* Posts by jonha

75 publicly visible posts • joined 22 Jul 2014


For password protection, dump LastPass for open source Bitwarden


AFAIK Bitwarden stores all passwords in an encrypted binary blob which gets sent to the local device and is decrypted there, ie your master password (which can be as strong as you want/can remember) never leaves your device. And same for encrypting.

Having said that, I use BW for websites that are uncritical (like El Reg) but not for banking and the like... these things sit in a local KeePass database with a strong password and a keyfile.

Mega's unbreakable encryption proves to be anything but


Re: No tinfoil need

+1 re you words about Kim Schmitz.

But -1 for "the BEST way to keep stuff in remote storage private is to encrypt it yourself".

This is not the best way, it's the ONLY way. I have accounts w/ Google and pCloud and absolutely nothing leaves my LAN going to their servers that hasn't been locally encrypted... check out rclone if you haven't done so already.

Plus some things (ie my KeePass databases) are additionally stored in a secure 7z archive before being uploaded.

Fans of original gangster editors, look away now: It's Tilde, a text editor that doesn't work like it's 1976


Re: terminal: dte; GUI: Cudatext

Wow... I've just looked into this beauty... a Tilde install needs ~6MB on my Debian. When I said that dte is smallish I was exaggerating. It's MICROSCOPIC: a self-contained 350KB file.


Re: One to rule them all

Have an upvote. I am amazed at the no of downvotes... what you say makes perfect sense. IMO :-)


terminal: dte; GUI: Cudatext

For the terminal I swear by a smallish editor called dte (by Craig Barnes). Small, and just powerful enough for the (rare) terminal edits I do. It also runs fine over SSH.

For real programmer's stuff there's nothing that beats CudaText, a sort of extended clone of Sublime Text. Multi-platform, fast, powerful, you name it.

Nobody cares about DAB radio – so let's force it onto smart speakers, suggests UK govt review


With tongue firmly in cheek?

Oh dear... it seems the British sense of humour isn't what it used to be.


Re: UKGov Nonsense as usual

Perhaps I am the only person in Britain for whom DAB is significantly better than FM, who knows?

I am a (well-matured) IT chap and privately I don't adopt new tech stuff very easily, mostly because the promised super features aka hype rarely materialise on the ground. So when I bought a cheapie DAB some years ago I was fully expecting to buy landfill. But no, it has been an enormous success in our home... so much so that we have now three of those things and no FM.

So, with tongue firmly in cheek:



UK gains 'adequacy' status on data sharing with EU, but making that stick all depends on how much post-Brexit law diverges


And another keyboard... gone

> its [UK's] ambition to be a global tech juggernaut

Note to self: must really stop reading El Reg while having a cuppa.

Microsoft's Edge browser for Linux hits the Beta Channel ... if you're into that kind of thing


Who needs Edge when there's Vivaldi?

If I have to use a Chromium spawn (some websites, mostly WebRTC stuff, don't run in my (t)rusty Pale Moon) then there's Vivaldi... best Chromium browser by a mile. Or two.

But YMMV as I am an old geezer.

Gummy bears as a unit of measure? The Reg Standards Soviet will not stand for this sort of silliness


the sheer deliciousness of gummy bears, Haribo or otherwise


Oh the H E R E S Y!

(Bah... worse than heresy. The Missus has seen this and has told me that El Reg is from now on FORBIDDEN!)

We can't avoid it any longer. Here's a story about the NFT mania... aka someone bought a JPEG for $69m in Ether


Blockchain 0, Mona Lisa 1?

Would I buy an NFT and a JPG for $XYZ million? No.

Would I buy a 400 yr old piece of canvas with some coloured brushstrokes for $XYZ million? No.

Honestly, I can't see any great difference between the two "items"... a thing is worth what somebody is prepared to pay for it.

LastPass to limit fans of free password manager to one device type only – computer or mobile – from next month



I run KeePass on Android, Linux and Windows. Add a cloud service or, if available, your web space, and a little sprinkling of discipline (yeah, so old-fashioned) in updating this... works superbly and has given me 100% peace of mind for years now.

Fujitsu scrapping fuel card benefit to cut costs, threatens dissenters with fire and rehire


Threatens with fire and rehire

Bad, v bad... but probably better than fire and brimstone

Boffins from China push quantum computing envelope for 'supremacy' in emerging photon field


The first transistor...

was not Turing complete, it was a great mess. But it worked... and look what happened in the following decades.

