* Posts by TonyHoyle

374 publicly visible posts • joined 22 Mar 2010

Page:

Sweet 16 and making mistakes: More of the computing industry's biggest fails

TonyHoyle

In the sinclair market most people just wanted games.

They tried with the QL.. it had passable word processors etc. and you could get ones with proper keyboards and phone integration (ICL One Per Desk / Merlin Tonto) but just weren't seen as a business computer... everyone just bought a PC instead.

Under pressure from Europe, Apple makes iOS browser options bit more reasonable

TonyHoyle

Re: Groan

IRC the maximum brightness was written in watts instead of lux, so when LEDs came about they effectively have no legal limit to brightness due to their efficiency.

I'm surprised there haven't been fatalities from the brightness of some of the lights out there

EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft

TonyHoyle

Re: Sorry, MS, but you're wrong...

What Microsoft need to do in the future I think is to just forbid ring 0 stuff from doing this.. no WHQL if you try.

Writing an architecture that hands off the complex stuff to a userspace service is harder but the consequences of failure is only that your service doesn't run, not that the entire kernel gets borked.

Also, the rules for a driver claiming it's essential for booting need to be tightened up.

TonyHoyle

But crowdstrike had labelled their driver absolutely required for boot.

The system had no choice. It can't make value judgments.. it has to use the information it has.

TonyHoyle

Re: Dave Plummer has a different take on this

From what others have said crowdstrike bypassed their own rollout procedure to force the update straight onto production networks, bypassing staging.

So failures all round.. not only did they not test internally (testing with a different version than you send out is not proper testing) they bypassed measures that would have caught this before it did damage.

And of course crowdstrike are able to do this with no consequences because the companies all signed contracts absolving them of liabilities.. the millions spent on the cleanup will be borne by others.

Andrew Tanenbaum honored for pioneering MINIX, the OS hiding in a lot of computers

TonyHoyle

I remember minix.. first 'real' OS I ever ran. It was expensive - you had to buy the book to get it and £50 was a lot for a student in the 1980s. It was horrifically slow, running on the underpowered x86 machine I had at the time, and of course there was no internet (that an ordinary mortal like me could get access to, anyway) so no networking. But I really enjoyed playing with it.

It would be 10 years until I used anything like it again when I got some slackware floppies (possibly off a coverdisk?).

I never read the book.. too academic for me (I was always a hands on kind of person), but undoubtedly if he'd never written it linux might never have existed.

Wi-Fi devices set to become object sensors by 2024 under planned 802.11bf standard

TonyHoyle

Re: Stalker's dream

Wifi has the same problem as radar sensors (dirt cheap from ebay) and the problem is they see through walls, so any movement anywhere in their sense radius sets them off.

My outside light has it and it's always switching on just from movement in the house.

The reason why alarms still use IR is that's stopped by walls, otherwise your neighbours would keep triggering it.

Ubuntu 24.04, Fedora 40, EndeavourOS, and TrueNAS 24.04 all arrive at once

TonyHoyle

Re: Come on!

Names never get translated..

Otherwise We'd be enjoying Microsoft Fensters, Rouge Chapeau 6 etc.

VMware’s end-user compute community told to brace for ‘Omnissa’ shift

TonyHoyle

"Those folk were asked to describe end-user computing and the word Omnissa is the result."

Those must be some expensive drugs they're on.

Valkey publishes release candidate and attracts new backer

TonyHoyle

TBF at least part of the reason for this fork was that *other* greedy companies were upset they'd lose their free lunch..

AI hallucinates software packages and devs download them – even if potentially poisoned with malware

TonyHoyle

There's no evidence that capybaras generate insecure code either.. should management start running a zoo?

HP's CEO spells it out: You're a 'bad investment' if you don't buy HP supplies

TonyHoyle

Re: HP Toner

It's not really true any more.. LED printers aren't significantly more expenisve than inkjets, and have the advantage that they don't brick if you don't use them for a while (inkjets dry up, which means head replacement, and many models, including HP, that means a new printer.. it was precisely that happening that had me swear off HP, and inkjets, for good).

I've got a Colour Brother that although it wasn't the cheapest around, was a good investment and works first time every time I print to it, even if it's been months.

TonyHoyle

Re: Security

It's bullshit.. a cartridge has about 32 bytes of EPROM containing a serial number and some identifying stuff. It doesn't have a y kind of processor..

