* Posts by Czrly

132 publicly visible posts • joined 17 Oct 2014

Page:

Torvalds' typing taste test touches tactile tragedy

Czrly

Re: IMaybe not a piano

I disagree. I actually think the reason my code never fails in production is because the action of my key-strokes used to enter it into the computer is informed by my knowledge of the sensation of flinging piano-hammers off the escapement with some modicum of skill and aptitude.

At least: I'll sell that line as hard as necessary in a job interview or salary discussion with no remorse. Never let the truth get in the way of a good story! ;)

Czrly

I have thoughts. And das Keyboard.

Having typed a lot -- as a proper touch-typist -- and, of that, I've typed about 60% program code (in many programming languages) and 40% natural language, that latter split about 90% English, 10% German -- I have thoughts about keyboard design. I'm also a pianist.

I think the thing that makes mechanical keyboards seem noisy has nothing to do with the switch but rather with the way the key's action encourages the user to type and bottom-out the keys. It's the plastic cap hitting the back-plate that's loud, not the Cherry Blue switch (continuing the article's mention of that, the One True Switch) passing the activation point in the stroke but, simultaneously, the great mechanical positive reinforcement cycle of the Cherry Blue's action absolutely does feed-back to the human being at the keyboard and result in the kind of striking that results in an LTE: Loud Typing Event.

The solution is clearly apparent: designs should focus on key switches that have lots of physical feedback connected with their actual activation point and then deaden the noise by damping the bottom-out clack. Users then will learn to percieve the real actuation and not miss the lack of a clack.

Importantly, the dampener cannot be rubber and must not spring the key-cap back upwards because that feels "bouncy". It needs to be very thin, but accept just the right amount of deformation on impact to deaden the sound without feeling "squishy". (I'd guess cork would be GREAT, but far too pricey) I'd draw the response curve I'd want, personally, but not in ASCII art because I'm tying on a laptop keyboard, here, and I think we can be unanimous on declaiming those as the worst. (Also: I don't have spell-check, apparently. Thanks, Firefox.)

Unfortunately, though, there really is NO innovation in the keyboard world, alas, and what innovation there is is focussed on entirely the wrong things: RGB lighting and adding proprietary and useless extra features that don't work because the only way to use them is with the manufacturer's proprietary and non-functional "driver" bloatware: here we find the true realm of their innovation in excelling at making something as terrible as imaginable in some kind of sordid bid to be worst.

I have a keyboard in a cupboard that is also a mouse. The proprietary software thingy is also a mouse driver. Why? Because the keyboard has no pointing device features but, by using that bloatware, you can remape the scupper'd "mouse"'s "scroll wheel" to control your audio volume! Sometimes. On a good day, one ending in the letter ':qa!'

That brings me to my own personal favourite which I do carry with me like a gilded Morse key, to coding jobs: the das Keyboard 4. Personally, I find the Cherry Brown switches to be a nice near-equivalent to the Blue with just a little less activation feedback but enough to never create mis-strikes or suffer button bounce (I've used Razor stupid-premium "Optical" swiches that literally double-press themselves because of button bounce!) and the Brown are a little more socially acceptible, I find, from listening to the peanut gallery.

The das Keyboard's volume wheel sends scan codes for media volume up/down and works on every desktop OS, without any drivers. It has a bomber aluminium front-plate that makes it seem like you could drive a Panzer over it without worry. It uses only a single USB A port but has a built in USB 3.0 hub that literally is the best USB 3.0 hub I have ever used, ever! (To those in the know: I can connect to `adb` debugging on Android devices without needing to scrounge up the Specially Annointed USB cable when using my das Keyboard's hub. Any semi-decent cable will do. It's like magic!)

They don't like wine, tea or beer, though. Since I discovered the das Keyboard about ... er... well over a decade ago, I've killed three with those beverages, respectively. (One actually still works (mostly) but sometimes registers an extra right-shift when pressing many keys at once which leads to wierd surprises when coding, a lot.)

GitHub Copilot angles for promotion from assistant to agent

Czrly

Re: Want to start a career in coding?

Nobody begins their career with a will to remain a junior and these stochastic-token-extruding-machines will never become the experts. Given a job of any complexity, they are USELESS. It's all very well to say that with some kind of accuracy rate and some kind of hallucination rate they can perform some simplistic, limited, exceedingly common tasks with some level of success but these models rapidly become totally incompetent in more nuanced situations or when the task needs to satisfy broader or grander requirements or objectives.

The industry has yet to realise that us grey-beards will not be replaced by these extruding-machines and, as a grey-beard, I -- for one -- would like to extend a welcome to anyone contemplating becoming a newbie and beginning their career, now.

We grey-beards largely do not care about the existence of these supposed-newbie-replacing-machines because they play no role in our more abstract and complex jobs. If you see an enraged grey-beard raging against the extruding-machines, it is nearly always because they resent wasting time fielding extruded issue reports, extruded pull requests, CVEs, code submissions and the like. Some idiot is using these things and wasting OUR time with the extrusions. Go away, you demons of stupidity!

What we *do* care about, however, is the fate of the newbies, themselves. We don't want to correct A.I. excretions. Fundamentally, we LOVE helping junior programmers because we want them to grow into better programmers who can help us, work with us and, one day, go on to become the grey-beard themselves.

We don't help juniors because we want the code they're submitting. Trust me: helping newbies usually takes longer than just doing the work, ourselves.

In the stochastic-rubbish-extruding-machines, we see junior-level near-competence (at the very, very best) along with a hopeless situation. Vetting the machine's output helps nobody. Even if, somehow, the model did learn from our correcting of its output, that would serve the corporation behind the model who owns the vast server-farms on which it can operate and our mentoring of such a thing would basically be futile and also to to our own detriment!

If you're a junior software engineer or thinking of becoming one: go find your nearest grey-beard and ask them whether they'd feel more amenable to mentoring, correcting and training you or whether they'd rather save your salary and pay that up to a mega-corpo for a hopeless model.

Windows 11 poised to beat 10, mostly because it has to

Czrly

GitHub → whipper-team/whipper

You, sir, need to know about `whipper` (for Linux, GitHub → whipper-team/whipper).

I used to happily use DbPoweramp – bought and paid-for – for many years and only recently (in the last month) stumbled upon `whipper` and I can honestly say I'll never look back. Once it knows a few attributes of your disk drive (including the AccurateRip offset), ripping a disk is as easy as `whipper cd rip`: one command-line, drive emits spinny noises for some while and `.flac` files get written to some place in your home folder. If you're going through a stack of disks, each one after the second can be as easy as two keypresses. It is the epitome of a great "desktop"-but-command-line program.

Sure, one invariably needs to patch up the metadata on the files after they're ripped but that's nearly unavoidable and DbPoweramp was never the best interface for that in any case.

`whipper` employs `cdparanoia` properly and also checks AccurateRip. Everything about it instils confidence in the fidelity of the audio data.

On the first day I tried it, I spun up nine audio CDs pretty much back-to-back after the first and that proceeded so smoothly, it quelled all my inklings of impending-need-to-hack that new Linux desktop workflows often entail. That stack of disks had sat on my desk for 18 months before I finally got around to ripping them simply because I wasn't in the mood to fight if necessary. I used a relatively ancient LG blu-ray drive connected over USB and did this on Gentoo under a custom configured Kernel – you'll forgive that 18-month period of apprehension and appreciate *why* the easy time I had was so refreshing.

