Posts by vtcodger 2029 publicly visible posts • joined 13 Sep 2017
But my date of birth, name, etc haven't changed in years
Well then. It appears to be past time to change them. Yes, all of them. And put in place a program of periodic changes. And do not use simple change patterns like stepping your middle initial by one with every update. Casual attitudes toward security simply will not do in this day and age.
"There is a solid use case for self driving cars."
There is indeed. But I'm a little hazy on what's supposed to happen when, for example, the car encounters a situation beyond its capability and tries to turn control over to a blind or incapacitated driver.
Not a real load time check, but I tried 68k.news with dillo whose claim to fame is that it renders html very quickly. And indeed, for those news links that worked -- which was most of them -- the rendering was lightning fast and far more readable than using links or w3m on google news.
I think IBM is evolving into a self-cancelling entity. Within a decade or two it will probably shrink to a CEO, a board of directors, 6000 lawyers attempting to enforce the ever-shrinking patent portfolio, and a temp who answers the phones, empties the trash and pays for pizza deliveries. Any profitable subsidiaries will have been sold off.
per Wikipedia;
The original EMACS was written in 1976 by David A. Moon and Guy L. Steele Jr. as a set of Editor MACroS for the TECO editor.[2][3][4][5][11] It was inspired by the ideas of the TECO-macro editors TECMAC and TMACS.[12]
Nonetheless, GNU emacs surely wouldn't exist without Stallman. It's an impressive accomplishment even if there are only 17 people in the world who have fully mastered the obtuse and non-intuitive keyboard interface. And that's only one of his accomplishments.
I gather that Stallman is a difficult individual. Perhaps the desire not to have to work with him is understandable and even justified. If the FSF board doesn't want him, that's OK I suppose. But why not give him a title and allow him to write the odd manifesto and even ask his advice from time to time? Seems to me that the FSF might be a happier and more effective place if they made some effort to get along with him.
"The same could have been said, at the time, for many technologies or infrastructure projects we now take for granted."
That's a valid point. The problem is that many automotive technologies have taken a long time to mature in the past and that may well be true in the future. It's sort of OK if the entertainment system is a bit obtuse or attempting to change the heater settings can somehow dump you into the panel lighting backcolor logic. It's not so OK if the overly helpful traction control systems attempt to put you on someone's front lawn when roads are icy or refuse to let you climb a steep hill.
One point being that it takes time for this stuff to mature, and safety related capabilities are exactly where trial and error is almost certainly not a good idea.
A second point being that car salesfolk ARE sales folk. They put considerable effort into overselling dubious or even dangerous "features". They are, if anything, less trustworthy than politicians. It's probably not prudent to give too much credence to their claims of efficacy.
"The decision also directs self-styled "Technoking" Musk to delete a May 20, 2018, tweet because it implies workers must give up their stock options if they unionize."
They want Elon to delete that wrongheaded (and illegal) posting? Why? It' seems far more appropriate to have the tweet tattooed on Musk's forehead and forbid him from having it removed for some reasonable time interval -- five years perhaps.
from Wikipedia "The Apollo flight computer was the first computer to use silicon IC chips. ... The computer had 2048 words of erasable magnetic-core memory and 36 kilowords of read-only core rope memory. Both had cycle times of 11.72 microseconds. The memory word length was 16 bits: 15 bits of data and one odd-parity bit."
Which is to say, nowhere near as powerful as an Apple-IIe or the original IBM-PC. Probably coded by one person or a handful of people in assembler. Probably not capable of managing most of the subsystems in a 1999 Toyota Camry much less those in a modern fighter-jet.
We've moved on a bit.
Not that there isn't a lot to be said for keeping things a simple as possible.
As for Agile. Haven't tried it or seen it tried, but creating satisfactory mission critical software is not one of the things I would expect it to be capable of.
I suppose your programmers can drink the stuff from the vending machines in the hall. Whatever it is, it is black, bitter, and quite possibly contains a stimulant. I don't know what it is made from. I don't think anyone does. I'm pretty sure that no one wants to know what's in it. But I'm pretty sure that it contains little or no actual coffee and therefore should continue to be available.
Upvoted because I'm pretty sure you're right. It'd be like .zip or .tgz files being able to run code from their package and doing so by default as opposed to only after asking or, in a script, in response to an enabling command line parameter.
from the Python 3.9 documentation (in red)
Warning
The pickle module is not secure. Only unpickle data you trust.
It is possible to construct malicious pickle data which will execute arbitrary code during unpickling. Never unpickle data that could have come from an untrusted source, or that could have been tampered with.
Consider signing data with hmac if you need to ensure that it has not been tampered with.
Safer serialization formats such as json may be more appropriate if you are processing untrusted data. See Comparison with json.
Probably not a super situation for files distributed to/by world+dog.
...maybe fixing the fix it sent out to fix the fix that broke printing...
Perhaps Microsoft has decided that it is, at long last, time to take that "Paperless" thing seriously. Just think of all the desk space we'll gain without printers. And, we'll never have to complain about the cost of printer ink again.
One of the most important areas where restricted rights is critical is in the web browser.
Good point. Any thoughts on how to warn users that they are about to run a scripting enabled browser as a privileged user? There's probably a way -- at least in Unix. But nothing pops into my mind. Especially if said browser is already running in another window/workspace for some good reason.
"Pedants get annoyed; literate readers assume you are lazy."
I don't know about anyone else, but I usually assume that writers who use less instead of fewer are coming to English as a second or third language and are mentally translating from some dialect that has many too many or many too few vowels, way too many accent marks, and possibly distinguishes between inclusive and exclusive or. In general I'm surprised at how well they do compared to my pitiful attempts at German, Spanish and Japanese.
Yes, really, a rock. I picked it up last Autumn during one of the periods when travel was allowed. It's fist sized chunk of glassy grey chert with a rather drab fossil imprint on one side. Except when I look at the fossil carefully, it turns out to display many walking legs and other appendages of a Cambrian(?) arthropod. Such rocks are not unheard of, but they are quite uncommon. So it is a most unusual rock. If I can just invoke the magic of blockchain, surely it will become a very valuable rock indeed. Conventional blockchain looks to be a bit much for my two decade old computer to handle. And I'd have to actually understand it. Which I don't. And don't want to. But the actual cryptology used doesn't seem to be critical. So maybe I'll just use ROT13. Anyone know how I can contact Christies once I've worked out the mechanics and properly blockchained the thing?
Seriously, my plan is to contact an expert someplace where they have paleontological research collections and see if they want it. But I'm taking some photos with different magnifications and lighting first.
Recommended reading: "Only Yesterday" by Frederick Lewis Allen. The book was written 90 years ago in 1931. It describes the excesses of the bizarre decade between 1920 and 1929. Disturbingly,those of us watching the current decade unfold will feel entirely too at home back then. It's really quite a good read. Let's hope that the 2020s don't end as disastrously as the 1920s. http://americainclass.org/sources/becomingmodern/theage/text2/text2.htm
I'm not all that big a fan of vehicle autonomy as it is VERY difficult to do properly. I think that operations like Uber and Tesla should, based on their records, be banned from further participation in the technology. We'd all be a lot safer without companies that prioritize profits over safety. But, I must say that Waymo does seem to be taking safety seriously and has compiled an enviable record. Good for them.
There are classes of accidents where autonomous vehicles will surely outperform humans. For example, there are incidents labelled "Looked But Didn't See" (LBDS) or Looked But Failed To See (LBFTS) where a human driver -- often but not always elderly -- looks at oncoming traffic, presumably sees a vehicle or pedestrian, but somehow the information never makes it to the brain. That presumably won't happen with properly designed autonomous systems.
That said, I think that there is probably a class of accidents caused by autonomous vehicles failing to recognize or improperly catagorizing entities. And another class caused by situations that humans recognize as problemetic, but computers won't -- bad/confusing signage, non-standard traffic control devices (a blinking red arrow currently may not mean the same thing everywhere), humans attempting to direct traffic flow, livestock on the road. There's also the problem of undetected hardware failure. I don't know how you'd simulate things like that. We may not know how safe autonomous vehicles are until they are in general use
Anyway -- autonomous vehicles are probably going to happen. Not as soon as many people think, but within a decade or two. Let's hope they are designed by people who take safety seriously and are regulated by entities that are not puppets of the car industry.
Why stick the terminal on top? Why not just the antenna with the "terminal" squirreled away in the boot, or built into some other cubby hole?
For one thing, unlike satellite radio -- Sirius XM for example --the internet requires a two way conversation. You need to use the antenna for transmitting as well as receiving. You can presumably get away with a suboptimal but asthetically pleasing, antenna configuration for reception as long as the signal/noise ratio is decent. When transmitting however, you probably need to properly aim your transmitted signal at the satellite.
Of course. But it probably never occurred to McAfee, or anyone else, that doing so might be illegal.
Tax evasion on the other hand ... Governments have taken the payment of taxes seriously since biblical times. Surely everyone knows that. Perhaps his plan is to throw his accountant(s) to the wolves.
"reports are suggesting the Biden administration will create a task force to address the Hafnium attack and its aftermath."
I'm sure they will. And in 8 to 14 months we'll get a 470 page report that maybe 17 people will read. The basic problem -- which is that we don't seem to know how to build software that connects to public networks, does anything useful, and isn't vulnerable to attacks -- will not be solved.
It's not exactly fast though, swimming at roughly 5cm per second.
If I haven't mislaid one of those pesky decimal points, that's 3m (10 feet in American) per minute -- about the speed of a teenager reluctantly mowing a lawn. Probably good enough for government work as the saying goes.
"The expectation that a human will be capable of taking control on demand effectively is fundamentally flawed."
That's correct. And that's why Tesla's license to kill should be revoked.
But that's surely not what the Honda-jin are talking about here. As I understand it, this system is designed for traffic jams, and only works at low speeds (under 40kph?). There presumably aren't going to be any kids chasing balls in that environment although it'll presumably brake if one turns up. It's designed for "The road seems to be covered with some mysterious substance (might be water, or mud, or maybe snow, or perhaps lava. My program does not cover that. I need help .. situations)". Stopping and pulling over to the side if possible until humans take over seems the appropriate response. How well that works out in practice remains to be seen.
And if a webpage refuses to load without JavaScript I simply move on.
Well, yeah. But how many sites actually work without Javascript nowadays? Ironically, Google search seems to be one of the few things that still runs in old fast browsers like links or dillo. It gives you links (sort of -- it actually hijacks them so it can file away information on what you clicked on). But they rarely work well. Blocking JS would seem to seriously decrease the utility of the internet for most users.
what has Google cooked up to replace cookie tracking to sustain their own ad business?
Short term, they may not need to replace cookie tracking. They already know everything they care to know about you and me and most everyone else on the planet. Their competitors mostly know less. Bingo! Competetive advantage.
Of course long term their vast data store will go stale. But it's 2021 and who cares about the long term as long as the money flows copiously this quarter and next?
Why bother to try to read the EULA? We all know that it says "You agree to send us money and we don't promise to do anything -- at all ... ever -- in return" in about 100,000 carefully chosen, incomprehensible, words.
As far as I can see the only hope we consumers have is that a vengeful and angry deity will someday turn up and start casting nasty vendors and their legal staffs into a blazing pit. I do not anticipate that happening any time soon.
To date I've never had a RAM failure.
You've never had a RAM failure that you know about. How would you tell?
Few remember today, but early PCs had parity bits on memory. But back in the days of $100 a megabyte memory, PC makers -- with a lot of nudging from Microsoft -- quietly removed the parity bit from their personal computer designs. Fewer bits, cheaper chips, cheaper products, same profits. (and more memory hungry Windows sales for Microsoft).
Since that time, the only way to confirm a RAM failure on a consumer PC is to swap in known good memory -- preferably with identical specs so as to avoid BIOS tweaking. It's possible -- not certain -- that many weird or intermittent computer failures are caused by defective RAM rather than faulty software. Not that there isn't plenty of the latter.
In fairness, it seems to me that the problem is not Javascript per se (although in my limited experience, it seems a bit Klunky). It is partly people who insist on using JS to do things that are either easily done in HTML/CSS or simply shouldn't be done at all. And partly the fact that JS is far too capable and is thus a suitable vector for malware.
Probably what is needed is a ban on stupidity (good luck with that) and/or a safe JS subset that confines idiocy to tinkering with graphics and makes silent tinkering with file systems and such pretty much impractical. Realistically, that's likely not going to happen either unless/until things get so bad that the connected universe is pretty much unusable and profits start to suffer.
They're tracking you when you do DNS lookups. You don't mention handling that yourself.
Smug Bastard probably has the URIs of all 17 web sites that still work without Javascript pasted into his huge hosts file. If it's found in the hosts file, there's no DNS lookup , right?
Can you imagine the QA inspector not noticing that the circuit board doesn't match the scheme they're inspecting against?
I know that's a rhetorical question. And there is some validity. But the short answer is "Yes, I can imagine that." Assuming that there actually is a QA inspector visually examining the output, they are probably looking for missing or improperly aligned components, gaping cracks, solder blobs and the like, not stuff that looks proper. As long as the board passes functional tests, my guess would be that it ships. (And yes, I've worked in places with serious hardware QA).
it's like a coffee filter except for cats.
My first thought was exactly the opposite. Surely a kitten filter keeps kittens out of your computer. I think most computers must come with one. And they seem to work much better than most tech as I can't recall the last time I saw a computer infested with cats.
What popped into my mind reading the article was Franz Kafka's 1926 unfinished novel "The Castle". From the Wikipedia article on same
... Dark and at times surreal, The Castle is often understood to be about alienation, unresponsive bureaucracy, the frustration of trying to conduct business with non-transparent, seemingly arbitrary controlling systems, and the futile pursuit of an unobtainable goal.
Sound familiar?
Letter? Silicon Valley. They've moved on I believe. Converted the post offices into boutique vegetable juice bars. Somewhere in Central Asia where Mongolia fades towards Kazakhstan an itinerant musk-ox herder is looking at your envelope wondering if it is somehow usable -- perhaps edible by himself, his dog or his bovine charges. Even if he decides to show it to someone else, that won't happen any time soon.
I wouldn't hold my breath waiting for a reply.
The Google that simply dumps any plaything it gets tired of.
I don't think Google is likely to tire of dealing with security. They may eventually give up because the problem is too intractable. But security of the common computing/communications structure is pretty central to Google's business model. No security on the internet means not much cloud and eventually severely restricted digital advertising and a reduced bottom line. If there is anything Google cares about, it is its bottom line.
There were 24 of them in 2020,
That's 24 that we know of. Anyone want to be there are more out there that no one has noticed yet? After all it seems to have taken about 15 months to realize that SolarWinds had been compromised. Is there are reason to believe that SolarWinds was an outlier?
BTW -- I was doing software test and configuration control in the 1960s before most folks around here were born. It wasn't at all unusual back then for us to be testing patches to patches to patches -- sometimes because the developer didn't fully understand the user's use case and fixed the wrong thing, but more often because there were related issues that no one thought of. It comes as no surprise to me that the situation doesn't seem to have changed much. Something to ponder -- can this cloud thing work if, in the long run, we can't secure the internet?
Not that I care, but isn't on-line gambling largely illegal in the US? ISTR that there was a WTO dispute a couple of decades ago between some speck of land in the Caribbean and the US on that subject that was resolved in favor of said speck granting it a very small exception. But I don't recall the details.
The reasons were not complex.
Greed and stupidity certainly had a role. But there was also a problem with a math tool called Li's Cupola that purported to assess complex risks with great precision. Nobody actually understood the damn thing. But it said that a lot of investments were underpriced. Lots of people assumed that it worked and invested accordingly. After all all the smart kids were using it and they were minting money. Until they weren't. Turns out that the Cupola was ... ahem ... a bit flawed. Here's a link to a pretty good article. https://www.wired.com/2009/02/wp-quant/
I would expect all but possibly the ones rated as highest-risk steer well clear of short-selling,
One would hope. But recall that serious market crashes tend to affect everyone, not just the folks who have been engaging in obviously risky behavior. Example: A major acknowledged cause of the 2009 crash was that vast sums of money were "invested" in mortgage based securities whose risks were, for rather complex reasons, systematically misassessed. When too many mortgages defaulted, the perceived values of some banks and other financial operations dropped. The losses propagated to those who had invested in those investment operations which caused broader loss of value as well causing jobs to be lost which caused more mortgage defaults which ... etc, etc, etc.
"Tesla Autopilot actually has fewer (and generally less serious) accidents per million kM than human drivers."
Downvoted because it's a meaningless "statistic" (how, exactly would you measure its performance considering that there *IS* a human driver who is purportedly managing the drive?). It's very likely a complete fabrication. In point of fact, autopilot is currently just a driver assistance system similar to many others plus some (optional) additional features that mostly seem not ready for prime time. And it generally isn't rated all that well. Here's a typical review typicalhttps://www.consumerreports.org/autonomous-driving/tesla-full-self-driving-capability-review-falls-short-of-its-name/ Bottom line: Sometimes it does what it is supposed to. Sometimes it doesn't. Some of the failures are harmless. Some annoying. A few are kind of frightening.
"Why shall a failing entertainment center (MCU) cause "rearview cameras blacking out ..."
As I understand it, they use the same touchscreen control device(s). There's possibly some excuse for that for the rearview camera I think, there being only so much real estate available for display screens. As for touchscreen controls in a car ... Not all that great an idea from a safety POV I think unless the touch part is disabled when the vehicle is in motion. But what do *I* know?
"Swappable implies plug&socket; In "Old ma Bell" (the old AT&T) these were a no-no"
The average car has hundreds of plugs and sockets. Mostly cleverly arranged so that it's nearly impossible to plug a cable into the wrong socket. Yes they do fail every now and then, but not very often. What's one more?
And, BTW, are you trying to tell me that AT&T's phone network was free of RJ11 plugs and sockets or are RJ11s somehow not plugs?
These folks actually might be close to a real flying car. https://en.wikipedia.org/wiki/Terrafugia They flew a prototype a decade ago with a real human in the cockpit (Is it still a cockpit if it's a car?). It'll be expensive -- roughly $300,000. And about the same payload as a Mazda Miata -- 2 normal humans and a small suitcase. And the driver needs a pilot's license. And despite a lot of promises, they have yet to actually ship even one vehicle. But they seem to have addressed most of the problems of meeting both aircraft and ground vehicle safety standards in a single "car" capable of flight.
One wonders who will write insurance policies for these things and what insurance will cost.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
