* Posts by Decade

194 publicly visible posts • joined 20 Jun 2012

Page:

BOFH: Free as in free beer or... Oh. 'Free Upgrade'

Decade
Mushroom

Or Ricoh

Every generation of those things is bigger and has more features, but is also more complicated and fragile. The latest generation in my office comes with an entire mini-ITX PC running Windows 7 to run the print server, but it needs the original Java-based OS to run scanning and email. So, I need 2 network ports where 1 once worked, one for the built-in Java OS, one for the new mini-ITX PC.

Also, in some situations, the PC silently discards print jobs. A Ricoh technician was here for hours, and he couldn’t figured it out.

Fear not, humanity – Saint Elon has finished part two of his world-saving 'master plan'

Decade
Paris Hilton

Re: Reaching

Solar panels on the roof of a car?

Musk has failed with that part of his message. When I read it, because I pay attention to the industry, I knew he actually meant solar panel on roof of house, battery in the garage.

But I see so many people read it as, solar panel on car, or battery on roof, or solar panel and battery on roof of car. Clearly, Musk needs to spell out every detail for people who don’t understand technology, such as The Register writers.

San Francisco* to get 1Gbps Google Fiber

Decade
Headmaster

What about the NIMBYs?

Despite being a major tech hub, San Francisco itself presents a challenge for companies who would run fiber lines in the hilly terrain, unique architecture, and densely-packed clusters of houses and apartments in many of the city's neighborhoods, where ripping up copper wiring and installing new lines can be a painful and costly endeavor.

The NIMBYs and the horribly inefficient government have more say into why it’s so hard to build fiber in San Francisco. And anything else, really. Since so many techies are immigrants and cannot vote, the burden falls more strongly on native San Franciscan techies to change this state of affairs.

Monkeybrains tried to do micro-trench fiber, but apparently never discovered the necessary paperwork.

Google tried to do a fiber and WiFi thing with the previous mayor, now lieutenant governor, but the dysfunctional Board of Supervisors shut it down.

AT&T tried to do a FTTN deal, fiber + DSL, but the NIMBYs complained and shut it down.

In addition, there is no coordination about what happens when the streets are torn up, so every sewer, gas, and water project tears up the streets again and again and leaves the roads all lumpy. If they would install fiber and conduits when they fix other stuff, that would make Internet access more affordable.

Is DNSSEC causing more problems than it solves?

Decade
FAIL

Yes, The Register’s writer needs an education

Kieren McCarthy is so behind on the technology. For many years, Daniel J. Bernstein has been calling DNSSEC “the worst DDOS amplifier on the Internet” for precisely this reason.

And 2 years ago, Paul Vixie presented a general solution: Response Rate Limiting. The technology exists to fix this problem. It just needs to be deployed.

Really, I expect this cluelessness from the MSM. It’s sad to see it in The Register.

Top new IoT foundation (yeah, another one) to develop open standards

Decade
Paris Hilton

The blind leading the blind

Just make something good already. MVP, and iterate. This futzing around with foundations and frameworks is making things too complicated to work.

This is why prescriptive standards organizations like the W3C never get anywhere. They need to adopt the IETF model: “Rough consensus and working code.”

IPv6 is great, says Facebook. For us. And for you a bit, too

Decade
Paris Hilton

Where are theregister.co.uk's AAAA records?

With IPv4 addresses just-about-depleted worldwide, Facebook has penned a post telling websites to roll out the protocol, if they haven't already.

This is referring to The Register, right? Or is your infrastructure too precious to risk changing the IP version? And if your infrastructure is too precious, what does that say to people who do actual work?

Decade
Boffin

Directly addressable just means it has a globally unique and routable IP address. Ordinary corporate IPv4 networks use private networks according to RFC 1918. Those addresses can be used by anybody, but they really should be unique inside a single organization. At Facebook's scale, trying to keep all those RFC 1918 addresses unique and having enough addresses for every use was becoming too difficult.

In IPv6, the idea is each device actually has multiple addresses. It has a link-local unicast address, a link-local multicast address, and ideally one or more globally routable addresses. The link-local addresses are to replace semi-IP protocols like ARP, but they also can be used on their own. The globally routable addresses could include static addresses, but for privacy they usually use one or more temporary, but still globally routable, addresses for use for about 24 hours. They automatically allocate and discard these temporary addresses.

Every IPv6 implementation I know uses globally unique and routable addresses. Current versions of the major phone and desktop operating systems support IPv6 natively. When the major ISPs upgrade to IPv6, all the ones I've seen give globally unique and routable addresses.

