Posts by Chris Gray 1

tethers?

How long are those ElectroDynamic Tethers? Does the presence of those make it significantly *more* likely that collisions will occur?

Ipify.org via curl

Ah, that's the root cause. I run my toy domain over a dynamic IP address from my provider. There are scripts that determine my actual IP address by querying "ipify.org" using Linux program "curl" (fetches from a single URL). That broke because of a certifcate problem. The logged error told me how to disable the security in "curl", but since my IP address is pretty stable, I chose to sit and wait for a bit. After a couple of days I semi-automatically got an updated certificate bundle from Ubuntu and lo, the problem fixed itself.

Even though I run a couple of services here, I am constitutionally unable to be a proper sysadmin, so its mostly a lot of fingers crossed that nothing breaks! Why am I unable? Poor memory - sysadmin requires a good memory of obscure commands, and of how all sorts of stuff actually works. And yes, I do have a router acting as a firewall, thanks.

It's cheap and easy!

I was fed tea (mostly milk of course) as a young 'un, and have stuck with it. I find coffee too bitter, though I imagine I could get used to it. Tea gives me the caffeine boost that I'm now used to. All you need is a kettle (which will last for years) and a teapot (which will last for decades). Far simpler than some coffee rigs. And, I believe it is a lot cheaper than coffee.

The one downside for me is stained teeth (not nearly as bad as smokers, and I imagine coffee does it too). And perhaps a few more bathroom breaks...

Exercise?

Hmm. Guidance I've seen indicates that one should continue to get exercise, and going out for walks is a good thing, and to be allowed (just like going for groceries). By common sense you don't hug and kiss any friends you happen to meet. Sounds like the rules in Hong Kong are definitely different, if you are not allowed out of your space for any reason. What happens if you are an antisocial computer geek, and don't have anyone to go get groceries for you? If your income is gone (or you were relying on retirement funds which are now worth a whole lot less than they were), you may not be able to afford to pay to have all of your food delivered to your door.

With great power...

(By chance, just watched Into the Spiderverse last night...)

The "Unix model" includes lots of very powerful tools, such as being able to use a shell from within programs. In cases like this, the tool is *too* powerful. Using a full programmable shell for process invocations not much more complex than using vfork()/exec() is overkill, and dangerous, as others have mentioned.

It shouldn't be hard to write a *much* simpler mini-shell, which is intended for such situations. It would take time to wean programmers off of using "bash", etc. but if you give it a few "modes" for the kinds of shell-like things it will do, it shouldn't be hard to handle most cases, and would be far safer. Yes, its slightly more total code to be maintained, but worth it.

Also want more security info

Amused to see a LISP-like syntax for the WebAssembly "source". Well, it is pretty much the simplest form of "source" anyone has come up with. Better than a Forth-like syntax!

I see it supports pointer creation, casting and dereferencing. The created X86 code includes no checking of values. I want to know much much much more about what is going on. Otherwise this is the equivalent of letting J Random Hacker run any C code he wants on my machine without me having any choice. Sure, I do that with the OS and all the other native stuff that's part of the distribution I run, but that isn't coming from a random web page, which, if I don't block JavaScript, can force run stuff in my browser. BBAADD!!

{AOL}

(Me too!)

Wade, add a decent camera (13+ Megapixels) on the back, and I'll take one - you hit my list almost dead on. (Currently on Galaxy S4, still going strong on 3rd battery.)

{AOL}

(Me too! :-) )

I'm on Firefox with NoScript here, similar to many. Since I'm not web-dependent it works fine for me.

Over the holidays I was using my sister's Windows 10 computer with Chrome, and it was shocking. Since she doesn't have users set up, I was seeing ads targeted at her, and they made sense in that context. But sheesh!!!

Minor use here

I've had Brave installed (Linux) for a while, but don't use it much. I use it every now and then to work with a web-mail portal at my ISP that I need to use for an association I'm involved with. Under Firefox/NoScript it just doesn't work.

My main problem is that I've never been able to find out exactly what it does in terms of scripts, etc. It also needs fully updating annoyingly often.

I do agree with the general concept of micropayments, and so am happy to participate in the experiment.

expensive!

