* Posts by Roo

1455 posts • joined 21 Sep 2010

Deputy AG Rosenstein calls for law to require encryption backdoors

Roo
Silver badge
Windows

Re: Laws of Math vs Laws of Men

"but you do have to wonder why politicians, political appointees and even moderately smart guys like the late not-much-lamented Comey simply *will not* understand that the backdoors idea cannot work, will have no effect on the Black Hats it's supposed to be targeting and will render everyone less safe"

The answer is very simple: They don't actually care about security and locking up bad guys, they just want access to all your data 24x7. Given that the motivation is clearly not security, and the folks talking this shite are pole climbers by definition, I believe we can safely conclude that they want this stuff because it will give them a massive edge over the proles in terms of insider trading, blackmail, extortion and evading justice. I am not even sure why they are trying to justify this crap to the television cameras, it's not as if the voters have a choice in the matter.

7
0
Roo
Silver badge
Windows

"TLAs will gain access to mountains of "where you at" messages, pictures of food, and other useless data."

Google, Whatsapp, Facebook et al all leverage that 'useless' data to generate cash. Presumably the TLAs & gov can and will do exactly the same - much like our allegedly confidential NHS records here in the UK.

1
0

Linux-loving lecturer 'lost' email, was actually confused by Outlook

Roo
Silver badge
Windows

Re: You canna change the laws of physics captain....

"The ones that REALLY annoy me are the ones who can't understand simple physics."

Ah yes, I worked at a place where the chief was a Salesperson. Said Chief had a number of cracks at changing the laws of physics with their considerable physical presence. Two events stand out in my memory. The first was a heated argument between said Chief and a usually quiet spoken very intelligent academic.

The Chief had decided that the product said academic had produced would be far better if it used an IR camera, the Academic disagreed because the whole point was to pick out dark colored particles in a light background. The academic did try to point out that an IR camera would simply measure temperature and therefore be no use in the application, and the discussion ended with much shouting from the Chief and the Academic quietly resigning.

The second stand out moment (there were a lot of memorable FUBARs in that brief 18 month stint) was when the Chief returned beaming from his latest sales trip, having flogged something that would be physically impossible to build, and on the off chance that we did make some magic happen it would be physically impossible to operate. Apparently the customer agreed with this assessment, but the Chef decided it was possible, and came back to base with a signed contract featuring a termination/non-delivery penalty clause. The Chief checked in on the engineering team who timidly and gently told him it wasn't possible... Some point later in the afternoon I had the unhappy experience of watching a very large and angry Chief trash an office, punching a few holes through the partition wall after a phone call with said customer.

It was an unhappy occasion because he came out of the office and bellowed lots of unpleasant things about engineers after cooling off a little.

5
0
Roo
Silver badge
Windows

Re: I am fairly sure

"I have navigated trees with a + and - to collapse structures even in Linux apps. This is not "new", he had clearly got past the real changes i.e. having to start double clicking etc."

You could have read the article and realised that he was using the UNIX 'mail' application on a VT (aka dumb terminal) - likely a text only one... Some apps *did* run on VTs and offer the +/- idiom (ISTR trn did that) 'mail' most definitely did not.

Also note this guy was 'placid' - therefore it is extremely unlikely that he used a Windows box very often. Windows has a habit of making people permanently angry - compare and contrast Steve Ballmer with Dennis Ritchie for example.

2
1
Roo
Silver badge

Looks like she got free fault diagnosis on her own kit at the Charity's expense. Nice.

11
0
Roo
Silver badge
Windows

Re: Client support, we've heard about it

"The funny thing was he was a Comp Sci professor, and was doing cutting edge research in parallel programming. He just didn't want to be bothered to learn anything new outside his interests."

I have some sympathy for that position. If you are really busy there are few things more irritating than having your working environment turned upside down because someone else has decided it needs to change for their benefit rather than yours. This is a regular occurrence at my current workplace - the tools are changing faster than anyone can learn to use and apply them (entire teams have this issue, it's not just me). :)

62
1

The future of Python: Concurrency devoured, Node.js next on menu

Roo
Silver badge

Re: Multithreaded programming is easy, Multithreaded coding is not.

"In fact, while async programming is super-simple, it has many caveats which can be far more complicated to resolve than multithreaded code."

The problem I most often see is that folks haven't grasped the underlying theory of the parallel programming methods they employ - so they don't have sufficient information to 1) select the best option and 2) use it.

Case in point I'm seeing a bit of Futures creeping into common usage in Java, which combines pros and cons of Threading with the pros and cons of async... You thought 'goto spaghetti' was bad ? Try futures spaghetti not only is it tough to follow but it's also adds unpredictability to the mix. It gets really fun when some code throws an unexpected uncaught exception a couple of weeks after the guy wrote it - when said dude says "This is too complicated". :)

I think futures have their place - a dark corner under a dusty blanket with a "Bio-hazard" sticker on it :)

0
0
Roo
Silver badge
Windows

Re: There's a reason Unix has this idea of "one program per job" and "pipes" to link them.

"Yes, it was a model designed when very few 'programs' could fit into RAM so you needed to chain them while I/O was stored in the pipes while one program unloaded and the next one was loaded into RAM."

That wasn't the sole reason. One of the reasons is that they wanted something that was easy to understand and use on datasets that vastly exceed the capacity of a single address space & processor. The fact that the vast majority of HPC boxes out there run something akin to that model should tell you that a lot of people still find that model very valuable.

"It's an utterly outdated model,"

Well no, because HPC - and all the other stuff that doesn't fit into a single address space or a single machine. For example the microservices model is built on the same principle - lots of little bits of code talking to each other over some kind of pipe.

" especially because error handling is a nightmare, and there's very little checks about the parameters (that's why they are easy attack targets)."

That really depends on how you do it, but I do concede that handling errors across multiple threads (or processes) is generally a lot harder than working on a single thread/process.

"But keep on thinking what was necessary to cope with 48K of RAM is sound design still today..."

I'll let you think that as my place of work crunches through multi-petabyte datasets with their wimpy 256Gbyte/32 core boxes.

0
0
Roo
Silver badge

Re: Bah!

The solution was to create the abstraction of "your program owns the entire machine and there is only one thread in your program".

I think the microservices folks have rediscovered that one. :)

The following documentary "UNIX: Making Computers Easier To Use -- AT&T Archives film from 1982" shows the reasoning behind UNIX guys pushing that exact same approach (pre-threads !).

https://youtu.be/XvDZLjaCJuw

0
0
Roo
Silver badge

Re: Switch Case

"And while I'm here, Duff's device is known to be a performance handicap"

I think a lot of people neglected to pay attention to what Tom Duff was trying to achieve: specifically "loop unrolling" with a compiler that didn't do it - with a minimum of code.

He was also counting cycles on some fairly exotic big iron - which had a very different set of strengths & weaknesses in comparison to *most* that followed it (eg: memory that keeps up with the core clock, small to zero caches and maybe a couple of cycles max for a memory fetch).

1
0
Roo
Silver badge
Windows

Re: Trivial ?

"Switch/Case is a code smell"

In this case: He who smelt it dealt it.

This whole "code smell" thing has become utter bollocks. It is too often used to promote personal prejudice over and above sound engineering backed by objective reasoning, it's become a short cut for "I know better than you".

As it happens the 'switch' statement is a way of representing a common assembler idiom of a 'jump table', which happens to be fairly efficient - and it rather handily tends to keep all the code local which means it'll fit inside a cache line or two if you are lucky/clever. Not using a switch statement where one would fit nicely would be a code stench in my view - and that's my personal prejudice, but at least I can back it up with some objective reasons why it can fit some scenarios better than the alternatives...

If you want some code smells to work on I suggest you start with the JVM, then the Java libraries and work your way up to Spring. In the case of the JVM you start with a massive --ing runtime that takes an age (in machine terms) to start and consumes vastly more memory that it actually requires to operate - and it does this because it's the only way it can approach the speed of a compiled language.

I'm hoping that would keep you busy enough to lay off on the switch statement. :)

6
0

WannaCry-killer Marcus Hutchins denies Feds' malware claims

Roo
Silver badge
Windows

Re: I'm confused

"Wrote code in the UK, (allegedly) sold code in the UK, to Russians. Arrested in the USA.

How does that work?"

The UK was flogged to the US by Churchill, voting is mainly there to grant legitimacy to polices that have no rational basis.

6
1
Roo
Silver badge
Windows

Re: Oh dear... maybe

"Interesting logic there; it's OK to share code that can be used for criminal purposes because it can be used for legitimate purposes as well."

Ordinary people have to live with the fact there are plenty of everyday things can be used legitimately but are also fairly frequently used for criminal purposes. Here's a few examples to help illustrate that 'interesting logic' for you:

- knives, guns, explosives, cars, trucks, aeroplanes, diesel, battery acid, microbes etc...

Sharing code seems fairly tame compared to folks speeding through a school crossing - which seems to happen fairly regularly around the world.

9
0
Roo
Silver badge
Windows

There could be a silver lining... If the Feds will carry this to it's logical conclusion and prosecute everyone involved in writing Windows while they are at it, after all their code has also been used in the attacks as well.

17
2

Linus Torvalds slams 'pure garbage' from 'clowns' at grsecurity

Roo
Silver badge
Windows

Re: Grumble

"I notice you didn't answer my question about how much commercial linux support costs..."

I'm giving you the benefit of doubt here by assuming that you are asking the question out of ignorance rather than out of hope of someone dropping a shilling into your palm:

1) There are lots of vendors offering commercial Linux support, they all have different 'list' prices for different levels of support...

2) Typically customers don't pay list price, so only the vendor and the customer know how much the support costs...

1
0
Roo
Silver badge
Windows

Re: Grumble

"You might be able to download an Ubuntu ISO for free, but in a production environment Linux has costs just like Windows or OS X "

Sure it does. The costs are just a lot smaller in a lot of cases. Why do you think all vast majority of HPC shops run Linux rather than Windows ? Quite a lot of those clusters are run by outfits that previously *only* ran Windows. They actually had to spend extra $$$ to hire Linux expertise, force the vendors to sell them boxes sans Windows Tax *and* fight the bean counters and the PHBs to get Linux in there in the first place.

The reason why they succeeded is because HPC shops are particularly cost sensitive, and Linux really does beat Windows hands down in the HPC space for TCO.

1
0
Roo
Silver badge

Re: Ego Overload

"During this whole period, grsec has basically been the only way to let untrusted code run on a Linux box without guaranteeing eventual compromise."

That is a very bold claim when there are millions of x86 boxes out there can be owned from userland regardless of what kernel is running.

0
0
Roo
Silver badge
Windows

Re: Ego Overload

"Linus, and the other kernel maintainers, have been essentially ignoring security for years."

I have seen plenty of evidence to the contrary over the past 23 years, so I can't help but wonder if you have been wearing your backside as a hat for the past couple of decades.

1
0
Roo
Silver badge
Windows

Re: Ego Overload

"When dealing with other members of the human race you'll often find that if you treat people with respect, they return the respect."

You could always have a crack at that respect thing yourself you know.

1
0

Our day with Larry Page: Embedded with one of the world's richest men

Roo
Silver badge

It seems that Larry Page doesn't do anything or know anything, he has found his perfect role in life.

13
0

Oracle sues its own star sales rep after she wins back $200k in pay fight

Roo
Silver badge
Windows

Re: Classification

I have got them filed under the "Completely Useless Bastards" folder.

0
0

Oracle's systems boss bails amid deafening silence over Solaris fate

Roo
Silver badge
Windows

Re: Future of Sparc

"I would not put it past Oracle to make a play into network switching. They have people who know silicon (SPARC, etc)"

They'd need to sink a lot of money into licensing & cross licensing to pursue something beyond SPARC, chipmaking has been dominated by lawyers and accountants for a very long time now.

0
0

Q. What's today's top language? A. Python... no, wait, Java... no, C

Roo
Silver badge
Windows

Intuitively awk feels like a mash-up of grep, c-shell and a stream fed spreadsheet. I'd have been curious to find out what drove the authors to produce that immortal chimera.

0
0
Roo
Silver badge
Windows

Re: I suspect there are quite a few Java devs out there

"So after 20 years you still suck, basically?"

He prefers other tools - I happen to share his viewpoint. I write Java where folks require it, but most new stuff is in Python by popular choice.

I undertook a fairly small greenfield project that demanded minimal runtime footprint & cost, JVMs were far more costly at runtime in time & space than the equivalent C++ code - and I did actually code up the core loops & profile them in Python/C++ & Java and measure the cost as honestly as possible. Also with the C++ solution we easier to validate from the security point of view - because we didn't have to delve into a bunch of opaque third party binaries - like the JVM for example. There was an absolute minimum of third party code - and the finished beast ran in a privilege-separation format - again much more natural to code in C/C++ than a JVM hosted language + runtime.

"Java isn't slow and the JVM allows you to write code in many languages not just Java."

It's a lot better than it was - but it's not the quickest either - the memory footprint alone means that the electrons are putting in more miles across the various databuses & memory arrays. When push comes to shove Physics will always be on the side of compact run-times.

Firing up a JVM is *slow* in comparison to a comparable bit of C/C++, regardless of the merits of whatever you've compiled into bytecode.

Having defended C/C++ a bit I have to point out that I write the majority of code in Python followed by Java - they have their strengths too, although I'd say Java is actually pretty much lumbering on by convention, toolchain & framework inertia. New stuff does tend to be Python for better or worse.

7
1

UK PM Theresa May's response to terror attacks 'shortsighted'

Roo
Silver badge
Windows

" yes, looks like Putin's got your vote too."

In fairness Putin seems to have all of America's votes too. Seems only fair we get the same. :)

2
1

Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1

Roo
Silver badge
Windows

Re: More like from the 1970s

"I can't see any benefit to linking these things into a normal file name space."

I agree. That said if a benefit were to be had it should be possible to come up with a scheme that does not allow/require userland to hold any form of exclusive lock on it. I suspect that the folks who came up with the scheme didn't consider deadlock - which is plausible if you have a bunch of folks working on filesystem format who weren't familiar with running code in parallel, deadlock and VMS (quite plausible given the state of the job market and timeframe for NT).

0
0
Roo
Silver badge
Windows

Re: More like from the 1970s

"Wondering why your post got 3 downvotes. It was spot on."

Likewise. It is disappointing that they downvoted without explaining what they felt was incorrect about the post. Presumably they just don't like bad news.

7
3

Windows is now built on Git, but Microsoft has found some bottlenecks

Roo
Silver badge
Windows

Re: SourceSafe

"Anyway, in late 1990s, VSS was still better than nothing"

My mileage varied. Back in '98 a PHB decided to tidy up our VSS repo by deleting source to EOL products... Sadly he didn't know that deleting a file in VSS meant that the file, it's entire history and all previous revisions were also deleted. CVS was (and still is) better than that and it costs nothing.

0
0

Huawei Honor 8 Pro: Makes iPhone 7 Plus look a bit crap

Roo
Silver badge
Windows

Re: And still shovelling Android

"if you offered me 5k Euros a month to use Android, I would say no."

Is that because someone pays you >5K + an iPhone to post tosh like that on the web ? :)

0
0

Oracle crushed in defeat as Java world votes 'No' to modular overhaul

Roo
Silver badge
Windows

Re: Java faster than C++

I think the downvotes are a bit harsh Plinker, but on re-reading your post the following caught my attention:

"In theory, adaptive optimizing compilers are faster than static compiling. Say you have Java code that runs a certain operation on a large list of a type of objects, the JVM will optimize for that type."

That appears to describe some form of "lazy vectorization", in the C/C++/FORTRAN world the penalty would be paid at compile time rather than runtime... Plus in the C/C++/FORTRAN world DLLs have also been leveraged (with varying degrees of success, natch) to accomplish the same goal at runtime.

C & C++ have virtual machine targets too - LLVM for example.

I am glad to have the choice to use all that good stuff plus we've got JVMs and anything else. It's 1's and 0's at the end of the day. :)

2
0
Roo
Silver badge
Windows

Re: Java faster than C++

""Java ... still doesn't play well with the OS leading to poor performance, unpredictable run-time behaviour"

Your Java skills are antique and outdated."

Quite likely in fairness, I too have worked with Java in low latency environments with fairly severe space constraints, albeit a while ago. I have also seen the JVMs improve too. IMO the *best* argument for Java is the tooling around it, YMMV. There are some interesting side-bits to Java such as tools that take Java code and compile it down an FPGA as well.

In practice I see the vast majority of Java code run on ancient JVMs which are significantly older than the Intel, GCC or LLVM alternatives on offer. So I'm not convinced by the argument that JVMs are intrinsically more up-to-date than anything else.

