* Posts by Charlie Clark

3618 posts • joined 16 Apr 2007

If a picture tells a 1000 words about latency, Google won't load it

Charlie Clark
Silver badge

So, all good then! ;-)

1
0
Charlie Clark
Silver badge

Re: Déjà vu

TBH better to have control in the browser, which this kind of proxy setting does. Because "retina" websites are filling themselves with fooking huge images that generally get downloaded whatever the device.

0
0

Sued for using HTTPS: Big brands told to cough up in crypto patent fight

Charlie Clark
Silver badge
Stop

Here is my suggestion to fix this ludicrous aspect of the American way.

Pretty numptyish solutions to the problem.

1) "person in that knowledge field" is an even more difficult term than the "reasonable person" making an obvious discovery. If you look at the history of patents most abuse has come from large companies with more resources than patent holders. What you suggest would further entrench this system.

2) don't encourage even more litigation. In such an unlikely situation then the government should simply license the relevant patents.

The problems with the US patent system are well known: patents in too many fields are granted too readily and the courts, notably the one in east Texas then get to deliberate on their validity.

The US patent system must be overhauled so that it is sufficiently resourced to check patents. In the case of some of the vaguer software and business patents, which are the ones that cause most of the problems, applicants could be required to demonstrate specific applications. Because it is often the blanket application of a relatively minor patent across a whole field that causes problems. Cf. this one and the website plugin one. The patent clerks should have the authority to reject these applications on sight – though applicants should also have the right to appeal.

14
0

So why exactly are IT investors so utterly clueless?

Charlie Clark
Silver badge

Sort of – losses in one investment can be offset against profits elsewhere but you generally don't want all your investments to flop (unless you're Goldman Sachs selling mortgage-backed securities…).

The tax-advantages are important only as part of the bigger picture: borrow someone else's money (obviously, you don't want to carry the risk yourself) at the current artificially low interest rates (cheap credit is being paid for by screwing savers) and invest it instead of your own money. Any profits can be funnelled out via the most tax effective means. Publicly listed companies are currently doing this: borrowing money to buy their own shares instead of paying dividends Private equity has a few more tricks up its sleeve such as preferred stock which virtually eliminates risk for the privileged few. Inflating the value of RsWyp is important in sucking in other people's money to allow the scheme to run to fruition. Here again those artificially low interest rates play their part as suckers looking at returns of 0.5% (at best) on safe assets are attracted by RsWyp's potential due to its phenomenal growth. And their goes your pension…

18
0

BOFH: How long does it take to complete Friday's lager-related tasks?

Charlie Clark
Silver badge

Re: BOFH getting soft in his later years ?

Why should she care as long as she's getting paid. After all, she's probably got a boss of her own…

You seem to have forgotten that the BOFH has already met his match.

12
0

Mobe-maker OnePlus 'fesses up to flouting USB-C spec

Charlie Clark
Silver badge

Re: Standards, for a reason

Trading standards should be able to enforce some kind of notice or otherwise withdrawal from sale.

0
0

Nominet to hike price of UK web domains by 50%

Charlie Clark
Silver badge
Go

Re: Regulation?

I think you're spot. Articles 28 and 29 of the company could probably be legally challenged: giving executives power over the board is definitely non in members interests: the board is supposed to supervise the executives "for the benefit of the Members as a whole…" Article 1A.

There are no specific provisions about being a non-profit, but seeing as this is usually allied with special tax treatment, this is probably deliberately so. However, the purpose of the company seems to act in the interests of the members as long as they don't clash with those of the public. A bit nebulous but difficult to square higher prices without a benefit to members.

1
0

Mozilla annual report shows risky Google dependency now risky Yahoo! dependency

Charlie Clark
Silver badge

Re: Losing browser-market share...

So who's gaining?

Chrome mainly, though also Safari with the general shift towards mobile (from which Chrome also benefits). Weird because I find Firefox the best mobile because of the extensions.

People tend to stick with the default: IE on Windows, Safari on Mac, etc. People moved to Firefox and then to Chrome on Windows because Microsoft fucked up so badly.

4
0
Charlie Clark
Silver badge

Re: The problem

re. XUL

If you can't maintain something then you have drop it. Not so sure on what kind of UI stuff you really need for extensions – I've yet to come across an extension that only exists for Firefox that I need – but maybe following Vivaldi's lead there and switching to JS will be the way to go. Hell of a migration path but I suspect it could be partially automated. I hate JS but the toolchain is now pretty sophisticated and not having don't have to maintain your own multiplatform UI kit is a big win.

Vivaldi definitely, it's now my second browser, demonstrates that you can go beyond merely skinning Chrome.

0
1
Charlie Clark
Silver badge

Re: The problem

Dropping XUL and NPAPI were definitely sensible technical decisions.

As usual it's the "other stuff" that shows a lack of focus: fucking around with the UI and stuff built around new commercial agreements.

I've seen some good reviews of Firefox OS on tellies so that might be an avenue worth pursuing. There's no money in it for phones so they should drop that.

3
1

Spending Review: GDS gets £450m, Cabinet Office budget slashed

Charlie Clark
Silver badge

Those suggestions

a Common Technology Services programme will allow the Civil Service to purchase consistent, flexible and modern IT, driving savings and improving performance

Oh great, let's start doing everything different. Again! In systems procurement flexibility and consistency rarely go hand-in-hand are never seen with the word "cheap". Consistency usually goes with "standard" which can be simpler and perhaps cheaper. Well, that's the theory.

a new way of delivering digital services, Government As A Platform, will provide a common set of core systems that enable government departments to share digital services, technology and processes

This one's dead before it starts. There are no "digital services", just existing services delivered digitally.

the development of the GOV.UK Verify programme to enable individuals to prove their identity online and to access government services securely and safely.

Impossible without some form of electronic id-card with TFA (card and secure reader). Make it entirely voluntary and highlight the advantage for people of having a government system that can securely and anonymously verify identity. Could do a lot worse than buy in the existing the Estonian system. Or at least work with its components because the UK system will probably be subjected to more criminal energy than the Estonian one. By no means try and resuscitate old schemes or start with something blue sky.

Fuck, $ 450 will probably have been spent by the end of January. Time to buy shares in whale cruises, josstick factories and Vegas conference centres! Oh, and some "cowanking" space in London.

3
0

Hacker predicts AMEX card numbers, bypasses chip and PIN

Charlie Clark
Silver badge

Could have jobbed for a day in a trendy coffee shop…

OTOH given the number of cards Americans generally have all he probably had to was ask a few friends.

Don't quite know about US liability but in the UK this will mean that AMEX (and probably others) can be expected to be held liable for card fraud until they can demonstrate they have a fix. They normally insure against fraud but I can imagine the insurers also turning them down. Of course, any losses they do incur will be recouped through higher charges but in the meantime it looks like there's money to be made.

0
0

Grow up, judge tells EFF: You’re worse than a complaining child

Charlie Clark
Silver badge

Not the point

The case seems to be about making an ISP an agent of copyright holders. This is obviously nonsense without a contract. The ISP is contracted to its customers and the networks it peers with but not with BMG or anyone else. If BMG wants Cox to police its network then it should pay it do so (this might pave the way to offer stuff cheaper legally than illegally), otherwise the case should be dismissed as without merit.

The issue of whether access to the internet counts as a fundamental is entirely separate. I don't know US law so I don't know if there are any provisions for such services: water, electricity, telephone and internet. Oh and TV for Merkins. If there is no such provision then the amicus is also without merit. Some countries (France and Estonia, I think) have made an internet connection a human right which, especially in France, could lead to some interesting legal wrangles.

I really don't understand the copyright holders. Pursuing theses cases eats up a lot of resources while at the same time they seem content to sign up streaming services for a pittance and streaming services is where the market is moving: people seem to have been largely convinced that access to something online is all they need.

11
1

'Hypocritical' Europe is just as bad as the USA for data protection

Charlie Clark
Silver badge

Not that the ICO has been any better.

