* Posts by bombastic bob

10507 publicly visible posts • joined 1 May 2015

Forget biz insider threats for a moment – let's talk about partners turning rogue and installing spyware on phones

bombastic bob Silver badge
Devil

Re: But what is to be done about

From the article: design the technology to empower and inform users

I was thinking something _like_ this while reading, then saw it at the end. "Empower Users" so THEY have complete and informed control of everything on their own devices.

Someone got so fed up with GE fridge DRM – yes, fridge DRM – they made a whole website on how to bypass it

bombastic bob Silver badge
Pirate

Re: Entirely legal

your position on this issue makes TOO much sense. heh.

But, if it WERE illegal to bypass an RFID sensor [by taping/gluing an appropriate RFID to it], how are the fridge police going to STOP us?

Wailing Wednesday follows Patch Tuesday as versions of Windows 10 stop playing nicely with plugged-in printers

bombastic bob Silver badge
Joke

Fix one bug, grow two more

"Windows 10 users woke up to borked printers following the monthly Microsoft bugfix party, Patch Tuesday."

99 new bugs found in the code

99 bugs in the code

you take them down, patch it around

127 new bugs found in the code

(I saw something like that in a meme, thought it would be apprpriate)

icon to prevent spilled coffee on keyboard

NOTE: I appreciate the attempts at Micros~1 fixing bugs, especially the serious vulnerabilities, but they need to go back to having in-house testers when it comes to thorough testing before releasing them...

(printer drivers, at least kernel drivers, are ALL submitted for signing now, so it's not like they don't have all of them handy, just run down the list and test 'em - tick, tick, tick, tick, *OOOPS*)

After IBM axed its face-recog tech, the rest of the dominoes fell like a house of cards: Amazon and now Microsoft. Checkmate

bombastic bob Silver badge
Unhappy

What about face recognition for ROBOTS?

It seems the tech has a proper use. It should be DEVELOPED. Just because SOME people/entities MIGHT abuse it, does NOT mean it should be BANNED or ABANDONED, especially because of PRESSURE from POLITICAL ACTIVISTS. Since when is there any kind of 'cancel culture' for TECH? I hope, NEVER. But it appears my hopes have been dashed by the INSANITY of the times...

And as one commentor already pointed out (using different words): if the USA and UK and EU countries do not develop this for legit reasons, CHINA will instead.

On a related note...

We have had an interesting series of debates and ongoing re-runs about encryption over the last 2 decades or so. One thing that came up early on was that encryption NOT developed by 1st world nations would instead be developed by ROGUE nations, most likely to be used for nefarious purposes, and then we'd be behind the world in that particular tech. Similarly, facial recognition.

Are you having a hard time following what Microsoft is trying to do with .NET 5.0? You're not the only one

bombastic bob Silver badge
Devil

Re: kill the beast...

"Single file apps remain an ambition"

"is that with, or without, the gargantuan over-bloated monolith called .Net?"

"with" of course. But if I build an application WITHOUT .NET I can usually static-link EVERYTHING and ship it as a single binary ".EXE" file (for windows that is; Linux/BSD usually get to be open build-from-source). Though in some cases I might have to jump through some configuration hoops to get there.

NOTE: wxWidgets works well for cross-platform. It's similar to MFC.

Oh crap: UK's digital overlords moot new rules to help telcos lay fibre in sewer pipes

bombastic bob Silver badge
Trollface

Re: Fiber in sewer pipes

"and fix a service outage.."

Or would that be blockage?

bombastic bob Silver badge
Devil

"first burying a relatively large diameter pipe, and then blowing the fibre through it."

I've seen construction electricians do this for power wiring inside conduit, makes sense really.

A piece of string with a cotton ball on the end is stuffed into the conduit, and blown through into the next junction box with air. Then you tie the string to the wires, and pull them through.

You know Facebook has an image problem when major nonprofits start turning down donations over political lies

bombastic bob Silver badge
Unhappy

I must express my opposition to this

I _MUST_ express my opposition to this article, the tone of it, and what appears (to me) to reflect a "pandering to the perception" rather than something concrete and informative. Facebook is RIGHT to NOT CENSOR POLITICAL SPEECH. In fact, they should not censor ANY speech. Nor should they use one-sided "fact-checking" that really isn't, like Twitter has (allegedly) done. It isn't "gutless" to NOT censor. In fact, it is BRAVE to STAND UP for people's individual beliefs, and their ability to FREELY use a public platform to EXPRESS them. There may actually be existing U.S. laws that DEMAND this (NOT censoring speech they happen to disagree with, specifically).

