* Posts by ibmalone

1283 posts • joined 6 Jul 2017


Tech support scams subside somewhat, but Millennials and Gen Z think they're bulletproof and suffer

ibmalone Silver badge

As for calls about my "recent accident" I lead them down a long winded story culminating in the fact I was hit from behind by a flying elephant.

What a dumbo.

Latest patches show Rust for Linux project making great strides towards the kernel

ibmalone Silver badge

Re: Misrepresentation

Agreed the string handling bugs are mostly a subset of other memory management issues, but they're particularly pernicious due to the traditional nul-terminated representation and string format specifiers (together with sscanf/sprintf and %n meaning even incautious printf can write to memory it shouldn't, not just access).

UK artists seek 'luvvie levy' on new gadgets to make up for all the media that consumers access online

ibmalone Silver badge

Re: What about the people in the software world?

An open source fund would make more sense!

Thinking of buying a new development laptop, 3% of a neat £1500 comes out at £45, am I any more likely to use this to do whatever it is they think I should be paying for than with a £30 Fire Stick / Chromecast / Roku? Do we have to pay it on our server and storage purchases?

Anyway, this problem is largely sewn up now, access through mobile devices and smart devices means most people are using streaming services for legal access (or semi-legal in the case of youtube videos). If producers aren't getting paid enough then that's the door to knock on. Or maybe do it out of general taxation, after all, I sometimes overhear buskers without paying them and no device was involved there.

Microsoft releases Windows 11 Insider Preview, attempts to defend labyrinth of hardware requirements

ibmalone Silver badge

Re: Forcing hardware upgrades in the midst of a global silicon glut, how to do PR the Micro$oft way.

Yes, one thing that struck me about the "rootkit" was it required admin to install and appeared to be intended to let gamers spoof location. That is, the real crime is trying to escape corporation control. (And of course it keylogged, because the kind of people who write this stuff are often dodgy.)

This may turn out to be a factor, when people realise their older hardware running linux can do things they are no longer allowed on newer hardware. The same way I still own a RPC-1 DVD drive.

What you need to know about Microsoft Windows 11: It will run Android apps

ibmalone Silver badge

Re: So, SatNad...

If you or I knew the answer to that then we wouldn’t be having this conversation because one of us would be genuinely clairvoyant and along with knowing what the PRC, Russians and NSA have compromised in our software supply chains we’d also know that this conversation was a waste of time with no positive outcome for anyone involved.

The thing is, we know commercial software has been compromised by intelligence agencies in the past, including holding on to vulnerabilities in Windows, so there's no particular use in asserting open source dependencies are compromised in particular (looking forward to bugs: "Regression, remote access exploit no longer works after commit abc123"). If they want to compromise open source they'll at least have to put some effort into maintaining it. MS have been less dislikeable recently, but as with Apple their goal is user lock-in, telemetry and requiring online accounts are moves towards that goal, the best we can hope for is they see utility and interoperability as a better way to achieve customer loyalty.

ibmalone Silver badge

Re: Windows

None of my own computers have 2.0, one has 1.2. Work machines TPM 1.2. Fortunately already using a KDE desktop, so don't need to switch to MS's.

Android apps is an interesting one, looks like MS moving in the opposite of walled garden direction in some respects.

ibmalone Silver badge

Re: So, SatNad...

What owned dependencies? Or is this just FUD?

Also, given MS's embracing of open source and increasingly Linux, who exactly do you think you're batting for with this one?

Who would cross the Bridge of Death? Answer me these questions three! Oh and you'll need two-factor authentication

ibmalone Silver badge

Re: As I see it

My bank ditched the chip-and-pin token generator for SMS 2FA a couple of years ago. Soooo much more secure.... (see icon ->)

ibmalone Silver badge

Re: Ah Captcha!

"Taxis" = yellow cars (rather than a Prius or an old black Merc with a sign on top). They're not yellow here. Are they even uniformly yellow across the USA?

Post-lunch snooze plans dashed as the UK tests its Emergency Alerts... again

ibmalone Silver badge

Re: "Every compatible mobile phone or tablet in range of a mast ..."

