Toutes votre base sont nous appartiennent!
Vous n'avez aucune chance de survivre fabriquez votre temps!
Mwa! Ha! Ha! Ha! Ha!
2209 posts • joined 22 Jun 2009
Vous n'avez aucune chance de survivre fabriquez votre temps!
Mwa! Ha! Ha! Ha! Ha!
We don't think we're brighter than the BBC
Perhaps not, wouldn't know, don't care. You're also not brighter than even a pretty dim star, or a 500 W construction spot for that matter. I usually avoid staring at those, too.
Yeah, that. well they're not going away apparently.
There's also the mouseover bar; the newly-added delay is nice but on my browser when you pass the mouse over it to reach the browser's command bar it pops up and won't go away, which means I have to sneak the pointer by the side gap. No biggie; a bit annoying.
Soooo I found a solution. w3m. Black background, no image. No problem.
I don't know what it does to advertising revenue but at least it's a version of the site I can actually look at, which has to be better than no page views at all.
Plus I get to use a truly good no-nonsense web browser.
8. Wet T-shirt contest!
Hey, I do own one of these. Can I enter it in your contest?
Fuck that's impressive. The old design was really WAY better and less agressive.
we're forced to listen to the SRE announce Every. Single. One. Every. Single. Time.
Oh wow. And I thought the gazillion cruft lines above useful content it creates on w3m was annoying...
Nothing different that I noticed when using w3m; good.
I also tried on a graphical browser, and it looks a bit like a website designed for cell phones: the mousover images and the "featured" images are humongous, as is the text, resulting in only a tiny part of the page height being displayed at once. "zooming out" kinda fixes that but then the fixed width feels a bit awkward.
And I like grey, very stylish. Good thing it's not entirely gone.
Overall it's not too bad, if you really had to. We'll get used to it. Or we'll use text-mode browsers.
I switched to w3m almost completely* for El Reg (cuts both the white wastelands and immense immages from the Monstrous Makeover). The alt text displayed for that image is Bush in Game of Thrones; hardly a hidden attempt at political manipulation.
*I do use the "night theme" on xombrero from time to time, but something on El Reg seems to kill xombrero regularly, even without js)
Good read on an otherwise extremely dull day.
The simple fact is that all of these renewable technologies can be implemented on the existing footprint of current infrastructure in our cities and on our roads today.
The problem is not that renewables are not a complete solution. The problem is nutters who spout nonsense such as "micro generation is the way to go". Hey, let's solve malnutrition in the world, quick, everyone start growing lentils on a piece of damp cotton, that'll take care of it!
The problem is that people pushing "renewables" are fighting very hard to cut every other possible power source, despite the very obvious fact that, as you say, said renewables just can't cover more than ~10% of the energy need in densely populated areas such as western Europe (and I'm being generous). At a huge cost, at least for now. I'm not against experimentation with wind power and the like, but let's not get ahead of ourselves and discard the actual power sources, shall we? (to that regard the UK has acted as a warning for other european countries such as France that has slowed down the planned deployment of windfarms considerably after the overchannel results were published... and kept nuclear plants open that had been earmaket for shutdown after Fukushima. SOmeone has to provide that energy the UK is not self-producing anymore, heh?)
Yeah, deleting this post was a smart move methink; although it did make for a nice read, it was almost completely unrelated to the (to me, completely abstruse) post it was supposed to answer to.
I hope you fare well in you new pasture (no doubt more appleish).
not good enough
it may not be; however, the only way to find a good way to recycle waste is to invest in research on the topic -which we're told is unacceptable as it "sponsors" nuclear power which is not good enough at recycling its waste products. See the problem there?
Meanwhile in the real world everyone knows the basic fact: local, small-scale electricity generation is incredibly inefficient*, moreso in the case of a "solidarity" low-voltage grid that many greenies dream about (low-voltage 'leccy transport is like carrying water in a handbasket). If you need big amounts of juice the only viable way is a big centralized generation center and high-tension (ie low loss) distribution grid.
Now that's not necessarily true for other forms of energy; you can lower a house's need for 'leccy by locally installing a geothermal heat pump and water-heating rooftop panels for example, both of which are relatively cheap and non-polluting (compared with photovoltaic panels for example). Then you buy the 'leccy you still need from the vastly more efficient grid, but you buy a much smaller amount.
*and the gear is hugely more expensive, proportionately to the output.
It's a bit shocking that it's not already the case. Big biz often asks (sometimes borderline illegally) for a whole lot of private -sometimes very private- information on you, most of which is completely unrelated to your job. I would think it is a bare minimum that they are held liable for leaks should they misplace such data. If they can't keep it secure, they should not ask for it. (in most cases they should not ask for it in any case to begin with, but high unemployment rates awaken the slave-trader instincts in HR bods)
Well, they have some money. Hard to evaluate for me but I'd guess 1/10th of the total budget at most. I guess the plan is to shame .gov and .co.uk into forking the rest of the cash...
