* Posts by Charlie Clark

4395 posts • joined 16 Apr 2007

Mozilla bins 'Tiles' ads plan in Firefox

Charlie Clark
Silver badge

"focus on content discovery"

Oh, like Opera is trying with the pointless "Discover" feature. Like Taboola but built into the browser? Why not just go the whole hog? But then just concentrate on salacious, celebrity clickbait.

0
0

Windows Phone won't ever succeed, says IDC

Charlie Clark
Silver badge

Always was wondering why they did not ditch ARM altogether and went Intel all the way

Because Intel couldn't provide chips for the power envelope at the time. Now that they sort of can the Intel chips still cost more than ARM. Difficult to get / keep the OEM market going under those conditions – as Intel has repeatedly demonstrated – and that this the stated aim. The assemblies in Shenzhen et al. are built entirely around ARM SoCs.

4
0

OopSSL: Pushme-Pullyou for OpenSSL patches

Charlie Clark
Silver badge
Thumb Down

Re: Point gun at toes, pull trigger

Guess what? Nobody wants to run the risk of their strategic selection being suddenly obsolete overnight, courtesy of rabid, stick-up-bum arsehattery

Yes, because Microsoft never pull patches after release either.

Sys admins should be able to live with any library that has reliable release management. With security stuff you can't necessarily expect just one patch per month. Urgent exploits need urgent patches.

Forking a project might be a means of last resort but sometimes it's the best thing to do. For example, the BSD projects have prospered after their forks. The reasons given for forking LibreSSL rather than trying to fix openssl were sound at the time and that project has more or lived up to its more limited expectations. Various bits of the internet has seen libraries swapped in and out over time and it will be no different here.

2
0
Charlie Clark
Silver badge

SNAFU

I was checking with someone on Friday about this who maintains a downstream (Python) package based on openssl. Not only was this a push-me-pull-you but the different releases also had different breakages.

It would be less bad if openssl didn't have such a fucked up versioning system. It would be marginally less shit if they actually stuck with the one they have. But they didn't. Re-releasing effectively negates the crypto-hashes of the software. Not so clever for crypto-software.

The thing is that the project is now well-financed thanks to some PR-tastic donations by the mega corps. But it doesn't seem to be reflected in release management.

I've just checked an libressl is now in Macports. Time for port uninstall -f openssl and port install libressl methinks.

0
0

Smut-seeding Prenda Law ringleader must sell home to pay $2.5m debt

Charlie Clark
Silver badge

Re: Normally....

Have they also been debarred?

3
0

BOFH: Taking a spin in a decommissioned racer? On your own grill cam be it

Charlie Clark
Silver badge

I like the idea of luring the security team in with pizza as bait.

7
0

Manchester 'wins' £10m to test talking bus stops

Charlie Clark
Silver badge

Re: Northern Power House my fat arse

Manchester: The Turd They Keep Trying To Polish.

To be born in Manchester is to win the first prize in life. FTFY

3
1
Charlie Clark
Silver badge

Re: Northern Power House my fat arse

Don't forget that Maggie had to have second law explicitly further deregulating Manchester's buses so that her cronies at Stagecoach and Arriva could get on with their low wage, low service offerings.

I don't live there any more but when I go home it seems to me that the GMPTE (as was) has been growing a pair over the last few years. Especially the way the tram tendering has been handled.

I now live in Germany so find all the British ticketing systems stupid because they pretend that pricing has any relation to the length of an individual journey. Zonal pricing is the only way to do things.

4
0

Infosec bods rate app languages; find Java 'king', put PHP in bin

Charlie Clark
Silver badge

Re: PHP

in which case the sql injection prevention which is still part of the input filtering will kick in. It's not ideal, but it does add an extra layer of protections just in case it's necessary

I've yet to see any kind of input filtering with respect to the database that wasn't basically a farce. It's a sticking plaster on a sieve. It adds to the maintenance but not to the value.

Sack any developer who writes code that doesn't pass the data in as parameters.

0
0
Charlie Clark
Silver badge

Re: PHP

input filtering

This worries me. What do you mean buy it? I've only ever seen it used in systems that only looked like they were more secure.

If you aren't passing parameters into a prepared statement then you are doing it wrong. It is the DB's job to handle the parameters.

2
0
Charlie Clark
Silver badge
Thumb Up

Re: PHP is filth

I totally agree with you: PHP is evil.

However, chacun a son goût and all that.

0
0
Charlie Clark
Silver badge

Re: I have to wonder...

As noted by another poster: it's often both.

As a language PHP contains more than a few design flaws which make code inherently unsafe: not being strongly typed is certainly one of the biggest problems. It's certainly convenient but you can end up paying a lot just for that.

2
0

PHP 7.0 arrives, so go forth and upgrade if you dare

Charlie Clark
Silver badge

Re: Not backwards compatible...

Promises are making callbacks look kludgy and antiquated.

Because that's exactly what they are.

0
0
Charlie Clark
Silver badge

Re: Not backwards compatible can cause a lot of problems

Particularly in 3 which now complains if you've mixed tabs and spaces for your indenting. It is bad practice and should be avoided, but it's not exactly the easiest thing to spot if you've got limited tools to hand at the time.

Why? It removes ambiguity. Which text editors can't be configured to display control characters?

0
0
Charlie Clark
Silver badge

Re: Not backwards compatible can cause a lot of problems

You don't need this to be part of the syntax to incorporate it into coding standards. All other languages are capable of having automatic coding standards checks without this.

It's Pythonic to make it both required and obvious. It means one less line in your own coding standard. This is straight from any good UX book.

Yes, the whitespace pisses off coders coming from other languages which use other block conventions. But they're just moaning about their cheese being moved. From all other perspectives it is literally a no-brainer.

2
2
Charlie Clark
Silver badge

Re: Not backwards compatible can cause a lot of problems

Any language that uses "whitespace" as a core feature is f**ked up by design from the start!!.

It's not a feature of the language, it's part of the syntax. A subtle but important difference because it emphasises readability as a desirable characteristic of source code. But, hey, who needs code review?

5
1
Charlie Clark
Silver badge

Re: Not backwards compatible...

I remember someone telling me that when PHP5 came out he decided to switch to Python because either way he had to learn a new language.

Rewriting your own code is often not the biggest problem for a version change: dependence upon third-party libraries can be a real deal-breaker.

I hate PHP with a passion but the new version does bring some significant performance and memory improvements. This might be attractive if you can switch with minimal changes.

OTOH just drink the Node.js kool-aid and go with the callback flow!

1
0
Charlie Clark
Silver badge

Re: Not backwards compatible can cause a lot of problems

Apart from the lack of support for u"" and b"" literals, there is remarkably little difference between 2 & 3 syntax and a compatibility shim is tiny.

The real problem is that Python 3 is only ideally better than Python 2. It brought no performance improvements.

Things are only now starting to change with async.io

PS. I want my print statement back. I've been writing Python 3 syntax for years and I still don't think that print should be a function. Even less with f"" literals in 3.5

1
0
Charlie Clark
Silver badge

Re: They had to release it as v7

Cos perl6 will be out in a few weeks

'cos we never heard that before! ;-)

2
0

Booming Ballmer bellows 'bulls**t' over Microsoft's cloud revenue run rate

Charlie Clark
Silver badge
Stop

Re: Hang on, is Ballmer starting to have a vision ?

Microsoft made hand-over-fist during Ballmer's tenure. As a sales guy he really understood revenue and how to maximise it. If Azure isn't making money then making this known will really help focus those responsible.

He was less successful in the development / vision area which gave us Vista and Window 8. Okay for some of the shit in Vista, Gates was responsible and someone should have been in place to stop Sinofsky turning 8 into his own private toy.

But where Ballmer really fucked up was in acquisitions: aQuantive, Skype, Nokia, etc. But he'd more than earned the money to do this. IIRC MS profits per quarter more than covered those fuck ups.

And by keeping his shares he's also keeping his money very much where his mouth is.

10
1

Popular 3G/4G data dongles are desperately vulnerable, say hackers

Charlie Clark
Silver badge

Re: Cellular modems

Yep, my trusty old ZTE dongle only understand AT commands and you need physical access to fuck with it.

That said, I bet the firmware is a pile of crap.

0
0

CloudFlare intros HTTP/2, so we can ‘spend holiday time with our family’

Charlie Clark
Silver badge
Go

Great news

I take my hat off to CloudFlare for really working hard on this and providing it at no extra cost.

7
2

Monster fund manager sticks pin in Silicon Valley's unicorn bubble

Charlie Clark
Silver badge

A webscale Ponzi scheme

An increasing number of unicorns is an essential part of the private equity culture. Profits used to be made on IPO or acquisition. But the extended, er, grooming of the unicorns now gives opportunities to snare other investors, including retail ones, and sucking in more money for a smaller piece, thus driving up the valuation. A high valuation means a higher cash-out for those with preferred stock.

Thus Goldman Sachs was selling bits of Facebook to private individual ones before IPO. This was very close to breaking SEC rules about the number of investors you can have before you have to go public. Since then the rules have been relaxed including through the cleverly titled JOBS Act, which now allows the banks to finance private equity using crowdfunding. What could possibly go wrong?

Add to this the artificially low interest rates which have savers chasing yields harder than Frank Gallagher chasing a free drink and you've almost got perpetual motion. Almost. With the Federal Reserve tipped to raise the base rate to, shock horror, 0.5%, the party could be coming to an end. If it wasn't for the financial repression in Europe and Japan ensuring lots more funding. The scale is smaller but this has shades of the sub-prime mortgage scam in it: German savers ended up holding some of the biggest turkeys. Bond yields in Germany are now largely negative, in Switzerland entirely negative.

But even with all this let's not ignore that this structure has led to some successful companies: Facebook has a nice profit margin; Airbnb definitely has legs; NewRelic provides a monetised service. Some of the others are spectacularly anti-profit (SnapChat, WhatsApp) – way to go guys – and we are close to the dotcom assumption of scale automatically being followed by profit. But there is still too much faith in being able to just add webscale to a good idea to get a huge profit. How on earth is Groupon still in business? Some of the startups outside San Francisco are actually making things and might surprise us yet.

2
0

Google to end updates, security bug fixes for Chrome on 32-bit Linux

Charlie Clark
Silver badge

Re: It's not 32-bit that's the issue

Why should Google support those 32-bit operating systems? They never promised to support them for that long. And for desktop it really is a bit overkill.

TBH a lot of this LTS is hooey. RedHat et al. promise to support stuff but in fact you're often left in the lurch when upstream maintenance ends.

0
0

If a picture tells a 1000 words about latency, Google won't load it

Charlie Clark
Silver badge

Meanwhile in Germay

You can now buy SIM cards with virtually unlimited traffic WhatsApp. TopUp requirements are minimal. No use to me as I don't use it but interesting all the same.

Net neutrality: who needs it?

0
0
Charlie Clark
Silver badge
Coffee/keyboard

Re: The sites i visit...i NEED to see the pictures

Er, is that just coffee on your keyboard! ;-)

2
0
Charlie Clark
Silver badge

Re: So far you rarely wait for images

I don't see DNS queries as the real problem. And I've given up worrying about JS libraries: hopefully Houdini will allow things like JQuery to get slimmer over time but the important thing is people letting the browser decide how to do things and put load as much JS as possible after the onLoad() event.

http/2 should bring significant improvements but as long as people insist on using multi MB big images for thumbnail previews then websites will continue to get slower.

0
0
Charlie Clark
Silver badge

So, all good then! ;-)

1
0
Charlie Clark
Silver badge

Re: Déjà vu

TBH better to have control in the browser, which this kind of proxy setting does. Because "retina" websites are filling themselves with fooking huge images that generally get downloaded whatever the device.

0
0

Sued for using HTTPS: Big brands told to cough up in crypto patent fight

Charlie Clark
Silver badge
Stop

Here is my suggestion to fix this ludicrous aspect of the American way.

Pretty numptyish solutions to the problem.

1) "person in that knowledge field" is an even more difficult term than the "reasonable person" making an obvious discovery. If you look at the history of patents most abuse has come from large companies with more resources than patent holders. What you suggest would further entrench this system.

2) don't encourage even more litigation. In such an unlikely situation then the government should simply license the relevant patents.

The problems with the US patent system are well known: patents in too many fields are granted too readily and the courts, notably the one in east Texas then get to deliberate on their validity.

The US patent system must be overhauled so that it is sufficiently resourced to check patents. In the case of some of the vaguer software and business patents, which are the ones that cause most of the problems, applicants could be required to demonstrate specific applications. Because it is often the blanket application of a relatively minor patent across a whole field that causes problems. Cf. this one and the website plugin one. The patent clerks should have the authority to reject these applications on sight – though applicants should also have the right to appeal.

14
0

So why exactly are IT investors so utterly clueless?

Charlie Clark
Silver badge

Sort of – losses in one investment can be offset against profits elsewhere but you generally don't want all your investments to flop (unless you're Goldman Sachs selling mortgage-backed securities…).

The tax-advantages are important only as part of the bigger picture: borrow someone else's money (obviously, you don't want to carry the risk yourself) at the current artificially low interest rates (cheap credit is being paid for by screwing savers) and invest it instead of your own money. Any profits can be funnelled out via the most tax effective means. Publicly listed companies are currently doing this: borrowing money to buy their own shares instead of paying dividends Private equity has a few more tricks up its sleeve such as preferred stock which virtually eliminates risk for the privileged few. Inflating the value of RsWyp is important in sucking in other people's money to allow the scheme to run to fruition. Here again those artificially low interest rates play their part as suckers looking at returns of 0.5% (at best) on safe assets are attracted by RsWyp's potential due to its phenomenal growth. And their goes your pension…

18
0

BOFH: How long does it take to complete Friday's lager-related tasks?

Charlie Clark
Silver badge

Re: BOFH getting soft in his later years ?

Why should she care as long as she's getting paid. After all, she's probably got a boss of her own…

You seem to have forgotten that the BOFH has already met his match.

12
0

Mobe-maker OnePlus 'fesses up to flouting USB-C spec

Charlie Clark
Silver badge

Re: Standards, for a reason

Trading standards should be able to enforce some kind of notice or otherwise withdrawal from sale.

0
0

Nominet to hike price of UK web domains by 50%

Charlie Clark
Silver badge
Go

Re: Regulation?

I think you're spot. Articles 28 and 29 of the company could probably be legally challenged: giving executives power over the board is definitely non in members interests: the board is supposed to supervise the executives "for the benefit of the Members as a whole…" Article 1A.

There are no specific provisions about being a non-profit, but seeing as this is usually allied with special tax treatment, this is probably deliberately so. However, the purpose of the company seems to act in the interests of the members as long as they don't clash with those of the public. A bit nebulous but difficult to square higher prices without a benefit to members.

1
0

Mozilla annual report shows risky Google dependency now risky Yahoo! dependency

Charlie Clark
Silver badge

Re: Losing browser-market share...

So who's gaining?

Chrome mainly, though also Safari with the general shift towards mobile (from which Chrome also benefits). Weird because I find Firefox the best mobile because of the extensions.

People tend to stick with the default: IE on Windows, Safari on Mac, etc. People moved to Firefox and then to Chrome on Windows because Microsoft fucked up so badly.

4
0
Charlie Clark
Silver badge

Re: The problem

re. XUL

If you can't maintain something then you have drop it. Not so sure on what kind of UI stuff you really need for extensions – I've yet to come across an extension that only exists for Firefox that I need – but maybe following Vivaldi's lead there and switching to JS will be the way to go. Hell of a migration path but I suspect it could be partially automated. I hate JS but the toolchain is now pretty sophisticated and not having don't have to maintain your own multiplatform UI kit is a big win.

Vivaldi definitely, it's now my second browser, demonstrates that you can go beyond merely skinning Chrome.

0
1
Charlie Clark
Silver badge

Re: The problem

Dropping XUL and NPAPI were definitely sensible technical decisions.

As usual it's the "other stuff" that shows a lack of focus: fucking around with the UI and stuff built around new commercial agreements.

I've seen some good reviews of Firefox OS on tellies so that might be an avenue worth pursuing. There's no money in it for phones so they should drop that.

3
1

Spending Review: GDS gets £450m, Cabinet Office budget slashed

Charlie Clark
Silver badge

Those suggestions

a Common Technology Services programme will allow the Civil Service to purchase consistent, flexible and modern IT, driving savings and improving performance

Oh great, let's start doing everything different. Again! In systems procurement flexibility and consistency rarely go hand-in-hand are never seen with the word "cheap". Consistency usually goes with "standard" which can be simpler and perhaps cheaper. Well, that's the theory.

a new way of delivering digital services, Government As A Platform, will provide a common set of core systems that enable government departments to share digital services, technology and processes

This one's dead before it starts. There are no "digital services", just existing services delivered digitally.

the development of the GOV.UK Verify programme to enable individuals to prove their identity online and to access government services securely and safely.

Impossible without some form of electronic id-card with TFA (card and secure reader). Make it entirely voluntary and highlight the advantage for people of having a government system that can securely and anonymously verify identity. Could do a lot worse than buy in the existing the Estonian system. Or at least work with its components because the UK system will probably be subjected to more criminal energy than the Estonian one. By no means try and resuscitate old schemes or start with something blue sky.

Fuck, $ 450 will probably have been spent by the end of January. Time to buy shares in whale cruises, josstick factories and Vegas conference centres! Oh, and some "cowanking" space in London.

3
0

Hacker predicts AMEX card numbers, bypasses chip and PIN

Charlie Clark
Silver badge

Could have jobbed for a day in a trendy coffee shop…

OTOH given the number of cards Americans generally have all he probably had to was ask a few friends.

Don't quite know about US liability but in the UK this will mean that AMEX (and probably others) can be expected to be held liable for card fraud until they can demonstrate they have a fix. They normally insure against fraud but I can imagine the insurers also turning them down. Of course, any losses they do incur will be recouped through higher charges but in the meantime it looks like there's money to be made.

0
0

Grow up, judge tells EFF: You’re worse than a complaining child

Charlie Clark
Silver badge

Not the point

The case seems to be about making an ISP an agent of copyright holders. This is obviously nonsense without a contract. The ISP is contracted to its customers and the networks it peers with but not with BMG or anyone else. If BMG wants Cox to police its network then it should pay it do so (this might pave the way to offer stuff cheaper legally than illegally), otherwise the case should be dismissed as without merit.

The issue of whether access to the internet counts as a fundamental is entirely separate. I don't know US law so I don't know if there are any provisions for such services: water, electricity, telephone and internet. Oh and TV for Merkins. If there is no such provision then the amicus is also without merit. Some countries (France and Estonia, I think) have made an internet connection a human right which, especially in France, could lead to some interesting legal wrangles.

I really don't understand the copyright holders. Pursuing theses cases eats up a lot of resources while at the same time they seem content to sign up streaming services for a pittance and streaming services is where the market is moving: people seem to have been largely convinced that access to something online is all they need.

11
1

'Hypocritical' Europe is just as bad as the USA for data protection

Charlie Clark
Silver badge

Not that the ICO has been any better.

You're right. And neither has the Irish ICO. Of course, they've been kept on a short lead by the government and are chronically underfunded. With the ECJ judgment that might start to change: even if the ICO doesn't want to grow a pair the courts are likely to uphold challenges if they decide to do SFA.

Phoney war until the end of January.

1
0
Charlie Clark
Silver badge

The group has of European Data Protection Officers has given the situation until the end of January for a resolution after which Safe Harbour will be treated as no longer valid and its also likely that the "standard clauses" favoured by the Commission will considered in much the same way. We'll hopefully see a couple of high profile cases then everything will settle down: "suveil-as-you-go", fast-track warrants will no doubt become available to all law enforcement services that want them.

About the only thing this article gets right is the shift away from the European Commission to the national officers. Good because data protection is probably the area where the Commission has consistently failed to act in the interests of EU citizens.

Safe Harbour was on the way out anyway when the new Directive goes into force. It's just going to happen faster now.

4
0

Cat discovers GNOME desktop bug

Charlie Clark
Silver badge
Mushroom

More proof that the GTK is shit

I bet this wouldn't have happened with QT!

0
0
Charlie Clark
Silver badge

Re: My Daughter is Smarter than a cat.

Your daughter sounds smarter than you, if you let her loose on your computer logged in as you. I gave both my sons their own logins so they could happily wreak havoc without affecting anyone else.

That sounds like hubris. Most kids are able to pick up their parents login details very quickly: their young brains are wired to copy behaviour exactly.

3
1

From $6bn to $4.2bn to $2.9bn: Square's ever shrinking unicorn horn

Charlie Clark
Silver badge

Re: Bubble 2.0

Add to this the effect of artificially low interest rates in funnelling savers money (via pension funds) into risky investments such as VC funded start-ups.

1
0

Apple's design 'drives up support costs, makes gadgets harder to use'

Charlie Clark
Silver badge

They have a point

Apple's design has improved from the skewomorphic nightmare of a few years ago but is now much more perfume bottle (the bottle is the product) than a deodorant spray (the spray is the product).

Not sure about trashing Google for blindly following Apple. I personally think that the Material Design guidelines are far better thought out and presented than the Apple stuff now it. IOS 8/9 is "beautiful", Material Design has, er, rediscovered discoverability.

5
0

Hey Cortana, how about you hide my app from the user?

Charlie Clark
Silver badge

Re: Mad, Mad Multitasking

Office Mac 2011 was usable because it's got a menu but Office 2013 is a nightmare for me,

I'd have to agree on this and as I've been using Word since version 2 (skipped Office 2003) I'd say I've coped with most UI changes (disappearing menus was another disaster).

Office 2016 has the advantage of looking and behaving largely the same on Windows and Mac and is far less confusing than Office 2011 or 2013.

2
1
Charlie Clark
Silver badge

Re: Mad, Mad Multitasking

they do a lot of testing and so support many routes to the same result as people work differently.

This assertion flies in the face of most usability research which has been summarised as "make design as simple as possible and reduce choices for any particular task. No choices are best".

But, hey, if it works for you then you may have a great career ahead of you.

0
5

Dell and EMC customers happy about prospect of Dell/EMC merger

Charlie Clark
Silver badge

Business logic versus finance

No doubt there's some business logic behind the consolidation: it's easier to buy all the bits for a data centre from a single supplier. But then there's financial engineering behind this deal. The debt behind this deal is staggering and it's difficult to see it ever being repaid through increased sales. VMWare is where the value is and the tracking stock looks very much like a tax avoidance vehicle with the takeover merely show.

1
0

Game of Photons: Boffins make ICE with FIRE

Charlie Clark
Silver badge

More than a curio?

If the principle is to slow a molecule down by hitting it with a photon, where does the energy go? (Direction is important for momentum but not energy, discuss).

Personally, I don't see any direct application of laser-cooling but the underlying principle of energy extraction may have legs.

0
0

Forums