* Posts by cdrcat

111 posts • joined 24 May 2015

Page:

Antitrust battle latest: Google, Facebook 'colluded' to smash Apple's privacy protections

cdrcat

Re: So What

I am not a Google lover by any means, but Google *mostly* does a pretty good job given the ad industry.

If Android and gmail were split off, I imagine the first thing would be to upgrade install the worst possible uninstallable Apps and sell off your data to the spammiest bidder. How many times have I seen a product go to shit when it changed hands? Imagine if Microsoft owned Android?

The Chrome development team are uniquely talented - the reliability is astonishing and their speed of development is unlike any other team I know of (I don’t like all the new features but I really love others, and W3 was trying to spec some epically stupid stuff so fuck them) . Three other well paid teams are shit in comparison from my very long and painful experience. Imagine what would happen to Chrome if it was sold? It is open source - a gift to us all - so you don’t have to use Chrome.

I am most dissatisfied with Google search and YouTube - the gradual degradation with more and more adverts is killing those for me.

Netflix sued by South Korean ISP after Squid Game fans swell traffic to '1.2Tbps'

cdrcat

Re: Looks like the ISP wants 2 bites of the cherry

Some Netflix traffic goes via backbones, but most Netflix data is streamed from cached content served by appliances installed at reasonably local peering exchanges.

“Each Open Connect Appliance (OCA) stores a portion of the Netflix catalog, which in general is less than the complete content library for a given region. Popularity changes, new titles that are added to the service, re-encoded movies, and routine software enhancements are all part of the nightly updates, or fill, that each appliance must download to remain current.” — https://openconnect.zendesk.com/hc/en-us/articles/360035618071

Stack Overflow acquired for $1.8bn by Prosus (no, me neither)

cdrcat

Only the questioner can select the accepted answer

Often the person asking the question marks an answer as the accepted answer, and never goes back to correct it.

Well, that was how it worked last time I looked, although I admit that I too find it frustrating.

The Audacity: Audio tool finds new and exciting ways to annoy contributors with a Contributor License Agreement

cdrcat

They could allow CC0 the same as Rack does

As per https://github.com/VCVRack/Rack/blob/v1/.github/CONTRIBUTING.md

“””

To accept a contribution, all authors of the contribution need to either

* declare the patch under the CC0 license.

* complete a copyright reassignment form.

* perform the work under a paid agreement.

“””

We admire your MOXIE, Earthlings: Perseverance rover gizmo produces oxygen for first time on Mars

cdrcat

Aerogel doesn't have to be fragile

> It seems to me that the biggest technical achievement was keeping the areogel intact for the trip

"""not all aerogels are easy to break! Classic (or 'legacy') aerogels exhibit extremely high strength-to-weight ratios and are able (in principle) to hold thousands of times their weight in applied force, however also typically exhibit extremely low fracture toughness, that is, the ability to resist propagation of flaws in the material. As a result, it is possible for a classic aerogel block that is 96% air by volume to hold a brick thousands of times its own weight, but only if the weight is placed on the monolith gently and there are no major cracks in the aerogel.

New mechanically strong and machinable aerogels such as Airloy® strong aerogels made by Aerogel Technologies fix this problem. Airloy aerogels are hundreds of times stronger and stiffer than classic aerogels and simultaneously durable and fracture tough. Unlike legacy aerogels, Airloy aerogels can be machined (drilled, tapped, turned, milled) and bent without breaking. The strength, stiffness, thermal conductivity, and other properties of Airloy aerogels depend on the product series."""

http://www.aerogeltechnologies.com/about/faqs/

cdrcat

Not much energy is required

Use a countercurrent heat exchanger - incoming air is cooled by the outgoing air. https://wikipedia.org/wiki/Countercurrent_exchange

George Clooney of IT: Dribbling disaster and damp disk warnings scare the life out of innocent user

cdrcat

A colleague thought he was Jesus

He told me about when he was committed to a mental health unit, because he thought he was Jesus.

Inside he meets a guy who says "Hi, I'm god". My colleague response by suddenly hugging the guy and says "Dad" emotionally.

Feature bloat: Psychology boffins find people tend to add elements to solve a problem rather than take things away

cdrcat

Some explanation could be that Lego has social rules

Different people have different rules about what is OK to do to another’s creation - and the rules are largely subconscious. They try to avoid that bias: “All the participants were told they could alter the structure however they wanted to.”

