* Posts by Christian Berger

4689 posts • joined 9 Mar 2007

Vitamin Water gets massive publicity for new flavor: Utter BS

Christian Berger Silver badge

Re: Bah. It's just the usual "Too good to be true" promise

"imaginary "MA2412""

But I learned about it from a VHS video tape I got directly from the ORF-Shop. Surely their standards of reporting wouldn't allow them to just lie on video tape. It would be like if Doctor Who would turn out to just have been made up.

Christian Berger Silver badge

Re: Bah. It's just the usual "Too good to be true" promise

Of course he exists. He usually works in a governmental office in Vienna. There's been a documentary about it:

https://www.youtube.com/watch?v=5VKlXOtaFYQ

The eulogising of The Mother Of All Demos at 50 is Silicon Valley going goo-goo for gurus again

Christian Berger Silver badge

What was actually more impressive back then

was GRAIL. https://www.youtube.com/watch?v=QQhVQ1UG6aM

It was a pen only system you could program rather efficiently by only using a pen and a screen.

The internet is going to hell and its creators want your help fixing it

Christian Berger Silver badge

Re: There are some technical bugs we can certainly fix

Well VNC is one way this could be done. Considering the terrible state of the web, I don't think VNC would actually require more data than the current web. After all most websites are now larger than screenshots of themselves.

However there are lots of other ways to do this. This is something I don't have a set answer for, but something I'd like to encourage experimentation.

Christian Berger Silver badge

Re: It's fascinating to see how people are so much behind the times

"There only four things that schools need to teach:"

Well those things are absolutely important, however we also need to show children the world around them. Even if you are a great learner, knowing what to learn, what might be interesting to you is hard. School needs to show you the world at least how it is now and how it was before.

Christian Berger Silver badge

There are some technical bugs we can certainly fix

For example the Web has the problem that it's possible to have 3rd party elements on a page. This used to be used for webcounters, but now is mostly abused by advertisers and Facebook.

Same goes for Javascript. It used to be an interresting idea which is now mostly abused. To add injury to insult we now have CPU bugs we cannot fix which can be exploited (in principle) via Javascript. In any case cyber currency miners are a problem.

Imagine a different protocol, one that is more like a terminal protocol. You have your "screen" which in case of traditional protocols is composed out of a grid of character cells, and in a new standard might be more like the browser DOM tree. This "screen" can be manipulated via a single persistent TCP/IP connection. If you just want to display a quasi static document, the DOM tree includes some sort of URL for links and you send that URL when connecting. After the whole "screen" has been transmitted, the connection is dropped or put into an "idle" state from which you can request a new page from the same server if you wish.

If you want to use an application however, the connection stays open and elements of the "screen" can send events to the server. This allows for much simpler "Web Apps" as they can now work synchronously and don't have to string together disjoined HTTP-requests into some sort of session.

The beauty of this is that it's compatible with what we already have. SSH can easily carry such a stream and you can outsource your authentication and encryption to it. One could even create it in a backwards compatible way to ANSI terminals so you can instantly use it as a drop-in replacement for your terminal.

Christian Berger Silver badge

Re: Look to SciFi for inspiration

Well we can still prepare for it, for example by making future alternatives to the web work with lower bandwidth and complexity requirements. This would allow us to have lower bandwidth devices.

I personally don't think the Internet itself is broken, IP(v6) is to simple to be broken. What is broken ist the protocolls on top of it, particularly the new ones big coorporations try to force upon us. So maybe just like when we kickstarted the popular Internet from the telephone network, we could kickstart new ways of communications on top of IP(v6).

Christian Berger Silver badge

It's fascinating to see how people are so much behind the times

I mean there already is a set of guidelines for the "Digital World" (whatever that is supposed to be) and that's the "Hacker ethic". Additionally what is needed is to educate people about computers, in order to give them some idea of how they work. In kindergarten we have learned how printing works by building our own sets of movable type from potatoes. Today computers represent a technical achievement just as important as printing was.

If you do not give people the tools they need to understand the world around them you are sure to enter a dark age in which only an elite can control the population. Democracy needs good education and we have failed to provide computer education for to long now.

Microsoft, you shouldn't have: Festive Windows 10 Insiders build about as exciting as new socks

Christian Berger Silver badge

Re: Any change to notepad is big news of course.

Well Notepad++ and Notepad are something completely different. Notepad has it's use for just being a "paste buffer" that can also strip format information from your data.

I've looked at Notepad++, and I see little reason to use it. It seems to lack a unifying vision. It just looks like a lot of non orthogonal features added to a simple word processor. It fullfills most prejudices people have about Windows software.

For fax sake: NHS to be banned from buying archaic copy-flingers

Christian Berger Silver badge

Re: Sending a photo via SMS

Sorry, I meant E-Mail.

Christian Berger Silver badge

Sending a photo via SMS

I mean yes, there were standards to send images via SMS... however I doubt there is much use in sending a 32x32 monochrome pictures theese days.

Of course the sensible thing to do would be to define a standard format for document "facsimiles" which includes a simple high resolution bitmap of the page along with an UTF-8 export of its contents.

If you ban fax machines, people are going to send office documents through mail... which is _much_ worse security wise.

Christian Berger Silver badge

Re: Ban a system that works and is malware free*...

Well that "mostly" is if you don't have a colour fax. Since colour fax machines are about as common as ice-cream cone unicorns, that's not really a serious concern.

Boffins build blazing battery bonfire

Christian Berger Silver badge

Yeah but Lithium Ion Batteries are among the most expensive

A fairer comparision would compare it to cheap batteries like lead acid.

Early to embed and early to rise? Western Digital drops veil on SweRVy RISC-V based designs

Christian Berger Silver badge

Re: What I don't understand about a memory centric architecture

"The alternatives are 'file centric' architectures"

No, there's another obvious architecture, message passing. If you build your interconnection on asynchronous messages it can scale very well. It's the concept the Transputer used.

Christian Berger Silver badge

What I don't understand about a memory centric architecture

Memory is today one of the slower parts of computing. Whenever your CPU actually has to access it it takes a long time. Caching solves a bit of the problem, but it quickly gets very difficult.

Wouldn't it make more sense to not have one of the slowest part of your computer be your bottleneck?

SEAL up your data just like Microsoft: Redmond open-sources 'simple' homomorphic encryption blueprints

Christian Berger Silver badge

It's research

No actual applications are currently on the horizon, but it might be usefull some day.

However we now have the situation of people peddling homomorphic encryption as the solution for the cloud. To those people I can simply only say, if you don't want others to get to your data, store and process it on your own computers.

It's nearly 2019, and your network can get pwned through an oscilloscope

Christian Berger Silver badge

It's actually not that relevant

Those LAN ports are barely ever used at all, and if they are used they are used with a second network card. After all the LAN port is just a cheaper way of running GPIB to a PC.

And seriously, if a single device on your network can own the whole network, you have seriously messed up.

Apple in another dust-up with its fans: iMacs, MacBooks lack filters, choke on grime – lawsuit

Christian Berger Silver badge

Re: Errr....

" I don't see a dust filter on any one of them!"

Yes, that's because through clever design those are integrated into the case. Essentially meshed surfaces are fairly decent dust filters. The idea is that they catch all the big particles while the rest will simply be blown out by the fans. I've first seen an eary concept of those in an expensive measurement device. There was a hive-like structure perhaps 2-4 cm deep just mounted on the air inlet. This structure cought all the relevant dust and kept the rest of the device virtually dust free.

Blockchain study finds 0.00% success rate and vendors don't call back when asked for evidence

Christian Berger Silver badge

Re: There's a non filler talk on that topic

"Not sure what a non-filler is"

Some sites have lots of articles without any useful content, those I call "filler articles". It seems like there are even whole conferences devoted to nothing but filler material designed to take up space and to make you look innovative even though it's extremely low on content.

Christian Berger Silver badge

There's a non filler talk on that topic

https://ptrace.fefe.de/hype/#0

Unfortunately it's in German, but Google Translate does an OK job on the slides.

Huawei MateBook Pro X: PC makers look out, the phone guys are here

Christian Berger Silver badge

In a way this article is why reviews today are mostly worthless

It gets the facts wrong while hammering about how it looks like. It ignores "no-go" areas like the missing Ethernet port or the non hot swappable battery. It doesn't actually test anything, like how long it takes to replace the keyboard. In short it's mostly worthless as it brings no information you couldn't get from the marketing blurb.

It was a lit CeBIT see, got teeny weeny, world's biggest tech show yearly party... closed its German fest's doors yesterday

Christian Berger Silver badge

Yeah, but it was dead for years

Instead of showing you new products and ideas and telling you things you couldn't read in the marketing blurbs, they just had marketing droids telling you things you already knew.

And now instead of re-focussing on technology, they did the same thing bad companies do to try and gain new employees, make a cargo-cult festival out of it.

LG: Fsck everything, we're doing 16 lenses in smartphones (probably)

Christian Berger Silver badge

Well but didn't the IPhone X already come with 438 cameras?

My source is the always reputable "Postillion"

https://www.the-postillon.com/2017/09/iphone-x.html

Groundhog Day comes early as Intel Display Drivers give Windows 10 the silent treatment

Christian Berger Silver badge

Re: Win10 telemetry had one job. And it failed.

"But... wasn't that the whole point of telemetry??????"

Why do you asume that it's for quality control? Why would Microsoft care about quality at all? I mean they had a short time when they cared about quality and every developer had to fix bugs before writing new code. That happened in the early 2000s, just after Windows XP. Although it was most likely a coincidence (Vista) managers probably see that as the reason why sales slowed down afterwards, so they do a U-turn.

Malware scum want to build a Linux botnet using Mirai

Christian Berger Silver badge

Because of Hype

"Why would any even partially competent sysadmin still do these things?"

There are lots of people out there who happen to come accross a few gigabytes of data. Then they find out that when they put it into an SQL table and don't think about what they are doing everything is slow. They decide that this must already be "big data" so they google "big data" and come accross all those tools designed for it. Since they previously have proven that they have no idea what they are doing, they will of course fail installing their fancy new toys.

People who both know what they are doing and have to use things like Hadoop to achieve their goals are rather rare. Therefore it's likely that any given installation was done by people who have no idea what they are doing.

3 is the magic number (of bits): Flip 'em at once and your ECC protection can be Rowhammer'd

Christian Berger Silver badge

Re: The obvious message here is...

Yeah, like many exploits this is hard. However that doesn't necessarily stop people from exploiting it.

Christian Berger Silver badge

The obvious message here is...

... don't run code you don't trust on your machine, even if it has ECC.

Unfortunately Web designers still didn't seem to get the message.

HPE Aruba's 510 line of campus hotspots do 802.11ax. Which in plain English is Wi-Fi 6, duh

Christian Berger Silver badge

Re: AP Powers down when not in use

"Remind me again how clients find APs in the first place!"

Yes, but the APs that run can signal the controller to turn on some extra APs. After all range typically isn't the problem with high density installations, so you'll have less APs turned on when there are less users/data, with the other APs automatically turning on when there are more users/data.

Since those installations typically have ways to nudge the user into roaming to another AP, that can work rather smoothly.... in theory.

Want to hack a hole-in-the-wall cash machine for free dosh? It's as easy as Windows XP

Christian Berger Silver badge

One has to consider that such systems are somewhat different in the US

In Europe one central idea is to have the computer itself inside physical protection, so you shouldn't be able to get to any ports.

John McAfee is 'liable' for 2012 death of Belize neighbour, rules court

Christian Berger Silver badge

also "infosec personality"

McAfee ran a virus scanner business. That's one of those "security in a box" things infosec people regularly warn about.

Creepy or super creepy? That is the question Mozilla's throwing at IoT Christmas pressies

Christian Berger Silver badge

Now if Mozilla would look at itself

They'd flag themselves for:

* doing DNS over JSON over HTTPs with Cloudflare

* putting more and more privacy invading features into the web (e.g. Blutooth, WebAssembly)

* trying to coax people into having accounts with them to share their browser history

and probably lots more privacy threatening stuff going on at Mozilla.

OK Google, what is African ISP Main One, and how did it manage to route your traffic into China through Russia?

Christian Berger Silver badge

The obvious solution would be a "Web of Trust"

After all you have lots of entities peering with each other. Each of those peerings requires an agreement. It would be sensible to use this to also sign keys, after all you typically know who you are peering with.

However I don't think attribution is much of the problem here as it is usually rather easy to find the culprit. What's really needed is route filtering.

Western Digital: And when I pull the covers off, behold as NAND becomes virtual DRAM

Christian Berger Silver badge

So... how is this different to swap on an SSD?

I mean it really sounds like that if you filter out all the marketing speak.

UK rail lines blocked by unexpected Windows dialog box

Christian Berger Silver badge

Re: Why do companies use full blown PC's for displays?

"His reason for not doing it - if I left, nobody would know how it worked."

Yes, but seriously if you actually have people who know Windows, that is justified. Unfortunately in 99% of companies using Windows, nobody has the faintest clue about Windows. Even Microsoft often seems to not have read their own documentation.

Also if I had a company with people knowing Windows, I'd seriously be worried that Microsoft buys them out, after all there are perhaps a couple of thousand people who actually know Windows, while there are millions of people who know Linux.

Christian Berger Silver badge

Re: Windows

"So that after hours the station staff can play Candy Crush."

Actually they do that on their mobile phones now.

Christian Berger Silver badge

I remember the times...

... when those systems ran on dedicated hardware on redundant hardware which would be switched in between several times per second so any error would flash. Also those systems would check every graphics primitive they have drawn.

And before that they had fault detecting relay circuits which would signal when any of their relays would fail.

Today it seems those systems are made on the least suitable systems for the job, with no thought on how to make it work safely.

NAND so it begins: Micron mounts head-on attack against 10K disks

Christian Berger Silver badge

Re: Where can I get a WLC drive to try?

Actually it's "2 Bit" instead of "1 Bit".

Russian computer failure on ISS is nothing to worry about – they're just going to turn it off and on again

Christian Berger Silver badge

Actually transistent failures are to be expected

The area up there, although not very far away from the surface of earth, is still full of cosmic radiation. Things like latch-ups, where an unintended thyristor in your chip gets started by some particle causing your chip to have a short, are not uncommon.

Though this is space flight. The task at hand is not very computationally intensive. So it's likely those 3 computers use space hardened hardware with structure sizes from the 1980s. So we are probably talking about the complexity of an early 1980s home computer.

Cisco firewalls under attack – and there's no patch: Too many SIPs and they drown in data

Christian Berger Silver badge

It's a common theme

Usually adding more complexity to a problem makes it less secure. That's why most common "security in a box" solutions had their own vulnerabilities. One prominent example was Microsoft who executed Visual Basic in a virtual machine running at "system" privilidges in order to find out if said program was malevolent. It's also common for AV systems to choke while processing obscure archive formats.

Worldwide Web wizard Tim Berners-Lee sticks wellington boot into Worldwide Web's giants: Time to break 'em up?

Christian Berger Silver badge

Let's take a look at Prestel/Minitel/Bildschirmtext/Ceefax

I mean the web has some problems. Since the technology has moved from "write the structure of your document and your browser will try its best to display it" to "stack several frameworks to micromanage your webpage to it'll look acceptable even on a smartphone". Browsers today need Gigabytes of RAM, they expose very large attack surfaces by having to support things like Javascript.

What if we look into those old online services. The biggest problem was that those were controlled by the post office. This was because back in the 1970s when they were thought up, the idea of a private person owning their own computer was considered to be idiotic. Today that is a very real possibility, virtually everybody has their own computer connected to a high speed network capable of establishing a connection in milliseconds.

What few people know is that those old technologies were meant to be extended. For example the French Minitel had a provision for vector graphics. The Singapore system even had full colour photographic images. Provisions for audio have been made and adding video wouldn't be hard.

Now think of it, building a WYSIWYG editor for those old standards is near trivial. 40x24 characters also work quite well on mobile or TV-like devices. On desktop devices you can always display "successive" frames. When using this over TCP/IP(v6) speed is no issue, and since TCP/IPv6 is peer to peer it is really simple for anyone to have their own website.

Since those standards were essentially terminal protocolls, they define a captive connection. This makes session management trivial, you have one TCP connection which is one session, no cookies or other complicated stuff to get wrong. Instead you have a fairly simple program looking for key presses and sending a file.

Of course I do not claim that this is the solution from the problems of the web, however I believe that in order to find a better solution one also must know about previous attempts and how they worked.

This one weird trick turns your Google Home Hub into a doorstop

Christian Berger Silver badge

Re: Well it's probably the Google brain drain

"It's not 'just as bad' - in ways that matter (security/privacy) it's orders of magnitude worse."

Compared to what? None of the mobile operating systems out there are any good for security and privacy. It's like comparing the tasty how tasty different kinds of industrial waste are. Sure the one coming from the sewage works might be tastier than the one comming from your lead mine, but both are not suitable for human consumption.

Christian Berger Silver badge

Well it's probably the Google brain drain

In the image of potential employees Google used to be a company supported by ads doing cool stuff. Now it seems that image shifts more and more to a company doing mundane stuff to shift more ads.

The result is that more and more of the smart people are leaving the company, leaving behind the "not so smart" people. Eventually this will mean that the average competence of the people inside the company is considerably lower than the average competence of new hires, as the "smart" ones will leave quickly while the "dumb" ones stay behind.

Eventually you are left with a company of people who are bad at what they are doing. Add the inability of those people to take any criticism and you are probably at where Google is now.

Google rarely produces "Cool stuff" any more, their Android is just as bad as any other mobile operating system, lacking a simple core design idea like all truely successful software works have.

Even their AI developments are more or less a few new ideas applied to insane amounts of CPU power.

Welcome back, 'ping of death', it has been... a few months. Now it's Apple's turn to do the patching

Christian Berger Silver badge

I mean it's Apple

Apple has had more than its fair share of security problems with MacOSX. Nobody, except for Apple fans, expects security (for users) from their devices. The only security systems which (kinda) work are there to protect business models.

Microsoft claims Office 364 back to business as usual. Oh no it isn't, say suffering sysadmins

Christian Berger Silver badge

You know the funny thing is...

... that Microsoft still calls Office "productivity software", even though virtually all things you can do with it can be done better and with less work with more suitable software packages. It's probably more of a time waster than Minesweeper and Solitaire combined.

Facebook sets Linux kernel tools free

Christian Berger Silver badge

Hmm, usually when a company does that...

... it means "We are sick of maintaining our own crap, let's give it to the community so they can maintain it for free".

IBM struggles to sign up shipping carriers to blockchain supply chain platform – reports

Christian Berger Silver badge

It's not about what they know...

"Would you mind enlightening us further about what you know and they don't?"

... but what they choose to believe. The basic idea behind a blockchain is that you have a public log which everybody can check and everybody does check in a very distributed way.

That's only superficially what logistics need. Sure a common log would be good, but it shouldn't necessarily be public, also you only have a smallish number of partners. A more sensible solution would be to have a contract (as in shipping order) which is signed by both the sender and the recipient. This will be stored at all parties who need to know, and in case of disputes every side can proof which contract was agreed uppon. No "blockchain" or crypto puzzles nessesary.

BlackBerry KEY2 LE: The first budget Android QWERTY for years

Christian Berger Silver badge

Considering there's the Gemini

which offers even normal operating systems instead of an Android that locks out the user, as well as a much more sensible clamshell design, there isn't really a reason to buy such a stripped down minimal keyboard blackberry.

Microsoft to staff: We remain locked and loaded with US military – and will keep adding voice to AI ethics debate

Christian Berger Silver badge

One could argue...

...that pulling money of armies and giving them inferiour products is a way of pacifism.

I mean SAP ensures that the German Bundeswehr can't even solve it's toilet paper logistics.

The D in Systemd stands for 'Dammmmit!' A nasty DHCPv6 packet can pwn a vulnerable Linux box

Christian Berger Silver badge

The important word here is "still"

I mean commercial distributions seem to be particularly interested in trying out new things that can increase their number of support calls. It's probably just that networkd is either to new and therefore not yet in the release, or still works so badly even the most rudimentary tests fail.

There is no reason to use that NTP daemon of systemd, yet more and more distros ship with it enabled, instead of some sane NTP-server.

Christian Berger Silver badge

Re: Not possible

"This code is actually pretty bad and should raise all kinds of red flags in a code review."

Yeah, but for that you need people who can do code reviews, and also people who can accept criticism. That also means saying "no" to people who are bad at coding, and saying that repeatedly if they don't learn.

SystemD seems to be the area where people gather who want to get code in for their resumes, not for people who actually want to make the world a better place.

Biting the hand that feeds IT © 1998–2018