Posts by doublelayer 9408 publicly visible posts • joined 22 Feb 2018
Well, if you live in one of the mentioned countries, you're not allowed to leave it behind (or go out). If they try to reach you on your phone and you don't respond, that's considered reason enough to go after you. True, that system has more holes in it than the average IoT firewall, but it's still more invasive than the drones are.
And still, the drones are much less invasive than tracking that has been covered here in recent days. With the drones, people can be seen as they socialize physically with one another and their socializing can be disrupted. But the drones don't easily allow perfect identification or tracking. Mobile phone tracking does. Drone tracking can easily be noticed. Mobile tracking is easily hidden. Drone tracking has intrinsic limits because the craft must be piloted and even with the most expensive cameras and microphones there's only so much that can be picked up from in the air. Mobile phones are tailor-made for capturing people's actions. In fact, assuming breaking of quarantine orders is as common and severe as recent police action in many places suggests, I would be much happier with Western Australia's reaction than with Singapore's or Taiwan's.
"If using it's record to cloud feature (as opposed to record to this PC), the server would need to be given the session key used for the AES streams of that meeting. It is effectively another client for that call."
Some solutions:
1. Record from a local client and upload. No key needed.
2. Record encrypted data and let it be decrypted by the users.
3. Fine, so meetings recorded to cloud need end-to-end turned off. But other meetings recorded locally or not recorded at all would use it. So all I have to do to ensure full encryption is not to record to cloud? Thanks for telling me. Oh, wait.
"The telephone dial in numbers would also need the session key."
Some solutions:
1. User approves numbers individually and sends them keys. The server doesn't need to know, only the phone endpoint, and that can erase them.
2. Provide an option for a secure, user-maintained call-in point. That would be run by the user and therefore can be trusted with keys.
3. Fine, so meetings including phone call-ins need end-to-end turned off. But other meetings using the software clients only, which is most calls, would use it. So all I have to do to ensure full encryption is not to use a phone to call in? Thanks for telling me. Oh, wait.
You are missing the point. The major problem isn't the lack of end-to-end encryption. The major problem is not having end-to-end encryption but lying that you do.
Ah. So I get to take all Zoom's stuff (obligatory XKCD link). Be right back; I need some new servers. Anyone else want stuff while I'm there?
"could we have copyright on the books themselves for say 10 years but a longer copyright on derivative works - to stop the TV and Movie people just counting down for 10 years?"
No. It's not that easy. When copyright ends, the work covered under that copyright goes to the public domain, meaning anyone can get, make, or redistribute copies, and they can modify them too. If someone wants to use the same plot in a different medium, they can do that without restriction if the work they're using is in the public domain.
Now you could modify the law to effectively create such a policy, but it wouldn't be popular with either copyright-opponents or the copyright promotion groups. Probably the easiest method is to lower the penalties for copyright infringement based on how old the work is. Ten years or younger, full value of the infringement. Ten to twenty years, 50%. Twenty to thirty years, 20%. Thirty to forty years, 10%. After forty years, public domain. Therefore, if a person infringes copyright on a copy or two, it's not cost-effective to pursue them for it after a certain period. But if a multimillion movie is made, one tenth of that is still a claim worth making. The copyright holders would say that this law strips them of their effective rights after ten years and would absolutely hate it. People who don't like copyright at all would argue that having any at all, let alone one that lasts forty years is oppressive. Legal experts would argue that the law is too ambiguous with things like calculating the value of an infringement. But if we could somehow convince all these people to work with us to fix it, then we could really make some progress. For the first two hours after which the groups who have been brought together would start a major brawl.
The best set of restrictions on copyright is a contentious issue, and the only guarantee we have is that we (meaning any set of three or more people) won't ever agree. Still, your twenty five years allegation isn't really true. I want you to point me to a work that meets all of these requirements: 1. It made very little money for the author in the first twenty five years of publication, 2) it became popular after that point and sold many copies, and 3) the author isn't described in literary analysis papers as "recognized only posthumously for their work". I think you'll find that there aren't many things.
Are there movies or TV shows of books that were produced more than twenty five years after the original was published? Of course. Delete the classics that always get revisited. There are still some. But usually, these books were popular soon after publication, had a video version produced soon afterward, and are now being revisited because television series are very popular or the film people twenty years ago did a bad job of it.
But fine, the author should still get money from the latest version of their product because they wrote the original plot. We can make the law allow that without having such a broken one. It's useful to try to balance the protections for creators and the usefulness to society of the unrestricted work. We did it with patents; we can do it with copyrights. Giving them and anyone else who can find a way to piggyback on the law unlimited rights to everything and plenty of penalties to throw at others doesn't a good policy make.
Researchers are frequently targeted under criminal law based on complaints from people who don't get it which are taken too seriously by police who don't get it. Examples are available in the U.S., U.K., and probably some other places as well. At a lower level, have you ever reported a security problem to someone you don't know? I have, and while you sometimes get gratitude, there's often a measure of suspicion about how you know this and why you're telling them. If you do it a lot because your job is security research, rather than only every once in a while because you find things, you're more likely to encounter someone suspicious enough to call the cops on you. Since they use this law against people who had no malicious intensions, it is very valuable that someone got legal precedent, albeit a fragile one, that they can go ahead without having to worry about American police going after them (or in reality, a legal precedent to tell the police about when they show up).
"But after Covid there's a bigger picture and proactively not supporting China after crippling the planet might be a thought..."
Because if you don't buy their tech, they will ... not have viruses mutate into deadly forms? What? No, really, what? Something was going through your mind. You had a reason for linking these. But I have no earthly idea what it is. How does any restriction on China short of forcing nobody to come in or out ever help with a virus mutating there? And why China specifically? The permanent quarantine solution can work anywhere. So now I really want to know what benefit on viral spread we can expect from limits on Chinese tech companies.
DoH to your own private server is only going to protect you from a potentially insecure local network as far along as your ISP. Of course, compared to standard DNS, it at least gives you that, but nothing more. Your server also has an ISP, and it can watch your standard DNS resolutions to figure out where you're going. If you didn't want to trust Cloudflare, the best way to maintain privacy is to make the server available to others, either a specific set of people to maintain a cap on resource usage or making the server public. Since this inevitably entails quite a bit of resource usage for others and since others don't know for sure that you can be trusted, that might not work as expected.
I think that reason contributes, but I also think most employers don't have the resources to start hiring right now. A lot of smaller places are quite low on cash and don't know whether income will head up any time soon. Even those that aren't worried about their finances probably have all their existing employees tied up in other administration. They can't take the time of the existing admins to prove that the new one will know what they're talking about or worse, to train them, because the existing admins have to respond to every support request about remote working stuff not working. And the people who would do the nontechnical side of the interview are probably running triage with other business matters that aren't getting handled well in the chaos. To all out their on either side of this issue, all I can say is that I'm sorry for the chaos and I wish you all the best.
Now, yes, we should all [mostly] be working from home if we can. But once things come back? I'm a proponent of people who want to work from home working from home, but I'm not so interested in having a company make everyone work from home, even though it may reduce our productivity because talking to colleagues is not as easy, getting things you need entails ordering things from retail and requesting reimbursement rather than stopping by the supply closet, and getting assistance with something not working means trying to negotiate the remote access software we've been saddled with rather than asking the person whose thing isn't working to come watch what happens when the code isn't running on their machine. Some businesses will be quite into the suggestion because those businesses have realized that, when you don't have to pay for as many offices, you have more profit. Other WFH experiments have found that people also get promoted less often and paid lower salaries when they're working from home, even if everyone's doing it. So in general, I think the decision should be available to the employee if it's feasible for them to work from home, but while I'll fight for your privilege to work from home, I expect you to at least acknowledge my desire and I believe my right to work from the office. When my employer inevitably smashes down my wall and announces that they've turned the floor into open plan, then I'll probably join you.
I can't say I've tried that app. I have used Userland for that, and it works. But it doesn't work well, and not for any faults in the app. It doesn't work as well because I don't have access to as much of the hardware through the abstractions. Userland can, for example, give me SSH or VNC access to the VMs, but it can't handle audio. I don't think one could use the camera, not that I ever have the desire, but it would be good to have in a pinch. Nor does it do Bluetooth--I must have my phone do that part and relay the input to the VM.
Are any of these things complete dealbreakers? Not really--I don't really need the camera, audio would be useful some of the time but it's not an ultimate requirement, and if I'm debugging or testing a Bluetooth device I can wait until I have my laptop. But I don't want to. That's exactly the point. If I want to use a program that runs on Linux and needs to record and play audio, I want to be able to do that on my scaled-down laptop. It doesn't take much power; a raspberry pi with the appropriate hardware attached can do it easily. When I simulate that on a much more powerful phone, I am constantly reminded that this just isn't designed for that and I should go back to my laptop or write a mobile app to replace it. That's why I want a mobile device that runs a desktop OS natively.
I can't speak for anyone else, but my desire would be a scaled-down laptop. That means running much of the software I might on a low-end laptop. That means Linux. Or technically BSD, Windows, or Mac OS but not Android. I have Android apps, but few will benefit sufficiently from a keyboard that my work can be done through them. I have, for example, an SSH terminal app on my phone for the possible emergency where that's all I have available, but I don't use it routinely and it's not just the keyboard that makes it that way. For that reason, the later Planet devices that run Android and Sailfish (maybe but some caveats apply) won't work very well for my intentions.
I've wanted one of their devices since they first came along. A mobile computing device that can be used for more complex tasks would be fantastic. But unfortunately every time I hear about them, they receive one more shallow cut. First, the keyboard layout on the Gemini was nonstandard--that's a little annoying when I'm running terminal commands or writing code*. Then, the keyboard was stated to be wobbly. Then, Linux support seems to be an afterthought--it's available, just not until we do a bunch of work on it first. Then, flaky updates and bugs in Android too.
But I still want the concept device. And I'm willing to compromise on quite a bit. I'm willing to do my own fiddling with the UI--a standard Linux desktop GUI won't work great on a tiny screen but I don't feel like the manufacturers have to get it looking beautiful; I can do that work. I'll accept a keyboard that doesn't feel great or one that has a nonstandard layout, but not both. I don't need the device to have a convenient phone screen--if having to open it to answer a message is the price I have to pay for a keyboard, I'm willing to do so. I'm not after perfection, yet it seems like they're still not meeting my expectations.
*I'm not planning to do a lot of day-to-day work on such a small device, but there are times when I want to calculate a complex result which is easier to do through a programming language than a calculator app. Or sometimes, I might want to run an SQL statement and see the results, which doesn't work great in a graphical view either. In either case, I want convenient access to my punctuation.
The software will use the same technology that was demonstrated by Apple that time they put a surprise feature in all their mobile devices that watched something, maybe the location system but it worked with that turned off, that would deactivate most features with an annoying screen if they sensed you moving at possibly automotive speeds. They didn't check that you were on a street when turning this on, so it would activate while you were riding a train, and they of course activated it for all passengers in cars. As I don't own a car, that feature was particularly irritating to me.
So to answer your question, they won't have omnipresent tracking. They'll just watch the device and only track when it moves fast. So only when you're traveling anywhere by any transportation method faster than a walk. Data collected will only include where and when you started the transport, every road you took, how long you waited at any turns, any backtracks or detours, and of course where and when you stopped. Then that data will be sent to your parents or somebody via a cloud service which you don't own and can't audit. That's not complete tracking is it?
"I'm under the impression that renaming root /admin is a security feature."
You are under the wrong impression. That's like hiding your front door--any serious threat will either watch you go to the hidden door before repeating your actions, search thoroughly and find the door anyway, or smash through the wall. Root can be called root, just secure it. That means secure passwords, no login to root directly unless through hardwired or trusted interfaces, limited need to go to root anyway (E.G. programs that need to run with special access being run in a user account with that access when possible), and limited knowledge of how to get to root.
Not necessarily. If someone else mandated the keyboard shortcut model, the programmers could have been restricted from assigning mnemonics. And you don't always want to add new buttons at the end. Consider the following toolbar or menu order:
Undo Cut Copy Paste Find Replace
Now, we're going to add two features. We're going from an undo model where you can undo once and reverse it by clicking undo once again to a model where you can undo multiple times, adding a redo. And we're adding a convenience option to go to the next result from a find. Would you really want the menu to look like this?
Undo Cut Copy Paste Find Replace Redo Find next
Wouldn't it make a lot more sense to arrange it like this:
Undo Redo Cut Copy Paste Find Find next Replace
I think the problem was assigning shortcuts in numerical order instead of assigning specific ones to each function. The fault lies in whoever made that requirement. If that wasn't the same person who added a button, then I think it wasn't the fault of the person who added the button.
The example was quoted, and while it could have been a whole sentence, it wasn't necessarily so. One is not obliged to only quote complete sentences. The sentence could originally have been "What colour is the neighbor's house now that their child has experimented with that paint, and how angry are their parents?", but I spared you the irrelevant portion. Still, such pedantry deserves an upvote given my previous proviso about our health.
"English is English. American's speak US English which is a derivative but it's not the same language"
It's the same language. When people from both countries (and there are some other anglophone countries you might want to include) get together, they can understand one another. And after a certain level of education around age seven, nobody will be confused if they read "What colour is the neighbor's house". They might complain, and with that sentence there are three groups* to complain about it, but we all know what it means. We've communicated without translation. We speak the same language. English speakers unite! Let us hold our hands together in solidarity! Then let us wash our hands because we're concerned about catching something. Then let us go back to attacking one another with competing dictionaries. Our health demands we continue to fight about pointless things!
*Three groups to complain about my example sentence:
1. Americans intent on American spelling for "colour".
2. Non-Americans intent on non-American spelling for "neighbor".
3. People who think that you should pick a spelling and stick to it.
I'm throwing a nearby dictionary at all of them.
"this appears to have been multiple iterations of work done, [...] Would that really be a new dev with no idea of the device or s/w? Is that likely?"
Absolutely. You don't even need a bad manager to make that happen, but having one makes it even more likely. I think we've all been in situations where people don't really get much choice what they work on. There was a time when I got assigned a primary developer role on some core code I'd never seen before. I'd just joined that team, and the previous core developer got placed on another team (she didn't request that transfer, nothing was wrong with the team, someone just requested and got her). I was basically told "You're going to start getting all the feature requests and bug reports for that thing in a few weeks. We can have some of the devs who developed parts triage the ones they can handle at the beginning, but you're eventually going to do all of that. Talk to [name redacted] over there. You have a week of her time." It went fine for me because the project wasn't extremely critical and the previous developer was a genius. But sometimes that situation will happen and devs have to figure things out for themselves. When you add a bad manager into the mix, you increase the likelihood that the manager didn't provide required documentation or training or that the previous dev left the team or company to get away from the manager. And it could have been even more basic; the previous developer could have just gone on holiday at an inconvenient time so they weren't around to train the new one. The situation you describe is very believable and quite likely.
"Starting with the idea that anyone who gets it wrong is an idiot. If they get it wrong you weren't clear or specific."
I don't think that's necessarily true. You can have a user get a process wrong because you didn't specify it clearly or they could get it wrong because they're an idiot. Sometimes, they get it wrong for both reasons at once. It's harmful to assign all the blame for failures to complete a task, either to the person who wrote the instructions or the person who carried them out, because as soon as you decide it all goes to one of them, the other one will prove you wrong. Never underestimate the idiot.
That would depend on who did what and who knew what. Since we don't really know a lot of this, I'm just using a bunch of hypothetical examples to suggest some options.
For example, imagine a situation where I don't have documentation on the hardware I've been given other than that the information comes over serial. This could happen if nobody wrote that documentation (I.E. the contractors had a mindset that people there already know this, we don't have to write it down again) or the manager didn't send the documentation to the dev leading to the dev thinking that there wasn't any. In that case, I would probably see the two serial ports and try a single cable on both of them trying to figure out which one sent the data. I wouldn't necessarily think to plug in two of them without knowing how the hardware worked and, in that case, I would almost certainly try to contact someone who built it to clear up the situation. I wouldn't make them come out, but it was stated that the manager talked to support and wouldn't connect them directly to the dev. If I didn't request the call out, I don't think there's much blame to go my way.
Now, if there was some documentation and I should have read it, I have much more blame to go my way. Still, if I missed that point and it was expected that the contractors could provide support of that type, it's logical to try to call them. However, the manager doing that could have led to the situation where the person being called out just wanted to talk to the dev, the dev just wanted to talk to the support person, and the manager was at fault for making the support person come out physically.
Now if the dev was supposed to know this and was informed by someone else and if they suggested the support person come out, then they are much more to blame. They probably didn't have any consequences because they were unlikely to admit this, but they weren't competent and cost their employer and contractor plenty of time and money. In that case, they definitely should have been disciplined if not fired.
Not your fault, but this situation is exactly why I suggest that lots of shortcuts get created and none are ever changed. It's a little annoying when a feature changes its shortcut and I have to find it again, but it can be awful when a new feature has been assigned the old shortcut and now I not only have to find the shortcut for the thing I want but I also have to find the thing the old shortcut decided to do to my file, which might not be obvious.
That relies on his frequently starting up the machine. Users sometimes decide never to do this, or even close anything. There was one person whose machine I used temporarily to write a small Word document. When Word creates temporary blank documents, it automatically increments a number if the previous blank document got saved, document-1, document-2, etc. The one I used was document-259. I don't know how long it took that user to get to that many blank documents opened or saved, but I bet that machine's uptime was quite ridiculous as personal laptops go.
Compare Microsoft via Teams with Amazon? I'd never thought about that before, but sure, let's do it.
Teams: Used primarily during one point of the day, namely local business hours.
Amazon: Used throughout the day.
Teams: Now relied on by whoever chose it for business meetings, meaning many new customers and many old customers using it a lot more.
Amazon: People are buying more things, but they aren't adding users hand over foot.
Teams: Once a user starts to use it, they continue until this quarantine period ends.
Amazon: Once a user makes a purchase, they stop using it unless they're planning a new purchase. This implies a gap between each interaction.
Teams: Remains in the background sending information and maintaining connections for hours.
Amazon: Sends web pages. People click when they want new ones.
Teams: Must send high-bandwidth audio and video streams around, live, with low latency, worldwide.
Amazon: Text, static graphics, videos that might be hosted anywhere and are also cacheable.
Teams is slower. Imagine that.
"What matters to society is the quality of research being done, and the efficiency with which it is carried out."
Agree entirely. And so:
"Putting more money into the current academic system won't lead to the right research producing the necessary results in the shortest timescales: it leads to more scientist duplicating effort in topics scientists like to study, which probably [...] don't overlap with what is actually important."
Fine. Then you tell us what we're supposed to have done. Evidently, scientists can't be trusted to find useful things to study, someone needs to tell them. But you have so far failed to identify who does tell them what is important, and how that person gets that information, and how we get that research done if the current academic structure won't do it voluntarily. You've* made some statements about what isn't important to you, which have been ably dispelled by existing replies so I won't reproduce their work.
Consider this particular issue. We have a virus that causes respiratory disease and spreads easily through the air. So, since you haven't said what particularly we need to be researching, I'm guessing the subjects of most importance include virology, epidemiology, and study of respiratory disease? You have stated that cancer isn't such an important topic, so I'm assuming that's where we get extra capacity for those things? Assuming you agree with all of this, imagine how we would feel if we forced most cancer research to stop three years ago to focus on those topics instead and, instead of this particular virus, we had a pandemic of another one that caused little damage in and of itself, but led to high rates of carcinogenic behavior among previously healthy cells--such viruses exist. I believe your problem is that you think you know what is and always will be important and you don't acknowledge that basically every type of scientific research is important. There are many failings of the system that could get repaired, but in reality, many deficiencies are the result of a lack of resources, whether that is staff, money, equipment, or data. All you are suggesting is robbing one discipline to pay another.
*Actually, the opinions I'm replying to are across the original post and the one I've replied to. Both have been posted anonymously, so I don't know for sure that it was the same person.
"Why hasn’t the forecasts of people like Bill Gates (who basically predicted this entire situation 5 years ago) not turned into academic research into what to do about it?"
Are you serious? What Bill Gates said boils down to "There will come a pandemic at some point relatively soon, and when it does, we won't be able to handle it". Well, of course. That's a relatively obvious thing to everyone. And that's fine, because he was not called on to be a predictive epidemiologist. He was stating a generality because his point was a general one. However, he did not "predict this entire situation". If this counts as a complete prediction, I'd like to get my own in here. How's this:
There will come a time, probably sooner than we'd like, when a war happens. The war may be a world war or it may be a localized one that many nations wisely stay away from, but it will involve at least two modern economies with large militaries. When this war happens, we are not prepared for the pain that will be created by unexpected weapon technologies and tactics as well as disruption to globalized processes. It will be very unpleasant when that happens. We should do something about this.
When I'm proven correct, I want to be similarly lauded as a visionary who accurately predicted the Chinese-American war, or the Russo-Euro war, or the Persian-Australian-Indian war or the Eurasian war of 2028 or the Transpacific war or the war of the missiles or whatever it's called. I predicted it back near the end of March 2020; all of you are witnesses.
Now, to answer your question. Why didn't a generality by Gates turn into academic research? Do you mean more academic research? Because there was already a lot of academic research on epidemiology and microbiology. Thousands of papers are printed every year from diligent researchers. If you're only referring to new research, there are two primary ways of increasing the quantity of research being done: 1) increase the number of researchers and 2) increase the funding for existing researchers so they're never lacking for resources. If we were supposed to do the former, we haven't had enough time to increase the entry rate of properly-educated researchers, which takes years. If the latter, you have a better point, but you would need to ask the various places that fund such research. Many of those places have been increasing funding. Many that haven't simply cannot--they're already donating what they can. Plenty have decreased funding, and you can be angry with them if you like, but that is the nature of academic funding and your complaints will not help to change it. Since it's such a large field, their efforts are spread out across it, which isn't helpful right now when we wished they spent all their time looking at respiratory viruses, but would have been great in the possible alternate timeline where we were dealing with persistent antibiotic-resistant bacteria that cause neurological damage. So you name the thing that should have happened, and who should have done it, and we can argue about why it didn't happen.
I mostly agree with you, but the couple in Arizona don't prove anything one way or another. They read a short thing online and found something that had a similar name before ingesting it. That is almost certain to end badly. If I write a message that says "I've found that potassium-rich foods are nutritious and generally taste nice", and someone goes out and puts potassium cyanide on their food, that's not my fault nor does it make what I said incorrect. Even if what I said was incorrect, it doesn't make me responsible for their doing something extremely dangerous.
"Please point me to a product that lives off advertising without harvesting my personal data."
I hate advertising as well, and it's no less annoying on these, but such products do exist. The simplest are those where individualized tracking isn't possible, such as commercial television or radio which don't go through someone who can know your watching habits. Everyone watching gets the same ads. There are places on the internet where that's similar. For example, if you listen to podcasts, there are very few that have ad-targeting capability--though it should be possible to do some tracking, they can't set a bunch of cookies or collect much else because people are usually using separate podcast-listening apps rather than a browser. Even if they can, there isn't a convenient analytics system that works across podcasts hosted on different sites. Usually, the most information they have on you is a general location where you are, so you might get ads specific to listeners in your metropolitan area. Some sites also do their own advertising, and therefore don't have much in the way of analytics to use when sending ads your way. They are far too few, but they exist.
All that said, advertising is primarily of the evil kind, at least ad targeting is, and I don't much care if they have an incentive to change if we can be more drastic in our methods of stopping them. I have no more patience for hoping they change voluntarily. I now favor legislative limits to their abilities and healthy fines to back them up. GDPR is a good start; we need to spread it elsewhere, strengthen it, and enforce it thoroughly.
"There's no reason a mailserver couldn't limit [...]"
