Posts by DrkShadow 49 publicly visible posts • joined 17 Apr 2024
> Could you please restart your computer
Well..... no. :-)
I won't say that. "Sure, give me just a moment..." Usually the time required to find the Windows 95 startup sound is about right for the time required to perform an actual reboot. Play that for them, and they'll be content that you did, in fact, restart your computer.
Have you heard the one where Googoyle will give you 100k in cloud credit if you're a startup and build on their cloud?
Get you and trap you.. after 100k spend, it's hard to migrate, and you're probably using infrastructure that isn't even available at any other provider.
---
Kind of like what Axon did to cop-houses all over: "Hey, free body cams! Come and get 'em! We'll give you a free two-years of storage, too. Nyuk, nyuk." Now it's all I see cops wearing.
---
Along similar lines, you're migrating from your server room, windows licenses in tow, to a cloud, and MS says "Hey, want to use the latest version of Windows? No extra charge!" Now you're stuck on Windows, just like Axon. Yuck.
Oh, wait... right, your intent.
You're taking what everyone does and labelling it illegal. It's bad, it's horrible, but it's not *illegal*. All the down-mods here are people who *don't like* what's happening, but the down-modded posts aren't incorrect - just explaining the facts of how and why these things are happening, and why they can't be (successfully) prosecuted for it. Keep in mind, I'm stating the facts, not that I agree with what these people are doing.
You've got it backward.
The infrastricture is the infrastructure -- azure is the telecoms infrastructure. It's literally 1 to 1.
Windows is the "thing on top". You can use it, but you don't need to. Microsoft gives you a "discount" for using their Windows, because you're paying for their infrastructure. Or, hey, you can totally buy your own separate Windows license and use your own computers or others' computers or whatever. Others companies can't provide the same discount because, well, Windows isn't theirs. I mean they can, but they'd be selling at a loss. (In fact *that* would be anti-competitive against other cloud providers, or colo providers, even.) (Google *does* provide Google Docs, though. They don't license that to MS, at all, either.)
See how you're telling a company that they can't price their offerings less than another? Microsoft isn't being *anti-competitive* because they are not selling at a loss to undercut competition. They can maintain this price forever -- they're not doing it to try and wear down competition, at harm to themself, so that they can then raise prices once there's none left (like Amazon did with diapers).
Honestly I think each of us probably just fundamentally disagrees with the other, and there's not going to be a resolution by "explaining it better". The legal fight will have to be fought, and the courts will have to weigh in.
The reading is: Microsoft can't offer a lower price than any other cloud provider. If they do, it's anti-competitive.
?
What can they do?
I can get basically free phone service through my ISP if I "bundle" them, and it's basically the only provider. Or at least, that has been the case where I used to live - there's one cable internet ISP and your other choice was dial-up.
> One of the cloud vendors also controls a major operating system that customers need to run particular workloads, and they offer wildly different pricing for running it on their own cloud compared to other clouds.
This is one of those times when I feel: how aren't they justified in doing this?
They made the OS. They keep it up, they license it out, they use it, they improve it, they so-on - all without the assistance of anyone outside of Microsoft.
Then they're being told: they can't bundle it, like a cable TV provider bundles channels. They can't optimize it for the systems that they're running it on. They can't do anything with it, unless someone else is doing it, too, in the same way, for the same cost. How does this make sense?
I really feel like all of this "anti-trust" is starting to over-step its bounds. Microsoft isn't undercutting the hardware pricing if you use their OS on their cloud. They're bundling - and giving you the OS/SQL licensing for free/cheap. Like getting HBO for "free" when you pay for Disney. It's not comparable to giving you free DataDog when you use Kubernetes in Azure cloud. Basically: they're not doing something that is unsustainable for them, like when Amazon was selling diapers at below-cost to shut out a competitor. Microsoft can license their own software this way, and keep doing it, and continue doing it, and it's just their business. Why is that a problem? Let Amazon et. al make their own GUI-based OS and *compete*, right? What Microsoft is doing *is* competition, and is actual and valid competition.
