* Posts by chuckufarley

193 posts • joined 21 Jun 2007

Page:

How to make people sit up and use 2-factor auth: Show 'em a vid reusing a toothbrush to scrub a toilet – then compare it to password reuse

chuckufarley

Wanting to use 2FA is one thing...

...but being able to use it is another. Almost all websites do not support it. Not even El Reg.

US Supremes urged by pretty much everyone in software dev to probe Oracle's 'disastrous' Java API copyright win

chuckufarley

Re: I am producing an API definition for everything

So as the next logical step in the arms race I guess I should start on coding an Application Programming Interface Programming Interface...

chuckufarley

Google's lawyers have...

...been arguing the case wrong for years. From the start it should have been something like this:

https://youtu.be/byFLZAwqY3Y?t=88

Parody is fair use not infringement. The lawyers could have argued that "It isn't our client's fault that none of their customers were smart enough to get the joke."

Raspberry Pi Foundation says its final farewells to 40nm with release of Compute Module 3+

chuckufarley

Re: I have always thought...

"...these are industrial controllers not blade servers."

This sums up a large portion of the reasons why I don't own any of them.

chuckufarley

I have always thought...

...that these SODIMM style SBCs were cool. Not cool enough for me to buy some, but still cool. Over at www.pine64.org you can find their SOPine and Clusterboard that combine to create a 7 CPU cluster in a m-ITX format. I think the next logical step is to drop the SODIMM format and move to PCIe 1x slots. Then you could have a RISCV CPU on the main board that just runs I/O and maybe even allocates RAM to each SBC. If the SBCs could boot via the network you wouldn't need to attach storage and the power pins in the PCIe slots can handle 10-25W which should be more than enough for a CPU-on-a-Card.

If only I had a lot more time, money, and space around my desk...

The Apple Mac is 35 years old. Behold the beige box of the future

chuckufarley

Speaking of birthdays...

...NFS will also turn 35 this year.

On the first day of Christmas, MIPS sent to me: An open-source-ish alternative to RISC-V

chuckufarley

Thanks to smart phones, networking hardware, storage controllers...

...and other technology commodities chips designers have gotten used to the idea that businesses are willing to hand over large amounts of money to use their kit. It seems to me that if a company really wanted to shake up a market they would do a lot more to lower the barriers of entry into that market. "Open Source" CPU designs might let companies with big budgets take their business in a new direction. However I have not seen a single product from a start up or boutique shop using them. I have read about ideas and heard investment pitches but I have not seen any real world products.

Don't misunderstand me though, I think that anything the industry does to make technology more accessible is in the best interest of the business and humanity. So I see this as a step in the right direction. I know they need to make money off of the IP they have created.

On the other hand, if this isn't last stop on the Moore's Law Bus then you can at least see it from here. I predict that the "Open Source" CPU company that has the lowest cost to market for small businesses and start ups over the next 5 years will be the company we read the most news about the following 10 years.

Which scientist should be on the new £50 note? El Reg weighs in – and you should vote, too

chuckufarley

Re: What about Tony Blair ?

But is he pining for the fjords?

chuckufarley

Michael Faraday got my vote...

...because without him it would have been a much longer road getting to where we are today.

His work was so basic and so practical that it could be the very definition of practising the scientific method. He stood up for his ideas when he knew they were right and would admit it when they were proven wrong. The fact that he was right about so much without ever knowing how to prove it mathematically should be not be lightly dismissed. I think that had he been given a quality education in his youth our world would be better off today.

Salesforce dogged by protests, leaked emails, and guerrilla blimps on first day of Dreamforce

chuckufarley

Wait, what? Did I miss something?

Metalica, at some point in the past, had credibility? Well even if it is true at least I didn't miss much.

Curiosity's computer silent on science, baffling boffins

chuckufarley

Re: Fault

Why do you think it's growing potatoes? So it can make more batteries!

chuckufarley

Of course it's not transmitting data...

...it's busy growing potatoes.

The Reg chats with Voyager Imaging Team member Dr Garry E Hunt

chuckufarley

Thanks El Reg...

...fir another great interview. Please keep them coming, and I promise that I will turn off my ad blocker while reading them.

US govt confirms FCC's broadband speeds and feeds stats are garbage

chuckufarley
Joke

Re: Solution: #crowd-source-blockchain-cloud-Ops the coverage map

You will need more buzzwords if you want people to take it seriously.

chuckufarley

"...been given a useful tool..."

