1188 posts • joined Wednesday 28th March 2007 16:25 GMT
The people who aren't smart enough to encrypt and anonymise their communications and verify their peers - they're not going to be any more a threat to national security than the local nutter on the bus.
Sorry, but if you did your job properly, spy agencies, you wouldn't need to know this sort of stuff anyway. Why bother chasing ISPs for logs of attempted connections that can be obscured, proxied and whatever-else when you could just plant a bug on your target's machine or stick a camera / agent in his house? If you suspect, say, a GMail account to be linked to terrorism, they you could just subpoena Google to reveal the access details. It won't help much anyway. What, precisely, do you think blanket sniffing of connection attempts (not even connection data!) will actually achieve and why do you think you need to do that without a warrant?
It's sad that GCHQ has deteriorated in modern years given it basically invented modern computing and encryption, especially when that's by not understanding that encryption itself defeats their own purpose. Turing put you, and other country's intelligence agencies, out of work. It's probably the best bit of peacekeeping action every performed during wartime.
I've yet to really see an "OfWhatever" do what it's supposed to do.
They have repeatedly ignored whole swathes of things they should be cracking down on. "Unlimited" broadband? Still see it listed (e.g. on the article on Three today). Can I report unwanted / silent callers to anyone and get a decent response? No.
And when they do act, it's a token slap-on-the-wrist and say-no-more.
A watchdog with no teeth is nothing more than nuisance to everyone.
Re: Conversation with teenagers last week :-
I assure you, they were not. They even quoted their "bible" (whichever one it was) at her. They left the science soon after, too, but whether that was directly related or not is anyone's guess.
Re: and with just a few tweaks (guns/missiles)
Wrong. Read the post I wrote.
It acknowledges packets on the wire (electrically) and then loses them into the void somewhere inside the firmware. People have put USB logic analysers on the task and proven that the RPi hardware responds exactly as instructed, as if it had received the packet successfully - unfortunately, something in the firmware removes the packets before they hit userspace.
I *did* link the git issue reference for a specific reason, and that's people blaming "power" for EVERYTHING wrong with the RPI (I still have an SD card travelling half-way round the world to let Broadcom try to work out why it refuses to boot on the RPi but yet EVERYTHING else sees it fine - that wasn't power either).
P.S. I also use a mains-powered stabilised power supply. If the RPi is pulling 10A on its own with just a single USB device, we have bigger problems than USB!
"Both communicate with the Raspberry Pi over plain old Ethernet."
Because the USB is still flaky for a lot of people with quite ordinary devices (keyboards, mice, USB 3G sticks, etc).
and the SD cards are still having problems too.
Re: I hate to interrupt this valuable talk about THE CHILDREN, but...
I haven't heard of, haven't seen, and don't think there is currently a way to do this. The only existing way was disabled between the Developer Preview and the Release Preview, I think.
If you find one, please forward it to me. Also, if you find a way to get rid of the Start screen entirely, please shout. Methinks the first purchase after Windows 8 stabilises will be a utility to do just that. I, and my employer, will literally PAY for that functionality to be removed. Ironic, isn't it?
But, anyway, times tables by rote went out years ago I believe. Now you just need to be able to calculate it when asked. The emphasis is (was?) put on the speed of calculation, though, so learning-by-rote is the quickest way to instil it into your neurons as a fact. Plus, 90% of calculations you do will be contained within the times tables you were taught to learn by rote. The other 10% are rarer and, thus, the speed of calculation isn't so critical.
More importantly - why did they teach them in decimal, why don't they teach the shortcuts any more ("how do you know if something is divisible by 3?"), why don't they teach them other things than multiplication (division, primitive research on my part would suggest, is infinitely more difficult for people to grasp despite being closely related... and I still maintain that I was NEVER taught long-division formally), etc.?
Re: Conversation with teenagers last week :-
My girlfriend has a doctorate. She was taking a class (not in a school, but a research university) with some biology students. I'm combining several anecdotes into one, but once she had a degree student ask her what a neck was (there was no miscommunication, they did not know the word despite having a degree from an English university in biology).
She's had to explain to post-doc students that, no, you cannot sex a skeleton by the number of ribs (god damn religion!).
She's eternally frustrated at the inability for even post-doc researchers to do a simple cross-multiplication or even try to solve the stated problem another way (the problem was "you have X concentration of fluid A in beaker A, how do you turn it into a Y concentration of fluid A when you have a Z concentration of fluid A in the supply cupboard?" - something that comes up ALL THE TIME when you're doing the job they were doing).
Those are just the "WTF!?" ones that she has to tell me the second she gets home. She had constant battles and eventually avoided any and all teaching (even to post-doc and post-grad researchers in a research lab) to focus on her research and her job. Almost without fail, they are all English students educated in English schools and universities.
Re: Too much added, not enough removed
I think you've mistaken education for employment training. Education isn't there solely to get you a skilled labour job, for instance, but to make your life easier even if you don't use those skills in your job (e.g. working out the APR on a credit card).
In the schools I've worked in, the humanities get little time and attention anyway. Removing it from secondary school would only serve to make the available interests disappear more into Art vs Science for students.
DT is a bit worthless now but I'm not sure that pasta bakes shouldn't be taught. Do you expect only to teach how to make a Sunday Roast and an English Breakfast? Cooking is cooking and provides skills applicable to all meals and - incidentally - introduces students to a large section of international culture, encourages them to try new things, etc. Cooking is not about heating up ingredients until they're brown (which, incidentally, is how I cook and never experiment). I agree that cooking should be more focused - they literally should be expected to cook one meal each a week (unlike the once-per-year that I had), it's such an important part of life and SO many people can't do without a microwave nowadays. And with healthy-eating initiatives, there's REALLY nothing wrong with a good pasta bake compared to the junk the average UK household eats.
You are still taught to wire a plug. It's the other stuff that's gone out of the window (soldering especially!) because of the fecking H&S junk that schools are burdened with (and, incidentally, this is also the cause of the decline of DT which used to be metalwork and woodwork in my father's day, was making a small wooden box and spending months commenting on the design and marketing in my day, and is now making little cardboard toys because they can't use a great deal of tools unsupervised any more). Carpenty, plumbing would come into that if we did it properly, like we used to. Electronics is all-but dead in the average school because nobody knows how to teach it, let alone can fund it and find time for it beyond making a bulb light when you press a switch.
Maths in real-world situations? You don't understand how maths works. You're confusing arithmetic with maths. Arithmetic is for dumbing it down only when they struggle, maths itself is infinitely more than that and a specialism in itself. I'm all for separating off the specialist stuff and having "real-world" maths (i.e. arithmetic and simple physics) but then you have to make that part absolutely compulsory and they don't pass without competency in it (which is a struggle enough in itself).
How would you like it if we said that electronics should only be taught in "real-world situations", like never making a circuit and if you do, you hire a PCB designer and autorouter to do the hard work of making an over-powered, generic chip do all the work in software? That's "real-world" nowadays, because you can't even touch most electronics these days without stupid amounts of specialised equipment (e.g. PoP, SMD, etc.). And, incidentally, without maths your electronics won't work. Even calculating a simple charge-discharge cycle for a simple RC circuit is beyond current students.
Maths is the same - "real-world maths" is adding up and times tables and balancing your chequebook. That's not maths, and if you think it is, you missed the point of shoving maths down your throat for all those years. Real-world maths you could teach in a year - that's what primary school did for me, for instance - and then get onto some real interesting stuff. Trouble is, our kids still can't do their 10 times tables at age 11 currently!
What we need is less spoon-feeding and more teaching, as well as giving you an incentive to learn - in some European countries you DO NOT GRADUATE until you have completed all the basic courses. You will literally spend your teenage years in the first year classes until you pass them, while all your mates move on and laugh at you. This continues through high-school until you are 20 if you're not too bright and they will just keep making you re-take those years. This a) makes you want to learn, b) puts the fear of failure into you, c) makes you worry for job prospects if you're lazy, d) makes sure your classmates aren't held back so you can learn 2+2, e) keeps you busy and thinking rather than languishing at the back of a class you don't understand. Hell, in Italy, the high-schools could fail you and put you back a year because you misbehaved too much during the year or were late (and what perfect incentive to behave and be on time!).
Go to a university. Find a foreign student. Ask about their education. If you don't come away SO relieved at the easy way you went through school compared to them, you should be ashamed.
I was just thinking that.
When I was in primary school, the times tables always went up to 12 x 12. Sometimes it went up to 15 x 15. And it wasn't as simple as just doing them once after just memorising them and then forgetting about it, you had to do the whole times table, using your head, aloud, in front of the class, with zero warning, without hesitating or you were told to sit down. And at regular intervals, those who were still missing certain times tables on their record for that month / term / whatever were rebuked and forced to do them.
This is when I was 8, not 12, in a bog-standard inner-city state primary school. I ended up with a maths degree (despite being regarded as atrociously bad at mental arithmetic at the time - something I now attribute to poor memory and stage-fright more than mathematical capability - but apparently a lot better than most kids these days). We did planets, we did evolution, we did velocity (literally, not just speed), we did experiments, we did apostrophes, we did poetry. And I tell you now, Singapore are going to be yelling at the UK. Suggesting that our standards come ANYWHERE near theirs for general education is ridiculous.
Although any kind of improvement is welcome (yes, current education is JUST THAT BAD in the UK), this is a teensy first step to getting back to where we were, not making great advances. But still parents will moan that their children are being worked too hard. Incidentally, I never had ANY homework when I was in primary school and had only minimal amounts throughout secondary school, so god-knows what they are doing in class now that everyone has hours of government-mandated homework each week and STILL they couldn't even attempt a GCSE Maths paper back from when I was a kid - and even back then, the 60's O-level papers were a sure way to scare the hell out of any child studying for exams because of their HUGELY increased complexity compared to even the 90's papers.
Kids these days LITERALLY don't know how easy they have it.
Re: Well, there's another reason...
OSM has been pretty useless every time I've used it. For years it didn't even have my road in it, and I lived next to the A13 in the middle of a town near a main-line train station. Nor did it have several of the adjoining roads - just one nearby one that someone had obviously driven down while mapping.
This is a road that's been there for many decades, most likely, has its own postcode, is on every satnav and online map I've ever tried and they didn't have a vector for it even existing on the map (not even just an unnamed vector from the associated map). It's there now but for years it just didn't exist on their map (I wasn't bothered about adding it because with such accuracy I just couldn't rely on OSM to actually do anything interesting anyway - certainly nothing that Google Maps didn't do a thousand times better).
Even now, there still a lot of missing information - it actually plots the contents of an obscure village in the middle of Italy better than it does my local town and I can't find my local schools or pub on it anywhere (and the maps suggest that it doesn't know about several roads, houses and other features in that same area - but hey! It's got electricity pylons mapped!).
I honestly can't see how anybody navigates by an OSM map on a regular basis. Sure, it's fine for casual use and it's no problem for a small local map ("Find Us" on a website kinda-thing), but in terms of actually finding somewhere (the postcode search appears completely flummoxed today, but I'm assuming that's just a glitch), locating it using local landmarks, or even finding a particular pub, school or whatever, it's next-to-useless.
By comparison, a TomTom IQ Routes Europe 2Gb map that I refused to update since even before TomTom put in their "now you have to change the map every time you change country while driving through Europe" policy (at least 2-3 years now, probably a lot more) has very minor errors on it (due to new road layouts), has one roundabout that it likes to send you in circles upon (go around the roundabout, go around the roundabout, go around the roundabout, ....) but for which the mapping is correct, and hasn't failed to look up a postcode even in the Highlands or Cornwall and get me to it. I drive 500 miles a week and it's invaluable. Hell, even Google's Navigation app for Andriod does a stupidly good job at things that OSM fails at miserably and that's free (but it does often disagree about the best route with my TomTom but I know from experience the difference is a matter of seconds).
I'm not saying TomTom are perfect either (hell, I'm not buying any more of their devices until this current one dies and they put out models with some kind of map availability guarantee), but OSM are significantly worse. I'd put them at the bottom of the list of any mapping effort, below even things like Google's free apps.
I truly support the "make it ourselves" open-source philosophy of OSM but in terms of actual data, it's still lacking despite a lot of hefty data donations by entire nations. And there just aren't enough users mapping to keep it anywhere near up-to-date.
This is why, by default, you just don't expose things to the Internet unless you absolutely, positively have no other way to achieve your aim.
How long's the bug been there? How long have OTHER people apart from this researcher known about it and just kept quiet?
All made moot by NOT letting mysql bind to the external interface, by firewalling off any port you don't specifically intend to expose to strangers, and by following other basic security practices (such as not letting ANYTHING pass through SQL statements to MySQL without extreme amounts of sanitisation). And, despite what some are saying, MySQL on any half-sensible distro binds only to localhost and you have to specifically change the config to make it do anything else. If your distro doesn't, question why NOW and review your choice of distro.
Strange, really, that this has arisen just as lots of large websites start losing their ENTIRE user databases to hackers, which is a situation, in and of itself, that I find odd. How can any external entity get access to some machine that will allow them to dump entire user tables with hashes? Are they not using an authentication system that is isolated from the front-facing systems and can only return YES/NO answers to them when they provide login details (and thus can only be "attacked" by quite obvious brute-forces and/or an internal agent with access to the authentication network)?
Basic security, people. Limit the attack surface and thus possible access, inputs and responses and you INSTANTLY limit the amount of damage that someone can do (and that they can do unnoticed).
Consider the mathematics:
3 months to supply everyone in one country with a single device. That device may not last two years (Galaxy S2 was announced Feb 2011, Galaxy S3 was announced May 2012) before it breaks, someone replaces it, it's obsolete, people get an upgrade from their contract supplier, etc.
That's actually not that much, because in two year's time you'll only take another 3 months to "supply" everyone in that country all over again. The people who never upgrade will be balanced by those with 2-3 phones, upgrade-frenzy, used devices, broken devices, lost devices, stolen devices etc.
Multiple that up by the 900,000 being *worldwide-sales* and having world-wide amounts of buyers and it's extremely plausible for a popular device. The question is not the number of activations, but the number of active accounts and/or the number of new, unique accounts CREATED only for the activation of an Android device. I'm sure Google know exactly how many people have an Android phone tied to their Google accounts, but they choose to quote *activations* instead. What about deactivations, for instance?
I think the number is very plausible, especially given the amount of people I've seen with an Android phone who don't even know it and a quick glance through even high-street stores like Argos or Carphone Warehouse show that most of their phones are actually Android nowadays. That's not counting things like tablets either (my mum has an Android tablet, for goodness sake).
