Posts by doublelayer

Re: NHS Data Slurp As A Threat

Sure, that could be done. Birth year is sufficient for age. And truncate the post code or have a better way of representing truly large geographic areas, especially important for rural post codes which contain few people. And probably take a close look at any other information in there, because if they keep data that isn't identifying in itself but can be correlated for something that does, that needs work too.

I would gladly give my medical information to researchers, if I could trust that they couldn't deanonymize me and only medical research would have access. I have no way to guarantee either. Worse, I know of plenty of places which would love having that data and would go to lengths, both legal and illegal, to obtain it. Forcing everyone to opt out when the problem lies with the collectors' refusal to treat the data subjects respectfully is therefore not acceptable.

"Merchants don't pay Apple's 0.15% fee, banks do. The merchant fees are the same for Apple Pay and non Apple Pay transactions."

I am not an expert here, but I don't think you can guarantee the second sentence. Banks are responsible for separating out the numbers and sending the funds to Apple, but they may have a mechanism to change the merchant fee based on that. For some contracts, fees are charged in a range, and banks charge at the high end of the range when they have extra charges they wish to pass along. This is transparent to the user in most cases, and it doesn't apply to all merchants, but it does happen. Various services that a payment method provides may seem free without knowing what comparative fees are, and merchants don't always have a choice to refuse those payment methods because there are few options and limited ability to control which is used.

You may not suffer, but people who would like to use other platforms do. Places who effectively must support Apple Pay, paying Apple their merchant fees, do. Not caring about a lack of competition doesn't stop that lack from existing, nor does your one experience necessarily mean you're the standard.

Re: Mini computer

The latest Pi has multiple I/O methods to more quickly move data around. You could run a lot of SSH connections to it. I don't know how many you can do before it slows down, but thirty works at least. Of course, if you're trying to run GUIs on those connections or if they're running complex software, that would be effective in making it sluggish. With relatively simple programs for data entry and manipulation though, I don't think it would be a problem. Don't get me wrong, the efficiency of old computers is very impressive, but if we limit ourselves to the activities they performed, our modern computers can demonstrate their advancement.

Re: Mini computer

And you can support 25 SSH connections on a Pi with no difficulty. The terminals will probably be more powerful than it is, but you can do it. A text user interface is really cheap now. I don't know what the problem is with your laptop, but if it's just someone going overboard with the JS, that's not really the fault of the other links in the chain.

Well pedanted on the units. I'd like to blame my shift key, but really don't know how I missed that.

Re: Mini computer

It's orders of magnitude faster than any old minicomputer. While Wikipedia is vague about what last qualifies, it does say that the term was last really used in the mid-to-late 1980s. The IBM AS/400 would be a good comparison, but Wikipedia also lacks specs on it for some reason. However, it does say that the CPU used was clocked at 22 mHz. Even the lowest-end Pi outstrips that clock rate significantly (Raspberry Pi Zero at 1000 mHz), and although the architecture means the rates aren't directly proportional, that means at least twenty times faster. Memory speed and size are also significantly larger.

I did find sufficient specs to compare the Pi against a different computer of the era, although it's not quite a mini. It's the Cray X-MP from 1988. That was more a supercomputer than a mini, but even it lags behind that lowest-end of Pis. That's on all aspects--CPU performance, memory speed and quantity, storage speed and quantity, to say nothing of the multimillions price of one and $5 price of the other. Now add in the fact that the newest Pi out there has four cores at 1.5 GHz and 8 GB of memory. It's amazing how well such things have improved in the last three decades.

"The problem here is that the Internet is a hugely inefficient way to deliver television to millions of people compared to broadcasting radio-waves, and that's not going to change any time soon."

It's not that inefficient for delivering specific videos. If I want something that you don't want, then the internet gets it just to me without impacting you. Radio waves work very well for people who all want the same thing in the same format at the same time, but a lot of modern videos don't work on that basis. People want video on-demand, they want to watch things that others don't want to, they want full streams which aren't popular with their neighbors, and in each case wire works better than radio waves. This isn't new or limited to the internet. Although digital broadcast has increased the number of channels you can send through the air, it's nothing to the number you can send over a wire.

Re: If only there was a protocol to replace client/server by a network of peers

And this would decrease the bandwidth when lots of people want the same file how, exactly? The servers didn't go down. The network was overburdened. P2P will do nothing to change that.

Re: Frightening...

I suppose that's a commentary on Google's changability. I get the wikipedia article about the animal and two non-squid-game results on the first page of Google. Everything else is about the show, and mostly because Google's auto-suggester is pushing most real results onto the second page to make room for news articles and videos about the show they want me to read. If I go back to Duck Duck Go. I get three articles about the animal, including anatomy and behavior; two about cooking squid; the wikipedia article for the animal, the Squid caching proxy, a dictionary definition, and a mobile app.

I stopped using Google a few years ago for privacy reasons, but now I'm thinking I might have won on quality too.

Re: Looks like the ISP wants 2 bites of the cherry

"Doesn't the ISP have a fiduciary duty to supply reliable service to customers who don't watch Netflix, but may need to remain connected with whoever provides service to Netflix for, say, work reasons?"

No, or at least not any more than they have a duty to let people watch Netflix. They decide what their duties are when they make a contract. They make two kinds of contract: subscriber contracts with their customers and peering contracts with other ISPs. If they decide to be one of the few ISPs that blocks part of the internet without government censorship, then they have the right to do that and they'll undoubtedly lose customers (subject to anticompetition laws depending on the government and market involved).

If customers requested the same amount of bandwidth, but it all went to different sites, the ISP would just have to figure out what they're going to do, be that decreasing speeds or putting in more capacity. It doesn't change anything that they're using one particular site this time. They can use their various peering arrangements to try to extract more money from the places sending them that data, and it might work, but if they fail to do so, their product suffers. That's like the fights between airlines for airport landing space--you can't cut off an airport without angering some people who want to fly there, so that's a business decision you have to make. The airline can't blame a customer for wanting to fly where they don't want to go, and SK can't blame Netflix for having data that people want to read. SK can only change the terms for people with whom they have contracts, and Netflix isn't one.

Re: Windows 11 Beta

This argument mostly doesn't work for two reasons. First, if you get malware on your machine, it's probably not because you have old drivers. Yes, your hardware may have vulns which are a problem, but you could have that now and it's not Microsoft's problem. So new drivers will probably be a little better, but not as big a deal as you make it out to be. Second, their stated requirements do not exactly align with your driver plan. There are processors older than that generation with more modern drivers and there are components which don't have them but will still work under Windows 11, to say nothing of the TPM requirement which has a similar age effect but nothing to do with drivers. If that were the only reason, it really would make sense to say so and check for that.

One other problem: they're not just saying that they won't help with support. They're also actively putting stumbling blocks in the way whenever the hardware doesn't meet their requirements. Sure, for the insider builds, they're minor and can be circumvented with a few scripts or registry changes. I do not think it will stay that way as production builds run along, and in any case I wouldn't do that on others' machines. If Windows 11 becomes insecure on older hardware, it's almost certainly not due to outdated drivers. It's because Microsoft will have made the update process so convoluted that people don't patch the holes that will be there, and in that case Microsoft is entirely culpable for what will happen to the users.

Re: Immutable OS’s are the answer

Among other things, you'll find that installing things, changing OS configuration, and updating components for security are kind of hard when it's done that way. I assume you'll have a writable location where you put all your programs, and eventually all your utilities, until your immutable OS is just a kernel floating around with all the same problems that a mutable OS would have.

Re: market position

That argument would work quite well if it weren't for the many people running the beta builds on lots of hardware that doesn't meet the requirements. Old chips, and in some cases, chips that never were supposed to run Windows 10 have been made to run Windows 11 correctly. There is, therefore, no reason they can't use legacy drivers. If Windows 11 cannot do so on release, it is only because they've cut out that code intentionally to break them. Windows has always supported backward compatibility with most things, and that has been one of its strengths when scheduling the year of Linux on the desktop, at least in the office. This probably won't dethrone them, but it isn't helping their case.

Re: "an upgrade will have to happen in the coming months or years"

Yes, eventually, as in 2025. People will definitely be using 10 until then, likely later. So the predictions that lots of sales will start in 2022 are extremely optimistic on Dell's part. The problem is that nobody really wants any of the stuff in Windows 11. The only feature that interests me in the slightest is the Android app compatibility thing, and I know I'm going to test it out, play around for maybe two or three hours, then never use it again. The features to be had are not worth the upgrading.

Re: Pointless

"Then you would pay for most of the stuff on the Web."

No, because monetization methods that don't involve stealing user data would still be allowed. Running ads that aren't tailored to the user, for example. They've been done before, they work elsewhere, this paper does it with the sponsored articles I rarely read. I'm sure advertising companies would be happy to sell you information about the sites the people you want will be reading so you can put your adverts there. It will be made up, of course, but they already make up all the targeting they claim to do anyway.

"We want content, but we don't want to pay for it."

Not necessarily. I do like free content, but there is stuff I'm willing to pay for. If they did what I proposed, they could easily have a non-individualized ads method for free and a paid plan to remove them. I'd likely join that one for sites I like.

Re: Can't get my head around this concept

Except that wouldn't work very well for two reasons. The first we have already seen--regulators have the power to go after data collection using privacy laws, but they mostly don't. It doesn't matter what new laws they bring in if regulators still don't do their job, unless they give more public power, and that too is limited.

The other reason is because the data is basically being treated as money in this situation. If Google went to a subscription model and it now costs a fiver per month to use it, arguments that they're charging too much would be ignored. If they charge in data, they can still argue that it's just their price so what is there to regulate? Having something stolen is a more understandable argument than being scalped to use something almost required for the internet.

If this got adopted and everyone flocked to Duck Duck Go, I'd be happy about that. I don't think that's guaranteed or even the most likely option.

A user id never was a security proposal. What it is is another detail the user needs to remember for almost always no reason. I have a username here to identify myself to you guys, and in fact I don't even know why I set it to what it is--I couldn't think of anything back when creating the account and went with this one. For other things where I don't need a pseudonym to label myself, there is no purpose in a custom username. It's another thing to memorize, and it doesn't secure anything.

Re: "We did not copy Tile"

"As far as I know, iPhone users can't opt their phones out of being part of the network."

If they fix this flaw, I don't think there are many problems being part of the network. If you still want to opt out, Settings -> Apple ID (at the top) -> Find My -> Find My iPhone -> Find My Network -> switch to off. At least that's the path on IOS 14. I don't know if it has changed with IOS 15. It means you can't use the network yourself and you won't be part of it for others.

Re: Is the database really that big

The software the router runs all has to know about that. If you set up a filter, then:

1. The interface must know your time zone so you set it at local time.

2. The filter program, which is likely a different process, needs to know about your time zone.

3. The log the user sees has to know about the time zone.

Given that most of the routers out there are running something with a Linux core which can handle time zones and has sufficient storage to store the relatively small database, why not have the OS handle time zones like any software on a normal computer would do?

Re: Wow, just wow

We didn't lose any information. A program stopped containing it. You can look up historical time information in many places. The question is whether the TZ database needs to contain all of what it currently contains. For the same reason, the TZ database won't correctly handle the calendar switch before the Gregorian became nearly universal, but if you want to see how each country did it at different times making a big mess, you can still look that up. People tracking historical events do this frequently. It's like asking whether a textbook should contain the full text of a historical speech--if it is decided that it's not needed for the educational experience, one can still look the speech up and read it elsewhere.

If we throw out daylight saving time, which we can and probably should. We also have to deal with the countries that decided to have fractional time zones, among them Australia (some states at UTC+9:30), India (UTC+05:30) Canada (one province at UTC-3:30) and the weirdest Nepal at UTC+5:45. Also China's insistence on using one time zone when they're big enough to need three, and it's not even the middle one. Here's what currently happens to the map when you use the time zones as they currently exist: https://xkcd.com/1799.

