* Posts by biddibiddibiddibiddi

329 publicly visible posts • joined 5 Dec 2023

Page:

250 million-plus reserved IPv4 addresses could be released – but the internet isn’t built to use them

biddibiddibiddibiddi Bronze badge

Re: Future use??

You'd be surprised by how much of the RFC1918 address space does get advertised for routing over ISP networks, which is a potential vulnerability if someone tries to connect to it and ends up reaching a malicious server. Most devices SHOULDN'T be handling packets for those blocks outside their WAN generally, and never advertising routes via routing protocols, but there's technically nothing that says you can't use a router internally at multiple points where such routing would be valid so outright preventing it wouldn't be good and it comes down to either bad configurations or malicious configurations. But 240/4 being reserved as a "never use this" block makes it a bigger deal to prevent anything on the public Internet ever accepting routes or sending traffic for it. Kind of an arbitrary dividing line between degrees of risk, I guess. But after we reached the point of not having anymore IPv4 addresses, and deciding that IPv6 was the future, 240/4 should have been released as there was clearly never going to be any other "future use" or experiments. (And what did they need 168 million addresses for when experimenting?)

biddibiddibiddibiddi Bronze badge

And if they had just done it in 2008, before it had become so critical, virtually every device in current use would be able to handle it by now. If they had come up with some "new or experimental use" according to the original purposes of the block being reserved, the same thing would have had to happen anyway.

Leaked memo: Microsoft employees should be using Copilot too

biddibiddibiddibiddi Bronze badge

What if I were an MS developer and honestly knew that I could produce better code (or whatever) than AI, even if I might not be able to churn it out as fast (because I'm a perfectionist and will make sure that code is good, but will have to spend more time to do that)? Are they going to force me to use AI in order to get more product out the door in less time despite it being lower quality or having more flaws? (I know the answer, of course. Plus, a developer like that probably wouldn't have lasted long as Microsoft anyway.)

You could have heard a pin drop: Virgin Galactic reports itself to the FAA

biddibiddibiddibiddi Bronze badge

That's going on my list of dumbest things I've ever read.

biddibiddibiddibiddi Bronze badge

Works okay on airplane engines.

biddibiddibiddibiddi Bronze badge

To all aircraft and spacecraft manufacturers: I'd like to introduce you to this product called Loctite.

Cory Doctorow has a plan to wipe away the enshittification of tech

biddibiddibiddibiddi Bronze badge

Re: Deliberation

It sounds like in your utopian world everything is government-owned and government-run.

biddibiddibiddibiddi Bronze badge

Re: Deliberation

Well, Ask Jeeves always kind of sucked.

biddibiddibiddibiddi Bronze badge

Re: Deliberation

I don't remember AltaVista ever getting bad. It just didn't get better, while Google started out pretty good and got massively better. AltaVista died not because it got sick, but because it didn't grow any taller and Google's canopy blocked out the sunlight.

Return to Office mandates boost company profits? Nope

biddibiddibiddibiddi Bronze badge

Oh I agree that there are plenty of things that shouldn't be sent to off-shore call centers full of people who don't understand you, you don't understand them, in both language, accent, culture, etc. But that's rarely stopped companies from doing it if they thought it would save a dollar/pound/euro and the customers would only complain enough to reduce revenue by a penny. And there are plenty of jobs where all of that wouldn't matter, or only slightly and could be worked around. Jobs which formerly were thought of as "we need someone here in our office to do it" so the possibility of outsourcing it wasn't considered, but are now seen to be doable remotely. So the issue becomes showing that even though the local workers can do the job remotely, that they still provide sufficient value to the company to keep them on because there is still something that off-shore workers can't provide.

biddibiddibiddibiddi Bronze badge

So the workers in India might be working at night. So?

biddibiddibiddibiddi Bronze badge

There is something to be said for "If you can do it at home, why can't someone in India do it?" in many cases. But that often does ignore a lot of issues that make having local workers better than scripted workers in another country with a different culture that customers don't want to deal with.

IPv4 address rentals to mint millions of dollars for AWS

biddibiddibiddibiddi Bronze badge

So they bought up 132 million IP addresses but are estimated to actually have 12 million, or 9%, of those actually in use? No wonder there's a shortage of addresses. Amazon and probably others are hoarding. Even if you consider inefficiencies due to subnetting, and quadruple the number in-use but not pingable, that's an awful fucking lot of addresses that are just being held by greedy corporations for no reason. Either just trying to drive up the price so they can sell them off in a trickle, or planning this rental cost the whole time using "shortage" as an excuse, or just trying to artificially push the world into using IPv6 by manufacturing a need.

