* Posts by captain veg

1139 posts • joined 12 Jun 2009

Page:

Enough with the notifications! Focus Assist will shut them u… 'But I'm too important!'

captain veg Silver badge

Re: Thank you for this!

I'm still using a Moulinex microwave purchased in 1991. It grillls too.

Yes, it makes a godawful noise while bombarding foodstuffs with radiation, but seems to work just fine. I still have the conventional number of heads and limbs.

It goes BING when done, which is useful. Should you ask it to both microwave and grill your foodstuffs then it waits until the two operations (sequentially) are done before going BING.

This machine has a total of three controls. One to set the time grilling. One to set the time microwaving. And one to set the level of microwave power. I very rarely vary the last. This is how UX should be.

-A.

GitHub's Copilot may steer you into dangerous waters about 40% of the time – study

captain veg Silver badge

Re: it tries to conjure blocks of code that function as described

Generic home counties seems hard for Google. Yesterday I told Maps on my phone to "fuck off and give me the keyboard back". It responded by searching for pie shops. I'm not making this up.

-A.

Why the end of Optane is bad news for all IT

captain veg Silver badge

Re: Single Level Store implemented in AS/400

The PICK system that I started my career on was much the same. No distinction between primary and secondary storage, just as many 4KB frames as would fit on the disk. Under the hood it was demand-paging, of course, but neither the apps nor even the system software knew about that.

As it happens, the hardware had SRAM too, so you could switch the machine off and restart back into the same state.

-A.

Tim Hortons offers free coffee and donut to settle data privacy invasion claims

captain veg Silver badge

Re: Why. RAR, particularly?

Why .LNK file? They're supposed to be shortcuts to some other file. Does that other file have be attached too, or can the shortcut also host (executable) content itself?

-A.

DoJ approves Google's acquisition of Mandiant

captain veg Silver badge

Re: How is this possible?

It isn't possible. The el Reg write up is misleading.

The example set out in the actual Malwarebytes article has the user believing that they are going to a page in <facebook.com> but getting content served from a disposable CloudFront site. If the browser address bar showed "www.facebook.com" that would be extremely serious. But it doesn't, it shows something in <shopmealy.com>, a domain which is (or was) presumably controlled by the attacker.

-A.

Browsers could face two regimes in Europe as UK law set to diverge from EU

captain veg Silver badge

seize

'"We now have the opportunity to seize the benefits of Brexit" said Matt Warman, minister for media, data and digital infrastructure, introducing the Bill.'

As opposed to seizing up the economy, the principal consequence of Brexit.

-A.

After 40 years in tech, I see every innovation contains its dark opposite

captain veg Silver badge

Re: a planetary-scale "ignorance amplifier"

Asking the staff was no good either. While queueing for the till on one occasion I overheard the person ahead of me asking if they had the Peter Norton guide to the IBM PC. I could see it on the shelf behind the assistant's head. He replied that it wasn't in stock. I pointed over his shoulder and declared "it's there".

-A.

CP/M's open-source status clarified after 21 years

captain veg Silver badge

Re: Disk Operating Systemt

I bought my Tatung Einstein when Dixons flogged off the remaining stock really dirt cheap. This meant, of course, interacting with one of their famous pimply-faced sales assistants. I asked "what Disk Operating System does it run?"

The youth considered this question with a perplexed look on his face. Eventually he punched the eject button on the floppy drive and replied "you want to know how to operate a disk?"

-A.

captain veg Silver badge

Bootnote

"We are aware that CP/M isn't just a Z80 OS and also ran on the Intel 8080."

I think it's rather the other way around. Certainly I remember that the assembler that came with the CP/M port for the Tatung Einstein understood only Intel mnemonics, not Zilog's.

-A.

FYI: BMW puts heated seats, other features behind paywall

captain veg Silver badge

Re: No economic sense

> heated seats and aircon cost

They cost the owner/tenant also. Shifting the additional weight saps fuel, which is rather expensive right now.

-A.

captain veg Silver badge

Re: Raise the Jolly Roger!

I'd go further.

Practice in advance by all means, but it won't prepare you for the cold, wet, darkness and dealing with the fact that you beached the car in a snow drift. You will need something to kneel on (flattened cardboard boxes will do), some warm gloves, a powerful torch, ideally one that you can stand up and point hands-free, and a shovel.

-A.

Linus Torvalds says Rust is coming to the Linux kernel 'real soon now'

captain veg Silver badge

A pedant comments...

> hoops and pedanticness

Er, pedantry.

-A.

