Posts by Vic

Re: Patient? What patient?

here does also appear to be a significant problem with "assuming that all will go well, all the time".

That's a standard beginners' programming error; writing the straight-through case without bothering to think about all the ways it could fail.

The issue, as ever, is that they've put too many crap coders onto the job; any experienced hands looking to complete the job will be ignored (usually dismissed as "being negative").

And it's not going to change, becuase those with the power to change have become accustomed to doing everything open-loop, and experience insufficient pain when it all goes wrong...

Vic.

Re: work with the FBI

NTSB is the exception. So far as I can tell they are the only federal agency with an agenda. Which is why they are some times asked to help in other crashes in other countries.

This is not true - for aviation, at any rate. I believe other transportation systems use very similar rules

The rules under which the accident investigation unit of any country can be involved in any investigation are laid down in Annex 13 to the Convention on International Civil Aviation. Essentially, all countries have the right to be involved in an investigation if any significant part of the aircraft is built, used, or registered within their territory.

I was at the AAIB in Farnborough on Wednesday. They told us about an Russian crash they had investigated - because the aircraft was registered in British Overseas Territories. The pilot had a hooky licence - and the subsequent Russian investigation turned up an additional 81 such licences...

Vic.

Re: Cocoon

'Hitchhikers Guide to the Galaxy' begins with the destruction of the earth by a mindless bureaucracy undertaking a useless project

...Except it doesn't.

Read a little further, and you find out that it's actually a corrupt trade protection lobby that's set up the project to masquerade as useless...

Vic.

Re: Iupiter salva reginam

beer, because no hot water with a dash of milk icon

Haven't you discovered tea yet, then?

Vic.

Re: Silver Bullet

Heap overrun exploits.

You've mentioned this a couple of times; I still don't see the relevance.

To overwrite the PC, you still need to get some data into an area that will be loaded into PC - and that's the return address on the stack. If you should manage to exploit a heap overflow to manipulate the return address on the stack, that address will not match the shadow stack when the RET is executed - so the task will be stopped before it gets to your code. And if you attempt to use that exploit to manipulate the shadow stack, that will generate its own exception, killing the exploit.

Now there might well be issue as yet unrealised in this proposal - but a simple heap exploit wouldn't appear to be it.

Vic.

Re: M$ Loves (non-GPL) Open Source, Because They Hate to Share

From Windows 2000, on M$ has stole non-GPL source code from the world. The first *I* noticed was the TCP/IP stack win Win2k, as well as tons of other binaries. Just go into any C:\Windows\system32\ dir and do a "findstr 'Berkeley' "

That's not stealing. That's what the BSD licence allows you to do. BSD developers specifically promote this behaviour - it's the root of all the "GPL vs. BSD licence" arguments.

Vic.

Re: "An executable file type"

Which is how you can suborn unix servers by replacing binary stuff in /bin and /sbin with malicious kiddie scripts.

If you can replace the executables in /bin and /sbin, you've already got full control over that box.

but who routinely checks the stuff in /bin to see if the content has changed against some baseline?

Many of us. It's trivially easy to get a full check automatically using find /bin -exec rpm -qf {} \; | sort | uniq | xargs rpm -V . That sort of thing can even be scripted if it's considered important...

Vic.

Re: BITS is not "fooled"

Just get into the habit of setting up PXE-based WDS or SCCM and standardised images so you can just wipe out a machine with F12 and a password, and put it back to a known-good state

That's all very well if you're in a sufficiently-organised situation, but that's not always the case.

I frequently used to get called out to fix machines which were running LOB software. There were no install disks. There were no licence keys. Backups? You're having a laugh. So nuking it from orbit simply wasn't an option - they would have been unable to carry on working.

Now it's all too easy to say that they brought it on themselves, etc. But that doesn't get the machine running again, and that's all they cared about. They'd accept the discussion afterwards about how to prevent such a problem in the future - but nothing ever sank in.

I had hoped my (substantial) charges for a dung-out would be sufficient motivation to get things on an even keel later - this proved to be a forlorn hope.

Vic.

Re: Everybody loves the consititon except for this or that amendment

In that case the 2nd amendment must also be interpreted literally. The right to keep and bear arms, thermonuclear or otherwise, shall not be infringed

If we're being literal, in order to bear arms, you've got to be able to lift them...

Vic.

Re: Meanwhile ...

Coral bleaches when the water it’s in is too warm for too long

This is misleading; temperatire is not the only thing that causes coral bleaching.

