* Posts by tnovelli

258 posts • joined 4 Feb 2011

Page:

Get off Facebook if you value your privacy, EU commish tells court

tnovelli
Bronze badge

Safe Harbor is a joke

I actually looked into it years ago when working on a website to market US crap to Europe. Basically it exempts US companies from most EU privacy laws. All of them, if you consider that it's enforced by our Commerce Dept which really doesn't give a flying fuck about your rights.

0
0

Microsoft open sources MSBuild, aims for cross-platform dev tools

tnovelli
Bronze badge

CMake FTW

CMake is pretty nice for cross-platform C++. Beats the hell out of VS; I can't imagine MSBuild being much better except that it's not(?) tied to a friggin' IDE.

2
1

Noobs can pwn world's most popular BIOSes in two minutes

tnovelli
Bronze badge

Cut to the chase

Security starts with chip fabrication and involves every bit of code in every little peripheral microcontroller. So maybe when "silicon printing" becomes as accessible as 3D printing is today, security will start to become practical... for 1970s-PC-level hardware barely capable of encrypted text messaging. One would need to learn enough about circuits and VLSI to verify that the schematic matches the mask matches the finished product under a microscope. Think that's too hard? You haven't done web-dev lately...

The endgame, decades from now, is 100% open hardware *and* software that's simple enough to give end users real control. If anybody ever cares about that...

0
1

Facebook unveils P2P moola-to-mates payment feature

tnovelli
Bronze badge

Oh

I'd have to install their mobile app and give them my CC#... hell no.

Besides, most of my FB friends live within throwing distance :)

2
0

OpenSSL preps fix for mystery high severity hole

tnovelli
Bronze badge

Re: Conspiracy of Optimism

Nah, we hate our own crap code. However, we hate other people's crap even more. Some of us, anyway, sometimes. Most coders don't give a shit.

3
0
tnovelli
Bronze badge

Re: "has to be written in C"

You can write crap code in any language, yep. I worry more about PHP, SQL injection, and XSS than I do about OpenSSL. Of course that's because I don't pretend it's possible to build secure websites.

To be fair, I see tons of security patches coming through for C libs used in web servers/browsers; those concern me. It's too bad that C didn't evolve a bit further before becoming the de facto standard systems language.

2
2

Big Data shocker: Over 6 million Americans have reached the age of 112

tnovelli
Bronze badge

Re: Or, just *maybe*

lol.. the conspiracy theorists are way ahead of you. That's exactly how I first saw this story, days before The Register picked it up.

1
0

Well.That.Sucks: New rude dot-word sparks outrage

tnovelli
Bronze badge

If it.sucks is taken, you'll just have to take it to the next level... it.sucks.ass perhaps.

In all seriousness, this tld is going to suck. What are the chances that the first person to register a this.sucks domain is going to be a good critic of said thing?

2
0

'Get your privacy policy down to one page': AVG CEO throws glove down

tnovelli
Bronze badge
Thumb Up

Re: One page?

Wow, it is long. Marketing fail, hahaha

1
0

Kaspersky claims to have found NSA's 'space station malware'

tnovelli
Bronze badge

Re: Even better idea.

I'll take a guess... management run Windows (evidenced by all those leaked PPT slides) and the techies are forced to use a clunky locked-down Linux distro that doesn't have all the latest security patches, let alone patches for the secret vulns NSA created/discovered. This is a government agency we're talking about.

5
0

Ad bidding network caught slinging ransomware

tnovelli
Bronze badge

I suspect that a lot of ad networks are run by sketchy people, so it's no surprise if they allow outright criminals to use their services to distribute spam and malware.

So ought there be more laws against this? No, we just need more secure systems/networks.

1
0

Never escape the boss again: Salesforce tracks down your best people any time, any place

tnovelli
Bronze badge

Oh darn,

The person you really need to talk to isn't in this system because your company didn't deem them worthy of a license fee. Not that they have time for this shit, anyway...

0
0

Grab your pitchforks: Ubuntu to switch to systemd on Monday

tnovelli
Bronze badge

Re: oh well

Hackers will find a way to edit binary logs, or simply delete them. Remote logging is the proper solution for that.

