Posts by Fido

Whack-a-mole Gone Wrong

It's possible taking down the malware servers without catching or punishing the criminals may encourage rather than discourage criminal behaviour.

In related news, crypto-locker victims are surprised to discover their backups were intentionally compromised by the baddies before the ransom demanded.

While I'm very much in favour of frequent incremental backups using the snapshot features of modern copy-on-write filesystems, keeping administrative access to the backup server separate from all the other IT infrastructure is impossible unless the only way to log in to the backup server is through a physical VT52 terminal. Unfortunately, VT52s were in short supply when in full production during the 70's and they're even more difficult to find these days.

The graphic image for this article shows a paper notepad in which the recovery passwords are stored in plain text offline. When the only time one needs the recovery password is in a disaster scenario where the online systems are unavailable is that best practice?

Personally, I'm in favour of locking the box with the key inside.

For me the main point of an enterprise-level Linux distribution is that it provides a stable maintained environment upon which to build long-lived applications that are too valuable to constantly port to the latest software fashion.

According to the late dog developer, such an operating system might prove so popular as to risk future antitrust proceedings, so all providers of enterprise software either monetise such software to the point it is unpopular or destabilise it with disruptive changes.

From this point of view VMware's price increases and resulting loss of customers can be seen as a clever ploy to avoid future antitrust action under US laws, but that's a different story.

Could it be possible the dog developer was right and IBM is monetising Redhat while Suse is desperately trying to avoid a rapid rise in popularity that would risk it becoming a monopoly?

DragonflyBSD

The fact that Linux started out as a hobby operating system and became useful is an exception not an expectation.

In my opinion a similar case in history is the DragonflyBSD fork of FreeBSD. The main result was another hobby operating system that occupied the time of some excellent developers whose efforts may have been appreciated more without the fork.

On the other hand, it seems likely good developers might have a need to write some code just for fun.

I recently acquired a new car. I miss many things, but most of all I miss being able to turn the volume of the radio down without having to wait for the entertainment computer to boot up first.

When the car is started the radio will immediately begin playing at whatever volume the previous driver left it at and the volume can't be changed until the computer has finished booting.

People are impressed that computers can now have interactive conversations like in the movies.

Online retail didn't go away when the dot-com bubble burst. The chatbots and code pilots will not go away when the AI bubble bursts. The technology is real while a bubble is a financial concept related to get rich quick schemes. It's easy to agree with Sam Altman on this obvious point.

On the other hand I do not think lack of GPUs will precipitate the crash but rather unplanned for increases in the cost of electricity and shortages. If battery powered cars cease being a rich fashion statement and go mainstream, then the bubble-popping electricity shortages will happen sooner.

Did the tulip market ever recover?

The cow that won't eat your data

I found the slogan "The COW filesystem for Linux that won't eat your data" funny and brilliantly juvenile at the same time. Yes, I know not everyone has the same sense of humour.

For me "The COW filesystem for Linux that won't eat your data" is a pun based on how much a real cow eats every day in contrast to how difficult it is to create a bug-free copy-on-write filesystem with live snapshots, compression, redundancy and data integrity features.

Humour is so difficult many people don't even try; yet a smile and laughter are so essential to human health that in spite of a cancel culture aiming to eliminate people for any mistake, there are people who still try to make jokes. Maybe that is part human nature.

Anecdotally I've had more trouble with thinly-provisioned LVM volumes than BTRFS. Of course everything was backed up and the failures can be attributed more to my misunderstanding than bugs in the code.

I can understand the need for a team that gets along and works well together. At the same time I hope the development of Linux remains based on technical merit.

Whether Perplexity or some other company buys Chrome, the result will be similar to when Oracle bought Solaris (by way of the Sun acquisition) or when IBM bought RedHat: What was open source ceases to be so within a couple years.

In my option the benefits resulting from companies who have built products based on the open source web rendering and JavaScript engines created by Google far exceed the advantage of letting a third party monitise Chrome by making its code closed source.

In my opinion, terrorists and smugglers using actual Cybertrucks are probably not the main focus.

To me the fact that electric vehicles have different storage, maintenance and stealth characteristics compared to internal combustion engines suggests they might be useful in actual conflicts. Since hostile foreign governments are unlikely to loan their secret battery-powered military vehicles for testing by the US Air Force, a Cybertruck is the next closest thing.

If the code was written by Claude, could the police arrest Claude? Alternatively ask Claude who done it or at least check the log files.

Not anyone has said it, but the content being censored for children is not good for adults either.

Encouraging private companies to scoop up a large number of personal identifications could go wrong. The problem is not fake information being used to obtain access to content but real information later being used for identity theft. For example, consider a foreign government that prints fake ID cards based on the information uploaded for age verification in order to scam democratic elections.

In places where produce is bought from vendors on the street setting a different price for each customer, discrimination based on how you look and talk is common. This contradicts the ideal of equal opportunity for every person independent of age, race, ethnicity, religion and gender. If an AI does the same thing online, the result is the same except at a much wider scale.

From what I can tell the use of personal information to guage how much value a buyer places on an item is likely equivalent to the outcome of a VCG auction for a divisible good. Each buyer pays a different price so that their respective marginal valuations at the transacted quantities are the same. Thus, someone with greater need is charged more.

This optimises the value of the market; however, common sense says people are being charged unfairly. At the corporate level it's been happening for a long time. That's why corporations have purchasing departments. With AI the same value-optimised pricing can be implemented at an individual level.

From a political perspective the result is similar to "tax the rich" but with an unpredictable AI-identified category in place of rich. Ethically it's wrong to "do bad things" to any identifiable group.

Does Nvidia not support IBM Power anymore?

Not too long ago Summit and Sierra were top 10 supercomputers. Maybe that's why open-source ROCm looked so attractive during the last procurement.

I don't see mentioned in the comments or article the fact that the company which makes Raspberry Pi computers is separate and independent from the Raspberry Pi Foundation being reported on. This may be obvious to many people, but I mention it anyway.

From my point of view the job market for programmers and software engineers has historically expanded since the 60's due to the everywhere increasing use of computers. Then suddenly AI makes writing software so efficient that even though the everywhere use computers still expands, the job market for programmers and software engineers contracts.

The question boils down to how fast the need for new software continues to increase versus how fast developer productivity increases due to AI. From my point of view, productivity increases will be so great the job market is likely to contact.

People make analogies about how the job market for skilled machinists didn't grow with the automobile market due to assembly-line productivity increases.

At the university here we repurposed the old scientific computing cluster as a cloud using VMware. The nodes each have a total of 32 cores so I'd naively expect a 72/32=2.25 increase in licensing costs.

Since we're also looking at a possible 10 percent general budget reduction due to lack of planning, it seems possible the solution will be to turn everything off but not back on again. For educational institutions Microsoft offers extended Windows 10 support at $1 per seat for the first year doubling each year after that. Will Broadcom offer similar discounts on legacy VMware for schools.

I'm not involved in the IT decisions, so my only problem is as a user of the cloud. Hopefully the discounts are worked out and operations will continue normally.

I'm interested only in the technology aspects of Signal, not the specifics of this case.

If a hostile foreign government were able to compromise the mobile phone networks of a targeted nation, would it then be possible to secretly install remote access software on a government issue phone?

To avoid giving away the fact that end-to-end encryption is compromised, a foreign spy might use the remote access software to add a third party to a private chat who is likely to leak the information. When the third party leaks the private information, the foreign government does not get blamed yet benefits from the leaked information.

I don't know how real spy operations work. However, it seems to me that this technique could be effective at circumventing end-to-end encryption without revealing who did it.

Somehow the disadvantages of having two distinct programming languages in a single code base has to be outweighed by one of them being Rust. Having to maintain separate bindings for each language and synchronise them by hand sounds more error prone to me than the danger C code in production for more than a decade possesses a hidden use after free, bounds error or null pointer dereferences. At the same time, I'd get very excited to see a nontrivial GPU, network or USB device driver written in Rust that avoids the unsafe keyword.

A year ago there was a US government directive to stop using C and switch to memory safe languages for essentially everything. While the directive looks as well thought out as the long since abandoned idea of using ADA for everything, it's possible adding Rust to the Linux kernel is based primarily on the need to demonstrate progress being made towards use of memory safe programming practices.

Such a benefit, though nontechnical in nature, could be enough to offset the interoperability and maintenance disadvantages of two languages in the same project.

The same considerations could be the main motivation behind both Microsoft's and Google's reported progress on the adoption of Rust.

As someone who has been enjoying Linux since 1993, I just want to say thanks to Linus.

Where I work the solution was a policy that prevents nearly anyone from buying any type of office printer. Now there are a couple networked copiers in the mail room for everyone to use. Thanks HP for the additional exercise.

Global Winter

Rather than mammoths and mice equipped to survive extreme cold, wouldn't a species adapted to global warming be more practical?

Deploying commercial single-vendor IT infrastructure forms a long-term business partnership with a vendor that is generally based on trust. The difficulty occurs when a takeover or buyout changes the nature of the partnership.

A similar thing happens at smaller scales with blog sites and free software. The owner sells to a third party that subsequently monetizes the readership or inserts adware.

The difficulty is that further regulations could make things worse. Consider, for example, when SoftBank went in to ARM-architecture monetisation mode after not being able to sell to Nvidia. All sorts of things can suddenly change the nature of a business partner.

Since IT embeds itself so deeply into a company's business process, relying on single-vendor software does not provide the robustness needed for long-term planning. While decision makers with golden parachutes may not worry much about the future, protection of the business from disruption caused by changes in software licencing and development is an argument for open or at least owning the source.

Said another way, switching from VMware to another commercial offering is a fool-me-twice decision.

It's not cyber war yet...

When does the prepositioning end and the first cyber war begin?

Also for Science

While the gaming community may be larger than engineers who develop and run numerical codes on their desktops, the time stepping in a scientific simulation is quite similar to in-game dynamics but without the game. In fact, since a numerical run has no graphics-card bottlenecks, the X3D series CPUs with full-width AVX512 are astonishingly fast for small-scale computations.

Woohoo! If more science and debugging can get done faster on the desktop, that leaves leadership-class supercomputing available for larger runs.

The difficulty I see is that more bugs are likely when simultaneously using two languages in the kernel compared to using only one. Thus C mixed with Rust will have more security issues than only C, just because of the mixing, even if Rust might be better.

I also find it surprising that Redox OS has been in development for 9 years and still not available for production use on any cloud platform, but that's a different story.

The article states "Although some of the betas offered Wayland as an option, it's gone from the final release, which uses just X.org." If the Deepin desktop is as widely used as suggested, sticking with X11 may say something about direction of the window fracture in Linux.

As a contrast Raspberry Pi OS switched to Wayland by default last year. Though tied to a particular vendor's hardware, in my opinion that OS is also trend setting.

Could letting Broadcom buy VMware be as bad for the industry as not letting Nvidia buy ARM?

The article states "twenty-four gigabytes of Hynix LPDDR5 memory can't hurt" but I thought the M2 had some special kind of unified memory which was faster.

Maybe I'm confused. Is unified memory the same as LPDDR5? Is there a reference which indicates the RAM is made by Hynix?

From what I understand, the efficiency core is not a performance enhancement but a setback that scales up to support more VMs while still meeting data center thermal and power requirements. As likely as not, eight to 32-core CPUs are chasing single thread performance and anyway don't have much trouble meeting the power limits of even the oldest racks.