Many phones for older people are 2G, my grandfather had one of these: Doro 1360

Though I guess not alerting them to danger is entirely consistent with gov.uk's modus operandi.

BOFH: When the Sun rises in the West and sets in the East, only then will the UPS cease to supply uninterrupted voltage

ibmalone Silver badge

Re: Wouldn´t be surprised

Probably mentioned this before, but slightly related. Built a home designed guitar amp intended to run off a 20V DC supply (i.e. laptop power supply to avoid messing with mains), push-pull design (to drag out the most power possible think I was aiming for 20-30W), this normally needs AC, instead used a quartet of beefy audio transistors, and a little 2N5550 transistor balancing ground between the two halves.

Simulation says this transistor takes almost no current, just there to set the bias right. I say little, but they're supposed to be 0.6W. Worked with a test load (not going to blow up a real speaker). However, something about the design was not quite stable, so on the first real test it worked for a couple of seconds, then output stopped, there was a brief pause and then a very loud bang. Half the transistor casing had blasted off as it went from 0.5V to 20V and lost its short but valiant struggle. Changed a couple of resistors and tentatively tried a new transistor... the second one survived. It's been rewarded by sitting around for several years waiting for a cabinet.

A hotline to His Billness? Or a guard having a bit of a giggle?

ibmalone Silver badge

Re: the (painful) <insert company name> system

You : I would like to report a bug

Them: We do not have a procedure for that.

You: I would like to report two bugs.

Wine 6.0.1: For that one weird app on that one weird Mac

ibmalone Silver badge

Re: Easier to run a VM

If you're only using it for one application then fine, but switching between programmes and maintaining a second login are all a bit of a pain. I use Windows in a VM fairly regularly and would prefer to run applications as if they were native (however because other people need windows too, and it's not just for one or two applications that can be made to work with WINE the VM is the better option in this case).

How many remote controls do you really need? Answer: about a bowl-ful

ibmalone Silver badge

Re: My television wants me dead, or just gibbering in a 'special' ward.

Before ~2000-2005: Turn on TV, brief pause while the flyback gathers its strength and then the crisp Pfff and gentle crackle of a single electrical raindrop landing as the CRT kicks into life and any fluff within 10 metres gently adheres to the screen. If you're fancy then from the late 90s onwards replace this with plasma screen contemplating whether or not it's going to start this time.

~ 2007- 2012: Turn on TV, wait while digital signal is acquired. Find multiplexes need rescanned.

~ 2012 to present. Turn on TV, wait while it boots its OS, connects to the internet and uploads your recent viewing history to Google. Discover iplayer no longer supported by this device.

Short period, ~ 2005 - 2007. Press power button, LCD comes to life, TV is being watched.

Whoop! Robot/human high-fives all round! Oh, my fingers have disintegrated

ibmalone Silver badge

I recently bought a glass cover for an oven lamp from Amazon. They now email me with suggestions for similar glass covers. And, just in case I should accidentally render them relevant by breaking the replacement, the covers are for different models of oven.

Though I do wonder if the "obviously stupid" suggestions are a cover for more subtle stuff.


Ubuntu, Wikimedia jump ship to the Libera Chat IRC network after Freenode channel confiscations

ibmalone Silver badge
ibmalone Silver badge

Re: "confiscated by the new freenode management."

Not run, have channels named after. After all, Lee himself claims this is about brand representation. Like if you or I were to launch 'Ubuntu magazine'. The real slippery slope would be whether this would affect people like local user groups, but, since you get to choose how far to enforce, that doesn't seem like a problem.

1Password unsheathes Rusty key, hopes to unlock Linux Desktop world

ibmalone Silver badge

Re: Not a fan

Thanks! Pints all round.

ibmalone Silver badge

Re: Not a fan

Saying, "Do you know who I am?" in a loud voice.

NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro

ibmalone Silver badge

"The passwords / API keys were not supposed to be public; by keeping a copy you are creating the possibility of holding them to ransom for their private data in future, to which they reacted quite understandably."

