* Posts by Richard Lloyd

373 posts • joined 25 Nov 2006

Page:

Outage outed: Bing dinged, Microsoft portal mortal, DuckDuckGo becomes DuckDuckNo

Richard Lloyd

Re: YaCy

Not sure why anyone would use the Java-based Lucene, when Lucene++ - a port to C++ - has been around since 2010:

https://github.com/luceneplusplus/LucenePlusPlus

0
0

QEMU qontemplates qleanup of old qode

Richard Lloyd

Oh no, not again...

Let's hope Yahoo doesn't buy up QEMU, then we'll get a qaqoqophany! of! qrummy! (and! not!) qomiq! sentences. Please, please stop this rubbish repeated char meme, El Reg or at least do it once a year. It stopped being funny, oh, about 8 years ago.

0
14

FREE wildcard HTTPS certs from Let's Encrypt for every Reg reader*

Richard Lloyd

Multiple servers?

Let's Encrypt wildcard certs are probably tenable if you're going to use them on only one server. If you have more than one server, I suspect you'd have to nominate one server as the wildcard renewal server and then after a renewal, have it copy the new cert files to your other servers that need it (assuming that's allowed in Let's Encrypt T&C's - paid wildcard certs sometimes insist on you paying per server!).

You can pick up paid wildcard certs for about 70 quid a year nowadays, which isn't too bad if you're planning 10+ subdomains on them. One obvious trick is to buy a 3 years wildcard cert so you don't have to renew/re-install the certs on multiple servers too often.

0
0

Feelin' safe and snug on Linux while the Windows world burns? Stop that

Richard Lloyd

12%? Doesn't sound right

Netcraft's Web server survey shows that Apache (almost always run on UNIX machines) had 45.8% of the market vs. Microsoft IIS which had 7.7% of the market in June 2016. Yes, I know not every server serves up Web pages, but a lot of them do, which makes this 12% figure highly suspect in my books.

2
0

Linux 4.12 kernel lands: 'Go forth and use it' quoth Linus Torvalds

Richard Lloyd

Ryzen works if you have a recent kernel

Ryzen features were mostly added in the 4.10.X series (and I believe support for AM4 audio chipsets came in 4.11.X). I'm running Fedora 26 beta on my Ryzen system because of that and it works fine. Distros running pre-4.10 kernels (e.g. LTS versions such as CentOS 7) might have problems, even trying to be installed on Ryzen.

3
0

Samsung's 'Magician' for SSDs can let crims run evil code

Richard Lloyd

Not much of a wizard for me

I have an SM961 M.2 SSD, but on the rare occasion I boot into Windows 10 (I'm in Linux >95% of the time), the Samsung Magician software doesn't want to know about my SSD because it's an OEM variant - this is a ridiculous policy to have really and it prevents me for getting any firmware updates for the SSD :-( Needless to say, I quickly uninstalled the Magician software from my Windows setup and it's never coming back...

3
0

Burying its head in the NAND: Samsung boosts 64-layer 3D flash chip production

Richard Lloyd

Hopefully ramping up PCIe more than SATA

Performance of SATA 3 SSDs peaked about 5 years ago and all we've seen is a capacity increase and (seemingly slowing down) price drop since then. As far I'm concerned, this makes SATA 3 SSD "old, boring and slow" tech and it's the PCIe SSDs where you'd hope Samsung and others would ramp up production on.

Yes, I know older motherboards don't have M.2 slots, but that's what an adapter is for - we need PCIe SSDs to get close to SATA 3 SSD prices (they've still got a premium that puts people off, despite being up to 6 times faster than SATA 3 SSDs giving them a massively better "performance per buck") and then people's head lightbulbs will illuminate and they'll finally realise that PCIe SSDs are the way to go.

I think IT sites should stop doing SATA 3 SSD reviews unless a) the price per GB is significantly better than other SATA 3 SSDs or b) the capacity is huge (e.g. 2TB or more).

3
0

Software dev bombshell: Programmers who use spaces earn MORE than those who use tabs

Richard Lloyd

Tabs are inconsistent...

Text editors can often allow you to set a different column width for a tab, but if you set it to anything other than the "standard" 8 spaces (which you surely would if you're a programmer because 8 is too wide for nested indentation), then good luck if you ever want to kill a tree and print it out.