You're right. And neither has the Irish ICO. Of course, they've been kept on a short lead by the government and are chronically underfunded. With the ECJ judgment that might start to change: even if the ICO doesn't want to grow a pair the courts are likely to uphold challenges if they decide to do SFA.

Phoney war until the end of January.

1
0
Charlie Clark
Silver badge

The group has of European Data Protection Officers has given the situation until the end of January for a resolution after which Safe Harbour will be treated as no longer valid and its also likely that the "standard clauses" favoured by the Commission will considered in much the same way. We'll hopefully see a couple of high profile cases then everything will settle down: "suveil-as-you-go", fast-track warrants will no doubt become available to all law enforcement services that want them.

About the only thing this article gets right is the shift away from the European Commission to the national officers. Good because data protection is probably the area where the Commission has consistently failed to act in the interests of EU citizens.

Safe Harbour was on the way out anyway when the new Directive goes into force. It's just going to happen faster now.

4
0

Cat discovers GNOME desktop bug

Charlie Clark
Silver badge
Mushroom

More proof that the GTK is shit

I bet this wouldn't have happened with QT!

0
0
Charlie Clark
Silver badge

Re: My Daughter is Smarter than a cat.

Your daughter sounds smarter than you, if you let her loose on your computer logged in as you. I gave both my sons their own logins so they could happily wreak havoc without affecting anyone else.

That sounds like hubris. Most kids are able to pick up their parents login details very quickly: their young brains are wired to copy behaviour exactly.

3
1

From $6bn to $4.2bn to $2.9bn: Square's ever shrinking unicorn horn

Charlie Clark
Silver badge

Re: Bubble 2.0

Add to this the effect of artificially low interest rates in funnelling savers money (via pension funds) into risky investments such as VC funded start-ups.

1
0

Apple's design 'drives up support costs, makes gadgets harder to use'

Charlie Clark
Silver badge

They have a point

Apple's design has improved from the skewomorphic nightmare of a few years ago but is now much more perfume bottle (the bottle is the product) than a deodorant spray (the spray is the product).

Not sure about trashing Google for blindly following Apple. I personally think that the Material Design guidelines are far better thought out and presented than the Apple stuff now it. IOS 8/9 is "beautiful", Material Design has, er, rediscovered discoverability.

5
0

Hey Cortana, how about you hide my app from the user?

Charlie Clark
Silver badge

Re: Mad, Mad Multitasking

Office Mac 2011 was usable because it's got a menu but Office 2013 is a nightmare for me,

I'd have to agree on this and as I've been using Word since version 2 (skipped Office 2003) I'd say I've coped with most UI changes (disappearing menus was another disaster).

Office 2016 has the advantage of looking and behaving largely the same on Windows and Mac and is far less confusing than Office 2011 or 2013.

2
1
Charlie Clark
Silver badge

Re: Mad, Mad Multitasking

they do a lot of testing and so support many routes to the same result as people work differently.

This assertion flies in the face of most usability research which has been summarised as "make design as simple as possible and reduce choices for any particular task. No choices are best".

But, hey, if it works for you then you may have a great career ahead of you.

0
5

Dell and EMC customers happy about prospect of Dell/EMC merger

Charlie Clark
Silver badge

Business logic versus finance

No doubt there's some business logic behind the consolidation: it's easier to buy all the bits for a data centre from a single supplier. But then there's financial engineering behind this deal. The debt behind this deal is staggering and it's difficult to see it ever being repaid through increased sales. VMWare is where the value is and the tracking stock looks very much like a tax avoidance vehicle with the takeover merely show.

1
0

Game of Photons: Boffins make ICE with FIRE

Charlie Clark
Silver badge

More than a curio?

If the principle is to slow a molecule down by hitting it with a photon, where does the energy go? (Direction is important for momentum but not energy, discuss).

Personally, I don't see any direct application of laser-cooling but the underlying principle of energy extraction may have legs.

