* Posts by tnovelli

244 posts • joined 4 Feb 2011

Page:

Firefox 36 swats bugs, adds HTTP2 and gets certifiably serious

tnovelli
Bronze badge

Re: Color management

Good question. Works for me, on Linux at least. Check your about:config - if you have old custom settings for gfx.color*, try the defaults.

0
0

Errant update borks Samsung 850 Pro SSDs

tnovelli
Bronze badge

Aargh

I got an 840 *and* an 850 a couple months back. If Samsung doesn't come up with a fix that doesn't involve transplanting my SSDs into a Windows box I'm just gonna wipe 'em, give 'em to some kid who's got time to patch 'em, and replace them with Intel SSDs, and blacklist Sammy for a few years.

1
0

Bad dog! PrivDog chews HTTPS, hurls clear text

tnovelli
Bronze badge

Comodo

....should lose its root cert for doing this. Browser vendors could revoke it unilaterally.

And then there'll be, what, 2 major SSL CAs? And when their conflicts of interests come to light, there'll be zero, and SSL will finally die.

Wishful thinking, I know...

3
0

Oh No, Lenovo! Lizard Squad on the attack, flashes swiped emails

tnovelli
Bronze badge
Mushroom

Re: Here we go again

It was Iran! Definitely Iran.

16
3

Elementary, my dear penguin: It's the second beta of Freya

tnovelli
Bronze badge

Re: Pompous Twats

Deb+Ian, I never knew that.. haha.

I would be more willing to donate to distros if they would limit themselves to just integrating a solid base system, rather than the usual exercise in world domination. I try to reward the people who actually develop/improve/maintain the few softwares I *like*. Package systems unfortunately make it a bit too easy to install software without giving a thought to those people, and then in Debian's case especially, you get some old alpha version (Midori browser, for example).

There are better ways for free/open/indie software to be economically viable: A) cultivate a direct relationship with users, or B) keep it very simple and make your money elsewhere.

2
0

SSL-busting adware: US cyber-plod open fire on Comodo's PrivDog

tnovelli
Bronze badge

Adblock Plus headed down the same road when they started whitelisting ads for a price. Hence all the forks like Adblock Edge. Some do what they say... and some are out to trick unsuspecting users.

2
1
tnovelli
Bronze badge

Funny

Isn't it funny how anti-crap software always morphs into the opposite?

And SSL is so awesome, it couldn't prevent this either.

And the company pushing SSL the hardest, which everyone loves and can do no evil, has, like Comodo, morphed into a self-perpetuating robot army that feeds on sleazy advertising.

*sigh* Why can't we have an internet that favors decent ads, and honest search results, and privacy, and...?

1
0

Debian on track to prove binaries' origins

tnovelli
Bronze badge
Coat

Tip of the iceberg

Even the C guys will admit it compiles too damn slow; Go doesn't. GCC has always been slow, but autoconf/autocrap is far worse. Linux+package build times could be maybe 10-100 times faster just by switching to cmake.

However, that won't change the fact that Linux/Unix toolchains/libs/environments are cumbersome and bloated. It'll never be as frictionless as say JS, it'll never be ported to a better language (not even a modestly-improved C), and it'll never be guaranteeably secure. It's the best thing going now, but it's a dead end, and as a sysadmin I'm afraid it's all going to unravel in the next few years (months?) in the face of increasingly sophisticated attacks.

I would put my money - and time - on new OSes, languages, and hardware, all designed for simplicity and maintainability and uniformity. And that's for a secure communication platform only, not fun stuff - you can't have it all.

0
0

Hellooo, NSA? The US State Department can't kick hackers out of its networks – report

tnovelli
Bronze badge

Re: If only

So easy to break in, not so easy to keep other hackers out. Especially at the other agencies; I can't imagine their security is any better than Sony Pictures'.

Prediction: NSA will be forced to admit it's been pwned for years, by the end of 2015. :D

2
0

Ready to fill out your US taxes? Cool. Got ObamaCare? Not so fast

tnovelli
Bronze badge

THIS isn't my problem

I live in Massachusetts, which couldn't even get its exchange running at all until a few months ago. And it's just a wordpress site that sends you off to some corporate site. Oh, and the Mass Health Connector is run by Dell, who should really stick to making hardware...

This year I'm going uninsured... I dread dealing with these damn insurance companies and tax headaches, more than anything else (like cancer, for example). Unfortunately I don't foresee this getting fixed anytime soon because it's not so bad if you're poor, like so many Americans these days. OTOH I don't know if you can buy votes with crappy free healthcare after you've taken away everything else.

0
0

Evil CSS injection bug warning: Don't let hackers cross paths with your website

tnovelli
Bronze badge

Yep... a bit.

0
0

Samsung buys LoopPay ... to be better at bonking than Apple

tnovelli
Bronze badge

Re: Loo

Kind of a crappy name for Britain, India, etc...

0
0

Mozilla's Flash-killer 'Shumway' appears in Firefox nightlies

tnovelli
Bronze badge

Re: >Scylla and Charybdis

Sure, a compiled language could work in-browser. JavaScript ~7.0 (ecmascript really) is heading in that direction... shifting from prototype OO to classes, support for static variable types, etc.

I was hopeful about it a few years ago, and I've done a lot with JS, but there's too much inertia. Maybe in 10 years it'll be halfway there. In that case, I don't want to still be developing for this platform.

0
0

Big Data, empty bellies: How supermarkets tweak prices just for the sake of YOUR LOVE

tnovelli
Bronze badge

Price "optimization"

Price optimization relative to other retailers? You mean price fixing.

0
0

Yahoo!'s Firefox search hook-up pays off as it nicks Google's US clicks

tnovelli
Bronze badge

dirty tricks

I keep switching it to duckduckgo, and it keeps switching back to Yahoo! every! time! Firefox! updates!

Still, good to see Google cut down to size.

1
2

Sorry, admins: Microsoft says NO new Windows Server until 2016

tnovelli
Bronze badge
Linux

Not a problem

I can't possibly imagine a reason to dump Linux and BSD for any Microsoft server platform.

Not even systemd.

5
0

'YOUTUBE is EVIL': Somebody had a tape running, Google...

tnovelli
Bronze badge

Google sold out ten years ago. IPO. Since then, profiteering has guided the company with entirely predictable results.

There may be employees who care about the right thing, even executives. Doesn't matter. Shareholders rule.

8
1
tnovelli
Bronze badge

Re: The new man

I think you overestimate the power of search. People go where their friends go, as relayed by IM, FB, word of mouth.

If the content creators flee YouTube, the viewers will follow.

8
0

Let's be clear, everyone: DON'T BLOCK Wi-Fi, DUH – FCC official ruling

tnovelli
Bronze badge

@jonathanb

Leave it to mobile carriers to make travel less easy.

0
0
tnovelli
Bronze badge

Re: Bet they don't stick to this

My thought too. But the FCC said commercial hotels etc, not government agencies or defense contractors. Pretty reasonable. The gray area could be interesting though...

0
0

Man trousers $15,000 domain name for $10.99 amid registry cockup

tnovelli
Bronze badge

Re: registry trust

Yep... got greedy, moved too fast, lost money. Their problem, not his.

Not that I have much sympathy for either party.

0
0

YouTube flushes Flash for future flicks

tnovelli
Bronze badge

Re: p0wned

That's the phonetic spelling. It's pwned, as in "you were pwned by a grue".

0
1

Wall St wolves tear chunk off Microsoft: There goes $30bn!

tnovelli
Bronze badge

Re: OK, it's a personal issue, but...

I made the switch sooner, as a migration path from DOS when it was clear that win95 and NT would break everything without fixing the real problems. Linux and BSD have their share of problems but license BS isn't one of them.

The last few years have been great. You can make a good living without giving a damn about Microsoft. I've been telling my few Windows based clients they need to dump their old apps and get off that platform. Office licensing is such a hassle they're switching to Open/LibreOffice etc and suggesting others do the same when they can't open a doc. Such sweet revenge.

2
0

Windows 10, day ZERO ... Will Nadella be the HERO?

tnovelli
Bronze badge

Not that simple. The human interfaces, and the way people use them, are so different that it's better to write a separate mobile app in many cases. Trying to maintain a common codebase increases the complexity of both, exponentially.

And if every platform favors a particular language like Swift or Java(script), you might need 4 or 5 codebases.

1
0

Come and Twiddle Tek Gear's one handed keyboard

tnovelli
Bronze badge

Looks like a cheap TV clicker for the price of a nice mechanical keyboard.

If I want a one-handed keyboard I'll go with an old DIY idea of mine - the guitar keyboard... a ~7x7 matrix of metal strings and frets, plenty of combinations, little need for chording, good tactile feedback. I wonder if anyone anyone's done that yet...

0
0

Microsoft & Paypal link hands, turn round and slap Apple Pay

tnovelli
Bronze badge

Re: ' “all forms of payments”. Hmmm, Bitcoin? '

Then we can hope that, if Bitcoin fails, PayPal will be left holding the bag. Muahhaha.

0
1

Mr President, is this a war on hackers – or a war on people stopping hackers?

tnovelli
Bronze badge

Re: Why am I not surprised

Well then bring on the datapocalypse. Let the anarchists steal all the IDs, clone everyone a hundred times, destroy the govt's ability to dish out punishments and benefits. Hell, hack the govt and tweak their records. New anti-hacking laws aren't gonna stop that! That's one way to change things, if nobody in power has the foresight to do so in a less disruptive manner, lest they yield a shred of control.

0
0
tnovelli
Bronze badge

Why am I not surprised

...that abolishing SSNs - and other government-mandated invitations to massive fraud - is not among the proposals?

1
2

GRENADE! Project Zero pops pin on ANOTHER WINDOWS 0-DAY

tnovelli
Bronze badge

Re: Let battle begin

My thoughts exactly - Microsoft, please return the favor for Android and Chrome users.

I have better things to do than dig through Google's bloated source, but for MS it's marketing... their favorite kind: FUD. Justifiable FUD, even. If a program segfaults, you can bet it's insecure.

BTW, Google isn't all open source. You could say that's just marketing...

2
2

Medic! Intel can't stanch bleeding from mobile chip biz

tnovelli
Bronze badge

Re: Android

Maybe Asus are keeping their options open? If they want to stay first-rate they need first-rate chipmakers, and Intel's one of the few. And, there's the risk (and pain-in-the-ass factor) of proprietary GPUs on all ARM chips... Intel is kicking ass on that front. Making devs and DIYers happy. :)

0
0

Suck on this, Larry: NoSQL pair hit the G-spot

tnovelli
Bronze badge

Re: 300m and counting yet slower than postgres

I guess I dropped Mongodb when I discovered your objects can't be larger than 16mb, then you have to use a different, quirky API called GridFS. It's still that way. Defeats the purpose of having one humongous db for everything.

Then we learn Postgres has faster I/O, and it's added a nosql-esque flexible data type, and it has full text search... on top of a nice robust relational model. I would love to ditch Solr (Java, grrr) and use Postgres for everything -if IT lives up to these expectations.

1
0

Dot-word domains 'a shakedown, designed to get money out of people'

tnovelli
Bronze badge

If you need search to find anything

Who needs domains at all?

I for one would love to get rid of the registrars and the whole friggin' DNS clusterfuck.

1
0

I don't think you're ready for this Jelly: Google pulls support for Android WebView

tnovelli
Bronze badge
Flame

The best way to secure an Android device

1. Place it on a hard surface

2. Whack it several times with a sledge hammer

3. Kill it with fire

Alternatively one could install a different OS, if there were a secure yet usable one....

3
1

Docker's just a bit dodgy, but ready for rollout says Gartner

tnovelli
Bronze badge

Gartner, lol

I imagine their policy is, you can't label something 100% crap, you must say something good to avoid burning bridges...

0
0

Erik Meijer: AGILE must be destroyed, once and for all

tnovelli
Bronze badge

Re: Horses for courses

The defense industry was using TDD long before Agile was a thing. Probably before computers.

1
0
tnovelli
Bronze badge

Re: Hawking services and products...

And, whichever methodology is in fashion, that's the one that'll attract all the idiots.

Some 'agile' methods were genuinely helpful, back before they were buzzwords, so we had to think about what we were doing and why. Nowadays agile talk is a warning sign. Lately I've had better experiences on rush projects where we had to do some waterfall development to meet deadlines... and nobody really talked about methodologies, we just did our damn jobs. :)

4
1

MI5 boss: We NEED to break securo-tech, get 'assistance' from data-slurp firms

tnovelli
Bronze badge

Next question

Why are we still funding GCHQ and NSA?

2
3

Ex-Microsoft Bug Bounty dev forced to decrypt laptop for Paris airport official

tnovelli
Bronze badge

Re: Not a problem

Yeah... replace the guts with a Raspberry Pi or similar.

2
1

Survey: Tech has FREED modern workers – to work longer hours

tnovelli
Bronze badge

head scratcher

"Internet" is IE... for an embarrassing number of Americans. The ones who answer surveys, anyway. I shit you not.

8
2

Internet Explorer 12 to shed legacy cruft in bid to BEAT Chrome

tnovelli
Bronze badge

Only for Windows 10?

If Microsoft stays true to form, IE12 won't be available on win7, let alone Linux/Mac/Android. It may be a decent browser (Firefox and Chrome are sadly lowering the bar) but what's the point if it's doomed by a silly business strategy?

2
0

POS malware crooks hack IP cams to validate targets

tnovelli
Bronze badge

Re: pleased to see ,e?

Free, hot off the press, or proofread.... pick any two.

The local newspapers make El Reg look like a paragon of quality...

2
0

Sucker for punishment? Join Sony's security team

tnovelli
Bronze badge

LOL

Sony could have hired (enough / the right) people when it had a nonzero reputation. Too late now.

2
0

Space Commanders lock missiles on Elite's Frontier Devs

tnovelli
Bronze badge

Re: This was going to be my first

I was just playing OOlite (total coincidence, testing a 144hz monitor) and it's pretty fun. Doesn't crash like the previous installment of Elite did constantly :)

Tons of expansions/mods available now too, if I ever have a chance to check them out...

2
0
tnovelli
Bronze badge

Re: If I'd wanted a connected game I'd play Eve

How hard could it be to bundle an initial set of universe data with the game? Easier than downloading it every time you play.

Sounds to me like a lame antipiracy measure.

9
4

Linux 'GRINCH' vuln is AWFUL. Except, er, maybe it isn't

tnovelli
Bronze badge

Re: Hmm...

Yes. It's a little lax, not the greatest system, best avoided if possible. But that's not a vuln, it's a lack of awareness among people using VPS hosting in particular, and there are much easier ways to crack a friggin' WordPress or Drupal website.

4
0
tnovelli
Bronze badge

Re: An easier option ...

Sysadmins with windows? Wouldn't that be nice ;)

12
0

Dr. Dobb's Journal sails into the sunset - yet again

tnovelli
Bronze badge

Re: They were still going?

gamedev.net is the closest one I'm aware of, within a certain niche anyway. It's been around ~15 years, is independent AFAICT, and has a healthy user base. Looks like it'll be around for awhile if they can successfully make the transition from ad-funded to subscriber-funded.

0
0

Chrome devs hatch plan to mark all HTTP traffic insecure

tnovelli
Bronze badge

Re: I don't see the problem with this idea ...

No, the whole concept of HTTPS is broken. It just encrypts data in transit to untrustable servers.

Real security requires (at least) a completely different architecture, where servers only store and transmit encrypted data, never having access to decryption keys. Data would only be encrypted on end-user machines, only within the program(s) that use it. Those programs, and the OS, would need far more robust security than anything in existence today. The whole system would be useless for client-server apps (like websites) and probably less than 100% secure anyhow.

0
1
tnovelli
Bronze badge

@AC "It seems there are lot of cry babies with HTTP-only sites who have a problem with browsers telling the truth to their visitors..."

Ok, say I run SSL on my 100% public site with no private data anywhere. Will Chrome warn users if my site's been hacked? Not until it's too late for many. Will it tell them if I'm passing their data to insecure 3rd party APIs, or selling any information I collect on them, or giving everything to NSA/GCHQ? Nope.

@David Lawton - The fact that you can get away with MITM filtering of most SSL traffic, even with access to the end user machines (malware does too), does not inspire confidence in SSL.

3
3

Page:

Forums