Posts by Richard Lloyd

I'll stick with my alt-net ISP...

I just switched to a 900 Mbit/sec download/upload plan on my alt-net ISP and they gave me it for £27 a month on an 18-month fixed price contract (and have just sent me a new router which includes some 2.5 Gbps ports). They also do a 2300 Mbit/sec plan for £50 a month, but I doubt I'd need that sort of bandwidth for a very long time. It didn't help that BT Openreach and Virgin Media ignored my town w.r.t. "full fibre" for long enough that an alt-net was the first to offer it (and at much better prices than BT or Virgin).

Yep, card view is a bug...

The switch to card view for existing table view users when they upgrade to version 139 is actually a bug:

https://bugzilla.mozilla.org/show_bug.cgi?id=1968963

I suspect the vast majority of existing Thunderbird users have never used card view - it seems to be a much less efficient use of space than table view to me - I like having one line per e-mail in my message list - any other format doesn't make logical sense to me or to most people I suspect.

I like my M7...

I bought the M8 predecessor (yes, the M7) shortly before the M8 was announced - Samsung had multiple discounts (and a free pair of bluetooth headphones) so I got it new from them directly for £187, which is a great price even for a "dumb" 32" 4K monitor. The M8's pricing is a joke by comparison - £699 and all they've done is throw in a Webcam and not allow you to buy it in black (which my M7 is).

Ignoring the smart apps/Office 365 stuff (which I never use because a PC is attached, duh!), the M7/M8 have wi-fi, bluetooth, 65W PD charging (one £4 USB cable got it nicely charging my Steam Deck while the monitor is on) and a remote control (every monitor should have one for the monitor UI and turning it off/on). One cute thing the monitor did is check for a firmware update for itself, prompt for it and download/install it once you confirmed with the remote - does your monitor do that?

At £200-£250, the M8 would be an absolute no-brainer, but at £700, there'll be very few takers. I do wish my M7 had better speakers though - looks like the M8 did bugger all to improve one of the weakest points of the M7.

Works with Linux...

This model is actually certified by Lenovo to have Ubuntu 20.04 pre-installed, but if you are considering installing Linux "after the fact", then this Reddit thread should be your first port of call (yep, from over 200 days ago - is the UK the last country to get this model?!):

https://www.reddit.com/r/thinkpad/comments/ht6sey/in_depth_review_with_all_my_thoughts_t14s_amd/

TL:DR - make sure your kernel and firmware are as up to date as possible (which ironically may mean avoiding LTS releases that Lenovo have certified!) and you should be good to go.

Linux...

A bit surprised that the article failed to mention that in the US, this model can come pre-installed with Fedora or Ubuntu Linux. Lenovo have said they are planning a worldwide rollout of Linux laptops, so the option may appear on the UK Lenovo site sometime in 2021. This is pretty big news because up until now, the well-hidden-on-their-site Dell XPS 13 has been the only major international OEM laptop to pre-install Linux. Example URL:

https://www.lenovo.com/us/en/laptops/thinkpad/thinkpad-x1/X1-Carbon-Gen-8-/p/20U9CTO1WWENUS2/customize

Nice CPU, a shame it's from Apple

The M1 is quite an impressive CPU, but it's a real pity Apple came up with it. They're unlikely to allow third parties to use the CPU, RAM is limited to a ridiculous 16GB even on their "Pro" model, there's no sign yet whether Windows or Linux wil ever run on M1 bare metal, their new M1 kit is horrendously non-upgradeable and the prices for extra RAM/storage (£200 each for 8GB more RAM and 256GB more storage) - a decision you are forced to make at purchase time - are nothing short of scandalous.

If anyone else had made the M1 chip, we'd see it in a myriad of laptops/desktops, be able to run alternative OSes and be able to upgrade the RAM/storage both cheaply and to large capacities. I'd love to see a powerful ARM cheap laptop with Linux pre-installed (yes, I know about the Pinebook Pro, but it's nowhere near the M1's speed and its availabilty is sketchy too). We'll sadly never see that with the M1.

Dubious change...

Let's Encrypt certs and their 90 day expiry work well because you are effectively forced to automate the renewals (and preferably have some of your own expiry date monitoring in place in case things go wrong, though LE will e-mail with decent number of days to go to the cert expiry). Once you have automation in place, the ongoing cost in terms of admin and the certs themselves is effectively zero.

Paid certs, however, are the complete opposite. They are often a horrendously bureaucratic manual process that can get held up if the cert provider decides to do a "manual security review" (i.e. actually involve a human at their end in the process). I've often been forced to go onto their live chat and beg for expediting of a reviewed cert - if i don't do that, it can sit in limbo for *days*. Having a manual process get cut ever-shorter (used to be 5 years max, then 3, now 2 - with Apple changing this to 13 months) means that the admin cost per year rises - and it's individuals/companies that will have to absorb that, not Apple.

I knew that they'd claim that possible changes in ciphers/protocols would be their official excuse for this reduction in the maximum cert life, but what is the average time between the introduction of a new cipher/protocol? Wikipedia says: SHA-0 = 1993, SHA-1 = 1995, SHA-2 = 2001, SHA-3 = 2015, so how does Apple justify less than 2 years for the max cert life? You wonder if the next step is for Apple to set itself up as a certificate authority and rake even more cash in (with certs <=13 months lifetime of course).

I wonder how long...

...it'll take for someone to sideload Google Play Services/Play Store/Google Apps onto these P40 phones? I bet Huawei won't make it too difficult :-)

Unless Huawei can provide good alternatives to all the major Google Play store apps or easily allow Google Play stuff onto the phone, I can see them losing customers. Yes, for the audience here on El Reg, a Google-less Android phone might seem attractive (I'd suggest LineageOS in that case, provided your bootloader can be unlocked), but for the average Joe Bloggs out there, I suspect they'd have second thoughts about it.

GitLab is an alternative...

GitLab is another way to go if you're worried about storing your projects (and bug tracking/discussions) on someone else's servers. You can install a free self-hosted version that has most (but not all) of the features of the paid hosted version and keep all your data local.

Nothing stopping you opening up that "local" GitLab to the wider public, though you obviously have to take some decent security measures (keep up to date with the monthly releases, enable 2FA, use a secure cert, manually vet new user creation).

Knock once for reboot...

The coin deposit machine in my local HSBC branch runs XP - I know because it spectacularly crashed with virus-like red stripes on the screen just as it finishing totalling my coin deposit (luckily, I got the receipt just as it died completely).

An assistant knocked once on the wall and the machine rebooted with the XP logo in clear view. Yes, I initially thought they'd cleverly installed a reset switch in the wall, but it turns out that there was a back office behind the wall and when someone knocks on the wall, a human operator does a reboot (probably a power cycle?) because it obviously crashes so often.

Not for me...

I won't go for an Apple watch of any version until they fix 4 major dealbreakers: 1. It's fugly. Sorry, but round watch faces look much better than rectangular ones. 2. It has an 18-hour battery life, requiring you to charge it every day. 3. It's pretty expensive, especially if you go up the range (e.g. LTE or stainless steel) and 4. It's locked into the Apple ecosystem - at least non-Apple smartwatches usually pay at least lip-service to iOS, but Apple don't reciprocate with Android. I could mention that a very basic nylon strap for it costs 49 quid in the Apple store as a 5th dealbreaker, but that's at least optional.

Surprised that the review made zero mention of its obvious main rival - the Galaxy Watch, which seems to trump the Apple Watch 4 on every one of those 4 major dealbreakers I mentioned. Never mind that the Galaxy Watch has 60,000 watchfaces vs. virtually none for the Apple Watch 4...

Most 'small' Linux distros seems to be a wasted effort

At this moment in time, Distrowatch is listing 308 Linux distros, which is at least 300 too many in my books. A vast majority them will basically be forks from one of the big distros, which is a pointless exercise in my books. Why not contribute to one of the big distros directly instead?

Small distros might be fun to spin up in a VM to see what they offer differently from the big distros, but I'd never use them as my primary OS. Big distros often have "spins" now which are usually aimed at providing different desktop environments (e.g. MATE) or are sometimes based on a particular category of usage (e.g. gaming, multimedia etc.). Those spins are surely enough to scratch the itch of the developers creating these little-used smaller distros? If a spin doesn't exist for a major distro (e.g. a systemd-less Fedora anyone?), why propose one to the (Fedora) team rather than creating an unofficial fork hardly anyone would use?

Another related issue to this crazy proliferation of distros is the myriad of packaging formats, which drives me bonkers - it even exists between the major distros (e.g. deb vs. RPM being the biggest annoyance).

I always set a root password on sudo-based systems

First thing I do on sudo-based systems is "sudo passwd root". Quite a few such systems would prompt for root's password for filing system repair when booting after an unclean shutdown - you're in trouble if you haven't set one!

