Posts by Glen 1

Re: Browsers

"third party service of some kind"

Which would make it trivially easy for browser clients to isolate.

The point of the container is not to block everything (ala noscript of ghostery), as many sites deliberately break themselves if they detect ad blocker type behaviour. The point is to have every domain see its own browser, forcing third party services to infer/guess connections between sites rather than the tentacles we currently have.

Third party cookie isolation is just the start. No eTags outside of first origin. Each container getting its own cache etc

The main countermeasures to such moves include things like OAuth, where its the first parties sharing information directly with each other, cutting out the third party middleman.

Also, isolating separate accounts with the same service is still a pain. Log in to a family-facing Facebook account, then switch to an account showing a less culturally accepted side of you? That account is probably going to show up on your family's "people you may know" feed. Or worse - it will be given as a "helpful" option to login as on a shared machine - a potentially life threatening situation in certain parts of the world.

That said, if you are spending enough time on any single service, they probably have enough information (search habits, browsing preferences) on their own to build a useful ad profile on you, without having to link to any other site/service.

Re: The Gordian Knot

They "effectively shut down" whois in the EU, so are technically compliant.

The paymasters are whining about it, but it looks like the EU is carrying the bigger stick.

A bit like replacing Utilman.exe with cmd on Windows 10.

Re: Warmer.

Say there is a planet out there without moons, that also has intelligent life.

The locals might posit that a planet *with* large tides might make it impossible for life, what with all that sloshing about and all that.

Re: VBA Security Security Security Security... I can't hear you!!!

Given the propensity for JavaScript libraries dedicated to graphing and similar, do you (the el Reg readers) think the move to web-based stuff is an improvement on Excel?

I suppose having a JS front end implies there is a proper database somewhere at the back...

motor or pedal?

The choice will make a big difference

Re: Lots of great stories, as usual...

Because you can do 1-3 without leaving the comfy chair.

In many of the stories like this that get reported, the wannabe BOFH got caught because of... incompetence.

It makes me wonder how many *competent* folk have pulled such shenanigans and never been caught.

Re: Phew! We're safe then!

See also: Flatpak and Snap

Re: RISC-V Pi

I think its more that the Raspberry Pi foundation takes a pragmatic approach to openness.

As in (paraphrased) "as open as we can be, but not minding some closed stuff where it makes sense".

It was thanks to pressure from Eben et al, that the first set of open source graphics drivers for the Pi were released. (although it turns out they were just a shim for the onboard functions). These days we have full OpenGL ES 3.1 conformance through Mesa, with Vulcan incoming.

Remember, the early prototypes for the Pi bore more of a resemblance to the Arduino Uno than the eventual Pi 1.

Quote from Eben referring to toolchain assistance:

"We believe that instruction-set diversity is important, and that open, free instruction set architectures are an important enabler for innovation. Our impression is that the hardware side of things is going pretty well. We think we can contribute on the software side, which is important if RISC-V is going to become a viable alternative for desktop general-purpose computing."

Re: Hoots Mon

"telling people one thing (socialist utopia) and the required fact (cut public spending harshly)"

Those things aren't necessarily mutually exclusive. It would help if we stopped pissing money away on rich people. The Lords 'attendance allowance' is, per day about the same a job seeker gets in a month.

That's not to say I think the Lords shouldn't get anything, but we are currently nickel-and-dime-ing the poorest in society while spaffing - *picks at random* - £43m of public cash for a garden bridge that was never built - and even *that's* small potatoes compared to the current/impending clusterfucks.

I wonder what percentage of the recent "emergency contract" funding is now in the usual tax havens?

Re: And this ladies and gentlemen...

I suspect the problem expense for change-giving machines isn't the capital outlay, its the costs of keeping it stocked with change.

Its harder to rob a card terminal - assuming EMV these days - or at the very least, it requires a different skill set.

Re: Repetition = practice

"Learning those by rote is (unfortunately) the only practical way."

<sarcasm>I know! Its not like were going to be carrying devices capable of doing calculations with us 24/7</sarcasm>

Re: No typist needs lights

One of the the things missing from (some) typing trainers is a ghost keyboard on the screen highlighting the typed character.

When I mess up, I have to look down. It breaks the flow of things. Having it on screen means I no longer have to look down.

Anyone remember Typing of the dead? (Its sequel is available on Steam, and is Very NSFW)

Re: How many does that database say read El-reg ?

"Reading between the BS statement lines"

Clever people are better at rationalising. Healthy cynicism doesn't mean they can't be fooled. Dunning–Kruger effect applies.

Re: Cheese

How much is Liz Truss' salary again?

£80k for being an MP + £80k for being secretary of trade?

So her personal "win" is worth less to the UK than her salary.

Not to say there isn't other stuff involved, I'm sure she works very hard etc, but hailing this rounding error in trade as a win seems... desperate? Clutching at straws to overstate how good it is?

TBF, I haven't seen officials *themselves* mentioning the cheese specifically as a win, only the forever over-keen sensationalist press.

For me, there are *whole genres* of music I would have never heard of if not for the "Continue playing songs like this after last song" thing on Spotify.

Kinda reminds me of the early days of internet file sharing where people would pad the file names with similar bands to aid discovery.

Hell, I'd never heard any Iron Maiden till the Carmageddon II soundtrack... These were the days where game music was extra tracks on the game CD, so you could play it on a regular player.

Radio used to be the primary means of new music discovery, "The rock and Metal show" on 12am on a weds isn't going to feature on peoples radars unless they seek it out... or come across it while channel hopping for music to fall asleep to.

Even when Kerrang Radio launched, it seemed to deteriorate into one sub-genre (emo pop punk), which in itself is fine, but when its gets difficult to differentiate between bands, let alone songs, that gets old fast. Add to that the fact you get at most 2 songs in a row without interruptions and you start wondering what the hell are you dong with your life.

Auto generated playlist with "continue playing" at the end, and suddenly a lot of the frustration goes away. A mix of the familiar and the new (to the listener).

Re: whoops - wrong disk

"whoops - wrong disk"

I read that title and flinched.

Re: Too much javascript

That only has an impact where you have a monetary relationship with the site directly.

With somewhere like el Reg, how do the writers get paid? Remember, it's the *advertisers* that pay their wages, and its the advertisers that have their 3rd party domains serving up ads. You could do some proxy stuff, where el Reg acts as a MITM between the ad server and the reader, but that would cost a bunch of resources that are currently unnecessary - not to mention potentially falling foul of some privacy laws and defeat many ad blockers.

You say you don't want to give your data? That makes you *substantially* less valuable as a reader to advertisers, and the writers company paying the writers gets paid accordingly.

All in all, not allowing 3rd party assets currently breaks a lot of stuff (CDNs, embedded YouTube vids etc)

That said, I largely agree with you. I feel there should be mechanisms for specifying which domains are in use for *code* and which are for content - Think NX-bit but for browsers. Email clients (should have) learned years ago that arbitrarily loading/running remote content is dumb as hell.

Web browsers need to be a lot smarter. Same-origin policy was a good start. Maybe specifying a whitelist? We are already bombarded by "please enable notifications" pop overs on lower quality sites, having 3rd party JS disabled *by default* would force web folks to be a lot less obnoxious about what they throw at us.

Re: Beware The Gosling effect

"borders on the ridiculous."

No more ridiculous than requiring space to have curvature in "another dimension" to explain gravity. Yet relativity (and spacetime) is one of the most rigorously tested theories we have. Hell, GPS has to account for it to work.

Quantum teleportation describes the *observed* phenomenon, much like dark energy and dark matter describe others. The theories as to *why* are... less clear

Remember, the Schrodinger's Cat thought experiment was a *critique* of the superposition theory (Copenhagen Interpretation). After all, saying the cat is somehow dead *and* alive "borders on the ridiculous". Yet it matches the observed results. (the superposition, not the cat thing -YKWIM)

*shrug* There are bigger brains than yours (or mine) working on it.