Not true, as it assumes the researcher is the only person who accessed this publicly accessible data. The assumption should be an unknown number of people with much shadier intentions also grabbed it and kept it without being courteous enough to notify the organisation of their actions. The minimum response should be to change the keys against that eventuality (which apparently was done), at which point that information cannot be used for ransom any more.

NHS App gets go-ahead for vaccine passport use despite protest from privacy groups

ibmalone Silver badge

No need to worry

Friends who've attempted to use this app in the past find it doesn't recognise their details anyway. Can't leak personal data if you can't access it! Clever.

Fancy a piece of sordid tech history? Fleabayer is flogging the first production Spectrum Vega+ console for £1,500

ibmalone Silver badge

'The machine, described as "never used"'

"Gaming performance rating is close to 0,"

I guess they bought two then?

Facebook, it's cool to see you using Rust and joining the foundation, but please don't Zuck it up for all of us

ibmalone Silver badge

Re: Rust - the language for coders who can't.

Can you imagine what will happen when programmers don't have to spend mental bandwidth on navigating bear traps?

Helsinki Syndrome: Ubuntu utterly fails to boot on metro

ibmalone Silver badge

Re: Hopefully..

I can't say for sure it would have worked, but the default for that (not actually linux) grub screen is usually to boot the default (normally first) option after a certain time (default 5 seconds). So to get here that has either been disabled or a key has been pressed to interrupt it. It's the equivalent of starting windows boot manager and then leaving it there.

University duo thought it would be cool to sneak bad code into Linux as an experiment. Of course, it absolutely backfired

ibmalone Silver badge

Re: A punitive sanction against the Uni for approving it

Point 3 leads back to point 1, it's not security theatre in that sense, it is blocking explicitly the organisation whose processes are flawed.

I do have some sympathy for the IRB, they are generally there for looking at human research (animal research too in the places that do it), which is very important. It may simply not have occurred to them this was something that needed oversight (which brings us back to point 1, because the institution as a whole must realise there is a need for ethics beyond the medical faculty).

Lock up your Peloton smart treadmills, watchdog warns families following one death, numerous injuries

ibmalone Silver badge

Re: Prime Example

I can sort of understand the model, since the ongoing classes are a service, but they cost more than what my gym membership costs, which gets me access to equipment and some free classes. There is quite a big range in treadmill quality, smallish home ones don't really compare to the heavy duty ones many gyms use, not sure where the tread+ sits in that range. (Though I do remember the council gym back home where the max speed was 16km/h and it would overheat and have to cool down if you went above about 12km/h for a few minutes.)

Home office setup with built-in boiling water tap for tea and coffee without getting up is a monument to deskcess

ibmalone Silver badge

Re: Wrong way entirely

We've got one of these in the office (I believe it's still there. The tap that is, not the office. Well, maybe the office.), not sure what brand, but it's insufficiently hot for tea. Okay for instant coffee if you're desperate. However, there are a few scattered around my employer of different makes and they all have a safety feature to stop you dispensing hot water by mistake, generally you need to depress or activate two buttons at once. More interested in the lack of a sink for the tap, any drips or accidentally dispensed cold water are going all over the desk.

Airline software super-bug: Flight loads miscalculated because women using 'Miss' were treated as children

ibmalone Silver badge

Re: I would have thought...

Just testing...

ibmalone Silver badge

Re: I would have thought...

So, for my non-aviator understanding, the limit is that you need a large enough time window between what I'd think of as take-off speed (Vrotate) and the tire speed limit (hopefully lower than Vr for still days) to actually take off? And accelerating too fast would be an issue for that.

ibmalone Silver badge

Re: "the company ignored that question"

This would at least tell you "adult". "Prince"/"Princess" would be less clear. (Also "Cardinal" in the past, but I think that has meant adult since the invention of air travel.)

ibmalone Silver badge

Re: "using DOB to calculate"

In the course of browsing this thread I've checked EasyJet, Aer Lingus, Ryanair (I know), BA (also, I know...). All have an adult ticket category 16+ and infants (<2yrs), all except EasyJet further divide <16 into ~12-16 (teens/young adults) and 2-11 (children).

ibmalone Silver badge

Re: 11 stone..

When buying tickets you generally have to select adult or child (the first UK airline I looked at to confirm this has categories infant (<2) child (2-15) adult (16+), yes those are their ranges, don't ask me what happens to someone whose 16th birthday is while in the air).

Ex-Geeks staff lose legal bid to claw back withheld training costs from final paycheques

ibmalone Silver badge

Re: I'd challenge the Director Cost

Still doesn't feel right, the employees are being billed for higher-up's time required to check over their work and make interventions they feel necessary? That sounds less like a company and more like a pyramid scheme.

Google putting its trust in Rust to weed out memory bugs in Android development

ibmalone Silver badge

"It is strange that if you mention zero initializing memory in a C or C++ project, everyone says that is inefficient and would laugh."

Not quite the same thing as this:

"Additionally, Rust requires all variables be initialised before use"

Initialising memory does have an overhead, though whether that matters depends what else you're doing. In C you have a choice between malloc and calloc when allocating memory, which is a clear distinction, in Rust you are generally going to be dealing with objects such as vectors, and can do things like with_capacity https://doc.rust-lang.org/std/vec/struct.Vec.html#method.with_capacity to allocate without initialisation. Rust will generally prevent you getting hold of uninitialised memory directly, but you can do it if you really want.

Initialising variables though, in C:

int a;

Is absolutely fine, but try to use a before assigning to it and you're into undefined behaviour territory (unless it's global scope, in which case a is initialised to 0). Rust insists on

let a = 0;

Or whatever value. To avoid duck typing and be able to change "a" later too, you're going to need:

let mut a: i32 = 0;

I'm not 100% convinced about initialisation as preventing bugs; generally the real bug is "forgot to assign something relevant to this declared variable later", which this doesn't really solve. It may mitigate bugs, by making them more reproducible and preventing information from the application's memory leaking out though. (And possibly mask a subtler class of bug where you're unknowingly relying on the initialised value rather than the value you meant to assign later, but that's one for testing.)

ibmalone Silver badge

Re: More attention

Much pain could probably have been avoided by providing such functions as an extension to the standard libraries. Sure, many of the functions are the way they are due to efficiency reasons, but think how many bugs could have been prevented by providing a standard asprintf for example.

Ruby off the Rails: Code library yanked over license blunder, sparks chaos for half a million projects

ibmalone Silver badge

Re: People are still using RoR?

It's not that PHP doesn't try to hold your hand, it's that it tries to turn your hand into some kind of squid creature, and before you know it it's wrapping its tentacles around your neck, and oh God, they're in my mouth, it's going down my throat, help I can't breathe...

ibmalone Silver badge

Re: GPL and XML

Clarification for section 2

"But when you

distribute the same sections as part of a whole which is a work based

on the Program, the distribution of the whole must be on the terms of

this License, whose permissions for other licensees extend to the

entire whole, and thus to each and every part regardless of who wrote it."

Additionally condition of section 1:

"appropriately publish on each copy an appropriate

copyright notice and disclaimer of warranty; keep intact all the

notices that refer to this License and to the absence of any warranty;

and give any other recipients of the Program a copy of this License

along with the Program."

Plus the existence of the LGPL for such a purpose also makes the intent plain.

ibmalone Silver badge

Re: GPL and XML

No, 'data' is not specific enough. GPL says you're only licensed to use the work on another work if that work is made available under GPL too. You can't say, "It's only a little bit." Any more than you could use work available under any other license without following the license terms. What you may be trying to say is this is a collection of information that's copyright exempt, in the way telephone numbers are, but if we're in a world where library headers are copyrightable then I wouldn't be too sure about the status of a particular type of collection unless it has been tested in court.

ibmalone Silver badge

Re: People are still using RoR?

PHP is best thought of not as a language but a collection of macros that were found in the bin of a dot com round about 2000.

ibmalone Silver badge

Re: Last will

It's also possible to waive most rights under copyright, IANAL, but I suspect this could be done in a will.

Shedding the 'bleeding edge' label: If Fedora is only going to be for personal use, that doesn't work for Red Hat

ibmalone Silver badge

Re: seriously? after the CentOS debacle?

He's seemed relatively decent from the distance I've observed him in the past (used to hang around the Fedora mailing lists more than I do now), but I'm sure he's got lines he has to take here.

ibmalone Silver badge

Re: Gnome is shite

Yes, I've stopped trying to use KDE internet stuff, and the less said about Calligra the better, but Firefox, Thunderbird, LibreOffice work fine. (I do still use Evolution for contacts, because I never bothered moving them over...)

ibmalone Silver badge

I've been using Fedora on the desktop at home since it started and am pretty happy with it, one or two things that were not well-maintained have eventually dropped of, but there's generally been some replacement (I suppose that's life). I'm less interested in stuff like Btrfs though, and have been using KDE rather than Gnome for years now. It's not really clear how Fedora can be it's own thing, but also a test ground for RH. Additionally if the squeeze is being put on CentOS in production, then who would now consider Fedora for production and believe the same wont happen?

Microsoft 365 tries again at filtering swearing, bad behavior: Classifiers for seven languages offered

ibmalone Silver badge

Seven languages you say?

Wake me when I can change the default dictionary for new documents.

City of London Police warn against using ‘open science’ site Sci-Hub

ibmalone Silver badge

Re: Which would you rather do?

"login to your institution's library and follow what may be lengthy procedure to get it?"

Generally, if you have an institutional subscription, this is now a very streamlined process. The publisher usually has a 'access via my institution' button and you authenticate through shibboleth or openathens, no need to go through your library site in most cases. (The more annoying ones are those that instead check institutional IP, so with things as they are have to be accessed via VPN.)

ibmalone Silver badge

Re: Just go to your local library

The British Library is only the local library for a handful of people who live around Pentonville Road.

I've just checked, and ordering an electronic copy of an article from NeuroImage as a private individual I get quoted a cost of £50.

So, accessible then.

ibmalone Silver badge

I'm not often corresponding author, but I distinctly remember one paper where, at the proofs stage (after acceptance), the copy for approval came back with one real word systematically replaced with another that wasn't in the dictionary (English or American). So even the tampering is not out of the question. (In hindsight, my suspicious mind wonders if this isn't a way of introducing subtle new copyrightable aspects.)

ibmalone Silver badge

Re: Elsevier raided by PIPCU

"Most papers are released under Create Commons licenses"

Citation needed? I mean, I'd be perfectly happy with that, but I don't think it's true. We're increasingly expected by funders to publish open access, which is also a good move, but not quite the same thing, and to put our publications in our institutional repository (which I think is now a REF requirement). But, I still see plenty of copyright assignment forms for submissions, even when they're to open access journals. The legal standing for it seems really shaky with, as you point out, no normal form of restitution to authors, but I'm sure there's some way to wriggle out of that, maybe they'd argue that you get 'exposure' in exchange.

ibmalone Silver badge

Re: Except a lot of hard research isn't paid for by the university.

Many journals require copyright assignment. As the author or coauthor you have to agree to a statement that transfers copyright to the journal before publication. Despite, as you say, having done the work, the writing and, unlike any other such arrangement, not getting getting a penny from them for it (in open access cases often paying them).

However I'd certainly disagree with goldcd, the journal publishers themselves are not the arbiters of quality you believe them to be, that rests on unpaid peer review and academic editors. Prior to the scooping up of journals by the large publishers often they were run by the associated academic society itself (some of which morphed into giant publishers themselves). Scrape through the title of many of the big publishers and you'll certainly spot some journals which are less than persuasive in their contents. Conversely some influential papers in a few fields are still only on arxiv, not officially 'published'.

ibmalone Silver badge

Re: "data and research ... is ... more strategically valuable ... than copyright-busting"

Minor addendum:

"Scientists do research - paid by the university" ... and charities and public funding bodies. (For all the others too.)



Biting the hand that feeds IT © 1998–2021