Posts by David Newall

Beware the licensee terms

They'll probably have the most intricate and comprehensive suite of ai products, a cornucopia of do all and be all for everybody, priced from a pittance for entry-level to a king's ransom for it all.

Most people will pay for entry-level, never knowing that Oracle delivered everything. They'll naively ask the ai the wrong questions using the wrong phrasing, thus trespassing into advanced product territory, and then licence enforcement will pounce, audit usage, discover the usage that was not paid for, and demand the licensee pay for the top level product for every possible seat to avoid prosecution.

Every possible seat will include all employees, from janitorial to the board and all in between. It will include a seat for every customer of the licensee. And for every visitor. That will be how they make the real money.

wrong!

There's a very good reason why everyone uses Windows and Microsoft 365. It's always been that way and we all have expert skills. We don't want to change to something that doesn't come from Redmond. We'd be lost, unable to use it because nothing works the way it should (which is the way we know.)

Pardon? It did? It isn't? When did that happen? Oh no!

Cease this nonsense

Yes, one should run one's own mail-server (I do) and, it's not so hard. But, the idea you'd pivot to a different supplier because your current one is down is ridiculous. It takes hours at the least, days more likely, and possibly, depending on existing reputation of the new IP, weeks or months.

buggy design

GNU telnetd interpolates values into a command line (a string) that starts /usr/bin/login. This is brittle as login might be changed to introduce new arguments to exploit.

The correct approach is to build an argv array. I'd classify it as a Security 101 blunder.

Do LLMs experience time?

I argue not because they "learn" up to a point, after which they merely regurgitate with no mechanism to learn more. I am stunned by what they can do today, but not one whit by their total and complete absence of actual intelligence. Let the learning continue in production and who knows what will emerge.

Where do you want to go today?

this was the tag line of their Windows 95 advertising campaign. They asked, but obviously had no intention of taking you there. Nothing has changed.

creepy

without the arms

"The only other formally verified kernel we're aware of is the seL4 microkernel"

Formally verified, as in TCSEC (a.k.a. DoD Orange book) A division system.

https://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria:

Examples of A1-class systems are Honeywell's SCOMP, Aesec's GEMSOS, and Boeing's SNS Server. Two that were unevaluated were the production LOCK platform and the cancelled DEC VAX Security Kernel.

Byzantine pricing

For me the red flag is how complicated AWS pricing is. I can't even tell if they are price competitive because they are beyond comparison.

that seems like a lot of work for not really so much money.

send it by post

Grind it up and send it by post in 40 million DL envelopes. That would be so on-message for Usania.

who pays

for the electricity?

Goose, golden, egg

It's not too late for the world to pivot from Arm to RISC-V

Sounds good

If I don't want the people who steal my stuff being alerted to a hidden tracker, are these what I should use?

Angle Park

In the mid-70s a select group of secondary students descended on Angle Park Computing Centre where we could run batch jobs with ab turn around measured in minutes instead of days, and where there were two or three interactive terminals, which we shared in something like 30 minute turns. Such joy.

The machine, an IBM 370, mostly ran APL, and as I recall would crash fairly frequently. Oh, APL, you language of )commands.

One time, it was my turn on a terminal when the system was brought back up after a crash. I would have been 15, and showing off, I called friends to gather around while I typed )crash. Hah hah, so funny, except it didn't respond with invalid system command, it sat there thinking for a minute.

Yes, about a minute, that being how long it took the system operator to find out which terminal, race out of the machine room to my terminal, and look at my screen.

I guess the systems programmer wanted to test a crash recovery process so made )crash cause one. Who knew?

⍎A←'⍎A'

TKL

I'd like it with an integrated numeric keypad.

Oh, yes, this is very familiar

s/Citrix/Broadcom/

RTFA

This is not an article about HR replacing human interviewers with AI. It's an article about HR prequalifying interviewees with AI.

Possibly still not fair, but most commentards have missed this distinction.

I guess if an applicant misses this then they are the wrong person for the job.

When I recruit, I set a technical exam. Everybody is invited to sit the exam and nobody gets an interview until after. This eliminates people who interview well but lack requisite skills.

