* Posts by eldakka

2422 publicly visible posts • joined 23 Feb 2011

Google’s Gemini refuses to play Chess against the mighty Atari 2600 after realizing it can't match ancient console

eldakka

Re: Over-confidence

> Why is it that the LLMs give an impression of confidence at first contact, and only move on to something that appears more nuanced when their inevitable shortcomings are pointed out?

Following the same playbook as the Post Office was with the Horizon scandal. As was brought out in testimony with Paula Vennells regarding a meeting she had with the minister where her briefing notes followed the same pattern (my summary) -

1) only volunteer this set of information to the minister

2) if the minister presses, then you can admit this additional set of facts,

3) if the minister continues to push hard for more, then here is yet a 3rd set of facts you can present.

With the priceless addition that when the chair of the inquiry asked "why" this obfuscation/escalation process, Paula was literally speechless and unable to answer., and looked a complete fool.

A software-defined radio can derail a US train by slamming the brakes on remotely

eldakka

Re: FRED only

I think it's already been de-railed ...

Double-detonation supernova could explain why the universe is full of candles

eldakka

Re: oddly

Integral? Do we really need to bring Calculus into this?

eldakka
Headmaster

Re: oddly

's/neutron star/white dwarf/g'

eldakka

Re: oddly

> It is a white dwarf but identifies as a red dwarf.

You mnean a very short ginger?

Xlibre fork lights a fire under long-dormant X.org development

eldakka

Re: I still like the principle of X

> And maybe, FINALLY, a free fully functional X-Server for Windows, relatively easy to install.

Maybe I'm misunderstanding something, but there is a fuly functional free X-server for windows availabe via Cygwin.

Firefox is dead to me – and I'm not the only one who is fed up

eldakka

Re: Vivaldi

It does exactly what it's name implies, presents the tab list as a nested tree of tabs (e.g. like a directory tree in a file browser).

Tree Style Tab

eldakka

> Vivaldi technologies has about 60 employees to maintain and develop their entirely competent browser.

Sure, if you ignore the hundreds of developers who work on the upstream chromium engine they use.

eldakka

Re: Vivaldi

I used Vivaldi for a while when it first came out, but lack of Tree-Style-Tabs (TST) reverted me back to Firefox.

I tried requesting that Vivaldi implement TST-style tab systems, but in threads about it a Vivaldi dev would always demand a detailed explanation of why we (TST users) use TST and prefer it over the tab-grouping features.

Vivaldi are free to implement or not implement any feature, but as TST is a personal preference, I can't give a clear explanation of why or why not I prefer it over other mechanisms. And that's exactly what a personal preference is, something usually logically unexplainable, and the frequent demands for such explanation from its users who have that preference - and the un-substantiated defences that tab-groups were superior and we should be using that instead - drove me away from Vivaldi.

Ship abandoned off Alaska after electric cars on board catch fire

eldakka

Re: Since the Felicity Ace

> currently resides at the bottom of the Atlantic any "allegations" that its fire was started by an EV are pure speculation.

Car-carriers are designed in such a way that each deck can be isolated form other decks and within the decks are compartments to isolate parts of the deck. They carry CO2 with which to flood such isolated decks in the case of a fire (though not enough to flood all compartments, but several of them),

If the fire was from a hydro-carbon-based source, then isolating the compartment with the fire and the ones around it and flooding those with CO2 should put out the fire.

The fact that this tactic didn't work is pretty good evidence that the fire was a fire that produces its own oxygen, and the most likely source for that is an EV battery fire. Therefore it is less speculation and more deduction that it was caused by an EV fire.

Ukraine strikes Russian bomber-maker with hack attack

eldakka
Mushroom

Re: Thank goodness

> and we had not broken agreements on neutrality and NATO expansion.

The thing you are forgetting is that NATO didn't expand.

Those former eastern-block (and now after Russia's own actions the centuries-long neutral Sweden) countries were so afraid of Russia coming and doing exactly what they are doing in Ukraine to them that they begged NATO to accept them. NATO didn't expand. NATO didn't go to those countries and force them or even ask them to join NATO. No. Russia forced those countries to join NATO for their own self-preservation. All the countries who've joined NATO since 1991 have done so at their own request - no, near-on demands - they be let in, not NATO's.

And those countries were right. The 2 invasions of Ukraine in the last decade (the 2014 Russian annexation of Crimea and the 2022 war Russia started) along with the Russian invasion of Georgia in 2008 all demonstrate that beyond any reasonable doubt.

Only someone deluded or a paid shill would state otherwise.

Judge puts two-week pause on Trump's mass government layoffs

eldakka

Re: And when the government ignore the ruling ...

> A few minions inside for contempt of court? Harrison Fields called the judge's decision a "bogus order". That sounds contemptuous.

Contempt of court is just another court ruling, If they are ignoring other rulings, what makes you think they wouldn't ignore a contempt ruling?

The courts have no ability to enforce their decisions. They have no 'physical' arm to conduct enforcement. They rely on the DoJ for that 'physical' enforcement of theur rulings - to follow their rulings and order the various law-enforcement agencies (FBI, Marshall's, etc) to do the enforcing. So if the DoJ ignores their orders, there is nothing Judges can do to enforce them apart from issue yet more orders that will be ignored by the DoJ.

This is why it's all such a problem, in the end court rulings depend on the Executive Government Agencies to enforce any rulings. And if those agencies don't honour their constitutional duty to do so, there is nothing the courts can do about it in a physical sense.

UK Ministry of Defence is spending less with US biz, and more with Europeans

eldakka

Re: Logistics is the real killswitch

Saab has to get permission for FMS of the Gripen from the US as it stands today. So they are not unconditionally licensed.

Does the failure of the Gripen in Colombia foreshadow a shift in the United States' defense export strategy?

Things seemed to be going well for the Swedish single-engine fighter until a few weeks ago, when the new US administration of Donald Trump refused to grant Stockholm a re-export license for the General Electric F414 turbojet that powers the Swedish fighter, while Washington is now deploying a wealth of pressure and coercion to force Bogota to turn to the F-16V.

The JAS 39 Gripen Fighter Has 1 Problem It Never Saw Coming

Despite being a capable and cost-effective fighter, the Saab JAS 39 Gripen has faced limited export success, often losing competitions to US aircraft like the F-16 and F-35.

-This analysis, citing historical examples (a blocked Viggen sale to India) and recent lost bids (Slovakia, Bulgaria, Czechia), argues US influence significantly hinders Gripen sales.

...

“The pressure that the U.S. can bring to bear in these situations is just too much to overcome in many instances,” the same Saab spokesperson said. “We have more than one time seen that the final decision on the sale of a Gripen to an export customer is a decision that is made in Washington. They often get to decide whether or not we will be ‘allowed’ to make a deal with one nation or another. The nation actually buying the airplane gets out-voted.”

And many other similar articles.

eldakka

Re: Logistics is the real killswitch

I doubt that was ever feasible. Europe's total fast jet count is around 1,700, but roughly half of that is recent aircraft (inc a few F35), but it would never be feasible that Europe would order more than say 600-800 F35. Taiwan, Japan, Australia, Canada aren't going to take more than a few dozen (ignoring any possible cancellations). Not seeing a big queue of remaining countries available to pay the asking price. So I'm seeing total international sales at around 1,000.

Lockheed-Martin aren't idiots, they'd never have planned on 3,000 international sales. Whether the Pentagon were stupid enough is a different question.

While 3,000 was optimistic, that projection would have been based on replacing all of the following aircraft in various friendly countries airforces on a 1:1 basis:

  • Rafale
  • Typhoon
  • F-16
  • F-15
  • various MiG/Su models still in some ex-Soviet bloc NATO airforces
  • Various other older models that where wheezing into the 21st century

They were dreaming if they thought they'd get 1:1 replacements for many of those models, what with the capital and operational cost increases of the F-35, not to mention that as a 'uberfighter', surely you need less of them ? But of course the purveyor of the aircraft, Lockheed-Martin, would put the best 'spin' on it to get the tender.

Also note your estimation of "Taiwan, Japan, Australia, Canada aren't going to take more than a few dozen" is way off.

  • Japan: 147
  • Canada: 88
  • Australia: 72 (with options of increasing that to 100 - it's an ongoing debate)
  • South Korea: 85
  • Israel: 75
  • Taiwan: 0

That's 467 F-35s right there in non-EU countries, not "a few dozen" - before any cancellations take effect that is. But, TBH, Canada is the only 'question-mark' on whether they'll take the F-35, as the other countries on that list have already received at least half their orders, so it's unlikely any of them would back out now. Canada is the only one that hasn't received any F-35s at all, so they are in a position to cancel and go with something else. They (Canada) were seriously considering Gripen at one point, but if the cancellation is to avoid US equipment, Gripen would be off the list as that uses a licensed-built US GE F404/F414G engine. Of the serious gen 4.5+ non-Russia/China combat aircraft, only Eurofighter and Rafale have non-US engines AFAIK (RR/Eurojet and Snecma/Safran respectively).

eldakka
Mushroom

Using icon as a nuclear mushroom cloud as it seems fitting based on the subject not as the 'Eat This' the caption would suggest. ---->

A big dependency on a US arms firm are the Trident missiles that carry the UK regime's weapons of mass destruction. If they can no longer go back for servicing, then after a while, the PM would be down relying on Yodel to deliver them in the event of WWIII.
That isn't the only option.

They can - if the French are willing - buy French-made SLBM's and do the necessary retrofits to the upcoming Dreadnought-class to take the 'fatter' French SLBMs (Trident is a slimmer missile, and the Dreadnought's are designed to share the SLBM launch modules with the US's forthcoming Ohio replacements, therefore they'd need significant design modifications for the Frech SLBM).

Or they could - again if the French are willing - enter a joint development agreement with the French for the next generation of SLBM's so they can share the same platform.

Or they could develop their own SLBM, although that'd be the least favoured option as it is obviously the most expensive (as they have to foot the NRE's (i.e. RnD, design, testing, tooling) alone) and would probably take the longest amount of time, as they'd be developing an SLBM from scratch with no 'living-memory' skillset of having done so previously.

$16B health dept managed finances with single Excel spreadsheet. It hasn’t gone well

eldakka

Re: 20 district health boards

So you are saying they use TWO Excel spreadsheets to manage the NHS?

AMD looks to undercut Nvidia, win gamers' hearts with RX 9070 series

eldakka

Re: Reality

> I tried that. The NPC's sucked.

The PCs are even worse.

Einstein Probe finds two stars that have spent 40 million years taking turns eating each other

eldakka

Re: Disappointment

> I heard about some stars that emit a lethal jet of radiation through their poles when they go boom, and these were calculated to be lethal for over 1 million LY in the direction they happen to aim.

