Posts by doublelayer

Re: Always trust Microsoft reports - not

In fairness, just because someone has been calling you more doesn't mean the aggregate goes that way. If we're battling anecdotes, I have been waiting for a tech support scam call because it seems much easier to waste their time when they have to have a person on the call. I'm still not sure if it's disappointing or nice that I haven't gotten any. I do get automatic scams where the robot wants me to confirm I'm gullible before they put a more expensive human on the call.

It all depends on idle power consumption because that's what the law is about, so even if one is significantly more efficient under load, this law doesn't care. When running at idle, a lot of things consume power other than the CPU, which is probably why gaming computers are the ones that don't fit within the bounds. Only if one manufacturer can make large enough cuts in their processors' consumption when idle will that make a difference, and it's more likely that the PC manufacturers will find a way to make the more power-hungry components run better instead.

No, it's not a Ponzi scheme. That doesn't, in itself, make it a good idea, but if you're going to argue against it, do so accurately.

A Ponzi scheme requires a central entity transferring real value to handle transactions in falsified value. In clearer terms, someone has to run the scheme and commit the fraud. Cryptocurrencies do not have such a person. This disqualifies them as Ponzi schemes. In your argument, you said "you're supposed to think if everyone sold off, there would be something left of value, but there would not.", which is correct, but doesn't a Ponzi scheme make. In fact, that statement is true of any other real currency--if we all decided tomorrow that the pound was worthless and sold ours, it too would go to nothing.

Most cryptocurrencies are bad as currencies and weak as investments, with no external worth and hideous volatility due to investor activity. That almost certainly means that you shouldn't rely on them for storing or making money. They aren't fraudulent though.

London. The company has moved premises from time to time but has always remained in or near to London. Of course, sometimes it's a London as envisioned by a New Zealander, but London is the goal nonetheless.

Re: Not the Halon!

They don't need to keep it. They just need some gaseous method of keeping people out of the room, and if they've implemented the nitrogen method correctly, that will work as well. Or, for that matter, if they've pretended to implement it correctly, that might be as good a deterrent as any. More importantly, if they had an event where halon was detected, it's a worse excuse if it's illegal to have around. They might not be found out for the original use, but they'd have consequences already.

Re: Reverse

I don't like that approach, or rather I only like it in a very restricted set of circumstances. Unless the candidate has already been told a lot about what they will be doing, they don't have a lot to ask about. After the obligatory question about what the job involves, and some necessary clarifying questions, the candidate is likely to know what it entails. So one of two things happens:

1. The interviewers know everything about the details and are willing to share that information, so the interviewee has to ask about active tasks that they would be working with, essentially trying to solve problems without ever getting to see the system, code, or whatever else is involved in the problem. This is if the interviewers tell the interviewee that they're doing this, because most interviewers don't even know that stuff so the interviewee usually knows well enough not to interrogate them on the internals.

2. The interviewers either don't know the details or don't want to disclose that to anybody who can get into the interview, so the interviewee has to come up with enough questions to fill the time. Instead of learning anything about the interviewee's qualifications to solve the problem, the interviewers learn of the interviewee's ability to improvise and fill time. While improvisation is a useful skill, it's not very useful if the more important qualifications are lacking. Filling time uselessly is a negative except in sales or law (and isn't necessarily great there either).

By all means let the interviewee ask questions, but unless you give them enough information beforehand, which questions they ask isn't going to prove much about their skills.

I don't think it's having the opinion that's the problem, but instead how you express it. If an interviewer asks what systemd is, they want you to describe what it's for and how it's used, not what you think of it. Commenting on its design decisions which you think are good examples of something you will avoid later is a middle area. Shouting that it's the worst thing you've ever seen is, even if they agree, not a great harbinger of your ability to accept things that you don't entirely agree with.

"As the article says, the employer needs to avoid anyone who is applying solely because they're desperate for a job."

I'm not sure about this. There can be several cases where someone does need a job badly and is also quite capable of doing the work involved. That someone is applying because they need a job doesn't automatically mean they lack the ability to do it properly. For example, someone who took time off to deal with an emergency which has also depleted their savings could be very desperate for an income stream, but that situation could also happen to any one of us given a sufficiently bad emergency. On another level, anyone getting their first position in a field will have faced some difficulty proving their qualifications without citing experience, and they could be very interested in finding a position, any position, so they can prove their abilities as a professional. Yet everyone here who has a job at one point didn't have any job experience but still had skills.

As an interviewee, if you're desperate for a job, hide it. Many interviewers will follow this quote faithfully. To interviewers, I suggest you become the exception to that rule.

Re: Oh yeah…

That's fine if you're at the offer stage when you decide you don't want to do that job, but if you're still in the interviewing stages, the costs are higher. Especially if the later interviews have time or location costs for you. Taking a day off work to travel somewhere to interview for a position you don't want in the hopes that you can suggest a ridiculous salary and they'll accept it is not very useful and certainly unpleasant. For similar reasons, I don't automatically start interviewing for positions when recruiters find me--having a bunch of one-hour initial interview calls isn't that hard, but it's often time wasted.

Re: That Meme

Okay, I'll ask. What is it that you want to hear when you ask that question? I've seen a few basic answers, either listing qualifications of use to the position (you already have that in front of you) or platitudes about a hard-working, motivated, interested, team-working self-starter (useless). This becomes even worse if it's the kind of interview where someone might end up in a few positions, because now they're not sure what specific qualification you're hoping they'll tell you about.

Re: It's a two-way street

"to people who neither know nor care about its products, ethics, "work-life balance" or anything else except the number on the offer letter, [...]"

Mostly agree, but I really do care about their work-life balance. I currently work a normal working week and I know how to request time off (and it's easy). If they want me to work long days or weekends, they'll have to pay me a lot more if I agree to go through that at all. Sadly, even though I care about this, I've never heard anyone tell the truth about the balance. Nobody ever comes out and says "To take time off, you must submit three forms through the complex portal with at least two months notice then wait for manager approval which should take about seven weeks", even if that's the case. If they ever did tell me, I would be listening with close attention.

Re: Thankfully!

I assume they wanted to use two icons, and they're only allowed to select one.

Re: "I don't know how much AWS gives back to the ecosystem"

"I see that you thrown in "rent seeking" buzz-word, but in the context you used it, why don't you accuse workers of rent-seeking? Why company should pay workers every month?"

The difference is what they said before. The workers signed a contract saying they would be paid, whereas Elastic didn't. Therefore, the workers are asking for what they already agreed they would get, whereas Elastic were asking for something nobody ever agreed to give them and, in fact, something their license said wasn't required in the first place. Once again, I can see why Elastic wanted it, but changing the license terms is not a very nice thing to do, especially given that there were other contributors to the code whose contributions were being exploited just as much as Elastic's were.

Re: "I don't know how much AWS gives back to the ecosystem"

What did you say about the water when you put it out there? If you explicitly said that anyone could take as much as they liked for any reason, commercial or not, then it's an act you expressly allowed. It's fine to be annoyed at someone who uses something you made without paying you, but if you want to prevent it, you need to factor that in when you license it. The open source licenses explicitly give people rights which decrease your ability to make money just by selling the software. If you don't want companies to make money off your software without paying you, then by all means make your license free for noncommercial use; you won't be the first and I'll be entirely behind you. Just don't make it something else then act all surprised when people do what you said they could.

Re: "Open Source software was never meant to be used the way AWS use it"

"Why GPL didn't make a provision stating that if you rent the use of code to others, or anyway use it commercially, you have to publish your changes as well?"

Because they didn't envision a world where code is run for users rather than sold to them. However, that change would not fix the Amazon payment situation. Amazon already did release their changes. They just made money from the use of it and weren't generous about giving back financially as well as with code.

Re: "I don't know how much AWS gives back to the ecosystem"

"Rent seeking? Are you saying it's unreasonable for Amazon to throw a few coins into a few hats to support all that open source software they copy and paste wholesale and make billions from?"

No, I'm saying I don't agree with someone who demands it when they chose an open source license. Just as I don't agree with someone who makes something GPL and then complains that they can't make it noncommercial use only. You choose your license and it gives others freedoms, including the freedom not to pay you. It's reasonable to be unhappy about this and to complain vociferously, but to unilaterally change the license terms is something they have the right to do but I don't like.

Re: "I don't know how much AWS gives back to the ecosystem"

Not to praise AWS here, but if you're talking about Elastic,, that's not exactly the way their decision got made. They didn't like the fact that open source means you're allowed to use it for free. I get why someone at Elastic might be annoyed at AWS for making use of something that was given away, but that's part of the calculation when you use a license which effectively says "no support and you can use it without limitation". AWS didn't pay them very much, but they did upstream patches. Elastic wanted to rent-seek on their code and switched the license, and AWS chose to use the freedoms they were given. When you consider that Elastic got assistance from many external developers and didn't pay them for that, you can see why not everybody is on Elastic's side.

Re: Inevitable

I'm sorry, but what?

"the transfer limit would mean that assume an average of a 1k ransom, then 10 "customers" could be directed to a given wallet a day, having to create many hundereds of legit wallets a day would lead to throttling and easy detection"

No, it wouldn't. They don't need to set up legitimate wallets to receive payments if they can exchange somewhere other than the EU. They can even live in the EU and exchange elsewhere. The people who need to set up registered wallets would be those paying the ransom, and they would only need to set up one. The creation of unregistered wallets is easy.

"2 the internet is ultimately answerable and licensed for operations by governments, if they say no they its a no, freedom online is an illusion"

Well, sort of, yes.

"icann answers to the US govt, RIPE to the eu and uk govts,"

So what? So the ransomware operators can have domain names taken off them (and it wouldn't be ICANN doing that anyway). And if they registered their own IP blocks, those could be taken away too, although they never do that. How would this affect them at all? They mostly use Tor hidden service domains, which ICANN cannot take away, and they'll operate on anonymous hosting accounts or compromised computers which can be shredded whenever they're concerned. How does the regulation of basic internet operations impact this and if so, why hasn't it been used before?

Re: Inevitable

I'm afraid this isn't correct. The regulations require tracking of people setting up wallets and moving money inside the EU, but don't have control over the technical systems of any cryptocurrency. Without a regulation making the payment of ransoms illegal, this would do nothing--user identifies themselves, exchanges cash for crypto, pays crypto to anonymous wallet, ransomware operators exchange that crypto somewhere outside the EU without identifying themselves (which they're already mostly doing).

The only thing this gives you unless you make payment of ransoms illegal is a list of people who paid the ransoms. They would still be able to do so easily.

That doesn't break this system unless you mined or bartered for all the crypto you have. If you wanted to exchange some cash into crypto without being known to this proposed system, you would have to go to an exchange that's outside the area where you live (or is willing to break the law). Therefore, for most users who got the crypto by exchanging local currency, they and their wallet public keys would already be known and stored.

Re: SWaaS

"I bet this all started with some suit ordering their techies to do it over their objections."

I don't think so. Technical people have the option not to do this, and they especially have the option not to do this well. To get a successful set of exploits and use them to this effect, it wouldn't appear they have technical people doing this under duress. I would be comfortable assigning guilt to any programmer on their software and I wouldn't be so quick to assume the blame only resides with a subset of those who know what's happening and do it gladly.

Re: Fine advice, but not relevant to the article or browser

That is unfortunate, and as you probably already determined, I don't really like this. Even so, it doesn't change my original point. If the web browser is displaying a document which is effectively an application, then someone else can with great ease implement an SSH client that runs on it. There is still no reason for that to be integrated into the browser.

Re: Cleanliness is next to godliness

I don't think it ever supported uploads over FTP. I think that was just for downloading files or browsing the directory tree. FTP clients exist for that purpose, and they'll probably do it better than a browser does.

Re: Fine advice, but not relevant to the article or browser

"And yes, they should have added support for sftp/scp/ssh to the browsers decades ago."

Why should they do anything like that? SSH is a control protocol, which has very little to do with browsers. Why should a browser do the job of an SSH client when you can go get an SSH client? At least with FTP, the browser's job of downloading files is part of what FTP is for. Similarly, I don't think a browser should implement the uploading features of an SCP/FTP client, because that's not its purpose.

A browser, to me, is a tool for getting files over certain protocols and displaying them to the user, and shouldn't try to do much more than that. Opinions vary on what documents a browser should display (run scripts in them, have a PDF viewer in them, etc), but I would hope that we don't also have to shove every other kind of program into that.

Re: Yes, but let's miss the point and argue about trifles

These discussions aren't as pointless as you think. We all agree that ads are a nightmare, probably useless, and that we'd be happier without them. Well, probably some people don't, but I think most of us here do and I'm prepared to skip the people who don't for now. The problem is what we do about this belief above the ad blocking systems we have running. The stated solution in this case is PDF, which isn't really a good solution because, if it was used by others, ads could be integrated in it as well through JS integration. This guy has simply decided not to put in any ads, which is great, but he could have used lots of formats to do that.

Since many options are available, it's worth discussing what format is optimal. Let's say I wanted to kill adtech so I decided to send you all my pages as image files of the rendered text, and to prevent possible bugs in decompression software, in an uncompressed format. That does technically solve the problem of active code in documents--you're not getting any scripting in a raw array of pixels. However, that's a terrible solution and you should tell me that before I waste my time on it. PDF is not that bad, but it also has problems that make its use suboptimal in this case. Hence it is worth discussing what would be best for a format without advertising or tracking.

Re: There's a lot of truth in what he says....

His complaints are true, and his reaction doesn't do anything about it. You can write very ugly pages with HTML, you can have lots of ads and trackers, it makes a lot of the internet a pain. His solution, however, is just not to do that, which could be done as easily with clean HTML as with PDF (better in my opinion). It doesn't change the calculations of the ad-supported business model, nor does it really fix problems. Not only that, but he also has to use some HTML so users can find the PDFs; they do hypertext badly. The complaints aren't original, and the solution isn't an efficient way to resolve any of them.

Re: re-sizing and re-wrapping text

This implies that feedback forms are necessarily wrong. I don't have them on most of my pages mostly because I don't want to deal with the readers' feedback, but if someone does want to give that ability, why should they be limited to writing an email address for someone to copy and paste over? It can be done without JS, it has been done for as long as the web was a thing, it doesn't prevent archiving, so what's the major problem with it?

Re: re-sizing and re-wrapping text

"BUT, if you don't allow scripting, how are you going to do"

"slippy maps (Google Maps, OSM, etc)?": Well, you could have a client program which you download and run so you know what is running what code, but at some point you either have to let a complex program run on a browser or not.

"Editable forms?"

With the HTML tags form, input, etc. They've been there since 1990. That's what JS pages use too, they've just got extra junk around them.

"Spell checking?": Your browser does that. It sees a texttarea tag and uses its local spellchecker on it. It works pretty well especially because you control the dictionary and it doesn't have to send the typed text to a remote server to check against their dictionary. Most sites where you see spellcheck in action are doing that. Try turning off scripting on this page and writing some misspelled words in the box and I'm guessing it will be the same. It certainly is for me.