I suspect most printer driver filters for text files are hard-coded to 8 spaces for a tab, resulting in completely unaligned print-outs where <8 spaces for a tab have been used. Yes, you could run it through a "de-tabifier" first before printing, but that would just prove that using tabs is less than ideal (especially for print-outs).

Also, if you set, say, 3 spaces for a tab, what happens if you need to align something on something other than 3-space multiple? Yep, you end using a mixture of tabs and spaces - yet another negative aspect of using tabs. It's spaces all the way for me, baby :-)

12
14

Yahoo! retires! bleeding! ImageMagick! to! kill! 0-day! vulnerability!

Richard Lloyd

Exclaimation! marks! on! every! El! Reg! article! headline! has! been! annoying! for! years!

The occasional "exclamisation" of a Yahoo! El Reg article headline might be slightly amusing, but to see it on *every* such article headline for years and years is unbelievably tiresome. Give! it! up!, El! Reg!

lso, referring to Google as the Chocolate Factory wasn't even funny in the first place (and certainly confusing to El Reg first-timers, who might think Cadbury's had been bought by Google or something).

5
2

Linux homes for Ubuntu Unity orphans: Minty Cinnamon, GNOME or Ubuntu, mate?

Richard Lloyd

MATE is for GNOME 2 refugees

Like an earlier commenter, I wouldn't say MATE is very close to Windows (especially Windows 8+). It does, though, provide a functional desktop with "traditional" task bar(s), icons and a Start-style menu - for me, this gives it a leg up on Unity already, especially if you dual boot into Windows 10 with Classic Shell set to use an old-style Windows Start menu.

MATE is a good way to move GNOME 2 users (e.g. CentOS 6) to a more recent distro whilst not changing much for the end-user. I use it on CentOS 7 (yum groupinstall "MATE Desktop" and then select MATE from the pre-login cogwheel icon) and my desktop looks almost identical to the one I had on CentOS 6.

I do like using CentOS 7 with its 10 years of support for the desktop - it means I can take my sweet time deciding exactly when I upgrade to a future release (it was around 5-6 years for CentOS 6 before I jumped to 7). Note that the latest Firefox on mozilla.org (not the "well behind" ESR version that Red Hat have backported) and the next release (59) of Google Chrome will *not* work on CentOS 6 - that's the two big Linux browsers dead in the water and probably the final push for most CentOS 6 desktop users to move to 7.

3
0

What is this bullsh*t, Google? Nexus phones starved of security fixes after just three years

Richard Lloyd

Is there any Android device with >3 years support? / Custom ROMs

A lot of indignation on here about "only" 3 years support, but are there any Android devices out there with longer support? 3 years is pretty well longer than any typical phone contract (which tend to max out at 2 years, at which point most users upgrade their phone).

Also note that popular Android devices (and the Nexus/Pixel lines are no exception) will have custom ROMs that can extend the updates by a few extra years. My ancient Nexus 10 is on LineageOS 14.1 (Android 7.1.2 - years after Google dropped support) and is working well with it.

0
1

Rejoice, for Linux 4.11 has been delivered!

Richard Lloyd

Good news for Ryzen users too...

In perfect timing for my new Ryzen PC coming tomorrow, 4.11 has fixed a couple of Ryzen issues: ALC1220 audio codec support (Kaby Lake isn't the only one to benefit from this) and a fix for a CPU soft lock in mwaitx() (Kernel Newbies actually missed this one since it was a last minute submission). It was really 4.9 and 4.10, though, that sorted out most of the Ryzen support.

Just waiting for ELRepo to buuld a kernel-ml 4.11 package and then I'm all set for running CentOS 7.3 on Ryzen...

5
0

Controlled remote access reviews of Optane SSD give qualified yes

Richard Lloyd

Seems to be pointless to me

The M.2 Optane SSD has so many disadvantages, it does beggar belief:

Takes up a precious M.2 slot (often only one on the motherboard), making it impossible to add a "full fat" M.2 SSD at a later date without throwing it away.

Only works on latest gen (Kaby Lake) Intel processors, so go away old gen Intel and the entire AMD userbase.

Only works on Windows 10 - go away Windows 7, 8, 8.1, Mac OS X and Linux users.

Slower than an equivalent normal M.2 SSD in most cases.

More expensive per GB than almost any other SSD.

Requires a special memory driver.

It should be noted that a 256GB M.2 SSD is around 120-130 quid and is a far more sensible purchase than this Optane nonsense (as, to be fair, the article points out). In fact, I just got a 256GB M.2 SSD for my new PC I'll be getting next week...

10
1

Linux 4.11 delayed for a week by NVMe glitches and 'oops fixes'

Richard Lloyd

Re: Just in time for my new Ryzen PC...

The rolling ISO is just a monthly (though I don't see April's yet) rollup of all the updates into an installer ISO image. Hence, the kernel version in the 1st March rolling ISO is actually older than the one I have on my fully updated CentOS 7 desktop (and is still based on 3.10). So it does still look like ELrepo is the way to go if you want to run CentOS 7 on Ryzen kit at this moment in time.

I am assuming that at some point, RHEL/CentOS 7 will surely have to support Ryzen hardware out of the box (and even more so when the Naples server variant is released).

0
0
Richard Lloyd

Just in time for my new Ryzen PC...

I'm getting a new Ryzen 7 1700 PC next week and 4.11 has some features needed by Ryzen users (mainly support for the S1220A audio codec), so it'll hopefully arrive only days before I start using the new machine.

The "fun" bit will be getting CentOS 7 to work with Ryzen - the plan will be use a live Fedora 25 USB to partition/enable networking and then copy my old PC's OS (already upgraded to 4.10 kernel via ELrepo and will go to 4.11 as well) and boot partitions over to the new machine and hopefully get something bootable into CentOS 7. Before you ask, CentOS 7's ISO installer has a too-old kernel that crashes during installation on Ryzen machines :-(

2
0

Put down your coffee and admire the sheer amount of data Windows 10 Creators Update will slurp from your PC

Richard Lloyd

Creators Update hung when checking for updates during install...

After an age and multiple reboots, things were going well with the Creators Update on my home PC. Just turn off all those privacy sliders (there's even more to turn off after the update finishes) and, what's this, it's "Checking for updates..." (which really should be left to the user to do after the first login surely?) and, er, not doing anything for 2 hours!

A power cycle and the same thing happens on the next boot - privacy sliders re-appear (yep, had to turn them off again) and "Checking for updates..." hung again. The solution? I disconnected my PC from the internet and it then booted fine and gave my first Creators Update login prompt. Well done MS for screwing up the install!

1
0

BBC hooks up with ITV, launches long awaited US subscription VoD

Richard Lloyd

I'd like the entire BBC archive myself...

BBC employees have access to everything that the BBC has digitised/archived - now *that* would be a service I'd be willing to pay a monthly fee for, rather than this half-arsed amalgam that Britbox provides.

4
0

President Trump tweets from insecure Android, security boffins roll eyes

Richard Lloyd

Android Central already had a guess (by looking at photos of Trump using the phone) that Trump uses a Galaxy S3:

http://www.androidcentral.com/which-android-phone-does-donald-trump-use

4
0

National Lottery whacked with £3m fine for suspect ticket win

Richard Lloyd

7 years?

What no-one out there has commented on is why it took 7 years for this dodgy payout to be publicly revealed, never mind how the allegedly "winning" ticket was damaged. Considering lottery tickets have a security code on them, you do suspect some inside involvement (i.e. either the "winner" had access to the security code algorithm or they paid someone off to falsely validate the ticket).

3
0

Blu Vivo 6: Top value trendsetter marred by Chino-English mangle

Richard Lloyd

Blu Vivo 6 is probably the best 2016 phone sold in the UK under 200 quid

I got this phone on Black Friday and, for the price, it's quite impressive. If its missing features (NFC, waterproofing, Nougat) are important to you, then you'll have to spend quite a lot more to get them I suspect. I only saw a couple of mangled English mesages in the Settings - this article overblows that in the extreme. The display is good, the phone doesn't lag and the Android interface has only minor changes (use Nova Launcher to bring more sanity), with swiping the Quick Settings from the bottom rather than the top being the most obvious.