Several years ago I bought my Samsung Gear 2 Neo for CDN $250. Smartwatch, does notifications, texts, emails from my phone. Counts steps and will do pulse-rate. Lasts 3 days on a charge. A bit bulky. Talks Bluetooth to the phone, but has no other radios. Why can't someone produce an updated, slimmed-down version of this?

choice?

I've never been involved with Meetup or WeWork...

but, maybe they should offer meet organizers the choice of how to pay for the service. Let the organizer choose how much the repliers pay to join the meet. There should be a minimum cost to the organizer before the meet can be registered. And, once the Meetup income from any cost of repliers exceeds some amount set by Meetup, Meetup no longer charges the organizer. Or, make it graduated - the organizer pays up front, and repliers pay, as chosen by the organizer, first paying down what the organizer paid, then the rest going to Meetup. Everyone should be happy with something like that. Assuming, of course, that it is implemented and described properly.

I've got one too

And I also don't care about $10. I just hope the phone runs forever. For at least the last couple of years, I haven't seen another phone that I would want to have.

I'm quite happy with a 1920x1080 screen - longer than the standard 1080p seems silly. It has good cameras. It has a replaceable battery. It has a headphone jack. It has a microSD card slot inside. And it has no notch. Heck, it even has an IR emitter for messing with TV's, etc.

Updates?

"Check Point claimed the vulns affected billions of devices. While possibly true from a theoretical point of view back in March when discovered, the majority of those will have incorporated the patches, either through routine updates or updates pushed (legitimately) from mobile networks."

Do the numbers show that "the majority" of phones *get* updates?? Lots are out of the support range of the manufacturer or carrier.

simple solution!

Simple solution - use a tool like "NoScript" in your browser to block Javascript, and never allow any scripts from Facebook to run.

In terms of other aspects of browser operability, your mileage may vary.

Easy work-around for many

Saw this a couple days ago on Slashdot. A work-around shown there is to go into about:config and change xpinstall.signatures.required to "false". Apparantly that doesn't work for folks with artificially restricted versions of Firefox (Windows/Mac? - I forget). It worked fine for me on Linux. When a fixed version comes through from Ubuntu, I'll flip it back (not that I'm likely to install any extensions other than "NoScript"!)

Skaith North-hound?

OssianScotland, you fiend, you've put in my head the image of Stark trying to carry a North-hound from Skaith on an escalator....

(Sorry can't find online images, etc. They were giant dogs that one rode on. Author Leigh Brackett.)

Hope they win!

I hope the residents win the lawsuit(s).

Not sure what I would do if the condo board here put in an internet accessible smart lock system. Try to sell and move out, I guess.

Why can't they just put in a system that uses key fobs? The owner gets very similar info about comings and goings, but without the insecurity of the "smart" locks and the requirement for a smartphone. It might cost more - I dunno.

tapping now done

Never having visited a Facebook site, I wouldn't have known either.

Being paranoid, my theory is that the downtime was needed to insert US government tapping tendrils deep into their infrastructure, so that everything is properly gathered up.

Either that or they had to thoroughly delete all sorts of incriminating stuff (and all backups of it), in preparation for any and all upcoming investigations.

Go for *three*

Nazz, try to get it to be just 3 images, and concentrate on the middle one - its the one with left & right overlayed. Make sure you are looking straight at the image, too.

Back to Brave...

I installed Brave on my desktop and tried it out a while back. It seemed fine for what sites I visit. I also like its micropayments system, although I didn't use Brave long enough to participate. El Reg could have been one I would contribute for.

The reason I stopped using Brave is that I could not find any description of just what it does. I was left with blindly trusting its developers to safeguard my interests.

I don't want to block ads per se. I want to block 99% of Javascript. Ads don't harm me, Javascript can. So, I went back to Firefox with NoScript. And yes, that occasionally prevents me from seeing something a regular website points me at.

Works fine...

Works fine on my site, except for not showing the pictures, which is most of what's there....

(I'm a stubborn old fart who built his site by hand - no scripting and no CSS.)

Having links not work is *very* painful, though.

(And, no, I'm not pointing you lot to my website - its behind a cable modem, so is quite slow if more than one person uses it.)

(And I'm not giving a prize to anyone who bothers to figure out where it is.)

More craters

Mark 120, I came here to note the same thing.