I am EXTREMELY disappointed that nobody else seems to be saying this. I hate to say it, but I actually AGREE with Zuck on this one aspect (or at least with what his position APPEARS to be). It may be reluctant, because he's probably saying "I do not want to lose the company's protected status with respect to liability" but STILL, it is the RIGHT position, In My Bombastic Opinion.

Russia drags NASA: Enjoy your expensive SpaceX capsule, our Soyuz is the cheap Kalashnikov of rockets

bombastic bob Silver badge
Devil

Re: Kalashnikov = 'Cheap'?

"they were designed long ago by a system that threw money at them."

yeah, well, it sorta HAD to happen that way, in the 1960's.

I expect that once Boeing gets in there with actual rockets (successfully) flying actual astronauts to the ISS, others will eventually follow. Airbus might even get a rocket design going, under the principle of being the "low cost alternative".

Something worth considering - when Toyota invented a particular type of practical hybrid gasoline engine for the Prius, it's my understanding that they licensed this design to other auto makers that wanted to build competing cars (and in Ford's case, they were working on a similar system already). In a similar way, SpaceX's "land on the tail" tech might find its way onto competing rockets through patent licensing. It's actually pretty smart to just go ahead and license the tech, just to keep people from making competing tech, and maybe with an agreement to share improvements among the stakeholders would be a win-win-win (etc.) for everyone.

bombastic bob Silver badge
Devil

7 per launch vs 3

Right, and I would expect something that can carry even more than 7 per launch at some point in the reasonably near future. So 'cost per seat' as well as 'cost per launch' could be significantly lower.

As I understand it, the 'heavy' configuration has 2 re-usable and one "spent" booster after completing a launch. But this "spent" booster might still get some useful life if it remains in orbit until it can be used to shove things towards the moon, or maybe to truck things from one orbital path into another. All you'd need is a way to refuel it in space. (wash the windows and check the oil, thanks)

Now I'm thinking "Used Booster Lot" - less than 50,000 flight-miles on this beauty, hardly a scratch on 'er! (maybe the Russians can get in on this with competing boosters?)

Researchers unmask Indian 'infosec' firm to reveal hacker-for-hire op that targeted pretty much anyone clients wanted

bombastic bob Silver badge
Facepalm

facepalm

the whole (alleged) thing deserves a ginormous tactical facepalm...

June's Patch Tuesday reveals 23 ways to remotely pwn Windows – and over 100 more bugs that could ruin your day

bombastic bob Silver badge
Meh

Re: Just the normal heartbeat

think of all of the 'feature creep' that did NOT happen because Micros~1 was busy patching. *

Hopefully they were ALL tested properly first... don't need another un-bootable version of Windows now do we?

(*) I wish they kept at it with the testing and patching, and simply gave up on the feature creep, at least for a while.

25 years of PHP: The personal web tools that ended up everywhere

bombastic bob Silver badge
Devil

Re: Thanks Rasmus!

IIS for Micros~1 servers implemented a similar-to-PHP server-side vs client-side syntax that would allow you to (essentially) use server-side code to conditionally send web code, which I believe is PHP's strongest (and most basic) feature.

This kind of straightforward design enables SO much flexibility in what you can do with it, but yeah, you DO need to make your code formatting sensible, or else you'll misread your own curly braces and indents.

[I stick with something resembling Allman style and attempt to make PHP code as readable and maintainable as possible from the beginning, mostly so _I_ can read and maintain it]

China's silicon-self-sufficiency plan likely to miss targets due to Factories Not Present error

bombastic bob Silver badge
Devil

I'd be interested to know why that is.

"I'd be interested to know why that is."

A good point. I think the answer is somewhat obvious, but you have to take a step back and look at the big picture when it comes to China.

China still has a communist government that allows a small number of people to become VERY wealthy, while the masses work for slave wages. Even though I'd say there's been overall "improvement" over the years, there's not a whole lot of upward mobility. There's no real incentive to excel, unless you happen to have a VERY good "social score" or whatever it's called.

As such, the entrepreneurial mentality is being repressed, In My Bombastic Opinion.

However, foreign companies are 'FAB-ing' chips there. And when the foreign companies see policies change in response to some of the things *cough* that China has apparently done within the last few months, and start building more things "elsewhere", the supply chains won't have to be produced in China any more and it becomes more economical to build NEW chip-FAB sites much closer to those places that are "the future" for making i-things and so on. Like, maybe, Mexico. Or Vietnam. Or some country in Africa. Or Central America. There are several places in the world where they have the potential of being "investor friendly" and NOT engage in 'difficult to deal with' politically based policies, and STILL provide the inexpensive general labor needed for current processes.

There's also the possibility of building things in "lights out" factories. you can expect to see a LOT of that in the near future, I'd wager.

