* Posts by Michael Wojcik

7774 posts • joined 21 Dec 2007

Guess which cloud giant Zoom picked to handle millions more video calls? Bzzt, wrong answer: It's Oracle

Michael Wojcik Silver badge

Re: Huh?

Stamos joined Facebook to try to make things better there. He quit when they wouldn't follow his recommendations.

I'm not seeing the problem.

Patently dogged: Apple unleashes lawyers to slash $454m patent rip-off bill – even after Supreme Court snub

Michael Wojcik Silver badge

Re: Well done Apple

For the US PTO the grant rate for applications hovers just below 50% in most years, according to the statistics they publish.

Personally, I think that's not bad, given the terms of their charter and the resource constraints they face.

Florida man might just stick it to HP for injecting sneaky DRM update into his printers that rejected non-HP ink

Michael Wojcik Silver badge

If it was due to some inherent difference between the recommended oil and the 3rd party oil used, then maybe you could sue the 3rd party oil manufacturer (if they made false claims regarding their product), or maybe there would be no cause for action.

And we have standards for engine oil. Oil manufacturers claim what standards their product meets, and auto manufacturers say which ones your oil should meet.

It's a completely irrelevant analogy for the printer-and-ink business.

Michael Wojcik Silver badge

Re: HP Printers are a Virus

HP LaserJet printers in the early 1990s were very nice.

I would never pay money for an HP Inc printer these days, of course. I've had to use a number that I didn't purchase (my wife's printer, one I had at my part-time teaching gig, etc), and they were without exception horrible, even without taking the vastly overpriced ink into account.

About ten years ago I debugged a hanging HP printer software installer on my daughter's Mac. It was easy - the thing was a Bourne shell script written by someone wildly incompetent. As part of the installation it had an array of files and for each one it was doing a "find / -name ..." command, searching the entire filesystem tree. That seems to be typical of the printer division's software quality.

Australian contact-tracing app leaks telling info and increases chances of third-party tracking, say security folks

Michael Wojcik Silver badge

Re: Lockdowns aside

a bus commute home is a very big exception

And would make for a great big pile of false positives if OP were incorrectly diagnosed as infectious.

That's one glaring problem with contact-tracing applications. The precision of existing SARS-Cov-2 tests is poor, and given the large groups we'll need to test to make contact tracing useful and the low overall infection rate, the false-positive paradox is going to bite hard. When that's multiplied by probabilistic - and not very accurate1 - contact tracing, the number of people who will be informed that they might have been exposed is going to go through the roof.

That was part of Ross Anderson's argument; the other part is that many people will respond to a flood of false-positive warnings by calling emergency services and/or going to medical facilities for testing or treatment, which will increase strain on those systems. And many other people will see the flood of false positives and ignore the contact warnings, rendering the apps irrelevant. And others will abuse the system (to force closures at schools and other facilities, to harass, for "art", for the lulz).

Personally, I doubt contact tracing will make a significant difference in controlling COVID-19.

And those with access to the data will certainly abuse contact tracing in any way they can. If history tells us anything, it tells us that.

1Because BLE is not a very good proxy for exposure to a significant number of virons. It's barely adequate as an estimation of overall distance, and completely uncorrelated to many types of barriers (walls, PPE), surface contact, air movement, etc.

Michael Wojcik Silver badge

Re: Mike Cannon-Brookes

This certainly looks like standard minor-celebrity-Dunning-Kruger to me. "Oh, I'm in IT in some fashion, therefore my opinion on everything even vaguely related to it is important."

(Of course my opinion on everything even vaguely related to IT is important, but that stands to reason.)

Assange should be furloughed from Belmarsh prison, says human rights org. Here's a thought: He could stay with friends!

Michael Wojcik Silver badge

Re: time marches on

It's time to stop treating him as if he were special, full stop.

Michael Wojcik Silver badge

Re: Why?

Exactly. I'm no fan of incarceration, a system which in the US, and I would guess in the UK as well, is wildly abused, excessive, and unjust. But what makes Assange, an overrated relentless self-promoter who clearly puts self-interest first, and is patently guilty of the crime he's actually being punished for, deserving of this special treatment?

Apple and Google tweak key bits of contact-tracing privacy plan

Michael Wojcik Silver badge

Re: so what happens

Hmm. Might be time to pick up an unlocked Xperia XA2 off eBay and slap Sailfish on it.

I have an old Nokia that runs Symbian 6 which I'd switch to For The Duration, but the battery life is abysmal - like a couple of hours - and I don't know if I can get a new battery for it.

