* Posts by AdamWill

1289 posts • joined 4 Nov 2010


Freelance devs: Oh, you wanted the app to be secure? The job spec didn't mention that


"There is no reason to expect someone with a good computer science education to be particularly experienced or adept with one of the commercially popular languages du jour."

Or know how to write a good comment, or properly license a project, or write good or indeed any documentation, or do versioning or releasing properly, or...

computer science graduates: often the worst people to find running an actual software project. :P


what the...a gracious apology and correction?!

"Have a thumbs up each for making an essential point and my apologies for my poor wording."

You must be new to this "internet" thing, huh? That's not how it works at all. If someone points out you're wrong, the generally-accepted internet code of best practice next step is to get them brigaded on Twitter and, ideally, fired from their job and hounded out of their home. Do better next time, kay?

Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes


Re: snapd and systemd

"The current systemd vision and implementation is something I'd prefer people had the choice of using or not using, without massive borkage.

RedIBM and friends would presumably prefer otherwise."

This is a common meme, but - as a Red Hat employee - it's a really weird one.

systemd doesn't make us any money. Zero money. No-one is buying systemd support contracts from us. We can't somehow lock people into the systemd ecosystem. None of that. Red Hat does not actually care at all whether you, Joe Random Linux User, use systemd. We need something like it to exist in order to build some things on top of it that *do* make us money. But if it was replaced by something better that someone else maintained, RH would not, strategically speaking, bat an eye. We'd be entirely fine with that. After all, before Lennart decided to write systemd, we were using upstart...

If any of the people loudly proclaiming that they think we need a better init system than sysv but systemd ain't it would like to *go and write something better*, that'd be just peachy. Please do! By all means! We'd like that!


Re: snapd and systemd

"When I read that Snaps come from the ever-prolific Lennart Poettering (the B.S. Johnson of the Linux world) my heart sank"

But...er...they don't. Not even remotely. Neither Lennart nor systemd as a project have anything at all to do with snappy/snapd. snap* is a Canonical project written by a bunch of Canonical employees, none of whom (AFAIK) have any involvement in making systemd.

snapd uses systemd for some things, sure. But this bug has nothing in particular to do with systemd, and certainly isn't a bug in systemd in any way. It's a bug in snapd.

Return of the audio format wars and other money-making scams


have these poor hipsters never heard of...

...the Sony Flamingo?!


Hi, Jack'd: A little PSA for anyone using this dating-hook-up app... Anyone can slurp your private, public snaps


Re: "Online Buddies did not respond to repeated requests for an explanation"

I'm a bit confused as to why you seem to think a hookup app for gay people is some sort of late-market cash-in. Do you not know that these apps considerably pre-date all the ones that *aren't* aimed specifically at gay people? grindr and jackd have been around for years, tinder is the johnny-come-lately (comparatively). They're no *more* cash grabs than any such app is a cash grab, though the ownership of lots of them seems pretty sketchy lately (so, about in line with all the 'hi' profiles, har.)

DNAaaahahaha: Twins' 23andMe, Ancestry, etc genetic tests vary wildly, surprising no one


er no

Except no. Because they are identical twins. The story explicitly says so.

IBM to kill off Watson... Workspace from end of February



This must be some kind of mistake. IT managers axed, CEO and others' wallets lightened in patient hack aftermath


well, there's a bit of a big hint...

"Executives held to account? And three underlings thanked for their work? What is this madness?"

I thought the same, until this rather illuminating bit of the story...

"Miscreants...stole 1.5 million citizens' health records, including those of prime minister Lee Hsien Loong, who is presumed to be the ultimate target of the attack."

He's basically the Patrician, after all. It'd be rather more shocking if the miscreants had only stolen the records of a few "regular" people and the same punishment had happened...

Oregon can't stop people from calling themselves engineers, judge rules in Traffic-Light-Math-Gate


Re: A lot of snobs in here today.

"How many of the so called "software engineers" ... refresh their knowledge regularly?"

I'll have you know I rip something off^H^H^H^H^H^H^H^H^H^H^H^H^Hrefresh my knowledge from Stack Overflow as often as twice a day!