The number of design flaws you'd need in HP printers to make that a security risk is insane and would make HP printers a complete do not buy.

HP ate just trying to.undrrminr 3rd party cartridges for profit

Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections

TonyHoyle

Re: Sacre bleue

If it's not in the approved list of verification it would be unlwaful for them to do that.

They're specifically not allowed to warn the user when the government CA is in use.

TonyHoyle

Re: How is this to be managed?

It will be illegal for the browser to offer the ability to disable the government cert. Mozilla aren't going to risk billions in fines.

GhostBSD makes FreeBSD a little less frightening for the Linux loyal

TonyHoyle

Linux is fragmenting too much now - before you could hop between distros and there were really only a couple of variations even in system config, now you've even got distros ignoring FHS and calling that a feature..you can have 3 different ways of configuring the network even within the same distro (one of them might even work correctly) and god help you if you do a major update as you'll find a bunch of stuff that worked perfectly well has been 'deprecated'. Even debian is starting to be affected by the rot..

I previously looked at bsd but couldn't get my head around the ports system (using CVS to update the list of packages, then hunting around the directory tree until you found something that did what you wanted just seemed so primitive). Might have a look at this though.. I just want shit to work these days, don't GAF if it's new or shiny.

Millions of smart meters will brick it when 2G and 3G turns off

TonyHoyle

Re: Only as "smart" as the dumbest link

Go back to the ombudsman.

They can only back bill you for 12 months, not 8 years.. Those are the Ofcom rules. Anything they failed to bill you from before then is their problem.

TonyHoyle

Re: No corruption here.

> Before a smart meter was installed here, the meter reader came by twice a year and it was mandatory that he physically laid eyes on the meter at least once a year (or you'd have to reschedule a visit at a > time that suits you at your own expense).

It's still a requirement that a meter reader physically sees the meter once a year, even if you have a smart meter.

TonyHoyle

Re: Imagine the meetings

They are separate comms units but SOP for any meter issue is to replace the entire thing.

One of the fitters told me that if they lose access to the comms network for over 24 hours they brick and have to be replaced. That may or may not be true but I went through 6 of them before they fitted one that worked..

The other issues is the comms units are specific to the brand of meter, and there are, well, I know there are at least 6.. how many more I couldn't tell.

Luckily here in the north it's not a mobile phone network but a dedicated one operated by arquiva, so there's no issue with 2G.

Take Windows 11... please. Leaks confirm low numbers for Microsoft's latest OS

TonyHoyle

Re: Maybe it's the installer

The double step right click is a PITA.. it annoys me more than a feature so minor really should - probably because I do a lot of right clicking. I lasted less than a day on win11 before rolling back due to that. It's just so pointless.. it worked before, why change it?

Other things like the ads in the start menu I'm sure you can switch off, but staying on 10 means you don't have to.

Three signs that Wayland is becoming the favored way to get a GUI on Linux

TonyHoyle

Windows isn't a good example as it's implementation is stupid.. there are about 3 of them that yield different results, and they have to be be implemented by the apps.. a proper dpi scaler would be done at the OS layer not forcing apps to implement it.

The result is that some apps do it right, some half do it, and some not at all. If you're developing and you pull in a library it may or may not be hidpi compatible and even if it is it might use a different method so not be in sync with your app, leading to bug reports and annoyances for users.

A better example is mobile where the UI system was written to scale from the ground up and you largely don't have to think about it.

Core-JS chief complains open source is broken, no one will pay for it

TonyHoyle

Re: Read this yesterday

To a manager free = worthless. I had to learn that the hard way when I was younger. Used to do free work for charities.. Literally had one suddenly blank me and say they were going to 'hire a professional'. Like lady, this is my day job, you should have been paying about £1k a day for that work.

These days I've no problem submitting bug fixes for OSS projects but beyond that, cash or GTFO.

I really do sympathise with the guy, but he needs to walk away and start making some real money.. he doesn't owe those companies anything. So it'll break? That's on them.

Smart ovens do really dumb stuff to check for Wi-Fi

TonyHoyle

Re: "Smart TVs" just as bad

I installed an IOT alarm add-on board.. basically just an.overpriced esp32 board with some voltage conversion.. I'd naively thought it would be more than that.

When I looked at DNS logging some time later it was responsible for over 70% of the DNS queries for the entire house. There were bursts of it asking for the same website address multiple times per second.

Of course the onboard software was completely proprietary and couldn't easily be updated, so that ended up.in waste.