But that isn’t quite the same as giving “ownership” of the tower. It is hard to guess what one would do as a participant, but I suspect I would feel it wasn’t “my” tower, so my scope of changes would be more limited.

We imagine this maths professor's lecture was fascinating – sadly he was muted for two hours

cdrcat

Re: Pray elaborate?

A camera “star filter lens” adds starbursts to bright point source lights.

Camera filters can add, not just filter. I am sure you can suggest a better analogue filter example where the filter adds to the image... maybe a border?

Police drone plunged 70ft into pond after operator mashed pop-up that was actually the emergency cut-out button

cdrcat

Re: Fail safe?

Buttons that don’t click when you press them are a horrendous UI failure. You see the problem with slow user interfaces - people naturally click again and the second click can be on something behind a modal - fail.

You can fade-in the button, or grey out the button while it is disabled, but those solutions also lead to unwanted side-effects.

Pop up modals and unexpected scrolling are hard problems (on Android Chrome double clicking an input box selects, but the first click pops up the keyboard and scrolls the input box away, very annoying!)

Google AMP gets a shock to its system as advisor quits, lawsuit claims foul play

cdrcat

Re: Fuck javascript.

Google could uprank articles that serve pure HTML/CSS, with no JS. That would have achieved multiple goals: faster loading, less tracking, less viruses, better archiving, better accessibility. Bastards.

Watchdog signals Boeing 737 Max jets can return to US skies following software upgrade, pilot training

cdrcat

Re: The bigger picture..

“but it is not the MCAS. The autopilot has to be off for MCAS to kick in.”

“The pilots said that soon after engaging the autopilot on Boeing 737 Max 8 planes, the nose tilted down sharply. In both cases, they recovered quickly after disconnecting the autopilot.”

So the article is probably not MCAS related.

Windows kernel vulnerability disclosed by Google's Project Zero after bug exploited in the wild by hackers

cdrcat

Google bashing, now smearing...

The tone on multiple technical websites has really started to go up a notch whenever it is something related to Google. In this case a lot of comments are shooting the messenger.

The Google Zero team are not cowboy dicks: they follow a fair process and have thought about the issues more than most, and are trying to be responsible.

Think about what happens in an alternative world where Google keep these vulnerabilities hidden or just informs the vendor, instead of publishing them... Nobody likes the outcomes of vulnerabilities, but they are simply a result of Microsoft’s historical attitude towards security.

These security faults are often ancient, and the rate of discovery is not decreasing, so expect more of the same in the coming years.

2020 hasn't been all bad – a new Raspberry Pi Compute Module is here

cdrcat

Beowulf cluster of 4 of these

https://turingpi.com/

“ Today we are thrilled to announce the Turing Pi V2. The Turing Pi V2 is s compact cluster in a mini ITX form factor with 4 x cluster nodes, 2x mini PCIe (Gen 2) ports, 2x SATA (Gen 3) ports, and new Raspberry Pi compute modules 4 support.”

There ain't no problem that can't be solved with the help of American horsepower – even yanking on a coax cable

cdrcat

Re: Blowing fibre.

Air compressor fits the ABF gun better: https://hexatronic.com/products/installation-tools-and-accessories/air-blown-fiber-abf-installation-tool/

Anti-5G-vaxx pressure group sues Zuckerberg, Facebook, fact checkers for daring to suggest it might be wrong

cdrcat

Re: Welcome to the post-sanity world

And here I was thinking a healthy society cared about protecting the poor and stupid from themselves.

Be careful in wishing the worst upon those that make mistakes lest you fail to be perfect yourself.

Sun welcomes vampire dating website company: Arrgh! No! It burns! It buuurrrrnsss!

cdrcat

Re: Not me, but someone else

Don't spare a thought for such shallow idiots. Showing such people their mistakes is often futile, wasting your time and theirs.

Apple to keep Intel at Arm's length: macOS shifts from x86 to homegrown common CPU arch, will run iOS apps

cdrcat

Re: "Intel never thrilled me"

There are multiple hardware mitigations *already* in Apple processors. They are mostly aimed at preventing kernel level exploits, but it seems very likely Apple will continue putting in more security protections into the A* processors.