If it worked for my Gentoo desktop, I cannot imagine it being in any way obtuse under Linux Mint!

(Now: foobar2000, however, is something I have yet to replace under Linux. R.I.P.)

Top Trump officials text secret Yemen airstrike plans to journo in Signal SNAFU

Czrly

The Means were not Insecure

The channel was perfectly secure. The recipients at the end-points were erroneously selected. Theoretically, if the part of Signal had been played by some surely-over-priced, over-budget and long-delayed government, designed-by-committee, end-to-end chat software, there would be nothing preventing the accidental addition of a journalist as a recipient of the chat except the fact that journalists typically aren't added to such systems at all.

We need to be very, very clear about what happened and overly pedantic, here. I'm just waiting for the first numpty to start spouting that, look, Signal isn't all that "secure" because it just got "hacked" or man-in-the-middled or something and government secrets got "stolen", then twist that argument into one in favour of legislation enforcing backdoors in end-to-end encrypted messaging platforms like Signal, compromising the academic argument that true end-to-end encryption cannot be secure if it has any backdoor at all.

If those sound like dumb arguments, that's because they are dumb arguments. But they'll likely suffice and any hints that Signal is somehow insecure will only make that likelihood greater.

OpenAI asks Uncle Sam to let it scrape everything, stop other countries complaining

Czrly

Re: Hi ! We want to steal everything...

> Yes because paying for stuff is economically unfeasible...

Arguably, at the consumer level, paying for stuff is not only economically unfeasible, not only unfeasible in general, but impossible. I have a long list of books I would love to read but cannot, simply because I'm planning a move so I don't want to buy a hard-copy to add to my existing packing problems and buying those titles as DRM-free ebooks that will work on my Tolino (kobo variant) device is impossible in every way. They're newer titles with living authors who I support and I would love to pay those authors but I just cannot.

The rest of the world has a very simple counter to the AI bros: all they have to do is say that violation of copyright by US companies will result in international abandonment of copyright treaty – and, similarly, for patents. This would also include dropping international enforcement of DMCA section 1201 and refusing to respect US copyrights and enforce them against people not in the EU – even if their IP addresses appear in torrent swarms. Tit for tat.

Of course, this would only carry weight if the AI bros were in favour of copyright at all and they are not. Their end-game is the total rubbishing of copyright across the board because they are betting that it is obsolete. There is no need for copy protection for content that can be extruded at scale, on demand, without the need to pay creators to make it in the first place. Their bot-shit doesn't benefit from copyright protections because they are selling its excretion-as-a-service, not the artefacts excreted.

Mozilla flamed by Firefox fans after promises to not sell their data go up in smoke

Czrly

Re: Lots of Astroturf in this thread

This is par for the course wherever browsers are discussed. Indeed, the ubiquity and indomitability of the Brave astro-turf gang is alarmingly high – that, alone, would be enough to raise red flags, in my mind, even if I didn't know the sordid history of the Brave browser and how it has been associated with an awful number of "web 3" debacles, continues to push crypto-currency, tried to pull the affiliate-abuse trick that Honey would later (rightly) be lambasted for, and generally behaves appallingly in numerous ways – and there are archived links (wayback machine et al.) to prove it, whatever the gang spouts.

Brave earned their place in the untouchable-software-purveyor box and there's nothing they can or could do to redeem themselves in my opinion, just like Microsoft, Alphabet, Meta, Unity, Adobe and some others. All of these corpos earned their untouchability through numerous acts of bad-faith that were *not* mistakes – not single incidents but a history of scummy behaviour.

I feel like Mozilla have joined them in that box, now, and although this is a hot news headline, today, Mozilla were teetering on the brink of the abyss for a very long time, already.

EU plans to 'mobilize' €200B to invest in AI to catch up with US and China

Czrly

Derisking is Abominable.

I find the very concept of "derisking" a cynical, speculative, multi-billion-Euro mega-corpo investment into a technology bubble optimised and designed to automate humanity in order to facilitate mundanity to be, in a word: abhorrent.

Out there – outside my house – on the streets, there's the run up to the German elections going on and I find a lot of that campaigning to be abhorrent, too. One poster reads: "freedom will not vote for itself," as if slavery is humanity's default state and not forced upon us by evil lords. Another says that the party behind it does not care about the climate disaster, only for people, as if people do not breath air or eat food or walk about beneath our atmosphere.

There is a striking common trend, however: every party – even the conservative CSU/CDU union – appears to be trying their damnedest to appeal to those with an appetite for drastic change. This includes those same parties who designed, built and instituted the status quo. They all perceive that people are not happy and are becoming ever more unhappy with the erosion of their safety, their freedoms, their prosperity and their way of life – even their menus for dinner as the cost of living creeps ever upwards.

I revile the AfD and abhor their dog-whistle politics. I don't get a vote. I live here. I pay taxes. I have lived and paid taxes in three "democracies", on three distinct continents, and I'm the most useless alternative-universe version of Jason Fucking Borne: no lack of citizenships and passports have I, just no vote that means anything at all. I would vote against the AfD as strongly as I would vote against the CSU/CDU or the FDP – or the Tories, in Britain, were I there.

But when I read that *my* tax money is being put up to "derisk" these corporations and their frivolous bets on an AI horse, I can absolutely understand why the people out there vote for an alternative.

If you can't decide whether to buy futures in AI or short-sell the obvious bubble, what do you do? You spend the tax-payer's money on it and take your cut under the table, of course!

Cloudflare hopes to rebuild the Web for the AI age - with itself in the middle

Czrly

Hmm. But that's not what they're saying.

This is a message from Cloudflare to their investors. The intended purpose is to drive bullish attitudes amongst those investors. The content of the message is vague but it boils down to this: Cloudflare intend to find out where the profit is and position themselves to get their piece of the pie.

That's all. That's all that they're saying. They don't care about "content creators" or who should get to rip of the created content beyond finding out how Cloudflare can get a piece of the money. They're assuring their investors that they intend to find that piece of the money-pie.

Don't read anything else into this.

Incidentally, I have an anecdote to offer on the topic of Cloudflare's "benevolence": I'm writing this post from Windows 10 which I've booted for the very first time, this year, in order to run some `.exe` programs that I can't be bothered to port to Linux because I only need them once every few months. While those have been running, I've been browsing. Those obnoxious Cloudflare CAPTCHAs all over the Web which one is thwarted with, these days, for merely being so bold as to issue an HTTP GET request are all mysteriously completing themselves with no need for me to proove that I'm really human just to browse. That's in spite of the fact that my browser, here, is still Firefox ESR and uBlock Origin is still installed and I have the same filter lists in effect (thanks to uBlock0's great settings export feature) and the same Firefox settings thanks to `policies.json`. It is the same hardware -- the same physical box -- behind the same gateway with the same public IP address. The *only* difference is that I'm not currently browsing from Linux.

Do I think Cloudflare care for an open, free and independent Web that exists such that browsers can communicate with those with content on offer? Something makes me very reluctant to believe that Cloudflare are "good guys" out to protect that concept in the face of an AI-blighted "post Search" future.

They are a corpo, in it for the money, and they're telling their investors only that.