Ha. Wouldn't know, I'm reading this on w3m. Only thing I noticed is the increase of crud at the top of the page (which I'm told is the "mouseover" navigation bar, developped)
I am guessing that if the public wifi is still functional with the modem in bridge mode, it's going to be using the 67.something IP.
It's going to use an IP attributed directly by the provider to the "guest" authenticating to it, and it's going to be different from the one the operator gives you.
used it to download copyrighted material. What's the homeowners rights/responsibilities?
None. The "open" networks are operated separately, directly by the provider (including auth).
The owner of the account you'd have mimmicked, on the other hand, could be in trouble.
suppose that handles my concern too, but the people who send out black helicopters may not understand the distinction between username and IP address. This 'feature' doesn't seem to work on my own-bought wireless router/modem.
O...K. In for some explaining: these routers broadcast 2 different networks, with different APs, and different IP spaces. One is yours to fiddle with, you can encrypt to your heart's content and it takes precedence in the case of a bandwidth limitation. The other is managed directly by your ISP, is open to all connections but requires a webpage-based login (using credentials valid with the ISP). It also only uses "leftover" bandwidth, for which you are, quite obviously, not charged.
Whether you like the idea or not, it doesn't draw any significant power (I would estimate in the milliwatt range) and should not impact your traffic speed.
It is also operated directly by the network operator (here, the ISP) and thus completely unrelated to your account AND your IP, no black helicopters for you.
In some cases (e.g. Fon), non-subscribers can connect on a pay-per-minute basis, and the hotspot "owner" can choose to receive some of that money (as for me I didn't bother giving my Paypal ID to receive what amounts to pennies; still would pay more than the added 'leccy bill though).
My router does that too, I don't see a problem.
It probably draws some extra power when someone connects to it. In the order of the power consumption of one of the bulbs in the Xmas lighting that the pair probably have all over the house.
It doesn't impact my bandwidth in any significant way (QoS does work, it would seem).
In fact it's so negligible that I actually installed a second "open" spot using Fon. That way, on the move I can benefit from my ISP's hotspots AND Fon's ones, should one of the networks not be available in the area.
BOFH hasn't killed anyone in hears it seems..
Usually once in the hearse there's no need for any more killing.
Except for Matt who has clearly been blessed with a veritable plethora of said sphincters from which he spouts forth
Forgive me if I get a bit technical, but we are all "blessed with a veritable plethora of sphincters" (for example your anus has 2). Some of which we use in the process of oral expression.
I will give you that there is none used in the process of typing comments on El Reg (well, appart from Matt, obviously).
35 processes seems rather low for Mint.
It will come. With oncoming systemd domination and all the in-browser apps, it will eventually be down to 2:
PID 1: systemd
And that's it.
I don't know what does the "statically linked" change here
It changes that you can run it. As I said, it doesn't change the problem with the socket.
And undetectable with netstat? What exactly does this mean? Guessing wildly: it is detectable with netstat but doesn't advertise itself as a nasty but masquerades as something else, eh?
No, it only sends the one packet containing its contact info, then uses PCAP to catch the TCP and/or UDP packets containing remote instructions. No real connection here for netstat to sniff.
Well you should certainly stop downloading trojans, run them, and give them correct ID and interface parameters when it asks. That should keep you safe.
Oh, and don't give access to your system to someone who may install trojans, run them, and give them correct ID and interface parameters.
The module statically links PCAP libraries, and uses this code to get a raw socket, ..., but use of PCAP requires superuser privileges???
Statically linked. That doesn't fix the raw socket issue though; in the examples contained in the advisory they do run it as root...
It doesn't seem to exploit anything but user stupidity. What is described in the advisory is not a way to infect Linux machines, just an explanation of how it works when it's there. It's basically a user-level backdoor to /bin/sh, with network monitoring capabilities (statistically linked to pcap) although from the write-up it only seems to use pcap to catch the TCP/UDP packets containing the remote commands.
The way it works makes it invisible to the way most people use netstat; however by checking the traffick at the packet level it would be pretty obvious I expect (there's not much info on how it parses the command packets other than that it passes the payload to /bin/sh -c , that must surely make for quite visibly fishy packets, no?).
Ah. A bit like McKinnon then. Or like that time when the general's dog pissed on a comms cabinet. Got to love the US and their tendency to have "the worst (biggest) X in human history" roughly every 2 month.
Regarding the trojan "described" in the article, the details are a bit too thin on the ground to really get an idea of the threat.
Bug reports? What actually didn't work?
Just to make everything absolutely clear: I only tested systemd on test systems, and even then, "unwillingly" (as in, it got installed as I dist-upgraded test systems).
I do run Sid on such systems, because I like to keep abreath of current developpments, and I like to struggle with technical issues before they show up on stable. I also DO like to fix problems, that's my job.
I'm thus perfectly fine with systemd in Sid. That's where it belongs.
I fancy myself as a pretty practical person; I know of to fix problems, and I know how to to learn how to fix problems. I also know that I can't quickly and efficiently fix intermittent problems. As far as I know, noone can. And these are just the ones systemd created for me on the test systems. Admittedly, I could have devoted hours upon hours learning about the intrinsic workings of systemd (that changes every new moon, more often on a month with an 'e' in the name). Assuming I would have needed a replacement for my perfectly fine and proven system. Assuming I would want to replace a perfectly fine, elegant, lightweight and quite clever system that I know inside-out with a huge, dumb, opaque, malfunctiunning beast of a blob that insists on working differently with each release. I would look into it more seriously should it stay in Sid for a release cycle or two. Pushing it to stable now in Debian of all distros, The Conservative Distro, is just taking the piss.
Piss Duly taken. Apt-get dist-upgrade devuan
A lot of what you describe is done by the kernel, not systemd at all.
reduces the chances of admins stuffing it up.
It also reduces the chances of the admins fixing it when it fails (because it does fails, as does every system -rather more often, too, in my limited experience).
Systemd's modular security architecture provides separation of duties, so a compromise of one module doesn't imply a compromise of the entire system. It's early days yet, so I bet there's a few sandbox bugs to work out,
That "sandoboxing", as you call it, often causes more problems than it solves. Process-based permissions (as opposed to user- or group-based like in any san system) might have seemed like a good idea at the time. In the real world it's a nightmare as soon as you get out of the precise sequence of actions that you had planned for the system to be able to perform. In my -again, limited- experience a process creating a resource (i.e. mounting a drive, creating a file, whatever else) becomes the exclusive owner of said resource which is then unavailable to other processes. I understand why you would think this is a good idea for security, but now imagine the "creator" process crashes or otherwise stops at a point in the workflow that you hadn't envisionned. Then you're left with a screw-up that can't be fixed without extensive manual intervention as root -provided you can even identify what went, I was going to type "wrong" but not necessarily, just "unexpected".
So, what we have is a system that messes up big time in case something happens that the admin had not planned. Sure, what could possibly go wrong with that? Let's put it on every production system we can find!
Before you answer anything, be informed that the aforementionned scenario happened to me a good dozen times (that's only the ones I could identify with 100% certainty; some of the numerous glitches and fails I encountered may have been caused by such a scenario too). And that's in my limited experience.
Now I could be very mistaken, that's always a possibility. But I much prefer to be wrong with working systems than right but left with rackfulls of very expensive bricks.
Zbigniew Jedrzejewski-Szmek 2013-08-05 03:08:22 UTC
The only way to deal with journal corruptions, currently, is to ignore them: when a corruption is detected, journald will rename the file to <something>.journal~, and journalctl will try to do its best reading it. Actually fixing journal corruptions is a hard job, and it seems unlikely that it will be implemented in the near future.
Lennart Poettering 2014-06-25 09:51:01 UTC
Yupp, journal corruptions result in rotation, and when reading we try to make the best of it. they are nothing we really need to fix hence.
So in a way you're right to say "The way to read a corrupted log is to just run journalctl", because that's the way to read a log, corrupted or not. But in the case of a corrupted log there's data in there that journalctl won't read and that you can't recover. It's much, much easier to recover data from a corrupt text log.
From what i've read of your posts on systemd, you are being ideological and do not have any real technical problems to point out
Your reading skills need improvement. I made it very clear in my posts -including the very one you're answering to- that the opinion I hold is the result of systemd borking the test system it got installed on; I spent hours tracing the various (and intermittent) startup problems to systemd, everything got back to normal after systemd purge, and only after did I research systemd; then indeed I had an ideological issue as well, as I happen to dislike opaque monolithic blobs. But my ideological opposition is only secondary.
Just because I suspect you can't be arsed actually reading my previous posts, I remind you of my technical problems -chich happened even before I knew what ideological abomination systemd is:
-trackpad not initialized at boot (roughly 1 boot out of 2)
-wifi interface not recognized (~ every boot with very rare exceptio; I had to initialize it from the CLI. No biggie on a test system but still)
-inconsistent mount-on-insert for removable media; sometimes not mounted, sometimes mounted as root, sometimes correct.
