Posts by Crypto Monad

Re: Why?

It's not hard to find, and it has consequences for the whole world if it passes.

https://bills.parliament.uk/bills/3137/publications -> https://bills.parliament.uk/publications/52368/documents/3841

An order requires the provider to:

(i) use accredited technology to identify terrorism content communicated publicly by means of the service and to swiftly take down that content;

(b) to use the provider’s best endeavours to develop or source technology for use on or in relation to the service or part of the service, which [achieves those purposes]

"Accreditation" of the technology is punted to the Secretary of State in 126(12) and (13):

(12) For the purposes of this Chapter, technology is “accredited” if it is accredited (by OFCOM or another person appointed by OFCOM) as meeting minimum standards of accuracy in the detection of terrorism content or CSEA content (as the case may be).

(13) Those minimum standards of accuracy must be such standards as are for the time being approved and published by the Secretary of State, following advice from OFCOM.

So at least the standards have to be published, and are not kept secret. It's unclear to me whether the notices themselves will be published, and/or whether the recipients of such notices will be able to publish their existence.

However, note also 126(5):

A notice given to a provider of a Part 3 service requiring the use of accredited technology is to be taken to require the provider to make such changes to the design or operation of the service as are necessary for the technology to be used effectively [my emphasis]

That is: not only could WhatsApp be required to implement client-side scanning, they could even be told to stop using end-to-end encryption, if that were to interfere with the government order.

Re: While the world slowly turns n burns.

I didn't downvote you, but when did it last get an Android security update?

Re: Insanet only selling to Western nations?

it is also the fact we now allow arbitrary code to run on our machines in the form of Javascript, etc.

I won't argue with that, not to mention Word macros, Excel macros, WASM etc.

However, even just opening an image can be enough, for example when there are bugs in image decoding libraries. There's no separation between "program" and "data", and the complexity is mind-blowing.

Re: An interesting experiment

> even the A380 production line came out of retirement.

Citation needed? Existing planes are coming out of mothballs, but I haven't seen an announcement about production restarting.

https://en.wikipedia.org/wiki/Airbus_A380#End_of_production

Re: Am I surprised?

> I wouldn't do that. I would not name an aircraft company "Kaboom!" or "Oopsidaisy Aircraft".

Or a parcel delivery company called "oops", I mean, "ups"?

I once saw a car from a driving school called Impact School of Motoring. It had a large dent in the back. (I promise it's true, but I wish I had taken a photo)

Re: Age Old Architectural Mistake Coming Home to Roost?

> getting rid of the networking to userland now, before it's too late

It's been done - see VPP and DPDK.

But I don't know if anyone has plugged in any endpoint network apps, as opposed to just routing packets.

I bet the original "250 degrees Fahrenheit" figure is +/- 10 degrees at least, even if that was at a single point on the surface.

Hence the translation to "121.1°C" is completely spurious, by about 2 significant figures. The "~" sign implies that this was rounded from an even more accurate figure!

Re: Welcome back Java promise!!!

Sadly, many network and server admin tools were (or even still are) provided as Java applets. Examples include various server ILOs with Java-based remote console, and the Cisco ASDM management interface for their ASA firewalls.

The server vendors have generally moved to HTML5, but Cisco remains a relic of the past.

It was always a pain trying to get a compatible version of JVM and Webstart which worked with them, *and* which didn't violate Oracle's licensing terms (*), *and* which didn't reject the applets due to code signing issues or other problems.

Apple stopped shipping Java way back, from macOS 10.7.

(*) In many cases you would be prompted to download a newer version of Java SE. However, only Java SE 8 8u202 and earlier were free; anything later than that exposes your entire company to a per-seat licensing cost.

Re: Retaliation

In the very arena you would expect responsible, level-headed people to operate, it's all being handled by a bunch of kindergardeners who only know how to throw the toys out of the pram.

True: but better a trade war than a real war.

Re: how long before Jitsi disappears ?

Making your own git server be discoverable isn't a major problem. There are project home pages and search engines.

The problem is that Microsoft will discover it, and will still scrape the content to feed its AI.

Re: Life's history

"They find some isolated spot with very few people around, then land right by some poor unsuspecting soul whom no one’s ever going to believe and then strut up and down in front of him wearing silly antennas on their head and making beep beep noises.”

Re: Misdirection

> 1 milliwatt per square centimeter

Converting to more conventional units, that's 10 watts per square meter. (Compare to ~1kW per square meter for direct solar irradiation)

This means you'll need a receiving antenna 100 times larger than the equivalent solar array working at peak capacity; or 10 times larger than one working at 10% capacity (e.g. on a cloudy day). There's a possibility it could work at night too, although the satellites would have to be able to keep out of earth shadow, and/or relay power between themselves.

At that power density, the "2GW" proposed from the article would need 20,000 hectares (200 km²) of receiver. Even if that can be done with a wire mesh that doesn't obstruct the sky, so the ground underneath can be used for other purposes, that's an absolutely vast construction.

And of course, you still need to buy the kilometer-square solar array, plus microwave power conversion. And more importantly, launch the whole mass into space. And then keep it in orbit (or replace it when it de-orbits).

"We've asked AWS and Intel to confirm that spec is correct" - or just fire up an instance to see!

Also dmidecode (although less useful if it's not bare metal)

Re: IPv6-mostly?

Whether it's NAT44 or NAT64, it still requires CGN to reach the majority of the Internet.

NAT44 means they have to give your device both an IPv4 and an IPv6 address. With NAT64, they only have to give your device an IPv6 address.

By the way, you don't need DNS64 any more, if your device has an embedded CLAT - which is true for iOS and Android, and macOS if you send it the appropriate signals via DHCP and RA options. In fact, you can even open a page by IP address like https://1.1.1.1/ and it works fine over a pure IPv6 connection. The CLAT embeds the IPv4 address inside an IPv6 prefix used by your NAT64 device.

Re: Off topic

> 300 baud is way worse than tedious.....I gave up on Prestel in short order!

When I used Prestel, it was 1200/75 (down/up). A system where I could type faster than the modem could send my keystrokes :-)

I was a big fan of 6800 and 6502, but IMO the pinnacle was the 6809. Two 16-bit index registers: luxury!

Re: ... a capacity of 32 million megawatt hours....

Well, logically they could be talking about the total amount of energy the plant will generate during its operational lifetime. But I doubt it.

As a complete guess, they might mean that it generates 32 million megawatt hours *per year* - which would be about 3650 megawatts, on average.

What they say, and what they mean, don't necessarily coincide. But really, it's the job of journalists to get this stuff right.

Re: IR35 is only "necessary" because dividends are taxed at a lower rate than earned income.

Perhaps the answer, then, is to tax Dividends (and Capital Gains) at the same rate as earned Income?

And perhaps add National Insurance on top as well.

I think it's a good idea - indeed to combine income tax and national insurance too. Then make earned and unearned income treated the same. I see two main sticking points:

1. The hidden tax of employer's NI contributions, where a company pays 13.8% of the salary for the privilege of hiring an employee.

2. Double taxation of corporate profits (i.e. company pays corporation tax, then the recipient of dividends also pays income tax)

Re: Meaningless Product Rename

> By ditching the AD moniker for ID they are able to ditch having to replicate in the cloud all the features they currently support on prem

I don't think they ever did replicate them in Azure AD. They had a completely separate product called "Azure AD Domain Services", where they basically spun up some VMs of Windows Server to act as your domain controller.

Re: Nearly 600% reduction in staff and...

The baseline of the percentage is what you started with, not what you ended up with.

* If you start with a pound, put it on a horse, and end up with nothing, then you have made a 100% loss.

* If you had ended up with 50p, then you would have made a 50% loss.

* If you had ended up with £2, then you would have made a 100% profit.

Hence if you start with 1000 people and end up with 200 people, then you can either say that your staffing level is now 20% of what it was before, or that you have lost 80% of your staff.

Re: "VMware alone can't get that job done"

If it's that much of a [REDACTED] pile of shite, surely the regulator would be doing Broadcom a favour by not letting them waste their money on it?

Re: To Marketing: a Boot to the Head!

Perhaps Microsoft could try marketing advice from plain-speaking Yorkshireman, George Whitebread:

https://www.youtube.com/watch?v=jY4tD2Hbg_A

Re: The usual misinformation and obfuscation

> Surely we should be diverting all the funding from climate 'science' into the 'renewables' lobby so they can waste it building more windmills and solar?

In what sense is building wind turbines and solar "wasted"?

The reserves of oil and gas under the planet are finite: sooner or later we'll run out. We'd better have something ready in time for that.

And no, I don't expect nuclear fusion ever to give power which is cheap *or* clean, let alone both.

Re: It seems like a mistake they won't want to repeat

That claim would have to be on some sort of *implied* guarantees of service - which might work in a consumer court, but not in B2B, where parties are expected to read the contracts they sign.

I haven't seen the contract itself, but I'd expect that it has clauses that explicitly disclaim all consequential damages; that compensation is limited to service credits; that they have the right to cease the service by providing X days notice; and that serving the notice via E-mail is treated as sufficient.

That doesn't mean that they were not jerks. At minimum they should have had brownouts prior to closure, identified the customers still using the service and helped them to migrate, and even at the end they should have *switched off* the service but not *deleted* anything for at least a month.

However, you can be sure that there will be no redress in court for those affected. Maybe some private deals will be reached, but only to sweeten those customers to stay with influxdb and not walk to a competitor.

Re: As much political as technical

I used to live in Fulham in the late 1990's, and twice a day you had to pause for a minute as Concorde went overhead - it was impossible even to speak to the person standing next to you.

But we're not talking supersonic booms here - just regular engine noise. Those were *damned* noisy engines.

Re: Why?

Plus: you'd have to allow the fingerprinting software to be installed on the computer you're probing (e.g. the thing which you suspect of being a bot). But if it's a malicious actor, it will fake its own fingerprint results.

I can only see this sort of fingerprinting being used by software vendors to enforce licensing - much in the way that they used to write intentionally bad sectors to floppy disks in the 1980's.

Re: All of our eggs are going into one basket.

However it would be thrown into the garden, and when you open the box you'd find the Atlas V has been replaced by a lorryload of cat food.

Re: making them Red Hat customers, at least briefly

I expect the next step will be that the SRPMS will become extremely hard to get hold of: not included in the cloud base images, not available to 'developer' accounts, and only available to "Super Platinum Plus" customers on $10K+ subscriptions. (Essentially, under the same sort of terms that you can get Windows source code).

As for clouds, they don't even need to make the kernel binaries visible within the root filesystem. Hypervisors can boot from an external kernel image and initrd.

"crammed" with off-the-shelf components that could have easily been purchased online

... and which were all manufactured in China, for American companies.

Re: Cheaper?

Virgin is far more expensive (the Vomit Comet costs about the same as a first-class transatlantic flight), but the zero G lasts a little bit longer.

I'm unsure about exactly which research projects are enabled by zero G that is longer than 20 seconds, but less than 6 minutes.

Re: employees were happy (31%), motivated (30%) and excited (27%) to be in the office

It would be clearer and more accurate to say:

* 69% of employees were not happy to be in the office

* 70% of employees were not motivated to be in the office

* 73% of employees were not excited to be in the office

Re: $5,000 Fine ... a Pittance for an Attorney

I would have thought that Contempt of Court would be a minimum offence here. I guess it depends on whether they were knowingly submitting made-up citations to bolster their case, or simply lazy and incompetent in not checking what ChatGPT returned. But even lazy and incompetent lawyers need to be punished.

The key point here is: ChatGPT is not a search engine. It's an engine for generating plausible-sounding text.

This is a real example:

"Yes, light is much faster than mobile signals. Light travels at a speed of approximately 299,792,458 meters per second in a vacuum, while mobile signals travel at a much slower speed through the air, usually in the range of a few hundred meters per second to a few kilometers per second, depending on the type of signal and the frequency used.

While the speed of mobile signals is fast enough for most everyday uses, it is still much slower than the speed of light. This is why information sent via light, such as through fiber optic cables, can be transmitted much faster than information sent wirelessly through mobile networks."

This authoritative-sounding style is almost intentionally designed to deceive.

> These are EXPENSIVE products and they may never support non-RHEL installations

Somebody running an "EXPENSIVE" product probably won't object to paying a small amount extra to IBM for an RHEL licence.

But if the upshot is to start pushing the mainstream users into other distros, and then the vendors start supporting some of those distros too, it could be an own-goal for RedHat, with a smaller and less technically-savvy customer base. We'll see.

“Let's think the unthinkable, let's do the undoable. Let us prepare to grapple with the ineffable itself, and see if we may not eff it after all.”

― Douglas Adams, Dirk Gently's Holistic Detective Agency

Re: Old school here

Are the headphone an unofficial "do not disturb" signal?

No.

I will sometimes put a card in my shirt pocket saying "NO MEAL PLEASE", when I'm boarding a flight at 1am and don't want to be shaken awake by someone who thinks I want dinner at 2.30am.

Re: About time!

A big USP of Debian 12 is that it will include a native deb-packaged version of lxd, a container management tool which gives you in effect "lightweight VMs"

lxd is developed by Canonical, and although originally it was distributed as regular .deb, they switched over to snap (which is also Canonical's baby) and dropped the .deb packages entirely, making it incredibly hard to troubleshoot. Debian now gives a way to have snap-free systems with lxd.

Ubuntu still leads the pack for ease of running ZFS on Linux though. You can do it with Debian, but your system will have to re-compile the DKMS modules every time you update your kernel.