* Posts by bombastic bob

5200 posts • joined 1 May 2015

Safe browsing checks fail as 16,000 WordPress sites hacked this year

bombastic bob Silver badge
Devil

hand-coded optimized HTML isn't that hard

hand-coded optimized HTML (without scripting, even!) isn't THAT hard.

you can even insert it into El Reg comments...

I like to use 'tables' to format my web pages. it's clean, simple, elegant, and pretty much universally supported. And it'll force scrollbars if the screen is too small to view the content properly.

and it might even force phone-viewers to go into 'landscape' mode [which is superior anyway].

(yeah learn to program HTML, use scp or rsync to transfer things, and stop relying on some 3rd party bloatware to do simple things like html markup)

Lenovo denies claims it plotted with Microsoft to block Linux installs

bombastic bob Silver badge

Re: What a whiny bunch of spoilt hypocritical Linux users

at least some of your points about the linux community shooting its own feet (particularly with respect to ALSA vs OSS and systemd vs desktop managers that won't work without it) are valid.

so how about 'no vote' instead? out of fairness.

still, win-10-nic deserves the bashing. and anything that LOOKS like it's locking out Linux deserves it, too. Lenovo did something very very naughty with 'superfish' late last year, and had to backpedal and admit their wrong to the entire world last February. I think they deserve the scrutiny on THIS issue, too.

bombastic bob Silver badge
Megaphone

strangely, micro-shaft got 'popular' by making an OS people WANTED

"I'm more and more disgusted by M$ that is gradually "locking down" the PC to W$ only."

it's because they can no longer do what it was that made them "popular" in the first place: make an OS that people actually WANT. You know, so they don't have to use DEVIOUS MEANS and outright STRONGARM their customers into ACCEPTING it [without lubrication?] and NOT "just going elsewhere".

tactics like this usually fail, but it takes a while. Back in the 'robber baron' days of >100 years ago, the 'tactic in question' was to strangle all competitors (by dominating the entire supply chain) so that they could NOT wedge their way into the market and provide AN ALTERNATIVE to dealing with the 'robber baron'. In this case, the 'robber baron' is leveraging computer makers, sort of like owning the gasoline stations AND the refineries AND the oil fields... (and thus fixing prices along the way in your own favor).

bombastic bob Silver badge
Thumb Down

Re: Microsoft will be paying vendors to deploy their malware os Windows 10....

"most people want to use [win-10-nic] anyway."

not according to everything I've seen, including netmarketshare and statcounter. Their numbers show about 2:1 favoring 7 [and other versions] over 8 and 10, and very FEW people that I talk to actually _LIKE_ Win-10-nic. It's just getting shoved up our down our throats in one way or another. And, in THIS case, _LOCKED_ _IN_ on the computer itself by the manufacturer.

Where's Linus on this?

bombastic bob Silver badge
Trollface

Re: Microsoft will be paying vendors to deploy their malware os Windows 10....

Well, based on what happened LAST time around (when Lenovo bundled Superfish on windows machines):

1. defensiveness [we just saw that]

2. quietly speaking, erm, hmmm, "well, it looks like maybe we DID..."

3. complete backpedal, public apology, un-do the damage, offer fixes to anyone who wants one, silently angry they got caught with pants down, etc.

Waiting for '#3'.

And where's Linus on this?

[so yeah, KEEP UP THE PRESSURE, so they have to go through with "the process" and give us #3]

New Gnome emerges blinking into the sunlight

bombastic bob Silver badge
Devil

Re: *nix?

"Isn't Gnome 3 still tied to systemd? Surely that makes it Linux only."

sadly, FreeBSD has gnome 3 in ports, last I looked. Most likely there's a set of cumbersome patches for the systemd-ness.

in fairness, gnome2 had its share too. haven't looked at mate, though. yet. It's in ports, too!

bombastic bob Silver badge
Devil

Re: Old dog

"What is the point? Can anybody explain it to me?"

(with reference to the migration of gnome in the same direction as Micro-shaft's 'circle the drain' 2D FLATSO touch-centric phone-GUI interfaces on desktop computers)

a) "new shiny" (as been pointed out already)

b) too many people used to XP, won't "up"grade

c) patents, copyrights, and locking users into Micro-shaft's "solution"

d) change for the sake of change

e) millenials getting to do things THEIR way (which can't be OUR way, because, millenials)

therefore, it's "Modern", with the built-in "get with the program, gramps" pejoratives.

Doesn't make it BETTER, though, like who wants an electric roller skate when you can have a MUSCLE CAR!

gnome 3 and micro-shaft seem to be in kahootz or something... (did MS start investing in the gnome stuff? I am pretty sure that one of their devs was a ".Not" and mono fan, but still...)

bombastic bob Silver badge
Thumb Up

Re: It's still smartphone-GUI-on-a-workstation.

(from linked-to article) "Flatpak is the next generation application distribution framework for Linux."

"Until they fix that, I'll stick with Cinnamon and/or MATE,"

I agree 100%! There's _NO_ reason to follow Micro-shaft's "circle the drain" FLATSO overly-touchy-feely development direction. When I saw 'Flatpak' I was thinking <u>FLATSO</u> like "Ape" and Win-10-nic. Am I wrong?