TonyHoyle

If it's like our air fryer it's to remind you to unplug it. It does the same thing.. beeps about once every 5 minutes until switched off, whether there's food in it or not.

Crazy decision by the manufacturer as it has a perfectly serviceable off button and has WiFi connectivity that is supposed to let you switch it on remotely - which is obviously impossible as it's kept unplugged..

A brand new Linux DRM display driver – for a 1992 computer

TonyHoyle

Re: Good.

These days there are ROM and SD card loaders for almost everything, or you can drop a gotek in for floppy emulation. The files were so small by comparison to today's storage you can easily have an SD with everything ever released.

TonyHoyle

Re: Good.

The ST was made to a budget and it's sound and graphics were on a par with previous 8 bit machines (the ST had a high resolution monochrome option but that locked out all the other modes and the monitor was expensive).

What it had going for it was the 68000 and GEM (which for the time was pretty cutting edge). And it was cheap - hence it was an ST not an Amiga under the tree that year

The STE and later Falcon fixed a lot of the issues by adding more colours, a blitter and better sound.. but it was too late, because by the time they appeared they were competing directly with the now lower priced Amiga.

Good news: Japanese boffins 3D print what looks like marbled Wagyu beef. Bad news: It's tiny and inedible

TonyHoyle

Re: Science Ahoy

Indeed there doesn't seem to be much progress except in price.. when I first heard of it it was $1m an ounce.. now it's somewhat cheaper.. but they still haven't made anything close to a single edible joint of meat.

We're a million miles away from a commercial process that can produce thousands of tonnes of the stuff for very little money with a low carbon footprint (which is surely the point).

ZX Spectrum reboot promising – steady now – 28MHz of sizzling Speccy speed now boasts improved Wi-Fi

TonyHoyle

Re: i've chipped in

It's not emulation.. it's a real spectrum designed by Rick Dickinson, the designer of the original Spectrum.

You can plug spectrum hardware in there, like an interface 1, and it'll work.

If an FPGA is defined as emulation, then the original spectrum was one too as it had a ULA at its heart (and the +2, +3 various different gate arrays). The only difference is the modern chips are programmable.

UK finds itself almost alone with centralized virus contact-tracing app that probably won't work well, asks for your location, may be illegal

TonyHoyle

Re: And what about the people ...

The government is setting up a separate system for those without smartphones - NHS 119 - although how calling a number is going to manage contact tracing I've no idea.. but I guess calling it if you have symptoms allows them to track the spread.

5G signals won't make men infertile, sighs UK ad watchdog as it bans bonkers scary poster

TonyHoyle

I used to volunteer for a festival. The noise complaints would start coming in during the build week, before there was anything on site capable of making said noise.

The D in Systemd is for Directories: Poettering says his creation will phone /home in future

TonyHoyle

Re: I must be an edge case

An amusing thought is if they require login to decrypt the user directory then systemd user services are fubar.. and they're even semi useful for some things. So lennart is breaking his own stuff.

TonyHoyle

Re: SSH NOT a problem

Stick it in LDAP and have SSSD pick it up. It's as secure as your LDAP/Kerberos installation.

As long as there's fibre somewhere along the line, High Court judge reckons it's fine to flog it as 'fibre' broadband

TonyHoyle

56k Dialup can now be sold as fibre broadband, So can my mobile phone contract.

It's hard to get any kind of connectivity without fibre being involved somewhere.

Prince Harry takes a stand against poverty, injustice, inequality? Er, no, Fortnite

TonyHoyle

Re: Thanks Harry

Funny thing about that is scaled up it's basically how the EU presidency works..

We were in line to be the 'executive officer of the week' but decided to brexit instead :p

Why millions of Brits' mobile phones were knackered on Thursday: An expired Ericsson software certificate

TonyHoyle

Re: Oops

I tend to find companies with that mindset are complete shitshows.. they waste more money trying to be cheap than they ever save.

Then they go bust when all their cheap stuff breaks, and they're surprised.

Total Inability To Support User Phones: O2 fries, burning data for 32 million Brits

TonyHoyle

So either:

The third party suppliers, large enough to supply a company the size of O2 with significant infrastructure, doesn't roll out new updates to a test network first and doesn't have a rollback procedure in the case of emergency, in which case O2 picked an incompetent supplier.

Or O2 doesn't have the above (and they should, even if the supplier already does it.. you never trust new builds until you've validated them internally), and they're incompetent.

Well, this makes scents: Kotlin code quality smells better than Java

TonyHoyle

It's a better programming language overall. Developed by Jetbrains who know what programmers want out of a language (they also developed the IDE for it). It supports multiple programming styles & the community has built up around it like that.. for example if you're into functional programming, go for it, if you prefer OO, that's fine too.

OTOH it provides you with more than enough tools to shoot yourself in the foot with both barrels, reload then fire again. Which I predict plenty of people will do once it gets more popular.

ICANN't get no respect: Europe throws Whois privacy plan in the trash

TonyHoyle

Re: Local Expertise

Nominet simply don't list the address any more, just a statement that the address that they have on file is accurate.

This is all that's needed. GDPR allows sharing data for legal purposes so there's no loss to law enforcement, just spammers/domain harvesters.

Interestingly the RIPE database still contains this information, the argument I think being that the contacts for network blocks tend to be engineers in charge of them not individuals (plus they've implemented a right to have the data removed).

Time to ditch the front door key? Nest's new wireless smart lock is surprisingly convenient

TonyHoyle

It's clear from the information shown so far that these IOT locks aren't compatible at all with multipoint lock systems. Which means to install one you'd basically have to replace the door - to get worse security.

TonyHoyle

Re: Lock makers that you can trust?

This lock isn't compatible with modern doors like that - only old style wooden doors.

Not that this is likely to be a problem because google don't sell it in the UK or even appear to have any plans to (something that the register completely forgot to mention for some reason).

23,000 HTTPS certs will be axed in next 24 hours after private keys leak

TonyHoyle

https://twitter.com/Manawyrm/status/969230542578348033

Trustico execute commands typed into a URL as root.

The incompetence knows no bounds.

With any luck their currently down site will stay down permanently.

Nest's slick IoT burglar alarm catches crooks... while it eyes your wallet

TonyHoyle

Re: Nest's smartphone app really is the best

You'd be surprised - the alarm I ripped out when it broke is still a current model, was 3 years old when I disposed of it.

Not an IC on it.. all transistor based, so it was about 5 times the size it should be about 12" by 8".. I doubt the design has changed since the 1980s.

Replaced with an ESP8266 that does the same job in a 1.5 inch square piece of silicon (and gives me wireless status as well plus remote arming if I'm in wifi range).

TonyHoyle

Wait.. no connection to a siren? WTF is the point in an alarm you can only hear from *inside* the house?

I presume it has battery backup just not mentioned. It's trivial to add and would be bloody stupid without it..

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

TonyHoyle

Re: here's a vendor which is not vulnerable to either attack

It does that by not supporting speculative branching at all.

So it's merely too crap to run spectre..

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

TonyHoyle

Re: List of CPUs affected?

Presently it's assumed to be all intel CPUs, with newer ones (<2 years) having extra instructions that drop the hit on benchmarks to 'only' 30%.

Windows 7 is on extended support, so should get a patch, but that's up to microsoft.

Next-gen telco protocol Diameter has last-gen security – researchers

TonyHoyle

Re: Diameter

Technically it wasn't designed 'these days'. Diameter (RFC3588) dates from 2003. Which probably makes it dangerously modern by telco standards..

The UK's super duper 1,000mph car is being tested in Cornwall

TonyHoyle

Strap a couple of SRBs to the corolla and point it directly upwards. It'll easily get to 1000mph then shortly do the same journey in reverse.

Knock, knock? Oh, no one there? No problem, Amazon will let itself in via your IoT smart lock

TonyHoyle

Re: What could possibly go wrong?

The much simpler solution of a box with a lock for which the amazon bloke has the key (or combination) doesn't seem to have been considered.

But that wouldn't net amazon 250 quid plus 20 quid a month subscription fees.

WPA2 KRACK attack smacks Wi-Fi security: Fundamental crypto crapto

TonyHoyle

Yes you can theoretically mitigate it on the AP - it effectively turns into a DoS on the client, which is in many cases preferable to leaking information.

Aruba are the first I've heard to actually implement this if so (Unifi only fixed client mode).

TonyHoyle

Unless your ubiquiti hardware is a client you did nothing.

This is a client side vulnerability not AP side, and there's little that can be done on the AP to detect it (and unifi have said they currently aren't tackling that.

Too many people are installing AP updates and thing they've fixed it. Nope. You need to update every wireless client.

Page: