* Posts by tnovelli

357 posts • joined 4 Feb 2011

Page:

W3C's failed Do Not Track crusade tumbles to ad-blockers' Vietnam

tnovelli
Bronze badge

Re: Irony

> the advertisers could have had a little more respect for privacy and playing fair

For real. I'm pretty sure most advertisers never even get around to using/abusing the data they collect on comment spammers, wordpress botnets, and potential loyal customers. Ain't got time for that!

0
0
tnovelli
Bronze badge
Pint

Re: Irony

Some forums sprinkle their site with polite text reminders to subscribe/donate. We adblocker users see them because they're not ads. Hint, hint.

3
0

Will the PC glory days ever return, WD asks as its finances slip

tnovelli
Bronze badge

It pisses me off that it's getting hard to find VPS hosting with HDD storage. SSDs are too small and expensive (and unnecessarily fast) for big audio/video/images. And we've seen a number SSD reliability issues reported this year, now that everyone's using them.

FWIW, I'm running SSD+HDD in my Linux->BSD desktops, and plain old HDD in my Win8 beater laptop. Good enough.

And if XPoint/RRAM/etc lives up to half the hype, I'll take XPoint+HDD over SSD any day.

0
1

Edge out rivals? No! Firefox boss BLASTS Microsoft's Windows 10 browser brouhaha

tnovelli
Bronze badge
Trollface

But! it's! OK!

But it's OK! when! upgrading! Firefox! switches! your! search! engine! to! Yahoo!

39
1

Tired tablets don't tickle the imagination, so sales fall again

tnovelli
Bronze badge

Re: Marketers can't think the unthinkable

Everyone who WANTED one got one - often at a steep discount - and they never want another one.

Smartphones may or may not succeed in the long run. Tablets have already failed.

0
1

Bloke cuffed for blowing low-flying camera drone to bits with shotgun

tnovelli
Bronze badge

Re: He should go free...

Also, birdshot decelerates quickly and generally won't hurt anything on the way down... no more than small hail. Less dangerous than drones, for sure.

The cops charged the guy with firing a gun inside city limits - which would be justified in a clear self-defense situation - not with shooting the drone. Perhaps the drone operators will face charges as well, if the cops can find a law they broke. If not, expect a new law.

5
1

SPUD – The IETF protocol Snowden loves but will never be used

tnovelli
Bronze badge

This sounds good.

Some sort of proxying is needed to prevent IP address leakage. It'll make the old IP layer redundant but pruning it is probably too much to ask at this stage. Privacy next decade, efficiency a few decades later, maybe.

I wonder if anyone's got a working UDP-based implementation today that allows P2P gaming without exposing IPs to the other players or their ISPs; that's the gist of this. Then eventually SPUD's successor would standardize, optimize, and simplify such protocols, right? Nah... that's basically TOR; too much latency. We need ISP/backbone routers to support anonymous routing... verifiably... in a DDoS-proof manner. In all sincerity, good luck with that!

2
0

LinkedIn users rebel after personal data siphon crimped

tnovelli
Bronze badge
Megaphone

Since you obviously give a damn, why not reset your password and delete your account?

0
0
tnovelli
Bronze badge

Re: Gullible people everywhere

I flag them as spam. The more people do that, the harder it'll be for them to deliver email spam. You could also nuke your account, if you have one (why??)

I wonder if the recent report saying "spam is declining" included linkedin as such. I'm guessing not, else there'd be nothing to say.

0
0

Google bows to inevitable, stops forcing Google+ logins on YouTubers

tnovelli
Bronze badge

Re: And here's how to delete your Google Plus profile:

No loss for me. When this all started I said fine, delete my youtube channel/profile. And I'll never take google seriously again.

This latest is good news for people who actually gain something from their youtube channels though!

1
0
tnovelli
Bronze badge
Thumb Up

Re: Schadenfreude?

Nah. It makes you a good person.

0
0

Got an Android phone? SMASH IT with a hammer – and do it NOW

tnovelli
Bronze badge

Five years' support?

No problem, that'll be $3,000.... or $100/mo on a 5-year contract.

1
0

BURN ALL BLOGS! WordPress has a critical cross-site scripting flaw

tnovelli
Bronze badge

Re: doesn't seem too bad

Every site with user-contributed content has tons of Author/Contributors. There's a "default new user role" setup option. Easy peasy. Easy to pwn in 5 minutes too...

0
0

Want longer battery life? Avoid the New York Times and The Grauniad

tnovelli
Bronze badge
FAIL

Trend setters

NYT, Facebook, Twitter - they open-source a lot of their bloatware and frontend devs eat it up. It's 'best practice'. Underscore, Backbone, Bootstrap, Coffeescript(?), maybe AngularJS (notorious hog), and layers on top of all these, and soon WebComponents.

Seems like a good idea at first, enabling modular/functional programming in JS, but the temptation to overleverage it is irresistible.

P.S. - installed NoScript for the first time in 5+ years. Renders 90% of sites unusable but so be it. This is getting ridiculous.

1
0

OpenSSH server open to almost unlimited password-guessing bug

tnovelli
Bronze badge

Re: But...

> Why?!??

Because SSH actually works.

3
0

Were the FIRST AMERICANS really FIRST? MYSTERY of vanished 'Population Y'

tnovelli
Bronze badge

Re: Well Duh!

People from the same tribe that boated over to New Guinea ~80,000 years ago might have continued up the coast of Asia and boated across the Bering Strait, maybe that same year, maybe centuries later, who knows. If they remained nomadic (rather than building empires) they wouldn't have left many traces for archaeologists.

2
0

Dumb MongoDB admins spew 600 TERABYTES of unauthenticated data

tnovelli
Bronze badge

Re: нет!

At most VPS hosts you're on your own, but it's pretty easy to block everything but web and SSH traffic. Look up IPtables and Fail2ban...

As for databases, may I suggest... Postgres? Best of both worlds these days.

1
1

Salesforce unleashes red-tape-as-a-service for regulation-heavy users

tnovelli
Bronze badge
Mushroom

Security-compliance-as-a-service... at a time when everything is getting hacked and all this "certified secure" crap is about to get flushed. Is this corporate suicide? Then go for it, Salesforce!

1
0

Citizenfour director Laura Poitras sues US for years of border security harassment

tnovelli
Bronze badge

Re: The pen could be used as a weapon.

That was a mile from here, in jail no less. Police captain's son turned ISIS sympathizer. Allegedly. FBI is busily building up a track record of giving guns to crazy dudes so they can arrest them, so nobody has much credibility in this matter.

0
2

Five lightweight Linux desktop worlds for extreme open-sourcers

tnovelli
Bronze badge

Re: Bad marketing El Reg

I'm one of those "extreme open sourcers", I guess, and I'm here. Ok, I admit I just skimmed the article, and I ditched my bare bones Debian+Openbox setup for Mint 17.1 (thanks for the tip, El Reg) because Linux in general is going downhill rapidly and I just want something that works ok with no major changes until it becomes practical to use a much simpler OS.

Openbox is decent - I might go back to it at some point - but it's a bit bloaty for a "minimal wm", and that XML config file, deahhh gahhhd....

2
3

Wow, another NSA leak: Network security code appears on GitHub

tnovelli
Bronze badge

Re: They uploaded it, therefore not a leak...

You may be onto something, @Mark85 - sounds like a PR gimmick. A token gesture of goodwill, nothing more.

1
2

US govt now says 21.5 million people exposed by OPM hack – here's what you need to know

tnovelli
Bronze badge
Mushroom

"We should be improving cybersecurity"

Good luck with that. Just like GTW, the only way to win this game is not to play.

There is no legitimate reason for governments and companies to hold private personal information that ruins people's lives when it inevitably gets into the wrong hands. And no one is safe, including the bad guys of all stripes.

0
0

GIGANTIC galaxy-chomping black hole rips boffins a new one

tnovelli
Bronze badge

Just another edge case.

