as related to "deepmind" and
| 42
|
| (0)https://oeis.org/A105281
| ableal wrote:
| Worth the read just for the horrible B-17 bit used as opener.
| Good hook.
| scythmic_waves wrote:
| Yeah I'm mentally filing that image [1] away for later use.
|
| [1]: https://www.ncsc.gov.uk/static-assets/images/blog-
| post/instr...
| mastermedo wrote:
| +1. The B-17 design flaw analogy is one of the best I've seen.
| The title is great as well, very catchy.
| javajosh wrote:
| He also could have used Chernobyl as an example.
| CamperBob2 wrote:
| Chernobyl was very different, due to the negligence factor.
| "Hold my vodka and watch THIS" is no way to run a nuclear
| power plant.
| bombcar wrote:
| I guess they're arguing that the "fail deadly" design was a
| design flaw, even if it should never have been encountered
| in actual operation.
| pmarreck wrote:
| I've never seen that example and reading it, I was surely
| mouth-agape dumbfounded that anyone thought that would be OK to
| design like that
| a_c wrote:
| To my ignorance, didn't know this gentleman before. Nice
| article, pure substance. Would love to learn more about him.
| ilyt wrote:
| Personally I was more impressed by the director being a
| dolphin, altho they coud've found better photo of him, he looks
| a bit fat.
|
| But to be fair It's not that bad when you realize using flaps
| and gear is time correlated - you slow down, enable flaps, get
| near the airport, then put the gear down.
|
| There is no "I want to put the gear down in situation when
| enabling flaps would fuck stuff up too much"
| UncleEntity wrote:
| > There is no "I want to put the gear down in situation when
| enabling flaps would fuck stuff up too much"
|
| Unless, maybe, you just limped your plane in because it's
| missing a big chunk of a wing.
|
| One thing the military does is try to make it hard to make a
| simple mistake and kill a bunch of your own troops.
|
| During the last Iraq invasion I was running around with a
| fuel tanker which had a pony motor to offload the fuel. It
| was pretty complicated with a bunch of levers and valves you
| had to set to get the fuel flowing the right way (and not on
| the ground) but had a data plate to tell you what to do, easy
| peasy. One day we were at a bag farm dumping fuel and this
| staff sergeant wandered up and says I'm doing it wrong. "Data
| plate" I say and point at the data plate but she started to
| get all huffy so, whatever, do what she says which was all
| fine and good until the tanker starts filling up because it
| is set up backwards. She made some lame excuse for not
| following the law of the one true god, the data plate, and
| wandered off to bother someone else.
| kitd wrote:
| It reminds me of the accidental Hawaii nuclear missile alert a
| few years back. AIUI, the button to test the system was in
| close proximity to the button to send the real thing.
| Arrath wrote:
| There were some choices gif/memes to come out of that, though
| like the top one here:
|
| https://www.popularmechanics.com/technology/infrastructure/a.
| ..
| pmarreck wrote:
| omg, that gif is triggering me.
|
| I CANNOT STAND UI's that are interactable before they have
| completed their layout rendering! Or things like
| notifications that suddenly push everything down, right
| when you were about to tap on one of those elements! Why is
| this still a thing? Any UI element that shifts or appears
| should have like a user-adjustable half-second delay before
| it becomes interactable again
| lmm wrote:
| I suspect the real reason it's still a thing is that it
| makes users more likely to click on ads, which is after
| all how most of the internet makes its money.
| ilyt wrote:
| Yeah I love when I click a thing then a different think
| appears under it 0.5ms before click registers.
|
| > Why is this still a thing?
|
| HTML/CSS/JS stack makes that the default and coding your
| way out of that is hard
| Arrath wrote:
| > Yeah I love when I click a thing then a different think
| appears under it 0.5ms before click registers.
|
| Its just the worst
| agency wrote:
| Or much lower stakes but the terrible UI that caused Citibank
| to accidentally give away $500M[1] (though they got it back
| on appeal [2]). I am always amazed to see the awful, awful
| software people put up with to do their jobs.
|
| [1] https://arstechnica.com/tech-policy/2021/02/citibank-
| just-go...
|
| [2] https://www.reuters.com/markets/us/citigroup-wins-appeal-
| ove...
| pmarreck wrote:
| that's the most obtuse UI for a money transfer (especially
| one so large) that I've ever seen.
|
| And THREE PEOPLE all signed off on it!
| ak39 wrote:
| "That's one heck of a nurse" after hitting the Nuke button
| which was right next to the "Nurse" button.
|
| Can you guess which music video that's from?
| AnIdiotOnTheNet wrote:
| Land of Confusion
|
| I really like that music video.
| travisgriggs wrote:
| As a pilot, loved the B17 bit.
|
| I am intrigued by the memory safety section. It's a hot topic
| these days, right? So here's an interesting thought experiment.
|
| What if all these areas where we use memory-unsafe technologies
| were replaced by memory managed technologies like C#, Python, Go,
| etc. Sure, lots of things would run slower (raw TLS in Python,
| yay), BUT would there suddenly just be less exploits? Or is this
| area more of "Law of Conservation of Ugly"?
| lbriner wrote:
| One of the big reasons that these garbage-collected type
| languages were not used on critical code was that the timing
| couldn't be guaranteed. You can't afford a massive L1 garbage
| collection just at the point you are trying to land a plane or
| disable a nuclear reactor.
|
| Not sure whether this is still a problem now that computers are
| way faster but my own experience is that despite the resources
| available, our apps are slower than ever, even ones that do
| largely what they did 20 years ago like Word and Visual Studio!
| JALTU wrote:
| 1000%
| cjrp wrote:
| I was confused by the B17 fact; if you're at the stage of
| lowering the gear (flying slowly), pulling the wrong lever and
| going full flap would do not much? Now if you were taking off
| and went to raise the gear and lifted the flaps instead, then
| that's a problem.
| elevation wrote:
| Large changes in lift (flaps) must be coordinated with
| changes in thrust (engines) to keep the aircraft level or
| slightly descending.
|
| A large reduction in lift (raising flaps) will cause a
| aircraft to dive. A large increase in lift (lowering flaps)
| will cause a aircraft to stall -- and fall.
|
| Either of these changes would be recoverable if there were
| more thrust or more altitude, both of which are intentionally
| minimized during a landing.
| travisgriggs wrote:
| On an approach, you are flying dangerously slowly
| (necessarily). You're right next to stall speed. You want to
| go slower slower slower right up to the point you don't go
| too slow. You want to reserve that crossing the threshold of
| too slow until your poised right over the runway with inches
| between you and it.
|
| When you stall, you start falling at the speed gravity pulls
| you minus any drag your airframe presents. And if you're
| already close to the airfield, you might be only a few
| hundred feet up, so you're out of room to put the nose down
| and throttle up to regain speed necessary to regain lift.
|
| Putting gear down adds a little drag (and a lot of noise), so
| a minor speed in reduction; going full flaps slows you a lot.
| You usually pitch the nose down a little more to increase
| your rate of descent as you go full flaps, so that you keep
| the speed up to keep the lift up which keeps your plane up.
| If it's dark, you're tired, flying close to stall speed
| already, go full flap without realizing you just did and
| don't keep your eyes glued to the air speed indicator, you'll
| stall out and fall from the sky. Trying to recover would
| catch a lot of disoriented pilots unawares.
| upofadown wrote:
| I too was confused.
|
| A bit of searching seems to have revealed that the actual
| problem was inadvertent gear retraction. Pilots were
| retracting the gear, either while adjusting flaps on final
| approach or after landing when they tried to raise the flaps
| again.
| laputan_machine wrote:
| > They were intended to provide more privacy to users from all
| sorts of parties, but mainly government and big tech companies.
| The problem is that DOH makes enterprise cyber security very hard
| and also damages things like ISP parental controls, and some
| filtering for child sexual abuse images
|
| Man getting paid to spy on people complains about not being able
| to spy on people and uses the tried and tested "think of the
| children!" angle. Classic.
| [deleted]
| [deleted]
| tyho wrote:
| > Apple Private Relay makes law enforcement's life much harder
| when looking at who's visiting certain dodgy websites
|
| Good
|
| > but also potentially reduces the resilience of mobile
| networks because it messes with the caching strategies in place
| today and makes diagnosing problems harder.
|
| This is a lie because the vast majority of internet traffic is
| already encrypted and hence un-cachable. Even if it is true, I
| don't care, we can trade caching for privacy, we did it with
| HTTP and the sky didn't fall.
|
| > It also makes it impossible for those networks not to charge
| for certain data traffic because they can't see which sites a
| phone is trying to visit.
|
| Again, good.
|
| Seriously. Fuck this guy and everything he stands for.
| throwup wrote:
| Let me just add:
|
| > it messes with the caching strategies in place today and
| makes diagnosing problems harder.
|
| ISPs will do the most boneheaded things to your traffic if it
| is not encrypted. There was a time when Comcast liked
| injecting random HTML into pages. I'm sure this guy has never
| had to "diagnose problems" resulting from an ISP rewriting
| HTML on the fly. Nowadays with TLS, ISPs are mostly out of
| the picture and the surface area for problems is dramatically
| smaller.
| tristor wrote:
| It's an unfortunate reality that the UK Government has taken a
| strong anti-privacy and particularly anti-DoH stance for ages.
| They've used every political and technical lever possible to
| prevent users from having any reasonable level of online
| privacy within the UK, and one of their favorite things to do
| is to trot out "non-profits" that focus on child exploitation
| to talk about anything that gives a user any semblance of
| privacy helps spread CSAM.
|
| Just more of the same tired refrain from people using motivated
| reasoning who don't have any care for user privacy or the
| rights of individuals online.
| DaiPlusPlus wrote:
| There are far more Daily Express readers than computer
| networking technology professionals who vote for whoever the
| next Home Secretary will be.
| fangorn wrote:
| Ian Levy, UK National Cyber Security Centre's departing Technical
| Director, discusses life, the universe, and everything.
| [deleted]
| sacrosanct wrote:
| > thanks for all the bits
|
| Am I missing something here? What's the headline supposed to
| mean? Is it a tongue-in-cheek gesture, since GCHQ routinely
| hoover up personal data and spy on both their citizenry and
| foreign countries?
| [deleted]
| tellmelies wrote:
| it's from hitchhikers guide to the galaxy.
| https://en.m.wikipedia.org/wiki/So_Long,_and_Thanks_for_All_...
| mindcrime wrote:
| It's a paraphrase or restatement of the phrase "so long and
| thanks for all the fish", the title of one of the books in
| Douglas Adams' _Hitchhiker 's Guide to the Galaxy_ series.
| Changing "fish" to "bits" is interesting, as it could be "just"
| a reference to life in the modern age and that this individual
| is leaving a techie oriented job that deals with "bits and
| bytes". Or it could be a really on the nose "joke" making light
| of exactly what you say:
|
| _" GCHQ routinely hoover up personal data and spy on both
| their citizenry and foreign countries?"_
|
| It's hard to say which it really is.
| fundad wrote:
| doesn't bits refer to genitals?
| thombat wrote:
| In British vernacular about a quarter of all common words
| can be used to refer to genitals and/or intimate acts,
| especially when said out loud with the right intonation.
|
| One time in London I lost my rag with a local colleague and
| snarled at him "is there _nothing_ you can 't make innuendo
| from?!?" And without missing a beat he simply leered back
| "in-YOUR-end-o"
| andrewflnr wrote:
| It may be more widespread in Britain, but I assure you
| it's equally possible anywhere. :)
| beardyw wrote:
| It's a reference to Hitchhiker's Guide to the Galaxy. "Goodbye
| and thanks for all the fish" as the dolphins abandon planet
| earth IIRC.
| jhauris wrote:
| I think it's a reference to "Hitchhiker's Guide to the Galaxy".
| Knowing Earth was going to be destroyed the dolphins leave, but
| they leave behind a message which when decoded translates to
| "so long and thanks for all the fish" (referring to how
| dolphins had trained humans to give them a fish when they did
| tricks).
| happymellon wrote:
| > Knowing Earth was going to be destroyed the dolphins leave,
| but they leave behind a message
|
| He thinks that the UK is going to implode?
|
| Probably correct even if it is mostly harmless.
| beardyw wrote:
| Four identical answers must be true!
| beardyw wrote:
| Five!
| ChrisRR wrote:
| In addition to everyone who's given legitimate answers, it's
| also why they've used a picture of a dolphin and referenced
| "life, the universe and everything"
| nibbleshifter wrote:
| It's a Hitchhikers Guide reference, the article has a couple of
| them.
|
| Its Ian ingratiating himself to the geek readership so they
| think he's one of them and not, well, a fucking ex government
| spook ;)
___________________________________________________________________
(page generated 2022-11-09 23:00 UTC)