100m sales tell me that you're in the minority with your opinion and, even despite that, who cares? You don't like it? Don't buy it. I don't come on here and troll every Sony review, for instance, because I don't like them, I just don't buy one.
There's a lot you can do with the second screen but without games already using both screens you wouldn't really know. Hell, it's not hard to imagine an FPS or RPG where your inventory is kept private so you can compete against others in the same room without them knowing what you're about to throw at them. The second-screen worked quite well on the DS, for instance. And seriously, pressing a button to have your character pack the shotgun into your backpack and pull out and load a pistol doesn't break your "immersion"? You're a gamer, through and through.
Nintendo are building consoles NOT FOR YOU. So don't buy them. Meanwhile the 100m (at least) of us who have a Wii in the house will probably be looking at the next version just to play a silly party game once a year with friends (hell, that's the only reason I have a Wii, it's the only physical console of "this" generation that I own, and I've been gaming since the Spectrum).
Not everything is about pixel-perfect shooters. In fact, I can name at least four people in my family who don't play games on anything but the Wii because, and I quote one of them, "all those other games are too fast and need me to do stuff too quickly and I like to look around and work things out rather than have to jump perfectly in a split-second all the time". Sounds like some of us can have fun with the Wii or Wii U, then, and that - after everything is said and done - is all that matters to anyone with a games console.
Hell, I'd probably end up with one when they got to a sensible price just for the semi-annual Christmas / birthday gatherings where friends come over and we end up playing Wii Bowling. This from someone who, personally, has poured 50 hours into the CS:GO beta and considers that merely "casual" gaming for myself.
Re: Did better than I did
It took myself and my boss ten minutes to figure out how to get out of Metro apps without using a keyboard without having to look it up. Ironically, we were testing on a touchscreen PC which is supposed to be the primary focus of Metro. (Hint: Drag from the top of the screen to the bottom where you get ZERO visual indication until you're right near the end that anything will happen).
The experience wasn't all that bad, though. I could see with some modifications and freeware you could basically make it like Windows 7 (which, like its predecessor Vista, we skipped because of said usability / retraining issues) with a proper Start Menu. But that's kinda the point of an OS - to be usable.
The whole Metro thing seems a misguided fad and nothing more than Active Desktop Done Even Worse. There was no need to remove the Start Menu at all and no need to forcibly Metro-ise things. Underneath, it's Windows 7, with no Start Menu option (freeware already exists to reinsert one), and some hideous "Front Page" thing that works like Active Desktop wallpaper did back in 95 (and about as successfully). You can see why you'd want that on a phone or maybe a limited-use tablet but on any PC it's just out of place and damn wrong. My first experiment was to see what happens when you "unpin" all the Metro junk. You end up with a single icon that lets you click to Desktop. Perfect. Now if we could just scrap that (now useless) page entirely, I'll be well chuffed.
Drivers were good, even on the single-DVD preview we didn't have to download anything to get it running on a Windows-7-certified touchscreen PC, speed was good, compatibility was good (I work in schools - we ran a lot of very old educational software from our existing network and it all seemed to be fine). It was all ridiculous interface issues that got in our way (we couldn't actually work out how to get it to let you log in as the same named user on different domains without having to type in the entire domain each time - try teaching that to 6-year-olds, or convincing teachers its necessary. Maybe I'll have to look into a login replacement for that) and nothing that wouldn't be fixable with ten minutes, a large hammer, and standing over a developer at MS. We were expecting an AWFUL lot worse.
I just hope the group policy updates contain an awful lot of options to get rid of the nonsensical junk that pops up and the remaining issues (dunno what that hover-on-the-bottom-right menu that has search, browse, etc. is supposed to do exactly, or the popup about changing default browsers, we want to be able to turn off Metro apps except for ones we authorised on the network, etc.) because we can't really avoid this release.
We've saved literally tens and tens of thousands by skipping Vista and 7 but now it's starting to cost more to support XP in terms of machine support (i.e. try getting it to install on Intel AHCI drivers without a lot of faffing about, large hard drives, touchscreens, lots of Windows-7-only drivers, etc.) than to upgrade. Fortunately, that saved money means the upgrade hardware should be more than powerful enough to cope with anything, so long as we have the actual OPTION to turn off junk we can't get on with - and that spare power and budget can easily be put towards virtualised XP instead if we really struggle to do so.
Metro just joins the list of "In principle: good. MS execution, timing and FORCED use: bad" ideas, alongside Microsoft Bob, Active Desktop, et al.
Maybe the service/food was just rubbish and he didn't want to have a confrontation in a foreign country in a foreign language?
Maybe the waiter was inept even if the food was brilliant and he didn't want to reward one example of inept service?
Maybe he just didn't have any more change?
Maybe he disagrees with the concept of tipping entirely?
Maybe he's just a tight-wad?
Who cares? Daily Mail trash to try to make him an enemy because he's rich and didn't tip. So what?
I tip when you do something for me beyond what I expect. Either you provide miraculous service, or you cope with a mistake / extreme busy times REALLY well, or the food is more wonderful than I expect, or even you're always open when other places are shut. Then I tip. Otherwise, you need to negotiate more pay with your employer yourself, not hope I'll stick 10% on the billed price. And even then, if I have no change, I don't want to faff about with notes, change, coinage, etc. to tell you that I want to give you a tip. I have a thing where I see it as impolite to let people KNOW I'm leaving a tip. It should be a surprise, a bonus, something unexpected. I don't even expect you to be grateful (or care if you are / are not) because I'm gone by the time you see what I've left (even if that's nothing).
A guaranteed way to LOSE a tip is to a) ask for one, b) include it on my bill automatically without consultation, c) express your expectation that I should give one (e.g. bellboys holding out their hand). I will instantly not give you any tip I was going to, for those. Did any of those happen?
My favourite gastro-pub (The Fishery in Elstree) provide wonderful service, even when busy. They are fabulously polite and attentive. The food is wonderful. They are open almost all day long. They make a BIG fuss when something goes wrong and work their nuts off to rectify it (down to almost-hounding the member of staff responsible quietly in a back room to check they've done every stage of everything else timely, so you can have no further reason to complain even if you wanted to). And whenever you pay by card they literally tell EVERY customer "just press Enter" when the device flashes up a message about if you want to add a gratuity (Enter skips adding one!). They don't dive on the table the second you leave scouring for your tip, or anything else to indicate that they expect one (I mean, they probably do half-expect one, but they absolutely do not show it and aren't offended if you don't - which I have done when I've not had the change to do it, but my regular custom more than makes up for it).
The pizza-delivery service near me that ALWAYS delivers a good pizza, hot, on-time, and without fuss get a tip almost every time they come to the door. Because they obviously care about keeping me as a customer and do an above-expectations job even on a very busy Friday night. The woman who was renting out a cottage in Cornwall to me and stayed open past 11pm especially for me to arrive? I tipped her on the final bill purely because she went above-and-beyond.
A tip is optional. Most people leave it for "not bad" service. I leave it for above-expectations service (considered long-term so a regular haunt like The Fishery usually see tips because of the way they can MAINTAIN that high level, rather than tips dipping over time because I *expect* it all the time I go in there, but even there I would leave no tip if there were bad service - I would expect it to be an indicator of just how good my service was that night). I have no problem asking people to remove service charges from the bill, or not leaving one at all.
Other people's financial considerations do not affect my payment for a meal, so that the waitress is poor or doesn't earn much or has to share tips doesn't factor in - I don't tip my airline pilots or stewardess or newsagent or the guy in the ticket office so why should I tip anyone else for just doing their job?
But when/if someone does something particularly special (even if that's just an exceptional display of good service), sure, I tip and don't mess about calculating percentages (how rude and thoughtless), I just keep rounding up until it seems enough.
Even if I was a billionaire, the same principle would apply. Exceed expectations, get something equally as unexpected. Do your job and provide the service as anyone else could? Well done (that's all).
Re: What a Crappy Article
Actually, whenever I do come across a virus infection on someone else's PC, the first thing I do is upload it to VirusTotal. It's quite hilarious how many big-name AV scanners totally fail to detect things you can upload from your granny's PC, and even fewer can actually do anything to FIX them without the user having to do it themselves.
AV is, basically, a waste of time when it comes to preventing or cleaning viral infections. Simple as that. Your one might work against the thing you caught this time but I guarantee you that it missed other things just as prevalent and well-known. Do it as an experiment next time you get something in your email that wants you to open it or whatever. Download the file (in a fecking mail client that doesn't execute by default!), upload it to VirusTotal, see what sees it and what doesn't. Be amazed that almost anything (even if it's from your mail archives from years ago) will be missed by at least one and probably several scanners even today, and that "new" things may not flag on ANY scanner whatsoever.
A random one I just tried that arrived in my email claiming to be from DHL with a zip attachment that contained a single exe file was only spotted by 75% of scanners they run. Strangely, an identical email with a slightly different attachment (but even the same zip and executable name) that arrived seconds after scored differently!
Re: le sigh
Then what's stopping BT from negotiating private agreements on people's private land to do the same? It's quite easy to do this (companies do it all the time for mobile phone masts, etc.), doesn't need council approval (at least, nowhere near as much and can you really object to someone on private land much?) but just a little extra paperwork. And those landowners geeky enough around there would probably be in like a shot if they were given, say, one free fibre.
Re: I moved away from Zen
I don't know of a single UK ISP who do not provide VPI, VCI and encapsulation settings to anyone that asks. Actually, I don't know of one that doesn't publish it on their website somewhere as well.
God knows what service you've had in the past but I'd be amazed if they didn't provide that information on request, even from the call-center junkies.
In terms of firewall, I would agree with you. But to be honest, the amount of machines that expose port 139 or anything remotely dangerous to an external interface is probably quite minimal, whether by virtue of Windows Firewall, basic network settings, router NAT, or ISP controls (PlusNet used to monitor port 139 / 445 and block you if they saw traffic, when I was with them).
If you honestly think that antivirus works in any other capacity than a "miner's canary" (i.e. when that AV stops reporting back to the network, you go wipe that machine out), you're sadly mistaken. I've cleaned far too many machines that supposedly had full, paid-for, up-to-date antivirus on and the viruses just walked past it and then (ironically) shut it down in a way that the user wouldn't notice.
Basic security precautions vastly outweigh any bit of automated blacklisting and heuristics, I'm afraid. In over 15 years, I haven't had a virus and I don't run antivirus. Sure, I have it. And I submit things to TotalVirus all the time to check them for other people. And I clean machines (provably successfully) that are riddled with them at least two-three times a month (nothing from MY networks, but people's personal machines, etc). But on my personal machine antivirus doesn't scan my disks and doesn't run all the time just to save against me downloading and running executable files (which, 99.9% of the time, is how viruses get into home machines). On a properly managed machine / network, there is no NEED for antivirus, whereas a firewall is pretty invaluable. It's good to have around and a good "canary" on a network if you have a central console it talks back to, but that's about it. I've yet to see an antivirus package of ANY name manage to intercept, quarantine and totally clean a virus infection that wasn't written by a 5-year-old.
And the free ones are just as good as any other. Putting a user on a decent browser and breaking their hands if they run anything without checking will make infinitely more difference to their productivity and safety concerning viruses than any antivirus package you put on there.
Not defending him, I can't stand the man to be honest, but:
Innocent until PROVEN guilty. He's not been. Thus you can't go bandying the word rape about. Similarly, if a teacher was arrested for sexual abuse of a child, you can't call him anything until it's been proven. Because the ACCUSATION is bigger than anything else and causing more reputational damage that anything else. You're not a child, nor a vigilante. Wait until things are proven in a court of law (ANY court of law will suffice) and then you can claim you know better about what you'd do.
He has denied the claim (notice: not a charge!). He is fighting extradition on the basis that the claim is false. If the US, say, falsely accuse you of rape, are you going to pop over and clear your name and thus surrender to their legal system or argue that you shouldn't have to be extradited there at all? Some would say that going over would be a sign that you believe there are valid charges to be faced. This is no difference, and the US is involved even if it's not as direct.
You're trying to paint him, obliquely, as a rapist. He's not. Because he's not been charged with that or had it proven and, to be honest, is in the legal system to stop those charges taking action (which he couldn't do if they had a really solid case against him) based on both UK and EU law saying there's not enough to extradite him on.
Reading anything into anything he does at the moment is actually WORSE than just assuming nothing. It's like taking "No Comment" to mean "I did it" - although the phrase is used as a mechanism by the guilty, innocent people are well-advised to use it by their lawyers because it's the SAFEST thing, legally, to say.
You're exposing your own bias. Just because you'd submit to a random foreign country trying to extradite you on false charges in order to clear your name (and, just for a minute, suppose that country was somewhere with a bit less of a reliable court system), doesn't mean that every "innocent" person should either. Hell, I'd fight extradition on the basis that I'm already in an EU country and the trial could be held in any EU country because they have the same laws (and, often, cases are tried in one country using the laws and jurisdiction of another because it aids the logistical parts of the problems involved) and / or they haven't filed charges (which they should do if they want to see me in court). I can be questioned, even under arrest, from anywhere in the world. Hell, I can appear in court in any country in the world by video-link if necessary.
But, for some strange reason, these rape ALLEGATIONS are not being backed up as they should be, not being enforced as they should be, not being taken as seriously in the country trying to extradite him as they should be (if they think he's the rapist, he could be charged, tried and even sentenced already and in his absence rather than drag it out for the victim). And people like you take the words "rape allegation" and only see "RAPE RAPE RAPE RAPE RAPE". Rather than, as you should "allegation" (i.e. completely without proof as of yet).
Season ticket. It's in the post you replied to. And it's an example.
I pay £400 a month on fuel, just to get to work. Ner, ner, ner-ner, ner. I have a 45mpg car that cost me less than a month's fuel, not a gas-guzzler.
I, and you presumably, have chosen to stay in the job because it's worth more in terms of money and other rewards than not. Now think how much incentive you'd have to STAY in that job, or get a job if you didn't have one, if all you get paid for on benefits are essentials, not cash equivalent to what you earn in that job anyway. Your wife's dilemma is exactly my point - on benefits you would see no change (except much less work), so that's why people choose to write a couple of job letters and then claim benefits for doing so. If benefits involved the same amount of work as actually working, and a limited reward (i.e. credit on a photo-ID card that can only be used on food, clothing, fuel, essentials and not lottery tickets, to counter the previous poster's assertion that a black market would destroy the system - of course it would exist but there are ways to limit it, especially if even 1% of the unemployed are forced into work by it) then you'd have incentive to STAY IN WORK AND OFF BENEFITS. Perfect. Just what we're trying to convince people of to boost the economy and reduce the dole queues.
And if you were on Jobseeker's Allowance, you wouldn't be paying that on fuel. It would be paid for you, if it were essential (even down to a mileage allowance to attend!), or it wouldn't be essential. I have family in Cornwall. It's not the vast desert wilderness that some claim (a couple I know just moved down there and both got jobs within days). The point of the system is not to be perfect but to give EVERYONE the right incentive - to get back to work as soon as they can but not die of starvation or hypothermia in between. The current system does the EXACT opposite, as you just pointed out in a rant you thought was aimed at proving how wrong I was.
Re: the EULA is worth jack shit
Correction: The choice of OS has nothing to do with a user WITH ADMINISTRATOR PRIVILEGES being a dumbass.
The whole point of an OS is to isolate programs and data correctly. In the modern ages, everything's abused by most home users being able to execute arbitrary code and to do so with administrator privileges as a matter of course (UAC is pretty weak and full of holes). I agree that an administrator on either system can wreak just as much havoc. But the whole POINT of an OS existing is to stop ordinary users being able to do so, or at worst to do it only to their own files and settings. By and large, that's true on modern OS too, but it's a very different story and one where SELinux totally wipes the floor with anything available on a Microsoft OS.
There's a world of difference between having to trust the users, and spending time setting up a system where the users have (and need) zero trust whatsoever. One is generally a home scenario, one a business/industry/military scenario. There, you end up with a great deal of difference in your assertions. It's POSSIBLE to secure a Linux system so that almost anything (including 99% of all published Linux "exploits") can't actually do anything. It's not really possible on Windows. You can't really control things and isolate program to that finely-detailed level without an awful lot of extraneous, third-party software that can only control what Microsoft choose to expose.
That said, I mostly agree with you. The problem with Windows is political and cultural. Users have been trained to expect to be able to run with privileges, to write to ANY folder, to manage their own PC in the same "mode" as they use to run the web browser, and have little isolation between processes. Hell, you don't even get a "This program is trying to run at startup, do you wish to allow that?" style-dialog for the simplest of actions that a malicious program can perform (and be a pain to undo). Properly secured, bare Linux and Windows are about the same. But SELinux and other solutions are a step above anything Windows offers to the public (and as far as I know, the "military" versions of Windows are still based on an ANCIENT codebase because that's all they could certify).
The problem is that we give out cash.
If you're struggling to pay rent, you should be given a rent voucher that only an approved landlord can cash.
If you're struggling to buy food, you should be given a food voucher that must, by law, be accepted only for food purchases.
If you're struggling to buy clothes, you should be a clothes voucher that must, by law, be spent on clothes only.
If you're struggling to pay travel, you get an Oyster card or a season ticket that's monitored.
The actual monetary amount given to you in cash should be minimal.
Some administration involved, but then you put significant hurdles in front of the "beer+fags" brigade because they don't get £20, but £10 for food, £10 for clothes, etc. and vouchers for any particular special needs they have, rather than unaccountable cash that can be wasted anywhere. I'm sure the amount of people on benefits would drop sufficiently to pay for the extra administration, and there'd suddenly be a lot less "menial" jobs going begging.
And, in absence of a job for a length of time, you should be assigned "token work" - you have to go and sew fishing nets for 8 hours a day, 4 days a week (the other day is for job-seeking) even if we just throw those fishing nets away afterwards. The work can take account of any and all disabilities (down to you just sitting in a room for 8 hours if necessary) for which your job prospects might be affected. If you refuse to do it, you get no benefits. If you do it, you get "paid", just like a real job.
I wonder how attractive the dole queue would be if it came with 8 hours of work attached, and then you could only spend it on the essentials that are actually necessary (and not mobile phone contracts, beer, fags, drugs, etc.) - i.e. actually preparing you for real life (if you can't work for the dole, how do you expect to get any job?) and enforcing some decent financial common sense. And not harming those who do want to earn, learn and just not starve. I'd even let you put a freeze on all debt while on the dole, if it was like that.
Or the lead lorry falls off the edge of a cliff?
Re: Talk about betting the farm on it
Not really. The free version is pretty much only used by amateurs anyway (I think there's a lot of things in the EULA for it that are unpleasant already). I only ever run into it in open-source projects where people use it to compile the Windows version (presumably they can't set up MinGW or similar).
And the pro version is, well, what the professionals use and totally unaffected. I don't think anything really important was really lost for them here, and maybe a few more people will actually come to GCC/MinGW/Eclipse etc. because of things like this. But certainly anyone who was paying them already hasn't suffered at all.
I have to "imagine" you having two very expensive bits of kit (laptop on one side, and speakers and presumably amplifier on the other) on opposite sides of the room that you can't be bothered to run a 50p bit of loudspeaker cable to but would instead like to use a battery-powered, radio-based (and thus subject to and creator of interference on the 2.4GHz band) alternative to cross those, oh, 10 feet of space?
Same here. No problem at all.
I think a lot of these VM problems that people whinge about are very localised - granted, it's a problem for them and others affected but in three years I've only had silly minor problems (an hour of downtime when the cabinet was opened by kids down the street, and once "lost" a pay-per-view movie because the interactive service on the TV cut out, that they then refunded - everything else has been lost in the noise of me just using my connection as normal).
Given that I'm online or using home as a proxy for much of the day, I think I'd notice terrible service in my area. Guess it's just a postcode lottery thing. Or maybe these people get lots of kids opening their street cabinets and rewiring stuff, I don't know.
So it's £50 for me to not get rid of any wires at all and still have to play with headphone cables, and I have to keep the battery charged (quite a lot by the look of the battery life, especially if real-life times don't quite live up to the manufacturer's claims), and I can't clip it on a sweater without deforming it. And this gets 80% still.
Reg, seriously - your reviews have gone MASSIVELY downhill lately. What changed? Who was put in charge? And they don't even mention things like REAL LIFE battery usage (despite it being in "hours"), much about audio quality or even why you'd bother to connect a bluetooth headset that needs a headphone in the first place.
Re: Anyone in the private sector who bought into Facebook at IPO ...
The thing about the stock markets is that everyone assumes it's just like buying things at a - well, market.
The people who bought Facebook shares probably KNEW it was going to end up lower. But if you watched, it peaked higher than they were initially paying. Thus, simple maths tells you that, in that time, you can make a very quick profit. They sensible ones probably were never INTENDING to hold onto those shares for more than a few minutes, and sell them as soon as the graph's gradient flattened. In doing so, they would not only make a profit but also cause the price to dip later (when everyone gets suspicious that these "wonderful new shares" are being sold all of a sudden by people who've only just bought them).
The profit on a share might only be a dollar or two. But buy a few million shares and that's a few million dollars. In the space of a day, if you know what you're doing, that's not a bad way to earn a living. Who cares what happens to it after you've cashed out and made a few million? Who cares that it's over-valued? If they thought they could make a profit and did, they were clever and (now) richer. If they thought they could make a profit and didn't, I have no sympathy particularly. If they didn't think they could make a profit, again, I have no sympathy for them buying in the first place.
Not everyone buys shares to hold onto forever until they slowly creep up to something above the original price (and those that did won't be worried about a few percent drop in value until it's a few years down the line and still hasn't recovered). Not everyone buys shares caring at all about what the company is, does, or makes, so long as they think there's enough people after them to raise the price quickly so they can dump them even quicker. Hell, a lot of money is made on the stock market by "betting" that a share price will sink very rapidly.
Playing the stock markets isn't like being sent on The Apprentice trip down to the local cash and carry. You can make money based on what OTHERS will do, and even by what others you expect to crash and burn (even your rivals at times!). The notion that everyone on the markets are there to make money in long-term, sound investment and never make a mistake is as ridiculous as assuming that someone who could make a million dollars in a few minutes won't take the opportunity to do so (legitimately or not).
Re: Split for Infinity
It's worse than that... he's dead, Jim.
Re: An there was me thinking that...
He once said something like his character was "99% Doohan, 1% accent". I don't think he was that sad in the role he played, or would be disappointed with the way he was sent off (you honestly think he wouldn't have wanted his fans/family to say "The engine's cannae take it, cap'n!" on the first two failed attempts to launch his remains and have a good laugh about it?)
I'm not a Trekkie, I can just about tolerate TNG for an episode or two before I want to blow my brains out, let alone the earlier stuff, but I can recognise something there in the actor himself - he seemed happier to get kids into engineering courses from his influence than anything else.
I think I'd rather be remembered as a character like Scotty, or even better, an actor with Doohan's attitude, than not remembered at all. A lot more "famous" people do a lot less and make much bigger arses of themselves for the sake of money or a career.
I'd rather die with humour and parody following me than without. If I'd been the actor who'd uttered the words: "He's dead, Jim", they would have been etched on my grave. What a way to be remembered.
And the BBC provides in-class teaching materials by the shedload, not to mention there were magazines galore and it was the start of the home computing revolution so a lot of people had one at home and, because there were only a handful of machines, they were being taught it by their own uses at home too. Hell, there were entire programs on TV to teach teachers how to teach students on using the BBC Micro.
The RPi currently has zero focus on education, despite what you might think. When you can show me a set of lesson plans, or tying the use of the device into the relevant curricula, then you can say that the teachers will have something to start from. That doesn't just mean "You can run Scratch, here's the manual" but actually giving the teachers something to go on and provide for their use and work how out they can use the device.
The best teachers might be able to teach themselves, formulate lessons from it and teach a good lesson or two. But the best teachers handle themselves. You have to think of the THOUSANDS of teachers who have no clue even though they are teaching ICT (I've seen A-Level programming projects written using Excel macros - bad macros at that with 50-deep nested IF statements - passing with 'A' because the teacher was baffled by how much more advanced that work was than they could understand) and they need hand-holding.
If nothing else, the time element and the cost of knocking up even a dozen lessons on the RPi for a single age-group in a single school could easily make it impractical compared to, say, just buying an ICT Suite and doing things properly. Except most schools already have an ICT Suite to satisfy the legally-required computer-pupil ratios, and that can run Scratch just fine too. So why bother to touch the RPi who obviously have no interest at the moment in helping teachers teach it?
I work IT in schools. They need to produce, en masse, an awful lot of educational content that can touch all sides of the teaching curriculum. Currently, the Wiki has exactly 0 of anything that any teacher would consider "useful" when teaching them. So it's only the geek-teachers who could quite literally teach assembler from memory on a handful of PIC chips anyway, if pressed, who will touch them. And that seems to be exactly who they are roping in to do demos and press releases and STILL not producing anything in the way of teaching resources.
It's like being an accountant, and someone tells you that you can have a whole new way of accounting for your business with 50+ employees, 1000+ clients, £1m+ budgets, liable to the taxpayer, etc. And then all you do is shove a datasheet into their face and say "it's all there... somewhere".
Re: Desktop performance is not surprising
The Pi can get, at most, 244Mb. That's if you use a basic, unaccelerated framebuffer. Other compromises are 128 and 192Mb that allocate more RAM to the GPU. Storage isn't a problem (SD cards). CPU speed isn't a problem (necessarily - of course it won't fly). Drivers might well be a problem but not unsolveable (binaries do at least exist for everything, even though they still need a lot of tweaking). The GPU is currently unaccelerated.
And before you know it, as discussed on the forums, you're looking at 2.0-and-before versions of Android at best. Maybe even pre-Eclair (i.e. pre-Bluetooth support in Android), let alone Gingerbread. I'm not even sure how much software supports that far back any more.
How many apps on the appstore would run? Nowhere near all. How many would run smoothly? Even fewer. How many would continue to run in the future? Fewer still. How many would be able to be run simultaneously or without running into memory problems at some uncertain point? Fewer still. How many of those would be useful to people on an RPi beyond just loading them up and looking at them? Fewer still.
Though I imagine we'll see it (just as we've "seen" Windows 8 on RPi via remote desktops, and no doubt some sadist will find a way to port some ancient Windows apps using Wine's ARM libraries), it's not going to be useful beyond one of those "Windows 95 running on an Android phone!" type demonstrations.
Re: Desktop performance is not surprising
An Android port is in progress (apparently) but the problem is the RAM. Officially, you need more RAM than the Pi has to run Android (and sacrificing GPU RAM for system RAM is a bit of a lose-lose situation with something like Android) and the only ones that will reliably work are much older versions.
That said, the problem with that won't be getting Android running. It will be that the device is not an "Android" device officially, so that would mean that the Google Store is not able to be used (it can be loaded on any Android device that you "own or control", but the definition of that would probably exclude "hey, we slapped Android on a random ARM chip"). And there's no help from Google here yet, so it's unlikely to be updated, or officially endorsed, which means no Play Store (and thus, quite a lot of missing apps and point of using Android). Android is also "Java-based" in a way, and the Java performance of the RPi sucks. There's no help even in ARM's Java-acceleration instructions, either. And Oracle can barely get a simplified JavaFX running on it at the moment.
No doubt Android could be hacked onto the device but it will never run 1% as nicely as the cheapest, cheapy Android tablet out there (you can find them for £50 now, with touchscreen and wifi) which can run the Play Store and use the Android logo legitimately.
I'm not so sure than any media-centre use is any good for the RPi at all, to be honest. Everyone has bright ideas about doing it but even something as simple as playing a video can lead to a world of slideshow framerates and interrupted sound according to forums posts that I've read. X-Windows is still unaccelerated but even framebuffer access is pretty atrocious for playback of random formats. You'd be infinitely better off with just a basic Android device for that purpose, to be honest.
The RPi would be a good Arduino replacement, once they fix the problems and scale production. That's about it. Anything video-heavy, from desktops to media centres, you're going to be disappointed with.
Re: Hardware issues
Actually, we don't know what the problem is with USB or SD cards at the moment. Broadcom (who make the chipset and designed the RPi) don't seem to know either. I have just posted off a "non-working" SD card to a Broadcom employee who is going to post it to Taiwan so their "driver author" can have a look at it and (hopefully) fix the issues the RPi (and only the RPi) has with it. This is a card that I've used in about 20-30 other SD card devices without ever hitting a single problem, but the RPi can barely mount an ext partition from it in 1 try out of 20. They literally had to put a topic on the forum begging for cards that showed problems only on the RPi because they obviously don't have the testing regime themselves to discover them.
That *COULD* be software. We would hope it is. But if it's due to an electrical problem (e.g. PCB traces too thin can affect the capacitance / resistance of a circuit even if the PCB simulated perfectly and the circuit - in theory - works perfectly - see the OpenPandora project for examples of things like that happening!), or some bad design of the SD circuit, or operating slightly out of ranges then you're stuffed and won't be able to fix it in software. That means a complete reissue of 10,000 plus boards to get vaguely reliable booting with any SD card. Do you think schools will be buying the most expensive, brand new SD cards (some of which still exhibit problems with the RPi, but which are generally better) for every single student?
Similarly, the RPi drops USB packets *after* acknowledging them. That's PROBABLY a software problem, but something that only someone who understands ARM Linux kernels, the Broadcom chipset, the combined LAN/USB chipset used and can understand oscilloscope traces of a USB transaction would be able to identify, let alone fix. That's not to say those people don't exist, but we're not just talking a two-line patch to a bash script here. And Broadcom are not always going to work for free on things like that.
And that's just what we know. I listed at least 4-5 problems within 24 hours of receiving a board numbered "4011" (so, within the first "pre-order" batch). All of those issues are known in the community already and still not fixed (months after the pre-orders went live) and many have no reply to them at all except "wait and see if someone works it out". The troubleshooting forums and Wiki are horrendous and barely touch on most of the problems noticed. There are literally a handful of people (not associated with RPi) actually doing anything interesting with their boards or trying to solve those problems (after over a week, and given several HUNDRED reports of faulty cards, in the past etc. I was the only person to even reply to the call for SD cards!). Now go look at the problems of power supplies (there is no "official" power supply, and it's incredibly easy to get any amount of problems from no Ethernet to no booting at all to weird shutdowns, etc. with a power supply that looks/works perfectly fine on any other device).
RPi better hope that these things are fixable in software. But even if they are, it's going to take MONTHS to fix them. And virtually all the pre-orders are out in the wild and have been for months/weeks depending on what second of the 10-minute window the orders were open for you actually ordered in. Mass production is supposed to start soon. Going mass-production on boards that even the pre-orderers, two HUGE electronics distributors, and the company that designed it can't get working with perfectly-working, brand-new SD cards, power supplies and USB devices is a recipe for disaster.
Don't even get me started on how the default "recommended" distro is mis-configured and butchered.
Re: And another thing...
People without one are blinkered about the device, but so are those who have it, and those who think it will impact general education in any way.
I have JUST this second posted off a letter to an employee at Broadcom (who make the main chips for the RPi) who is going to send it on to Taiwan where a device driver developer is going to look at the things inside (a bog-standard, fully-working 2Gb SD card) and try and work out why the RPi throws a fit any time it tries to use it. This is pretty much bog-standard basics and SD card interfaces are hardly difficult now. But they literally had to put out a call for "non-working" cards that passed certain criteria (i.e. it wasn't the card, or anything stupid, that was the cause of the problem) to random people with them in the hope that someone would send them a non-working example card so they could post it around the world for someone to tweak device drivers.
I'm also trying to get an answer to why random USB packets are just thrown out of the window which cuts off a lot of high-speed USB devices mid-transaction. Nobody's even bothering to answer that one yet. That's after the hurdles of things like the default setup totally lacking any iptables modules (on a 2Gb install? Come on... scrap some of the junk and install some of the vital components instead), numerous power problems, etc.
I have projects in mind for the Pi, and I'm an IT Manager at a private school in London. The two, currently, are not merging one iota, though. All my projects are personal embedded things as mentioned because I can just imagine the chaos of getting 20+ kids up and running with these things, even if they're cased and powered and SD-card'd properly. Hell, I'm scared to touch it because it's so damn fragile and numerous people have already broken off capacitors (casing will solve some of it but you think kids will be gentle when putting in an SD card or headphone plug? Their big education push is basically to say you can run Scratch on it. Slowly. Under unaccelerated X-Windows. Or you could just run it at five times the speed on your ICT Suite that the government insists you have to have anyway and has done for, what 10-15 years?
Sure, it fills niches but the niche it does not fill is the one it's plugged as filling - education. There's no documentation, few drivers (mostly closed-source), the entire Wiki section for lesson plans, etc. is empty, the demos consist of running the same basic programs as everywhere else (Scratch, Midori, Python, etc.) and there's no sign of exactly what you're supposed to do with it if you're NOT an IT and electronics expert (hell, I can make a circuit that talks I2C with it, but I doubt many others here could and the interface boards that exist and could be made commercial will cost as-much-again as the RPi and you'll have to program that damn things yourself).
The promise was this would be ready for schools in September. Schools would generally order in June/July (or even earlier) for September. As it is, general ordering is still closed. The "prototypes" (because that's what they are) that are in the hands of people like me are going to end up in personal projects, refunds, replacements and shuffling back and forth for several months yet. And in the end, it's NOT a PC, as advertised - far from it. It's an embedded board, no different from the end-users perspective to a STAMP or PIC or Arduino starter kit (without the kit!).
It's going to take AT LEAST a year of constant, vigilant work to get the documentation to the point where even a good IT teacher would be happy to risk more than one lesson on it. Like Intel QX3's and lots of other "fads" in education, at best it will end up in a cupboard somewhere after a year and never be touched again. At worst, there's going to be a HUGE call for refunds, repairs, replacements and, most importantly, resources. And that's the big, expensive, hard bit that you can't just lob an IT guy at if you want teachers to tie it into their lessons and curricula.
The RPi is nothing special. The GP2X was ARM-based, dual-core, integrated OpenGL ES accelerated, touchscreen, ran off two AA's for many hours, had a built-in LCD, ran Linux, had full drivers, stored on an SD-card, was "unbrickable", very sturdy, handheld and used for education in Korean schools. And that was YEARS ago and has had at least two successors in the meantime. The RPi is literally sending us backwards in those terms, not forward.
Personally, I see mine ended up where any other embedded board would end up. Doing one job all day long because it's simple to do and low power and convenient to have TCP access to the device doing it.
Re: I LOVE the Pi
Great, so after you encase it, install the SD card in it, connect peripherals enough to make it access the network, have a keyboard, mouse, power button, reset button, etc. USB extenders and soundcard ports that the user can't break the port on (RPi is extremely fragile), add a reliable power supply integrated into the box, do all that, box it, ship it, and provide support for it when it goes wrong (they're having lots of problems with SD cards currently, and 100mbps Ethernet isn't the given you expect either, and you're basically running a full Debian distro to make it work properly which is booted from a proprietary GPU boot code that you have zero access to) then you might be able to get a basic "thin" (actually fat, but who cares about destroying decades-old terminology) clients that are in the same price range, power usage, size, etc. as other thin-clients and can spend the rest of your "savings" on Windows/Citrix licences.
Bargain. Except they don't exist commercially "yet" and there's no cases for them, so you'll be doing all that on your own, with the associated startup costs (or buying Nano-ITX cases, etc.). Or you could just buy any-old thin-client or even just desktop or laptop and have done the same anyway with ZERO performance concerns.
The RPi is good for several things. Thin-clients isn't one of them. Desktops is another area that it's horrible at (solved only by thin-clienting them). Hell, it struggles to play a simple MP3 from the command-line at the moment.
I'm making an in-car GPS / SMS monitoring device with my RPi at the moment - something I've done half-a-dozen times with everything from a full laptop down to Mini/Nano-ITX. The RPi has given me more headaches than anything else so far (can't even get it to hold a USB connection on a 3G stick, for instance, despite identical software to all my previous setups) and I've put it on a backburner until some of the issues are solved. That's a project where the size, speed, power requirements, capabilities, ports etc. are all perfect matches for the Pi.
So far, my Pi is still having its backside kicked by a GP2X ARM Linux handheld console (that CAN run off two AA's by default for hours and play just about the same software but better), and that's YEARS old now and been superceded at least twice by newer models.
I've never seen that on a working mail server or client, but I'd be throwing it in the junk pile if it ever did such a thing.
I suppose there's nothing to a stop a mailer leaking that info but, come on, use some decent software. BCC has the B for one, sole, primary reason - so that NOBODY KNOWS who else you sent it to but the mailserver. Any piece of software that pushes the BCC data into the email or headers should have been consigned to the scrapheap years ago.
Re: Funny how a £16 Linux computer becomes £30.87 at RS...
Got my one the other day. Still dealing with lots of niggling issues after updating the default software and firmware to the latest available from git / apt-get.
USB is sometimes unreliable (recorded cases of USB packets just disappearing into the ether despite being acknowledged by the device - which hit me by disconnecting my 3G USB stick at random points while on 3G but no problem on GPRS, etc.), a couple of people have hit heat problems on the Ethernet/USB chip (hot to the touch when there should be no real temperature there), there are power problems galore because it needs such a regulated supply (and thus battery use etc. requires additional circuitry), SD cards are still a bit up in the air - ones that I've used for years in a myriad devices start spewing out errors and putting it into unfathomable boot loops (but then, next time, it just boots fine) and the online compatibility lists are a load of junk (too many false negatives AND false positives). I also can't get it to put out a composite signal that my old Sanyo 32" TV will actually see as a colour signal (strange that every other composite device works fine including brand-new DVD players, Wii, etc.)
That's AFTER you read about people breaking off one of the capacitors quite easily / accidentally, finding incomplete solder points on their new boards, etc.
The default (and recommended) Debian image is supplied with the iptables command but without any iptables modules, rendering it useless unless you feel like recompiling the kernel yourself. The default firewall is thus "ACCEPT ALL" while some people are demoing it downloading things in Midori (which is being universally commented on as "slow").
There's a lot that's nice about the device but it's far from ready for mainstream use yet, so the camera is the LAST thing to be worrying about.
Hell, I still can't work out how to get it to boot reliably from several of the handful of SD cards that work perfectly in every other SD device I own.
Again - how can Anonymous deny that they had anything to do with the attack on the military site if they don't have a) some kind of entry requirement and control over who's a member, or b) some kind of knowledge of who is and who isn't a member?
You could do anything and blame it on Anonymous and there is NO WAY for them to disassociate themselves from that action because of their policy that anyone can be a member and nobody knows who is or who isn't.
Anonymous are not a group. It's a moniker used by anyone that wants to do something nasty, brag about it and get away with it. They can no more say that "Anonymous didn't do this" than they can say "As a member of 'People called Fred' we can say that no Fred would ever do this".
Re: Teething problems, or something worse?
Data out is certainly more interesting than data in. Just what incentive do the cloud vendors have to help you remove the data after you've threatened to move elsewhere? I wouldn't be surprised if most or all of them offer import "somehow" if you kick up a fuss but not export at all.
Do you really want to extend your contract by another month/year so that you can repeat the "guy on a plane with a NAS" trip in the hope of somehow getting all your business data back? Or spend quite literally weeks redownloading it all before you can move off to another provider? Or have to post them a huge drive array and wait for them to copy all your data out at their convenience and then pay to send it back to you?
Cloud is one of those ideas that STILL doesn't know what it's supposed to be used for. There are lots of use cases, of course, but none for which cloud is the "optimal" solution.
If you are storing PETABYTES of business critical data and requiring cloud-level redundancy and availability, are you seriously telling me that you COULDN'T buy servers yourself around the world and do it cheaper with your existing talent?
Re: Work away from office
And then you sack them, just as you would if they revealed that password to someone else, or left their papers on the train.
Why people are afraid of enforcing IT policy, I don't know.
Re: Work away from office
Given that schools are now starting to deploy TrueCrypt on staff laptops that go off-site, it's hardly a burden.
Instead of just turning the machine on, you type in a password for the drive. It then boots. End of story. Without the password, the laptop data is useless.
Performance loss: Negligible
Security: Virtually perfect (as perfect as you can get when people have to memorise passphrases, or carry two-factor authentication sticks at least)
Liability when something is stolen: £0.
Hassle to the end user: "Enter your password" (which they would have had to do to print out that data anyway!)
Re: What am I missing?
Allow me to demonstrate transparent proxying for you.
- You think you're talking DNS to 184.108.40.206 (Google's DNS server, as an example).
- Something between your application and the outside world (router, firewall software, anything that can sniff and modify packets en-route, basically, including software on the machine itself) sees that packet, looks inside, changes it to point at whatever server they want to and then sends it on its way.
- The DNS server it sends the query to sends a reply with whatever the hell they like (including redirecting your google searches to dodgy domains, etc.). Google listen out in vain silence for your (never-going-to-arrive) packets.
- When the reply comes back to your computer, you have ZERO idea which DNS server resolved that without checking thoroughly (which nobody does, not even web browsers accessing secure sites - DNS is assumed to be "authoritative", and only DNSSEC can fix this) but, hell, you TYPED IN www.mybank.com so it must be safe, right? (And, yes, SSL does have some fixes against this but NOTHING in the way you think - SSL is very reliant on DNS being authoritative)
There is nothing in the world that is going to be able to detect that until DNSSEC comes along. You know how I know? I run transparent proxies in work so even though everyone "thinks" they are going to www.facebook.com via their DNS lookup (and all their laptops have different settings for DNS), they are actually ALL going via OpenDNS and the school DNS filters lookup of the address. I can even turn all their images upside down or make paypal.com look like it's bbc.co.uk if I want.
DNS Changer literally adds itself to your Windows list of DNS servers and HACKS INTO common router models to change the settings on there too. Is your trusted DNS server that your network gives out via DHCP pointing to your broadband router at any point? 99% of home installations have a setup like that - anyone with a cable modem or ADSL router will use the modem/router as a DNS server and default gateway. This thing actually logs into your router via backdoors and changes your ROUTER settings to change the upstream servers it uses.
When was the last time you logged into the router interface and checked the DNS it uses, seeing as " all the machines on the LAN are configured to point to the router as the DNS source"? DNS is inherently insecure, interceptible and modifiable. Don't trust it. And certainly don't trust your local network to provide it without being VERY sure that it's all clean.
Saying that, they should just switch the damn thing off and let people moan. A few hundred thousand machines less on the Internet who are crawling with obvious malware is a GOOD thing. Their own Internet access is a secondary concern to not spreading that junk to all of us.
You have 10 million tiles on your roof? It might well be worth that much. Or possibly more.
How can anyone say it wasn't Anonymous, given that Anonymous don't know who its members are anyway? This is the stupid thing I hate about that group. It isn't a group. Anybody and everybody can claim things in the name of Anonymous and there's no way to prove positive or negative.
So the assertion "we can be sure it wasn't Anonymous" is a lot of tripe.