A Principal Quality Engineer

Windows 10 can carry on slurping even when you're sure you yelled STOP!


Re: Tigra 07

"What? When netctl can connect to your wifi automatically for you at boot time?

Do the frog chorus 'useless' where you live?

Also Arch linux is nont the sort of distro you should set non-tech relatives up with in the first place."


the OP even used the "joke alert" icon, for Pete's sake.

Brit bomb hoax teen who fantasised about being a notorious hacker cops 3 years in jail


Re: "is an insult to the many thousands of sufferers who lead law abiding lives"

"/me recalls that one guy claiming ADD made him do bad things in Singapore, and got 'caned' as punishment for it. Obviously Singapore criminal justice system didn't buy it. AND, I bet he won't do that AGAIN, either."

Per https://data.gov.sg/dataset/recidivism-rate , Singapore's recidivism rate is around 28%, so there's apparently about a 1 in 4 chance he'll do it again.

"eh, AD[H]D, autism spectrum, and other things like that, MOST of the time, are just 'another word' for 'genius'."

Er...no, really, they're not. See, I can tell you this, cos I'm definitely *not* on the spectrum, but I definitely *am* a genius. I had it checked.

Do not adjust your set: Hats off to Apple, you struggle to shift iPhones 'cos you're oddly ethical


Re: a £200 phone that does everything an iphone does.

"Degrading? Must be the rotational velocidensity."

He probably didn't burn it in properly.


it's not just about you

"Why did you arbitrarily exclude rooting and installing a 7.1.2 custom ROM? You are of El Reg's readership. The standard is higher here."

I'm not the OP, but I'm gonna answer: Because the article isn't exclusively about The Register's readership? It's "about" the whole market. It is a good thing in general that Apple actually keeps their older devices updated with security patches for a long time, *officially*. It is a bad thing that many Android phone vendors do not.

I have an Android phone, and I run Lineage on it, and I've been doing that with various Android phones for years. Fine for me! (Except actually, doing it is kind of a giant PITA I would be much happier to avoid, if there were a *single* vendor I could trust to sell me a good phone with non-spyware-riddled firmware and keep it updated for a few years. But...there isn't. So I keep losing hours of my life to working out the latest ins and outs of bootloader unlocks and root exploits and all the rest of it.) But it's *not* fine for the vast majority of Android phone owners, who don't realistically have that option. Their choices are to stay on the eternal yearly upgrade treadmill (not great for their wallet or for the environment), or use a phone with known security vulnerabilities. Having millions of people running known-insecure OSes is not good for *anyone*.

YouTube fight gets dirty: Kids urged to pester parents over Article 13


Re: @LDS "Intellectual property is a "right" only insofar as the law says it is"

Nothing particularly wrong with patents per se. Patents on abstract ideas or "like this other thing, but on a computer" are the problem.


Re: Isn't it bad?

"What woudl the knock on effect be if the averager user uploaded a video and it took 5 minutes or 50 minutes for the system to "validate" it?"

Approximately sod fucking all?

It's *Youtube*. We got by for several tens of thousands of years without it. No-one'd die if it disappeared entirely. This isn't going to kill it, but even if it did, society would somehow stumble on. It doesn't have an absolute right to exist which utterly trumps anyone else's right to control of their creative works.

It'll probably lead to things being taken down by algorithms which probably didn't actually need to be taken down. Whether this is a bigger problem than the ability of people to just upload other people's creative works to Youtube with the original creator having very little in the way of recourse is basically the *genuine* debate here, but when you put it that way it sounds pretty dull, doesn't it?

Google doesn't have an absolute right to host a video service containing anything it wants, and no-one has an absolute right to have any video they like hosted by Google. So long as copyright is a thing and people who have copyrights don't want their content being uploaded and hosted by others, someone somewhere has to draw up some kind of rules, trying to balance the interests of various parties as best they can. That's politics!