-inconsistent ability to unmount media as a normal user (may be related to the previous issue with a liberal serving of the "process-based" extra-stupid special sauce that systemd insists on).
-incorrect read/write/execute rights on removable media (probably linked to the previous two); this issue not fixable even as root i.e. when systemd had decided that the device was off limit, I could access it as root all I wanted but I could not modify its permissions as root. Fun, heh?
-fail on boot (rare, but never had happened with sysvinit and never has since I purged systemd).
That enough tech issues for you?
Binary logs are a necessity on systems where integrity of the logs (This is proof that they haven't been tampered with) is a must.
That's a lie, pure and simple. While there are plenty of ways to protect text logs from being tampered with, all you need to do to "tamper" with the binary logs is to crash journald. There is no way to recover a log corrupted by a crash, and there will not be in the foreseeable future, as the systemd devs do not think of it as a bug:
So much for the added security! That's an added security vuln, plain and simple (and an added pain in the ass when you want to know why the system crashed, for example to prevent it from happening again).
The Big War of the Ugly Monolithic Blobs! I can't wait to see what systemd looks like after it has swallowed the whole of Windows "to increase boot speed"! Yo dawg, I heard you like blobs so we put a blob in your blob so it can catastrophically crash while it freezes! And all that sort of things.
I think you misread the sentence. It's supposed to be written in Italian (Spanish would work, too), so it's pronounced like dev-one would be pronounced in English, devoine in French, dewoan in German etc.
Not that it matters much, as long as it's good.
I doubt that even 10% of the people here has used systemd for more than a 5 minute casual test.
That may be the case. However some have, including myself. I switched back not for theological reasons but because it made a lot of things work unreliably (and some reliably not work). Only when I looked into what systemd really was and how it worked (which was after banning it) did I understand where my problems stemmed from.
but it certainly improves fast and once you get to know it it is pretty decent.
For some definition of "pretty decent", perhaps. However, on a production system you can't replace "rock solid" with "pretty decent". Together with the "improves fast" part, it is an argument to NOT make it the default and wait until it becomes really good instead.
That's only from a pragmatic, "need-to-work" point of view.
From an ideological point of view I do think that systemd is the spawn of some particuliarly dumb and nasty devil. But that's just my opinion, and so obviously entirely discussable.
They wrote the code because they think their versions are faster.
And you would know that, how? Furthermore, even if that was true (yeah right), why borge the new improved version in the huge do-it-all Frankenstein monster? Why not just release them as standalone tools?
The answer is in Poettering's assertion that systemd is set to be an OS, not an init system.
If some future version of systemd does stop one of the standard services running then you report that as a bug.
A report that will duly be filed together with the few hundred terabugs sitting in systemd devs' garbage bin. Even Torvalds has trouble getting the systemd team to fix the most horrid of their shit.
And the problem is not that it would stop alternate utils from working; it's that by forcefully integrating them it may just cause them to disappear, as duplication of utils is not a good use of ressource.
So, how is the [database connection] problem solved in sysvinit?
That's a problem caused by systemd, sysvinit doesn't need to fix it because it doesn't create it to begin with. If you launch the services in order, no problem. You question is either a bad faith question or a proof of your ignorance of all things computer-y.
It's made even easier by the existence of aBSD-based Debian port, which I have dully installed, for 2 reasons: it is (obviously) systemd-free, so running it (with popularity-contest) puts some weight behind the systemd-sceptics; and it helps me getting familiar with BSD, in case everything goes very bad and I need to make the switch.
what is the consensus on the best alternative?
For now it's Devuan. Why are you trying to jump to the "next best thing" when the first best thing is still in the incubation phase? If everyone skip it "because it may not get traction", Devuan will never get the traction it needs. On top of that, switching to Devuan will just be a dist-upgrade-like process, why would anyone actively research a more painful way to avoid systemd?
A funny gif is not a particularly convincing argument.
A funny gif listing the non-init stuff gobbled up by systemd, on the other hand, may just be.
Exactly. Where's the spec? What are the project goals? In fact, what are the project limits?
Well if you believe one interview of it's conceptor, systemd is a set of bricks from which you can build an OS. Which pretty much means "no scope, no limits"; that's in line with the carnivorous behavour of the project right now, incorporating all kinds of non-init utilities and slowly becoming a monolithic and opaque standalone OS.
Given that every even version of windows has been terrible
Would you kindly consider removing Windows 2000 from that sweeping assertion? That was the last version I actually liked.
... a bit like what's in Hitashi's finest then? Interesting.
On second thought, forget that shit. I want a proper delta wing for my phone, deployed if it detects a fall, able to locate the nearest source of ascending currents, and to use that to gain altitude and land back in my hand. I think I'd even give up on getting a flying car for a phone like that.
what does that make half a pie?