If the US government is good at anything these days, it's generating tools. In fact, tools are the common denominator of the current State of the Union. Some of them can even be described as "Power Tools" and some others as "Multi Tools." A tool can only be "useful" if there is a skilled operator with the will and means to execute it's intended function. After all, a skilled showman can juggle a chainsaw, a hammer, and an axe while never using any of them for their intended purposes.

Microsoft accidentally let encrypted Windows 10 out into the world

chuckufarley

Does anybody here remember...

...the Internet Explorer 4 launch? It wasn't really an update to IE, it was a beta test for Win98 in disguise. A least in the here and now Microsoft is being a little bit more honest about what code isn't ready for mass consumption. Now that I think about it, I don't know a a single personal that I would consider "well qualified" in the IT world that participates in the Windows Insider program. Maybe that is a good thing, maybe it's not.

make all relocate... Linux kernel dev summit shifts to Scotland – to fit Torvald's holiday plans

chuckufarley
Joke

I wonder what...

...it's like to have people admire you so much they will travel 7000km out of their way just to be with you. The last time I booked a flight for a vacation I had the plane and the hotel to myself because the other travellers went 7000km out of their way just to avoid me.

Windows 0-day pops up out of nowhere Twitter

chuckufarley
Trollface

Re: first windows LPE that I remember

The first LPE I remember is everyone and their dog being able to use the Administrator account as a daily driver. Of course, Microsoft called it a "Feature" and those of us in the trenches felt the pain from it directly or indirectly.

chuckufarley

This reminds me of...

...the times I can't remember. I can't remember them because in the late 1990's through early 2000's after a client's system was hosed by LPE and we have reimaged and restored backups for the ten thousandth system that month we would celebrate the milestone by turning off our pagers and phone then going to the nearest place serving high test jet fuel and calling it "Happy Hour." I can't be sure what happened after that except to say that I usually made it home some how.

It's a bit cliche to say "The more things change..." but I do wish some things wouldn't stay the same.

CIMON says: Say hello to your new AI pal-bot, space station 'nauts

chuckufarley

Well if...

...they expect it to "...hope to use it to see how it can monitor and contribute to spacemen's well being and group morale." then wouldn't it cheaper and more reliable to send up 5kg of condoms?

Oracle's new Java SE subs: Code and support for $25/processor/month

chuckufarley
Go

Well I say...

..."Ah, fork it!"

Maybe we can call the new branch Covfefe...

OpenBSD disables Intel’s hyper-threading over CPU data leak fears

chuckufarley

Re: Let's start a list...

So then it would up to the host kernel and only the host kernel for VM's? I suppose that makes some sense. It's just a little surprising that they would have no other optimizations for such a common technology.

As for languages, I sometimes wonder how many CPU cycles Java is spends being Java instead of executing code ;-)

chuckufarley
Alert

After thinking it through...

...and asking a bit of advice, I decided to share this.

First the two replies to the message on the OpenBSD mailing list:

https://www.mail-archive.com/source-changes@openbsd.org/msg99159.html

https://www.mail-archive.com/source-changes@openbsd.org/msg99161.html

This tells us who discovered it (Ben Gras of VUSec) and what they named it (TLBleed).

A Google search for VUSec and four mouse clicks leads to this:

https://www.blackhat.com/us-18/briefings/schedule/#tlbleed-when-protecting-your-cpu-caches-is-not-enough-10149

After reading a bit I disabled hyperthreading from the BIOS on my systems. I think that until I know more the folks at OpenBSD are right and it's better to play it safe. I am writing this because I think that security by obscurity is no security at all.

chuckufarley

Re: Let's start a list...

Mostly true, maybe, but I am willing to bet that any mitigation will be multi-part: microcode, kernel and applications. Just like the rest of the Spectre work that has gone on. People will want to know if they have to patch an application that they depend on. Also, the way that code is optimized for SMT may have to change.

I could be wrong, but I don't think OpenBSD would make the change unless they have a damn good reason to. They are a very conservative distro known for tight security. If they are going so far as turning off SMT altogether then my money is on something big and complicated.

chuckufarley
Alert

Let's start a list...

...of things we know are optimized for SMT. I'm willing to bet any hypervisor is. That means KVM, VirtualBox, Xen, and VMWare. I am almost positive that gcc would be on the list.

What about:

Python?

Java?

HTTP servers?

Databases?

Please add a reply if you know for sure about anything that is optimized for SMT so people can be ready if needs be.

'90s hacker collective man turned infosec VIP: Internet security hasn't improved in 20 years

chuckufarley
Joke

Nostalgia...

...just ain't what it used to be.

What's all the C Plus Fuss? Bjarne Stroustrup warns of dangerous future plans for his C++

chuckufarley
Childcatcher

This is...

...the kind of thing I would like to see on El Reg. I even read it twice. Once like I normally do, and then once more with the ad blocker turned off. It's a good idea to interview the people behind the projects that drive the modern world. Their work and ideas are used by a billion people every day. Getting to hear what they think is a rare thing unless you can afford to fly all over the world to conventions and meetings.

Please Sir, I want some more.

Thanks, El Reg

Devuan ships second stable cut of its systemd-free Linux

chuckufarley
Linux

Re: Fascinating opportunity for comparison

Maybe Mr. Larabel over at phoronix.com would be willing to supply the benchmarks. If not the Phoronix Test Suite is a free download licensed under GPLv3 so you could roll your own comparison on your own hardware.

chuckufarley

Re: Pulseaudio next, please

Sadly, Firefox depends on PulseAudio. I know that it can be compiled without support for it but I do not know if there another way to get sound in Firefox without PulseAudio.

chuckufarley
Linux

Is it Upgrade Season or...

...is it Update Season? I can never keep the two straight. If only we had two anthropomorphized cartoon animals here to set me straight.

Either way, it's kind of bitter sweet. We can new packages and lot's and lot's of new features. Then again, the uptime clock gets reset on the reboot.

Good job, Veteran Unix Admins! Keep up the good work!

US regains supercomputer crown from Chinese, for now

chuckufarley
Joke

@ StargateSg7

You are right, I would love a button that enabled me to edit your posts.

chuckufarley
Coat

Good job Mr. President!

America is Great Again! You can go home now!

kthnxbai!

Have to use SMB 1.0? Windows 10 April 2018 Update says NO

chuckufarley
Thumb Up

Re: So for a while now...

@soulrideruk

Please forgive my extreme amplification of Bob's posting style. I was just trying to make a point, perhaps it didn't work.

As far as my views on windows go: I hate it with a passion. For over 25 years I have been a passionate user and supporter of FLOSS. However I try not to let my idealism get in the way of actually being able to do things and using the best tools for the job.

Sadly, sometimes that means I have to use things like Windows, Java, systemd based distros, gasoline engines, dish-washing detergent, and a whole legion of other first world problems. Happily, I get things done every now and then.

Anyway I gave you an up vote because I didn't think your comment was bad enough to deserve the down votes.

chuckufarley
Holmes

Re: Fix it, don't disable it

Why not use the tools that come with the silver badge next to your name? Things like bold, italics, and underlining can add just as much emphasis in the same places and make your posts easier to read at the same time. You have earned the privileges and no one will think less of you for using them.

On the other hand, by insisting on using caps to accomplish your goals you are coming across like a guy that thinks the volume of the message makes it a better argument. People will discount what you have to say because of it. Or worse, just ignore you.

chuckufarley
Happy

Re: So for a while now...

IF only THAT were PRACTICAL. I would LOVE to DUMP windows FOR linux BUT there ARE some THINGS that ARE not POSSIBLE yet IN linux.

chuckufarley
Trollface

Re: Fix it, don't disable it

Bob, have you tried vacuuming out your keyboard? The constant toggling of caps lock is driving us nuts. Otherwise I'm going have to take up a collection to get you a new keyboard.

chuckufarley
Pint

So for a while now...

...Win10 Pro and above have natively supported being an NFS4 client. It just works, once you enable it. In fact, if your NFS server is exporting a volume formatted with ntfs-3g it works for storing backups. With the right export options you can even store a Win10 system image. Imagine it: Win10 accessing a mapped network drive like a *nix client and treating it like a native MS server share.

Now, I know there has to be a down side to it. I just don't know what it is yet. What I do know is that I don't need SMB on my network anymore. Thank RNGesus for that!

GNOMEs beat Microsoft: Git Virtual File System to get a new name

chuckufarley
Go

I nominate...

...[Shed]FS

Because...sheds...and brackets.

New Facebook political ad rules: Now you must prove your ID before undermining democracy

chuckufarley
WTF?

I know it's crazy talk...

...but wouldn't it be better if they worked out a system that actually had some hope of restoring the trust of their user base and the governments of the world at large? In my opinion they will refuse to do anything meaningful as long they do not have a financial motivation to do so. They will just make lists of lists provided to them by actors that they are not going investigate in a substantial way as long as the money comes in. Action is needed in the form of regulation with agressive monetary penalties if things are really going to change.

President Trump broke US Constitution with Twitter bans – judge

chuckufarley
Coat

Re: The Question is...

And even with all of his imperfections and contradictions the best ideas that he put down on paper are still shaping our world today. Thanks to the combination of ideas from the Declaration of Independence and the Constitutional Congress Committee on Style we have:

"We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness."

And:

"We the People of the United States, in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America."

Singularly either one is bigger than any one person and their flaws. Taken together we have a vehicle of government that gives us all a chance live in a better world than our parents and grandparents. That is if we can stop taking so many steps back on the road to a more perfect union.

Yes, Jefferson was fully a man of his times. Just as we all are. We cannot escape our biases but we can try to overcome them and hopefully inspire others to overcome their own. Just like we kept the best ideas of Thomas Jefferson's and Gouverneur Morris's generation we have, in the spirit of those very same ideas, been working to rid ourselves of their worst ideas. And hopefully our own bad ideas as well.

In closing, I would ask that next time you wish to imply how our aspirations to fulfill to the worthy ideals of our society are in vain because the authors of the ideas were all too human, don't.

chuckufarley
Alert

The Question is...

...how many lawyers will find this verdict "appealing"?

The answer is...

...it depends on how much money can be spent arguing over what should be common sense.

If any public figure does not separate their private lives and actions from the public then they forfeit the right to act as a private individual. An open democracy is they only way to avoid the tyranny that drove Thomas Jefferson's pen on so many occasions. A lot of money that could be used to fight true injustice must now be spent to take this case to the Supreme Court. All because one man in a powerful position can't tell the difference between "It is right" and "I want it to be right."

FBI's flawed phone tally blamed on programming error. 7,800 unbreakable mobes? Er, um...

chuckufarley

Re: The headline scary number is still too big

Did they swear to spread the FUD, the whole FUD, and nothing but the FUD? It seems that way to me.

Senator Kennedy: Why I cast my Senate-busting vote for net neutrality

chuckufarley

Even is we get the...

...Pie (or is it Pai?) in the sky of 5G in five to ten years, I'm willing to bet that the same forces at play in the current market will wall it off and make it a play ground for the $999/mo target market while the rest of munch on 10GB cake at 10Mbps.

Microsoft, Google: We've found a fourth data-leaking Meltdown-Spectre CPU hole

chuckufarley

This might not answer your question...

...but it might set you down the path to finding an answer.

https://www.theregister.co.uk/2017/03/14/outdated_javascript_libraries_weaken_web_security/

https://www.theregister.co.uk/2017/11/20/open_web_application_security_project_2017_report/

https://www.theregister.co.uk/2018/05/15/microsoft_acg_mitigation_missed_memory_bug/

chuckufarley

Re: Its quite depressing really

Well, think of it like this:

Every modern CPU that suffers from these vulnerabilities has literally billions of transistors. Your higher end CPUs (and GPUs) have more transistors per chip than there will be people on the Earth tomorrow or twenty years from now. It's amazing that we don't have more of these flaws to deal with and that they are not worse. Perhaps there will be more that come to light soon, or in the next decade. What matters is that we find the flaws and learn how to fix them. It's a case of not being able to make progress until we fail and learn from our mistakes.

chuckufarley

So who else...

...runs NoScript and is glad that they do?

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on

chuckufarley

It's the same story...

...in the US. I live in the Chicago area and I my ISP doesn't support it. My cable modem has the ability built in to it's firmware and everything on my home network supports it but given that this is the USA we have bigger issues to worry about than breaking the internet. Don't worry though, we will get around to it someday soon. Breaking the internet that is, not implementing IPv6 on a national scale.

Blood spilled from another US high school shooting has yet to dry – and video games are already being blamed

chuckufarley

You mean like how...

...down voting is supposed to stop people from posting illogical nonsense without thinking it through first?

chuckufarley

The fine print* says...

...that Fox News is in the entertainment business. They can say what ever they want if they think someone will find it entertaining. They have no obligation to be honest or to have a social conscious. Ed Murrow spins in his grave at relativistic speeds every time they broadcast. Of course they are attacking video games. Video games are their competition.

*This post is for enlightenment purposes only. El Reg doesn't give a crap about my opinions and would ban me from Teh Interwebs for life if they read this. If I ran for Public Orifice I would be shot for too much of the truthiness. That bit about Ed Murrow spinning at relativistic speeds is most likely not true, but someone should check just in case.

Page:

Biting the hand that feeds IT © 1998–2019