Desktops need a REAL 3D skeuomorphic interface. Like Mate. Or Cinnamon. But we STILL have to kick the millenials [who are "in charge" now and doing it "their way"] a bit for releasing the latest Mint (18) with *ONLY* the FLATSO decorations in the default themes, meaning you have to go through the 'CUSTOMIZE' choices to pick something *SANE* and not 2D FLUGLY FLATSO.

I want 3D looking *BUTTONS* in the window title bar, DANGIT!

UK copyright troll weeps, starts 20-week stretch in the cooler for beating up Uber driver

bombastic bob Silver badge

"I hope his employees run off with his business."

actually, if it's truly one of those 'trolling' copyright "enforcers", better see it fade into pink-slips and bankruptcy

bombastic bob Silver badge
Devil

Re: 20 wks in prison! He's a kid for fucks sake!

"Being a director of some company is no excuse, and neither is Aspergers, or Hipsterism."

or AD[H]D? Or "the devil made me do it?"

/me whips out a cane...

Lean in and pivot: Even Steve Jobs didn't work alone, startup boy

bombastic bob Silver badge

"Batman doesn't work alone. At the very least, there is always Alfred."

Alfred = "the hired help"

not ready to go into the 'you did not build that' extreme, but HIRING PEOPLE is an effective way of getting things done, when you specifically lack those skills [or can't afford to waste time doing it all yourself].

Also Bruce Wayne's company and all of the employees there, especially the one played by Morgan Freeman [who invents all of the cool schtuff].

yeah, humans have been gathering in teams for cohesive strength to accomplish major things, since, like, forever.

Not enough personality: Google Now becomes Google Not Anymore

bombastic bob Silver badge
WTF?

being able to programatically shut it off

for the 'droid application I've been working on recently (demonstrated at a trade conference in Las Vegas last weekend), this might be mandatory - it's for certain kinds of doctors to use with a medical device. And I've seen other android applications being used in similar ways (being demonstrated at that same trade conference).

yeah we don't need patient data going to 'the cloud'

bombastic bob Silver badge
Devil

I'd rather teach it to fuel my fetishes

come on, hasn't anybody though of this one yet? Make the google version of siri:

a) speak to me like a lucious lady of the night,

b) be "of age" but look a bit younger, complete with school girl uniform

c) never get old, never cheat on me, and never ever ever say "no"

my own virtual girlfriend that will go get things I want online, find out how to drive from point A to point B, and knows my deepest darkest perverted secrets...

yum yum yum!

Windows 10 backlash: Which? demands compo for forced upgrades

bombastic bob Silver badge
FAIL

classic shell doesn't fix the flatso

"Classic Shell. Natch."

doesn't fix the 2D FLATSO, though

"I've been giving Mint's latest, Sarah, the once over today.... oh, behave!!!"

In general I like it. However, I noticed that THEY TOO have all of the themes in FLATSO mode, out of the box. I was disappointed. Granted, if you dive into customization, you can get ACTUAL BUTTONS in the title bar, but the fact that NONE of the default options had this, disappoints me greatly.

2D FLATSO non-skeuomorphic FLATASS is _SO_ bad, _SO_ ugly, I can't even use 8.x nor 10 with classic shell, and that's no joke! It's like "bad feng sheui", or a hideous colored paint on the walls, or K&R style code, etc. etc. etc., so distracting it keeps me from getting things done.

I like classic shell, as a desperate move to fix "Ape" and "Ape point 1" and even win-10-nic, but the FLUGLY 2D just bugs me...

(what is it with the MILLENIALS and their "do it OUR way now that it's OUR turn" down'up'grades and that gawd-awful FLATSO look???)

Windows Server 2016: Leg up or lock in?

bombastic bob Silver badge
Devil

who needs a windows server anyway

I haven't used a windows server since W2k3, and it ran so pig-slow on the same hardware that 2k ran on (by comparison), even after upgrading the RAM to its minimum specs, that I can't justify any reason to have a windows server any more. Pig slow, security crater, IIS and ".Not", and basically a toll-booth for everything you might want to do that requires "a server version of windows" because the pro version was deliberately crippled so as NOT to have "that" in it... (and/or the software won't even run on a non-server OS, go fig.)

similarly, Linux is a server OR workstation, depending on how you configure it, RHEL and similar 'pay for the value added' distros notwithstanidng.

and my server runs FreeBSD, with ZFS, on old hardware (Intel dual core 1.8Ghz with 4G RAM) that would probably stutter and stall if it were running a windows server OS. But with FreeBSD, runs *JUST* fine!

Who needs a windows server anyway?

Microsoft deletes Windows 10 nagware from Windows 7 and 8

bombastic bob Silver badge
Facepalm

so, is it SAFE to run 'windows update' again?

So, is it SAFE to run Windows Update again? Or should I wait for the fallout?