0
0

French Playmobil heist: El Reg denies involvement

Charlie Clark
Silver badge

I know who did it

It was the Small Soldiers and this doesn't bode well for life in suburban France

4
0

Hold on, France and Russia. Anonymous is here to kick ISIS butt

Charlie Clark
Silver badge

Re: Getting Tough

The labour party is far right wing, Blair is extreme right wing.

You're exaggerating, of course. He was opportunistic as much as anything else, which is why the evident conviction displayed about Iraq sat so strangely and for which he will probably be remembered (and reviled). Looking back I always try and imagine how things would have been if the Tories had stayed in power. But he did drag the country into a needless and expensive conflict that has almost certainly contributed to instability in the Middle East.

Mr Booth's comment did, however, prefigure Blair's opportunistic and egocentric politics as wonderfully satirised by The Comic Strip in The Hunt For Tony Blair.

7
0

X-Gene 3 in 2016 – no, not a superhero movie. It's a 16nm FinFET 64-bit ARM chip for servers

Charlie Clark
Silver badge

Re: Its getting harder...

Cool as it sounds: they ain't here yet.

0
0

Apple supremo Tim Cook rules out OS X fondleslab, iOS merger

Charlie Clark
Silver badge

There's a simple solution to the Safari problem: don't use it.

Apple hasn't go everything right since Snow Leopard but it hasn't all been about convergence since then: ignore ITunes shittyness and the OS has got some TLC.

1
3

PNG pongs: critical bug patched in ubiquitous libpng

Charlie Clark
Silver badge

News?

This will not be fun: the graphics processing library libpng has a vulnerability and needs to be patched.

Why should it be fun?

Why is it news? It's news if the patches aren't available. But they are.

2
3

TalkTalk hired BAE Systems' infosec bods before THAT hack

Charlie Clark
Silver badge
Coat

Re: An audit means nothing

Yes, the pen works fine…

15
0
Charlie Clark
Silver badge

Re: "Police told us not to answer questions"

No, this is good advice and standard practice.

If only Dido had stuck with it.

I think her public appearances to discuss the attacks were straight out of the good PR book and basically the right thing to do: admit to a problem; look concerned about it and busy trying to fix it. But, she should have stuck to the script that any lawyer or police would have given her an not commented on any details because of the ongoing investigation. Better still would have been a joint appearance with the police.

But she had to put her foot in her mouth.

2
1

PostgreSQL learns to walk and chew gum

Charlie Clark
Silver badge

Re: MySQL versus PostgreSQL comparison

Actually, it's more the case that MariaDB are doing a good job of cleaning up Oracle's MySQL warts.

Nope, can't agree there. MySQL has become more predictable and reliable under Oracle's stewardship. Many long standing bugs/failures have finally been corrected. I'd still recommend Postgres over MySQL but anyone who thinks that Oracle isn't taking MySQL seriously doesn't understand databases.

1
2
Charlie Clark
Silver badge

Re: MySQL versus PostgreSQL comparison

In the early 2000s MySQL's marketing was better and this helped push the LAMP monstrosity and its related bad practices onto a grateful world.

MySQL was a company that understood the importance of getting on PFY's notebooks, which were mostly running Windows and so they provided a Windows installer. Postgres had to be installed using cygwin: this worked fine but wasn't like to win any friends.

This helped favour MySQL and and encouraged development of PHP/MySQL stacks (with some fucking awful code most of the time). Database speed didn't tend to matter as it would be shot in the foot by the lack of connection pooling within a single page, let alone across sessions. And, oh yeah, there was the whole "parametrised queries, we've heard of them" versus "magic quotes" stuff. Magic quotes still make me want to cry.

I did some performance tests on something I was working on at the time and found no significant read performance advantages with MySQL. But it was faster for inserts – look ma! no triggers – as long as you could live with table-locking. Performance went down the toilet with joins; and a developer's life got harder because it meant manually adding indexes for foreign keys that Postgres ensured you got automatically.

2
2
Charlie Clark
Silver badge

Re: MySQL versus PostgreSQL comparison

MySQL with MyISAM ran a lot faster

As does anything if you drop integrity checks… which means replacing them with slower and less reliable application code.

