Posts by BlueGreen

@Peter Geoghegan

a decade+ ago I spent a week trying to get a tiny test prog (one or two hefty lines of STL) running using the early STL with metrowerks C++.

I lost. Broken compiler, broken STL. It put me off for life.

I can handle C++ and welcomed some of it but the tangled, obtuse, spiny and obstreperous mass of the language eats too deeply into my limited cognitive reservoir, which I prefer to keep for tackling the quite-sufficient complexities of app development.

The cost of using it is too high for me so, no ta if I can help it.

good points by many but why did this happen

My guess is this is a classical organisational problem, not a technical one. There's no single person in charge of security so there's no single person to push for the necessary, their job/neck being on the line.

Even sadder is the case where a few people try to get something done but for exactly the same reasons are prevented because it's not their official responsibility - and no-one within the organisation can give them that responsibility.

@DZ-Jay: perhaps as an technical architect you could lay bare for us the problems with stateless transport protocols and your recommended alternative, and let us also know where immature (?) scripting languages come into this.

@AC 08:03, @Doug Glass, @Jim

@AC: You're quite right to make that distinction between offensive and muted ads. I hadn't considered that, my mistake.

@Doug Glass: "...my, my, my ad infinitum".

"me, me me", yes I know your type. but anyway, let's see, you paid for the computer, your connection, your electricity - but not the websites which with your computer/electricity/connection you browse.

And consider how is your "enterprising person" going to look on a market which has died through lack of a funding stream.

Perhaps you'd best set up some of "my websites" and fill them with interesting stuff so you'll have something to look at if/when there's bugger all left.

@Jim: please read my post again. I didn't say ads were required (I said it's either ads or micropayments AFAICS, and FTR micropayments seem preferable to me) and your "unquenchably greedy parasites of big business" is reminiscent of my "...deeply impoverished web effectively owned by the big business that can exploit it."

There's too much good stuff out here. The web is genuinely one of the best things ever to happen (and the worst sink for free time imaginable). I'd like to keep it. And Ms. Bee would like to keep her job.

"Macro4 SAP product specialist Markus Fehr told The Reg..."

"... that Unicode requires four bytes of memory per character"

is he a unicode expert then? I thinks I don't believe that I'm not convinced at all.

AFAIK most unicode (western) code points can be represented with two bytes (exceptions are Han & ilk I understand) and if most of your data is pre-unicode then it's presumably ascii which can be represented as UTF8 with no change in representation at all.

And if "It's static or historical information" then it doesn't need changing at all at all.

They couldn't possibly have gone for UTF32 without considering the implications, could they?

@OneTwoThreeFour , @johnB

@OneTwoThreeFour:

don't apply the updates.

It's crashed once for me in the past year. <shrug>

As for simplicity, I'm perhaps with you there. Trouble is drossy websites full of RIA crud. Companies just can't seem to stop themselves.

@johnB. Just doesn't happen with me. Have you tried disabling flash, which seems the main bandwidth/cpu hog? The side-effect of advert-free, flicker-free, fast-loading pages is a plus.

FTR IMO FF FTW. I'm sticking with it.

I'm currently pissed so I'll say it

America's bloody mad.

I've never personally met any Americans who are other than sane, stable and thoughtful (well, maybe bar 2 on reflection but given the sample size that's very good going) but when it comes to sex, rationality gets its face pushed into the mud by the nutters with the dogma-fuelled bull-bellowing that carries right across oceans.

But enough of cassandra-ing, something completely different; why java sux. From the glassfish code some examples:

EJBLocalObjectInvocationHandlerDelegate delegate = new EJBLocalObjectInvocationHandlerDelegate(...)

and, not making this up:

Proxy proxy = (Proxy) Proxy.newProxyInstance(...)

Java. 1980's language design repackaged for new millenium, and in the same box, too.

Not that what glassfish code I've been randomly browsing is very well written either. Reassuring.

fake browsing applet

For people with short memories here, TrackMeNot is an FF plugin. Simple and probably quite effective. Don't crank up the fake browsing rate too high (I use 10 batches per hour) or google will pick it up and lock you out for a while.

Looks like I'll be installing Tor or I2P or something. Like I've not got enough already to do... stupid government.

And (other story) witless David Cameron, what a clue-free prat. How can I try defending politicians when they just blurt it out without waking their brains first? Seriously, some of them are utter idiots.

"...we plan to offer an excellent, compelling alternative in this competitive field,"

which will be in my blocklist so fast you'd think it was a coked-up cheetah with waterskis on a lake of baby oil.

Ads are gross but sites need to support themselves somehow. We really need a grown-up discussion on a micropayments alternative. It's either adverts, micropayments, or the death of many quality sites on the web. I don't see a fourth option and I truly don't want the third.

oh noes!

should have read the article properly. Thought it was orientation matching not which way up should it be.

<blush>

Please ignore.