She cannae take it, Captain Kirk! USS Zumwalt breaks down

bombastic bob Silver badge

Re: Sub heading surprise

Seawater lubricated bearings notwithstanding... [they work nicely for shaft seals and bearings located outside the main hull]

it probably wasn't caused by an oil-lubricated shaft bearing that was directly exposed to water. Most likely it was a lube oil cooling system that leaked water into the oil. These ships typically use sea water for cooling things like oil and sometimes directly cooling rotating machinery. Oil gets hot when it's used to lubricate things like turbine reduction gears, so you need an oil cooler. If the oil cooler has a defect causing a leak, it probably requires a shipyard to replace it. In the mean time, watery oil makes a poor lubricant, so they'd lock the shaft and run on the other one(s).

that's my take on it.

bombastic bob Silver badge
Black Helicopters

Re: Displaced, by gad.

"That would explain the price tag."

some companies exist BECAUSE they're good at inflated-cost contracts with gummint... i.e. "military industrial complex".

gotta watch out for it. (I think Ike warned us about that)

bombastic bob Silver badge
Devil

Re: Nomenclature...

boat vs ship: technically, if it's over ~200 feet long (I think that's right), it's a ship. The exception is a submarine, which is called "boat" by tradition, since modern subs (and the ones in WW2 as I recall) are nearly ALL well over 200 feet long. L.A. class is ~360 feet.

thinking of the L.A. class, they came out of the factory with a flaw that later had to be corrected. Future versions were built with the correction. However, a trip to a shipyard was required to fix the problem [it affected top speed, probably shouldn't give details]. So with only 3 ships in the class, this kind of thing really isn't all that uncommon.

Still, it's fun to point fingers and laugh.

Lethal 4-hour-erection-causing spiders spill out of bunch of ASDA bananas

bombastic bob Silver badge
Devil

Re: Typical Asda

long ago, a friend of mine had a pet tarantula. kept it in a terrarium. Named it after his favorite bar.

I wonder if you can keep a 'viagra spider' as a pet?

bombastic bob Silver badge
Joke

Re: 4 Hour erection

maybe some scientist needs to find a safe dose of spidey venom as a viagra alternative? Might be hard to instruct the spider in its proper administration, though...

Will US border officials demand social network handles from visitors?

bombastic bob Silver badge
Devil

Re: Welcome to America - only stupid people let in

hopefully in the next election cycle we'll keep the politically correct nutbags from running the asylum... and then TSA will start PROFILING people that are likely to BE terrorists, who aren't Gramma, little 4 year old Cindy, your average tourist, etc..

being unwilling to even LOOK like you're suspecting some bearded guy coming from Syria with an "up to something" look in his eyes is just, plain, dumb. Instead, they have TSA feel up average citizens, take your belt and shoes off and waddle to the scanner hoping your pants don't hit the ground, yotta yotta yotta. It's just stupid, yeah. Or, better still, the STUPID PEOPLE are IN CHARGE at the moment...

bombastic bob Silver badge
Pint

Re: Bound to get deported?

or 'El Reg' comments

bombastic bob Silver badge
Devil

Re: Stupid questions...

"BUT they can already "request" that you give them access to your laptop when entering the US"

solution: use FreeBSD with a CONSOLE login. Set up ALL virtual consoles to log in THROUGH! A! JAIL!

if you tweek the appropriate config files, you can do this. I set it up this way as an experiment a while back, and had 2 consoles for 2 different jails (total 4). The thing is, to make this work properly, ALL of the virtual consoles have to be a jail. No big deal, really. THEN if they ask you the root password, make sure it's something like "TSA-sucks" or "F-U-very-much" or whatever. then they can look around your jail all day long and find NOTHING [it won't even run PING].

when you want to use the computer for REAL, you ssh into the host machine, then use 'startx' for the X server. And don't forget to password protect 'single user' boot [or disable the boot console menu entirely]. And so on. And use UFS and ZFS to confuse them even more. Only a live filesystem boot (of an appropriate OS) would be able to access it.

And if you have anything REALLY naughty to hide, put it in a file-backed memory-based file system that requires a cryptic and long pass-phrase just to mount it.

So yeah, NO access to ANYONE without proper credentials! it can be done. And the beauty of THIS approach, you've given them something they don't understand very well to look at it, in which you can B.S. them all day like Simon the BOFH and they have no other choice but to nod vertically with jaws slack and eyes glazed over as you explain it all...

bombastic bob Silver badge
Big Brother

Re: Stupid questions...

"Answered by stupid people."

Reminds me of a line from the original 'Ghostbusters' movie: "When someone asks you if you are a god, you say YES!"

Or, you answer the questions on the test the way the "social indoctrination" studies prof/teacher wants them to be, regardless of whether or not you actually BELIEVE it to be the case. get the grade, get the credit, then forget all of the indoctrination afterwards.

And it's STUPIDER to use Face-blank (and maybe Tw[a,i]tter) in the FIRST place, In My Bombastic Opinion.

Victoria Police warn of malware-laden USB sticks in letterboxes

bombastic bob Silver badge
Devil

Re: What size?

"Linux, I believe, is vulnerable."