Even so, I'm not these market-watchdogs, I'm not the trade groups, and no one is listening to a commentator on The Reg, so I guess we'll see. I don't like MS, I actively avoid using their software, I wish they would just go away, but I do feel that they are *not* acting anti-competitively.
Same.
The lesson learned is: ALWAYS put a `/` at the end of the _directory_ that you're moving things to. Develop the habbit that not having the / at the end means that you're renaming the file/directory, not changing its location.
and people say, "You know you don't have to include the trailing slash, right?" Knowledge is looking for oncoming traffic when you cross a one-way street; wisdom is looking both ways, anyway.
The part that gets me about what they promised:
> Nope. Never have, never will.
Oh. Really. I wonder if there's a license or contractual violation here. It was in the EULA, and for a class action lawsuit, any damages would be at least equal to any income they make from such sales.
Anyway, I'll never actually consider any such "promise" true unless they put into the EULA that they will pay the user $x if their data is ever shared from this version of the software, or any future version of the software, without regard to the license. At least then, for people of the older versions of the software, they have monetary recourse -- and the corporation has tangible incentive to not do this. Lacking that, we have the current Corporation.
You should never, ever be setting permissions or settings for individual units.
You should *always* be using groups. Even groups of one. Add the computers to the appropriate groups. There are technical reasons for this, performance reasons for this, and simple reasons for this: you will almost always grow, and need to add another to the group. Notice: there's probably a reason that literally everyone is not complaining about this behavior.
On the one hand, I'll probably die because my expensive medicine will be refused to be covered by the expensive medical insurance until they can renegotiate a horribly expensive exemption with the employer next year, taking into account these double-price medicines.
On the other hand, with Donald in office, any new pharmaceutical manufacturer will have every waiver to get their factory built that they could possibly think to ask for. Where they would have been ham-strung in the past on environmental, employment, employee, union, compliance, licensing, and every other type of government tape, they're likely to have all of that waived with the wave of a presidential hand. "Just get it done!" These things *could actually* get built! Some manufacturing, especially _important_ manufacturing, _could_ come to the united states, somewhat.
Not that I think that any of that was planned, I think it's just a matter of two wrongs working together in odd and unforeseen ways.
I may even live to see American pharmaceutical manufacturers actually get off the ground...
> with PSU, MB, CPU, graphics, storage, RAM
A few paragraphs in, the article discusses breaking the MB into separate IO boards. Maybe then you need to replace the central MB for the CPU upgrade or ram type upgrade, but keep the separate IO boards for the USB3/4 and ethernet ports that they already have, perhaps another board for the SATA controller and ports, etc.
Mostly we'll have to wait and see.
> Same. We live in interesting times, even though I'm not particularly affected by the moves, I think there's a method to the madness, and could be a good thing.
No. There's no method here. There's only madness.
However, I feel like this is one of those cases of, "A broken clock is right twice a day."
The primary drawback, imo, is that it doesn't split blocks.
It uses (used) an RC4 hash (a few bytes of an rc4 hash..) of the file blocks looking for matching blocks. Any non-matching blocks, it sends wholesale. It was originally designed to do this given the intent of a high-capacity, high-latency link. Now-adays, we have pretty low latency links, regardless of the capacity, so it makes some sense to split blocks. Even in olden days, "capacity" wasn't that great, so it would still have made a *lot more* of sense to split blocks, almost regardless of latency. (There's a way around that "regardless".)
Take that 1MB initial block size, and split again - faster to round-trip 4 bytes of an RC4 hash than a whole megabyte block. Split it into 512KB, 256, 128, and find the 32KB or so that you need. *As long as you have a queue*, your transfer pipe is full - process hashes first before file data transfer, and keep splitting. When you don't have hashes in the queue, send file data.
