Posts by doublelayer

The big book of what "hacker" means

There have been far too many definitions of hack and hacker. Here's an inexhaustive list, just to show how completely pointless any effort to force a single meaning would be.

1. Someone who breaks into computer systems. "The criminal hacked the database and dumped the password hashes on the internet."

2. Someone who builds things ignoring the conventional way. As seen in the article.

3. Someone who builds things in a quick and ugly way. As seen in the comment I replied to.

4. Someone who builds things in any way. "We need some hackers to get this app idea off the ground."

5. Someone who tries to improve on the accepted way. "Here are some suggested hacks which can speed up your work."

6. Someone who enjoys playing with computer systems. "I hacked this locked-down firmware so it supports more modern networks."

7. Someone who enjoys building computer systems. "I hacked together a bunch of components I cannibalized from some stuff being thrown away and built this cool proof of concept."

8. Someone who doesn't enjoy playing with or building computer systems but does so anyway because people are willing to pay them to do it.

9. Someone who uses an axe or other sharp tool to damage or destroy a physical object. "I hacked through the wall because the door was too strong to break through."

10. Someone who cuts a large object into smaller pieces. "I hacked apart this big chunk of chocolate so I could more easily melt it."

11. Someone who does not put effort into their work. "The writer is clearly a hack who doesn't understand how to do consistent characterization."

It's a losing battle. If we want a nice sympathetic term for something in this list, we'd better find a new word and start using that.

Re: Too late

Sure, give can mean to provide something unwanted or the like, but it's also perfectly acceptable for the definition you've provided for gift. I give people presents which I hope will be useful and certainly don't charge for. So in that sense, give works just fine to describe the action. Not only that, but most of the times gift is used as a verb it is by something that doesn't necessarily meet your definition. I've seen it used in legal contracts for a thing which was given but wasn't requested or in marketing to describe a new offering which isn't free or permanent. So, as usage goes, they do look a little interchangeable. At least give is completely suitable as a drop-in replacement for gift when they're verbs.

Re: @Ken Hagan - More to this than meets the eye

The problem remains. What, exactly, was or is the terrible thing the west has to deal with because Russian programmers are good? The hacking? No, that can't be it. Any country that puts a lot of effort into getting hacking capabilities can get there. North Korea has had almost no history of computer education and used to have really bad malware, but they're now quite good at it because they invested. Maybe Russia is so good at coding that they'll dominate us economically. They don't. What's the terrible consequence hanging over us?

The only result of this vaunted Russian efficiency that I can see is that there are Russian programmers who are good at their jobs, whether in Russia or out of it. I know several Russian programmers who are usually pretty good, but I also know programmers who are pretty good and came from countries on all inhabited continents. Also, there are some programs written by Russians which are nice. Nginx and 7zip come immediately to mind, and there are certainly more. That's if anything a benefit to us given how probably a bunch of us use those. As an argument, it doesn't make much of a point in support of anything else.

Re: Are you shilling for the Communist Party of China?

This is mostly incorrect.

"China does not "hold US Debt". Rather it has a lot of US Dollars in interest-bearing accounts in the United States, called "Treasuries"."

Treasuries are bonds issued by the U.S. government, specifically the federal reserve, in order to borrow money to pay for government spending. That is otherwise known as debt. Also, it's not U.S. accounts, it's accounts anywhere, mostly China, holding U.S.-issued bonds.

"The only thing it can do with that money is spend it in the United States."

That's wrong on a few levels. First, it's not money in there, it's bonds. Eventually, the bonds mature and they have money they need to reinvest, but the accounts concerned contain bonds that haven't matured. So they can't spend it because it's not money. What they can do is sell them.

"If it decides to withdraw that money from those accounts, then it would have a lot of USD sitting in NON-interest bearing accounts, and why would it do that?"

As stated, it would "withdraw money" by selling the bonds it currently has and also stop buying new ones. It doesn't do that now because U.S. bonds are generally seen as safe and it wants money more than it wants to annoy the U.S. If it did, the bonds would sell at their face value at least, meaning that China would get the interest they already earned and also push up the supply of U.S. debt on the market. Supply goes up, the price goes down, so now the U.S. has to pay a higher interest rate on new debt they issue. That might not be a problem if other countries and investors see U.S. debt as still safe, but if they don't, then it could be a bigger problem. Investors do that all the time. They decide they want to invest in something that will pay better than their bonds, so they sell their bonds. China might even do that without wanting to hurt the U.S. if they decide there's a better place to invest the money.

