Posts by doublelayer

Re: Problems in search of solutions

Since I'm not official IT, I get to skip the part where you're supposed to use stuff for a problem they don't solve and you probably didn't have and skip straight to the part where a bunch of disused junk ends up delivered to a place near me and I'm allowed to cannibalize it for systems of my own. Sure, it's also likely not to be solving any real problem with me, but it wasn't before and I'm at least having fun with it. The ewaste doesn't look good though.

Re: Call me old fashioned

There is also the interactive fiction archive where you can find a bunch of emulators and adventures. I'm not sure if people still developing them put them up there, but it's got thousands of older titles at least and is the logical place to put new ones.

I can't say I have the same feelings toward these that you do. I've spent plenty of time playing these when I was younger, but I kept finding things that annoyed me. The example of fighting to do something that is clearly required and would be simple in the real world crops up far too often. Similarly, I found that few adventures have any level of realism (so the character needs something to stab something, only a fork will do, the only fork in the game was found in your kitchen at the start of the game, a few dozen rooms ago, and you can only carry ten items before you have to drop them, and also this place has a kitchen so can you give me one good reason they don't have any forks or why the person who needs the item couldn't have found something sharp before I turned up). There's also the ones that strictly count moves for timing of something and wouldn't distinguish between a fast action (examine oven) or a slow one (hijack moving train) and/or effectively required frequent use of the undo command to squeeze actions in. I truly enjoyed some of them, but there were more which sent me on one too many pointless missions and eroded my faith that starting a new one would be worth it.

Re: Call me old fashioned

I think the online world concept you mention probably ends up looking a lot like the metaverse concept:

> open mailbox

The mailbox cannot be opened.

> x mailbox

The small mailbox is a metal box with a door.

> unlock mailbox

The mailbox has no lock.

> check mail

I don't understand that sentence?

> read mail

You don't have any mail. Maybe check the mailbox?

> look in mailbox

The mailbox cannot be opened.

> use mailbox

To use an item, use a specific verb.

> hit mailbox with hammer

Nothing happens.

> hit author of text adventure with hammer

I'm not sure what your policy on blocking ads is. I know that I had The Register allowlisted for a while because I valued them so much, but if this keeps going, I'd consider removing that. I can't remember exactly why I removed them from the allowlist a while back, but the ads here are once again not getting to my screen.

Re: Why not just do it above board?

I don't think this is or will become advertising. If they did start running advertising, even with the provisos you specified, I would immediately stop using Ubuntu. I donate to support things. I don't need to be shown ads to do it as well. One of the reasons I use Ubuntu among other Linux distros is that it gets out of the way and allows me convenient use of my computer, and running ad pop-ups is inimical to that goal.

"One of the first unsolicited commercial emails was sent by DEC, and no less a luminary than Richard Stallman defended them. I think we can all see how that's ended well and nobody has abused that idea since then, right?"

Or, quite possibly, Stallman was right about whatever DEC did and didn't mean that anything else was equally acceptable. Messages' acceptability isn't an all-or-nothing thing. Depending on the level of permission I've given to receive a message, I view its delivery differently. If I've signed up to an email list from a company deliberately, then I'm not surprised when they send me a message that has commercial purposes. If they do it when I bought something but didn't ask, I'm more annoyed. If they do it and I haven't interacted with them, I'm a lot more annoyed, but there can still be exceptions and variations.

In this case, I don't think it's a good thing, but it's a function of a program that people choose to run and don't have to. Lots of programs have such modes. For example, if I use Pip to install a Python package, it will check whether it is up to date, and if not, it will recommend I update it after it does what I've asked. I didn't ask for that behavior, but I also didn't object enough to it that I acted to disable the behavior. That's not the same as mandatory advertising brought in from others, and this false equivalence doesn't help make the point. We get that a lot and we know how different they are, so it doesn't prove that this part is bad.

Re: Deja vu again

All of those can be sciences. All of those and more can be done wrong, thus not scientifically. Science requires rigorous testing of hypotheses until there's some confirmation that they're likely true, and then more testing to make sure that wasn't wrong. That's equally true in chemistry or psychology. Psychology has had more people recently who decided they knew what they were talking about because they made up some theories and stated them as proven, doing it wrong. Chemistry may therefore seem harder, but there was a time when people did the same thing there, for example deciding that heat and fire were created by an invisible substance called phlogiston based on the principle that "we don't know how, and this could be possible, so therefore it is true". That was no better.

There are people in all fields who approach it that way, but you appear to dislike the entire field based on people failing to approach it scientifically. There are others who do it correctly, and you can verify whether a certain study was tested scientifically or not and reproduce the behavior if it was. Either that or you have a preexisting prejudice against some theory, but being unwilling or unable to disprove that theory using the scientific method, you are applying an incorrect stereotype to the field as a whole.

Re: Blind testing

Well, that's better than using pictures, but better than actively harmful is a low bar. All the AI will tell you (if it's properly calibrated) from a writing sample is whether you appear to have proper grammar from whatever dataset it has. It's likely to get that wrong anyway. If it was trained on only formal writing, an informal paragraph would probably be judged poorly. It could become overly focused on spelling and mark someone down for using a correctly spelled word that it doesn't know.

Also, it's not any use. The only time you need a writing sample is if you're hiring this person as a writer or in a job where there will be a lot of writing, and depending on the job, you need different writing samples. If you're hiring a journalist to write articles, a sample of an email won't tell you if they can do it. If you want a creative writer of fiction, an open source project's readme won't tell you about their skills. If you're hiring a person to write documentation, being able to understand and explain the function of a system may be more important than writing quality, because correctness and structure in the documentation is often more important than literary style.

Re: "because of bad actions by employees"

I know. That's why I only ever use Linux. They don't have the concept of binaries or scripts so nobody could send me a malicious one. Although I've been thinking about changing to BSD because I hear they completely prevent the most clueless person from entering sensitive data on a malicious website because they've implemented RFC 3514 strictly.

Re: Smart devices for dummies

Or alternatively, you only do point 2 and point your transmitter in a narrow beam at your receiver. You have to have a receiver nearby anyway to watch the flicker. That way, nobody can notice the flicker and investigate the problem. Also, I'm presuming that, if you don't flicker too often, the bulb doesn't factory reset, but if it doesn't flush out whatever malformed buffer is created, it could be that you just get a finite number of bits before your system stops working until someone fixes the bulb. A single transmitter won't have that problem and avoids relying on an unreliable bug and an error-prone signal receiver.

Re: Smart devices for dummies

But in order to get their computer to transmit the data, you need to have installed software (this part could be done remotely) and configured it to be able to transmit to the light bulb. The transmitter means you'll probably have to attach a USB transmitter to their laptop, but obviously that means physical access and you could do more. Even if you managed to put a transmitter somewhere where the laptop could transmit to it without requiring physical access to the laptop, you could have that send a Bluetooth signal across the street, or a different protocol (LoRa, maybe) if you want pure broadcast with no interaction from your end. You'd have throughput measured in kilobytes per second instead of bits per minute. Even if you want only a few bits of data, you could get it in a few milliseconds' burst transmission which means you're less likely to get caught or to break your system before you've retrieved what you want.

Re: We don't need no stinkin' Zigbee authentication

That's not really the bug they've got. The normal messages are authenticated, hence why someone can only cause the bulbs to malfunction. If they didn't bother with authentication, someone could take more direct control. Their real bug is in their parsing of incoming messages. Most unauthenticated messages would be dropped, but a malformed one seemingly crashes something which has affects. They need to fix their receiver system's parser, not their authentication system.

Re: Smart devices for dummies

That doesn't work well for two reasons. First, this doesn't let you flicker the light however you want. It's not an instant on/off switch. It lets you mess with the device and cause it to malfunction, but not in a deterministic way that produces clean results. If you wanted to do this, your decoding algorithm would have to filter out a lot of noise and you'd have to limit how often you sent your flicker commands, meaning you'd have a really slow baud rate for any transmission you had and you'd need that transmission to contain a lot of error correction. If the lights are on a motion sensor or people turn them off at the wall when they leave, you'd also need to accommodate for it.

Second, the way you flicker the light is to send a radio signal from the device controlling it from a close distance. If you're using that to send data, then you're sending out a signal from the machine that contains the sensitive data. To receive the signal, the receiver needs to be able to detect the light. If you can bring a radio transmitter and a receiver with a camera into the location where the sensitive data is, you can do a much better job by simply sending the data with the transmitter and replacing the camera on the receiver with a radio antenna. You wouldn't need to rely on unspecified behavior from a light bulb or to have security notice you've got a camera on you (if you can take in a camera, you might also try taking pictures of the sensitive data). If you can get the equipment where you need it in order to exploit this, you could already have gotten better equipment in there with fewer requirements.

I haven't researched this, but the specific codenames imply that the chips that didn't support ECC were the Zen 1 and 2 range APUs. If that's true, then it's less that AMD also carved out a set but rather that they've only added it recently. It appears that all Zen 3 or higher APUs should support it and for some reason, Zen 1-2 chips without integrated graphics do as well. Maybe they had a problem getting ECC support along with the integrated GPU when those were newer.

Before buying things based on my hypothesis, check more thoroughly than I did because I might be proving my ignorance.

Re: family support

Because backing up data that a nontechnical user probably didn't is totally unnecessary. Sure, if you gave me a drive with separate partitions, I might do the reinstall on it, but I'm first copying the /home data off just in case the installer messes with the partitions. In fact, while I was writing that sentence, I realized that I'd still use a clean drive just in case the person concerned concluded I broke something, so they had a copy of the broken OS files too. So in no case would I fix this problem by installing directly onto the original drive unless I had no replacements available, no matter what partitions were on it.

Re: Phone Cabling

That does seem to be the general expectation. Not that I fight it too hard, but I don't expect other people to do whatever they're good at for free. Somehow technical help (which since I'm a programmer my acquaintances think covers everything from hardware failures to data recovery to web design) is the exception to this. I'm usually happy to do it for close friends and family, but there is a fine line between my willing to be generous because I like them and people expecting that I'll do anything they want at any time.

Fiat money is not a new term. It's a useful distinction from mineral currency (buying something with gold or another valuable thing directly), specie currency (paper attached to minerals, usually gold, held in reserve), and other currencies (anything where someone accepts it as a value exchange for buying something or paying a debt). Since cryptocurrency isn't much good at anything else, its only value, if it has any at all, is as an alternative currency. There are people who will exchange it for things we consider valuable, indicating that it does have some monetary value. The term applies well to distinguish the different kinds of currency, even if you don't like one of the members of the group.

Re: Sort-of inevitable

What you said doesn't really contradict what they said. Whatever the reasons for choosing to resign, whether that was not liking the job because it was boring or because they felt mistreated, they chose to retire early and had the ability to do so for the moment. The pandemic had a lot of benefits for people who wanted to leave their job, from assistance to those who were unemployed to an easy market to switch into another job. Those advantages won't last forever, and as retirees have already seen, not having a job can be more expensive than they planned.

I'm not sure the reasons people chose to resign are that relevant. People have the right to leave a job even if there's no mistreatment and they just don't like it. While there were so many companies looking for people, I know several who took advantage to find a different job, and I encourage it. That may not last much longer, though, and the amount of money the employer pays may become more important as prices rise.

Re: Is it time?

No, I'm afraid it would not. If they knowingly process transactions for criminals now, they're already chargeable for money laundering if not accessories to the crime itself. If those criminals are terrorists, that's still what they get charged with. Crimes along the lines of "funding terrorism" apply to people who give money to those criminals, not people who take money and process it. Many of those exchanges would argue in either case that they don't know where the money came from, which wouldn't always work but might in some cases be true.

Re: Shocked, shocked I am!!!

I think a lot of large U.S. hospitals work that way. The places providing the care may be nonprofits, but that's not the same as free or charged to governments. It just means that the money collected from patients goes to a fund to continue upkeep of the facility, not to shareholders.

Re: Is it time?

It depends. What do you want that to accomplish? If we use "terrorist" as just a type of criminal that could be better or worse than a different kind, then no because the definition tends to include committing violence for a political end and neither of those happened here. If it's now to be used for criminals that cause large amounts of damage and we want to put extra energy into capturing them and terminating their activities, sure, but that's probably a different word.

I think the best approach is to have a new term for the type of criminals this contains, as overloading the word terrorism hasn't produced useful results in the past and can lead to unexpected events.

Re: 5G Ohhh Ahh!

If the cable connection is bad enough (which their multiplier suggests isn't the case for them) and that speed is consistent, that could be shared between multiple devices on the home network. Many devices using that connection simultaneously could hit that speed limit, and are much more likely to hit the limit of 4G service.

The main problem I've seen with using mobile networks as home internet is that there is usually some limitation to the data that can be used (sure, they say unlimited, but there's often a throttle threshold somewhere and it's often low enough that someone who streams a lot of video is likely to hit it frequently). If your speed gets cut after you've used a hundred gigabytes, then the excellent 5G performance won't be very helpful anymore.

Re: Key question

The amendment concerned does not say "no US citizen can be denied due process of law". It says that no person can be denied due process of law. The distinction is relevant because corporations are considered legal persons but not citizens. The debate over exactly what the personhood definition should mean has come to include a lot of things, but it's pretty clear that one of the most basic ones is that the laws apply to corporations as they would apply to individuals. Being in a corporation shouldn't mean that you can do whatever you want or that the government can do whatever it wants to you.

Whether you implement that with a legal personhood hack, by extending the language, or (as was often done before the legal personhood system) making a link between the people owning or running a corporation and that corporation and using their rights as the corporation's rights, you'll get to the same place. Other aspects of legal personhood are not necessarily included. The last approach breaks a lot, which is why it was replaced.

Re: Uber. Again.

In their defense, it's more the same period, again. Uber may not be a great company now, but they were a really bad one in the mid 2010s. The fallout from that period, including this action from 2016, doesn't necessarily reflect on them today. They could theoretically have improved massively and this legal decision would still be required. I have no idea if they have improved or not.

Re: Given the mentioning of two python scripts being involved, isn't the solution to disable python?

Given your mention of Cobol, I don't know if you're being serious about blocking Python, but it's an argument I've heard before from people who definitely intend to do it. It doesn't work.

Of course, blocking Python would prevent some infection. And execution of any code outside the Windows directory. And inside that directory. And in the bootloader. I can provide you perfect security in this vein using the fail-safe security tool known as a blowtorch.

If you disable every function of a computer, it becomes a lot worse for doing useful things. Maybe nobody uses Python themselves, but there are still applications written in it which disabling every copy of Python will break. That's not a realistic way to block malware because it's a lot easier for the malware writers to port their script to something else or hide their interpreter than for the average user to get around a block that prevents them from working. They clearly didn't think they needed to hide their tooling this time, and they were right, but if it turned out they needed to, that's a day's effort for one programmer and your efforts to block Python are circumvented.

Re: @Ian Johnston - Implicit in the article, but not explicitly stated:

If you can achieve similar results for similar effort using Gimp, that's great. If the worker doesn't think they can manage that, it makes sense that they don't want to try doing so for reasons they think are invalid. You can always fire them, but you'll probably have more problems finding people who have experience or the desire to use the tool you want if it's so niche.

Take programming. My employer could ask me to write in a number of languages and I'll accept. If I don't know the language, I can always learn it. If they tell me that our project's to be written in Apple II integer basic, though, I'm not likely to put up with that craziness just because someone issued an edict. After attempting to convince them otherwise, I'll decide whether it's worth leaving not to have to do that. They're likely to find that most developers don't want to use a tool that, while technically capable of the job, is painful and unproductive for the task at hand.