* Posts by bombastic bob

10507 publicly visible posts • joined 1 May 2015

Hero to Jezero: Perseverance, NASA's most advanced geologist rover, lands on Mars, beams back first pics

bombastic bob Silver badge
Devil

Re: Life on Mars

Panspermia is interesting, but I think the more likely case is that [like planets around stars] it is more plentiful in the universe than not. Life exists on earth in even the most hostile places, "finds a way" to continue existing. Perhaps the rest of the universe is the same way...

bombastic bob Silver badge
Devil

Re: Life on Mars

atmospheric loss due to the solar wind would not have occurred until this field collapsed

Yes, this is the theory (along with a solid or nearly solid core which would lack the magma activity needed to generate a magnetic field from planetary rotation, etc.) along with other theories including the magnetic field generation theory.

Some direct proof of the above would be nice. Maybe on a later mission? The magnetic field could be measured with your standard 9 axis IMU. Just sayin'.

Until then, the Mars meteorites discovered over a decade ago [as I recall] had some evidence of structures that COULD have been caused by bacteria, and that the rocks themselves were supposed have originated on Mars. So, "some evidence" is already there. Proof time!

Maybe the helicopter can spot something better than on-ground cameras that would be worthy of the rover to analyze to a greater extent. Not sure exactly what they'd be looking for in that realm, but I kinda like the ancient lake bed approach so I think they've got a much better chance of finding that important conclusive evidence than on ANY other previous mission.

Bill Gates on climate change: Planting trees is not the answer, emissions need to be zeroed out to avoid disaster

bombastic bob Silver badge
Boffin

Re: There's a lot we don't know

you really do mean to deny anthropogenic climate change

_I_ most certainly deny it. With pride! And, I have science to back up my "denial". I presented some of it in an earlier post...

I believe that it is extremely important to "deny" the things that are just NOT true, and then wear it as a badge of honor, even in DEFIANCE, if people want to use "denial" as some kind of pejorative.

Don't forget: science is not about CONSENSUS - it is about THEORY and EXPERIMENTS and PROOF.

bombastic bob Silver badge
Boffin

I think it’s fair to say that nearly every reader of this august website has an absurdly high carbon footprint, and we all need to work hard to reduce it

From the article: There are 51 billion tons of greenhouse gasses emitted annually

A few facts to ponder, which I'm sure many will "mind"

* earth is heated by the sun in the day, and cools by "black body radiation" at night

* the method of cooling involves the IR spectrum, in which most of the energy will be in a limited frequency range that is related to the temperature of the black body

* a greenhouse gas (like water) will "act like blanket" and prevent IR radiation from leaving the atmosphere by absorbing it. This heats the atmosphere, and indirectly, warms the planet

* CO2 is practically TRANSPARENT to IR energies corresponding to ACTUAL temperatures found on earth, ;i.e. those between -50F and about 140F. TRANSPARENT. Like glass. NEARLY ZERO EFFECT.

* CO2 is about 0.04% of the atmosphere, and is at equlibrium due to the the planetary hydro cycle (i.e. rain and evaporation - CO2 is very hydrophyllic, and will attach to water in the atmosphere).

* Water, on the other hand, can be well over 1% of the atmosphere on very humid days. Not only is there a lot MORE of it, it's FAR more effective at being a greenhouse gas.

In short, CO2 can NOT act like 'a greenhouse gas" on earth, (not of any significance) given the temperatures you normally find on the planet. On Venus, sure, but its mostly sulfur compounds doing it there. And on Mars,there's not enough of it.

WATER, however, is a HUGE greeenhouse gas on earth, maybe over 100 times as effective as CO2 could possibly be.

And yet, I see NOBODY trying to control WATER...

I wonder why THAT is?

Texas blacks out, freezes, and even stops sending juice to semiconductor plants. During a global silicon shortage

bombastic bob Silver badge
Trollface

they are unequipped to handle coal frozen together.

Prison chain gangs with sledge hammers oughta do it...

At least coal and oil and gas plants will have higher efficiency (see Carnot efficiency and 2nd law of thermodynamics) once up and running.

What I'd like to know: where did all the NUKE plants go???

Another reprieve for exhausted IT admins: Looks like there are no whizzbangers in Windows 10 21H1

bombastic bob Silver badge
Devil

Re: Good

From the article: without the major new features

Read: without the FEATURE CREEP

Small, stable, incremental change is a *Good* thing for an OS

A qualified "agreed" except that you want to avoid the _kinds_ of feature creep that slowly shows up, such as some of the things in XP that broke stuff in SP2 (for example). I remember a few things, specifically, including the ability to (easily) create raw packets for IP.

But it's a welcome change, for sure for Micros~1 to (for a second time) release updates that don't "change the universe" according to someone's "feel".

Linux as root partition on Hyper-V: Microsoft submits patches for kernel 5.12

bombastic bob Silver badge
Linux

Re: Hopefully...

we can always hope!

I'd just like to have Linux or FreeBSD with a windows subsystem (like Wine), even if it has to be Win-10-nic .

Biden administration pauses pursuit of TikTok and WeChat

bombastic bob Silver badge
Black Helicopters

Re: Meanwhile, China blocks the BBC

right, but if a non-CCP-controlled nation blocks THEM, it's "endless lawsuits" dragging it on until a "friendly administration" just "pauses" (read: buries) the whole matter. Puppet strings notwithstanding.

The CCP has WAY too much influence/control over the things we're doing, from suddenly (and without warning) LIMITING PPE EXPORTS during a pandemic, to routing the usual privacy-violating things (that people are wiling to agree to, go fig) through servers in CHINA. And they're not friendly, no matter how wide the Stepford Smile. Look what they do to their OWN people...

I for one will NOT be subjugated to anything resembling a "Social Credit Score" derived from CCP spy data. Or Google spy data, for that matter. But Google is a U.S. company, and may have trouble getting past those "stupid laws" whereas the CCP would NOT.

President Biden to issue executive order on chip shortages as under-pressure silicon world begs for help

bombastic bob Silver badge
Devil

something worth considering, the RELAXATION of environmental and other (similar) restrictions, which is always a MAJOR impediment to new construction of things _LIKE_ FAB plants. It's cheaper to off-shore your pollution, yeah.

I do not know if 'Benedict' (Biden} would actually DO this, but I might have to give him a "slow clap" if he does something MAGA-worthy.

Habitable-zone exoplanet potentially spotted just around the corner in Alpha Centauri using latest telescope technique

bombastic bob Silver badge
Devil

Re: a mere 4.3 light years away

they're just not capable of particularly high thrust. Not yet

Ack. I'd say the most efficient 'impulse' type of engine would be

* fusion reactor

* super-heated liquid/gas expelled at high velocity

* maximum impulse per gram of propellant

If the propellant is hydrogenous, it can also be "fusion fuel" even if only a small percentage (i.e. deuterium and tritium) are being used for that part of the engine's output.

Then you just need a LOT of it. Since hydrogenous material (methane, water, ammonia) is available on just about every planet in our solar system, in high abundance, shouldn't be a problem if you can make a big enough tank to hold it all.

* NOTE: to prevent melting engines, you inject raw fuel along the inside surface of the engine. The laminar boundary layer will allow turbulent flow, while protecting the layer itself, which will then evaporate and effectively cool the engine housing. Then you can have exhaust temps way above the melting point of the materials it's made of. Multiple injection points for 'raw fuel' will make sure that the engines run continuously without melting.

bombastic bob Silver badge
Devil

Re: a mere 4.3 light years away

eh, fire up the "Jupiter 2" - let's colonize Alpha Centauri!

You don't have to go C to get there... just 1/2C will do. ~10-12 year trip, accelerate to 1/2C, coast, decelerate. It's been a Sci Fi staple since the 1950's I think...

Lots of water or methane or some other abundant mateial, a fusion reactor, and one big ass rocket engine that uses all that. Fusion energy would accelerate liquid to a point where you get peak impulse with minimal mass. CAN be done, but you need to accelerate to 1/2C over several months, then coast, then slow down again just before you arrive.

The hard part will be radio communications. Maybe this is where some kind of quantum resonance communication system would come in handy.

helloSystem: Pre-alpha FreeBSD project chases simplicity and elegance by taking cues from macOS

bombastic bob Silver badge
Devil

Re: Further simplicity and ease of use...

it's way, way, way too complex for that purpose

ack - gimp does things no other graphics application seems to be able to do easily. However, they are things that you kinda have to be familiar with gimp to use properly. Example, paste a 2D image into a 3 dimensional perspective slot, such as "faking" a monitor screen for a meme...

worth pointing out, the screen shots for the desktop look Mac-like and have at least a 3D appearance, and not the 2D FLATTY FLATSO McFLATFACE every OTHER "modern" desktop is trying to clone...