ONLY if you use a distro that has auto-play auto-enabled and you didn't shut that @#$% off

In my machines, even automount is VERBOTEN

Microsoft snubs alert over Exchange hole

bombastic bob Silver badge
Devil

Re: It's not about Microsoft WANTING to fix it ..

'Virus Outbreak' aka 'Microsoft Outlook' has to be THE biggest security crater ever released by Micro-shaft, EVAR. I can't see any MORE horror (for I.T.) than a shop that actually USES it!

seriously, what GOOD is it REALLY? just use T-bird [and don't view as HTML or insert graphics inline] and be done with it! All that *cruft* is just a waste of bandwidth, and opens you up for spammed viruses and trojans (all those '.docm' and '.zip' etc. attachments, yeah)

IPv4 apocalypse means we just can't measure the internet any more

bombastic bob Silver badge
Trollface

Re: Virgin Media

maybe Virgin Media has enough, but China and India are apparently running out (or have already). And if your public IP interferes with your LAN IP, that could be a problem

yeah, being assigned a 10.x.x.x or 192.168.x.x or whatever the other netblock is, and you just happened to be using that netblock for your LAN. whoops.

I avoid 10.x.x.x but virtualbox uses it by default. I would think ISPs might want to use 10.x.x.x and just NAT 2^22 customers through it (accounting for the few unusuable IP address assignments for that which are dedicated to broadcast and stuff and/or might cause firmware to burp based on an earlier post of something that hated having a 255 in a position NOT as the final byte)

bombastic bob Silver badge
Devil

Re: And who told you I want to be measured?

"My understanding is that V6 allows a version of the LAN address to get out as the return address for the connection."

not entirely true, but lemme 'splain.

IPv6 addresses are assigned to a particular netblock, which the router will know about. The router can advertise this information and assign IPv6 addresses using some protocol I can't remember the name of. You can then allow an automatically assigned IPv6 address from the netblock, or assign a static one (your choice) from within the same netblock.

Now, about IPv6 routing: the routers use the advertisements to say "send your IPv6 outgoing traffic to me." They know about the upstream router, which was either assigned statically, or also advertised itself. that's how IPv6 routing works. In theory, you don't have to set up gateways, just routers [and the rest is automatic].

Now, because you were assigned an IPv6 netblock, your IP addresses are UNIQUE TO YOUR MACHINE, FOREVER. This also exposes every listening port onto the intarwebs using that IPv6 address if you didn't bother to firewall it. The router CAN firewall [mine does, it's running FreeBSD, and Linux could do the same thing]. In particular, I don't want a VNC port, or an X11 port, or any of the dozen-or-so ports that Windows listens on to be exposed to the outside world. So I block ALL of them at the IPv6 gateway.

BUT, whenever you visit some web site, the web site knows who connected, YOUR publicly visible IPv6 address that is NOT translated. A rogue web server could then scan you for open (listening) ports on that address and determine whether or not you can be cracked. Specific ones are well-known for windows, X11, VNC, Samba sharing, SQL Server, SVN, mail servers, and whatever OTHER things you might not want accessed from the outside [so you better firewall them all or risk getting CRACKED].

Anyway, that's pretty much an executive summary of what's going on.

bombastic bob Silver badge
Devil

Re: How much is a IPv4 address worth

"Probably nothing. It is surprising how many ISPs now do not offer NAT. You can only have a reserved IPV4 address."

and yet, for a FIXED IP address, you'll be charged EXTRA, and may ONLY be able to do so with a "business class" subscription, and so the cost inflates...

But with IPv6, everyone's address could be static. I assume we'll get assigned netblocks, for our entire network, and by doing so, will have a fixed IPv6. Byby need for "all that" we have to pay EXTRA for in the IPv4 world...

bombastic bob Silver badge
Black Helicopters

Re: The title is no longer required

perhaps "they" need to stop TRACKING us by our IP addresses?

(it's true, IPv6 would make THAT easier)

Microsoft Desktop Bridge opens, Win32 apps can now cross into Windows Store

bombastic bob Silver badge
Devil

Changing developer rules = shooting own foot

Microshaft changing the rules for developers (again, and again, and again) is just SHOOTING THEMSELVES IN THEIR OWN FOOT. Again. And again.

Back in the 90's it was "Developers, developers, developers, developers!". Micro-shaft NEEDED developers to write "the killer 'app'" (they called it an 'app' way back then) for Windows in order to get people to buy computers with Windows on them.

THEN, in the early 21st century, when Ballmer took the helm, he steered towards the rocks with ".Not" (aka '.Net') in the ".Net Initiative" which was SUPPOSED to leverage all of the ".bomb" stuff in Micro-shaft's favor, with a ONE LOGON FOR ALL SERVICES (aka 'Microsoft Logon'), so that Amazon and K-mart and Target and Frys and everybody ELSE would _ALL_ use THEIR login for the online stores and services.

Well we know what happened with THAT.

The fallout: That _HIDEOUS_ ".Not" library, Micro-shaft's STUPID invention of "C-pound" to try and replace Java, and the ATTEMPT to CHANGE THINGS so that SENIOR DEVELOPERS were _NOW_ *JUNIOR* developers! Because, Micro-shaft. Because, it's THEIR way under THEIR control!

Well, when you look at the TIOBE index, you don't see a LOT of ".Not" demand, but you DO see a lot of C, C++, Java, web, even Python (which exceeded C-pound for a short time, as I recall).

So THEN Micro-shaft tried other things, like Silverlight. FAIL. Then they went with Windows 8, to change the back-end to a form that was COMPLETELY different, trying to leverage the desktop into THEIR image so that EVERYONE would be forever LOCKED IN to doing it THEIR WAY.

That failed, TOO. And Win-10-nic *FAILS* to recover that.

So, NOW Micro-shaft wants to "allow" the *LEGACY* Win32 API appLICATIONS in their "the Store"?

HA HA HA HA HA HA HA HA HA HA HA HA HA!

But I know what's coming next: Win-10-nic BLOCKING ANYTHING FROM INSTALLING OR RUNNING THAT WAS NOT OBTAINED VIA "THE STORE". You watch, it's coming.

Because Micro-Shaft is in full-blown "SUICIDE MODE", starting with the shotgun pointed at their feet, and then working their way up.

bombastic bob Silver badge
Devil

Re: An old fart writes...

"I must admit I still don't really understand what the difference is between an 'app' anda 'program'."

app: short for 'application', what micro-shaft (and now Apple) call "a program for a phone". Or in Micro-shaft's case, an application for a desktop, too.

I like to distinguish an 'APP' from 'Application' as "an application that does some trivial thing with a phone-like interface" vs "something you can REALLY get work done with"

And of course I normally write 'app' as [CR]app because THAT is what MOST of them seem to be...

bombastic bob Silver badge
Mushroom

Re: Hmm...

"I suspect that delivering software outside the store is about to get frowned on. "

or WORSE, _OUTRIGHT_ _DENIED_ or _BLOCKED_!!!

at least Android has a 'developer mode' _AND_ a "untrusted sources" selection. So if you build an APK for some custom thing, you can publish it yourself without paying THE TOLL.

If Micro-shaft does THAT (i.e. FORCE you to go through "the store" to publish an EXE) I'm going to stop subscribing to MSDN.

And I've been an MSDN subscriber since the 90's.

Microsoft's Service Fabric for Linux hits public preview

bombastic bob Silver badge

Re: Upside Down solution

"Any knowledgeable business owner, meaning not those who know and accept only Microsoft speak or lame solutions, would be insane to chose Microsoft for hosting Linux based Cloud Services with Linux applications under Microsoft Azure Cloud services."

it happens. at one company, we were using multiple "el cheapo" Linspire machines as "build machines" with whatever Linux (or even FreeBSD) version made sense re-installed onto it, so that we'd have a consistent official build environment.for various flavors of firmware, once for each flavor. This filled up a closet with 6 individual boxen that consumed power.

The obvious solution: virtualize them. The chosen virtualizer? VMWare [a decent choice].

The chosen host platform? Windows Server 2003. ew.

Yes, we *TRIED* to convince the software development manager that hosting Linux VMs on windows was kinda, dumb. No effect.

WORSE: the source control system 'Perforce' was being used, because it worked well WITH Linux (and FreeBSD, my favorite). It also works ON Linux. However, certain Linux kernel images had case-sensitive file names that differed by CASE, and so when it was hosted on WINDOWS, you'd get some name clashing and this was very bad. Solution? Host it in a VM running on a WINDOWS SERVER 2003 MACHINE. I facepalmed over THAT one. I could NOT convince the software manager of the error of his ways.

On a related note, the manager was a fan of ".Net", mono, C-pound, Windows Vista, and "that way" of doing things. And yet, we were almost EXCLUSIVELY a Linux shop, doing company-related firmware modifications for wireless access points running Linux and occasionally VxWorks, but sometimes doing 'windows things' too.

yes, SWALLOWED THE COOLAID, and STOCKHOLM SYNDROME. I don't think it was possible for him to see things any other way. sad.

bombastic bob Silver badge
Devil

How do you say "BSOD" in Penguinista?

it's a screen saver on Linux

funny story, CEO of a company I used to do work for saw a Linux box with a BSOD screen saver running, saw the screen, and was concerned, until I said "it's just a screen saver", then told me about this happening at another company where someone called the IT people over while the user of that particular box had been at lunch to "fix the blue screen". He also asked that it NOT display that particular screen so nobody would freak out.

which then, of course, makes the inevitable point about BSODs and windows in general, and all of those funny pictures people have been submitting, "world's tallest BSOD" etc.

(topic-related, I suppose triggering a BSOD in Win-10-nic might be a vector into safe mode, etc. and I suppose it could be done with a 'rogue' USB device)

Google: There are three certainties in life – death, taxes and IPv6

bombastic bob Silver badge
Devil

Re: Try getting IPv6 from any major ISP's.

IPv6 tunnels still work. I'm using one from he.net - but of course THOSE are given away for free by an ISP that's just being nice. there are other free tunnel services as well [captain obvious says: no need to thank me, I'm not being helpful] and so it's just a matter of setting one up, which requires following somewhat detailed instructions for your OS of choice.

now there ARE some *NEW* headaches that IPv6 is likely to cause:

1. Your windows machine NOW has a publically viewable IPv6 address, even though you were accustomed to being behind a Linux-based NAT firewall. This is a lot like leaving your bedroom window unlocked with the curtains drawn...

2. ANY IPv6-capable web site can discover your publically viewable IPv6 address, including rogue ad servers, CDN networks, Facebitch, and web servers with "invisible" gif images embedded into any web page.

3. tracking you via a FIXED IP ADDRESS is now "that much easier". Each IPv6 subscriber is likely to get a netblock of addresses. there are more than enough. That net block NOW identifies YOU. Even if the IPv6 changes, if only the last 8 to 16 bits are changing, it's still "you".

[yes I know all 3 already apply to me, but I've dealt with it]

Keep in mind that every windows version since XP has had "magic internal stuff" listening on well-known ports, every time you boot up. Try "netstat -an" in a CMD window some time, you'll see what I mean. Every one of those UDP ports marked '*:*', every one of those 'LISTENING' TCP ports, they're ALL open to being CRACKED. All you need is a pile of already-cracked machines [remember 'code red' ? win-nuke?] banging away against random IPv6 addresses, and you'll get infected or DoS'd, eventually, if you're running an unfirewalled windows machine.

The solution, of course, is to have a firewall that is INTELLIGENT enough to block these ports PROPERLY by default, and I'm not talking about the Windows firewall, I'm talking about a PROPER firewall, like a router running Linux. It also needs to properly support IPv6 routing, AND to be "shut offable" if you have something OTHER than "that box" doing the routing [which _I_ happen to have].

And that's another headache for the ISPs: dealing with customers that aren't using "their box", are using some form of 'bridge mode', already have an IPv6 tunnel, and somehow PROTECTING all of those clueless windows users from getting their machines cracked because they're NOW publically visible. And if it has an easily guessed user/pass, you now have remote access capability.

maybe the biggest problem in the way of IPv6 is MICRO-SHAFT and WINDOWS ???

US Marine Corps to fly F-35s from HMS Queen Lizzie as UK won't have enough jets

bombastic bob Silver badge

Re: US Marine Corps will be flying F-35Bs

"RN Captain - We've been ordered to bomb XYZ"

"USMC Commander - Sorry, the President says we're not going to do that"

same possibility with British pilots on a U.S. carrier, I suppose. but I doubt it would be a problem. Unless the Pres is Mrs. Clinton, in which case we're all fsck'd anyway.

As former U.S. military (Navy), I'd say that when you're attached to a foreign command, you obey the commanding officer, regardless, unless it goes against your basic oath of defending the U.S. Constitution. You can note your objections, but you still have to follow orders. Fortunately, politics as they are, NATO missions as they are, the HMS QE probably won't even remotely get into a situation like that. We hope. [I'd hate to lose access to RPi and The Register over stupid politics].

there WAS this one situation back in the 1980's, told to me by someone who had been attached to a Turkish sub [it was a decommissioned diesel sub, being sold to Turkey, and U.S. sailors were on board qualifying the Turk sailors to operate it properly/safely]. One time one of the Turk sailors didn't show up [went UA]. The Turk sailors found him 'out in town'. They brought him back to the sub and were going to shoot him. At least one of the U.S. sailors said "NO, NO, you can NOT do this on an American Naval Base" (or something similar) and managed to stop them. THEN, "a decision was made" to go underway that day, and all of the U.S. sailors were 'kicked off'. They came back later, and "that guy" wasn't with them. I guess that once you're in international waters, U.S. law no longer applies...

Anyway, that's not what I expect to happen on any British or U.S. carriers...

United States names its first Chief Information Security Officer

bombastic bob Silver badge
Devil

Is Obaka going after wikileaks?

I have to wonder if the new cyber security guy's position is to somehow deal with things LIKE the upcoming wikileaks "reveal" on Mrs. Clinton? Couple THAT with the last big info-dump/reveal of DNC e-mails (showing them acting like everyone they allegedly HATE, from racial slurs and sexist comments, to deliberately messing with the primary election process to coronate Mrs. Clinton).

And the OBAKA administration is, perhaps, IN A STATE OF PANIC?

well, I can help them out: Stop using Micro-shaft servers and Outlook for e-mail, enforce the law with respect to keeping classified info off of the intarwebs and private e-mail accounts, and PUNISH those who've been negligent and possibly got people killed... [no need to name names on THAT part]

World eats its 10 millionth Raspberry Pi

bombastic bob Silver badge

Re: re. fried pi

well, if you have a pi plugged into an embedded device via the connector, a fried pi would be easy enough to swap out. low cost of new Pi is actually a very good design aspect, and a reason TO use the RPi "that way". Also easy to image the SD card for a backup, or just use the old one in the new Pi. [Pi zero, with solder-in wiring, would be harder to replace in the field, or on a bench for that matter].

but having the layouts change, yeah, that causes potential difficulty, since the holes don't line up. I just hope they don't stop selling the older models...

bombastic bob Silver badge

Re: Pedantry ahoy

"It'll be the same as previous RPi 3 kits - a MicroSD card in a SD adapter."

right, you might want to use a PC with an SD adaptor (or an external USB one) to put the Raspbian image on the SD card. not like I don't have a zillion of these micro-to-SD adaptors laying around already...

Star Trek's Enterprise turns 50 and still no sign of a warp drive. Sigh

bombastic bob Silver badge
Boffin

"The cool (or mind-bending) thing about special relativity is that the *very same* light beam is also measured as travelling away at the speed of light by everyone else who comes across it, regardless of what speed they are travelling relative to you."

hence, time distortion to make that calculation work [or so it would seem], when you sit and think about it, run the numbers as 'how fast is that photon REALLY going from the perspective of' it all makes sense.

now let's add the other 7 dimension into the 1st 4 to get M theory. relate that to quantum mechanics and this year's proof that shroedinger's cat really IS both alive and dead [there was an El Reg article about that in january as I recall], it's my guess that THE OBSERVER comprises the 11th dimension, separating the two 10-spaces into separate universes that differ only in their 11th dimensional position at the time they separate, when one universe gets "heads" and the other "tails" - prior to observation, it's heads/tails with a measurable energy. then you observe it, and the quantum state-flipping energy goes away, and has to go SOMEWHERE... so it splits the two 10-spaces along the 11th dimension???

or something like that.

/me head splodes

bombastic bob Silver badge

"you cannot accelerate anything in normal space-time faster than the speed of light."

very true. the solution, then, would be 'abnormal space' (i.e. warp bubble, subspace, all that sci fi stuff that has at least SOME actual science to it)

bombastic bob Silver badge
Alien

Re: FTFY

"The only way we know how to "warp space" (and that only one way) is to move shitloads of matter into the place to be warped."

I was always under the impression that if you could create a sufficiently strong field [graviton field in the STNG universe] you could effectively 'cut yourself off' from the effects of relativity by (literally) creating a 'sub-space bubble' around yourself, being 'space within space'. The relativity problem is just that: relativity. when thing #1 travels with a relative velocity to thing #2 that approaches light speed, you get the relativity effects. but if thing #1 is no longer influenced by thing #2, it can move it's 'own private universe' (the subspace bubble) at whatever speed is possible, since it's not interactiving "relatively" with anything else. That's how I understand THAT particular theory, anyway.

The problem is moving the bubble, or creating it for that matter. gravity waves/particles are being detected by satellites, now, looking for gravity wave events and whatnot. So that much (the existence of gravity waves/particles) seems plausible enough. Emitting them may be nothing more than spinning heavy atoms inside a magnetic field [let's say a mercury vapor magnetron]. Emitting them in SUFFICIENT QUANTITIES, however, that's something else, and might require those anti-matter reactors we cannot build yet...

bombastic bob Silver badge
Black Helicopters

Re: As a side note

"an episode of ST:TNG, in which Data opens the show by playing cards with Isaac Newton, Albert Einstein and Stephen Hawking."

that was a great episode. I miss STNG [nobody plays the reruns any more]

My guess is that there are several possible explanations as to WHY we don't have things like warp drive and practical fusion reactors and things like that...

a) space aliens "holding us back" for our own good [had to get that over with, heh]

b) wealthy/powerful elitists (like Soros) fearing a loss of power and control, shifting gummint policies and money accordingly to maintain power/control. After all, if we can just leave earth and go to space to get away from *THEM*, they'll lose the monopoly they have over our lives...

c) scientists paid to "do research", not "get results" (think of the Manhattan project, which was all about THE RESULTS, and how quickly atomic energy became an integral pat of our society)

d) all of the above.

hey, it's possible, ya know? I think 'c' is the most likely candidate, though. history backs me up on THAT one.

Ten-year-old Windows Media Player hack is the new black, again

bombastic bob Silver badge
Unhappy

Re: Windows media non-player

"Ubuntu to the rescue!"

OT I was a bit disappointed when I installed Mint 18 Mate (based on Ubu) the other day [to do 'droid dev for a customer project] and *ALL* of the built-in window decoration themes were FLATSO versions. SERIOUS disappoint. I had to search around to figure out how to get non-FLATSO looking min/max/close buttons. It's still possible, thankfully, just not pre-configured. I like bulbous buttons in my window title bar, not FLATSO. My desktop is NOT a feely-slab. [if I want a feely-slab I can get a 'droid one for cheap; they definitely have their use - like being a debug slave for the project - but I prefer my desktops to LOOK like desktops, not like 30" phones]

but yeah, in ubu you STILL have a choice. it's just getting a bit more difficult to choose what I want.

bombastic bob Silver badge
Devil

Re: Wait, Windows has a media player?

windows prior to Win-10-nic had one, yes. Now I think you have to BUY one, or tolerate ads, or something... or download/install VLC.

in the insider preview, I reported a bug where the metro video player couldn't get aspect ratios right with MKV files, and had sucky video performance [especially compared to VLC]. Solution, get rid of the metro media player. ha ha ha ha ha. The best part is the screen shots I used to report the bug, which I still get a snicker fit over [it's a harmless screen shot comparison for an anime that for SOME reason was quietly removed from tvtropes for no good reason, other than the possibility of SOME people's perception of it, even though it was a 'trope maker' in a couple of cases, and uproariously funny]. I smile with an evil grin. Because I know how SOME people over at politically correct micro-shaft would see that...

