* Posts by Steve Graham

416 posts • joined 21 May 2007

Page:

Soft press keys for locked-down devs: Three new models of old school 60-key Happy Hacking 'board out next month

Steve Graham

I have a DEC LK250 in the cupboard. Basically it's like the LK201, except with PS/2 connectivity. When I didn't have any computers with PS/2 ports any more, I bought a USB converter, but it never worked properly. Possibly the antique beast required too much current.

That's certainly the case with my current clacky keboard, a budget ADX gaming one. I've had to use a powered hub for it (there's a LED for every key). But as well as decent keyswitches, the key legends are moulded in, not painted on. I hate it when they wear off.

FYI: Someone's scanning gateways, looking for those security holes Citrix told you not to worry too much about

Steve Graham

OK, software has bugs, but...

"POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd"

A file download API that allows access to any part of the filesystem? Astonishing stupidity.

Utilitarian, long-bodied Nokia 5.3 has budget basic specs - but it does cost £150

Steve Graham

My Nokia 5 has NFC (so a regression in specs with the 5.3), and I have no problem with battery life. I turn off wifi when not needed, as that seems to be the biggest drain. Bluetooth and GPS are on all the time.

Like you though, I wouldn't dream of trusting the Android ecosystem with my money, so I don't actually use NFC for anything, although I have played with a little app that can skim credit card numbers.

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript

Steve Graham

Re: This puzzles

The archived script was hosted by the bank at some time, which is how it ended up in the archive.

Maybe the current version on Barclay's own server broke some functionality which a "clever" developer got working again by using an older version. Hosted on some random machine on the internet.

Facebook's $500k deepfake-detector AI contest drama: Winning team disqualified on buried consent technicality

Steve Graham

Follow the money

The rules forbade using any data set which could not be used commercially. That would not be in the interests of Facebook.

Bigger than big: Linux kernel colonel Torvalds claims 5.8 is 'one of our biggest releases of all time'

Steve Graham

I avoid installing the first major release of anything. Wait until nn.nn.02 comes out.

However, I do keep just behind the bleeding edge of kernel releases. (This netbook I'm typing on is on 5.6.2). And every time I've compiled a custom kernel, which I do for every machine I use, it goes smoothly. No errors or warnings. The new kernel boots perfectly.

I'm pretty impressed by the overall quality of the development process.

An Internet of Trouble lies ahead as root certificates begin to expire en masse, warns security researcher

Steve Graham

Re: Of course if they weren't so greedy ....

I believe it's a condition for using the Freeview HD (or Freesat) branding that recorded programmes are encrypted on disk. However, as I said, off air they're in clear.

Steve Graham

Re: Of course if they weren't so greedy ....

No it's not. The EPG is scrambled, but the programmes are not.

I can use a generic decoder and save any programme to USB in MPEG stream format.

Devuan Beowulf 3.0 release continues to resist the Debian fork's Grendel – systemd

Steve Graham

Re: I like sysvinit

I've disliked it ever since I was introduced to it in Solaris. All the multiple symbolic links and changing run order via filename sorting seems clunky to me.

Still, 30 (?) years later, all my boxes are Devuan and i'm still using sysvinit.

Snapping at Canonical's Snap: Linux Mint team says no to Ubuntu store 'backdoor'

Steve Graham

What's this about having to compile multiple versions of Chromium for the same architecture?

80-characters-per-line limits should be terminal, says Linux kernel chief Linus Torvalds

Steve Graham

I used to have the terminal windows start up with black text on a white background. Then, recently, someone on this forum was reminiscing about DEC terminals. So I've now set it to be green on black.

The user prompt, however, is a blue "$" and the superuser prompt is a red "#", so what would that make it? A VT240?

It's not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously

Steve Graham

incredible blunder

The Exim developer who caused the bug needs to be taken aside for some "re-education" in the old KGB style.

Ardour goes harder: v6.0 brings 'huge engineering changes' to open-source digital audio workstation

Steve Graham

I use both Ardour and Audacity, the latter mainly to tweak one stereo track. I think Ardour's multi-tracking is more intuitive.