Laptop search unravels scheme to fake death for insurance cash


Re: A bit torn

"On the one hand he had a Sony laptop, so probably getting what he deserves"

Sony have made some extremely good laptops. I still use my 2010-model Vaio Z:


that thing was *seriously* ahead of its time.

Using a free VPN? Why not skip the middleman and just send your data to President Xi?


run your own? really?

"For what it's worth, we recommend setting one up yourself using OpenVPN, Algo, or Outline, for example, if you know what you're doing."

This has always struck me as a bizarre recommendation for what's probably the major reason for using a VPN: making it look like you're somewhere else. After all, most people in the UK who want to look like they're connecting from the US probably don't own a house in the US they can stick a VPN server in. Or even have the means to run one out of a US-based colo or something. (Ditto Chinese people wanting to look like they're almost anywhere else, etc etc). Surely it's more practical to recommend a vaguely reputable paid provider for this case.

If at first or second you don't succeed, you may be Microsoft: Hold off installing re-released Windows Oct Update



"Microsoft says it'll sort out the issues "in the 2019 timeframe." That stunning Redmond Q&A at work again, we guess."

Er. Ahem.

1) It's "QA", as in "quality assurance". Not "Q&A", as in "questions and answers".

2) QA's job is to find the bugs, not fix them. Thus QA did its job just fine, it seems, since Microsoft knew about the bug. If dev decided not to fix it, that's all dev's problem. ;)

We (may) now know the real reason for that IBM takeover. A distraction for Red Hat to axe KDE


Re: Does anyone use an IDE on RHEL anyway?

Believe it or not, yeah, they do. Last I heard, the RH desktop team was effectively self-funding, i.e. we sell enough RHEL licenses for desktop use to cover the cost of running the desktop team. It's not a huge business that's gonna set the world on fire, but it's a business.

For most 'typical' desktop users Fedora or Ubuntu is going to make more sense, but there are some specific cases where people really want a desktop distro with RHEL's lifecycle and maintenance policies.

The D in Systemd stands for 'Dammmmit!' A nasty DHCPv6 packet can pwn a vulnerable Linux box


Re: There is a reason ...

"Funny that I installed ubuntu 18.04 a few weeks ago and the fucking thing installed itself then! ( and was a fucking pain to remove)."

So I looked into it a bit more, and from a few references at least, it seems like Ubuntu has a sort of network configuration abstraction thingy that can use both NM and systemd-networkd as backends; on Ubuntu desktop flavors NM is usually the default, but apparently for recent Ubuntu Server, networkd might indeed be the default. I didn't notice that as, whenever I want to check what's going on in Ubuntu land, I tend to install the default desktop spin...

"LP is a fucking arsehole."

systemd's a lot bigger than Lennart, you know. If my grep fu is correct, out of 1543 commits to networkd, only 298 are from Lennart...


Re: There is a reason ...

Well, it depends what you mean by "why bother with". Who's doing the "bother"ing?

If you mean "why bother writing it?", well, the systemd authors think it's a good idea and would *like* people to use it. So far, distros have generally decided not to adopt it. I'm just relaying facts here, I'm not sure why I'm getting flooded with downvotes. Everything I said is easily verifiable. Just go install a default Fedora or Ubuntu system and check for yourself: you'll have systemd, but you *won't* have systemd-networkd running.


Re: There is a reason ...

That's why systemd-networkd is a separate, optional component, and not actually part of the init daemon at all. Most systemd distros do not use it by default and thus are not vulnerable to this unless the user actively disables the default network manager and chooses to use networkd instead.


Just about nothing actually uses networkd

"In addition to Ubuntu and Red Hat Enterprise Linux, Systemd has been adopted as a service manager for Debian, Fedora, CoreOS, Mint, and SUSE Linux Enterprise Server. We're told RHEL 7, at least, does not use the vulnerable component by default."

I can tell you for sure that no version of Fedora does, either, and I'm fairly sure that neither does Debian, SLES or Mint. I don't know anything much about CoreOS, but https://coreos.com/os/docs/latest/network-config-with-networkd.html suggests it actually *might* use systemd-networkd.

systemd-networkd is not part of the core systemd init daemon. It's an optional component, and most distros use some other network manager (like NetworkManager or wicd) by default.