You get a shed-load of accessories in the box - so much so, that maybe a second type C cable is the only optional purchase you might consider. I think the only concern I might have about the Vivo 6 is the timeliness of the updates. It's currently only got the Sep 2016 Android security updates and although Blu have promised Nougat in the future, there's no firm date for that yet.

BTW, Amazon UK dropped the price back to 184.99 for the end of its Cyber Week - as I write this, it's probably got one more day (Sunday) left before it returns to 239.99. At the lower price, the Vivo 6 beats or equals its nearest rival (the Moto G4 Plus) in most categories except the rear camera specs.

0
0

SQL Server on Linux: Runs well in spite of internal quirks. Why?

Richard Lloyd

Re: Installing on CentOs 7 / RedHat 7

I stuck it on my work CentOS 7 desktop after removing unixODBC (this conflicts with unixODBC-utf16 in MS'es repo when installing the tools - whoops!) - here's the figure for the DB install:

# du -s /opt/mssql

671136 /opt/mssql

That figure is in K, so it's actually 655 MB, which seems more in the right ballpark. The MS tools install into /opt/mssql-tools and are only 860K in total.

Note that this beta has an 180-day evaluation period, which is something I didn't see mentioned on the MS site or indeed in *any* IT articles on its release (including this El Reg article!).

CPU usage when doing "nothing" (just installed, no DBs, service running) isn't close to zero - it's used around 5 hours of CPU in 4 days being "idle" - about 5% of a core on average. The sqlservr-telemetry process is a persistent blighter - "systemctl stop mssql-server" didn't kill it and a "kill -9" caused it to respawn! I eventually got bored and uninstalled the mssql RPMs (yep, process still running after that!) and then I could finally kill -9 it...

Oh, and the critical download link that was crazily left out of this article is:

https://www.microsoft.com/en-us/sql-server/sql-server-vnext-including-Linux

1
0

Cheap, lousy tablets are killing the whole market says IDC

Richard Lloyd

Not seen a decent new tablet released recently

Having a lot of tablets myself, I've come to the conclusion that you do indeed get what you pay for. To me, the most critical aspect of a tablet is its display (i.e. must be >= 8", 16:9 or 16:10, a high resolution and ideally AMOLED) and owning a Galaxy Tab S 10.5" has spoiled me in that respect.

What we've seen from Google and Samsung with their last "flagship" tablets is the wrong aspect ratio (sorry, but 4:3 is an epic fail for videos and games) and eye-watering prices. Google skipped tablets completely with their latest launch and no sign of a Samsung S3 yet (and if it's 4:3 again, I for one won't be buying it).

Now if the Yoga Book could have detached its display from everything else then it might have piqued my interest more, but the specs are a bit underwhelming for the price anyway, IMHO.

0
0

Three LibTIFF bugs found, only two patched

Richard Lloyd

It's about time there was a new official release...

"Released in September" forgot "2015" on the end - it's been over a year now since the latest release came out, during which there's been dozens of commits (including the two security fixes). It is bizarre that there hasn't been an official release for so long, especially considering it's still being actively developed (last commit was less than 2 weeks ago).

1
0

Dirty COW explained: Get a moooo-ve on and patch Linux root hole

Richard Lloyd

No Red Hat patch yet

Despite the article claiming Red Hat have a patch out, the article link is only to the CVE announcement on Red Hat's site. If you check the Bugzilla bug for it here:

https://bugzilla.redhat.com/show_bug.cgi?id=1384344

You'll see that there isn't actually a patch out yet as of Monday morning UK time. There is a (fiddly) mitigation procedure involving systemtap documented at the above URL, but no new kernel RPM to fix the issue yet. This means that CentOS and other RHEL clones are also unpatched at this moment in time as well.

0
0

First look at Windows Server 2016: 'Cloud for the masses'? We'll be the judge of that

Richard Lloyd

Works in VirtualBox...

The article failed to link to where you can download the 4.5GB eval ISO:

https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016

I slapped it on VirtualBox and selected the "Desktop Experience" version (did I read somewhere that you can't convert from non-DE to DE later on?). It's a 180-day trial and I didn't seem to need a license key for it. Overall impression is that for typical small business use, it's only a small upgrade from 2012 and the nastier licensing terms for 2016 might make SME's hold back on the upgrade.

It's nowhere near as big an upgrade as, say, RHEL/CentOS 6 to 7 was (systemd is still doing my head in!).

5
0

My Nest smoke alarm was great … right up to the point it went nuts

Richard Lloyd

No-one saw this early 2015 YouTube video then?

I'd have thought this video would have sent people screaming (ha!) for the hills when it was posted by a Google (who own Nest) employee over 18 months ago:

https://www.youtube.com/watch?v=BpsMkLaEiOY

Apparently the 2nd gen version is supposed to have fixed most false alarms by using a better sensor, but the video still gives a really bad impression of the product!

1
0

Google may just have silently snuffed the tablet computer

Richard Lloyd

Tablet specs have plateaued

The last widescreen tablet Google produced was the Nexus 10 way back in November 2012 (I don't count the disappointment that was the Nexus 9, because 4:3 doesn't cut it for videos/gaming). To succeed the Nexus 10, I picked up a Galaxy Tab S 10.5" which has a sweet display (sorry, the 4:3 of the Tab S2 again is an epic fail and with a lower resolution!) and I suspect still represents pretty well the peak of Android tablets (certainly w.r.t. the display at least) and it's over 2 years old.

I've not seen any tablet in the last 2 years that significantly improves on what I've got and that's the real problem with the tablet market - each generation is only making small improvements on the previous one, so people are hanging onto their tablets for longer and hence the falling sales.

0
2

Heathrow airport and stock exchange throw mystery BSODs

Richard Lloyd

Ancient coin counter

Using the ancient coin counter in the big HSBC in Liverpool has been fun for me in the recent past. Ignoring the fact you have to type your account number and sorting code manually (no card swipe!) complete with stars displayed for numbers so you have no idea whose account you're paying into, I had a spectacular crash with it (way better than a BSOD).

While I was tipping in my coins, the screen started showing virus-like red steaky vertical lines until I actually couldn't read the text on the screen at all. Luckily, it had finished counting my coins before I called over an HSBC assistant who promptly knocked on the wall behind the machine and 5 seconds later the machine rebooted!

I thought that was some clever reset switch embedded in the wall until the assistant opened the door next to it and it turns out someone had rebooted it behind the scenes - obviously such a common problem that knocking on the wall was a good enough signal :-) Oh, it booted into Windows XP (didn't say Embedded - does the logo include that?) and that was only last year...

6
0

Sony wins case over pre-installed Windows software

Richard Lloyd

Re: Why not just grow up?

I think the problem here is the lack of choice - almost all laptops (barring Apple of course) from the major OEMs ship with Windows pre-installed. It's obvious why: MS gives a big discount on its OS if you sell gazillions of them (so selling another OS or no OS would lose the discount) and no OEM usually wants to support 2 OS'es because of the cost.

I think the missing tricks here are:

!. Persuading OEMs to ship with no OS and maybe with a hardware diagnostic live Linux distro on USB or CD that would allow the user to run and have it report issues (i.e. "hardware fault detected - please return for repair or refund if inside warranty"). Support costs for the OEM would just be keeping the distro up-to-date for all their models. In an ideal world, all major OEMs would get involved and Github the whole thing, but that's probably stretching the dream too far..

2. Certify the hardware to run Linux, even if Linux isn't shipped with it. This could be as simple as booting a couple of the most popular live Linux distros (Mint, Fedora, whatever) and runing through a hardware (and some software) checklist to ensure things are working. Cue a penguin logo on the product page if it passes the testing (would need small print to confirm which distro versions passed). Still make it clear that a machine shipped without an OS has no OS/software support from the OEM, even if it has a penguin logo.

3
0
Richard Lloyd

Re: OS Refund

I just went through most of Dell UK's home and business laptop range and I didn't see a single model that was shipping without an OS. Almost every single model forced either Win 10 Home or Pro with no choice. The only tiny exception was the rare "Developer Editon" (e.g. XPS 13) with Ubuntu which at least added larger RAM/SSD to compensate for charging the same as the Windows version.

I suspect you may have been thinking of servers - for example, Dell's PowerEdge range not only lets you customise the hardware up the wazoo (much better than the annoying zillion different Dell desktop/laptop models), but also lets you buy it with no OS, which is ideal for Linux servers.

5
1
Richard Lloyd

Re: "without pre-installed software"

I've found the unicorn you were looking for:

https://www.pcspecialist.co.uk/custom-built-laptops/

What I like about pcspecialist's laptops is not only can you configure almost everything inside them, you can buy them without an OS too! This typically knocks a substantial 89 quid off the price, but I wish they'd tell you about Linux compatibility, because if you're going to buy it without Windows, it's fairly likely you'd be putting some Linux distro on it.

14
0

Adobe reverses decision to kill NPAPI Flash plugin for Linux

Richard Lloyd

We've had updates for years, just for 11.2 though...

Strangely, Adobe have been regularly updating Linux for Flash, but just for their zillion security fixes for version 11.2. It is a bit bizarre that after years being stuck on 11.2 (though seemingly not causing any compatibility issues with the sites I visit), we're suddenly going to jump 12 major versions in one fell swoop.

What I want to know is whether this will see the resurrection of the Android Flash plugin too - that's even more out of date than the Linux version. Weirdly, it's become useless for me in recent years - plays 10 seconds of video in Android Firefox and then freezes...

6
0

MySQL daddy Widenius: Open-source religion won't feed MariaDB

Richard Lloyd

Alternative to Maxscale...

...there's always good old MySQL Proxy (it never went GA, but I've used it) or the newer MySQL Router, both of which don't appear to have any sort of BSL-style licence tied to them and both can be used with MariaDB server installs as the backends.

MySQL Proxy was a bit too simplistic perhaps (very simple round robin by default, requiring some Lua-based work to balance based on load/connections) and I certainly didn't like the number of g_assert() calls in the production source code (262 at the last count), but it seemed to do its job OK.

1
0

Let's Encrypt ups rate limits

Richard Lloyd

90 day limit is to encourage automation

If you only had to renew certs every year, a fair chunk of admins wouldn't even bother installing a cron job to run the certbot script to do auto-renewals. One of the major goals of Let's Encrypt is automation - get the initial cert and then forget about renewals because a cron job will handle those automatically (if the renewals fail, Let's Encrypt will email you automatically if expiry is getting close for any cert). A short expiry period really does focus the mind on getting the automation working.

I think Let's Encrypt is an idea that's been long overdue - the commercial secure cert market is a licence to print money, especially where the entire process is automated and rarely involves a human on the cert vendor side. As for Extended Validation certs, this seems to be an excuse to charge double for one or two extra checks that probably take less than a minute each...

1
0

The calm before the storm: AMD's Zen bears down on Intel CPUs

Richard Lloyd

If nothing else, the Zen series might force Intel's top-end CPU prices down from their current crazy levels. According to Amazon, the 5960X 8-core *desktop* CPU has an unbelievable 1,336.73 pounds RRP (though in reality, Amazon are selling it for 849 quid). If a roughly equivalent 8-core Zen comes in at 500 quid or less, I can see it selling like hot cakes (but hopefully that doesn't mean the CPU burns cakes :-) ).

1
0

Mozilla 404s '404 Not Found' pages: Firefox fills in blanks with archive.org copies

Richard Lloyd

It's a banner across the top that asks if you want to load the archived version

Unlike most people here (or the original article author I suspect), I actually went ahead and installed Test Pilot. Here's one of the screen shots showing the 404 not found thing in action:

https://testpilot-prod.s3.amazonaws.com/experiments_experimentdetail/2/4/24ddd4335aca6b96cca9106a6f3411d2_image_1470245154_0440.jpg

This seems like a good way to do things - show a banner at the top of the page giving the option of seeing the archived version. If the original article here at El Reg had made that clear, I suspect there'd be a lot less outrage. I, too, think that auto-replacing a 404 not found page with an archive.org version is a very bad idea - that's what this article implied...

4
0

Fedora 24 is here. Go ahead – dive in

Richard Lloyd

Re: I will wait for Fedora24 to work for me. It is not what I want to use as it now is.

UPS'es for desktop computers that auto-shutdown so many minutes after a power failure are only useful if you're regularly away from your desk and need to leave the PC on for some number-crunching exercise that is potentially longer than the UPS battery lasts.

The APC UPS that's hooked up to my desktop beeps loudly 3 times every 15 secs or so when the power has died - even a beefy PC should have 10-15 mins of juice in the UPS left to allow for a manual shutdown. For a desktop, the main UPS benefit is that you do actually get time for a manual shutdown - I don't run any APC software on my CentOS desktops hooked up to APC UPS'es because I don't leave my PC on for long periods when I'm not there.

0
0

Your WordPress and Drupal installs are probably obsolete

Richard Lloyd

Wordfence and readme.html

Wordfence is a useful plugin, though I really don't like the fact that it renames readme.html to readme<long_hex_string>.html at the top level of your WP site by default, in the name of "security through obscurity" (the file has the WP version number in it). The snag is that readme.html is a *core* WP file (involved in the core checksumming routines used by WP-CLI amongst others) and no plugin should ever modify/rename/delete a core file. I've posted up to the Wordfence forums about it, but can't convince the devs to make the default not to "Hide WordPress version"...

0
0

Google asks the public to name the forthcoming Android N operating system

Richard Lloyd

Not a lot of sweets/desserts beginning with N...

Apart from the "obvious" Nutella, only a couple of others spring to mind: Nesquik (milk shake) and Neapolitan (ice cream, but they've already done Ice Cream Sandwich...).

I hope they go for another brand name and associated promo like they did with Kit Kat - I won in their Kit Kat/Android compy after consuming a fair number of them (but to be fair, Kit Kat is one of my favourite choc bars).

0
0

Compression tool 7-Zip pwned, pain flows to top security, software tools

Richard Lloyd

Re: Linux/BSD port p7zip

I was going to ask the same question - the Sourceforge p7zip (shipped with a *lot* of Linux distros) remains at 15.14.1 released on 23rd March 2016. No idea how much code it shares with the Windows 7-Zip though (none? some?).

0
0

Falling flat: Silicon Valley satire is a no show

Richard Lloyd

Final scene was ridiculous

Was it just me or was the final scene in this episode just the most ludicrous thing ever? Spend all night devising a skunkworks, bizarrely decide to print it out (they all have computers FFS!), then take the printouts to work (a major WTF moment).

I know the lead Richard character has done a lot of stupid things, but this was just so unbelievable, especially with the "we don't have a shredder at home" line (don't print anything out that's highly confidential then...duh!). A truly awful end to the episode and probably the worst scene of all 3 seasons so far (even beating the bottle of booze on a keyboard utter nonsense from a while back).

1
1

Mozilla slings Firefox patches at flaw found by GCHQ's infosec arm

Richard Lloyd

Re: Comma placement

> No UI fuckery, amazingly enough.

Er, unless you run Linux Firefox 46, in which case a major change was made with a move from GTK+2 to GTK+3. Apart from the different in-page chrome (e.g. form selector looks different and the scroll bars are horribly narrow now), it also now fails to run on some still-supported LTS distros that don't ship GTK+3 (e.g. CentOS 6, which still has more then 4 years of support left).

Yes, you can fall back to the ESR release for the moment, but I suspect the next ESR release will also use GTK+3...

0
0

How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript

Richard Lloyd

Name clashes aren't uncommon - I have one

I got name-clashed by MySQL (and now MariaDB too) no less - they include a binary called "replace" (despite almost all their binaries having a "mysql" prefix), which was first shipped years after the "replace" utility I wrote was released. A polite request from me asking them to rename it to "mysqlreplace" was ignored, which is annoying because MySQL's replace command is not good to say the least...

0
0

Ben Nevis embiggened by a metre

Richard Lloyd

Embiggened - only in The Simpsons please

Embiggened is a made up word which should only be used in The Simpsons where it made one of its earliest appearances. I'm surprised Americans use it because it's actually a longer word (both to speak and spell) than the correct word ("enlarged") that's actually in, you know, real dictionaries.

0
2

Get ready to patch Git servers, clients – nasty-looking bugs surface

Richard Lloyd

Cygwin git needs updating...

Yes, the irony of it - Cygwin source code is git-hosted, but their copy of git is version 2.7.0 without any of the fixes mentioned in the article:

https://cygwin.com/packages/x86_64/git/

Gitlab's restriction to a minimum of 2.7.3 is a little harsh when a) 2.8 will contain one of the fixes (so another raise of the min version then?) and b) Cygwin git is languishing at 2.7.0.

On a similar note, CentOS 7 git is actually way back at version 1.8.3.1 (with backported fixes) - does the latest Gitlab lock out CentOS 7 users then? One trick is to rebuild the Fedora Rawhide 2.7.3 src.rpm on CentOS 7 and use it to replace 1.8.3.1 (though it means you have to track Rawhide for updates...).

0
0

Dell PowerEdge R730: Reg rack monkeys crack smiles over kindness of engineers

Richard Lloyd

You need Enterprise iDRAC and I hate Java consoles too

The standard iDRAC doesn't let you do much (shows info you can already get from the free OMSA tool and also can power cycle the server), but the "Enterprise" iDRAC costing many hundreds of pounds extra gives you the crucial remote console that can save your bacon on many occasions.

Sadly, the remote console uses a Java VNC applet (even on this R730 it seems!) which is the flakiest known software to man/woman. You're presented with a myriad of security pop-ups (at least one of which comes up every time with no way to say "don't alert me next time"), you have to auth the iDRAC URL in your Java control panel because the iDRAC web interface uses a self-signed cert and even when you finally get to the console window, Java will either crash or refuse to connect most of the time (spawning a second console from the first one will often fix this).

Add the fact that Java plugin support is rapidly disappearing from browsers (it was dropped ages ago with Linux Chrome for example) and the existence of the non-Java noVNC tool (yoohoo Dell - why not try it? Proxmox have used it for a while and it's really sweet to use), then the iDRAC console is nothing short of an abomination. When you really need to use it quickly, working 1 time in 6 doesn't cut it.

2
0

Containers! Containers! Containers! And RHEL 7.2. Employ as you wish

Richard Lloyd

MATE desktop recommended

If you're coming from RHEL/CentOS 6 like I was, then I'd recommend the MATE desktop (yum groupinstall "MATE Desktop" then select MATE via the cogwheel icon you'll see when you're about to type your login password) for the smoothest transition to CentOS 7 - it's the closest look and feel you'll get to GNOME 2.

One slightly annoying thing recently - the latest MATE updates turned on the software compositing window manager by default without even asking me. This put annoying shadowing (on all 4 sides!) for windows/menus and an "exploding" task bar icon when you clicked on it. Luckily, you can turn it off via the main MATE menu -> System -> Preferences -> Look and Feel -> Windows -> General -> Compositing Manager (yep, pretty buried...).

1
0

Got a Nexus? Google has five critical Android security fixes for you

Richard Lloyd

Nexus or CyanogenMod - only 2 choices

If you're non-techie and concerned about security (which you should always be!), then the Nexus range is pretty well the only sensible Android choice. If you are techie, then it's either Nexus or a device that has CyanogenMod support (Nexus can run CM of course, which is what I do on my Nexus devices).

At least Google is actually releasing monthly security updates now, which puts a little pressure on OEMs/carriers to up their game with similarly scheduled updates. The fact that you can see the security patch level month in "Settings -> About device" helps as well.

4
1

Feds widen probe into lottery IT boss who rooted game for profit

Richard Lloyd

Don't win the jackpot...

I suspect jackpot winners are scrutinised a lot more thoroughly than lower tier winners, so why not fiddle a second place win (or, if you want to be very safe, the highest tier where you can claim the prize with no ID required). Of course, you'd either play online via proxies/Tor/VPN (though payments could be traceable then if they're done online too) or play offline at different locations and don't claim the prize in person (CCTV, remember?), though you'll have to cut your stooge(s) in for a percentage share and they'd have to be very trustworthy.

1
0

Launch embiggens Galileo satnav fleet

Richard Lloyd

Embiggens....groan

Embiggens? A made-up word from a Simpsons episode not in any standard dictionary. It's annoying when someone uses this fictional word when "enlarges" is not only actually in a dictionary, but also it's shorter!

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017