'Maybe the problem is you' ... Linus Torvalds wades into Linux kernel Rust driver drama

Czrly

How far we've come!

Oh how we look back with fondness on the days of yore, now that a "Let me google that for you" reply is no longer a cynical, obnoxious act but triggers, instead, some deep and fond nostalgia for the World Wide Web before enshittification and the Death of Search, when "googling" could justifiably be considered not only to actually be helpful but *so* helpful, indeed, that "googling" was considered by some to constitute due diligence before one could pretend to curiosity sufficient to pose a question in a comment thread!

A curious sarcastic commenter wants to know: *when* one "googles" for Torvalds' age, today, does one actually *find* it? Or does one find a verbosely worded essay on (among other things...) the history of the concept of age, why tracking the age of someone is useful, code-snippets showing how to do an age-adjacent thing in Javascript+React, and a stirring memorandum on how knowing an "age" can benefit YOUR business or your bottom line, followed by a link to a premium, for-profit tool for age tech and a sidebar in which an online webinar taking place right now, on embracing age and age-related cloud products with integrated age-AI models, is advertised as the only way to succeed in today's economic climate?

Musk's move fast and break things mantra won't work in US.gov

Czrly

Re: "You're driving towards a wall!" "No I'm not!" *smash*

Sometimes, I think we should just give up and stop trying to save ourselves – the effort would be better spent inventing ways to leave a legacy for the bonobos, the octopi and the dolphins and all other species that might one day evolve higher levels of intelligence so that we can warn them not to repeat our mistakes.

Sometimes, I think we should just sever our tubes and queue the music, start the party, go not gently into one glorious, hedonistic goodnight and let evolution run its course as soon as possible on evolutionary time-scales, for a more worthy species to rise to inherit the earth.

Certainly, our continued struggles aren't doing the bonobos and the octopi any favours!

But I accept that others have not given up the fight and I *will* continue to fight in solidarity with them. And, more and more, I'm thinking that fighting is going to be necessary because playing nicely is not working.

Czrly

Destabilising and breaking things *is* the goal, not their failure state!

Chaos and craziness and flames and the demise of institutions is the very point. They're literally playing for the bullshit to flood all the channels and going for such absurdity that nobody will remember what sanity even looked like, what functional organs of state ever did or were or offered or what civil liberties and rights and safety meant at all.

They're burning it down to rule over the ashes.

They're also all sworn "longtermists" and utilitarians who will proffer some longtermist utilitarian solution once it's all gone to pieces. When nobody has health-care or food or education and only the gun-nuts have "safety" (and only as long as their ammo lasts, while they're eating out of tins and farting in their bunkers), do not fear: AI, blockchain and the metaverse will balance out all the wrong with immeasurably insignificant levels of "utility" accrued over some meaningless number of future virtual "souls" living in a simulation 10000 years from now, on Mars.

It is that dumb and they consider themselves altruistic because they're striving to bring about this future. I think that the cult of personality that they somehow never fail to dispel survives because, in some way, they do genuinely believe their own delusion that they are actually righteous in their cause.

With every passing day, fewer peaceful options to stop this madness remain on the table. "Democracy" has certainly failed to end it. They won't arrest their own trajectory into hell. We need to act.

Eggheads crack the code for the perfect soft boil

Czrly

Re: In the opinion of this Englishman

The connotations attributed to the adjective, "hot," would imply that a hot fluid was perceptibly warmer than a "tepid", "lukewarm" or "blood-warm" fluid which one might understand to be approximately body-temperature. Conclusively: "hot snot" would be distinct to "tepid snot" in the imaginations of most readers.

(I do hope I have not offended any reader's imaginations in my synopsis of these English-language facts.)

Czrly

Re: In the opinion of this Englishman

No, no. It really isn't. And I'll state that as someone who usually hold *very stringent* requirements for a soft-boiled egg to be judged edible. But you've got to draw a line, somewhere, yeah?

Agent P waxes lyrical about 14 years of systemd

Czrly

I'm a hater.

Does it work? Who can say? What does it work *at*? If that question were simple, I – too – would honestly not care very much about it because I do not count "init systems" amongst my areas of interest, particularly. I do consider myself to be a systemd hater, however. I'll own it!

I can't answer the question of what systemd works *for* or at because it seems that systemd is trying to be everything: it is not just init. Every other news story about systemd concerns its creeping into yet another domain it has no reason to touch.

So, I ask: who can say it works? We can't even define what its scope is or what it will be, tomorrow, so who can define whether it is fit for purpose or not?

I hate it because I can't ignore it as long as I'm a Linux user. The way it creeps into every domain makes it necessary for me to know about it and care about whether it is fit for purpose or compromised. The more systems it touches, the more irreplaceable it becomes and the more I need to care about it.

I run Gentoo, on OpenRC, and don't even use systemd and yet, still, I have to care about it because of its outsized impact on the whole Linux ecosystem – that's why I hate it.

I don't know a damn thing about how sysvinit looks on the inside, or how OpenRC's upstream code-base truly is to hack on, but I do know that I can define their standard operating conditions and the job they're supposed to perform and I can answer that question: do they work? If I determine that either one is lacking, I can implement my own replacement to meet my needs because their scope is contained. It is nearly impossible to "replace systemd" in the ecosystem, today, and only becomes more difficult with every new development in this farce.

To judge that it works would require confidence that it succeeds at what it claims to do which I've argued is ineffable but it is easy to prove that it does NOT work because one only needs to find the stuff it breaks. I use Gentoo almost exclusively on desktops and servers, today, but I have used systemd-based distributions often enough to see it break, frequently, often rendering Linux mechanisms that should be 100% independent of init, like `sudo`, totally inoperable or introducing new supply-chain attacks, like the way the whole `xz` thing transpired.

Should the OpenSSH developers have cared about whether the supply-chain of `xz` should form part of their threat model because of how distro package maintainers at Debian might link things to satisfy the requirements of agent P's "init system"? That would be totally absurd but, yet, that actually happened. That actually came to pass. That is why I care. That is why I'm a raving, frothing lunatic with rage whenever I read about systemd. This situation *is* absurd.

… and it threatens our operating system: Linux. I actually like to be able to use computers that run a sane operating system.

Czrly

Re: How many lines-of-code is OpenRC?

Agent P chose to compare the number of lines-of-code of systemd with that for glibc – an implementation of the C standard library and not actually an init system – or that of bash (a shell, not actually an init sytem) or wpa_supplicant (a wifi thing, also not an init system) and so some crazy, off-spec, non-conformist part of my brain wondered if, just maybe, a more interesting comparison would be to – you know! – another init system.

But maybe he was trying to suggest that systemd isn't actually an init either. I'm sure it contains a complete implementation of a C standard library, a shell and a wifi layer, too, by now. Maybe those are written in fewer lines of code, too, for all I know.

Actually, I do wonder why he's bothered that Cargo doesn't meet their requirements. That seems a little off-brand; I'd have expected him to just add an entire Rust build toolchain to systemd and roll with it.

Czrly

How many lines-of-code is OpenRC?

I've been writing Rust, intensively, for the better part of a decade and I will be the first to agree that Cargo is not perfect. Don't even get me started on "features" – what they were, what they are, what they were intended to be and how people abuse them across the ecosystem. But the truth is that Cargo is actually bloody brilliant when one considers it, objectively, and thinks back to Autotools or CMake. Cargo works well enough right "out the box" and it works pretty much the same way for every project that applies it, correctly, on every supported platform. Rust is "nice" because you *can* just `git clone` most code-bases and Cargo will usually build them, run their tests and executables and their examples. You can edit those examples' `main.rs` source and start to hack right away and Cargo keeps running them so you can play. The on-boarding process to try out something in the Rust & Cargo ecosystem is easily the best I know by a million miles, chains, cables, furlongs or what-have-you.

But let's just take a step back: you're making an "init system". That is: a system that runs to spawn other processes, monitors them over their life-time, killing some and restarting others if they die. If the structure is, indeed, so convoluted that it can't be built with Cargo, you're inept or you're wildly out of scope and I wouldn't want to touch what you're making with a ten-foot pole.

I think the mention of Meson is apt, though. Meson is basically the systemd of build tools: it is extremely opinionated and hostile to every other build system, offering heavily begrudged support for integration with CMake out of necessity (because everything else either uses or supports CMake – it being the industry-standard incumbent) but holding the line that interoperability means "just port everything to Meson".

Do you want to link SDL in a Meson project? Great! You've got the flagship demo for that specific case. Oh: you want to use a version of the SDL that doesn't match the demo's current "wrap" version? Good luck, then, because SDL builds with CMake in a non-trivial way so you'll be patching the official demo "wrap" (and it is exceedingly verbose, being a complete reproduction of the SDL build mechanism), writing something entirely new or hacking together some very cursed solution that will never be supported because you're using Meson in a way that contravenes their "philosophy". Ditto for every other non-trivial dependency that doesn't coincide with an official "wrap": it's all just "port to Meson" because that is the only supported way. (Edit: citation: https://mesonbuild.com/Mixing-build-systems.html)

systemd begrudgingly drops a safety net while a challenger appears, GNU Shepherd 1.0

Czrly

Re: 42% less unix philosophy

Eleven seconds. My development desktop, on Gentoo and OpenRC, boots from cold, hard power-off to a fully-operational KDE Plasma 6.2 desktop in eleven seconds.

Czrly

I find this story intensely ironic.

My last conflict with anything `systemd` was when I ran in to repeated problems on my development desktop. The box kept falling over, at random intervals but `sudo` also ceased working. `sudo` was failing because `systemd-homed` was falling over and I couldn't fix anything because, yeah, `sudo` wasn't doing the `do` part at the end. THAT was the final straw. That pushed me to migrate my desktop to (really: "back to") Gentoo, on OpenRC, which is the same thing that runs on all my servers. Alpine runs in all my containers (none of them have an init but some had `tini` in the past) and no boxen I maintain use `systemd`, today.

Since that point in time, the `xz` Thing came and went and I watched on, bemused and amused. Schadenfreude is apparently a healthy and necessary part of our human psychology. I can't imagine handing `sudo`'s responsibilities to the same supply-chain that let the `xz` Thing happen. I certainly can't imagine replacing the Kernel's SUID mechanics with their crap.

Not only because `sudo` and SUID, in general, do a whole lot more than *just* run commands as user 0. There's a reason why `sudo` became ubiquitous and the fact that `root` passwords no longer need to be shared (or even be set at all!) is only the very beginning of the very tip of an iceberg-sized point.

I read the news about Shepherd 1.0 and I do sigh, a little, and wish more journalists were mentioning it as an alternative to OpenRC and Sys.V Init instead of holding it up to `systemd`, though. Both of the latter actually are init. systems (and stay in their lanes) and I'm sure that Shepherd is intended to be init., too, not some sprawling, redmondian behemoth that also does a spot of init. by-the-by. (I'd say `systemd` contains an init. system but it seems to contain multiple components that all do some init. stuff, along with multiple mini-inits. Inits-within-inits. It's truly an oroboros. I'd say it's a misguided, cynical attempt to make an Eierlegende Wollmilchsau if I didn't love that German phrase too much to sully it with the association.)

So, dear Register: can we anticipate a good technical deep-dive into Shepherd 1.0 in which you tell me how and why it might, or should, one day replace my perfectly-fine-thank-you scripts in `/etc/init.d`? Those perfectly-fine-thank-you scripts just sit there and do their thing at init. time. I haven't had to "maintain" a single one in ages -- at least, not since the last time Wayland fell over and I had to sort of wrangle some things to get dbus+kwin starting, again. I can't really see the appeal of porting them all to something new: they're prefectly fine, thank you.

Open source maintainers are drowning in junk bug reports written by AI

Czrly

Maintaining some open source-code isn't supposed to carry a punishment. It is this sort of opinion that breaks that deal.

This is why I never publish my work as open-source and only ever push patches up to projects that I really, really love and trust to value my contributions. There are simply far too many who think that "maintainers" should just deal with the nasty side of open-source for whatever reason.

Win a slice of XP cheese if you tell us where Microsoft should put Copilot next

Czrly

Replace all "Help" Menu Entries in Windows 3.1

Since they've backported (back-foisted) it upon Windows 10 (it hit me, again, yesterday) I ask this: why not go all the way and foist it right back on Windows 3.1, too?

Do you remember those "Help" menus from 3.1? If you don't, you should go and run that in an emulator, unplug your router and try to work out how to use it, offline, just from the help files that used to ship with programs, back then – accessible by help menus! They were often – albeit with exception – actually useful! They were references and sometimes even told you how to do Things with the software or the operating system.

Also: you'd be building up the user-base to validate my argument that there are surely many running 3.1, even in 2024, and they could be blighted with Copilot, too, just like the rest of us.

Bitwarden's FOSS halo slips as new SDK requirement locks down freedoms

Czrly

The balance tipped.

This news should come as no surprise to anyone. This is the standard play for venture-capital (or private-equity) bought "Open Source."

What it means – simply – is that the balance has tipped: the suits have determined that the loss of goodwill from those who flee is less than the stakes to be gained by this change. That, in turn, is trivially easy to interpret: "we" – the users, developers and community – are worth less than the Dollars knocking on their door. That follows by definition.

Why would we trust them, then? They're demonstrating contempt for our worth, as a community, so only a fool would expect them to value us!

WordPress. Bitwarden. VSCode. GitHub. Redis. MySQL. (… and I haven't even started to 'think' to find examples, yet.)

Vivaldi gives its browser a buffing, adds a dashboard

Czrly

Re: We need a User Agent that isn't Googled.

Pre-emptive response: "Source Available" does *not* cut it for a web browser, supposed to be a User Agent, with which human beings do things like Internet Banking, personal or intimate messaging and – on occasion – research which conflicts with the prevailing status-quo of the land in which they're living such as searching for certain bears that like honey or for clinics deplored by a certain political lobby for culture-war reasons.

You cannot fork a Source Available software if those who publish it change their behaviour in the future. Without the threat of being forked, the corporation behind the software faces no checks and balances from their user base and being morally upstanding holds no specific utility value. This means that morality necessarily ceases to be a dominant strategy as soon as the Dollar arrives at the door.

A Source Available software will have no long-term plans to maintain support for user-first standards like Manifest v2 because they know that user disagreement is impotent. Indeed: Vivaldi say they'll support v2 until some time next year – THAT'S NOT LONG-TERM and we can't just fork Vivaldi in 2025, either, should they neglect to extend that or even just forget that promise before June, 2025. (Vivaldi, to be fair, are in an unfortunate position because they surely don't want to maintain v2 in their own fork of Chromium. Again: the problem is in evidence.)

Czrly

We need a User Agent that isn't Googled.

If it is not truly Open Source, it can never be a proper "User Agent". Also, it's Chromium so its very existence exacerbates the monoculture problem, no matter how honest their claims of privacy – which, I guess, we just have to trust because it isn't Open Source. It exacerbates the problems with EME and other Google-mandated "standards", too.

We need a proper User Agent that isn't controlled by Google – directly, or indirectly via their advertising-company proxy: Mozilla. Vivaldi is not that.

That said, this news did impart one positive and novel idea: after reading their response, beginning "Our Dashboard is quite different…", I no longer doubt that LLMs *can* actually replace many humans in the workplace.

Altman reportedly asks Biden to back a slew of multi-gigawatt-scale AI datacenters

Czrly

It's Power.

For long and long, I've considered the connection between "crypto" and "A.I." to be the fact that both are bubbles of the most ephemeral kind but, today, I think I've been wrong about that: both are about consumption of power – Watts!

Precisely how the megalomaniacs are punting A.I. is pretty obvious but *why* they're so desperate to do so makes little sense. Is their really enough money to be made from rendering artists, authors and many others redundant? Maybe they're set on positioning themselves to capture "human culture" or something by flooding the channels with 'botshit' but even that seems a little too desperate to motivate the scale of the infrastructure investments. (It would also be too dystopian or nefarious: the megalomaniacs are not that inspired.)

But Watts of power? This is all a counter-move to the acceleration and expansion of green energy.

This is about keeping legacy power-plants operational. This is about keeping the oil-economy flowing and ensuring that green sources cannot hope to bring about the decommissioning of fossil-fuel sources in the short term. This is about keeping old establishments like OPEC relevant as puppeteers of the world economy.

This is also a cynical act but cynical, short-termism is right on-brand for the megalomaniac.

Perhaps they know that "A.I." is stupid and a bubble and hated by the masses and laughably prone to hallucinations and not fit for any purpose in the real world. They do not actually care because "A.I." – the entire industry – is just a "cost centre" to them. Bad press, loathing, even infrastructure wastes are just "costs" and their profit lies elsewhere: these maniacs are firmly rooted in traditional economic structures, investments, markets and capitalism and granting the oil-economy a final lease on life serves them, there. Keeping fossil-fuel chains alive keeps their lobby relevant in government and international institutions.

They're seeing Watts of green power becoming available on the grid and so they strive to sink as many Watts as possible into something: not crypto, now, but A.I.

For Satisfactory players, the TL;DR is this: A.I. is just the AWESOME Sink of real life.

WordPress.org denies service to WP Engine, potentially putting sites at risk

Czrly

Re: This just seems wrong

The other big question is why does the corpo have any influence on the actions of the .org, anyway?

I've always understood the split between corpo/.org for FOSS products to define the boundary between what the community retains (.org) in return for – you know – actually building the whole product, and the money-making entity to be set up as just one service provider to profit, employ a core team of developers, and, ostensibly, to sponsor that community.

It's supposed to be a hedge so that all the FOSS developers don't just immediately jump ship, fork, and refuse to ever touch the original code again – potentially turning directly to their lawyers to ask whether a corporate take-over is legal. FOSS devs understand that they're getting ripped off (in a way) but that the split is inevitable as soon as the projects becomes successful enough to demand a stable revenue stream coinciding with corporate profiteers looming, inexorably, anyway.

It seems to me that Automattic are proudly and loudly pronouncing the quiet bit: FOSS projects are basically suckers for this abuse. I don't particularly care one jot about Automattic, WPEngine or WordPress but I do care about FOSS (in general) and it seems to me that this story is relevant as a cautionary tale for the whole ecosystem.

Unity scraps hated runtime fees, hits devs with subscription hikes instead

Czrly

Too Late.

This is irrelevant, now. Unity demonstrated to developers that they could and *would* unilateraly fiddle with the pricing model as and whenever they wanted to. This was the final straw and also served to accellerate interest in alternatives like Godot by orders of magnitude.

I did not dig into the details but I'm pretty sure that they have not relinquished their power to alter the deal again, unfavourably, as and whenever they want to.

Nobody trusts them and nobody should ever trust them.

Breaking the rules is in Big Tech's blood – now it's time to break the habit

Czrly

Re: Open Source Licenses are already sufficient.

TL;DR: this whole palaver exists purely to precipitate a nonsense-fight in which the very concept of copyright is borked by collateral damage.

Czrly

Open Source Licenses are already sufficient.

Indeed, any license that explicitly requires attribution is already being expressly violated because no attribution is being granted. This will end up in courts but the fight is nonsense because Open Source and most Creative Commons licenses are unambiguous in their demand for attribution.

I fear that a nonsense battle is actually what the corporations want and foresee two awful but non-exclusive outcomes:

1. They want to argue that attribution-at-scale is just not practical – they would, in essence, have to cite every public web site ever published – and use the impracticality to somehow neuter the very concept of "attribution"

2. They intend to capitulate and try to strike a compromise: they wreck pre-AI copyright and, in turn, precedent that AI-generated "content" is uncopyrightable (being built from the ashes of pre-AI copyrighted works) is carved in stone...

But 2 is a trap, not their end-game! Their end-game, then, will be to punt the idea that, given the right model and the right, designed prompt, AI algorithms can output *any* target content – this has already been demonstrated in the lab.

They'll use that to muddy the waters and cast doubt on whether anything was ever human work and push for precedent that basically ends copyright for works post 2023.

The resulting free-for-all would hand a huge advantage to whoever has the "biggest AI". In a world devoid of attribution, there ceases to be any reward for independent artists, authors, musicians or writers or other creatives to participate. Independents will surely persist out of vim and vigour, in their niches, earning a pittance in kudos and currency but AI content can and will be churned out at scale, heretofore unseen, and eclipse their already meagre visibility.

Borking copyright will further exacerbate the imbalance of power that gives big content houses free license to dictate what the vast majority see, hear or read, whether it comes with ads – even at premium tiers – which devices it can be played on, which lands it can be viewed in, etc.

I don't particularly like the idea of Gates, Bezos, Zuck and the rest choosing the landscape of arts and culture.

Now all Windows 11 users are getting adverts to 'make the Start menu great again'

Czrly

Re: Is this their final 'footgun' moment?

Always remember the single-paragraph, fundamental truth of the advertising industry: advertisements shoved into faces – "exposure" – exist only for there to be a concepts of "ad exposure" to sell to gullible advertisers. Hit rates or conversions to actual transactions are intensely and extremely irrelevant.

Advertising has nothing to do with actually selling a product or service. That was once called a "hit rate" or something but everyone realised pretty quickly that advertising hit rates were always and always would be ridiculously low – well below any kind of noise floor. Advertising is all about selling ad space or potential "exposures".

That's why algorithmic feeds and content farms exist. They aren't there because they provide utility. They're there because they represent potential exposures to sell to fools. "Engagement" metrics exist to make those seem valuable – the more time wasted, the more potential "exposures" there are to sell.

Advertising is the antitheses of a "collective action" problem and that's why ad-blocking went ignored for so long. Ad-blocking represented "collective action" in opposition to advertising by the wrong group of people – the users – and those in power didn't care about that because the only action that would threaten them would be if the idiots paying for the ad space acted against it – which they did not. Google, Microsoft et al can still sell their "exposures" to fools even if the users who might actually click the fool's ads block them. Again, the hit rates and conversion stats were so low and meaningless, the effects of ad-blockers were immeasurable. (YouTube being the one exception to this, admittedly. I honestly don't even...)

Malicious SSH backdoor sneaks into xz, Linux world's data compression library

Czrly

Re: Haters Should Be In The Headline, Not systemd

I imagine that the up-stream OpenSSH developers do consider unadulterated `sshd` to be perfectly well ring-fenced from attacks against systemd, or `xz`/`liblzma` or – more generally – from the attack surface of essentially unfunded libraries with at-most-one trustworthy maintainer. That's why they don't link those libraries!

The UNIX Principle is what we *need* to be discussing but – frankly – what's the use? It has been long abandoned. Meanwhile, call me a "hater" because, yes, I do hate the very concept of a Linux box that runs an init that scorns the UNIX Principle so extremely that a daemon likely to run as `root` must necessarily be compromised *at build time* for compatibility.

OpenSSH should never need to know of the existence or use of whatever is chosen for init or whatever initiates it as a daemon, let alone be critically compromised via a supply-chain attack targetting that initiator or libraries that may or may not be linked to that.

If, indeed, `libsystemd` is not safe for use then it should not exist at all.

Czrly

Re: Systemd should be in the headline, not `xz` or `liblzma`.

You can only reproduce it if the `sshd` executable was built from compromised sources in the first place. Gentoo – for example – write the following in their advisory notice:

> 2. the backdoor as it is currently understood targets OpenSSH patched to work with systemd-notify support. Gentoo does not support or include these patches

> https://security.gentoo.org/glsa/202403-04

I do not think that systemd is at fault for this particular exploit, in this instance, but rather at fault because it has created the channel through which exploits like this cannot fail to occur. It has normalised the very concept of an overly complex, bloated init.

Czrly

Systemd should be in the headline, not `xz` or `liblzma`.

When I read through the email (https://www.openwall.com/lists/oss-security/2024/03/29/4) in full, it seems apparent that `xz` and `liblzma` play roles only as the attack vectors through which to compromise `sshd` via the vast attack surface that is systemd and `libsystemd`.

This news should really be about how distributions should not be patching trusted sources, init-systems should not be requiring such patches and shouldn't be so bloated in the first place!

1. Debian patches the sources of everyone's most trusted, most critical daemon – `sshd` – to add support for notifying systemd …

2. which exposes everyone's most trusted, most critical daemon – `sshd` – to an attack surface broadened to nothing less than the entire set of libraries linked by `libsystemd` …

3. which, due to bloat and feature-creep, is vast …

4. and `xz` and `liblzma` just happen to constitute vulnerable libraries within it, those salient today.

It could have been anything else; the wider the attack surface, the more vulnerable everyone is.

Every distribution is now frantically and reactively patching but the real vulnerability persists – systemd, itself – and every news item mentioning it is either bad news or notice of how its feature-creep progresses apace. As long as *that* attack-surface continues to exist on modern Linux, backdoors such as this one will only become easier and more frequent whether they are detected and reported or not.

Your PC can probably run inferencing just fine – so it's already an AI PC

Czrly

It's just a fancy product...

Both inference *and* training are just fancy 'tensor'-like product operations performed ad nauseam. Just about anything *could* execute them and nearly everything even has some form of SIMD instruction-set to accelerate them beyond primitive `for`-loops, anyway, and has had for decades. Even libraries which include highly-optimised implementations of the maths exist and have been open-source for ages, now. Particularly for the case of inference (given the weights of a trained model) proprietary and novel advances – alike – only grant a marginal speed-up.

The question is only how *fast* some given hardware can run inference and, there, I propose that the answer is entirely meaningless because the vendors behind this fad will *never* allow LLMs to truly be used in anger, offline. (And literally anything can send an HTTP request to "the cloud" to query models.)

Being the man-in-the-middle to serve the 'AI' responses – capturing usage and prompts and all the telemetry and metadata – is the very product they're building. Why would they ever let that run offline? Forgoing gatekeeper status would be arse-about-face, for them, because the perceived value in interaction data is their only business case.

Any hardware vendor punting "AI compatible" hardware is not just pulling a fast one because just about any Turing-complete machine with a product-op *could* execute the algorithms (perhaps slowly) but because users will never truly use the capabilities.

Sure, the open-source algorithms and open-source model weights are cute to run, offline, but they are only a curiosity. Although the hardware vendors are punting chips capable of slightly faster execution of these algorithms with those models, nobody with the funding or power to drive this fad forwards intends for those models to find main-stream use – I predict that they will disappear from public consciousness exceedingly quickly.

Think about how many algorithms *could* run locally, on-device, on any modern smartphone but are, instead, served from some cloud data-centre, somewhere, where some corporation receives all the data. Think about how many services *could* operate just perfectly over everyone's LAN, without ever crossing the firewall or being routed outside the subnet. Hardware vendors don't seize upon these 'capabilities' to promote their stuff only because none of these are in the headlines.

Microsoft says it'll throw €3.2B at AI ops in Germany

Czrly

Coal-Fired?

Would that be "Germany" as in "*here*, this Germany" ... that I'm living in... that shut down all its nuclear "Atomkraft" power-plants under pressure largely lead by the greens who were manipulated into opposing nuclear power, decades ago.

THIS very Germany that had to re-open coal-fired power-plants when the "Ostpolitik" policies were shown to be failures and the pipelines carrying liquefied-dead-dinosaurs from Russia were limited?

THIS Germany that imports electricity from aged and decrepit nuclear plants placed conveniently far outside the borders as to be immune from the anti-Atomkraft lobby in the Bundestag, yet close enough to annihilate quite a damn lot of it, should they go boom as the misguided fears of the past foretold – the same fears that were over-played by, yes, the Greens, in fighting against Atomkraft and achieving a massive win for Big Coal, back in the day?

Whatever power Microsoft draw to power those data-centres, they have no moral right to do so – certainly not for "A.I." – but it gets worse because they'll surely buy their power wholesale and it will surely also be discounted! On the ground, consumer electricity prices are sky-high and the need to convert to electric heating – gas heating being phased out – will be punishing to many people and families in the very near term. Spending Watts on the stochastic parrots of the already-rich is not going to insulate all the old houses or lower heating costs.

In a sense, this is very much a direct waste of resources on "artificial" algorithms in spite of the real-life humans who need them, and all so that a corporation's profits can increase in line with the latest fad.

Ich bin doch wutend.

Mozilla CEO quits, pushes pivot to data privacy champion... but what about Firefox?

Czrly

Re: Firefox could so easily win…

I'd argue that the remainder of the points would serve to erode the market for Electron, which is essentially Chromium and V8, and that that, too, would serve in the battle to prevent a web browser monoculture from developing.

There are a tonne of things that use Electron-based "native" clients but don't provide any benefit that couldn't be served by Firefox in some kind of "PWA mode" and providing the necessary features to do so would amount to a few new command-line parameters, assuming that the previously mentioned profile isolation features were first class.

