* Posts by tnovelli

778 posts • joined 4 Feb 2011

Page:

Ad viewability worsens

tnovelli
Silver badge

Re: Ad blocking success or other metric?

Scrolling down within the first second, closing pages that take several seconds to load, hitting 'back' the moment ads appear, finding what they need before ads even appear, ads not visible on a phone, etc, etc.

1
0
tnovelli
Silver badge

Re: This is a crisis!

UBlock Origin + NoScript now. More efficient and better blocking than the old AdBlock variants, especially ABP, who joined the dark side.

I also made a separate browser profile for Google, since they've made it impossible to use their useful services while NoScript-blocking their other crap, which pollutes ~90% of the internet. In my regular profile, all google-related properties are now blacklisted. Yes, it's a slight pain in the ass to use Google stuff this way - so I generally don't.

4
0

Blocks appear in DigitalOcean's Droplets

tnovelli
Silver badge
Thumb Up

Re: Limited

Facepalm for whoever made that typo. I see it's been corrected to 16 terabytes max. That's more like it.

I'll withhold judgement until I've actually tried it. Hopefully it's not as half-baked as their Floating IPs...

1
0
tnovelli
Silver badge
Facepalm

Limited

Block Storage volumes can scale from 1GB to 16GB

Not really what I was looking for...

1
0

Meet Riffle, the next-gen anonymity network that hopes to trounce Tor

tnovelli
Silver badge

Re: Given That TOR Was Cracked Years Ago.....

Browsers are like Flash: constant patching, yet endless holes remain.

The WWW is not an acceptable basis for private/anonymous communication. We need simple protocols, designed for a decentralized network from the start.

3
0

The Great Brain Scan Scandal: It isn’t just boffins who should be ashamed

tnovelli
Silver badge

Re: Sound to me that "Deep Learning" in Google's Go machine is mostly human curated database.

> Although it'd be interesting to see the computers make their own curated database by playing themselves.

Someone wrote a program that did just that for Corewars in the 90s. Random mutation and survival of the fittest. I ran it overnight once and ended up with a piece of spaghetti code than no human-designed program could beat... in a sort of logic game with too many possibilities for humans to have a fighting chance, mind you.

0
0

Paper wasps that lie to their mates get a right kicking, research finds

tnovelli
Silver badge

Re: Killing wasps...

Wow. Could've been a candidate for Most Tragic Death Ever if you'd drowned!

I'm not sure what wasp the article relates to (a more solitary cousin of the yellowjacket?) but I can say the solitary American mud wasp packs a pretty powerful sting, and has a habit of blundering into shirtsleeves etc. "Mostly" harmless =/

4
0

Lenovo scrambling to get a fix for BIOS vuln

tnovelli
Silver badge

Re: Not Again!!! - Because ...

Don't just bash Lenovo, bash everything. There's no hardware you can trust.

2
1

Man killed in gruesome Tesla autopilot crash was saved by his car's software weeks earlier

tnovelli
Silver badge

Re: The facts - just the facts

> You see behaviour like that often

It's totally routine in New England. In the more congested areas, you can't get anywhere without breaking a few laws. Autopilot should be disabled if GPS says you're in this region. Maybe it is and that's why we haven't heard about any autopilot fails around here.

1
0
tnovelli
Silver badge

Re: Problem is - it's not really an autopilot

Aircraft autopilot isn't full auto either; same problems. I know a few older pilots who all say airline pilots are becoming dangerously overreliant on it. Even well-trained, very experienced pilots can become complacent.

1
0
tnovelli
Silver badge
Flame

Re: I will NEVER use Autopilot

The upvote/downvote ratio shows that most people are indeed morons, among the Reg commentard demographic at least.

If all the idiots start driving autopilot cars, there'll be MORE serious crashes.

2
1
tnovelli
Silver badge

> Yes, I read the article and others... other drivers slowed and avoided the truck

Thanks for pointing that out. Instead of "biting the hand.." as usual, this time El Reg left out some minor details that look bad for this technology.