Google recasts Anthos with hitch to AWS Outposts

captain veg Silver badge

garlic and crucifixes at the ready

So "cloud" now means inviting Google's surveillance-monetizing into your own server room?

Why not? Microsoft's doing the same with your desktops.

-A.

How did you mourn Internet Explorer's passing?

captain veg Silver badge

If you already had IE5 as part of the OS then there wasn't much reason to install Netscape (though I did), even if you no longer had to pay for it (which I didn't).

IE5.5 was an improvement.

Then I jumped to Opera, and paid cash money for it.

To me IE6 was a step backwards, unless you consider cookie tracking a good thing.

Yet that's where they left us for the next umpteen years. 7 was pitiful, but a mild statement of intent, 8 also, 9 fixed some horrible pain points. 10 and 11 were increments, not nearly enough.

As a developer I've been waiting for ES6 support for years. ES6 was renamed ES2015 in, er, 2015. IE11 still doesn't have it.

In its prime it was OK. Since about 2001 IE has been making web development unnecessarily difficult. This was a choice by Microsoft. As penance they should be forced to update Trident to support -- at the very least -- all those standards which Microsoft representatives had a hand in penning, but somehow never intended to deliver.

Chromium is great. Gecko too. Is that really it? We urgently need Trident and Presto to be open-sourced.

-A.

captain veg Silver badge

Re: "Engineers forced to work around the browser's many, many foibles"

So I take it that you weren't active in the "interesting" time when it was necessary to support *both* IE *AND* real browsers.

-A.

captain veg Silver badge

Re: It's not dead.

Web browsing is. Downloading files isn't. You should use FTP for that.

-A.

Not a GNOME fan, and like the look of Windows? Try KDE Plasma or Cinnamon

captain veg Silver badge

Re: Similarly, if you have a touchscreen

Hmm. My mileage here varies too.

My first phone was a Handspring Treo. You were supposed to prod the screen with a stylus, but I found that the nail on my little finger worked just as well. Then Blackberries were issued to the directors, the early ones with a jog wheel and no kind of screen touch sensitivity at all. I was asked to set them up. Kept on jabbing at the screen, even though I knew it wouldn't do anything. Couldn't help myself.

And yet I've never done that with a laptop. In fact on the rare occasions I ever used one that had a touchscreen I was constantly amazed when touching it caused something to happen.

-A.

captain veg Silver badge

Re: Similarly, if you have a touchscreen

My mileage does indeed vary, considerably.

I use a folding bluetooth keyboard/touchpad combo with my 10" tablet in preference to jabbing at the screen and hitting something randomly proximous to the actual target.

I do, however, have notoriously fat fingers.

-A.

Elasticsearch server with no password or encryption leaks a million records

captain veg Silver badge

Re: Clue's in the name

camelCase has initial lowercase. And looks stupid.

PascalCase (or ProperCase) is what you have in mind.

-A.

captain veg Silver badge

"partially masked credit card information"

'Customers’ orders, plus the locations they ordered from and the times at which they ordered, were also open to the world. Safety Detectives asserts that order details included “partially masked credit card information.”'

Is that where they replace the last four digits with XXXX? So, only 1000 combinations to brute force. Or just look for the same individual in some other breach where they masked the *first* four digits instead of the last.

-A.

End-of-life smartphone? Penguins at postmarketOS aim to revive it

captain veg Silver badge

Re: Yay!

Regrettably I no longer have mine. Whoever lifted it off the seat-back shelf on the Eurostar where I stupidly left it, well I hope you got a good price. Or are still using it.

Bob, I loved that device.

But mea culpa I was actually thinking of the N9 that that I bought (via a friend in Finland) to replace it.

Bob, I loved that one too. Less useful without the physical keyboard, but amazingly robust, which is what I was thinking of. Whilst I was cycling down a steep cobbled street it leapt out and went bouncing down the road at high speed. I stopped and blocked the street with my bicycle while retrieving, but it was completely undamaged. Not a scratch.

-A.

captain veg Silver badge

Yay!

A new lease of life for my N900 is a very welcome prospect. Bob, I loved that phone. Had to ditch it when work "upgraded" Exchange (spit) and the Nokia mail client could no longer connect, and neither could the browser cope with the new webmail. As a device it was far superior to anything I've used since, and totally unbreakable.

-A.

Thunderbird is coming to Android – in K-9 Mail form

captain veg Silver badge

Re: I don't need an email client that can render HTML

Hallelujah!

I had Eudora on my first (smart)phone. Resolutely plain text only. Brilliant. And it quoted replies properly too. Qualcomm also did a companion text-only web browser at the time. Really useful in those pre-3G days.

> If someone emails me in HTML format only, it's probably not worth reading.

+1 from me.

-A.

Internet Explorer 11 limps to the end of Windows 10 road

captain veg Silver badge

Re: thought experiment

Thanks for that.

I'd completely forgotten about VBScript.

Still, all those things look do-able, especially if you target WASM rather than plain JS.

Trashing your existing code and starting again is, in fact, the best course. As I understand it the problem is that the existing code can't be changed for some of these ancient apps, e.g. it's served up by some embedded program.

-A.

captain veg Silver badge

Re: open-source

I'm pretty sure that they don't own all of it. In the first place they licensed the original codebase wholesale from NCSA via Spyglass.

-A.

captain veg Silver badge

thought experiment

As a some-time front end developer I'm well familiar with the myriad ways in which IE breaks standards-compliant code, but I never really had to contend with making IE-specific stuff work in standards-compliant browsers. Naively, though, I can't help but wonder if some kind of translating proxy couldn't fix at least some of it. Any takers?

-A.

Microsoft forgot to renew the certificate for its Windows Insider subdomain

captain veg Silver badge

Re: 20 seconds of thought ...

I don't, no. I don't need to. There's just the one.

Did you read my post?

-A.

captain veg Silver badge

er, what?

"In November, 2021, an expired cert [...] prevented Windows users from opening certain apps like the snipping tool."

See title.

-A.

captain veg Silver badge

Re: not cool enough

Our devops tried to renew a cert for a domain that I had registered specifically so as not to involve them at all. They seemed genuinely confused when their habitual registrar and CA mentioned that it was registered elsewhere.

-A.

Apple’s M2 chip isn’t a slam dunk, but it does point to the future

captain veg Silver badge

Re: In Apple-specific terms, still a huge win

I always advise people thinking of buying a machine with non-upgradable RAM to spec at least twice as much as they think they'll need, because it won't be long, compared with the potential lifetime of the machine, until they a lot more than they originally specced.

So while I was sufficiently impressed by the M1-powered Mini to spend my hard-earned on one, I was deeply unimpressed by the 16GB ceiling. It'll do... for now.

-A.

captain veg Silver badge

Re: you've lost time from the wall clock

My time is worth plenty. That's why I find something else to do while waiting for a heavy job to finish.

Sometimes it's an opportunity to pass into motion a different kind of heavy job.

-A.

Behind Big Tech's big privacy heist: Deliberate obfuscation

captain veg Silver badge

Re: Bottom up approach

Dare accepted.

The data that we (my employers) get from Google, Facebook, et al, are so obviously bollocks that we only use them because they pay us to.

This is, in itself, a scandal. And probably illegal.

The problem is not them. The problem is that advertisers believe what they say.

Lo-tech advertising platforms are required to pay for audited results. In hi-tech we are supposed to just accept what the platforms claim. Who are we to question them?

-A.

captain veg Silver badge

Re: Don't buy!

Don't restrict yourself to adverts you find to be intrusive or inappropriate.

Just don't buy advertised stuff at all.

Whenever you buy an advertised product you are paying for the advertising.

And you create demand for advertising.

It doesn't matter whether the advertising worked or not, you just paid for it. If the advertising did work on you then you just paid to be advertised to. Feel good? If you bought the product for some other reason, then you still paid, but for no profit (other than that of the advertising media owner). Feel good?

I'm struggling to think of a product category where you couldn't find out about the products available without seeing advertising.

But carry on as you were, advertising pays my salary.

-A.

captain veg Silver badge

Re: "minimal, strictly necessary processing"

The only thing a retailer *needs* from me is payment for the thing purchased. I'll take it home, thanks.

-A.

captain veg Silver badge

Re: It's MUCH worse than that.........

Your government is not obliged to do any of those things.

If it does then at minimum it should make clear to its electorate what its doing (and why) and, better, ask them for approval. And should that electorate, in aggregate, approve, allow dissenters to opt out.

-A.

captain veg Silver badge

Re:, just to be bastards

> The haters argue that Apple is collecting all your data anyway, just to be bastards

No, not (just) for that.

It's because it is cheap and easy to do, and just might, at some point in the future, be extremely valuable.

Personal data should remain personal precisely because it's value is not always immediately obvious.

-A.

Tim Hortons collected location data constantly, without consent, report finds

captain veg Silver badge

Re: ...but not when it was closed/quit.

I only ever wanted my "smartphone" to be a computer, non-shitty please.

All I require from the "phone" part of "smartphone" is a cellular data connection. If it can make phone calls and do SMS stuff, well, I suppose that's handy too. I could live without it.

What I never wanted was a closed app ecosystem that encourages "free" download in return for constant surveillance.

I willingly paid money for PalmOS apps that did useful stuff on my Treo devices. I was impressed by the number of genuinely free apps available on Maemo.

I was, and remain, shocked by the abuses considered normal on Android.

I despair. What to do? (Don't suggest Apple devices without reading the first sentence.)

-A.

captain veg Silver badge

Tim Hortons

Er, Tim what?

?

-A.

BSA kicks multiple holes in India's infosec reporting rules

captain veg Silver badge

Re: British Small Arms

Bits Stuck Anywhere.

-A.

The next time your program is 'not responding,' (do not) try these steps

captain veg Silver badge

in France

Dabbs probably knows this already, but in the French version of this joke the Management Consultant is an Enarque, which is to say a graduate of the Ecole Normale d'Administration.

-A.

Azure Active Directory logs are lagging, alerts may be wrong or missing

captain veg Silver badge

Re: madness

I don't wish to mock, but I can't help myself. It's nothing personal.

> Training can be useful as it can fill in knowledge gaps

I should hope so, or it has precisely no point.

Still having thus mocked I must report that my employers repeatedly entice me to waste my time on "training" which turns out to be statements of the bleeding obvious (e.g. not responding to phishing spam) or otherwise of no value whatsoever (e.g. why I ought to tell everyone that I am a he/him despite this being patently obvious).

I ignore them.

> You may not know an option exists

That's my point. If you find yourself in that position then the documentation was deficient.

> Plus, a good instructor is invaluable. You can learn a lot that isn't in the official material.

I agree on the first point. The second implies that somehow good instructors are able to fathom features which aren't properly documented. Please don't mention this possibility to the Microsoft "partners" who offer such training. They might interpret it as a good reason to encourage Microsoft to deliberately issue rubbish documentation to their profit.

-A.

captain veg Silver badge

madness

I speak from a position of ignorance, not choosing or being forced to use Azure, but wouldn't proper documentation completely obviate the need for such training?

Having to take an exam on the (assumedly) undocumented nebulosity looks like cruel and unusual treatment.

Not that it's any excuse for them, but I'm currently doing some work using Facebook APIs, and the experience is no better. New features are released, which my employers are contractually obliged to use, but they simply don't work, and the error / status codes returned are not documented anywhere.

My technical contact at Facebook agrees that there's no obvious explanation.

At least they don't, so far as I know, offer (or, >shudder<) require "certification".

-A.

captain veg Silver badge

Agile

I still don't really know what about "Agile" is, in fact, "agile" in the normal meaning of the word. If it's an inability to stop fucking with it, which seems as likely as any other explanation, then I still don't.

-A.

captain veg Silver badge

Re: Sequence numbers on log messages

Just an idea, how about the number of seconds since 1 January 1970?

-A.

Spam is back with a vengeance. Luckily we can't read any of it

captain veg Silver badge

Re: they never considered checking that a clearly valid email address was already in use

It's not reliable. A well set up MX simply does not give out those sort of clues, because they are useful to spammers.

-A.

captain veg Silver badge

Re: they never considered checking that a clearly valid email address was already in use

Er, you can't, unless you actually send it a message and the recipient replies. I know that there are people out there who claim to be able to validate active email addresses in return for money, but they are lying scumbags.

-A.

captain veg Silver badge

What really makes my blood boil is when I report a spam to the sending ISP and their spam filters reject it due to spammy content. Span-filtering your abuse role account is simply cretinous.

-A.

captain veg Silver badge

Re: "Pole Emploi"

There is no French equivalent of the ICO. The CNIL has serious legal powers and takes complaints seriously.

01 53 73 22 22

https://www.cnil.fr/fr/contacter-la-cnil-standard-et-permanences-telephoniques

-A.

Vehicle owner data exposed in GM credential-stuffing attack

captain veg Silver badge

using the same password across different online services

I do this routinely.

It's entirely possible that other users chose the same password as me. What they can't do is choose the same user name.

I use a different user name for each online service I use (which isn't many). Mostly they require an email address for that purpose, but this is easy for me since I run my own MX on my own domains.

Remembering a strong password that you use everywhere is easy. Remembering the user name when it's basically name-of-website@mydomain.tld is also easy.

I recommend it.

-A.

How to find NPM dependencies vulnerable to account hijacking

captain veg Silver badge

Re: What if?

It's a fair question, but the "urgent security update" would have to make sense in the context of what I already know about the code, because I reviewed it. And I would review the update, natch.

The best protection against getting pwned is Not Being A Muppet. Let's at least try.

-A.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022