Czrly

Firefox could so easily win…

All Mozilla have to do to take a serious bite out of not just Chrome and the whole extended family tree of Chromium – INCLUDING Electron – is this:

- Fix the bugs. Seriously, just fix the damn bugs, already. There as so, so many...

- Cut the tracking, telemetry and privacy-snooping features at the source-code level.

- Cut the value-adds that nobody wants nor asked for, starting with Pocket.

- Return to the "principle of least surprise", meaning absolutely no "experiments", no modal popups interrupting the user's flow just to try to sell them on a frivolous new colour-theming gimick, no surveys, no up-selling of features: zero surprise, it's a browser, just be a browser and always be a browser.

- Make desktop integration a first-class feature: starting with effort to make the look and feel fit with the desktop environment!!{infty.}

- … and the U.I. font-size match the desktops font-size and DPI!!{infty.+2}

- … and task-bar/launcher/launchbar/launchbarx integration so that multiple, segregated, privacy-sandboxed profiles can coexist as first-class buttons, thereon. (Without the hacks needed to achieve this, today.)

- Oh, and give us PWA / `--app` support (again, with nice taskbar integration on the host desktop) so we can just use a Firefox instance to kill off Electron apps for all those cases where the available desktop app is just a site wrapped in Electron.

After all of the above, there are a tonne of easy, low-hanging fruit to grab to distinguish Firefox from the rest:

- First class advanced tab management and organisation, multiple selection, copy links to the clipboard, etc...

- Advanced user keyboard shortcuts and re-mappings: closing all tabs, closing tabs to the left or right, closing unpinned tabs, closing duplicate or old tabs...

- Built in RSS support with synchronisation of read articles via the Mozilla account...

- Use of a hardware token to encrypt synchronised passwords and other data.

Some are provided hap-haphazardly by plug-ins but I REALLY struggle to trust those because they invariably require permissions I don't want to grant and often require extra permissions because of feature creep. I do still trust Mozilla – technically – and, by building these features right into the browser, could begin to make advancements, again.

Something tells me that this new management change will not result in a single solitary one of these obvious and often trivially easy quality-of-life and privacy related changes will ever be made.

Closure of Windows 10 upgrade path still catching users by surprise

Czrly

That means no re-installs?

Let me get this perfectly straight because it is important to me: this means that, should something disturb my Windows 10 activation on my old hardware or should my disk drive fail, I can never re-install, even though my PC has been running Windows 10 for many years – originally from a Windows 7 upgrade?

I can't upgrade to Windows 11 – don't have a TMP and my motherboard is rather dated – and, even if I could, I *would* not because I consider it to be a step backwards in usability, privacy, openness and, outside of those, it's no advancement in any way that matters.

There's nothing wrong with my old hardware (i7 7700, 1080ti era) and no earthly reason to upgrade it.

Frankly, I'd actually be perfectly happy to DOWNgrade back to 7 except that nothing supports that any more. LOTS of games, software, tools and even modern programming languages and compilers have dropped Windows 7 support simply because they did not want to or could not afford to expend resources maintaining it, given that Windows 10 was a "free" upgrade path.

This is basically a pure, end-game distillation of the EEE tactic, except I'd personally omit the "Extend" part because I honestly can't think of a single Windows 10 feature that "Extended" functionality in a way that I actually wanted or needed. And, basically, this goes to show that Microsoft could put paid to anybody's use of their OS at any time on their own hardware, even if one had a formerly valid and legal license. The can choose to alter the deal at any time.

Meh. I've migrated 99% of my use-cases to Linux, anyway. I only boot Windows 10 for a few games, now. But I was planning a fresh re-install to clean out some unwanted stuff – like old Adobe and Apple bloat left over from other abysmal software that I once used, have uninstalled, and will never touch, again – and now I see I can't ever do that, again!

Need to make some 3D models but lack the skill and talent? Say, have you tried... AI?

Czrly

Re: Do you have a whole drawer full of conventional spoons…

Alternative version: does that hammer you're wielding make everything look like a nail?

Well, have you tried an "A.I."... *hammer*?

Czrly

Do you have a whole drawer full of conventional spoons…

… and all you need is a knife?

Well, have you tried an "A.I." … *spoon*?

Open source's new mission: To boldly go where no software has gone before

Czrly

Re: We need safe-harbour for communities of humans: developers and users.

EDIT: Obviously, I'm all in favour of building for-profit software and products based on Open Source components but only in good faith and in compliance with the license – that's not what I'm disparaging in my post.

Czrly

We need safe-harbour for communities of humans: developers and users.

Open Source software exists either to serve a need or curiosity, either of an individual person or concern or of a community of them. That need or the satisfaction of that curiosity is its sole "mission" and purpose and suffices – no more is required.

However, the Open Source movement – as a philosophy – does have a mission and, as is highlighted by Bruce Perens and this article, that mission deserves new consideration in today's climate of LLMs, where former bastions have been acquired by hostile corporations. That movement's mission has nothing to do with data or software or drawing arbitrary, semantic lines between those two. It has nothing to do with usability or portability or anything technical.

The Open Source movement's concern must focus on protecting the communities that bring the needs and curiosities and gather together – or venture forth as individuals – to build whatever the hell piques their interest or whatever the hell they require.

It must focus on protecting the knowledge and the artefacts from those communities such that they and those that come after may build upon each other's work as Open Source always has done and, without which, Open Source simply could not exist – we wouldn't have any compiler to compile it, any libraries to link it to or an Operating System to run it if it did!

The requirements are crystal clear: what is needed, today, is a return to searchability of knowledge and code and safe harbour for code-bases – i.e. never GitHub, again! We need new places to communicate instead of black-holes like Slack, Reddit and Discord which are not to be trusted and already have strictly finite time-to-live on what's previously written, there. We need improvements to the safety and security of our supply chains: NPM and Cargo and PyPI and the like.

The Open Source movement needs to defend itself from the parasitic predators that pervert the good-faith contributions to build for-profit products. These parasites are invariably "anthropomorphised equity" and they suck the blood of living, thriving organisms nurtured by bleeding and breathing people in order to make their own lines go up – that is the antithesis of "Open Source" AND of "community"! It needs to enable its communities to build what they want to build or need to have – serving users and doing whatever one does with "data" is inevitable and will happen in a more or less successful way, as it always has.

Post-script: I think that GitHub is a good case study. It was once a bastion of the Open Source world and, even today, serves to host the vast, vast majority of Open Source projects – both code and issue trackers, discussions, C.I., wikis and documentation. But, in fact, GitHub is largely a cornerstone of the problem and the reason this debate is interesting in 2024. Before Microsoft weaponized GitHub, all Open Source projects were ruled by a LICENSE and that LICENSE was invariably to be served and stored with the sources. On GitHub, the LICENSE is there but the LICENSE no longer makes everyone equal. Instead, Microsoft have become the pigs in the farm house: they are more equal than others, even though they technically hold only the LICENSE that everyone who fetches the code receives.

Any project that is on GitHub hands to Microsoft perfect visibility not only into every revision of their code-base but also into every single interaction of every other user, developer or viewer of that code and that interaction data is probably far more valuable and far more threatening to the communities about which I'm ranting lyrically, today. Not only that: every fork of every code-base extenuates this problem.

Hosting on GitHub is easy but I wonder if it is not fuelling the machine that will ultimately crush any hope for the future of Open Source as a movement of humans.

Google Chrome Privacy Sandbox open to all: Now websites can tap into your habits directly for ads

Czrly

Re: Sneaky

"Sites" that "don't like Firefox" aren't actually sites at all. We've had Web Standards for decades and Firefox is about as compliant as any other flagship browser.

IDC gets even more pessimistic about PC sales

Czrly

Re: I, for one...

It *will* run Linux Mint. I know. I've tried. Also Ubuntu, Arch and Gentoo.

The experience is sub-optimal, however. Sound won't work at all – after days and days of hacking in which I managed to get some white noise (and software toggles to control that white noise, I suppose), I ended up passing sound down HDMi and out the headphone jack from my monitor to my real speakers and that was as good as I could get and certainly unsatisfactory.

The GPU will work for compute tasks and can be bludgeoned into appearing to achieve something akin to desktop compositing but never both compute and presentation at the same time and the performance is abysmal – resizing a window or scrolling a browser page is insufferably poor. Watching a full-screen, in-browser video is a joke. Full-screen 3D stuff appears fine and renders at very high frame rates but the horizontal tearing apparently can't be solved – any kind of v-sync functionality just doesn't work – presumably, this is because whatever is controling the GPU isn't playing nicely with the window manager and compositing engine.

I've tried the nVidia official, closed-source drivers and open-source ones and nothing makes it better. I've tried it under Gnome, XFCE, KDE, etc. I've even tried Wayland but, yeah, Wayland + nVidia are/were a match made in hell.

The sound device *appears* as some kind of HD-Audio-esque thing but just defys typical behaviour for such hardware and only produces noise signals out of any audio jacks, whatever the configuration.

There's also the on-board WiFi – I gave up on that, completely, but don't need it, either, so that isn't too much of an issue. (Not right now, anyway. I did need it, recently. It would be nice to know the hardware does work if I should happen to need it, again.)

My "Windows 10" hardware is just a pile of incompatible rubbish – that's what. I gave up fighting with it, long ago, because I honestly can't be bothered to keep trying. After the days become weeks, once or a couple of times, round, one just gives up.

Part of the problem is that everything is on-board and what's not on-board is the GPU and that's just too expensive to simply replace. To avoid having this issue, again, I'll be making sure that my next box has a motherboard that is 110% Linux-friendly (i.e. ALL the on-board stuff works flawlessly, without any need to fight with it) and the GPU is proven good under Linux before the return-window on the part runs out.

Of course I won't just land-fill the old hardware. It will probably work fine as a headless server which never needs to emit sound, connect to WiFi or use the GPU in anything other than compute modes.

Czrly

I, for one...

I, for one, will be forced to upgrade my PC hardware when Windows 10 ceases to serve my needs because, sadly, it is officially incompatible with Windows 11. I could hack my way around the official requirements – that's easily done – but I don't wish to exert effort defying Microsoft's wishes and so I suppose that I will have to play a role in this up-swing in PC hardware sales, despite my anti-consumerist stance.

Thankfully, once I've replaced my old hardware with stuff that operates properly under Linux – goodbye, nVidia; goodbye, Creative SoundBlaster on-board audio – this coming upgrade-refresh might just be the one to end the cycle.

Never again, Windows.

Now: does anyone have a great hardware review site with a STRONG Linux focus? I.e. one that can be trusted to absolutely lambast any kit that has even minor niggles under Linux – and basically black-list makers who's drivers are rubbish?

Take the blue pill: Keanu Reeves has had enough of AI baloney

Czrly

An A.I. can write *enough*.

An A.I. cannot write anything that is truly of interest to me or many of us, perhaps – aside from a curiosity at what the algorithms are capable of through scientific interest in the numbers and mathematics, of course – but I fear that they can still write *enough*. The truth is simply that there's a very low bar for content. Enough is easy to achieve.

Consider Netflix as a case study. Today's binge-watchable series are invariably one-trick ponies: they have mastered precisely one of the story teller's arts: the hook to bring you back. Every episode is a waste of time, meaningless. Characters are not developed, worlds and places are not explored, theories and philosophies are not elaborated, in fantasy the story does not indulge, and questions it does not confront. Instead, in the dying minutes of any episode, a hook is placed simply to get the viewer to begin the next expisode in which nothing at all will happen, either.

Ceasing between episodes is consequently uncomfortable but, should one abandon ANY of these "binge watchable" things at T=10 minutes into any episode, one very quickly realises that they've no real reason – besides boredom – to pick it up, again.

Can an A.I. write this? Surely it can or it will be able to, soon – perhaps only two academic papers down the line.

Researchers have studied how free pornography and "tube-sites" exploit the dopamine loop in the brain. If A.I. could reproduce this exploit with matter that is both free of taboo and that does not trigger any interruption by a refractory period, the result could be devastating.

Could A.I. power a pleasure-button that many – like rats – would press until they die? In fact, it will not be necessary to press the button – we've "autoplay" for that and the 60-second video format – close the feedback loop with "telemetry" and any control engineer can tell you what can be built.

Mozilla, like Google, is looking ahead to the end of Apple's WebKit rule

Czrly

Will I then be able to disable the sponsored search engines?

Will I then be able to disable the sponsored search engines?

In its current state, iOS Firefox will automatically enable sponsored links on the home page – to Amazon and other evil actors – and require to you manually turn those of and it will also include sponsored search engine plugins to those same evil actors that I can't find a way to disable. These buttons appear when you activate the search/address bar and, as I said, I can't find a way to turn those off.

Firstly, enabling and supporting evil actors like Amazon should not be done. Secondly, why can't I turn those OFF?

Until Mozilla allow me full control of and confidence in my browser, once again – or, even better, just not include those traps and parasites at all, ever – I honestly do not care what rendering or HTML engine is running behind the scenes. Frankly, Mozilla also have bigger problems, elsewhere, including the state of Desktop and ESR Firefox.

The end of the rule of Apple's WebKit is great but it is not the end of the problems browser users (that's everyone) face, today. In fact, I would even doubt it is the most significant!

WINE Windows translation layer has matured like a fine... you get the picture

Czrly

Re: Can we use it to run WSL?

How much of that is Minecraft?

Self-driving car computers may be 'as bad' for emissions as datacenters

Czrly

Re: Go restomod

Could you possibly mean it doesn't do stuff like pulling an emergency-stop in the middle lane of the notoriously narrow-laned Brenner pass (between Austria and Italy) with no reason or other vehicle (apart from the overtakee) in sight, while I'm executing a perfectly tame, considered, pre-meditated over-take?

Someone who works in the automotive industry as a programmer explained it to me: these systems basically only count false negatives. Slamming on the brakes (even causing a pile-up because of inadequate following distance from those behind) doesn't count as a black mark against them but FAILING to slam on the breaks when the driver is incompetent does. So they all just guess that any sensor blip is worth a crash-stop and, even if that actually causes a crash, blame the human anyway.

(It slammed on the brakes and induced so much unexpected under-steer, I ended up half in the lane on the outside of the curve which was thankfully vacant. I can anticipate a lot of things on the road – I drove for decades in South Africa – but who can anticipate the moment when software or sensor bugs will suddenly strike?)

Page: