Posts by doublelayer 7688 publicly visible posts • joined 22 Feb 2018
It depends what you count as interesting. A lot of constructs are more concise in Python, and there are a bunch of libraries for basic graphics stuff which can be used if interesting requires a GUI of some sort. I don't think it's hard for a student who is interested to pick it up any more than BBC BASIC. I'm not sure how it compares for those who are not interested, but I'm also not sure whether making it easier will make the uninterested decide to try it anyway.
"I think administration for school computers is largely outsourced to the local authority"
Maybe, although that's probably dependent on the region.
"and they'll be just as familiar with Pis as Windows, if not more.": Er, why? The local government systems are almost certainly using Windows computers. Did your local authorities switch all their office machines to Linux recently, because mine definitely did not. Whether it's the authority IT or school-specific IT, the chances are that they have Windows machines for staff and few or no Linux devices. They can retrain for Linux, but they probably see that as a cost and don't see why they should. If we think they should, we'll have to be more helpful than this.
"What's the refresh period for school PCs, anyway ?": In my experience, when pieces are falling off them, you can get a new one, assuming there's nothing in the spares closet. Another reason why they'd have to justify buying another set of computers, or to be convinced that they can replace the existing set with Pis alone, which they will probably decide they can't.
On the other hand, any computer designed to get people interested has to compete against computers that already exist. You could give them one of the various microcontroller-based educational platforms, which are a bit closer to the original computer. For example, the BBC Micro:bit is like that: you have to write some code to do anything interesting, but it provides some built-in hardware and libraries to control it so it's not hard to light it up and make some beeps. I still think the Pi's more likely to succeed because computers are more versatile than they were. A child that has a Micro:bit can, if they write enough code, make it light up and make sounds, with some sensors as the only inputs. This isn't very useful, which also prevents it from staying interesting.
I think the Raspberry Pi knew this and therefore provided the hackable Minecraft platform. I've never used it myself, but I know some children have gotten their start with that. They can learn some coding techniques by modifying something they enjoy using, and it's preinstalled on the typical desktop image to make it easy to find. It may not be perfect, but it's something to attract early users that can teach them useful skills. I think that the more you limit the hardware to make learning the only option, the more a student will ignore the useless box and look at their phone, where local coding is difficult or impossible.
All of which is true, but someone was going to have to explain to the school why they should buy another computer, even a cheap one, when they already had these ones. Could the Pi replace the Windows machines for their other uses? Not at the time, it can now, but it will require admins that the other machines don't. They're still going to have Windows admins for staff equipment, so the extra admin for the rest of the machines is mostly small. I don't know how many people tried to explain that to schools, but I'm not surprised that with few people attempting to answer all their questions, few schools saw why they would benefit from getting Pis for everybody. Meanwhile, schools that intend to offer programming courses can also use the computers that already exist. It won't teach them Linux internals, but if they're intended to learn to write some code, that may not be high on the list of expected topics. Nobody was selling them on the benefits of these machines or providing solutions to the tricky bits, so they didn't adopt them, but we didn't notice because we were happy to keep buying them ourselves.
Two groups overshadowed it. One was the people making digital signage, who realized that the Pi's based around a GPU that was intended for TV boxes and thus that it is a pretty great way to build a cheap sign. That led to a large group of industrial users who figured out that, if you have a screen involved, connecting it to a Pi is probably pretty handy. The second group was us. The hobbyists who bought plenty of Pis, but did you buy them for education? I didn't, and most of the users I see online are using them for personal projects, not teaching. That doesn't mean people aren't using them for teaching, and I'm sure some are.
However, there's a reason they might not be. These two groups having had so much success might have blinded us to the fact that the Pi was kind of bad at some of the educational goals for a while. An original Pi running a GUI on a single 700 MHz core and 512 MB of RAM wasn't so great at teaching users to code because they were too busy trying to figure out which part of the system was responsible for it being so annoying compared to every other computer they saw. That's fixed now, but I do wonder how many people tried to use it that way, since the official OS images started in a desktop, so that must be the intended behavior. Of course, we hobbyists know where the limitations are, that those early models were great for CLI use (I still have one running here) and that you could use the GUI if you were careful about which software you ran. Those people who were new to Linux may not have understood why LibreOffice or Firefox, seemingly pretty normal software, were sluggish to an annoying extent. I hope that didn't put educational users off, but since most teachers are not familiar with Linux or programming in detail, I wouldn't be surprised that at least some were.
I have not read those books, although they're now on my reading list, but if your summary is accurate, I don't think it's realistic or desirable:
"citizens, upon graduation, would decide if they wish to have a life defined by Basic (revenue, support, health care, etc.. I guess), or if they want to actually work for their subsistance and attain a career worth something."
The first problem is that I'm unconvinced that we would eliminate work to the extent that this becomes realistic. Of course, technology eliminates certain types of work with some frequency, but it doesn't do so all at once. Meanwhile, more jobs are created to run the technology and by the increased ability to do the things that were once done manually. We've automated a lot of things in the past few decades, and yet the unemployment rate is still pretty low in many of the countries where jobs like manufacturing were lost. Does this mean that we have no problem because everyone just gets a different job? No, because nothing says that those jobs are as good or that getting them was easy. There are lots of problems in a situation like this, but the expectation that there will be more people than jobs we can think of having someone do has been incorrect most of the times it has been predicted in the past. I'm not convinced that AI, even if it improves significantly, will be the technology that substantially reduces the need for labor.
The second problem is independent. Let's assume that I'm wrong and I can look back on this comment a couple decades from now and laugh about how stupid my prediction was. I still think the proposal to choose between a career and support is a really bad option. It leads to a lot of resentment between groups, and whenever that happens, someone will try to exploit that resentment for political power, with the likely outcome that one of the groups will be harmed. I'm imagining the resentment in the scenario you summarized to be caused by people who work thinking that those who don't are lazy and useless, while those who don't work think those who say that are judgemental and outdated. At least if the support was provided to both groups, those who worked wouldn't have an excuse to say that, if they weren't doing something useful to society, they'd have more. I don't think that minor change would be enough. This depends a lot on exactly what jobs were left after that. If we could get it where only the most creative ones were left, then we're probably pretty good because there are enough people who like doing that kind of work to take it on voluntarily. I imagine that at least some of the jobs that take a while to automate will be unpleasant ones, which makes this much harder to solve to everyone's satisfaction.
I think that's misstating what happened. We don't have that utopian dream not because people got in the way, but because the technology didn't do what the dream said it would. It doesn't matter if you have billions to spend on it, you still don't have robots to do many of the things you want done. Of course, with that much money, you can have a bunch of humans doing those things, but that's the point. We don't have the robots envisioned by futurists at the time, so perhaps it's unsurprising that our world still looks more like the 1970s than it does the picture of universal robot service. Robots in manufacturing is really not the same as robots doing every type of manual labor.
Automating the part where you ask the AI to do something obvious is the easy part. That's not going to be the part of many jobs in the future. If the AI can do it and the employer is willing to have the AI do it, sending the information and request to the AI shouldn't require a person. There will be a lot of jobs where humans are still needed, which will include ones where AI can't do it. Unless we improve the quality of AI quickly, this may end up being most jobs, but even if we get much more reliable models, there will be jobs where it can't help. This won't make those jobs fun, but they will certainly exist.
No, the use of force isn't so relevant to the value of a currency. Its rarity and the usefulness of it in a market are much more relevant.
Costa Rica has no military. Really, they abolished it. They're very proud of that. Their ability to use force is pretty low. Meanwhile, North Korea has a huge army. It's armed with all sorts of weapons because they've made little else for the past fifty years, it's the fourth largest in the world by number of troops, unless you count paramilitary organizations, in which case it's the largest. They have nuclear weapons. If they want something to happen in the country, they're virtually guaranteed to get it.
