@Apple's number one shareholder: I've read the article several times and I still can't find a reference to Google so why the swipe?
This was a SNAFU and Apple should try and learn from it. An apology to users and developers would be a start.
4584 posts • joined 16 Apr 2007
@Apple's number one shareholder: I've read the article several times and I still can't find a reference to Google so why the swipe?
This was a SNAFU and Apple should try and learn from it. An apology to users and developers would be a start.
My app store account has been broken since September: apps which require a login (including XCode) start to download and then fail with a poorly translated error message.
The messages in syslog look suspiciously like authentication failures. I've spent over an hour on the phone with Apple's always polite support and have even run a system trace and provided the dump. Silence thus far from the fruity ones but it looks like this evening the problem has been resolved. Coincidence?
I don't know if you've caught any of "Hunted" but the ability of the spooks to clone phones thanks to I-Cloud is quite worrying.
Let's face it, if someone is able to put up fake base stations then intercepting all our data isn't going to be that hard for them. With or without additional "help" from the manufacturers.
Edge is IE11 minus all the legacy cruft. So there is some shared code.
Largely true. I think Edge has no officially forked from the IE 9 branch that was itself a rewrite of existing code.
IE has had fewer bugs than say Google Chrome and Safari for years now.
This is both false and misleading: exploits in IE are more dangerous than in Chrome or Safari because of the way it's hooked up in the OS.
The same approach you suggest seems to be working for EnterpriseDB: helping companies to come down off their hideously expensive Oracle habit.
This whole article smacks of sour grapes from Mr Asay who has drifted from company to company (now with Adobe it seems) where he seems to have championed the open core approach.
I'm pretty sure that companies will pay something for software though more along the lines of support and maintenance than the mere privilege of being able to own something. The industry also has to adjust to years of over-charging for minimal added value: the core of lots and lots of enterprise stuff has always been open source.
Doesn't really matter it's the analyst's BS that drives a lot of the stockmarket.
I don't think the actual number is that important – Apple outsold the competition by far – but the possible trend: are sales holding up or tailing off? After the initial hype of the I-Phone it was the ability to develop native apps and the creativity of the developers that made it so desirable. It may still be early days but I'm still waiting for the developer stories that explain the unique opportunities (and $$$) that the Apple Watch provides them. From a product development and innovation standpoint it still looks like Pebble is still setting the pace. Maybe Tim should dip his hand in the sofa and buy Pebble: probably a better bet than the Beats buy was.
Thanks, but how about the O-O-O stuff? I thought this was the stuff that's really difficult to get right?
it has a 16-stage pipeline with multi-issue out-of-order execution, can scale from single core to hexacore
I am not a chip guy but that sounds to me a bit like the P4 pipeline which required a lot of silicon and performance often suffered with o-o-o (it's damn hard to get this right). How much "general purpose" do you need for this where the option of dedicated (let's say encryption or something similar) units wouldn't be a better choice? Okay, this puts the onus on the compiler and the programmer to produce the right code for the right unit but so far this seems to be beating hardware heuristics.
Methinks you're overinterpreting the changes and expected performance improvements.
It looks like the simplification of the architecture leads to a 20% improvement over the previous generation. The real boost comes from, surprise, surprise, boosting the clock speed. This might be enough in the cut-throat section of the market.
As for your suggestions: who's saying they aren't available (for a price) from ARM? Or haven't been added by some makers to their own chips? I think this is the difference between the ARM and Intel value proposition.
. Causing a program to kill itself via pledge could open the door to security holes (for example, if you could get an AV daemon to terminate, this would allow known malware to get a foothold)
That really is a stupid example. As someone else has already noted, that sort of thing can be configured to restart automatically, as I'm sure only too many of us have witnessed only too often.
The problem with simply killing any process (because it tries to overstep its pre-defined limits or for any other reason) is that it might fail in an undefined way which might corrupt or expose state in some way.
external vs. internal
The two can be seen as complimentary. The nice thing about this approach is that it shouldn't be possible to use permission escalation to work around it which seems to be the sledgehammer approach for SELinux or the new stuff in Mac OS. Here trying to get an app to do something which isn't on the manifest should just fail (maybe unpleasantly and with undesirable consequences but with no way out of the sandbox).
But any oversight system always runs the risk of quis custodet custodes? which then becomes the next target for attack.
If nothing else this might help developers think twice before asking for everything. They might be pleasantly surprised by how little they need and enjoy the resulting sense of security that their code is less likely to provide an attack vector.
I wonder if (static) code analysis can be applied to come up with permissions likely to be required by the main loop?
I can see some potential edge cases that might annoying or inconvenient but nothing that can't be solved by making the list of required permissions a bit longer. Making that explicit is a win in itself.
I think the way the data is collected is dependent upon website visits: WhatsApp and the like don't generate traffic that comScore can measure. This should have Twitter even more worried.
… how little "reach" Twitter is getting because people find direct messaging more convenient! This is why investors are getting jittery and the recent round of pink slips. Oh how my heart doesn't bleed!
This Bill shouldn't cost much money, and is a _vast_ improvement over RIPA and DRIPA in many areas.
Wow! Better than a law that the courts have struck down! That is praise indeed!
I reckon your guess at how effective it might be is way off the mark. 2 % of the population would be close to a million people.
I suspect that there are probably less than 1000 organised terrorists and criminals (sometimes it's hard to tell the difference). Any more than that and you're in real trouble as the IRA, ETA, RAF, etc, have illustrated. Probably ditto that for hardcore sex offenders and their ilk. 5000 at the most. That is about 0.1 % of the population. And a lot of the dangerous people will already be going dark with reliable end-to-end encryption that is padded to maker it harder to detect: you can probably do the audio equivalent of stenography by embedding a telephone call in some streaming audio.
So what exactly are they logging? The primary domain (e.g. facebook.com) or specific HTTP requests for pages that follow it?
They will log all outgoing requests on all ports. They won't be logging domains because resolution to ip addresses happens on the user's computer (and quite possibly soon in the browser to secure DNS). Plus, more and more traffic is going https anyway which will happen almost automatically with http/2 over the next couple of years.
It's great way to bury a needle in an ever-growing haystack!
Not if someone hacks the ISPs and then posts the MPs info.
Surely that could never happen?
Actually, might be the best way to kill it but you'll need to have your exit strategy and chosen place of exile better worked out than Snowden did. The powerful really don't appreciate being snooped upon.
OTOH the system is likely to be so open to abuse that any and every foreign intelligence service is able to access it and traffic sniffing is usually a model of net neutrality!
You got a lot of downvotes for refusing to pre-judge the bill. Evidently a bunch of commentards would like to insist on a set of prejudices.
The biggest question the bill has to answer is why is it needed at all? It's just another expensive and ineffective powergrab that further limits civil liberties. hm, how long do we need to consider that? I suppose we can only hope that it will be as shoddily drafted as DRIPA so that the court can strike it down again or that the House of Lords can sufficiently defang it.
In times of austerity (and we've already seen the sort of things the government thinks that means) what you don't need are more government while elephants.
I recommend ignoring anyone who says, right now, that it's good or bad.
Neither, it's simply not required.
A lot of smoke an mirrors have been used to conjure up new threats (as if the IRA wasn't a real threat back in the day) and miraculous new ways of communicating open to the new threats.
All the evidence, not that there is much of it because there are vested interests in expansion of surveillance, continues to point toward the fact that properly funded detective work can provide grounds for suspicion necessary to get a warrant to do pretty much what the fuck you want. But ever-expanding surveillance diverts resources away from detective work and also encourages to commodification of anti-surveillance techniques such as encrypted peer-to-peer messaging.
We thank you for your insight.
The financing is covered in the article: search referrals. Jon von T probably knows how many users he needs to get to get enough searches to cover costs.
They're might also be opportunities for additional income through value-added services if they can hone the user-focussed approach to serve niche markets better.
Opera 12 is, of course, not being maintained so it's not getting any security updates. You're well advised to at least install one of the more recent versions in parallel. They're acceptable since bookmarks were reintroduced and do benefit from a more modern rendering engine. Install Opera Mail standalone if, like me, you still use it because frankly nothing like as good is out there. If you do use Opera Mail you may need Opera 12 for some things such as certificate management.
