* Posts by AVee

149 publicly visible posts • joined 11 Aug 2011

Page:

Bill shock? The red ink of web services doesn’t come out of the blue

AVee

There are middle grounds, you can still rent physical machines for example. In that case hardware and infrastructure is not your problem. A lot also depends on what you are building, not all software is equal.

Personally I've decided that whatever we deploy needs to run on plain Debian. For now on cloud virtual machines (there's still room to scale those up). But it could easily be moved to either rented or owned physical machines if needed. I don't need a huge amount of nines, if disaster recovery takes an hour or two that's fine. I also don't have a big variation in load, so there is no gain from dynamic scaling. If you do need high availability, and/or you have peak loads over short periods you might be better of with a cloud solution. But my guess would be that a lot of people overestimate the benefits of cloud solutions (and underestimate the overhead they bring).

For password protection, dump LastPass for open source Bitwarden

AVee
Joke

Re: Someone else's computer

If you don't believe security by obscurity helps, just store your passwords by replying to this message.

OneCoin co-founder pleads guilty to $4 billion fraud

AVee

...and run.

Turns out talking the money was easy. But it seems only Ignatova got the second part right. This might suggest she did some proper planning for the running part. You never know, but I doubt they will ever find her.

India follows EU's example in requiring USB-C charging for smart devices

AVee

Re: Great

This applies to radio devices which are subject to certification before they are allowed to be sold anyway. So it should not be to hard to add a check for this into the process. But even if you don't, you can just wait for consumer complaints and act upon those. If you bring in thousands of devices you want to sell, but they get taken of the shelf before you sold half of them and get slapped with a fine, you'll learn your lesson pretty quickly.

On top of that, in the EU consumers will have a valid warranty claim if it turns out they bought a device which does not comply.

AVee

Re: Great

Why would you assume lawmakers would not consider those types of thing? The EU law does not just specify the physical connector. It actually specifies that chargers and devices should follow IEC 62680-1-2:2021, more commonly known as USB Power Delivery, which deals with all those issues. So should anything go wrong there this means either the charger or the device is not in compliance.

I'm assuming India will do the same, they can basically just copy the EU rules. Making sure those are the same will make life easier for manufactures as well.

UK forces Chinese-owned company to offload Newport Wafer Fab

AVee

Re: Nexperia BV to sell at least 86% of NNL

It's not about the knowledge (at least, that's not the most important part), that will leak out sooner or later anyway. It's about control and economic power.

Twitter is suffering from mad bro disease. Open thinking can build it back better

AVee
Holmes

Re: Judas

The problem with gerrymandering is not who is doing it, but the fact that it is possible in the first place. If you have a system designed to measure the will of the people, it should not be measuring where lines on the map are. Clearly the system is broken and needs to be fixed. Yet, everybody seems to be arguing about who is abusing it the most, without ever considering why the abuse is possible in the first place. I'm not going to deny the Republicans abuse gerrymandering, but I will say that there does not seem to be much effort to fix the core issue with the Democrats either. Could it be that both parties very much want to maintain the current status quo?

Chipmakers cripple products to dodge US China ban

AVee

Re: Precedent

In the short term maybe. But it will force China to develop their own solutions and innovate more. Why the US thinks China cannot develop what they have developed is beyond me. In 5 to 10 years the roles might well be reversed and China will be denying the west access to their superior tech.

Texas sues Google over alleged nonconsensual harvesting of biometric data

AVee

Re: Mr. Meseeks

It's all weasel words anyway. Of course they do not use the photos directly. But notice how they don't say they won't use the information they can gather from the photos, such as a relationship to certain people or presence in certain locations, to extend your profile (which they use for advertising). Nor did they say they won't use the face profiles gathered to analyze other images and thus collect even more information about you and everybody you happened to take pictures of.

Apple exec confirms iPhones will switch to USB-C because 'we have no choice'

AVee

Re: Thunderbolt 4?

As I understand it they need USB-C and compliance with USB-PD. That's all, so also supporting Thunderbolt 4 shouldn't be a problem. All this law cares about is the charging, not the data connection.

