Posts by cdrcat

Re: Fail safe?

Buttons that don’t click when you press them are a horrendous UI failure. You see the problem with slow user interfaces - people naturally click again and the second click can be on something behind a modal - fail.

You can fade-in the button, or grey out the button while it is disabled, but those solutions also lead to unwanted side-effects.

Pop up modals and unexpected scrolling are hard problems (on Android Chrome double clicking an input box selects, but the first click pops up the keyboard and scrolls the input box away, very annoying!)

Re: Fuck javascript.

Google could uprank articles that serve pure HTML/CSS, with no JS. That would have achieved multiple goals: faster loading, less tracking, less viruses, better archiving, better accessibility. Bastards.

Re: The bigger picture..

“but it is not the MCAS. The autopilot has to be off for MCAS to kick in.”

“The pilots said that soon after engaging the autopilot on Boeing 737 Max 8 planes, the nose tilted down sharply. In both cases, they recovered quickly after disconnecting the autopilot.”

So the article is probably not MCAS related.

Re: Blowing fibre.

Air compressor fits the ABF gun better: https://hexatronic.com/products/installation-tools-and-accessories/air-blown-fiber-abf-installation-tool/

Re: Welcome to the post-sanity world

And here I was thinking a healthy society cared about protecting the poor and stupid from themselves.

Be careful in wishing the worst upon those that make mistakes lest you fail to be perfect yourself.

Re: Not me, but someone else

Don't spare a thought for such shallow idiots. Showing such people their mistakes is often futile, wasting your time and theirs.

Re: "Intel never thrilled me"

There are multiple hardware mitigations *already* in Apple processors. They are mostly aimed at preventing kernel level exploits, but it seems very likely Apple will continue putting in more security protections into the A* processors.

Intel have repeatably shown they prioritise sales performance before security, sort of like Microsoft of yore, and Intel is less likely to develop mitigations that require tight integration with the OS or deep modification of the OS.

Scroll way down to the heading “iOS kernel exploit mitigations” in this link which details some of the hardware protections: https://googleprojectzero.blogspot.com/2020/06/a-survey-of-recent-ios-kernel-exploits.html

Polish part I own; Reverse Polish notation okay to exist, opinion mine humbly.

Re: So how do "modern monitors" do it?

Say you have white (255,255,255). Now you want a red as bright as that white, maybe that should be represented as (765,0,0).

Or maybe you want to have 10 bit colours, so you can choose between (1023,1023,1023) or (255.75,255.75,255.75) as representations that allow ten bits per channel to be declared.

It’s all completely insane of course, since the page would have to say what colour space it was using, the gamma, and what representation it was using. Otherwise a browser couldn’t map the wide-gamut or 10-bit colours when someone used a normal 24 bit colour monitor.

Re: "Orange Man Bad!"

Cristobal Colon is still alive running the show from a secret bunker located under the Vatican. You’ll notice that Christopher Columbus Is an obvious anagram containing “Hitler”, which says it all. “Americans” are actually spy robots - they have to be loud to cover up the noise of their internal machinery (Machiavellian has the same root). If the mods publish this, I will be replaced with a machine intelligence: if the quality of my comments improves then it proves it (or if they get worse it’ll be because they programmed the replacement to act dumb).

Re: Better to be an outlier?

iOS and Android dwarf Windows usage in a household context. And they are critical for security in a business context (they are often literally the keys to the bank and infrastructure in small to medium businesses).

Old Android phones remain more secure from attacks via web pages, because the browser is updated regularly. Android 4.4 (released Oct 2013) is still getting Chrome updates. Most other attacks are mitigated by needing to be physically near phone, are filtered by SMS infrastructure, or can be avoided by not installing crap apps.

Anyone on iOS 12 or less is stuck on an old and insecure version of Safari - the recent flaw that gives access to cameras also gives access to stored passwords... Roll the dice on every web page visited!

I generally recommend Nokia phones with Android One (designed by HMD) because they are relatively cheap but good, they get updates, and the Android version is clean (no manufacturer shit).

125 million Indians speak English

The Oxford Indian Dictionary will replace the OED.

Soon to be heard from your local chav:

My daughter is convent-educated

My teacher is sitting on my head

My friend is eating my brain

https://www.britishcouncil.org/voices-magazine/ten-surprising-expressions-indian-english

Re: Supply Chains

Testable.

Order something that needs delivery from China, preferably that has just become stocked again.

My bet is that China is open for business at the moment - if the US had some real dirt on China they would be printing it no the presses already.