The newer Opera browsers really are different browsers so no different to installing say Firefox or Chrome or even Vivaldi.
As for Vivaldi, give it a spin. You might even like it! And, if not, you might even appreciate being able to tell the devs what could be improved.
Been using the browser as a secondary one for months and it's become increasingly stable. Internally it's also running on Chromium so site compatibility isn't a problem.
I suspect it will become my main browser before the end of the year and I've come to the conclusion that I'd even pay an annual fee for a good browser and mail client.
The developers, many of which are ex-Opera, are extremely open to usability in a way that the major browser have lost. Opera really lost its way when it (thoroughly understandably) jumped on the Chromium ship and had to reinvent bookmarks having thought them irrelevant. It's now got a more coherent strategy that laudably focusses on third-world accessibility but for the rest seems to be chasing rainbows.
I think the target market will be those using OS/2 or eComStation for dedicated work. Presumably the deal include the kernel sources so that it can be recompiled to run on modern chips, BIOS and I/O (disk, video, USB) systems.
That said Workplace Shell was the best desktop GUI bar none. It was, of course, hamstrung by being single-threaded for a long time. It made the desktop something that you could actually use productively as opposed to the pretty backdrop that it is for most of us.
Very little it seems:
The programming cockups were reported by security researcher Ronald Crane. "These do not all have clear mechanisms to be exploited through web content but are vulnerable if a mechanism can be found to trigger them,"
No software bugs are good but neither are they all "cockups" – something like heartbeat would count as one of those. If you don't understand the possible attack vectors as a result of the bugs then just admit it and don't dress them up as "scary". A lot of bugs do require pretty esoteric exploits which, however, can be quickly "weaponised" once the attack vector is understood and a proof of concept has been developed. This is the nature of security.
And how about providing links to the various CVE reports?
I'm not a fan of the shit they keep on adding to the browser and the UI fuckery but there is no doubt in my mind that Mozilla is much more responsive to bugs since it switched to time-based releases.
Apple's record on the security front isn't exactly stellar. Yes, they do provide updates for an enviable number of devices when they do release them but there millions of devices are out there at any one time which maybe vulnerable to known but undisclosed exploits: think of permission escalation on OS X and the slew of bugs not fixed for IOS 8.
The fact is that Apple stuff is not more secure, and I say this from a MacBook, but Apple does care more about its reputation than other companies.
But isn't it time for Google to step up and be responsible for it's OS and provide timely security updates ala Microsoft/Apple?
Which is what it does with AOSP. However, it's recently gone beyond that and starting adding stuff in via PlayServices. I recently got a stagefright patch like this on my S5.
Clearly, what is missing is the issue of liability which it will be for the courts to decide. EU warranty law is pretty clear on this but it's just not being tested at the moment. Project Zero seems to me a serious attempt to raise the profile of the flaws and the fact that Google has often already provided fixes for them.
Security is an afterthought for too many in the industry. But it will continue to be this way until it becomes too expensive to ignore it.
Actually, VW has already denied the allegation that the same software used elsewhere is in use in the Audis and Porsches. It's to be expected that something similar is in use but the EPA should probably start being very careful with any new allegations because they may prejudice the inevitable legal proceedings.
Regarding a general problem: it's difficult to combine fuel efficiency with low NOx emissions seems to be borne out in the most recent tests. However, there do seem to be some exceptions. The German ADAC, itself recently tarnished putting up its "car of the year" awards to the highest bidder, has done some real world tests indicating that under test conditions about a third of diesels exceed Euro-VI NOx limits by up to 15 times, another third up to two times and one third are well within the the limits. However, real world use suggests that all vehicles regularly exceed the limits by three to four times. Source Interview on German radio.
It also goes into detail about the additional costs for scrubbing diesel emissions and much simpler this is for petrol engines. It's a tricky problem because diesel still offers better fuel economy than petrol but the problems with NOx and soot emissions are particularly acute in urban areas.
Given the current low oil price and the glut of diesel on the market, I can't help think that there is an interest in switching back to petrol in Europe. Long-term, however, I think we're moving towards combustion engines as battery chargers. This will allow for optimal fuel cycles independent of what power the vehicle is drawing. This is coupled with the mechanical simplicity of the electric drive train, which makes more an increasingly attractive proposition, if we ever manage to significantly increase the energy density of batteries.
There are a lot of coders who will do this even if not incentivised by the
Downvoted for "incentivised"! ;-)
Though I'm not sure the charge applies to the open source development. I think buzzwords and fads are more likely explanations for convoluted and error-prone coding.
It goes without saying that drivers should not be in kernel space. Even if this is only an organisational distinction.
This make me ask: why does the person who committed the code still have commit rights?
Maybe it's debatable as to how possible compiler optimisations are reflected in source code. I've always thought it was the compiler's job to figure this out using minimal sugar in the source. But this kind of debate is obviously misplaced in the kernel and probably indicative of other issues: maybe it's time to part ways.
80 character lines is not bullshit, it is still relevant today. More text than that on one line is not as legible
That's not quite true. Line lengths of about 120 chars are fine which is why paperbacks use them. But 80 chars is generally enough for most lines.
The 80 chars come from the terminals used in the 1970s and the practice of distributing patches via e-mail where additional line breaks could cause problems. It's stayed around because readable diffs are so important.
80 chars isn't a hard limit in Python and I don't know any people who use something like lint to enforce it. PEP 8 is the main set of rules, wisely reminding us that "foolish consistency is the hobgoblin of tiny minds".
Indeed. Having a piss is the least of the indulgences: vomiting, fondling and fornicating can often be found in pictures from the Golden Age.
Georgian and Regency sensibilities were indeed a great deal more licentious than the Victorian prudishness which came to dominate. There's economic argument in there somewhere.
You obviously have no idea about large systems.
So much of El Reg is either slap-dash or PR for some vested interest, so it's nice to see articles like these.
So this is a success for the telecos u der the auspicious stewardship of H-dot.
Actually no. The whole thing is running under Ansip's remit, Oettinger's got his fingers in other pies.
As Kieren rightly points out the law is a typical fudge: roaming and net neutrality have nothing to do with each other and, therefore, shouldn't be on the same bill. But it was cooked up as a compromise to suit the nation states, who are more or less beholden to the telcos (though less in Germany than in France or the UK). Both the European Commission and the European Parliament have historically been much more pro-consumer in this field (Viviane Reding wanted to eliminate roaming charges over ten years ago!).
The key to all the EU's regulation is making sure than a healthy wholesale market exists. For ISPs, this means LLU and occasionally inspecting peering agreements between the companies that provide the physical infrastructure of the internet. Without proper supervision some companies could, at least in theory, start offering their own private interwebs and thus ensuring exclusivity. Imagine one of the behemoths buying a film or TV studio.
For mobile, this means the ability to choose a separate company to provide roaming services. I'm already in my second year of no roaming charges for calls, and this is on a German PAYG card. When visiting the UK I already have a dedicated SIM for data only, but wouldn't it be even easier to use my existing one but choose the same UK provider? On modern infrastructure phone calls have negligible marginal cost for providers, which is why they were so loathe to lose the free money they were making on roaming, but data may remain a permanent bottleneck (we'll always want to watch films using more bandwidth than is available on any particular cell). This would restrict investment because of the promise of negative returns without some kind of a cap. A wholesale market provides space for third parties to provide additional capacity. Got a low-data UK PAYG and visiting France? Why not buy 2GB for 1 week for 1 Euro directly from Orange France as opposed to whatever gouging your own provider has to offer? Arbitrage should lead to prices consolidating around a sustainable level over time.
Net neutrality has been a largely hysterical sideshow, though it did raise some important issues. But, at the end of the day, does it really come down to being encouraged to use the streaming service of your ISP over something like Watchever?
David Gray tune…
But the revenue figure is uncontested, and real revenue is what counts.
Not really. Income is what really matters. Lots of the phone makers can waive impressive revenue numbers around but few have any profits worth speaking of.
I haven't viewed the numbers but it looks to me like the beginning of the end of WP: going nowhere in the high-end, withdrawing from the low-end and the licensing deal seems as popular as leprosy.
The update cycle is a farce. It's like the worst combination of Android an IOS: you can only get updates from MS but they come once in a blue moon and, by Mr Orlowski's account, seem to be following the ITunes development strategy of adding crap and removing useful bits.
There are lots of things to admire in Windows Phone and the devices are generally very impressive builds for their price (I'm a sucker for OLED which rarely comes so cheap) but Office and Cortana on Android an IOS may already be making more real moolah for MS than WP ever will.
And whether you like MS or not, we should all recognise that they didn't get where they did with marketing alone: they have some great technology and some good tools. It would be nice to see them entering new markets with them.
Either that or the floggle-toggle. Some things never change.
Quite right. Clickbait with a headline about how cheap Chinese phones are sweeping the planet and use it as a lever to talk unscientifically and simplistically about the collapse of the steel industry. As if it hasn't been collapsing since the 1980s.
I live in Germany and know damn well what I pay for electricity (€ 0.25 per kWh). I don't even mind paying more, well the extra we're going to pay to keep the Bavarians happy is annoying, but nevertheless I'm in general agreement with the policy. I also know that this is much more than what any of the many industrial factories pay for their power. I also realise that power in the US is even cheaper, though that particular advantage is somewhat by the current artificial exchange rates.
Steel isn't that fungible but with the current stupidly engineered oversupply some producers are desperate to get rid of it. I think WTO talks about US claims of dumping by the EU have only recently been resolved.
The rounding has nothing to do with the tom-foolery and financial repression of money printing.
It is a reaction to the financial drag imposed by the highly effective "barrier pricing" of 0.99 or 0.49. Effective because research indicates that most people think that 0.99 is significantly less than 1.00 and, therefore, people buy something for *.99 because they think it is a big discount over *+1.99. This behaviour leads to sums at the checkout requiring the expensive to process small change. Outside of Germany, where it was studied and found that people do care (and this is largely why there are 1 and 2 cent pieces), it turns out that most people are more than happy with a round-up/round-down approach.
Also, that should the ARM architecture start making serious inroads, then it'll be Intel fabbing the best of them.
Maybe, but the prices and margins on ARM are much, much lower. As Intel has already found out in the tablet space.
Fleecing venture capitalists?
No, they made their money back when it went public.
I can imagine some money being spent to get the feed by some media companies thinking it constitutes public opinion (it is opinion that is public but that is not the same thing) but that wouldn't be more than a couple of million a quarter.
But who the fuck is paying for sponsored tweets?
I thought Brotli was mainly about improving compression over the network? Sure, as an alternative to deflate you can use it for files but why bother? There are other formats that crunch better (xz springs to mind) at the expense of being slower. For video all the magic is in the codec which notoriously doesn't compress much further.
As for the sexist bollocks - just seems like clickbait and most people seem to have swallowed it.
Moving video drivers out of the NT kernel and into user-space to speed things up?
IIRC it went the other way because of the speed of context switching on x86 chips and Microsoft needed a fast system to impress customers. Security? Well they already had the C2 (or whatever it was) certificate. Not that people really cared anyway.
Or both. The price for Russian gas goes down every day a pipeline to China doesn't exist. Pollution from coal is a huge problem in China but so is the amount of energy produced from coal. Hence current plans to increase generation from every other source: gas, renewable and nuclear.
Emulators just aren't fast enough. But then again, the Windows data centre market is relatively small.
Mellanox and FPGA and at ARM prices? You can see all kinds of engineering shops falling over themselves to get hold of some of these. It's an HPC wet dream!
Qualcomm traditionally has extremely good connections to the military so it's more than possible that they will kickstart the business with a huge data centre order that we'll never hear of but that will help them get the volume to get other business.
Especially when it's not entirely true. I haven't seen any recent breakdowns but the summer numbers showed that the Edge was selling better than expected, so much so that supply couldn't meet demand, and the S6 less and this is was led to disappointing numbers.
There's no doubt that Apple is still taking the lion's share of the profits but the S6 Edge seems to be doing a good job in establishing Samsung as not just an "also ran".