If I offer you the option, which one do you want? Some Costa Rican colónes or North Korean won? There is a right answer.
"Also Beatles singles are not currency so your analogy is nonsensical and invalid."
No, the analogy works. We're debating two parts of Bitcoin. There is its usefulness as a currency, which I think most people here agree is low. However, that's not what we were talking about. We were talking about whether it has value and where that value comes from. A lot of things that aren't currencies have value, and we all agree on that. After all, I expect that your savings doesn't mostly take the form of cash in a box, but rather financial instruments which are worth money and may produce money. You can't buy anything with a bond or share, but those things have value which can be turned into cash. You can't buy stuff with a house either, and turning it into cash takes a long time and the specific amount of cash you'd get isn't easy to calculate. It also has value. Bitcoin also has that power, meaning it also has some value.
Pounds are useful in lots of places, but some of them find it more useful and some less. In the UK, nearly everyone accepts them. In some other countries, some people would accept them, and some would require that you exchange them first. There are many areas that get travelers from other countries that routinely accept international currencies, though the US dollar and euro are more likely to be accepted like this than the pound is. The point is that, though their usefulness depends on your location, they have value nonetheless and you can, with sufficient effort, exercise that value. Bitcoin is also inconvenient to use, so inconvenient that I don't have any, but it also has value. If you have some Bitcoin, you can give it to me and I can use it to buy stuff I want. I'll likely have to convert it into something else to do so, although that's not certain, but it will end up having value to me.
That depends. You can buy quite a few things online, and I'm not just talking about criminals' wares. For example, my domain registrar accepts Bitcoin. No, I haven't used it, and I don't know how painful it is, but they do accept it.
That's not really the right question though. For example, I can't buy many things with pounds because I'm not in the UK. If I go into a local store and present the clerk with pounds, they'll tell me to go away. If I go to the bank, though, I can rather quickly get cash the clerk will happily accept. Just because Bitcoin is inconvenient to purchase stuff with doesn't mean that it has no value. All that means is that it's a poor currency, which it absolutely is, but that's a far more limited statement.
I'm responding to the what if scenario that was presented: what would be different if this man had had a firearm instead of a knife. I stated my opinion: there's a possibility that nobody else would have gotten injured, but I think the intended victim would likely have suffered more serious injuries. If you want to see opinions on a different scenario, you are welcome to posit one. What you do as a result of this prediction, or whether you even agree with that prediction, are not part of my statement.
"They also told me that their service works during power outages (the modem wouldn't have power!)"
In fairness, the modem is relatively easy to power from a battery, and some modems that you can buy already come with batteries in them for this exact situation. Compared to a system where, even if you powered the modem, it wouldn't work without mains power to some equipment near your house which you can't attach a battery to. This may not be the most important, but if you lose power frequently without losing the cables that provide data, then it could be a selling point. Of course, given the other lies they were telling, maybe that wasn't true.
"Trouble is many MNOs now offer 1 month rolling contracts, so can increase rates every month if they so desired…"
I prefer these, because with a contract like that, there is usually no exit fee. If they increase the price, nothing stops me from porting out that month to someone else. They know that, so they have to be a bit careful about randomly changing prices. Compared to a contract that can raise the price and still charge you a fee to get out, a lot of people might avoid leaving because they don't want to pay the fees, then get used to the price increases. In my experience, those that offer monthly contracts tend to be cheaper and more stable than those who lock you in for a long time unless the long-term contract specifically states that it will be one price and the operator may not change it until the contract expires.
Unless your ticket says that email is broken, sending it to a specific address isn't any more complicated than any other alternative. If it involves going to an internal website, then you still have to get the URL correct. Either way, if you don't, you'll get an error message.
In fact, I think the email address is generally better. It is usually pretty easy to remember that tickets go to helpdesk@companyname.website, but in my experience, a lot of companies' internal systems have the IT ticket page at an address like support.its.corp.companyname.website/d/login.aspx?a=49&id=1, and if you just go to the root page, it's not the right one.
Or the bounce gets filtered somewhere. I was configuring a mailing list recently and sending messages to it from an external address. The first one didn't get through. I assumed this was because I had just configured the address thirty seconds back and maybe it hadn't propagated yet. I waited a few minutes and tried again, no message. I started wondering whether I had misconfigured the spam protection piece because I was sending from GMail, and that can sometimes be a problem. I went to check that config. After doing that, I sent a third message. It didn't go through.
A while later, I was using the keyboard to navigate between mail folders, which was fortunate for me, because as I moved past the spam mailbox, it checked with the server and showed me the three bounce messages the list had sent me, all of them telling me in clear terms that I had not switched the list to accept incoming mail from external servers. I had expected that any bounce message would have been sent through since other mail from that server was being accepted, and it caused me to waste plenty of time.
As I said, being able to guarantee the security of anyone who ever does a service for you would be great. Unfortunately, actually guaranteeing that would require the audit from hell. Sorry, I mean it is impossible, but getting close to it requires that. Do you or your employer provide services to other companies from time to time? Are you confident that every one of your systems is perfect, both from technical flaws and from organizational ones?
For incidents where you are responsible for losing data, it's perfectly logical for someone to start with the idea that you are to blame for it. For incidents where someone else does, you have a higher burden of proof to indicate that you should have known that the place was being negligent. In your personal life, you have a lot of companies that store your data because they are the only feasible option and the alternatives are no more likely to be able to guarantee security. For example, the landlord from whom I rent housing probably has more information about me than they really need to keep, and I have no way to confirm that they have stored any of it securely, but I also have no way of guaranteeing that if I were to rent from someone else. This is an unfortunate fact, but if we're going to play the blame game, we have to do a proper analysis of who made which mistake and whether a reasonable company would have known that was likely. Jumping to the conclusion that it's my fault if my landlord's database of identification documents is cracked is letting them off the hook by transferring the blame to someone who could not have prevented it, and you may be doing it with the supplier here as well.
Do you mean this specific incident, because if you do, you do realize that it was a company other than Okta that had the system from which the file was stolen. I'm sure your employer outsources some part of its business, and it would be great if they could make sure that every supplier had perfect security, but that doesn't make them the cause of any supplier's failure.
It probably wouldn't. Most likely, ad fraud was their way of trying to find an excuse for having this feature. If they told the truth: "We want to add a feature which explicitly breaks anybody who isn't using Chrome, then get a lot of people to mindlessly activate it, then take the integrity information and leak it through Google Analytics or something for extra fingerprinting", people wouldn't want it. Sometimes, when they introduce new APIs that don't really need to be in the browser, they can think of a possible benefit that someone could get. For instance, when they decided that browsers should be able to talk to USB devices directly, they could show you how a game written in Javascript could automatically interact with USB gaming hardware or how you could upload code to a USB-connected dev board without learning how to use a serial console. With WEI, they couldn't actually think of any user benefit. They already know some ways to fight ad fraud, such as by looking at the source of the traffic which would get around your VM proposal, but they don't want to bother doing it because talking too much about fraud would just scare the people buying the ads.
It's very good for us and the internet as a whole that this particular incarnation has died. Unfortunately, this isn't the first time, nor will it be the last, when Google tries to break the openness of the internet, where any site that works in a standard way can be accessed by software that complies with the standard, so that Google's software is advantaged. It won't be long until they make another one. We'll have to shout loudly that time as well. Nobody else will stop this from getting through.
Whether it's Google thinking that their desire to prevent ad fraud is somehow our problem instead of their problem, video streamers wanting to support browser watching but only on platforms where they already have a native app anyway, or just companies that want to make it really easy to have a full list of everything you've ever done to sell to the highest bidder, as well as most of the rest of the bidders, the internet's standards are fragile.
In my experience, I think the question should be "how many times in a lifetime do people really need the "airplane mode" button?". A work laptop of mine had one attached to one of the function keys, but this laptop didn't have a cellular modem in it. So that button would turn off... the WiFi and Bluetooth, both of which are perfectly fine to use on an airplane. The OS should still have an airplane mode control since it's a convenient way to disable the wireless systems, but there's absolutely no reason why they would need a key for it.
"but the 14" model has actually dropped in price; from $1,899 to $1,599. So while technically true that the entry-level model is now more expensive, you get a substantially different device for your money."
And, along with dropping the price, it has also dropped the storage from 512 GB to 256 GB, the RAM from 16 to 8 GB, and some of the ports. So you're really not getting a better device; you're getting a completely different laptop whose screen is the same size. If you add the RAM and storage back to where you would have, I'm sure the price goes back up to where it was before. Hence, the cheaper model is gone and the least expensive one is more than it used to be for roughly the same spec and less than the one you're trying to compare it to.
"I'm not aware of any apps that let you see what's in memory."
Are you unfamiliar with Activity Monitor? You always have CLI-based options, but Mac OS includes a program to present it graphically so you can watch it in real time if you want. It shows you various utilization statistics, including how much swap space is in use.
They could be of multiple sizes, and even if they weren't, it wouldn't have fixed the problem. Hitting F7 by touch is pretty easy once you get familiar with your particular keyboard, and hitting it on an unfamiliar keyboard doesn't take very long. Hitting the place where F7 would be on a flat bar is not so easy. Imagine trying to type on a touchscreen without looking at it at all. The chances of mistyping are higher than on keyboards where the keys can be located by touch.
However, an account that IBM just made up isn't likely to qualify for any tax advantages. The benefit to putting money in an account that's specified in law is that you pay less in tax at some point that depends on the specific type. If IBM puts money in an account of their own, it probably doesn't allow the employee to do that. I admit that I don't understand how the account they're using works, but the employee who commented on it says that the tax advantage is lost. Therefore, while this could allow IBM to pay more to the executives, they wouldn't get any advantage from having that versus just having the money added onto their salary. It seems like a lot of unnecessary work when they could just give raises to themselves.
I get it, and I think banning paying ransoms is a good idea. I'm just speculating on what could happen if they do it, and I can easily imagine a company starting up to consult on recovering from ransomware which ends up taking the money paid to them as "consulting fees" and using part of it to pay a ransom. The attacked company can then claim that they paid consultants to help get them up as quickly as possible and they had no idea what they did to make that happen. Not that it would necessarily work, but I wouldn't be surprised to see someone try it.
My guess: ransomware where they tell the victim that they need to avoid telling anyone that they've paid a ransom. While I support making payment of ransoms illegal, I don't think it will eliminate companies that find some way of doing it. After all, companies manage to pay bribes without writing "cost center: general corruption, item: bribe" on their balance sheet. I've been hoping that, since executives seem to be legitimately frightened about the risk from ransomware, that it would mean more tested backups. Unfortunately, if it has, it hasn't been enough.
Which is why making it illegal clarifies things. If we agree that it's something people shouldn't do, then doing that removes that particular problem from company directors:
Shareholder: You're recovering from an attack, yes?
Director: Yes.
Shareholder: Why haven't you paid the attacker instead of this expensive recovery?
Director: That's against the law and the company could get fined if I did. What would that do for your shares?
Now I think the director has some pretty good reasons not to pay as it is, but just in case the shareholder is determined not to understand why those are good reasons, this makes it much easier to deal with. Of course, this agreement doesn't make it illegal for a company to pay a ransom, just government.
As far as I can tell, they don't qualify for the number of users threshold. I don't have great numbers on how many users they have today, but the numbers I have* suggest that they might have about 40 million worldwide. The EU requires that they have 10% of the EU, so they might qualify if literally all of those were there, but otherwise they're likely too small to qualify as a VLOP. They can still come under other EU legislation, from competition law given their large share of the market to privacy legislation (I don't know what their privacy policies are, but I'm guessing it's bad).
* The statistics I've found online are are from a few years ago or are limited to paying users. I've extrapolated to try to guess what it might be now, but that's easy to estimate incorrectly.
Most Linux distros have nothing by default. Unless you're installing a premade stack, it's likely that your distro did not include any database engine by default because, for anyone who isn't planning to use one, it's a bunch of files and services that use up resources for no reason. In the package repositories will be several options for database engines. People may choose a database because they already have one installed for something else so they'll just use that, but I don't think anyone's picking one because it's preinstalled.
How could a buyer scam him? Meanwhile, it's a really easy scam going the other direction. You pay for a ransomware organization. You get nothing. What will you do about that? The only thing I can think of for conducting a scam where he's the victim is if someone negotiated a part up front, the rest on delivery thing and then didn't pay the on-delivery part of it. However, in that situation, he could just sell it again. Basically, if you want to own a ransomware organization, this one isn't the right one.
You talk like you work at an ISP. If you do, you are aware that everywhere you put servers pays for a network connection that pushes packets onto that ISP's network. Netflix undoubtedly have bills for connecting their servers. They pay their ISP to take their traffic, and they're probably paying by the amount of traffic they send since every big contract involves that. They are paying to send, and I'm paying to receive. The ISPs work out between them how they'll exchange money for connecting up the parts in the middle, using the money that Netflix and I paid to cover the costs. If they need to upgrade the equipment and don't have enough money to do it, they can increase their prices. What they shouldn't be allowed to do is have one ISP start charging someone who isn't their customer. I don't have a Netflix subscription, so if I started getting bills from Netflix for having more servers, I shouldn't have to pay them. It works as well the other way.
"Hmm? So you think the businesses [...] should have no control over how they operate?"
That's not the sentence. You know this. Let's see the sentence this came from. You quoted it yourself:
"Net neutrality should mean that users of the internet are in control of what they can do online, rather than the network operator or ISP. "
So what they, and I, think is that the user, not the ISP, should be in control of "what they [the user] can do online". The businesses can be in control of "how they [the ISP] operate", in order to provide the service they said they would which gives the user the power to do what they want to do online.
This is not unusual. The electricity supplier doesn't get to decide that I'm charging my work laptop, not my personal laptop, and I make money off the work laptop, so I need to pay more for that. The water supplier doesn't get to determine that I'm using the water for cooking rather than cleaning and apply a different rate to that. They made a contract where they supply a utility and I pay for the amount I use. The ISP writes a similar contract and sets its own prices for how much I pay to use a certain amount, even if they find it easier to charge one price by which I subsidize other connections because I don't use that much of it (I don't stream video much at all, so I have a feeling I'm using less on average than my neighbors). They then decide how to operate their equipment to deliver the watts, liters, or packets that their contract says they will.
"As long as your ISP delivers you access to a generic 'Internet', it won't be in breach of your SLA, and if you want to terminate, you'll probably be reminded you're in contract and will have to pay an exit fee."
One reason I avoid contracts. While I probably wouldn't try it because any legal or semilegal dispute is a lot of work and I have other things to do, they did quote me a speed. If they consistently degrade that speed, they have failed to provide the service they said they would. While a legal dispute would probably find the clause they wrote in the contract stating that they might not offer that service, this isn't an ironclad defense. While I've never faced this in court, I did once get a friend out of their ISP contract for consistent failure to deliver the service they promised, and the customer service representative accepted my set of data about how bad it was and allowed them to cancel the contract without paying any of the suggested fees. That's no guarantee that they'll always do that, but I think consistent degradation across a large area is the kind of thing that causes lawyers to start thinking about large groups of plaintiffs, and publicity like that leads to government scrutiny of monopolistic practices. ISPs aren't all-powerful.
ISPs figure out their own peering arrangements. A lot of them have negotiated free peering relationships, and in Netflix's case, I know they have systems to reduce the need to peer at all by putting content on the local ISP network. However, if my ISP finds that they have to pay to peer, then that's a cost of doing business which they pass on to me, not a cost of doing business that they pass on to lots of people to turn it into profit. I'm the one buying the service, and they figure out how to charge for it. If it means that they decide to charge by consumption, so be it. It is not my fault that the price they set doesn't give them the profit margin they'd like. And by the way, if they start increasing the price, there had better be competition because abuse of monopoly power isn't good either. Sometimes, companies have to get used to the reality that some activities don't have high margins.
That is until the ISPs decide to slow down VPNs. It could work, too, because one used for work is probably running at a lower speed than one used to stream video that they would otherwise have messed with, so they might be able to find a level at which the personal uses are more actively harmed. Even if they don't, though, they can always sell the normal internet package and the extra one if you want to actually be able to work from home. They already have the ability to give us different prices by capping speeds, and they should just use that which is easy for a buyer to understand rather than trying to add in a bunch of variables about which specific things will work and which ones will not.
Netflix doesn't pay because I do. Netflix pays for the connection from its servers to the internet. I pay for a connection from my home to the internet. What my ISP is selling to me is the ability to ask for and get packets from the internet and they'll deliver them to me at the speed and for the price we agreed on. It is their responsibility to determine how much it costs to deliver those things to me and charge me accordingly, which does not include trying to bill anyone I've ever requested packets from.
Everyone involved here is already paying for access to that network. By trying to charge the other end of the connection, the ISP is trying to get paid twice for providing the same service. If the person sending packets has to pay for both ends of the connection, then why shouldn't Netflix's ISP start charging my ISP for the delivery of the packets from my computer telling it what shows I want to watch? That costs money as well. I think we can agree that this is ridiculous, and it is ridiculous when the packets flow the other way, even if there tend to be a lot of them.
It is unique, but usually it doesn't make it through to the general internet. Most online fingerprinting attempts don't get to see that address, and therefore can't use it against you. This problem is specifically about devices that are on WiFi networks, which can see the MAC addresses of any devices using WiFi. You have no guarantee that networks you connect to are keeping that address private and not either doing local tracking based on the address or sending it to someone else who is correlating it. That's why Apple and Google decided to use random ones to make this more difficult, but Apple implemented it incorrectly here.
Probably not. The code that changed was in the networking stack, and that worked as expected. The code for detecting AirPlay devices probably didn't change, so there was nothing to indicate that a new error could be in there. The latter point is not guaranteed, but the alternative is that the AirPlay team wasn't thinking about the privacy changes made by those who write the networking stack, which doesn't leave anything obvious in the code.
"somebody down the line probably knew, but didn't think it was worth mentioning it to somebody more senior."
Probably not. The team that made private MAC addresses tested their new feature to make sure that, when they connected to networks, the random one was sent to the network equipment and the real one was never used in addressing. Both of those tests passed, so they figured that was all that they needed to do. Meanwhile, the AirPlay team that wasn't even thinking about the feature change because network connection is abstracted away from them didn't think about the fact that what they were doing with MAC addresses was going to cause problems, and the network connection group didn't know about or think they had to deal with code that was used for a completely different protocol. There's a lot of cracks between those two groups for this to fall between. It's not even a thing that simple testers would notice, since the packets sent for AirPlay will have two MAC addresses attached: one where a MAC address normally is which contains the correct, random one, and one encoded in the payload which is the one that shouldn't be there. A testing group would have sent lots of packets and looked for the MAC address resetting to the hardware one, but they probably wouldn't be doing payload inspection to see if it was being leaked in there.
Only after having a long conversation about what a hole is. Those smallish holes across the surface have even smaller holes inside them. The area between those holes is rough, meaning there are some parts of it which are vertically lower than the rest, so does that count as a hole? Or, you could just scale up and decide that there's basically one hole, because the height difference between the crust on the edge and the lower surface is going to be higher than the depth of the smaller holes in the middle.
Yes, I've had questions like this before which I dissected to point out the inconsistencies. For example, I remember being asked to estimate how many windows were in a building and asking whether we were counting internal windows on doors, and when they said yes, asking whether a nearby door which had a bunch of square panes of glass in a grid counted as one big window with a lot of lines through it or about forty tiny windows. They seemed less sure about that answer. I decided not to ask about the exact definition of window, which could have included a lot more things. For example, I was going to ask whether the transparent bit on the front face of a vending machine counted as a window, and in that case, where were we drawing the line between windows and screens. I don't know if this questioning of definitions and details was appreciated or not, but I've worked in programming too long not to do it, as the first step to a lot of programming tasks is rigorously defining exactly what they think their vague statement means.
For context, Mechanical Turk workers do not work for Amazon. They are bored or desperate people who decided to do really basic tasks for really tiny amounts of money. If you have some small task to perform, then you can hire a hundred people for five minutes apiece to try to get it done. One consequence of paying a lot of people a very small amount is that they're focused on speed, rather than quality. I've never hired any, but someone I knew who did to get some training data tagged ended up assigning the same data to multiple workers because the results were so unreliable.
On the same basis, I can patch the Windows 11 installer and that will also run. The point is not what I can make happen, but what Apple's support system is compared to Microsoft's. If I use methods to break the unnecessary hardware checks, both are supported. Only time will tell which company breaks those checks first, but if we're taking bets, I'm betting on Apple because eventually they'll cut off all the X86 Macs and I doubt OCP will get around that. However, if we're talking about when the companies put up that message that says this machine is done and write their software to check for that condition, as fragile as that check may be, then Apple is doing it earlier than Microsoft is.
"So when was the last time you actually replaced a SSD, battery or some other internal on a laptop?"
Two weeks ago. No, I don't work in IT for my company, doing this to broken user machines. I do it for myself and for friends. In the past two months, one friend got extremely annoyed with a Mac from several years ago which is still fast enough for their use cases, but had a battery that was worn to the extent that they were tethered to a wall. Fortunately, this was from when Apple wasn't gluing things down, so I got them a replacement and spend a few minutes with a screwdriver. Their computer is good again and for much less than it would cost to buy any replacement, let alone the same model from Apple's current line. Then we have the two weeks ago situation where I removed a disk from a laptop, in this case because it was not turning on and accessing the data was going to be faster if I read it in a different device than if I fixed the problem that developed.
Sometimes, I do this for myself, but the fact that I'm doing it for friends and family proves that there is demand there for doing repairs. By making the repairs easier, we make it possible for people to do them on their own without needing an expert or to hire the assistance of someone who doesn't need extreme equipment to manage it. Contrary to your statements, cheap laptops are not usually built so badly that you have to break them to open them up, and if they are, the chances are that they were among those that weren't intended to be opened, which is exactly the problem.
"from a software prespective I find that Apple supports an older OS a lot longer than Redmond does."
And you think this why? This is a provable claim, and it's not true. For example, my old Mac, which cannot install any Mac OS after Mac OS 11, but can still run the latest version of Windows 10. The hardware is the same. This applies to any Intel Mac released after 2009 or so which has reached the end of Mac OS updates. I'd have agreed with you if you were talking about IOS and Android, where the facts are equally provable but go in Apple's favor. I may even get to agree with you when Windows 10 drops out of support. The reality is, however, that I have a computer here which Apple dropped over two years ago and Windows will continue releasing compatible updates for almost two years past today. I'm not the only one who can say that.
Well, they have been, but I don't think the reason they stated is why. Manufacturing problems and the fact that a lot of people bought computers in 2020 that are still just fine probably contributes.
What, being confident, even if it later turns out you're wrong? Yes, that is legal. I'm having trouble figuring out what people expected him to say. There's a chance he's right, but if ARM is a much worse threat, than he said, he's unlikely to say "ARM's going to win, we can do nothing about it, start panicking". If he was lying about whether Intel has a certain product or the known capabilities of his competitors, that would be a problem, but he only stated an opinion about ARM's possible success. That opinion isn't that outlandish: I'm confident that you could come up with a list of reasons that ARM could fail to take over the desktop market, even if you have other lists about why it might succeed.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
