Posts by doublelayer

Re: Pretty well Inevitable for an Alpha Version

I think any portable product design should include one more step immediately after the first manufacturing run is complete:

Hello engineers. Thank you for working on this product. Here are the first units for you to use. You have to use them for the next two weeks. Be rough on them. Report any failures.

If the engineers are being too careful still, we'll have to scale it up again.

Hello engineers. Sorry we arrived unannounced at your house. We just brought along these gifts for your children. When they tell you their gift is broken, please report what happened.

This will find things never imagined by the people who built the testing machines.

Re: can someone explain...

You make a list containing n elements, run a lambda over it where you ignore the thing in the list but ask for input and run the process on it. It's reasonably simple, but not at all revolutionary.

Re: File transfer

Unfortunately, you'll need a third-party app to do this. There are a number of them though I cannot make a recommendation for a modern one. You install that and a client on a computer you're transferring to, and this allows files to be sent between the two. Definitely not the best solution, but it's available. Other apps do the same thing to file-sharing-enable apps that didn't do it right themselves. I should say for the record that I have never had an iPad and don't recommend it for computer tasks. This is just a thing that can be done and might help in some cases.

Re: Builders...

"the US is the most confusing, with half a dozen shapes of plugs available for use in the home"

Sorry? The U.S. has the one type of socket, with two parallel slots and a lower round earth slot. In very old installations, you might find the old type of socket, which is the same but without the earth slot. I believe those aren't allowed anymore. There may be other standards, but I don't think you find them in American homes. That's the only style of plug I've seen for that region, with the only variable being whether the device to plug in has an earth pin or opted not to include one.

Re: Wouldn't fly around here

I once worked at a place that managed to be semilarge and still have a startup environment, actually a rather pleasant one. I think they mostly managed it by having smaller offices in many places, so there were only about 200 people where I worked. The nice thing about their scheduling system was that they really didn't care when you did the work as long as you were there for or called into any meetings and worked for the specified amount of time. You could do some long days and take most or all of a day off. You also didn't have many meetings, and most of them were small and could be organized to give you the flexibility to take time off.

Re: The old ones don't get obsolete

I don't care about optical drives on laptops, and nor do many people who have asked me to find them a laptop. The media is simply too old and too small to be used very much. I have a USB drive in my disk that I can connect if I need it. Otherwise, it's extra weight I do not need to carry with me. As for keyboards, there are certainly a lot of terrible ones around around this time, but there were some truly terrible ones before too. I've seen many keyboards on the more expensive laptops that are fine, but sometimes a keyboard is a thing that will be compromised with a laptop.

Re: So they deny the problems, just like other manufacturers?

First, this is not an article directly comparing Pixels with iPhones. Pulling a Steve Jobs and using "Phones aren't perfect" is not really responding to the argument. The question is whether the bugs mentioned in the article, which are somewhat severe and form quite a long list, are enough to make the pixels less useful or desirable than other phones, both iPhones and other companies' phones, especially when taking the price into account. For me, that is a clear no as I do not care about the camera, and it sounds like that's the only part where the Pixel is better than other android devices.

Second, iPhones did bend, but haven't in a while (that was the iPhone 6), blow up (when they bent, also not in a while barring some "I squashed it and that ended badly" stories that would apply to a lot of phones), and the holding it wrong was a very long time ago. iPhones have many problems you could discuss. Use a newer one, and be honest about the quality when making comparisons. These historical bugs are still good only for jokes.

Re: Utterly Shameful decision.

Let's take it another way. We'll start with a question about the situation, and because I like them, we'll continue on to another analogy.

Does fiber differ from copper? Fiber in this case being FTTH? The answer is yes. It doesn't have to, as you've said, but it does. Fiber connections from most places are both faster and lower-latency than copper lines. Without the real specifications which they will not give you, this may be the only method for users to ensure higher speeds. Yes, it is possible that the fiber connection will be terrible too, but if you have it, you know that you have higher-spec equipment and the infrastructure that serves that connection was updated recently. You don't get that guaranteed with copper. With this environment of restrictions, you can only get a small amount of information.

Now the analogy. I have a wonderful intel processor to sell you. It fits into this motherboard, runs at a certain clock speed and has a good benchmark rating, and it runs at a specific power rating. I did not lie about any of this. Well, actually, I did lie about one thing. It's not an intel chip. It's a MIPS chip. If you're writing code for it, it will function just as I said it would. However, if you bought it to run X86 machine code on it, well that won't work so well.

I hear you protesting already. "The ISA is one of those features you have to match when it's a processor." I'd argue that this is analogous to the internet providers not telling you important details, but let's just accept this. So it's no longer a MIPS chip. It runs the X86-64 architecture with all the same extensions. Are we done? No, we're not. It still isn't an Intel chip. The specs may be the same, but there are still differences. Intel warranties their chips for some period of time. We at definitelymakeintelchips.com have a warranty on our chips for the same length of time. Another matched parameter. However, ours are built as cheaply as we can to pass that time, and because we employ the people who came up with planned obsolescence, our architecture that implements X86-64, which does not affect you at all because all your instructions run at the speed we told you, happens to have security vulnerabilities that Intel doesn't have. They weren't known to be there; we didn't refrain from telling you. We just hired the cheapest team we could find and the vulns will come out when your warranty is over.

Finally, a point of honesty. Even if our chips are just as good in every way as Intel chips, it's not fair to sell them as Intel. Of course, in this example, Intel could sue us for trademark infringement, but the same applies to other terms with definite meanings. "Intel" means "designed and manufactured under the direction of Intel or someone they gave the name to", "titanium" means "the element titanium", and "fiber" means "fiberoptic cable". If the ad says "Our fiber home internet connection", they're clearly implying that the connection that is connected to your home is a fiberoptic cable. If it's not, they're being misleading.

Re: What about the ugly hype linking 5G and IPv6?

They're not going to kill WiFi any time soon. That's not really feasible, since 5G systems won't provide as much bandwidth or certainty, and since there are so many WiFi devices out there. And it's so easy to have an internal network with or without NAT, that's not going to happen either. I fully expect that NAT will continue to be used even as IPV6 eventually gets rolled out.

Re: stats

Can we make that a quadratic equation with integer coefficients that are limited to some value? Only the one my quick python expression gave me was

30.172645780509356x^2-380.2337095297456x+847.7979639890812

Re: Slight concern

A logical concern, but it doesn't seem to work. We describe in great technical detail how malware was detected. One would assume that the malware writers would find new ways that definitely aren't the ones that failed, and that users would make sure those methods couldn't work. And yet, the most successful malware in the sense of getting itself on a bunch of victims' machines is not all that complex. It uses vulnerabilities that have been known for a while, and it isn't always very well-written at all. There are a lot of people bent on doing evil without the intelligence needed to avoid the mistakes of the past.

Re: Objectively speaking

You are correct. The two are not at all the same thing. They're just two different bad things. Science does not have some get out of consequences free card. Nobody should have a get out of consequences free card.

Re: Isn't agreeing to the EULA a step over the edge

That's exactly how you go back. They just can't press a button to convert their beta system into one running the main build. Which doesn't surprise me--if a system running untested beta operating systems breaks, I know I have a bunch of confidence that it will all start working again if I press the big reset button. If you're going to run an OS to find bugs in it, don't put it control of things you aren't prepared to lose.

Re: Load of bollocks

Why imagine that. I just invented this mind reading technology and I didn't know what to do with it, but your comment has enlightened me. I'm going to build a system where the mind reader finds out what the user wants and makes the machine do that. If you want it, I'll be selling the technology later this week. If you don't want to buy my device, you could always use the machine the way it was built. The same way you use every machine--for the purpose that it was built to do. It is not the fault of support when a user messes up. A proper support person will fix the problem, but that doesn't mean the problem was the fault of the person who fixed it.

Re: What's a Millennial...

The definition is supposed to be people who came of age around 2000, meaning the people in their 20s and 30s now. But people really like having categories that have no reason to exist and are completely arbitrary, hence names of generations that have to cover every year.

Re: Official sponsorship

I went to a place in a mall that was selling phone cases. I wanted one that was somewhat flexible, so I looked at the cases in order to find one. The one I found and decided I liked completely covered the back, other than the camera. So did a bunch of other options at this place. The one before that which fell apart quickly but also covered the whole phone I purchased on Amazon. I didn't make any special effort, and they were dirt cheap. Maybe they don't have them in all places, but it has been quite easy for me to find them without really trying.

Re: Bah!

I'm not going to jump into the main argument, but they are trying to get the OPM hackers. They don't have specific names (to the best of our knowledge), as they were members of a China-based group (either criminal or military hint: it's military). If they get the names, they will try to get the people involved. I think we all know the likelihood of China turning them over. The U.S. is not happy with the OPM breach, and they've made no bones about it.

Re: It's the time since epoch

My guess would be that some time in 2018, the locking system got a wrong code and wrote a time. For all we know, it was just a "try again in one minute" thing, or even an automatic thing the device does every time it unlocks. It wouldn't have to be noticed until the clock reset. Consider if the code and user actions followed this sequence:

2018-sometime: User enters wrong code

2018-sometime: Device puts current time in unlock limiter, meaning the user can try again right now

2018-sometime +5 seconds: User enters correct code

2018-sometime +5 seconds: Device unlocks, doesn't clear the unlock time

2018-sometime +5 seconds to 2018-sometime+some minutes: User uses device

2018-sometime+some minutes to 2019-04-08: Nobody uses device, battery dies, clock resets

2019-04-08: User turns on device. Device reads the unlock time, saying "Don't unlock until 2018-sometime", and presents the 48-year delay

2019-04-08 +one minute: Child gets blamed for coding mistake.

Re: Linux ???

Unfortunately, the mention was purely implied and could best be stated outright as "It doesn't run on a Linux machine and we are not going to do anything to fix that". They probably don't want to waste the tiny amount of employee time it would take to have chrome on Linux properly interact with the various options for bluetooth controllers. They probably also are aware that Linux users are less likely to use Chrome directly, instead opting for Firefox or a derivative of Firefox or Chromium, none of which would support it. Finally, they've probably done the math and realized that Linux users are more likely to see that this isn't very new and could potentially be quite unwanted, so why bother? Sorry, you're out of luck.

Re: It gets everywhere

The good news is at least it's had a long time to prove it works and doesn't crash often enough to replace. If they keep it entirely airgapped, that could be acceptable. What do you think is the likelihood that they did that, though?

Re: MSDOSh

Not that those aren't terrible, but I still have to say that I prefer those to the prompt that's just ">" and really is the basic sh shell on some thing that technically has a Linux or BSD kernel but does not intend to actually let me run anything. No, every command I type will be answered with "sh: command not found".

It's always enjoyable to ls some stuff because that's the only command they have. No other shells. No tab completion. No find, stat, or file. No editors, not even vi. You can of course ls the bin directories but that will just show you a bunch of executables that could be useful if the problem wasn't whatever it is, like all the networking utilities and some other executables that nobody knows what they do and just take a guess if man is available. I recently had a system like this where I couldn't even figure out who I was. I could tell that I wasn't root because it was denying me access to lots of stuff. Whoami and who were not found. ~ resolved to /. I eventually found touch and tried to create a file to see the owner, but although touch thought a file was created, ls did not agree. I did have plenty of tools to read a file (for a system with nothing else, it had both less and more), but I didn't have access to anything. I wonder if this was an April fools joke that I didn't find for a few days, but I don't think so.

Why would Amazon want to do that? Browsers are pretty much given away for free. So you have to consider, when deciding to write one, what the benefit will be to you. So far, the benefits have been:

IE: User lockin to Microsoft OS.

Netscape: Commercial, browser and later connected products but not browser sold to people.

Firefox: Nonprofit, going for open source. Some proceeds from linked services (Google as default search engine, etc.) to support development.

Chrome: Data! Your data! On our systems!

Chromium: If we make this open source, people will fix the problems we made and we don't have to pay them. And later, people will use this and we can gain market share.

Safari: We're Apple. We build everything that runs on our systems. Our systems want a browser, so we're going to make one. (Side note: Safari uses webkit, which is also not chromium.)

Edge: Data! Your data! On our systems!

Edge-chromium: Data! Your data! On our systems!

If Amazon were to write a browser and remove all the tracking, what would they get? They wouldn't get data. They wouldn't be able to lock people in to another system. The only thing I can see is being able to advertise a bunch of Amazon products, but if they're not tracking your activity, they're likely to advertise a bunch of junk that nobody wants anyway. If they did decide to make a browser, I am certain it would track too; it doesn't benefit them sufficiently otherwise.

Re: You should have been sacked

"it was most likely the same command and he just forgot to replace the default "*ALL" in one parameter, something no authorization structure can fix"

I agree about that, but for such an important command, you could at least warn. A simple "This will [insert verb, in this case reconnect] connections globally (for all users). Usually, this is not necessary. Are you sure you want to proceed?" would probably have alerted the user that they probably want to cancel the command and try again. However, as good as that solution would have been, a better one would be giving a very new employee more training than that before leaving them alone with full permissions and no backup or emergency assistance.

Re: Voting in the corporate world.

I also see some benefits from using Amazon to buy stuff. In many cases, buying directly from other manufacturers means I have to pay for shipping from each one, which is more expensive for each one than Amazon is charging even when they don't give me free shipping. If something doesn't arrive, I can quite easily see the status from Amazon's system but I don't necessarily have that information from each additional individual company. Also, Amazon offers a middle ground between small companies that only have their products and the Chinese selling platforms such as aliexpress that sell everything but with untested and unverified quality. If you need something rare-ish, you can probably find it on amazon* more easily than you could find a company selling it. It also allows you to compare different options because they're all listed there**. I don't know if we can provide similar benefits for non-amazon systems, but I'm totally in favor if we can.

*Finding something easily on Amazon: Use a search engine, rather than Amazon's search feature. Sometimes Amazon will show you the wrong things even when the product you want is available and has exactly the same name as your search query.

**Comparisons between options: This can help when you want a product of a type but don't have specifications. You can look at the various options for sale, filter out the ones with negative reviews, obviously fake reviews, or features you don't want, and choose from the remaining set. That becomes much harder when you first have to find the websites of each manufacturer and then compare based only on the information they choose to put there.

Re: No sale

It is an internet-facing device. It may have a public IP at times depending on the mobile network configuration. It gets sent documents and files that it sends through its rendering engines. It has applications written by the manufacturer in a month that have not been fully tested because nobody thought through whether the apps were needed or not, and some of those apps run all the time or provide core functionality.

All of this indicates risk. Security patches are useful because you cannot prevent all malicious activity. You can avoid installing malware from a store, perhaps, but you can't avoid it if someone sends you an email or posts an ad that gets sent to you online with malformed HTML that will allow them to access data from the device. You don't have to treat the phone as something special, but it has all the complexity of a computer and it needs to be protected and updated just like computers do.

Re: No standards

That's why the following phrase was in my post: "or for those who cannot or would prefer not to look at the screen, you could do the whole thing with audible feedback". In fact, the aforementioned people are getting the worst end of this because, when it comes time to pay, the system suddenly drops the information they need, referring them to the screen.

Re: This is not exactly news

"The usage of TOR or VPS services from within my corporate network would be cause for termination."

Inside a corporate network is where you don't need them. The corporate has the resources to create VPNs for the users that are not on the network, and there is no need for user privacy on corporate machines. If you read the posts that I replied to, they are discussing blocking access to public-facing services from large ranges of addresses because a hosting provider, which usually includes a VPS provider, is using them. Not because there is any active traffic coming from the entire range, but just because it could.

They are not asking to do it properly, like another poster here suggested: "run fail2ban, and other commercial IDP products, and we just regularly review the lists of blocked IPs". They are suggesting that they simply obtain all the ranges that someone can buy and block them. I would like them to know that there is a reason for legitimate traffic to come from those, and also that if this is their cunning plan to quash security threats, it will be ineffective because an attack can come from any set of IPs.

In practice, I care a lot less about blocking Tor than I do about blocking VPS systems. Tor is rarely used by legitimate users to access the standard internet except to circumvent censorship, and we can ensure that whatever systems are being accessed in that realm know not to block it. However, I don't want my traffic or system to be considered suspect just because I don't have my own IP address range.

Re: Sounds like another boondogle is inbound

That's great, but it sounds like they have some controls that prevent some easy methods of cheating. By using specific devices that are correctly locked down and making students be there at specific times, for example. However, there will be many schools that lack the IT staff to do something like that. If, for example, they don't appropriately secure the laptops from running third-party code, it only takes one student with some knowledge and a desire for their friends to pay them for a solution to obtain one and write some USB disks. When I was in school, students with the relevant experience were rather easy to find, and you only need one of them to prove unethical for the cheating problem to be much worse.