Posts by DrXym

Re: OOXML is also an open and ISO standard

At yes, the 5000 page long specification for MS Office formats compared to the 760 page long specification for OpenOffice formats. And it was belated specification tossed out there as a sop simply so Microsoft can proclaim they're a "standard" even though it is so impossibly complex that few competitors would bother attempting to implement it.

And AI isn't exactly renowned for its financial or accounting acumen.

I think in some cases it's a sign of extremely conservative development - the company is literally paralysed, fearing any change could generate support calls. Or if they do change the UX it's a thin veneer over the terrible old system. I saw this first hand with Lotus Notes which got a facelift but only until you opened a dialog and then it was as awful as it ever was. It's like baking a cake with a dog turd in the middle.

Re: On the flipside

What data???? All there is in the McDonalds app is discount vouchers and occasionally promotions. I had to double check there and there is NO WAY to put any payment information in there. There is literally nothing of value to protect beyond the login email address and the most basic of information.

So the 2FA is just pointless, at least for retrieving the vouchers.

Re: Rust

That's not what they said and no reason to assume it either. Media files are complex with all sorts of values and buffers whose size could be manipulated to trigger writing data beyond the end of a buffer for remote execution attacks. So rewriting the filter in a safer language is a desirable security mitigation.

Mozilla Firefox replaced its media filter all the way back in version 48 for exactly the same reason. You can see some of the code that Firefox wrote in Rust here - https://github.com/mozilla/mp4parse-rust. I assume Whatsapp implements something similar and probably for a variety of common file types.

Whenever I used BoundsChecker, or Purify on a real-world project the machine usually ran out of memory. Because the overheads of these tools and the instrumentation they added was so bloated and slow the machine died trying to build the code. Even when they actually worked they generated so many false positives that any genuine issues were drowned out in the noise. Given how obscenely expensive the tools were I found very little value in them at all.

I think a better approach would be linters that enforce rules like MISRA (rules that make C programming safer). It's still not perfect but at least it would focus on questionable programming practices.

Re: Just remember that laws can be changed

And I get two(+) thumbs down from people who think handing keys to an adversary for safekeeping is an awesome idea.

Re: I only use it when I have to

I'm not "demanding" anything. The reason Powershell is still not a niche on Windows is because it's longwinded and provides no migration path. When I or anyone else opens a shell they want to type a few terse commands, not participate in a game of Verby-NounyNoun. Most devs know bash and/or command prompt and they just want brevity and familiarity. And for anything complex they'd write a script of some sort in NodeJS, Python, Perl or whatever which would have the added bonus of being portable.

PowerShell could easily have implemented "dir" the way people expect - write Get-DosChildItem cmdlet which supported the old arguments and alias to that. All of .cmd could have been supported and people would have no reason to use command prompt because the commands are unsurprising and PowerShell is a superset. They could have done the same for Linux/Unix file utils for that matter, as long as there was a way to switch personas / aliases.

But that didn't happen. So I and probably a lot of people only bother with PowerShell when they have to dip into the bowels of Windows to do some specific thing that is achievable no other way.

Re: 1 button option to turn off AI

Just right mouse on a page and click Remove chatbot. Technically three clicks.

Re: I sort of expected something like this.

If you're using a smart pointer then you're using the heap and have a new somewhere, or some kind of std::make_unique from a std::move going on. If you just declare your class / struct in a block of code then it'll be in the stack, but of course member variables might use the heap, e.g. if you had a string or collection in your struct.

The danger with C++ is that using smart pointers is optional and it's still possible to dereference a pointer or subvert reference counting. It's still better than GC in most cases but object ownership and destruction order can get pretty disgusting for shared (ref counted) pointers.

User experience is definitely some open source products forget. Making the UI only show things for the task in hand, removing clutter, being discoverable, being forgiving / helpful, and internal consistent are really important. Sometimes they're more important than the power under the covers.

For example I'd love to use FreeCAD more but the UX is so awful that I'll stick to a free tier on OnShape or Fusion 360. Not because I want to but because those products are way easier to use despite being functionally similar.

Linux (disambiguated here to mean a common dist with a Linux kernel + user land) is a Unix lookalike. It is not compiled or derived from BSD or System V source code so technically it is not Unix. But it implements the same functions, commands and concepts as Unix so for all intents and purposes it's Unix even though it isn't.

About 20 years ago SCO claimed they owned Unix and threw sueballs at everyone to try and wipe out Linux but failed hard because the implementation was different. They also lost ownership of Unix in the process to Novell - oops.

Unix lives on in various derivatives. The most mainstream one in existence is Mac OS since it is a BSD derivative. Most *nix systems implement POSIX standards so there is a lot of similarity regardless of how they came into being.

Re: "It's new and shiny - it must be better!"

It's also worth mentioning, this is one guy saying his goal is this, not Microsoft's.

But even if it were Microsoft's, the real issue isn't whether Rust is safer than C (it obviously is) but whether it's worth rewriting existing code for the sake of it. I could entirely see the point of writing new code in Rust but not necessarily some ancient Win32 DLL which hasn't been a vulnerability for as anyone can remember.

Re: "Sovereign".....Exactly What Does That Mean?

Cloud has a place for some companies for uptime / disaster recovery and other conveniences. For most companies it probably doesn't matter much who their hosting provider is because their data isn't worth spit to anyone else.

But when a company is big and can afford to run and operate its own servers cloud becomes a really bad idea. Especially for a company like Airbus. It must be aware of a lot of threats from competitors and governments and must be subject to a lot of regulations regarding cybersecurity & resilience. The cloud becomes a point of failure and unique threat that has to be considered very carefully. At the very least, don't use an adversary's cloud hosting - and that includes the USA these days - and ensure digital sovereignty. But even better, bring stuff in house. I'm sure Airbus has honking big server rooms and hundreds of IT staff. They have the means and motivation to do stuff in-house and probably should.

Re: Legal & criminal liability

I'm interested that at least 2 people don't agree that the makers of self driving cars should be legally and criminally liable if their creations break the law or hurt people.

Re: Not surprising

Erm, not X11 itself but X11 in KDE Plasma. But the same applies. I expect the number of people who really care that X11 is at the bottom of KDE and are prepared to maintain the code will be very sparse because the reasons for doing so are minimal.

Re: Don't see the point

It is but it goes still goes further than this. It boots up as an Amiga and takes Amiga peripherals, like 9-pin controllers, floppy drives, and is designed to go in A1200 case. There are FPGA style solutions too which go further again. Nobody realistically thinks OCS / AGA custom chips are going to be fabricated any time soon, but I see the THEA1200 as a pretty lazy effort.

All of which are better than what this thing will be which is basically just a custom keyboard with a tiny ARM board rattling around inside. No doubt they'll have to toss in some metal bars to make it weigh more substantial than it is.

Yes and nobody ever claimed different