* Posts by bazza

2196 posts • joined 23 Apr 2008

What do WLinux and Benedict Cumberbatch have in common? They're both fond of Pengwin

bazza Silver badge

Since it is the Gnu tools running on the NT kernel it isn't really Linux - if anything it's GNU/Windows

Kinda goes to show that it’s not really the Linux kernel itself that people depend on, it’s the Linux system call interface specification that actually matters. Because that’s what all their favourite tools (from glibc upwards) target.

MS aren’t the first to do this of course. Solaris, FreeBSD, QNX have all been there before. MS have simply made it very easy...

Boeing... Boeing... Gone: Canada, America finally ground 737 Max jets as they await anti-death-crash software patches

bazza Silver badge

Re: More than 300 dead is largely worth an abundance of caution

It is a complicated job, but at some levels it's not.

For example, it ought to be quite easy to recognise the dangers in stretching out a 60 year old design this far, indeed introducing some aerodynamic instability to be competitive. That ought to have raised alarm bells all the way up and down through Boeing, but didn't.

They really might not survive this. If MCAS is permanently condemned no matter what fixes are proposed, that's probably the end of 737MAX. Aerodynamic fixes would be very difficult, and would require a full recertification (something they've avoided for 50 years). And that'd be the end of Boeing's single aisle cash cow. They might be forced to exit the single aisle business because they've not got a replacement design on the books. If they can't make good money from 777x and 787 (the latter is working well now but who knows if it will ever pay itself back). And this is before they get sued, fined, pay out compensation to the grounded airlines, etc.

bazza Silver badge

No, I've not heard that before. But I'm certainly not an authority on it!.

However, one thing that came out of the BA38 777 miraculous crash landing at Heathrow was that the triple redundant software for part of the fuel system had been developed by just one company, to save a lot of money. They set up 3 teams, kept them separate. At the time it was irregular, but signed off as OK by the FAA and EASA.

However because this was the CAA's AAIB investigating the BA38 crash, they had the power to condemn it if they were dissatisfied and cause a global grounding. I think it was touch and go at one point in the investigation - the crash was due to a fuel issue after all - but eventually it was determined to be due to ice formation in an oil / fuel heat exchanger. This was readily resolved and the 777 carries on with it's reliable career with that software intact.

An event such as you've recalled illustrates very well the value of having on-the-ball pilots in a cockpit.

UK joins growing list of territories to ban Boeing 737 Max flights as firm says patch incoming

bazza Silver badge

Re: God, the stress involved in writing this stuff...

Er, not cardinality, but defined range values...

bazza Silver badge

Re: God, the stress involved in writing this stuff...

There is more certifiable code written in C than Ada, with C++ on the way up. The challenge is in proving that the executable is correctly implementing the safety requirements, not what language is used for the source code.

That's where specialist tools vendors like Greenhills comes in. And their OS, INTEGRITY. And guess which airliner OEMs use these things?

I like the feature in Ada where the valid range of values for a variable can be set. With only a little self discipline you can achieve something similar using ASN.1, but it's not built-in in C/C++/Java/C# like cardinality is in Ada.

bazza Silver badge

Re: An already safe...

The marketing was helped by the pilot's manuals making no mention of MCAS whatsoever. You can imagine the surprise in the piloting community after its existence came to light after the Lion Air tragedy.

This one is different to the 787 - several hundred people are tragically dead. Also worse than 787, Boeing and the FAA have lost the confidence of the rest of the world's aviation regulators. The high degree of trust that's been carefully built up over generations of engineers and regulators has been destroyed in just a few months.

That means no return to flight in, say, the UK until both Boeing and the FAA have convinced the CAA that the problem has been fixed properly. And the same in France, Germany, etc etc.

That's going to take a very long time to do. It's going to be very expensive. It can easily result in different designs upgrades being required in different countries, meaning there's no common design that's permitted to fly everywhere.

It's a total f*****g disaster for Boeing's commercial prospects. It's not like Boeing are flush with cash, they've been cheerfully paying out a share-price-boosting dividend without any real evidence to suggest that their revenue can support it and cover off disasters like this, especially when their accounting practice seems to involve something termed deferred costs...

