* Posts by DrXym

4650 posts • joined 18 Jul 2007

This is node joke. Tor battles to fend off swarm of Bitcoin-stealing evil exit relays making up about 25% of outgoing capacity at its height

DrXym Silver badge

If you're using Tor...

You should really be using Tor Browser. It DOES have HTTPS Everywhere and NoScript enabled plus other protections enabled in the browser. I'm sure it doesn't prevent some malicious activity by exit nodes but it sounds like it will block what is going on above.

OnePlus Nord is surprisingly fixable compared to earlier stablemates, but common repairs require disassembly

DrXym Silver badge

I think this is more the case that Facebook gave them a large sum of cash to stink up the phone experience with an app that people could install for themselves if they actually wanted it.

Secondly, I've already suggested one way that OnePlus could take cash from Facebook (or whoever) without not pissing off people who don't want it baked into their phone.

DrXym Silver badge

One of the (previously) nice things about OnePlus was the lack of bloatware. Out of the box you got a lightly skinned Android phone. This is starting to change and as an owner I find this ominous and off-putting.

What's most annoying is how unnecessary baking shit into the firmware even is. Instead they could just show a welcome page that *asks* if you want apps installed as part of setup. If you choose no then that's cool but OnePlus can charge companies to be on this list and be additionally compensated for any that the user elects to install. But no, that's too easy so they're going to ram that garbage and piss people off.

Class move, Java. Coding language slips to third place behind Python in latest popularity contest

DrXym Silver badge

Kotlin isn't Java though. It was initially created to run on a JVM and interact with Java but it's outgrown that purpose and can also compile to mobile and natively where "native" means via LLVM to various backends.

I think its popularity has increased because Google promote it for Android development and of course Android Studio (Jetbrains) ensures it has good IDE support. Google were getting fed up being tied to Java 7 and the never-ending lawsuit against Oracle. For devs, it's a terse language similar to Swift, Go and Rust so it means typing less boiler plate.

Chinese tat bazaar Xiaomi to light a fire under Amazon's Kindle with new e-book reader

DrXym Silver badge

Few books are sold in an open format

I assume you mean EPUB which is basically just a zipped up subset of HTML, JS and CSS in a particular layout. But it supports DRM and most purchased content is DRM'd. The DRM can differ from one vendor to the next so Apple EPUB files are DRM'd with Fairplay whereas Kobo EPUB files are DRM'd with Adobe Digital Editions.

BTW I'm aware there are some DRM-free EPUB vendors out there selling mostly niche content but they don't represent much of the market and probably never will.

Fortunately Adobe Digital Editions is relatively easy to remove using a Calibre plugin and I think it's prudent that the first thing anyone does with a new book is strip the DRM and back it up somewhere. I don't know if Apple's DRM can be stripped but it shows how even using an "open" format is no guarantee of owning the work or being to read it on unblessed devices.

Amazon's own format used to be a standard called MOBI but has morphed into a proprietary AZW format. There are Calibre DRM removers for that too but I don't know how well they work.

Microsoft wants to show enterprises that Edge means business, rather than the thing you use to download Chrome

DrXym Silver badge

Re: Leopards and their spots

I think that would be the main reason for any uptick. Personally I see the switch to Chromium as Microsoft giving up trying to persuade sites to work well with their older engine(s). It must be an administrative nightmare for businesses using Windows 10 though.

DrXym Silver badge

Re: New Edge, now with even more spyware

Tangential again, but I watching a YouTube video about PinePhone which is some new Linux powered phone and under Ubuntu it took a full SIX SECONDS from tapping the icon for the calculator to launch. I immediately knew this phone was screwed because if a simple calculator app takes that long then the entire user experience is going to be awful.

User perception matters a lot and if that means preloading apps, or bundling them in a way that means they launch faster than that's what a modern GUI needs to do. I do find it incredibly annoying for software to lurk around after it has been told to quit though since I might be quitting it because it has gone haywire and is interfering with the CPU.

Twitter Qracks down on QAnon and its Qooky Qonspiracies

DrXym Silver badge

Re: These nuts are really something special

I see it as a double edged sword - no advertiser wants to piss away money on bots. They want their ad impressions to be seen by human beings. So yeah Twitter might have to adjust their figures but at the end of the day if they have a more refined audience then it doesn't materially hurt then at all.

DrXym Silver badge

"Don't you think that antivax stories could be a conspiracy by China and Russia to amplify messages weaken the health of the United States?"

A conspiracy that has more basis in fact that the nutcasery they usually swallow.

DrXym Silver badge

These nuts are really something special

These fuckwits managed to concoct a ridiculous pizza parlour paedo sex trafficking ring conspiracy out of thin air and name dropped Chrissy Teigen and others into it. And now Teigen had to block a million accounts from these morons who either sent her death threats, abuse or liked abuse sent by others.

A million accounts. I assume some are bots and trolls but it also points to how determinedly stupid these people are. Twitter seem to be taking them a bit more seriously but I wonder why the service doesn't make it harder in general for trolls / bots to operate, e.g. by restricting new accounts and throwing more captchas and other spanners at accounts that appear to be operating abusively.

My life as a criminal cookie clearer: Register vulture writes Chrome extension, realizes it probably breaks US law

DrXym Silver badge

Two options and a few other tips

Clear your cookies when you exit or use private browsing. This works okay for the Washington Post although they still make you click through a cookie acceptance popup for European visitors.

A few more tips

1) Some websites that truncate articles are still readable if you hit esc in the time between them loading and their paywall / article truncator Javascript kicks in

2) Others don't truncate at all if you use Firefox's reader (F9) mode

3) Tunnelbear and other VPNs circumvent those blocks that some US news websites put on European visitors. If you ever wondered why they do this then it's because they must exploit the ever loving f out of US visitors with hundreds of scrapers, trackers etc. and have chosen to block Europeans rather than fix this.

Chinese mobile giant OPPO claims new 125W fast-charging spec will fully fuel your phone in 20 minutes

DrXym Silver badge

If only there were some way to replace worn battery

Phone manufacturers should put their top scientists on developing a solution. Some sort of hatch or cover on the back of the phone that would allow a worn battery to be replaced.

Rust code in Linux kernel looks more likely as language team lead promises support

DrXym Silver badge

Re: Is there a reason we need YAPL?

Er yes. If Bad Thing can happen in one language and not in another then yes it can be said to have been caused by that language.

C's main strength is that it lets the programmer do what they like and trusts they know what they're doing. But even the best programmers make mistakes and those mistakes translate into bugs, time, money, even injury / death. Did you know that the automotive industry defined a subset of C called MISRA C (and spawned a veritable cottage industry of compliance checking tools) to lessen the chance of something calamitous happening? Why not go one step further and use a language that is designed to be safe by design?

DrXym Silver badge

Re: Is there a reason we need YAPL?

Rust doesn't use raw pointers in safe mode, it uses references (borrows in Rust parlance) and it makes sure that you cannot hold a reference outside of the lifetime of the thing it points at. All this compiles to zero at runtime.

There are runtime checks for other things generally there is better practice ways of doing those things in Rust, e.g. using iterators and slices instead of non-const indexing on arrays.

You can use pointers in unsafe blocks but you'd have no reason to except at a boundary interface, e.g. C calling Rust or vice versa and your unsafe block would encapsulate the action and no higher.

DrXym Silver badge

Re: Rust and kernel

Redox OS (https://www.redox-os.org/) is an entire kernel & userland written in Rust demonstrating its entirely possible to use for this purpose.

DrXym Silver badge

Re: Let's look at a few Rust facts ...

The "other things" include an unwind mechanism that lets you get a nice stack trace. I mentioned you can turn that off to save memory - just abort instead of unwind. If you absolutely want small binaries you can do it. People are using Rust in embedded programming.

The point is that on a desktop, especially when developing code it is better to have useful diagnostics when things go wrong. And yeah maybe that overhead is wasted on a program that says hello. It's not wasted on a program that something meaningful. What you call bloat is actually a feature.

DrXym Silver badge

Re: Is there a reason we need YAPL?

C lets you declare a buffer and gives exactly zero shits if you write off the front or end of it because it was not designed to stop that. Likewise it doesn't care if you call a NULL, which in itself is a magic number with special meaning. Or if you feed some other garbage pointer into something.

Rust stops those same issues at compile time or with an orderly panic at runtime. Ergo yes it is a problem caused by the language because it does not happen in this other language.

DrXym Silver badge

Re: Let's look at a few Rust facts ...

By default Rust enables symbols and some other things to yield more useful runtime errors if code panics. i.e. if your hello world did a panic!() then you'd get a nice stack trace telling you the exact line it happened on.

If space was a premium then you can strip symbols, change the panic to simply abort, do link time optimization and even build a stripped down stdlib. There are articles on the web where people have built really tiny executables in Rust, e.g. a 10kb Windows app https://www.codeslow.com/2019/12/tiny-windows-executable-in-rust.html

But for the common use case space really isn't a big deal and it's better to have some useful debug messages if something goes wrong.

DrXym Silver badge

Re: Rust pushes developers away

If you like Ada that's fine but it seems like you're making up reasons to hate on Rust, some of which don't make any sense for the problem it is trying to solve (systems programming) or in the context of an article about kernel development.

DrXym Silver badge

Re: Is there a reason we need YAPL?

Go and look at the CVEs for the kernel and note how many are caused by the language - double frees, null pointers, buffer overflows etc. A good half of them could have been stopped by Rust providing the code is running in safe mode as much as possible.

So that's the reason. I think the biggest issue is not the language per se but that it's underpinned by LLVM and to parse C bindings requires Clang and a bindgen tool so potentially there are issues with GNU keyword extensions in headers and the workflow to work out.

Top Ubisoft execs eject after staff complain of 'toxic' workplace environment for women at Canadian studios

DrXym Silver badge

Re: Ubisoft Forward Conference goes Backwards

They all wanted the free game, not because they cared about the event itself.

An email banning our staff from using TikTok? Haha, funny story about that, we didn't mean it – Amazon

DrXym Silver badge

Re: Another non-event distracting us

Turn the question around and ask yourself why you're compromising your own security and privacy to watch cat vids and selfies.

And the security threat isn't just to the individual but in aggregate. Look at the way Cambridge Analytica stole data from Facebook (which itself hoovered it up from users) to send targeted ads to a small fraction of people in Leave.EU and Trump's presidential election, enough to swing a vote. Social media has been weaponised and it can undermine democracy.

It's not hard to envisage how Tiktok could also do this, especially if it was under state control. But in general you are better off not putting social media apps on your phone, or at least denying them permission to limit their damage.

.NET Core: Still a Microsoft platform thing despite more than five years open source

DrXym Silver badge

Re: What would be the point?

I doubt you'd see a Rust.NET because it serves little purpose to have strictly managed memory allocation on a garbage collected runtime. You can however call Rust from .NET or vice versa via interop. It's just a matter of bindings.

DrXym Silver badge

Unsurprising

The only cross-platform adoption I've seen of .NET is in the middle of Unity which uses a fork of Mono that calls mostly to a proprietary gaming framework.

For general purpose programming I honestly don't see .NET having any attraction because most real world software would be tainted by Windows in some way. And any software that is intended to be cross-platform from the beginning would have chosen a portable language / framework.

Oracle tempts users to run its cloud in their own data centres – for a mere '$6 million' commitment

DrXym Silver badge

Shades of a horror movie

The call is coming from inside the house.

Another anti-immigrant rant goes viral in America – and this time it's by a British, er, immigrant tech CEO

DrXym Silver badge

Re: "popular justice" is no justice at all

Go and look up what an actual lynching is. It's not this.

This was a public shaming. If you want to reach for a metaphorical comparison to a physical punishment then pillorying would be a better example.

DrXym Silver badge

Re: "popular justice" is no justice at all

Lynching isn't a word that you should really use in the context of this.

DrXym Silver badge

Re: He may have been taught, but Mr. F**ktard didn't learn a thing...

Well it's slightly better than a "sorry that you were offended" non-apology but it still feels like desperate damage limitation. I expect his personal life and his business are well and truly demolished by this.

DrXym Silver badge

Re: I would like to deeply apologize to the Chan family.

Gotta wonder if he goes off on angry outbursts like this all the time and we only know of this one because he was recorded doing it. It wouldn't surprise me if it turned out he has form for being a dick.

Trump's bright idea of kicking out foreign students unless unis resume in-person classes stuns tech, science world

DrXym Silver badge

"operating entirely online"

Seems like there is a loophole to exploit here - make them come in once a week to pick up a sheet of paper with an assignment on it. It's still kind of stupid to announce this in a middle of a pandemic.

E-scooter fanboy so hyped for Teesside to host UK's first trial

DrXym Silver badge

Re: At Pen-y-gors, re: they know who you are...

Yes you could do all that but you'd be the proud owner of something that was unmistakably stolen. These city bikes are so obviously city bikes that even if you resprayed the thing everyone would know. I doubt you'd last long before a cop or someone decided to have a closer look. And probably the parts are deliberately proprietary to prevent them being cannibalized.

Scooters are a different story. First off they can phone home so good luck with that. And even if you take out the gps & mainboard you need to replace it with something that works instead. And a charger. And the simple countermeasure to people doing that is to pour epoxy resin around all the internals - battery, mainboard, electronics, screws etc. so that the effort required to "hack" the thing becomes excessive.

DrXym Silver badge

Most free bike schemes require you to check the bike out of a station and into another. So they know who took it, how long its been gone and also who to fine if it disappears.

A docking station is vital to this sort of thing. US cities were littered with scooters because many private companies used systems that allowed them to be dumped anywhere when they were done with. Cities would impound them, people would steal them, business owners would dump them in the trash. They became a blight.

Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript

DrXym Silver badge

Banks shouldn't really use any CDN

Make everything internal, take the minor hit on page load times / traffic and remove one potential attack vector.

As for archive.org being the CDN - I expect some idiot release engineer or programmer just cut and pasted the url in without realising what they were doing.

Remember when we warned in February Apple will crack down on long-life HTTPS certs? It's happening: Chrome, Firefox ready to join in, too

DrXym Silver badge

Re: Shake down time

So your solution to certificates becoming a pain in the ass is to suffer more pain by moving provider in order to alleviate some of the other pain. But for something the website didn't need in the first place.

DrXym Silver badge

Re: Shake down time

If a 12 month cert is common practice in those that need it then why does it need to be enforced, even in aggregate? If the argument is that certain keylengths or hashes are weak, then deprecate those certs, don't impose blanket rule that even a strong cert needs to be replaced.

As for random gardening website (or the gazillion small websites) , they aren't going to be attacked by state actors using hash collisions. And perhaps some hosting providers do make it easy to renew keys. Many don't. And many that do charge money for it. Even free services like Let's Encrypt don't integrate with some providers and have a cost associated with setting them up. There is always a cost to this and it yields nothing to these sites.

Browser makers have it in their power to simplify this. They want sites to use encryption but they make the process more onerous.

DrXym Silver badge

Re: Is there any advantage left by using commercial certs?

It also doesn't work well at all with some providers like GoDaddy.

DrXym Silver badge

Shake down time

it doesn't even make sense. It should be the weakness / strength of the key length, cipher and hash that determines how long a key is acceptable for, not some arbitrary period of time.

A five year old cert generated with the same settings as a cert generated yesterday is no less secure in 99.9999% of use cases. Perhaps if I were a bank, NGO or government I might want to renew keys more frequently. But if I'm some guy maintaining a gardening website or small business then now I have 5x the work to keep my site secure for no benefit at all.

LibreOffice slips out another 7.0 beta: Spreadsheets close gap with Excel while macOS users treated to new icons

DrXym Silver badge

Changing the backend is one thing

One thing I notice on Windows in 6.4 is a serious rendering issues when resizing windows. For example, if I resize the window frame horizontally or vertically the repaint of the content lags badly behind. In the meantime it suffers nasty layout juddering and gaps with black / garbage and/or suffers clipping issues depending on the new size being larger or smaller.

So changing the background is great and may speed rendering a little but the perceived experience to the user matters too. A little spit and polish on the user experience and usability would a go a long way to making the suite more popular.

Belief in 5G conspiracy theories goes hand-in-hand with small explosions of rage, paranoia and violence, researchers claim

DrXym Silver badge

Re: So basically ...

Some religious people reconcile their faith with reality. Some like Georges Lemaître managed to be both a priest and scientist.

But yeah by definition religion is matter of faith, not evidence. And reality doesn't sit well with some of them AT ALL, e.g. creationists.

DrXym Silver badge

Re: And I'm not being conspiratorial when I think state actors are fomenting conspiracies around 5G

No doubt they are. Bots and trolls didn't create these divisions but they certainly like to exploit and amplify them.

DrXym Silver badge

Re: So basically ...

Holocaust deniers, antivaxxers, creationists, moon landing hoaxers, 9/11 truthers are all birds of a feather in that regard. They start with they conclusion they want to be true and systematically disregard or ignore evidence that leads to another conclusion.

And since they have no facts on their side they employ the same tools to attack the established explanation - pseudo science / history, cherry picking / misinterpreting of data, quote mining, nitpicking inconsistencies, choosing the less credible evidence over the more credible etc. And if you engage in conversation and debunk their nonsense they'll play a game of whack-a-mole. Anything they can do to attack the established explanation and hope in the confusion it their crazy, evidence-lite explanation becomes true.

DrXym Silver badge

Re: explosions of rage, paranoia and violence

It's that subtle blend of paranoia, stupidity, distrust of authority / experts, Dunning Kruger, alcohol, the wrong medications and a dollop of crazy that goes into making a good conspiracy kook.

DrXym Silver badge

Seems plausible

Paranoia, stupidity and underlying mental issues are usually obvious in these conspiracy loons. It wouldn't surprise me if they suffer bouts of frustration and anger because their capacity to reason or understand people who can is so broken in the first place.

What's the Arm? First Apple laptop to ditch Intel will be 13.3" MacBook Pro, proclaims reliable soothsayer

DrXym Silver badge

Re: It's different this time

Windows runs on ARM and it's basically a chocolate teapot. The x86 emulation is garbage (performs worse than the worst celeron) and there is a dearth of native software. It is the quality of x86 on ARM that should set your expectations this time too.

DrXym Silver badge

Re: It's different this time

That's you. Plenty of people use it.

DrXym Silver badge

It's different this time

I still remember the road bumps caused when Apple went from 680x0 to PowerPC and later to Intel x86. And also from MacOS 9 to OS X. I used to have a lovely Power Mac G4 at the time which migrated through one of these transition periods. But at least in those earlier cases, the new architecture was sufficiently powerful that the emulation worked pretty well and smoothed the transition.

I don't see that being true in this case at all. We already know from Windows on Arm that x86 emulation is abysmally slow and that assumes Apple even provide emulation. And either way Macbook owners can kiss goodbye to Boot Camp and the ability to run Windows 10. I can't see much if any benefit in this to end users at all really. It might save Apple some money but that's small consolation to Macbook users who suffer detrimentally from it.

A memo from the distant future... June 2022: The boss decides working from home isn't the new normal after all

DrXym Silver badge

"Working from home is a privilege not a right"

Most companies say this and it is one of the first things they rescind when they want to make life shit for their workforce.

IBM and Yahoo both did it and for the same reasons - to make working there suck so badly that people quit which is much cheaper than making them redundant. Of course the flipside is that only the upwardly mobile people quit and all the deadwood and oldtimers cling on tenaciously so the whole operation goes down the tubes.

Sure is wild that Apple, Google app store monopolies are way worse than what Windows got up to, sniffs Microsoft prez

DrXym Silver badge

Re: No I am not salty about Windows for Phones dying, why are you asking?

And it's not even a very good walled garden either.

Full stack, C++, and backend developers in demand in this week's job openings

DrXym Silver badge

"Open-minded C++ software developers"

Sounds a bit kinky.

It looks like you want to browse the internet with Chrome. Would you like help? Maybe try Edge? Please?

DrXym Silver badge

Why would I want to use Edge?

These days it's just a knockoff of Chrome / Chromium right down to it's icon. The UI is so like Chrome that you have to compare them side by side to see the superficial differences - practically a skin.

I'm not saying I used the old Edge for a whole lot either, but at least it stood on its own two feet.

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020