Posts by doublelayer

Re: Separate issue

"Indeed but a university may not want the security risks involved in allowing random students access to their network from random devices in random locations (aka setting themselves up as a private cloud provider)"

You may need to look at what a cloud provider does. Hosting your own website with files uploaded by your employees is not being a cloud provider. The students don't need to have upload access to the system (although many universities give them that and it's just fine). If the access needs to be restricted, put a login page in front of the files. If you only want logins from inside the university network, put a firewall rule on it. If you want authenticated access from outside the network, give the students a VPN option. These things are really basic and the university already has the infrastructure to do it.

Because, given the quality of this, every encrypted zip file (which has a distinct signature) will become copyright-infringing overnight. If they're using machine learning rather than a big list of hashes, this wouldn't even be surprising as it's exactly the correlation such models tend to identify.

Mostly irrelevant pedantry, but:

"Saying that you're walking to the sun after lunch is just another way of saying you're walking West."

No it isn't. If you say you're walking to the sun, it means that you intend your destination to be the sun. If you're walking west, you can call it walking toward the sun, or marginally closer to the sun. If I choose to walk to France, then I must either set foot in France or admit that I've changed my goal.

Re: Let's start with the obvious

"I'm sorry but in the 1970s with my "huge" minicomputer systems with 10^3B RAM I would have laughed is anyone had suggested the ability to hold a phone in my hand with 10^11 bytes of ram on it ..."

Both of those are misstating the reality a bit, though. 10^11 bytes of RAM in a phone, no. That's 93 GiB. They don't have that much RAM until you get to desktops. I admit, it can be purchased by a single person, but you're overstating how cheap it is. Similarly, 1k of RAM in the 1970s wasn't a ton. The Apple I had 4k already, and that could be afforded by individuals. I'll grant there has been a significant increase, and there's likely to be more of them (though not coming as quickly).

However, even if we assume the ready availability of petabyte hard drives, two issues make that not enough, in addition to the lack of connection technology you already acknowledged. The first is that you need to read and write that data really fast We may have massive storage, but we can't read in a petabyte in a second. If we can't compress the data well, we're going to have to read a lot more faster than we can. A thousandfold increase in storage efficiency is already hard. A millionfold increase in transfer speeds is going to take quite a bit longer. Second, you don't need one of those drives, you need a large set of them. Even if most of the synaptic data can be compressed or discarded, they change a lot. There's also no frame rate for the brain. And you'll need sufficient computing to compress the data in real time or enough extra storage to cache uncompressed data until the memory recording is done.

Even without the biological interface, it's a herculean task. Musk can fantasize all he wants, but he should be careful to make sure people know he can't actually do this any time soon. I also must admit that people who fantasize too much lose my respect unless they're doing it to write fiction.

Re: Apple is getting shafted by very guilty parties

I agree; it set off my possible lie sensor as well. I didn't bother to check the reality though, because in addition to being less plausible, it's also pointless for them to bring it up.

Re: Next up, Google

Me: "sideloading option is available on all Android devices"

Reply: "That is an unrealistic assertion."

I'm not sure I see your points. Taking them one at a time:

"Firstly, the technical difficulty."

The steps are \1) tap on the .apk file, 2) the box tells you it's not allowed, 3) tap to enable it, 4), tap on the .apk again. A lot of users are not confident when they see the warning box in step 2, but it's not technically difficult to do.

"Secondly the security risk."

Granted, but irrelevant. That's also the argument Apple uses, and you can't win there. If you agree with me that there should be a mechanism of installing software which is not controlled by Google, then this is going to bring some chance of malware. Users decide whether they will use that mechanism given the risks.

"Being able to Install a different OS might be a better claim."

No, it really isn't. That's a case where Google can more easily be charged with anticompetetive actions, because their licensing for Play Services restricts manufacturers from offering other forks of Android. Most devices do not support any variant, creating one requires significant effort, and Google keeps taking more functionality out of AOSP and into their frameworks to weaken it. Sideloading can be activated on any device using the standard UI. Different OSes cannot be installed without at best playing with the bootloader and using a command line tool with many opportunities to break something, and often not even then.

Re: Next up, Google

I generally agree, and there are many obvious targets around the Android ecosystem. However, in the specific case of app distribution, I think Google's case is stronger as the sideloading option is available on all Android devices. That doesn't mean it's impossible, but it gives Google an argument Apple cannot use, which might cause it to win even if Apple's dominance is recognized.

Re: Apple is getting shafted by very guilty parties

Well, this was nice and rambly. I'll take a few of the points that are clearer.