Given this, even if China does increase the amount of FAB activity within China, if their market of low-skilled labor dries up and/or goes elsewhere, those FAB factories won't be seeing a whole lot of need...

Anyway - we'll see over the next year, I bet, a good indicator of the future.

(FYI - a good part of what I do is indirectly related to manufacturing overseas, so I have some insight on this kind of thing, dealing with engineers and other aspects of overseas manufacturing on and off for the last 30 years)

Developers renew push to get rid of objectionable code terms to make 'the world a tiny bit more welcoming'

bombastic bob Silver badge
Unhappy

Re: BTW: How did that work out?

maybe if everyone were to just STOP caring about race and racism, and just treat everyone the same, regardless... yeah I can dream. Unfortunately, the issues brought up by the activists may, in fact, be prolonging racism in society instead of ELIMINATING it. It's back to why we need to ignore the lunacy, NOT give these people any credit for ANYTHING, and especially NOT bow to their demands.

bombastic bob Silver badge
Devil

Re: BTW: How did that work out?

I once suggested, the last time this issue ran its course a couple o' years ago, that instead of allegedly "oppressive" terms like master/slave, they could use S&M terms like "dominant/submissive" instead and go down THAT (rabbit) hole.

Someone else also pointed out that the term 'master' alone has a LOT of positive contexts:

a) master craftsman

b) martial arts master

c) master's degree

And so on.

bombastic bob Silver badge
Facepalm

All it does is make the world a tiny bit more irritating

title has a fixed version of a quote from the end of the article.

icon, because, facepalm

/me points out: when I was 4 years old, the bank manager had everyone do the 'pledge of allegience' one day because I saw a flag in the bank, and had just learned it. It "felt REALLY good", with me being 4 years old, having people do something like that for me. But, of course, it wasn't ever to happen again. I had to grow up. Sure, it's "cute" when a 4 year old kid wants to be patriotic and the bank manager goes along with it, but allow this too often, and it just gets IRRITATING.

bombastic bob Silver badge
Devil

Re: The circle is now complete

I'm trying to remember which source control system defaults to 'trunk' for the main branch

bombastic bob Silver badge
Trollface

Re: Blacklist to Blocklist but...

"What word do you use to replace Master?"

"Overlord" has my vote!

bombastic bob Silver badge
Unhappy

Re: Then, there is Chess...

and don't forget, deliberately sending a chess piece to its "death" in a sacrifice move or gambit.

And why is the Queen so powerful, but the King is so wimpy? [or would THAT be ok?]

these new "rules" are SO confusing, aren't they?

bombastic bob Silver badge
Coat

Re: master and slave

"You might as well call them Gold and Silver"

Let's just call them all "Semprini"

bombastic bob Silver badge
Megaphone

Re: BTW: How did that work out?

Did that original someone *ever* do anything else 'worthwhile' for that open source project? Or any other?

I'd like to seriously know. My guess: No. REAL developers care about programming and functionality and quality. NOT "that".

from the article: activists in the software community have taken the opportunity to remind people that they're trying to do away with terminology tied to racial oppression.

That's right. ACTIVISTS are doing this. And they're busy trying to define what the "RULES" are that are allegedly being "violated". [insert usual comments here]

And maybe the best way to RESIST it is to IGNORE the lunacy, until it goes away. Because, bending to it will ONLY get you EVEN MORE lunacy in return.

That's how *I* see it, In My Bombastic Opinion.

/me steps down from my soapbox, puts the bullhorn back in its case, and goes back to just writing code, and ignoring feelings, as usual. I think I'll focus on having it WORK and NOT have serious vulnerabilities. That seems to be a LOT more important!

Smart fridges are cool, but after a few short years you could be stuck with a big frosty brick in the kitchen

bombastic bob Silver badge
Devil

Re: Yep, this need legislation

"my non-smart fridge-freezer is something like 20 years old."

yeah, same here - I bought a few "dumb" appliances back in the mid 90's, at a well known discount appliance store, and they have lasted through now, with no signs of not working for another 20 years...

[but when recycling electronics devices every 5 years involves a fork lift... "gone too far" is an understatement]

OK Windows 10, we get it: You really do not want us to install this unsigned application. But 7 steps borders on ridiculous

bombastic bob Silver badge
Big Brother

Re: Bloody sensible it is too!

"whereupon they just create a new Ltd company and launch again."

Yes, locking down the OS to "protect" us poor users from a computer virus does NOT work (ok it may slow things down a bit but not for long, as you've pointed out). In effect, the computer virus "finds a way" because, that's what it does. Well, the authors do, but still. And locking down the OS is a FALSE sense of security. But those in CHARGE of things, _WELL_, *THEY* get to claim they are "doing something about it", and putting road blocks between you and the computer YOU own and YOUR FREEDOM to use it as YOU see fit, is a big visible part of that. And inconveniencing YOU, the end-user, or even making it IMPOSSIBLE to use YOUR computer the way YOU want to, doesn't seem to matter to _THEM_... at least not in MY bombastic opinion.

icon, because, really, it deserves it.

bombastic bob Silver badge
Thumb Up

Re: Developers!

"they are thinking of their potential users/customers who aren't 'computer savvy' and are typically using Windows with the out-of-the-box default settings."

YES!

bombastic bob Silver badge
Thumb Down

Re: Apple have got this right!

"I wish Microsoft - and other compiler vendors - would do the same."

NO. It KILLS open source! And it's anti-freedom.

FreeBSD and LINUX do it right. NO restrictions, compile it yourself. No need to download binaries unless you really want to. And you can get them directly from the developers, or from the distribution's repository, alongside the OS itself. Vetting by peer review.

Android almost gets it right by letting anybody download the build environment and build an APK, and then a simple method [on newer OSs, was slightly more difficult before] of THEN downloading the APK onto the phone and installing it like any other application.

If you WANT that kind of "protection" (from pay-for certs by developers) it should be OPT IN ONLY, with NO strong-arm tactics to stop people from BYPASSING it. Worth pointing out, APKs are signed to prevent tampering, but by a key YOU create as the developer, not something you pay $$$/year for or "you must submit it with money to let US sign it for you, if we like it and do not want to block you publishing it" [or whatever].

bombastic bob Silver badge
Meh

Re: I will decide what I run on my computer thank you very much.

They've already done it with DEVICE DRIVERS, under the excuse that it's "for your protection" or similar. Devs who do drivers, which is especially important for those who want to create a "software only" device (from MIDI loopback to a userland mountable file-system-within-a-file driver, let's say), *MUST* *NOW* pay the Micros~1 toll to get their drivers "signed" or else the end user must run in a "developer" mode (that's not obvious to get into, requires some power shell magic) and THEN see the watermark in the corner as punishment for having done so... [this started with Vista, but was optional for 32-bit until Win-10-nic, then it became mandatory, and now 32-bit is dying].

Point is this is a model Micros~1 put into place as a TOLL BOOTH for driver developers. Now it appears they're getting ready to put a TOLL BOOTH for APPLICATION developers, first by making it INCONVENIENT, and eventually, make it IMPOSSIBLE, to run a "not blessed by Micros~1" "app" that's not from "the store" - like Apple does. [and how many malwares have been 'missed' in their vetting processes, Apple, Micros~1, Android, all of 'em? False sense of "security" indeed]

At least with Android the steps to install a dev-signed APK aren't that difficult, but they still exist [which can still be problematic since the somewhat well known steps are different for several different Android versions].

What THESE "you must have US sign it and pay the toll" policies do, ultimately, is HARM INDEPENDENT DEVELOPERS and HARM OPEN SOURCE.

From the article: "The cost is trivial for commercial or well-sponsored projects, but can be a problem for small developers."

Exactly!

And you know, it's ONLY going to get WORSE. This article has made it clear, in my bombastic opinion.

I suppose Micros~1 could add a few extra steps to be even MORE irritating, not unlike those Mac vs PC ads that were often played on TV after Vista released... "Cancel or Allow" etc.. Only THIS time it would be "No, seriously, are you REALLY sure? We think you should re-consider this VERY carefully..." with a progressively more aggressive and panicky tone each time they pop up...

[The steps described by the article to install an un-blessed "app" appear even WORSE than the steps you must go through to add a non-microsoft-logon user to your Win-10-nic computer, something you probably DO want to do, by the way... [it helps protect against malware to surf the web as a non-priv user only, for example] and, worth pointing out, back a couple of years when THAT anti-non-microsoft-login policy first started, I often referred to the hoop jumping as "strong-arm tactics" - so what is THIS then, for application signing?]

Travel-sick Windows needing a Systemwiederherstellung would be in Germany, right? Austria? Not necessarily

bombastic bob Silver badge
Trollface

Re: Elderly?

" It doesn't need to be -- and shouldn't be -- updated every five minutes."

Shhh... don't tell Micros~1. They might crack...

bombastic bob Silver badge
Happy

Re: Schoolchild giggle?

thanks, my yankee-doodle-braincells couldn't connect the dots

(I sorta guesed the 'Vater' -> 'Farter' one, but the other was like "whut?")