"Minimalistic" can still look nice.

Someone tried to poison a Florida city by hijacking its water treatment plant via TeamViewer, says sheriff

bombastic bob Silver badge
Devil

Re: For the love of the wee man

Because ThoseInCharge want to show their friends pretty real-time graphs on their iFads.

'iFads' - heh.

Though a proper design would only allow remote control if you passed through multiple firewalls through multiple air-gapped [except for that one firewall] systems. I hope this is a wakeup call for SCADA in general.

Here's what might work, for emergencies:

a) ssh into a jail running on a FreeBSD box that's attached to teh intarwebs

b) ssh from that jail into the host box, which has access to the private network

c) ssh (via the private network) into another box that is multi-homed (but does not route) into the nearly air-gapped network

d) ssh into a box on the nearly-air-gapped network that has a command line interface (to perform somewhat cryptic commands using a custom interface) so you can "fix things" remotely.

A bit cumbersome, but for emergency use only. So, in this example, 4 ssh logins are required to get through, the first being a jailed system (FreeBSD jails have completely separate security contexts, and limit what root can do). Sane IT people would make the logins and pass phrases all different.

And so on.

(but anything significantly less secure than that, BAD idea)

The problem, at any rate, is NOT the pretty charts for "iFad"s. The problem is allowing COMMAND AND CONTROL via the same interface you use for the pretty charts.

Google OS, phone home: Leaked Android 12 screenshots suggest new design, privacy features

bombastic bob Silver badge
Devil

Re: Location

good point. You're supposed to be able to control access to location info for applications, last I checked, but how many people do NOT click "enable" for it when prompted?

Or... go through the list of pre-installs and DISABLE it

Is there a "master disable" settings feature yet? That should be in there, too - disable "whatever" for ALL applications no matter how loudly they whine [as an example] and, better still, feed them bogus data so they don't break. Well, I can wish, cant I?

Salesforce likes to play the diversity nice guy in public – Black ex-employee claims the reality is quite different

bombastic bob Silver badge
Unhappy

Re: Rant. No Content.

my initial reaction was that the "micro-agressions" might have been the fault of the recipient by "interpreting them that way". This whole idea of "micro-agressions" and "triggering" nauseates me to no end. Unfortunately there isn't a "Vomit" icon...

Also, deep pocket lawsuits are (unfortunately) a possible motive for possible false allegations by disgruntled employees.

Windows' cloudy future: That Chrome OS advantage is Google's to lose

bombastic bob Silver badge
Linux

Re: Contributing? Surely you jest ...

I thought we were calling them "Micros~1" these days...

What's nice about open source is that if you do not like what they did to it, you are welcome to fix it or contribute a patch to make "whatever that was before" an option so that you can have it back if you want it. A properly managed project would accept "an option to have it back" as a patch and integrate it so as to NOT anger a lot of existing users that agree that "change is NOT always for the better" and want their old "whatever" back. Or it will fork. Like Mate. Like Devuan.

(My mate desktops running on Devuan systems and FreeBSD look like an old Gnome 2 setup from a decade ago and it makes me very very happy that I _STILL_ have a 3D Skeuomorphic classic desktop)

github has been moderately stable except recently when they broke the appearance of tags [text now always black unless you have a bleeding edge browser version] and apparently aren't going to fix it so that it's compatible again...

bombastic bob Silver badge
Devil

Re: Apples and oranges

you made me consider what fruit equivalents we could use for Micros~1 and for Google since "Apple" is already taken...

I guess Micros~1 is a banana and Google is a pineapple. Or maybe the other way around. Ouch.

I have yet to purchase a chromebook but the potential of 'just putting linux on it' makes it a worth-while gamble, as long as the screen is big enough. Or maybe, like an inexpensive 'droid slab (i have one 'o those), it becomes "fit for purpose" when used as intended. After reading stuff here, that last part is probably most correct.

/me needs coffee now

How do we combat mass global misinformation? How about making the internet a little harder to use

bombastic bob Silver badge
Black Helicopters

Re: Trust nothing, check your data, use various sources.

Being "Intar-web Street-Wise" is *THE* solution.

"A sucker born every minute" - and twice as likely on-line.

Here's what _I_ think: Question _EVERYTHING_, especially when EVERYONE *APPEARS* TO BE SAYING THE SAME THING...

The only protection, for you, from "Teh Intarwebs", is YOUR BRAIN.

(but of course, THIS assumes that INDiVIDUALS are personally responsible for their OWN lives, and lacks an elitist point of view that "the elites" should be "making it safe" for "the prols" because they're not smart enough to do it for themselves)

Chrome zero-day bug that is actively being abused by bad folks affects Edge, Vivaldi, and other Chromium-tinged browsers

bombastic bob Silver badge
Thumb Up

Re: Chrome is the new Flash

"JavaScript is the new Flash"

bombastic bob Silver badge
Megaphone

Re: "the flaw exists in [..] Chromium's Javascript engine"

blocking script is the only way to be "safe". Unfortunately a lot of sites break when you do this. Although I can avoid them 99% of the time, I still have a "special login" that runs without noscript, for those times when I have to cave to their nonsense.

Hint to El Reg: Script is why ads should be showing up on my browser, but they don't. You could fix that, and ALSO show the world that you do NOT need script in ads. Win-Win

bombastic bob Silver badge
Devil

Re: Cross reference (very)

I wonder if Google'w bureaucratically minded approach was already being used for the browser's updates...

If so, I'll LAUGH EVEN HARDER!

Though maybe the _REAL_ problem is the way web browsers have diverted from displaying hypertext mixed with graphics and interactive links into a "mini-OS" of sorts, written in of all things, JavaScript.

maybe they'll bother to fix another memory bug I've observed (and others online have been reporting for YEARS), where [under certain conditions] if you leave a page open that frequently "phones home" and does a periodic query across the network (let's say updating status text, like a weather monitor), that in a particular use case the memory footprint will slowly increase until something crashes. It's been like this, since, forever I think.

Alphabet Workers Union hits Google data center contractor with labor complaint: We were banned from discussing wages, say staff

bombastic bob Silver badge
Meh

Re: Sigh!

I would be more sympathetic to their union if not for the fact that this union was, in part, started over objections to the 'Maven Project'. And though I agree with the their dislike of a "real names" policy, it's usually the point of a union NOT to dictate corporate policies and contracts, but to protect rights of employees and in doing so provide needed services to the company they contract with.

So I have to agree with the idea - if you do not like working for Google, there are other employers. I know _I_ would not like working for Google. So I don't.

I'm not against unions, but I don't see an I.T. union being all that effective. if it were more of a guild, where it acts more like a standards setting organization and even provides employment "head hunter" services, it might make sense.

Vote machine biz Smartmatic sues Fox News and Trump chums for $2.7bn over bogus claims of rigged 2020 election

bombastic bob Silver badge
Meh

please let me know (with proof) what 'lies' you are referring to. Thank you.

Jeanine Pirro (one of the defendants in the lawsuit) used to be a judge. On her show she's known as "Judge Jeanine".

I would think that Jeanine Pirro would have a pretty good grasp of evidence, evidentiary rules, and so on with respect to what might be considered libel, slander, or "damaging". Many other hosts on Fox News are actual attorneys.

So far I haven't seen anything like "lies" that would result in any kind of "damage", and I watch Jeanine's show regularly.

And though I don't always watch the others named in the lawsuit, I haven't seen anything "damaging" from them, either.

Please keep in mind, THIS.

I expect to see more of the same in the near future. the thing about a court case is that actual EVIDENCE gets to be presented, and DISCOVERY gets to be demanded from the opposing party.

Japan’s COVID-19 contact-tracing app hasn't warned users of encounters with carriers since September

bombastic bob Silver badge
Big Brother

6000 / 126million = 47 per million

I have to wonder how much DAMAGE giving away freedom has done in its place...

It also suggests that there is ONLY *MINIMAL* (if any) benefit to "tracking apps".

How do you fix a problem like open-source security? Google has an idea, though constraints may not go down well

bombastic bob Silver badge
Devil

Re: Fixing the unfixable

reporting a bug is good, but supplying a PATCH along with the bug is even better.

bombastic bob Silver badge
Facepalm

Re: factors like verified identity, code review, and trusted builds

You don't need to verify the identity of the person who did the change when you can look at exactly what was changed.

