And who *did* take Karen's milk from the fridge? We should be told.
150 posts • joined 7 Mar 2013
Forget tabs – the new war is commas versus spaces: Web heads urged by browser devs to embrace modern CSS
Re: "Hopefully he also added a bit of text along the lines"
Some of the worst User Interfaces I've come across have been designed by software engineers, who haven't bothered to think about what the user is trying to do, they've bothered about how to reflect how you talk to the underlying system.
We had one screen where '1' meant switched off and '0' meant switched on. Check boxes? The words enabled or disabled? Hahaha. Everybody got confused by this. To the point when someone needed to add some more entries to the screen, and he made the new entries expect '1' for enabled.
It was an utter disaster.
A paper clip, a spool of phone wire and a recalcitrant RS-232 line: Going MacGyver in the wonderful world of hotel IT
'Unfixable' boot ROM security flaw in millions of Intel chips could spell 'utter chaos' for DRM, file encryption, etc
Re: And none of this is important
As far as I can see, if said miscreant gets access to your PC, they can read the management key which doesn't apply to your PC, it applies to however many hundreds of thousands of PCs that were built with the same chipset.
I imagine it's rather less hard at that point to do interesting things remotely.
Zyxel storage, firewall, VPN, security boxes have a give-anyone-on-the-internet-root hole: Patch right now
You'll never select all and mark as read again after this tale of peril... Oh, who are we kidding? Of course you will
Re: Whats the problem with unsafe code in Rust?
Yeah. And all code is written properly of course. Even experienced kernel programmers make mistakes.
Something I learnt long ago: Given 2 code solutions to a problem, people in general pick the worse one either to use or to (shudder) clone and mangle.
You're not Boeing to believe this: Yet another show-stopping software bug found in ill-fated 737 Max airplanes
Re: Isn't THIS why we've got to teach 2nd-graders how to "code", rather than how to think?
Re: He notes how hardware was becoming more sophisticated AND more reliable,
Sadly I think hardware is now becoming less reliable. Faster, but less reliable. That might be because a fair swathe of it is now software, and the boundaries are less clear than they once were.
This: We were talking about rabbit holes at Book Club last night" the Boss burbles, forgetting our wolf-like tendencies when a slow animal is separated from the herd. "We're reading Alice in Wonderland!"
Which immediately triggered the memory that the Jaberwock is known to burble. One of these days the wolves might be in for a surprise. Just sayin'
Ring of fired: Amazon axes multiple workers who secretly snooped on netizens' surveillance camera footage
Vivaldi opens up an exciting new front in the browser wars, seeks to get around blocking with cunning code
I'm not really surprised. the ability to spoof user agent strings has been around for a long time now, because of similar problems, mainly because the designers (I use the word loosely) of web sites seem to be somewhat reluctant to test for feature existence. Or to fix their own sites because they rely on the undocumented and non standard behaviour of browser x.
You looking for an AI project? You love Lego? Look no further than this Reg reader's machine-learning Lego sorter
Just take a look at the carnage on Notepad++'s GitHub: 'Free Uyghur' release sparks spam tsunami by pro-Chinese
2001 fiction set to be science fact? NASA boffin mulls artificial intelligence to watch over the lunar Gateway
Re: Wun thing to say.
Here's a few
https://www.json.org/ - no possibility of comments in that
https://en.wikipedia.org/wiki/JSON - hmm. still nothing about comments in there
https://tools.ietf.org/html/rfc7159 - nope, no comments in there either
and even this which provides a hacky workround
I can't put in comments without stuffing the data in a nasty way.
Wun thing to say.
I have to say, while I agree with his comments about callbacks and Promises (which look messy, and there's just no replacing callbacks with promises in existing code without tearing your hair out), he's way out of line about async/await. It's a really useful technique and makes the code much cleaner, easier to read (and write), and less error prone.
The worst problem with async/await is all the books and stackoverflow posts that explain async/await code as though it was happening sequentially. Which it most definitely is not. The number of times people have suggested you can call an async function from the main thread and wait for it to finish is depressing (though the fact that you can't do that is also depressing)
Also, in passing, I hate that JSON cannot be commented. Because there's a lot of tools (eslint, I'm looking at you) that expect their configuration to be in strict json format, and I like to explain why I've taken a decision in my configuration details, thank you very much. So I use yaml, but every time I want to do something, I have to take the eslint example and stick it through a json->yaml converter....
Geo-boffins drill into dino-killing asteroid crater, discover extinction involves bad smells, chilly weather, no broadband internet...
Google, YouTube cough up $170m to make that trifling little thing about slurping kids' info without consent go away
Hey, it's 2019. Quit making battery-draining webpages – say makers of webpage-displaying battery-powered kit
Re: Words of wisdom
It's not really helped by everyone having their own copy of rapid or node or whichever framework they've chosen to splat over their web page. Which means you have to download the same code over and over again, rather than downloading it once from a master copy.
Hack a small airplane? Yes, we CAN (bus) – once we physically break into one, get at its wiring, plug in evil kit...
Umm. Why are people discounting the 'need physical access to the aircraft'. It's not very clear from the article whether or not the researcher was sitting in the cockpit fiddling with wires, or whether he was say in a passenger seat where the wiring conveniently went past. Or whether he managed to get a wifi or bluetooth connection - because wire is expensive don'cha know.
9/11 shows that people are willing to crash aircraft while they're on it. There's plenty of security now against people getting guns on. But if someone gets on with a mobile phone or laptop - and I've done both since 9/11 with no problem - well, as far as I can see, there is the potential for a lot of nastiness.
Facebook's Libra is a terrorist's best friend, thunders US Treasury: Crypto-coins dubbed 'national security risk'
Wondering how to whack Zoom's dodgy hidden web server on your Mac? No worries, Apple's done it for you
> Further, Zoom promised an update in a couple of days intending that users who select "Always turn off my video" on first use will have that preference saved automatically.
Is it just me who feels that "Always" implies "Always" and not saving the preference rather conflicts with the description?
I'd say I cannot believe people like this would be allowed near a computer, but clearly they have been. If you're actively coding round standard security practices, you are no better than malware writers.
Grav-wave eggheads come closer to nailing down Hubble's Constant – the universe's speedy rate of expansion
BGP super-blunder: How Verizon today sparked a 'cascading catastrophic failure' that knackered Cloudflare, Amazon, etc
We knew it was coming: Bureaucratic cockup triggers '6-month' delay of age verification block on porno in the UK
Awoogah! Awoogah! Firefox fans urged to update and patch zero-day hole exploited in the wild by miscreants
Re: Re NoScript
But *need* it? No - you don't need it. Not even amazon needs it. Enter name, press search. You might not get the menu of items similar to what you'd typed in so far, but frankly, that's so rarely useful for me, I could live without it (and probably it would make the site faster as it's not sending messages to the server every keystroke...)
This Free software ain't free to make, pal, it's expensive: Mozilla to bankroll Firefox with paid-for premium extras
Re: Firefox's global market share dwindles ...
Sadly it doesn't explain anything. Adding support for web extensions doesn't require you to remove existing ones.
While I realise there are (?were) a lot of extensions out there that aren't supported any more (and have occasionally got more broken as mozilla deprecated or changed APIs), and I appreciate that mozilla will occasionally want to remove an API because it becomes a security hole, or there's some other better way of doing the same thing, they absolutely screwed themselves over with their "improved" version numbering scheme, resulting in everyone setting the max supported version to '*', converting an extension to a web extensions is not going to be easy and occasionally not possible.
Things like tab mix plus (probably one of the more popular extensions) are dead in the water because mozilla haven't produced the APIs that would enable them to produce a web extension (assuming the tab mix plus people can find the time or even the enthusiasm to do the work).
And there are a whole bunch of simple extensions that have existed forever that didn't use complicated internals that just worked fine.
And I fail to see any performance improvement from the multi-process firefox (though admittedly I don't use it unless I really have to).
Re: Ignorance is not bliss.
github desktop was released well before the involvement with microsoft. And despite your belief, there are a lot of people who use operating systems other than linux, who aren't terribly au fait with the command line.
And although git was developed by Mr Torvalds, github was not.
Re: Block the lot!
TBH i wouldn't worry so much about static adds like they have in newspapers. Where it's the responsibility of the ad server to tell the add supplier that it had served an ad (preferably without much extra detail). I wouldn't even mind if that changed every now and then if I refreshed the page.
I can blank those ads out mentally and they shouldn't cost much bandwidth to download and would pay the website hosting them which is not per se a bad thing.
Trouble is I don't think I've seen an ad like that on the internet for years and years.
And adware like this is nothing but malware. If you can't uninstall it cleanly by design, it's malware.
Re: re: why a manufacturer thought it would be fine to store details of the use of its products
This sounds a bit like saying the post office is party to the contents of a letter or parcel you sent.
No it isn't.
All it is party to is the receivers address in the case of a letter. A bit more in the case of a parcel but even their they don't need to know the senders address. Even if it's recorded they give you a tag so you can check and they don't take your address.
At no point to they have any idea of the content or log it.
So why should these people think they should have any access to the content of the message sent between the app and device, beyond that needed to ensure the data that is received is what was sent?