Posts by doublelayer

Re: Android Developer

Just because some phones can be rooted or install a custom ROM, that doesn't mean it applies to all, or a "majority". It just doesn't, plain and simple. Many of the devices on the market are locked down to prevent you from doing that. Even those that can be rooted make it clear to you that you aren't supposed to be poking around there, marking the device as insecure which can make some apps decide not to work.

Compared to every desktop operating system in common use, this is crazy. No matter whose Windows machine you buy, you have the right to be an administrator. You have the ability to boot to an external disk. The same applies to Macs, Linux machines, BSD machines, and pretty much everything except some Chromebooks. And yet, people wishing to root their Android device usually check for that before they buy it because they know most out there won't make it easy if they let it happen at all.

Re: In person show ID?

In the U.S., there are many places where you aren't so close. They have to balance the security of requiring people to go there with the convenience of not requiring people who don't live in an urban area to travel well out of their way. I think that they could handle this by sending a replacement card to the address of the user, which would work for a legitimate request (almost always) and wouldn't require the user to go to the store. Letting someone at a call center change the card without security controls is a very bad decision. The two of those physical methods would work reasonably well for any account with an address or ID attached. Prepaid accounts set up without identification might be different, but I believe they are becoming rarer and rarer.

Re: Give me a chunkier laptop

There are lots of laptop users, and for each, a different kind of laptop is useful. I carry mine around quite frequently, so being somewhat light is important, but I don't need it to be unusually thin. Neither do I need one with a desktop's worth of processing inside it; sixteen gigabytes is enough memory for everything I need it to do, and if I need more, I have no problem offloading the task to a server. Those characteristics don't apply to everybody. Similarly, I would be interested in a revival of the netbook, specifically in the sense of a device with a very small screen, keyboard, and asking price. While there are others who might want that as well, the concept doesn't seem particularly popular with the general public. Some people want a laptop with the power of a workstation and others want it to be as thick as a sheet of cardboard. Fortunately, there is something around for both of those people, just not the same thing.

Re: Bloody Mediatek

Two reasons come to mind. First, there might not be ruggedized cases for every phone on the market. I am certain there are some for the devices that sell very well, such as the latest iPhones and Samsungs, but there won't be for the low-priced phones which get changed out from month to month, and for everything in between there's no certainty at all. Therefore, one can't choose a phone they like and be guaranteed to find a case that fits it.

Second, a ruggedized case might not give you as much protection as a ruggedized phone. The case manufacturer probably has tried their best. Still, there's less profit margin for them to buy a bunch of another company's phones and try to break them than there is for the original manufacturer to try to damage their own. Finally, if the unit you're using turns out not to have been ruggedized sufficiently, the manufacturer of a phone that claims to be able to handle it is probably more likely to replace it for you than the case manufacturer.

Re: Infertility - maybe not such a real problem in this day and age

"Are you aware that is almost entirely for beef/cattle farming - which is almost entirely exported, in particular to the US?"

Yes, I was aware of that. Are you aware that the people doing the farming are Brazilian businesses, not some international group? And that this applies to myriad other areas where other things are being produced? See how it's still a problem? If it's shipped to the U.S. or eaten there, the forest has still been burned. This isn't necessarily the fault of increasing populations, but nor is it the fault of an eventual consumer. The people making the active decision to take an action that harms the environment are responsible.

You cannot limit yourself to taking only one action or declaring only one perpetrator. It's as if your house was on fire and I came to deal with the problem by pouring water on one corner of the house. I wouldn't be helping anything because the rest would continue burning, and when I ran out of water that corner would also go up in smoke. If you want this problem fixed, you need to evaluate all of the contributing factors and make plans for dealing with any that are large enough to have an effect. You can't focus on only one country or region, whether that's a developed or developing one, because the problem is global.

Re: "There haven't been many earth-shattering breakthroughs over the past five years."

I don't think the innovations have been very important, but until 2015 or so, you could at least notice them. The new phone would have a better screen than the last one, would load apps faster, maybe last a bit longer on battery*. The same being true of communications--data over 2G was nearly unusable, 3G was good, 4G was great. Now, although processors in phones get faster and faster, I don't really see any effects on my general usage. I'm sure some people use more processing and have noticed the changes, but I doubt it's their major consideration. A logical response from the manufacturers would be to try to experiment with new things or to compete on price. They've made a couple attempts at the former, but their treatment of the latter is strange and doesn't seem to be helping them all that much.