However, having a directly addressable IPv6 implementation doesn't mean everyone can access your computer. Firewalls can still block connections that you haven't initiated. It's still better to use IPv6, because the vast address space makes network management much, much easier.

OpenWrt gets update in face of FCC's anti-flashing push

Decade
Facepalm

Re: Raspberry Pi?

No, a stupid idea.

The CPU in a Raspberry Pi is not a router chip. The Raspberry Pi is built around a TV/set-top box processor. Its network I/O, frankly, sucks.

Besides code signing (see how Google OnHub has a TPM chip that prevents third-party firmware from running), the major issue is device drivers. The 5 GHz chip in a typical router is a PCIe add-in chip, and it looks like a lot of the router SoC can also act as PCIe wireless adapters.

If you want extreme customization, I think it's best to get a dedicated board with some PCIe slots, maybe something from Soekris, and carefully research the wireless adapters to find ones with working open-source drivers that support master mode.

Google: Clowns to the left of me, jokers to the right, here I am – stuck in the middle of EU

Decade
Big Brother

Why does Google have such a dominant position in Europe, anyway?

One thing I don't understand about this Google antitrust thing is, why does Google have such an overwhelming market share in Europe? A couple Bloomberg guys looked, and reported that Google has far more market share in Europe than anywhere else. It seems like there is a ridiculous pessimism about individual choice, there.

This is not late-90's/early-00's Microsoft. There is no contract saying, you must bundle Google or else you lose your profit margin on every PC you sell. The EU is home to Jolla and the Sailfish OS. DuckDuckGo proves that you don't need to be super-rich or super-spying to have a useful search engine. It's not Google's fault that everybody in Europe chooses to use their software and services.

Why is the smart home insecure? Because almost nobody cares

Decade
Trollface

Follow-up to the previous post, right?

This post is following up on Mark Pesce’s report on kids using Raspberry Pi, obviously.

AT&T accused of Wi-Fi interception, ad injection

Decade
Trollface

Where is HTTPS?

Security? They've heard of it but don't seem in a rush to do it very well

This is referring to The Register, right? We’ve all known, at least since Snowden, that using HTTPS is the best way to prevent middleware from spying on and maliciously modifying the content that you send to visitors.

The good burghers of Palo Alto are entirely insane

Decade
Holmes

Just as TechCrunch reported

Kim-Mai Cutler at TechCrunch reported on this exact issue last year: How Burrowing Owls Lead To Vomiting Anarchists (Or SF’s Housing Crisis Explained)

Bay Area Regional Governance is difficult and counterproductive. Allowing companies to build tens of thousands of units of office space, but only thousands of units of living space? Are they insane? Yes, they are.

It’s quite sad how a bunch of romanticists, pining for the way things used to be, are contributing to the very gentrification that they claim to be fighting. My brothers and I are native San Franciscans, but we all had to go into tech to afford to stay here. Lucky for us that we have that aptitude. I used to work with school kids, and I worry about their futures here.

Google reveals OnHub WiFi router, complete with GLOWING RING

Decade
Linux

Atheros

I can’t help but notice that when Google is looking for a maintainable wireless router, they’re going with Qualcomm Atheros. All the router chipset manufacturers sort of suck, as far as openness of device drivers is concerned, but Atheros seems to have sucked much less than the rest. My routers use older Atheros chipsets, because I know I can upgrade the kernel on them.

But I’m a bit concerned about the Qualcomm acquisition. Will Qualcomm maintain the openness policy? The IPQ8064 doesn’t actually include the radio, and most routers that have the IPQ8064 SoC attach it to closed-source Quantenna radios. Worse, it looks like the Qualcomm Atheros QCA9980 is not open. I hope Atheros is not another nice company killed by acquisition.

Decade
Meh

This Google OnHub thing seems to be modeled on the Google Nexus. They may not care about your privacy, but they do take care of security. Unless a FISA judge tells them to hand your data to US agencies in secret. But hey, that’s way better than AT&T, which astonishes even the intelligence community with how eager they are to sell out their customers.

In my opinion, the biggest competition this device faces is not another high-end router, but no router. The ISPs are pushing really hard to upgrade people to combination modem and WiFi routers. Preferably rented. And this would have been good for consumers, because the ISP is in charge of maintaining and upgrading those things for the lifetime of the service. Except that they forgot to include customer service and good software updates.

It’s also tricky to get IPv6 through the combination modem and WiFi routers. IPv4 with NAT works because, eh, another layer of NAT, nobody will notice, incoming connections are for pirates anyway. IPv6 requires proper prefix delegation, which is handled differently depending on the ISP, and the customer probably has to log into the combination modem WiFi router thingy to place it into bridge mode. If it even has a proper bridge mode. I’m curious to see how Google intends to handle this issue.

I cannae dae it, cap'n! Why I had to quit the madness of frontline IT

Decade
Paris Hilton

Re: Why are you even defending OPM and Archuleta?????

An audit said, the OPM systems are horrendously insecure: turn them off. Archuleta said, we need them for work: keep them on. Then they got hacked. Then Archuleta goes in public and goes, at least her security initiatives let them detect the hack. A year after it happened.

Farewell then, Mr Elop: It wasn't actually your fault

Decade
WTF?

Re: Metro was the failed gamble

…users would not come unless there were lots of apps. Maemo/Meego/N9 had proved this.

N9 proved that there will not be a platform if it is not advertised, it is launched with extremely limited availability, and its CEO says it’s a dead-end product no matter how well it sells. And it still sold better than Windows Phone 7.

I thought the Qt strategy was sound. When Qt was put on a Burning Platform, businesses that had been tooling up for it angrily dumped Nokia and went all-in with Android and/or iOS.

Metro was an attempt to create a platform which would work for the PC, tablets and phones.

That was not a happy time for Microsoft. Bill Gates promoted .NET as a way to write dependable, cross-platform software (but he tried to be all vaguely visionary about it, and Marketing then confused the hell out of everybody). Metro was built on .NET, so it should have been cross-platform. Instead, Microsoft kept jumping from one .NET GUI to another, so you couldn’t be sure your program wouldn’t need to be rewritten next year, and even Windows Metro and Windows Phone Metro were different. Apple and Google offered relative stability. People who like jumping were switching to platforms they could control, like webapps on Node.js on Linux.

Even now, 4 years later, you can only share some of the code between desktop and phone Metro, and One Windows is a promise for later this year. I’m not sure how alarming it is that Microsoft Skype, for one, has switched from Metro back to classic desktop Windows.

Elop could not have known that this would happen, but it’s the utmost foolishness to drop what was working before letting Microsoft’s new platform prove itself.

FBI: Apple and Google are helping ISIS by offering strong crypto

Decade
Paris Hilton

Lawmakers listen to this garbage?

The problem is that the best minds in the field say doing so is mathematically impossible, and even if it were possible, you'd be painting a target on your back by telling the world there's a hack available and daring them to find it.

To quote Whitfield Diffie (RSA 2015 Cryptographers’ Panel):

“Not to disparage those ways in which it won’t work. Imagine that we adopt a key escrow regime. … Well, in the current state of technology, I think it’s much easier than it was when we argued about this 20 years ago, to pre-encrypt what you send into the channel. Now, that means that they exercise a warrant and access the outer layer that’s open to them. Then they’re going to find out that you’ve encrypted it in some way internally to the message they’re reading. Now, what are they going to do about that? Well, it might be in that case, they’ll do what they might have had to do anyway, come down on you with a bench warrant or something and order you to tell them how to read it. But that doesn’t gain them a lot.”

Facebook flings PGP-encrypted email at world+dog. Don't lose your private key

Decade
Boffin

Re: PGP is not security

A certain amount of metadata has to be in the clear, otherwise how does a public mail server know how to route your email? It at the very least needs to know what domain to send it to. So maybe metadata encrypted with a public key for that domain, then the server in that domain can route it to the appropriate user.

This is exactly what Darkmail proposes. The protocol has separate keys for the sender, so the message could be authenticated, for the sending server, so it knows which domain to send the message to, for the receiving server, so it knows which user to send the message to, and for the user. The sending server doesn’t know which user is the recipient, unless it’s on the same server, and the receiving server doesn’t know which user is the sender.

The specs (pdf) take a lot of words to describe the system, and it’s still not usable. At least it’s a collaborative effort, so if it works, I’m expecting there would be more services providing it in a federated fashion, like the current mail system and unlike all those secure messaging apps.

Decade
Facepalm

PGP is not security

What I find frustrating about these OpenPGP efforts is that they are largely futile. PGP is effective for hiding the content of email, but it’s not effective for normal communications.

I think the real Snowden revelation was just how important the metadata are. Who’s sending messages of what sizes to whom, when. OpenPGP does nothing to secure that. Snowden used PGP to hide the leak, but he used proxies and temporary email addresses to hide his identity as the leaker. And he only trusted that for a short time. To provide privacy, we need the metadata to be hidden for everyday email. We need a comprehensive replacement for SMTP email.

The biggest problem with encryption in SMTP is that it is bolted onto the protocol ad-hoc. Communicating with end-to-end encryption vs communicating with everything where the server can see it: The difference can be observed, decreasing security. Discussing whether to use SSL to communicate with the server: It can be disrupted, decreasing security. Even server-to-server communication is not entirely secure. We need to replace SMTP with a protocol that is actually designed for security.

I’m hoping that Darkmail works out. So, of course, now everybody is hopping onto the OpenPGP train. If I were more paranoid, I would wonder whether this were a conspiracy to keep metadata in the clear. Instead, I’m just hoping we can convince everybody to switch to actually secure email, after going through the pain of working with PGP.

The oracle knows all. Not THAT Oracle, of course

Decade
Trollface

The best is a matter of opinion

But we are in the post-PC era, Moore’s Law is as good as dead, and so on. The “best” computer is not just a matter of what is the most expensive.

For example, if you decide that your user will really be better served with a Mac than a PC, then the most expensive Mac is a trash can with a bunch of wires on the back. And if they do lots of traveling, a phablet will provide much more amusement; unless they need to type a lot, in which case a no-port MacBook is less hassle. And if they just buy all the models, then they get to experience Apple’s non-solutions for synchronization.

Even with low budgets, I would strongly advise a user to buy a slower CPU with SSD than a faster CPU with HDD. The difference in wasted human lifetime is just too much to ignore.

The 'echo chamber' effect misleading people on climate change

Decade
Boffin

Humans are defective

I'm sure I will get some down-votes for this, but the fact is that a lot of people are making observations and they simply do not see any serious problem.

That’s because humans are seriously flawed. From an alarmist perspective, the rising temperature, the rising sea levels, the rising acidification of the oceans; Future Me is quite inconvenienced by the decisions of Present-tense Society.

But Present-tense Society is like, I can’t afford the $30,000 for an electric vehicle, or $15,000 for solar panels, the payoff time is forever, I’ll just keep putting a liter of carbon into the air for my daily commute and hoping my electricity will turn green just because. I can’t afford new car payments; the main reason I don’t burn gasoline is because I can’t afford a used car, either. (Also, downtown, the “freedom” of driving a car is the “freedom” to crawl bumper-to-bumper looking for a parking space. No thanks!) I don’t see the problems that my use of energy is causing.

Same reason almost nobody’s behavior changed, following the Edward Snowden revelations. We’ve “always known” that the Five Eyes spy, so we’ll keep doing what we were doing before. We techies need to be making decisions on these sorts of things for the rest of the population, so they can concentrate their decision-making energies on stuff that matters to them.

Why voice and apps sometimes don't beat an old-fashioned knob

Decade
Boffin

Re: I'd love to have smart heating...

I’d also love smart heating, as long as I’m in control.

Sometimes it feels like I’m surrounded by idiots. Earlier this week, some people came in earlier than they normally do, and they felt cold, so they turned on the heater. By the time I came in, it was toasty, and I had to turn the heat off. They had set the thermostat to 26°C. No, you morons, you don’t really want the temperature to be 26°C.

Other days, they’ll feel hot, so they set the thermostat to 16°. No! Stop wasting electricity! Why does the thermostat even go this low?

The problem is that this building has an irregular schedule that changes without notice, so I can’t just program the thermostats and lock them up. I think an ideal non-connected thermostat would have just 4 buttons: Go hotter, go colder, run the fan, turn off. Pressing Hotter or Colder would set it to change the temperature by like 2°, and it would turn off automatically after 2 hours. Then I wouldn’t have to fix moronic mistakes like trying to heat the building to 26°C.

Decade
Unhappy

Re: Strange complaint

That doesn’t always work. Android has serious UI problems.

For reference, the official way to get out of full-screen is to swipe down from the top. This makes both the status bar and the navigation buttons reappear. It also sends a downward motion into whatever app is on the screen, so your e-book ends up scrolled in some new position, or worse.

Tesla Powerwall: Not much cheaper and also a bit wimpier than existing batteries

Decade
Trollface

Re: Anyone have specs on the Powerpack?

Given the state of the Model X and the Model 3, I wouldn’t be surprised if the Powerpack and the Powerwall turn out to be vaporware.

Inside the guts of Nano Server, Microsoft's tiny new Cloud OS

Decade
Boffin

Re: took long enough

Microsoft calls 400 MB “small,” not including drivers. The cloud people call that huge and slow, and are looking to minimize it. Docker is promoting minimalist operating systems like Ubuntu Core, that take like 40 MB of storage. Xen is promoting unikernels that can take less than 1 MB of memory.