Facebook, AWS team up to produce open-source PyTorch AI libraries, grad student says he successfully used GPT-2 to write his homework....

Michael Wojcik Silver badge

Machine-generated prose is nothing new

Machine generation of non-fiction prose is not only well-established but commercially viable, as I've noted before. This is almost certainly not the first case of a student handing in machine-generated work, and it won't be the last.

Personally, I'm not particularly impressed by GPT-2, which doesn't seem to improve on the state of the art and is known mostly for a marketing stunt.

Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world

Michael Wojcik Silver badge

Re: "calculations in an office are not done on a graphics card"

In other words, it's a covert channel - a means for an attacker to exfiltrate information - not a side channel. Side channels inadvertently leak sensitive data; covert channels are deliberately employed to expose it.

I don't think it's impractical for some specialized applications. The researchers say the signal penetrated a wall well and the carrier was detectable at ~15m, though they couldn't recover a usable signal at that distance. But someone who can plant a receiver in a closet next to an office, for example, might make use of this.

The same is true for plenty of other EMF channels, of course. The researcher's blog post makes the obligatory reference to TEMPEST right in the title - though TEMPEST focused on side channels, not covert channels.

We're in a timeline where Dettol maker has to beg folks not to inject cleaning fluid into their veins. Thanks, Trump

Michael Wojcik Silver badge

Re: Suggestion

it's worth finding out what it is in bleach that makes it effective (high content of acid?

We know "what it is in bleach that makes it effective". Anyone with a basic understanding of chemistry knows.

Household chlorine bleach has a pH around 12. It has no acid whatsoever.

Perhaps in the future before posting you might want to spend a few seconds doing a little research.

Just because we're letting Zoom into Parliament doesn't mean you can have fun, House of Commons warns Brit MPs

Michael Wojcik Silver badge

Teams seems to be inconsistent. I used to use it for some purposes (not all functions were supported) in Pale Moon and Comodo Dragon, but at some point in, I think, March, I started getting pop-ups telling me that the browser wasn't supported.

Teams is pretty much rubbish from any angle, with its horrible UI that doesn't use the built-in browser controls (so, for example, you can't use the Chrome Rescroller extension to fix the dreadful too-thin, disappearing scrollbars in most of the panes), its lack of end-user configurability, its utter inability to scroll back through conversations to older posts without going haywire...

Videoconferencing from the "native" Teams app does seem to work decently for me, though.

Michael Wojcik Silver badge

Re: UKGovt hacked in 3,2,1....

I suspect a certain amount of Dunning-Kruger in the Zoom offices. I don't know him myself, but a friend of mine knows Eric Yuan, CEO of Zoom; and my friend says Yuan is smart and generally well-informed on technological matters, and alert to potential issues.

So I suspect - based only on this testimonial, mind - that the Zoom development team were told to make security a priority, but lacked the necessary expertise, and weren't aware they lacked the expertise. That would explain one of their most famous blunders, the use of ECB. ECB says "we knew we needed encryption, so we threw in a library and picked some settings without understanding the consequences". Similarly their incorrect1 use of the term "end-to-end encryption" seems more likely due to a failure to employ security experts than a disregard of security.

That might seem like splitting hairs, and I'm not advocating for Zoom. (I don't use it myself.) But I do think there's a difference in attitude and culpability between Zoom and, say, Voatz. The latter can I think be justifiably accused of both a cavalier attitude toward security and a hostile one toward being called out on it. Zoom, on the other hand, seem to be making good-faith efforts to fix things.

1In the casual, common sense of "not as understood as a term of art in the industry". In the strict sense there's no governing authority specifying a precise meaning of the term, so they weren't incorrect in any prescriptive sense.

IBM == Insecure Business Machines: No-auth remote root exec exploit in Data Risk Manager drops after Big Blue snubs bug report

Michael Wojcik Silver badge

Re: And thus is why hackers profit...

This is why mature organizations have Product Security Incident Response Teams (PSIRTs), which exist precisely to accept reports from researchers through de facto standard channels such as a security@ email address (for which they've published an OpenPGP public key), a "report a vulnerability" web page, and clearinghouses like CERT/CC and ZDI; and then to negotiate with researchers to ensure they're heard and their information is acted upon.

A process failure like this one indicates a serious failure at the CISO level. A clearinghouse like CERT/CC should have no trouble contacting a company's PSIRT, assuming there is a PSIRT; and if there isn't a PSIRT, that's the failure right there.

