Echoes from the past
European folk tales often feature shaggy, slow-witted trolls. I have often wondered if these are based on dim memories from the time modern humans lived alongside the neanderthals.
1981 publicly visible posts • joined 18 May 2007
Sadly for their plans, the law requires that devices remain fit for purpose for a number of years [...]
Sadly, law, or its enforcement, has not kept up with the phenomenon of devices that in principle work two year later as well as the day they were bought, but are insecure, or incapable of browsing the latest web sites because of the actions of the site maintainers (sticking in more and heavier Javascript crap, with the latest features of Javascript and HTML).
The entire information technology sector is based on planned obsolescence. Especially software, because it does not wear down, but even most hardware is usually replaced while in perfect working condition, hardware-wise.
She believes Google’s partners are wary or the giant’s control of the Android operating system and efforts to push its own devices, competing with them.
I recall Nokia execs saying something similar at the time they chose WP instead of Android...
As Yoda said about Sith lords, always two there are. The third, fourth etc., technology platform will have a very hard time making any inroads. I dub it the "Yoda's Law".
Some years ago I watched with my kid a borrowed DVD featuring Playmobile pirates. Interestingly, it was a kind of interactive story where at certain points you could go down different paths (alternatively, you could watch a straight pre-chosen story). Pretty nice, actually.
But maybe this is counted as a video game, not a movie.
The "error" must be the missing "case" keywords.
Correct. I myself have made this kind of mistake years ago, and it took a very long time to find! (even started to suspect a compiler bug). Also have seen it a couple of times in code by others. The brain indeed tends to fill in the "case".
The only indication the compiler gave was some non-fatal warnings about unused labels, which tended to get lost in the noise of other minor warnings.
You can write horrible code in any language of your choice.
Sure, but some languages make it easier than others. But what I am really griping is about enabling (indeed, promoting) trivial mistakes. Forgetting "break" in C "switch" branches is one good example (and is known to have caused at least one widespread phone network outage!).. Allowing fall-through to the next branch is sometimes useful, but in most cases you don't want it. So the default action at the end of a branch should have been the opposite, and there should be some syntax to indicate the exceptional fall-through action.
One strand in many programming horrors is that they are in C. I know C well, have used it almost daily around 25 years, used to love it, but now believe it should be used only by specially licensed people, or not at all. The reason is NOT that it allows low-level access, buffer overruns etc, but because its syntax and semantics are chock full of completely unnecessary pitfalls (many of which have unfortunately been inherited by its successors like C++, Java and Javascript). Don't believe? Quick, what does this totally valid fragment of C print:
typedef enum {val1, val2, val3} mytype;
mytype var = val2;
switch (var) {
val1:
puts("1"); break;
val2:
puts("2"); break;
val3:
puts("3"); break;
}
"1984" is trotted out so often I wonder how many people have actually read it. Surveillance was only a part of the horror. Worse was that suspected "thoughtcrime" meant you were eventually taken to the "Ministry of Love" (that is, the torture and brainwashing center), where you were taught that 2+2=5 if The Party says so. I don' t see that happening in Western countries.
you can expect to get a lot more technical support calls from friends and family who don't know what's going on
Or not. The elderly relative for whom I act as the tech support runs Linux (specifically OpenSUSE with a XFCE desktop), which I set up for her. Has worked well for her needs, which include mainly e-mail, online banking and light web browsing.
but made from simple components (capacitors, resistors, transistors)
How about using the microphone input of a computer to sample noise from a diode or transistor wired with a suitable voltage in the reverse direction? The semiconductor noise is supposed to be quantum-mechanical, so unpredictable even in theory.
The speed of getting random bits might be a problem.
It is only in the "Europlug", which is designed to promiscuously mate with some slightly different socket variants. Wikipedia: "To improve contact with socket parts intended for pins having a diameter larger than 4.0 mm the Europlug has two round, slightly flexible, pins which converge slightly towards their free ends."
(https://en.wikipedia.org/wiki/AC_power_plugs_and_sockets)
(I didn't realize this oddity before, your question prompted me to look it up, thanks)
Certainly the wrong word, but shock from mains may cause a fate worse than death: years ago I read an magazine article about an unfortunate guy in Finland who got a shock from a faulty device and became totally paralyzed for the rest of his life. Some kind of brain damage that left him almost locked in. I have treated electricity way more respectfully since reading that!
Of course there's not a lot to guarantee that Javascript is any more secure. The browsers are simply becoming a new OS in which (web) applications run. There's plenty of opportunities for cock ups in there, which will become apparent if Web apps become dominant.
There is also the huge "ecosystem" that has quickly sprouted around Javascript. Have been looking at it lately more closely than I would like, for work reasons, and felt like an explorer on an alien planet. The Javascript way seems to be to layer library upon library, downloaded from all over the net, with little concern for security (or licenses -one I looked had an interesting patent poison pill that should give fits to any corporate lawyer). The extremely dynamic nature of the language also invites obscure hacks (it's rather like LISP with a C-like syntax), and means most errors can only be detected at run-time. A simple-looking web page may be the result of hundreds of Kb of Javascript libraries, implementing the latest cool way to do the same old thing... The complexity pretty much guarantees there will be spectacular security holes.
From my operating system classes, I remember the idea of running single-tasking operating systems inside a hypervisor was developed already by IBM in the 1960's as their solution for this new-fangled idea of timesharing. Wikipedia has a writeup here: https://en.wikipedia.org/wiki/CP/CMS
Like a Volkswagen you mean?
Actually the problematic VW models are as safe for the consumer as other cars, it is "just" the environment that suffered (more than allowed by regulations).
But note the deceitful code is the one item you cannot inspect by opening the bonnet, or by taking the car apart. Actually pretty good evidence that the possibility of 3. party examination is the only thing that keeps manufacturers honest.
Or it might do wonders for source code spyware obfuscation techniques.
That would be a clear flag to everyone that the company practices do not stand the light of day!
Or they could take the simple route and cheat...including bribing the enforcers...
There is a way here: Mandate that it must be possible to extract the firmware with widely available tools. Then anyone with sufficient technical competence can test if the published source can be compiled into the same firmware (which naturally implies the compilers and their versions, and any build files like Makefiles and scripts must also be published).
I believe such regulations would do wonders to embedded code quality even if very few people actually inspected the code: it would force companies to stick to proper configuration management process. Any short-cuts (such as shipping code with patches that only exist on some developers laptop) would make impossible for others to replicate the build.
And how about the unlucky Winphone 7 customers?
As one, I am actually happy MS wont be pushing a half-baked W10 version on it.... The last version of WP7.8 is pretty stable, and as a small niche OS now, it not so interesting for attackers. Also, I suspect the very tightly closed (and limited) nature of WP7 makes it a bit harder to attack. For example, only apps written in C# are supported, no native code, and it supports no side-loading or alternate app shops.
I wouldn't want to buy a new PC, pay MS their duty and then load up a non-MS OS.
How is this different from the current situation? Granted, no-OS machines exist on desktop PC:s from small "garage assemblers", or you can buy a "barebone", but getting a usable laptop with no OS is hard.
Stobb forgot to discuss one important dogma of Functional Programming: No loops, ever. Use mapping, reduction or recursion instead. For the last part, I have never quite understood what makes recursion always superior over good old "while". In those cases where a loop would suffice, recursion is just a GOTO to the beginning of the function. On the other hand, in a pure FP language where variables can never be reassigned, a "while" would be pointless, so these go hand in hand.
Anyway, even for a 10 year storage I'd look to M-Disc, I won't trust DVDs for so long anyway.
I have 10 year old DVD-ROMs that are perfectly readable, that's why I picked that particulat time span. To be really sure, you should burn two copies for your archive, on discs from a different manufacturer. Years ago I ran a personal accelerated aging test with 3 different discs left hanging outside. Considerable differences, but one of the discs was readable after 4months of exposure (surprisingly a no-name disc from Lidl...). Too bad the results are not valid so long, as the manufacturers change. The test should be repeated now and then.
I'm quite prepared to believe M-DISK is as durable (or close enough) as they claim, but I'm afraid it does not help much. What do you (or your grandchildren) read it with 50 years from now? I could be that compatible DVD drives will exist, but that is not guaranteed.
A better idea is to save them on good-quality regular DVD:s, then be prepared to copy the data 10 years from now to the then-popular format. And so on.
As it happens, some time ago I scanned some colour photographs from my childhood, about 50 years old. Some of them had colour casts on them and were a bit faded, but the "restoration" button of the software bundled with the scanner made them look almost as good as new. Reading any digital record from the same era would have been a major project (google for heroic efforts to extract data from old NASA tapes).
I have read articles both for and against the benefits of moderate alcohol, and they have left me with a nagging suspicion that the studies (or some of them) showing benefits have been biased by the quite substantial alcoholic beverages industry. There is quite a bit more money to be made by the pro-alcohol stance, than the teetotaler one.
Other than that, I would be much happier if moderate alcohol usage really were healthier (so don't downvote too hard...)
because few things beat batch files for...well, batch operations, doing similar things to numerous files at a time.
Exactly! This makes GUI vs CLI arguments pretty pointless, regardless of the OS. GUIs just get incredibly clumsy when you have to repeat a number of steps, but their hand-holding is useful when you perform some operation so rarely that you forget the details between uses, and of course for anything that is naturally interactive or graphical.
There is a way to hack the registry from the command line on Windows, command "reg". MIght be more useful to instruct registry modifications in terms of it, so people can cut'n'paste. For example, try this:
reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
This just queries a value, does not break anything.
A major problem is that there is no intelligent filtering software. Filter words, and you will censor pages with innocent words with "naughty" sub-strings, or foreign words (like the Swedish for "six"). Filter by domain names , and you are at the mercy of whoever decides the blacklist (and these people generally seem to be incapable of distinguishing between pórn and proper information about séxual issues).
Now, Microsoft/Apple/Google, how about you guys add support for the new/experimental/convenience Javascript features (String.trim, String.startsWith...)
Sure those are still missing? developer.mozilla.org lists String.trim() as being supported by Chrome, Firefox since version 3.5, IE since 9, Opera since 10.5, Safari since 5. The String.startsWith() needs a bit newer browser, but is supported by Chrome 41, IE 12, Opera 41, Safari 9. You cannot expect Microsoft/Apple/Google to do anything about their older browser versions.
If UEFI secure boot with a custom key were required, then how are the researchers fiddling with it right now?
Running the OS on a computer (or more likely a virtual machine in this case) that you fully control is much easier than trying to run an alternative OS on a computer that has been locked down.
Perhaps they have also imported UEFI Secure Boot, and made it mandatory on every computer in the country! That combination would be the perfect privacy nightmare: An OS that tattles and reports on you, and deletes all documents with non-approved words in them, and no way to install any alternative.
I wonder if having Unicode code points is even useful in any way. Musical notation is laid out in two dimensions and has lots of equivalent, but visually different ways to represent the same thing (all of which are used, depending on the style and preferences of whoever is writing the music). It does not map well into the idea of a character set.
If I remember correctly from some Groklaw discussions (I still miss that site!), the whole Google vs Oracle lawsuit might have been avoided if Google had used OpenJDK in the first place. After all it is licensed for everyone to use under GPL. Of course the GPL may have been the sticking point for Google. Or some technical issue.
I have got to finally get around to reading "Bleak House" someday.
1) you can't just install a "Java runtime for desktop apps", the only installer also installs the Java browser plugin, which is useless (no legitimate websites I care about use it) and a security nightmare.
These days, most browsers disable this for you. In current Firefox you actually have to jump through hoops if you want to enable a Java applet.
2) an installer that tries to install malware and hijack your home page & search settings whenever it installs a security update, which is regularly.
On Linux, you can go with Openjdk (the Open Source version of Java, actually mostly the same code as Oracle's) which is provided by all major Linux distributions, and gets updated by the distribution's normal update mechanism, no malware added.
Sad if if there is no Windows equivalent. But I have had no trouble for years with the regular Java updater, after learning to un-check the intrusive proposals.
Java is burdened by the bad reputation of using it for web applets. That has indeed turned out to be a bad idea, and also made totally redundant by Javascript. But there is nothing wrong with using Java as a normal programming language, like for server applications or even on desktop. In that role it is way safer than C or C++.
LaTeX? At the time, formatting a few ages of LaTeX into DVI took several minutes on a VAX (never mind printing it). Presumable Sir Tim wanted something simpler to make the system interactive. I am also guessing he wanted to be compatible with SGML, which at the time was touted as the final solution to documentation problems. HTML syntax is based on it. The earlier HTML specifications actually formally represented the language as an application of SGML, which is (or was) a kind of general toolkit for specifying document formats.
The reality of services like Netflix is that it is so cheap and convenient, why would anybody go to the trouble of copying their stuff?
For later viewing, if I see something I really like. I have found the hard way that Netflix keeps many films for only a limited period, probably they have licensed them from the movie companies that way. So if you want to see something a year later, it is not necessarily there any more.
Of course I can go buy a DVD or a Blu-Ray, but sometimes these are not available where I live.
Massive power savings, last longer than incandescents, smaller bulbs than CFLs, and don't have the "flicker".
Most importantly, LEDs are instantly on, whereas CFL:s sometimes take up to a minute to reach full light output, depending on the model and ambient temperature. I have replaced most lights in my house with LEDs, a no-brainer now that their prices have come down to a reasonable level.
Regarding the earlier post about old-style bulbs in the man cave: I too have a house heated with an oil-burning boiler, with thermostats in the radiators (and what passes for winter in these greenhouse effect days outside), but I estimate the effect differently: Heat from electricity is much more expensive than heat from the oil, and the bulbs also tend to supply it in the wrong place: near the ceiling. Any effect on the working cycle of the boiler from using incandescent bulbs would probably be measured in microseconds, instead of seconds.
Just say no to this Idiocy of Things. Connecting devices sometimes has valid uses, particularly when the item to be controlled is inconvenient to access, but many companies seem to be trying very hard to go overboard with IoT. Lights are best controlled with the obvious switch on the wall (unless you are controlling stage lighting). Toasters and fridges have no business networking. In general, anything the user necessarily interacts with directly should only have very direct, obvious controls. Anything else is a gimmick that brings risks with it.
How many "developers" do we need to execute before this stops?
Try "educating" instead of "executing". The problem with the approach of executing those that make mistakes is that there is no opportunity to learn from experience. One of the reasons all bloody tyrannies eventually fail.
> its gentle sloping sides are good for deflecting projectiles but not as good for staying upright without computer assistance.
So if the computer goes, she capsizes?! Not sure if that is a good idea.
The shape reminds me of the imperial fleet from Star Wars. If the Empire had a sea-going navy, the ships would no doubt look just like that.
Some 25 years ago I spent many, many nights with Nethack... never did find the amulet, though. But at some point I suddenly got enough, and have not played it, or any other computer game for that matter (OK, a bit of Wii games with the kid, but curiously did not find that any fun at all).
> Okay, this is not a brand new machine (Thinkpad X201),
That's the problem. Nice laptoppy things work on Linux eventually, but not on brand-new models, because it takes time for "someone" to reverse-engineer how to do the them for some particular models. This is where EU regulation is badly needed: HW manufacturers should be required to publish full technical details on the launch day of new hardware (at the latest), so open-source operating systems could fully support them.
Of course manufacturers will cite any number of reasons to oppose this (proprietary IP, trade secrets, would reduce security, yadda yadda...), but I am pretty sure the real reasons are laziness (making useful docs costs some), and planned obsolescence: if the hardware can be supported by open drivers, it cannot be obsoleted by withdrawing official support (usually in connection with some Windows update). Junkyards are full of scanners, web cameras, and printers that would otherwise work perfectly, but only with Windows XP...