Posts by Kevin McMurtrie
451 posts • joined Friday 15th June 2007 18:33 GMT
The other first
When are you Brits going to stop calling the second floor a "first floor"? "First above the ground" makes it, from any rational point of view, the second floor. I can see the French doing it to preserve quirky ancient cultures and all that, but this is a bleeding edge, high tech, serious online publication here. Even computer nerds know that an element at index zero is the first element, not the first after the zeroth.
Build, sell, dump
Today we have expectations that a very complex product might not be 100% when it's first sold but it will be 100%, or even better, with a software upgrade that comes out soon after the purchase. What I've been seeing more and more of is that companies sell their tech long before it's ready and then immediately abandon it. Customers feel cheated and boycott the brand for years. That's the experience I got with a very expensive Panasonic TV (MPEG4 never implemented, Netflix failing, YouTube failing) and a very expensive Panasonic HD video camera (false resolution claims, missing software, and AVCHD metadata is incorrect). My mother had that experience with an upscale Panasonic microwave oven (blew internal fuses due to a power inverter design flaw).
The best news for Panasonic is that their competitors are doing this too. The bad news is that people may spend their money on non-tech instead.
Fat pixels
They're amazing for a cellphone but I call BS on the resolution. Zoom in to the high res images and search for anything that has an optical resolution better than 3x3 pixels. It's not there. The prototype sample photos from Nokia actually had 3x3 bricks where there were unmasked defective pixels.
The technical white paper indicated that there are 41 M sensors for superior noise reduction and digital zoom, but said the rest of the hardware must process a downsampled or cropped image. My bet is that the marketing department demanded the 41Mpix back even if it meant upsampling after downsampling.
10 in 1
Running many JVMs is awful for efficiency, just as is running many OS VMs. The JVM was designed to run friendly apps concurrently with very little coding effort. Potentially hostile apps may be run concurrently with a bit more effort but Oracle will need to address that trickle of vulnerabilities that are posted each week.
I remember when...
you had to use a chisel on a rock.
It seems to me that the longest surviving storage medium to date is DNA. The best way to keep data alive is to keep reproducing it with error correction.
Shut up and pay
Apple managed to take a lot of power from the telcos with the first iPhone but most customers still don't control the very phone they pay so much for. The mix of Google, Samsung, and Sprint screwing with the software has made my Galaxy S2 unreliable at best. Now I'm one of the many getting stuck in roaming mode without service. Me repeatedly sending it in for warranty repairs is more of a protest than a way to make any actual progress.
82 inch TV
You have a large child.
-XX:MaxPermSize=6G
Nobody wants Java to be a mega-system. The JVM is quite impressive, language is functional, and most of the standard edition libraries work very well. Oracle should stop throwing everything into the bloated "Enterprise Edition" classification and focus on simple modular solutions to specific and well defined problems. They might even make some money on it. A marketing model of creating specifications so complex that only Oracle can provide implementations isn't going to work. As soon as I see a new feature listed for "Java EE" I stop reading.
Not servers?
One feature of Enterprise Edition Java web servers is multiple contexts. This is where multiple applications can run on a single server and JVM process but in complete isolation. The advantage of this is greatly increased memory efficiency and simplified management. The disadvantage is increased complexity and the need for a Java Security Manager. From what I've read in the exploit sample code, servers running multiple contexts are vulnerable. Specifically, the big Enterprise Edition servers that big companies pay Oracle support for. A JSP file should be able to execute code outside of its context the same way an applet would. Distributed/Cloud computing servers that execute sandboxed tasks from JAR file may be at risk as well.
Re: Different Java editions
It's about escaping the security layer by having trusted JVM classes run your code in their environment. Normal Java applications have no security layer or any need for it. The security layer is critical for auto-loading applets and multi-application web servers, though. Not only are web surfers at risk, but also the big corps funding Oracle's paychecks with those bloated multi-function Java Enterprise Edition server deployments. This hole means that almost any employee can hijack a corporate Java web server and the web server's role with a little malicious JSP code. (Smarter businesses running single function servers with no security layer have nothing to fear here.)
$22,500 per track
I bet a lot of musicians wish they were getting paid that $22,500 for each track that Sony takes from them.
It makes rain so it must be a...