"As economist Warren Mosler put it, 'All we owe China is a bank statement.'"

And he's correct, but it's not the kind of bank statement which can be erased quickly if the U.S. decides to delete China's money. It's not a killswitch on the American economy, but it is something they can manipulate for leverage if they want to.

"The US Federal Government never borrows money. It doesn't need to."

They don't need to, but they do borrow. They have the systems to make as much money out of thin air as they want, but they don't use them to simply increase their account balance when they want to spend more money than they have. They issue bonds, paying interest to people who lend them money now, in order not to print as much new money. I don't understand how you're missing the point that, when they accept money now and promise to return it with interest later, they're borrowing money.

Re: A lot of kit is "designed" to be thrown away

You remember your Smith, don't you? How about you also remember your Sidgwick and Pigou? Know what they did?

What they did and you're not taking into account is the concept of externalities. In the field of waste recycling, there are several negative externalities. They include the following:

1. Disposal by burial is expensive. We usually end up paying for a lot of it from our taxes, even if we're not the ones burying stuff there. That's just the financial cost. There are others. Let's see them.

2. Burial means there is potentially dangerous stuff in our ground which causes risks to groundwater, which means a more expensive effort needed to protect that, and limits how else we can use the land. Not everything can be done on top of garbage. Now we have less land available for other uses.

3. If we have a demand for a certain amount of the mineral and we're not getting any from recycling, then we're going to mine that amount. We now add all the externalities related to that mining. Some of these minerals are not easy to mine or are mined in countries without environmental regulations which don't bother keeping pollutants in check. That's a large one in itself and there are others we won't list here because we have to stop sometime.

4. Costs of shipping this stuff. You're likely using lithium mined in South America. It's shipped from there to China, made into batteries, and shipped to wherever you are. By recycling lithium in China, you can cut off the South America round trip. If places near you make batteries, you can cut out both trips. If you recycle near you and ship to China, you can ship a lot more lithium since you're not shipping the other stuff, meaning a more efficient ship. That means several things. You pay less for batteries because the shipping is cheaper, and there is less shipping and thus less emitions from those. More externalities reduced.

This is real economics. The invisible hand is fine and all but Smith didn't say that you can do anything you like and it would fix everything. He was quite clear that it did not and that there would be inefficiencies that could not be resolved with market forces alone. He was right.

Re: Just imagine if...

"I think someone else would just look over the program code even before the second attempt..."

What's the point of that? In reality, the chances of code starting a building on fire are next to nil. Code running an industrial machine, sure. Code running on a power management device, maybe. Code running on a server, no. Even if the server was the initiating factor, it's not due to the code on it. More likely due to the hardware and the stuff next to the hardware which could carry on the fire. Also, for a store to burn down, it's incredibly unlikely to have started in a room that's probably relatively isolated from the rest of the building. In a situation like that, ruthlessly searching code to see if it's the culprit is like checking every vegetable supplier to see if any of them supplied a different type of vegetable which might have explosive properties, A complete waste of time.

Re: Big Tech, Big Ego

Don't count on that. We have decentralized communication. It's called the internet. A lot of the users don't use it as a decentralized system and post all their data on a few large nodes while all the decentralized stuff gets used by smaller groups. Expecting people to suddenly recognize the dangers and start spinning up decentralized systems is optimistic to the point of delusion. A lot of the public still don't understand why Facebook tracking is a problem.

As for blockchain, not a chance. Nobody wants a blockchain public forum taking the place of a Facebook-scale thing. Massive storage of everyone's data, massive efforts to mine it for useful personal data, no protection of modifications because few are going to host the blockchain and nobody's going to verify it, people juggling keys to keep access to their accounts. Not happening. It'd be like Facebook but worse for privacy (if that's possible) and much less workable.

Re: We’ve come a long way from the old USB hubs...

That is an excellent point. There are any number of terrible power devices out there, but all the typical ways you could mess up a USB PD system should result in nothing happening or a fried component on the board. If, for example, it didn't properly recognize what voltage to use, it could stay low and not charge it or theoretically supply too much and break something. If Apple can make it work in software, one has to wonder what exactly the supplies in question were doing. It can't have been destructive to the hardware since it will work now, so why did it ever make the computer brick itself?

Re: Not quite true

"You can have your site hosted on Azure, sure. You'll probably be using your own domain name as well, so nothing need be loaded from any Microsoft domain, certainly not any other than the azure domain(s)."

First, I'm not sure whether they also check IP addresses to block anything coming from MS or AWS subnets. Let's assume they don't. There are many reasons one might have an Azure or AWS domain in their HTML. Here's one reason: they're using the CDN functions. I've seen lots of sites which host themselves on local hardware or a smaller cloud provider but use AWS to host big files. Their site will be loaded from elsewhere, but when people click the download link, it will go to s3.amazonaws.com. Now there is an Amazon-controlled link in the source, so the site gets flagged.

The site could of course specify a CNAME so their domain is seen in the source, but the plugin should be checking where that resolves because trackers do the same as reported yesterday. Once again, Amazon's pulling the strings. Except they're not. They're just providing servers to store the big files. Someone from Amazon could point this out. Someone from Google will point out that people use YouTube as essentially the same thing for videos they've made so they don't have to write a video player or host the big file. They will show what happens when their sites are removed, namely that the page with download links looks the same and the page with a video looks the same except for the video box. Those arguments could convince people that the plugin's report on trackers or control is simply a lie, and thereby destroy its purpose.

Not really. A lot of sites don't use those providers, and some others use multiple providers. It's true that the big three are quite large, but if they all went down simultaneously, which is unlikely, there'd still be a lot of stuff online. In order to take down large chunks of the internet, you need to take down cloud providers, at least AWS and Azure, but you also need to take CDNs like Cloudflare and Akamai out of the equation. Even without those, lots of large institutions host their own services and small cloud providers would still run. My website, for example, would be fine. So would El Reg once they routed around the downed Cloudflare.

The structure of the internet is indeed fragile, but not in the way you think. It's not fragile in the sense that one big hit will take it down. One big hit will cause some grumbling while people repair the damage, but a lot of things will work fine. It's fragile because each individual part of it can be disrupted with some ease. Still, while things are strong, those breaks will be repaired, undoing your destructive work.

Re: vulnerable? Who, us?

It would be really hard to interrupt the routing to all four. Each has a bunch of places where they can reroute traffic, so you can't attack a physical place to interrupt their service. Meanwhile, if you tried something like a BGP hijack, you'd have trouble getting all the networks to go through you and those which did would quickly realize their mistake when everything breaks. Also, if you did interrupt service, a lot of the world would be annoyed but many things wouldn't break. Take El Reg. There are Google and Facebook URLs in their pages, so they'd get blocked by this plugin. However, if Google and Facebook go down, their site still works. It's not hosted on AWS or Azure either, so you could cut all four and the only thing that would change is that there wouldn't be so many ads and the Facebook share button would go away. I've emulated that on my network on purpose anyway.

Re: 2 engineers?

That's not it. They pay $100000 in donations annually, but now they're also subsidizing the work of these people. Still less than a platinum membership, but more than they used to be doing. Still, I have to wonder if that's all Linux is worth to them. Amazon is perhaps the most galling; they run a bunch of Linux servers for their cloud which earns them a bunch of money and on which their store runs, and they're only silver members?

I'm sure that's what they say, just like the police facial recognition systems probably say the same, but they'll be used in the same way. This program says the activity is suspicious and at best someone will look at the video and go "Hey. They did move their gaze. How should I know if they're looking at the window or at a screen behind this one. I'll trust it." and the student will get questioned or disciplined. I can see lots of possible eye movements during a test, from a bored student looking at the wall while thinking to someone unsure of an answer having involuntary reactions to their anxiety about their answer. Whatever the documentation may say, I think it's so unreliable as to be unacceptable to use it.

Re: Investment? Speculation!

Bitcoin = A mathematical construct which can't really be used as currency very often because it takes a long time and a large fee to spend any of it and is deflationary so people often choose not to. And also it takes some technical knowledge to use properly or trusting a company to hold all your resources to use dangerously, so few people go to the effort.

Dollar (or Pound) = an imaginary made-up currency which is used by a bunch of real people to make real transactions, is held by people and financial entities in large amounts so it's not that easy to devalue quickly, and is easily converted into goods, other currencies, or other commodities.

Unlike some here, I want to see a cryptocurrency that can be used as currency and think it's possible to create one. However, Bitcoin has failed in all the necessary steps to be that. It is not feasible to transact in it. It's hideously inefficient. It does not offer the kind of privacy that is necessary. It's just a random commodity for people to gamble on now, the dreams of enthusiasts broken.