This has all been standard stuff since not long after responsible disclosure was popularized by RainForestPuppy and other researchers.

Google productises its own not-a-VPN secure remote access tool

Michael Wojcik Silver badge

Re: Beyond Corp will take months too

It's a proxy, so you don't have to install software on every end-user machine. You just have to push out a browser proxy configuration, or have people enter it manually. And it works the same on all end-user platforms (modulo browser issues), so you don't need versions for different platforms.

That said - eh, it's a proxy. HTTP proxies were pretty exciting in, what, 1996? Surely there are other firms with commercially-supported security-enhanced proxies, not to mention open-source alternatives.

Boffins examine interstellar comet Borisov to find out what its home was like. Pretty unpleasant, it seems

Michael Wojcik Silver badge

Re: Temperature for yokels

Fahrenheit is at least based on a sensible design - reference points (32 and 96) separated by a power of two so that thermometers could be graduated by equal subdivision and then the scale reflected to extend it. Celsius is just the usual powers-of-10 digital rubbish.

And what's wrong with Rankine, eh?1

But as usual Randall got here first.

I think the Reg needs to add a temperature unit to its standard units. Maybe "heat in proportion to a nice cup of tea". My back-of-the-envelope calculations suggests CO freezes at around 0.22 cuppa.2

1OK, in all seriousness, I recognize the utility of Kelvin in SI.

2I arbitrarily decided that a nice cup of tea is about 26 °Rø.

Getting a pizza the action, AS/400 style

Michael Wojcik Silver badge

Re: "Hopefully he also added a bit of text along the lines"

That's not how humans function

And we know all humans are identical, so there's that sorted.

Michael Wojcik Silver badge

Re: "Hopefully he also added a bit of text along the lines"

Well, OS/400 was POSIX-branded, eventually. I think with V4R3 in 1998. And it eventually included most of the non-POSIX parts of the Single UNIX Specification, too. And it has PASE, which is basically AIX-under-i.

But, yeah, OS/400 is about the least-UNIXy UNIX-compatible OS ever.

Personally, even though I'm a longtime UNIX1 developer, I have a certain fondness for OS/400. It's so bizarre and awkward for anyone not coming from an S/38 background, particularly in its early days and on underpowered machines like the B-series. Using it was ergodic, like playing a programming RPG. And there's something very satisfying about filling in a bunch of options on one of the big scrolling menus in PDM, whacking the rock-solid Enter key on your hulking 5250, and going off for lunch because you know it'll be an hour before it's finished compiling.

Developing in UNIX is like flying. Developing in OS/400 was like hiking up a mountain. Either way you achieve some altitude, but it's a very different experience.

1And Windows, and OS/2, and a bit of IBM z, and some VAX, and ...

Lockdown endgame? There won't be one until the West figures out its approach to contact-tracing apps

Michael Wojcik Silver badge

Or smartphone tracking could be pointless and counterproductive

Ross Anderson has a good piece on the problems with smartphone tracking.

Techies like smartphone contact tracking because it lets them believe there's a technological solution to the pandemic. Governments like it because they're addicted to surveillance. Journalists like the idea of it because it's controversial and draws an audience.

None of those are good arguments for deploying it.

Cloudflare goes retro with COBOL delivery service. Older coders: Who's laughing now? Turns out we're still vital

Michael Wojcik Silver badge

Re: “Old Hardware” is fake news

Not only does it need an almost complete rewrite to move the code into a *nixy or wndows environment

Or you migrate it to a Windows, Linux, or UNIX COBOL implementation that includes CICS / JCL / IMS emulation.

Michael Wojcik Silver badge

Re: Fun with COBOL

as "GOTO A VIA B" which would execute one statement at B before jumping to A.

Considering COBOL does have PERFORM THROUGH (or THRU), which will happily accept a second paragraph-name that appears before the first paragraph-name, this wouldn't be that much of a stretch.

(PERFORM A THROUGH B says "start at paragraph A, and if you ever reach the end of paragraph B, come back here". Usually COBOL programmers will perform a contiguous range of paragraphs in the order they appear in the source, but you're not required to. There can be any arbitrary morass of GOTOs among those paragraphs and any others you have in the program. And some implementations have stacked performs, but others use flat performs, and that quickly becomes quite confusing.)

Michael Wojcik Silver badge

Re: Mindset

Standard COBOL (ISO/IEC 1989-1986 et seq) lets you omit IDENTIFICATION DIVISION. Some dialects let you omit the PROGRAM-ID as well. Assuming this is the initial program you don't need STOP RUN. The period on the DISPLAY statement is unnecessary (and in fact undesirable) with the STOP RUN, but I'd keep it and get rid of the latter. In most environments you don't need to use uppercase, which arguably makes things more readable.

So:

program-id. hellowrd.

procedure division.

display "Hello World".

Three lines. (Note this is free-format; the Reg doesn't support formatting code properly in comments.)

Cloudflare dumps Google's reCAPTCHA, moves to hCaptcha as free ride ends (and something about privacy)

Michael Wojcik Silver badge

Re: Audio versions

whether it is paved or not

Not in any part of the US I've ever lived in, it isn't. That includes various regions on the East Coast, the Midwest, the Plains, and the Southwest.

For the past five years, every FBI secret spy court request to snoop on Americans has sucked, says watchdog

Michael Wojcik Silver badge

Re: It's not just the FBI to blame

The US Federal government was under multiple states of emergency before 9/11, and had been continuously since the 1970s. 9/11 was a good excuse for escalation, but the Feds had no difficulty excusing their abuse of their own powers prior to that. Even before the 70's they had plenty of rationalizations: wars, Prohibition, the Civil Rights movement (remember COINTELPRO?), and of course the all-time favorite bugbear, Communism.

In the US, the only effective curtailments to abusive policing, historically, have been squelched and overturned convictions (the "fruit of the poisoned tree" doctrine), and civil-rights trials against individual officers. And the latter has been effective only against relatively low-ranked members of local law enforcement, as far as I know, and in much smaller volumes. Basically, we have to rely on the judiciary to block the various policing forces by spoiling their endgame. In this context FISA is a particular abomination, since it pretends to be a part of the judiciary but makes a mockery of that role.

Microsoft's PowerToys suite sprouts four new playthings with a final March emission

Michael Wojcik Silver badge

Re: Some sort of demented Seasame Street character

No, there are regular human characters as well.

Samsung calls it a day on liquid-crystal display, says quantum dot is really hot

Michael Wojcik Silver badge

Yeah. I think some television shows are pretty neat, or at least worth watching if I'm in the mood. The sets themselves? As long as I can see the picture and hear the sound (which is often a problem thanks to horrible mixing for stupid Dolby 5.1), good enough.

I don't need HD, much less any higher resolution. I don't need high contrast ratios. I don't need color accuracy; I have poor color vision anyway. I don't need accurate sound reproduction or good separation - I just don't care about sound, beyond making out the dialog, and my wife is deaf in one ear so stereo is lost on her anyway. I don't really care about viewing angle; there are only two of us here. I very much do not want my television set to have any networking capability, beyond HDMI which unfortunately it seems we're stuck with.

Michael Wojcik Silver badge

Re: So, QLED is best ?

the power requirements for your CRT TV is huge

Oh, please. Compared to the overall power consumption of a typical home? Certainly here in the US, CRT television power-consumption delta versus a more-efficient display technology is almost certainly dwarfed by heating and cooling. Even a relatively large CRT draws around 120-160W. Lighting in the same room could well be drawing more.

And Pascal didn't say anything about how many hours per day that set is usually on, which is critical to estimating its power use, of course.

Michael Wojcik Silver badge

Re: So, QLED is best ?

The US Government doesn't sell your data

Oh, I think they do. They're just selective about the customers, and payment is generally quid pro quo.

Relax, breaking a website's fine-print doesn't make you a criminal hacker, says judge in US cyber-law legal row

Michael Wojcik Silver badge

Re: Overly Paranoid.

IMHO the government wouldn't have gone after them in the first place

An excellent basis for a legal strategy. "Eh, they'll probably just ignore it."

The politicization of the prosecutorial function in the US is making it increasingly easy for powerful interests to suborn prosecutions - not that it was ever particularly difficult. And the CFAA and related laws have already been abused in a number of cases. The dangers are widely acknowledged in the research community.

Microsoft expands AI features in Office, but are they any good? Mixed, according to our vulture

Michael Wojcik Silver badge

Re: @Tellymel

If we look at neural networks now, they need concrete input, and we tell them which results we think are right

That is how some ANN-based systems work. It is certainly not how all of them work.

This post has been deleted by a moderator

Michael Wojcik Silver badge

Re: What would Orwell say?

And that of innumerable other style guides. Few of them are worth reading, much less following.

Richard Ohmann’s “Use Definite, Specific, Concrete Language” is a classic corrective to the prose style guide movement.

English, for all its faults, offers unparalleled riches to writers: its huge vocabulary and ability to incorporate foreign words and phrases without faltering; its vast array of synonyms; its grammatical flexibility; its store of idioms; its accommodation of poetic forms and tropes thanks to its wildly varied orthography and pronunciation; its huge range of dialects and variations. Attempts to deny most of those riches to writers are misbegotten schoolmarmism and should be resisted wholeheartedly. Robotic, cookie-cutter, machine-approved prose does no one any favors.

Michael Wojcik Silver badge

Re: "when you use Microsoft Editor, your content is sent to Microsoft's servers for analysis"

"Hear, hear", not "here here".

I don't want my editor to suggest anything at all to me, ever

Even with the occasional use of the incorrect homophone, your prose is likely better off for it. I've studied automated proofing tools since Grammatik came out in the mid-1980s, and - much like style guides such as Strunk & White - I firmly believe they do more damage than good. And I've taught college writing (so I've also studied composition theory and rhetoric), so I've seen some bad prose.

At best, these tools reduce personal style and dialectical and individual variation to a bleak, dispiriting, joyless mechanical sludge. Usually they also introduce infelicities incorrectly included in their models, such as false elevation.

There is one royal road to good prose style: Read a lot, and write a lot.

Michael Wojcik Silver badge

Re: Office365 SKUs

I don't think any of this is either well or good, and lacking access to it is a feature.

Leaving Las Vegas... for good? IT industry conference circuit won't look the same on other side of COVID-19 pandemic

Michael Wojcik Silver badge

I have to agree.

Meeting people in the industry and learning new things: good.

Las Vegas: ugh.

I generally enjoy and profit from conferences, but I've avoided ever going to one in Vegas, and I'd like to keep it that way.

Planet Computers has really let things slide: Firm's third real-keyboard gizmo boasts 5G, Android 10, Linux support

Michael Wojcik Silver badge

Re: Marmite

Isn't lube always de rigeur? If you don't have the rigor, the lube won't help.

California emits latest layoff statistics. March's numbers are ugly. It's 19,000 total, including many in tech

Michael Wojcik Silver badge

Re: queue...

Or, perhaps, cue them doing so?

Drones intone 'you must stay home,' eliciting moans from those in the zone: Flying gizmos corral Brits amid coronavirus lockdown

Michael Wojcik Silver badge

it's entirely appropriate that the legal mandate is less stringent than the polite request

And this would be relevant if we were talking about a "polite request". Being shouted at by the police through their remote-controlled toy is not polite.

Michael Wojcik Silver badge

Re: (e)to donate blood;

I know being fit it seems like your age shouldn't be a factor, but it is.

Is it? Do we have statistically-significant evidence, corrected for other factors, that age beyond X significantly increases risk? Or is that just a supposition?

The last I looked, cases and fatalities were pretty well distributed - certainly enough so that once corrected for other factors it seems plausible that age itself is not a significant risk contributor.

I also note at least some of the preliminary papers I've seen attribute a significant portion of fatalities to cytokine storms, which generally hit younger adults harder, as in the 1918 influenza pandemic.

I'm not claiming age isn't an independent risk factor, or that it's not prudent to assume it is one at this point. I'm simply questioning your claim that it is one, as a matter of fact.

20 years later, Microsoft's still hammerin' Xamarin: Bunch of improvements on the way for cross-platform coding toolset

Michael Wojcik Silver badge

Re: "Dual-screen support is coming soon"

I had three screens attached to my RT PC at IBM in 1990. For the past 15 years I've worked exclusively on laptops, and I've never bothered to hook multiple screens up to them. With my last couple of laptops the company ordered docking stations for me, and I shipped those back to IT to use as spares. They'd just sit in the box at my place.

Clearly many people find them desirable, and one might hope actually useful; but I haven't felt any desire to have a multiheaded system in decades.

Remember that clinical trial, promoted by President Trump, of a possible COVID-19 cure? So, so, so many questions...

Michael Wojcik Silver badge

Re: Donald Jenius Trump

The FDA expressly forbids the kind of remark that Trump made

"forbids" how? The FDA are not the speech police. Perhaps within the scope of their regulatory authority they can prohibit or penalize certain types of statements - for example, claims by companies regarding their products. But the FDA couldn't prohibit me from making public statements about medications, regardless of how stupid or dangerous. They can't shut down the antivaxxer idiots.

If he was anyone else he'd be looking at a massive fine and possibly even jail time + potential class action cases.

Complete nonsense. Let's see you cite a single case in which an individual in the US received a "massive fine" or "jail time" solely for making misleading statements regarding medical treatment. As for class action - good luck with that, particularly after Bristol-Meyer Squibb Co. v. Superior Court of California, and considering that there's little incentive for lawyers to go through the expense of organizing a class action when the defendant is an individual, unless that individual has very deep pockets indeed and the case is strong.

Hey, China. Maybe you should have held your hackers off for a bit while COVID-19 ravaged the planet. Just a suggestion

Michael Wojcik Silver badge

Re: Fight Fair?

Well, should any Communists ever come to power anywhere, we'll be on the lookout.

Though experience shows you can't trust authoritarian regimes either. Or democracies.

Sharp gobbles NEC as Japan's display giants team up to take on Europe and North America

Michael Wojcik Silver badge

Could I just have a television, please?

its 5G-capable 8K screens

Oh hell no. That's 5Gs and 7Ks more than I have any reason to want.1 It's getting harder and harder to find sets that don't have idiotic security holes built into them.

1I don't even bother with HD. I've found it adds nothing to the story, which is what I'm interested in.

What happens when the maintainer of a JS library downloaded 26m times a week goes to prison for killing someone with a motorbike? Core-js just found out

Michael Wojcik Silver badge

Yes, this is just another variant of the Bus Factor problem.

Of course this can equally be an issue with proprietary software or other forms of industrial knowledge. At my job, we've been working on breaking developer silos for years, giving projects on various components to different developers to spread the expertise around. It can be done but it takes effort.

Michael Wojcik Silver badge

Re: Shirley!

[Any] of the users *could* have maintained it, but only 2 were.

To be fair, during the Bad Old Days, the OpenSSL project was not taking patches from developers in the US and some other countries, due to legal concerns.

Also, some users - typically participants on the openssl-dev and openssl-users lists - did provide feedback and suggestions, sometimes including example code that looked a lot like a patch if someone wanted to incorporate it.

And it's not true there were only two contributors even then. The heartbeat implementation that led to Heartbleed was an outside contribution from Seggelmann, for example.

What's more important with OpenSSL is that any of its many, many large corporate users could have contributed funding, but very few did. Nor did many individuals.

Michael Wojcik Silver badge

Re: Shirley!

Survival of the fittest in software is good.

Perhaps it would be. We don't know, because it doesn't happen.

Michael Wojcik Silver badge

Re: "I guess that nobody wants to commit to the learning curve."

When software is Open Source and free (as opposed to commercially supported Open Source software), is it really fair to expect the author/maintainer to produce the reams of documentation - that often take longer than the actual coding/testing work itself - necessary that you are implying?

I agree. It's not fair to expect much of anything of open-source software, beyond what's claimed by documents with some legal standing, such as licenses.

However, a wise developer might examine an open-source package to see if the source was developed using decently-written, maintainable code before adopting it. Or make the commitment to understand the code anyway (which was my position with OpenSSL back in the 0.9.8 days - the code was pretty awful, so I spent some time learning it).

The Javascript open-source ecosystem is toxic, with a vast array of poorly-written, poorly-maintained packages being used willy-nilly by developers who aren't interested in making the slightest effort to understand them, often for trivial things (need I mention left-pad?), and dependency graphs that surpasseth all understanding. But the situation is similarly bad in many parts of the open-source world. There are relatively few C programmers who are capable of writing decent C, for example, but there's a lot of open-source C. There are relatively few C++ programmers willing to write maintainable C++. Languages like Python also suffer from dependency disease.

Michael Wojcik Silver badge

Re: No updates for 18 months? MONTHS?????

There's updates and changes to the most fundamental part of our application stack - the end-users' browser - every few weeks, whether we like it or not

Ah, if only there were published standards for HTML, CSS, and ECMAScript so you didn't have to worry about all those updates.

For that matter, some have speculated that it's possible to build perfectly usable websites and web apps without using the latest idiot-bait built into browsers, Obviously that's lunacy, but it makes you think, no? Well, probably no, if you're a typical web developer.

Instagram, YouTube 'iron man' marketer first to be nabbed by Feds cracking down on fake coronavirus web cures

Michael Wojcik Silver badge

Investment is tricky

I mean, how are we supposed to tell the scams apart from the legitimate order-of-magnitude-guaranteed-return opportunities? It's almost like there's some correlation between risk and return!

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020