Huge text logs are actually pretty manageable. If they're up in the gigabytes range, you're probably running a huge internet empire and already remote logging to a central cloud database. But that's overkill for the other 99.9999% of users.

0
0

'If cloud existed decades ago, backups wouldn't have been developed'

tnovelli
Bronze badge

shhhhh...

Mainframes didn't exist in the sixties! We're not reinventing them even worse than before!

6
0

Firefox 36 swats bugs, adds HTTP2 and gets certifiably serious

tnovelli
Bronze badge

Re: Color management

Good question. Works for me, on Linux at least. Check your about:config - if you have old custom settings for gfx.color*, try the defaults.

0
0

Errant update borks Samsung 850 Pro SSDs

tnovelli
Bronze badge

Aargh

I got an 840 *and* an 850 a couple months back. If Samsung doesn't come up with a fix that doesn't involve transplanting my SSDs into a Windows box I'm just gonna wipe 'em, give 'em to some kid who's got time to patch 'em, and replace them with Intel SSDs, and blacklist Sammy for a few years.

1
0

Bad dog! PrivDog chews HTTPS, hurls clear text

tnovelli
Bronze badge

Comodo

....should lose its root cert for doing this. Browser vendors could revoke it unilaterally.

And then there'll be, what, 2 major SSL CAs? And when their conflicts of interests come to light, there'll be zero, and SSL will finally die.

Wishful thinking, I know...

3
0

Oh No, Lenovo! Lizard Squad on the attack, flashes swiped emails

tnovelli
Bronze badge
Mushroom

Re: Here we go again

It was Iran! Definitely Iran.

16
3

Elementary, my dear penguin: It's the second beta of Freya

tnovelli
Bronze badge

Re: Pompous Twats

Deb+Ian, I never knew that.. haha.

I would be more willing to donate to distros if they would limit themselves to just integrating a solid base system, rather than the usual exercise in world domination. I try to reward the people who actually develop/improve/maintain the few softwares I *like*. Package systems unfortunately make it a bit too easy to install software without giving a thought to those people, and then in Debian's case especially, you get some old alpha version (Midori browser, for example).

There are better ways for free/open/indie software to be economically viable: A) cultivate a direct relationship with users, or B) keep it very simple and make your money elsewhere.

2
0

SSL-busting adware: US cyber-plod open fire on Comodo's PrivDog

tnovelli
Bronze badge

Adblock Plus headed down the same road when they started whitelisting ads for a price. Hence all the forks like Adblock Edge. Some do what they say... and some are out to trick unsuspecting users.

2
1
tnovelli
Bronze badge

Funny

Isn't it funny how anti-crap software always morphs into the opposite?

And SSL is so awesome, it couldn't prevent this either.

And the company pushing SSL the hardest, which everyone loves and can do no evil, has, like Comodo, morphed into a self-perpetuating robot army that feeds on sleazy advertising.

*sigh* Why can't we have an internet that favors decent ads, and honest search results, and privacy, and...?

1
0

Debian on track to prove binaries' origins

tnovelli
Bronze badge
Coat

Tip of the iceberg

Even the C guys will admit it compiles too damn slow; Go doesn't. GCC has always been slow, but autoconf/autocrap is far worse. Linux+package build times could be maybe 10-100 times faster just by switching to cmake.

However, that won't change the fact that Linux/Unix toolchains/libs/environments are cumbersome and bloated. It'll never be as frictionless as say JS, it'll never be ported to a better language (not even a modestly-improved C), and it'll never be guaranteeably secure. It's the best thing going now, but it's a dead end, and as a sysadmin I'm afraid it's all going to unravel in the next few years (months?) in the face of increasingly sophisticated attacks.

I would put my money - and time - on new OSes, languages, and hardware, all designed for simplicity and maintainability and uniformity. And that's for a secure communication platform only, not fun stuff - you can't have it all.

0
0

Hellooo, NSA? The US State Department can't kick hackers out of its networks – report

tnovelli
Bronze badge

Re: If only

So easy to break in, not so easy to keep other hackers out. Especially at the other agencies; I can't imagine their security is any better than Sony Pictures'.

Prediction: NSA will be forced to admit it's been pwned for years, by the end of 2015. :D

2
0

Ready to fill out your US taxes? Cool. Got ObamaCare? Not so fast

tnovelli
Bronze badge

THIS isn't my problem

I live in Massachusetts, which couldn't even get its exchange running at all until a few months ago. And it's just a wordpress site that sends you off to some corporate site. Oh, and the Mass Health Connector is run by Dell, who should really stick to making hardware...

This year I'm going uninsured... I dread dealing with these damn insurance companies and tax headaches, more than anything else (like cancer, for example). Unfortunately I don't foresee this getting fixed anytime soon because it's not so bad if you're poor, like so many Americans these days. OTOH I don't know if you can buy votes with crappy free healthcare after you've taken away everything else.

0
0

Evil CSS injection bug warning: Don't let hackers cross paths with your website

tnovelli
Bronze badge

Yep... a bit.

0
0

Samsung buys LoopPay ... to be better at bonking than Apple

tnovelli
Bronze badge

Re: Loo

Kind of a crappy name for Britain, India, etc...

0
0

Mozilla's Flash-killer 'Shumway' appears in Firefox nightlies

tnovelli
Bronze badge

Re: >Scylla and Charybdis

Sure, a compiled language could work in-browser. JavaScript ~7.0 (ecmascript really) is heading in that direction... shifting from prototype OO to classes, support for static variable types, etc.

I was hopeful about it a few years ago, and I've done a lot with JS, but there's too much inertia. Maybe in 10 years it'll be halfway there. In that case, I don't want to still be developing for this platform.

0
0

Big Data, empty bellies: How supermarkets tweak prices just for the sake of YOUR LOVE

tnovelli
Bronze badge

Price "optimization"

Price optimization relative to other retailers? You mean price fixing.

0
0

Yahoo!'s Firefox search hook-up pays off as it nicks Google's US clicks

tnovelli
Bronze badge

dirty tricks

I keep switching it to duckduckgo, and it keeps switching back to Yahoo! every! time! Firefox! updates!

Still, good to see Google cut down to size.

1
2

Sorry, admins: Microsoft says NO new Windows Server until 2016

tnovelli
Bronze badge
Linux

Not a problem

I can't possibly imagine a reason to dump Linux and BSD for any Microsoft server platform.

Not even systemd.

5
0

'YOUTUBE is EVIL': Somebody had a tape running, Google...

tnovelli
Bronze badge

Google sold out ten years ago. IPO. Since then, profiteering has guided the company with entirely predictable results.

There may be employees who care about the right thing, even executives. Doesn't matter. Shareholders rule.

8
1
tnovelli
Bronze badge

Re: The new man

I think you overestimate the power of search. People go where their friends go, as relayed by IM, FB, word of mouth.

If the content creators flee YouTube, the viewers will follow.

8
0

Let's be clear, everyone: DON'T BLOCK Wi-Fi, DUH – FCC official ruling

tnovelli
Bronze badge

@jonathanb

Leave it to mobile carriers to make travel less easy.

1
0
tnovelli
Bronze badge

Re: Bet they don't stick to this

My thought too. But the FCC said commercial hotels etc, not government agencies or defense contractors. Pretty reasonable. The gray area could be interesting though...

0
0

Man trousers $15,000 domain name for $10.99 amid registry cockup

tnovelli
Bronze badge

Re: registry trust

Yep... got greedy, moved too fast, lost money. Their problem, not his.

Not that I have much sympathy for either party.

0
0

YouTube flushes Flash for future flicks

tnovelli
Bronze badge

Re: p0wned

That's the phonetic spelling. It's pwned, as in "you were pwned by a grue".

0
1

Wall St wolves tear chunk off Microsoft: There goes $30bn!

tnovelli
Bronze badge

Re: OK, it's a personal issue, but...

I made the switch sooner, as a migration path from DOS when it was clear that win95 and NT would break everything without fixing the real problems. Linux and BSD have their share of problems but license BS isn't one of them.

The last few years have been great. You can make a good living without giving a damn about Microsoft. I've been telling my few Windows based clients they need to dump their old apps and get off that platform. Office licensing is such a hassle they're switching to Open/LibreOffice etc and suggesting others do the same when they can't open a doc. Such sweet revenge.

2
0

Windows 10, day ZERO ... Will Nadella be the HERO?

tnovelli
Bronze badge

Not that simple. The human interfaces, and the way people use them, are so different that it's better to write a separate mobile app in many cases. Trying to maintain a common codebase increases the complexity of both, exponentially.

And if every platform favors a particular language like Swift or Java(script), you might need 4 or 5 codebases.

1
0

Come and Twiddle Tek Gear's one handed keyboard

tnovelli
Bronze badge

Looks like a cheap TV clicker for the price of a nice mechanical keyboard.

If I want a one-handed keyboard I'll go with an old DIY idea of mine - the guitar keyboard... a ~7x7 matrix of metal strings and frets, plenty of combinations, little need for chording, good tactile feedback. I wonder if anyone anyone's done that yet...

0
0

Microsoft & Paypal link hands, turn round and slap Apple Pay

tnovelli
Bronze badge

Re: ' “all forms of payments”. Hmmm, Bitcoin? '

Then we can hope that, if Bitcoin fails, PayPal will be left holding the bag. Muahhaha.

0
1

Mr President, is this a war on hackers – or a war on people stopping hackers?

tnovelli
Bronze badge

Re: Why am I not surprised

Well then bring on the datapocalypse. Let the anarchists steal all the IDs, clone everyone a hundred times, destroy the govt's ability to dish out punishments and benefits. Hell, hack the govt and tweak their records. New anti-hacking laws aren't gonna stop that! That's one way to change things, if nobody in power has the foresight to do so in a less disruptive manner, lest they yield a shred of control.

0
0
tnovelli
Bronze badge

Why am I not surprised

...that abolishing SSNs - and other government-mandated invitations to massive fraud - is not among the proposals?

1
2

GRENADE! Project Zero pops pin on ANOTHER WINDOWS 0-DAY

tnovelli
Bronze badge

Re: Let battle begin

My thoughts exactly - Microsoft, please return the favor for Android and Chrome users.

I have better things to do than dig through Google's bloated source, but for MS it's marketing... their favorite kind: FUD. Justifiable FUD, even. If a program segfaults, you can bet it's insecure.

BTW, Google isn't all open source. You could say that's just marketing...

2
2

Medic! Intel can't stanch bleeding from mobile chip biz

tnovelli
Bronze badge

Re: Android

Maybe Asus are keeping their options open? If they want to stay first-rate they need first-rate chipmakers, and Intel's one of the few. And, there's the risk (and pain-in-the-ass factor) of proprietary GPUs on all ARM chips... Intel is kicking ass on that front. Making devs and DIYers happy. :)

0
0

Suck on this, Larry: NoSQL pair hit the G-spot

tnovelli
Bronze badge

Re: 300m and counting yet slower than postgres

I guess I dropped Mongodb when I discovered your objects can't be larger than 16mb, then you have to use a different, quirky API called GridFS. It's still that way. Defeats the purpose of having one humongous db for everything.

Then we learn Postgres has faster I/O, and it's added a nosql-esque flexible data type, and it has full text search... on top of a nice robust relational model. I would love to ditch Solr (Java, grrr) and use Postgres for everything -if IT lives up to these expectations.

1
0

Dot-word domains 'a shakedown, designed to get money out of people'

tnovelli
Bronze badge

If you need search to find anything

Who needs domains at all?

I for one would love to get rid of the registrars and the whole friggin' DNS clusterfuck.

1
0

I don't think you're ready for this Jelly: Google pulls support for Android WebView

tnovelli
Bronze badge
Flame

The best way to secure an Android device

1. Place it on a hard surface

2. Whack it several times with a sledge hammer

3. Kill it with fire

Alternatively one could install a different OS, if there were a secure yet usable one....

3
1

Docker's just a bit dodgy, but ready for rollout says Gartner

tnovelli
Bronze badge

Gartner, lol

I imagine their policy is, you can't label something 100% crap, you must say something good to avoid burning bridges...

0
0

Erik Meijer: AGILE must be destroyed, once and for all

tnovelli
Bronze badge

Re: Horses for courses

The defense industry was using TDD long before Agile was a thing. Probably before computers.

1
0

Page:

Forums