*New phones running for longer on a battery: I am only comparing like for like here. I know that non-smartphones ran for longer, and that a new phone with a larger screen will run shorter. For a while, phones using new chips and the same quality screen would improve their battery life. Now, every saving in battery is used to allow an even bigger or higher resolution screen.

Re: "Believed to be operating out of North Korea"

Attribution is hard. It's. possible that someone's been framing North Korea for an unspecified length of time, and they either are responsible for everything attributed to that country or are very good at mimicking characteristics of their malware to do the framing. If so, they're really good at fooling everybody. However, we've seen what it's like when people try to blame North Korea--someone who is probably Russia but theoretically could be someone else tried to do that a couple years ago, and they didn't stay hidden for very long.

As for solid proof, there are several types. The basic type of having found assets in the malware relating in some way to North Korea applies to most of them, but could obviously be faked given some effort. This runs from the simple string frequently used there to a network address that has been operated by Pyongyang interests at some point. There is also the tactic of code comparison. If a group uses a similar module (similar in the sense of similar compiled code) that was previously reliably attributed to North Korea, then it's probably North Korea doing it again. They're the only ones with the source, so it's extremely unlikely that someone went to the effort of reverse engineering their codebase just so they'd produce similar binaries. And finally, we can have extra confidence in some of these tactics because there are some pieces of malware to which the North Korean government has admitted. Using these tactics, researchers who have spent years looking at malware from different groups can do a reasonably good job of telling when one of those groups spins up again. Nothing is guaranteed, and attribution is very tricky, but don't presume they don't know what they're talking about.

The problem is that you can apply that logic to anything at all. If a parent installs a desktop that has a camera on it, for example an all-in-one machine, they have now recreated the same environment. A malicious actor who gained access to that machine would have the same capabilities as one who gained access to this IoT device. They can't easily keep moving that desktop around with them.

I don't think we'd believe them totally blameworthy if that computer got infected with malware to their detriment. Yet if it did, they're likely much more responsible for the problem than someone who installed this IoT device. From the sound of it, the cameras could be accessed with relative ease online by guessing a password, while getting malware onto a desktop usually requires the user to fall for a fake download or phishing email. On this basis, attempting to blame the parent for something the manufacturer could prevent seems limited at best.

Re: driving down costs

That presumes several things:

1. There are ranks.

2. The managers want to move this employee up the ranks.

3. This employee wants to move up the ranks.

However, in most cases, one or more of those things won't be true. For example, I don't want to move up the ranks of most employers, because my job is software development. Some places will have a "senior developer" role, which is effectively the same as my current position but they're paid more and have a bit more independence. Others don't bother with that; there is one rank and you just get pay raises if you've done well. Many of those places also have the concept of going up the ranks, and if you do so, you stop writing code all day and start managing others who do that. I don't want to manage, and therefore I don't want to go up.

In this case, however, the problem is that the employer wouldn't want to move the employee up the ranks. Doing that wouldn't help them at all; they'd still be paid a higher amount, in fact they might deserve another raise which a discriminatory company wouldn't want to provide. In addition, a good helpdesk worker elevated to a new position wouldn't even be doing the helpdesk job they were so good at, and their superiors might now have to deal with their management, which is untested. Do you think a company that is already willing to discriminate based on age is going to take that risk, or will they try to get rid of the risk and hire a replacement at much less cost to them?

Re: Admittedly a fan of a new license

As with the last license, after having read the one you mention, I have little objection to its content. However, I see no particular merits to this license and a few annoying aspects. The first is that this license includes many phrases that sound like this: "Nothing in this Licence is intended to deprive the Licensee of the benefits from any exception or limitation to the exclusive rights of the rights owners in the Work, of the exhaustion of those rights or of other applicable limitations thereto." It's reasonably clear what this sentence means, but it is by no means the clearest way to say that and the whole thing is written like this. Compared to the clarity and terseness in many other licenses, this is worse.

Second, I note the geographic limitation to where this license can be argued; if I produce a work licensed under this in Canada and someone in India violates that license, I can only pursue some types of actions in Canadian or Indian courts, and must pursue some types in Belgian courts. That might never be a major problem, but I see no benefit to the restriction.

It's not only Python that does this. Perl and PHP both have made breaking changes between versions, in fact quite a bit more frequently than Python did. Nobody likes breaking changes, and I'm sure the PSF would have chosen not to if they could get around it. However, by forcing the tricky unicode handling parts to be made clear, they unearthed many potential future bugs, which would have been found later on in less pleasant circumstances had they not broken that. For the same reason, if you designed a C-like language today, you could probably suggest some improvements to it that can't be implemented in C itself to preserve backward compatibility. Not everything about the update was necessarily a good thing, but I think there is sufficient merit that the language shouldn't be counted out.

Re: Now you know what 2020 is going to look like

Even they would subdivide things. Early Victorian, mid Victorian, and late Victorian were all used when needed. The decade time unit is pretty useful because the average person will live through a small number of them, and their parents lived through two to four before they came around. If things are changing, the changes are noticeable across the decades when they wouldn't necessarily be as obvious from year to year. I couldn't say there were really obvious differences between 2014 and 2015 in many realms (except things like geopolitics where a boundary occurs whenever a crisis happens), but doing the same between the 2000s and 2010s is very easy.

Re: Greedy and careless

I think that would still be a conflict of interest, forbidden in many contracts, and intentional misconduct. If you took efforts to hide this from the company, that would be fraud. Not being a lawyer, it's possible there'd be fraud even without trying to hide it from anyone, but even if not, you'd definitely be fired and have action taken to recover as much of your pay as possible under breech of contract. That said, it'd probably be easier to hide that fraud than the kind this guy attempted.

Re: "my CD player and turntable are still going after more than 30 years."

It has nothing to do with the fuel source. The kind that use fuel pumped into a tank can have connected and brickable firmware, and the kind that plug into a wall can have firmware that runs without connecting to request updates. The problem is not with EVs, and blaming them specifically distracts us from the real problem, which is cars that require connections. A car that can receive an update, including one that could brick it, is not the major problem because intentionally bricking a car would be illegal in most areas. But one that will install updates without user approval or would stop functioning as well if the updates were blocked are very bad.

Re: Deleted

Prompting the user won't work unless we also make it impossible to read messages in the folder. Most of the time when people do this, they are just going in to read something. If they can do that without restoring, they'll never see the prompt.

We might also consider changing the client so there is an archive folder and deleting a message from the inbox or sent will send it there, with deletions from the archives folder going into the trash. Reconfiguring this would of course be an option. I will admit that I'm an abuser of deleted items, in that I will delete messages from my inbox when I'm confident that my responsibilities with regard to that message are fulfilled, and then someone will come to me a couple weeks later requesting information from that message and I'll go into deleted to search for it. Now that we live in a world of very large disks, I think we could manage an archive-by-default policy.

Re: It's a Global Market

Theoretically, that could be possible. But that's not currently the law; it is still legal to sell Huawei equipment and to operate that equipment that is currently possessed. The only thing that's currently illegal is for businesses to sell or buy from Huawei. For the FCC to mandate that carriers disable access to Huawei devices would take either a new law or the FCC going far outside their typical permit, as they are usually allowed to forbid equipment only if that equipment is allowing violations of radio frequency regulations, which these devices aren't. While the FCC has proven itself willing to do stupid things, this would be another step forward and it would instantaneously be challenged in court. I expect that, when the U.S.-China trade war eventually winds down, Huawei will be taken off the list and will once again be able to buy software and sell hardware in America. They might still not be able to sell parts of a communications system to U.S. carriers, but they'll be able to license Google services and sell phones to consumers.

Re: Read the 14th amendment

That's true, but as a subset it can mislead people into thinking that the law only applies to the subset. For an example, Linux machines are a subset of computers. But if I said "The Python programming language is generally supported on all Linux machines with sufficient resources", which is true, it may sound as if I'm saying that it is less likely to run on BSD, Windows, or Mac OS machines, which is not true. Your original statement was factually correct, but not phrased in a clear way. I appreciate the correction having been made.