- This "divided highway" isn't a freeway, it has intersections.

- The truck made a left turn from the oncoming left turn lane (think right turn, Brits).

- He should have seen it and anticipated that the trucker might turn in front of him.

- Time was 3:40pm on May 7 so glare likely wasn't an issue.

- "White truck, white sky" is the lamest bullshit excuse...

P.S. some of the other articles say a lot of other autopilot users reported that complacency is a huge problem, and the autopilot occasionally does really dangerous things like switching off during a lane change. Personally I would feel safer with a texting drunk driver at the wheel than ANY 'autopilot' or self-driving car. AI is bunk.

28
24

FCC starts running from cable box rip-off kill-off

tnovelli
Silver badge
Trollface

Pyrrhic victory

Doesn't matter. Cable TV is a burning platform :)

1
1

Apple, Amazon and Google are screwing us, warns Elizabeth Warren

tnovelli
Silver badge

Too little, too late.

Warren's officially a sellout now. Not that I ever believed the hype about her.

4
5

Fedora 24 is here. Go ahead – dive in

tnovelli
Silver badge

Re: Not good enough for my use.

@DCFusor - just sit back and watch the upvotes roll in once the shills move on to their next assignment and more real people dig into the comments. Tends to happen on the weekend.. you know, real jobs and all.

0
0
tnovelli
Silver badge

I do. I'm talking about all Linux distros. Fedora's on the 12-month end, CentOS and RHEL on the 24-month end. I have used all three. Not a lot; too much trouble on both ends.

LTS is a myth. It falls apart the moment you need to install a newer package that you can't even compile from source because, for example, it depends on a newer library you can't install without breaking something else. Sometimes you can sort it out if you waste enough time and/or skimp on security.

0
0
tnovelli
Silver badge

A 12-24 month rebuild/replace cycle is par for the course this decade. That goes for all Linux distros, server and desktop, bleeding edge and stable/LTS alike, including "good old" Debian. You might do better with CentOS, and I with FreeBSD... we'll see... but they all have to run the same apps/libraries/services, so I'm setting low expectations.

0
4

Microsoft releases open source bug-bomb in the rambling house of C

tnovelli
Silver badge

Re: C is not an applications programming language

It's a shame that null-terminated strings became the standard in C and most low-level APIs. Their slight space/speed advantage goes out the window when you do length checks.

C was a decent language that could've used an overhaul in the 1990s to address a few issues like this. Instead, we got the frankenstein monster C++.

0
0

So. Why don't people talk to invisible robots in public?

tnovelli
Silver badge

Re: I use it quite frequently

Way quicker than typing - on a 5" touchscreen, you mean?

0
0
tnovelli
Silver badge

Re: Elephant in the room

And they would need true intelligence to do decent speech recognition. Therefore speech recognition will always suck.

0
0

On her microphone's secret service: How spies, anyone can grab crypto keys from the air

tnovelli
Silver badge
Megaphone

Does it work when you're blasting heavy metal at >100db?

1
0

Google to kill passwords on Android, replace 'em with 'trust scores'

tnovelli
Silver badge
FAIL

On the shoulders of giants

This sounds quite similar to the credit card industry's fraud detection systems. Ought to work about as well too.

3
0

Gillian Anderson: The next James Jane Bond?

tnovelli
Silver badge

Re: " will have to to beat off stiff competition"

Meh. As double entendres go, this one's half-cocked and premature. Wait for a story where the double meaning is closer to the truth than the literal interpretation. The kind where you're halfway down the page before you realize "holy shit, that's fucking filthy - and hilarious!"

3
0
tnovelli
Silver badge

Re: Which way will a new Bond lean?

Hell yes - have you seen that series where she's investigating serial murders in Northern Ireland?

1
0

China caught astroturfing social networks

tnovelli
Silver badge
Trollface

Countertrolling 101

"Letting an argument die, or changing the subject, usually works much better than picking an argument and getting someone's back up (as new parents recognize fast)."

Therein lies the answer. If you see something, say something .... defensive, eh?