...accurate to one second for 300 million years ... mmkay...

...as measured against ... what?

(today is National Ellipses Day. Take one to work. Or eat it. Or paint it or ...something.)

@dervheid

My point therefore is that the bird flu cauldron bubbles on, if currently on low simmer, and it's potentially a very bad disease.

> All that this modelling will show is the predicted spread, if nothing is done.

So hopefully they will build on the research. They may learn something useful eg. that face masks don't work well so spend it elsewhere (or the converse). Until the research is done there are no facts to plan with.

BTW slamming down the shutters may not help much once a very infectious disease starts spreading, given modern transport like planes (the US seems to fly lots internally) and the incredible density of modern cities.

@Peter: Not ready at all AFAIK. But a bristly mustache on our stiff upper lips - why, what microbe would dare try getting past that.

@Filippo

a filippant answer.

I rather doubt the ICO wants these powers

they might have to do some work if they got them. Useless pathetic numpties they were when it came to Phorm.

@I say...

Never heard that one before. Sounds like a damn good idea.

understanding and working towards usability would be a win

I appreciate the roadmap covers a ton of different things but usability should be core. The gnome desktop + apps have some stupid flaws.

But credit where it's due lads (+ ladies, if any)

all a bit too 'big iron'

"...but common formats and live migration across all platforms is something customers want"

Common formats probably, live migration - no. Not unless you can tell me why it's going to help me, where 'me' any of the innumerable small businesses of the world with small budgets.

And before they get too clever, did VMWare cure that disk corruption bug that apparently occurred with heavy disk activity on sata VMWare server when running on windows (<http://communities.vmware.com/message/967522>)? Cos I think that' would concern me more.

@Sean Baggaley

Quality troll!

I feel myself already becoming exasperated and preparing to respond[*] to your up-the-garden-path-with-a-herring assertions.

.

[*] In pictures, natch.

@Alex @Chronos

I'm pretty sure it's the well documented stuff about the tickboxes you find in Tools|Options|Security tab for "tell me if the site I'm visiting is a suspected forgery/attack site"

FF downloads blacklists from google as I understand it, that's all. De-tick these two and see if that shuts it up.

Just intercepting the http (you can even do this with squid logging) would probably be enough to tell you what's up - no packet sniffing or disassembling required. Even scroogling for

firefox connects google regularly

would have come up with answers on the first few links.

Talk about making an easy job hard, Chronos.

@AC 20:45 GMT

I guess you're the guy who keeps popping up whenever a new FF release is mentioned.

1. Have you raised any request with the developers for your requirements?

2. Have you considered doing it yerself? Being open code & all that? You could roll your suggsted releases back into the wild

3. The perennial db bookmarks question. How about you add a mere command line arg that exports and imports bookmarks as text (or ask the developers). All the machinery for it is there.

4. FF is fine for me.

In small defence of norton

That was the first AV package I ever used. I hated it so moved on to another... and another... and another... and it was downhill all the way.

Norton did what it said on the tin, albeit like a lardy pig. All the rest were progressively worse, culminating in the disaster called f-secure, an utter reeking ammoniacal Augean stable.

Disclaimer: I work for no AV vendor.

@Daniel Garcia

Damn right.

I expect to earn my job. If someone can do it better then they should get it, regardless of race/skin/language/country of origin/etc.

@Fraser

No probs, I shouldn't have been quite so righteous for that matter.

I am fucking speechless

and I don't normally do a Dzubia. After cocking it up with Sender Verification and Phorm, they do this.

heard it before

It's been well known for at least a couple of years that business video conferencing can induce people to travel more rather than less, to meet in the flesh the people they've formed online working relationships with. I doubt it'd be different for non-business relationships - more so, in fact.

But don't worry, expensive oil is coming to stay, I'd guess within 6 to 18 months. Watch the gears of modern life fill with molasses then. It'll not be pretty.

@@rota

> I did state that it's mathematically impossible to map a set onto a smaller set without collisions

Depends entirely on the entropy of the larger set.

But then we all know what we're talking about, not really disagreeing on anything but quibbling over trivia then taking it personally. We wouldn't converse like this if we were face-to-face in a pub, so why here? (assuming any of us would talk tech in a pub - I really hope not)

Hashes in general collide. We all know it and the consequences/resolution. End of story.

IT Content -- By Mendez

Oh yes, this gets better & better!

I do love the reg.

MS's stupidity is infinite - an example

Installed SQL server 2005, had problems, found a handy link. Here it is:

<http://social.msdn.microsoft.com/forums/en-US/sqlsetupandupgrade/thread/cf2573e7-c9db-4b6f-8894-e99c30124cdb/>

.

Except that I use noscript and this F&£$%^ING page won't display and tells you it won't display *UNLESS JAVSCRIPT IS ENABLED* even though it's STATIC TEXT.

.

I am getting sick of MS. "the pain is only just beginning for Microsoft ". Damn right, I hope it burns the hide off the clown who decided this was a great idea.

I'm seriously angry. MS is the ultimate dog in the manger; if they can't have it all to themselves they'll ruin it for everyone else.

I should be mellow about it. It's a losing strategy in the long term. I just don't feel mellow right now.

I think you beat me on the Stupid Food Retail front, but here's my offering

Some years ago a supermarket chain was selling boiled eggs. Eggs + heat, thassall. To make them a bit more appealing to those who don't know the miracles four minutes of hot water can perform, the shells were dyed pretty colours to bring the illusion of new horizons achieved in boiled avian foetusness.

A quick note to salesdrone Katy Patino - go and do something useful.

@Alex

Attitudes like yours push people into windows. Attitudes like yours will ensure linux remains for the arsy-tempered minority.

I've better things to do than fight with low-level stuff just to prove something to something about my testosterone levels to you. I have work to do that involves doing useful stuff.

(BTW a for-example, if I had to configure my iptables by hand rather than a point-and-click gui it would have taken much longer, leaving me open to malware for much longer. Just something to consider).

Not really relevant but I want to say it

I've used a variety of these software security suites and f-secure was the worst, by far, from failing to install correctly (firewall yes, AV no???) to regular crashes (restart the service manually) to failing to block ports properly to failing to reply to any question I asked regarding these security holes, or in fact *any inconvenient question whatsoever*.

It was their crapness that finally pushed me to linux+netfilter and away from these packages, so they did me that one favour.

Avoid.

A bit more info, & @Matt

I followed a link I'd missed before in the article (oops) and got some useful info. <http://securitylabs.websense.com/content/Blogs/3300.aspx> mentions that the page you're redirected to has some javascript (weirdly obfuscated in a way I've not seen before; can anyone explain?).

So, it looks like blocking JS will block the exploit. Request to author of this article - make this clear in future.

Matt, as you're one of the few not posting about ubuntu here, what do you reckon to the 'grab the mutex first' suggestion. In fact, if the users are running as users not as admin, would that be enough to stop it, ye reckon?

And the sooner we get to some intelligent, fine grained control of browsers' scripting, the better. Why should xmlhttprequest be on by default.

Disclaimer: I'm not a web developer. This may be obvious.

glass houses/throw stones

Suppose this is true.

If the US has it then the 'baddies' (as the US insists on tritely calling them) will have it pretty soon. One or two of those in the middle of a US city or a US power or power control station would be devastating.

IIRC fuel-air explosives were found to be able to produce an EMP. But if you could produce and place a decent-sized working FAE then perhaps the EMP is just a small bonus.

Urgh, the havoc we can make with modern technology. Like a small kid with matches.

No, lord no, not more RIA crap, will they ever learn

"The goal is to let users on Linux machines play video and enjoy the same breadth of content and quality of experience enjoyed by..."

= To allows us to subject the user to the same level of flashing, bandwidth-wasting crap using unnecessary non-standard extensions that we can only do on windows at the moment.

I'll say it, it only seems right

Well done, Unu, for not abusing it.

Microsoft on the astroturf again?

Each article on FF always ends up with a handful of commenters saying how bad it is, almost all of them ACs (@Mark excepted). Something smells. Might be interesting to see where their IPs come from.

Oh, and @AC 14:29, stop whining like a small child. I provided links to an about:config tweak and also to a plugin. If you haven't the wit to follow simple instructions, nor even follow a link and install a plugin when it's handed to you on a plate, shut up and go to IE. Unless you're pwnded by MS anyway, which maybe you are.

@MnM

Damn good question. It & its relatives have been worrying me. There's an answer somewhere (a recent article in new scientist?) suggesting that at current rates of increase of energy emission we would start making a globally significant contribution in heat in about a century (figure from memory, don't trust it).

We won't be doing it solely by fossil fuels because we'll be out before then, hence I wasn't worried by this particular extrapolation, but humanly speaking we seem to abuse any resource bequeathed us, and if/when geothermal takes off I fear we'll abuse it likewise. Someone's calculation was that geo could give us 30,000 years of energy. I think that assumed we'd use it wisely. I think that is not a valid assumption.

Where do I start

1) Wot's a transaction, then? What exactly are you measuring here, and do you mean (as is often meant when transactions are mentioned) to persistent backing store? Difficult, at microsecond times.

2) "...costs between $7,500 and $10,000 per machine...". And I just bought 2 gig of server memory for £25. so, 20 * £25 = £500 on the nail for 40 gig of memory. Inc tax, delivery, retail not bulk. About $710.

3) Native mem is going to be a touch quicker than sucking it off a remote machine.

5) Or you could consider having machines with different sized memories and moving the *application* around instead to follow the workload.

6) I give up.

.

Readaaalabaaaahdit!

No more of these silly articles for me.