* Posts by chuBb.

524 posts • joined 24 Jun 2008

Page:

Problems for the Linux kernel NTFS driver as author goes silent

chuBb.

Re: Hang on a mo ...

It's not "hard" to use or install its hard to maintain

And it was a saga to get it included with kernel i.e. A standardised bit of the Linux os not a 3rd party add on

Microsoft proposes type syntax for JavaScript

chuBb.

Re: would this be...

Not really, I take the proposal to be more of a generic standardised annotation to infer some static typing to parameters.

Which probably isn't a bad thing, wouldn't be a bad thing to require code invoked by HTML elements to require type expectancy on its params for example.

I certainly don't see it as a replacement to ts or WASM more of a least effort non breaking effort to improve performance and security

chuBb.

Re: would this be...

Too many Web developers have fooled themselves that they are full fat developers, instead of framework and runtime manipulators, so everything has to shackled by dom and accreted css knowledge and practice, with js being the hammer used to crack every nut encountered.

Frankly would hate to deal with Web developer attempts at WASM, just a shame as it goes full circle desktop front end devs are a dying breed...

VMware offers hardware compatibility list for home labs

chuBb.

Re: Just a stock image

Awwwwww I enjoyed the puzzle of wtf they were doing lol ;-)

chuBb.
Pint

Im confused

The article seems fine, but the article pic confuses me, what is the "techy" doing with a single multi meter probe and a scope probe, you wouldn't typically dual wield them, especially as you would almost be certainly looking away at either the multi meter or the scope so likely to slip with one of the probes and short something....

Ukraine asks ICANN to delete all Russian domains

chuBb.

Re: It would interesting....

I doubt that would have much effect in russia, balls up rest of world accessing/ddosing .ru's though

Nope would be far more effective to target their routing infrastructure, wide spread BGP poisoning (as they have been known to do a few times...), route 0.0.0.0 to russian military ip's and get their population to ddos themselves, inject new routes to state owned ip ranges, redirects to goatse with putins face instead of a ball etc.

Frankly im expecting shit to really hit the fan in terms of cyber warfare, not only in terms of troll farm domestic agitation (Trump/maga, Brexit, rise of the far right in eu member states all have had flames fanned by troll farms) but serious critical infrastructure shutdowns and subversion, look at the chaos caused when one oil pipeline got pwned, imagine 20 or more being attacked world wide at once

Seriously hope people have got the low hanging fruit covered patch log4j yesterday ffs etc.

Securing open-source code isn't going to be cheap

chuBb.

Re: It's not an open source problem - you forgot only

Depends on your definition of usability.

From your reply I take your definition of usability to mean convenience

Is http more usable than https because it has one char less?

Are stairs more usable than escalators?

So no I don't equate security as a trade off in usability, convenience certainly, if security prevents the activity intended (the use) then yes it would effect usability

chuBb.

Re: It's not an open source problem - you forgot only

If your trading usability for security your doing it wrong and probably making it less secure as people will actively subvert the security to make their lives easier, old chestnut of very secure building rendered moot by security being so onerous that fire escape gets blocked open to facilitate fag breaks

Tis human nature to be efficient (read as lazy) and exploit any advantage for personal gain

chuBb.

Re: It's not an open source problem

It's not so much a skills problem or even a project management deadline meeting corner cutting exercise. They are both symptoms however. Security is a philosophy (and possibly a religion based on reactions I've had to debates on the subject).

Much like critical thinking (hate the term, but I guess credulity needs to be taught given the obsession education has with learning without understanding), security needs to be instilled from a young age, the value of your data, how to protect your data, leading to question how data will be used, personal security (cover pin pad, avoid shoulder surfing, trust nothing that's emailed etc.) with a foundation of that any one who ends up writing systems will have a better understanding than most in the industry who grew up with computers then the Internet being a bit of a frivolous novelty; which is certainly reflected in current legislation and lack of consequence , if any of the major vendors made cars they would spend more time being recalled for public safety concerns than on the road...

Throwing money at the problem would grease the wheels of change but will do little to aid the uptake of a different way of thinking.

FBI seizes $3.6bn in Bitcoin after New York 'tech couple' arrested over Bitfinex robbery

chuBb.

The cloud is marketing for timeshare

It's still the same crappy servers and patching regime just someone else's job these days

Microsoft's do-it-all IDE Visual Studio 2022 came out late last year. How good is it really?

chuBb.

Same mate,

Been what i consider a R# power user since 2008 or so, pushed for its adoption when ive worked at places that didnt use it

On a small solution its ok, the killer is as soon as we try and do something on the larger solutions 5000-10000 files (its legacy and a previous dev drank heavily from everything needs an interface cup) it chokes, i can literally disable everything and just rely on the refactoring renaming and namespace moving dialog and still it will suck the life out of VS.

It gets even worse if i load the single project web front end solution, where some bright spark decided telerik web controls was the way forward and has all the kendo chod in the solution :(

And like you ive tried to ditch it several times but keep coming back. If you havnt tried vs22 without it enabled i suggest you do, the inbuilt refactoring tools (that i use YMMV, i ignore the linqify a readable foreeach loop into an unreadable brain spraining mess tool) are on par with r# (especially if you config r# to use VS keyboard shortcuts) but with no discernable impact on performance.

I literally only enable resharper now when im updating or writing new tests as the r# test runner is brilliant especially if you have several test frameworks in use because legacy, and the integration with dotTrace is cant live without it good.

Unfortunately though ive given up on it ever being fixed as i have had several frustrating and long winded support tickets with jetbrains to the point where they admit the problem and now just say wait for the out of process version, or use rider which just isnt in the same league as VS when it comes to dealing with framework based projects, and i dont really see why i would use a different IDE for core/.net6 projects...

chuBb.

Nope reharper is far from stable and fast see above

Certainly not with a legacy solution upgraded through multiple versions of vs, and yes have updated all projects to the new csproj format...

chuBb.

Re: Cloud Explorer

Reharper is pretty much disabled in terms of features

There is a years long thread on the support forum and boils down to to it choking on mixed project types particularly Web ones which have been upgraded through multiple versions of vs.

The official line is wait for out of process version of r# but frankly they have ignored the performance issues for years and seemingly decided to write rider rather than fix the thing properly.

The fact I have such performance issues on a seriously over spec machine is laughable. It's a shame as I love the dot suite of tools (cover, memory, trace and peek) so the sub is still worth it and we have no appetite to ditch teamcity for trendier CI solutions it does what we need and is well understood internally but reharper really spoils the experience. Especially given the improvements ms have added to vs

.editorconfig files, built in useful refactoring tools (not the code suggestion crud r# adds on top), ctrl+t for type/member search, roslyn code analysis etc.

chuBb.

Cloud Explorer

Really miss that from vs2019 is my preferred way of managing and tweaking deployed azure resources, ive never been a fan of kudu and find that tool window indispensable.

Other than that vs2022 performs nicely for everything ive thrown at it, and is noticably better at handling large solutions, still has its performance destroyed by resharper (and i have a stupidly overspec works machine current gen xeon, 128gb ram, rtx gpu... its not lacking grunt), yet still if i enable resharper for its superior unit test explorer/runner i can expect the text editor to hang for 20 secs at least and same when an intellisense window opens :(

Jetbrains, please make the resharper unit test windows available as a standalone plugin, everything else resharter does/did well is now baked into visual studio, and no rider is not a suitable replacement for anything other than new green field trivial projects

Parallels: Purveyors of decent virtualization software... and occasionally iffy checksums

chuBb.

Re: md5 !

Damned if they do damned if they dont.

If they didnt publish an md5 hash or used a better hash some old fart (like my dad, must have precisely 2 capitals 3 numerals and 1 whitespace, even though xkcd style password would be infinitely better for him) clinging on to outdated knowledge would complain that there wasnt an emm dee five,

Saved by the Bill: What if... Microsoft had killed Windows 95?

chuBb.
Meh

He will probably put a vid up on his channel on the topic, one of the few youtubers out there ive watched all their uploads of, but yeah cant argue with half article here cmon el reg, i expect better clickbait from you guys!

Pop quiz: The network team didn't make your change. The server is in a locked room. What do you do?

chuBb.
Boffin

Re: Out of date building plans

Much like you dont have a real hobby until a lathe in involved in it, same is true with netops, your not a real network guy until the buildings layout has changed beyond recognition of the documented floor plan...

chuBb.

Re: Out of date building plans

Finger Mouse?

chuBb.

Re: Out of date building plans

In a previous life spent some time doing industrial wiring, did same but with a proper access cage on the forks, the height wasn't the issue, problem was it was the middle of the summer in a WW2 corrogated steel aircraft hanger turned into a reconstituted stone factory, and everything was 2 inchs thick with coloured cement dust.

Spent 2/3rds of the time on the ground cooling down, being hosed down and getting bollocked that the job was taking too long by the big boss, in the end i told him to get up there and show me how its done, after 10 mins, he was back down on the ground and arranging to finish up installing the highbay lights at night, was a double win because time and a half pay, and he bought me an ice cream, after he lightly cooked himself for 10 mins

chuBb.

Re: Out of date building plans

I got a simultaneous bollocking and commendation from the H+S guy, happy he got paid upset i did what i did lol

chuBb.

Out of date building plans

Once ended up about 25ft up on a step ladder hastily attached to a pallet on a smallish forklift to fix (well power cycle) a "vital" router connecting accounts to the rest of the lan to get payroll done.

The comms cab used to be easily accessible before some bright spark decided to optimise the warehouse and have a mezzanine floor removed but neglected to involve site management or ops..., afterwards a large enough step ladder was purchased to access the cabinet, and an edict was issued to always consult ops and site management before undertaking "minor" changes like removing a floor. Of course the cabinet couldnt be moved due to lack of budget. It finally was moved following the warehouse being shut down for a week while a wasp infestation was dealt with. How did we find the wasp problem?, i was up my nearly tall enough ladder (i could reach but couldnt see) trying to install an extra switch in the cabinet but the thing wouldnt go in so an extra shove was needed *crunch* bzzzzzzzzzzzz and a cloud of wasps spew out of the bloody thing, never descended a ladder so quick in my life

I own that $4.5bn of digi-dosh so rewrite your blockchain and give it to me, Craig Wright tells Bitcoin SV devs

chuBb.

Re: OK something I've never understood in this case

Patent/dcma troll

As long as he can get a judgement in his favor he is gifted a stick to launch frivolous suits with with an expectation that his targets will settle rather than fight.

chuBb.

Re: Plot For A Film

Would write an app in visual basic.net to ping it

chuBb.

Re: In summary then ...

Me 2, I was living in a absolute shit hole of a flat, but the rent included electric as there was no heating, so found mining to be a good way of heating, it's not like the side is ever on a techies tower...

Had mined approx 100 coins till my hard drive made all the sounds of death, moved out not long after that and never bothered to mine again.

0 regrets if I was still in possession I would have cashed out as soon as it was worth a takeaway or a packet of fags anyway

JavaScript dev deliberately screws up own popular npm packages to make a point of some sort

chuBb.

Re: I fully support this viewpoint...

Nope sorry if your code grows out of control and becomes infrastructure blindly included by thousands of other projects then no you don't get to have a hissy fit commit or a protest commit, knock on effect is too great.

You wouldn't argue for the right of a bridge designer to blow the bridge up because they are having a bad Tuesday. But here it's OK because it's their code, knock on effects be damned. I agree it's a bad precedent but if you have a widely used project you can't be reckless and should have consequences

chuBb.

Re: I fully support this viewpoint...

Seems fair enough, deliberately sabotaging popular widely distributed libs isn't much different to locking someone up who threatens to burn house down after lighting some small fires

Loosing write access seems sensible in this case. Your ip rights and personal freedoms are less important than your ability to commit hand grenades

chuBb.

Re: Spotify for open source?

I would say its easier than that. Let gh sponsors work by analysing dependencies (easiest to start with projects that are published as packages that list dependencies npm nuget rpm yum apt etc) , and divine a royalty based on distance from sponsored project the dependency is referenced in the dependency chain.

Then just credit the projects account with their share. That way the popular projects consistently feedback to the building block projects, and the low level projects included everywhere benefit from there ubiquity

Microsoft rang in the new year with a cutesy tweet in C#. Just one problem: The code sucked

chuBb.

Re: not much better and made one line illegible to REALLY show you how its done

Heh I like to craft dreadful examples find it helps to show what not to do to new hires. Generally if I find string interpolation or ternary operators in anything but ui code it's a code review fail (same with control statements missing curly braces)

chuBb.
Trollface

not much better and made one line illegible to REALLY show you how its done

Console.WriteLine(DateTime.Now.Year >= 2022 ? DateTime.Now.Year > 2022 ? "Well Ive missed 2022" : "Its at least 2022" : "Lame its 2021 or before");

Or lets really abuse the string formatter

Console.WriteLine($"{(DateTime.Now.Year==2022 ? "Happy New Year its " : "Commiserations its still ")} {DateTime.Now.Year}");

PHP Foundation formed to fund core developers, vows to pay 'market salaries'

chuBb.

Re: Shut it down when the money runs out?

Php8 is a baby step in right direction will give you that, it's only missing the last 20 years of progress in serverside tech stacks instead of 25

Unfortunately it still massively lags behind the competition on all fronts, and very rarely do I see a new system implemented in php, go seems to be choice in containerised front ends these days, so realistically it's a legacy language which will carry on in undeath powering WordPress and causing headaches forever more

while Php8 may exist most things people use (WordPress etc. are hobbled at what ever attempt at coding the worst plugin uses) realistically until the big projects go all in on php8 php is stuck at lowest compatible version they support

Seriously don't try and defend the indefensible, literally anything but php is better serverside these days, christ I even rate java higher than php serverside and I hate tomcat and xml config with a passion

chuBb.
FAIL

Re: Shut it down when the money runs out?

there's nothing inherently wrong with modern PHP as a language

LOL!!!!!!

There is nothing modern about php, its had a few things badly tacked on since asp classic (vbscript)

It's attempts at the bleeding edge concept object orientation are out right broken and on par with vbscript attempts

Still it's a mess of conflicting naming conventions on built in language functions

It's syntax is all over the shop is it '.' or '=>'

=== need I say more...

Optional type safety....

It's debugger is so bare bones and liable to crash as to be better off spamming syslog with trace messages I mean you have a thousand times more capable debug and profiling system built into every browser

All php as a language has going for it is its devs are super cheap and you can get a quick prototype together before you have to rewrite it in a proper language/multiple services instead of one monolith held together by a shared session key.

So when the language itself is basically a box of wax crayons melted together, is it any wonder that what it spawns tends to be on the mutant ginger step child side of things???

having mastered a curly language syntax try a less brain damaged langauge, like java or c# or brainfuck you won't look back (pays better too ;-) or at least do what the stubborn php devs do and move into python or Pearl dev work, the boats sailed on Ruby and node)

chuBb.

Re: $300K?! At market rates?

Great make it thrice as shite instead of twice...

Should be easy to win the rights to .tv when you're name-checked in the contract's tech reqs – right, Afilias?

chuBb.
Thumb Up

Re: Bravo

It's stories like this that I love about el reg!

Server errors plague app used by Tesla drivers to unlock their MuskMobiles

chuBb.

Re: Physical key

Be interested to see an AC battery...

chuBb.

Re: Neither does the keycard that comes with the Tesla (require a network connection).

Sounds like Web front end coders not considering ingress bandwidth and treating network like its infinite or they shipped debug code and ddossed them selves with trace messages...

Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure

chuBb.

Re: openssl ca tutorial

Yep hence last paragraph, getting it right is tricky, getting something that's good enough to get work done is trivial, 99% of an apps ssl tuning is in its config, so as long as your using the lib correctly it will dovetail into a properly configured pki infrastructure as well as a Rinky-Dink localhost ca...

chuBb.

Re: openssl ca tutorial

What is difficult?

you can understand it in 10 secs

Theory

---------

generate a root cert which is arbitrarily "trusted" for use in your environment

Generate an intermediate cert which used the root to vouch for it (you could skip this but i wouldnt much easier to revoke and swap out an intermediate cert than a root)

Generate a client cert which uses the intermediate to vouch for it

Verify the client by checking each cert in the chain vouches for the one beneath it

Practical

------------

1) generate root cert using a strong cipher suite and as big a key as practical

2) generate an intermediate cert using the root cert

3) issue a cert using the intermediate for signing

learning openssl's cli takes a bit longer but conceptually its as complicated as lego

I agree doing it properly and setting the associated systems (CRL's, distribution points etc.) is a lot harder and does require indepth specialist knowledge, but getting enough of an indicative system up and running to use in a dev environment is trivial and not at all complicated

chuBb.

It's hard to find an os without openssl out of the box so should take you 5mins including Google time to complete an openssl ca tutorial...

chuBb.

Re: Was web trust ever really alive in the first place?

The ever so reliable court of Internet public opinion, just look at comodo a few years ago or anything to do with the certs stuxnet used (slightly different as it was code signing but principle is the same)

chuBb.

Very simply otherwise intranets wouldn't work (in house ca pretty standard for lan security) and for internal certs

Typically you add to the windows cert store, mozilla java and a few others maintain their own stores all have scriptable interfaces to make remote admin possible

A tiny island nation has put the rights to .tv up for grabs – but what’s this? Problematic contract clauses? Again?

chuBb.
Pint

Re: Nice article

You sir are a hero

Have a pint on me!

chuBb.
Thumb Up

Re: Methinks

massive.co.ck, isa.co.ck, tiny.co.ck and your-mother-has-a.co.ck are all available.....

chuBb.

Re: Nice article

All tlds are rubbish compared to the commercial cooke island tld (.co.ck)

chuBb.

Re: I have too much time on my hands...

A TLA

Ubuntu desktop team teases 'proof of concept' systemd on Windows Subsystem for Linux

chuBb.
Devil

We are all doomed

Why would anyone think this is a good idea just wait someone will take it upon them selves to get wsl systemd editing the host registry, this is the oppositite of a feature.

On other hand would make wsl more n00b friendly can follow any how do I tutorials for Ubuntu then, which could be useful I guess if you want to faff with hosts file and give wsl it's own host name (local db, dev machines use a local host alias for db), but really run a vm or containerise your dev environment in this day and age

System at the heart of scaled-back £30m Sheffield University project runs on end-of-life Oracle database

chuBb.

It's probably powered by SITS too, the sales consultants were very keen to sell as a wonder system that can do all (badly)

Epic battle latest: Judge reminds Apple it has 30 days to let apps link out to non-Apple payment systems

chuBb.

Holy shit now I have seen everything

Google's Pixel 6 fingerprint reader is rubbish because of 'enhanced security algorithms'

chuBb.
Boffin

Wonder how many of the people with issues have a screen protector stickers on, and what percentage have the cheapest one they could get installed?

As System76 starts work on its own Linux desktop world, GNOME guy opens blog, engages flame mode

chuBb.

Re: Desktops must be multiplied beyond necessity

Or a headline grabbing flavor of the month language

Only a matter of time till a nasty mem manager flaw gets found and exploited and the fix will make it no better than c, that's my prediction for something that will happen in the next 5 years...

Don't get me wrong I quite like rust but I just don't get the hype train everyone seems to be getting on, seems like c devs are getting all fomo wanting a bandwagon to jump on like RoR or node..

.NET 6 LTS and VS 2022: Major releases spoilt by continuing concern about Microsoft's commitment to open source

chuBb.

What's so buggy?

Only real issues I've had is v old projects circa vs2012 format csproj, which once updated to be sdk based csproj have been well behaved and fights between package reference and packages.config which again is solved by upgrading the project format. Only real gripe with that is that an advanced view on project properties would be nice to save having to trawl msdn for all of the various project and build effecting config values, although that's much less of a hassle now you can edit the project file of a loaded project

Resharper is still hobbling vs though, if only I could find as good a test runner as Resharpers* I'd uninstall the performance killing nuisance

*vs's inbuilt test runner just isn't in the same league or even as functional too many times will it fail to start a test run because of a hidden build error and not having to install a nuget package per testing framework lurking in the code base is also a massive bonus i don't see why I should have to deploy a new build just so that a dev time activity works out of the box...

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022