0
0

Facebook's turbo-charged Instant Articles: Another brick in the wall

tnovelli
Silver badge
Trollface

Re: Bah!

I assume the Reg staff use adblockers like the rest of us.

1
0

Google-backed solar electricity facility sets itself on fire

tnovelli
Silver badge

Re: Predicting Problems

"Safe alignment"? That would be due North, or face-down. That would require far greater range of motion than normal operation...

1
0

Hacked in a public space? Thanks, HTTPS

tnovelli
Silver badge

> In 2016? It's been a few years since browsers were showing the site's icon in the same place as they would show the padlock icon.

Firefox and Chrome, yes. Palemoon still shows a favicon in the url bar - with red/green/blue colors for various levels of HTTPS. Not that the average hacking victim would notice.

Just to be clear: as far as your privacy/security is concerned, HTTPS is worthless.

2
5
tnovelli
Silver badge

SSLstrip substitutes a fake "padlock" icon for the site's favicon. Crude but effective.

"SSL Inspection" proxies the victim through an actual HTTPS connection, so it's less obvious, but the attacker must install their own root cert on the victim's computer (corporate PC, or via malware, or via dumb PC manufacturers) - unless they've obtained the private key for a "real" root cert...

4
2

Dark net LinkedIn sale looks like the real deal

tnovelli
Silver badge

Yep - why change your password when there are a so many reasons to delete your account?

Networking is everything, but only the old-fashioned kind, not 'social networking' facilitated by these spam factory websites.

2
0

Google asks the public to name the forthcoming Android N operating system

tnovelli
Silver badge

Why candy?

Android Ketamine

Android LSD

Android Methamphetamine

Android ... Nicotine?

4
0
tnovelli
Silver badge

Re: Recycled Options

Android NothingHitlerDidWasWrong

3
0

Catz: Google's Android hurt Oracle's Java business

tnovelli
Silver badge

JAVA hurt both Oracle and Google

Anyone who's ever used an Oracle Java webapp knows what a mistake that was, and that's entirely Oracle's fault. By flooding the corporate world with that garbage, Oracle undermined Java's value. Maybe that was part of a plan to acquire Sun at fire-sale price, but that acquisition and subsequent lawsuit(s?) were the final nails in Java's coffin. What a greedy, boneheaded company.

I can only imagine that the Android devs chose Java in their formative years due to the popularity (among geeks) of JVM languages like Scala and Clojure at the time. LLVM would've been a better choice if its future had been more certain back then.

0
0

Free tool aims to make it easier to find vulns in open source code

tnovelli
Silver badge

Re: DevOps approach to Security

Lordy, but you people (Charlie Clark aside) do not understand code analysis.

I certainly do. Languages like JS, PHP, Python, Ruby, C/C++ are fairly opaque to static analysis. Fuzzing isn't the answer to everything either.

Auto-analysis tools are a machine gun approach to software defense; spray 'n' pray. Not a substitute for the (almost nonexistent) engineering that's so sorely needed.

0
0
tnovelli
Silver badge
Meh

DevOps approach to Security

I think I get why this is filed under Hype DevOps... because it plays to the idea that you can just write a ton of bloated crap code, run it through a few tools like this, and get secure software. Nope. You get... ImageMagick.

That's not to say you shouldn't bother with automated tools like this. But if they find ANY real security flaws, I'd say it's not enough to plug those holes. The software in question needs a thorough going-over.

4
4

Kill Flash now? Chrome may be about to do just that

tnovelli
Silver badge

Re: Off-topic (almost)

LOL, you want NoScript. It'll turn off 80% of HTML5 and break 99% of websites, and it's not exactly easy to selectively unblock scripts. Yep, it's 1999 all over again.

1
0
tnovelli
Silver badge

Re: "exempt the top 10 domains"??

Youtube has been working impeccably well WITHOUT flash for years.

In your parallel universe, maybe. But you can use youtubedown without flash or a browser...

0
1
tnovelli
Silver badge

Re: Google catches up to Apple, while Microsoft trails the pack

Hey - at least Microsoft gave the world a Flash replacement. It's called Silver light. ;-)

Was. It's already gone...

