* Posts by Charlie Clark

4283 posts • joined 16 Apr 2007

FreeBSD 10.3 lands

Charlie Clark
Silver badge

Re: Who uses FreeBSD in preference to Linux and why?

One of the things that *BSD gets right is the separation of system and software. You can run easily run a FreeBSD x.y with the most modern software because software is provided as ports/packages. Another is that userland is the same no matter what *BSD you're on.

The is in contrast to the "curated" approach of RHEL or Debian which are quite happy to serve up antiquated software packages. You want a more recent version? Then either upgrade the OS or compile and install yourself.

However, it seems that RedHat and Canonical have more accurately understood that the market is looking to replace skilled sys admins who know what they're doing with burger-flippers.

9
3

Top Firefox extensions can hide silent malware using easy pre-fab tool

Charlie Clark
Silver badge
Thumb Down

I've said this time and time again. Core funcionality should be built into the browser rather than relying on, "plugins", for just about everything.

Well, have a prize for being the most self-righteous prick of the day!

The vulnerability here described stems from the way XUL provides access to core functionality. It is, however, pretty esoteric and requires considerable social engineering in order to be exploited. Furthermore, while I'm no fan of the XUL approach, we're talking about an architecture that it is 15 years old and is already side-lined for replacement with a sandboxed, but less capable one.

As for core browser functionality: I'm more worried about browsers being able to spaff my location or access microphone and camera than I am about this, because if the browser itself can be compromised, and this seems more common than compromised extensions, it can spew far more information.

8
3

Blighty starts pumping out 12-sided quids

Charlie Clark
Silver badge
Headmaster

Re: don't like the new coin

Saying all of that I still prefer the good old pound note.

This was withdrawn because it was circulating so much that it had to be replaced too often. This is why coins are used for smaller denominations. I always like the reference to gravity on it (pace "The Belly of an Architect").

Of course, in order to achieve the apparent aim of double-digit inflation, it's only a matter of time before cash is replaced by some form of digital currency which, like air miles, can be devalued at whim.

3
0
Charlie Clark
Silver badge

Re: counterfeit pound coins

Meanwhile, here in Germany, they're actually thinking of following the Dutch and the Finns and phasing out 1 and 2 cent coins which now cost more to make than they're worth.

The market for snide coins is tiny, notes is where the money is at.

3
0

India orders 770 million LED light bulbs, prices drop 83 per cent

Charlie Clark
Silver badge

Re: Who's paying the piper?

I wonder if filtering out white led light would be as successful?

It will be much more difficult. Sodium lighting was chosen because the eye is relatively more sensitive to the orange / yellow spectrum and the eye can switch to monochrome. The big problem in the UK is that the lights are generally open at the top which gives you your light pollution.

Most LED systems have been doped to give a much fuller spectrum so that if you start filtering this, you'll be filtering most visible light. So, LED street lights really ought to come with a cover so that they only illuminate down.

2
0
Charlie Clark
Silver badge

Re: Who's paying the piper?

FWIW Sodium lights are themselves very efficient and low maintenance, which is why they're used for street lighting.

7
0

The Register to publish Mindful Sysadmin adult colouring book

Charlie Clark
Silver badge

April fools

Is anyone collecting them? Cyanogenmod has a nice nightly build for today…

0
0
Charlie Clark
Silver badge
Happy

Re: Oh no!

Go and sort your stamps or whatever it is you need to do to calm down!

0
0

Gartner: RIP double-digit smartphone growth. 2016 has killed you

Charlie Clark
Silver badge
Thumb Down

Re: Who are these morons ?

The way I read that article is that there is massive trouble for Apple ahead.

Where do you get this from?

Apple has so far never had to compete on price and if it does, it has the thickest margins and most loyal customers to play with. The IPhone 5 SE may be its product of this type, though I'm personally not convinced that sales of this particular product will be that good.

We may well see an elongation of the period people stick with a phone, though as long as these are tied to contract renewals, this seems unlikely.

No, Apple's biggest threat will come from failing to continue to innovate, or adapt to new technologies.

2
0
Charlie Clark
Silver badge

Any fule nose

Seven per cent in smartphones remains an enviable number, at least for those stranded in PCs.

When growth declines is when the fight for market share and pressure on margins really starts.

6
0

Brexit: Time to make your plans, UK IT biz

Charlie Clark
Silver badge

Re: And on the other side of the channel...

No need for this kind of scaremongering: legally nothing will have changed on June 24th. Ex-pats probably have little to worry about, though applying for dual nationality might not be a bad idea where possible (permanent residency has been granted).

However, what we are already seeing is investors trying to deal with the uncertainty will no doubt accompany the process.

12
3

Bash on Windows. Repeat, Microsoft demos Bash on Windows

Charlie Clark
Silver badge

hmmm, in combination with all the other announcements in the last 6 months, It does lend more credence to my "next Windows server after 2016 will have a Linux kernel theory". It WAS a crazy a$$ wild eyed lunch talk with friends theory.

It still is crazy talk but if it makes you feel warm and fuzzy all over then go ahead.

Supporting the runtime by intercepting the syscalls means that the (Linux) kernel isn't required – FreeBSD has been doing this for years. In fact, the kernel is in many ways the most interesting part of Windows.

The big upside for MS for this is that it recognises that lots and lots of people on Windows want to use open source packages that more or less rely on the unix toolchain (especially gcc). Making this available lets these people get on with their work on Windows. Everyone's a winner.

5
1

Oracle's website, social media to wear sandwich board of shame over Java SE insecurity

Charlie Clark
Silver badge

And the alternative to Java for embedded systems is....?

Pretty much anything. LLVM and similar techniques have taken much of the pain out of embedded runtimes.

8
0

Android's unpatched dead device jungle is good for security

Charlie Clark
Silver badge

Re: Yeah But...

do they not think it beyond the wit/skill of the malware creators to see what version of Android the device is running and use known vulnerabilities for that version to install the payloads?(spelling fixed)

The point he's trying to make is that it is exactly this kind of discovery and targeted exploit that is too expensive to be worthwhile.

This is a "things aren't as bad as some people make out" argument which does seem to be borne out by the facts: millions, or even billions of mobile phones have yet to be compromised. I also wonder what the potential market even for those compromised devices is, assuming that miscreants go for the current favourite attack of ransomware. Even for the technically unskilled a factory reset and reinstall from the cloud shouldn't be too hard, or too expensive if you have to get someone to do it: must be less than cost of a replacement handset.

No reason for Google or the handset makers to rest on their laurels, of course.

9
0

Apple's fruitless rootless security broken by code that fits in a tweet

Charlie Clark
Silver badge
Black Helicopters

Re: Hang on a minute

It wouldn't surprise me at all to discover that Apple's real agenda here is to create a protected enclave for DRM tools that even root can't violate.

The same thought has crossed several minds…

2
1
Charlie Clark
Silver badge
FAIL

Re: Hang on a minute

And how would things get more secure because the machine reboots before implementing the end-user's mistakes?

You seem to fail to understand the point: let a user process download signed stuff from Apple. Everything that is downloaded should be safe. But the installer cannot be hijacked or abused to do anything else because it can never be run by the user process.

He's a nice badge for you.

1
0
Charlie Clark
Silver badge

Re: Hang on a minute

I think the idea behind SIP is to avoid simple permission escalation attacks from users who also have admin roles (ie. can sudo). As such it's a nice idea as it makes "click this" exploits a little harder without taunting the user with permission requests à la Windows Vista.

However, Apple also privileges certain applications such as the software updater so that can run while the user is logged in. As opposed to forcing the machine to restart in single user mode and install whichever signed packaged have been downloaded. I wonder if this is what Windows does with some of the system updates?

It might be possible to keep SIP around if it is simplified and there are fewer exceptions. Personally, I disabled it because I wanted to downgrade ITunes. And this is an example for one of its flaws – they're trying to protect too much shit. Given how fast MacOS boots with an SSD then they might want to consider forcing more stuff to be done from a restart rather than trying to play security and convenience off each other.

2
2

Teen tricks leaky Valve into publishing hot new Steam game: Watching Paint Dry

Charlie Clark
Silver badge

Re: A bit miffed about the whole "ignored the warnings" part

What is this, the 16th century?

Going by Valve's approach to coding it could well be.

5
0
Charlie Clark
Silver badge
Coat

Re: Ruby off the rails

Well, he's technically from Salford on the other side of the River Irwell. Mind you, that's the place where Grand Theft Auto isn't just a game…

0
0

How NoSQL graph databases still usurp relational dynasties

Charlie Clark
Silver badge

Re: Best Tool

Ideally I'd like a seamless NoSQL and SQL database where the most appropriate storage method can be used

What, you mean like Postgres? JSON/hstore support, vertical column support, parallelism, etc.

0
1
Charlie Clark
Silver badge
Thumb Down

Re: Yes but no but

The relational model does have its place, and probably always will, but the big realisation with the NoSQL movement is that one size doesn't fit all, nor does it have to.

Bollocks. In general, an RDBMS is exactly what you want but you'll have to learn how to configure and use it properly. It grew out of Codd's reasoned arguments against the problems associated with the non-relational databases of 1960s, many of which plague the NoSQL systems of today: "consistency, who needs it?".

The NoSQL approach grew out of some niche use cases which the software industry suddenly turned into general problems: volatile document store, time series data.

2
1
Charlie Clark
Silver badge

Traditional database vendors, though, are fighting back. Microsoft's SQL server (as of version 2016) offers a way to store and retrieve JSON data in a relatively painless way, although the data itself is stored in the relational engine.