(and now for something completely different - the "killer joke" and that one guy with the paragraph-long name)

Moore's Law is deader than corduroy bell bottoms. But with a bit of smart coding it's not the end of the road

bombastic bob Silver badge
Meh

Re: This!

the example from the article in Python was an attempt at showing a gross performance method, vs optimized code. Use of "yet another Python lib" isn't helping, nor a solution, to this kind of gross inefficiency. You simply do NOT use an interpretive lingo like Python, with slow code repeated a zillion times within a big loop, like that example does. You write it properly, with efficient methods, in a lingo that's capable of rapidly and efficiently performing the necessary calculations. I believe THAT was the point.

So, write it in C, using a hand-tweeked threaded algorithm, and inline assembly for the innermost parts. That'll do nicely!

Based on this example, I'd say there are 2 kinds of programmers: Those who code low-level efficient code for things like kernel drivers and microcontrollers, and those who don't. The ones who don't often use inefficient lingos like Python and Javascript and THEN claim that "libraries" will somehow 'fix' the inefficiency. But they never do.

(am I the only one who got that out of this portion of the article?)

bombastic bob Silver badge
Coat

Re: Quantum

actually, you just need to make the inside bigger than the outside. Voila!

bombastic bob Silver badge
Devil

Re: Performance limits

yeah even with ARM upwardly gaining ground in the world of computing prowess, x86 and amd64 instruction sets are on the vast majority of high performance personal computing devices.

There are reasons for this. Even though 'back in the day' everyone thought RISC would solve performance issues by acting more like microcode in the actual applications, they apparently forgot that instruction fetching takes time, too, and when it takes 2 or 3 or 4 instructions in a RISC architecture to do what 1 instruction does in CISC architecture, the lines of performance benefit get blurry. And of course, Intel and AMD made their pipelines and caching more efficient.

The article got it right early on: the tech industry needs software performance engineering

Right, Micros~1?

People will buy a new computer when it's perceived to be faster (and better) than what they already have; otherwise, you only need to maintain the old one. And statistics on desktop usage focus on new sales, NOT on existing users that simply fix their existing boxen. This skewed the numbers, causing many bad decisions to be made, not the least of which is the assumption that performance DID NOT matter as much as "feature creep" "new, shiny" features. And here we are today!

.

Astroboffins peering back in time with Hubble find stars may have been flickering into life even earlier than thought

bombastic bob Silver badge
Devil

Re: We're special

"And if you sample a bunch of Pop III stars then statistically you expect to see most of them at times well before the ends of their lives."

"But of course we haven't seen any yet."

I was calling into question whether or not we'd EVER see them if the definition is "only H, He, and Li". I'm suggesting that it wouldn't take long at all for stars to produce elements through Fe/Ni/Co VERY quickly, and possibly other, heavier, elements. If I'm correct, and the earliest stars were mostly super-massive super-bright stars that quickly burned out AND went supernova in a relatively short period of time, you'd see very very few examples of a star with ONLY H, He, and Li in it...

[so one 'big bang' followed by a lot of 'smaller booms' of rapidly burning out massive stars going supernova a LOT, until things stabilize]

One theory of H fusion inside of stars requires the presence of Carbon to work properly. If this is correct, the lack of carbon might get you a VERY unstable star, requiring much higher mass etc. etc. etc.. I should do some personal research on that one, for grins, to see if that theory has changed or been debunked. [in the theory C + H -> N + H -> O + H -> F + H -> He + C so carbon is consumed, then re-created at the end - and the slower reaction cycle would stabilize the star]

As for big bang, we really don't know what really happened, and that was my point, too. We assume only H, and maybe He and Li [both common fusion products from pure H fusion), but this science could be wrong and something we don't currently understand might become known and explain it all... so who knows!

(If we could make a big bang in a lab, or with a mega-collider, these questions would be answered, but I don't know of any way to experiment with the actual event in question so we're stuck guessing)

bombastic bob Silver badge
Devil

Re: Unhelpful sugestion

I think most of the assumptions are that the first stable condensations of matter were as hydrogen, and then it started collecting together from gravity, then fusing into He and Li as unstable proto-stars, and repeatedly blew up in a series of supernovas etc. until we got some stable stars out of it that formed galaxies, etc.. Or something like that.

But hey, your guess is as good as mine, if we can't travel in time to observe it [or make it happen in a lab]. Well, as long as it fits the known science, anyway.

staring back into time with a telescope, though, almost as good as time travel if you can collect enough photons from that far away...

bombastic bob Silver badge
Devil

Re: Telescope nomenclature

Super Duper Telescope.

let's do it. I like science!

We could build a nice orbital space station first, assemble the entire thing in space, and send it out to one of the lagrangian points so it can be away from earth-glow and moon-glow.

Also a telescope mounted on the moon might be a really cool thing, too.

bombastic bob Silver badge
Boffin

Re: We're special

interesting theory, any 'sauce' to back that one up? A link or two into some research documents might be fun to look at.

Truly we don't really know what happened at (and just after) 'the big bang', and can only guess based on our CURRENT understanding of science, which of course is a moving target as we learn more and tweek our understanding based on the evidence. [not to say our guesses aren't pretty good]

That being said, my guess is _ALSO_ that the 'primordial' stars that are supposed to only have H, He, and Li in them, may be a bad assumption. Because Fe and Ni and Co have the highest binding energy per nucleon, there is still a high likelihood [in my bombastic opinion] that the presence of elements "through Xenon" is STILL likely, even in the "furthest back in time" stars, even those most likely formed right after the big bang. [but I'd expect concentrations to be low, yet not "missing"]

This is because fusion reactions that form these elements are all exothermic. In the presence of sufficient gravity and the hydrogen-hydrogen fusion reaction, you'll quickly see the buildup of elements through Fe, and over time, maybe even through Xenon.

But for the heavier elements, above Fe/Ni/Co on the periodic table, I would expect VERY low concentrations of them as compared to more recently born stars. And probably lower concentrations of the other elements as well, at least as compared to our Sun [this last part has apparently been observed, at least from what I saw in the article].

[I'd still be just as happy if I'm wrong, though, because that's science]

there's a nice wikipedia page that explains the whole binding energy thing, with a chart showing where Fe is on it, right at the top.

https://en.wikipedia.org/wiki/Nuclear_binding_energy

So I'd have to wonder, how long would a star need to be fusing pure hydrogen (or H+He+Li) before it starts to form a detectable level of Fe/Ni/Co???

We have Huawei to make the internet more secure: Dump TCP/IP to make folks safer says Chinese mobe slinger

bombastic bob Silver badge
Devil

Re: IPv6

I haven't really had trouble with IPv6 but yeah there are some potential "gotchas" - that were mentioned a bit in an earlier El Reg article...

When I look back over recent history and think of the number of times I've seen the phrase "The Great Firewall" in El Reg articles, do I _NEED_ to mention anything more regarding 'lack of trust' here?

Here's a nice blast from the past from 2015-ish - a simple search got me a pile o' links.

California emits fine-print of its GDPR-ish digital privacy law, complete with Google and Facebook-sized holes

bombastic bob Silver badge
Unhappy

Re: I am disappointed

California legislature hasn't "done the right thing" in DECADES, from my point of view...

A weak law with a strong-sounding name, coupled with special provisions for "the donor class" is kind of what you'd expect from the California legislative body. Swiss cheese indeed. Just like it said in the 2nd half of the title.

(a REAL GDPR-like law would have been WELCOME, but I never expected it to happen)

Even with a ballot measure to strengthen it, I don't expect anything to NOT be "challenged away into obvlivion" in the court system.

Texas is looking better and better these days...

Snapping at Canonical's Snap: Linux Mint team says no to Ubuntu store 'backdoor'

bombastic bob Silver badge
Unhappy

Re: "...explain the logic behind that "

so it's "the new-shiny feature creep" "MODERN" GTK 3 that's doing it...

WHY am I *NOT* Surprised!!!

And here I was doing experiments with GTK (in particular, menus, hadn't gotten far with it) for a possible project recently. Giving that up, now.

bombastic bob Silver badge
Meh

Re: "...explain the logic behind that "

"insane quest a-la Unity and TIFKAM to make everything mobile/tablet friendly. Now, I find that this nonsense is creeping back in again."

I have not seen this in Devuan, nor in the Mate installs I use in FreeBSD. I also haven't installed a new Devuan or Mint distro for a while. If hamburger menus and 'speech bubbles' are being added, we still have the old source out there and can revert it as a fork.

Devuan and Mate were created because of what happened with SystemD and Gnome 3. Let's hope it's NOT time for ANOTHER distro/desktop fork.

bombastic bob Silver badge
Linux

Re: Bad neighbor

"Hey, Mint, team! Switch your upstream to Devuan. Because every week, I'm thinking about switching directly there myself..."

it has worked well for me.

bombastic bob Silver badge
Thumb Up

"If we're not careful, it could become the new 'systemd' problem"

And you said it in the FIRST post, too!

Watchdog slams Pentagon for failing – for a third time – to migrate US military to IPv6

bombastic bob Silver badge
Linux

Re: You will be waiting a long time for DHCPv6 on Android

actually, the host would be the router, the client would be the one that has to register its DNS... at least that's my understanding (from the perspective of the network schtuff).

I support both DHCPv6 and the protocol's built-in auto assignment in order to max out the compatibility on my LAN. As I recall, iOS devices want the DHCPv6, but Android uses auto-assignment. {is that correct?) That may be different now but last time someone came to my home office with an Apple device it seemed to work ok. Laptop too.

And, isc-dhcpd supports both IPv6 and IPv4 - you just need to run 2 separate instances, that's all.

One wifi IPv6-related bug I did a patch/workaround for (sorta): the wifi router I have sends out advertisement packets all the time for IPv6 routing, and I can't shut them off (normally I'd disable the routing daemon and let the LAN handle it). Unfortunately, it ALSO sends them on the LAN, which means it tries to take over all IPv6 routing, regardless and send it out the WAN port. So if I don't manually config routing on the clients, it screws things up. To work around this, I manually assigned the WAN port to an IPv6 address on the LAN, and simplhy plugged it via ethernet back into the 4-port ethernet LAN block on itself (which is also plugged directly into the LAN). So it still takes over, but everything routes back through it and back into the LAN again, effectively adding a single hop to the route until the LAN advertises the route, and they fight [but so what]. I suppose I could just plug the WAN into my network as well, but THEN it wouldn't be getting the DHCPv6 etc. info from the server if I did it [I'm pretty sure the WAN port filters these things]. OK it's a hack, and maybe some day I'll just build my own wifi setup with the FreeBSD server again, but it "solved" the issues of IPv6 routing being "taken over" by an ancient buggy wifi router that still works for everything else. [if I rebuilt the OS and took that bug out it would be better, but I'm kinda lazy sometimes]

bombastic bob Silver badge
Devil

Re: Security concerns

"work-from-home generates IPv6 traffic"

ISPs don't necessarily support it for home connections, though, at least not in the USA. The alternative is to get a tunnel from one of the free services [which I do]. But yeah, it would make perfect sense for a workplace LAN to "not support" IPv6 because of the security issues, a good number of which center around windows boxen with publicly visible IPv6 addresses.

bombastic bob Silver badge
Meh

Re: Security concerns

yeah, about those security concerns: I identified a number of those YEARS ago, and came to a few conclusions on how to mitigate them.

1. Every IPv6 is technically a publically-viewable IP address, which means your extremely insecure box (like one that is running a Micros~1 OS) can be directly accessed from "teh intarwebs". IPv4 usually has some kind of NAT that effectively firewalls most of the problems caused by a ;publically visible IP address. A similar "NATv6" would do the job and also allow for firewalling.

2. Direct routing to the outside world must somehow be managed so that firewalling can be properly done, especially for secure things. A "NATv6" system could also do that, but it may be more easily done by implementing IPv6 tunnels or internal VPNs. As an example, I use a popular ISP for IPv6 tunneling over IPv4. It can somewhat-easily be done on individual workstations, but would require SIGNIFICANT careful firewalling if you did this for Micros~1 OSs.

3. On Micros~1 OSs, there are a significant number of "listening ports" that you can see via the windows equivalent of "netstat -l". Like the old "Win Nuke" exploit of a few decades ago, there is nothing to stop some rogue from firing random packets at a visible port until something breaks. As such, having these ports "seen" over IPv6 is a major security risk. Normally the firewall settings would mitigate this, but a proper firewall appliance is really needed, and not something that runs ON a Micros~1 OS trying to "firewall itself".

Each physical connection to the internet could (somewhat simply) be routed through "an appliance" that would a) firewall everything, b) provide a level of "NATv6", c) assign semi-randomized IPv6 addresses to clients through a DHCPv6 or similar address assignment [already part of the protocol], and d) prevent any client from opening an un-firewalled publicly visible listening port [a major security flaw caused by UPnP support on many NAT routers, if you don't shut it off].

And yeah, it should NOT be that hard.

The biggest problem I found was filtering all of the IPv6 listening ports for windows boxen. I simply don't allow incoming connections on those ports. But I don't NAT the IPv6 addresses, so in theory, a windows box COULD open up a publicly visible listening port. If that ever becomes a problem I'd set up a better firewall on the gateway to prevent it (disallow ALL incoming connections to specific IPv6 ranges or similar). This is still do-able since you know what IPv6 addresses are routeable on the local side, and which ones are gateways [so you allow incoming connections on the gateways only]. However, for my home/office setup, I chose not to do it this way. And there's only one IPv6-capable windows box running these [the rest are all Linux or FreeBSD or phones]. I could shut off IPv6 on that box if I ever needed to.

Worth pointing out, phones and slabs do IPv6 really well on my LAN, over the WiFi. [now if I could JUST get some real speed on it...]

Lenovo certifies all desktop and mobile workstations for Linux – and will even upstream driver updates

bombastic bob Silver badge
Meh

Re: Vendor support is one thing...

"high performing closed sourced driver with a tainted kernel"

Yeah, about that...

The easiest "tainted kernel" workaround is a wrapper that's open source [so you can re-compile the kernel with a different config, and then re-compile the driver with the driver source, as needed, to get a driver that works with a different kernel config] while simultaneously using a BLOB to store the actual guts of the driver, _PARTICULARLY_ in the case of 802.11 drivers that might need to be CLOSED SOURCE due to FCC requirements [which is the case for Broadcom - I've worked with their NDA code in the past].

Seriously, the Linux community at large needs to accept the use of BLOBs in some cases, as long as it makes it possible for the drivers to be built for different kernel configs [the purpose of having open source kernel drivers]. It's not ideal, but it works.

And maybe more hardware vendors and DRM advocates would be willing to supply BLOB drivers (with open source wrappers) for their hardware (etc.) as long as it gives them the I.P. or legal protection that they want, instead of going "Micros~1 only". Yeah.

bombastic bob Silver badge
Linux

Re: Hats off to Lenovo

Yes - I have a refurb Lenovo workstation box I bought for el-cheap on e-bay that came with Win 7 on it [while I could still get one] that I use for all of the windows-things. It's a good box. Also have an older Lenovo that came with XP on it, one of those mini-boxen the size of a book, still working just fine [I still use it for 3D printing, after initially jumping through some hoops to get it to work with the printer - drivers, yeah].

So I _like_ Lenovo already. This news makes me like them even MORE.

However... there are 3 specific things Lenovo will need to do to REALLY make this work. i hope they do them all.

1. Make sure it is easy to change Linux distros on the customer end. No 'lock ins' of any kind, in other words, ESPECIALLY "secure boot" or anything similar. [with upstream commits for driver support, this is extremely likely]. Worth pointing out, I bought a machine with Linspire on it decades ago, and immediately switched it to Debian, with no problems. Same idea here.

2. Make the Linux option available for ALL product lines, not just "the high end ones". However, if only their 'high end' models have a Linux option, its still "a good start".

3. Deduct the cost of Windows license from the sticker price, and ship with a generic Linux on customer request so the OS cost can be waived. [I bought some micro-notebooks for a customer that were like this, arriving with some generic Linux distro on them and console only - they both got Debian installed, which had no SystemD at that time]

Once people "get it" that Linux can do pretty much everything EXCEPT run windows-only applications [and you can always put windows in a VM if you have to], AND it can cost LESS to get a Linux machine, people will re-consider whether or not they actually WANT Windows 10 on their computer.

And Micros~1 will be forced to re-think their OS "features" and marketing tactics.

SpaceX Crew Dragon docks at International Space Station

bombastic bob Silver badge
Pint

Re: this is only half the trip

in the case of a capsule, their heat shielding system is a bit different (and much simpler) than the one that failed on the space shuttle. The Space Shuttle's design had many tiles that were glued into place, and the (frequent) tile loss during launch could (and did) result in catastrophe. I think the entire heat shield is covered up during launch of the Dragon capsule and therefore it is not subject to debris or vibration damage like the Shuttle was.

It might be a good idea to park an extra Dragon or two up on the ISS for emergency departures. it can hold more people + stuff than a Soyuz, and is likely to prove itself to be extremely reliable.

Oh, and a beer for the successful launch. Cheers!

Visual Studio Code finally arrives on ARM64 Windows. No, you haven't woken up in 2017, sadly. It's still 2020

bombastic bob Silver badge
Devil

Re: If Node.js is supposed to make "cross platform" easier via JavaScript...

"Hasn't Chromium been running ARM64 for years though?"

As far as I know, yes (especially for any Android devices that are arm64).

But I don't think Chromium is dependent on 'electron' which (I might point out) is most likely the thing that ultimately determined that VS code would use Node.js. And, as far as I can tell, Chromium is mostly C++ code (unless this changed since the last time I looked at it). Being that the library bottleneck (aka 'electron') uses Node.js, it's a core part of the problem, using 'Node.js' at all.

80-characters-per-line limits should be terminal, says Linux kernel chief Linus Torvalds

bombastic bob Silver badge
Devil

Re: The real reason for fairly small line lengths

"Since many programmers only produce write-only code"

yeah, THERE's your problem...

Seriously I came to the conclusion a long time ago that I might be "that guy" having to maintain my own poorly written/documented code, so it was in my OWN best interest to make my own code readable by non-insiders. Because in 1 or 2 years' time, I'll NEVER remember why I did stuff 'that way'.

As pointed out earlier, limiting line lengths often helps in readability as well. But when you include per-line comments in that line length restriction, limiting to 80 columns is too restrictive.