Posts by Christian Berger

Re: Two inputs, no output?

Well there's a German word for what would likely happen. It's "Koterbrechen", and for the benefit of the readers I will not translate it.

Re: One bus to rule them all?

Well external PCI-E on a PC is a very bad idea, as it allows an external attacker really easy access to your PC.

However PCI-E is already common in some more exotic places like Routers. High performance routers (the kind that needs kilowatts just to drive the fans) already use PCI-E to connect the interfaces. They use a fabric of PCI-E switches there. This might even be the first area we see those new interconnects.

Re: Stinks!

"Methane is a gas often found in trumps (farts to our 'Merkin cousins)"

Are you sure that word is not in common use now in the US?

Re: Sounds like you need a modified device

This was apparently on the Play Store and worked on unmodified devices.

The problem simply is that sandboxes don't work. They may improve security a bit, if you manage to make them without increasing the complexity a lot, but they don't work against malware. We'd probably be better off with a simpler device which features a "mobile touch terminal" that would connect to remote services without actually executing Turing complete code.

Re: Wrong Direction

I think that screenshot also shows many of the problems with metro nicely.

The right one isn't particularly good, but at least you have a decent amount of information on your screen, as well as some aide to help you distinguish between mime types and protocols.

Whereas the new look wastes lots of space and gives you no clue on what's going on. Does that column with the different "Internet Explorer" Logos have anything to do with what's on the left? How can I disable individual types?

Re: RIP Skype ?

"a slow 3g link and none of the SIP codecs would work reliably."

Well as far as I've seen, most wireless carriers detect VoIP and give it a very low priority on 3G networks. I guess they detect small UDP-Packets coming at regular intervalls as the first second or so usually works. However with LTE that works like a charm.

I guess Skype can also use TCP for voice streams. That's a bit harder to detect.

However, if you are on a 3G link, you might as well use that for telephony. WDCMA/UMTS was designed for isochronous streams.

Yes, but

"The problem with your thesis is that code is ultimately written by humans."

Of course, however as there are huge differences in how safe people drive, there are huge differences in how safe people code. The self driving car industry (or whatever of it already exists) has the great advantage of still having a concept that appeals to people. Therefore they still get good people who are sick of recognizing product images to place more efficient ads.

However in the comming years, as more and more companies enter that market, that might fade, and you only have average or even sub average programmers in such companies. Also programmers will realize that, although self driving cars sound cool, any car-based future is likely to fail, simply because we don't have the resources to sustain everyone having a car.

Re: "So far virtually all customer modifications of IoT devices made them more secure"

That's why there are additional security measures. For example in most civilised countries they add a special smell to the gas and if you think you smell something, you have a special hotline which sends you a technician to check it out within an hour or less... no matter if it's day or night.

Re: I have a feeling that ...

Yes, this is just the serial port. Many of those systems have the ability to load iso-images as CD-ROMs... since Windows automatically mounts new CD-ROMs it sees and executes code from them, that's easily wormable.

Simply put, the more complexity you put into a system the less secure it'll get. Here you even have hidden complexity, as many people will not know about that feature. Since it's also on your main network interface, you cannot even go the sane way and use a dedicated control network. (or in fact have it on a separate switch and just activate the ports you want to do maintainance on)

You have obviously not understood the bubble economy

"How much is London to Edinburgh in Hyperloop going to cost?? And what volume of traffic and fares is going to justify it?"

Just just generate enough hype to get the money from investors... then go bankrupt when the current bubble bursts and buy the assets again for a fraction of the original price.

That's how we got the Iridium satellite system. That's how we got long distance fibre in Germany. (In fact near some Autobahnen you could find fibreoptic cables not yet dug because the company ordering it went bankrupt while it was being layed.

Simple...

... they look at the top 100(00) sites their ads are already shown on manually, and then whitelist those which seem to be OK. That's feasible for any ad company.

If you have a business model based on selling ad spots, that puts you in a difficult situation. Unless you are already among the top sites you'll never be able to run any ads and therefore have no or less income.

Re: There are 2 parts of caller-ID

Well the main point was, that the cost of a call now is so low that you can just make one... even internationally.

A far bigger problem are closed numbering schemes, where it's easy to predict telephone numbers. In Germany, for example, there are open numbering schemes. So your area code can have anything in between 3 and 6 digits, and your subscriber number can have anything over 3 digits. I have a 7 digit number, but the next door butchery has a 3 digit one, both in the same area code. Therefore you cannot guess telephone numbers.

Well for Linus that's self defence

He did have a case when somebody wrote some code and offered it to Linux. Linux politely rejected it, but he was misunderstood as if that code could be in the kernel if it was only polished, so the person worked on it for some months and offered it again... where it was of course rejected again. The coder then took his life. That's why it can be problematic to be to polite to people.

We have to understand that there are areas we cannot afford inclusion. It's like making sure only qualified people are in an operation room during a surgery. Infrastucture projects must be maintained by qualified people, not by people who believe that, just because they came up with all the bad ideas of the 1990s again, you could work in operating system development.

Free Software has the problem of a huge influx of bad coders. People who, like in the 1990s, build hugely complex architectures without ever getting to the point where they offer any use.

Re: Re-skilling older workers

Well those "free IT courses" are usually about how to use the current version of Product X. What you learn there usually will be completely useless within months.

Re: I might be a bit naive...

Actually all of that can be done with ZFS easily. Things like making a "snapshot" of your filesystem get done in sub-seconds. That's not quite a backup, but something to save you from the occasional "oops".

BTW rsync's main features is to compare 2 files. So in case your local file, or the backup gets corrupt, it'll make another copy.

Obviously, you'd still want to store your old snapshots as full backups to some external medium like tape. At least in a professional environment.

Re: I am very impressed

Well VCs don't like risk, and this is a product which already exists a dozend of times on the market, and it sells. So why not set yet another one of those.

It's impossible to change companies

Typically companies are entrenched in the way they work. Even if you know where the problems are, you cannot change them.

Typically problems get hidden from the that could, in theory, change something, but even if they want to change something, it usually fails.

Re: Android Wear is shockingly bad

Well there are some problems which prevent ideas from emerging.

First of all, it's comparatively hard to develop for such watches, regardless of manufacturer. Typically you need to install some kind of development environment on a separate computer. Adding to that may be the time you need to get aquanted with that. That process is to slow to hack together a prototyle to satisfy an immediate need. Therefore most good ideas get lost.

Then there are some dogmas, like having a TFT or OLED display, both needing far to much power... and having a fully blown operating system which is then cut down to displaying a clockface and some notifications. That also takes lots of power. The Pebble approach is much more sane.

If I was to design such a device, I'd include a simple development environment, like an old school BASIC Interpreter, and make that accessible via ssh or telnet. Essentially you'd enable that on your phone, it would display its IP-Address as well as a security token you can use as a one time password. Since most applications that solve a problem can work in less than 100 LOC, that's still managable.

Re: No - systemd doesn't offend me

"Maybe people who have actually used (as opposed to just flaming) a systemd-based system for some time, and got used to it?"

I have, and I regularly have weird behaviour that's annoying. I don't know how much of that is due to systemd, and how much of it is due to all that Freedesktop crap, but it's certainly another step down for me.

Re: Another good reason to avoid Android

Well actually, as a German, I have never seen my government defending me against the US, or US companies. (see NSA scandal) However there might be a tiny little chance they might do something against the Chinese.

BTW economic wars typically aren't between countries, but between the ultra-rich and the rest.