Correct. And it's theoretically possible to grab a source tree based upon a specific commit, or a specific version, if you need to [for patches, at least].

What you do *NOT* need is "da bleeding edge newest feature-creep-laden" version, EVERY! SINGLE! TIME! you update.

What I see as the problem: Someone "not you" is deciding what version of code is being used by your application or operating system.

What I see as the fix: enable software authors and package maintainers to depend on installing older (or newer) versions of critical libraries if they want to, with forked security patches, as needed.

What needs to happen to make this work: either static link the binaries and manage them individually, or else use something similar to a "container" or "run environment" to be installed with specific package versions assigned to critical (or otherwise incompatible) packages. Ubuntu may already have "a mechanism" for this....

Just because a shared lib exists on the OS does not necessarily mean you MUST depend on it. Your critical package dependency tree could easily depend on versions that have been PROPERLY VETTED, and maintain security patches on.

To some extent, an LTS release will do this. By fixing code versions in stone, and ONLY patching vulnerabilities, you generally are NOT introducing NEW ones. Prior to a Linux release that's LTS, responsible package maintainers would vet all of these things (and prevent breakage).

Long ago I realized that you can NOT rely on shared libraries being updated to NOT break YOUR application, especially if you ship binaries. To some extent Linux handles this by versioning the names of the shared libs, but this does NOT correctly patch security vulnerabilities if you update ONLY THE NEWER VERSION of that shared lib. This patchwork "must be a shared lib" approach is flawed in this way. As I see it, for any critical application, you either include your own libs in the build process and link them statically (or dynamically with unique-to-your-application names), or you use specific LTS versions of the libraries as dependencies for your shipped binaries, thus ensuring that security patches (and not "FEATURE CREEP") are the only things done to them.

Things broke HORRIBLY WRONG when everyone "suddenly decided" it was necessary to maintain bleeding edge "feature creep laden" versions of EVERYTHING, and to CONSTANTLY HAVE A MOVING TARGET, in lieu of "stable, well tested, rarely changes except to fix serious problems" .

Change and re-inventing the world, because, "new, shiny" - SO HIGHLY OVERRATED!!!

Microsoft's Azure Quantum hits preview: Not so much quantum computing as it is quantum-inspired computing

bombastic bob Silver badge
Trollface

Re: It unveiled a new language, Q#

Q - like from STNG ?

bombastic bob Silver badge
Boffin

The actual benefits of quantum computing...

Has anyone done ANY meaningful benchmarks?

I did some study on entanglement a while back and it seems that what you need is hardware that can produce pairs of electrons or photons, as a single Qbit, a particle pair that is entangled (the 'opposite ends of the superconductor' method might be the best one yet) , and then somehow you leverage this entanglement to do computing tasks for as long as the Qbit can remain stable (which, apparently, is NOT very long).

But if you use simulation software to create a simulated QBit, how is this ANY better than just doing normal maths??

Nothing I have read so far EVER goes into specifics on how to make this work. Maybe it's time to grab that QDK and see how it can actually be used. I'm sure SOMEONE must have SOME kind of sample code out there, even if it's only doing some mundane chaos calculation like "sun spots".

A practical example is needed...

In Rust we trust: Shoring up Apache, ISRG ditches C, turns to wunderkind lang for new TLS crypto module

bombastic bob Silver badge
Pint

Re: FTFY

nice use of the joke icon to make a point. I wholeheartedly agree!

/me points out that since that "few million lines of lines of code" is relatively STABLE and WELL TESTED by time, there's really no need to play the "Arthur C. Clarke's 'Superiority'" gambit only to end up the loser and ALSO not knowing how it happened...

Severe bug in Libgcrypt – used by GPG and others – is a whole heap of trouble, prompts patch scramble

bombastic bob Silver badge
Devil

Re: C++ has it's own set of problems

The one thing that I found that C++ helped a lot with (in windows coding) was the ability to manage GDI handles automatically, freeing them when no longer needed. This also assumes that you're not abusing exception handling and that object unwinding functions properly if you do.

Otherwise, my C++ code nearly always looks a LOT like C code. Personally, I think it becomes more maintainable that way. Properly designed templates and operator overloads can help, too.

(but if your C++ code throws exceptions and requires try/catch everywhere, you're doing it wrong)

One thing that I believe Micros~1 got mostly right is the COM object for OLE 2.0 . It kinda demands C++ and, by design, helps to prevent memory leakage and similar things. You could make _THAT_ a qualified "citation" for mitigating SOME of the things that shared objects and object lifetime issues might otherwise cause.

bombastic bob Silver badge
Devil

Re: Well......

according to the TIOBE index, C is WAY out ahead in popularity at ~17.4%, Java is just shy of 12%, followed by Python at ~11.2% and C++ at ~7.6%.

Rust is pathetically in 26th place at 0.61%. Even assembly language is doing much better than Rust, in 11th place at 1.64%.

(note these are still January numbers and so it might change around a bit when Feb numbers come out)

Anyone who bitches about writing code in C should provide a link to the operating system alternative, since I can't find it in my version of Google.

heh. so true.

there've been plenty of "code smell" and "code pattern" web pages (or even dead tree manuals) written regarding the *kinds* of things that get you into trouble with C coding, like best practices and things to avoid. I would think that reviewing and understanding the more sane and concise ones might be "step 1" in contributing to any public project _like_ gpg, OpenSSL, etc..

(And if that's not good enough, a clue-by-four and/or cat-5-o-nine-tails)

bombastic bob Silver badge
Devil

Re: Well......

poorly written/reviewed C code, you mean.

last I checked, compiler warnings in llvm should spot a lot of buffer-size-related issues. It's not perfect but apparently will spot many things. As a test, I called 'strncpy' with a buffer that is too small for the size I specified in the 3rd argument, and got this warning: "warning: 'strncpy' size argument is too large; destination buffer has size 16, but size argument is 32 [-Wfortify-source]". But using 'strcpy' with a string that was too long in the 2nd argument gave NO warning.

Suffice it to say that the big problem here is "NOT using" code that checks buffer size, and hopefully if you DO use code that checks buffer size, that code warnings are paid attention to if you accidentally get it wrong.

And, of course, best practices and peer review to go with it.

Biden administration pauses ban on Chinese tech companies suspected of military entanglements

bombastic bob Silver badge
Unhappy

the West does not have a monopoly on smart scientists and researchers

this may be true, but because of the CCP (and things like "social credit score"), it is my impression+opinion that engineers in China tend to defend higher ups or "status quo", even when blatantly wrong, in lieu of taking an initiative and getting things done. It is my opinion that they are fearing for their jobs. Were it not for an NDA I could describe a situation in more detail where an OEM product started to fail after they made an unannounced design change at the factory in China. I assisted in troubleshooting the root cause, and proposed a solution that was a compromise between the old and new designs (it worked perfectly when tested, and many units were retrofitted with the fix). The solution was basically rejected (keep in mind it took the form of a customer request), with no real reason provided, almost like a denial that the problem even existed. Much later the engineers in China made a "fix" that was, in short, like "using a bigger hammer".

bombastic bob Silver badge
Meh

Re: "any post that questions their world viewpoint gets banned,"

O...k...

bombastic bob Silver badge
Devil

Re: Too late

A decade ago, I held in my own hands a counterfeit Cisco switch that included a hardware backdoor that was traced back to China.

A bit worse than outright copyright theft [which I have seen evidence of back in around 2008-ish].

I was working for a oompan that made antennas, designed in the USA, but made in China and sold to other companies in China. During a meeting they showed (on a projector display) an antenna that had been produced in China, not by a licensed manufacturer. The antenna had similar performance but of course was WAY less in cost. The thing is, the designer of the antenna worked the company logo into the design such that excluding it would de-tune the antenna and ruin its performance. An X-ray of the antenna showed that the company logo was there, underneath the plastic, but "fuzzy" like it had been copied from an X ray of the original.

But I have not seen cases where software or firmware had been deliberately "back door'ed". I had actually written a lot of that firmware myself, based directly on the SDKs for the chip makers (Broadcom, Atheros, TI, etc.). So I cannot attest to a back door, but I _can_ attest to the copyright fraud. Still, it does NOT surprise me in the least.

And, being "in the industry", I can definitely understand HOW a hardware back door into one of these embedded systems COULD be done. The fact that it was (apparently) tried at least once should make the rest of us VERY suspicious until complete trust has been ensured.

Facebook finally finds something it thinks is truly objectionable and needs to be taken offline: Apple

bombastic bob Silver badge
Devil

see, THIS time, Apple is getting it right and providing an ADDED VALUE to their products with the new iOS.

Apparently trying to make it worth paying the "Cupertino Tax".

Remember life on Venus? One of the telescopes had 'an undesirable side effect' that could kill off the whole idea

bombastic bob Silver badge
Boffin

in science, the mistakes and failures are often more interesting than the successes.

Right Dr. Fleming?

What happens when the internet realizes the stock market is basically a casino? They go shopping at the Mall

bombastic bob Silver badge
Stop

Re: Sounds

No

bombastic bob Silver badge
Pirate

Re: Sounds

I was just thinking of that, the Tulip market thing a couple of centuris (or so) ago.

https://en.wikipedia.org/wiki/Tulip_mania.

Also demonstrated in fiction, in the 2nd season of 'Spice and Wolf' (pyrite market manipulation)

Still I have some Schadenfreude for the hedge-funders, one in particular [and no news whether or not this person, "the man who broke the bank of England", lost any significant money in this, but he probably DID].

Normal stock investors are long term, and a rising tide lifts all boats. The hedge-funders are basically selling SNAKE OIL and making money at the expense of others. Like I said: Schadenfreude.

A new take on programming trends: You know what's not a bunch of JS? Devs learning Python and Java ahead of JavaScript

bombastic bob Silver badge
Linux

Nobody serious uses PHP

according to THIS

"PHP is used by 79.0% of all the websites whose server-side programming language we know."

79% are "Nobody serious". Who knew?

bombastic bob Silver badge
Linux

Almost every business on the planet

For JVM and Python on the BACK end? You forgot to consider PHP, particularly within a Linux hosting environment.

JVM not so much either... not unless you write Java desktop applications or Android applications.

Python on the backend, seen that - with DJango. i hope I never see that AGAIN.

At least with Java, future devs will be able to do client applications and not just web pages. It's like a stepping stone for a native (read: proper) language like C or C++. Heh.

Python, on the other hand, seems to be way too encumbered with its "scriptiness". For a beginner I'm sure it seems cool, just like BASIC did back in the day. However, for writing maintainable and reliable code that's not overly dependent on 3rd party library HELL, or [worst yet] NOT having some incompatible change made to Python itself, And 'pip' is just a stopgap that hides the weakness, especially when downloading 'the latest' breaks something. And so I do not believe it is quite ready for "prime time".

Still I think Python is great for LEARNING and quicky scripts and prototypes and wrappers for things like GTK and WebKit. But I wouldn't write a commercial application with it

It's also good for demonstrating an algorithm or a process to people who are novice programmers. chances are that if your example is in Python, they will be able to run it and learn from it.

Not surprised it's top of the rankings for a school that is teaching programming.

There may be not one but two new air leaks in International Space Station: Russian boss tells us not to panic

bombastic bob Silver badge
Trollface

Re: what is this mmHg that you speak of

For an El Reg unit of pressure, how about PHB's? As in, PHB's "applying pressure". Or maybe you could do it in "deadlines". Same concept.

bombastic bob Silver badge
Boffin

Re: Slow Leak eh?

you can find leaks in high pressure air systems by squirting soapy water onto the suspected location, and it'll form bubbles and foam where the leak is.

A similar substance might help find them in a vacuum. It would have to maintain a liquid state while in a vacuum though.

Alternately, how about a gas that produces a recognizable signature, glows under UV light or turns into ice crystals as it expands into the vacuum, or something equally visible that you could shine lights on and see "something" out in space... ?

Certain CFCs mixed with oil or alcohol might do this last part, and then you'll see reflective things coming out through the hole [which would then sublimate, but hopefully if the right combination would show up long enough to see the leak]. Hopefully would show up in a visual scan of the outside.

Also a possibility, there's a kind of tire filler (like 'fix a flat') you can use for self-repairing bicycle tires, which if it is contained within a layer between an inner and outer wall of a compartment, could self-seal against most leaks. This would be pretty cool if a module were inflatable, as the outer skin could be layered and contain such a material. I guess it'd be "fix a flat" for the ISS.

I was targeted by North Korean 0-day hackers using a Visual Studio project, vuln hunter tells El Reg

bombastic bob Silver badge
Devil

Re: Fixing your headline:

you might have scripting turned off. Those are ads I think. They'd be more effective if script were not involved and someone with NoScript running could actually see them. [I do not mind ads, I only mind ads with SCRIPT in them]

bombastic bob Silver badge
Unhappy

Opening some Visual Studio projects can cause code to execute

does anyone happen to know WHICH version of DevStudio caused this possibility?

I've been using 2010 for a long time, mostly because I *STILL* target Windows 7 [and earlier] and I *REFUSE* to use an IDE with a 2D FLATSO interface. I do _NOT_ write "UWP" crap, either.

But now it may seem that I have even MORE reasons to _NOT_ use a newer DevStudio, if project files that it opens can SPREAD MALWARE like opening a spreadsheet, or a Word document, or using Virus Outbreak (MS Outlook) for e-mail... [assuming more zero-days exist for it, as past performance would indicate]

Micros~1 you need to get your act together on security.

(captain obvious now goes back to working)

What's a COVID-19 outbreak? Amazon gets all Trumpy over Alabama warehouse workers' mail-in vote to form a union

bombastic bob Silver badge
Meh

Re: When your company fights you this hard...

I've been having to repair a lot of things recently, for whatever reasons [probably because the stuff is just old], like game consoles, monitor, even the KVM. More than half of it was NOT purchased on Amazon. But the rest was. Still I think I've spent less on Amazon over the last year than in previous years.

I've also been trying to use 'other than Amazon' when i can. At the very least, my choice causes me to compare prices and delivery time/cost against whatever Amazon is offering. But sometimes it's about business, and prices, and service and "nobody else seems to have it". Still looking for those alternatives, though.

Fedora's Chromium maintainer suggests switching to Firefox as Google yanks features in favour of Chrome

bombastic bob Silver badge
Thumb Up

Re: Chromium is doomed.

But Mozilla needs to go back to a distinctly separate desktop GUI and a Mobile GUI, stop dumbing down GUI and settings and stop copying Google.

pre-Australis UI. 3D Skeuomorphic!

bombastic bob Silver badge
Unhappy

Re: "blocks

I'll just ask for one WITHOUT AUSTRALIS that uses the Old Firefox interface, as it was before...

bombastic bob Silver badge
Pirate

Re: "blocks

I just hope that, for any site that (unfortunately) uses captcha for anything [sometimes even government sites do this, like for renewing your car registration], this new "de-googled" version of chromium doesn't become as *BROKEN* as I perceive Firefox to have become. It has been my experience that the more heinous captchas [like the slow fade-in fade-out ones] nearly always FAIL with Firefox. Whether it is because I'm using a 1.5 year old version of Firefox, or whether the various privacy features in Firefox (even with scripting and cookies enabled) is causing it, I do not know. It is merely an anecdotal observation, along with my bombastic opinion, but I think I'm right about it.

And the API issue with existing chromium kind of supports what I'm thinking here, that non-google browsers get INFERIOR SUPPORT from google. At least, that's MY take on it...

Got the bulls (us) by the *WHAT* now???

[good thing I don't use google things, at least not directly]

Dnsmasq, used in only a million or more internet-facing devices globally, patches not-so-secret seven spoofing, hijacking flaws

bombastic bob Silver badge
Linux

this makes a case for using 'bind'

I've never had a problem setting up nor using bind to serve up any kind of serious DNS stuff, like a local LAN or a private domain name.

The only thing I've ever used dnsmasq for was a simple DNS+DHCP solution for a user to configure networking on a standalone embedded device via a phone or PC with a wifi connection. And since dnsmasq allows you to specify a single hard-coded name to connect to, you could set up the embedded device so that you press "the button" on the device for "config mode", use a phone to access it via wifi, then go to the web page "http://admin" (or whatever) and get a web page to configure it with, and have dnsmasq also provide the DHCP address for the connected device, etc.. Simple stuff like that seems to make sense with dnsmasq, and you have to press the right buttons on the device to make it go into config mode like that [after which the device would have its wifi client set up and would go off and connect through the LAN and use the LAN's DNS and DHCP, etc. and not its own]. So dnsmasq is never facing a public internet with this particular use.

Trying to use something like dnsmasq to do anything MORE than "what I described" might be the actual problem...

(for my own network I've been using bind and the isc DHCP server for both IPv4 and IPv6, no observed problems, and the bind server also handles DNS for a domain I own, and I've been doing this for almost 2 decades, though a bit less for the IPv6 part)