Posts by SCP

Re: Magazines

... have just enough content to get enough users to pay for / pick up each issue ...

Or, the good old cover disk.

Re: Is this all Yorkshiremen?

Used to do that all the time until the trouble at t'mill. One of the crossbeams went out of skew on treadle - or summat. Now we have to do it all by hand using jumper cables on the serial IO port.

Re: The mind fair boggles

How is understanding the provenance of the software going into your system an outdated attitude for those concerned with high-assurance systems?

That a lot of OSS is a bit of a free for all certainly makes establishing provenance pretty difficult (if not impossible), and that might make it undesirable to include such software in your system (unless steps are taken to establish that it has not been compromised). However, unless the need for such checks is stated (and given value) it will not happen.

Provenance should not be a sole factor in determining that a piece of software meets the assurance levels needed for the system, but it adds to the evidence that is used to build the assurance case.

The story of the 1980's construction of the US embassy in Moscow illustrates how provenance and control over the origins is important. The initial US belief had been that it was OK to let the Soviets build the embassy as they could sweep it clean when they took possession. This proved to be so impractical (due to a good deal of "mischief") that it ended up with only a specially checked/protected room inside the building being considered secure. (That story is contrasted with the construction of the Russian embassy in Washington - which had a stringent security programme throughout its construction).

[article]

Re: Memories having a secretary

Warning: This post contains material that some may find upsetting.

Concur

Aaargh! Trigger Warning please.

Re: And theres

[Footnote: It was a Seagate 7200.11 (ST3750330AS) and I have found the firmware update (SD15) that eliminated the problem - saved with my other 'old' driver collections - but no sign of the fix (which was more interesting from an engineering hacking point of view). I hope I printed the notes and stored them with the cables 'just in case'. Ah, memories of the good old bad old days.]

Re: Oh Lord...

...

"New Improved", "Oiginal", "Original Pro", ... ad nauseum (though that might be reserved for the ad based licensing model where the LLM will generate the ads locally based on your use of it. Product placement baked into LLM training data - that's one for Douglas Powers Enterprises).

Re: On Hallucinations

I'd like an instance of your statement, if you can give me one.

My trusty hammer has never let me down (and it's not called Mjölnir).

Re: Something to fear

Err, sorry I'm just not understanding banter at all well today. Give us it again, slower, Squadron Leader.

(I'm guessing it is about some Google things linked into HMRC websites that lead to some tracking/privacy concerns.)

Re: Speed of Transition

There is technical debt in the existing bodies of code, but also some gained value from the years of use and bug-elimination*. Re-writing established code is not without its risks so the decision whether to re-write or not is not always a straight-forward one.

* This is known to be far from perfect as bugs are still found, from time to time, in quite old libraries.

When writing new code the risks of repeating well known** errors is greater and so adopting languages (or as mentioned here - compiler enforced code profiles) that prevent those errors is more desirable.

** Despite some coding errors being well-known for decades they continue to re-occur in new code; people make mistakes. Based on the evidence of continuing repetition of well known coding errors, relying on people to know that they should not do something is not a reliable means of ensuring high quality code.

Having new code written in languages that prevent certain types of error helps prevent the addition of more problems to the code base and allows V&V activities to focus on other error types. Using well-established libraries, even if they are written in a less rigorous language, avoids making other types of error (such as handling corner-cases in the requirements) that might arise during a re-write of the functionality. The hybrid code might not be perfect but will often be the most cost-effective way of reducing overall system errors and provide the best opportunities of delivering effective V&V and high quality code in a constrained development budget.

Re: Laws of Mathematics

I understand how key escrow works (or rather - how it is meant to work). My point was that the determined user has options that mean that intermediatories do not get the opportunity to see the private key.

If you rely on the intermediatory's off-the-shelf application to do all your key set-up then, yes, this could include an escrow facility.

Re: Wake up call!

So what is your view on the Eurocopter Tiger and Airbus A400M. MBDA are producing some decent kit as well.

I agree that spending levels and priorities in Europe do not favour military projects and circumstances tend to give different nations different strategic priorities.

Re: There are a lot of legal weeds here

... an argument that once code has been released under (A)GPL terms then it can never been relicensed more restrictively ...

[IANAL] My understanding of things is that a copyright holder can issue copies under whatever [reasonable] terms they choose and it is quite reasonable to license copies given to different parties differently.

Thus making an open/free copy widely available under one set of licensing terms does not preclude them also making it available under other terms. The fact that a copy has been made available under these other terms does not cancel the rights of others to use what they have.

As copyright holders they could also modify the software or use it as a base for another product and provide that under a commercial licence. If the modification has not been made available under an open/free terms then others cannot simply apply the open/free terms to the modified software. They still have the right to use the unmodified software under the open/free terms.

Things like the GPL also have a copyright - so somebody using that licence text as the basis for their licence might run into copyright issues unless the GPL text is itself published under terms that allow it to be used in the way they are using it.

I do not know which points are being argued in the case before the courts, and not being a lawyer maybe I don't just need a legal team, I need the Eagle Team.

A crook who thought they could pull the wool over everyone's eyes.

Re: Value

I find them useful for running photo's down to the local print shop and for swapping "too large to email" video clips with family/friends. Can ensure (to a limited value of certainty) they are erased of any other data and will not be too unhappy if they don't get promptly returned.

Yes, I know about various cloud services for data sharing - but largely prefer to avoid them because "cloud"

Re: Sadly

There was the issue in Germany of websites using Googlefonts being ruled to be in violation of EU Data Protection as it resulted in a person's IP address being forwarded to Google to effect the download.

The IP address was judged to be personal identification data.

Re: Physics A Level

Well, if my A in A Level Physics taught me one thing it was that there was an awful lot more that I didn't know about a lot of things. It got even worse with my degree. And that was over 40 years ago and they have invented even more physics since then. But I still enjoy hearing about Quantum and Relativistic Physics subjects - typically Don Lincoln on the FermiLab channel or Matt O'Dowd on PBS Space Time. The universe is a weird place (even outside of social media).

Re: First Amendment

It is not a crime (in law) per se, but would be very non-U. Again, not a crime; but really!

Re: Not a ransomware attack

I wonder how they can be so sure of this?

Commonly 'because their salaries depend on it' - though it is possible that ignorance and stupidity are also involved.

Re: “Minimal adjustments”

Agree with all your points. My comment was to point out that there is often a more complex cost-benefit equation - particularly if quality/correctness/security have value, and I think the points you make here expand on that.

Unfortunately a "race to the bottom" on costs also has adverse consequences, many of which get regular coverage hereabouts. I think that also applies to the "skills" of those working in large parts of the programming industry.

It would be nice (IMHO) if the software professions could shift the focus of software creation so that more importance was given to eliminating classes of error we have known about for decades and still see arising. Despite all the advances made in programming language design and compiler technology there seems to be a great deal of resistance to moving on from a rather minimalist 1970s approach. (That is more of a general lament rather than a belief that Rust in particular is the way forward - in my active days Ada was the 'new way').

... why the Americans spied on one of their closest allies.

That's an easy one - "For the same reasons the French spy on all of their allies!"

Re: You can't add arbitrary data to remove bias.

Whilst the study used names to introduce an obvious race/ethnicity marker into a set of controlled data (then observed the AI making different assessments) it is also noted that in open data there are other indicators, based on the use of language, that can indicate race/ethnicity/etc and can be picked up by AIs.

Re: There is nothing illegal about...

One of the things I really do miss from Usenet/Newsgroups is the ability to put a thread on ignore.

Sometimes it is useful to block/ignore a Troll/Shit-poster entirely - but more often it would be nice to skip a sub-thread that has gone off-topic or descended into irrelevance (other than for the parties bickering).

Conversely, sometimes I find a very informative post and take time to look at what other things the poster has commented on to see what other pearls there might be. ften I think it would be nice to put them on a watch-list.

Ho hum - if wishes were horses ...

Quite! I can hardly wait for the trials of the Musk5.

Re: Failed roll out.

Supplementary Question (as we seem to have some knowledgable types around):

How robust/protective are the PSUs for the "smarts" in the meter? Having had electonic equipment taken out by mains voltage yoyo-ing up and down as the grid attempts to restore power it would not seem a good idea for meters to be susceptible to such events. (ISTR that a type of PSU often used in household electonics does not react nicely to the mains repeatedly switching on and off in short order).

TIA

Re: Dilemma

I would be all for judicious improvements, but security is usually a trade-off with convenience (at some point the inconvenience of a security feature outweighs the benefit obtained). And, absolute security is very difficult to achieve (I noticed a recent report about how German police circumvented Tor anonimity).

Given the history of marketing agencies and their enthusiasm (along with various others) for surreptiously tracking users across the internet there is good reason to be suspicious of a move to allow more adverts and such-like through - though the desire for revenue to fund future work is understandable.

Raising awareness of short-comings in current offerings (really suppliers should be open about such things) and campaigning for improvements (or against regression) is commendable.

There is a case to be made that it should be men in blue coats and non-padded cells.

With a supply of orange jump-suits!

Perhaps by making these tools open-source they make it practical for independents to get into the game and produce non-shit movies.

Of course, good movies need more than special-effects and swish production tools - but having these available would help produce a more polished product and to learn skills that would help make them commercially successful.

In my [very limited] experience amateur film makers can be very interested in the technical aspects of their 'hobby' and there are probably going to be many who enjoy working with these tools.

Re: USA

It depended on how that first dozen were selected, and it was often more luck than judgement ...

Well, you wouldn't want to employ someone who is unlucky!

Re: It's what's inside the counts

I have real doubts about the Carbon balance of wood products. I have no doubt that AI is at best bogus and perhaps dangerous. But this type building is as good as any other and better than some.

AI - Arboreal Infrastructure ???

Re: One socket to rule them all

Well it all depends on how sad you want to be.

You could keep them and try to explain to your SO or offspring the value of keeping such things - just in case. And mark my words, the day will [eventually] come when someone will ask you if you have something that will fit some bit of old kit (Centronics cable anyone). You now have the added advantage of expanding your range of USB-C cables.

You could set up an E-Bay account and flog off your cherished antiques.

Or, you could go old school and take a stall at a local boot fair and flog them there.

Alternatively, you could take the hard step of letting go and sending them to the recycling centre (but don't forget [UK only] to take the fuses out of any mains plugs and add to your collection of spares)

Re: There are already tasks in Jira

I didn't get where I am today by seeing how our alignment matrix synergises!

Re: Pedant Alert

You do recall correctly. It was intended as a bit of cross series banter (and I much preferred Captain Scarlet to Thunderbirds)

Re: A nice idea but seems impractical

But the Turing machine is a concept machine that provides a minimalist design that can be shown to be able to complete any general computing task. It is its use in this conceptual role, rather than a usefully practical computing engine, that makes it a foundation of modern Computer Science - in particular being able to show that another architecture is able to implement a Turing Machine (that it is Turing Complete) provides a critical insight about an architecture.

The von Neumann architecture is concerned with the architectures of practical machines (but can also be applied to more abstract architectures).

I don't think anybody would seriously tout a physical implementation of a Turing Machine as a model for a usefully practical computing engine.

"Turing might have had a bit of a blind spot when it comes to working with others"

Hmm, I think he would not be alone in that respect - even in the context of WWII where the stakes were so high there were plenty of "personalities" who seemed unable to "play nicely" with others.

Re: So-poor-markets

I have on occassion dumped my shopping when I have become totally fed up with hunting for items after one of their "let's move stuff to different aisles for shits and giggles" events.

On other occassions, when I have time on my hands, I have one of the supervisor staff to repeatedly ask where items are. I noted on a recent occassion that the local Tesco had left placards around saying where the item that used to be there could now be found - but that is probably in response to wider customer griping.

Re: Simple solution

I think that has already been done by the Red Barrows.

Re: A good start, yes

What sort of static analysis are you thinking of? There are forms of static analysis (including such as Polyspace and Absint for C. SPARK is available for Ada) which can unearth very deep errors. Proof of Absence of RunTime Errors has been around for decades and the automated proof engines have been growing in capability all the time.

This does not mean you should throw any rubbish at the tools - you need to follow sound design and implementation principles to get the best benefit. With poor code you tend to get swamped with warnings (rather than unambiguous hard errors or green lights) which you have to work to resolve.

These tools also lead in to formal verification of code behaviours. PARTE provides an interesting stepping stone in that runtime errors are indicative of erroneous code, but you don't need to formally define the behaviour since it can be derived from the language definition (or basic maths). However, PARTE often benefits from additional code annotations that define intended constraints for the code operation - the tools verify these constraints will be met and uses the constraints to simplify subsequent proofs.