AWS hires Rust compiler team co-lead Felix Klock


Re: Nice move

> I believe that as a society we benefit much more from having computer languages that almost everyone is able to master

I strongly disagree. Programming IS hard if it is to be done well and if you give people the illusion they have mastered "programming" (probably with a "Learn XYZ in 24 hours" book) you'll end up with exactly the sort of bloated, buggy crap that today is called software. I've been a programmer since the 6502 came around end of the 70s and I hang my head in shame about the state of play in software.

This is the same trap as re-training all and sundry as cyber security experts. You'll see where that will land us.


Re: Nice move

Rust IS harder to master than some other languages but in my experience this has never been a problem. Learning new concepts, if they're sound and lead to safer and/or more efficient software, is never wasted time. IMHO.

As to last drops of performance I wholeheartedly agree. "Premature optimization is the root of all evil." If anything, this Donald Knuth quote should be hanging above every programmer's desk.

And garbage collection? I agree as well. Todays's GCs have become "good enough" for almost everything not requiring real time performance. And very few processes need real "real time".


Re: Amazon got lucky that Mozilla gave up

> every language from there (...) has lacked taste

Never drink hot tea while sitting in front of a computer screen.

And whether the words "elegant" and "Ada" and "Python" should go into one sentence is surely debatable.

Also, Pascal, in its day, was quite a success... it certainly didn't sink almost w/o trace.

Marketers for an Open Web ask UK competition watchdog to block launch of Google's anti-tracking Privacy Sandbox


If Google in 2020 (or 2021) releases or implements something with "Privacy" in the name, even the most non-cynical person in the world will have a cynical thought or three flashing through their mind.

UK's National Audit Office warns full-fibre rollout strategy is leaving rural Britain behind. Again


Royle says...

Rural... my arse.

And I have to agree with him... I am living in 100k+ town and it took until two years ago to get FTTC.

Even 2020 cannot bring forth the Year of Linux on the Desktop


I disagree with Barnes. MS has done it before when they had two OS lines in parallel, the old Win16/32 world of a GUI on top of DOS and the new world of NT. These parallel worlds (including different driver models) went on for quite some years (95, 98, ME vs NT3/4, 2K) until finally Windows XP (NT-based) was deemed "backwards compatible enough" to end this double effort. There were still fears about compatibility problems but it went pretty well in the end.

Maintaining a web browser costs a lot of money... so MS finally bowed and accepted Chromium as the base for their browser.

Maintaining a kernel also costs a lot of money so...

Given time, they can do the same thing over again. Not in 2022, probably not in 2025, but by 2030 Windows will be Linux-based.

Massive news, literally: Three super-boffins awarded Nobel Prize in physics for their black-hole breakthroughs


I stand corrected. I always thought my wife is the strangest object in the universe.

Amazon's not saying its warehouse staff are dumb... but it feels they need artificial intelligence to understand what 'six feet' means


A vid for Matt?

Perhaps they should also show this vid before our MPs enter the chamber...


In Hancock's half-hour, Dido Harding offers hollow laughs: Cake distracts test-and-trace boss at UK COVID-19 briefing


Re: "......worst death toll in Europe"

> future brexit strategy

You owe me a new keyboard.

As to the rest of your comment... my father when I was a schoolboy used to say <stern voice> "YOU DON'T COMPARE WITH THE WORST... YOU COMPARE WITH THE BEST" whenever I told him my grades weren't that bad. Back then I thought he was just an old git but I've since seen the light.

Travel-sick Windows needing a Systemwiederherstellung would be in Germany, right? Austria? Not necessarily


You ain't seen nothing yet...

How about "Rindfleischetikettierungsüberwachungsaufgabenübertragungsgesetz" to befuddle us? Yep, that's an actual German word in (rare, I hope and assume) use.

OK Windows 10, we get it: You really do not want us to install this unsigned application. But 7 steps borders on ridiculous


I am now Zen

I have WRT Windows 10 reached the same state as WRT Brexit: I am totally Zen. In both cases, after a lot of initial hand-wringing and a number of anguished nights, I have accepted the inevitable and simply tried to mitigate things as best as I could. In the case of Windows 10 that meant a switch to Linux... so now I can lean back and enjoy the show. As to Brexit... my OH is French and as things have turned out, we'll be fine whatever the shambles factory in No 10 decide to throw at us.

Guess who came thiiis close to signing off a €102k annual budget? Austria. Someone omitted 'figures in millions'


Mixing up units?

I'd think that scientists and engineers in both countries use(d) SI notation as that has been the default long before I even started to study chemistry (and that was about 2500 years ago, I think).

Rather, my suspicion is that there was perhaps too much wine (on the French side) or beer (on the German side) sloshing around. Or both, of course.


the key words "figures in billions"

I assume the actual wording never mentioned "billions" as our billions are their "Milliarden" and their "Billionen" are our trillions. :-)

Not going Huawei just yet: UK ministers reportedly rethinking pledge to kick Chinese firm out of telco networks by 2023



You just couldn't make this stuff up. Is this government or entertainment? :-/

Airline-chasing lawyers leap on Easyjet for £18bn after 9m folks' data, itineraries nicked


I do hate lawyers...

... but I even more hate people who, despite taking security so utterly seriously, fall so easily for "highly sophisticated hackers".

So AFAIC the lawyers should go for it.

And if EasyJet goes under, so be it. These guys have to learn the hard way, it seems.

Linus Torvalds drops Intel and adopts 32-core AMD Ryzen Threadripper on personal PC


Re: Minimum spec?

>it disincentivises them from writing efficient code

Writing efficient code is a mindset and has got nothing to do with CPU power. Writing inefficient code might well be company policy (as it's presumably churned out faster than efficient code) but that's a different kettle of fish.

Could it be? Really? The Year of Linux on the Desktop is almost here, and it's... Windows-shaped?


It's long been a pet theory of mine that Windows 2030 will be a Desktop Environment/Window Manager based on a Linux kernel. They will do with Linux (the kernel) what they did with Chromium.

There's a black hole lurking within 1,000 light years of Earth – and you can see stars circling it with the naked eye


Starman on his way...?

I can well picture Musk's Starman in his Roadster speeding ever faster into that black hole in the (very) distant future... not a bad end, perhaps.

(Yeah, the chances are vanishingly small... BUT NOT ZERO.)

Prepare to have your shonky password hygiene shamed by Firefox 76

Thumb Down

Mozilla FF... dead in the water AFAIC

Mozilla is a prime example how to lose users. I was an early adopter and more or less went directly from Netscape to Mozilla. But... after one too many updates which AGAIN broke something I was relying on I decided to switch to Pale Moon... that was umpteen years ago (at least it feels like umpteen years :-/)

I never looked back and I never will. (Yeah, never say never.)

(Not to talk about their needless UI changes, botched upgrades, installing extensions w/o asking the user, telemetry, etc etc.)

Vivaldi browser to perform a symphony of ad and tracker blocking with version 3.0

Thumb Up

If my trusty Pale Moon fails me...

I do almost everything with PM but the odd site won't work (eg WebRTC stuff). After looking into many chromium-based browsers over the years I have settled on Vivaldi and I have not regretted it. It's very configurable and the one extension I need (uBlock origin) runs well. Whether I can retire uBlock with this release remains to be seen. YMMV.

So how do the coronavirus smartphone tracking apps actually work and should you download one to help?


Re: Good for data-less phone plans

> You get all sorts of funny folk here with spurious reasons for doing things a certain way.

You get all sorts of funny folk here with spurious reasons for thinking things should be done in a certain way.

Where's the best place to add Mentos to Diet Coke for the most foam? How big are the individual bubbles? Has science gone too far?


Re: The Diet Coke bottles were kept at 27 degrees Celsius (80.6 degrees Fahrenheit)

It's probably to do with the fact that you can dissolve more of a given gas in cold water than in warmer water (whereas it's the other way round for solids: the warmer the water the more salt or whatever you can dissolve in it).

Yeah, that Zoom app you're trusting with work chatter? It lives with 'vampires feeding on the blood of human data'


Re: Jitsi?

Yep, I think Jitsi is as safe as it gets IF you can self-host (or at least host with someone you trust). Even a non-self hosting session should be SOMEWHAT better than Zoom et al. I'm using it for a few years now, no problems so far.

British Army adopts WhatsApp for formal orders as coronavirus isolation kicks in


1. April come early? Or what?

No further comment necessary.

Appareils électroniques: Right to repair gets European Commission backing


Re: This jumped out:

Well, if you don't like this... just found Farrage Phones plc, build those non-EU-specced Farrage phones (lovely name) and sell them to all and sundry. It's called free market.


Re: What about updates

> At this point, I'd really like mandatory security updates for 10 years applied to any embedded software.

+1. Additionally, there should be a strict ban on devices where the manufacturer's firmware/OS can't be replaced by either the end-user or a repair shop.

How does Monzo keep 1,600 microservices spinning? Go, clean code, and a strong team


> "Note, though, that Monzo uses a lot of custom, in-house tools and libraries that are not easy to replicate."

That's the key sentence, IMHO. Yeah, this means more work and slower deployment in the beginning... but it's an approach that, in the long run, means you know exactly what's actually running on your servers and you understand how it's operating.

If you want an example of how user concerns do not drive software development, check out this Google-backed API


> There is no need for this api, hopefully Mozilla will give it a pass.

Perhaps it's wiser to implement the API but to deliver a random and ever changing collection of apps, some really existing (not on the user's machine, just some of those available in general) and some invented.

You can forget about that Black Friday deal: Brit banks crap out just in time for pay day


Re: Right... but there's more to it than just the managers

> No idea what you expect ordinary citizens to do with regard to banking site websites.

That's a 100% correct remark, I have no idea either.

But it's missing the wider point I am trying to make. In my extended family I have French, Swiss, German and Portuguese relatives. Almost all of these good people are utterly, totally befuddled, either when visiting the UK or upon reading some media stuff, about the levels of service or performance in various areas (public transport, politics etc) the British public is willing to accept without any real protest other than perhaps a sour smile and the odd mustn't grumble. This attitude may have some positive aspects but it also means that IN THE LONG RUN things just don't get better.


Right... but there's more to it than just the managers

+1 for that comment although it's not only greedy and/or incompetent managers and MDs.

In four words: the Brits are sheep.

I'm still not that Gary, says US email mixup bloke who hasn't even seen Dartford Crossing


Where's the EU when you need them?

Same story here, early GMail adopter, common name. Getting tax documents, car insurance docs, mobile contracts, bills for air condition equipment, etc etc etc for other blokes with my not so uncommon real-life name.

Apart from the mental state of these individuals what is driving me mad is exactly the sort of behaviour on the senders' side the article describes.

Take O2, a so-called tech company. Getting an email that I have opened an account with them and given them this email addy. Would I please acknowledge the email address is correct? Of course I don't and think that's it.

Nope, for from it. I now get a stream of detailed messages about my new mobile tariff, the mobile no and what have you. I have, more than once, contacted them... getting exactly nowhere. They don't care though they take security and all the rest VERY VERY seriously,

There should be a way (similar to other privacy EU initiatives) to force governments, companies, institutions, etc to really, REALLY VERIFY that all email addresses given are valid and connected to the intended recipient. This should be enforced by a nice and tidy little sum to be paid by said governments, companies, institutions etc as a penalty to the hapless victim if they don't get it right.

Android PDF app with just 100m downloads caught sneaking malware into mobes


Re: How 'bout that?

"Unfortunately, it's not available on the vast majority of phones, and even if you're lucky enough to have one that is supported"

Part one of that sentence is not true and as to part two... well, buying LineageOS-compatible stuff is not down to luck or Santa Claus, it is a conscious decision I have taken and take. These items are admittedly often (but not always) a little more expensive but in the long run they save money and a lot of trouble.

"there's little point in recommending it to people in practice because the chance of it actually being useful is close to zero."

Funny. I have four mobiles under my control (Sony, Moto, Sammy) and all are on LineageOS. I have three tablets under my control and again, all are on LineageOS.

I have no Google software on these phones and yet they are fully functional.

What I would agree with is that many people do not know (and can't be expected to know) how to achieve this though they would want to do it.

This is partly a reflection how badly the IT sector has let us down, especially in the last decade or so. Disclaimer: I am a developer myself.


How 'bout that?

Install LineageOS, dont' install Google Apps and use (mostly) F-Droid as apk source.

I have done and do this to all my phones and tablets (buying only devices that allow LineageOS to be installed) and I can say: it simply works.

Buying a Chromebook? Don't forget to check that best-before date


In this day and age anyone* who buys a significant chunk of hardware (PCs, smartphones, tablets, routers etc) whose software (OS or firmware) is not under user control and can't be changed is making a mistake. This route might be more expensive in the short run but it gives a lot more peace of mind and actually saves money in the long run.

* Sadly "anyone" here means those who either know how to replace the OS or firmware or know someone who can do that.

ReactOS 0.4.11 makes great strides towards running Windows apps without the Windows


Re: Window of Opportunity?

M$ will not open the NT kernel this side of 2050, if ever.

And anyway, the kernel itself isn't the big problem. The basic drivers (NTFS is/was a big problem for ReactOS), the zillion support DLLs... that's the trouble. Implementing that and implementing it in a 99.999% compatible way is very hard.

Nevertheless, perhaps... in another two, three years... I might install it in a Linux host as a guest for those pesky little apps for which I can't find a Linux replacement and which don't run in wine.

UK.gov's Verify has 'significantly' missed every target, groans spending watchdog


What a surprise!

A few years ago I had big BIG trouble with the HMRC SA login (don't get me started on that abomination...!) and decided to try Verify. Luckily this was months before the Jan, 31 deadline so I had enough time to work my way through this thing... you'll need it if you succeed at all. A few thousand lost hairs later and surrounded by heaps of paper files I not even knew I had (my wife knew, phew!) I had a Verify account.

The people who designed this system live on another planet where, among other things, the word world-class doesn't mean what it means on earth.