Related, has anyone considered whether or not the infected torrents were submitted for download DELIBERATELY in order to entrap the people that download them? You know, a handful of idiots dumb enough to use windows media player in the FIRST place get cracked by MPAA and others, and their computers held for ransom and/or identified for *STING* operations and intimidating lawsuits...

[yeah, I saw THAT possibility - a few well publicized examples, and a lot of common people shake in fear over accidentally downloading a pirate copy]

Linus Torvalds won't apply 'sh*t-for-brains stupid patch'

bombastic bob Silver badge

Re: The mostly non-existent drivers of Linux

"Linux will only play nicely with about 1/10 of existing devices."

uh, no. I rarely have problems, and most of them were with things like winmodems pretending to be sound cards on very very very old hardware [a toshiba laptop, specifically].

these days, I find there are very few devices that don't support Linux. FreeBSD, on the other hand, I have a bit more trouble with. [but it's been good to me thus far]. NDISWrapper helps, though.

(never DID get the atheros wifi to work for FBSD in my old laptop, and now the motherboard needs replacing - yeah, and all but THAT chipset probably works fine - it's the device itself, a pre-N card from 2008-ish)

Still I've found that nearly everything ELSE works 'first time around' when I plug it into a Linux system. All of those cheap ethernets, and particularly wifi and bluetooth devices that use certain very COMMON chipsets, "just work". they even work on RPi.

Maybe the hardware makers need to cough up a proper driver for their stuff, instead, something you can build locally and then 'modprobe' into the kernel startup.

(yeah that's what should be done with those wifi drivers that Linus ranted over...)

bombastic bob Silver badge
Megaphone

Re: There's a lot of it about

"The people who write code are good at communicating with computers, not so good at communicating with people"

I think you're wrong. Why? because it's the RECIPIENT of the communication that's the determining factor, more often than not, as to whether the communication is effective. You can tell SOME people that "1 plus 1 is 2" and those people will simply get OFFENDED even though they AGREE with you. It doesn't matter HOW you say it, so much, as the fact you SAID it, you were CONFIDENT when you said it, you didn't "feel as if" 1 and 1 are two, nor did you ask THAT person if he "felt" as if it were two, but you simply MAKE A STATEMENT OF FACT, without sugar coating it, and the recipient [with chip not-so-firmly resting on shoulder] whines and cries and complains and calls you a bigot (that's how political correctness works, anyway).

I love it when someone is telling me some B.S. and says "are you even LISTENING to me?" and I reach deep down to a skill I learned in the military, and I summarize EVERYTHING said over the last nn minutes, and then say "and I *DISAGREE* with you for the following 'n' reasons" and then enumerate them.

I _THINK_ that people should _STOP_ being all "feely", and Linus is a good example to us all of how it SHOULD be done. There. I said it.

Tesla driver dies after Model S hits tree

bombastic bob Silver badge
Alert

Re: standard operating procedures

"they are firefighters, how would they tackle an electrical fire in any other situation"

well it's not entirely an electrical fire.

Fire classes are 'A' (wood, paper) 'B' (oil, natural gas), 'C' (electrical), and 'D' (chemical, pyrotechnics)

http://www.falckproductions.com/resources/fire-safety-and-firewatch/classes-of-fire-a-b-c-d-and-k/

apparently also a class 'K' now, for cooking fires [usually these have PKP dump extinguishers activated by heat or a pull-chain/lever of some kind]

What we have here is a case where there is a class 'C' fire _AND_ a class 'D' fire. Putting dry chemical on lithium will probably make it WORSE. Also dry chemical is conductive, and so it would make the electrical fire worse. CO2 usually works best on electrical, and probably the Lithium fire as well. Problem with class 'D' is knowing _exactly_ what chemicals will put it out, and what chemicals make it worse. You could actually put some fires out with OIL, if you think about it, because it has excellent smothering and cooling effects, so long as it's not atomized with plenty of O2 [in which case you'd get an EXPLOSION and a class B fire to go with it].

Class D fires may be self-oxygenating. in the case of a LiPo, this is probably the case when you get past a certain point. Li reacts with just about everything, from the negative electrode to the material it's sealed up with, the atmosphere, WATER, and anything else you throw at it.

When I was in the Navy I was trained in firefighting [as everyone else was] and we did regular training and drills and whatnot. I've actually put out a couple of fires (not while in the Navy) when there was an arsonist in my neighborhood, a few decade ago. I wouldn't call myself an expert, just 'knowledgeable'.

But I can totally understand why firefighters were hesitant to try and put out a battery fire like that. Sometimes, if life is not immediately threatened, if property damage can be avoided by "letting it burn" and keeping it from spreading, THAT is what you'd do, to avoid "something worse" if you do the wrong thing...

Biting the hand that feeds IT © 1998–2019