* Posts by DrXym

4136 posts • joined 18 Jul 2007

‪WannaCry‬pt ransomware note likely written by Google Translate-using Chinese speakers

DrXym
Silver badge

More to the point

If the authors used Google Translate then chances are Google has logs of those interactions which include IP address, potentially identity of the person using it. They might have used Tor but then again maybe they didn't.

1
0

Industrial Light & Magic: 40 years of Lucas's pioneering FX-wing

DrXym
Silver badge

Still didn't escape uncanny valley

The CG Peter Cushing / Moff Tarkin was surprisingly poor considering the budget. The lips and facial expressions were off, the performance lacked any nuance, the head bobbed around like a chicken and it simply didn't blend in.

This video demonstrates it all too well:

https://www.youtube.com/watch?v=KsuvXHGCVXE

The Carrie Fisher / Leia was somewhat better but perhaps only by virtue of the intense artificial lighting in the scene and the fact it was only there for a brief moment.

5
2

Windows is now built on Git, but Microsoft has found some bottlenecks

DrXym
Silver badge

Re: Monolithic

To add to other comments, I would not be surprised if a very large chunk of that is binary blobs, images, audio etc.

2
0
DrXym
Silver badge

Re: GVFS sounds super dumb

The achilles heel for Git is that you must pull ALL the repository in order to use any of the respository. Various ways exist to work around this issue - shallow clones, submodules, subtrees, repo etc. but nothing is very good.

I suppose the idea for GVFS is that when you do a clone of Windows, you don't transfer 300GB of crap to your machine before you even start. Instead you "clone" and the filesystem looks like the files were fetched but the fs only fetches a file's contents on first read. So if you're working on one DLL with 100 files you don't need to download the gazillion other files in the codebase.

Clearcase (contender for the worst source control system ever invented) did this too with a thing called a dynamic view. The difference in Clearcase's case was the dynamic view could change while you were using it if someone else committed files to the same view. Enjoy trying to debug problems when header and sources keep changing underneath you.

At least GVFS would behave like Git in that what you see isn't going to change unless you pull / fetch / merge. I'd like to see how MS intend to open this up outside of themselves though.

10
0

How good are selfies these days? Good enough to fool Samsung Galaxy S8 biometrics

DrXym
Silver badge

Re: Hardly a big deal

Yes it's possible all those things could happen AND you have iris enabled (don't forget that) AND you're prepared to put up with how crap the function works. Now think on the likelihood of all that actually happening in real life as opposed to some thought experiment and it's very slight.

If security researchers want to improve security they should stop doing these silly experiments on esoteric features and an improbable chain of events and think of ways a phone can be made more secure by default. Not such a headline grabber but vastly more useful.

1
0
DrXym
Silver badge

Hardly a big deal

Unless the thief happens to have a picture of you in the proper light and knows this is how you unlock the phone then it's not going to help them. And theft is the biggest threat by far.

I think the biggest problem with phones & security is one of usability and defaults. Some phones have "smart lock" functionality but it's very finnicky to set up and separate from the screen lock stuff.

It needs to be redesigned and consolidated into a single screen that summarises what security is set, and the conditions that the rules apply. e.g. idle time, location, proximity to other devices. The easier it is to set up the security, the more likely people are to use it. The more people who have security enabled by default, the less reason thieves will have to steal phones.

2
2

Huawei Honor 8 Pro: Makes iPhone 7 Plus look a bit crap

DrXym
Silver badge

Re: EMUI

I know how to install a different launcher. It doesn't mean I want a shit, superfluous launcher sitting in the firmware eating up space, one whose very existence means it takes Huawei longer to roll out firmware updates because of all the additional testing required. And even if I dump the launcher it doesn't make all the changes to settings, or all the other junk running in the device go away.

EMUI 5 might have undergone an exercise in turd polishing, but the proper solution would have been to dump it completely.

0
0
DrXym
Silver badge

EMUI

The hardware could be wonderful but while EMUI is a thing I will steer well clear of Huawei phones. Once bitten twice shy.

1
0

The real battle of Android's future – who controls the updates

DrXym
Silver badge

A LineageOS firmware for Android 7.1 weighs in about 350MB so no, it's not 6GB. It doesn't include Google Apps but you can download a 50GB nano GApps package.

I expect some firmware updates are larger depending on how much crapware they contain or other superfluous stuff like additional image resources, languages, videos etc.

4
1

Samsung Galaxy S8+: Seriously. What were they thinking?