A mate of mine was amongst the first people to dive Bikini Atoll when it started to open up. This is an interesting place - the devastation of the nuclear tests is long past, but it has been protected from local human activity ever since. Thus the water temperatures are much as you would expect from the latitude, but the pollution level is very much lower.

When the Atoll was opened up, there was almost no coral bleaching whatsoever, despite the raised temperatures. The conclusion drawn was that coral bleaching is also caused by local polllution, and this effect may well be far more significant than that of raised temperature (as it is at Bikini).

Vic.

It's effectively turning beat cops into Judge Dredd

Not so.

Dredd might have been brutal, but he knew the law and upheld it...

Vic.

Re: GPL?

Correct me if I'm wrong

OK - you're wrong. Sorry...

since Android is Linux-based, wouldn't Android have to stay open source to not be in violation of the GNU Public License (GPL)?

Android is based on the Linux kernel, so - unless they change the kernel - that bit must remain GPLv2.

But the rest of the Android system - i.e. all the userspace stuff - is what's known as a "mere aggregation", and is not covered by the kernel licence; each application can have its own licence. AIUI, substantially all the userspace is Apache-licenced, so Google are under no obligation to supply any source to that at all.

Vic.

Re: All the visa applications (@ jonfr)

the 'visa for tourists' argument doesn't make any sense.

That doesn't mean it wouldn't happen, of course...

I've been listening to various members of the Exit camp on the radio over the last few days, and I have noticed one remarkable thing: whenever confronted with a potential problem due to leaving the EU, they carefully and patiently lay out a clear argument that the problem would not occur because that would involve the EU being entirely unreasonable.

And yet, just a few seconds previously, they also made the point that we should get out of the EU becuase it does behave unreasonably...

Vic.

Re: No True Scotsman

Problem is that Agile doesn't work

Agile *can* work.

The problem is that far too many "agile" developments are simply bullshit dressed up as Agile.

If anyone ever tell you that you don't need requirement capture - that's not Agile.

If anyone tells you that you don't need a spec - again, not Agile.

Documentation? Agile requires it.

In fact, there is really only one difference between Waterfall[1] and Agile - and that is that Agile expects the spec to change during the lifetime of the project. That's it - all this bullshit about not testing or documenting are nothing whatsoever to do with Agile. But someone will still pretend it is...

Vic.

[1] This is not true; the original Benington paper describing the Waterfall process had feedback loops in it - meaning *real* Waterfall and *real* Agile are essentially identical. But the Waterfall process is frequently misrepresented as well...

If you get an arsehole threatening disputes tribunal it's just cheaper to pay them to fuck off.

It might be cheaper, but that;'s not always the right choice.

A few years ago, a mate of mine got taken to the Small Claims Court by osme complete numpty who even made the statement on his filing that it would be cheaper to pay up and not fight. My friend, being an arsey bugger at times, was having precisely none of that.

The case went to court - I went along as a "witness", although in truth I had basically prepared the defence. Numpty-boy pissed off the judge so much, he dismissed the case, refused leave to appeal, and then turned to us to ask us if we wanted to claim expenses[1] :-)

Vic.

[1] Expenses aren't much - we were allowed to claim £50 each per day, which was awarded. It was never paid - too much hassle to follow it up, frankly. But I did enjoy this guy getting his come-uppance...

Re: I was walking down the street one day

with a diamond tipped extendible umbrella drill

It wouldn't be the first time I've installed a Vampire Tap...

Vic.

Re: "The solution, I believe, is reform of the voting system "

People get the government they deserve.

This doesn't appear to be true. We get a choice of n numpties, all of whom will become data fetishists as soon as they achieve power, whatever they might have said beforehand...

Vic.

Re: A few observations

They Tory's only ideological guiding principle is power.

It's not just the Tories...

Vic.

Re: What about oil production?

when the price of Diesel reaches 15kr/l

That's £1.27 per litre. It was £1.23 at the filling station I visited yesterday...

Vic.

Re: the member is in congress

I never know whether that phrase means "the member of the US congress is the parliament" or "the penis is undertaking sexual intercourse"

Never, ever attempt to help your uncle Jack off a horse...

Vic.

Re: damn

8 years of virtual political deadlock.

And you want that?

Political deadlock, against Theresa May getting her way?

I'll go for the deadlock, thanks.

Vic.

Re: Pricing

Though the HSCIC assumes you are going to load a 4-million row CSV file into Wordpad or use Excel pivot table

Who needs Excel when you've got Perl-DBI?

:-)

Vic.

Maybe they'll print out little cards with our RowID on

Maybe we could call them ID Cards

That's a dreadful idea, and the populace has spoken. We do not want ID cards.

What they'll do is to print out a little card with your Primary Key on it, and this will be known as a Government Key Card, for obvious reasons. And that's so much better...

Vic.

Re: Good. Serve's 'em right.

If you accept money in exchange for taking a passenger, that is the very definition of Commerce

Not exactly. As a Private Pilot, you are allowed to accept certain contributions to the cost of the flight; under CAA auspices, that almost always[1] means an equal share of the costs of the flight - which is perfectly reasonable, IMO.

A Commercial Pilot is required to have certain qualifications & certifications, not the least of which is the proper insurance

A Private Pilot also has insurance. My home airfield requires a minimum of £5M cover to be allowed to land out-of-hours[2].

I'm glad FlyteNow & the rest of their ilk are getting slapped down right now.

I don't actually know what they've been up to - their blog seems to say they operate in much the same way as I do. But I think you're rather mis-characterising what a PPL is allowed to do...

Vic.

[1] There was some movement in this last year to allo, for example, very expensive classic aircraft to charge a reasonable wear-and-tear rate; it's a bit much to spend several million quid a year to keep a warbird airwirthy, but then only be able to receive an equal share of the fuel cost for a flight. Again - this is entirely reasonable.

[2] As I get the insurance from the airfield, it's sufficient :-)

Re: Why carry on sending spam?

If it bounces (with unknown address style bounce) they assume email address dead & remove it from their spamming database.

This does not happen.

I get bounces in my maillog. The errors are basic typos in genuine email addresses for my domain - and they are the same typos that have been attempted for about a decade now.

These attempts bounce - they have never been valid addresses for this domain. They continue to be tried...

Vic.

Re: AC Itanic is right!

I can't possibly upvote a Matt Bryant comment.

Sooner or later, it happens to us all...

Vic.

Re: Was FAT32 part of the deal?

(I managed 1Tb, have not yet tried bugger)

That really is too much information...

Vic.

Re: What's a couple of hundred meters between friends?

Which is the same reason why geothermal plants aren't worth building

Well, the Southampton plant seems to be doing quite well.

Vic.

Re: Unsurprised

their automation can result in a huge improvement in quality of life to the disabled or elderly.

Even if we accept your point - is this the target demographic? Or are they actually being marketed to the young and able?

Vic.

Re: Storing passwords that can be decrypted...

I will ROFLMAO if we find out it's built using something like WordPress.

DotNetNuke...

Vic.

Re: You are free to do as we tell you

going back to cooking beans with a bicycle-powered hair dryer.

I thought that was an egg...

Vic.

Re: Uninteresting, but simple test...

Just put a brand new machine on a publicly available (exposed) IP address, and wait. See how long it takes a "brand new" machine to become taken over.

For many years, Russell Coker put the address of his machine on his website, along with the root password. Yes, you could SSH in as root.

It's gone now, but AFAIK no-one ever managed to do anything nefarious with it...

Vic.

Re: Over reach.

the fact is that a large number of people were arguing he was both trivialising and and being revisionist about that period of history.

Indeed. And quite a few people were offended, schocked, and disturbed by what he said.

So now we have a definition of hate speech that includes "...but also to those that offend, shock or disturb the State or any sector of the population"

Which makes Ken's words into Hate Speech - whether he was speaking the truth or not[1].

having such broad language in one's definition of "hate speech" runs the risk of catching language such as that used by Ken Livingston. The point I am making is that this probably a BAD THING.

Absolutely agreed.

Vic.

[1] I've no idea if he was right or wrong. I don't have a lot of time for Ken Livingstone, and rarely listen to a word he says these days...

Re: Hopefully Brexit...

No they did NOT join the EU

Yes, we did. We signed the Maastricht Treaty in 1992.

they voted to join a non political Common Market.

Ah - yes, the populace only ever agreed to join the EEC - but since when did the UK Government do what its people want?

Vic.

This CAD package is heavily tied to MFC - and they have stated that migrating to Linux will require a complete application rewrite.

Beware of hyperbole :-)

Whilst a port away from MFC will require significant re-work, if it needs a "complete re-write", then the implication is that the underlying code is somewhat confused; if MFC pervades all the non-Windows-specific bits, then we have to consider whether appropriate abstraction was used during development. This isn't a good place to be...

Do you know the developers of this application? Such a port is the sort of thing many would-be FOSS developers would be happy to get their teeth into...

Vic.