* Posts by regbadgerer

34 publicly visible posts • joined 13 Feb 2017

If you've ever wished Visual Studio Code could be more open source, the Eclipse Foundation would like a word


Web app

This article failed to mention the fact that it runs as a webapp. This is pretty game changing for me, because I host a theia instance in a container and I can log in to my ide from anywhere (yes, including my phone - actually pretty usable with a Bluetooth mouse and keyboard).

Also, not quite sure I agree with the 'competitor' angle presented in this article - don't they share most of their code?

Also also, the thing about how vs code extensions 'just work' is sometimes true... the docker extension for example doesn't work at all.


Re: UI performance issues

@bombastic it's mostly written in type script - not sure if that counts as 'scripty' to you, but regardless I think your assessment of what's good and what's not is out of date.

It also has very little in common with the eclipse ide. For one the eclipse ide was clunky from day one and time has done little help with that. Two, theia is under the eclipse foundation, but mostly written by Microsoft and typefox, so it's wrong to tar it with the eclipse brush.

Also, in my view the great thing about theia is that it runs in-browser. Not sure you'd want to use java for that...

Amazon slams media for not saying nice things about AWS, denies it strip-mines open-source code for huge profits


I feel for AWS here

However childish AWS's responses was, I do feel for them in this case (and it's a lot less childish than the continuous digs at AWS in Elastic's blog posts), partly because the article they were complaining about looked like it came straight out of elastic's marketing department, it wasn't journalism in any form.

Elastic have been a particular poor open source citizen in this case. Firstly, having attracted contributions from many (including me) into the open source elasticsearch code, Shay has now gone back on his statement that elasticsearch would never be 'open core'. It's now a commercial product, the fact that a small amount of code is still open source doesn't make it an open source product. Secondly, they've merged open and closed source into the same repo which shows the direction they're headed in, and the extent to which they (don't) value their community.

When Shay chose the Apache licence for elasticsearch, he did so because he wanted people to use it commercially (otherwise he would have chosen a different licence...) because he needed the contributions that those companies (including AWS) would make to his code. He's now making quite a lot of money out of some code which has been contributed to by those same commercial organisations. In addition, elasticsearch is heavily dependent on Apache Lucene - in the latter years the main contributor to lucene was employed by IBM (to work on lucene full time iirc). So the money that Shay is making from elasticsearch now is partially driven by code that IBM spent money creating. It certainly feels like a contradiction to say it's ok for elastic to use code paid for by other companies, but then for some reason AWS isn't allowed to use elastic's code.

I'm pretty sure that the majority of elastic's complaint is simply that AWS are competing against elastic's own search-as-a-service, but they're trying to use allegations of poor open source practice to cover that up.

If Elastic don't want people to use their code commercially, they should use a licence that forbids it. This childish anti-competitiveness is helping no one except the lawyers.


LightAnchors array: LEDs in routers, power strips, and more, can sneakily ship data to this smartphone app


Yes, but for what?

They've shown that you can, but they haven't shown why. I suppose that's not always a prerequisite for innovation, but it's not obvious what the point is here.

I thought this was going to be an article about some kind of side channel attack which decoded the modulations of power LEDs to infer information about the processing that's being done on the device.

You looking for an AI project? You love Lego? Look no further than this Reg reader's machine-learning Lego sorter


Mechanical turk?

From reading the linked blog post, it seems like a large part of his problem was just classifying images accurately enough. I wonder how much it would cost to outsource that to amazon mechanical turk - would certainly speed up the process, and would also allow quicker experiments to see how having different kinds of images in the library affected the outcome.

Onestream slammed for 'slamming' vulnerable and elderly folk: That's £35k to Ofcom, please


Isn't this just theft?

Taking money for a service you didn't ask for sounds a lot like theft. I really struggle to work out how these people don't end up in court on a theft charge.

On a different note, kudos to the regulator/legislators for making it 10% of _turnover_ rather than _profit_. We all know how quickly companies suddenly discover their profit is zero when the treasury come looking for their slice. *cough* amazon *cough*

Just take a look at the carnage on Notepad++'s GitHub: 'Free Uyghur' release sparks spam tsunami by pro-Chinese


More Respect

I've used notepad++ for years, and never felt minded to try to donate anything to the author until now. His page doesn't seem to have a 'donate' link, so here's a beverage instead.

Does look from the download page as if he might have capitulated, as the latest release just seems to have a number?