It might be cheaper to replace the MAX with A320neos, for both Boeing and the airlines.

bazza Silver badge

Re: Avionics experts and the court of public opinion....

The reason why we're now seeing groundings is because of how the FAA and Boeing have equivacated over the implications of the Lion Air crash, made worse by the seemingly similar circumstances of the Ethiopian crash. It seems like the FAA have maintained a line of business as usual, nothing to see yet, not even giving out guidance on how pilots should be trained to deal with MCAS, fly without MCAS, etc. It's been a guidance vacuum, other than giving out a note saying "treat it like trim runaway". As I understand it that's not great, because the symptoms aren't the same as trim runaway. The info vacuum is what's finally lead the rest of the world to ground it.

There's anecdotal evidence to suggest that US pilots are now flying MAX on their own rules, having worked out what is necessary to deal with it. Whilst laudable, and no doubt benefitting from the experience of those with militarily test pilot histories, it does have a technical description; it's called 'Making it up for one's self". Which, strictly speaking, isn't allowed.

One of the US airlines has taken upon itself to give its pilots a raw view of the AOA sensors' outputs so that they can form an independent opinion of the operation of MCAS. Again, that's making it up for themselves. It's unofficial, probably not Boeing sanctioned, but probably a life saver.

bazza Silver badge

Re: God, the stress involved in writing this stuff...

That's been a problem for years now. I've seen ads years ago for Ada programmers, offering huge sums per hour. You can't do flight control software in Ruby. Python, Perl or PHP.

There have been safety critical systems written in C; nothing wrong with that, but takes a lot of very careful review.

Iranian-backed hackers ransacked Citrix, swiped 6TB+ of emails, docs, secrets, claims cyber-biz

bazza Silver badge

Re: I'm trying to think of words to describe this...

Possibly even f***************************k...

bazza Silver badge
Coat

Re: 6+ Terabytes?

I think you left this icon behind!

bazza Silver badge

6+ Terabytes?

Well, someone's got a nice fat Internet connection...

Thought you'd seen everything there is to Ultima Thule? Check this out: IN STEREO!

bazza Silver badge

And Quite Right Too!

As has become the norm, the team is positively squeaking with excitement at the new imagery.

It's easy to admit that I would be squeaking excitedly too. It's pretty exciting just looking at them!

.NET Core 3 Preview 3 takes a bow, but best not hold your breath for the final release

bazza Silver badge

Re: Yeah...

I had heard that one obstacle was that WPF made use of DirectX, and that some of the visual effects might not port. I'm not too fussed, I'd be quite happy with just a dull ole button, it doesn't need to be lovely rendered in 3D, if that's what it took to get it ported...

bazza Silver badge

Re: Yeah...

So no rush to port to Core.

And as I understand it, porting shouldn’t be too problematic either. So long as one hadn’t used features that didn’t exist in dotnet core (WPF?).

Open sourcing of WPF is interesting - is that a prelude to it making it across to Linux at some point? That would be quite cool.

ReactOS 0.4.11 makes great strides towards running Windows apps without the Windows

bazza Silver badge

Window of Opportunity?

Long shot I know, but there is a chance MS will open source the NT kernel before ReactOS gets close to being finished.

A few years ago such an idea (i.e. MS open sources the NT kernel) would have been seen as laughable. Today, what with their love of Linux, open source, and making money by being a services provider, it's not quite such an unrealistic idea.

YouTube's pedo problem is so bad, it just switched off comments on millions of vids of small kids to stem the tide of vileness

bazza Silver badge

Re: – are fundamentally broken.

Abused certainly, but it's naive for any ad funded free-to-use publish what you like website operator to assume abuse won't happen.

The only solution is one where users have to give legally solid ID to get an account. Then it's far easier for the full weight of law to be brought down on those posting such vileness. There would be real and painful consequences, something completely lacking today on YouTube, Facebook, etc. It's becoming increasingly clear that AI filtering just isn't working, and shows no signs of ever becoming adequate.

If that ID leverages something like the financial system, ie you have to pay to use it, so much the better. There'd be no reason to carry on with analytics, tracking, data slurping, because there'd be an actual revenue stream.

Thunder, thunder, thunder... Thunderclap: Feel the magic, hear the roar, macOS, Windows pwnage tools are loose

bazza Silver badge

I have to agree. I think the hardware and OS vendors / devs haven't thought this out very well. The problem we have at the moment is that external ports are pretty much permanently enabled, and there's not a lot one can do about it. So it is definitely a case of convenience vs security.

It would be pretty easy to design port interfaces such that they're electronically disabled unless or until an admin user enters a username / password to say "external peripherals may now connect". Logging out or screen locking should optionally disable all ports, etc.

With that, a locked laptop wouldn't be attackable, someone getting into a server room wouldn't be able to get a port to respond, etc.

Obviously that means an end to USB mice / keyboards...

Ready for another fright? Spectre flaws in today's computer chips can be exploited to hide, run stealthy malware

bazza Silver badge

Re: "I guess the order is to not do anything about it"

They have to do something, but for the reason you stated won't tell you much in advance. The changes may be not simple, though.

The changes will be far from simple I fear. Making the microarchitecture accurately implement the published temporal behaviour of the machine architecture has got to be difficult.

I like AMD's current trick, supporting memory encryption for processes / VMs in the CPU limits the ability for code to see other processes's / VMs' data. If that were to become universally adopted in OSes and Hypervisors, I can't help but think that we'd be better off than we are today.

Also I think we should get back to the days when we don't run random code unknowingly downloaded from the Internet (Javascript...). That's unpopular I suspect. These days telling computer users and devs to practise safe hex is a bit like trying to persuade a room full of swingers to knock it off (er, you know what I mean).

Europe-style 5G standards testing? Consistent definitions? Who the fsck wants that, asks US mobe industry

bazza Silver badge

Re: Who cares?

Service speed is indeed all that matters, so long as the phone and base station are mutually compatible. With the CTIA getting grumpy there's a possibility that when you go to the US one's phone won't work at all...

The CTIA is ignoring recent history, as the article says. They're in danger of repeating it! TBH it depends on who gets there first and what they do with their version of the standard. Last time, the CDMA standards were proprietary and you couldn't do anything independently, whilst GSM's standards were utterly complete and free / readily available, telling you everything there's was to know. If the CTIA learn from that, it's not necessarily the case that Europe's version will dominate.

Data-spewing Spectre chip flaws can't be killed by software alone, Google boffins conclude

bazza Silver badge

Re: "While browsers have got their act together..."

True, but it’s Google who have most heavily pushed client side JavaScript as the execution environment of choice for the modern world. A safer alternative, server side execution with client remote viewing, would cost Google a ton of cash to support. Basically it’s our electricity and hardware that runs things like Maps, Docs, etc, not Google’s.

bazza Silver badge

Re: Yeah, ARINC PIXIE DUST

Almost all CPUs have the issue, with the exception of the real VLIWs such as ELBRUS and EPIC. That includes PowerPC.

That’s not wholly correct. Only some ARMs and PowerPC variants are affected by SPECTRE.

According to your logic, we just need Boeing and Airbus to sprinkle some ARINC pixie dust over all these speculative execution CPUs and we are safe?

Well, if you take the pixie dust to be “don’t run software from some untrusted third party” (ie the system has been fully tested and evaluated, an ARINC requirement probably) then the answer is “Yes”. The real problem is the architecture of today’s web and the unwitting execution of random code from wherever. SPECTRE and MELTDOWN are just the latest flaws to hint that it’s a bad idea. They’re also the most spectacular.

We have been here before, with just common or garden JavaScript engine flaws, etc. There’s no practical difference between flaws of this type that haven’t been disclosed to the developers and SPECTRE; both are unfixed and exploitable. The only difference is that we now know that will always be the case for SPECTRE.

Furious Apple revokes Facebook's enty app cert after Zuck's crew abused it to slurp private data

bazza Silver badge

Re: Popcorn time!

It's one thing to swing the ban-hammer at Facebook... Google is another level. Waiting to see how this shakes out.

One thing that might happen is that legislators see an easy way to ban social media apps; they could compel Apple and Google to revocke the app certificates. That’s a lot cheaper than national firewalls.