Windows 10 users report app gremlins after Microsoft update

biddibiddibiddibiddi Bronze badge

Re: We really need another option.

We could start executing anyone suspected of exploiting the flaws. I bet it would stop very quickly.

biddibiddibiddibiddi Bronze badge

Breaking News: After February Patch Tuesday, no users report a loss of printing capability, and there are no reports of default browsers being reset to Edge. We are still making inquiries to be absolutely sure as it's so unbelievable, but we have also seen no complaints about blue screens and boot loops.

biddibiddibiddibiddi Bronze badge

That's ridiculously extreme.

biddibiddibiddibiddi Bronze badge

Re: Error in article

Well, in this case, "regression" just means "works on anything that is already installed".

biddibiddibiddibiddi Bronze badge

I still can't even get updates to install properly weeks after the patch issue causing the 0x80070643 error on Windows Update, which ALSO prevents anything from the Store from installing or updating. The stupid thing is that the error occurred for me because my recovery partition really was broken, I fixed the partition, updates worked, then a few days later the error started again.

Netgear hauls Huawei to court over Wi-Fi patent spat

biddibiddibiddibiddi Bronze badge

Ah that is at least a plausible interpretation, though confusing for anybody that just looks at the names and hasn't read the entirety of the legal structure of how these things are done. And I have no issue with them getting paid for their R&D (unless of course they did something shady to end up getting a patent on things that were in fact already done or obvious), but it should be standardized as part of the inclusion in the standard instead of being closed-door negotiations on a company-by-company basis, with anyone who wants to use the standard permitted to do so if they pay the established fee with no right of refusal by the patent-holder.

biddibiddibiddibiddi Bronze badge

> require companies involved in the standards process to disclose whether they will license on RAND terms any of their SEPs included in the standard

I don't think "disclose" is the right word. That implies they have a choice and are just required to let the IEEE know whether they will or not. If IEEE won't include the standard without the company agreeing to RAND terms, then the wording is "require" them to agree to license on RAND terms.

I also don't understand why there isn't a system set up where the terms are determined and made available before the patented technology is included in the standard. That's the only way to guarantee the licensing is reasonable and non-discriminatory - it's set up in advance, everyone is aware of the terms and it's accepted by the IEEE and its members, and there can be no difference in the terms from one company to another (flat fees, sliding scale based on volume, whatever). Any fees should then have to be processed through a body set up for the purpose under the IEEE or something, paid for by IEEE member fees and/or part of the licensing fees, so that there is a clear trail showing that everything is being paid as agreed.

Or just don't include patented technologies in standards that will require fees at all. If IEEE has the option of declining to include the technology if the owner doesn't agree to RAND terms, then it's clearly not "essential".

Critical vulnerability in Mastodon is pounced upon by fast-acting admins

biddibiddibiddibiddi Bronze badge

And this is why I won't trust Mastodon, running on any number of servers run by who knows what kind of monkeys (with no accountability) who may or may not fix problems like this and introduce vulnerabilities that could affect me even if I'm not on their server. (There are other reasons I have no interest in it, though.)

US starts 'emergency' checks on cryptocurrency power use, citing winter power demands

biddibiddibiddibiddi Bronze badge

Maybe we should just spend the money going into this investigation on just fixing the power grid so it can handle the demands of today and the future, and making it more "green" so that it's not a big deal if someone wants to use and pay for more power. Just assume we need massive upgrades based on the trends of total power usage increase, peaks, etc. It shouldn't matter what specifically the power is being used on unless they're looking to start regulating and banning particular activities in order to reduce the load because the power companies would rather hold onto more profit than spend it to fix the problems.

Also I can't possibly believe that a single Bitcoin TRANSACTION by itself uses so much power it takes an entire swimming pool to cool the equipment that handled it, unless you're counting the fact that the equipment was already running and generating heat anyway and not splitting up that heat output with all the other things the equipment had been doing or just the idle power draw, and including every piece of equipment along the entire chain between endpoints and servers and network equipment. Perhaps MINING a coin could use that much power, attributing all the power used by the equipment solely to that coin (and since the equipment wouldn't even be turned on otherwise, that seems valid).

Dell kills sweetheart distribution deal with Broadcom's VMware

biddibiddibiddibiddi Bronze badge

Like I said, the systems I could find for ordering were limited to configurations that would qualify for a free license, so that may fall under permitted pre-installation (though they still have to have permission to distribute it, so they must have some sort of agreement still in place; I don't think I could start assembling computers and include ESXi pre-installed even if it will be used with a free license). But I'd bet that they aren't allowed to distribute it pre-installed on any system that doesn't qualify for a free license, since now they can't SELL a license. Of course I assume the software won't work if you try to start it on bigger hardware and don't enter license information.

It doesn't entirely explain why you can't configure a system with 3/4 CPUs and more RAM, since you can obviously choose an operating system other than ESXi which would work with those options. Normally their system would just flag the hardware that isn't permitted if one of your selections is not compatible, but removing the option was a quick way to prevent trying to create those combinations since this was a sudden cut-off and they need to recreate the listings to take the limits into account.

biddibiddibiddibiddi Bronze badge

Re: OK, I'll bite

Selling third-party support for free software is not the same as becoming liable for problems with that software.

biddibiddibiddibiddi Bronze badge

Re: OK, I'll bite

Hyper-V Server 2019 is the last version that will exist so nobody's going to pre-install that anymore, and mainstream support for it just ended recently so installing it yourself now isn't the greatest idea for production systems.

biddibiddibiddibiddi Bronze badge

Would it be legal to include ESXi without a paid license on a system that doesn't meet the requirements for free licensing? I suppose in pretty much any normal purchase (meaning where you don't get assigned a Dell rep because it's going to be so expensive) the requirements won't be exceeded, so free licensing applies, since the only common limit is 2 CPUs. I don't have access to a reseller portal now to see what I could spec out, but Dell's available listings for servers that have 4 sockets only show systems with 2 CPUs in them, and having 3/4 CPUs installed is a customization option but can't be selected, and with only 2 CPUs you can only get 8TB of RAM which is half the limit for a free license as well. Maybe until they've hacked out new terms with VMware to allow them to include paid licensing, they won't sell systems with ESXi pre-installed that include more CPUs or RAM than is allowed with free licensing.

biddibiddibiddibiddi Bronze badge

Does this mean Dell won't sell systems with VMware already installed, and maybe won't even certify systems to work with VMware products specifically? Or are they just going to end up working out some other sort of agreement so that Dell will continue to do those things BUT not have to pay any money to do it since they're not earning anything on licensing, and as mentioned by another user, probably provide zero support, and terminating the agreement so forcefully is just kind of a way to slap Broadcom's wrists so they understand that VMware needs Dell more than Dell needs VMware?

ICANN proposes creating .INTERNAL domain to do the same job as 192.168.x.x

biddibiddibiddibiddi Bronze badge

Had a client whose previous IT used someone else's public domain as their internal domain. That was always fun to deal with.

biddibiddibiddibiddi Bronze badge

If .internal can never be registered as a global TLD, then no matter how many people use company.internal for their internal domain name, it will never matter to anyone else. There becomes no reason to register a domain name to use for your internal domain, and no ABILITY to register company.internal as a global domain name. Uniqueness becomes irrelevant. Any updated DNS server will never attempt to contact any other DNS server, including the root, to talk about that TLD. That's the whole point of this proposal. To finally officially define an internal TLD that can never be globally recognized, which only became an issue when ICANN opened up the ability to create anything as a gTLD as before that it could be assumed that anything not in the gTLD list never would be.

biddibiddibiddibiddi Bronze badge

Re: A glimmer I think...

Why would it not be possible to tell your DNS server that it is the root server for a particular TLD so that it would never forward requests? That seems like a glaring flaw.

biddibiddibiddibiddi Bronze badge

Re: Costs?

The millions of companies that have been using their own chosen TLDs internally for decades, usually .local, without any problems, would also like ICANN to explain their FUD on that. I'm guessing it's a threat that the TLD you choose to use internally could one day get turned into a live gTLD due to ICANN making it possible for any string of characters, whether it's a word or company name or nothing, to be created by someone who has enough money for it, thus making it possible for your company's name or something like it to be used in a way you don't like, so you'll feel a need to register things to try to keep the damage to a minimum. That was always a possibility with the regular gTLDs, but the new ones exploded the risk since now your company name could be registered in another 300 gTLDs. But using your existing public domain name doesn't eliminate that risk either, and the majority of companies, even those with websites, don't do anything that would ever need their internal network to be connected to the DNS for their public domain in any significant way. Even using Exchange doesn't require it, and I found it was much MORE work as an IT person to manage a client's systems when they did match.

Perhaps these days with all the near-forced cloud integration, they're referring to it being costlier to try to maintain them separately even when you have zero reason to have anything in the cloud.

biddibiddibiddibiddi Bronze badge

Re: Costs?

The entire point of the new ".internal thingummy" is to ensure that it can never be owned by anyone. It ensures that .internal will NEVER be set up as a global TLD, so no matter if every company in the world set up company.internal as their internal domain name, the only time it could ever become an issue is if two companies tried to federate their domains, merge them into one, or something like that, or for some dumbass reason let their DNS servers send records to each other.

Also the very definition of "plucking domain names or TLDs out of your arse" is making up names you can be certain are globally unique. Where else are you going to get unique names if you don't pluck them out of your ass? Any TLD you choose that is not on the current gTLD list COULD be added to it later on, even if you think it's a random combination of letters (except .local since that's also prohibited globally but is meant for mDNS so it can cause other issues). Using only numbers for your TLD should be okay, but nothing's to say the rule on that couldn't be changed to allow it as gTLDs.

None of your arguments actually mean anything that is unique to the use of .internal.

biddibiddibiddibiddi Bronze badge

Why register a real domain name for something that isn't going to be Internet-facing?

biddibiddibiddibiddi Bronze badge

Why else would they have made it allowable to create basically anything as a domain? As far as I can tell, being able to afford the fees and prove you have the money to maintain it are the only requirements. No need to show there's an actual need for it, that many people want it, etc. It's primarily a cash-grab by ICANN, enabled by letting registrars create a land-grab where everyone is concerned about their own trademarks being registered on a popular gTLD. The explanations of needing additional domain name availability because so many second-level domains (even non-trademarks) on the main gTLDs were already taken is just a small justification.

biddibiddibiddibiddi Bronze badge

Doh, I missed it in the list of the original ones, and have never actually seen one in use since even organizations that should be using something restricted usually end up using a more common one like .com or .net.

But still, what do you consider "proper"? Until the flood from ICANN, anything that wasn't in the list of official global domains was considered perfectly okay because nobody expected random words to ever be made global. And using anything like company.local is just as much of a problem for merging companies as company.com would be.

biddibiddibiddibiddi Bronze badge

Re: A rare piece of sanity

Would that have made a difference, unless it was done a few decades prior, perhaps even when the original gTLDs were defined? At that time, nobody was thinking that the gTLDs would be expanded with every random word or partial word that someone could justify or bribe an official to allow, so there wasn't a concern about ad-hoc domains overlapping because everybody knew which ones couldn't be used. Once any amount of time had passed where there was no conception that it would be an issue, ad-hoc internal domains were already being used and the sudden vomit of new ones was going to be a problem already.

One of the clients at my last job even had a .com internal domain that matched a real outside domain that WASN'T THEIRS. The dumbass that set them up used their company initials, for made-up example IIN.com as their internal domain because the company was International In Nature, but their website had to be intin.com because the website bin.com belonged to Breaking Into Numerics. It made maintaining their DNS so much of a pain whenever we wanted to set up a server that was accessible from the outside and the inside, or changed ISPs or IP addresses because they had an Exchange server plus the other public servers.

biddibiddibiddibiddi Bronze badge

Re: "DNS, however, can't prevent internal use of ad hoc TLDs"

New laws that everyone must allow ICANN IP addresses through their firewalls to scan the network to check for domain names in use to make sure you're not illicitly using .internal without a license, and count how many machines are on your network so they can charge per-device.

biddibiddibiddibiddi Bronze badge

Re: Just me and my little private .loc

Those are abbreviations, not TLAs, nor initialisms.

biddibiddibiddibiddi Bronze badge

What do you define as a "proper internal domain"? Up to this point, anything that wasn't already defined as a valid global TLD has been considered acceptable, if you didn't want to make it match your public website domain (something I never understood the need or desire to do even when Microsoft started recommending it).

.int sounds okay to me, as it's very unlikely to ever be requested as a new gTLD.

biddibiddibiddibiddi Bronze badge

Re: Call it molehilling.

Seven.

biddibiddibiddibiddi Bronze badge

Re: "DNS, however, can't prevent internal use of ad hoc TLDs"

If .kim and .archi and .bible and .coach and .garden and .place and .vodka can be requested and granted, what makes you think nobody would ever ask for .internal?

biddibiddibiddibiddi Bronze badge

Re: "DNS, however, can't prevent internal use of ad hoc TLDs"

The root servers should never accept anything except the specific TLDs that have been defined by the IANA and ICANN. ICANN is trying to define something that is already defined, in that respect. All that will really change here is that they create an official definition that .internal can NEVER be turned into a TLD that can be used globally, and suggesting that everyone should use it internally. No other DNS server should accept any records for a non-standard TLD being sent to it by any other DNS server unless it's specifically part of the domain involved or configured to trust that DNS server.

JetBrains' unremovable AI assistant meets irresistible outcry

biddibiddibiddibiddi Bronze badge

I know how to "remove" it from the code, and I can't even program. You go back to the version of the code that didn't include it, and then add in all the OTHER changes that didn't involve the AI plug-in (bug-fixes, security, unrelated features, etc.) and then debug that. Then you can create an actual plug-in that fits into the plug-in system like any other plug-in, for people that want to use AI features for whatever idiotic reason. Yes, it will take a good bit of work, but far less than trying to unbundle it I bet, and you know what, that's the cost of doing stupid things without talking to your users because you think you need to force stuff on them that isn't to their benefit.

Microsoft Edge ignores user wishes, slurps tabs from Chrome without permission

biddibiddibiddibiddi Bronze badge

Re: The irony...

Chrome is BASED on Chromium, and Edge is BASED on Chromium, but all the shady stuff is not part of Chromium and is just added by the various browser makers, so what exactly are you trying to say? I don't see any irony.

biddibiddibiddibiddi Bronze badge

Re: Again?

>> Yeah, MS browsers have a bad habit of staying open without your knowledge.

All browsers try to do that now. It's intended to "accelerate" them by having everything running already so when you click on the icon all it's doing is generating a window, just like clicking the New Tab button.

Internet Explorer never "cached your Internet activity from another browser", whatever that means. For one thing, that makes no sense grammatically or technically, and for another IE was so old and dumb that things like all this common browser engine stuff wasn't happening at the time that it was still being actively developed.

biddibiddibiddibiddi Bronze badge

Well, ideally the intended feature was first porting over all your stuff when you first installed Edge or set up a new user in it. Then for some reason they thought people would want to be able to do things in another browser on a regular basis and then have Edge check and port all that over every time you opened it...for some reason. Because obviously when you go use another browser to do something, you want to then switch back and do the same thing in Edge later on.

biddibiddibiddibiddi Bronze badge

"This is not the intended feature experience." -- That really ought to just be the automated reply from Microsoft support for every email sent to them or forum message posted. An outright lie, much of the time, but a common response.

Japan's lander wakes up, takes blurry snap of Moon

biddibiddibiddibiddi Bronze badge

Well you can't cover for every possible eventuality. You can't design a lander to be fully-functional regardless of which side lands up, and they presumed that it WOULD land right-side-up, so designing it to have functional solar power if it accidentally landed upside-down would be a lot of extra effort, hardware and cost for an unlikely situation that wouldn't have helped it very much. Even if it's able to get some power the way it's sitting, it's not going to be able to do a lot of the science it was intended for.

biddibiddibiddibiddi Bronze badge

That's a bit pedantic. I didn't mean instantaneously, violating the laws of physics. The craft itself had to have some sort of self-direction in response to sensor data in order to react to small changes in orientation during landing. Even stuff landing on Mars is able to manage that most of the time.

biddibiddibiddibiddi Bronze badge

What absolutely amazes me though is that they didn't have any sort of sensors or even camera views that could have told them what had happened during the course of the approach or landing, right away. How did the thing even know how to land if it didn't have sensors that could have immediately told it what its own orientation was and transmitted that data to JAXA? Why were no cameras active as soon as it landed that could tell them what happened?

Page: