Posts by Rich 2 464 posts • joined 24 Jun 2009
I get all the arguments for DoH but the more I read the more I’m thinking what is the f’ing point?!
If you want genuinely secure DNS then build or find a secure service. However big a bow you stick on it, DoH is NOT such a service - it’s utter bollocks that has been and will continue to be bastardised by the tech industry to circumvent any perceived “security” it ever had (which, in practical terms, is fuck-all)
When I look at this mess and add it to the growing list of (mostly) tech companies that behave in an abhorrent way, one things bubbles to the top - they’re all American - I’m thinking faecesbook, MS, Googlies, etc etc... the list goes on
Is this a culture thing? “I am an American therefore I shall behave in a shockingly bad, amoral way”? Or is their regulation so non-existent that it allows all this shit?
Yes it will cost money. But ANY solution will cost money.
And it may not be perfect but assuming the parents lock down their kids’ phones, it could cut out the vast majority of smut on little Johnny’s phone. Which is 100% more that is achievable at the moment.
Anyway, if googlies don’t like it, it gets my vote!! With bells on.
I used to work on this stuff (TV streaming) and my overriding opinion of it was (and still is) that the majority of the complexity in this regard stems from broadcasters having an inflated opinion of the value of the content the produce. ITV player is probably the best example of this - the complexity involved in streaming an advert, breaking off to show a bit of a program (eg emerdale or corri) and then going back to an advert (sarcastic? Me!?) is bonkers complicated. I can’t remember now, but it involves something like 2 or 4 certificate servers, plus the actual content streaming servers (one for the adverts and one for the program) and the chain of stuff that has to happen for it all to work is nuts!
And all this complexity is mostly because ITV don’t realise (or don’t want to admit) that todays emerdale/corri is tomorrow’s virtual chip paper (when did you last see a thriving black market in corri episodes? Nope. Me neither).
There are other issues too, of course. Maybe some of it stems from the idea that people would use their “smart” TVs to do their shopping etc etc. Of course nobody does because it doesn’t work very well compared to using a laptop, or even a phone.
And being able to download updates needs the device to trust the source (oh the irony!)
Oh, and Of course there is the matter of a lack of forward thinking :-)
... whereas in some “higher level” (scripty) languages I can think of, the program doesn’t crash - you just get gibberish or because undefined variables magically come into existence!! That’s even harder to debug. At least when c crashes, you can get a core dump out of it which often points to the problem pretty quickly
“... tech industry needs software performance engineering, better algorithmic approaches to problem solving, and streamlined hardware interaction”
I read that and my first thought was “shame the world seems to be migrating to stuff like python“
... only to have the issue highlighted a couple of paragraphs down. It’s been said zillions of times before of course, but hacky scripty language’s like Python that pay no regard whatsoever to how the underlying hardware works are the reason we all use multi-GHz multi-core power-eating monster computers - just to do a bit of word processing.
Hacky scripting languages have there place but things would work a lot better if the authors of the bigger (in size and/or time) python applications learned to use a more effective language that runs (for example) 47 times faster!! What a pile of shite modern software is :-(
Ok. I’m not a Windows person at all so I admit I might be missing something here. But...
MS are making a fuss about a terminal program? In 2020? That’s about, errr... 60 years after it was pretty much nailed on Unix and VMS and just about every other OS of any significance.
Wow!!!
“....have until the end of June to switch to a supported language”
That’s ok then. I mean, who can’t fluently learn a new language in a month? Duh!!
Oh, and of course you need to tell everyone you might be writing to to do the same. Otherwise they won’t be able to read your letters.
It’s bad enough when “English” is taken to mean the Americanised mangled version, with no option to change it to real English.
Fuckwits!!
And in true MS style, “consistency” is taken to mean “lowest common denominator” (because we can’t be arsed to do a decent job of it)
I consider myself a “long term” c person - 30+ years, and I’ve never got along with the 0 == x thing. It just doesn’t read right and makes my brain turn itself inside out. Mush easier to just write the thing correctly (x== 0) in the first place. I can’t remember the last time I accidentally used a = instead of a ==. Probably about 29 years ago
Firstly C does not have a steep learning curve. It’s really very simple and logical and if someone in the software field doesn’t get it then that probably tells you all you need to know about their abilities and education.
As for there being less stuff written in C, I think that is, quite frankly, bollocks. There is a gargantuan amount written in C. You just don’t know about it and you don’t see it. But it’s there.
And yes, there is a lot of crap C out there. But saying something (eg JavaScript) isn’t crap because there’s a lot of other (eg C) crap is no argument and never has been.
But JavaScript really is shite. It was shite when it crept out of the swamp and itt’s still shite. It has absolutely no redeeming features. It should have been strangled way back.
The problem I have with any of this is that on the face of it, it may be a good idea. But (and it’s a huge but) the tech industry has such a shockingly bad reputation when it comes to privacy and generally being decent and honest that even if someone could show me that the apps themselves are 100% secure, I STILL won’t subscribe to the idea. Because the app security is only half the problem. It’s what happens to the “secure” data afterwards. And the answer too that is nobody knows apart apart from the tech companies and spying governments that will have access to it. And neither of those parties are honest enough (at all!) to tell the truth.
And anything that uses googlies analytics is, by definition, insecure and privacy-invading. So the app can’t even get past the first hurdle
While I’m all for meaningful variable and function names, the only thing that helps with comments is actually writing comments.
And please don’t go down the “self commenting” argument - it’s bollocks and perpetrated by lazy people who can’t be arsed to document the (usually crappy) software they write
Sooooooo... if the contractors are all evading tax and being generally quite naughty then that's BAD, isn't it?