This gets you an extra benefit: whether the file is 1GB in size (probably doesn't change so often..) or 100KB in size, hash the whole file. If you're "keeping things synchronized", then your data is probably majority the same - this will save you loads. If you actually need any pieces, split and hash each half. Maybe there's a maximum block size, maybe there's a minimum block size - but one block size for the whole session is not it.
It still doesn't do this, and it's really not that complex a feature to implement.
This is the Commander in Chief. The military is literally theirs to control.
Disband units. Limit their budget. Cancel development projects. The options are endless. The fallout is minimal, when the public doesn't even know what secrets are being pruned. Keep budgets the *same* rather than ever-expanding, and you'll *still* achieve reduction - expenses will lessen in value with inflation.
There's a bit of hand-wavy assumption to this, but..
They provided some tens-of-thousands of lines of hand-created examples with which to train an LLM. (Presumably they trained it from scratch on the codebase, not just passed it into an LLM as context.) At the least, then, they needed a few thousand lines of manual conversions.
They most likely had to cover every *common* case that they wanted to be handled by the LLM, with some degree of repetition. Then, the hand-handled lines, or other odd differences, required human intervention -- and presumably the LLM did not tell them that something was awry.
The code follows some sense of standards -- Google has coding style documents, variable-naming documents, how-to-reference X documents. Things are somewhat "regular" -- i.e. this is for *their* code, and not _your_ code unless you follow the same peer-reviewed style guides.
In the end, they hit the 80/20 rule: they were able to migrate 80% of data, with that last 20% taking 50% of the total time -- and requiring humans to perform the work, at least somewhat. (Probably all of the not-so-well represented training cases, styleguide exceptions, ...)
I honestly thought so, too -- if your job can be done remote, then it can be outsourced.
They tried that all throughout the 2000's though, and the results were terrible. Companies don't really seem to be going that route this time around. Maybe a little bit, maybe Costa Ricans and Brazilians as opposed to Indians, but it's not nearly as internationally-outsourced as I was originally expecting.
What I'm not sure we're at yet is: if your job can be done remote, then it can be done by someone in Oklahoma for 1/3 the pay. That doesn't seem to be holding up so much either, though, as the big tech co's still need significant experience - and man-power - and so they still have to compete rather strongly. Maybe the smaller IT shops can get away with that, but same thing: if those smaller IT shops train you into experience, you'll be poached (or at least have options).
... unless they're getting large tax breaks for dragging people to a down-town area, and also possess a great value of commercial real-estate (or leases) in that area.
We always notice that it's the large companies that put out these mandates - it seems rare that smaller companies are discussed, except when they're citing larger companies.
It's been my theory that the old companies will succumb to more efficient, more nimble companies as this goes on. It will take half a generation, though.
> There is also a feeling engineers work better when in-person, and some say younger staff can't get a feel for corporate culture and learn from older colleagues when at home.
I'm self-taught, like probably many here. I learned via forums, chats, instant-messages, and so on. I didn't learn in-person. There's no merit to this.
Further, when you're forcing unsocial/anti-social people to group together, and forcing introverts to socialize, it's a net-bad-thing. Managers only know what they are, and the people who want to be managers tend to be extroverted - and so everyone must be like them.
"It's easier to talk about it," I grew up with the internet, on IRC, and reading forums. When you talk about things, people put their mask on and actively hide what they're feeling, thinking, misunderstanding. To me: I see someone who's confident and clear, and job well done! I cannot pick up on verbal cues, like maybe others can. When it's in writing, I can backspace, I can edit, I can clarify, I can make a much, MUCH better communication - and I can see and feel the parts where someone's not understanding something, and I can pick up easily on what they're *not* doing/getting from the communication. You can't? Sounds like a personal problem -- shouldn't be forcing me to do something wrong because you can't. But hey, you're the boss, so badly's the way, right?
> Hell, I wish all languages would get rid of the ternary operator!
I generally agree........ however I've found myself using it occasionally, recently.
The problem is: initial assignment to a const variable. Either 1. use a language that `const`ifies the assignment on _first_ assignment (Java), or use a ternary to determine the value at _this_ assignment (C).