Adobe can play that game too: it's called HTML5. To be fair, Microsoft accidentally started it with an undocumented feature called XMLRPC (AJAX), and the Canvas API came from Apple, but a huge chunk of Web 3.0 crap is basically a Javascript port of Flash. (No wonder it's crap)

1
0

The fork? Node.js: Code showdown re-opens Open Source wounds

tnovelli
Silver badge

Re: "Then what?"

Moving the repo is easy but what about Travis, Coveralls, etc?

I never use the bells & whistles. Most of the git repos I work on are private and self-hosted.

Issues and pull requests would seem to be more important for open-source projects. I don't know. In practice, I see thousands of them in a few popular repos I track, which just confirms that those projects are hopeless clusterfucks. Is Github making it too easy?

0
0

ImageMagick hexed again

tnovelli
Silver badge

No silver bullet

It's interesting that Böck and others have tried fuzzing ImageMagick before, and didn't find ImageTragick, which is a pretty trivial vuln.

0
0

Marc Benioff apologizes as Salesforce NA14 instance goes TITSUP

tnovelli
Silver badge

Re: Power Supply Problems

Wild ass guess: since there are so few "instances" given the size of the company and the bloatyness of their SaaS, might they be using mainframes? I vaguely remember rumors that they were a poster-child for mainframes last decade; maybe they still are. And while mainframes would surely have dual-redundant PSUs, if one fails but the sysadmins don't notice or take their dear sweet time to replace it, then the other one fails... they're SOL. It's a proprietary replacement part. And it takes a courier about 12 hours to drive it down from upstate New York.

But what do I know? I use commodity 'cloud' hosting and I don't have to deal with problems like this... because they never happen.

0
0
tnovelli
Silver badge

Re: That's amazing downtime

If it knocked itself out, yes.

0
0
tnovelli
Silver badge

Re: Optional

God I hope so. I haven't been cajoled into doing any Salesfarce integration in over a year but I still receive crap data exported from it on a regular basis. Please just die, Shitforce.

1
0

Google asks Unicode to look over 13 new emoji showing professional women

tnovelli
Silver badge
Facepalm

emoji for "wankers"?

Like a lot of this decade's additions to Unicode, these don't belong in standard fonts. They're like hieroglyphics that no one has ever written by hand, with no common meaning or significance whatsoever.

Yesterday I was saying (not here) that UTF-8 text is a good archival format, in spite of some issues with bloat. I take that back. Unicode must die.

2
0

Huge embarrassment over fisting site data breach

tnovelli
Silver badge

I haven't checked my spam folder today but wouldn't be surprised to see a signup for this site. But I think IPBoard actually does email verification, unlike Ashley Madison.

0
0

ImageMagick exploits spotted

tnovelli
Silver badge
Alert

Patch AGAIN

If you applied the 5-line policy.xml patch, patch again. It's 9 lines now, per https://imagetragick.com/

Or uninstall ImageMagick and install GraphicsMagick (but test if you care; it's not 100% compatible)

1
0

Linux Mint to go DIY for multimedia

tnovelli
Silver badge

systemd

I knew this day would come. I'll stick with Mint 17.x until either Mint or someone else releases a no-bullshit distro that's not based on systemd. Or at least until systemd solves more problems than it creates for me.

And if every OS is utter crap by the time Mint 17.x reaches its effective EOL, it's time to get out of this business (again).

2
0

Experian Audience Engine knows almost as much about you as Google

tnovelli
Silver badge

Wide open. Hackers have been waltzing through all the CC bureau databases since the 80s, and I don't see security getting any better in the web/mobile age.

1
0

New Firefox versions will make you activate all new add-ons – except one hacker favourite

tnovelli
Silver badge
WTF?

Firefox lovers

What's with all the love for Firefox? I can understand hating it a bit less than Chrome, Safari, and IE/Edge... but only a wee little bit. Firefox ain't what it was 10 years ago.

6
0

Page:

Forums