Posts by vtcodger 2029 publicly visible posts • joined 13 Sep 2017
... it does not hold that ZFS will get there just because ext4 did.
I believe that ext4 is somewhat backwards compatible with ext2 and ext3. My impression is that ZFS isn't. May not make a difference to those who believe that newer and shinier is always better. But a large fraction of the world operates on the "Whatever can go wrong will go wrong sooner or later" principle. Backward compatibility does matter to them.
I don't know from personal experience, but I once worked on a project that was housed in a facility that primarily supported US Navy efforts. What they told me over lunch and the odd beer after work was that every ship is different, and even if the ships start out identical, by the time they have been back to the yards a couple of times for major maintenance they are unique. In particular, there is a tendency to jam new/updated technology in wherever adequate space, power, and cooling can be found. This results, I was told, in a somewhat disorderly environment. I can well imagine that the 25 year old McCain has no really good place to store laptop computers near where they will be used.
"but the electric park brake saves space in the central console where a physical handbrake would otherwise have to be."
Most US cars in the 1950s and before had bench, not bucket, front seats. No easy way to have a mechanical centerline parking brake with a bench seat. I may misremember, but as I recall, the parking brake back then was usually controlled either by a handle attached to the steering column or by a foot pedal (adjacent to the clutch?)
Maybe a really paranoid smartphone user should have a selection of handsets for the same reason ?
Epoxy should handle the problem of too many physical units. But the user may need bigger pockets to hold the resulting "device". ... or a good sized purse.
And the chargers ... My God -- the cords ... All those cords ...
"It (formally verified code) is very hard to do."
It is indeed VERY hard to do. On the positive side, even a failed attempt is likely to be a lot higher quality than typical code. The downsides: It's expensive and quite possibly impractical to do except perhaps for some mission critical components. And it likely won't get you to market very quickly. The management isn't going to like that.
Then there's the issue of how you know the "rigorous" specification is bug free. If it is, why not write a compiler and compile the specification?
Nonetheless, it's possibly the best idea currently available for potentially producing "error-free" code. So long as we all understand the "error-free" doesn't always and inevitably mean that it will do what you need it to do.
BTW Formal Specification was what Edsger Dijkstra was working on when he wrote his "GOTO considered harmful" letter. I think his point -- which I think hardly anyone really understood at the time -- was that practices like jumping in and out of code sequences based on flags was not only likely to add bugs, but was going to make an already extremely difficult verification process much harder.
https://xkcd.com/292/
"I don't think so personally. But hey, each to their own."
Let's hope you're right. But, let me suggest that you think about the issue from time to time. And remember that the issues include not only information security, but securing infrastructure, ballot security (why would any sane person connect a voting machine to the internet?) and a host of other things.
I don't think Plan A is working or is likely to work. I'm not wild about my Plan B, but it's possibly doable. What's YOUR Plan B?
"5000 years to accumulate 100m CVEs."
Yep. I'm suggesting that You, and everybody else are vastly underestimating the number of potential security issues in modern hardware and software. Not every bug can be exploited of course. But a lot -- maybe 2% or 3% of the total coding and design flaws -- can. And "flaws" includes things that don't look like problems at all until someone figures out how to use them as attack vectors. Heck, the patch mechanism itself can be (and has been) used as an attack vector -- and probably will be again.
And keep in mind that if, as in this Android case, a security bug is present in dozens or hundreds of discrete products, it has to be patched and tested by dozens or hundreds different entities, then installed by thousands or tens or hundreds of thousands of entities. How likely is that to actually happen?
What I'm suggesting is that information security in a highly connected world is very likely Y2K on steroids and nowhere near as easy to fix.
Think about it for a while. Unlike climate change, specious immigration crises, flesh eating bacteria and other media favorites. Information security just seems to get more frightening the more one thinks about it. For example, point your favorite search engine at the term "data breaches". It's clear that everyone has their own numbers and some of the apparent increases in data breaches are surely due to better reporting. But it certainly seems that the rates of data compromise are increasing substantially over time. And that's just one aspect -- probably not even the most critical aspect -- of information security.
Now for the bad news. When exactly these fixes will filter down to actual Android users is not clear
What's unclear? Many, maybe most, of the vulnerable devices won't be fixed -- ever.
Let me add that if the number of major flaws potentially affecting security is -- at it appears to be -- very large (I'm thinking maybe 10**8 or so potential CVEs ... and growing daily), patching our way to security is simply unworkable. It won't/can't happen.
Likewise, expecting manufacturers to always deliver secure code and hardware is expecting the impossible. Probably they could do better, but it's far from clear they can do well enough -- even if they actually try -- to make much difference.
What's the answer?
My personal (inadequate) answer is to not own a smart phone, not use on-line banking, avoid PayPal and other digital dens of thieves as much as possible, and to back up my PC every other day. But I'm still exposed to security blunders by merchants, conventional banks, credit card companies, utilities, etc,etc,etc that have a real need for data about me.
Collectively, I think the answer might be something along the line of rethinking this "everything should be connected" idea. Maybe much less should be connected and what is connected ought to be subject to some rules based on a serious concern for security and user safety. I'm not sure that's enough, but it might be a start.
"... send recursively calls itself every 30 milliseconds (!). They really don’t care about performance. ..." [https://blog.jse.li/posts/marveloptics-malware/] cute
No damn wonder that my Javascript enabled browsers (Firefox, Opera) are prone to lock up occasionally if I browse beyond the Reg, Wikipedia, Phys.org -- despite my blocking most advertisers in the hosts file in a token attempt at self-defense.
It's pretty clear that Javascript (and similar technologies) must die. They are simply way too capable for end user safety. The issue should be how to get rid of them in an orderly fashion not whether they can/should be tolerated.
Just Wonderful. So now, at the behest of advertisers, we are potentially creating a situation where a website will work differently on machines with slow disks than those with faster disks even within the same household or business. "No Madam Librarian, I don't want the new PC. weareslimeballs.com doesn't work there. I'll wait for the old 486 in the corner."
Will advertisers push for this? What do you think?
You telling me that Collecting vast amounts of personal data on members of the public and failing to protect said data can cost you money? In a saner world, that might be a problem for quite some number of high tech business plans. My guess is that not one company or business anywhere -- including Capital One -- will learn anything from this.
Note that I have a VERY small amount of sympathy for Capital One as unlike Google, Facebook, etc,etc, etc Capital One has an actual NEED to retain some sensitive data on users. I'll reserve any additional sympathy until we see how hard Capital One tried to protect that data and whether their files contained gratuitous customer data unrelated to their banking businesses.
US authorities may attempt to seize any earnings from the book, if not try to prevent its publication.
One thing we know about Snowden is that he's not stupid. And I doubt his publisher's business people are crazy. I imagine the book will be published in Russia, China, and/or some country that Trump has managed to aggravate. (No shortage of those). And that any revenues will not flow through the US banking system. About the worst that's likely to befall the book is a lot of free publicity, and possibly US residents wanting a hard copy having work out a deal with a book dealer in Toronto, Freeport, or Tijuana for a while.
2. What in-house talent does it actually have?
In my experience, the US government has a large number of people whose only job is to understand what their contractors are up to and to keep said contractors in line. While the results are something of a mixed bag, on the whole, the government folks do a better job than one might expect. The contractors ... well, IMHO that's a different story. There are reasons that those companies are known collectively as "Beltway Bandits".
Other than that, in three decades of Military Industrial Complex work, I only encountered a few hands on technical people who actually did stuff much beyond the "follow the manuals" level. The ones I encountered were very good, but they were an exception.
So, we 21st century geniuses require a lot of elaborate and quite likely buggy electronics and logic to accomplish something a 19th Century locksmith could have worked up in a couple of hours -- a lock and physical key to restrict access to valuable information. Maybe we're approaching this wrong.
FWIW, El Mirage is about 15 miles(25km) NW of downtown Phoenix and Goodyear is about the same distance due West of Phoenix. It is said that early Catholic missionaries reported back to the Vatican that in Winter the natives in the region saw no particular attraction to Heaven and in Summer (which lasts about 8 months), they saw nothing about Hell that sounded worse than where they were. It's about the last place I'd put an installation that required a lot of cooling, but maybe Microsoft got a really good deal on land, taxes, and power.
then the debris is likely to knacker your own kit a few orbits later.
Near Earth space is rather large. News media alarmism notwithstanding, the short term chance of debris/stray rounds striking other satellites is (probably) rather small. Long term might -- and I emphasize MIGHT -- be a different story if a very large number of weapons ae involved. In any case, I think it is (probably) possible to arrange the weaponry such that the orbits of the weapon payloads have low perigees and any stuff that misses its target burns up within a few revolutions. Mostly that translates to "within a few hours". That's a cocktail napkin "calculation" and is not backed up by hundreds of simulations showing it to be true. Doubtless folks somewhere have run those simulations. I'm not privy to the results.
It should be pointed out that because of Newton's inconvenient laws of motion, actual space warfare probably isn't going to look anything like Star Wars and similar movies. Nowhere near as photogenic.
If space was closed by junk then ICBMs wouldn't work.
One of the (many) problems faced by Anti-Ballistic-Missile (ABM) systems is that it is perfectly possible to mix a bunch of "junk" in with the ICBM warhead(s). This would presumably be high volume, low mass stuff -- e.g. aluminized balloons designed to have a radar cross-section/signature similar to a warhead. The technical term is "decoys". The warheads will, presumably, be decorated to look like something other than warheads -- a second stage tank fragment perhaps. Eventually, drag will separate the dense warheads from the low-mass decoys, but decoys would make effective mid-flight interception quite difficult if not impossible. I think ABM systems are more popular with politicians than those who design, build and test them.
I don't know (and couldn't talk about it if I did), but my bet is that the major powers -- the US, China, Russia -- have long had the hardware in place to disable the other major power's surveillance and military communications satellites in the event of serious conflict. On paper at least disabling that stuff is not difficult. Satellite orbits are well known within a day or two of launch and they are not very maneuverable. They make supertankers look agile. Taking advantage of the satellite's orbital velocity, it is not difficult (on paper) to hit them with a spread of "buckshot" traveling at speeds on the order of 50000 km/h. That's maybe 5 times the speed of a very high velocity armor piercing round. Even grain of sand sized particles would likely punch serious holes in the lightly built targets. It may, BTW, be easier to disable satellites with a ground based system than a space based one. Trust me on this. This has surely all been thought through by the military of every country with even a token space launch capability.
Pet peave: I've been hearing this "always ten (or 20) years away" stuff for decades. Sorry but I was around in the 1960s, and what I heard back then wasn't "ten years away" it was "60 to 80 years away". That'd be roughly 2020 to 2040. Right now it looks like 2050 or 2060 ... if at all. We might know more sometime around 2035-2040 when ITER is scheduled to be running actual full scale tests ... or not. I'm guessing that it'll take a couple of decades to translate success in the prototype -- ITER or whatever -- to actual commercial power plants feeding energy to power grids. And, BTW, while fusion power (if it happens) will probably be abundant, it may not be especially cheap.
Autonomous vehicles are an entirely different story. It'd probably be possible to deploy a few today in VERY carefully selected venues. Shuttles of various sorts operating on dedicated pathways. The issue is how quickly that can be extended to more general environments where they must cope with pedestrians, human driven vehicles, bicycles, scooters, kids, dogs, (illegally) parked delivery vehicles, construction, accidents, cattle, demonstrations, weather, etc, etc, etc. I'm guessing that'll happen, but gradually and rather slowly. Decades, not months.
Am I the only one to whom this whole thing sounds like one of the marvelous contrivences created by American inventor Reuben ("Rube") Goldberg? See https://en.wikipedia.org/wiki/Rube_Goldberg_machine
The framework is propped up by Node.js which is hooked to the user management which will need an application dependent data base that needs an Object-relational mapping layer and a newly defined user and a connection string in appsettings.json except you might need a container that depends somehow on the choice of central or self contained which then wallops the web server with a fireaxe -- possibly, if everything is in proper alignment, causing the string "Hello World" to be disgorged from the database and displayed to the user?
Is there a point to all this?
My general impression is that the very high fixed costs for semiconductor fabs (up front capital costs plus skilled labor), tend to make it cheaper to produce products and sell for whatever one can get than to not produce. That's sort of like oil wells. Once you've spent millions to drill the thing and committed to land lease payments and such, you might as well pump whatever hydrocarbons you can even if the flow is not what you hoped for. There's a 30 year old report at https://www.nap.edu/read/1890/chapter/5 that tends to support that argument.
US Sen. Ron Wyden (D-OR) put out a statement on Monday blasting the proposals and arguing that company execs should have been personally prosecuted for their negligence in handling the personal information of others.
Jail for corporate officers? Won't happen. I'm pretty sure that the US constitution bars that except for those, like Bernie Madoff, steal from the wealthy. (Mr Madoff -- age 81 -- is currently serving a sentence of 150 years for a long list of indiscretions).
Seriously. Do you folks have any idea what would happen if corporate officers were routinely held legally responsible for their actions?
"Redmond was "deeply disappointed and embarrassed" over the actions of its subsidiary "
Of course they are embarrassed. They got caught. I'm sure that in the future every effort will be made to avoid repetitions of this disgraceful situation -- getting caught.
And it might be a really super idea for someone who knows exactly what they are doing test that battery charge plan ahead of time. Trying to improvise under pressure has a certain potential for turning a potential problem into two current problems -- dead battery backup plus some amount of damaged batteries and equipment.
except talk about user experience
Funny you should mention that, because I just spent 40 minutes getting an image to print something other than blank pages from my wife's Windows-10 tablet to a wireless printer. I generally avoid Windows, but circumstances made that impossible this morning. My impression -- only reinforced by the morning's miserable experience -- is that Microsoft's UI has deteriorated badly since Windows 9 and XP days. Probably too much pretty. Definitely too little useful information/discoverability. I count myself lucky that it was only 40 minutes, not 4 hours.
Absolutely!!! Why -- other than being a basically silly person -- would anyone replace a simple and proven mechanical system with something complex, electronic, non-transparent, possibly buggy and probably insecure? If some Silicon Valley startup was selling electronic paper weights, nutcrackers, and paper clips would any reasonable person buy/use them?
AFAICS, the **ONLY** advantages of electronic voting are the dubiously necessary ability to make last minute ballot changes and the ability to get a quick count. A quick count can be achieved with paper tabulated by OCR. Paper+OCR is, unlike electronic voting, auditable and recountable if problems are identified or suspected.
I think what we're dealing with may be WFIIPS (We'll Fix It In Production Syndrome). Back in the day, "FIRMWARE" was firm -- programmed into blown fuses on a chip ... or maybe hard wired into the silicon interconnections. Upgrading it required prizing out and replacing a DIP package. Or maybe soldering an upgraded chip onto the motherboard. Not surprisingly, the firmware did very little, was pretty primitive, and was virtually never upgraded.
Nowadays firmware is exceedingly flexible. Too much so perhaps. I think maybe too many "firmware" changes are done to fix stuff that should have been better tested or omitted entirely. I think there is a case for firmware should do less, should do it better, and should be much harder to alter. Not solder in a new chip harder, but maybe something along the line of no upgrade allowed until someone has inserted a physical key and turned it to "Service Mode" harder.
And it looks like that day is coming ...
Will that be before or after the wolf will live with the lamb, the leopard will lie down with the goat, the calf and the lion and the yearling together ...?
Google will doubtless make some fumbling attempts to police their advertisers. But nothing that will significantly affect the advertising revenue stream and therefore nothing that will actually work worth a damn. I have some (not a lot of) sympathy for Google on this. How can one police advertisers without sometimes shutting out legitimate businesses? I suspect Ayn Rand failed to address that issue in her collected works.
"Researchers then set up a super-sensitive camera capable of detecting single photons which would only take an image when it caught sight of both the photon and its entangled ‘twin’, creating a visible record of entanglement."
i.e. they filter for some property of two photons, and declare that as entanglement, and the filtering they do is really the cause of the entanglement effect. Let we walk you though how stupid entanglement is and what's actually going on.
-----
Ignoring the rest of the post -- which is way beyond my pay grade and apparently controversial ...
I think the first part (bolded above) might raise a valid issue. As I understand it (or don't), a photon is a massless "particle" conveying one quantum of electromagnetic radiation. How does one image such a thing with a camera? And how does anyone know that the pair of objects imaged are entangled rather than just blundering along in close formation by pure chance?
Hoping to learn something here.
Those two USB-C ports (one of which will be snaffled for charging) still seem unnecessarily stingy for a laptop with ... a Pro after its name
Your reporter(s) probably thought Pro was short for Professional. There are a lot of words that start with the letters "Pro". There's a lengthy list at https://www.wordfind.com/starts-with/pro/ Maybe the intended word is profanity or perhaps problematic.
China km of High Speed Rail=29000. US km of High Speed Rail by international standards=0. (I'd settle for highway speeds, frequent service, not sitting in the middle of nowhere waiting for a slow freight train to clear the tracks, and adhering to schedules)
China stealing train technology from the US seems a bit like the US stealing nuclear reactor technology from Papua-New Guinea
Three billion pounds.....then half a billion a pop for the F35 aircraft.
I'm not a big fan of the F-35. And I imagine that the sticker price omits a few options that will be needed. Comm gear, cup holders, weapons, GPS, that sort of stuff. But Wikipedia says you can buy an F-35C -- the carrier model -- for USD $107.7 million. And that includes an engine as well as, very likely, wheels. That's what, 86,000 pounds each?
Those with long memories will recall when IBM and Microsoft set aggressive goals for OS/2. Leading to "OS/2 = half an operating system". I tried to use it once back in those days. It was, in fact, truly awful.
IBM did eventually tame OS/2. But only well after the marketplace had moved on.
In fairness, WayMo looks to be much more conservative than Musk/Tesla in its approach to vehicle autonomy. Musk gets the headlines and kills a few customers. Whereas Waymo just sort of plods along. But they do have record of managing to share the road with normal drivers without undue carnage. It'd be nice to know what their actual plans and expectations are. When do **THEY** think vehicles will reach full autonomy?
While I agree with some of what you said, I think it's simply more likely that Musk announced what had to happen for Tesla to not fail as a business.
That's certainly a possibility.
Heck, we can't even get Raspberry Pi USB3 right.
They key difference being that a Raspberry Pi that does almost everything right is useful for most folks whereas a Tesla that does almost everything right is a menace.
Solar cell, battery(?), transmitter, gps antenna, and, of course electronics all in a 5g (about 1/6 oz) package. That's pretty impressive.
I'm sure these folks know exactly what they are doing, but with the ISS being in a fairly low orbit (400km, 51 degree inclination), I think they are probably only going to get two relatively short passes (a few minutes) a day over their targets.
BTW, who gets to install the tracking devices on the bears and leopards?
Without denying Elon's occasional failures of candor, he'd surely be an improvement. He at least has organizational skills. And he'd probably notice if he found himself babbling to the assembled multitudes about how the American revolutionists siezed the airports from their British oppressors in 1775. Yes, the Donald actually did that Thursday last https://time.com/5620936/donald-trump-revolutionary-war-airports/
That said, the best place for electric autonomous vehicles IS as city centre taxis
Reasonable, but you are assuming that the problem of driving an autonomous vehicle safely is fairly easily solved. In fact, it probably is not. Centre city driving looks to be one of the most difficult situations for an autonomous vehicle. Too many things going on. A truly safe vehicle would probably look around, assess the probable hazards, stop, and wait until the wee hours of the morning before proceeding (slowly and cautiously) to its destination.
My guess is that it'll be DECADES before an autonomous city centre taxi with an acceptable body count can be built. Expressways, OTOH, are much less complex driving situations if the occasional problems (bad signage, misleading road stripes, weather, construction, etc etc etc) can be handled. My expectation is that Tesla's semi will, if Musk can manage not miss his performance promises by too much, be the company's first successful autonomous vehicle.
I decided to check with the reasonably authoritive source of all that it bad about Tesla -- Seeking Alpha. And I wasn't disappointed https://seekingalpha.com/article/4273612-tesla-demand-mirage
Bottom Line: Tesla demand is probably suprficially OK ... BUT ...
1. New orders are probably largely for vehicles that don't actually exist -- Model Y and a cheap Chinese built Model 3 built for China. You can order them, but Tesla can't currently build them. You can (they assert) order a vehicle currently in production and expect delivery fairly soon.
2. Last quarter, Tesla built 87K vehicles and delivered 95K vehicles. That delivery rate is clearly unsustainable without increased production. There are only so many undelivered vehicles in inventory.
3. Tesla's is no longer promising to deliver between 360K and 400K vehicles this year.
4. Current deliveries appear increasingly to be low end Model3s. Low end means low price and presumably low margin. The margins probably are not sufficient to sustain the company.
As I read it, these particular folks at Seeking Alpha think Tesla is wildly overvalued and have shorted the stock. They DO make a plausible case. But maybe they are wrong.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