So that doesn’t work on PCs but it’s a pretty good step along the path to eradication.

AyyyMD had an Epyc quarter: Server chip shipments 'more than doubled' Q3 to Q4

bazza Silver badge

Simple

Put a good product on the market at a good price, and selling it is easy. Well done AMD.

I do wonder if AMD's decision to divest itself of its fans is now looking like a good idea. They can pick and choose from the contract fab outfits, inc Global Foundries, Intel can't.

Apple: Trust us, we've patented parts of Swift, and thus chunks of other programming languages, for your own good

bazza Silver badge

Re: Genuine Question

Thanks for the replies :-)

Trouble is that you ask teeth for the small fishes and you get fangs for the sharks.

and

Yes, the problem you cite is a very serious one. Unfortunately, "defensive" patents are things that are effectively unavailable to anyone but the very well-funded. If you can't defend your "defensive" patent -- which takes money -- then it's all but useless.

So we're basically in the position where we have a well funded, well fanged shark that is promising not to use them, and we just have to hope that the shark doesn't get too hungry? Seems to me like there needs to be some political leadership / action on such a matter so that the patent system gets oh hang on, silly me.

bazza Silver badge

Re: probably a misguided move against GCC and GPL

Now that they patented Swift, GCC and the FSF won't touch it. That leaves Apple and Apple LLVM in complete control of Swift.

Er, Apple could modify GCC themselves and offer it up under the relevant GPL. That'd be a fairly clear indication of intent to the FSF. It'd be a pretty rum court case if Apple were to then sue someone for patent infringement, having made it even more publicly available than they already have and having made some fairly unambiguous statements of intent about the matter. It would be even more odd if they were to win it...

The GCC project could of course reject such a contribution, but that'd be an interesting stand to take.

bazza Silver badge

Genuine Question

Setting aside the (dubious?) rightness of software patents just for a moment, I do have a ponderable.

Suppose a company did have a genuinely software patentable idea, and did want to give it away to all and sundry in a way that definitively did mean "no one can ever get sued ever for using this or derivative / cloned work". Patentable work ought to be patented by such a munificently minded company, if only to prevent some other more malignant organisation saying, "thank you very much, I'll have that" (especially as the whole prior art thing seems pointless these days so far as the granting of patents is concerned), or "I'll copy that, make some incompatible changes that wrest control away from the owners to the detriment of all" (e.g. MS with their "Java" back in the day).

I simply don't know what ways there exist to achieve that aim to the satisfaction of all, without holding a patent, and without having some sort of threat of legal teeth to defend it. I suppose assigning the patent to the Swift organisation would be an improvement. I wonder if that comes with problems so far as bareing-teeth-when-required is concerned? What is a better way?

(I'm not connected with Apple, Swift, Oracle, Google, MS, etc in anyway whatsoever).

World's favourite open-source PDF interpreter needs patching (again)

bazza Silver badge

Re: "Tavis wants people to stop using PostScript"

Untrusted code of any sort is a bad idea, including Javascript in Web pages.

Code should have a good provenance before letting it loose in one's IT.

Whats(goes)App must come down... World in shock as Zuck decides to intertwine Facebook, Instagram, WhatsApp

bazza Silver badge

Re: BlackBerry Messenger

BBM is still there, available on every platform (iOS and Android), works a treat. Even works on BB10 if one is belligerent enough not to have moved on.

bazza Silver badge

Re: Signal

History has a habit of repeating. There are VCs behind Signal, probably. Some has to pay somewhere for the servers...

Crispest image yet of Ultima Thule arrives on Earth, but grab a coffee while the rest downloads

bazza Silver badge
Pint

Good Framing?

It looks like their pointing of New Horizons was correct, this photo has UT nicely centred. Hugely impressive accomplishment! Much kudos and beer owed by us all!

Dear humans, We thought it was time we looked through YOUR source code. We found a mystery ancestor. Signed, the computers

bazza Silver badge

Re: Mystery Ancestor

Latin name milkus mannus

Otherwise known as Pat Mustard.

Begone, Demon Internet: Vodafone to shutter old-school pioneer ISP

bazza Silver badge

Re: Bye bye.....

Another former Demon customer here...

For those that can remember that far back, one of the advantages Demon had was their own line to the USA - they'd rented their own bandwidth on a transatlantic cable. That made the internet a touch faster, as their traffic (most servers were in the US those days), didn't get mixed in with everyone elses, so it was as good as dial up could get.

What's the fate of our Solar System? Boffins peer into giant crystal ball – ah, no, wait, that's our Sun in 10bn years

bazza Silver badge
Mushroom

Boom!

Hmmm, a ball of white hot crystalised carbon with a sphere of solid oxygen in the core. There's plenty of scope for the mother of all chemical explosions at some point!

The D in SystemD stands for Dammmit... Security holes found in much-adored Linux toolkit

bazza Silver badge

The choice of C is very peculiar. For a load of non-kernel root code handling critical data doing important jobs, picking a language where it's far harder to make mistakes with memory usage / handling would be less peculiar, eliminating a whole class of cock ups from the project.

Rust, anyone?

bazza Silver badge

Re: OpenBSD

Er, Pledge is a brand of furniture polish, gives one's desktop a lovely shine. Happy coincidence?!

This is the final straw, evil Microsoft. Making private GitHub repos free? You've gone too far

bazza Silver badge

Re: As ever

"If you're not paying the owner of the product for the product, you are the product."

Er, in this specific case you can pay for GitHub, as an Enterprise or Pro user. That makes this repricing of GitHub nothing more than a simple marketing exercise, to encourage future customers. Nothing particularly evil there AFAICS.

It's certainly very different to the change in WhatsApp price to zero when Facebook took over. It's looking increasingly like they're going to try and convert users of that into product. Facebook recently refused to guarantee that end to end encryption will be kept ad infinitum.

Is Google purposefully breaking Microsoft, Apple browsers on its websites? Some insiders are confident it is

bazza Silver badge

Re: So now they know how it feels ...

OS/2 did run Windows 3 quite successfully. This was because IBM licensed the source code from MS, so Windows on OS/2 was perfectly legitimatel.

I can remember articles about this, including one where the first thing IBM did was compile the code, just to see if they’d got everything. And they had, it worked just fine. However, because they’d used the Watcom compiler instead of the MS compiler, it ran quicker...

The real barriers to this being taken further was when MS started putting 32bit code in. The address space layout they went for required 2GB of virtual address space (note, not an actual 2GB of ram), whereas OS/2 was stuck with a maximum of 512MB per process. Can’t really blame MS for that.

Microsoft to rule the biz chat roost – survey

bazza Silver badge

Re: That's the theory

Never tried it myself. Is it a nice friendly text box one can type SQL into?

Latest Google+ flaw leads Chocolate Factory to shut down site early

bazza Silver badge

Re: Google does it's usual...

All businesses close things that don't make money.

Not all businesses treat individual units as separate businesses that have to stand up on their own. Some take a big strategic picture view of their entire business, and tolerate a loss in one area if it helps makes a positive long term contribution overall. Speaking entirely subjectively, and therefore possibly unfairly (apologies in advance) this is more commonplace outside of the USA...

Google shutting down Google+, and indeed the whole way they've handled its introduction and forced promotion, indicates that Google is now separate business units, pursuing mostly independent strategies. That's not good for their long term future. Their users don't want to have to treat Google as a bunch of disconnected businesses...

Open Goal?

With Facebook rapidly becoming public enemy #1, and Google exiting the arena without a replacement too, one has to say that there's a good opportunity for someone else to butt in. Say a big company stood up a decent cross platform social media service, with an emphasis on not slurping data at all (so they'd need to be in another profitable business area already) and could promote it well enough, it might just get somewhere. If we all liked it, we'd all be liking them, a marketing manager's dream customer base.

Who could do that? MS?, Apple? Amazon? Oracle? OK that last one isn't serious...

Boffins build blazing battery bonfire

bazza Silver badge

Re: Interesting idea

Molten salt is used for this purpose already, have easily handled temperature ranges and being plentiful (near the sea). Silicon heat storage involves much higher temperatures - so harder engineering - but is more efficient as a result.

Salt has a virtuous benefit; with available energy you can get the salt by desalinating sea water. The salt goes into your heat store, enabling the generation of electricity, and the fresh water is likely a valuable resource in hot, permanently sunny areas suited to solar-salt energy schemes.

It's official. Microsoft pushes Google over the Edge, shifts browser to Chromium engine

bazza Silver badge

Re: Oh Homer - "work with anything other than Chromium"

Yep. Been using Firefox for ages now exclusively, current versions seem very good. Waaaaay better than Chrome(ium) on things like memory consumption, doing the things I want it to do, etc. Certainly not had any issues with it freezing up with YouTube....

Qualcomm lifts lid on 7nm Arm-based octo-core Snapdragon 855 chip for next year's expensive 5G Androids

bazza Silver badge

I'm Confused...

...I thought this was supposed to be a mobile phone chip. Every single spec point seems to be better than my current desktop machine.

BTW who has got the eyes to do justice to a 4k display on a phone? Superman?

Microsoft's .NET Core 3 is almost here, which means time to move on from .NET Framework

bazza Silver badge

BTW, I was mistaken about WPF being available on platforms other than Windows. It isn't (at least, not yet, not in .NET Core 3). Pity, that.

bazza Silver badge

Re: It's time...

@AC,

I don't think that the WPF component works outside of Windows, though - I seem to remember reading on a MS blog post that that was the case, due to dependencies on DirectX.

You're quite right :( I did a bit more digging, seems that those components haven't made it across. It is DirectX calls that are indeed the problem.

I wish that they would do a WPF implementation on another platform. It doesn't have to recreate all the fancy shadow / transparency effects, etc, it just needs to function.

bazza Silver badge

They're referring to applications developed in Visual Studio against frameworks like Winforms and WPF. Probably just like the ones you're writing right now, assuming you're using C#.

WPF on platforms other than Windows would be good news, which is presumably what we're getting with .NET core 3. WPF is actually pretty slick. Given the choice of that and bolting something together using GTK, I know which one I'd choose.

bazza Silver badge

Re: It's time...

I don't see any particular need to duck and cover...

I've occasionally had to worry about cross-platform desktop apps and Qt is a good choice. It even works on BB10... However I actually quite like WPF, simply because of the data binding you can do in xaml. Get that right and it's a highly satisfactory way of doing things. The fact that .Net core 3 has got this is fantastic news IMHO.

It'll be interesting to see just how much of MS's software uses .Net and could now become cross platform, just like that. MS might have succeeded where Java failed so spectacularly for desktop software.

STIBP, collaborate and listen: Linus floats Linux kernel that 'fixes' Intel CPUs' Spectre slowdown

bazza Silver badge

It's not just Intel AFAIK.

This whole sorry saga was kinda inevitable as soon as CPUs started having microcode; someone was sooner or later going to end up with a micro architecture that didn't really implement the advertised machine architecture.

OK, it was a way of getting better performance from existing software on new CPU designs, but we're paying a price for that now. Perhaps if microcode wasn't so opaque, perhaps if we didn't use it at all, problems like this would be more readily apparent before they got burnt into decades worth of CPUs.

Tesla autopilot saves driver after he fell asleep at wheel on the freeway

bazza Silver badge

Re: Arrested for being drunk

It's one of the very few use cases that seems to make any marketable sense to me. Pity they can't actually do that, nor ever will.

bazza Silver badge

Re: Plan A

The police here in the UK have nabbed a Tesla-twat who was resting in the passenger seat as the car was autopiloting itself down a motorway. BBC So they're getting there...

Linux lobby org joins with RISC-V bods to promote open chip spec

bazza Silver badge

Re: There is Another Open Source CPU...

I suspect a licence fee is smaller than the cost of setting up the fab to make a chip. Or at least, I hope so! Funding a foundation does have wider benefits, if that's the scale of the license fee.

A myriad variations on the RISC-V instruction set sounds fun, but could be a right nuisance; it'd be adding to the minefield of software dependencies.

OK, so there's more to ARM than one single instruction set too, but at least that's all quite well controlled. Only a few ARM licensees have the right to alter the ISA, but they don't really do so AFAIK.

Biting the hand that feeds IT © 1998–2019