You're alone in a room with the Windows 10 out-of-the-box apps. What do you do?


I would...

...get on Twitter and have some fun explaining what CRLF actually *means* to baffled millennials who have never seen a manual typewriter...

Linux kernel's Torvalds: 'I am truly sorry' for my 'unprofessional' rants, I need a break to get help


Re: "but also seems you weren't any better as a manager"

"The issue is it was impossible to held him to the deadlines. He agreed on them - and often I allowed him more time than a skilled developer needed - and then utterly ignored them, producing different excuses. Being kind and remembering him how important it was for him, the team and the company to deliver good code in time was utterly useless."

You're sort of posing a false dichotomy here, though. There aren't only two choices: 1) scream abuse at people, 2) be kind to them and work around them at all costs for fear of upsetting their precious sensitivities. (In fact, ironically, in my experience it tends to be the case in broken situations that important people get to yell and scream all they like, while everyone else has to bend over backwards to not step on their precious toes).

It's perfectly possible to point out that the developer in question is not doing the job properly, and to progress from there to formal performance review measures and ultimately disciplinary measures if there really is a long-term problem, all without being abusive, hurtful or personally disrespectful. Millions of people manage to be involved in processes like this every day. It's not rocket science.


Re: "a gentle word will probably achieve more than the f-bomb"

"I lost my temper - and yelled at him.

I got a reprimand by HR, but at least he asked to be moved elsewhere, where probably he's attempting the same tricks."

So, er, you're saying that yelling at him didn't actually solve the problem at all, but just moved it away from where you had to care about it? And that's a reason why it's a good thing?

"sometimes you encounter people who makes you steam, and you need to let the steam go out for your health's sake."

ah - so that's the *real* benefit. It was a benefit purely to you, never mind the consequences for anyone else. And hey, maybe you do need to let off steam sometimes. But why not let off steam at the wall, or a sympathetic colleague of choice, rather than yelling at someone, especially if it's not actually going to do them or the project any good at all? Why not consider not just "your health", but the health of the person getting yelled at, and the health of everyone who has to work in the context of the yelling?

If someone's constantly acting in a way that's a problem for the project, there are practical ways of actually addressing that problem. "Scream abuse at them" is not one of those ways. Also, AFAIK, in most of the cases where Linus lost it at someone, they weren't an ongoing source of problems in the way you describe in your scenario, they were just some poor rando who happened to get their commit reviewed when Linus needed to "let the steam go".

Lenovo Thinkpad X280: Choosing a light luggable isn't so easy


Re: Plenty of X220s on eBay

You can't really 'convert' a US or Canadian layout to a UK or other European one with stickers, as they're associated with actually-physically-different keyboard shapes. UK / European keyboards are generally 102/105 key physical layout, US / Canadian ones are 101/104. The two physical layouts have differently-shaped keys in different places, particularly on the right-hand end of the main key bank. You can't ever make a US keyboard feel like a UK one, no matter how many stickers you use or what remapping tools. :P

UK 'fake news' inquiry calls for end to tech middleman excuses, election law overhaul


Re: 'Fake news'

"A Labour MP leaked it.

I can't find the article unfortunately, I think it was either in The Times or The Sunday Times."

So...your response to an article about trying to come to terms with fake news is to:

1. Make a wild accusation ("Labour teaches its MPs to lie") and say this means it's pointless to even try

2. When challenged, stand by the accusation but say that you can't actually find any evidence for it anywhere?

I've just got to go call the Acme Irony Meter Service Department, cos you just broke mine.


Re: 'Fake news'

"If it's fake, believable and intended to deceive or misguide I call it deception.


Why not treat it a such?"

Given that 'deception' isn't a criminal offence...what would "treating it as such" entail exactly?

Engineers, coders – it's down to you to prevent AI being weaponised


Re: 6000 civilian deaths

There is, of course, a significant difference in the current situation vs. the Vietnam War or the Second World War: they were actually wars. The "war" on terrorism is not. The US is not at war with Iraq or Afghanistan or anywhere else. Which only makes this all the worse.


Re: ...... and physicists

"It's down to you to stop atoms being weaponized and chemists you do the same for chemicals!"

Well...uh...quite. Physicists and chemists have been struggling with this for decades/centuries (respectively). Haven't you *read* about how Oppenheimer and the rest of the Manhattan Project folks struggled with the implications and consequences of their work?

Airbus UK infosec gros fromage: Yep, we work with arch-rivals Boeing


Canadian *AHEM*

"given the former's acquisition of Canadian aerospace also-ran company Bombardier's C-series light airliner design"

I think you'll find Bombardier is an also-ran rail rolling stock manufacturer as well!

SUSE Linux Enterprise turns 15: Look, Ma! A common code base


Re: not uncommon

Around here they're called First Nations :P But yes, exactly what I would've riposted. (Along with noting that Chinese immigration to the western seaboard of North America dates back pretty nearly as far as European immigration here does...)


not uncommon

it's not uncommon at all. Where I live (Vancouver) there's a very big east Asian population...so my building has no floor 13 (western superstition) *or* floor 4, 14, or 24 (eastern superstition). Sure makes your buildings seem taller from the elevator...I bet it's a pain in the ass for the builders, though.

In a sense it's more understandable than the western '13' superstition, because it's a linguistic thing: there's an element of superstition to it, but it also just feels uncomfortable even to a non-superstitious person to be saying something that sounds exactly like "death" all the time. It'd be like if your boss was called Deathy McMurderface or something. You *do* say the version number of the software you're using quite a lot.

US Declaration of Independence labeled hate speech by Facebook bots


Re: George III

"@Kane : you laugh, but..."

You realized you just painfully explained exactly the thing Kane was joking about, and giving his audience enough credit to *understand* that he was joking about it, right?

IBM memo to staff: Our CEO Ginni is visiting so please 'act normally!'


Re: We expect 100% occupancy during the visit

isn't "a fun and vibrant team of marketeers" the fifth circle of hell?

Jimmy Hill feted in Shoreditch


Re: Did you know...

Meanwhile, the Kansas concert in Chicago is cancelled, but the Chicago concert in Kansas will go on as planned.

Oracle Linux now supported on 64-bit Armv8 processors


Re: Where is the Oracle Instant client for ARM ?

"It was on this very journal that I read stories about Linus T's enswearified rants about ARM devices and non-discoverable buses. I'm guessing that nothing yet has changed in the world of ARM SoCs to change that state of affairs." aarch64 is generally somewhat better than 32-bit ARM there. Especially with server-class hardware as opposed to dev boards.

What can you do when the pup of programming becomes the black dog of burnout? Dude, leave


we're not freaking magical wizards

Overall a good article, but can we please give up on this annoying and patronizing attitude?

"Working in IT is a magical, mysterious, and wonderful task. To the normals, it seems like the computers are demons machinating against them, but us nerds know they're just like big puppies pouncing and growling to get us to roll around on the floor. We bond with them, and we start to dedicate ourselves to the machines."

It's bullshit and it's been bullshit for a long time, and it's harmful, because if you believe it you believe you're some kind of magical wizard and no-one gets to tell you you're full of shit when...you're full of shit.

We're just people who have some expertise in a particular area and work in that area. We're not magical wizard gods. This isn't Snow Crash. Lots of people have expertise in a particular area and work in that area. My brother-in-law fits windscreens. I haven't got a fucking clue how to fit a windscreen. But I don't think he thinks of himself as a Windscreen Fixing Wizard God and me as a "normal". He's just a bloke with a job. So are we. Can we please stop thinking of ourselves as powerful sorcerors with unique knowledge interacting with a mysterious power and just think of ourselves as people with a perfectly commonplace specialist job, just like millions of other people? We're *all* "normals". Get over yourself.

(We also are, let's face it, pretty fucking bad at our speciality, aren't we? Windscreen fitters more or less have it figured out. I am yet to hear of a case where someone got their windscreen replaced, then thirty miles down the motorway it smashed into a million tiny pieces and cut them to ribbons, then the investigating authorities found it had been broadcasting their personal data to the world up until then. Yet this is more or less what we seem to do to everyone all the time...)

'90s hacker collective man turned infosec VIP: Internet security hasn't improved in 20 years


bzzt yourself

"BZZZTTT!! 1992 is *not* pre-internet"

did you try reading *the next goddamn sentence of the quote* or did you just skip immediately to the comment section with a big smile of anticipation at just how fucking clever you were about to prove yourself to be? That's pretty fking insufferable, you know. Jesus, just keep it in your pants and read the context.

"This is pre-internet, 1992. If you were on the internet then you've [either] got a corporate or academic connection. I was working at Lotus at the time and I was dabbling with understanding the internet..."



"We the geeks and nerds ran things, we were like gods. The world and his wife all bought a PC or a Mac and they had no idea what to do with any of this kit. We strode the world like colossi"

Yes, and look what "we" did. Bit more critical introspection might go a long way there...

Open Source Security hit with bill for defamation claim


Re: Freudian slip?

Note, the article author beat you to this, and did it more subtly too. :P


call the fire brigade

"The security software biz may persist but the Electronic Frontier Foundation hopes to prevent the firm from prevailing."

Ten points for sneaky vocabulary burn, there. Excellent work.

Microsoft commits: We're buying GitHub for $7.5 beeeeeeellion


Re: How can it possibly be worth that much?

"Last lot of figures I've seen shows $140m in profit in 2016, up from $90m in 2015, and $70m in 2014."

Those numbers were *revenue*. Not profit.




Re: RIP Github

"Didn't the new owners stop doing that?"

Mostly, I think, yeah. Sourceforge is probably not actively evil any more, it's just...awful. The sites for SF-hosted projects are horribly laid out and stuffed with ads, and their repository hosting is also painfully slow, you can usually make afternoon tea and read War and Peace in the time it takes to check out anything moderate sized from an SF-hosted repo.



"There are other alternatives – such as...SourceForge..."




*stops to mop up flood caused by tears of laughter*



that's a good one.

Smart bulbs turn dumb: Lights out for Philips as Hue API goes dark


Re: What A Time To Be Alive

yeah, in a funny way this is kind of a *good* news story: at least they didn't design it so stupidly that it sends all your local requests to the internet Just Cuz, thus leaking unnecessary information *and* ensuring local control would go down in a scenario like this.

Low bar, I know! But I suspect at least some IoS products wouldn't clear it...

Foolish foodies duped into thinking Greggs salads are posh nosh


the queue to punch this guy...

"The avocado is so au fait at the moment, it definitely pops"

OK, that guy has *got* to be a plant. If not, the punchin' queue forms right over here. A quid a pop.

Beardy Branson: Wacky hyperloop tube maglev cheaper than railways


"Run Bi-level train cars - sure you have to raise the height of the odd bridge or lower the rail grade that goes under them, but that's all relatively cheaper than these interesting schemes - and hey presto you just doubled your passenger capacity."

As a Brit who moved to Canada, er, I have to say Canada doesn't have much to teach the UK about passenger rail. The UK rail network may be a bit tatty around the edges but it still kicks the stuffing out of anything we've got over here.

We can only run double-decker passenger cars in North America because our tracks are in such terrible shape the trains can't go very fast. Try it on the West Coast main line and you're just going to get bits of carriage all over the place in a hurry.

Dunno which bit of Canada you're in, but out here on the West Coast, there are Amtrak trains and the Sounder trains down in Washington state that run double-decker cars. The maximum speed of the Sounder system is apparently 79mph. The Superliner cars used on Amtrak have a rated maximum speed of 100mph and I don't know if I've ever *been* on an Amtrak train that managed 100mph; the two west coast trains, the Coast Starlight and the Cascades, again top out at 79mph, seems to be some sort of pattern there.

Pendolino trains on the WCML run up to 125mph, so yeah, not gonna work.


Biting the hand that feeds IT © 1998–2019