Intel have repeatably shown they prioritise sales performance before security, sort of like Microsoft of yore, and Intel is less likely to develop mitigations that require tight integration with the OS or deep modification of the OS.

Scroll way down to the heading “iOS kernel exploit mitigations” in this link which details some of the hardware protections: https://googleprojectzero.blogspot.com/2020/06/a-survey-of-recent-ios-kernel-exploits.html

Splunk to junk masters and slaves once a committee figures out replacements

cdrcat

Polish part I own; Reverse Polish notation okay to exist, opinion mine humbly.

cdrcat

Re: Ableist language is sadly everywhere

Calling somebody a mong is an insult in New Zealand, which I presume it is a abbreviation (and nothing to do with the Hmong).

Forget tabs – the new war is commas versus spaces: Web heads urged by browser devs to embrace modern CSS

cdrcat

Re: So how do "modern monitors" do it?

Say you have white (255,255,255). Now you want a red as bright as that white, maybe that should be represented as (765,0,0).

Or maybe you want to have 10 bit colours, so you can choose between (1023,1023,1023) or (255.75,255.75,255.75) as representations that allow ten bits per channel to be declared.

It’s all completely insane of course, since the page would have to say what colour space it was using, the gamma, and what representation it was using. Otherwise a browser couldn’t map the wide-gamut or 10-bit colours when someone used a normal 24 bit colour monitor.

We're in a timeline where Dettol maker has to beg folks not to inject cleaning fluid into their veins. Thanks, Trump

cdrcat

Re: "Orange Man Bad!"

Cristobal Colon is still alive running the show from a secret bunker located under the Vatican. You’ll notice that Christopher Columbus Is an obvious anagram containing “Hitler”, which says it all. “Americans” are actually spy robots - they have to be loud to cover up the noise of their internal machinery (Machiavellian has the same root). If the mods publish this, I will be replaced with a machine intelligence: if the quality of my comments improves then it proves it (or if they get worse it’ll be because they programmed the replacement to act dumb).

cdrcat

> might do us all a favour and Darwin themselves out of the gene pool

One needs to kill oneself before spawning, otherwise ones death has piss all Darwinian effect (kin selection matters, but stupidity matters more).

April 2020 and – rest assured – your Windows PC can still be pwned by something so innocuous as an unruly font

cdrcat

Re: Better to be an outlier?

iOS and Android dwarf Windows usage in a household context. And they are critical for security in a business context (they are often literally the keys to the bank and infrastructure in small to medium businesses).

cdrcat

Re: An attacker could also embed an ActiveX control marked 'safe for initialization'

ISA bus factor = 1: when the wrong board fails on your “highly complex mission critical device”, your mission stops and everyone finds a new job.

Commit to Android codebase suggests Google may strong-arm phone makers into using 'seamless' partitioned updates

cdrcat

Old Android phones remain more secure from attacks via web pages, because the browser is updated regularly. Android 4.4 (released Oct 2013) is still getting Chrome updates. Most other attacks are mitigated by needing to be physically near phone, are filtered by SMS infrastructure, or can be avoided by not installing crap apps.

Anyone on iOS 12 or less is stuck on an old and insecure version of Safari - the recent flaw that gives access to cameras also gives access to stored passwords... Roll the dice on every web page visited!

I generally recommend Nokia phones with Android One (designed by HMD) because they are relatively cheap but good, they get updates, and the Android version is clean (no manufacturer shit).

That awful moment when what you thought was a number 1 turned out to be a number 2

cdrcat

125 million Indians speak English

The Oxford Indian Dictionary will replace the OED.

Soon to be heard from your local chav:

My daughter is convent-educated

My teacher is sitting on my head

My friend is eating my brain

https://www.britishcouncil.org/voices-magazine/ten-surprising-expressions-indian-english

Microsoft CEO Satya Nadella talks hardware supply chains and elasticity: 'Bigger issue' is what happens around US and Europe's 'demand side'

cdrcat

Re: Supply Chains

Testable.

Order something that needs delivery from China, preferably that has just become stocked again.

My bet is that China is open for business at the moment - if the US had some real dirt on China they would be printing it no the presses already.

And there are multiple other Asian countries that have functioning economies - the star being Taiwan.

HMD Global pokes head out of quarantine to show off 3 new Nokia mobiles

cdrcat

Re: SD Card & Headphone Jack?

Do they have dual SIM? Very useful when travelling and past models had it.

Google reveals the wheels almost literally fell off one of its cloudy server racks

cdrcat

Re: Swapping whole racks out

Why would they ever have unused hardware? That would be a waste of money - hardware should be used.

“Google's Borg system is a cluster manager that runs hundreds of thousands of jobs, from many thousands of different applications, across a number of clusters each with up to tens of thousands of machines.”.

The system is set up so that hardware failures are dealt with by restarting jobs. Google have done that since they started (optimising for cheaper machines that are expected to fail, rather than expensive reliable machines).

Thought you were done after Tuesday's 115-fix day? Not yet: Microsoft emits SMBv3 worm-cure crisis patch

cdrcat

One down, 900 critical bugs to go

Assuming 25 critical bugs found per month, for the next three years, means there are 900 critical bugs left to find... this one bug doesn’t matter that much since there are *plenty* left for skilled parties to find and abuse.

https://blog.talosintelligence.com/2020/03/microsoft-patch-tuesday-march-2020.html

Chips that pass in the night: How risky is RISC-V to Arm, Intel and the others? Very

cdrcat

The Internet Is Being Protected By Two Guys Named Steve

https://www.buzzfeed.com/chrisstokelwalker/the-internet-is-being-protected-by-two-guys-named-st

Sorry, buzzfeed, but great story.

Sadly, the web has brought a whole new meaning to the phrase 'nothing is true; everything is permitted'

cdrcat

Re: Penny for a cup of tea, guv?

I offered to pay bus fare for some rando beggar guy, only to be told by driver that they didn’t allow that. Not sure why, but apparently a policy.

Firefox, you know you tapped Cloudflare for DNS-over-HTTPS? In January, it briefly knackered two root servers at the heart of the internet

cdrcat

Which defeats the purpose

One reason for DoH is to prevent MITM attacks. If the MITM can downgrade the DoH to normal DNS, then the attacker can control your DNS.

Talk about high tech: Tens of thousands of Cali marijuana convictions to go up in smoke, thanks to algorithms

cdrcat

The hippies have token over

Why have grown-up hippies from the 60’s and 70’s not had more influence on politics?

Bloke forks out £12m, hands over keys to tropical island to shoo away claims that his web marketing biz was a scam

cdrcat

I’m not a sysadmin but

Windows Server is amazingly reliable. But what happens when you get that one weird problem?

I regularly see a story about someone’s epic journey starting with an application level bug and ending with debugging some Linux internals and finally solving the problem (some obscure Intel CPU bug, or driver software issue, or epic network race condition etc). Those journeys begin with the belief that with sufficient motivation you can track down any problem on Linux/BSD.

When you watch someone solve a Windows Server bug the “solutions” are very different, and you rarely hear of someone debugging drivers or OS issues.

When I was smaller I wrote embedded software, and tracked down a very-hard-to-find bug in a RTOS.

Disclaimer: The business I helped found depended on Windows Server, and it rarely let us down.

Time to call off Mobile World Congress yet? Nvidia, Amazon and Sony all sidestep trade show over coronavirus fears

cdrcat
Black Helicopters

Try getting home when all flights are cancelled for months

If it is a pandemic, then all tourism will be shut down and probably flights will be very restricted (with a lovely long stay in a quarantine facility on arrival). An individual couldn’t predict the timing of that.

I wouldn’t want to be overseas if travel is mostly shut down: unless you happen to be in a country with better services. I’m in NZ and have enough food/water/medicine to let me hunker down at home for a few weeks. I am also lucky enough to have options to move to rural locations: hospitals won’t be able to help much if a pandemic peaks quickly...

Is Chrome really secretly stalking you across Google sites using per-install ID numbers? We reveal the truth

cdrcat

PII leak

> According to Granal, this identifier is sent to youtube.com, google.com, doubleclick.net, googleadservices.com...

The code[1] shows the X-CLIENT-DATA is sent for any google.X domain where google owns the TLD, but if there were any youtube.X domain owned by a squatter then the PII would be leaked to that squatter. I haven’t looked if there are youtube domain squatters that match that restriction...

[1] https://cs.chromium.org/chromium/src/components/google/core/common/google_util.cc?q=IsGoogleAssociatedDomainUrl

You spoke, we didn't listen: Ubiquiti says UniFi routers will beam performance data back to mothership automatically

cdrcat

Booo hiss to Ubiquiti

A Venn diagramme of WiFi device purchasers and privacy geeks would have a large union set. And surely Ubiquiti sales depend upon nerdigensia influencers - why would they be so stupid to burn their goodwill? I found out about Unifi products via geek forums.

They were my default supplier and I used to recommend them whenever WiFi discussions came up. They lose my voice, although I will probably grudgingly continue to buy their products because they are now the devil I know...

South American nations open fire on ICANN for 'illegal and unjust' sale of .amazon to zillionaire Jeff Bezos

cdrcat

And “amazon” is only an English word

In Spanish: Amazonas, selva amazónica

In Portuguese: Amaozonas, floresta amazônica

I have no love for Amazon Inc, but neither do I want to give up the word nice because there is a homonym(?) in France etc

Go on, eat your fibre, new build contractors. It's free! OpenReach lowers limit for free FTTP connections

cdrcat
Boffin

Crazy fibre to the premises connections?

Who's connected only their chicken coop?

Train-knackering software design blunder discovered after lightning sparked Thameslink megadelay

cdrcat

Re: Load shedding?

Presumably avoiding domino effects throughout the country is a good idea.

Presumably some of the engineers to reset the trains took flights?

Smart speaker maker Sonos takes heat for deliberately bricking older kit with 'Trade Up' plan

cdrcat

> What it doesn't have is security weaknesses

It has a Bluetooth implementation - which could easily have security flaws.

Where's our data, Google? Chrome 79 update 'a catastrophe' for Android devs with WebView apps

cdrcat

Re: Well ...

Fortunately there is a partial wet backup in the pet owners' brains.

ZTE Nubia Z20: It's £499. It's a great phone. Buy it. Or don't. We don't care

cdrcat

Re: I am from Gdańsk and I beg for help

Kiwi polish: invented by some Scots in Australia with a logo using a Maori name for a flightless New Zealand bird, made in England and owned by a corporation in the US.

Socket to the energy bill: 5-bed home with stupid number of power outlets leaves us asking... why?

cdrcat

I have a friend who just had some sockets added to his living room for jamming, installed by an electrician (with some audio chops apparently), with their own analogue earth to help reduce hum, and sockets in the floor for further convenience.

I'm not sure how they manage ground loops.

Microsoft explains self-serve Power platform's bypassing of Office 365 admins to cries of 'are you completely insane?'

cdrcat

Re: Microsoft knows best

Microsoft have already gone too far.

We had two true Microsoft believers in a team, deep into the cult, but they have slowly become more and more quiet about the wonders of their religion as the OS and development tools have become shittier and shittier.

I have slowly become luke-watm towards some of their open source efforts, but frankly they have to work hard to recover from decades of abuse.

cdrcat

Re: Employees buying software for their company?

> and any other sane browser choice is glitchy

There is no other sane browser.

Safari, Internet Explorer, Edge (before Blink), and Firefox are all dogs to develop for. I've written and supported a custom web framework, I know the pain. Edge changed engines in part because theirs was so hideously shitty.

You are implying web developers are lazy mindless scumbags, but supporting borken non-conforming browsers takes up 25% to 50% of dev time, so understandably web developers are keener to deliver new work than fight their platforms.

I hate Google's tentacles as much as any card carrying geek, but the Chromium team's engineering is unquestionably superb (and the other browser teams are weenies in comparison).

Your kids will be glad a UK government-funded robot will be changing your nappy and not them

cdrcat

Re: Immoral fuckers!

Your nirvana works for the wealthy (can pay for X people to help them) or it works for a population that doesn't require much help (1 hour of personal help for every 24 of life).

Once a population needs significant help (40 hours per week per week of life) then there is simply not *enough* people to do the "humane" thing.

Even worse, some of the carers are doing shitty inhumane work (lifting the elderly but damaging themselves; elderly looking after the elderly but unwillingly).

We should offload as much of the drudgery as possible and keep our elderly as *independent* as they wish. If we can use machines to do this we should - try telling your mum she should replace her scooter with coolies!

Reserve the human hours for real care - human touch, interaction, and brotherhood.

Page:

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2022