Posts by doublelayer

Re: Fahrenheit 451

It isn't unreachable. Quite easy from a normal internet connection. It might be unreachable from Tor exit nodes, because it's using a redirection service (found that by looking at the scripts pulled in from the first HTTP request). Those tend to block Tor because they don't trust people coming from there. Or perhaps, since you don't appear to have checked normally, you just lied about that. I see little benefit in bothering to check.

Re: Very Vichy of you

We certainly could do more. I am surprised to see that we have done what we have given our tepid responses to the other crimes Russia has committed recently, so I may start off with a different attitude to you, but we both agree that there are things we could be doing that we are not. I still take exception to those who imply that our countries have done nothing or will do nothing when that's obviously false, as well as with people who extend that argument into hypothetical areas that would be clearly different.

Re: firewall

They have the right to do so. There is no international law against censorship, at least anything that's enforced or phrased any more clearly than "censorship is bad, signed by censors". Depending on their local ISPs' control over the networks and internal systems, they could try doing that already. I wouldn't be surprised to hear that they are trying it but finding it harder than they thought to implement at short notice.

Re: Very Vichy of you

You clearly didn't understand what they said. I'll summarize it. If nuclear weapons are involved, the internet situation isn't the problem you need to work on.

And by the way, we wouldn't do things for Putin if he threatened to nuke us. If he threatened that, we would threaten to nuke him in return. It gets kind of scary, but that's what has happened each time and would happen this time as well. People are cowardly when it's someone else suffering but can turn strong when it's themselves at risk. Those who don't switch get replaced when public concern gets high enough.

Re: They won't and can't get everything they ask for.

"The problem is that when one nation uses that same network to attack another nation, that's when the neutrality gloves need to come off. In order to maintain that stability you need to defend it from serious abuses like the very one being done by one nation against another."

The problem with that is that Russia's information war would not be stopped or even dramatically harmed by carrying out Ukraine's requested action. They have propaganda sites ending in .ru and with servers based in Russia, certainly, but they also have propaganda sites ending in .com and .ua with servers in lots of countries. As each one is identified, the hosts can be targeted and requested to shut down the site or revoke the domain. Even if they wanted to set up this shutdown and had the authority, it wouldn't solve the issue. Doing it, however, would have some dramatic side-effects.

I think nearly everything should be done to get Russia out of Ukraine and charge them with war crimes. If an action will cause significant harm to unconnected things and also not work, let's not waste time trying it. Let's spend our time finding an alternative which corrects the latter and ideally the former.

"I'm not a huge fan of the U.N., but isn't this the sort of thing that it is supposed to take care of,"

No. The U.N. does not have the authority to decide what sanctions you use. They wouldn't be supposed to do that anyway because they aim for neutrality. So on no account would the U.N. get involved in what is sanctioned and what isn't other than votes to approve or disapprove which everyone votes on and nobody cares about afterword.

"instead of leaving everyone kowtowing to the US's decisions?"

South Korea is an American ally. They can ignore the U.S.'s decisions, but they choose not to. The U.S. is going to do what it wants and South Korea has chosen to work inside it rather than go on its own, which it would be perfectly in its rights and able to do.

Re: Way, way, way too much hassle

The other problem with captchas is the set of users who don't appear to have a clue what they're for. They put them in weird places. I had one that required me to fill out a captcha on every login. Not even just logins from new places (that is also not a good use), but every single one. I think they viewed the captcha as a 2FA solution. That business lost me as soon as I could migrate my stuff off them.

Re: fingerprint

"Given a sentence for not disclosing a password or encryption key might be less of an offense than what they'd have if they could have a nice rummage through your files."

What crimes are you expecting they'd decide you committed by looking at your files? I agree that I don't want them to look at them, but serving up to five years is a strong penalty, exceeding many normal crimes. Having a secret delete password is destroying evidence, another crime they can charge you with. I probably have the same view as you, that such laws are illegitimate and would be better repealed. While they're there, however, it's important to know what the law says so you can act accordingly.

Re: fingerprint

Well, at the risk of causing a debate over which countries are civilized or not, you are not correct. Some countries do protect passwords in the way you state, for example the United States, but in others, such as the UK, failing to disclose passwords, encryption keys, etc is a crime in itself for which you can be imprisoned. This is the case even if you are exonerated from the original investigation.

Re: Elaborate

Not the part where you want to get data from a different system or put your data onto one. That requires the machine-to-machine bit. That is one of the levels of the internet, but if you want to limit the definition only to OSI levels 3 and 4, it's still critical to lots of systems and has seen many refinements. It's not done, and it never will be done, but it's impressive how well it tends to work.

"Anyone noticed that _nobody_ is building a device like this right now?"

I know of a few places making such things. Running Mac OS, no, but the hardware exists. However, you've asked for a different product so you can bring your own keyboard, and there are lots of those. Tons of small desktops exist out there. Depending on exactly how small you want them, you can quite easily get ones that mount onto the back of a screen and have Intel or AMD processors sufficient to run Windows or Linux with pretty good speed for average workloads. There are even a few computers still using the form factor of the old Intel ComputeStick, but I wouldn't recommend them.

Apple can build a computer in any shape they like. It won't make it patent-worthy, and if it's what you've asked for or what their claims appear to describe, it won't be something otherwise unobtainable.

Re: I can't see the point

Yes, but they still need a computer that is trusted to access that data. If the company has purchased laptops, the user just has to move that one to have an identical environment without needing a second computer. Most companies I've dealt with don't trust users' personal computers for the required access.

As for phones, I'd like that to be true, but the software often restricts the utility as a desktop device. I'm not only talking about things that require specialist software on the client, but also more normal office tasks. I have never seen a company attempt using phones in the role in which laptops and desktops are routinely employed.

As I understand Apple's concept, it's just a laptop without being useful when the user doesn't have desktop peripherals, which seems unhelpful to me. The only possible benefit I can see is if they were able to make the hinges work so well that the keyboard and all the computer components could be pocketed, thus making it more portable than a general laptop. I don't think that's happening, and even then it wouldn't be that useful.

Re: Acorn electron, Sinclair QL, various pre-built Raspberry Pies...

If they argued that, it would fail just the same. They would have to have patented it then to claim ownership. If they did that, protection would have expired in 1997 and anyone could copy it. So that would be a fun argument to watch them play out.

Re: Partitioning

"On every laptop I've used I always had /home on a separate partition, and just NEVER have I run out of space on / or /usr due to stuff happening there."

Yes, that's probably the most normal situation. After all, you're unlikely to suddenly decide you need tens of gigabytes new software one day. However, if you ever did, the partition situation could make it hard to install that. If you kept a bunch of space around for the case where you did, then you're unnecessarily restricting the space available for /home.

In my case, on the systems where /home is sharing with /usr, I don't pretend my usage is normal. I have an old device with a 128 GB drive which is used for a bunch of random, at times experimental purposes. I decided to test out the Gitlab CE software by installing it on that (for those who haven't done this, it brings its own Nginx version, a bunch of Ruby libraries, is rather large in itself, and is designed to store data outside the home directories). When I was done experimenting with that, I removed it. Having one partition gave me the flexibility to do that without repartitioning either time. You don't have to do that, and if you don't or have a larger disk (I got the laptop for free from a user who wanted it junked), you probably won't encounter the situation very often.

That said, try explaining to a standard user why they should do that. Not with the separate disks situation, not with a server, just a standard user with a single disk that all the partitions are going to go on, a user who already backs up their data. What benefits can this provide that justifies the extra complexity, complexity that is absent on lots of other systems and optional here? The best reasons I've heard that apply here are as follows:

If /home is separate, you don't have to replace it when you reinstall. This assumes that you'll be reinstalling a lot, which they probably won't, and it also assumes that every installation will be smart enough to figure this out, not repartition, not create a new partition for /home, and correctly mount it later on (this last one is mostly an editing of fstab if it doesn't, but if you have to manually reconfigure your filesystems and don't get anything out of it, maybe not so useful). A correllary to this argument is that it's harder to trash the /home partition. The user can point out that the chances of breaking their home directory are already quite low, most likely ways will use the filesystem instead of the partition and won't care where the home directory is, and that they have backups to deal with both.

There are lots of good arguments for keeping /home on a different partition. In each case I can think of, it's a case where, if you ask "Why do you have it partitioned this way", the user will have a specific set of benefits that doing so provides them and that they know about. It's possible that there has always been a clear benefit that keeping the partitions separate provides, even when a user isn't doing it to implement a desired feature, but if there is, I do not understand it. I would welcome learning that lesson, but it should be better than "We do it this way because most Unix servers do it this way and, even though they have lots of reasons that don't apply to this, we must follow them".

Re: A little knowledge is a dangerous thing

Ok, I think I missed that with the talk about hidden folders. I missed it because configuration often does go in a hidden folder and ... Windows doesn't put the user data in hidden folders. It puts it wherever you set when you're in the save box. That different programs have different default locations doesn't change the fact that you can set any of them to save in any directory you please and most of them will remember your defaults for next time. I don't like it that Outlook thinks that it should save attachments into the documents folder. I treat saved attachments as downloaded data until I organize it, so the downloads folder is far more sensible of a default. So when I first save an attachment on a new installation of Outlook, I point it at the downloads folder and it remembers that. If I want it to save the attachments to a downloads folder on a different disk, I could select that as well. No hidden folders or forced organization involved.

Re: Even Worse

The problem is that it really can't. Email clients can easily categorize by such things as sender, recipient(s), thread (subject line, in reply to, or checking for copies of previous messages), dates, and if they're willing to add even more storage, some keyword database for message contents. That's great, but it's also what I can quite easily do from the client's advanced search controls. I don't need the client to categorize my archives by sender because it's pretty easy for me to do that manually if it comes to that. The categorization that could be needed is more advanced processing of the message content to link related messages together. For example, if I am included on thread A about something, then start thread B about the same thing but with different people, and later am involved in thread C which reports a problem with the thing implemented by thread B, those things are related in my mind but will not be linked in the software. The intelligence to identify that link is usually absent, and if you try to build it in you end up with all the standard language processing problems and likely won't get useful results. If the messages were crucial and required frequent cross-referencing, I would perform that organization manually, thus having the certainty that I've done it correctly and in a way I can quickly navigate. When you consider that, at least in my example, all the effort spent on this autocategorization is for messages the user is keeping around because space is cheap and with the expectation that they will be unneeded, it is often not worth it.

"A non-trained person is unlikely to be reinstalling their laptop OS."

They don't have to. On literally every commonly-used consumer OS, the primary storage is treated as a single unit. If you are low on storage, you could delete some personal files or uninstall some software to free up storage, with the free storage being usable for either. You do not need to reinstall the OS to be in that situation. A user who does that on Windows, Mac OS, IOS, and Android is unlikely to accept Linux if they think they have to do it all separately.

"If someone trained does do a reinstall for the user they're not going to be happy finding it was on a single partition."

Not necessarily. In my opinion, a lot of systems for personal use should use a single partition. Programs are data, just like your documents. They're stored in different directories to keep them organized. That's good enough. There are many reasons to have separate partitions for servers, most of which don't apply at all to a personal machine. You can also have as many extra disks or partitions as you like with software on them if doing that has a benefit to you. Windows and Linux make it really easy to point to installed software that's on a different disk, even if it's not mounted at a typical path for binaries. Even if you know what you're doing, there's not a lot of benefit to having separate partitions for different parts of your root filesystem when they're all sharing a disk and all have to be present for your system to work.

A note, this doesn't necessarily extend to all parts of the system. Having /var on a separate partition to deal with something that doesn't handle it correctly makes sense. Having /home on a separate partition so it's easy to share between multiple booted OSes or persist after large changes does too. In both cases, it's a thing that is useful to a user who understands why they're doing it and can configure it themselves.

Take the placement of /home on a different partition. I've just explained two reasons you might want to do it. If you're going to make any big changes to your root filesystem, having /home partitioned insulates it from damage. You can install a new OS without having to move anything. However, you could always do what everyone else does: back up your home directory, reinstall the OS, and copy your files back. You should be backing up already, so it's not quite as bad as it seems if /home ends up sharing. Many of my systems do have /home on a different partition, but often because it's loading from a network FS or external disk. On the self-contained system that uses one internal disk with one OS on it, I have kept /home on the same filesystem so I can use the available space for whatever kind of data I want.

"You could just check programmically the folder was a sub of the desktop and not the desktop ."

It could have been in the documents folder, home directory, or somewhere else depending on how the user did it. You would have to just check it against a bunch of too general directories, and if you started down that path, the user could always find a new wrong one.

"or if it were me I'd have nominated a specific folder on the desktop for them to put stuff in ."

If you were doing that, just nominate the network folder the stuff is supposed to go in. The program is supposed to file things for the user because they were either slow or incorrect when doing so on their own.

Re: A little knowledge is a dangerous thing

"As to where Windows puts files. Madness. Buried in the C: drive in a concealed folder within "Documents and settings" as if user data was in some way equivalent to OS function and needed the same kind of access."

You mean just like where Linux, Mac OS, and BSD programs store their files? Because the patterns are quite similar for most software. Each program decides on its own where configuration files should be, and you can find programs that still insist on storing configuration with their binaries but not so much after Vista blocked it (the emulation is still there but rarely used anymore). But for the typical setup, here's what they do:

On Linux: /home/user/.[program name]

On Windows: c:\Users\user\AppData\roaming\[program name]

In both cases, a hidden directory inside the user's home directory. If the user's home directory is put elsewhere, the configuration goes with it. What's so wrong about that?

Re: Even Worse

"Used to see that in Outlook. Important emails in the deleted items folder!"

I've definitely seen that, and I kind of understand the philosophy depending on how they do it. In many organizations, emails are kept around for longer than they're really needed for a paper trail or similar. The important ones should be filed separately, but there's a case for general archives of emails which aren't being used, might not be needed, but shouldn't be deleted. I think some of the aggressive deletion policies are due to the historical email systems when disk space was a lot more expensive. As things currently stand, if I want to waste five gigabytes of disk space storing a hundred thousand messages I probably won't read again, it's kind of small. I have a Windows XP virtual machine on a backup drive that I haven't used for a decade that's larger than that.

The problem with work emails especially is that there's somewhere between a lot and a complete flood of incoming email, so people can't always spend the time rigorously categorizing each piece of mail they're pretty sure they don't need. That makes it harder to find stuff later, but the time efficiency calculation can make that the faster choice anyway.

Which, if you're running a server with a trained admin, makes sense. If you're running a laptop with a nontrained person, it's a mess. If you reserve space for each of those things separately, but you still only have one disk, you're just creating new limits for how much data in each category the user can have. Users who don't know that happened will get confused about why they can't install some software when they have a hundred gigabytes free on their storage or why, when they were low and decided to uninstall unneeded software, it didn't get better. Even for a user who set all this up and knows what's going on, it can be annoying if there's limited disk space because reallocating between those partitions isn't a simple, risk-free process.

Re: Just disconnect them

I'm afraid that it really wasn't. The original comment implied that you could cut off all the attacks by blocking Russian traffic. What you could do is dramatically decrease the bandwidth available to the Russian public, but since the Russian government has priority access to whatever links still exist, some of which they own, they would still be able to run all the criminal operations they want. So you can't, in fact, prevent them from hacking into stuff even if you could cut off their internet, and once again, it isn't feasible to cut off their internet because there are several countries that wouldn't be on board.

Re: Just disconnect them

I commented on that in the comment to which you replied. I pointed out that, if you could block literally every packet, you could cause them a temporary problem but that they would find an alternative (E.G. put some people in a different country and relay instructions through a different connection such as phone, satellite, etc. I also pointed out that you can't drop every packet because there are numerous countries you don't have on board. They have cables that go through central Asian countries such as Kazakhstan. They can quite easily pretend to be Kazakh traffic unless you can get Kazakhstan to join you (they won't, they're allied with Russia) or are willing to ban them as well. If you do ban Kazakhstan, they have many other countries to use.

Re: Just disconnect them

"Just block all traffic coming from Russia. This will also block 99% of cyberattacks originating from them."

No, it really won't. The Russian government has this ability to pay for servers in other countries and to take over equipment on residential networks in other countries. They have and they will. They launch attacks from those devices, which are controlled by non-Russian servers. If you could block all the network traffic coming from Russia, they'd have some disruption as they put some operators elsewhere and sent instructions internationally, but if even one cable remains, they can proxy around your blocks to control their zombies. Since they have lots of connections, including through countries that aren't part of NATO and that have taken their side if only unofficially, you can't get a 100% block implemented.

Re: "Let's add some clouds,"

That was my thought as well. Not only were the commands themselves completely scripted, but I'm willing to bet there was no AI scenemaker in there, even one that was trained only on those commands and thoroughly tested. I'm expecting some premade video slices were created and someone got the job of pushing the button to cycle in the next one as soon as he finished each command.

"However, presumably his whole point is that the AI should now be considered as a legal entity."

This appears to be his goal. Why he's willing to spend so much time and money banging against a wall to prove this academic and for the moment unimportant point is less clear. My theory is that he read a lot of 1950s and 1960s science fiction short stories about the thoughts and rights of robots, and he has forgotten about how those robots had full consciousnesses and that the stories were written for entertainment.

If we ever create AGI which does simulate (or depending on your philosophy have) consciousness, and it is capable of deciding to create something and going on to do so, we may have to answer such questions. I think it's pretty obvious that we don't have that now. Some people think it's impossible. I think it is possible but won't be done because it's very hard and has little benefit. Either way, leave it until then.

Re: re. more blankets

"Even Afghanistan could become Russia's problem again at the Taliban look for sources of income and power."

No, that won't happen. When it was the Soviet Union and Afghanistan, it worked because they shared a border (and even then the Soviets had to start it). The Taliban may want to make trouble to the north and even earn the wrath of some countries, but the countries in the way aren't Russia. While some of them are friendly with Russia, they're not going to get automatic Russian protection. And that's if the Taliban is stupid enough to launch an all-out war against those countries, which they probably won't try because, though those countries are small, they have militaries and people who have faced the Taliban's ethnic policies and will be more open to their use.

Re: "we condemn in the strongest possible terms any malicious use of our products."

I'm not on Apple's side here, but the person to whom you replied has a point. These guys have found a way to use the Find My network with a device that isn't Apple's, which is already not supposed to work, and to evade the announcement features in Apple's equipment. Those are both technical bugs, and Apple should be fixing them. I'm afraid that Apple will only care about the first one so they can make only their products work on their network, but even that would patch this. This is a case where Apple should have been quietly told about the problem rather than code for attacking the vulnerability being publicized.

I understand that, at some point, security researchers will release proof of concept attack code. This should, however, follow a procedure of getting that vulnerability fixed or at least trying to. Doing otherwise puts users at risk for little benefit.