I suppose you could also use a code block that returns a value `const myval = ({int myvar2; if (a) myvar2 = 3; else myvar2 = 4; myvar;});` but that's even more evil imo. (it feels like very recent C standard syntax, as well - I don't think it's K&R C). I've done that a couple times to avoid temporary variables creeping into function scope. I don't know how I feel about it.
> "substantial portion of material harmful to minors,"
In other news, Florida is requiring any indoor walls of parents' bedrooms be soundproofed -- doors too -- lest the poor minor(s) have to listen to their parents having sex, an undeniably damaging experience.
Oh, wait. They meant only on the internet. Right.
This is pretty cool - any components (functions, ..) in your program that use *only* this subset of C can be _proven_ memory safe! (It doesn't need to be _compiled_ to rust.) You can put this converter into a static analyzer and get the same benefit. There are probably many, many many aspects of programs that are like this _already_ without refactoring a codebase so that it fully compiles to rust.
As an extra added plus, a static analyzer can do more -- when there *are* type casts, the static analyzer can analyze the before- and the after-type usage of the variable and see if both are memory-safe, as much as reasonably possible. Without even refactoring!
This is a great win for static analysis, if implemented that way -- otherwise, maybe it's just another instance of, "Oohh, shiny..!"
Maybe existing static analyzers already do it. I feel like they're probably not used frequently enough.
> tell me how and why it might, or should, one day replace my perfectly-fine-thank-you scripts in `/etc/init.d`?
They lost me at "Shepherd uses a dialect of Lisp for its configuration". Oh, bye.
Alas, the systemd base-system is actually something of a minority. It's really only on Redhat, Debian, and Arch Linux -- which might be a little bit of "most of them", though. Void doesn't use it, Gentoo presents the option, Devuan doesn't, Alpine doesn't.. there may be some others like suse, idk. Most of the other things people list that "do" are derivatives of one of these. The majority of distinct distros: don't use a systemd base-system. That's a bit of a comfort. (If you're creating docker images, don't `FROM ubuntu:latest`; do FROM devuan, alpine, or whatever else. Save yourself the headache.)
If you *do* need to use a Debian thing, then use Devuan. You might even be able to use those packages as a base for Ubuntu, or add the Ubuntu repos on top of devuan, but I honestly haven't tried.
Isn't Baidu a search engine?
AliExpress, otoh, presents Chinese-made and Chinese-shipped items at a price point remarkably below either eBay, Walmart marketplace, or the clear-cut former-forest company's marketplace. It's really nifty -- check out aliexpress sometime. (I guess shoppee? Tenmu? never tried those, though.)
Not giving a name only avoids one easily-tested-for bias.
> "My point of view was, 'No, you're not bias-free,'" she explained. "You can remove the name, but you still have some markers, even just in the language, that can help an LLM understand where one person comes from."
Language queues will be more subtle and still give your culture away entirely. Just hiding the name does nothing; it was nothing more than an simple proof for a school project.
When is the last time that Goggle or AWS used a small ISP's services? Their employees notwithstanding (who are presumably paying for their internet connection), when has a large tech co. sent unwanted traffic to a small ISP?
Are you suggesting that, should these companies not pay their "dues", they should be blocked, and I should be _unable_ to access their services via the service that *I* am paying for?
Then, what am I paying for?... presumably if Goggle et al. pays for my internet access, then I don't need to. Right?
Perhaps it should be factored in: how often do the big tech co's randomly send data to a given small ISP's endpoint, unrequested? Are the tech co's DoSing small ISPs, knowingly, and without a request being made of them by a customer of the ISP?
---
What you're suggesting is paid cable TV, and we're all going to have to await the days of dial-up internet to come back, as every non-corporate endpoint will be blocked or throttled into non-existance. People will be setting up alternative access points so that information, not corporate propaganda and products, can be reached. Just like they used to: dial-in bulletin boards.
That last part reminds me of a long, long time ago.
I read that on Linux, rather than reserve a whole, fixed-size partition for swap space (and those were *hard* to resize, given you had to resize and move the filesystems around them..), you could store a swap device on your filesystem!
.... Hmm. I thought, lets give that a try.:
# mkswap /dev/sda
# swapon /dev/sda
-- and I was quickly greeted by a kernel panic. Oh, for the things we learn. (`fallocate --length=2G /swap.file; mkswap /swap.file; swapon /swap.file`)
They could start a wholly-owned American company, perhaps employing Chinese people (perhaps a couple with American citizenship), and the Chinese (businesses?) who want to interact with this company can "invest" in the company -- heavily.
The company that is wholly American-owned, then, can "license" the data out to any Chinese-origin companies (or entities) that wish to use the data. No sales required! Or, if licenses are not permissible, then certain things can be made freely available, perhaps as part of technical demos, marketing data or example data, about their "products". Of course, for any other American companies, to whom they *are* allowed to sell things, they can happily make this all for sale. Good thing they had that initial investment, to get started! Now they've got a "product".
Not that I've *ever* seen anything like this such as with regards to CFIUS and Chinese companies buying restricted American technology. Nope. Never. That would *never* happen. This stuff is _regulated_.
I feel like I've heard of this company before, could they have been in the news not-that-long ago?. . . .
- https://www.theregister.com/2023/10/31/sec_charges_solarwinds_sunburst_fraud/
- https://www.theregister.com/2023/03/03/solarwinds_supplychain_security/
- https://www.theregister.com/2021/04/15/solarwinds_hack_russia_apt29_positive_technologies_sanctions/
Oh. That company. They had hard-coded credentials *too*.
> Doesn't need to be limited to 27" equivalent size. Happy for position sensors to allow my whole field of vision to be used.
Tbh, I feel that this is what they're focusing on, and it's the whole problem as I see it. Stretching a limited display to cover the whole field of view, where I want high DPI in the form-factor of a monitor -- so that text isn't awful, lines aren't blurry, and etc.
If they had a 27-inch monitor that I could switch screens on by the flick of a button (not necessarily turning my head to the side, or maybe so), then that might be an interesting feature - one that they or someone else could implement eventually.
Unfortunately these aren't sufficient.
The Lenovo model is a 1080p display, which -- really -- might be enough for a 21-inch display. It's certainly not something I'd use for a 27-inch display for anyone but Mr. Magoo. Lenovo says this as a 45 pixels-per-degree display.
Xreal's Ultimate says it's "up-to" a 330-inch screen, at 49 pixels per degree. Their Pro(?) model will give you a 52-degree field of view, at 49 pixels per degree, yielding something like a 64-inch monitor with a resolution of maybe 1530x1200 -- this would be _horrible_. Similarly, it suggests that Lenovo's display is about 48 inches.
A large part of the fatigue is reading text that looks like it was rendered in Minecraft - it's too big, sloppy, uncomfortable. If they would take that 330-inch display and lens it down to 27 inches (not 30 inches, actually looking at my 27-inch display requires a lot of eye movement, and 30 inches is uncomfortable without moving my whole head, which I can't do in glasses), then they would get the high pixel density required for a quality display.
They're not doing that. Only Apply has gone with a very high resolution display, but they still stretch it across the entire field of view -- and more.
The models above don't, and no models of wearable display that I've seen, have a reasonable size image display with a resolution that I can get with a correspondingly sized, good monitor. They all have a resolution something like 640x480 on a 21-inch display (if you wished to crop it), or Apple has slightly better for $5000.
Just A Monitor:
Think. Glasses with a 27-inch high-res monitor, right there, on your head, wherever you might want to look. Not see-through (maybe around the monitor image), not "AR", not anything but a monitor. Essentially no processing on the device itself - just an LCD with LED drivers lights, and the pancake lenses that make these things work. No 170 field of view, just a 27-degree field of view, at a 27-inch monitor, as though it's three and a half feet in front of you.
Just a monitor. That displays an image.
This would be great: a travel monitor, a replacement for your portable's onboard craptastic TN panel 13-inch display that you can't even prop upright on a plane. For businesses, it's a privacy screen - no need to worry about someone looking over their shoulder at data. For the user, a place to watch a movie, or type a report in a word doc -- and because the Fov is so low, it can actually render text in a useful way. Light-weight. Long battery. Standard HDMI (intel wireless display?) input.
*Maybe* even, but not guaranteed, a second input, so that the eyes can receive different images. Then game engines can render from two different perspectives, send the outputs to two different monitors, one for each eye, and you have true 3d -- without a $omg-costing computer. !?!? (Still expensive, but seemingly not so bad as current VR stuff.) Again, just a _monitor_, not a 3-d, 360-degree, all-immersive environment. JUST A MONITOR!! (Or _two_, *maybe*.)
Probably the drawback is: it can't be significantly patent-encumbered. It can't easily be tied to your platform. These companies will never develop such a thing, but this is what I really, really want. To hell with all of these gawking headsets.
> Their goal is usually to connect to the corporate network and steal something that only a high-level exec should be able to access.
I see words like this, and I think... nothing? Nothing? Things that only a high-level exec should be able to access? Like their e-mail?
The development team doesn't add execs to the code repositories. The execs have no experience there. They're not added to the bug trackers, even -- they're not going to do that, report it through someone else. They're *certainly* not given access to the Cloud management console -- again, no experience, it's just a security risk at best. They aren't HR, so that data is confidential. (Personal calendar events? with other executive invitees?..)
Really truely, a executive should have access to .... nothing but their own, individual e-mail. Maybe a cloud drive for their docs, but in my experience the execs prefer to keep them local -- so that and backups. The printer that they used was an inkjet on the desk -- not networked, and not shared. If they have access to more, IT has screwed up indeed.
They _manage_, they have no need to access the results, methods, documentation, sources, or anything else. They manage, their information comes to them via subordinates, maybe someone has put together pretty-dashboards, and they have no need for more. ("Engineering managers" or "technical managers" may be an exception -- but executive?..)
It's not really hard...
Cook the bacon on medium instead of high.
?
It takes a couple minutes longer, and doesn't burn things. I haven't had a problem with smoking food. Ever.
higher heat -> cook/crisp the outside QUICKLY (steak that you want to eat raw with a blackened shell; fried chicken that is already cooked throughout but you want the breading to be hard as a rock)
medium heat -> cook things throughout, takes a couple minutes longer
low heat -> try and maintain the same temperature throughout the food for the whole cooking duration (soup)
Consider that you might change the temperature as your food cooks -- cook meat at a medium-ish to get that medium-pink, and then crank the heat for a carmelization on the outside.
Keep in mind the differential equation for heat transfer.
> Those who can't or don't want to be involved are obviously welcome to stay away. This does not (and did not) bother me at all."
Ok. Lets reconcile this with,
> The video depicts resistance to Filho's request to get information to statically encode file system interface semantics in Rust bindings
So -- the person here is trying to get information that isn't necessarily static so that they can update the kernel code, then merge that code into mainline.
Then,
> "[T]o reiterate, no one is trying [to] force anyone else to learn Rust nor prevent refactorings of C code."
So, what does this person think a kernel maintainer _does_? This person wants to create kernel code, is complaining presumably because it isn't being mainlined, and blah. So suppose he wins. The rust code is mainlined. A thing changes. Whose job is it to update the Rust code when it breaks? Oh! The maintainer's! -- who now has to either dump the rust code for _fix it_. I.e., the maintainers will be expected to learn rust. Or, if no one else, then the person making the change in C will also have to make the change in Rust -- and if not that person, either the patch is rejected (refactoring is prevented), or the maintainer has to do it. I mean, the maintainer guarantees that piece of the kernel code -- so really it's the maintainer.
The maintainer does what the person here said is just fine, and "stayed away". That leads to the subject of this article throwing their hands up and quitting. Good. I hate people like this.
For a long time, there was an external MM branch of the kernel. There can be an external Rust branch of the kernel. When Rust is shown to be so-much-better, or have more development than the mainline branch, and all the necessary, on-going support, it'll probably be incorporated. Until then, it seems people are "obviously welcome to stay away". Probably, this won't happen unless the whole kernel is rewritten in rust.
> "This does not (and did not) bother me at all."
Clearly this is false. The person gave up under the work and effort they were trying to shunt unto others. But hey, make yourself out to be altruistic, and simply explain how everyone else is in the wrong.
---
They complain that people who work on the kernel yell and shout, but honestly, passive-aggressivism like this is toxic. (This is a small amount, but it's only one sample. who knows about these "bike-shed" scenarios.)
DO NOT DISOBEY YOUR BOSS!!
What a great reason to be paid less / overlooked for a promotion / layed off / etc etc etc all the things that women complain about.
I mean, all she's doing is what women always do to men: ignore them, do whatever else anyway, No Means No but Not To Me, etc etc etc.
DO NOT DISOBEY ORDERS. This isn't a military thing, this is: your boss has the authority. You do not. You are expected to do your job: what your boss tells you to do. Suggest might to them, again and again, until they agree, but DO NOT DO IT without their lack-of-objection. (If they haven't told you no, then it's just doing your job and getting things done; if they've said No, like women like to repeat except it's said to them, then No Means No.)
A great example from a higher reply to this article,
"I had to sweet talk the engineer down from his initial "I can't work on that!" stance by offering to help him part the cables enough to replace the planar. Credit to him, he did complete the work in adverse conditions. I did offer to take the blame if anything came unplugged, though."
Neither of them did do anything that he was denied. Great working together, great team-work, great getting things done, great responsibility.
Comparatively, do not idolize this Reg article worker - they did things _wrong_.
- "China-backed hacking group had stolen a cryptographic key from [Microsoft's] systems."
- "Researchers at security vendor Bitdefender have uncovered the FiveSys rootkit, which is the second rootkit they’ve run into that has managed to make its way through Microsoft’s driver certification process."
- The NSA thought it had a monopoly on CVE-2022-38028, but Russia had been using it for years to install malware.
- Australian Cops are clammoring, again, for holes in encryption that they swear only they will ever know about -- many thousands of them will have access, and not one will ever leak it to an adversary.
Backdoors in encryption are holes in security. Even if you think you're the only ones with the key, you won't be -- and probably you won't know that until your secrets are out. Calling for known-breakage in encryption is calling for systems to be insecure. It's always cops that are calling for this, just like the American cops are shouting, "If you require we get a warrant before we search a home, then as-needed home searches will be impossible!" "If you're saying we need to get a warrant before we can search or gather data on a citizen, then we won't be able to search historically gathered citizens' data from before we had cause!" Wait. Wut?
It's incredible. That anyone even considers granting these suggestions. How do they not understand that they are not special? That everything they do to weaken themselves will _hurt_ themselves.
The real purpose of this study is mental.
It shows the inability of the US to restrict anything, despite the trying and economic detriment of doing so, while also showing Chinese ingenuity and showing that the Chinese can and will do anything necessary, not being particularly bothered by the challenge.
The US is engaging in economic warfare, and China may not be pleased, but it's happy to bat some chuckles back to the other side. It's an engineered society vs an organic society -- which is more efficient, and which is more robust? That, it feels like, will probably determine who comes out on top for this round ("robust"). The US is trying to out-spend China, like it did to collapse the Russian economy in the mid-1900's. However the difference in an economic war with China is that everything in the US is Made in China. (Oops.)
The US is taking the stance that "AI" is the next everything, whereas I'm remembering the "Master Systems" of the late 1980's which would diagnose and treat all your illnesses, put doctors and everyone out of a job -- based on decision trees. That didn't pan out then, and current day AI is being used to generate fake porn that's tieing people up in lawsuits. Sigh..
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
