1673 posts • joined 15 Mar 2007
Sadly what I think is needed are new liability laws that make software and device manufacturers liable for failing to fix disclosed bugs in a reasonable time scale and for, say, five years after the device was on sale.
I'm looking at, for example you HTC, for your crappy phones with little or no updates, and you, most phone networks, who add all sorts of crapware and then don't pass on any underlying OS bug-fixes because of that.
And also without causing endless trouble for users by the fix being incompatible and needing a "factory reset". I mean, come on Android (and others) you are using an underlying OS that already supports modular updates and bug fixes (and has done for years and years). Why, oh why, can't you use that mechanism?
Re: the header bar.
Sadly all GUI developers seem to be suffering the same syphilitic brain problem of removing anything and everything of use, and hiding the remaining features in stupid non-obvious places.
Desktop morons abound (Gnome 3, to a large extent Unity, Win8 TIFKAM).
Web browser morons abound (Firefox, Chrome, etc all removing menus and options that you might actually want to use).
Cloud services buggering around the same way, like Google's docs, etc, having things make more Fisher-Price and hiding them behind icons that mean nothing (WTF is the matrix of squares that now pops up the other services supposed to represent?)
A pox on them all :(
Re: Whither Windows?
XP in a VM is isolated from underlying changes to hardware or, by and large, to the host operating system. You could use Win7/8 or any one of a range of Linux distros, depending on your use-case and licensing costs, etc.
In my experience the XP VM runs as well, if not better, under Linux as natively (intensive graphics aside) and you can save & restore from backup in minutes if corrupted. You can also have several VM, each with different software that won't play happy together, and run the one you need at a given time.
As such, you can also run RAID on the host machine for better availability, etc, and the workings of that need not concern the VM, it just sees the virtual disk as a file stored somewhere.
As for time, skill, etc, needed, well this is El Reg and folk here are discussing how they choose to solve things. If you don't know then find someone who can advise and implement, and pay them for it. Simplez!
Re: @Paul Crawford AC 14:28
"tied to the MAC of the network card in said computer"
In that case a VM of XP might be your saving, as you can then assign a MAC address matching the original card to it. Of course, if it used other hardware factors (e.g. C: drive serial number, etc) that may not work, but it is well worth trying.
While I can't speak for the AC above, my own reasons for sticking with "old software" vary, in some cases the cost is sometimes just not worth it when it is hardly used and/or not business critical.
But more often it is not the "few thousand" for a new copy/license, it is the years of work and business processes that are disrupted by the new version being different in subtle through to bloody annoying ways. That can cost WAY more than the new version would.
Also the node-locking may not be tied to the physical machine, more likely it is a parallel port dongle on an XP box that serves the software (like one of my CAD packages). A new PC with an additional parallel port card may solve hardware failures with much less disruption than a complete change, but moving from W2k/XP could be far more difficult.
Re: "won't be able to hang onto the past much longer"
My own choice is to run XP in a VM and then it need not have full, if any, internet access.
The host machine can be your choice of course, but mine is Linux for a range of reasons. Without wanting to start yet another pointless OS willy-waving contest, my own reasons are freedom (both as in speech and as in beer) and the far smaller number of attacks. Most of the stuff I need runs fine (email & web, compilers, etc) and the Windows-specific stuff can stay in the VM.
Should the VM get hosed, then it is deleted and the backup uncompressed in minutes. Should my host hardware change, well the VM need not care and mostly the recent Linux distros "just work".
Sure it is not perfect, and unskilled staff need training to master the "two computers in one" setup, but then if you change from XP to Win 7 (or God forbid Win 8's TIFKAM) then you have a lot of training as well to deal with anyway.
Re: Bollocks, say I.
Of course, with a suitably fitted tin-foil hat, I could postulate that Intel CPUs keep a cache of recent AES keys that can be accessed by some secret instructions so that user code can reveal them in a way that software implementations of AES could not.
You would need native code execution to exploit this, of course, which is hard to do outside of a few US-friendly suppliers of, for example, web browsers. Oh yes, there is Adobe Flash after all on some 90% of machines...
Bollocks, say I.
"AES is an official American encryption standard"
You seem to have forgotten the part where it was created by Belgian cryptographers and subject to estensive world-wide analysis before being adopted. That is how it should be (but not always Belgian, unless we are looking at a two-horse race with the Swiss for chocolate).
If you were pointing at the dodgy elliptical curve standard, or the secret Intel random number generator, then you would have a valid point...
"getting caught was the issue"
I beg to differ here.
We know the NSA, GCHQ, etc, are spies, that is their jobs. And if they occasionally asked for secret 'favours' of big companies in their home lands we would not be terribly surprised either, nor be calling for action.
No the big point here, and I mean BIG POINT, is the sheer scale of their involvement and apparent contempt for the spirit of the law (even if they can wriggle out of prosecution).
Basically they treat us all as criminals and have weakened or subverted the very standards that were supposed to protect us. It time we are sure to find organised crime, or other nations, using those same flaws against us.
It is good to see IBM and other major US companies taking a multi-billion dollar hammering, as money sadly is only thing that seems to make politicians act these days.
I can see the efficiency of block level sync, and ZFS support replication using the same principles, but my own paranoia is that a software/firmware bug on one that trashes file systems is then block-replicated to another much as RAID would do between disks.
While that is a low probability, it still makes me happier with the option of making snapshots and syncing the file system across. Of course, no gain if you are using a block-style access (iSCSI or raw database sort of thing).
Re: Synology Issues
It is odd to see how a NAS could break the disk short of a major overheat.
However, I have had a number of 1TB Samsung HDD die on me, typically they would go off-line (SATA time-out, even SMART not showing status) and need a power cycle reset then come back with all data OK, but the up-time was getting shorter and shorter so I swapped them for other HDD and let the RAID rebuilds deal with it.
Re: Too late
"In the end they got Vista more-or-less working properly"
Yes, and then they sold it as Windows 7 rather than upgrading the poor suckers who had been visted.
You seem to be mistaking stealing, where you deprive the owner of their property (a criminal act), with copyright infringement, where an unauthorised copy is made but the original is still there (a civil act).
You also seem not to have comprehended that this was about saving a copy of a video stream that, I am guessing, you already paid for. So it is not even depriving the copyright holder of revenue, but simply doing what is perfectly legal in other cases (see the judgement(s) in respect to the original VCR use) and what most people see as "fair use".
That "three line post" is but a continuation of the same tedious vague claims made by (most probably) the same AC over and over again.
Just as tedious as those who claim Linux in invincible to every Windows hole found.
Re: admin admin
Most folk are not El Reg readers, they just buy some modem thingy from the local store and plug it and it just works! Great!
Of course, no Wi-Fi password and default admin log-in, but why make it hard for your users then would have to support them?
Re: @ AC 14:14
Ah yes, a report from 2010 is conclusive evidence of Linux vs Windows today?
And did you actually read it?
"But should be the out-of-date Linux server the only reason of this huge amount of defacements?
Yes and no.
We were talking about local kernel exploits, but the first problem is in the website code. For example, we received too many single defacements due a remote upload flaw in OsCommerce CMS, that allows the defacers to upload anything to the CMS folder without a proper credential check. When this flaw became public, the developers had a too much time to fix it, but the fix appeared few months later. Pity.
Year after year, the developers are still coding by an unsafely, keeping tons of the remote and local file inclusion and the SQL injections, that the attackers use as the first step to gain the access into the server OS."
That read to me as if the web developers and tools are the biggest part in such attacks. But hey, you don't care when having a good rant?
True, 1080 is not that much, but:
(A) This is a £340-ish thing, not a near £1k ultrabook with piss-poor 900 lines.
(B) There is very little above 1080, some monitors have 1200/1440/1600 but cost £300/500/1000 sort of price for the monitor alone.
Overall I am impressed by this and can see it suiting a range of folk for basic computing needs, particularly for the likes of my elderly parents for whom even a 15" wide screen laptop display is simply too small, and for whom paying >£1k for a 17" laptop is just not on.
At this sort of size it is not just a fondle, more of an orgyslab...
Re: More is not enough!
None of your new-fangled pentodes, sir! We want triodes, and bright emitter ones at that!
Re: "refocus on its traditional markets."
I was in PC World recently (UK box shifter of computer & TVs etc) and noticed that there was about 3 times as many customers looking at the range of Apple & Android devices as were looking at Windows laptops, even though the latter has over twice the space allocated to it.
Of course, that may not match actual sales.
Have an up-vote for "Tiles 8.11 for fondlegroups"
Re: "Dueling Banjos played on bagpipes is bloody brilliant!"
The Ride of the Valkyries played on banjos - now that was scary!
Re: Legal liability
I hope this is picked up in the USA as they have class-action lawsuits to make it worth while for the lawyers to go after them for compensation.
Sadly the worst likely to happen here is a ICO slap on the wrists. I hoped the BBC and so on would cover it on national TV, that would be fitting punishment for the company - to have its amoral behaviour aired the way its customers where being aired.
Re: So what?
Better than the goatse one they almost chose for the London Olympics:
Re: "THat it doesn't work with ARM"
I think this is the point of the cynicism. MS so much want people to support WindowsRT and then can't be arsed to do it themselves, that says a lot.
Don't buy Cisco, Extreme, 3Com, HP, or Intel gear.
Really, they gouge you on everything they can, to the extent of locking out rival SFP units "because they can":
If they had a supported list that included any rival's products then you might have believed the quality assurance bullsh*t...
The point is?
Really, when the US gov can ask in secret for the data and pretty much compel any US-related business to comply, what is the point in them huffing and puffing and putting in SSL links that, most likely, use a certificate that is from a potentially compromised issuer?
The issue behind all of this is judicial oversight, or more precisely the lack of. We, the public, should expect privacy unless there is "probable cause" for investigation, and that should be properly signed off by a judge after considering the supporting evidence and not rubber-stamped en mass and in secret.
Fix that, USA, and maybe some trust will return. Until then everyone should treat all USA-based companies as fundamentally compromised.
Do they also allow you to export all your data on to HDDs to move to another provider if needed?
To add I that used: https://www.ssllabs.com/ssltest/index.html
I tried online-business.bankofscotland.co.uk and while it got an "A" overall as it used 256-bit AES on modern browsers, it also got this:
"This site supports only older protocol versions, but not the most recent and more secure TLS 1.2"
Looking further, it lacked both 1.1 and 1.2 so no BEAST attack mitigation.
Re: AC 09:45
"You're posting AC, why not just name it?"
They did - read the title of their post.
Oh yes, as a USA company Oracle promise not to share your data secretly and this "may meet regulatory or end-user requirements".
Except of course they have to or executives will face jail time, even if it is hosted in Canada.
Using a VM is a good solution as long as you only need "standard" I/O such as serial ports (on normal Baud rates) or parallel.
If you have any special I/O cards, or rely on something odd in the settings of normal I/O (as I found trying a non-standard Baud rate that the UART chip should support) you are likely out of luck with a VM.
Re: Good Idea!
"I run Windows 7 Pro' 64-bit. It has a 32-bit Windows XP VM to run all that stuff, no further development required"
And what happens to your XP VM come April 2014? Oh yes it goes out of support so no more bug-fixes for the same flawed code that later Windows share. How well protected is your 64-bit system from malware in the 32-bit VM?
Can we have a new 32-bit Windows that is supported?
One that supports 16-bit applications?
One that supports older 32-bit drivers for legacy hardware?
Oh, you just told us that is a waste of space...
Re: Listen to the money men...
That depends on whether you want to make money, and on the time-scale you are interested in.
Re: Good Idea!
"let's drop the waste of space 32-bit versions"
What, you mean the only version that can run legacy 16-bit software that a few businesses actually need?
Oh well, they might as well let those companies invest in dosemu on Linux to get continued support.
Good luck to them.
Here is hoping they provide what the customer wants.
And that customer is the one buying the machine, not the advertisers and other business hang-ons that have made the new Xbox-one and PS4 such shitty options.
It is not a "tiny issue in the grand scheme" if you have to support users who find printing broken after each update, and it is symptomatic of an organisation that, because it is not on their patch, don't care.
But what is most irritating is not them getting the paper size wrong on fresh install, but that each update REVERTS MY BLOODY CHOICE! That is an MS-level of arrogance, to reset my settings without asking me, and for that they deserve a serious bollocking.
Re: What has Mozilla done though?
Not fixing the default-to-US-letter paper bug for over a decade perhaps:
Because the 90% of the world that is not the USA is not important to them?
My sister got an "upgrade" to a separate white ADSL router and black hub/wi-fi point and it is utter rubbish. Often it fails to boot properly (left instructions about how to power cycle the damn thing in sequence to get it working, as they are not technical) and frequently drops both wi-fi and wired Ethernet for no obvious reason.
And while we are ranting about BT Internet's incompetence, twice they have changed the log-in settings for email and given fu*k-all notification of the change, and in the recent case (couple of weeks ago) their web site still had the old=wrong settings on it, only found out from a Thunderbird forum post what was up.
In summary, a bunch of useless idiots with more money & influence than they deserve.
That really is the issue - the x86 Surface Pro makes some sense for business users and others with portable windows needs, you can run most software on it.
But Windows RT has some really annoying limitations beyond what MS give you, and that is what they don't give you. In particular, that mere mortals can't produce desktop-style apps, but MS have that right for IE11 & Office.
Furthermore, you have to *pay* MS to sell your software via the app store, no direct sale/downloads like you can for x86 Windows.
So really, if you want a slick fondleslab look to the IPad (or cheaper & often nastier Android ones) or pony up for the x86 Surface and get proper Windows support.
Re: Still don't see any reasons to buy it
I think you will find "The Register" is not a monolithic Borg, but an outlet for a number of journalists with a varying range of personal opinions.
Yes, I gues.
I am not a software scientist by training but have ended up programming in C (mostly) to solve difficult problems, not necessarily NP-hard, but not easy for the affordable hardware of the time.
Most success came from starting with a good book, in particular Numerical Recipes, and timing where things were held up, for example using the profiling tools that come with, for example Visual Studio.
However, in a number of cases I resorted to approximating the problem or allowing sub-optimum solutions because it was good enough for the system requirements and sometimes vastly faster.
E.g. I once reduced the processing time of some software that re-projected (warped) an image by implementing my own task-aware cache rather than using the DOS/Windows95 FAT system's own one. Today you don't see file systems that inefficient in common use, and memory is plenty big enough just to load the whole source image in to memory for random access, but original case was ~100MB file in the days when you might have 16MB RAM in a PC.
Re: @Alan Brown
Parity & RAID is a bet, based on the probability of multiple failures occurring at once. The quoted figures you get for availability are based on the assumption of statistically independent failures.
We all know that is bollocks, of course. As HDD are often from the same batch so may suffer manufacturing defects, and failure can be provoked by events such as fan failure, PSU surges, etc, that are common to the array.
So RAID != Backup and never forget that!
The trade off with going to triple parity depends on your work load and the CPU/controller, etc, but often it demands larger stripes to be efficient but that in turn hammers the IOPS capability. You can get a lot of that back with SSD for journals/ZFS Intent Log use though.
In most cases you get one failure and then others croak when the load of a rebuild kicks in, in that case double parity is a great help.
But you also get an array being powered off after years of use and a number of HDD just giving up the ghost and not spinning up, at that point you really are looking at a new array and restoring from backup :(
Re: Object size & protection?
That was my figure of 1.2 times (or thereabouts), say 6 disk for 5 disk's capacity = 6/5 = 1.2 or with double parity and more disks per stripe 12/10.
Always go double parity if you can, and scrub periodically, as a HDD-failure RAID rebuild is when the trouble starts!
Object size & protection?
I am guessing they don't consider data object bigger than a single HDD then?
Presumably the protection against HDD failure is now based on object duplication, so a 2 times storage penalty, rather then something like RAID-5/6 or RAID-Z2 where you get a 1.2 sort of penalty?
Re: More efficient than the BBC then
No, you don't need a TV licence to watch Internet streamed video. Or to buy/rent DVDs, funnily enough...
Re: "Ad lobby group, IAB Europe, bemoaned the committee's amendments"
It is sad to see someone believe that "the promotion of innovation and growth" comes from whoring your customers from port to port, rather than developing things people actually need or want to pay for.
"a proper version of Office too"
Er no. Not if you have VB-heavy business stuff based on years of painful Office-based development, which is a big point for corporate users.
Still, aside from the debate about the fundamental usefulness of WinRT, at least Nokia is offering something that looks a viable competitor in battery life, price, etc.
- Hi-torque tank engines: EXTREME car hacking with The Register
- Review What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
- Product round-up Trousers down for six of the best affordable Androids
- Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
- Product round-up Ten excellent FREE PC apps to brighten your Windows