You are most likley referring to Gamma-Ray bursts (GRBs), but you are off by a couple orders of magnitude. A GRB would most likely have to be within 10,000 LY to be dangerous to the Earth, which basically limits it to having to be within our own galaxy. But since the the events casing GRBs are quite rare (estimated at between 1 in every 10k years and 1 in every 1million years in a galaxy our size) and the jets are tightly focused, you'd be pretty unlucky for a star within 10k LY to be pointing directly at our Solar system when it does go supernova.Which isn't to say it can't or won't, but it is extremely rare and is believed to have happened at least once in our past (4-5 billion years is a long time, long enough for incredibly rare events to have happened a time or 2 or three).

'Key kernel maintainers' still back Rust in the Linux kernel, despite the doubters

eldakka

Re: If I understand the logic, I understand the reasoning...

> Learning a new language is not that much of a biggie, compared to the technical expertise required to work on a kernel in the first place.

It is entirely unreasonable to demand that people who have worked for decades on a project in C, entirely unpaid, to go and learn Rust because some idealogue said so.

I'm really not sure why you are finding it hard to understand:

Rust in the kernel is not the problem of anyone else than the R4L developers.

It is not the responsibility of any maintainers outside the R4L project to assist with that or enable it in any way.

It is the responsibility of the R4L developers to make Rust work. No-one else. No other maintainer has any obligation or responsibility to assist the R4L project at all.

If the R4L developers want Rust in the kernel, then they need to make it work, not the C maintainers.

As I've seen it mentioned elsewhere, the R4L developers should have just sat down and written a Rust-first clone of the Linux kernel rather then trying to insert Rust into the Linux kernel. Otherewise, the only way I see the Linux kernel being migrated to Rust is when long-time maintainers retire/resign/die/lose interest and get replaced over time with developers who already understand both C and Rust when they come into the projects.

eldakka

Re: If I understand the logic, I understand the reasoning...

> The difference being? I mean, you can just recompile the Rust code to.

Why would a C developer have the Rust toolchain on their system to do such a recompile? They are C developers, not Rust developers.

Even if a C developer had such a toolchain installed, why would they know how to use it or diagnose (let alone fix) any errors it throw? They are C developers, not Rust developers so they don't have that knowledge.

They are C developers, what happens in Rust-land is none of their care. Apart from the fact that Rust developers are whining on social media about this and whinge that the C-devs that should care and they (the C-devs) need to be responsible to the Rust code, y'know, something the C-devs don't actually care about or have the skillset to do because they aren't - you guessed it - Rust developers.

It's just not their job to care about Rust (because for many of the devs, it's not a job).

'Maybe the problem is you' ... Linus Torvalds wades into Linux kernel Rust driver drama

eldakka

Re: Fair comment by Linus

It is not the case. The Rust folk are not trying to change ANYTHING in that API.

They are bindings to allow Rust to work with the C API as it is, and to be maintained by Rust devs.

The problem is that these Rust wrappers are being put into the kernel. Therefore if the C API developers change their C API that breaks the Rust wrappers, the kernel will fail to compile because another component in the kernel - the Rust wrappers - are broken now and won't compile. Therefore either the C API developers will have to fix the Rust wrappers themselves to allow a full kernel compilation, or take steps to exclude a part of the kernel - the Rust wrappers - from the kernel to allow their code to compile into the kernel.

And who will the Rust wrapper maintainers blame? They'll blame the C API developers for breaking the Rust wrappers.

DOGE geek with Treasury payment system access now quits amid racist tweet claims

eldakka
Trollface

Re: Possible issue.

> Miffed CIA folks may not appreciate these 'cost savings'.

And when the CIA is unhappy, bad things happen to those who make them unhappy (see JFK assassination)

eldakka

Re: nullllptr has been core dumped

> nullllptr has been core dumped

due to a seg-fault

A good kind of disorder: Boffins boost capacitor tech by disturbing dipoles

eldakka

Re: Breakdown?

> Of course! How else can you ensure the product breaks exactly a week after the guarantee runs out?

Luckily, depending on your jurisdiction, this may be irrelevant and you may still be covered, for example in Australia, according to the ACCC Broken but out of warranty? Your consumer guarantee rights may still apply (excerpt):

Common statements that may be misleading

Here are some statements to watch out for, and an explanation of what consumers’ rights are.

  • Your product is out of warranty, so we can only repair it for a fee.

This isn’t right. Consumer guarantees are automatic and are separate from any voluntary warranty, manufacturer’s warranty, or extended warranty. Consumer rights can last longer than warranty rights, and you can ask for a repair, refund or replacement after the warranty has expired.

  • No refunds under any circumstances.

This isn’t right. If your product has a major problem, under the consumer guarantees you have a right to choose a refund.

  • To be eligible for a refund, you must return the product within 10 days. Refunds are not available under any circumstances after this time.

This isn’t right. Businesses can’t apply a time limit on your rights to notify them or return a faulty product.

  • You will need to contact the manufacturer to have this issue resolved.

This isn’t right. As a first step you should contact the business that sold you the product to explain the problem. The business can’t refuse to help you by telling you to contact the manufacturer.

  • If you don’t buy the extended warranty, you’ll have no protection once the 12-month warranty expires.

This isn’t right. Consumer guarantees are separate from any warranties, and they may still apply after a warranty has expired.

  • We understand your concern that if you were made aware about this fault beforehand, you would not have purchased the product. We can offer you 50 per cent of the original purchase price as a goodwill gesture.

This isn’t right. If your product has a major problem, a refund should be the full amount you paid.

  • The damaged item must be returned in its original packaging to receive a refund.

This isn’t right. If your product is faulty, you don’t have to return the product in its original packaging to seek a refund.

  • We identified the screen is cracked on your product. The warranty doesn’t cover damaged screens, so we can’t help you today.

This isn’t right. Even if your voluntary warranty, manufacturer’s warranty, or extended warranty doesn’t cover the specific problem, it may still be covered under the consumer guarantees.

Sweden seizes cargo ship after another undersea cable hit in suspected sabotage

eldakka

Re: You know, bad weather can sink bad ships

> but a small shaped explosive charge on the hull, that is made to look like an internal bang is easy to do for some nations and fixes a lot of problems

I don't know what sort of magic shape-charged you are using to make the buckling of the hull due to the explosion occur in the opposite direction to the direction of blast, but I'd like some (i.e. making a blast on the outside if a hull buckle/bend the hull in an outward direction as if the explosion came from inside the hull).

OpenZFS 2.3 is here, with RAID expansion and faster dedup

eldakka

Re: Give ZFS another try

> My original question was whether I could keep the mountpoint online and data in-use throughout,

Your original post included other statements besides the specific question you asked, which seems to imply doing additional things that may be unnecessary:

"Every process of migration seems to need a manual copy of data (or snapshot) and a pool destroy/re-create,"

So I tried to be helpful to point out that some of those steps you listed as doing may not be necessary.

You can also rename a pool too if you want. if you've created a new pool and still want to just use the default mount points for consistency with the pool/dataset name, you can rename the pool once you've exported (or destroyed) the old one to the same name as the old one had.

But with respect to doing the whole thing live without even a minor hiccup in re-mounting, I do not know, but am not aware of being able to do so, however I am far from an expert in ZFS.

A better place to ask such questions would be on something like the level1tech forums where many 'enterprisey'-type people (e.g. Wendel from Leve1tech's) contribute,

eldakka

Re: Give ZFS another try

> and a pool destroy/re-create, which necessitates a short downtime to flip the replacement dataset to the desired mountpoint.

why do you need to do a destroy/re-create?

By default the mountpoint for a filesystem is inherited from the parent pool/filesystem (e.g. poolname tank, filesystems will by default inherit that and be mounted at /tank/<filesystem>/ ...), but you can always manually set (and change) a mountpoint for a filesystem.

So if you send from tank/mydata mounted at default /tank/mydata to new_tank (so be default mounted at /new_tank/mydata), you can change the mountpoinf of /new_tank/mydata to /tank/mydata:

zfs set mountpoint=/tank/mydata new_tank/mydata

The mountpoint doesn't need to be the same as the pool or filesystem name:

zfs set mountpoint=/data/fred/bob new_tank/mydata

Of course, you'll need to either take the old filesystem ofline first,

zfs unmount tank/data

Or unmount the new filesystem, specify the new mountpoint, then unmount the old and mount the new:

zfs unmount new_tank/mydata

zfs set mountpoint=/tank/mydata new_tank/mydata

zfs unmount tank/mydata

zfs mount new_tank/mydata #which will now be mounted at /tank/mydata

Note however, if you already have manually set the mountpoint on a filesystem, doing a zfs send/receive of all properties will also apply that mountpoint name to the new copy (the target of the receive), but in that case if it's on the same host you probably weant to use a 'zfs receive -u' to prevent the destination filesystem from being mounted pre-maturely if the source filesystem is still mounted.

How to leave the submarine cable cutters all at sea – go Swedish

eldakka

Re: Practice what you preach?

> There isn't really any need for clarity. It has long been the case that vessels damaging cables or pipelines are responsible for the damage.

There is.

It doesn't matter whether something is against the law or the law assigns responsibility if there are no consequences or the law isn't enforced. Which is what's been happening in the Batlic - lack of enforcement and thus lack of consequences.

The current activities of the various navies in the Baltic is telegraphing - i.e. clarifying - that (maybe) they are starting to take it seriously and may begin enforcing the laws and meteing out the consequences of breaking the laws.

The first step in doing that is to make sure there is sufficient monitoring being undertaken to accurately determine who is breaking the law. With lax monitoring it is easy to get away with breaking the law since it can't be pinned on the perpertrator. So first step is to up the game in the monitoring and detection of the crime and the perpertrators of the crime.

Second step is having the ability to detain the alleged perpetrators by having the necessary assets to enforce a detainment in a legal fashion, i.e. while they are still in your territorial waters and prevent them from fleeing into international waters before they can be deatined. If you have no or few assests available to intercept the alleged perpetrators, then again, that's lax enforcement and thus consequence-free sabotage.

The first two steps are what's going on with these naval asset positionings.

The final step would be to prosecute and punish the perpetrators, which it seems that Finland is taking seriously at the moment.

Therefore the current activities are 'clarifying' the stance of the NATO partners to the Russians and anyone else that wants to sabotage the undersea infrastructure that they do now take such sabotage seriously and are intent on enforcing the laws and punishments around such activities in the Baltic.