0
0

Crap crypto crackdown coming as FBI boss testifies to US Congress

tnovelli
Bronze badge
Coat

Crossing the line

If this plan goes through, I won't be in this line of work much longer. Or not in the US.

2
0

GhostShell back from the other side with mass data dump

tnovelli
Bronze badge

Then there's all the people writing wordpress plugins with no SQL experience at all...

1
0

Awoogah: Get ready to patch 'severe' bug in OpenSSL this Thursday

tnovelli
Bronze badge

Re: Older version safe?

Most likely it's another hole in a new feature, like Heartbleed; that was DTLS.

1
0

150,000 angry Redditors demand Chairman Pao's head on a spike

tnovelli
Bronze badge

Re: Getting the popcorn in...

Transformation.

Reddit has become ... Facebook

1
0

Let me PLUG that up there, love. It’s perfectly standaAAARGH!

tnovelli
Bronze badge
Facepalm

Re: XML meets SQL

The last time I was given XML from a client - ummm, this year - it wasn't even proper XML. Embedded in it were chunks of unescaped invalid HTML. I had to parse it with adhoc regexes.

And then there's JSON, which would be OK if everything consisted of arrays, dicts, floats, and strings; if JSON serializers were all 100% bug-free; and if it didn't have to flow through a pipeline of cloudy REST APIs and database layers that don't know whether to escape it as SQL, JSON, XML, HTML, urlencoded, PHP-serialized, or what have you. This includes gems like WordPress's maybe_unserialize().

Just to be safe, better use a custom text format and base64 it....

1
0

Rampaging fox terrorises rural sports club, victim sustains ‘tweaked groin’

tnovelli
Bronze badge

'Tweaked' groin?

Is that like "hackers 'tweaked' OPM"?

0
0

Script-blocker NoScript lets in ANYTHING from googleapis.com

tnovelli
Bronze badge

Re: Chrome and uMatrix

less also has a history of vulns; you should consider using more.

1
0

Devs, welcome your EVIL ROBOT OVERLORDS from MIT

tnovelli
Bronze badge

Re: Exploits

Devless dev houses? We already have those. Too bad CodePhage can't handle WordPress...

1
0

Wallet wafting into the Cloud? Amazon hears your pain

tnovelli
Bronze badge
FAIL

We're still waiting for hard cost limits, Amazon.

0
0

Why OH WHY did Blighty privatise EVERYTHING?

tnovelli
Bronze badge

Re: Causation versus correlatooncorrelation

Sounds like coincidence to me. If you look at our situation across the pond, you'll see the opposite situation with water - state and municipal systems providing excellent water while privatized systems charge a fortune for crap water. Probably has more to do with regional economics and long-term drought than with ownership.

Then wr have horrible rail systems public and private, phone/cable companies that can hook you up in 3 days (months? LMAO)... it's all over the place.

Personally I'm in favor of *competitive* capitalism, but Tim's not making a good case for it with these statistical anecdotes. Combining the two most-abused forms of 'evidence' is even less convincing.

3
0

Humongous headsets and virtual insanity

tnovelli
Bronze badge

Not realistic enough for gaming?

I can already see where this is going: a handful of AAA showcase games, second-tier titles with insufficient funding to break through the Uncanny Valley, and a bunch of gimmicky indie games.

Then it's "not realistic enough, yawn" and at the same time "too realistic, not fun".

0
0

Apple pulls Civil War games in Confederate flag takedown

tnovelli
Bronze badge

Re: Principled stand?

Oh no, don't tell me I can't play Dixie anymore. Seriously, it's one of the great old tunes. To hell with politics.

1
0

Killer ChAraCter HOSES almost all versions of Reader, Windows

tnovelli
Bronze badge

Should be secure, but aren't necessarily. There's been a slew of security patches for various bitmap loader libs this year. (PNG anyone?) Much better odds than PDF though.

Open-src font libs are also potentially vulnerable to similar attacks, and the PDF readers on Linux... yeah they've got major problems too.

4
2

Facebook and Twitter queen Taylor Swift: Facebook and Twitter are RUBBISH

tnovelli
Bronze badge
Thumb Up

Re: Updated Christmas Card list

Sometimes I 'like' stuff I really don't, just to keep people (and heuristics) guessing. Plus, it causes FB to show me even more crap so I waste less time there.

2
0

Pluto plastered in what looks like 1970s orange wallpaper – proof

tnovelli
Bronze badge

Re: Twice the goodness

Late 80s dialup speed. Not bad if you don't have to share the phone line. I remember downloading Linux 0.x via some old modem bank that still hadn't been upgraded in 1993. It did the job though.

3
0

JavaScript creator Eich's latest project: KILL JAVASCRIPT

tnovelli
Bronze badge

Re: Replacing readable code makes you more secure?

Quaint. If only you could convince all the devs to stop using minify/uglify...

0
0
tnovelli
Bronze badge

So I read Eich's actual blog... he freely admits it's become a cliche that JS is web assembly. This is actually a binary AST format for Asm.js, to cut the client's parsing overhead.

I share your scepticism, 1980s_coder. To paraphrase a line from yesterday's Elon Musk article, it's a shame that all these language designers are fiddling with the web instead of just designing a better language.

3
0
tnovelli
Bronze badge
Coat

Re: JS is the problem in the first place

While we're at it, let's dump ALL the Bad Parts (tm): DOM, HTML, XML, CSS... until all that's left are LLVM and some cross-platform 'native' APIs. Cross-platform apps! Wait, this sounds familiar *cough* Java *cough* ... but can we learn from those mistakes? Nah...

I was hopeful about JS and HTML5 a few years ago but it's not working out. On to plan C...

6
0

Hacked US OPM boss: We'll fix our IT security – just give us $21 million

tnovelli
Bronze badge
Thumb Up

Re: Of course...

Actually it was, in a way. They made the laws, they set the budgets and policies... watering down crypto so NSA can spy on everyone more conveniently, and treating hacking as a law enforcement matter instead of a preventive security measure.

10
2

LastPass got hacked: Change your master password NOW

tnovelli
Bronze badge

The problem with LastPass and kin

1. They store your passwords on their servers; 2. Their servers can and do get hacked; 3. If you enter your master password when their servers are compromised, the hackers can decrypt all your saved passwords.

It's a significant risk. For anything beyond "silly social crap" you need a local app + file sync (or version control), compartmentalized with separate master passwords for different teams and security levels. Nope, there isn't a good answer for non-nerds.

2
0
tnovelli
Bronze badge

Re: KeePass

and KeePassX is open-src, runs on every desktop OS including Linux.

I've also heard good things about 'pass' - a commandline pw mgr that stores data in text files.

0
0

Cinnamon 2.6 – a Linux desktop for Windows XP refugees

tnovelli
Bronze badge
Trollface

Re: A very good choice

...or an obsolete version of Linux. Lookin' at you, Ubuntu and Fedora...

2
9

Google wants you to buy Nest CCTV, turn your home into a Brillo pad

tnovelli
Bronze badge

yep... google 'shodan'

0
0

Amazon turns up spectacularly late to 'transparency' party, pours a large one

tnovelli
Bronze badge

...smallpox spores

...mustard gas

...depleted uranium

0
0

Vintage Ask toolbar is malware – and we'll kill Jeeves, says Microsoft

tnovelli
Bronze badge

A little late, Microsoft

You could have blocked this crap 10-20 years ago, but you prioritized your profitable partnerships with these scum instead. Now everyone thinks you're scum too. (Me, I always did..)

11
1

Facebook: Your code sucks, and we don't even have to run it to tell

tnovelli
Bronze badge

And how many bugs remain undetected? Sure seems like a lot.

0
0

But... I... like... the... PAIN! Our secret addiction to 'free' APIs

tnovelli
Bronze badge

Not just free

You can't even trust them with APIs that cost big money. They'll drop 'em, or jack up the price 300% on renewal ...

2
0

Page:

Forums