Good news – America's nuke arsenal to swap eight-inch floppy disks for solid-state drives


Security through obscurity

"cannot be accessed with conventional network protocols, adding extra layers of security to the program"

If that's the only thing that stops people connecting random computers to the internet, then they have much bigger problems and should have responsibility for a bunch of nukes removed from them immediately.

Consumer campaign to keep receiving printed till receipts looks like a good move – on paper


Digital receipts have their uses

The only shop which I let send me digital receipts is Screwfix (because being able to easily see what I previously ordered so I can order some more is just too useful). The irony is that they print you a receipt anyway because you have to hang around waiting for the thing you ordered to be fetched from the warehouse.

I got 99 problems but a switch() ain't one: Java SE 13 lands with various tweaks as per Oracle's less-is-more strategy



I thought RedHat were now the stewards of Java, or did I misunderstand that?

(also enjoying the slew of comments that appear on all java related articles from people who try to show their expertise by saying that java should be binned with flash, but in fact demonstrate their complete ignorance of what java is really used for!)

Quick question, what the Hull? City khazi is a top UK tourist destination


Re: Pedant's corner

@Martin-R I've always taken issue with it, because to me it somehow sounds like an americanism. QI just let me know I wasn't alone and encouraged me to spread my pedantry further!


Pedant's corner

It's not called Lake Windermere, it's just called Windermere.

Mozilla boots alleged snoop troupe from its root cert coop: UAE-based DarkMatter thrown onto CA blocklist


This kind of behaviour makes me want to go back to firefox, despite the reasons I left.

When it comes to DNS over HTTPS, it's privacy in excess, frets UK child exploitation watchdog


Re: Does this change anything?

@flec thanks, so sounds like the problem is a combination of DNS over HTTPS _and_ SNI encryption, rather than DNS over HTTPS by itself. Though for whatever reason everyone seems to be jumping on DNS over HTTPS as the evil here (speculation: google have been promoting DNS over HTTPS, so perhaps people auto-associate with evil)


Does this change anything?

I guess I must be wrong here, but I always thought that the domain was sent clear even over https, so even with dnssec you'd be able to see what sites people were trying to visit?

AWS goes live with Windows containers... but contain yourselves: It's going to be niche


Is this new?

This has been around for a while hasn't it, maybe as much as a year? Struggling to see what the story is here?

There's NordVPN odd about this, right? Infosec types concerned over strange app traffic


Probably fine, handled badly

Hanlon's razor: Never attribute to malice that which is adequately explained by stupidity

It's all probably fine, but all it takes it one bad explanation and all trust in a company is destroyed. Even if they now come up with a reasonable explanation, we're not going to believe them. If they'd just come clean up front and said something like "yeah, it's keep alive, we just accidentally sent through some slightly sensitive headers, but we're fixing that" then there's wouldn't be much of a story here (assuming that _is_ what it is and there isn't something malicious going on).

Bit nippy, is it? Hive smart home users find themselves tweaking thermostat BY HAND


No fallback controls!?

I'm really struggling to understand how a product exists that can *only* be controlled via some kind of remote service.

Are the people saying they can't control their heating correct, or are they just the app generation and have no idea how to press actual mechanical buttons any more?

Scaling up Azure Service Fabric Linux Clusters using Ubuntu Xenial? Not so fast, friend


Just azure?

Seem to be constantly seeing articles about azure or 365 going titsup, but not so much about the other vendors. Is there a reg bias here, or is azure just genuinely breaking a lot at the moment?

Cambridge Analytica's administrators misled judge, High Court told


Er, what?

I might be because it's Friday afternoon, but is it me or did none of that make any sense?

Word boffins back Rimini Street in Oracle row: 'Full' in 'full costs' is a 'delexicalised adjective'


Doesn't sound right

This sounds suspiciously like common sense is prevailing in a US litigation case. This makes me feel really quite uneasy.

Bloke jailed for trying to blow up UK crypto-cash biz after it failed to reset his account password


Which is the nutter?

It says a lot about the modern world that I read this story, and couldn't help but think that of the two, the nutter was the person who opened the envelope from the middle. Bomb makers seem to be so commonplace that they hardly count as nutters any more.

And on the subject of opening an envelope from the middle - who does that!? How do you even do that without ripping the contents...?

Excuse me, but your website's source code appears to be showing


Not the root problem

Exposing your source code shouldn't be an issue, because your code should survive inspection.