"Yes but they did build this house a brick at a time and now they reap a decade of very solid marketing and engineering."

They have the right to reap a profit from that. They don't have a right to use that as a club to beat profit out of other companies. They reap that profit all the time when they sell phones with massive profit margins, and in that case, there's no legal argument against it. Their effort doesn't entitle them to control others' businesses any more than the author of some code they used could come to them and insist that they give them a cut of their hardware sales.

"Just look at Amazon. And try not to think of what became of all the Malls across the country, or the many bookstores that used to exist that are long gone."

So? Just because their competition caused a different business to fail doesn't make them wrong, but when they use unfair market power to cause that harm, they can be penalized for it. There are indeed antitrust actions being pursued or suggested in Amazon's case, and they make sense too.

"Then we have Epic, the very founding "poor puppy". Epic hasn't operated a profitable enterprise in its entire history of existence! [...] Let Epic make and sell a profitable business, prove they are operating on a fair basis with ALL their competitors and then, let them come back and make claims."

I'm not going to bother checking whether this is true. I'll assume you're correct. In which case, it is meaningless or actively harmful to your point. You do not need to be profitable to sue someone and win if they're harming you. Also, Epic's complaint is that Apple is charging them too much, so if they're correct, Apple's charges might be the reason they're unprofitable. Somehow, you seem to think that profitability should be required to contest a contract's legality. Fortunately for everybody, it doesn't work that way.

Re: Remember - CLOUD COMPUTING is NOTHING MORE THAN ..

Was that relevant? They weren't using cloud systems in the article. The comments haven't been talking about them. If they were, nothing would have been different. Why did you feel the need to say this?

Re: Count me in...eventually

Would it hurt you too badly to read what they said?

"Blimey, so your iPad is 12 years old and not supported with new updates anymore..."

They weren't complaining that their 2010 product wasn't updated in 2022. They were complaining that their 2010 product was out of updates by 2012. That's very different.

"And you are calling it a "first generation" product. Well, there was the A4, then the A5, then the A6, then the A7 (that's the first 64 bit processor), then the A8, then the A9, then the A10, then the A11, then the A12, then the A13, and then the M1 - renamed because they stick it into Macs."

And the one they were talking about is the A4 model, so it really was the first generation of iPad there was. Since Macs with M1 are a big change, they're predicting similar things for the M1 Macs as the A4 iPads.

Re: I don't understand the draw of windows....

I don't understand what problem you encounter.

On Windows, Python isn't installed by default. So if you want it, you install it. You can go to python.org and download the installer. Or you can type "python3" at the command line and they will open the Windows store page for it. I suggest the former, but either works. Then scripts run. Pip runs (it's installed at the same time unless you change the settings). Virtual envs run. So, is your complaint just that Windows doesn't come with Python installed by default?

Re: Immigration Status

They can, which would be the same as denying extradition. They have an obligation to consider the request for extradition, but they have no obligation to accept it. If they don't accept it, they are unlikely to permit him to remain in the UK, so he would likely be sent to Australia. The U.S. is then able to restart this whole affair with them. They probably have the paperwork ready to go to avoid him running to another place to hide, but once again, Australia would have the choice to say no.

Re: Uhm... no

If you are a programmer, you should also be pretty good at converting hex to binary. If you're a network engineer, you should learn it; all the programmers did and it didn't take very long. You probably know it already anyway. It's not difficult to recognize a prefix if you use it a lot.

Re: I wonder ....

And you post those pictures where, exactly? And the person who decodes them and forwards on your message is where?

For individual and short communications, this works great. Were there a small set of people plotting against the junta, be that planning to act to remove them from power or merely planning to spread some information that they want the public to overlook, steganography could be used to exchange those messages. The participants would have to find a service which is still allowed and post images that aren't suspicious. However, they can also simply use a shared encrypted channel that isn't yet blocked and get the same result. For example, they could log into a shared Google document using HTTPS, and if they did so, the traffic would look like normal Google traffic.

The primary use, however, appears to be Facebook, or more broadly, large group communication. Steganography isn't useful in this case. A message hidden in a picture can't be broadcast to thousands or millions unless someone takes it out of the picture. Even if we made a steganographic VPN that would decode hidden messages and reencode them for each user, the required bandwidth for sending innocuous data would end up being infeasible. It would also end up having a distinct signature making it perhaps even easier to block than normal VPNs.

Re: Sure. Why not cull E2EE...?

There's a book which describes that situation: The Circle. In it, a company manages to get the required infrastructure to do that and enough public support to make everybody, including politicians, publish everything they do. This to the extent that people have to wear cameras at all times. It has some short-term benefits, but it predictably doesn't do much other than hand power over to the company which has many inventive ways to use that power. It can be a bit depressing to read it as what it suggests is possible, but still worth a read.

Re: Welcome to MUMSnet

Be careful. The people who don't understand extending the length of addresses aren't always the people who "are telling their bosses they need to stay on IPv4 with NAT because it's more secure and privacy friendly." I have made that point here, but I made it clear when I did that I was referring to the default configuration for home users, where I fear that firewalls will be insufficient and lead to vulnerabilities. I.E. it's not IPV6's fault, and NAT on IPV6 would be equally fine, but either the defaults are going to have to improve the firewall rules or use NAT in order to prevent devices opening themselves up to the internet when they shouldn't. Those complaints are not the same.

Re: FFS!

"If you procure a cgnat connection you will know it’s limitations and will need to pay more for a non cgnat connection or for a solution that works across a cgnat."

Oh please. Most users will not know the limitations of CGNAT, but let's just assume that anyone who doesn't know won't operate the things that need it. The problem is that if an ISP is doing that, you probably have little or no option to get around it. If they're very short on IPV4 addresses, which is why they wanted to do CGNAT in the first place, they're going to be expensive for you to purchase a static one from them. That is if they offer it at all. A lot of ISPs have different packages for business and residential users to the extent that business service cannot be purchased in some areas.

Furthermore, this proves why IPV4 is unfit for some purposes. When we get to the point where I have to pay extra because we have a shortage of numbers, but not for any technical reason such as needing more reliability or bandwidth, there's something wrong with the system. This is especially true when I could have all the numbers I could feasibly use if they just enabled a protocol that already works on their equipment.

Re: I've said it before and I'll say it again

I suppose it depends how your cartons are set up. I could see a possibility if yours has a lid that is flat all the way over, and thus you could balance an egg between some others and have the lid go over that. I think the analogy requires that you not break an egg or the carton and it still has to close though, and although I can't prove it, I think the cartons I know can't do that.

Re: Thanks, but no thanks

"Under v6, my phone has a long lived identification that persists across all WiFi, mobile connections etc."

No, it doesn't. It will have separate addresses for each network. The system doesn't have your devices keep their IP wherever they go because that would make routing a lot more complicated. You're right if you stay on one network, but if you move between them, the address will change when you do.

The trackability of addresses is one reason I prefer to use NAT for nonpublic devices, even under IPV6. However, don't interpret it to be more powerful than it is. For example, you may think that using a dynamically-assigned IPV4 address makes it hard to track you, and it would if it changed a lot, but it probably doesn't. If you leave your router turned on all the time, then your ISP probably just extends your DHCP lease. The IPV4 address is assigned dynamically, but you've probably been assigned the same one for the last few months continuously. CGNAT does provide more; you probably also kept the same address but there's a lot of people sharing it with you. However, tracking companies know about both of these things and find better ways to identify you. It's certainly a problem, but it's not the biggest problem.

Re: I've said it before and I'll say it again

You're right that it's simple, but this still worries me because it's very unlikely to be the default. The benefits of nontechnical people on a NAT system include the assumption that, purely for the ISP's self-interest, the default config is likely going to prevent publicly-accessible ports for the user. That helps when they bring in untested devices or software. It's not hard for me to have a firewall which prevents incoming traffic by default, but many cheap, ISP-supplied routers I see leave that to the device's own firewall which, if it's a security nightmare already, probably won't do it.

I've dealt with this by having devices on my IPV6 home network connect to a NATed subnet unless configured to have statics or to be trusted, but I can't set that up for my friends or family, let alone trust that the rest of the public is going to get it. This doesn't mean that IPV6 is to blame, but I would like to see a general improvement in default router configs and I don't think it's going to happen.

Re: It's the mobile networks that seem to be stuck in CGNAT

I'm far from a zealot, but it does have a few benefits for some users, me included. One of the aspects that is nice is that I don't have to do weird things to have some dedicated addresses. With an ISP that gives me an IPV4 address through DHCP, I have to forward ports to individual devices, remember what the ports are should I have two or more of them operating there, have a method if they switch my address, etc. If they used CGNAT, I might not be able to do it at all. With IPV6, I just configure the static IPs and firewalls on my end and put the devices online, and since there's so much address space for now, they're not going to change my block. Getting dedicated IPV4 addresses from an ISP is usually not easy. I could get a business package, which will definitely cost more, may require extra equipment from the ISP, and might not be available in a clearly residential area.

IPV6 is extra work, no doubt. It has some problems that impair its usefulness and require a configuration change to remediate (multiple IPs for end-user devices on the same network, I don't think so). If IPV4 was good enough, these could be enough to simply ignore IPV6. Unfortunately, IPV4 is not good enough. It's a little pathetic that I have a weird network setup just because we have run out of numbers, and it's a terrible reason for everywhere on the planet to keep getting more snarled in the organization of a limited resource. At least with other resources, the scarcity is due to physical limits. With addresses, it's a shortage we can fix ourselves.

Re: Sounds very much like the music industry

That's not a good idea in my opinion. In order to do that, you run into lots of definitional issues. For example, which of the following people gets funding, and how much in each case:

1. A developer who writes a project important to many people in their free time, but has a job at a tech company writing other code as well.

2. A developer who maintains code, fixing bugs and the like, but didn't create the project and doesn't add new features.

3. Someone who writes documentation only.

4. A translator who localizes open source software.

5. A person who spends a lot of time on a project they came up with, with few other users.

6. A person who commits occasionally, but not very much.

7. A person who frequently switches what projects they're working on.

I don't know how France's music system works, but that already sounds like a bad idea (I write music as a hobby, but I don't think you should pay me to do that). Open source contributions are perhaps even harder to assign a monetary value to.

You can do that if you want, but there's a reason that doesn't fall under either the FSF's or OSI's definitions. I agree with them. If you do that, I won't contribute to the code or donate, because it gives the author or owner too much power to restrict the rights of the user. The whole "free speech not free beer" bit has gotten old, but it's still accurate in this case; letting the author decide that someone can't use it because of who they are or how they intend to use it is a very different philosophy and one I will treat differently.

Depending on how you want to make a living, you have to decide the way you want to do this and structure your work accordingly. If you use a license that says the user can use, modify, distribute, and sell your code without receiving permission from you, then they're not required to pay you. If you use a license that says that they must pay you to do those things, then you probably won't get assistance from others. If you started with others' code, you may be required to adhere to their license. If voluntary donations aren't sufficiently secure for your comfort, you may want to do something that gets you a more stable income stream, but the consequences of your choice are your responsibility.

I have a library I wrote to solve a problem for me. I considered releasing it as open source, but I didn't. One reason is that there's already a better version out there (mine is only better if you have to run on an embedded device with very little memory). But another reason is that I thought maybe I could turn this into a commercial project. In order to leave that option open, I didn't give my work away. If I did, I shouldn't expect companies to come to me and pay me for the thing I just gave them for free.

Re: The land of the "free"

I don't applaud people just for telling the truth. I applaud people for sticking up for ideals in the face of adversity, and more so if I share those ideals. Someone who denounces a human rights abuse even though their employer won't like it has taken a major risk. Someone who defends a political view I don't agree with may still face a risk. This guy's view, which he is defending as if someone is going to do something to him for it, is "I don't care". That's not an ideal, and he isn't going to face any consequences for it as he already has billions of dollars to insulate him from any negative response (which probably won't even exist).

Re: Too true

"The only thing the Chinese are intolerant of is trying to bite off pieces of their country."

Wrong. The crimes for which people are imprisoned are a lot more than advocating independence. And that's assuming we believe them every time they claim that a more serious crime is related to their imprisonment of another group. Advocating any level of democracy is heavily punished there, and there are restrictions on cultural activities as well. China has several minorities, and throughout their modern history, they have tried to wipe many of them away. From attempts to reduce the use of minority languages in schools to ethnicity-based concentration camps, this is not just for the integrity of their borders.

As with the case of Spain, I also don't think countries should repress serious interest in regional independence. However, I will point out that nobody is being locked up in Spain for speaking Catalan or requesting independence. Only the government leaders who declared independence were charged, and I do not think that was justified. China's actions are in all respects more severe.

Re: cryptocurrency

"And I thought the North Koreans were starving and so had other things on their minds. How do the find the time to train these people?"

Take a look at why they're starving. It's because all the money goes into government and military investments instead of public services. The things that get investment are the leaders' personal comfort, a lot of troops to stand around the southern border in case it's time to invade, a lot of troops to stand around elsewhere in case someone needs quick imprisonment, nuclear weapons, and stuff that makes more money for those things listed above. Ways to make more money include manufacture of illegal things (counterfeit money is one of their specialties), weapons systems for sale and internal use, and cybercrime. In other words, they are starving because the resources that could help are being spent on training these people. Entirely consistent.