Apple, Microsoft, and Amazon are data centers. They are not a cloud. The cloud is when your computer has full access to the systems of your choice. The cloud would be you, your family, and a few friends having online storage in their homes that you share with each other. There's nothing technically new or difficult about software to aggregate multiple systems into one robust virtual device. The problem is that ISPs have money making monopolies/duopolies that must be protected with tight customer usage controls. You don't get a static IP address, you aren't allowed to run servers, and anything that doesn't make the ISP money gets throttled. As long as ISPs don't allow it, nobody is going to create the software for it either.
Moooo
$332m doesn't pay costs of operating online games?! Either they haven't realized that they can simulate the game in computers without using actual farmland, or somebody is pocketing a lot of money.
Re: Java VM = malware portal
Applications have no security except for those placed on the current user. That goes for Java, Scala, Applescript, C, C++, Objective-C, PHP, Ruby, Bash, and everything else. Be happy that the viruses aren't being hand-coded in lean and mean x86-64 yet.
As for Java's speed - it depends on the quality of the code. Anti-aliased image rendering runs in Java just as well as C if given the same level of optimizations.
Playing in the shadows
Apple assumes their users are dumb so they have come up with various ways to hide and disguise important files from casual access. Bundles make directories sometimes appear to be files. A shocking amount of critical data is placed into hidden directories starting with a period. 10.7+ even goes ludicrously far by hiding your personal "Library" folder from normal view. These areas are normal user directories so any application written in any language has permission to alter them. Essentially, Apple has gifted malware with big play areas without the assumedly dumb users being able to easily spot them.
Posted in Ten... dual-band wireless routers
Sync today, gone tomorrow
The #1 problem that I've had with access points is that they aren't reliable. A quick check of online reviews shows that I'm not the only one having this problem.
I had purchased and returned more access points than I can remember before I found one that could run for a week. Most of them started malfunctioning immediately or lacked features that were right on the box. Some good testing points are: Does the router survive many hits to bloated web pages, can devices remain continuously connected without WPA glitches, are broadcast packets reliable, and are the features on the box actually implemented. Now try that again after being on for a week.
It's also weird that this review complains about a brand of AP missing features when the reviewer has explicitly chosen a model missing those features.
Posted in Exploit posted for vulnerable F5 kit
In the wild
The code is a testing tool unrelated to the exploit being out in the wild. The advisory shows the exact nature of the problem and gives the single private key used for root login. Copy & paste it into any SSH client and you're good to go.
This is a pretty amazing vulnerability, that the installation guide would not disclose a default root login that needs to be changed.
Let's play DMCA
I don't know if the DMCA was involved but there were takedowns:
http://theoatmeal.com/blog/funnyjunk
The DMCA is a game, not a tool. Infringers will take down the offending content but create an environment where it instantly and legally re-appears. YouTube mastered this abuse as much as the RIAA and MPAA mastered their own abuses.
Ethernot
Needing to carry a separate Ethernet adaptor makes the laptop considerably less portable. WiFi is great for surfing the web and checking e-mail but it's crap for getting work done.
The [Apple/Samsung] is better than the [Samsung/Apple] you own now
Does Apple or Samsung actually have any worthwhile upgrades to release? It seems to me that they both released half-assed products last year and have both decided to move on rather than help their ailing customers. It's like the American political system where we forever alternate between two parties, thinking that we're teaching one a lesson by electing the other. The SIII and iPhone 5 aren't worthy of so many news articles.
███• • • • • • •███
Cool, but that video is over the top. I expect many Venus flyby parody videos to follow.
ø (No Service)
This is great. I've always wanted to replace my reliable 32GB SD card with intermittent playback from an overloaded cell tower while paying a monthly fee.
Re: It's fake
I think the data can be restored using Photoshop's healing tool.
...an IQ of 6000. The same IQ as 6000 PE teachers.
95% of the power goes to 'Android OS' even after a factory wipe. Samsung's SII firmware is buggy as hell - GPS rarely works, 3G doesn't work near other 3G phones, can't maintain 4G, phone spontaneously gets hot in weak reception areas, buggy sound drivers, and rapid battery drain. Samsung's fix for this mess is to release a new phone. People will buy the new phone thinking it will free them from the problems with their old phone. I have my doubts.
Wireless Charging Kit
My Galaxy SII powers off from a dead battery in 25 hours when it's lying on a table or 4-8 hours when it's moving in any way. Perhaps the SIII wireless charging feature is absorbing all the power radiated from nearby SII phones.
You're probably wondering where to find the other pics...
http://www.reghardware.com/2008/10/02/eee_girl_saga_continues/
Re: what on earth...
It's distributing rows of a standard relational database across many databases. You still have relational data but the relationships have a limited spans that always fit within one database. It's a solution when you have very complex customer data requiring transactions but at the same time have little customer-to-customer interaction.
Too late
These hacked Hotmail accounts are being used to create spam for sleazy web sites. It's unflattering and non-stop so my guess is that its not spam, but a vengeful attempt to create a flood of complaints against the advertised web sites. Whatever it is, I had to blacklist Microsoft's 65.52.0.0/14 this morning.
WebSocket
A WebSocket is not a naked socket, but a protocol upgrade of an existing HTTP stream coordinated by both the client and server together. The JavaScript side can not open an arbitrary socket or speak an arbitrary protocol over it. Recent exploits have centered around using WebSockets as another form of HTTP header injection, which requires help from external brokenware.
Posted in Microsoft unveils paid SkyDrive options
Draindrop
You can put 64GB on a phone's microSD card so using the cloud instead seems tedious. I find online storage useful for the file that I didn't expect that I'd need - a tiny file out of terabytes of files. Right now that's easy to accomplish with a home server but nearly impossible with cloud storage.
Git out
Ask the world what they want a source control system to do, make a big feature list, and keep cramming features into your source control system until everything in that big list is checked off. That's Git. Git has such a rich feature set that it will take you months of experience to chose the right feature for a simple task and years of experience for a complex task. Merging conflicting lines in a file is not enough, as you must merge another dimension of conflicts in the file's evolutionary history as well. Your experience in the first few months of Git will be streamlining the process deleting your local repository, fetching a fresh copy, and merging a backup of your work on top of it after a failed attempt to resolve conflicts. After years of training you will become an enlightened Master who swears by the virtues of Git and sees SVN and Perforce as toys. Or you will smash your computer, quit your job, and find a less frustrating place to work. Probably the latter.
Re: I would be more impressed...
This is what I've assumed makes the most sense too. Specialized APIs are scary because they have unpredictable behavior, complexity, slow bug resolution, and tech lock-in. Have 128GB SDRAM and 20TB Flash as swap. Now the apps can do what they need to do and let the OS worry about the most efficient way to handle memory. Flash card makers can make their money selling highly optimized virtual memory implementations.
More bandwidth
DTV has huge amounts of spare bandwidth compared to analog TV. It's odd that there's no UK replacement.
In the US, it's common to multiplex low bitrate audio and video subchannels into the broadcast. They're usually weather, news highlights, international satellite feeds, and such. KAXT-CA is notable for being nothing but 20 of those streams.
Wow
The Samsung Galaxy SII sold by Sprint has been plagued with problems that kill the cellular and GPS radios, and they both act as if that's normal. I should have bought a Nokia.
Re: java such a turd
Actually, Java is a very nice development language. It's the applet environment that's a turd. You can disable applets that aren't signed by a trusted source using the "Java Preferences.app" in your MacOS utilities folder.
Under the covers
I heard that the live axle still runs DOS.
Spider resistance
Spraying fields is what gives insects their resistance. Areas receiving partial doses breed insects having the most natural resistance. No such thing happens with actual spiders. Regardless of whether the victim is killed or stunned by the venom, step two is fatal mummification. Imagine what would happen to pest populations if spraying spider venom renders spiders harmless.
Posted in Mobile phones cause ADHD in rodents
Hz of Ghz
I doubt the transmission frequency matters much because it's way beyond what a cell can directly interpret. What I would expect to matter is the packet rate, which is in the milliseconds range. A constant transmission may do nothing more than slightly alter some chemical thresholds in some insignificant manner. Modulating the transmission with a low frequency could modulate those thresholds in a way that generates biologically significant signals. It's similar to how a cellphone makes an audio amplifier buzz. The audio amp's semiconductors have an operating limit around 30 to 200 MHz but the higher cellular signal can slightly alter characteristics. A constant 900GHz signal would do nothing but a modulated one can produce the familiar buzz.
One billion dollars
If you try to buy prototype capacitors from CAP-XX, you'll find that they're tiny surface mount components. 2.4F; 2.75V; ESR - 26 mΩ; 39.00mm x 17.00mm x 1.85mm; -40°C to +85°C, $16.25 USD. Those are great specifications, but the price is crazy. BTW, 1990 posted to a BBS that it wants its video back.
Will SSDs come to desktop Drobos?
Desktop Drobos are much slower than the spinning disks inside them. The only reason to put SSDs in them would be to lower your electric bill. Automatic cloud backup would be very nice.
No primitives?
The advantage that Java has over scripting languages is exactly the primitives. It's missing C's unsigned math and bulk structure allocations, but data crunching generally compiles into something efficient. It can do multithreaded image rendering and compression, resample data, and it can pack binary data streams into dense indexed structures. You're free to ignore the decade of bloated libraries created by Apache, Sun, and Oracle when performance matters more than simplicity. Eliminate the primitives and one might as well go to PHP, Ruby, Python, etc. that sacrifice performance for superior simplicity.
Posted in LOHAN is heading towards REHAB
Maintain thrust, blow its load early, or fall flaccid
There's no air filling the gaps and defects in the rocket that would otherwise slow and cool hot exhaust gasses, so it could explode. There's also less maintained exhaust gas pressure against the propellent so it could fizzle. Either way,wear goggles and be prepared to tell the rocket that it could happen to anyone.
Marketing in charge
According to Nokia's whitepaper on the technology, there are 41M low quality pixels that are normally downsampled to produce about 5M high quality pixels. It says that the downsampling is reduced to perform digital zoom with fewer losses than you'd get with upsampling.
The camera used for Nokia's 41 Mpix sample pictures has hot pixels and other pre-prouduction defects that show up as 3x3 pixels. I can also find no high frequency details that wouldn't be created by an upsampling algorithm. Something's not right. I suspect that Nokia's Marketing department demanded that the 5 Mpix images be upsampled back to 41 Mpix images.
Overall the images are nothing special for a modern cellphone. They suffer from the usual defects caused by a tiny lens, a tiny sensor, and a body with little angular momentum.
Check that invitation list
abuse@google.com, abuse@gmail.com, groups-abuse@google.com, and abuse@yahoo.com don't seem to function. Fixing that would be a huge step towards eliminating spam floods and phishing.
Kill them
March 8th should be payback for all the damage that unmaintained computers are doing. Buy a computer that you can maintain or don't plug it in to the rest of the world.
Don't want a MacPad Pro
Mobile devices are useful but I need a desktop/laptop when to get serious work done. I want it faster, more powerful, more elegant, and capable of running more applications. 10.7 was a step backwards in a work environment because it lost performance and common tasks (find/replace, mail and calendar integration, saving/discarding changes, etc.) lost their elegance. If Tweeting and an App store is what there is to look forward to in 10.8, I'll pass.
100% of my world likes crispy fried food
There has to be something more to this. Everybody knows that giving people stupid gifts in exchange for survey data causes your data to represent exactly the portion of the population who like stupid gifts. Google must know it so you have to wonder what they're up to. It sounds like they've found a way to sell services to low-income people at large enough scales to make Googly-sized profits.
Hazy shade of gray
Nikon omits the aperture from their product specifications but "1:3-5.9" is on the barrel in their product views. I have lens that's f/5.6 at 300mm and I don't think this will work. f/5.9 isn't going to produce much sensor illumination for anything that isn't in unfiltered sunlight. The sensor will be running at maximum ISO and that won't produce a clear enough image to compensate for the large amounts of atmospheric haze to be expected at such a high zoom level.
Mac OS X = Terminal
I see LOTS of developers using MacOS X. That catch is that they're writing, executing, and debugging platform independent code to eventually be deployed elsewhere. Mac OS X is like a modern day terminal - it's a human interface to large systems running other Unix variants. It was never a good fit for data and processing clusters and Apple has declared that it shouldn't be. It's odd that somebody would bring ZFS to Mac OS now, especially when 10.7's user-experience features consume resources like it owned the whole box. It better run a lot faster than HFS+ because bandwidth is all MacOS X needs.
Anybody not wearing 2 million sunblock...
It's going to get messy when a military mounts this on a truck (or shark). IR lasers waste a lot of energy cutting a hole past the surface of targets. An x-ray laser would cook deeply through targets without needing power for melting or vaporization.