Does the author only know MS SQL Server? Certainly looks like it.

JSON support has been in Postgres for a while and Postgres 9.5 adds binary support and indexing.

2
0

Firefox features will land out of cycle and Mozilla's cool with that

Charlie Clark
Silver badge

Re: Alternatives to FF and Chrome?

Well, although Vivaldi is using the Chrome browser engine, it's focussing on UX and providing features that users want and use. It ain't there yet, but it's certainly worth a try: http://vivaldi.com

1
0
Charlie Clark
Silver badge

Re: Ohh, Gee...

Memory use in browsers is driven by the size of the DOM and cached resources. DOMs for modern websites, especially those with lots of features (web-mail pages and anything that looks like an application) can be astonishingly high.

The Chromium browsers avoid some of the problems by creating a new process for each tab (uses even more memory but reduces the chance of one rogue tab bringing down the whole browser). Firefox is supposed to be moving towards a similar model.

FWIW I don't use Firefox as my main browser, I'm certainly not a fan of either the "sharing" shit nor out of band feature releases.

0
0
Charlie Clark
Silver badge
FAIL

Might sysadmins notice?

Might sysadmins notice?

Those that care will be running Firefox ESR which won't be following this practice.

Out of band feature releases breaks the principle of semantic versioning but so what? Users are annoyed by changes, especially UI changes, whichever version they come in.

1
0
Charlie Clark
Silver badge

Re: Ohh, Gee...

How does the number of times you tap your screen affect your memory use?

All the browsers switched to using more memory a few years ago. Your computer has it, your OS can manage it and it makes things faster. Get over it.

5
8

DARPA issues collaborative spectrum sharing challenge

Charlie Clark
Silver badge

Explanation required

Hoarding spectrum isn't cool or practical, but if wireless operators everyone wins

I'm obviously too stupid to understand this… please help me.

3
0

William Hague: Brussels attacks mean we must destroy crypto ASAP

Charlie Clark
Silver badge

Re: Fuck it

Lets ban pub car parks as well

In some of the places I've been to recently you don't need to step out into the car park to conduct your illicit activities.

Schaarbeek is full of such places. As are East and North Belfast…

1
0
Charlie Clark
Silver badge

…and all our own secret communications are now longer secret and our secret agents are no longer secret or safe.

Meanwhile, in the real world, the encryption genie is out of the bottle and, like illegal weapons, is being used by people already breaking the law.

2
0
Charlie Clark
Silver badge

In the US it's like gun legislation: virtually never enforced but looks good on telly. You could probably convincingly argue the first amendment makes provision for anonymous phones. But it'll probably never come to that because you'll always be able to pick up a SIM card somewhere.

3
0
Charlie Clark
Silver badge
Thumb Up

Re: I find myself wondering . .

My hovercraft if full of eels.

My hovercraft is full of eels.

FTFY but have an upvote all the same,

2
0
Charlie Clark
Silver badge

It was the utter incompetence of the Belgian authorities.

To be fair, they're under-staffed and suffer significantly from the fragmented government of the autonomous districts that make up Brussels. Cooperation between the various French and Flemish districts is notoriously poor.

To this you can add the various periods where Belgian has only had a caretaker government which has held up all kinds of projects while making sure that the state keeps ticking along.

5
0

Ransomware now using disk-level encryption

Charlie Clark
Silver badge

Re: It's B'stards like these...

Or, we've not been taking security seriously enough for years and hoping that something like this would never happen. I'm sticking my head back under the covers and hoping it goes away. Yeah, that should work.

4
0

Oracle v Google: Big Red wants $9.3bn in Java copyright damages

Charlie Clark
Silver badge
FAIL

Re: Java property of Oracle

What do you think an API is apart from a list of method names, their signatures, and their return values?

6
0

ExoMars probe narrowly avoids death, still in peril after rocket snafu

Charlie Clark
Silver badge

Re: Can't they test the instruments before they get to Mars?

No (and for good reason).

1
1

Confused by crypto? Here's what that password hashing stuff means in English

Charlie Clark
Silver badge

Re: Bah!

And while I agree that salt techniques are important, I disagree with a commentor that they were "missing" from this document

An unsalted hash is merely obfuscated and not encrypted, this is why salts are essential and not optional.

0
0

Microsoft did Nazi that coming: Teen girl chatbot turns into Hitler-loving sex troll in hours

Charlie Clark
Silver badge
Unhappy

What a pity…

… sounds like the first thing worth following on Twitter and they pulled it.

3
0
Charlie Clark
Silver badge

Re: Tay: A river

And isn't Dundee on the Tay? How appropriate.

3
0

Lost in the obits: Intel's Andy Grove's great warning to Silicon Valley

Charlie Clark
Silver badge
Coat

Re: I beg to differ...

I believe this one is yours, sir. ->

2
0
Charlie Clark
Silver badge
Thumb Up

Seeing as most of the article is about the US the swipes against the EU do indeed make little sense. Add to that Germany's manufacturing industry hasn't suffered from being part of the EU. Mind you, Germany's own version of Silicon Valley, dubbed "Silicon Saxony", has been more of a subsidy magnet than a wealth creator.

In summary: Britain's pro-service, anti-industry policy has nothing to do with the EU.

13
1

Microsoft files patent for 'PhonePad', hints at future Windows plans

Charlie Clark
Silver badge

I have a nasty feeling that MS might be claiming royalties from the work others have put into their own implementations of the same requirement.

Well, if that is the case you can't really blame MS but the US patent system which privileges filing even the most spurious patent. Maybe the current dispute over CRISP / CAS9 will help sort out this mess.

However, I can't help thinking that this may be difficult to enforce and invite a raft of claims of prior art. Still, even then the patent could be a useful bargaining chip.

Instances of possible prior that fall out of my addled head: Samsung had a hub function specifically for games; Amazon's WhisperSync across the Kindle/Audible boundary.

1
0

Error checks? Eh? What could go wrong, really? (DoSing a US govt site)

Charlie Clark
Silver badge

Re: jQuery

I can't comment on the code except that it looks a bit odd. It could be, and probably is, just shitty code but the same logic could be written in any language.

I heartily disagree. The world before jQuery was very unpredictable with lots and lots of slightly differently own-rolled code.

jQuery is helping standardise common use cases that, in turn, help standardise the language development and browser implementations. Indeed in many situations it is becoming a victim of its own success: more and more stuff can be moved into CSS. I'm looking forward to seeing more of this.

4
1

Samsung Galaxy S7: Big brand Android flagship champ

Charlie Clark
Silver badge

Re: This is one of my bugbears . . .

Also, £60 to fix not 200 euros, although I did it myself.

I think you may find the S7, especially the Edge, a little more pricey. And, even if you are able to do this kind of repair yourself, many of us aren't. That said, I've not used cases very often and I have yet to break a screen myself. But I see plenty of broken screens when walking around town and my own current phone is someone else's refurbed after they broke the screen…

1
0
Charlie Clark
Silver badge

Out of curiosity, how would a case help with landing screen-down on something sharp, other than if the sharp item is smaller than the case bezel? I'd be surprised if that thin sheet of plastic over the screen would make that much of a difference.

A good case comes with a cover for the screen. As Andrew notes, Samsung does provide some nice cases itself.

1
0
Charlie Clark
Silver badge

Re: Just had a handle of my boss' S7 today

But Samsung's are also very easy to root and put Cyanogenmod on, meaning fast security updates for a long period of time.

It's far from ideal but it's better than nothing.

2
1
Charlie Clark
Silver badge

I think the 4:3 will be related both to the CCD but also to letting you do more in software: you can still take 16:9 images, they'll just be cropped from 4:3. OTOH I've always loved the panorama modes.

The reports are that the CCD is much, much better in lower light than the competition. Still, if I wanted a good digital camera I wouldn't necessarily go for a high-end smartphone, the Nokia stunner being the exception.

1
0
Charlie Clark
Silver badge

Good review

Heise have tested the always on feature and say it matches expectations: briefly lighting up part of an OLED screen really doesn't take much juice.

I passed my first S7 poster today and, in a world where Apple seems eyeing the mid-market, it was very Apple. The S6 Edge gave Samsung a recognisable visual USP for the first time and hopefully they'll make sure they produce enough of the curved screens this year.

I think most people will love the SD card and not worry too much about the battery, loading up with power packs if they think they're going to be without power.

As for a dark theme, well Android N is supposed to come with one of these.

1
0

Hands on with the BBC's Micro:Bit computer. You know, for kids

Charlie Clark
Silver badge

Re: License fee funding another management spinoff?

I think the bigger issue is probably: should the BBC be involved in this at all? I think it's a laudable scheme and I'm a big fan of the BBC principle, but I hope that some kind of non-quango will take over the running soon. No need to give the anti-BBC ammo in charter renewal year.

1
0
Charlie Clark
Silver badge

Re: Scratch

It's better seen as a companion device for a Pi: it can be fitted with a 5V lithium cell and left to run. You could use them to set up a network of sensors all reporting to something running on a Pi.

0
0
Charlie Clark
Silver badge

Re: Sod the Microsoft lock-in!

It's not a physical lock-in but "do everything on the MICROSOFT cloud with MICROSOFT tools" lock-in.

This is hardly going to encourage the tinkering for which the Microbits are ideal. Scratch for the RPi already has the visual introduction to programming angle covered.

1
0

Forums