I often run several root commands in a row, so I'll often just use "su -" for that (only doable if you set a root password), rather than "sudo bash".

El Reg needs to do a roundup of cheap TV boxes

The Roku stuff is interesting, even if primarily US-based. However, I'd like to see reviews of the best cheap TV boxes ($99 or less), though I suspect your best bang for buck is going to come from the dozens of Chinese import Android TV boxes you can now buy. Would be nice to recommend the best accessories too e.g. an air mouse, which would seem to be an essential item for Android boxes.

Oh no, not again...

Let's hope Yahoo doesn't buy up QEMU, then we'll get a qaqoqophany! of! qrummy! (and! not!) qomiq! sentences. Please, please stop this rubbish repeated char meme, El Reg or at least do it once a year. It stopped being funny, oh, about 8 years ago.

Multiple servers?

Let's Encrypt wildcard certs are probably tenable if you're going to use them on only one server. If you have more than one server, I suspect you'd have to nominate one server as the wildcard renewal server and then after a renewal, have it copy the new cert files to your other servers that need it (assuming that's allowed in Let's Encrypt T&C's - paid wildcard certs sometimes insist on you paying per server!).

You can pick up paid wildcard certs for about 70 quid a year nowadays, which isn't too bad if you're planning 10+ subdomains on them. One obvious trick is to buy a 3 years wildcard cert so you don't have to renew/re-install the certs on multiple servers too often.

12%? Doesn't sound right

Netcraft's Web server survey shows that Apache (almost always run on UNIX machines) had 45.8% of the market vs. Microsoft IIS which had 7.7% of the market in June 2016. Yes, I know not every server serves up Web pages, but a lot of them do, which makes this 12% figure highly suspect in my books.

Not much of a wizard for me

I have an SM961 M.2 SSD, but on the rare occasion I boot into Windows 10 (I'm in Linux >95% of the time), the Samsung Magician software doesn't want to know about my SSD because it's an OEM variant - this is a ridiculous policy to have really and it prevents me for getting any firmware updates for the SSD :-( Needless to say, I quickly uninstalled the Magician software from my Windows setup and it's never coming back...

Hopefully ramping up PCIe more than SATA

Performance of SATA 3 SSDs peaked about 5 years ago and all we've seen is a capacity increase and (seemingly slowing down) price drop since then. As far I'm concerned, this makes SATA 3 SSD "old, boring and slow" tech and it's the PCIe SSDs where you'd hope Samsung and others would ramp up production on.

Yes, I know older motherboards don't have M.2 slots, but that's what an adapter is for - we need PCIe SSDs to get close to SATA 3 SSD prices (they've still got a premium that puts people off, despite being up to 6 times faster than SATA 3 SSDs giving them a massively better "performance per buck") and then people's head lightbulbs will illuminate and they'll finally realise that PCIe SSDs are the way to go.

I think IT sites should stop doing SATA 3 SSD reviews unless a) the price per GB is significantly better than other SATA 3 SSDs or b) the capacity is huge (e.g. 2TB or more).

Tabs are inconsistent...

Text editors can often allow you to set a different column width for a tab, but if you set it to anything other than the "standard" 8 spaces (which you surely would if you're a programmer because 8 is too wide for nested indentation), then good luck if you ever want to kill a tree and print it out.

I suspect most printer driver filters for text files are hard-coded to 8 spaces for a tab, resulting in completely unaligned print-outs where <8 spaces for a tab have been used. Yes, you could run it through a "de-tabifier" first before printing, but that would just prove that using tabs is less than ideal (especially for print-outs).

Also, if you set, say, 3 spaces for a tab, what happens if you need to align something on something other than 3-space multiple? Yep, you end using a mixture of tabs and spaces - yet another negative aspect of using tabs. It's spaces all the way for me, baby :-)

MATE is for GNOME 2 refugees

Like an earlier commenter, I wouldn't say MATE is very close to Windows (especially Windows 8+). It does, though, provide a functional desktop with "traditional" task bar(s), icons and a Start-style menu - for me, this gives it a leg up on Unity already, especially if you dual boot into Windows 10 with Classic Shell set to use an old-style Windows Start menu.

MATE is a good way to move GNOME 2 users (e.g. CentOS 6) to a more recent distro whilst not changing much for the end-user. I use it on CentOS 7 (yum groupinstall "MATE Desktop" and then select MATE from the pre-login cogwheel icon) and my desktop looks almost identical to the one I had on CentOS 6.

I do like using CentOS 7 with its 10 years of support for the desktop - it means I can take my sweet time deciding exactly when I upgrade to a future release (it was around 5-6 years for CentOS 6 before I jumped to 7). Note that the latest Firefox on mozilla.org (not the "well behind" ESR version that Red Hat have backported) and the next release (59) of Google Chrome will *not* work on CentOS 6 - that's the two big Linux browsers dead in the water and probably the final push for most CentOS 6 desktop users to move to 7.

Is there any Android device with >3 years support? / Custom ROMs

A lot of indignation on here about "only" 3 years support, but are there any Android devices out there with longer support? 3 years is pretty well longer than any typical phone contract (which tend to max out at 2 years, at which point most users upgrade their phone).

Also note that popular Android devices (and the Nexus/Pixel lines are no exception) will have custom ROMs that can extend the updates by a few extra years. My ancient Nexus 10 is on LineageOS 14.1 (Android 7.1.2 - years after Google dropped support) and is working well with it.

Good news for Ryzen users too...

In perfect timing for my new Ryzen PC coming tomorrow, 4.11 has fixed a couple of Ryzen issues: ALC1220 audio codec support (Kaby Lake isn't the only one to benefit from this) and a fix for a CPU soft lock in mwaitx() (Kernel Newbies actually missed this one since it was a last minute submission). It was really 4.9 and 4.10, though, that sorted out most of the Ryzen support.

Just waiting for ELRepo to buuld a kernel-ml 4.11 package and then I'm all set for running CentOS 7.3 on Ryzen...

Seems to be pointless to me

The M.2 Optane SSD has so many disadvantages, it does beggar belief:

Takes up a precious M.2 slot (often only one on the motherboard), making it impossible to add a "full fat" M.2 SSD at a later date without throwing it away.

Only works on latest gen (Kaby Lake) Intel processors, so go away old gen Intel and the entire AMD userbase.

Only works on Windows 10 - go away Windows 7, 8, 8.1, Mac OS X and Linux users.

Slower than an equivalent normal M.2 SSD in most cases.

More expensive per GB than almost any other SSD.

Requires a special memory driver.

It should be noted that a 256GB M.2 SSD is around 120-130 quid and is a far more sensible purchase than this Optane nonsense (as, to be fair, the article points out). In fact, I just got a 256GB M.2 SSD for my new PC I'll be getting next week...

Creators Update hung when checking for updates during install...

After an age and multiple reboots, things were going well with the Creators Update on my home PC. Just turn off all those privacy sliders (there's even more to turn off after the update finishes) and, what's this, it's "Checking for updates..." (which really should be left to the user to do after the first login surely?) and, er, not doing anything for 2 hours!

A power cycle and the same thing happens on the next boot - privacy sliders re-appear (yep, had to turn them off again) and "Checking for updates..." hung again. The solution? I disconnected my PC from the internet and it then booted fine and gave my first Creators Update login prompt. Well done MS for screwing up the install!

I'd like the entire BBC archive myself...

BBC employees have access to everything that the BBC has digitised/archived - now *that* would be a service I'd be willing to pay a monthly fee for, rather than this half-arsed amalgam that Britbox provides.

Android Central already had a guess (by looking at photos of Trump using the phone) that Trump uses a Galaxy S3:

http://www.androidcentral.com/which-android-phone-does-donald-trump-use

7 years?

What no-one out there has commented on is why it took 7 years for this dodgy payout to be publicly revealed, never mind how the allegedly "winning" ticket was damaged. Considering lottery tickets have a security code on them, you do suspect some inside involvement (i.e. either the "winner" had access to the security code algorithm or they paid someone off to falsely validate the ticket).

Blu Vivo 6 is probably the best 2016 phone sold in the UK under 200 quid

I got this phone on Black Friday and, for the price, it's quite impressive. If its missing features (NFC, waterproofing, Nougat) are important to you, then you'll have to spend quite a lot more to get them I suspect. I only saw a couple of mangled English mesages in the Settings - this article overblows that in the extreme. The display is good, the phone doesn't lag and the Android interface has only minor changes (use Nova Launcher to bring more sanity), with swiping the Quick Settings from the bottom rather than the top being the most obvious.

You get a shed-load of accessories in the box - so much so, that maybe a second type C cable is the only optional purchase you might consider. I think the only concern I might have about the Vivo 6 is the timeliness of the updates. It's currently only got the Sep 2016 Android security updates and although Blu have promised Nougat in the future, there's no firm date for that yet.

BTW, Amazon UK dropped the price back to 184.99 for the end of its Cyber Week - as I write this, it's probably got one more day (Sunday) left before it returns to 239.99. At the lower price, the Vivo 6 beats or equals its nearest rival (the Moto G4 Plus) in most categories except the rear camera specs.

Not seen a decent new tablet released recently

Having a lot of tablets myself, I've come to the conclusion that you do indeed get what you pay for. To me, the most critical aspect of a tablet is its display (i.e. must be >= 8", 16:9 or 16:10, a high resolution and ideally AMOLED) and owning a Galaxy Tab S 10.5" has spoiled me in that respect.

What we've seen from Google and Samsung with their last "flagship" tablets is the wrong aspect ratio (sorry, but 4:3 is an epic fail for videos and games) and eye-watering prices. Google skipped tablets completely with their latest launch and no sign of a Samsung S3 yet (and if it's 4:3 again, I for one won't be buying it).

Now if the Yoga Book could have detached its display from everything else then it might have piqued my interest more, but the specs are a bit underwhelming for the price anyway, IMHO.

It's about time there was a new official release...

"Released in September" forgot "2015" on the end - it's been over a year now since the latest release came out, during which there's been dozens of commits (including the two security fixes). It is bizarre that there hasn't been an official release for so long, especially considering it's still being actively developed (last commit was less than 2 weeks ago).

No Red Hat patch yet

Despite the article claiming Red Hat have a patch out, the article link is only to the CVE announcement on Red Hat's site. If you check the Bugzilla bug for it here:

https://bugzilla.redhat.com/show_bug.cgi?id=1384344

You'll see that there isn't actually a patch out yet as of Monday morning UK time. There is a (fiddly) mitigation procedure involving systemtap documented at the above URL, but no new kernel RPM to fix the issue yet. This means that CentOS and other RHEL clones are also unpatched at this moment in time as well.

Works in VirtualBox...

The article failed to link to where you can download the 4.5GB eval ISO:

https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016

I slapped it on VirtualBox and selected the "Desktop Experience" version (did I read somewhere that you can't convert from non-DE to DE later on?). It's a 180-day trial and I didn't seem to need a license key for it. Overall impression is that for typical small business use, it's only a small upgrade from 2012 and the nastier licensing terms for 2016 might make SME's hold back on the upgrade.

It's nowhere near as big an upgrade as, say, RHEL/CentOS 6 to 7 was (systemd is still doing my head in!).

No-one saw this early 2015 YouTube video then?

I'd have thought this video would have sent people screaming (ha!) for the hills when it was posted by a Google (who own Nest) employee over 18 months ago:

https://www.youtube.com/watch?v=BpsMkLaEiOY

Apparently the 2nd gen version is supposed to have fixed most false alarms by using a better sensor, but the video still gives a really bad impression of the product!

Tablet specs have plateaued

The last widescreen tablet Google produced was the Nexus 10 way back in November 2012 (I don't count the disappointment that was the Nexus 9, because 4:3 doesn't cut it for videos/gaming). To succeed the Nexus 10, I picked up a Galaxy Tab S 10.5" which has a sweet display (sorry, the 4:3 of the Tab S2 again is an epic fail and with a lower resolution!) and I suspect still represents pretty well the peak of Android tablets (certainly w.r.t. the display at least) and it's over 2 years old.

I've not seen any tablet in the last 2 years that significantly improves on what I've got and that's the real problem with the tablet market - each generation is only making small improvements on the previous one, so people are hanging onto their tablets for longer and hence the falling sales.

Ancient coin counter

Using the ancient coin counter in the big HSBC in Liverpool has been fun for me in the recent past. Ignoring the fact you have to type your account number and sorting code manually (no card swipe!) complete with stars displayed for numbers so you have no idea whose account you're paying into, I had a spectacular crash with it (way better than a BSOD).

While I was tipping in my coins, the screen started showing virus-like red steaky vertical lines until I actually couldn't read the text on the screen at all. Luckily, it had finished counting my coins before I called over an HSBC assistant who promptly knocked on the wall behind the machine and 5 seconds later the machine rebooted!

I thought that was some clever reset switch embedded in the wall until the assistant opened the door next to it and it turns out someone had rebooted it behind the scenes - obviously such a common problem that knocking on the wall was a good enough signal :-) Oh, it booted into Windows XP (didn't say Embedded - does the logo include that?) and that was only last year...