DrXym
Silver badge

Recommending the S7 seems risky

All it takes is one firmware update and it suffers many of the same issues as the S8. I know the article covers it a bit, but Samsung's biggest problem is they pack their phone with half-assed apps and features that imitate the ones you can get from the Play store and there is no choice NOT to have this stuff.

Samsung could move a lot of the junk to a "showcase" app where you could pick and choose to install or (better than nothing) safely disable some of this stuff. But they don't. They're hoping somehow to gain marketshare through the power of the default. Bixby is there not because it is any damned good but because it suits Samsung's long term ambitions to ram it down user's throats. That might suit them, it sure as hell doesn't suit customers.

1
0

HTC's 2017 flagship U11 woos audiophiles and bundles Alexa

DrXym
Silver badge

"Bundled" software

If I want Alexa, Facebook, Twitter or whatever else then I can simply install it myself. HTC should not be baking this performance / space / privacy sapping crap into the firmware.

If they absolutely must install this shit, then at least do it in the writable user data partition where it can be permanently removed. Not hidden, deleted.

2
0

Drugs, vodka, Volvo: The Scandinavian answer to Britain's future new border

DrXym
Silver badge

Here's a better idea

Don't leave the customs union. It's stupid and self-defeating. It just causes extra red tape for government & businesses, delays at borders (even with "light touch" systems), increases smuggling, decreases trade & travel across land borders, and provides little to no benefit in return.

1
0

Uber is a taxi company, not internet, European Court of Justice advised

DrXym
Silver badge

Re: Finally some common sense

Yes clearly Uber is a taxi service. Their problem is they want to be a taxi service without abiding by any of the rules or regulations that govern being a taxi service - criminal background checks for drivers, fare tariffs, limits on number of licenced cars on the road, vehicle safety checks, adequate insurance, employment benefits, other regulations governing public transportation.

So they want to pretend they're basically just a hookup service between people who want a lift and people prepared to give them a lift.

I'm glad they're losing. They should abide by the rules laid down for taxis or gtfo.

58
1

Just so we're all clear on this: Russia hacked the French elections, US Republicans and Dems

DrXym
Silver badge

Re: Russia attacks!

I wouldn't be surprised if Le Pen and her party have been under surveillance for quite some time. Kissing up to Russia, recognizing their widely condemned appropriation of territory, receiving a loan from a Russian bank soon after...

She might well find herself arrested if there is any intel on that or tying her to the recent hack. She definitely faces a lawsuit about the allegations she made. Oh and embezzling money from the EU. Le Pen will have some interesting times.

4
0
DrXym
Silver badge

Re: Yup

As if to emphasize the shitstorm coming, just look what happened. Comey fired on a weak pretext, as if that will make the investigations and indictments disappear. Nixon had his own "Saturday Night Massacre" with as much success as Trump will have.

13
1
DrXym
Silver badge

Re: Landslide ?

"An overwhelming majority of the electorate in a two horse race did not back the winner."

A point of clarification. French elections are ALWAYS a two horse race. The primary round features all the candidates and then the second is between the top two from the first round.

Second, claiming the majority didn't vote for them could be said for many elections. UK MPs frequently don't enjoy the majority of votes in their constituency unless they're in a very safe seat.

26
1
DrXym
Silver badge

Re: Yup

If you want to sense which way the wind is blowing subscribe to John Schindler @20committee on Twitter. He's an ex-intelligence community & columnist and has a pretty sharp eye on things which are happening.

The likes of Flynn, Manafort and Page *are* going to get prosecuted and it's not hard to see others dragged in too, especially if its seen they were acting in cahoots. They might even turn states evidence for cushier sentences.

Second to this Trump *does* have Russian mob ties. His casinos were fined for money laundering. His business partner Felix Sater is a convicted mobster. Dutch TV did an interesting documentary about Sater this recently which is on YouTube. The BBC interviewed Trump about Sater and Trump's entire response was to call the interviewer thick and run out of the room. Trump is vulnerable to compromise and it's not a stretch to imagine that he *has* been compromised. And even if he hasn't, there's that whole RICO investigation.

26
6
DrXym
Silver badge

Yup

And people paying attention know there are at least 2, possibly 3 grand juries already convening prior to making some arrests. And a State of New York RICO charge that could drag in Trump or some of his confederates on the grounds of racketeering, money laundering on behalf of the Russian mafia.

Trump has a busy few weeks of reality denial ahead of him. #fakenews

15
14

FBI boss James Comey was probing Trump's team for Russia links. You're fired, says Donald

DrXym
Silver badge

Watch the leaks multiply

It's been clear for a couple of weeks that prosecutions were in the offing. Grand juries were being convened, subpoenas in progress.

That's the only reason Comey was sacked and everyone knows it. Sacking him on a flimsy pretext is just going ensure that the number of leaks in the intelligence services multiplies, massive pressure will be placed on congress to appoint a special prosecutor, existing charges won't be dropped, other RICO suits will press on regardless.

If Trump thought his problems were bad before, they've probably become far worse today and far more public.

21
0

Hackers emit 9GB of stolen Macron 'emails' two days before French presidential election

DrXym
Silver badge

Re: "far right" is a misnoma

Far left wraps around to become far right and vice versa. Authoritarianism, secret police, purges, torture, assassination, oppression, idolatry etc. Out on the fringes however they possess their own distinct and extremely unpleasant characteristics which are very easy to see.

7
2
DrXym
Silver badge

Re: So, just another day in the office...?

"I don't think it's that specific. WL are simply naïve and thus very easy to manipulate. "

That may have been how they started. These days they are a front.

10
6
DrXym
Silver badge

Re: the hackers MAY be Russian, but...

Resoundingly yes of course the government is behind it.

I'd point out the question was put to FBI director Comey last week and he said Russia was definitely behind the attacks there too.

5
5
DrXym
Silver badge

Re: Business as usual

And probably they're telling the truth. The dump was timed to interfere with an election to be held tomorrow.

It doesn't have to withstand any scrutiny, just look superficially convincing - dump a heap of legitimate low level stuff as filler (e.g. hacked party mailing list), and fake up some bank statements and hope it convinces some people to vote for the other candidate. Russia's candidate.

Of course it could be real but since Macron has started legal proceedings on the matter, there is a perfect opportunity to find out for sure in court.

28
0
DrXym
Silver badge

Re: So, just another day in the office...?

It's an orchestrated campaign by Russia to disrupt its enemies. They interfered in the US election, probably interfered with the UK referendum, are definitely interfering in the Balkans and in states like Poland, Estonia, Lithuania, Finnland etc.

Wikileaks is nothing more than a Russian front and nationalist groups in these countries are easy pickings for them. Did you know Le Pen had a Russian bank fund her bankrupt party and was kissing ass with Putin even while the campaign was going on?

It's going to come to a head soon.

30
23

systemd-free Devuan Linux hits RC2

DrXym
Silver badge

"Debian switched to systemd which in turn pushed distros like Ubuntu on to systemd"

Kind of absurd rationalization given that Ubuntu is downstream of Debian, not upstream. Just like Devuan in fact. Also, Ubuntu didn't switch from sysvinit to systemd. It switched from upstart.

1
13
DrXym
Silver badge

"DrXym, what makes you think that doesn't also apply to those here who don't want systemd on their systems? You keep ignoring rational and legitimate reasons for not using it, and banging on about how "ignorant" everyone who has reservations about systemd is. Is adult discussion really that difficult?"

Show me one of these "rational and legitimate reasons" that I've responded to that you consider my response was unfair please.

0
13
DrXym
Silver badge

"How much is Lennart paying your blind affiliation to something which doesn't solve any problem anyone was suffering from yet is setting the scene for catastropic problems in the future?"

Yes it's all a vast conspiracy. Meanwhile back on planet earth...

2
10
DrXym
Silver badge

"And this statement right here demonstrates someone blindly reading the crap that's written about Systemd."

No, it's a statement of someone who's bothered to read about systemd, use it, and has the ability to type

dnf list systemd\*

rpm -ql systemd | grep bin

0
16
DrXym
Silver badge

"Systemd is a single, monolithic, system rather than a set of interoperating modules,"

This sentence right there demonstrates the ignorance surrounding systemd. Systemd is actually a collection of processes each with specific, isolated function that are designed to run together with minimal privilege.

0
16
DrXym
Silver badge

"There are reasons why systemd will never be ported to BSD, and they are the same reasons why Devuan exists, and why Slackware & Gentoo don't use it."

Those "many reasons" applies to lots of low level Linux software. Porting a pid 1 process between two disparate kernels is hard, especially when compounded by philosophical and licence issues. Hardly an argument really. I'd also point out that OS X uses launchd for some of the same reasons that systemd exists - because sysvinit sucks for modern desktops.

Gentoo also allows systemd to be used. So your argument against systemd boils down to slackware. Seriously.

0
17
DrXym
Silver badge

Re: Easy answer.

"Like RHEL 6 that is without systemd, perhaps?"

RHEL 6 was first released in 2010. RHEL 7 was first released in 2014 does use systemd. Failing to grasp your point.

0
14
DrXym
Silver badge

Re: Easy answer.

"Children running the show." Yeah all the people in Red Hat, Ubuntu, SUSE, Debian et al are children. What on earth do they know about producing enterprise ready, stable operating systems? Oh.

1
18
DrXym
Silver badge

I can keep on saying it because it is true. People moaning about systemd are acting like conspiracy theorists parroting the same debunked nonsense over and over again

2
29
DrXym
Silver badge

They've adopted it because systemd is demonstrably better in virtually every respect. Most of the complaints about it are seriously misinformed nonsense.

2
28
DrXym
Silver badge

Re: It's fascinating that Linux now has the same problem as Windows

"even by doing exactly what Microsoft did wrong 20 years ago, like binary log files and highly opaque service management."

Binary log files are actually there to make the system more secure since they store more data, index data, rollover properly, detect corruption and tampering through signing. If you want text files in addition to or instead of binary it is a simple matter of reading the man page to enable them if you so desire.

3
26

Apache OpenOffice: Not dead yet, you'll just have to wait until mid-May for mystery security fixes

DrXym
Silver badge

Re: I prefer OpenOffice

I prefer LibreOffice over OpenOffice. Because it's receiving active development new features and bug fixes for the past several years that OO hasn't.

I think the name LibreOffice is horrible though. It would be nice some day if it could reclaim the use of the name OpenOffice.

LibreOffice (and OpenOffice assuming it ever develops) really need to start thinking about the future though, especially cloud storage and other forms of online integration. Microsoft are really pushing this hard to lock people into Office 365 so it would be good for LibreOffice to offer something analogous for businesses that want to get out. 5.3 has an "online" collaborative mode so that would be a good thing to expand and push the benefits of.

8
5

systemd-free Devuan Linux hits version 1.0.0

DrXym
Silver badge

Re: geez, the ignorance about systemd here is astounding

"Nice straw man. The few "raging" comments here are outnumbered by comments from those who have had genuine problems with systemd. Got any answers for them?"

No, they're outnumbered by a lot of whining, a handful of anecdotes, a mass of misconceptions and a various statements that are false or distorted. If you have a specific problem, go look up your problem on superuser.com or a similar site because chances are it's already been answered more than adequately.

I've already dealt with a share of issues here - text logging (just configure it), timesync client (a small SNTP client adequate for 95% of uses vs a full blown 20x larger NTP client/server) et al.

It's funny how for all the people whining about systemd Red Hat and other major dists manage to use it without the world collapsing around them.

1
8
DrXym
Silver badge

Re: They missed a trick

"Unfortunately it doesn't tell me how to turn off binary logging, only mask it or redirect it to /dev/null. I don't want the extra processing overhead of generating a redundant set of logging data only to dispose of it."

You can turn off the storage in journald by adding Storage=none to the conf file and it logs nothing. Set a flag and it sends the text to someplace else if you like or the console. It isn't as though logging takes much resources in the first place though.

The reality is the binary logs are there so they can be journaled, indexed, tamper resistent, searchable and all the rest. Things that administrators want or should want. It doesn't even stop you extracting the journal as text. It does allow you to tell if somebody has deleted lines from your journal. It does allow you to efficiently search between two date ranges on a particular event.

It's just an example of the knee jerk reactions that people hate on it without bothering to check if supports what they're trying to do.

1
5
DrXym
Silver badge

Re: geez, the ignorance about systemd here is astounding

Sadly nobody raging about systemd is interested answers.

1
13
DrXym
Silver badge

Re: They missed a trick

You can have ASCII logging. A simple Google would show you how to set it up, assuming your dist doesn't already. It would also explain the rationale for binary logging (e.g. forward secure sealing, capturing extra information, better indexing, tamper detection etc.).

I have no idea what you mean about ntp and udev being kept separate. Perhaps you're referring to the fact that systemd package contains a lot of low-level commands that you are free to use or not use as your requirements dictate. Systemd provides a SNTP (S for simple) client called timesync. You are completely free to install a full blown client-server ntpd if you desire but many deployments don't need that complexity and a simple NTP client means they can avoid installing ntpd altogether.

But hey, systemd is evillll!!! Let the dance of derp continue.

1
11
DrXym
Silver badge

Re: They missed a trick

Except systemd is for the better. Virtually all of the objections about it are absurd.

0
19
DrXym
Silver badge

They missed a trick

Should have called their dist Amix after the Amish. Technology should go this far and no further.

1
4

Uber cloaked its spying and all it got from Apple was a slap on the wrist

DrXym
Silver badge

RICO act

Some of the stuff Uber has pulled comes extremely close to racketeering. I'm kind of surprised that they haven't been raided yet.

19
0

LinkedIn U-turns on Bluetooth-enabled 'Tinder for marketers'

DrXym
Silver badge

Yup LinkedIn is just a cattle market. We're the cattle. Agents and their ilk are sold subscriptions to prod and poke us.

Never accept a link request from an agent. If they get the link they can send you unsolicited email and see your contacts and start inviting them. LinkedIn provides them with tools to type "java" into the engine and then spam every matching result regardless of relevance / interest or not.

If you're not linked they have to use one of their limited In-mails to communicate. That motivates them to practice some due diligence and only bother you with high quality jobs because they only get 100 In-Mails per month to spend.

I still ignore the In-Mails :) It's my way of devaluing LinkedIn's service. 90% of the time I can figure out what job they're dangling in front of me anyway and assuming I was interested I'd make sure not to go via any LinkedIn communication.

1
0
DrXym
Silver badge

Social media apps are their own worst enemies

They merely want to know my location at all times, all my contacts, take over other functions of my phone, automatically share my pictures, know who I'm standing close to (via bluetooth) and run continuously in the background so my battery life suffers.

No thanks.

As a website LinkedIn is a take-it-or-leave-it affair always probing for more data but safely contained. I can't imagine having this bullshit running continuously in my pocket the entire time. Same for Facebook.

0
0

Game authors demand missing ZX Spectrum reboot royalties

DrXym
Silver badge

Re: I'm confused

"the rights holders are unlikely to still be making (or expecting) any profit off of the titles"

I expect the way they look at it is this is a commercial product using their games as a selling point and therefore they are entitled to a share of the profits. Especially if they have a contract or a letter of understanding on that point. Is that unreasonable?

Perhaps their attitude is more laid back for emulators and such like where it's more of a hobbiest / nostalgia thing with no profit motive.

15
0
DrXym
Silver badge

Re: Innocence lost

The counter argument is you're sticking it to Rupert every time you run an emulator without his blessing.

17
0

Why Firefox? Because not everybody is a web designer, silly

DrXym
Silver badge

Internet Explorer is the lesson here

Chrome might be a "team player" at the moment but that doesn't mean it will always be so. Look how Google pushed out tech like SPDY, NaCL etc. without waiting to see if it was suitable for adoption or not and without much specification to say how to handle edge cases. The implementation was the specification. Eventually after tweaking and standardization SPDY was adopted, NaCL is being dumped for web assembly. Standards and consensus are a good thing for honing and refining good ideas and rejecting imperfect ones.

Microsoft used to operate a monopoly to push stuff and make it stick no matter how broken or proprietary it was. Consequently sites were tainted with bad proprietary technology for years. Not just proprietary technology but bad HTML and CSS because IE was a bad browser. Even when the web moved on and devs started to code their content against standards instead of implementations, intranets were still polluted with time management systems and the like that needed to run some ActiveX control or use VBscript for whatever reason.

That's why standards matter and as many implementations of the standard as possible. Besides that Firefox happens to be an excellent browser. It also doesn't spy on you as you browse.

13
0

Samsung's Shixby: Reviewers unimpressed with S8 digital assistant

DrXym
Silver badge

Is this really a surprise?

Most of the S- apps they stick on their phones can be best described as mediocre and at worst unremovable crapware. Just a duplication of the functionality you can for better in the Google apps, or didn't need or want in the first place.

I assume some bigwig in Samsung thinks their phones aren't sticky enough and therefore they need to build a platform of services to lock customers in so they can't choose to buy another brand phone without losing all their contacts, appointments and other info.

Now they have an assistant to add to that list, with a dedicated button. I wonder if you can reprogram the button to do something useful instead. Otherwise it's going to be a button that's pushed more by accident than intent.

5
0

Back to the future: Honda's new electric car can go an incredible 80 miles!

DrXym
Silver badge

The Clarity is a strong contender for the ugliest car ever invented. Bad enough as a hydrogen fuel cell vehicle but even worse when shipped as an electric vehicle with an abysmal mileage.

Who would ever want this car with an 80 mile range. A Tesla model S can do several hundred miles, and other new cars boast 120+ miles plus. This thing looks like it was deliberately sent out to die.

5
1

Forums

Biting the hand that feeds IT © 1998–2017