Posts by Paul Crawford 6319 publicly visible posts • joined 15 Mar 2007
I've seen both right and left-leaning news sites, and none of them lack ads
They all want to make money, the political outrage is just a means to an ends.
However, the study was about fake sites paid to do this, not your usual set of ad-funded leeches.
Depressing fact #1:
“The tip sheet worked as intended,” DeLuca said. “It just didn’t change people’s site preferences much.” Instead, people seemed to choose a website based on the topics covered and the perceived bias of the content.
Obvious fact #2:
In addition, DeLuca said that real news sites suffered from a clutter of ads, which do not appear on the algorithmic sites used for this study. Participants who complained about ads were 20% less likely to choose the real site.
What is needed is some legislation that software has to be supported for X years independent of any original operating system. So if MS decides to can win10 then the vendors that only support win10 have to fix it for whatever else is available, either win11 or another OS, for free and in Y weeks.
Yes, that is a big cost, but it might make vendors start to develop multi-OS software to avoid getting shafted by MS rather than the customer getting the shaft.
Just to add that a proper firewall can do more than NAT, such as blocking outgoing requests (maybe white-listing approved sites, etc) and rate-limiting incoming requests that are allowed to slow down dictionary attacks, etc. But for most of the public the "default deny incoming" behaviour of NAT helps a lot.
Neither that nor most firewall operations will stop an internal threat doing a reverse-shell or similar to allow outsiders to get in, or pisspoor stuff exposing points for easy of shafting the owner use, but we can be thankful for every layer that is around in keeping the crap down.
Why do you think that protects you from inbound ones?
Because without explicit port-forwarding being defined, or UPnP adding something in response so some applications request, anything that is inbound (and not in response to an outbound request) has no internal destination address defined, so it gets dropped.
True, if your router has something exposed on the WAN side (e.g. management web page, etc) it is at risk, but that is nothing to do with NAT as such.
NAT is neither a security policy nor a security mechanism — but I have never worked where it wasn't (in)effectively both.
Ah, you never had the joy of Windows XP on a non-NAT modem in the early 2000s? Pw0ned in minutes as so much was exposed by default.
Yes, had XP had sensible policies and a good firewall by default that would have been different, but even today so much stuff is shit-by-(lack of)-design and must never be exposed lest it gets taken in minutes. For them, NAT without port-forwards (or the abomination that is UPnP) still serves a useful purpose.
Hence I can see that a single AI solution (or even a traditional human based defence) cannot guard against all types of attack. Even if enough different solutions can be developed there is no restriction from hackers playing dirty and inventing new modes of doing what they want to do.
That is very true, but in a lot of cases the fatal flaw was something dumb and preventable, not some exotic concatenation of 0-days. So many businesses don't even consider security as anything more than a box-ticking exercise that was ticked by paying some snake-oil company for a security appliance.
It's difficult to synchronize clocks to a high level of accuracy at different locations, because it takes time for signals to travel from one location to another.
NTP measures the time, but that delay correction is not always great if your network has asymmetric characteristics as ADSL or similar do, or if your packets somehow get routed over different paths. Also typical WAN ping-times are in the several to tens of milliseconds, so 4us is an error a thousand times smaller than the delay you typically see and so largely un-correctable with certainty (even though the average of multiple servers might be good enough, you can't tell if your last-mile connection has any asymmetry that way).
PTP works on local networks to higher accuracy but needs special network cards & switches that can do accurate time-transfer.
3) within the DC, we *still* had localized battery backups for *at least* 3 of the 5 units in each DC, over and above all of the DC power backups.
Ah! Someone who has had to use such things and knows the start-up time to high accuracy far exceeds that of the servers that will boot and call upon it!
Yeah, the guy above who suggests just linking Boulder to a stratum 2 server has never maintained SONET hardware
If it was me then you misread my post, I said to link it to GPS but set them to report as stratum 2 (not stratum 0 as usual) so you get near-atomic precision (depending on the specifics of the GPS receiver, use of 1pps discipline, etc) but you are not fooling users that you are still on the NIST's primary time source atomic clocks.
See I look at some of these projects and think how might I do it?
So I guess I would need maybe two teams, each of of say 10 programmers, to work in parallel, and probably 2 project managers, and maybe $10M on hardware. I don't want to hire monkeys so lets not pay peanuts, so I look to recruit good folks at something like $150k/year. I do the sums and see I'm spending £3.3M/year and from that $266M, and after hardware, I wonder if my software folks could complete it in under 77 years...
Have multiple generators capable of maintaining the required load.
For long-term backup this is a big factor, as typically engines have service intervals of 200 to 500 hours, which is 8-21 days. Longer than most grid-level outages, but conceivable if you are arse-end-of-nowhere and a major event causes repair work to be prioritised everywhere else. Then you might have fuel coming but need to swap generator and service the previous one, etc, as you go.
We are using HVO for that reason. Yes, it costs something like 20-30% more than white diesel but its stated storage life is around 10 years. Good if you have a big tank of stuff you hope never to need.
Added advantage for us is that HVO is (relatively) non-toxic and biodegradable, so any spill is much less of an environmental nightmare and expense to clear up.
The 7.125-8.4 GHz range is used world-wide by satellite operators for metrological and other data transfers, given the congested and fairly narrow S-band segment for TTC is so full. There would be no sane way to coordinate mobile use of that and not risk serious interference with ground stations from both land based use and folks not filling their mobiles on a plane, etc.
I have already fed back that sort of info, but expect it will be ignored in the crayon enshittification process. You can add '?new-design=false' to the URL to get the old style for now, but WTF are the designers thinking? Clearly they don't actually use a weather web site for anything important.
Generally very low orbit birds do not have a good repeat time on target, the orbit and narrow swath of the sensor gives good resolution of a small area. However, if cheap enough to do many, or if (as under discussion here) you can afford to use propulsion to modify the orbit, then you can have it returning soon-ish* to see the same area.
[*] changes to along-track timing (and resulting longitude when orbit shifts w.r.t rotating Earth) are fairly cheap, but modifying the inclination is a huge drain on engine capacity.
For the 10 year ESM you can get that for free just by registering if it is non-commercial use, It also includes the kernel live-patch facility to update some modules without a reboot.
Yes, I was sceptical as well as it sounds a lot like DIY brain surgery with the attendant risks but it seems to work a lot of the time, though occasionally you get an update that does require a reboot.
If you are commercial you can now pay for just a couple of machines, which suits us, as originally they were a bit MS-like in only wanting big customer's money, which always seems a daft policy...
In our case the cost of migrating to newer (and more systemd-infested) version was greater than simply paying for a few critical machines to be supported without monkeying around. If you just install and use it for a laptop/desktop it is probably not an issue, but if you have things like syslog-forwarding, build scripts, and customised plugins for Nagios, etc, such an OS change is not trivial.
Another example, which is not applicable to us, is you can pay more for added support response time and help with specific issues if you lack the technical ability to do so. Again, if you use Linux to avoid the MS tax, forced obsolescence of hardware, etc, then it is not worth it, but if you are using Linux for a stable and moderately-malware-free option for business critical work then it makes a lot of sense.
More seriously, LEDs in parallel (without some series resistors per LED) do a very poor job of current sharing due to the exponential I-V relationship, manufacturing tolerances, and the tendency of the one with the highest current to get warm and drop the forward voltage, leading to even higher current, etc.
If only one of those vendors could support search/filtering by useful attributes of the goods they sell? Take this example on Screwfix for coach screws:
https://www.screwfix.com/c/screws-nails-fixings/coach-screws/cat840476
I can select by pack size, or price range, but not screw diameter or length. You know the useful attributes one might need to select one that does the job...
As you say, it is hard to do when you want a global minima but (typically) don't know roughly where it is. Sometimes I have used combinations of methods, an annealing style to get somewhere close, then a faster gradient-style once the locale is known. But some problems are just really troublesome...
The dems are insisting on not paying anyone
Utter rubbish. This is down to elected representatives passing the bill, as the Republicans could have agreed not to cut healthcare, raise taxes on the wealthy a bit to cover it, and the bill would pass and more Americans would be healthy.
But more fundamentally it is an utterly broken system: most other governments keep going on the last budget until a new one is agreed.
Nicolas Dubois, responded with a curt "No!" when asked if it intends to ditch Teams in the future, adding "it's not me doing those types of decisions, but I don't think so."
So the EU leaders, who are rightly concerned by the malign influences of the USA, Russia, and China, decides to stick with a USA-based platform that slurps all your data for pointless AI training?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