Re: Strongly discouraged

They might discourage you from buying a larger one in the hopes that you instead buy a new Surface with a larger disk. Or to make you concerned about getting a third-party one when they eventually become available. They could be hoping that people think "You can't even replace the disk with one of a different size. No way this one from another manufacturer will work." and then you'd buy from them. I don't think it will really help much, but they could be thinking that.

Your PlayStation comparison is possible, but I doubt it. Before I say too much and look stupid, I am not a gamer and know relatively little about the device, but I read this description of the SSD. Based on that, it looks like they've designed a drive for really fast reads so they can load large game data quickly. That's not the kind of drive you find in a tablet-laptop. Among other things, it looks like the fast speeds from Sony's drive come with a higher power requirement, which isn't ideal in a battery-powered device. Even if MS does have unusually fast drives, Windows can run on spinning drives today, so it clearly doesn't need it. They probably would be more successful at selling these replacement drives if they said "Other drives will work, but these ones are really fast so you'll like them better". I don't think that's the case.

Re: Windows and Storage space

I can't speak for the HP Stream, and you seem to have had success with it. The one I saw ran an old Atom part and really did not want to boot to external media. It had a micro SD card slot, but wouldn't see that in UEFI. It had a USB port connected via a dock, and wouldn't see that either. The only external port it would see was an OTG micro USB port. Even then, it wouldn't work well if you tried to boot off a drive connected to that. The internet told me it needed a custom 32-bit firmware patch, although the processor was supposedly X64-capable, but I tried repeatedly to put that patch on a Linux disk with no luck. I had some success deleting everything off the internal disk, performing a Windows reset, updating, reset again, and then it was updated again, but there's no way I was doing that multiple times.

Re: Strongly discouraged

My guess is one of these happened:

Option 1:

Manager: Let's prevent people upgrading their drives so they have to buy a new product when they run out.

Engineer: That sounds fun. I can think of several ingenious ways to make them break weirdly by messing with the firmware.

Option 2:

Manager 1: Let's prevent people upgrading their drives so they have to buy a new product when they run out.

Manager 2: Good idea, but having an engineer mess with the firmware would be expensive. Let's just say things that make it sound like we did.

Manager 1: What if people try and it works fine?

Manager 2: The paranoia of expecting that an engineer will have messed with the firmware so it will break later will get to them soon enough.

I'd also like to know whether these are any different from normal hardware. The article notes that the ones for the Surface Pro X are a little different, but doesn't comment on these, perhaps because IFixit hasn't gotten any of them yet. I really hope they haven't taken a standard part and forced it into a slightly different package just to lock people in.

Re: It's all about the forces involved

That heavily depends on the desires of other countries to mess with the situation. If say, someone in the U.S. establishes a colony somewhere and refuses to obey the treaty, and the U.S. wants to defend the treaty, all they have to do is prevent any supply launches until things change. Companies trying to launch from elsewhere will have trouble getting access to the launch capacity since existing launches would be going somewhere else and it's not easy to get emergency access to a launch facility with your own rocket. Only if existing governments wanted to provide that emergency access in order to annoy the U.S. would that change.

Once there is a lot more development where the colony is, that situation will be different. At that point though, there will be authority of some sort established there.

Re: Remember 1776 ......

I think the analogy still stands. Spacex is a shipwright. Current governments are like the colonizers. Neither has a right to decide unilaterally what the law for those who live there should be. If one has more right, it is the governments because that's where the people are now. Spacex though ... it just builds ships. It should stop trying to assume authority it doesn't deserve.

Re: Remember 1776 ......

They built it here on Earth, where they have a legal requirement to put on the radiation warning marks. I'm sure some chips inside it still have serial numbers that are readable too, but they didn't keep those for people exploring Mars in decades to come.

"How do you distinguish that situation from the Australian satellite bumping into the French one?"

Which one moved last? If the Australian satellite is on a steady course, then the French operators knew it was there. There are big databases of where satellites and other orbiting objects are to prevent exactly that. If the French satellite launches into the orbit of the Australian satellite and they therefore collide, it's the fault of the operators of the French satellite. Those operators are under France's jurisdiction and come under any French and EU space regulations.

Re: Remember 1776 ......

"After all a relatively small handful of frontiersmen (people for the PC) beat (or at least drew with) one of the foremost military powers."

No, that's not what happened. For starters, it was more than a handful. About 250000 American troops served during the course of the war, with 60000-90000 at once. That's small by modern wars, but not very small. Especially as they did not beat the British. They drove the British away, but they didn't conquer Britain or cause it to collapse. They couldn't even take Canada from them despite trying. The reason for their win was that they had resources where the British by and large lacked them. The Americans could operate using local troops and resources, whereas the British had to ferry all their troops over the Atlantic and buy or take resources from Americans who already had them. And let's not forget that French assistance was required to complete the victory.

In comparison, a Mars trip has all of these reversed. If countries on Earth wish to impose their will on Martian societies, they won't have to do it by sending troops over. The easiest way is to stop sending stuff over. It's much easier for someone on their own to survive on Earth than on Mars, and stuff breaks.

But let's say this is correct. How does it change how a Martian constitution should work? I find the concept annoying not because I think Mars shouldn't have one, but I think that, if they're going to have one, it should be written by people who established a society and wish to remain on Mars. Not by some random company which builds vehicles. It's like saying that the U.S. Constitution should have been written by shipwrights in Europe who would eventually bring people over, for the moment ignoring the native population of the Americas because everyone at the time did. They have no right to assert sovereignty.

Re: "... pay publishers for linking to news content on their platforms"

They already complied with the law by not showing any news, but that got the Australian government very angry. How dare they decide not to do the thing that the law was created to prevent them from doing? It seems as if the point of these laws is to take money from tech and give it to publishers, not to fix tech's abuses. I'm not even sure they can really explain what those abuses are, although they clearly exist. The way the law is formulated seems tailor-made not to actually change anything.

Re: Uh huh

That is not in itself a rebuttal to that argument. Samsung has said they will update for four years. First, we will need to see that. They have failed to update for very long before, and we haven't actually seen them do what they've said. Meanwhile, Apple does continue updating, we have seen it, and for longer than four years. The comparison between the two indicates Apple to be better at long-term support. It is easier for them perhaps, but still, the comparison will get made and the facts point one way for now.

I think I made myself quite clear. I agree with you on the first point, with the reservation that people often buy iPhones to run third-party apps. I disagree with you on the second point, and think the article is broadly correct when it claims that developers can't sell their apps outside the App Store. Despite some theoretical workarounds, it remains infeasible. I notice your second reply focuses only on the point on which we partially agree.

My point in arguing this is to illustrate that your defense of Apple is ill-founded. Despite your comments, the article did attack Apple on the basis of their monopoly of distribution. The statement about not being able to sell "anything" without going through the App Store is just such an attack. Your defense of it as inaccurate is in my mind incorrect. Not that there aren't arguments in favor of such a monopoly, but I don't think that is a good one.

I'll grant the first inaccurate statement is worth some consideration, but only some. A smartphone which can run apps is most frequently used by people who will install at least some apps on it above those default Apple ones. But it's true, an iPhone with no account set up can still do various PDA-style tasks, and that may be enough for some.

The second one though... No, I can't really accept that as a reason the App Store isn't a monopoly over distribution. In order to sideload a file like that, you need to find an ID number which isn't easy to find (there are a bunch of numbers in the about section and that one is not there), send it to a developer who has to provide a custom version specifically keyed to your device, and accept the risk that the developer will suddenly stop doing that when Apple sends the strongly worded email about not adhering to the store terms. When compared to Android (settings, security, allow apps from unknown sources, open the APK), it's a very different experience.

Neither statement is correct if you're pedantic, but it's clear what was meant. Are you contesting these points because you actually think that technicality changes the situation, or just to point out the inaccuracies of language?

"With Apple, you can't use an iPhone if you don't use the App Store,": Well, you can use it as a phone with a mail client and browser, but if you want any of the apps that it is perfectly capable of running, you'll need to use the App Store.

"and you don't get to sell anything to iPhone users if you don't go through the App Store.": You can sell them lunch, so technically not true. If you want to sell them software that runs on their devices, which is what's relevant, then you do have to go through the App Store.

Before someone brings up jailbreaking, A) Apple forbids jailbreaking in their terms of service, making it a grey area although recent laws have made it clearer, B) in order to patch security holes, Apple frequently prevents jailbreaking from happening, and C) only a very small subset of Apple's users even knows you can jailbreak let alone how.