SpaceX will try satellite deployment on next Starship test

eldakka

Re: Important

It's also much closer to Earth in terms of flight-time (as opposed to delta-v, I believe the delta-v for Mars isn't a lot larger than for the moon). Therefore it'd be easier to set up research bases on the moon (in the vein of Antartic research stations) with personnel rotations to build up experience with operating for extended periods on foreign bodies. If there are problems, help is only a few days flight-time away (plus whatever the launch-prep time is) rather than the 9+ months away it'd be on Mars.

So I do think the moon is a reasonable goal from a 'training grounds' perspective.

How the OS/2 flop went on to shape modern software

eldakka

Re: Developers! Developers! Developers!

I disagree.

People said the same about WINE 25 years ago. If Linux could run Windows apps there'd be no market for native ones.

Well, it's done all right, and now Microsoft offers Linux apps.

I think there's a significant difference here. O/S2 was a commercial app that the developers had to be able to justify to accounting to get funding for development. If the O/S or app didn't have the revenue to satisfy the bean-counters, things stagnated or were just dropped entirely.

WINE and Linux didn't have this problem. It could weather the lack of use/revenue/bugs/drawn-out dev time for decades until it was actually useable/mainstream since there was no revenue/profit driver.

Will passkeys ever replace passwords? Can they?

eldakka

Re: Lose your device, lose your access

> one reason to have a personal domain

I've thought of doing this multiple times over the years. But I can't get past the fact that it's not 'your' domain. It's a rental. And you can lose access to it in multiple ways, forget to re-register, someone hacks your account at the domain registrar, an unscrupulous registrar just takes the domain and gives it to someone who bid more for it, the registrar jacks up renewals by 1000% to a price you can't (or won't) match, etc.

I really think you should be able to 'buy' a domain, and the only renewal fees are hosting fees if you don't have your own DNS servers.

eldakka

Re: Lose your device, lose your access

> You have 2 Yubikeys, you create passkeys on both.

Okkaaayyy, I have hundreds of accounts spread across decades of use, so having to double up on creating passkeys (1 for each device, so 2x#accounts) is a lot of onerous work,

> You lose one, you log in with the other, revoke the passkey on the lost one, and enrol a new passkey on a new Yubikey.

Excellent, do you have the complete list of all websites/services/accounts I've ever created an account on? I sure as hell don't for me to be able to go to them all and de-register the device.

> Or use two phones, or 2 Yubikeys, or something. Either way, it is a damn sight more secure than using a password.

Well, yes, but so is requiring physical attendance where appropriately cleared and vetted technicians and supply chain takes a sample of my blood and does an DNA anaylsis of it to to verify that the person who's physically shown up is the one who's DNA is stored on file - oh and that that file has never been tampered with and is the DNA record that was originally submitted. More secure != better, people have to be able to use it and actually want to use it.

And what happens if theres a fire at home so both the primary and secondary yubi-keys get burnt up? I guess you could have a fireproof safe for the secondary, but then you'd have to go digging it out all the time whenever you make a new account so you can use it and the primary to store the passkey. If you frequently have to retrieve it to register new accounts, you aren't going to want a time-consuming tumbler-lock safe, too much hassle. Maybe a safe that uses a key instead? Where are you going to store that key so someone doesn't just break in, find the key, unlock the safe and grab the yubikey? Maybe secure the safe with a passcode-type mechanism? Say it could work with a yubikey. Does this now mean you need a 3rd yubikey as you'll always want to have access to 2 to be able to unlick the safe to grab the 3rd - do you now use all 3 to create login credentials on every site?

> Oh and if you're using a Yubikey or phone you typically have to enter the PIN or use biometrics to unlock the key before any passkeys are available. So if you've lost it it's no use to anyone else either...

A rubber hose or phone book or, if the assailant doesn't care about being sublte, a bullet to the knee, can sort that problem (although, to be fair, that'd sort the problem of just getting a specific password out of the individual anyway).

Now don't get my wrong, I think 'passkeys' (or as I see them: ssh key-pairs but unique to each end-point rather than pushing out he same public key to multiple end-points) are a good idea and devices like yubi-keys etc. But they introduce their own complexities that are perfectly fine for someone like me - a sysadmin who's been using ssh public/private keys for decades so is perfectly familiar with the concept - but it could be an extra level of complexity for the average person. Ad my ssh-key use is mostly for work purposes, so I'm perfectly happy with work having copies of my private and public keys that I use for work puproses in terms of having them backed up, or being replicated to any host I login to automatically, or even a 'break-the-glass'-style system where cyber securty can invoke an emergency function that gives them access to all stored passwords in an emergency (with things like auditing where notices go out that this has happened and so-on) or another admin being able to login to a host and as root copy my new public key to my account and so on, But I don't have that type of admin-support mechanism at home with my personal accounts, such as account-based private key replication so that it's "just there" therefore I can't rely on that support for.

But I don't think passkeys and yubikeys will ever be a general solution for the general populace for security. Sure, for specific high-security populations (government employess for work, politicians, CEOs, really rich people, etc.) or for specific small-set high-security systems, like say bank accounts, but I don't see it ever being used for, for example, my TheRegister forums account, or random news commenting sites, etc. Hell, for those, password re-use is strong, because I honestly don't care if someone gets my credentials for a dozen forum/commenting sites, I prefer the convienience of being able to log into those sites in situations where it'd be onconvienient to use passkeys, e.g. my work computer. I have no way of getting personal passkeys onto my work computer easily (or legitmately, I'm sure I could get them on their if I tried by breaking all sorts of policies that could get me fired) , so while I can visit TheRegister from my work computer, unless I can remember and type in the password, I won't be able to login.

We told Post Office about system problems at the highest level, Fujitsu tells Horizon Inquiry

eldakka

Re: In defense of Gareth

> Gareth's evidence related to the specific scenarios mentioned in defense, he was not cross examined or asked about other defects : The UK courts rely on the adversarial principle if you don't cross examine, doubt is not considered. The judge could have asked questions, but it is likely they were peeved by the professional discourtesy of not engaging a barrister.

That only applies to a 'fact' witness, not an expert witness.

An expert witness - which is what Gareth Jenkins was presented as - produces a report and submits that report as part of their witness statement.

That report produced by an expert is required to be made on the basis of assisting the court, which means it is supposed to cover things like known issues, caveats, etc. It should have a discussoin about known issues and why they do or do not apply in this instance and so on. An expert witness is required to go far beyond just answering 'the question' like a fact witness would.

And that's the point with respect to Mr. Jenkins, that he was never properly advised of this 'extra' requirements an expert witness needs to perform.

Expert Evidence - The Crown Prosecution Service:

The Duty of an Expert Witness

The duty of an expert witness is to help the court to achieve the overriding objective by giving opinion which is objective and unbiased, in relation to matters within their expertise. This is a duty that is owed to the court and overrides any obligation to the party from whom the expert is receiving instructions - see Criminal Procedure Rules 2020 Part 19. (CrimPR 19.

CrimPR 19.2(3)(d) also obliges all experts to disclose to the party instructing them anything (of which the expert is aware) that might reasonably be thought capable of undermining the expert’s opinion or detracting from their credibility or impartiality.

...

3. The expert is impartial

The expert must be able to provide impartial, unbiased, objective evidence on the matters within their field of expertise. This is reinforced by Rule 19.2 of the Criminal Procedure Rules which provides that an expert has an overriding duty to give opinion evidence which is objective and unbiased.

...

4. The expert's evidence is reliable

There should be a sufficiently reliable scientific basis for the expert evidence, or it must be part of a body of knowledge or experience which is sufficiently organised or recognised to be accepted as a reliable body of knowledge or experience.

The reliability of the opinion evidence will also take into account the methods used in reaching that opinion, such as validated laboratory techniques and technologies, and whether those processes are recognised as providing a sufficient scientific basis upon which the expert's conclusions can be reached. The expert must provide the court with the necessary scientific criteria against which to judge their conclusions.

In satisfying itself that there is a sufficiently reliable basis for expert evidence to be admitted, the court will be expected to have regard to Criminal Practice Directions 2023 at 7.1.2which states:

"7.1.2Factors which the court may take into account in determining the reliability of expert opinion, and especially of expert scientific opinion, include:

the extent and quality of the data on which the expert’s opinion is based, and the validity of the methods by which they were obtained;

the validity of the methodology employed by the expert;

if the expert’s opinion relies on an inference from any findings, whether the opinion properly explains how safe or unsafe the inference is (whether by reference to statistical significance or in other appropriate terms);

if the expert’s opinion relies on the results of the use of any method (for instance, a test, measurement or survey), whether the opinion takes proper account of matters, such as the degree of precision or margin of uncertainty, affecting the accuracy or reliability of those results;

the extent to which any material upon which the expert's opinion is based has been reviewed by others with relevant expertise (for instance, in peer- reviewed publications), and the views of those others on that material;

the extent to which the expert's opinion is based on material falling outside the expert's own field of expertise;

the completeness of the information which was available to the expert, and whether the expert took account of all relevant information in arriving at the opinion (including information as to the context of any facts to which the opinion relates);

if there is a range of expert opinion on the matter in question, where in the range the expert's own opinion lies and whether the expert's preference has been properly explained; and

whether the expert's methods followed established practice in the field and, if they did not, whether the reason for the divergence has been properly explained.

"7.1.3: In addition, in considering reliability, and especially the reliability of expert scientific opinion, the court must be astute to identify potential flaws in such opinion which detract from its reliability, such as:

being based on a hypothesis which has not been subjected to sufficient scrutiny (including, where appropriate, experimental or other testing), or which has failed to stand up to scrutiny;

being based on an unjustifiable assumption;

being based on flawed data;

relying on an examination, technique, method or process which was not properly carried out or applied, or was not appropriate for use in the particular case; or

relying on an inference or conclusion which has not been properly reached."

eldakka

Re: Time to produce the audit trail

> The legal status is that it is a Public Enquiry, not a Court of Law so no, it wouldn't be perjury.

It is a statutory enquiry that has the power to compel (summons) witnesses to give evidence under oath and if they refuse the summons they can be arrested (once a warrant is issued for contempt for not complying with the summons) and otherwise criminally prosecuted.

Witnesses to the enquiry take the same oath to tell the truth as witnesses in a trial do. The broadcast of the questioning includes the witness taking the oath to tell the truth, and in some cases - where the witness being called is already under suspicion of criminal activity or actively being investigated by the police (e.g. Gareth Jenkins (youtube video of his testimony) from Fujitsu is under investigation for perjury in the criminal trials that he gave evidence in) - after taking that oath the Char of the enquiry also reads the witness their rights regarding self-incrimination.

They absolutely can be prosecuted for perjury.

However, the specific statements being referred to here are closing statements by the Barristers (lawyers), who are not witnesses and thus are not under oath, as is true for legal counsel in a criminal or civil trial. This does not mean they are allowed to lie, they are under professional obligations that can result in them being dis-barred and/or otherwise sanctioned, but it is not perjury.

Microsoft won't let customers opt out of passkey push

eldakka

Re: That's not a problem with passkeys

> The only exception is within a smaller security domain - like if you lose access to your university resources if they have a way you can go to a physical office and present your official ID they can get back your lost access without opening things up to remote attack.

I think that's sorta the point, they want to become that single security domain for you and tie you into their system. They want you to use their, and only their, services for that single security domain. Passkeys are an enabler of lock-in.

Mr Intel leaving Intel is not a great sign... for Intel

eldakka

Re: Replicant Gelsinger

> nVidia's also in a weird personnel position in that so many of its staff were given company shares in years gone by that the place is full of millionaires now.

It might be 'weird', but it's not unique.

Several 70's/80's startups that made it big have been through the same thing. Microsoft is a prime example, there was a doco in the late 90's I think it was, and there was a woman in her 50's that was just boxing up Windows CDs/manuals in a production line who was a multi-millionaire because she'd been with Microsoft for nearly 20 years and her share options were worth millions, and this is a fairly menial job to have gained so many share options, imagine what high-level staff would have.

These are the 'exception' stories that make people work for fuck-all at startups hoping their startup is going to be one of these exceptions. Like where people say "Mark Zuckerberg dropped out of college and became a billionaire, so I'm going to dropout too". Sure, but the Zuckerbergs are a 1 in 10million dropouts, most of the rest are still waiting tables (obviously of course some did well if not quite hugely rich, but again the ones who did really well are the 1 in 100k dropouts).

Mystery border control outage causes misery at Malaysia/Singapore frontier

eldakka
Coat

If this were a US scandal, we'd cal it 'Gategate'

And if it was British we'd call it Gatey McGateFace!

(Or maybe just 'Tuesday').

Employee sues Apple over 'spying' claims tied to mandatory devices

eldakka
Angel

I think

Quite why Bhakta chose to bring this lawsuit after four years with the iBiz – and after presumably reading and agreeing to his employment contract – isn't clear. He remains employed by Apple.
is answered 2 paragraphs down
A similar case [PDF] against Google, filed in the same court, led to a $27 million settlement last year, split between staff and the state. This latest case could potentially prove similarly lucrative if successful.

The US government wants developers to stop using C and C++

eldakka
Joke

> post script: I'd recommend you switch to "GO"; it is simple to learn and easy to use - even the old guys in our shop like it!!!

I don't want to go to Go because my lecturers always banged on about how go to's are bad.

eldakka
Unhappy

Re: It's not the language, it's just the way it's "talking"

> Basically I don't see the language as the problem,

Amen.

As a Java Application Server administrator of hundreds of appservers and thousands of JVMs, I can tell you our single biggest root-cause of incidents are memory leaks. Because the devs don't have to micromanage memory, they get lazy and expect the garbage collector to clean up memory, which it does if the developers remove all references to the memory in question. But often they don't. We have cases where we have to schedule pro-active restarts of JVMs (often after already increasing the heapsize significantly to extend the time it takes to fill the heap) to prevent the heap filling up on weekly, sometimes daily and in a few cases hourly restarts of the JVMs. The hourly and daily ones are usually temporary until they fix the code, but in some cases we've had some applications requiring weekly JVM restarts for years.

SpaceX plans next Starship flight just days from now

eldakka

Re: FAA to be rejigged?

Most federal agencies like FAA, FTC, FCC, DEA, ATF, EPA and so on do draft (synonymns: formulate, plan, outline, propose, deliniate) federal laws.

Those drafts are then sent to a friendly congresscritter (assuming they were't actually asked to draft the laws in which case the congresscritter/committee who asked for a draft would sponsor it) who sponsors the draft legislation into the appropriate sub-committee who then asses the draft and either reject it, ask for changes, or endorse it to come out of committee to be put to the floor for a vote.

Anyone in the world, doesn't even have to be a US Citizen, could 'draft' federal laws. That doesn't mean they are federal laws. And most likley no congresscritter would give them the time of day let alone sponsor it.

Actual congresscritters rarely draft laws, they either come up with general ideas that they pass onto someone else to do the actual law drafting - federal agencies whose are of expertise it is, or staffers, or vested interests (e.g. thinktanks, societies, foundations, industry groups, actual industries) - or those other parties come to them with proposed - i.e. draft - laws, and they sponsor them (most likely not even understanding the draft, the level of understanding required is inversely proportional to the size of the donations or perks or promised future empolyment opportunities) into the appropriate sub-committee.

It's about time Intel, AMD dropped x86 games and turned to the real threat

eldakka

Re: "amid growing adoption of competing architectures"

> They can always license the ARM architecture and get into the game at any time

AMD already has an ARM license. They were developing an ARM CPU, K12, , but due to their precarious financial position in 2014, when they basically went all-in on developing Zen, putting everything else on the backburner including the K12, it disappeared from their roadmaps.

Bandai Namco reportedly tries to bore staff into quitting, skirting Japan’s labor laws

eldakka

Re: Just not with a Ubisoft game?

> If, for example, these people used to work in an office and were allowed to go remote during the pandemic, then their contracts may specify the office. As long as that office is still available, not only is that not an intolerable change, from a legal perspective it's not a change at all. I've known many people who want things they don't like to be illegal,

IANAL, but I believe that is not totally true.

The in-practice performance of a contract can be considered in enforcing it, the behaviour of the parties to the contract.

For example, if a contract has a penalty clause (every time you fail to deliver 10 widgets on time you pay a $100 penalty), if the party who can enforce that penalty clause don't enforce it for a long period of time, then it can be ruled as unenforceable going forward due to the fact that the parties involved got 'used' to that being how the contract terms were being (or not being) enforced. "Specific performance"? I think it's called? Something like that. Where the parties get used to specific performance applied to the contract, therefore that becomes the fact of the contract going forward rather than the clause that was never enforced.

It obviously requires some extended period of time for that to come into effect, whether 3? 4? years is long enough I don't know. But it is not always the case that "the contract says this, you have to do this" if it can be shown by the actions of the parties involved that no-one ever expected that to be enforced so that becomes the specific performance of the contract.

Edited to add: I just did a quick seach and the term I'm looking for is definitely not "Specific performance", that's the exact opposite, forcing the party to comply with the terms!

eldakka
Pint

Nice.

Time to party (or game) all night and catch up on sleep at the office ...

Canon ships first nanoimprint chipmaking machine to R&D lab

eldakka

> Ok, someone's got to ask... How are they making the "mould" with 14nm features?

Electron-beam lithography

The primary advantage of electron-beam lithography is that it can draw custom patterns (direct-write) with sub-10 nm resolution. This form of maskless lithography has high resolution but low throughput, limiting its usage to photomask fabrication, low-volume production of semiconductor devices, and research and development.

eldakka
Boffin

Some of your questions answered

Several posters have posed questions/made comments about this process, most of these are answered in the Asianometry Youtube channel's video on this, A Deep Dive Into Canon’s Nanoimprint Lithography.

Torvalds weighs in on 'nasty' Rust vs C for Linux debate

eldakka

> "Requiring", "responsibility" -- this is the language of formal contracts. It's not the right thing within a single project which progress with social norms.

Well, the Rust evangelists seem to be requiring that sort of requirement on the C-developers to support their efforts. "We must have Rust, and you must maintain the comaptability layer with Rust".

The C-developers have no obligation to maintain compatible interfaces with someone's pet project (which is all the 'Rust in the kernel' is right now).

eldakka

Re: vi vs emacs?

> it's insane that I have to install nano just to edit a damn configuration file.

That's the whole point.

The only editor that is pretty-much guaranteed to be on every unix-like install, whether a server 30 year-old SunOS, a 20-year old Solaris, 40-year old AIX, current gen Linux or AIX or whatever, a full-on user environment or a sparse terminal-only (ssh) command line, vi is likely to be there.

Vi/Vim etc. aren't better (or worse) than other editors, they are the ones that are there.

Therefore basic ability to use vi means if you need to update/edit/create a configuration file on some random box you've ssh'ed into, then you can just get on about and do it, rather than having to install nano (assuming you even have the permissions to do so, you very well might not because of either change control or you just don't have root and are doing non-root administration tasks) or whatever just to create a 30-line script or update a couple values in a conf file of some sort.

The best tool for a job is the one you have. And Vi is pretty much the lowest common denominator (well, ok, maybe that'd be ed) text editor.

eldakka

Rust people have stated many times that if anyone needs to make changes to interfaces impacting Rust bits they're happy to be involved and help everywhere they can.
But that's the problem.

It should be that they are required to do the work in to maintain the interfaces. Not to 'help' wherever they 'can'. The wording you said is very wishy-washy and doesn't commit, doesn't put the responsibility on the Rust devs to do any work at all on the interfaces, It's aspirational wording, not binding commitment wording. it just devolves to pushing the responsibility back on the C-developers to maintain the interfaces with the Rust devs choosing whether or not they will assist.

Atlassian softens its cloud-first approach for remaining on-prem customers

eldakka

I work for an Australian org with about 20k seats.

We have on-prem Confluence and Bitbucket.

Well, until we complete our migration to Azure that is, which was entirely in response to Atlassian's forced migration to their cloud. Our organisation took the attitude that, since we are being forced into cloud anyway for wiki/GIT, we may as well do that migration into a cloud provider we already have substantial business with anyway. I mean, the only Atlassian business we had was on-prem wiki/GIT, while we have other substantial Microsoft business with Windows, already moving some customer-service workloads to Azure hybrid/private cloud, outlook, teams, probably heading to O365 as well. And it's a lot easier to migrate wiki/GIT to a different provider (Azure) then it would be to migrate all the other Micrososft-provided services to Atlassian.

I don't like Microsoft (I originally came to the Register to follow the MS anti-trust trial of the late 90's), I'm an open source/Unix/Linux (I was a Solaris admin on Sun SPARC machines in the 90's/early 2k's), enthusiast. But even I, a die-hard anti-MS person, and my preferences to 'buy Austraian' where it makes sense, couldnt argue in the face of Atlassian's customer-hostile position against this migration with a straight face.

Atlasian, at least where my 20k seat organsiation is concerned, cut their own throat.

Fuck Atlassian for forcing me to use more MS products.

(although I have a feeling a lot of open source wiki's are goint to start popping up around our org as IT teams roll their own wiki's rather than go to Sharepoint or other MS products)