* Posts by hayzoos

281 posts • joined 2 Jul 2014


Paper batteries on the cards to power IoT and smart labels


Re: Third ink?

The part I am trying to understand lies in the description. "across both other inks" That sounds like it is bridging and connecting both the anode and cathode within the battery. This is not normally part of a basic battery cell design. Conductivity vs. resistivity depends upon the levels of carbon black and graphite flakes in the ink.

If the function of the third ink is only as a conductor to the leads without bridging and connecting the cathode and anode, then maybe a different description would be better. "A third conducting ink printed over each of the other inks to the wire leads. A possibility the original wording prevented me from considering.

Yes, wires have resistance, simply lower than insulators. Only superconductors can achieve such low resistance to be considered or even be none. Air is generally a good insulator under typical conditions, high enough voltage and/or high enough conductive contamination to cause ionisation flips the behaviour to conducting.


Third ink?

I am wondering about the third ink - graphite flakes and carbon black - printed across both other inks and to the leads. I surmise this must be functioning as a resistor. Is it for limiting current or impedance matching or both or ... ?

The first thing I thought from the initial statements was anode on one surface and cathode on the other, saturate with electrolyte and voila battery!

I imagine capacity per cell could be increased by larger areas of ink to a limit.

I agree with others. This has application in the disposables which are currently powered (pun intended) by the lowest cost most available, compact battery today, the button cell. In that realm, is certainly could be more environmentally friendly than button cells.

Homes in London under threat as datacenters pull in all the power


Re: We all know why

Similarly situated, even the relative proximity to capital city international airports. Municipal boundaries are of little consequence to the power supply, the data centres, the snoops' HQs, etc. Areas like these are regions named for their influential city. Plenty of examples worldwide even scaled down to populated areas less than 10,000 people.

On significant difference, the largest US financial centre in NYC is too far to share data centres with the DC region.

Black Helicopters

We all know why

Just a coincidence or both London and Washington DC having massive datacenter power consumption issues. We may soon be hearing about other capital cities having similar issues. Realtime data analysis for the snoops to report to their bosses is the reason for the locations at the capital cities. There is also the odd fetish of certain corporations having their HQs or secondary HQs in the capital which may also not be coincidental.

Now, how to solve the issue of going 100% electric vehicles in short time frames? I have heard of DC outskirt commutes where from the highway you can see your destination and probably walk there in 10 minutes, but still have at least half an hour of car travel, probably an exaggeration. So for the electric vehicle not so much a range issue, but an endurance issue for occupant comfort. And, will there be enough electricity available to charge at the destination? Remember, us 'mericans just don't do mass transit, must have our own means of vehicular freedom.

Systemd supremo Lennart Poettering leaves Red Hat for Microsoft


Slackware not immune

Even though Slackware is a systemd free Linux distribution, it has to deal with dependency expectations in userland. The problem worsens as you try to add applications with systemd dependencies. And as pointed out elsewhere in these comments, the so called dependency is nothing more than a check for the presence of systemd.

The perfect crime – undone by the perfect email backups


Assisted in a TLA investigation once.

The machines were setup in the company's *********. There were a ******* of investigators from the ***** *****. I was there to ******* systems after ***** was ********. During the process ******* of the investigators ****** with *******. I "overheard" the ****** with ***** and suggested ****** to be able to ***** the *****. So to make a ***** story *****, I saved the *** by giving the investigators the **** they ******* to ********* the *********. These guys though just **** did not **** the way ***** blokes do. All I got for ******* their ***** was a *** on the ***** and a *****. I would tell more but the **** of **** prevents me from **** that *****.


Re: Email backups

My first job out of college involved a similar discourse, but at a smaller scale.

I do not remember the specifics of the conversation now, but it involved the president/CEO, Senior VP/CFO, Controller, and VP of engineering, oh and my boss the director of IT. Whatever the specific question was, I replied I can access any and all information on the the network, it's my job to protect it. My boss confirmed and calmed the Cs concerns. After the meeting at a local watering hole, one of the Cs said something like "I can't believe we did not realise your level of access." to which I responded, I thought background checks were part of my hiring. Laughs all around, tab was covered by the CEO, I was invited to many more after hour meetings at the watering hole.

Info on 1.5m people stolen from US bank in cyberattack


Re: Identity theft protection services

I would not at all be surprised if data slurpers old or new already have my inside leg measurement.


Identity theft protection services

In my personal experience, it is not worth what it is claimed to be. I have sfused to sign igned up whenever it is offered as an insurance, provided they are not asking for too much information. If I detect identity theft, I can execute a claim.

I have refused to sign up at a number of them. Reasons? http rather than https form, asking for far more information than needed to monitor for the data purloined, general sense of poor implementation, etc. Ones I have signed up with? ones that make additional monitored info optional, https obviously required minimally, one implemented real non-SMS 2-factor options.

I am a "victim" of the 2014-2015 OPM data breach(es). The true answers to most of the "secret" questions as secondary authentication are part of that data breach. I do not provide real answers for secondary authentication. And no two sites have the same answers from me for the same question. I have provided myself with more security than the "protection services" offered for this breach and all others. On the off chance they detect fraud I will benefit though at no cost to me.

I absolutely refuse to provide more info to these monitoring services than what is required or was in the original breach. These service are the next prime target for data thiefs.

rating: one star out of five

Cloudflare explains how it managed to break the internet


CDNs are evil!

Okay, got your attention. But, The Internet core design philosophy is completely subverted by global oligopolistic CDNs. Because of CDNs, your use of the internet is insulated from the real Internet. The servers people intended to contact were not down, yet they were down. The Internet design was to be able to route around "failures". I submit that CDNs as implemented are breaking The Internet.

Unbelievably clever: Redbean 2 – a single-file web server that runs on six OSes



In today's common OS/userland design, this is impressive. So many libraries, so many dependencies. I have not looked into the Ubuntu issue mentioned, but if I were a betting man, I would bet on new systemd features.

There are still programs though which eschew the library approach to solve a single required function out of dozens or hundreds provided by the library. These are good candidates for this approach.

I disagree with the notion that this is not computer science, but hacking (in the traditional beneficial sense if hacking). In my studies of computer science, this is exactly what computer science can be leveraged for. I believe computer science practised at this level is hacking and vice versa. Not every computer scientist can do something such as this, likewise for the hackers. I suggest the title of Computer Science Boffin be bestowed upon Justine Tunney.

If Twitter forgets your timeline preference, and you're using Safari, this is why


Safari behaviour is not new

I do not block cookies, any cookies. They do not survive past the browsing session though. I strive for no web browsing persistence. I have been using this anti-tracking approach since I first detected the practice of web tracking. I do block third-party code by default, that is dangerous, remote code execution has it's own category of exploits. So I do not feel comfortable allowing my computer to execute code from an entity I do not trust (ad flingers for example) chosen by an entity I barely trust (anybody outside my circle of real friends and close family).

Google has weaselled their way into my paystream. My employer uses an outsourced payroll company, paperless and direct deposit required as is the new standard. Said payroll company is using Google's captcha service. Many other service providers I am forced to use are doing the same. It is fast becoming the only way to avoid Google is to go off-grid.

Thunderbird is coming to Android – in K-9 Mail form


I don't like it

I have accepted the fancied up k9 grudgingly. I just want email, text only. I do not want calendars, swipe to do whatever, gestures, etc. This is the reason why I use claws for the computer. I tried using Thunderbird for a while. Things change dramatically out of nowhere. I prefer the ISO style of date/time format, TB broke that by adopting CLDR and not having a custom format option available for *nix. It got "fixed" after a year or so. The reason *nix did not get custom? No API for custom format. Hmm, *nix locale system uses the oldest and most stable style of API like all POSIX systems do. The users' custom format preference can be queried from the command line or programatically using nearly the same syntax. I guess if it does not use object oriented calls and maybe binary blobs, it is not an API. No problem, I'm sure systemd will provide the service shortly.

Time to start looking for a more basic android email client.

Smart homes are hackable homes if not equipped with updated, supported tech


Re: "The problem with IoT devices is that consumers tend to treat them as appliances."

I was in the same circumstance. I accepted it, then returned it with a gift receipt.

I could not, in good conscience re-gift such a hell-spawn device upon the devil himself.

New York City rips out last city-owned public payphones


Re: Redundancy?

I used to work for a private payphone company. I performed installs, repairs, programming, etc. Up to a certain point only the telcos provided payphones and they used in-band signaling to systems at the switching offices. Those were the ones that could be phreaked.

I installed "smartphones", meaning they had a CPU, memory, coin sensors, and such; thus had no need for in-band signaling and could not be phreaked. The telcos converted a lot their legacy "dumb" phones to "smart". The legacy phones could operate without electrical grid power as it was provided from the switching office as most landlines. Smart phones required more power than could be supplied from the switching office so required a wall-wart transformer to power the computer and was inoperative during a power outage.

I have been to the area of Ohio where the "pole-went-down". The problem for that 2003 outage was not a pole, but a combination of things with poor right-of-way tree pruning maintenance being the straw that broke the camel's back. Corporate cost cutting was the reason for the poor maintenance. I saw the overgrowth firsthand.

Ad-tech firms grab email addresses from forms before they're even submitted


I wonder how many forms visited by Little Bobby Tables have caused havoc. Maybe he should visit more sites and try out their forms.

Appeals court unleashes Texas's anti-Big-Tech content-no-moderation law


Re: Brilliant!

Ah, yes, brilliant! But, if what is posted is true, then it is not legally defamation.

Remember, not all fame is good. I'm thinking of Charles Manson or Jeffery Dahmer for example.

Why am I tempted to throw Donald Trump, Greg Abbott, and/or Ron DeSantis into that list?


Re: Not an easy area of law

Similar is happening with common carriers from the other side of the situation. Scam/SPAM calls got to such a pain point (they became known as robocalls) that customers demanded that something (effective) be done.

Sure they offered number block, but that don't work. Only the carriers are in the position to block calls of suspect origin, but they are loath to do so both for cost (minimal) and for loss of revenue in the form of fees generated by those calls.

After historic win, Amazon workers at another NYC warehouse reject unionization


Re: America Land Of Fantasy

"meet the new boss, same as the old boss"

-The Who

US judge dismisses Republican efforts to block release of Salesforce emails


Re: There is a lesson here...

Don't forget though, that in the "Good Ol' US of A" that businesses are people too!

US appeals court ruling could 'eliminate internet privacy'


TOS are part of the contract

Terms of Service are part of the agreement between the service provider and the user, a contract.

In the US you cannot sign away constitutional rights in a contract, at least that was the established view of law.

The ruling is counter to a number of previously established legal tenets.

I do agree with the analogy given by DS999 concerning photographing or copying physical documents. It is still seizure in regards to obtaining evidence even if the suspect (not yet proven a criminal) is not deprived of the documents.

The rules for the government laid out in the constitution are there to keep the government from going against the very people granting the power to the government. The constitution starts "We the people" for a reason, not just a catchy phrase.

Fedora starts to simplify Linux graphics handling


Re: Yikes.....I haven't heard ANY useful answers to this question...please help!

I am changing from Mint to Slackware myself. When I finally abandoned Windows and went Linux full time, I found Mint and then realized systemd which explained a lot of "I don't remember this".

I am being more careful this change. Even Slackware is not immune to these types of changes, just not as great of an extent. I find is has elogind and eudev which are not systemd but... And it defaulted to KDE which was OK when I last seriously considered Linux, but it seems to have grown to to nearly a complete userland all it's own. I'm not totally against that per se, but it is part of the problem with a certain replacement init system that now handles so much more. At least with KDE the extra functionality is optional for now.

At this point I am considering a more basic Linux distro or maybe a BSD.

Dropbox unplugged its own datacenter – and things went better than expected


The only way to do it

At an earlier job supporting maintenance at healthcare facilities, I saw the same first hand for the power at one of the facilities we managed. The maintenance manager was considered a renegade. He tested his facility power backup systems by shutting off the mains, regularly once a month at a random time and day.

He had one of the best maintained facilities of all the ones we managed. Some said he was nuts, risking operations and ICUs with life support needs. He said does it matter if the power loss is "an act of god" or of my doing? He also said, "I do my best to make sure the systems will perform as planned." There was an issue once during one of his tests, he was able to revert back to the mains when things went south.

I had done similar in an earlier programming job on an Apple II system. It was so resilient, that you could pull the plug in the middle of data entry data loss was limited to the field being entered. Pulling the plug during acceptance testing was how I answered the question of how does it respond to a power loss.

ZX Spectrum, the 8-bit home computer that turned Europe onto PCs, is 40


Re: ... sinclair taught me how to touch type...

"holy feck, I'm nearly 50, where the hell did the time go???"

I remember that like it was yesterday.

Twitter faces existential threat from world's richest techbro


Re: re: Have the courage to comment without a whimpering apology at the beginning.

So instead of "I'm sorry but," it would be better to start with "Spoiler alert snowflake, this is gonna hurt your feelings."

Attackers exploit Spring4Shell flaw to let loose the Mirai botnet


"They also can downgrade to a lower JDK version such as version 8, though doing so "could impact application features and open doors to other attacks mitigated in higher versions of JDK," the researchers wrote."

The botnet tools like Mirai are not single function, they are toolsets. The nature of IOT is ship and forget. I would be highly surprised that they do not carry exploits for multiple versions since not doing so would leave a lot of older targets unused. So, um, no, downgrading to avoid the exploit du jour is not going to help in the larger scheme.

Block claims ex-employee downloaded customer data after leaving firm


Re: Not the first time, won't be the last time.

I was contacted by a former employer to do some admin work remotely. The person they hired was having some difficulty. After getting the CYA documentation covered, I said I would need access established. The reply was your account is still active. Two years plus after I left, after I advised my accounts should be disabled or even removed. I performed the agreed upon work. I noticed some other which should be done but I said nothing, was not part of the deal. I locked my account on my way out. I had left on decent terms, but after being denied a raise I felt I was worth. They hired a replacement and a part-timer, I would guess that cost more than my denied raise.

Rivals aren't convinced by Microsoft's one-click default browser change


It's too hard!!!

Wow, just wow. The producers of modern web browsers (nearly as, neigh, as complex as an OS) cannot programatically change all settings associated with default browser?

I am not in any way defending Microsoft for making the process as complex as possible.

Something is odd that Google is not prominent or even present in the list of complainants. Maybe not.


Re: But you have a choice

I do believe you have your sarcasm detection sensitivity turned down a little too far.


Re: At Zippy...

Oh $DIETY, No! There will be four times as many of them! And stretched larger to boot.

Google makes outdated apps less accessible on Play Store


Follow the money

Google is further developing its ad revenue stream through user data acquisition. Its new updates and APIs are designed with that in mind. Only way to ensure adoption is by force of killing off apps using old APIs.

Happy birthday Windows 3.1, aka 'the one that Visual Basic kept crashing on'


Re: 30 years...

And systemd brings the beast to Linux, along with binary logs.


Re: how novel

I worked that helldesk scenario. The "network support guys" would test and reply back i"t answers ping so it's not a network issue."

Fintech platform flaw could have allowed bank transfers, exposed data


Re: Defensive programming

I learned this early on. I even implemented a system where each keystroke was evaluated in some data entry areas with user feedback as to rejection and why not accepted. The complete entry was also evaluated. SQL injection would not pass.

Each data point needs evaluation. This requires "thinking outside the box" and "thinking inside the box", basically just thinking.


Industry Standard Incompetence

Since the article stated US based company and US banking customers, I do not think BlackRock Aladdin is uniquely qualified to be the culprit, unfortunately. The whole fintech sector is trying to operate out of sight and out of mind to the masses and they are largely succeeding. Security by obscurity is the modus operandi along with security theater for those parts which must be presented for marketing purposes.

Second or multi-factor authentication if offered let alone enforced is primarily SMS transmitted codes. Anything more is a rare beast indeed. Keep in mind SMS codes should be considered 1.5 factor authentication and even that is being generous. -Industry Standard Incompetence.

Outsource as much as possible, fintech, firewalling, billpay features, pay peers features, everything except profits is the goal. We all know SLAs will save the day so nothing bad will happen from outsourcing. -Industry Standard Incompetence.

Outsourced firewalling results in blocking access from VPN's both commercially available and "roll-your-own". Scenario: You are only able access the internet from untrusted networks while on travel. In order to bank online the VPN is your friend, but such access is blocked for "security". -Industry Standard Incompetence. Actually, this extends to many industries thanks to CDNs getting into security services.

Outsourced billpay, and pay peers features opens the attack surface for customer information. SLAs for security make sure it stays safe though, yeah right. -Industry Standard Incompetence.

Unfortunately, most fintech industry companies could fit the profile. Unfortunately, a large portion of US banks enable this by the outsourcing trend.

Amazon warehouse workers in New York unionize in historic win against web giant


Re: Not an unequivocal union fan - but I applaud this

I get it. We must pay more so the workers' pay is improved from slightly better than slave wages. Because shareholders and upper management cannot afford any reduction in compensation. Reduction of ludicrous profits is just not an option.

Court erred in Neo4j source license ruling, says Software Freedom Conservancy


Goes beyond open source

I will admit TLDR for licences in question. I will make an assumption, the two original licences were not self-conflicting. Licences are a form of contract. Courts abhor conflicting contracts. In attempts to have a contract remain in effect when a court finds a conflict, they usually include a severance clause which basically allows an "illegal" part of a contract to be removed, but the remainder of the contract stands. Without a severance clause, the court will throw out the entire contract.

What we have here is a self-conflicting licence which the court seems to be ignoring the conflict.

This could set precedent on software licences and how to handle self-conflicts as a subset of contract law. It would apply to open|closed source licenses if they are self-conflicting.

Just keep in mind that "AGPL v3+Common Clause" is a different beast than either "AGPL v3" or "Common Clause", in spite of how similar they may seem.


Re: Mangle a license, get confusion

Lying under oath to the feds can result in some nasty consequences, just ask Martha Stewart.


Re: Mangle a license, get confusion

It all depends on the limits one wishes to place in the licence. Some view some open source licences as limiting to an extreme if all one wants is to maximize profit.

Not all open source licences negate profit. Not all licences that negate profit are open source.

Before there was a proper definition of open source, I took the most literal approach and considered any software which was distributed with it's source as open source. I did not automatically assume I could then use the source in any way I wished.

As demonstrated in this case and others, the label of open source has value. That indicates to me that the overseers of "open source" should use more than just copyright from the legal arsenal of intellectual property to protect the use of the valuable term "open source". Trademark may fit the bill.

US DoJ reveals Russian supply chain attack targeting energy sector


Re: See "Cure IT"

Good idea, but not as simple as it once was. These critical systems have been "plugged in" to the Internet for so long now that the supporting infrastructure has become reliant upon a remote connection.

Where there may have once been a local control room in an industrial building where a local operator could monitor the plant, there is now a wiring closet where all the terminations are extended to remote connections. The space where the control room had been converted to production.

I'm not even sure if the connections are cut if the systems would fail safe. The practice of hiring the bright young newly minted (cheaper) developers and pushing seasoned programmers out to pasture before their time (cost cutting) has resulted in sub par systems for critical infrastructure.

My experience (many years ago) with systems like these was more often with access control and security alarms but a smattering of ICS and SCADA. None of what I saw could be safely connected beyond the local space under control (ie not even connected to the company data network) let alone connected outside the company space.

Getting back to where we were or should have been is not going to be a simple task. We should start right away ten years ago at least.

The longer we allow it to go on the worse it will get. Might as well provide a remote connection straight to our adversaries.

Ragnar ransomware gang hit 52 critical US orgs, says FBI


Install the Klingon keyboard layout, nobody with any sense messes with the Klingons.

Idea of downloading memories far-fetched say experts after Musk claim resurfaces in latest Neuralink development


battery and such

Wireless charging, hmm, good idea. Is the battery replaceable? Oh, wait, can the battery overheat, bulge, catch fire, explode? One can only hope that a proven medical device battery technology be considered rather than being cool with the latest tech all around. Will the device be crackable/hackable?


Re: Brainwaves

A good start. Reality of programming has a few more factors to throw in. How many programming languages are used in the lifetime of the billion year spaghetti code project? How many libraries are referenced? How many programming methods evolve? Over a billion years many more factors may arise that we have not yet experienced in the programming history we know so far.

And the answer is 42.

Court papers indicate text messages from HMRC's 60886 number could snoop on Brit taxpayers' locations


OK, Now the worldwide chip shortage makes sense. And here I thought it had something to do with factories shutting down.

Farm machinery giant John Deere plows into two right-to-repair lawsuits


Bait and switch

John Deere of old earned a reputation of making good farm equipment. The reason why people bought the new DRM'ed equipment is because they had no idea. They were buying on the reputation. It was not until something broke down that they became aware that John Deere had changed. By then it was too late to vote with their wallet. Although, you can be sure next time they will shop around for a better deal.

Google and Facebook's top execs allegedly approved dividing ad market among themselves


Google has been getting worse lately. I use uMatrix as part of my tracking blocking strategy. I see even here googletagmanager.com, google-analytics.com and doubleclick.net are part of the comments page. Captchas have been getting more pervasive and most provided by google. I am really trying to wean from google but they are finding ways to be everywhere. Some sites are unusable unless I allow some or all of google interaction. I would like to just say no, but I need to use many of these sites.

Software guy smashes through the Somebody Else's Problem field to save the day


Re: What Derek needed to do...

Early in my career I heard it as "sometimes you're the shit, sometimes you're the fan" .

Google says open source software should be more secure


Let's say I authored a piece of software that meets my needs. I thought others may benefit so released it under an open source license. Over the years bugs were fixed as I or others found them at the pace I could manage as a hobby at my discretion. Over a decade or so this software became ubiquitous, in use by other individuals, small companies, large companies, giant companies, and multinational conglomerates. Some may just be using the software minimally, others daily but for their own use, and others incorporate it into products or services they sell for a profit.

I should expect to see bug reports, feature requests, bug fixes, feature code, etc. Still not making any profit from the venture, I am still the hobbyist programmer. Sure I may see donations here and there to cover the cost of hosting distribution and maybe some additional costs all tied to the existence of the software. Then a "sky is falling" type of "security" bug is found when the software is used on or connected to the Internet. Now, I see fame as the author of the bug. I see demands from all, those using the software and not, those donating and not, those contributing and not, those helping and not; to fix this insidious bug I created. Why do I feel the loudest demands would be from the "nots"?

Let's say I am not using and never designed the software to be used on on or connected to the Internet. I look at the bug and state, "Do NOT use it on or connect it to the Internet" as my fix. Am I obligated to do any more? In looking over the users of the software some would appear to have more of an obligation to fix it than I. Depending on the original license chosen, a fork could be made and fix implemented possibly allowing the fork to become closed source or remain open source as a new project.

What obligation does one have as an author of an open source program? What obligation does one have as a user of open source software? Does it depend on means? Does it depend on use? Does it depend on anything?

You better have patched those Log4j holes or we'll see what a judge has to say – FTC


"In fact, it is flat out illegal under American law for a corporation to not seek profits."

Please identify the law requiring the seeking of profits. I was unaware of this situation.

Too busy feasting on meatballs, Windows struggles to update itself in IKEA


Re: "At least a candle doesn't need a software patch every few weeks."

Hmm, scented candles. Remote ignition of a scented candle. Is the remote sensing of the aroma and included feature or is it an add-on option?



Biting the hand that feeds IT © 1998–2022