Posts by bombastic bob

Re: Small pay-TV providers

keep in mind that a cable provider typically has a 'localized monopoly'. I can only get Time Warner, and with their new merger, I'm sure that customer service will suffer somehow. TWC has recently been bragging (in ads) about improved service, raised their rates a couple of times, and switched us all over to digital cable boxen. The 'rent' is free... for now. Will be $/month at some point (for the cheap, featureless box).

Since the switchover I've noticed malfunctioning channels on more than one occasion, had them try to bill me for a tech visit post-self-install [caused by their screwed up database] because the boiler plate said "let me send a tech over" [week later] tech arrives, "I know what's going on" makes a phone call, it's fixed. THAT kind of thing (then they try to BILL ME for THEIR f-up). And some of the channels had WRONG aspect ratios that couldn't be corrected. And I can't disable channels I never want to see, like MSNBC or a spanish-language channel or whatever (so channel surfing MUST scan THROUGH them). And re-scan doesn't stop 'the weather channel' from popping up an irritating 'malfunction' message.

And let's not forget the occasional stutters, pixelization, and black screens that seem to happen now that it's "all digital". Analog didn't really have THOSE problems...

Maybe it's time to force cable companies to allow others to use THEIR WIRES (at a reasonable fee, of course), similar to the way it happened with telcos. And now it's working with POWER COMPANIES (using the local utility's lines to deliver THEIR power THEY generate, usually solar).

But yeah, utilities are like that. They're "regulated" but not necessarily in OUR favor...

(and I've never seen a 'small pay-TV provider', not even once)

Re: Why July

"Start thinking for yourself and you might find Windows 10 OK."

As I saw someone else say in this forum, "Dear Mr. Pot, this is Kettle, please revise your statement regarding color". Or something like that.

And I won't find Windows 10 'OK'. I gave it a fair chance a year ago during the 'insider' program. It failed to meet expectations, by a wide margin.

But I DO agree, that they ARE listening [via spyware] as you pointed out.

Re: Modern synchronization technologies?

"However MS would be mad to drop POP3 and IMAP from Hotmail so other clients apart from Outlook-the-client would carry on working, except for WLM which sees a @hotmail.com or @outlook.com address and automatically configures itself for a nonexistent protocol. Perhaps there's some way to trick it into configuring manually for IMAP."

I certainly hope you're right about this, because if Thunderbird stops being able to read my MSN e-mail (which I've had since MSN was in beta, and I continue to pay $5/month for the e-mail along with 'just in case' dial-in access which I've used on occasion, most recently LAST YEAR), then I'm *DUMPING* my MSN account and e-mail address and anything ELSE that has to do with outlook, hotmail, msn mail, or anything SIMILAR.

I'm not going to use their Win-10-nic mail client. I tested that one a year ago during the insider program, and it tried to screw up my IMAP folders. Fortunately it did no real damage. It's also 2D FLUGLY. And it doesn't run in Linux.

Re: 300 million infections

"Did anyone watch an episode of Equinox (Channel 4) called "The King of Chaos" which aired around 2000?"

unfortunately, no. But I *did* see 'Kingsmen' and the big-bad offers free phone service with a 'special' feature... maybe that's what's behind Win-10-nic?

OK not *that* but still...

Re: Next stop for Fiorina

why not put Fiorina in charge of sacking half of the U.S. gummint... "downsizing" Trump style! With Fiorina as the axe-lady. (perfect!)

DATE: January, 2017

FROM: President Trump

TO: half of the government

SUBJECT: YOU ARE FIRED!

Carly gets to pick which half

Re: well, that the UK prez you folk chose ain't much good either!

"Another Churchill quote"

Churchill was BRILLIANT. I was irked when Obaka 'dissed' him by sending the bust back... (ok it was supposedly 'on loan' from Tony Blair but still... not a smart thing to do)

Re: Same old, same old

"They elected Ronald Reagan, they elected George Bush (Jr), they will elect Trump."

hopefully. It could've been worse: Carter, Mondull, AlGore, Kerry, ...

(better to pick the lesser of 2 evils - Cthulhu or Clinton - I pick Cthulhu)

Re: President... Trum...?

"We're all screwed. Doomed & screwed, screwed & doomed."

that's what I said in 2008 when Obaka was elected... and again in 2012

Re: On behalf of the human race

"TRUMP / PALIN 2016"

"Twice the crazy -- twice the fun!"

heh - good one

sit back and enjoy the revolution show

Re: Certificates are the illusion of security

"Is there any evidence these have not had their public keys shared with the spooks. No need to break any SSL protocol or cypher if you have the key to decrypt it all."

um, I don't think you understand the following very well:

a) public/private key encryption

b) SSL protocol handshaking

c) certificate signing and how it authenticates a web site

the public keys in the certs have little to do with SSL protocol, but (as I understand) they're used for validating the signatures, sort of like the way a hashing algorithm can validate a logon and password without revealing the password.

So there's no decryption with a public key. only ENcryption. then you could match the encryption to a known result (I'm assuming) to validate it.

The SSL protocol uses different methods, among them Diffie-Hellman. Time to google if you haven't heard of it.

Or I can simply point you to it: https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

so even if you had a cert's private key, you wouldn't be able to use it to decrypt SSL traffic.

Re: Certificates are the illusion of security

"Therefore, although they COULD in theory sign a fake cert of their own and have it accepted by some browsers as being valid credentials for your site and then man-in-the-middle your server so that they accept connections with THEIR generated private key instead of yours, almost any modern browser will throw a fit when they try this."

etc,

very true. I've been deep into researching cert-land over the last ~2 weeks (and some prior). A summary of what I've found: you can be your own CA, but you have to load the root (and other) certs onto the target machines somehow (let's say an application installer program, like the one I recently open sourced). Like with a self-signed cert, however, you throw warnings in web browsers.

Internet Explorer uses Windows' system cert store, and you can have an application installer (let's say) install new root certs to prevent warnings. Incidentally, this can happen without your knowledge from any application running with 'Admin' privs, calling the right functions.

Firefox and other browsers often have their OWN cert stores separate from the OS, so you'll have to get past THEIR security and warnings to load new root certs.

Intarweb filtering appliances often use the 'MITM' technique as part of their operations (did you mention those? I might've missed it), so IT people must load the appliance's root certs on everyone's workstation by policy or manually [whichever].

As for code-signing, kernel drivers require a "microsoft signature" to load from bootup, but they can dynamically load after boot using regular signed certs (so load your root and signing certs and your drivers will work post-boot, but not during boot). Enabling 'self cert' lets you test things, but apparently shuts off DRM-related things. Not like I need them...

Microsot has also added an even BIGGER "tollbooth" with regards to signing requirements in windows 10, allegedly for quality assurance, but most likely to put even BIGGER roadblocks and tolls in place for independent devs and open sourcers, and maybe lock us into all using windows 10 and playing by THEIR rules forever. That's my opinion, ok.

As for web site certs, self-signs work, but throw a warning (typically) as you pointed out. If you accept the cert by ignoring the warning, https will work just fine like it was meant to be.

openssl can create certs easily, and there are several good online resources on how to do this (including my own web page on being your own cert authority). So yeah, the info is a search engine away. code-signing resources go through Microsoft's "circle jerk" documentation hell, so it's harder to find THAT information without time and frustration.

And related, MS's own examples for code signing self-certs actually create certs that use sha1. But sha256 works fine for code signing certs as far as I can tell (creating my own, of course). But I did see some odd behavior in the kernel debug output in Win 7 checked build when using sha256, some assert about the hash length being larger than some value...

hopefully not 'too long' forcing 'did not read'

Re: there's no bad advertising :(

<quote>

and yeah, soon you'll have a Steve Balmer replicant claiming, internally, that you know, it's a bit naff, but HEY, WE GOT FREE, NATIONAL COVERAGE!!!!!

</quote>

it's an easter egg in the GWX panel. Just shake your PC vigorously, next time it comes up. That activates the easter egg. (maybe some might activate if you put it in a microwave oven on high for 3 minutes, or use the CD/DVD tray for a coffee cup holder)

(ok I've been reading BOFH too much)

Re: Oh, yeah...

<quote>

"This. Its pretty obvious Microsoft don't see it that way, they see the your desktop as their advertising space and its steadily getting worse."

Just because that's the way they see it doesn't make it excusable.

</quote>

yeah, I don't want my DESKTOP SCREEN looking like the TV from 'Idiocracy' with ads all around the outside, and about 1/3 of the screen devoted to actual content...

oh, wait, like a TYPICAL WEB SITE in the 21st century, except it's the "new desktop model"

/me self-slap for giving Micro-shaft yet ANOTHER way of SCREWING UP THE OS

Re: Microsoft showing off their coding skills...

<quote>

10 PRINT "Upgrade this PC to Windows 10"

20 PRINT "This PC is not compatible with Windows 10"

30 GOTO 10

</quote>

you need an extra "GOTO 10" line (yes that was a vague Futurama reference, like when Calculon asked Bender sarcastically if he had an extra "GOTO 10" line)

because, as we all know, it would be even STUPIDER if it DID have an extra 'GOTO 10' line.

Re: I don't mind the weight of pages

"Perhaps time for a browser extension that detects when the knock on effects of a single page exceed 10MB and puts up a message" (etc.)

you added an extra '0'. make that 1Mb and I'm in.

Re: I don't mind the weight of pages

<quote>

"badly designed pages jump around as unsized elements load"

- The reg has been doing that on me recently, caused me to post anon once or twice as the page jumped about as I tried to focus the comment box and I didn't notice. Never used to do that...

</quote>

I offer my own suggestion: use <table> creatively, and everything lines up. Amazing! and it's low-bandwidth...

Re: Same thing happens with scripts

"I recently completed a standalone HTML 5 app for in-house use, and was a bit horrified to note that it came in at over 3000 lines of Javascript code (with no libraries). Then I noticed that a colleague had included, in a related project, a single third party library comprising more than 17,000 lines"

now you know how to separate the "real programmers" from the "script kiddies" and the "wannabes".

it's also why I don't like "someone's 3rd party library" - they rarely do what I want, the way I want it, or else need too many hacks and take FOREVER to master. By the time I've mastered "someone's 3rd party library" well enough to complete the code, I could've written the entire thing myself, made it do what I want, and done it RIGHT. And then played a bunch of video games, and then gone on vacation, and after coming back from vacation, a comparable dev effort using that 3rd party library would STILL be going on and on and on into a quagmire. Seen it before, in many contexts. And it's not "NIH", it's the practicality of getting things DONE.

Re: Not just size

"There's also the turnaround time for DNS lookup, establishing a connection, and multiple request/responses for the dozens of trackers, beacons, analytics, CDNs, and goodness knows what else that comes with every page view"

but if they hosted all of their own content, they wouldn't be able to 'distribute the pain' of all of that bandwidth, would they?

Re: I think _I_ can explain it (and it's not that hard)

actually, m!=0 for a photon. its effective mass is a function of frequency/energy of the particle.

http://math.ucr.edu/home/baez/physics/ParticleAndNuclear/photon_mass.html

zero "rest mass" would be more accurate.

the photon mass is involved in how gravity affects it, and was part of the proof of Einstein's theory of relativity back in the day, when stars were observed to have "moved" due to their relative position near the sun during an eclipse. Predicting that was part of Einstein's theory, and so when it was finally observed, it proved his relativity theory was correct. FYI.

(and if photons were truly 'massless', gravity would not affect them)

Re: Cold fusion

hmmm... my reply seems to have been lost. I'll check back and delete it. UI problems or ?

cold fusion probably happens at rates that are immeasurable, just like the radioactive decay of "stable" isotopes. It's "there" but you can't measure it because it's below the noise threshold.

So it's not entirely 'twaddle' for cold fusion, just highly impractical. The probability of hydrogen fusion is related to temperature and pressure, and PROBABLY resonant energies. Current research may or may not be focusing on the resonant energy angle, but maybe they like their 'secret sauce' and so nobody's really talking about it. In any case, I don't know if cold fusion with palladium and monotomic hydrogen (or heavy water for that matter) actually WORKS in ANY capacity, and indications are that it does NOT, but I wouldn't rule out immeasurable reactions taking place. But yeah, its impractical.

The EmDrive may ALSO be impractical for similar reasons. If it's MOMENTUM of light-speed particles that cause the thrust [regardless of how/why and Unruh radiation, or not] the energy required for propulsion goes up by a factor of 4 when you double the energy. Thrust = delta-momentum which is delta-velocity times mass. the mass flow rate of rocket exhaust multiplied by its delta-velocity (which is proportional to the square of the energy) equals the thrust. So, double the mass, double the thrust. QUADRUPLE the energy, double the thrust. Rocket engines are a compromise of needed mass and available energy. And the EmDrive could not POSSIBLY be efficient, based on accelerating things to light speed. The Xe ion drive would be a better choice in deep space.

Re: ZFS

there are MANY reasons why a module needs to have a 'closed source' component. One of them might be FCC rules, for things like wifi drivers, where the requirements for certifying your driver would be to take steps to prevent modifying your software if the software controls things like power tables and frequencies [the things that FCC regs, well, REGULATE].

So Broadcom WiFi will *ALWAYS* have a 'BLOB' because the FCC regs demand it. It also has a "wrapper" so you can re-compile the kernel. I'm not entirely sure how the source for the binary kernel module for ZFS actually works, but I expect that the source *IS* available. The license contention has to do with the Sun/Oracle requirements, and GPLv2 can't have "additional requirements" if it's GPL-covered. So it's being shipped as a NOT GPL component that's (as I understand it to be) dynamically loaded, "bundled" with the OS and not "a separate component" as far as Stallman and others are concerned. THEY *feel* (not think) it's a "violation", but you can bundle non-open-source software with Linux if you want. PURISTS won't, but sometimes it's needed, and the INTENT of the GPL is to allow modification of GPL-covered code and "the system still works".

So if you can re-compile the kernel and the ZFS module for the new kernel, there should be NO issue with the GPL. If re-compiling the kernel PREVENTS you from using the ZFS module, there MAY be an issue, but if the module is "not part of the GPL code repository" then I'd say NO, it's NOT a problem, and I hope the courts agree with me. Otherwise, the "fascist enforcement" of 'open source forever' from the use of a trivial GPL component may COME BACK TO BITE ITSELF IN THE ASS. In other words, the unintended repercussion might be something the FSF and Stallman don't want to deal with even MORE than having ZFS survive as part of Ubuntu.

Re: Centos & Mint

"By 'stupid bits', you mean Unity?"

I know *I* would. Unity is like "phone on a desktop", _EXACTLY_ what M$ is doing WRONG these days.

"the mobile age" is HIGHLY overrated. *NOBODY* does "desktop things" on a phone, "Continuum" is a freaking JOKE, and "tablet interface" *ONLY* works on a fondleslab, which has a dwindling popularity if you read the market correctly (basically they're just oversized PHONES and are used in similar ways).

So SERIOUS computing is STILL done with keyboard+mouse on a DESKTOP computer, which needs a DESKTOP interface, like Mint has. Of course, Ubu can run MATE as well. That's what I do with Ubu - MATE desktop.