* Posts by Christian Berger

2974 posts • joined 9 Mar 2007

How a hack on Prince Philip's Prestel account led to UK computer law

Christian Berger
Silver badge

Re: It was dail-up in more senses than the link....

Well you'd obviously modulate the dial pulses into beeps which wouldn't interfere with the downlink. The great advantage would be that you wouldn't need a microcomputer on the client side... which back in the 1970s was a very good point.

0
0
Christian Berger
Silver badge

The German version (Bildschirmtext, BTX) had a rather nifty logical flaw

In the early sets the user credentials were stored on a PROM inside the modem. This was done to prevent fraud and the use of non-licensed modems.

As soon as the modem would detect a carrier, it would send its login credentials...

However that modem could not detect rings. After all it was just meant to do outgoing calls. So what some people did was to get a modem for the answering side, call a BTX terminal at a trade show and wait till someone wants to dial into BTX. It'll then pick up the line, try to dial (which will be ignored), get your carrier, and send you its credentials.

3
0

Everything is insecure and will be forever says Cisco CTO

Christian Berger
Silver badge

Well... but we are talking about Cisco... this is the company which at least until recently, had all processes on their equipment run in the same address space.

This is also the company which installs cheap router grade software on expensive storage appliances, or the same company which sells VoIP telephones you can ssh into, but they have an authorized_keys file.... which they get via TFTP.

With Cisco there just isn't any indication that they care about security.

0
0

Ten things you always wanted to know about IP Voice

Christian Berger
Silver badge

Not the first one by that author

If you look at what else that author has written you will see that there is little thought in what he writes.

0
0
Christian Berger
Silver badge

Re: Needs better information on faxing

Well at work we are regularly conducting fax tests. And typically we get around 98-100% success rate for 10 page faxes (around 100kbyte per page) over T.38.

Fax over G.711 is heavily dependent on a pristine connection and high accuracy clocks on both ends.

We haven't tried analogue modems as that's largely irrelevant in Germany, but we have tried ISDN data connections (X.75) over VoIP. Those work rather well.

0
0

ARM plans to win 20 per cent of the server market by the year 2020

Christian Berger
Silver badge

Re: The problem is still the lack of a decent common hardware plattform

"Something like this? http://www.theregister.co.uk/2014/01/29/arm_standardization_sbsa/"

Yes exactly. Though nobody knows if they will succeed.

0
0
Christian Berger
Silver badge

The problem is still the lack of a decent common hardware plattform

I mean for servers most customers will want to run their own operating system. Trying to sell a server which only runs Ubuntu 15.4 or something is very hard as people will want to install whatever they want.

Virtualization might ease the problem a bit, but they pose new security risks. If you have a vendor provided hypervisor you cannot easily replace, who will guarantee that it's free of any deliberate or accidental security holes?

If there just was a simple architecture. Essentially a way which specifies how the serial console is connected to your ARM core, where your RAM is and how to access your flash memory and your PCI(e) bus, we'd already be a great deal further. That way manufacturers could build a great variety of different systems, while maintaining compatibility with others.

4
0

Firefox, Chrome, IE, Safari EXPLOITED to OWN Mac, PCs at Pwn2Own 2015

Christian Berger
Silver badge

"Seriously, when is a project going to be formed to write a new browser and rendering engine from the ground up with security in mind?"

We have gone past that point. The problem browsers need to solve is far to complex to re-implement them with a reasonable amount of effort. Plus even keeping up with web standards now takes a fairly large development team.

What we would need now is to define 2 successor standards to our web. One for static pages, and another one for "web applications". The later one could, for example, be some sort of "remote framebuffer" standard.

0
0

Noobs can pwn world's most popular BIOSes in two minutes

Christian Berger
Silver badge

Re: This wouldn't be (much of) a problem...

" A jumper is definitely something a maid or border official could handle within a minute or so. "

Yes, but seriously protecting against physical attackers is another problem all together. You cannot protect your computer from physical attackers easily. The whole "secure boot" crowd claims that they can, but in reality they only make the problem worse by keeping you from installing a simpler BIOS.

Keep in mind that physical access to a laptop can also mean that the attacker buys the same model you have, then installs a password prompt looking exactly like yours, and then swapping it with yours at a conference. While you enter your password into the fake password prompt, the attacker mirrors the harddisk. And when you notice the mistake he comes back with your laptop, apologizing for the mistake.

0
0
Christian Berger
Silver badge

This wouldn't be (much of) a problem...

...except that UEFI implementations commonly have a network stack. Some even stay running in service mode and listen on your network card. So it's not unlikely that at least some security holes are exposed over the network.

The problem with UEFI is that it is _far_ to complex for the problem it needs to solve. So we can expect loads of security critical problems in there as well as completely new attack surfaces.

29
0

CIOs: What tech will be running your organisation in 2020?

Christian Berger
Silver badge

We'll be switching...

We'll be switching from binary to trinary computers.

Seriously there are only few things you can say for certain in 2020.

In 2018 the telephone network will be turned off in Germany so everyone will go VoIP. Unless you are an idiot, this will greatly decrease your costs while greatly increasing your flexibility and quality of phone calls. Just avoid the obvious traps.

Systems that (kinda) work will stay, and companies will cling to those solutions however they can. Bad systems might stay or will be replaced randomly by some other system.

Unless you switch away from Windows, you'll probably pay for a subscription model. We might soon see the year of the end of the Linux desktop when systemd takes over and Linux systems just won't work any more.

0
0

US threatened Berlin with intel blackout over Snowden asylum: report

Christian Berger
Silver badge

Re: Nice job you got there

Actually there aren't many jobs in German Intel, it's all out sourced to the US. Germany sends their raw data over there and gets the results.

6
1

AI guru Ng: Fearing a rise of killer robots is like worrying about overpopulation on Mars

Christian Berger
Silver badge

"Humans will embed themselves with chips (et al) and take over regular humans, likely before anyone has sex on Mars at all. What will the military do? Who will stop them?"

This is already happening. In Germany alone, hundreds of people have already bought personal computers they use as an extension to their brains. Currently the interface is a typewriter-like keyboard and a TV-like screen. This can be rather efficient if you bother learning it.

It's also exactly why the German constitutional court has derived a right of "integrity and confidentiality of computational systems".

And it's also a thought we are all accustomed to from science fiction. Just look at 1980s sci-fi series "The Tripods" where "Beanpole" has a special device to make him able to see more refined.

2
0
Christian Berger
Silver badge

The problem already is here

a) We do have killer robots, they are called drones and no, they are not like remote controlled model planes with guns, since they are controlled via satellite which means a minimal latency of a quarter of a second, they need to aim and shoot themselves. Currently just the target is selected by a human.

b) We already have "artificial intelligence" in the form of large organisations. They act like beings, often even against the interests of the human beings they are made out of. If you look at the example of banks, you can see how devastating they can be.

4
1

Sit back and let someone else manage your telephony

Christian Berger
Silver badge

Well the sad story is that cost is in no way correlated to quality or features. So just selling a more expensive system is not going to guarantee that it's any good.

If I got an Euro for every time some incompetent PBX jockey calls us because his *insert big brand expensive PBX here* doesn't work, and all we can diagnose is that his PBX/router/firewall setup doesn't work, I wouldn't have to work any more.

0
0
Christian Berger
Silver badge

"The hardest part about dealing with the Ciscos, Mitels and Avayas of the PBX world is how they insist on using different terminology for largely the same features and to add to the entertainment also add various artificial restrictions to each of these features."

If it was like that, I wouldn't complain. The problem I have with those boxes is that they don't speak normal SIP towards the carrier. Adding to is are contractors who have _no_ idea what they are doing. People who cannot use Wireshark to debug a VoIP problem despite of claiming to be experts.

What we are seeing now is a mirror image of all those "value added" resellers did in the 1990s. Back then you could pay a lot of money for a incompetently set up Windows installation. Today people will sell you a 20k PBX for 5 telephones... and mess up cabling.

1
0
Christian Berger
Silver badge

Re: Most decent systems are actually easy to set up

Well designing an ISDN-based system is much simpler as you have much less variation, plus if you did something wrong, your telco monopoly would forbid you from connecting it to their PSTN. So for ISDN systems have been whipped into shape.

Today those companies read the standard, interpret in in weird ways and don't bother checking with the rest of the industry.

Of course systems with complex functionalities can be complex, but with those vendors even basic telephony is a nightmare to get working.

1
0
Christian Berger
Silver badge

Most decent systems are actually easy to set up

For many it's just entering a username, a password an a server.

It's just that there are some vendors *coughmitel* *coughcisco* *coughunify* *coughavaya* which have really bad systems that don't work because they don't understand what they are doing.

The main problems there are that those systems don't speak normal SIP, but some overly exotic variant of it.

Seriously if you are at a company get something like a Starface or roll out your own Asterisk-based system.

2
1

Are you clever enough, and brave enough, to give a Register lecture

Christian Berger
Silver badge

Re: Location, location, location?

I'd vote for Hof in upper Franconia.

It's very easy to reach and cheap. And it's inside of a Null of the downlink beam the BBC uses.

http://en.wikipedia.org/wiki/Hof,_Bavaria

0
0

Google adds evil-code scanning to Play Store

Christian Berger
Silver badge

The problem is app stores itself

It adds an element of commerce to it. Suddenly if you kick out an app, you will have someone loosing money who might want to sue you.

Plus there is the problem that the classification of malware vs non malware is rather subjective. For example for Google and Apple an app to root your device might be considered malware. I for example consider apps without source code or apps which display advertisements malware.

Google actually is the lesser evil here as I can just ignore their Crap store and go to fdroid which has at least some amount of quality control. With Apple I'm left to Apple's judgement which completely disagrees with mine.

2
4

Honey, I shrunk the Windows footprint

Christian Berger
Silver badge

Re: Whatever happened to code optimisation?

Actually today, unless you are extremely good at assembler for your particular CPU, C-compilers will actually produce better code.

The problems are with software architecture. People have learned really bad ways of software design resulting in huge software packages, they don't understand what they are going. They don't think about the machine code coming out of their C compilers. They don't understand that complexity is a problem or how to avoid complexity.

0
0

Hurry shipmates - the black hats have hacked our fire control system

Christian Berger
Silver badge

No No No

This is yet another attempt to set an anti-citizen narrative. Suddenly the ones who hack "fire control systems" are the "bad ones" instead of the ones who ordered those systems with the implicit intention of destroying things or even killing people.

Of course those people will end up working at the GCHQ or other shady organisations bent on scraping every bit of information out of ordinary citizens.

We need to set the narrative here. The GCHQ is not one of the good guys here. People who kill citizens with drone strikes are not the good guys.

There are reasons why the hacker culture has a set of rules, the hacker ethics. We need to teach those in schools as they are important as a counter weight against all those anti-democratic movements we now see in governments and corporations. I mean this used to be done in Germany. Mandatory "Informatik" classes not only gave you a glimpse into what programming is, but also what data protection means and how important it is.

1
3

IDC downgrades sales outlook for PCs AND tablets

Christian Berger
Silver badge

Re: HP and Dell can cancel Christmas due to poor Windows PC sales

Well the consumer (Christmas) market for Laptops kinda collapsed. Instead of buying overpriced unreliable consumer grade laptops, those now buy tablets or, if they are smart, refurbished business laptops.

0
0

Look, no handsets: How to do telephony without a phone

Christian Berger
Silver badge

@The Reg want some non filler article about VoIP?

I work at a medium sized carrier which mostly does VoIP and therefore am involved in both the carrier and the customer end of things. That means I do know a lot more about VoIP than whoever writes those filler articles.

0
0

Vodafone: Can't make calls on our network? Use Wi-Fi

Christian Berger
Silver badge

Re: Dunno what the fuss is about...

"rather its prioritised PDP contexts with interactive QoS so its packets are more equal than other packets, all the way from the radio bearer through to the final point of interconnect."

Actually I've recently done some Tests on the Vodafone fixed line network in a country I do not want to name here, and I see no indication that they could run something as complicated as VoLTE.

In the real world Vodafone already struggles with their ISDN network. Even to a point where you have crosstalk between different ISDN voice channels. In their core network they seem to convert multiple times between TDM and ISDN, sometimes even using T.38 for Fax calls. This wouldn't be a problem, if their IP lines wouldn't be highly oversubscribed. So you have "packet loss" in your ISDN connection. Sometimes you even get a call translated from ISDN to IP (T.38) to IP (G.711) to ISDN, with the second IP line having packet loss.

0
1
Christian Berger
Silver badge

Obviously the main feature is...

that VoLTE provides you with ways to charge for VoLTE traffic independently of normal IP traffic. Prioritisation can already be done without the complexity overhead of buzzword rich theoretical constructs.

My prediction is that VoLTE will die either in favour of complete normal VoIP independently of your LTE provider (this already works surprisingly well) or there will be handsets which can use GSM and LTE at the same time. The GSM network is not likely to go away as it's seen as infrastructure, so you might as well use it for voice. We already see operators running voice calls over GSM even for UMTS handsets.

Plus unlike UMTS and GSM, LTE and GSM can coexist in the same band rather nicely. So what we may see are operators deploying it in the same band and mobile stations being able to use both at the same time.

1
0

OK, they're not ROBOT BUTLERS, but Internet of Home 'Things' are getting smarter

Christian Berger
Silver badge

Re: Why don't they actually try to solve something useful?

"1) Sauce pans that do not boil over."

Actually such a thing exists. It's called the induction hob. It only heats your sauce pan, not what's around it. It's one of those 1980s inventions which now become common as the patents have expired. The one I've seen uses a colour LCD to display a graphic menue... made out of different shades of grey.

0
0
Christian Berger
Silver badge

Having worked at an appliance manufacturer

I can assure you that nobody there has the faintest clue how to actually make this useful. Instead they start proprietary and closed protocolls you cannot get access to, and fail to grasp basic security limitations.

I mean any normal person would first define a _simple_ standard which is open for everyone to experiment with. Then they'd put it out there in a "build it and they will come" fashion. After all the coolest things will be done by others, not yourself. There is no sensible reason why your own imagination should be the limit. If it is easy enough to embed your appliance into something larger and more useful than a remote operation panel, people will do so, particulary since there's a whole home automatisation industry eager to make custom solutions.

2
0

Can't pay $349 for an Apple Watch? Get a Chinese knockoff for less than $50

Christian Berger
Silver badge

Re: Not really a knockoff....

This is actually what I don't understand. Everything useful a "smart watch" can do could be implemented with a decent display and a Z80. Add a bit more RAM and you can even do multitasking by swapping out programs.

2
0

Grab your pitchforks: Ubuntu to switch to systemd on Monday

Christian Berger
Silver badge

Re: oh well

"So what is wrong with DBus from your point of view? And what would you recommend instead?"

Well first of all it uses libraries for something non essential. Which means that if the DBus daemon doesn't work, your system will behave in very odd ways.

Then I haven't been able to find any sensible reason for it. I mean why should desktop applications be able to send messages to each other? The only places I have seen that in use is those anoying "popups" telling me things I already know and USB MSDs being mounted without my consent.

So far the net benefit of any system like DBus for me as an end user seems to be negative, but particularly since it's implemented as a library applications link against, there is no easy way to get rid of it. If it was implemented as a set of separate programs which would be executed by the software wanting to send or receive messages, it would be a whole different game. Then you could just delete that dbus binary and programs would most likely still work.

1
1
Christian Berger
Silver badge

It's a question of complexity vs democracy

Essentially what we are seeing with Linux now, is probably a mirror image of what we have seen happening to browsers. During their existence browsers have turned from fairly simple systems to huge applications. Today Firefox is so large it needs a whole corporation around it. Such a corporation needs to get funds and it has its own interests. Most of you will probably have suffered from decisions that corporation made. Normally it would have been forked years ago, however since it's so incredibly complex (because of complex web standards) and changing rather quickly (because of changing web standards) that's near impossible.

The same is currently happening to the Linux Desktop. Instead of keeping it nice and simple, we add layer upon layer of complexity. Suddenly we have inter process communication, audio daemons, consolekit (whatever that's for) and now systemd. Each one of those sub systems adds complexity and dependencies.

The dependencies keep you from removing those parts (try installing even the simplest desktop system without D-Bus) and the complexity keeps you from maintaining a fork with reasonable efforts.

Who benefits from this? It's probably, at least in the short run, the enterprise Linux vendors. They have lots of resources and this will make it harder to use Linux professionally without service contracts.

To contrast this the BSDs have a lot less developers, sure you won't get any fancy features, but they are able to maintain a whole operating system, including daemons, with a fraction of the development cost.

8
1
Christian Berger
Silver badge

Re: Can't there be a simple and effective Linux distribution?

"LP? Vision? Same sentence?"

Well unfortunately I think he has a vision, it's just not a very well refined one.

9
1
Christian Berger
Silver badge

Re: oh well

I personally see systemd as part of a larger problem. It's trying to "improve" on Unix with things like Network Manager, or dbus which may be usefull for some very exotic applications, but just make lif harder in the most common situations.

6
0
Christian Berger
Silver badge

Re: Can't there be a simple and effective Linux distribution?

"Look for everyone running Windows and MacOS they have the monkeys and gnomes at corporate central to keep the leaking ships floating."

Yes, but why should Linux get those leaks, too? I mean I'm sorry, but if your application is so complex it needs so many components you want to put it into a container, maybe you should reconsider your design.

Believe me, those things will be the "leaking ships" of tomorrow. Linux was only able to reach its current quality because people adhered to the Unix philosophy which reduced the effort to build and maintain an operating system.

25
0
Christian Berger
Silver badge

Can't there be a simple and effective Linux distribution?

I mean something that handles UTF-8 but just boots off a simple shell script or a normal init. One that doesn't have Network Manager, but shell scripts for that.

Just something that works without all the crap that just takes up your nerves when it doesn't work and won't provide you any usefull functionality when it does.

4
2

Tech leaders: Can you predict the future? Tell us all about it

Christian Berger
Silver badge

Re: Tech leaders: Can you predict the future?

Don't forget the Internet Fridge.

https://www.youtube.com/watch?v=HoIgQi7kI0A

Of course now with a technician who also works as a DJ in his spare time who you can call to close your fridge of you left it open.

0
0
Christian Berger
Silver badge

New Technologies?

First of all anybody who claims to accurately predict the future is either lies or is a time traveller.

Then the changes in the last 10 years have not been driven by new technologies, they have been driven by companies realizing that there are different markets.

For example smart phones have been in the pipelines years before the iPhone, but most lacked decent network connectivity software. Usually you didn't even get a decent browser, or you got some crippled operating system like Windows CE, Palm OS or Symbian. A browser, and the reality distortion field of Apple, opened the area to the wider public.

Same goes for virtualization. The technology has been around for decades, but only recently it became available on x86.

The point I'm trying to make is that today's IT companies are inflexible enough so that technological progress is not the limit when it comes to innovation. It's limited by where marketing believes the market should go.

1
0

Bite my shiny metal Ask: Java for OS X crapware storm brewing

Christian Berger
Silver badge

Re: Haven't had Java or Adobe Reader for 2+ years and no problems.

To be honest, so far Acrobat Reader seems to be one of the worst PDF readers out there as it has all the features you don't want to have.

Java... well... It just seems like most software coded in Java is rather messy and complex stuff. Kinda like all those uncounted Windows applications which do 20 things really badly. There are a few exceptions, mostly academical software which could have been implemented in portable C more easily, but the professor somehow believed that Java had a future.

3
4

Broadband routers: SOHOpeless and vendors don't care

Christian Berger
Silver badge

Re: Advice?

Well OpenWRT probably is somewhat more secure than Cisco and easier to administrate.

If you want to have some rather secure "consumer router" look into the Fritz!Box line. Those are expensive, but the manufacturer actually makes their own firmware. So it's a far cry from those 'skin the firmware from the chipset manufacturer you got 2 years ago' you get from other vendors.

0
0

How does a global corporation switch to IP Voice?

Christian Berger
Silver badge

Re: Director Global Marketing @UnifyCo

Seriously, if you have to ask that question, you should re-consider your decision for that product. On state of the art products such trunks shouldn't cost anything.

The probable reason they cost something is that the PBX doesn't speak normal SIP, but some sort of rather odd dialect of it which probably even requires quite a lot of configuration to get it running enough so the customer lets you go home.

We have at least one customers who has such a "big vendor" system which the vendor couldn't get running. They switched VAR and got one to install a custom Asterisk-Server which would translate between their really weird SIP and normal SIP.

0
0
Christian Berger
Silver badge

Actually the good systems are perfectly interoperable, it's just the bad systems that don't play with the rest.

0
0
Christian Berger
Silver badge

The more sensible howto

1. Learn your stuff: SIP is rather complicated and you need to be able to debug it. A quick glance at a pcap of a failed call with Wireshark can turn a week of waiting in vendor hotlines to a 10 minute quick fix.

2. Avoid solutions where you don't get the manual: Those solutions will likely be installed/configured by sales droids with no clue of what they are doing.

3. Plan to swap systems on the fly: 90% of the equipment and software in that are is absolute garbage, 10% kinda work to some degree. There is no correlation of quality and size of the company. So try to keep your systems interoperable and try to have small subsystems.

4. Try to avoid vendor traps: If possible avoid the "unified communications" area. You will be able to replicate most of the functionality with simple soft clients (e.g. Linphone) and voice mail to e-mail.

5. Price does not correlate to quality: There are hugely expensive solutions which simply won't work, but there are cheap solutions which work perfectly fine and reliably. Typically most systems using an Asterisk or Freeswitch server as their core work, or can be made to work with moderate effort, even under highly unusual situations.

6. Avoid "forced certifications": If your vendor demands that only use certified other components/carriers something is fishy. SIP is a complicated protocol, but usually everything just works. Certifications are usually just there to check for that. If your vendor demands certification, it's likely they speak an overly obscure dialect of SIP which will cause problems without end. Good vendors give you free or cheap methods to try out your setup before you finally commit.

If you act sensibly and avoid the traps you will end up with a system which can grow and adapt to the needs of your organisation. If you just buy the "unified" solution from your large "trustworthy partner" you will end up with a pile of toxic waste troubling you even further than web applications built for IE6. (yes 2 of the "avoid at all cost" companies have been mentioned in the article)

3
0

CONFIRMED: Tiny Windows Server is on the way

Christian Berger
Silver badge

Re: What's tiny?

You have heard of the original MSN, haven't you?

It sent a list of all your directories to Microsoft. If it wasn't for the FOSS-movement and the Internet, we'd now be stuck with Microsoft provided set top boxes which would provide us with "interactive television" instead of the Internet.

In fact now Microsoft actually _fixes_ bugs. This would have been unheard of before Linux became popular. They even did internal code reviews.

We do have it better now than in the 1990s. Most hardware now supports Linux or some BSD. We do have so much FOSS that some developers are already looking at wasting their time and efforts for pointless projects. Even the most complex pieces of software, browsers, are now mostly open source.

Yes there's still a lot to be done in mobile devices, but even there you can get rid of Google or Apple and run at least quite a bit of FOSS by installing ReplicantDroid.

10
11
Christian Berger
Silver badge

What's tiny?

Considering you can still get tmsrtbt a Linux distribution which is great for imaging hard disks, which boots of a single floppy disk, or you can get a small version of MS-Dos 6.22 and Windows 3.x onto a floppy disk, what does Microsoft consider tiny?

Also the Register should make an article about all those broken promises from Microsoft. Anybody remember Windows 95? That was supposed to be and even marketed as having no more MS-Dos below.

4
14

Cisco offers carriers adware-as-a-service for fun and profit

Christian Berger
Silver badge

This shouldn't be legal

If this is legal, we urgently need to change our laws.

0
0

Nokia boss smashes net neutrality activists

Christian Berger
Silver badge

If a packet gets delayed or dropped because of congestion...

... the ISP didn't do their job. I pay my ISP so that their network won't be utilized more than about 50%. That's what I'm paying my ISP for. If they cannot guarantee that, they should stop making overinflated claims about their bandwidth.

ISPs aren't soup kitchens, I pay them for a service and they are supposed to provide that service.

After all there are standards on how high the percentage of phone calls going through a phone network have to be.

0
0

$250K: That's what Lenovo earned to RAT YOU OUT with Superfish

Christian Berger
Silver badge

Re: Just goes to show....

I recently also had that kind of moment when I realized some Apple Laptops support Coreboot, but then again Apple hardware doesn't last long enough to get infected by malware. ;)

1
5
Christian Berger
Silver badge

The problem is that Lenovo kinda was one of the last remaining "professional" laptop manufacturers. And they are working hard on stopping that.

Another example is them using TPM to rid you of the possibility to replace their UEFI crap with Coreboot:

http://patrick.georgi-clan.de/2015/02/17/intel-boot-guard/

That effectively means you cannot get rid of potential UEFI malware.

4
1

Telly behemoths: Does size matter?

Christian Berger
Silver badge

Hiding your TV in the cabinet...

... is still common in Germany where we had such cabinets:

http://youtu.be/IIljr5qbwrI?t=2m19s

The cabinets are still there though the TVs are now more modern.

0
0

Google open-sources HTTP/2-based RPC framework

Christian Berger
Silver badge

I don't quite see where the improvement is supposed to be

I mean we already have HTTP as a stateless "get your objects" protocol. Just remove the bugs like cookies and wrap it in TLS or its successor.

For web applications we already have Websocket which provides authentication and session handling. You have a consistent connection which is hard to break into even when not encrypted.

Where is the advantage of switching to an, apparently, much more complex protocol? HTTP already achieves very well performance. And in situations where HTTP performs badly, at least the SPDY I've heard of performed even worse. (low latency, high packet loss, 100 second round trip times are not uncommon on German mobile networks)

The disadvantages are clear. A more complex protocol needs more complex code which contains more bugs. Also a more complex protocol might have protocol bugs hidden inside, bugs you cannot fix in your implementation and you will need to support for ever and ever.

1
0

Forums