Exposing your .git folder shouldn't be an issue, providing you've not been storing secrets in your git repo.

So, this is only a problem if you're doing something else wrong. You're always going to be fighting a losing battle, stopping people seeing your code isn't going to help.

'Unhackable' Bitfi crypto-currency wallet maker will be shocked to find fingernails exist


Patch for a weakness that doesn't exist... ROFL!

"However, if such a weakness is discovered, we already have a patch to fix it"

How would you have a patch for it if it doesn't exist? If it does exist, roll out the patch. If it doesn't, stop claiming you've got a patch for it.

Surely these people are aware how absurd their claims are - they must basically just be going after the bottom 10% of the market in the hope of making a little profit on the few devices they ship. Morally not dissimilar to a 419 scam.

'Fibre broadband' should mean glass wires poking into your router, reckons Brit survey


It was always fibre though, right?

The internet backbones have been fibre since the days of dialup, right? So, there's always been some fibre in it somewhere, it's only the amount that's changed. So not really sure why the ASA are suddenly allowing people to call it fibre.

I have FTTP, and I'm fed up of explaining to virgin media customers that I actually have a piece of fibre coming into my house, and they don't.

Astronaut took camera on spacewalk, but forgot SD memory card


Well, I suppose we're all thinking that an astronaut should be more than capable of understanding a 'no SD' message. On the other hand, a spacewalk is a very high-pressure environment and they're being bombarded with so many pieces of information and instructions that they simply don't have the spare brain capacity to handle extra weirdness like this. Also, I guess they're probably prioritising staying alive over playing with a new gadget.

Perhaps more interesting is that they actually expected a gopro to work in space?

I got 257 problems, and they're all open source: Report shines light on Wild West of software


The observations made in the article may well be correct, but Black Duck have a history of making things look worse than they are (e.g. by ignoring dual licencing of a library) and especially given their commercial interest, I for one will take all of this with a pinch of salt.

AWS sends noise to Signal: You can't use our servers to beat censors


I don't quite get this domain fronting - you make your connection to souq.com, but send a different host header (e.g. example.com) in the (encrypted) message body. How does that message find its way to example.com? Your message would be encrypted with a key known only to souq.com, so you'd need souq.com to decrypt and forward the request like it was a proxy server.

So clearly I've misunderstood something.

Just when you thought it was safe to go ahead with microservices... along comes serverless


Is it just me

Or is 'serverless' just microservices but using a vendor-specific framework?

Seems like a one-way ticket back to the vendor lock-in nightmares of the 90s that we've all been working so hard to get rid of.

Japan joins quantum space race with microsatellite demo


"space-to-ground entanglement" ?

It's not really my area of expertise, but is this really "space-to-ground entanglement"?

Or was that a physics joke that I'm not cool enough to get?

Capita call centre chap wins landmark sex discrimination lawsuit


Appeal grounds?

Am I not right in thinking you've got to have some grounds to appeal? E.g. you need to show that new evidence has come to light, or argue that the the law was applied incorrectly or something like that? In this case it seems that the (current) laws were applied correctly and the bloke got what he was entitled to (legally and morally).

We've spent years fighting for women's equality, glad to see we've remembered to fight for men's quality now too.

Drones over London caused aviation chaos, pilots' reports reveal


You can get some pretty big helium party balloons...

Time airliners starting get dashcams. Otherwise, who says they're drones?

At the speed they're travelling the pilot's not going to get much chance to look, especially given that they're (hopefully) concentrating on landing, but a half decent video would clear it up.

Crooks can nick Brits' identities just by picking up the phone and lying


They shouldn't encourage you to give out your 'security' data so easily

Doesn't help that these companies think their 'security questions' give them security, but then degrade that security by asking for them even when they ring you... Recent example when rung by a call centre employee (or possible hacker / monkey / google voice bot / LMD - delete as preferred):

[phone rings]

Them: Hi, I'm from [a utilities company], I'd like to talk to you about your account

Me: sure

Them: Can you confirm the last three characters of your postcode please?

Me: no, I don't give details out to people who ring me up

Them [incredulous tone]: What do you think someone could possibly get from the last three characters of your postcode!?

Me: access to my utilities account...? [hangs up]

Tech Trailblazers Awards: Shortlist out - now it’s over to you



Looked through the entire list, literally not heard of a single one of those companies. I know they're 'trailblazers', but I was expected to have heard of at least one.