There's no reason it couldn't, but several why it shouldn't. Let's look at your suggestions:
"limit the number of "to" addressees after list expansion to some reasonable number,"
What reasonable number? What if I have a list that has more people on it because I want to reach them all? The right answer is to limit who can send mail to that list, but we're discussing automatic methods the server can take when I've forgotten to set that, and this particular one blocks me from sending an all-company email at all. Maybe you just meant replies, but there are times when I might want to send a message and have someone reply to it. Maybe I'm replying to it to send out an update. Maybe someone else on my team is replying with the update. Maybe it's a company-wide congratulatory email and we're letting some senior managers reply with their congratulations as well as a morale method (while they're composing their congratulations, they're not affecting others' work).
"forcibly move any lists containing more than 'x' addresses to the bcc line with a dummy 'to' address substituted (all-employees --> all-employees-noreply)"
That makes a list unsuccessful if it's intended to let people discuss things. This could be a public list for any employees who are interested, and they're allowed to talk on the list too. Once enough interested parties join, the list breaks for everyone.
There is a clear right way to do this. When you create lists, limit who can send messages to them. If you need to receive replies, redirect the emails sent to the list from people who don't have rights to send to the list to a different address from which you can read them. If the mailserver can do that, and they nearly all can, you don't need to do much more. Except remember to turn it on.
In what way? I think most servers are capable of cancelling a reply all automatically, and the article confirms that was possible in this case as well. That doesn't help if someone doesn't enable it for the message, though. So does your server manage to automatically determine that this is necessary? Does it also work correctly when someone is supposed to reply all to a message with a lot of recipients, for example to update its content? That happens too.
In some cases, sure. In many cases though, that's not the reason. Plenty of well-regarded projects are run that way. Linux, for example. A lot of the updates fix bugs and add features and we're usually quite happy about it. They have only three choices. They could do what they currently do, they could do a lot more testing on everything, holding back updates, or they could stop development entirely and focus all their time on a single-release perfect OS that would never need updates (I.E. the perfect example of vaporware). I think many would agree that their current approach is optimal. Continuous development, as you put it, is only a problem if it's used to disguise frequent bug releases, but you can release buggy code quite easily without needing any specific development strategy, and proof of that is available everywhere.
You're correct. There are a few ways that could be harder than it sounds, though.
1. The package is easy to use, but hard to modify. Since people haven't been writing it, there are no maintainers who can immediately take charge of important updates, and you're counting on someone eventually learning the internals.
2. Because nobody was clearly next in line, ten people made forks and people didn't notice until there were now ten incompatible versions. You can either keep that and see if the one you chose dies early or you can attempt to organize the painful and almost fruitless but ultimately a little useful effort to merge those people into a group effort.
3. Because everyone just picked up the internals, there may be bugs the original developer would know about but which the new people don't, which could become a bigger problem later.
Open source is great, but it fixes none of the problems of making source easily modifiable without breaking things. I'm sure we've all been in a project where someone with no experience in the codebase is preparing to make a change to something important in it. Often, it ends fine because they studied up and did what was necessary. But when that doesn't happen, it's not a very fun experience. Open source increases the number of people like this, but at least it prevents the risk that someone leaves and nobody knows where the source is or how it works so the entire system stagnates.
I've heard the same from sellers of weapons in New Zealand. I'd really like to ask these people what the situation in their heads looks like such that they plan on needing weapons during it. I'll ask over a voice call from far away, an unspecified location that's most definitely far away. You know, for social distancing reasons.
The argument has some merit, but has major flaws. First, the validity. If prices increase, you do get the benefits stated, including the discouragement of hoarding and the incentive to produce. Those are easily verified, and are quite real.
However, allowing the price to increase has some predictable results. The first is that it increases the number of people searching for the products--if the price doesn't change with complete fluidity, and it won't, it offers the opportunity for useless arbitrage. Arbitrage is often a relatively harmless and sometimes even beneficial utility in markets, but when the product being moved around is a necessity, it adds delays, shortages, and risk. Those don't help anyone.
Second, increasing the price places many restrictions on who can obtain the product and how. It may deny it to the people who need it most--if they cannot afford it, or if they cannot easily arrange transportation of the product to where they are, or if they cannot charge the purchase to their company accounts because the seller is unusual, they will suffer. In economic terms, this is a profound negative externality, and even the most free-market of economists recognize this as a problem needing fixing.
Finally, it's just stupid. Sure, it can provide some benefits to a few lucky people, but at the cost of everyone else hating them. Meanwhile, the lack of the products people need leads to fear, and the unusually high prices they're eventually forced to pay leads to more hatred. When a bottle of fear and two of hatred are placed together in the blender, the result is a very unpleasant substance. The only two guarantees about what happens when the top comes off are 1) you can't stop the top from coming off and 2) you really won't like it when it does.
"Of course, as it's only a short range technology, it couldn't be used for mass surveillance (yet!)."
Don't just guess about that. It depends where you are, but if you live in a sufficiently built-up area, it wouldn't be that hard to put a bunch of long-range readers around. Expensive, yes, but if we're dealing with surveillance services, they have plenty of cash and no oversight. You remember the people who started looking for contactless payment methods with RFID scanners? Imagine something that works at that range on every building at street level and everywhere there is a WiFi access point indoors. Miss a couple as you walk down the hall and they'll still find you before you get to the stairwell. The physical tag that identifies a person being embedded into or attached to them is rightly the stuff of dystopian literature. Let's keep it there.
That's probably not enough, as if you made that clause part of the law, it could be modified into an "As long as you can buy a copy, copyright continues" clause, and if a company wanted to deny you a copy, they could simply charge millions for a single copy so nobody takes them up on the offer that technically exists. It would be useful to restrict to what copyright can apply, how many different people can own it, and how long it lasts, all of which are easier to state without ambiguity.
"Many of my books are old - generally first half of the last century - and not on the best of paper. If I want them in a more portable format, I often have to scan them myself, or pay again for a book I already own."
What did you expect? Digitization takes effort. There are many places that are happy to distribute books--if some of your books are old enough to be in the public domain, project Gutenberg would quite like your scans and will distribute them for free. Who did you expect would do that for you? The original publisher might not be in business anymore (and is a company, so isn't very generous). Commercial digitization groups exist but they'll want payment for their efforts. There are public-spirited people who digitize for free including the aforementioned Gutenberg as well as the Internet Archive, but that's a public effort limited by money and time and access to the originals from which to make copies. When you're promised something for no effort on your part, you'll often not get it. But if you join us and volunteer some scans or some time, we can get closer to that goal.
No, the argument is that nothing is important as long as we do something that might help against the virus. Some of these drastic measures will produce a great deal of benefit and we should get them started as soon as possible. Some will be a little effective and we should probably do them. Some will be pointless and if we spend effort on them, we'll be wasting time and resources we could be using on something useful. Some will cause more harm than good, and it might not only be directly virus-related. So far, there has been relatively little attention paid to this--as long as the experts in epidemiology suggested one thing such as social distancing requirements, the governments will agree to any policy that seems at least somewhat supportive of that thing. They do this without consideration of public health, public confidence, feasibility, privacy, or anything else. The only two questions they seem to ask are "Does this seem like it obviously won't work" and "Can I make this sound good when I get interviewed". As long as the answers are no and yes respectively, they'll go ahead.
This is an emergency situation with a severity that's not well established yet. In such situations, there are two things that are very effective. The first is prior planning, and for that it's too late--we have all we're going to get. The second thing, and what we're relying upon, is an attitude (at all levels, but most importantly on the levels of those making policy decisions) of calmness, consideration, and willingness to make sacrifices. We must not let that attitude succumb to quick and dirty attempts at patching without consideration. This means we'll have to resign ourselves to doing uncomfortable things. It will also mean that we have to consider the long-term, and that means we have to consider things like our future privacy rights. It will afford us nothing if we survive this and die in a crisis of our own making later on.
I see absolutely no reasons for ISO to have held this up as long as they did. The list of places that have codes is a very strange one--plenty of autonomous regions with lots of people living in them don't have codes, while places like Bouvet island, which is now and has always been uninhabited because it's basically a glacier on a rock in the sea far from everywhere, or the Herd and McDonald islands, which are a bunch of glaciers and a volcano on some rocks in the sea far from everywhere get codes. Several methods of assigning codes would make sense to me. You could be very restrictive and say countries only, allow countries and autonomous regions within those countries, or start assigning codes to every delineated area on the world map. But ISO seems to have started with the third option then decided to cancel it for no apparent reason.
I think every part of that sentence is incorrect, then. Let's modify it to "After 20 years or so, the tiny semiautonomous democratic Channel island of Sark will finally earn the right to exist on a list of geographic entities chosen arbitrarily. This might let them later get a domain."
"I think you'll find that unlike the terrorist bogeymen, this virus is 100% real, and its effects are able to be mapped and predicted with a fairly good degree of accuracy."
The terrorism threat exists. There are people who want to destroy things we really need and who hold no regard for innocent lives. Those of us who argue against the overreaction don't do it on the basis that there is no terrorism risk. We argue on the basis that the reaction destroys far too much for what it benefits us in regards to the terrorism risk. The same can be true here.
Should we have increased efforts to prevent people leaving self-isolation? Maybe. It depends on where these people are and what they're doing. Should we do this with individualized tracking? Something to consider in a measured, thoughtful way where people have to ask what the downsides are and think about them for quite a while before saying yes. Should we do it with general tracking? Almost certainly not. Should we do it with 1984-style telescreens? Not on your life. All of the preceding solutions could work, so if we agree the problem needs to be solved, we still need to exert effort on finding the best, or at the very least a good solution. Finding a solution and blindly agreeing to it despite all the potential disastrous side-effects is extremely irresponsible.
Exactly. When you put the IMEI and IMSI together, and your device obligingly sends that to your network provider, which stores it in the database of never gets deleted, they now have a pretty good method of identifying information--if you replace the SIM in another device, they'll find you. If you use someone else's SIM in the original device, that provider can coordinate to identify you. Of course there's some noise with devices sold secondhand, but it wouldn't be hard to identify your traffic if I had access to the providers' databases. How concerned you are about this will depend primarily on your reasons not to want to be tracked, your general paranoia level, and how likely you think it is that the various organizations who want it have access to these databases (such organizations including your country's surveillance service, other countries' surveillance services, people who like selling data on you, and people who broke in through an insecure system). For many, it's not all that concerning, but it's useful to know what data exists to stay alert for potential privacy and security risks.
I believe the original comment was thinking about the restrictions on checked baggage containing lithium ion batteries, which goes in essentially the same place as the cargo that also contains lithium ion batteries. One could reasonably ask what precautions are required for taking those when the pressure and temperature circumstances would be the same for both. The airlines might be thinking about batteries being thrown about, which is less likely for neatly-packed cargo than for personally-packed belongings, but I don't really know the details on either.
It's used incorrectly so often that we're going to have to get used to it. My suggestion is that we think of something new for it to stand for. My best so far* is "Remains On Machine [when machine is powered off]", but I'll be the first to admit that's somewhat sad. Any other ideas?
*And in case you want more sadness, my not the best so far include "Retains Owner's Media", "Read Or Modify", and "Resources of OS and More". I give up. The replies are going to have to think up acronyms-in-reverse that aren't laughable.
While four weeks is a little higher, you might be surprised how long your modern phone lasts if you leave it on a table and never use it. I have one here that's been going at least twelve days so far and is still pinging on occasion when it gets a notification. It's when you turn it on and all two million pixels (or worse the GPS chip) start drawing from the battery that the level starts dropping like a stone in water. After a while of this, the battery has been aged so much by the fast draw that it becomes old and holds less charge. What I wonder is how long the battery lasts if you're reading emails, listening to audio, or using satnav.
Except that, as browsers go, there isn't much reason to use FTP from a browser but there are a few reasons for HTTP. FTP can only do downloads from a browser, unless the browser has implemented a client for you, but a standard FTP client can better handle the protocol and offer all the options of that protocol to you. HTTP doesn't do uploads or directory management on its own and is mainly useful for web servers. FTP is unneeded for downloads but can potentially be useful for uploads (and if you're using it for uploads, it can provide some downloads while you're at it). HTTP is needed for downloads of webpages from things like routers which will likely not secure their internal pages (and if they do they'll use a self-signed certificate because there's potential that you can access that page but cannot access the internet). I don't think the protocols are similarly worrisome.
It's certainly not for me, but I imagine people might want it for a few reasons. First, it's so cheap it is almost disposable. Second, the battery lasts quite a while. This is less because the phone is so low-power and more because people won't use it very much because it has few features, but it still gets you weeks of battery life. Third, maybe the speakers are actually nice. I don't know, but they talk about them so they probably put some thought into them. I wouldn't be surprised they mainly plan on selling these to developing markets without smartphone requirements though.
No, it doesn't. There are only three ways to try doing that.
Buying multiple items incurs a charge for any after the first: If you have a large group you're shopping for, I.E. you are isolating with your family, you can buy the same amount as I can, and I live alone. Either I am able to buy too much or you aren't able to buy enough. You can buy extras by going around to different stores and buying one item from each. If your stores aren't particularly vigilant, you could just go outside, load your purchases into your car, then go back inside and buy some more.
Allow prices to increase as supplies decrease: This prevents those without resources from buying what they need. I don't think you suggested this, but I'm including it here for completeness.
Use some limited quantity likely to scale with people, such as payment methods or verifiable phone numbers, to limit how much you can buy before the price goes up: This solves the problem of buying for a family, maybe, if some of them have credit cards or mobiles, but it could cause problems for young children who have neither. The main problem though is that there would be so much chaos getting that system working across stores that you'd long for the previous system because, at least then, you could buy something if it was there. Also, this approach is essentially the same as a ration book, just with a different format of coupons.
One final proviso, even assuming we have a perfectly functional version of this, it doesn't stop me buying one of every item in the shop. I can only get one dried lasagna? Then I'll also pick up one of every other pasta on the shelves. I can only get one pasta? Then I'll buy one item off every shelf.
The news covers them a lot when they crash, but their safety record is rather good, especially compared to other things let alone driver-controlled cars. That said, there are very many reasonable concerns about safety under some conditions such as rough weather or weird road conditions. Those trying to perfect them have been extending their test sites to ensure they have all of that, but we're talking about a long and difficult process. You won't get one tomorrow--the manufacturers want to be ultra careful that the cars are safe so they don't get sued, then the governments will want to make ultra sure as well, then potential dealers will want to be very careful too, then customers will probably still need to have certain abilities to override them which weren't included the first time, then the manufacturers will need to submit the revised designs to their own safety departments to ensure they haven't messed something up, which needs to be verified by a government safety check, Error: comment compilation loop detected, aborting.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