I am aware of "The secret to get Java low latency", but I have been doing the same thing at the same or lower cost with C/C++ for decades. I can do either, but I figure it's easier to use a hammer on a nail rather than a screwdriver. Still, if all you have is a screwdriver, fill yer boots with my blessing.

2
0
Roo
Silver badge
Windows

Re: Sun was always a little arrogant about Java

"What are you using Java for where that one bit is crucial?"

Strictly speaking not crucial, but it's harder and uglier than it needs to be to do a basic thing such as parsing binary input. For some folks latency is killer, pissing a few kiloCPU cycles up the wall to parse a few bytes of XML or JSON just doesn't cut it.

0
0
Roo
Silver badge
Windows

Re: Sun was always a little arrogant about Java

I'll bite. :)

"It spawned .net. If it did not exist we would still have to use archaic rubbish like C++ and PHP."

Sadly, despite all that prior archaic art to improve upon, Java still lacks first-class unsigned integer types, still doesn't play well with the OS leading to poor performance, unpredictable run-time behaviour and folks having to leverage third-party code to emulate/replace the functions that the host OS has already provided for decades.

Java isn't a "godsend", it's just a tool - and not a particularly elegant one at that. I say that having used Java on a regular basis since 1.1 (1.0 was missing too much to be valuable alternative to anything else at the time IMO).

11
1

DeX Station: Samsung's Windows-killer is ready for prime time

Roo
Silver badge
Windows

"We live in the age of low carbon so I have a wind turbine hat and solar cell jumper to keep it charged."

Bravo Sir !

2
1

Comey was loathed by the left, reviled by the right – must have been doing something right

Roo
Silver badge
Windows

Re: Comey was a coward for not throwing Hilldog under the bus

"She deserved prison"

No more than Donald or any of the other clowns in DC.

3
2

Just so we're all clear on this: Russia hacked the French elections, US Republicans and Dems

Roo
Silver badge
Windows

Re: Kettles and pots?

"if they do it they can't really complain about others doing it."

If only that were true. Instead we have lots of whining in order to deflect attention from their wrong doing just like a four year old child. It would be nice if they took jobs seriously now they are doing stuff like running a country.

4
0
Roo
Silver badge

Re: just getting started

Aww was that too soon after the AMT zero length password remotely exploitable vuln for you downvoters ?

8
0
Roo
Silver badge
Windows

Re: What next ?

Sigh... Didn't have to wait long for an answer, James Comey fired already. :)

9
0
Roo
Silver badge
Windows

What next ?

The Democrats and Republicans can now reasonably expect Russia to have some actionable blackmail material available, it'll be interesting to see whether they fight or co-operate to quash the investigations.

I suspect the latter because the establishment like to pretend that they have a "Mandate" whatever that actually may be. I haven't seen any Mandate Police or Mandates in the shops so far, so not entirely sure where they could come by such a thing as a result of an election won on the back of blackmail.

2
0
Roo
Silver badge
Windows

Re: just getting started

- don't use x86 hardware, especially in routers. :)

5
3

Stop asking people for their passwords, rights warriors yell at US Homeland Security

Roo
Silver badge
Windows

Re: What will REALLY fix this ..

"Errm. Cancelled accounts?"

The information they have already collected has plenty of value to folks like recruitment agencies, or intrusive HR teams for example. The current world political agenda appears to be very firmly weighted in favour of corporations over people at the moment so I would expect the market for that kind of data to expand rapidly over the next few years.

0
0
Roo
Silver badge
Windows

Re: What will REALLY fix this ..

".. would be the Silicon Vally lot realising that people are actively cancelling asocial media accounts if they have to cross the US border.

I reckon that amount of screeching *would* be heard in Washington."

Not sure there would be much point in the screeching as Silicon Valley will have already collected all the info they need to spamvertise the users and their online acquaintances. :(

0
0

Microsoft raises pistol, pulls the trigger on Windows 7, 8 updates for new Intel, AMD chips

Roo
Silver badge
Windows

Re: Windows 10 Creators Update CU (NT) system.

"You pretty much have to be a sociopath to get into politics, after all, and without politics, things don't get done, like it or not."

Not everyone needs a sociopath to tell them what to do, and quite frankly politicians are rarely needed for doing useful stuff like changing tires or wiring up a house. :)

3
0

Head of US military kit-testing slams F-35, says it's scarcely fit to fly

Roo
Silver badge
Windows

Re: Oh wonderful

"Nope - we have a position of strength - they need us more than we need them."

Doubtful. The EU loses just one trading partner with a paltry 60m customers, we lose access to the entire common market (which includes the member states plus all the folks paying to play like Norway for example).

"And all the free trade deals we will do will increase non EU trade."

Free trade deals aren't free beer, they cost real money. As a country of 60 million folks there is *less* benefit for the trading partner in negotiating with us simply because we are a smaller market than Europe as a whole. Consequently you *should* expect the cost of trade with those countries to *increase* rather than decrease. Increasing costs tend to hinder trade.

Most of the folks on telly telling us Brexit is great seem to be very rich, have multiple passports, and keep most of their money outside of the UK. In your case I can't work out if you are ignorant, stupid or simply shilling for Brexit to happen for some other nefarious purpose that you dare not share in public.

3
0
Roo
Silver badge
Windows

Re: Oh wonderful

"So greater foreign investment then. Another benefit..."

Greater foreign investment erodes it further because the folks with the gold make the rules. Less sovereignty is what you are getting - perhaps you could write to your local MP about it.

2
0
Roo
Silver badge
Windows

Re: Oh wonderful

"So far TheVogon's comment has attracted 26 downvotes - and no rebuttals. Hmmm."

Plenty of rebuttals, just a lack of folks on the Brexit side willing to take part in rational discussion or point out a silver lining that isn't a figment of their good intentions.

2
0
Roo
Silver badge
Windows

Re: Oh wonderful

"Everyone said the economy would crash as soon as we voted for Brexit - it hasn't - record highs in the FTSE, outstanding economic growth"

When a currency falls shares become cheaper and more attractive to foreigners. TL;DR: Britons own less of their companies, and what they own is worth less anyway.

20
2
Roo
Silver badge
Windows

Re: Oh wonderful

"Brexit will save us billions every year. It has hardly any cost so far....Our economy is growing 2nd fastest in the G20..."

1) Our currency has plummeted in value, so a net loss overall.

2) We haven't left the EU yet, so you can't honestly comment on the true cost yet.

3) The likely outcome is that trade overheads will increase because we still have to renegotiate all those agreements from a position of weakness.

The reality of the situation is that Britain is a much weaker trading partner than the EU as a whole, so we are unlikely to get any favours from partners over and above what Europe gets.

25
5

Microsoft taking CodePlex behind the shed and shooting it by Christmas

Roo
Silver badge
Windows

Re: @Mage

"Not necessarily without ticking off the vendor and/or breaking contracts..."

That probably wouldn't matter to a company living on the "razors edge" as it was put. Besides if there were decent sums involved the chances are a savvy outfit could negotiate a licensing deal with the vendor (or current rights holder). Some income is better than none from the vendor's PoV.

It still doesn't change the fact that they were mugs to buy a bit of plant that would outlast it's irreplaceable control system by several decades...

I note that the usual trio of are downvoting a suggestion to do a bit of reverse-engineering or leverage Open Source when the vendor solution amounts to FOAD. I would hate to be one of their customers. :)

1
0
Roo
Silver badge
Windows

Re: @Mage

"Which is EXACTLY the problem."

Nah, it's a normal part of evolution...

"Think of the lathe that is controlled by an ISA card which means the computer that controls it MUST run Windows XP (because Vista dropped support for the ISA bus). It had been bought just a few years back and is designed to run for decades (thus it's being amortized for that long)."

Yeah I get that plant lives for a long time...

However, I think it's fair to say there is very little evidence to support the idea that piece of PC hardware & software will survive *and* be vendor supported for more than a decade... So why would you install some plant with a multi-decade lifespan with Wintel control system that you can't reasonably expect to be supported (or replaced) for several decades ?

At the end of the day ISA cards are not rocket science, neither are the drivers that run them. A moderately clued up EE grad could port the control HW & SW across to something more contemporary, or you could track down middle aged PC geeks fed up of playing guess the required heap size today with JVMs...

"Yes, it's living on the razor's edge, but that's just how some people are forced to live."

Open Source has been catering for those folks for a very long time in lieu of helpful/existing vendors.

2
4

Forums

Biting the hand that feeds IT © 1998–2017