Re: Is the database really that big

"I suppose there might be a few things like thermostats which have local interaction with a clock involved, but... Have a "DST" toggle button?"

No, please don't do that. Such things confuse a lot of people (I.E. which position should this switch be set to now? Was it set right the last time?). If it's smart enough to know what date and time zone it is, it can switch that automatically unless configured not to. Having to change a dumb clock is fine, but having to change something which is smarter and probably not obvious that it has a clock is just a pain. If we have to do DST (and we really don't), then the computer should do the adding and subtracting.

Re: Too soon

It's being pushed by people who build such things and hope to sell them, just like every other product. That's what companies do, and this isn't unusual. In addition, though the companies want it to succeed for their own profit, those things you mentioned are actually possible benefits we would get from having it done.

As for "it has happened before", yes it has and it was really the same. You could make arguments like this for literally any technological advancement and people did. That is what progress looks like, and pain is inevitable in it. When computers automated lots of administrative actions, some people lost their jobs. Yet we still benefited quite a lot from them and, since you're posting here, I suspect you have benefited more than most. Whether the drivers of delivery vehicles lose their jobs to self-driving vehicles, more train transport, or drones, it's going to happen if the technology is efficient enough. Instead of trying to hold it back in the hopes that nothing changes and we don't have to care about the negatives of the current situation, we should plan for what we're going to do when progress happens.

Re: Agile isn't nebulous

"The thing is, argue against the statement?"

Sure. Let's try that.

"Would your customers prefer exquisite documentation about the project and the code base, or actual working software?"

Both, usually. In a project where documentation is weighted as heavily, then things take longer, but the documentation matches. Compared to the many projects I've seen where the documentation has problems, that is usually better. What happens there is that documentation is patchy, sometimes out of date, and you get more support requests. That's taking up your time and theirs because the docs were incorrect or missing. If I leave a job with documentation in place, someone can pick it up later. If I leave with patchy docs, they will either read those and come to hate me the second or third time the code doesn't match what they read or will have to call me to ask for help.

"Would your customer prefer working software now, with continual updates to improve it, or wait a lot longer and then have to wait another lengthy period for any changes?"

This one is easy: yes, they would prefer the agile method in most cases. However, I generally wouldn't. If the customer wants something, they should mention it at the start so I can plan for it. If they request a change 80% of the way through their original request which requires a redesign, they've wasted a bunch of my time. If they don't care how long I spend working on it and they pay me for it, that's fine with me. They do care about both things, so it's not. I'm fine with change requests that are minor, but nontechnical people rarely understand what is a minor change and what is massive.

"Would you adopt a development methodology that doesn't support changing requirements, even late in development? Have you ever had the luxury of an implementation project that didn't have those?"

Of course not. However, my methodology is to try to gather enough information so that there are likely to be few major changes at the end, not to embrace the chaos and let anybody change whatever they want.

"They're not vague statements, they're basic positions and principles."

Which get constantly redefined and which don't actually tell you anything.

"They're not prescriptive, they trust you to be a professional and take ownership of your own methodology. They don't tell you to do this or that, they encourage a mindset."

They encourage a mindset of basic platitudes. "Trust [the workers] and give them what they need" isn't original and it doesn't tell people anything. It's like telling people to be nice; it's better if they are, but exactly how that gets implemented and what benefits it brings need more elucidation.

"the Agile Manifesto merely articulates the approach that a very large group of experienced professionals have found to be the most effective."

Except the only thing I can understand clearly from their proposal is "accept change all the time". Everything else has multiple possible meanings.

"Disclosure: I've successfully delivered software into a production environment at a bank using Extreme Programming, and worked in and alongside teams using agile methods and methodologies for two decades. They deliver."

And I work on an agile team as well. It's fine. If we're actually agile, though how could I know? Our documentation does have the patchy problem, so maybe that's a good sign.

I think a lot of companies that do internal coding already did a lot of the agile process. Probably less in contracting or consulting, though I am young enough that I haven't seen a lot of what things were like before the manifesto. Accepting change didn't have to be written into the requirements if managers were still demanding things get changed, and knowing managers like I do, I don't think they just started doing that.