I don't think I'll be upgrading to an X.0 release after "major engineering changes" though.

Microsoft blocks Trend Micro code at center of driver 'cheatware' storm from Windows 10, rootkit detector product pulled from site

Steve Graham

Re: Dieselgate 2.0?

At least VW's cheat software had to try a bit. The cars don't have a registry entry that says "We are now performing a test."

It wasn't just a few credit cards: Entire travel itineraries were stolen by hackers, Easyjet now tells victims

Steve Graham

Re: Just to point out

An acquaintance received the email regarding the exposure of her credit card details. It explicitly states that the information included the CVV, which I think means that Easyjet are not PCI DSS compliant.

Steve Graham

Re: Stelios & EGM

I've seen quotes from him that make it clear that he suspects corruption in the procurement of the Airbus contract.

(It was only January this year when the USA, UK and France imposed huge fines on Airbus for bribery in other deals.)

Source code for seminal adventure game Zork circa-1977 exhumed from MIT tapes, plonked on GitHub

Steve Graham

You could say "Kick the grue." at any point. It didn't achieve anything, but it worked, and it proved that the grue was always near, just waiting for the dark.

Steve Graham

Edinburgh was my alma mater too. What was the programming language? I vaguely remember parallelism in it, and the instruction "***".

(I graduated in Physics exactly 40 years ago.)

Where the hell Huawei? It should be a bit easier to tell now the AppGallery has its first proper navigation app

Steve Graham

"utterly feature-crippled, only supporting offline navigation"

That's the exact reverse of my point of view. Google Maps, for example, only really works if you have an internet connection. If you don't, well, you can't even tell if you're up shit creek or not. (You can cache areas in the Google app, but they evaporate automatically after a short time. Got to renew the snooping.)

I prefer a navigation app which is pre-loaded with maps of the places I'm travelling around.

In case you need more proof the world's gone mad: Behold, Apple's $699 Mac Pro wheels

Steve Graham

not just wheels

I've just checked the small ads, and you can buy an entire 2002 Golf GTi for £500 in my area.

What happens when the maintainer of a JS library downloaded 26m times a week goes to prison for killing someone with a motorbike? Core-js just found out

Steve Graham

Re: Shirley!

I guess that nobody wants to commit to the learning curve. It's likely that most users of the package don't have the skills to maintain it.

Hello, support? What do I click if I want some cash?

Steve Graham

I'd bet actual money* that there will be active PS/2 ports on the motherboard.

*I'm not a Barclay#s customer, so I have access to actual money.

Samsung cops to data leak after unsolicited '1/1' Find my Mobile push notification

Steve Graham

No wipe

It's not necessary to wipe the phone and its system software to remove "system" apps which are pre-installed if you can gain root access. Simply moving the app from the system folder to the general one converts it to a normal app which can be uninstalled.

Windows 7 will not go gentle into that good night: Ageing OS refuses to shut down

Steve Graham

Re: And contrary to "expert" advice ...

My recent experience with Windows is limited, but I'm pretty sure that pressing the power button starts a shutdown (or maybe a suspend to RAM, which is what my Linux boxes do).

Unless you hold the button down until the firmware does a hard power-off.

Latest battery bruiser Android from budget Moto G range appears ahead of MWC after an Amazon whoopsie

Steve Graham

Re: Battery life is an illusion

On my 2-year-old budget phone (Nokia 5) the biggest battery drain is wifi. If I turn it off, except, say, for an hour's use a day, a full recharge lasts a week or more. Except if I forget to "force stop" Google Play Store after turning wireless off each time.

Bluetooth and GPS are permanently on. The latter means that Google are lying to us (quelle surprise) when they characterize GPS as high battery drain and sniffing wifi hotspots as low.

(Most of my day is spent with a computer in reach, so I don't need to use the phone so much for internet. Your lifestyle may vary.)

Google Chrome to block file downloads – from .exe to .txt – over HTTP by default this year. And we're OK with this

Steve Graham

Re: Doesn't make any sense

I thought this as well. Their "staged" plan doesn't make any sense: first we will block ".exe" files, then we will block ".zip" files, etc.

But, actually, by the end of the year, file name extensions become irrelevant (we're told) so non-Windows platforms shoud be equally protected.

Team China: Nation's biggest mobe makers link arms to battle Google's Play Store

Steve Graham

Users couldn't care less if their app (e.g. mail) comes from Google or Huawei, as long as it looks the same and works the same.

I do agree that I can't envisage the Chinese companies being any better than Google at building a store that's secure, efficient and user-friendly.

From WordPad to WordAds: Microsoft caught sneaking nagging Office promos into venerable text editor beta

Steve Graham

Re: Many of these ads can be disabled.

Upvoted, but to be fair to the internet's semi-illiterate masses, "lose" is an anomaly in English. Spelled like that, you'd expect it to rhyme with "hose" and "pose". Really, it should be spelled "looze" (as in "booze") or perhaps "luze". The latter would work particularly well here in Northern Ireland.

Shhhhhh: Fujitsu bags another £12m from Libraries NI as bosses fail to bookmark replacement

Steve Graham

Re: Loadsa money

1. "Ulster Unionist Party" is the name of a specific political party in Northern Ireland. It was the "Democratic Unionist Party" who were bribed by the Conservatives.

2. The supposed billion has had no visible effect on anything, and even if it really does exist, libraries are not a priority for austerity-obsessed politicians.

3. The Prime Mister was typically evasive when asked about the promised additional funding.

Linux in 2020: 27.8 million lines of code in the kernel, 1.3 million in systemd

Steve Graham

Re: I've had .....

I think the plan was for PulseAudio to handle the entire sound stack, but when they found that it was difficult, and that there were many different devices to handle, the scope was reduced, so that it's just a layer on top of ALSA, and further development seems to have stalled. One thing you can do with PulseAudio that you can't with ALSA itself is to adjust volume per process. So that if you are listening to two things at once, you can... actually, why would you do that?

I've always disliked ALSA in that it's stuck on the side of the kernel source, and the configuration syntax is obscure and illogical. However, I've learned to live with it. You can do some powerful things, such as routing or replicating audio, which you might expect to have to use another daemon to do (I mean jackd).

Steve Graham

I removed udev once it got eaten by systemd.

In its place I use mdev, which is one of the many faces of busybox. I know busybox smashes the rule of "do one thing well" but it's still small, and it works. In my case, there aren't many things I need after boot. Automounting USB drives; changing the optical drive for a hard disk in the dock of my venerable Fuji; changing a mouse or keyboard.

I did need to add some modules to the set loaded at startup, and I had to change some device permissions and ownership (in rc.local) but everything is stable and trouble-free.

IT exec sets up fake biz, uses it to bill his bosses $6m for phantom gear, gets caught by Microsoft Word metadata

Steve Graham

Green

I'm hoping very much that the "j" at the end of his name is pronounced like the "j" in "justice" and not like "i".

The time PC Tools spared an aerospace techie the blushes

Steve Graham

Re: Anyone who says they have not done this is lying

You can create a bootable USB stick by something like "dd if=image.img of=/dev/sdb".

One day, I thought "Hah! Better not type 'sda' instead, becuase that's the hard disk! Ho ho!"

I thought it. And then I did it.

Fuming French monopoly watchdog is so incensed by Google's 'random' web ad rules, it's fining the US giant, er, <1% annual profit

Steve Graham

Re: Deceptive units.

If I remember correctly, the unit most often used in Tesco for toilet paper is price "per 100 sht".

Vivaldi opens up an exciting new front in the browser wars, seeks to get around blocking with cunning code

Steve Graham

Non optional?

If I understand correctly, Vivaldi will ALWAYS spoof as Chrome from now on? What if I don't want it to?

(I've been using Vivaldi as my main browser for almost 2 years now, and I've never had a website complain about it.)

No, Illyrian, Naqaỹa, Mastika, Automex aren't Hollywood's hottest baby names – they're new monikers for exoplanets

Steve Graham

terminological inexactitude

Call me a nerd, but I have to point out that the UK names come from the Isle of Man, which isn't part of the UK.

Where's our data, Google? Chrome 79 update 'a catastrophe' for Android devs with WebView apps

Steve Graham

Re: Back up your data...

