Posts by doublelayer 10899 publicly visible posts • joined 22 Feb 2018
The last articles I read about this put a lot of the blame on Shopify, for example this one. It doesn't mean they're the only or the largest party doing it, but they do seem to be significantly involved. I don't use Ruby sufficiently to know the underlying causes behind all of these and there seem to be problems at many levels.
That's one problem with Alexa and many other voice interfaces. They're advertised as getting conversational instructions, but they're basically command lines. You only get anything by knowing the specific functions and preset phrases that launch them. I kind of thought LLMs would get integrated with these things eventually to bridge that gap, but instead of connecting a tiny model to a list of functions for intent recognition, the companies seem to have decided that what they really need is a chatbot for conversations which nobody wants. I don't use these myself, but I've watched many people get frustrated at the lack of natural language capability the manufacturers sell these as having.
If you don't like the idea, fair enough, but is there a reason you consider voice interfaces specifically so over the line? There are valid problems with some implementations of them, but the concept has plenty of reasons for some people to like it some of the time and a smaller set to use it very often.
"It's one reason I'm keeping our own setup, which needs renewing, mostly analogue."
I don't think Bluetooth is the problem here. Even if everything was analog audio, if it's being driven from an active phone, it'll still ring for an incoming call. Most phones on silent will still play the ring sound through any audio, cabled or wireless, because the software assumes you're not within vibration range and want to be aware of the incoming call, but even if you disable that, they tend to interrupt the playing audio so the incoming call would still silence the music. The problem is what is used to play the audio and the interference of other software on that, so that's the part you should implement differently.
You have misunderstood what happened here. The LLM did not find the vulnerability. The vulnerability was already known and publicly fixed. All the LLM built here was code that could work with the vulnerability that had already been discovered, documented, and for which there was code changes available that make it clear what it was. You're giving it credit for something it didn't do and that impairs your argument about nobody else doing it since it's a thing that multiple people can work on independently and possibly are.
That is why they're constantly lobbying to have governments and/or utilities pay for expansion, all with the promise that the AI companies will be making so much money they'll pay that investment back with interest. In their defense, if they actually ended up completing the plans they want that extra power for, they would usually do exactly that, but since they're not going to because those plans are incredibly expensive and not profitable, the public who either understands it or assumed in the correct direction aren't very keen on being the backstop.
One proviso about your theory is that all of these countries had to experience the leaders you name before they could remove them. It might be an indication that the next such one will have a short time in power, but to demonstrate that they won't get in in the first place requires another assumption that voters in as yet unaffected countries have noticed and drawn the same conclusions as those in affected ones and will remember those conclusions during elections that aren't imminent. Even when people notice and complain about something in another country, the reassuring theory that "it can't happen here" or "this isn't the same" is easy and common.
I'm not sure whether they would prefer it, though it probably would work out better for them as both would likely be profitable. I think I would prefer it, though. It depends on exactly what data they're being required to share here, because it sounds like it's a lot more user data than Google's crown jewels. I didn't see a requirement that Google hand over their search algorithm, but the history of searches, what results were provided, and which ones users chose, hopefully without the user identification and fingerprinting that sometimes goes into those rankings but even that's not clear. I don't see why that would help, but I can see some harms. I'd rather that Google not have most of that, but Google having it is less bad than Google and anyone else who wants having it.
I wonder if any of the laptop farms used KVM switches instead of remote access software because everywhere I've worked would be able to detect the latter too. It would be easier to get away with this with something identifying itself as a dumb external keyboard and monitor since many remote workers would have and want to use their own peripherals. It seems like a relatively obvious countermeasure to that part, leaving only the ID verification part to get around with convincing fakes or stolen documents.
They have details about what they considered on the study page, but they are vague and raw data is explicitly not available. Broadband was defined as things from 30 Mbps up but there was supposedly some consideration of multiple speed tiers, but how there could be with a single reported price is not explained. Contracts including other services were excluded when possible, considering contracts providing internet service alone.
Another thing that makes this data confusing and, in my opinion, not very useful is how they're averaging things. They collected contract prices from a bunch of ISPs and took the average of those. That means if 95% of people have access to a broadband service at $20, offered from five large national ISPs, and the remaining 5% of extremely rural users are offered $100 from 50 tiny monopolies serving individual areas, then the reported average price would be $92.73. That doesn't accurately describe what most people are paying for their service.
Collecting the data needed to give a more representative number would be hard. You'd need to know how many people can access that service and, to be most useful, how many do access it. Anyone who has entered their address only to be told that they can't get the kind of service the map says is available knows this is not an easy thing to collect. Unfortunately, the lazy way of collecting it leaves us with uncertain numbers.
All of those things are problems. Not all of those things are solely problems in the US. Would I be correct that many of your examples are coming straight off Louis Rossmann's many examples of anti-consumer practices? Either way, let's see some examples helpfully collected by his Consumer Rights wiki of how other countries escape or don't such practices:
"in the US, companies sell you an electronic device, arbitrarily obsolete it a year later then deliberately brick it with an update"
Yes, they do. They also do that in in Germany and the UK and Sweden.
"That or changing the T's & C's after you've bought it and putting most of the normal device functionality behind a subscription paywall to ransom you."
Yes, a very big problem. Also a problem in Norway and Sweden and also Sweden.
In the case of laws, other countries have laws implementing similar restrictions as the DMCA's nastiness or have laws that theoretically protect people but don't work; the US's lack of privacy legislation is a big problem, but the EU's GDPR which doesn't get enforced isn't as useful as it should be when it isn't enforced. If you assume that other countries have this handled when they do not, it can lead you into false trust that you can't be affected or false hope that they'll fix it when they're not trying. If you're in the US, you're not alone. If you're not in the US, you're not immune.
No, they couldn't, because in your zeal to defend the English language, you've failed to understand what they were talking about and ended up looking foolish. When they say "rate payers", they mean people who pay for power, to a utility which is not a government, at the set rate for residential or commercial electricity (as opposed to those who have a specific deal for a different payment plan such as reserved arrangements)). In most countries, electricity is not provided by governments and not paid for out of general taxation, so the rates are not taxes, even in those countries where the rates are set by law instead of by the private-ish market.
Language changes at times so people can better understand each other. Sometimes, it changes for annoying reasons that don't help. But to understand whether this is language changing for a logical reason, language changing for an annoying reason, or language not changing at all (this case), the first unavoidable step which many self-appointed language guardians skip is to understand what people are saying, in full detail, and why they chose to say it that way. Only then can an opinion on whether they should say it that way be justified.
Leary also saw the potential of interplanetary travel, the kind where it's cheap and fast and you go to constructed paradise environments. In other words, technology's great when you can invent everything about it without reference to any kind of technical, economic, or human reality. Leary did that kind of thing a lot.
We can always be surprised by faster development of some technology than we thought it would take, but on what do you base your theories that it will come faster? For example, one sense that would add a lot to a VR environment is touch, but it's also really hard to do that. It's hard to do it by connecting a simulation to the brain directly because we don't know how the brain works or how to connect to it safely, and it's hard to do it by creating virtual tactile experience through physical tech because it requires a massive number of moving parts and very precise control over them. If we can't implement touch without significant advances that we're not close to, how are we going to get anywhere near the basic version you describe? You can believe it's coming on faith if you want, but you're not going to convince me or anyone without some fact-based reasons why it's easier than we think it is. The potential if it could be achieved is not that, because a lot of things would be great but we have no way to achieve them.
The metaverse had a lot of time and external companies capable of making better uses for it. It still failed. This means one of these things:
1. There are no experiences good enough for VR.
2. Despite the opportunity, nobody who tried managed to think of any non-boring things to do with it.
3. The technology might still be a limiting factor.
Which one do you think it is? I think it's number three. I think VR could eventually be a very popular thing if we collectively invent all the components needed for sci-fi level VR, meaning you get multisensory input rather than just pictures and basic sound, you have freedom of movement in the virtual environment without the possibility of crashing into non-virtual walls, and for it to be really successful, you can realistically simulate things that aren't just static objects. Unsurprisingly, we're not going to get any of that any time soon, probably not within our lifetimes. Those who think that increasing the resolution on a heavy screen strapped to your head that dies in a couple hours is going to solve the problem are going to be disappointed time after time.
That's just someone trying desperately to make themselves sound like they have a different plan than the real one. That CEO could have been totally honest: "People like gambling, so we figure being a casino will make us money, and I like money". That wouldn't be sympathetic and might carry legal consequences such as being subject to gambling laws, so the CEO needed to quickly find some explanation for why his thing was a good thing which did not use the word "gambling".
"why would it be a problem that the previous lock was controlled by the data center network, is that not suppose the be the most controlled and regulated network and therefor very secure and reliable?"
That's not what it said. It said that "One vulnerability that showed up as part of the initial security screening was that the server room network was connected to the production datacenter network, so anyone entering that room could get all kinds of access."
That suggests lots of problems with network administration and physical security. It isn't clear what kind of locks if any they had on the server room before, but it seems that they couldn't count on it keeping people out. Worse, it seems that access to the room granted access to something on another network which probably needed better controls over which devices are permitted to connect and what they're permitted to access which, even if the lock was suitable, wouldn't have been fixed. I don't see anything suggesting the old lock was network-connected at all, and if it was on this kind of network, I'm not certain that would have been secure or reliable.
Some people need to read what the Cloud Act actually does. It's not pretty, but thinking it applies to anything ever touched by a US resident leads to foolish posts like this one. Here's one clue: if you say it over your radio to someone else and it's not stored online, then it's not on a server, and if it's not on any server, then it's not on one of the subset of servers the act applies to (you should find out what that subset is for next time).
Kidnapping for ransom is relatively uncommon, as in sometimes zero, in many countries altogether, so that's not really proof of much. But since you ask, I do remember the US having a high-profile kidnapping not too long ago, and it wasn't someone who had a lot of cryptocurrency. It was a person whose family had plausible access to money.
The fact is that even if we assume that cryptocurrency's easy transferrability is the only reason behind this, it would be easy for anyone with stocks to sell them and buy some to pay the ransom. Perhaps the focus on cryptocurrency people is because the criminals think they're easier to identify or to kidnap than any random rich person. That seems to be your argument as well; you don't seem to be saying that investing in cryptocurrency actually makes the kidnappers' jobs easier, just that it attracts them. If they ran out of targets there but the kidnapping part was working great, they could easily find a different kind of wealthy target.
They can easily get kidnapped for those things because those things can be converted to cash. There's some extra inertia because converting shares of stock into cash takes a while and you have to sort out delivery*, but other than that, there's no reason it can't work and it has happened plenty of times in the past. If there was something special about it, then theoretically storing your cryptocurrency at an exchange so it's not on your equipment would protect you, but this wouldn't. Do you think kidnapping for ransom was invented when cryptocurrency was or that there was somehow a gap between the bad old days and today? I don't know why cryptocurrency people are specifically targeted here, but I think you've exaggerated its role.
* Another benefit to cryptocurrency is that it can be received by the criminals without having to go through the physical exchange process, but since these criminals already have gone to the extent of physically kidnapping and imprisoning people, that difference isn't as big as it is for something like an upstart malware creator.
It doesn't seem to matter very much in this case because it's not like these criminals have stolen it by hacking into a computer. If you keep your gold securely stored in a locked room but someone kidnaps your loved ones, the room's security isn't protecting you against the problem you're facing.
Good points, and I'll add another thing I don't like. When people describe bugs as if they have a security result they don't really have, I don't like the hyperbole. This is a problem we have with many AI bug detection systems which overstate the consequences of bugs and it really doesn't help anybody.
This bug is a denial of service in that, if you can get the local user to do something, it breaks a process. It doesn't make it keep crashing, it can't be activated remotely, and it's not even a relatively easy thing to get a user to activate. It's annoying and disruptive which makes it well worth fixing, but dressing it up as a security vulnerability doesn't accurately describe why it needs to be fixed.
Kind of, but although he hasn't given out awards in decades, he released a bug fix release of TeX in 2021. So it still had bugs at that point. It's got non-release updates much more frequently than that. There's also not a simple way of applying for that bounty, so lack of approval doesn't demonstrate lack of bugs.
I agree with this interest in not changing software for change's sake, but it can be taken too far. Sometimes, people hate software because it added a feature they personally didn't need so they assume nobody does. For every feature suggestion, it has to be asked whether this is a thing that's worth adding to the software or whether things are changing because it feels like they are supposed to. That will inevitably be subjective, but just as it's annoying for someone to say the UI had to change because it didn't look modern enough, it's annoying for someone to say a feature shouldn't be added because nobody thought it was needed ten years ago when it was declared finished.
It's worth considering that companies that do business with the government are also easier to bully since they can have their contracts canceled and new bids summarily rejected. That would be smart when picking initial victims because it becomes settle or lose much more in dropped contracts or, if you push it, being declared a supply chain risk at the stroke of a pen. IBM has a lot of those.
I've yet to see an explanation other than politicians not getting it and assuming a DC means something along the lines of a big tech campus or complete corruption where politicians happily give away public money in exchange for a smaller amount for themselves. I think the former is more common than many think, but it really should be decreasing because, with the increased coverage of and complaints over AI DCs, politicians eventually have to look this up instead of just guessing.
You: I never said "not showing up at work".
Neither did I. If you want to argue against someone, inventing phrases I could have said and arguing against those when anyone can read that I didn't say them is pretty obviously wrong, isn't it? In fact, I said the opposite: "being expected to work".
We've pointed out easy methods by which someone could have little money for reasons other than not being able to handle it. If someone's been employed at a high-paying job for a few years and still can't withstand a month or two without pay, then they're indeed less sympathetic, though it still isn't acceptable. The system doesn't withhold payments only for those who have no pressing obligations and plenty of opportunity to have built up savings. It will affect someone who just started a job or those employed at things where the salary is low just as well as to tenured senior ATC agents. If someone was offered a higher salary for being willing to move and has just done so before the gap starts, they incurred the costs of a move and those of living in an expensive place and have not had the opportunity to build up that buffer you're castigating them for not having. For someone who complains about the US so much, you seem to have embodied the negative stereotype Americans are often accused (sometimes accurately) of having that your misfortune is a failure of personal responsibility regardless of the circumstances.
And when they are paid better, then I do expect that people can deal with a gap in salary, but that doesn't mean they should have to. I'm not sure what contrast you were trying to make between public and private employment and would welcome an expansion of that point. One major difference is that if my employer decides they're going to not pay for some time, even though I have plenty of savings and could withstand that, they would need to present a pretty good explanation of this for me to voluntarily agree to it, and it would have to be voluntary because doing so involuntarily is either wage theft or insolvency. Telling me to keep working and they'll pay me if and when they feel like it and I'll be punished if I complain is so abnormal and unacceptable that it's actually a crime, and one for which the penalties are much higher than any interest rate.
You know there are people capable of taking things seriously when they're important and still being lighthearted when it's not? That's one of the things that the training is designed to do, and someone not paying sufficient attention will be rejected. Whether or not gamers have transferable skills, it is another way to attract applicants, some of which will be suitable.
But that's work. So they tell their assistants to do it, but they also tell their assistants to do it for a lot more documents than you could or the assistants have something they'd rather do, so either way they don't bother, or the more insidious version, they check that the reference exists but not whether it says what the original document says it does. Laziness and overwork make a small problem a big problem.
Really? Nothing is as bad? Why don't I describe an experience I had updating an Android device that hadn't been used for a while. Good news, the manufacturer is, for now, releasing security updates monthly. Bad news, the process for bringing them up to date is:
For each month between the last time this installed updates and today (thirteen in this case), download an update file, wait for about twenty minutes as it verifies, then the phone reboots for ten minutes but only after you've pushed a button because there's no just install them all option, then it has to copy to the secondary partition (several more minutes), then it decides that, since you've just installed an update, it doesn't need to check for and install updates for a while so you have to manually go to the update screen and push to check so it will start again, which you cannot do while it's copying so you have to remember to come back and try it until it lets you. If we're blaming Windows for something kind of similar, why is Android getting credit for avoiding that? Especially as Windows will install many of the updates in parallel so you don't have to reboot for January's patch Tuesday, February's patch Tuesday, March's patch Tuesday. I come here not to praise Windows but to insist we stop pretending it's the only one to do something unpleasant.
That's a very different point, and I can mostly agree with you, although you do have Windows build numbers if you want a very specific way to confirm whether we're on the same Windows part of this. For driver updates that come from others even though Microsoft is distributing those, they aren't as easy to compare but that's to be expected when the different machines you're comparing will need different sets unless they're the same model.
But nothing in the original comment said otherwise. That was a discussion of the time it needs to install updates and the difficulty involved if you haven't used a machine for a while. In both cases, they end up needing to download a lot of data to update, and my anecdotal experience is similar in that Mac OS updates tend to be larger files. That's not a problem for me with my relatively fast connection, but the last time I turned on my old Mac and downloaded a minor Mac OS update, it was 20 GB so not so enjoyable with a slow connection. They both need to reboot, with Windows generally needing to do this more times and Mac OS generally needing only one, but not a short one. Neither is pleasant, but it makes it hard to sell one of those as the uniquely bad option.
You can remove Windows and install Linux or BSD on Surface machines too. Last time I did that, the Linux driver support was comprehensive, but of course, I can't promise that every Surface model will be like that as I haven't tested newer ones. That doesn't mean that hardware is the kind of thing you want, but your suggestion that they try to stop you is not correct.
I think that depends how they do it. There are those who propose the top-down everything changes overnight approach. I think that's mostly infeasible unless you're really motivated and I don't believe they currently are in most cases or, for those very few who are, that they will stay that way.
The bottom-up approach can work much better. Instead of changing everything, plans for individual components are made and implemented. At the end, there will still be Windows machines somewhere which resisted or for which non-Windows wouldn't work well and they are still figuring out how, but many areas could be migrated quite painlessly if the IT teams are given enough time and resources to determine what would work. Using open source software would also help significantly over trying to find something based in only that country or trying to agree on which other parts of the EU or EEA qualify and which don't. I think those changes would be easier and would also have the benefit of not being as obvious to anyone except El Reg readers, so probably no big complaints from Trump because no big pronouncements from the governments.
The readme certainly suggests that and I had not seen that information before. Thanks for the reference, and if this is what they've done, it's better than I thought it was.
I still want to know things like whether Visio is a modification of this software or just the name of an instance of it like that readme suggests and whether they forked this or are contributing back. I hope it is the latter as this is a great opportunity to turn interest in software that can be self-hosted into better software for everybody.
That's not the rule yet, hence why there are many other departments in the French government who still have Windows devices. The existing transitions in this and other countries are partial and voluntary, not complete and mandatory. If you want the latter to become the plan, it would be better to figure out how to accomplish that successfully with the minimum of disruption rather than to pretend you can just fire anyone who doesn't agree, which you can't yet because that's not the rule and you can't if it becomes the rule either because, if the transition you mandated fails for lack of planning, the people who said it was a bad idea will seem the more sympathetic. If you keep pretending long enough, someone might decide that, as much as they want this change, it seems the people they want to implement it seem incapable of accomplishing it without ripping out every computer and IT employee.
That's what I mean by solving problems rather than pretending they don't exist. Existing systems that don't simply switch over are problems. They won't go away if you make up rules, and they won't go away if you could enact those rules you imagine. Some problems can indeed be solved by threatening people enough, but if you've worked in IT long enough, you should be aware that there are many where you need more.
Aren't problems much easier to solve when you can just assume you have anything you could possibly want and permission to incur as much pain and cost as you need or want to? Why do the rest of us bother with trying to solve problems when we could be taking this approach?
I have this new piece of software I want to write at work. Here I've been wasting my time trying to convince management why it would be better than what we have and how we could build it cost-effectively. I really should take a page out of your book and get the CEO to threaten to fire anyone who doesn't do everything in their power to let me build it, the rest of the plan and resource limitations be damned. That's easy to do when they have no idea what this is or whether my technical boss is doing what they need to to facilitate the plan.
Not all of those proposing or supporting sovereign infrastructure plans know about or agree with your "open source means you're fine" suggestion. To take an example from this article, France wants to build their own videoconferencing system. Why not use or improve on something that's already been started? In this specific case, maybe they considered it and decided that the likes of Jitsi or Nextcloud Talk are so bad they're not even worth forking. Or maybe they decided that the things must be French. Many suggestions have taken that approach, with projects being rejected because maintainers are based outside the EU or sometimes even in the wrong parts of the EU. That leads to fragmentation and higher costs because perfectly suitable projects are ignored. Higher costs makes it harder to succeed at even if everyone remains interested and increases the chances that someone comes along and decides it would be easy to cancel this whole thing and declare the savings as their victory.
I would probably find various types of architecture to be very boring. Yet another building with normal rooms and structures, why can't I do something fun and build some secret passages in this? That means I shouldn't be an architect. If I decided to be one anyway but use something I didn't understand and didn't bother to check on to skip the work part, then I'd still be to blame when my poorly architected building collapsed. Just because you don't like writing software won't absolve you when poorly architected software breaks your users' security. Perhaps we'll eventually invent something which can produce software of acceptable quality, including those parts you don't see up front. We're not there yet, no matter that people sell products as if we have while admitting in their terms and conditions that they haven't so you can't sue them. If your laziness and displeasure with a task makes you ignore this fact, you are to blame for any and all consequences.
Their point is more complex than your reductive statements meaning either:
1. You don't understand why what you said and what they said are different, so you should learn why, something that people sufficiently interested about their privacy already considered, which is why Signal has UI settings explicitly to cover this situation.
2. You do understand but want to overstate what significance that has to make a point that you know is weak which is why, instead of stating it, you're using assumptions about what breaking encryption is and isn't and constantly inviting us to draw the extra lines for you.
There are exploits. Apple keeps patching them in updates, but even assuming that the providers of spyware tools to governments have ones Apple hasn't fixed or is deliberately not fixing yet, all this proves is that neither the FBI nor Apple has offered to use their tools to help this user. This is, of course, surprising, as both organizations are well-known for jumping at the chance to help fix a tricky technical issue without making people buy new hardware or having a person whose data they want to copy.
So the ASCII characters can be typed on every keyboard on the planet? How certain are you about that? Non-Latin languages where some of those punctuation marks are unused and nobody uses the ^ or ~ for anything. Still certain? For that matter, find the ` character on the US English IOS keyboard; it might be a long press on something, but otherwise, that's not there despite it's nice 96 value. What you mean is that they're easy to type on your keyboard.
I was especially considering the question in the title: "Why do people keep working with Microsoft ?" with context from the comment. Of course, the answer is generally because a lot of people use Windows and, if you're writing a kernel driver and want people on Windows to have access to it, you have to work with them. But more generally, the reason is that, no matter how you choose to write software, you end up having to deal with either Microsoft or someone else who operates in the same way, unpleasant as I find that. I agree that it's not a good thing for Microsoft to do either for themselves or for the rest of us, but I don't expect them or anyone else who does the same thing to improve rapidly or necessarily at all.
And the viability of that approach depends a lot on what they're selling and who they expect to buy it, because there are a lot of things that can successfully rely on people having internet access most or all of the time. I have been allowed to work remotely all of the time before, but mostly because my employer could expect that I'd have internet access pretty much all the time and be correct about that. It happened that some of my work could be done if my connection dropped because I was using a local machine, but if that happened very often, it would have been a problem and they'd have told me to fix that so I could work unaffected. Not all jobs will need or want that, but many do and many people do have that reliable a connection.
Cloud PCs would work for a lot of people because of this. Those who are frequently without a network connection know that and wouldn't try this. For those who do, network reliability is not something they worry too much about, so they need a different reason not to use this. There are a lot of different reasons, though I still find the most convincing one to be to look at the price plus that of a client, look at a machine with the same specs, and see how few months it takes to break even. If it was much cheaper, I'd still have more reasons not to do it, but at the current prices, even today's new ones, that's not necessary.
When doing that, remember to price in the hardware used as a terminal to connect to the cloud desktop. The hardware I've seen is neither as low-power nor as cheap as I'd expect. Some of it is as powerful as the low-end cloud desktop is likely to be. The available specs for these instances match a very low-end computer*, a basic one, and a respectable but still quite normal machine. New machines with matching specs are relatively cheap in comparison, even with today's RAM prices.
* You can run plenty of things successfully in 4 GB of RAM, but it's not that common to find a modern laptop with that outside the far budget end.
I think the both cases were a desktop and a laptop. With a cloud computer, that's not going to work at all without a sufficient connection.
Admittedly, anyone even slightly considering a cloud PC isn't dealing with people who are expecting to frequently not have an internet connection. They're either considering it for people whose jobs won't work as it is without a connection or to people who can reasonably expect that they'll almost always be connected. I don't think it's a useful or cost-effective answer in those cases either, but pointing out the people working off-grid in a signal dead zone isn't very useful in convincing someone whose home internet hasn't gone down at all in the last year that it's not a good option for them either.
What?
You saw that the "meet" was in quotation marks and the "without" wasn't, so you know it was a preposition in the phrase "without the with" in which it meant "lacking", right? Are you complaining about someone else's use of without now? I'm surely missing some kind of joke here, aren't I?
"Does the "with" add anything except prolixity?"
Yes, it does. Because when I say "meet" without the with, it usually means that I am being introduced to someone for the first time. Sometimes, it also means an unexpected encounter. Therefore, adding the word allows me to communicate with a single extra syllable that there was an arranged encounter with a person I already know rather than either of those, whereas if I had to use "meet" alone for all of them, I might have to clarify which of those it was which would probably take more words than one.
I also don't tend to bother following grammarians who object to things on the basis that they're not old enough for their tastes. That always leads to arguments about how old a word has to be or about why, even though a rule was invented relatively recently, that one is one I still have to follow to earn their approval. I can appreciate grammarians who advise on how to be better understood. I can't appreciate ones who like making rule books based on nothing but their own preferences and then complaining about people who didn't follow them.