AI sceptic/conservative

I've been a professional computer programmer for 50 years, and I know it's easy to see LLMs spout nonsense. I usually ask them about APL or PostScript because the corpora are relatively small and I'm sufficiently fluent in both to spot when the answers are wrong. You have to check everything they write before you rely on it's accuracy. If you don't you'll end up embarrassed, like those lawyers who were sanctioned for misleading courts.

And yet, if you don't know the topic you're asking an LLM about, it will be very convincing. They are uncanny in how well they appear to understand, and mind you, they lack the capacity to understand anything. They can write coherent, cogent and consistent copy that's sometimes also correct, but they cannot understand.

When they are correct they can save an incredible amount of time. If you aren't cautiously using them in your workflow, you're falling behind. No-one can read and digest the sum total of all human knowledge, but LLMs more or less already have. Avail yourself of this new tool or you'll become like the 19th century knocker-ups.

Cannot dual boot Ubuntu 24.04

Ridiculous but true, if you already use LVM for storage, you can't install Ubuntu 24.04 without wiping the entire disk. They describe that as "wish list", seemingly not planning to fix it.

The best you can do is install it on a new disk and then copy the volume/partition after, and fix grubby issues.

unimportant

Third party cookies are only possible when you load the third party content that's included on the website you visit. When you visit example.org, their page includes something from evilcorp.com. It might be a banner ad, a single pixel, or a script, such as from gargle-analytics. That's the only way third party cookies can get onto your computer.

However, the cookie is not everything for these third parties. They already know, because you loaded the banner ad, your IP address, the date and time, the site you visited, and any extra information that that site chose to give up.

Suppose you watch Priest porn and your preferred porn purveyor includes a browser fingerprinting script from evilcorp, the URL could be evilcorp.com/track.js?cat=priest. Now evilcorp knows that, too. All without needing a single cookie.

So when publishers cry, boohoo, they're crocodile tears. The advertisers will still pay to have their content included by the sites they wish to advertise on, and for evil corporations starting with the letters G, and F, they want their content on every website. Without them getting their content everywhere, their tracking cookies have no value.

So they don't need cookies. The cookies just take ambiguity off the table. It lets them differentiate between mommy's browsing and little Petunia's.

The only way to avoid being tracked is to not load that third party content in the first place. Browse add-ons like NoScript help here. That's what really worries the big G's and F's. That's why Google invented manifest v3: to destroy NoScript and equivalent.

Hey: I'd like you to run this program for me. I'm not going to tell you what it does, and I'm not even going to ask for your permission, I'm just going to send it to you so that you can run it on your phone. That's exactly what almost everybody permits when they run third party scripts. Stupid everybody. That's what NoScript prevents.

Run NoScript unless you're happy running my unknown program without even being asked. Which means ditching Chrome and anything else that's switched to manifest v3. Firefox is the one you should be using.

maintenance mode

x.org might be in maintenances mode but this is foss which many times has pivoted on a dime. We'll do so again and if that isn't Xlibre it will be some other ongoing port of x11. Wayback will not be the answer.

we need a two-tier power system

The enormous growth in demand for power by data centres will inevitably drive the cost up, which is not fair to the moms and dads eking out a living on minimal wages.

Bit barons care little what power costs, so long as their competitors pay the same. It's just a cost of business which they include in the price of their products.

Society needs to protect real people, in this case by capping what they pay for power, and when demand exceeds supply, by blacking out large consuming businesses first.

Yes, I'm saying people should pay less than businesses. Yes, I'm saying businesses should have their power cut off before people.

Seems unlikely

"Founded in 1986 ... the scientists based there pioneered innovations like the world's first hard disk drive and relational database, the company once boasted."

That's two things which were widely used earlier than the 1986 founding date.

Interview asked why they keep it?

There are various reasons, such as future marketing.

Safeguarding customer data might be their highest priority, but not as high as making an extra buck by spamming existing customers.

I guess the safety of their staff & customers, which is also their highest priority, is lower still.

Highest ain't what it used to be.

why?

HDD & SDD already encrypt. Linux already has encrypted filesystems. How does this improve anything?