Go down from the "H" in Humbolt, and right from the "H" in Hiawatha and you are at the upper-right corner of this nice round feature, which even has a dimple in the middle.

I also imagine small and large ones to the right of the Humbolt label.

And another large one right between the first-mentioned small one and the new large official one.

Also, go left from the top line of the dotty box, until you are under the Hiawatha...

I've spotted features like these in our local terrain maps used on weather forecasts too. I guess you have to be properly trained to avoid imagining things that aren't really there. Maybe.

Errrrr.

So my 5.0.1 device is fully safe then?

Cost!

The main reason for using WiFi at home is that it uses your home broadband connection to get to the internet instead of your phone's data plan. For many folks that costs a whole lot less - e.g. almost unlimited at no extra cost for home broadband, versus limited and expensive for phone data.

Away from home it'll depend on any costs to ride on someone else's WiFi, but I expect it'll still be cheaper than phone data on many plans.

This is the case for me, and I expect for lots of other folks too.

Here too

We have them here in Canada as well. Nearest is about 20 blocks away. I don't know if they are affected as well, and I am *NOT* about to walk into one to find out!

Hmmmm

"Mitigation: Engineers deployed a hotfix which eliminated the connection between Azure Identity Multi-Factor Authentication Service and a backend service."

What kind of back-end service needs to connect to the Multi-Factor Authentication Service? See icon.

My first "real" computer?

I had a couple of hobby computers (Radio Shack CoCo, Exidy Sorcerer with S100 expansion box), but then I wanted a *real* computer. Bought a humongous S100 chassis with 25 Amp power supply. Filled it with a CompuPro dual-CPU (8085/8088) board, CompuPro Disk-2 floppy controller, a pair of memory cards (static RAM on one, dynamic RAM on the other), a CompuPro System Controller board, and a graphics board. My biggest investment ever in a personal computer. Wrote the first Draco compiler (for CP/M natch) on that machine.

Definitely brings back memories!

Thales

Thales had the contract for the software for the most-recently-sortof-completed chunk of our LRT (Light Rail Transit) system (mostly-aboveground subway stuff). They are two years late in trying to integrate their stuff into the existing system, and the trains have been running too slow for those 2 years. A minor speed increase a few months ago. The city has set deadlines, and is about to "do something".

So, flying airplanes into the ground does not surprise me.

non-fitness user

I'm an old fart, so using my 3-year old smartwatch for fitness stuff was never something I wanted to do. It counts my steps on my regular walks, but my phone could do that. What I mostly use the watch for is telling time. Second behind that is glancing at it to see incoming texts (and often reply using the canned replies (changeable with the phone App)), see the first part of incoming emails on my rarely used gmail and ISP accounts, and see and acknowledge notifications of scheduled events. All of this is governed from my phone, so I have no use for a smartwatch with its own data connection. I also have never had any use for GPS - location services are always off on my 5 year old phone.

And yes, I never bother with the Apps I do have on the watch. When they were new I used the games a bit, but not beyond that.

So, similar in that I don't use or care about non-builtin Apps, but different in that I don't care about the fitness aspect or GPS.

I expect other life-style things will affect the value of a smartwatch to you. I don't carry my phone in my hand, and getting it out of a pocket can be a nuisance, depending on the season - taking off my gloves and opening up my parka in winter is not instantaneous!

Sounds random

This "sparse rewards" thing may be useful in some situations, but it sounds like you are asking for trouble and more work. If it solves the problem in some unique way, you have no information on how it solved the problem (for problems which don't involve watching the result happen). If you guide it with intermediate rewards, you at least have basic ideas of how it is achieving the result, and so can pick better test cases.

After all, shaking the wine bottle up and down a few times may well end up with the glass containing the right amount of wine. But, that doesn't sound like a desired solution - you haven't had any way to put reasonable constraints on the solution found.

evil injection

For web servers, one of the big security problems for quite a few years has been SQL injection attacks. We solved those quickly, right? Right? Anyone?

So, for Unix-based boxes, script injection attacks will be solved just as quickly. Sigh.

Both work the same way - stuff that should not be trusted is blindly stuffed into command strings, and the command strings are then parsed and run with whatever privileges they "need". Its just plain a bad idea.

Do Windows servers have similar problems, or does Microsoft shipping huge binary blobs actually help with this?