MySQL's habit of applying table locks is a killer in many situations. Postgres has always had better concurrency.

But the biggest reason to avoid MySQL is that it fails big time and joins and encourages people to develop non-normalised schema. Relational DBs are all about joins and, done right, they're fast because they use indexes.

That said, Oracle seems to be doing a good job of cleaning up MySQL's warts.

4
3

Apple's OS X App Store downloads knackered by expired security cert

Charlie Clark
Silver badge

The article said it has happened with others but implied that since Apple has so much money they should be able to afford someone to manage this process.

And as a shareholder you obviously think there's something wrong implying this? Damn right Apple should be doing a better job for its paying customers and developers!

1
8
Charlie Clark
Silver badge

@Apple's number one shareholder: I've read the article several times and I still can't find a reference to Google so why the swipe?

This was a SNAFU and Apple should try and learn from it. An apology to users and developers would be a start.

3
6
Charlie Clark
Silver badge
Megaphone

Broken for longer than that

My app store account has been broken since September: apps which require a login (including XCode) start to download and then fail with a poorly translated error message.

The messages in syslog look suspiciously like authentication failures. I've spent over an hour on the phone with Apple's always polite support and have even run a system trace and provided the dump. Silence thus far from the fruity ones but it looks like this evening the problem has been resolved. Coincidence?

0
0

Samsung S6 calls open to man-in-the-middle base station snooping

Charlie Clark
Silver badge

Re: Bourne....

I don't know if you've caught any of "Hunted" but the ability of the spooks to clone phones thanks to I-Cloud is quite worrying.

Let's face it, if someone is able to put up fake base stations then intercepting all our data isn't going to be that hard for them. With or without additional "help" from the manufacturers.

2
0

Edge joins Explorer in bumper crop of security patches

Charlie Clark
Silver badge

Re: It's hard to have an original comment about the drip/dribble/stream of updates from MS/Adobe

Edge is IE11 minus all the legacy cruft. So there is some shared code.

Largely true. I think Edge has no officially forked from the IE 9 branch that was itself a rewrite of existing code.

IE has had fewer bugs than say Google Chrome and Safari for years now.

This is both false and misleading: exploits in IE are more dangerous than in Chrome or Safari because of the way it's hooked up in the OS.

1
4

Open to the core: MongoDB's enterprise push in 'joins' U-turn

Charlie Clark
Silver badge
Thumb Up

Re: The problem with OpenCore

The same approach you suggest seems to be working for EnterpriseDB: helping companies to come down off their hideously expensive Oracle habit.

This whole article smacks of sour grapes from Mr Asay who has drifted from company to company (now with Adobe it seems) where he seems to have championed the open core approach.

I'm pretty sure that companies will pay something for software though more along the lines of support and maintenance than the mere privilege of being able to own something. The industry also has to adjust to years of over-charging for minimal added value: the core of lots and lots of enterprise stuff has always been open source.

2
0

Get an Apple Watch or die warns Tim Cook

Charlie Clark
Silver badge

Re: Let's be clear:

Doesn't really matter it's the analyst's BS that drives a lot of the stockmarket.

I don't think the actual number is that important – Apple outsold the competition by far – but the possible trend: are sales holding up or tailing off? After the initial hype of the I-Phone it was the ability to develop native apps and the creativity of the developers that made it so desirable. It may still be early days but I'm still waiting for the developer stories that explain the unique opportunities (and $$$) that the Apple Watch provides them. From a product development and innovation standpoint it still looks like Pebble is still setting the pace. Maybe Tim should dip his hand in the sofa and buy Pebble: probably a better bet than the Beats buy was.

5
5

Team MIPS tries to spoil ARM's party with new 64-bit Warrior, 32-bit microcontroller brains

Charlie Clark
Silver badge

Re: Optimistic?

Thanks, but how about the O-O-O stuff? I thought this was the stuff that's really difficult to get right?