Re: TCP/IP

As I read it, the protocol will not, in and of itself, require internet access. The IP connection could be to a LAN only, and the devices could then receive instructions from another device on the LAN. However, whether the manufacturers choose to let you do that is up to them. They could easily require a connection to the internet in order for the devices to pay any attention to commands and you couldn't do much about it. Still, if this gets implemented, there will probably be at least a few devices that don't require access online to be remote-controlable.

Re: What's the point?

The problem with that plan is that, if the money was stolen by someone in connection with his death or he faked the death, all the evidence is in exactly the same place and time, namely the days around the theft and the death, whether fabricated or not. A description of a person might work if you have some idea where that person is and enough details to identify them later on. However, we do not have any good idea where he could be now, and he's had plenty of time to disguise himself. Even without having put a lot of effort into a disguise or obtaining plastic surgery, the generic description of a person as provided for most people would be of no help at all when our search area is the entire planet.

Logically, the best course of action in determining where the money is is to try to track that money. Whether it's him who has it or someone else, they can best be identified by tracking where the money is being spent.

If we know with certainty that it is, in fact, that man who stole the money and faked his death, we will still need to track any accounts that may hold information and those connected to the wallets to find him. If we know with certainty that he is dead and therefore someone else stole the money, our best chance of identifying that person is to check on his accounts for pertinent communications and monitor the accounts connected to the money. Either way, the course of action is the same.

Re: Helping out...

But you probably give that number to people or enter it on forms from time to time. If not, you might not need that number. My mental phone book is sadly pathetic. I can give you the phone number of friends I had in 2007 when I placed calls by manually dialing on a land line, but people I've met since then, including those I call or send messages to frequently, are only known by my contacts database. I have that backed up, but maybe I should try memorizing the numbers.

Re: what happens when Google's master key gets compromised?

The approach they claim to use wouldn't work most of the time. While it works fine if the passwords were originally in plain text, it doesn't work if the hashes were salted at all or used a hashing algorithm other than the one Google's decided upon. Chrome wouldn't know the salt or algorithm to use, meaning the sent data wouldn't be matchable to whatever is in the database. Google has a lot of employees intelligent enough to understand this. Logically, they considered it. My guess is that they made the system work and now are being a little evasive in explaining exactly how it works.

Re: Use

That may be, but the original question was whether they have any point. They may not be the best machine out for video editing, but it's conceivable that someone could use it for that. In addition, a lot of video editors are attached to Apple equipment and software. I'm not saying they need to be, but if they are, this could be the machine they're looking for. It's certainly overkill for anything I do, but that's because I can offload tasks that need a lot of CPU or GPU power, as I rarely need to have so much power right at my fingertips.

Re: But on the other hand...

I'd agree with you if they had tried to hide what their item was made of, but nobody did that. The ingredients are always in the name, usually as the first word. The reason words like burger and milk are used is that they describe what the food item will be like. Almond milk is designed to be similar to dairy milk but be made of almonds. There is absolutely no ambiguity that almonds are involved and that, therefore, this is not dairy milk.

Meanwhile, using this term better indicates to a perspective customer what type of product they're dealing with. It'd be like if you prevented anybody other than Apple from using the word "book" in the name of a laptop, anyone but HP using the word laptop, or anyone but IBM using the word computer. Everyone could still sell laptops, but you wouldn't necessarily know whether a device was actually a laptop because that useful descriptive term wasn't allowed.

Re: Makes sense.

It's probably helpful from a continuity perspective as well. Rather than design new platforms based on Linux or Android every time they start making a new smart television, they can stick with this and reuse some code. That is if they remember they've got that code, which has not been a hallmark of other IoT manufacturers.

That said, I wonder how much code can profitably be shared between a smartwatch and a television. While the kernel could be copied, the smartwatch has the problems of limited processing and very limited battery life, while the television is connected directly to the mains and has an excuse for a much more powerful processor. That doesn't mean they can't use exactly the same kernel for both, but one designed for a television might put heavy pressure on a watch's battery and one designed to preserve the resources of a watch might not be as snappy as users of a television would like.