The Android permissions model may make this difficult unless the app developer has taken steps to allow it.

Ex-Twitter staff charged with spying for Saudi royals: Duo accused of leaking account records, including those of critics

Steve Graham

Re: What's Sauce for the Goose...

"discreet"

Most watches are discrete.

If you want an example of how user concerns do not drive software development, check out this Google-backed API

Steve Graham

Data-slurping is Facebook's core business, but by using a web browser with some useful extensions, I can use Facebook with the snooping at a level I'll accept.

If you try to use Facebook Messenger with a mobile web browser, it refuses to open, and tells you to install the mobile app. (Changing the user agent string still makes it work though.) Facebook would just LOVE a means to get users off the browser and onto the mobile apps.

(The Facebook and Messenger apps have less functionality than is provided by web access, as well as behaviour like hoovering up your contacts.)

After four years, Rust-based Redox OS is nearly self-hosting

Steve Graham

Re: Get over your Filesystem operating systems

"So, what OS have you written that doesn't need files ?"

Both iOS and Android attempted this. They pretended that there were no files, just apps and their data. Of course, files still existed in reality, and over time have made their presence felt.

We are absolutely, definitively, completely and utterly out of IPv4 addresses, warns RIPE

Steve Graham

IPV4.1

The IPV4 header can have an "options" field of up to 40 bytes, so it would have been possible to kludge on an extension to the address size without breaking the header structure.

Chancers keep buying up dot-UK company name domains: Got a problem? That'll be £750 for Nominet to rule on it

Steve Graham

.uk was assigned to Ukraine, while the UK (government) took .gb

It was only the persistence of nerds of the early internet -- people who like terminology to be correct -- that .uk became the de facto domain for the UK.

Steve Graham

My local Indian takeaway has a .uk domain. When I saw the new sign go up, I thought it must be a mistake and the ".co." had been left out, but no, it was correct. I'm still not sure if it happened by chance or there's some backroom mastermind nerd setting things up exactly the way he likes it.

That code that could never run? Well, guess what. Now Windows thinks it's Batman

Steve Graham

I wrote the code running on forex telecoms consoles, and I had a "maintenance mode" which was called up by an obscure key sequence. At the top of the main maintenance menu, I'd programmed a random, irreverent one-liner to be selected from a short list. (I only had 128kb of EPROM for the whole suite.)

Well, obviously, one of the dealers carefully watched as a tech called up "maintenance mode" to fix something on his console, and then the magic sequence was passed round the dealing floor with great amusement.

They made me take it out from the next release.

UK ads watchdog slaps Amazon for UX dark arts after folk bought Prime subs they didn't want

Steve Graham

Confused? You will be.

I actually had the reverse experience. I paid for an item and thought "Wait -- did I just sign up to a 'free' trial of Amazon Prime." So I investigated all the available settings in my account, and it seemed that I hadn't. But anyway, I emailed Customer Service to confirm, and had a reply! confirming that I hadn't signed up.

I mostly don't use Amazon now because of their tax dodging; and also because their seach functionality is shit.

Hubble grabs first snap of interstellar comet... or at least that's what we hope this smudge is

Steve Graham

It's the second interstellar object to be detected by humans, not "the second interstellar object". They've been flying past for billions of years.

Microsoft changes encryption, another D-Link bug, phishing dangers, and more

Steve Graham

Re: Google think it's fine apparently

What is the advantage to Google, Adobe etc of these redirects?

Just harvesting data on user activities.

Stallman's final interview as FSF president: Last week we quizzed him over Microsoft visit. Now he quits top roles amid rape remarks outcry

Steve Graham

Re: Tracking

I'm letting the comment stay, even though it was the result of a momentary lapse into stupidity.

Steve Graham

Tracking

How does he think a pager works? By magic, or by communicating with phone masts?

Scotiabank slammed for 'muppet-grade security' after internal source code and credentials spill onto open internet

Steve Graham

I did some development work for a UK bank back in the nineties. The restrictions, rules and regulations were strict, and were strictly enforced. After all, it was people's money that was at stake.

Clearly. times have changed.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020