0
0
Charlie Clark
Silver badge

Optimistic?

it has a 16-stage pipeline with multi-issue out-of-order execution, can scale from single core to hexacore

I am not a chip guy but that sounds to me a bit like the P4 pipeline which required a lot of silicon and performance often suffered with o-o-o (it's damn hard to get this right). How much "general purpose" do you need for this where the option of dedicated (let's say encryption or something similar) units wouldn't be a better choice? Okay, this puts the onus on the compiler and the programmer to produce the right code for the right unit but so far this seems to be beating hardware heuristics.

0
0

ARM's new Cortex-A35: How to fine-tune a CPU for web browsing on bargain smartphones

Charlie Clark
Silver badge

Re: Ok... How exactly will this work?

Methinks you're overinterpreting the changes and expected performance improvements.

It looks like the simplification of the architecture leads to a 20% improvement over the previous generation. The real boost comes from, surprise, surprise, boosting the clock speed. This might be enough in the cut-throat section of the market.

As for your suggestions: who's saying they aren't available (for a price) from ARM? Or haven't been added by some makers to their own chips? I think this is the difference between the ARM and Intel value proposition.

0
0

Untamed pledge() aims to improve OpenBSD security

Charlie Clark
Silver badge

Re: Stupid idea

. Causing a program to kill itself via pledge could open the door to security holes (for example, if you could get an AV daemon to terminate, this would allow known malware to get a foothold)

That really is a stupid example. As someone else has already noted, that sort of thing can be configured to restart automatically, as I'm sure only too many of us have witnessed only too often.

The problem with simply killing any process (because it tries to overstep its pre-defined limits or for any other reason) is that it might fail in an undefined way which might corrupt or expose state in some way.

1
0
Charlie Clark
Silver badge

Re: Only goes down, not up ;)

external vs. internal

The two can be seen as complimentary. The nice thing about this approach is that it shouldn't be possible to use permission escalation to work around it which seems to be the sledgehammer approach for SELinux or the new stuff in Mac OS. Here trying to get an app to do something which isn't on the manifest should just fail (maybe unpleasantly and with undesirable consequences but with no way out of the sandbox).

But any oversight system always runs the risk of quis custodet custodes? which then becomes the next target for attack.

0
0
Charlie Clark
Silver badge
Thumb Up

Formalising intent

If nothing else this might help developers think twice before asking for everything. They might be pleasantly surprised by how little they need and enjoy the resulting sense of security that their code is less likely to provide an attack vector.

I wonder if (static) code analysis can be applied to come up with permissions likely to be required by the main loop?

I can see some potential edge cases that might annoying or inconvenient but nothing that can't be solved by making the list of required permissions a bit longer. Making that explicit is a win in itself.

1
0

LG picks up US smartphone crumbs, gains on Apple and Samsung

Charlie Clark
Silver badge

I think the way the data is collected is dependent upon website visits: WhatsApp and the like don't generate traffic that comScore can measure. This should have Twitter even more worried.

0
0
Charlie Clark
Silver badge

The real news is…

… how little "reach" Twitter is getting because people find direct messaging more convenient! This is why investors are getting jittery and the recent round of pink slips. Oh how my heart doesn't bleed!

3
0

UK's super-cyber-snoop shopping list: Internet data, bulk spying, covert equipment tapping

Charlie Clark
Silver badge
Meh

Re: Cautiously optimistic

This Bill shouldn't cost much money, and is a _vast_ improvement over RIPA and DRIPA in many areas.

Wow! Better than a law that the courts have struck down! That is praise indeed!

2
0
Charlie Clark
Silver badge

Re: So we have this Risk..

I reckon your guess at how effective it might be is way off the mark. 2 % of the population would be close to a million people.

I suspect that there are probably less than 1000 organised terrorists and criminals (sometimes it's hard to tell the difference). Any more than that and you're in real trouble as the IRA, ETA, RAF, etc, have illustrated. Probably ditto that for hardcore sex offenders and their ilk. 5000 at the most. That is about 0.1 % of the population. And a lot of the dangerous people will already be going dark with reliable end-to-end encryption that is padded to maker it harder to detect: you can probably do the audio equivalent of stenography by embedding a telephone call in some streaming audio.

1
0

Forums