Re: Virtualisation made it irrelevant
In reality, chasing APIs, especially private ones, is a mug's game.
Especially feckin' ENORMOUS ones with thousands of functions.
305 posts • joined 21 May 2007
In reality, chasing APIs, especially private ones, is a mug's game.
Especially feckin' ENORMOUS ones with thousands of functions.
Some years ago, fed up with crap keyboards (I really want a VT100) I bought an Apple USB one, under the impression that the higher price meant that I would get a better product.
I some ways I did. It was pretty solid and well made. The key symbols were moulded in, and wouldn't rub off. And of course, it looked sleek and beautiful.
It did have one flaw though. The keys felt like you were operating a 1980s pocket calculator. Wobbly and short travel. I couldn't actually type on it.
There was an additional aspect which tells you all you need to know about Apple. It came with a (free!) USB extension lead. However, the keyboard USB plug and extension socket had a non-standard slot and key arrangement, so that you could not use the USB extension for anything else.
"Now with people primarily reading on screens, (over 50% of eBooks on phones) and no standard screen size or resolution, like Letter and A4 on paper, layout needs to be "Responsive" and work with user selected rescaling (sharp vs poor eyesight)."
Most of the HTML I see these days shows every sign of the "web designer" fighting to stop users' browsers from applying their own formatting to fit the device & screen.
systemd is so architecturally wrong, and so complex and badly-designed, that I expect it to collapse under its own weight eventually. Not dramatically. Maintenance and support will slow until it becomes deprecated in most Linux systems.
(If you think systemd is an init system, you don't understand the issues.)
I changed my repo sources to Devuan from Debian when it looked as though systemd was going to become the default. So when I first install a new version of anything, I get the Devuan one. It's worked perfectly.
Is that a vulnerability? I'd pay extra for it.
I bought the Psion in about 2004, when it was a failed product and was being flogged off cheap. The software supplied was rubbish, but there was a (free? shareware?) suite which was better: it could even save the MP2 streams as files. I still have recordings of John Peel and R3 from back then.
That was when I lived in an area with coverage. I moved house last year, from a remote, rural location to a small, seaside commuter town. Now, if I turn on a DAB radio, all I get is a burbling sound. I have to use a DVB decoder to listen to BBC R3 & R6.
(Actually, we don't even get full Freeview here. Almost every house has a satellite dish.)
We're supposed to trust an article about Russian conspiracy written by someone called Andrei Orlowski?
The kernel source uses the x.y.z format. So referring to that format is unambiguous, whereas distro-makers might be doing their own thing.
I compile my own kernels anyway. Distro kernels need to cover diverse hardware, while mine are specific to the machine they run on.
I was once manager of a team which was migrating more than 25 million customers to a new infrastructure overnight. I was so confident that we had covered all contingencies, including total roll-back, that I went home and went to bed.
It went perfectly.
It wasn't easy, and it wasn't cheap, but failure is always avoidable.
I don't understand how handling different web pages in separate processes mitigates Spectre. Isn't the whole point of Spectre that a malicious process can infer the content of memory which it doesn't own?
You don't know the half of it. In the last few days I've resurrected an old phone, HTC One X, so that I can give it away or use it as a spare. I was somewhat overzealous at my first attempt at wiping it, in that I erased the operating system.
Fortunately, when it was my main phone, I'd installed a 3rd-party "recovery", TWRP. To do that, I'd had to apply to HTC for a code to unlock the bootloader. Why was the bootloader locked? Security? I don't know.
A usual manufacturer's Android has no root access and the system partition is mounted read-only. To replace a library, say, you'd need a special procedure more complicated than "sudo apt install libxyz". And there isn't one.
I actually installed the last available Cyanogenmod for it, an unofficial CM12, or Android 5 build. Potentially, I could now re-mount partitions read-write and update individual system files, although I'd probably break it.
"just as ardent in your atheistic perspective"
The old canard that belief and disbelief are equivalent.
"London, England" eh? Oh, THAT London.
"Many people already ditch their ISP's DNS servers because they are unreliable."
It's more than 10 years ago now, but I was head of software development for a very large UK ISP, and our DNS was bombproof. Literally. You'd have needed many widely-separated bombs (OK, or power failures or faulty software roll-outs) to even have a detectable impact on performance.
"We had several that tried to use up the old non-laser safe acetates and labels to save a couple of quid and knackered a £200 toner unit or a whole printer instead."
I once did that.
How about making the upgrade come as a little ROM chip? The dealership can either send it out, or pop it into your device for you (I'm thinking cars, mainly) for a modest fee.
If you can get 64Gb or more in a micro-SD card for a few pounds, a tiny ROM in that kind of form factor could be very cheap.
"Most mom and pop shops will not have the money or expertise to install and maintain certs"
With the hosting company I use, it literally amounted to clicking a tick box.
Written in assembler and Bliss, an elegant low-level language; and most files signed by the legendary Dave Cutler.
So, to summarise: they tuned audio to be recognized by a specific analysis engine, and then tested it by having that specific engine recognize it.
And this won't work on any existing products until they reverse-engineer their recognition. That could be difficult, since it's based on machine learning and is likely to be obscure.
I switched to Vivaldi when Firefox broke sound on their Linux browser, and have been using it as my main browser since then with no problems.
I have Privacy Badger, Ublock Origin, Location Guard, Tampermonkey, a User Agent Spoofer and ScriptSafe (which attempts to foil the kind of fingerprinting described in the article, as well as blocking scripts).
I've never trusted the Android ecosystem enough to put anything sensitive on my phone, nor use it for money-related purposes, so it's not much of an issue for me. I suppose Apple users have absolute confidence in the company's omnipotence.
Read the researcher's own article for full gory details. The whole suite is completely incompetent, and even without the hard-coded login is wide open to hacking.
It looks like the work of a very inexperienced programmer: they probably got the intern to write it.
The original quote was "horror story", not "horror show". The latter phrase gained its familiarity because it's a piece of "nadsat" slang from A Clockwork Orange.
It's one of the Russian-derived terms in the slang. "Horror show" sounds like "khorosho", Russian for "good".
And Apple's decision does not seem to be good.
"What did I miss here?"
As I understood the article, the issue is that the Stasi can:
1. take your phone
2. demand the pass code
3. make their own password-reset backup containing all your secrets
4. give you back your phone and say "Have a nice trip, Sir."
I had hoped that Android manufacturers would follow Apple like sheep and bring out phones that would fit in my pocket, but it hasn't really happened. Sony have done 'compact' versions, but that's about it.
When my phone boots, there's a Google Play Store process running called "LocationUpdaterService". If I leave it running, it eats battery. However, if I kill it, it stays dead.
I normally have wifi turned off to save power, and mobile data turned off to save money, so it can't be sending data to Google UNLESS it saves it up for when I do actually use Play Store or whatever.
Windows has an identical flaw to Android. I wonder who copied whom.
Even PCs with sound cards don't need the ALSA sequencer module unless they're connected to a MIDI musical instrument.
(I have one such Linux box, driving a Roland synth.)
Android continues to work fine if you delete Play Store, Play Services, Google Services etc. If you don't, yes, they'll definitely be trying to collect location info.
The first keyboards I used were American-layout ones from DEC. This formed strong brain connections so that I now always configure the layout US style, no matter what the symbols on the key caps say.
In fact, I have a DEC LK250 keyboard sitting in the corner. (From their "PC-compatible" box.) I have a large-DIN to small-DIN adapter, and an AT-to-USB converter, but it doesn't work reliably. I think it might be a power issue. Maybe a powered USB hub would help.
And, indeed, fixed in kernels more recent than two years. The issue applies to distros which have an older base kernel (for continuity/stability reasons, presumably).
When I was a teenager, I basically only read SF, including loads by Niven and Pournelle. So I acknowledge that he wrote some stuff that entertained and engaged me.
But I had some interchanges with him on BIX, Byte magazine's pre-internet bulletin board, and I found his political opinions to be utterly repugnant. Not to mince words, he was a Nazi asshole.
Limits on password size often means that the programmer has reserved a fixed space to store it. Unencrypted.
I usually only see my own as well, although one Saturday morning a wireless printer appeared. My nearest neighbours are about 400m away.
I was putting petrol in my car the other day, and the petrol pump crashed and stopped pumping. "Error 0", it said.
As I drove to the next town and next petrol station, I couldn't help wondering exactly how much computing power you really need in a petrol pump.
"The amount of energy required to fire up and operate today's fusion systems would vastly outweigh whatever useful energy you can get out of them."
Not actually correct. As far back as 1997, 16MW was extracted from JET for 23MW input. Obviously, still a net loss, but not "vastly".
It became more and more obvious that the Firefox developers weren't listening to users. For example, I changed to Vivaldi when Firefox stopped playing audio. The developer had unnecessarily changed the interface, and when it was suggested in bug reports that this was a poor decision (but easily reversible), his response was obstinate and unhelpful.
But I disagree that this kind of approach has been the main reason for loss of users. I think it's the relentless promotion of Chrome by Google.
You thought you were buying a cheap iPhone and got smething that wasn't an iPhone. It's almost like a public service.
My home systems were Debian. I didn't do a clean install of Devuan, I just changed repositories, so that upgrades wouldn't include systemd dependencies. It's been completely painless.
I use GTK-based applications, mostly, and they all work fine.
I've pre-emptively removed udev as well, in case it is absorbed by systemd. I know it's a flagrant breach of the Unix philosophy of "do one thing and do it well", but I use mdev, one of the many faces of busybox, to handle hotplug events.
Upvote for mentioning ConsoleKit, installed by default in most distros. And what does it do? "Keeps track of 'seats'." apparently. I think by that they mean physical keyboard, mouse and screen positions.
It's my guess that the average number of 'seats' across all installed Linux systems is a bit less than one. Desktops and laptops have one; lights-out servers have zero.
I used the web version yesterday morning, and it worked but was noticeably slow.
There's no particular reason why Linux is more secure than Windows.
No, that's factually incorrect. The architecture of Windows is inherently less secure than that of Unix-like systems, and it has become more unravelled with every new release. Add to that the huge Win API with much poorly-understood but powerful functionality.
I've been ripping CDs on Linux to both OGG and MP3 for 23 years.
(My current phone will play either, plus FLAC.)
Google will love this one.
If you're interested in 'big data' being used in elections, you'll want to read the Guardian article: https://www.theguardian.com/technology/2017/may/07/the-great-british-brexit-robbery-hijacked-democracy
Actually, it's more a case of 'big money'.
I don't know what's recommended, but I use Openbox.
I don't have a "desktop environment" because I've never been able to work out what useful extra functionality they provide.
The way systemd is designed means that a developer who wants his software to work well on a systemd box has to work much harder to make it also work well (or at all) without systemd.
The obvious result is that most developers don't bother, so there's a rolling increase in the amount of software that needs systemd.
My television set is an old 'Bush' model (cheap). A few years ago, it started to crash occasionally, possibly because of something in the BBC data (if I delete all BBC channels, it hardly ever crashes).
What happens is that the picture disappears, to be replaced with the message "Service is not running." A hint to its software architecture I suppose. I discovered that if you switched to USB media mode and back, everything would be normal. So the set knows how to restart its decoder service. It just doesn't bother to.
There's an option in the menus to upgrade the firmware -- even to look for an upgrade in the broadcast stream -- but none has ever been available, of course.
Yes, I use it with an external satellite/terrestrial decoder.
Biting the hand that feeds IT © 1998–2018