So, yes, of course, you want to (indeed are compelled for the good of the nation) to clamp down on their behaviour. Can't let these thieves and vagabonds carry on like this!
Buuuuuut.... if you are prepared to delay such obviously important action against these terrible contractors, then ....errrr ....doesn't that show that HMRC are either;-
1/ Happy to allow this terrible crime to go unpunished. Surely, that can't be right can it? I can't think of any other examples where the govt have a plan to stop crime but then decided it doesn't actually matter any more. That would be very odd
...or...
2/ HMRC don't actually believe that what the contractors are doing is actually THAT serious? In fact, it's perfectly legal within the normal bounds of business law, and HMRC is and has been talking complete bollox all this time and are actually just on a witch hunt
So, which is it HMRC?
“These repeated allegations from a commercial competitor don't stand up to serious scrutiny."
I think you’ll find the allegations stand up to any kind is scrutiny. Googlies is and has been taking the piss for many years. Just why the EU didn’t slap a massive GDPR penalty on them as soon as GDPR became law is unfathamable. Same goes for faecesbook (obvs).
And, as a side note, Googlies always answer these “allegations” (aka facts) by pointing out that users can change the settings in their accounts. But this does absolutely nothing to address the issue of them stalking people who do not have and have no wish to have any kind of account with them.
As Chris G points out, the problem with DDG (at least the last time I looked) was that it's not regionalised. It is hugely US-centric. And I'm not convinced it's even that good, despite all the fuss that seems to be made about it.
For Euro-centric search (actually, just non-US-centric!), you're better off trying something like Swisscows, or MetaGer or Qwant (other search engines are available).
I used to use StartPage until I found out that it it had got bought-out by some US advertising outfit, or something like that - can't remember. Anyway - not recommended now - it's gone to the evil googlies-esc side - don't use it.
"...and build industry-leading controls to help people protect and manage their data."
It's a shame that "industry-leading" is just a fluffy-sounding name for "we're actually a completely amoral company headed by a psychopath who wouldn't think twice about selling his/her kids to the highest bidder. So you're privacy concerns have got no fucking chance mate!"
"...was described as a "beta"-grade feature..."
"...The board noted Tesla had improved the built-in warning system that flashes alerts if a driver has let go of the steering wheel for too long when Autopilot mode is active. In Europe, that time is 15 seconds..."
Err, shouldn't that 15 seconds be reduced to something lower. Like zero?
Why don't Tesla just switch this thing off? Clearly some people are too stupid to use it safely.
I'm very well aware of that. The vast majority of what I make doesn't go to customer. But it still needs to work and including random versions of external libraries that might change at any time is, quite frankly, a bonkers way to proceed.
How do you version control it? I can check-in version 42 of my code and declare that it' works. But if the version I tested was built against some random versions of some libraries it uses, then version 42 is meaningless and (short of trolling through the build logs to dig out the actual versions used) impossible to reproduce
"It has continuous integration, where code changes committed to a repository in GitHub, Bitbucket or Azure automatically trigger a build process,..."
That doesn't sound like a very stable way of building anything; bringing in random versions of external dependencies each time you build? Surely, a more sensible approach, and the one that sensible people follow, is to have fixed, known versions of external dependencies. So that when you DO update them and stuff breaks, you have a slightly better idea of why. Not to mention having a handle of what versions you shipped with your product to customers.
Oh hang on though! I get it - "sensible" isn't cool is it? Duh! Silly me.
After installing the tool and authorising to a GitHub account via the browser..."
A command line tool that actually needs a GUI* browser to be able to use it! That's a new one on me. What a joke
(*) Yes, I know there are non-GUI browsers out there, but being realistic for a moment... (actually, even if you used a non-GUI browser, it's STILL a joke!)
"If there's no science in this, then you won't be able to do it."
It's amazing that NASA send out rovers called "curiosity" and probes called "voyager" and yet their upper management have absolutely none of the qualities that such names embody. In fact NASA have an extremely long history of deliberately ignoring (or deliberately destroying) interesting and curious stuff.
Thank goodness the people on the ground occasionally manage to get around such closed-off and sterile opinion. And good on 'em!
"I was on a total...of just over £25k, a contractor...was on just over £45k........."
"....and it just wasn't fair. He got time off when he wanted. And.. and... he got a comfy chair... and and... his car was better than mine... and he was always down the pub... and... and..."
So if you felt so hard done by, why didn't you leave? Maybe even to go contracting? But not necessarily.
Or is it more personally fulfilling to just complain about it?
I can't help thinking OSS are actually correct in this. I'm no lawyer, and I'm not saying it's right, but...
The GPL says you CAN redistribute the code if you want. OSS are not preventing anyone from doing so. They are just saying that if you do then you've burnt your bridges with them and they won't give you any more. And, as they point out, there is no law to say you MUST do business within someone.
Also, OSS are providing the code to their customers in (apparently) source form. So in this respect, they are compliant with the GPL. The GPL doesn't say that the customer must then pass-on the code to whoever asks for it.
I think OSS are correct in doing what the are doing.
The defamation thing is another thing entirely - you can't go round throwing sue-balls at someone for expressing an opinion (well, at least that how it used to be. These days, you can find yourself in court for any number of opinion-based comments)
The push for all websites to use https is all very well but isn’t this putting even more strain on the IP4 address shortage? One of the overhead of https is that every domain needs to be on a separate address.
.... or is there some additional magic at work at hosting companies to get around this?
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2020