AVee

Re: The rationale is "[fewer] chargers

It pretty unfair to blame the EU for that, and when Apple does it is just disingenuous. The EU has been pushing for common chargers since 2009, well before Apple introduced Lightning connectors. And Apple was pretty much the only company not cooperating with the (at that time voluntary) rules. They could have conformed with the rest of the industry. They could have made lightning available for use as a common standard, instead of patenting it shut. But they chose to prioritize their own profit over the EU's desire to reduce waste. That's why all those Lightning cables exist and why the will now become obsolete, Apple did that knowingly and they can't blame anyone else for it.

From the start the EU has said they would prefer an industry driven standard and would only pass actual laws if that didn't happen. And it happened, all phones sold in the EU use USB-C these days, all the standards are publicly available. Except iPhones, I highly doubt this would have even become a law if it wasn't for Apple refusing to cooperate...

Twitter's most valuable users are ghosting the platform

AVee
Joke

Re: It’s toxic and it got nasty during the pandemic

I've got a method with which your country can reach even lower excess death rates in just two months. Absolutely guaranteed to work, mathematical certainty. It may violate several international conventions related to genocide, but that's a small price to pay for low excess deaths.

Business can't make staff submit to video surveillance, says court

AVee

Re: Good luck getting another job

1. No, it's a common question. One that appears in pretty much any job interview.

2. No, you can use what is said in the answer where reasonable.

3. No, being caught lying is an almost instant breach of trust (if the lie is relevant), but you are free to not answer a question.

You seem to be implying a few things as well:

1. Every employer will only hire people when they are certain they won't object to being filmed for 9 hours a day.

2. Every employer thinks employee's should not have any rights, even when the law and a judge say they do.

3. Every employer generally worries about being sued by their employees, like these aren't trivial cases which are dealt with swiftly and reasonable.

(4. The IT job market isn't such that employers will hire whoever they can get even if the above is all true.)

Based of that, I'm assuming you don't live in the Netherlands, probably not in the EU either. If the guy in the story actually has some skills (and there is no suggestion he hasn't) he will have no problem finding another job here in the Netherlands.

Foreign spies hijacking US mid-terms? FBI, CISA are cool as cucumbers about it

AVee

Actually, the first question is 'has it been significant'. If millions are voting you can actually afford a small error rate. This is why good old fashioned paper ballots worked just fine. Yes, there are some counting errors, spoiled ballots and probably some fraud to. But it's really difficult to commit fraud on a scale that is actually significant. You would have to run a pretty big operation, which is bound to be detected.

A district based first to the post system makes it more feasible, sometimes you can flip a district with a few votes. (So get a normal voting system, like in developed countries, if you are worried about that. It comes with several other advantages.)

Don't replace the people counting with computers all running the same code. And some central system where all the results are processed. And all that operated by just a handful of people. Suddenly fraud that actually has a significant impact on the outcome is feasible.

No, working in IT does not mean you can fix anything with a soldering iron

AVee

Personal warranty

Whenever people call me with issues like this I'll start by explaining to them how they are entitled to my unique no cure, no pay plan. If they are unsatisfied for any reason I'll return the full amount they paid, Yes, up to the full zero $CURRENCY.

And then I tell them there will be absolutely no liability beyond that...

In this specific case, I'd suggest just roughly soldering the wires to somewhere on the plug and then see what happens. Could be fun.

USB-C iPhone, anyone? EU finalizes charging standard rule

AVee

Re: One wonders...

As far as I can tell it is not. It is about chargers, so this it only ever applies to battery powered (mobile) devices. So it's not relevant to a Pi (or a router, printer, television, lawn mower, christmas lights, etc). Secondly, it's part of the Radio Equipment Directive which which limits it to device transmitting radio signals, so that excludes things like flashlights, (infrared) TV remotes, etc.

LinkedIn study suggests it's not your best pals who will help get you that next job

AVee

Re: LinkedIn concludes

Same here, and LinkedIn has no knowledge about how I found my jobs. But research now proves that people who use LinkedIn to to find jobs often use LinkedIn to find jobs.

The selection bias in this research is huge, that's the first problem. The second problem is the assumption that LinkedIn can properly determine which are strong and weak connections. You might interact with someone on a daily basis without LinkedIn knowing about it...