And there are multiple other Asian countries that have functioning economies - the star being Taiwan.

Re: SD Card & Headphone Jack?

Do they have dual SIM? Very useful when travelling and past models had it.

Re: Swapping whole racks out

Why would they ever have unused hardware? That would be a waste of money - hardware should be used.

“Google's Borg system is a cluster manager that runs hundreds of thousands of jobs, from many thousands of different applications, across a number of clusters each with up to tens of thousands of machines.”.

The system is set up so that hardware failures are dealt with by restarting jobs. Google have done that since they started (optimising for cheaper machines that are expected to fail, rather than expensive reliable machines).

The Internet Is Being Protected By Two Guys Named Steve

https://www.buzzfeed.com/chrisstokelwalker/the-internet-is-being-protected-by-two-guys-named-st

Sorry, buzzfeed, but great story.

Re: Penny for a cup of tea, guv?

I offered to pay bus fare for some rando beggar guy, only to be told by driver that they didn’t allow that. Not sure why, but apparently a policy.

Which defeats the purpose

One reason for DoH is to prevent MITM attacks. If the MITM can downgrade the DoH to normal DNS, then the attacker can control your DNS.

I’m not a sysadmin but

Windows Server is amazingly reliable. But what happens when you get that one weird problem?

I regularly see a story about someone’s epic journey starting with an application level bug and ending with debugging some Linux internals and finally solving the problem (some obscure Intel CPU bug, or driver software issue, or epic network race condition etc). Those journeys begin with the belief that with sufficient motivation you can track down any problem on Linux/BSD.

When you watch someone solve a Windows Server bug the “solutions” are very different, and you rarely hear of someone debugging drivers or OS issues.

When I was smaller I wrote embedded software, and tracked down a very-hard-to-find bug in a RTOS.

Disclaimer: The business I helped found depended on Windows Server, and it rarely let us down.

And “amazon” is only an English word

In Spanish: Amazonas, selva amazónica

In Portuguese: Amaozonas, floresta amazônica

I have no love for Amazon Inc, but neither do I want to give up the word nice because there is a homonym(?) in France etc

Re: Load shedding?

Presumably avoiding domino effects throughout the country is a good idea.

Presumably some of the engineers to reset the trains took flights?

> What it doesn't have is security weaknesses

It has a Bluetooth implementation - which could easily have security flaws.

Re: Well ...

Fortunately there is a partial wet backup in the pet owners' brains.

Re: I am from Gdańsk and I beg for help

Kiwi polish: invented by some Scots in Australia with a logo using a Maori name for a flightless New Zealand bird, made in England and owned by a corporation in the US.

I have a friend who just had some sockets added to his living room for jamming, installed by an electrician (with some audio chops apparently), with their own analogue earth to help reduce hum, and sockets in the floor for further convenience.

I'm not sure how they manage ground loops.

Re: Microsoft knows best

Microsoft have already gone too far.

We had two true Microsoft believers in a team, deep into the cult, but they have slowly become more and more quiet about the wonders of their religion as the OS and development tools have become shittier and shittier.

I have slowly become luke-watm towards some of their open source efforts, but frankly they have to work hard to recover from decades of abuse.

Re: Immoral fuckers!

Your nirvana works for the wealthy (can pay for X people to help them) or it works for a population that doesn't require much help (1 hour of personal help for every 24 of life).

Once a population needs significant help (40 hours per week per week of life) then there is simply not *enough* people to do the "humane" thing.

Even worse, some of the carers are doing shitty inhumane work (lifting the elderly but damaging themselves; elderly looking after the elderly but unwillingly).

We should offload as much of the drudgery as possible and keep our elderly as *independent* as they wish. If we can use machines to do this we should - try telling your mum she should replace her scooter with coolies!

Reserve the human hours for real care - human touch, interaction, and brotherhood.

I thought the Borg was the traditional M$ reference. Or is that reference too dated*†, or taken over by Gooplle?

* I have never received a geek card, so I can't hand mine in.

† Where can I buy a geek card? Preferably electrically and physically S100 compatible.

Re: Reminds me of two things..

But the KPI is correct - there's a sunken cost fallacy in there somewhere.

Sell 10 stale buns at $1 each = $7 profit.

Throw away 10 stale buns, make 10 new buns, sell at $2 each = $14 profit.

Throwing away buns is likely to increase profits (assuming most new buns get sold, ignoring elasticity or price discrimination, and ignoring some other issues).

Re: Insecure third-party scripts

It's possible the third party was Segment which has also just notified of a breach - https://news.ycombinator.com/item?id=20887809