Not to mention that, if you really wanted to, you could make a server out of OpenWRT, that routinely fits Linux and a bunch of other stuff into 8MB of flash.

Microsoft has a real problem with relevance. Only fools would make themselves dependent on Microsoft products.

Why recruiters are looking beyond IT's traditional talent pool

Decade
Flame

Re: Two Cheers for a story

I agree the need for story telling, or putting a narrative on what a solution or technology can do is important.

How about this story: LinkedIn keeps violating privacy and forging emails from my friends, pretending that they want me to join them on LinkedIn. So, I start with a negative opinion of LinkedIn.

Then, every time ZipRecruiter sends me a link to a job opening at LinkedIn, it takes me to Experteer, where a stern-faced man scolds me for not paying Experteer for the privilege of applying to these companies. At this point, I can believe LinkedIn has a skills shortage.

Hi, Fi: Google JOWL-SLAPS mobile bigguns with $20/mo wireless service

Decade
Paris Hilton

Re: Wow!

Republic Wireless… unlimited minutes and texts and data at 3G speeds… $40/month gets unlimited 4G…

Ugh. Republic Wireless still advertises “unlimited,” but they actually limit it to 5GB now. It’s in the small print. Still, more data for the money than Google, and the no-data plans are cheaper.

Decade
IT Angle

Re: Wow!

It's a hybrid of the business plans of Ting (variable month-to-month pricing without penalties), T-Mobile (free international texts and data), and Apple (special SIM card).

Not to mention Republic Wireless. In fact, a few days ago, Republic Wireless announced that they intended to start testing a cell phone plan that pays you back for data you don’t use. The concept renderings show that they might give you control over which processes are allowed to use cell data.

In the meanwhile, Republic Wireless already has WiFi to cell handover, and $25/month (before taxes) gives unlimited minutes and texts and data at 3G speeds. That’s only 500MB on Google’s plan. $40/month gets unlimited 4G on Republic Wireless, but only 2GB on Google Fi. I’m not especially tempted by Google.

The downsides of Republic Wireless are that it’s Sprint-only, you have to buy a Republic Wireless phone with a Republic Wireless firmware that is several months behind Google and Motorola’s firmware releases, handover is not actually seamless in my experience, and there’s practically no roaming. I’m willing to overlook a lot, though, because I’m personally on the $10/month (before taxes) no-data plan. That’s half of Google Fi before data.

D-Link router patch creates NEW SOHOpeless vuln

Decade
Linux

Re: FOSS that you can rely on

99.999999986%

Because of course a fully open-source Linux distribution for routers doesn’t exist, so only the most dedicated of nerds is able to install and use it.

Decade
Linux

Re: FOSS that you can rely on

The thing is, I hate shopping for networking equipment, so I don’t do it that many times more than I have to. The OpenWRT Wiki is one place to start, but I think doing shopping there is a waste of time.

My current hunch is that Qualcomm Atheros is the best combination of open source friendliness and speed. I don’t care about top speed anymore, as long as it works well enough, because no matter what you get, it’s obsolete in a few months. My router is a Buffalo WZR-600DHP flashed with OpenWRT, and I think the most promising of the AC1750 routers is the TP-Link Archer C7.

I don’t know any good AC3200 routers. I would look for both radios being Atheros, because it looks like a bunch of companies now pair an Atheros WiFi SoC with an open-source-hostile 802.11ac radio. WikiDevi looks like a fun web site for tracking this sort of information.

Decade
Linux

FOSS that you can rely on

The more I see, the more I am convinced that Free Software is the only long-term reasonable software. And not the fake Open Source with Closed Extensions, like DD-WRT does with its pervasive use of proprietary kernel modules.

I would not buy the D-Link DIR-890L because I would look it up and see that it’s based on the Broadcom BCM4700-series SoC. Those things don’t have usable open-source drivers for either wired or wireless network adapters. Plenty of people compromise and use only the kernel that ships with the device, so that the drivers work, but I prefer to buy devices where I can actually patch any vulnerabilities and recompile the firmware.

Cisco boss Chambers: It's our fault H-1B visa shakeup is struggling

Decade
Facepalm

Win the American public with American jobs

Over in Lala Land (Washington, D.C.) the executives and lobbyists keep on saying that they can’t hire enough tech workers, please give us more visas.

Meanwhile, in Silicon Valley, I’m applying to many tech jobs, and the hiring managers all say that they have no trouble filling those positions. When they say, “Hot job market,” they mean they have both plenty of openings and plenty of people to fill those openings. Google and Microsoft have strict limits on applications, and Apple just throws applications away. Facebook allows job seekers to apply to only 10 positions per year, to cut down on the work. This is not the behavior of an industry that has a problem finding people willing to do the work.

This isn’t really about immigration. This is about the capital class exploiting the labor class.

Affirmative wrist action: Pebble Time raises 20 MEELLION BUCKS on Kickstarter

Decade
Meh

Re: hmmm...

For me, the appeal of a smartwatch is as an alternative control and notification system.

I stopped wearing a watch 5 years before I got a cell phone, when I started carrying around a PDA. It's just much better at everything a dumbwatch can do, except for immediate access and battery life. Now I use a smartphone.

But a smartphone sucks. To interact with it, you enter the unlock code and then hunt down the app that you want to use. Taptaptaptaptap, swipe swipe, tap, wait which messenger app, tap, wait, tap... I'm getting repetitive stress injury from this thing.

Part of it is that Android sucks. I miss Maemo and its extensible chat program. But I imagine that I can decrease the pain by using a watch to unlock the phone, and to do other routine interactions.

With a little more independence and a lot more security, I think a watch could be pretty useful. For example, I hate carrying keys. It would be nice if I could do that watch-door-entry trick from the hotel, but at my home and work. I guess a lot of people like the heartrate/pedometer sensor thing, too.

Decade
Boffin

Re: Not quite as hacker-friendly as I want

Luckily somebody's already figured out how it works without an account...

https://f-droid.org/repository/browse/?fdid=nodomain.freeyourgadget.gadgetbridge

That's interesting. It didn't show up when I searched for alternatives for Pebble's proprietary software...

Oh. That's why. I read the Terms of Use and discovered their offensiveness on March 13, and this AGPL-licensed alternative was first published on F-droid on March 19.

At this point, I prefer to wait for somebody else to confirm that Gadgetbridge works with Pebble Time, and maybe also see if somebody releases an alternative to the software on the watch itself. A lot of people didn't like the original Pebble's software upgrade to 2.0, and it's nice not to depend on such a deceitful company.

Decade
Boffin

Re: Not quite as hacker-friendly as I want

I actually tried to look this up and failed - do you have a link for those claims...?

God forbid you actually read and interpret the Pebble Terms of Use that I linked to.

1) Figuring out how it works so you can use the watch without the account.

Section II paragraph 2 sentence 2: You may not decompile, disassemble, reverse engineer or otherwise attempt to obtain or access the source code from which any component of the Services or the Service is compiled and interpreted, and nothing in this Agreement may be construed to grant any right to obtain or use such source code. (Emphasis added.)

2) Using anything you learn from the Pebble to make your own anything, competitor to Pebble or not.

Section II paragraph 2 sentence 3: You agree not to copy, duplicate or imitate, in whole or in part, any concept, idea, business model, business process, product, service or other intellectual property or other ideas or content embodied in the Services or learned by you from your use of or access to the Services. (Emphasis added.)

3) Disparaging Pebble in public.

Section III paragraph 2, excerpt: You may not: 12. portray Company or its affiliates in a negative manner or otherwise portray its services in a false, misleading, derogatory or offensive manner;

4) Accidentally breaking the Pebble service.

Section III paragraph 2, excerpt: You may not: 13. use the Services in any manner that could damage, disable, overburden, or impair our servers or interfere with any other party's use and enjoyment of the Services;

“If a term is illegal, act like it’s legal anyway.”

Section XIV sentence 8: If any provision of this Agreement is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should endeavor to give effect to the parties' intentions as reflected in the provision, and the other provisions hereof shall remain in full force and effect. (Emphasis added.)

Decade
Unhappy

Not quite as hacker-friendly as I want

I thought the Pebble Time was quite tempting, with an open SDK and useful battery life without excessive bulk (It's amazing what comparisons against the competition will do to your perspective), but it's actually a walled garden every bit as restrictive as Android Wear or Apple Watch.

To make the watch anything more than a decoration, you need a Pebble Account. And the Pebble Account Terms of Use prohibit, among other things:

1) Figuring out how it works so you can use the watch without the account.

2) Using anything you learn from the Pebble to make your own anything, competitor to Pebble or not.

3) Disparaging Pebble in public.

4) Accidentally breaking the Pebble service.

I'm sure at least some of those terms are illegal in the state of California, and they even insert a provision at the end that basically goes, “If a term is illegal, act like it’s legal anyway.”

But, you know, nobody reads the terms of use.

Apple takes ACID-compliant NoSQL upstart FoundationDB

Decade
Linux

Re: FOSS that you can rely on

Did you miss the part where these guys pulled their Github repos?

If it's FOSS, then there are copies elsewhere. Like when Oracle ended OpenSolaris, the illumos project continues. The primary sponsor of Node.js just released work that they've been doing to put Docker containers on illumos. Or when Oracle made MySQL less attractive, the founder forked it and started MariaDB. The benefit of FOSS is that a company can't revoke your access to it.

No, FoundationDB was never FOSS. Its Github repositories were mostly bindings so you could use FoundationDB from various languages. They're useless by themselves. And an SQL parser, which was actually forked from Apache Derby, and there are copies elsewhere.

Decade
Linux

FOSS that you can rely on

The more I see, the more I am convinced that Free Software is the only long-term reasonable software. And not the fake Open Source with Closed Extensions, like Monty Widenius originally did with MySQL.

You just can't build a lasting business on somebody else's proprietary software. It is always vulnerable to the changing priorities of its owners, even if the owner is as rich and developer-friendly as Microsoft, as the users of Visual Basic and FoxPro have discovered.

Broadband routers: SOHOpeless and vendors don't care

Decade
Facepalm

Re: Why does this problem exist?

The problem exists because of tradition.

The networking companies have always sucked. Back when NICs were add-on parts, unless you got your NIC straight from 3COM or Digital, it would just be the lowest-bidder chip and board. You could never depend on the model number, because they completely changed the insides without changing the model name.

When they started making routers, they just brought these bad habits with them. They make no promises about what's inside, because they like to have the option of changing it when they find a way to save a few pennies. This makes it difficult to shop for a device for use with open-source firmware.

Superfish: Lenovo? More like Lolnono – until they get real on privacy

Decade
Linux

Re: Problem is inherent to closed source

Alright, I was in a hurry when I wrote that first reply. Properly, I should have said, “free software,” but the distinction is too complicated to explain quickly, and Eric Raymond and Bruce Perens are bad men who made “open source” the instantly recognizable phrase instead of “free software.”

The crucial bit is the freedom to seek your own software providers. Don’t trust Canonical? Then take advantage of their hard labor and use Linux Mint. Don’t like OpenSSL? Then sponsor development of LibreSSL. Feeling cynical about Code.org’s message of universal coding? Just code for yourself.

The open aspect is also nice. Apple sends your searches to spammers? Nobody knows until somebody does a packet capture or something. Canonical sends your searches to Amazon? There’s immediate outcry, and, before it even ships, multiple opt-out methods are provided. Including that Linux Mint option.

Everybody knows that nobody upgrades the software on their computers. Part of that is the training: Everybody is told that they are not supposed to modify the software on their computers. This goes all the way back to the beginning of the software industry, exemplified by Bill Gates’ Open Letter to Hobbyists: Since he made the software, only he has the privilege of modifying it, and everybody else should pay him to do so.

That set up a dysfunctional dynamic, so that the bosses of Lenovo thought it was a good idea to put a little piece of unvetted closed-source software onto their customers’ computers. After all, the rest of the software is unvetted, all the way down to the operating system and the firmware that runs before the operating system runs. What more harm can one little bit of software do? (Plenty, it turns out, this time.)

Decade
Linux

Problem is inherent to closed source

The truth is that privacy has no real meaning when you use closed source software. Open source might make your heart bleed, but everything is out there and open. There are no secrets. With closed source, it's ultimately just a trust game.

That's why I say that, in the long term, open source is the only reasonable option.

Smartphones don’t dumb you down, they DUMB you UP

Decade
Flame

GPS maps are not the same

The main difference between a GPS and a proper map is that a GPS is angled and automatically oriented, so in theory you could look down at the map and up at the street and see where they correspond. No need to tilt your head and compare street signs to see if you're going the right way.

I'm finding smartphone GPS to have some pretty bad directions. For example, when I'm in the middle of a block, and the road curves, sometimes Google says, "Slight right." A completely useless command because, if I don't "slight right," I'll run off the road or into oncoming traffic. Other times it will say, "Turn left," but when I stare at the GPS map, it shows a sharp right that I must take before I can turn left. And you always need to beware directions that are illegal and/or unsafe.

‘Whatever happened to Vladimir Putin?’ and other crap New Year prophesies

Decade
Boffin

Re: IPv6 and local clouds

That's because they have the riches necessary to secure a supply of globally reachable IP addresses. In exchange, whenever you want your devices to communicate, Google/Amazon et al. act as pervasive men-in-the-middle.

What I want from IPv6 is the ability for my devices to communicate with each other, even if they are not on the same LAN, without designing backdoors right into the architecture, and without horrible hacks like OpenVPN.

Decade
Boffin

IPv6 and local clouds

One of the reasons I've long been eager for the IPv6 transition is so you can run your own cloud-like things. The Internet was built to be decentralized. Why should your activity be held hostage to one provider?

Now that I'm older, I see the impossibility of security updates, so I'm going to reserve the cloud-like thing to myself.

You have a 'simple question'? Well, the answer is NO

Decade
Paris Hilton

Apple doesn't change connectors often. That is not the problem.

I don't know why you're complaining about the Apple connector, Dobbs. Apple has changed the connector only 2 times in the 13 years since the release of the iPod (from Firewire to 30-pin, and from 30-pin to Lightning), and they've used the Lightning connector for 2 years already. Likewise, Apple laptops have changed power connectors just 3 times in the past 16 years. I know you're slowing down in your old age, but I think this complaint is something you should keep to yourself.

In the same time, other companies have gone from proprietary mini-barrels to mini-USB to micro-USB to micro-USB 3, and now they're contemplating USB 3.1 type C. And you almost never can use the same power adapter for 2 different PC laptops, even from the same manufacturer.

What annoys me is that the Apple cord designs seem to be inspired by explosive seed pods. Bring your cable around and use it regularly, and before long the shell is splitting apart and the wires are unraveling. I get around that by exploiting the power-efficiency of Safari and the marvelous battery life, to leave my power cable safely at home. And Apple charges way too much for their cables; you should be buying Lightning cables on sale from an online retailer like NewEgg.

Armouring up online: Duncan Campbell's chief techie talks crypto with El Reg

Decade
Childcatcher

Re: Abandon SMTP

I disagree. The problem is SMTP. It can transmit using TLS, but that is trivially removed by ISPs. The source and destination are completely clear to the mail service, and it turns out that the metadata are important. And encryption is something that takes additional effort to add, so nobody will do so without an IT department doing it for them.

S/MIME is nice, within its limitations, but it just proves that SMTP email is flawed. As long as email is plaintext by default, the email clients don't sound off klaxons about it being insecure. Instead, security is represented by the addition of a small checkbox in the corner. Watch for the checkbox, or else your email is just silently in plaintext.

You can install a CA-signed S/MIME certificate for free from StartCom. So nobody does so. And even if you get one, you can't install it in the default Android email client. Because plaintext is the default. We need a new protocol where encrypted and authenticated is the default.

Decade
Mushroom

Abandon SMTP

We should just stop using protocols that are not secure by design. Encrypted email is hack after hack on top of SMTP, and it's just not realistic to expect anybody to use it correctly, consistently.

The problem is that I don't know of any viable alternatives. Silent Text seems nice, but niche. Any viable solution needs to be free and open-source. I don't have time myself to make such a solution.

As for the web of trust problem, I don't think normal people can make it work. The problem tends toward centralization. I like Moxie Marlinspike's idea of Trust Agility, with certificate authorities who work for you rather than for the services who want you to trust them enough to give them money. This is a social problem more than a technical problem.

This week it rained in San Francisco and the power immediately blew out. Your tech utopia

Decade
Mushroom

Disruption from mild weather is not unique to San Francisco

I think this storm damage is just a sign of how wonderfully mild the weather in San Francisco is. We have high winds and heavy rains so seldom that it hasn't been worth it to make the infrastructure resilient to it. Just like Atlanta, Georgia, with snow.

Also, in my area of San Francisco, there was no power outage.

Intel: Grab these platform shoes and dance to OUR Internet of Things standard

Decade
Facepalm

What platform?

"MQTT, HTTPS, CoAP, REST, XMPP, QOS, etc." That is not a standard. That is a bottomless fountain of work for consultants, trying to get everything to work together.

Yahoo, Bing beg 'right to be forgotten' wipers: Don't FORGET about US

Decade
Devil

Google is becoming too slow

Sometimes I use Bing or DuckDuckGo. Not because of fear of Google, but because Google search is becoming glitchy. I would enter a search term, and it would take half a minute for Google to respond. And their search results page has become bloated with advertisements for their other services.

If my device is showing icons for alternatives, and I don't feel like risking a wait, then I'll click on one of them. So far, DuckDuckGo and Bing have been nice and speedy, and relevant enough for the searches that I've been doing.

Page: