Posts by DanielsLateToTheParty 45 publicly visible posts • joined 24 Feb 2016
The third type of refrigeration is https://en.wikipedia.org/wiki/Absorption_refrigerator
Often overlooked, it has no moving parts and uses heat directly as a power source. Of course the laws of thermodynamics apply and you cannot get more cold out than the heat you put in. Occasionally I wonder if this could be used as a pre-cooler for computer enclosures? The air blown over chips would be cooler than ambient and the exhaust feeds back into the heat cycle.
The Unix philosophy has always been "Do one thing and do it well". SystemD fails at this because it tries to do many things. X11 is guilty of trying to be too many things as well. EMACS historically was criticised for the same. PulseAudio (another one from Poeterring) feels like it falls into the same trap.
Wayland is distinct in that it tries to uphold the philosophy and focus on one thing, compositing. It wasn't thought up just to annoy people. It was created to fix a single problem. Arguably it hasn't fixed a whole lot because clearly people are annoyed but please don't lower it to the level of SystemD.
"He went on to say that the project has never received a single valid bug report that was generated using AI"
If a report points to a real bug how do you know it wasn't an AI all along? Isn't this confirmation bias? It's like people who say "I can always spot a liar" when they have no way of knowing when they've been lied to.
Fairly recently, might have been earlier this year, I was asked to help with an importing problem. The office staff had been handed a CSV file with 50 million rows and they had been struggling with it for several weeks. At first they thought it's the same thing as a spreadsheet file so tried to open it in Excel but that has a limit of 1 million rows and would not go. Then they tried to break it into several smaller files but every spreadsheet program they tried still crashed on each attempt. So next they went back to the source (another company who wanted to send data to our server) and they agreed to write a script that would connect to MySQL on our end and insert every row... one at a time and looked like it would take a whole year. I agreed if they could send me the CSV file directly and one "mysqlimport" command and 90 seconds later it was done.
Yes the 70s had some, interesting, clothing choices. Here is a glorious example of the man himself.
https://www.computerhistory.org/revolution/supercomputers/10/7/3
And here's another favourite photo. It's the Enterprise in a time travelling mixup and Dr McCoy is a total pimp.
https://en.wikipedia.org/wiki/File:The_Shuttle_Enterprise_-_GPN-2000-001363.jpg
As a first timer in a VLSI lab I got to try out some Sun SPARCstations, of which there were 10 in a row and all networked. The lab tech was very proud of his domain and showed off their ability to act as terminals to one that was powerful enough to run CAD for all of them. That just means they were each 10 times too powerful but I digress.
The mouse on mine could move but nothing could click. The tech guy leaped into helpful mode and pointed out that the buttons don't work when the keyboard's numlock is on. "But that's crap!" I said without thinking. Something that I regret because he was almost brought to tears. I had insulted his babies for having a pointless and crap design and who wouldn't be hurt by that? Of course I still think I'm right. It's a ridiculous oversight.
For whatever my sins were, I've been issued a site with Tailwind CSS. It tries to be minimal by only having a single CSS rule per class name. So now you get to enjoy the prospect of HTML made up almost entirely of class strings.
Here's an actual example from their boasting ("It's tiny!" they declare) web page:
<input class="focus:ring-2 focus:ring-blue-500 focus:outline-none appearance-none w-full text-sm leading-6 text-slate-900 placeholder-slate-400 rounded-md py-2 pl-10 ring-1 ring-slate-200 shadow-sm" type="text" aria-label="Filter projects" placeholder="Filter projects...">
Thank heavens they didn't use inline styles or that could have ruined everything.
This is Magento 2 which was largely written by a team of Java programmers from eBay (eBay owned Magento Inc at that time). The result is typical Java-ness with objects that only exist to wrap objects that contain a single function called "execute" which is instantiated by a factory class, that is instantiated by a manager class, that is referenced by as many XML files as there are PHP files - some of which are only there to read XML files.
A typical installation has 60,000 source files, over 3 million lines of code, about 500MB BEFORE modifications are made. PHP sites are usually assigned a memory limit of 128MB but for Magento we recommend raising that to 2GB. Our preferred servers come with 200GB RAM because ElasticSearch (another of Magento's requirements) is such a memory hog that I've often seen it go above 100GB. For one website!
Oh and about 40% of our sites got hacked by various cosmicstring groups in the past two months.
I'm currently relearning C and, feeling open minded, let AI help me with writing snippets. Genuinely it impresses me that it's able to not only write real code but makes it legible and explains what everything should do. However the downside is while it all looks reasonable sometimes the compiled code just doesn't work, not even with tweaking. To think that bots can grok an ancient codebase well enough to recreate it elsewhere is laughable.
That mention of school reminds me of a day in electronics class when a friend was trying to power up a 555 timer. He plugged it into a breadboard, and the breadboard to an (analogue) power supply, then turned the knob up to 5V but the dial was around 1 instead and so cranked it up more. He got as far as mumbling "this won't go above 2.5" when the chip popped and blew a segment of black plastic into the ceiling. He'd been reading amps instead of volts of course. The ceiling had a crater. Amazingly the silicon chip was lying exposed and we could see it with a magnifying glass, albeit with a chunk missing.
I am dead set against synthetic hydrocarbons because aside from being the most expensive option they also have all the conventional pollution of fossil fuels. Sure those are carbon neutral but cause about 8 million deaths per year, https://ourworldindata.org/outdoor-air-pollution. Anthropogenic climate change has yet to make itself felt but worst case predictions put the death toll at 0.5 million per year. The only moral alternatives for storage are electric batteries and compressed air.
Additionally biofuels are just as harmful with the added cost of using taking arable land away from food production. If you think about it biofuels are an inefficient and messy form of solar power.
Internet anecdotes are worth less than the paper they're written on, and will remain so until someone reverse engineers all of Google's proprietary code blobs, or decrypts the encrypted tracking data. It's possible that I only remember the conversation because of the unfortunate timing that followed it. We don't remember everything we ever said nor every advert we ever watched (or try to avoid doing do).
In the meantime let's remember that the corporation has shown their colours before. Streetview cars collected wifi data for years, executives knew about it and did nothing until they were confronted and then chose to deny the facts.
https://www.theregister.com/2012/04/30/google_slurp_ok/
I had adverts for washing machines appear on my phone a few hours after having a conversation about washing machines. I haven't seen another washing machine advert in the years since that day. Now, a coincidence is only ever a mere coincidence, but what about when there are a great many coincidences?
Also Google is technically proficient enough to transmit and record entire conversations from every device in the world. They're more likely to employ a bloom filter of profitable keywords, sampled at random times to avoid suspicion/drain the battery.
I was about to moan that this cannot work for anything meaningful because, to choose an example I am familiar with, eCommerce absolutely requires JavaScript. But that's just habit. Payment gateways "require" JS or iFrames or both for their security excuses when JS-less options are available. It's possible to navigate to a payment site that takes secret info through normal forms and then navigates the user back to their origin site.
For those that like multimedia (almost everyone really) then HTML <audio> and <video> elements should work OK without JavaScript if that were implemented. Site owners like Youtube & Netflix won't like it because they can't control the appearance as much nor track your every mouse movement (insert paranoid rant here).
So from that example the way to get around a paywall is as simple as calling "sayThanks" method? It can't be that dumb. (checks specification) No there is more to it, the receiving function needs an object with an "amountSent" property, then it's all legit!
In a typical day I spend perhaps a few minutes typing code, and hours reading others' bad code trying to work out why mine has failed, or finding a convenient point to make alterations. Then hours more devising test cases to find out why it's still not working. Such is development.
A parallel can be seen with 3D printers. The machine is unaware of what is really happening in it's print area and just spits out hot plastic that should be a facsimile of the designer's idea. In reality mistakes happen and layers separate, or the nozzle gets clogged, or something warps because the temperature is wrong, or the base unsticks, or the stepper motors misalign, etc. The printer cannot see problems so cannot rectify them. It has no context on which to work so cannot incorporate real world elements (except for explicitly being made to stop part way so as to allow human intervention). Anecdotally users say that even after a successful job, clearing up the messes and supports and so on take as long as doing the work yourself. When 3D printing was a brand new fad people thought that they would take over the world of manufacturing, every home would have one and Star Trek replicators would become ordinary. What actually happened is they have become a niche tool which fits in some workshops for those professionals who have time and reason enough to master them. My prediction is AI will eventually go that way. When the hype dies down we'll be able to say I told you so to nobody in particular.
In a previous life I worked as a waiter in a hotel which was popular amongst professional sportspeople (the hotel that is, not the job). Personally I have less than zero interest in sport but apparently they are quite superstitious people and our hotel had a reputation for hosting visiting teams. On one occasion a manager pops his head round the door and goes "Daniel I hear you know computers, come with me" and we go off to a footballer's room. Sounds shady at this point but it turned out to be benign.
The guy was Brazilian and had a routine of calling his wife each night on Skype which is kind of sweet if you don't think of it as checking up on him to make sure he is definitely alone. Now this is happening in early 2000s so internet is not ubiquitous and the guy's laptop was probably an IBM Thinkpad judging by the central nipple thing. He had plugged it into a handy ethernet socket and found no connection. I did my best to cover myself from any mistakes by explaining that every network is different and I don't know anything about this one in particular but would do my best. All I really did was open a prompt and type "ifconfig" but it looked quite unlike my home router so gave up. The footballer instead called his wife the POTS way and all was well.
The next day he met the boss's boss and explained what had happened. To the uninitiated eye anyone doing anything with a prompt looks like The Matrix and so he was very impressed. The big boss was gleaming with pride, or possibly smugness, and got to say "Yes well of course our staff are the best at everything". The compliment eventually trickled back down to my level. Sometimes just showing good intentions and a broad set of skills is enough, even if you're kind of useless.
Sorry to burst your bubble... but not so sorry as I'm doing it anyway. Here are exhaustive tests which show that even on 120V the kettle is still faster than the stove. https://youtu.be/_yMMTVVJI4c
The kettle inertia is just a cultural one like circumcision, Americans have been doing it so long that they can no longer tell how cruel and unnecessary it is.
Around 25% of people are over sensitive to bitter compounds and hence don't like tea or coffee. I must be in this group because I also dislike beer and dark chocolate, although milk chocolate is good and salted caramel chocolate is heavenly.
Also roughly 25% of people are under sensitive to bitter or cannot taste it at all. Which helps explain the bizarre phenomenon of eating sprouts!
https://www.hsph.harvard.edu/nutritionsource/2016/05/31/super-tasters-non-tasters-is-it-better-to-be-average/
In a nearby car park are a couple of spaces with freshly painted EV spaces, and a hole where gubbins will presumably go. Already EV drivers are parking there like they own it now. It's as if one has peed electrolyte around the perimeter and claimed the territory for their pack. I'm not upset, just amused.
(Icon is of a red Tesla Roadster seen head on but at close range so it has a strong perspective effect)
Last month we took on a new client with an old Magento site. It had been infected with something very similar, instead of "xurum.com" it referenced another compromised site. Because credit cards had been exposed and fraudulent payments were reported by CC companies there had to be a PCI-DSS audit to make sure every last trace of infection was scrubbed. The problem was every time we cleaned up the offending card skimmer it would come back, sometimes right away, sometimes after several hours.
It took a lot of debugging to figure out there were two things going on; First the infection was in a database trigger so that each time an admin user logged in it was recorded in a specific database table, that triggered the trigger, that would re-inject the card skimmer. It was bloody hard to find because the database copy we took for analysis only had the plain data, not the triggers or functions. Let that be a lesson for you all!
Second the hackers would periodically return to the site, attempt to place an order as if they were a normal customer and if the expected javascript was missing they would log in with one of the four bogus admin accounts that had been set up, and add the same skimmer again but this time manually. I captured all this in logs and it was clearly practiced, the whole interaction took just 6 minutes. It's a very professional outfit and I suspect they likely contracted this step to a lesser hacking group. Modern hackers are not loners in hoodies with a taste for chaos but regular looking office workers in suits who work a 9-5.
The site was just waiting to get compromised. Not only was it using older versions of software, but it also did not add vulnerable functions like "system" and "exec" and "shell_exec" to PHP's "disable_function" setting. This setting is annoyingly left empty by the PHP Group when they should make it most secure by default. They do disable "allow_url_include" initially which is the sensible decision. Magento could also check for stuff like this on installation and put it in their .htaccess file if necessary, but they never bothered. Popular management software like cPanel do set this to protect newbies.
The advantage of biofuels is they stay within the carbon cycle (and the engine technology required is mature). The disadvantage is burning them produces particulates like soot. As I recently learnt from the news, climate change is causing weird green bumps in Siberia, whereas air pollution kills 7 million people per year. If that's the damage to humans then just try to imagine the same effect to all other life.
I've chosen to boycott Amazon for a while now even though I know it cannot do any good against the millions of customers who value convenience over morality. Also I try to explain it to basically anyone who stands still long enough, it might be unpopular but I want to be able to sleep easily.
At my higher education I had a friend who would place a line of tealights along the top of his monitor. It was CRT, not LCD, so there was plenty of room, and they never got hot enough to do harm. Then one day he bought slightly larger ones that did get hot enough but didn't notice until they had sank right into the plastic. Only the embedded metal frame above the tube stopped their progress, with the top edges flush with the surface of the plastic. After a bit of excitement and much amusement, he shrugged and topped them up with more wax.
My mum got caught by this several times and is now a dab hand at the somehow-even-more-cryptic cancelling process. Then she got a call claiming that she had been signed up again, which is totally believable, but it was a scam and the fraudsters managed to gather enough information to start a payment of £3000! Luckily the bank stopped it as suspicious but it just goes to show that Amazon is confusing enough people for it to become an issue.
I'm a freelance programmer.
One client only comes to me occasionally, typically when his Indian outsourcers are struggling with a task. Recently he freely admitted that although I charge 3~4x as much per hour he knows that I can complete such tasks reliably and in 1/8th the time. My interpretation of this is that it pays to keep a thoroughbred in the stable, and that there is no substitute for quality. The race for lower costs has incurred hidden costs elsewhere. For example, a cheap tool is more likely to break in your hand and when it does you have to stop work and go buy another one (the throw-away society is another rant for another day) and that's lost time ergo lost productivity. You may already know this concept as false economy.
The short term solution is to ensure that common goods are produced everywhere, not just in the poorest places, and then we continue to trade for specialist goods that we don't have here. In the long term it will be necessary for the rest of the world to improve their standards which will then increase everyone's quality of life. Who knows, maybe we'll even help educate them.
"at least it shows that the data bandwidth is actually available"
I thought carefully and almost reached the same conclusion but what if the point was to 'incentivise' media companies to downgrade their own content to 480p so they get viewed in preference, and so reduce overall data use? If so its a genius stroke from T-Mobile. But then I remember my experience of being a T-Mobile customer and doubt they are that shrewd.
Proving that bandwidth is available and then demanding high prices because of it's scarcity is clear profiteering.
The story in the article is mine, it happened to me last week. As Lysenko realised there were errors generated by badly formed SQL from requests with " '; " (hundreds as mentioned in the article) but none with " '); ". Serious errors like that notify me directly rather than waiting in a forgotten log file forever.
After dealing with that and patching in a hurry, I went back and grepped for the attacking IP address and found over 65000 requests. Most seemed to be completely benign. From using pen-test tools I know that the first stage is to spider a site and that generates the most traffic. Some attacks contained PostgreSQL or MS SQL specific functions which suggests they didn't know it was a MySQL site. So it looks like a mostly automated attack from a single address in a Russian IP block.
The forensic aspect is fascinating. Kind of like CSI only real. I'd love Register to do an autopsy of a more complicated attack some time.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