Open source databases: What are they and why do they matter?

AVee

Re: MariaDb and BSL

Firstly, if you install something from Raspbian repositories it is save to assume you can use it pretty much any way you want, they probably would not distribute something with restrictions like that. And if you want to be extra sure you can always use plain Debian, which is really strict about licenses.

Alternatively, you could consider using Postgresql instead. I run a Nextcloud instance with Postgresql on a low end VPS just fine. I have no reason to assume it won't also work fine on a Raspberry Pi.

Lenovo launches face-mounted monitor

AVee

Re: "get the feel of a larger screen"

According to LaptopMag they "support custom prescription lenses via an in-box attachable frame".

The picture they have indeed shows a lens between the eye and the display. Getting your own lens fitted will make it more expensive, but at least the option seems to be there.

Facebook settles Cambridge Analytica class action for undisclosed amount

AVee

I hate this habit of settling things or of court. There's good reasons why courts are public, at least these settlements should be public as well.

Oracle really does owe HPE $3b after Supreme Court snub

AVee

Re: First Amendment

It's probably worth it to Oracle too. Assuming you can get just 0.1% interest on that money postponing the payment by half a year will be worth 1.5 million. Lawyers are expensive, but just filing the appeal is probably cheaper.

And it will annoy HPE, that's probably worth something as well.

Boys outnumber girls 6 to 1 in UK compsci classes

AVee

This its just research, no one is alleging anything. So if you wander what exactly is being alleged, the answer is exactly nothing.

Moscow to issue HTTPS certs to Russian websites

AVee

Re: release the data once they figure out how to extract it, and hope that it informs Russians

when you can't tap to pay for a metro ride in Moscow, buy a ticket online to fly to Turkey, etc. Much easier than look past this bullshit and consider that, PERHAPS 'I live in a shitty country based on a shitty system run by scumbags'

You're not wrong there. However, if you can do all those things, doesn't that pretty much have the same effect? You know, bread and circuses.

Google says open source software should be more secure

AVee
Unhappy

And if they play their cards right they might even manage to make the government pay for (parts of) it. Win-win...

US watchdog pokes Facebook a second time: Meta faces fresh monopoly lawsuit

AVee

Re: Network effect at work

Regulation does not make it harder to compete. Bad regulation written by lobbyists does that.

Dev's PostgreSQL experiment probes possibility of zero-downtime schema migration

AVee
Facepalm

Re: In an ideal world…

Erm, it does do indices.... And it actually works by creating multiple schemas. You need to alter the search path in the application to look in those schema's for this to work.

Electric fastback fun: Now you can surf the web from the driving seat of your Polestar 2

AVee

Re: its not Chrome but would anyone really want Google embbedded system in their car?

"Unfortunately, it's a compulsory opt-in."

For the first few years that is, but at some point they will turn stuff off unless you pay a monthly fee. If you're lucky, they might also just pull the plug on those servers. That's going to be a real bummer trying to sell a car like that on the second hand market.

It's a shame really, the Polestar 2 is a really nice car imho. But an infotainment system that may stop working (or start invoicing) and surely tells Google exactly where you are is a bummer. Especially because you can really go and buy an different head unit to drop in there.

Munich mk2? Germany's Schleswig-Holstein plans to switch 25,000 PCs to LibreOffice

AVee

Re: uSwitch?

"In other words, you can't get any form of support from the developers, but you can pay someone for some help. That's pretty rubbish"

Huh? Because if you call Microsoft with a support question related to Office they will put you through to the developers who will then instantly release a hotfix to deal with your issue. I mean, that's what your paying for.

tz database community up in arms over proposals to merge certain time zones

AVee

Re: Do we need two timezone databases?

I see the political issues with the current proposal which basically drops Oslo and keeps Berlin (I even agree with that being wrong). I also understand the desire to reduce the number of zones because so many of them have been functionally the same for a long time now. To me it seems that both of those can be satisfied by having two databases. The database with the 'recent' zones could be created by just merging all zones which have been identical in the last 5 years. A strict rule like that should go a long way to avoid the politics. It would also leave the current database intact, with all history in there so nobody needs to feel left out.

But maybe I'm too optimistic about the politics involved, that's possible.

AVee

Do we need two timezone databases?

I kinda get what they want to do here, there are lots of 'different' timezones in tzdb which for a lot of purposes aren't different at all. I just recently had to write code handling just that. It was all about times in the future and needed to take time differences and daylight savings into account. And it simply was more complicated than needed because Europe/(Amsterdam/Berlin/Oslo/Paris/..) are considered different zones because things where different over 50 years ago. So I sure can see the case for merging zones which are identical right now.

However, I can also see how there are perfectly valid uses which do need the historical differences. So perhaps we need two databases, one that is complete with all history for people who need it, and one with just the current data (or maybe just the last 5 years or so) for people that only need to deal with recent and/or future dates and times.

If your head's not in the cloud, you're not in the right place

AVee

The complexity and scale of a proper corporate infrastructure isn't something you can knock up on a couple of Raspberry Pis and a gaming rig.

And why is that? One of the big issues with most software these days is the insane complexity of it. While some of it is unavoidable, a lot of it really isn't. A lot of complexity exists as a means for vendors to make money. Traditionally this was consultancy and training money. It changed a bit with cloud vendors as they sell computing cycles tied to specific 'services'. But they too have no interest in promoting simple solutions, that would just make you buy less of their stuff.

Not too long ago 'proper corporate infrastructure' involved complicated things like dual-socket servers with two single core CPU's both doing work at the same time. That gaming rig probably runs 8 cores and 16 threads. Even that Raspberry Pi has 4 cores. So if you can't knock it up on a gaming rig and a couple of Raspberry Pi's changes are there something wrong with the infrastructure in the first place. Some people are working at Netflix, Spotify, Facebook, etc serving 100's of millions of users, but the fast majority of corporate stuff simply hasn't got that scale.

ProtonMail deletes 'we don't log your IP' boast from website after French climate activist reportedly arrested

AVee

Re: Tor

I'd think that's bad advice in most cases.

If the police get an IP address from a mail provider which turns out to be a TOR exit they can track that back to where the connection originated. If the TOR exit is compromised they can see where you are going to some extend, but if you properly use https for everything that's not telling them to much. The exit node too cannot tell where the connection originated. So if the police is trying to figure out who you are they are pretty much stuck.

Now add the VPN. The police gets an IP address which points to a VPN provider. They get a warrant and the VPN provider tells them the original IP for that connection, the account used to log in, billing address and credit card used and other IP addresses used by that account. They ignore the IP address and go straight for the credit card holder. Not really an improvement I'd think.

On top of that the VPN provider is the exit same position as the exit node. They can sniff and monitor just as much. Assuming they don't seems pretty naive to me.

Slacking off? It used to be there was pretty much one place to chat with your fellow developers: IRC

AVee

Re: ew

Better still, if you use dbconfig in the Debian package it can create a database and database users during install, generate passwords and create the config file with database settings. That way you you can have a fully working system after install.

China sets goal of running single-stack IPv6 network by 2030, orders upgrade blitz

AVee
Meh

Still not there...

$ host -t AAAA theregister.com

theregister.com has no AAAA record

Everyone cites that 'bugs are 100x more expensive to fix in production' research, but the study might not even exist

AVee

Research like this is pretty useless anyway. With or without source, statements like "100x more expensive" are just as useful as saying "people are 5 feet 3 inches tall". You can argue about that being the correct average or not, but it certainly is wrong in the vast majority of cases.

AVee

Re: Fixing things long after they have gone live

Just today I fixed a bug. Customer called, told me he was getting an error when they did some specific thing. I pulled up the logs, found a exception, with a stacktrace containing file names and line numbers. Took a look at the code, made some trivial changes and 15 minutes after they called the fix was in production.

I promise you that this boosted our reputation more than not having the bug would have done. It can swing both ways.

Thing is, this was a trivial bug without real consequences. Not all bugs are the same. Not all software is the same, not even all components of a single piece of software are the same. There is a huge difference between say a print preview not working or salaries not being paid or a huge gaping security hole. Tests and review efforts should be directed accordingly.

Windows 11 still doesn't understand our complex lives – and it hurts

AVee
Joke

Re: A prayer for those forced to use Teams

A foot in both vamps?

Well, to each it's own I guess...

VMs were a fad fit for the Great Recession. Containers’ time has finally come

AVee

Re: No more managing operating systems and monolithic apps

"If for some reason said demoware needs some special runtime environment that can't be replicated on some simple bare-metal setup. Which is a red flag in and of itself."

This. There's more and more pieces of software popping up that is distributed as a docker image by default (or even only that way). To me that's generally a bad sign as it's suggests running the software is more complicated than just dropping the binaries on a server and launching them. And for most software it really shouldn't be more complicated than that. And if you are building microservices that should be even more true...

Right now all the software I'm building gets packaged as a debian package by the build server. From there it's trivial to automate deployment any way you like...

AVee

Re: Hmmmmm

If the kernel gives you all you need for the apps you want to run, why don't you just run them?

Don't get me wrong, there is a time and a place for containers. But an OS can just run multiple applications at the same time out of the box and often that's just all you need.

As Linux 5.12 released, Linus Torvalds warns next version will probably be rather large

AVee

Re: Nothing to see

"Why not" is indeed the correct question here. As long as there are people willing to maintain it properly it doesn't hurt anyone else. As soon as that stops and/or it starts causing issues for others it will probably be dropped pretty quickly.

Huawei could have snooped on the Dutch prime minister's phone calls thanks to KPN network core access

AVee

Re: To paraphrase

A report written by an outsourcing company known for their deep technical knowledge and integrity. Cap Gemini definitely would never write a report out of self-interest...

There's no place like GNOME: System 76 introduces COSMIC desktop GUI for its Pop!_OS Linux

AVee

Re: Why the fuck

Linux is for enthusiasts who have forgotten more about their operating system than I ever knew about mine.

True, I've forgotten an awful lot about Linux. Don't need it anymore, Linux has become terribly boring. I just install and get to work these days...

After years of dragging its feet, FCC finally starts tackling America's robocall scourge

AVee

Re: I am not sure if this is possible ...

My previous ISP had a function on their VOIP platform where you could block the number of the last call you received, even when the call was anonymous. Afaik this should be possible for any carrier as the originating number always gets send along with the call, just with a flag indicating it should be anonymous. So a carrier can block the number for you without ever telling you which number they blocked. Faked caller ids are still an issue though, it could lead to some interesting scenarios where you trick people in blocking a number they really don't want to block.

But specifically because the number is send along right to the last hop you actually could have enforcement against fake caller id's without losing the option to call anonymously.

Director, deputy director, CTO of Free Software Foundation quit after Stallman installation

AVee

Re: So what relevance

That, and it also has the hugely successful Hurd operation system...

Linus Torvalds worries kernel 5.12 might be ‘one of those releases’ that lands a tad late

AVee

Re: So what?

I use non-lts kernels, and I'm not bothered by a week delay either. Specifically because I use them I'd rather get them later but solid...

Dev creeped out after he fired up Ubuntu VM on Azure, was immediately approached by Canonical sales rep

AVee

Move to plain Debian, stick with it. Worked fine for me the last 15 years...

In Rust we trust: Shoring up Apache, ISRG ditches C, turns to wunderkind lang for new TLS crypto module

AVee

Re: But///but...this is routine programming

Don't blame the language for the failings of programmers.

Don't blame the car for the failings of the driver! Ban airbags and seat-belts!

Amazon CEO Jeff Bezos to step down this summer, AWS boss Andy Jassy to step up

AVee
WTF?

Advanced arrogance...

"We are firing on all cylinders, just as the world needs us to."

Because the entire world will plunge into chaos if anything where to happen to Amazon...

You like Jira that much? Atlassian goes full Service Management with platform, promises Service Desk is fine

AVee

Re: Atlassian all money, don't care.

The had an IPO, so they now only exist to make as much short term money as possible for the shareholders...

Tim Berners-Lee asks everyone to do new biz a Solid and let him have another crack at fixing the Web's privacy

AVee

Re: And if there is

Another route for mass adoption would be to get it integrated into consumer broadband routers. You have one anyway, and it's always connected as well. While I don't have an issue with running a Pi (or something silmilar) for most people it still will be a barrier.

Page: