Posts by doublelayer

Re: So how is this a workhorse?

I know I'll get a lot of disagreement with this, but for many people, 16GB is a perfectly fine amount of memory. I don't know what you do, but I assume it's not one of those things. If you're using a lot of VMs, writing code in a large IDE with a lot of features turned on, or anything that deals with a lot of video and audio stuff, for instance, large amounts of memory can be very important. However, most business things aren't doing anything of the kind. Anyone who is just browsing, doing word processing, and using email and some videoconference thing won't need 16GB. I think that 8GB would be perfectly fine for that use case. Some business uses may need a bit more, such as the machine that's actually running that tremendously bloated financials package. However, a lot of places I've seen have moved that to a server with the machine just providing a frontend to it. That's another case that doesn't need a ton of memory.

I have a computer with limited memory. I'd love one with 32GB of memory, and if I had it, I'd find a way to use it. However, I handle certain exhaustive workloads and I tend not to run into a situation where my 16GB is insufficient. I have multiple VMs open at most times, each one having been given quite a bit of memory. Of course, some help may come from not running windows as the base OS, but even with that, you can still run quite a bit with 8GB memory, and 16GB, especially for a business machine, will work for almost everyone*. *Everyone refers to the business at large, not the technical areas, where the percentage is lower.

Re: schrodinger's browser...

What if it's one of those wonderful tabs that, when they crash, manage to take the browser or, if they're ambitious, the entire OS, down with them? Is that what quantum entanglement is like?

The best explanation I can think of is coverage, such that a country with good download speeds but bad video would have a fast network that isn't reliable, probably when moving. Video consumed while on a train or something like that could cut out a lot. But really, I have no clue. Maybe the article could get some more details?

Re: Why do we need IPv6

For example, if they have five different servers that could work, they don't need to have large load-balancers to handle that case. Five ports on a public IP would mean that there was a theregester.co.uk:443, theregister.co.uk:444, etc. Who is going to type :444 when they don't have to? Nobody. Five servers running internally that are mapped to the same IP takes more networking setup that isn't really necessary. If they have servers in different places, many places can easily direct people to a nearby one, but again, doing that with the same address, while possible, takes more effort than doing it with five distinct ones. If addresses had a good reason to be rare, then I'd have more sympathy with the argument that people are just wasting them and should be better, but there isn't such a reason, as addresses can be made extremely long and extremely plentiful. So go ahead, use a hundred addresses if you have a hundred things at the other end.

There are plenty of reasons to dislike IPV6. I agree with most arguments, even the often-attacked hard to remember the addresses argument. However, the argument that four billion addresses should just be enough for a world of seven billion people and millions of companies, including tech companies with a lot of stuff running on them, and that we should just fix the problem of people using too many addresses, seems foolish to me.

Re: Bit(un)locker

Incidentally, what's the benefit of storing the key in the TPM, without requiring a password, USB dongle, or pin to unlock it? The key is nice and secure, but the system can just read it and go right ahead. So the only difference is that if you steal only the hard drive, you can't read it. But if you steal the computer itself, you can just boot it up and attack the login window, which can gain you access to all the decrypted contents of the drive. Since encryption is primarily a defense against physical access and theft, storing a key in the TPM doesn't strike me as at all useful, let alone a good idea.

Re: Microsoft announces threat intelligence service?

Unless this has changed in the past two weeks, the phone number step is not required. Fill out the original form for a free account. They will demand proof of humanity, which I think is set to phone number. However, you can do a captcha, get a mail to another account, or donate to bypass this. Then you have an account. I speak from experience, having done this twice.

Re: GUI ?

Of course you are right. There are a lot of good use cases for machines with 256 MB or less of memory. However, my original point with respect to memory was basically these two:

1. I wouldn't recommend the use of a machine with 256 MB or less of memory as a computer to be used as a desktop, running GUIs of multiple applications,

2. I wouldn't recommend a pentium computer (referring to pentium meaning the typical age of chips called pentium when they might regularly be shipped with 256 MB of ram) for any purpose. Among the reasons for this are power efficiency, raw processor speed, memory speed, and speed and reliability of the disks typically found inside these things.

Re: It wouldnt be a Trend Micro product otherwise

I've seen it used as well. The version that we had had a scan scheduled every week during the middle of the afternoon on Wednesday, when you were working. The software would courteously ask you to confirm the scan, with the option to delay it. Nice and respectful, no? No, not really, because the delay function didn't work all that well, and would sometimes delay all the way until you logged in on Thursday morning, when it wouldn't ask you but would just cheerfully scan everything with the accompanying lag in performance. And because whatever group was responsible for scheduling the original scan for when people were working, most users would go with the only guaranteed way of continuing to be productive: clicking the "skip this scan" button every single Wednesday.

Re: You'd be amazed at how many hackers ....

Not only can North Korea make him a new identity with great ease, but most North Koreans, including, I assume, this guy, only get to leave the country if it is specifically approved by the government, which almost always means only to China. I wouldn't be surprised to hear that he'll be staying there for the rest of his life, from where he can keep working on all the same stuff. If you don't have the choice to go on holiday, you can't be caught on your way.

Re: UI revamp

Who wants to bet that all the keyboard shortcuts will change again? You already got rid of the feedback while using them, at least let me keep typing the same thing to add an attachment or something basic like that.

Re: So-called "AI"

I mostly agree with you, but some applications of what is termed AI are things the brain couldn't do either efficiently or at all. Usually, they call this machine learning, because they realize that the program is less deliberate intelligence and more iterative or evolutionary familiarization with data. For example, a laptop can recognize text from images much faster than your brain. Your brain can do it better, but the computer can do it well enough if image quality is good, and can process at hundreds of pages a minute. Identifying irregularities in a million seemingly random numbers used to be a multi-year project for a team of cryptographers, or a multi-month project for a concerted effort of tens of teams. Programs exist to do that in a matter of hours using consumer hardware, or seconds on the computers you mention.

There are other examples that a computer can do where a brain can't; anything that involves a lot of data transformation, while technically possible to be done manually, would require a brain to act almost identically to the computer, doing the job much more slowly and with the virtual guarantee of many mistakes. Thus, not all machine learning/clever algorithmics/artificial limited-intelligence is useless. Primarily just the kind the companies want we consumers to have available to us. The good code they keep to themselves.

Re: For all your searching

I use DDG whenever possible. It is my default, and most of my searches go through it. However, there are types of queries that google can handle much better. One of these is when you want to download some piece of software, but you don't remember what the download link is for it. If it's a thing that has its own site, then it's straightforward (go to site, click download). Consider a program like thunderbird. Is it mozilla.org/thunderbird? I don't know; it might be. If you want the download quickly, google will direct you to the right one from the search "mozilla thunderbird download", whereas duckduckgo will give you several close but wrong pages. They are also prone to being attacked by the SEO-intensive software distribution sites that put malware in with the download if you can even find it. Google can also answer certain questions directly. When the standard user wants to ask a question and get the answer fast, google's lead in this keeps them from taking my suggestion and switching to something that is more respectful of the user.

Re: castrated

It's surprising to me that the two phones compared in the article described the other as good if you don't want photos. I understand that the camera on this one is better, but the one on the other is a 16 megapixel sensor, which, assuming it's not connected to some terrible imaging unit, should be fine for a lot of people who don't intend to go into phone photography. I figure that it will be just fine for people who like to take photos to send to others, given they used to do so with 5 megapixel cameras and didn't seem to have a problem with it then.

Re: Obviously...

LibreOffice can save just fine as word or PDF, so it can be hard to determine if someone's using that. Of course, complex stuff that docx files support might not be perfect if LibreOffice saves them, but experience tells me that the same type of chaos can be created just by saving a file in one version of word and opening it in another. Simple things like CVs will be fine.

The major problem I've seen with getting some people to use LibreOffice is that people used to excel won't take to calc. A lot of excel stuff doesn't work at all. Normally, that's probably fine, but if the people you're trying to convince worked in finance of any type, they will be grumpy and unhelpful. If you try to convince them to leave excel behind, this gets worse.

Re: How much?

Theoretically, anything relatively legacy from win32 should run, as long as it can without doing any deep-system work. The APIs are compatible and the instructions are simulated. If what I saw months ago is still correct, 64-bit applications won't work, but with only 4GB of ram, that's not a really big deal.

I wonder how far the battery drops when you're running one of those. I presume quite a bit. I also wonder if the 25 hours of battery when watching local video is perhaps taking advantage of a GPU that is efficient. Usually, that kind of number sparks my exaggeration sensor. I would like to see real world numbers for activity that will actually happen: browsing internet, doing office work, spreadsheets with inefficient formulas courtesy of finance, and doing one of those with several tabs, mail client, and skype running in the background. Then I'll know what I predict.

Re: Very Good Answer...

I'm currently dealing with a similar problem. I don't work in IT support, but when my family members have issues, they come to me. This time, it's one of my family members who runs a small business with no IT help at all. Unfortunately, the help is going like this:

Family: We have a firewall, and it's old. We want to get rid of it.

Me: Would you like me to recycle it? I get rid of a lot of hardware.

Family: No. We don't know the password to it, or actually we think we know the password to it, but we don't know for sure.

Me: Do you need the password if you're just going to get rid of it?

Them: Well, we don't know, but how can we configure it if we don't have the password?

Me: Do you want it or not.

Them: Do we need it?

Me: I don't know. What are you doing with it?

Them: It's between the modem and the router.

Me: Do you mean the WiFi access point?

Them: No, that's connected directly to the router.

Me: Which is downstream from the firewall, right?

Them: [confidently, so I know they haven't a clue] Yes.

Me: [realizing that using the word downstream was my fault and I shouldn't have] Do you know what I mean by downstream?

Them: Yes, of course.

Me: Ok. Then what is upstream from the firewall?

Them: We have some network phones and a computer on that part. All the other computers are on the other part.

Me: Which part? Can we start from the line in from the ISP? What's plugged into that?

Them: The modem from the ISP.

Me: And what's plugged into that?

Them: The firewall and the router.

Me: What's plugged into the firewall?

Them: The router and the modem.

Me: Is this router the same one that's connected to the modem directly?

Them: Yes.

Me: And what's connected to the router?

Them: The server, the switch, a phone box, and the WiFi.

Me: [Pretty sure they've got a loop but at least I understand now] So the router is between all the devices on the network and the modem? There's nothing else there?

Them: No. The firewall is only between the router and the server. The computers are connected to the switch.

And it continues. This is why I didn't go into IT or specifically networking. I can sysadmin a lot of stuff, but I don't know whether I can do a business network, let alone one where someone's already treated it as a cabling playground. But more importantly, it's why I would never work in support. Even if all the programming jobs that I'd rather do are replaced by AI, I'll not do support. My sanity is important to me.

Re: I do wonder...

I will bet on "a very large amount". Just try to pick up any html page and see if you can read it from source. I certainly can't. About the fourth time another javascript blob appears, I lose my focus and give up.

I have a web application online that I hand-coded. All the files involved except the images can fit in 24 KB. This includes the backend code as well, so each frontend page that could be presented is tiny. And still it has a number of features. A standard page online is much larger than my entire application.

Re: Russian Hackers

I wouldn't count on that. Sure, generic phishing attacks are fragile; they can be detected and usually they are ineptly built. However, a standard phishing attack is usually done to get a few people. If an attacker gets four credential pairs out of a thousand people, they're probably quite pleased. There are ways that phishing can be done better, be that "spear phishing" (tailoring everything to one specific victim, which increases the likelihood that someone clicks on it), using various methods to make detection harder (for example, many phishers don't try to pretend to be from a trustworthy domain, but it can be done), or having lots of small phishing sites such that the death of one doesn't really affect much. The proper flagging of this attempt doesn't mean that something else can get through.

Re: Exposure?

Not really. Of course, google play won't help with exposure, but it will help keep people who already know about the app from drifting away. When you say in your advertising to go to the google appstore and search a phrase, people know what that means. If you tell them to go to a website, no matter how clear you are on that site as to how to download the APK file and install it, fewer of them will. That's why the google store can effectively constrain developers to using it, even though sideloading is possible. The same would be true, for example, if you told them that the app could be found in FDroid or another relatively unknown store. The non-technical, for most apps, the main customer base, won't get you, and you'll lose their business.

Re: When will it be safe to by a new system?

I'm glad that works for you. However, there are many tasks that people ask of their computers that a raspberry pi would not do to their satisfaction. Among these are modern games, high-speed browsing (think downloading a multi-gigabyte zip file and extracting it, which on the pi with its USB2 bus and SD card is going to be a lot slower), editing high-bandwidth data (images, audio, or video), even browsing pages with a lot of data to pull down and render and/or having a bunch of tabs open (I wouldn't want to deal with my family's complaints if they tried to do their standard browsing with only a pi core doing that for them). There are a lot of good use cases for one, even when running a full desktop, but there is a reason that a great many raspberry pi users are using them headlessly or as media devices rather than transitioning to having one as their main machine. However, my point was more about viable options for processors in consumer computers. In the sense of performance that is expected of a computer sold these days, intel and AMD are the only providers who 1. have such a processor available and 2. have that processor in a consumer-available machine. ARM has many such processors, but you can't get a computer with one in; the raspberry pi uses a much slower processor. Therefore, the only available alternative should you be concerned about the vulnerabilities or unwilling to hand over more money to intel but still want a standard desktop or laptop is AMd, at least for now.

This is completely correct. You could put the original blame on verizon selling an annoying package or the fire department for not paying attention. To the extent there was blame, it would be verizon not terminating the throttling during an emergency. This is definitely not a net neutrality thing, and I think our writer may have mixed these things together. I've reported this to the tips and corrections, in the hopes that it was a mistake or the reporter was just tired at the time.

Re: 5 Ears?

Really? I'm not saying that equipment made in countries with large surveillance systems is free from backdoors, but we're talking China here. They have spyware on pretty much everything, but they just won't have it on something big and important? That doesn't make sense to me. If you do want to go full conspiracy theory, it wouldn't matter if the Chinese equipment did in fact have no back doors, because the Australian companies would be going to configure and program it. If a surveillance system needs to be built, that could be done no matter what it runs on.

Re: Jolly Good Journalism, El Reg.

Thank you for those posts; they were informative. I will be going through my code and clarifying the licenses. In most of the libraries I have written, they are probably more of a BSD-type thing, as they are less likely to be externally modified, and I'd rather not limit what people can create with it. Still, quite a bit of research to do before I decide on something.

Re: Local Optician

"running XP is not really that bad especially if the machines are not connected to the Internet"

For point of sale equipment, it is almost certainly connected, if not to the internet at large, at least a corporate network. You could create a communication system that lets information about payments be sent out without networking, but that is difficult and probably wouldn't be attempted. These vulnerable devices have been used before to gain access to payment information, usually after a breach somewhere else in the network.

Re: I have doubts

I will try one more time. I do not think, nor have I ever thought, that the type of devices we are discussing are the types to send video streams or other large data streams.

Now to cover IoT vs IT: IoT is IT. It is a system that runs code, interacts with other devices, and in order to actually come under IoT, must connect to the internet at some point. It may not be exactly similar to other IT devices, and there may be other people to work on it, but it is technology that delivers information, and is more similar to IT infrastructure than infrastructure by most other departments. In addition, most of the things that are talked about as members of the IoT group as a whole are much more complex than something that runs some sensors and can communicate all the relevant information in some 255-byte chunks sent every once in a while. Even if we're limiting ourselves to equipment used in industrial things, there are things that require direct connection because they report information or receive commands in real time, and those things are always called IoT. In fact, if we wanted to split the broad category IoT, the devices better suited to the name would be those connected directly to the internet rather than sensors that use a gateway (of course, if that gateway also allows internet connections, then those sensors also belong to the IoT group).

My doubts are still alive, but not because I fail to see use cases for the technology. I merely see a great deal of complexity in the technology that would make it difficult for some players to use it. Combined with the fact that WiFi exists and can be used by a lot of sensors, albeit with less effectiveness and many downsides (I admit these are there), many might not bother to implement it. This could cause the technology to stagnate.

On the topic of hospitals, many of these already have WiFi. Part of the reasoning for this are patients who must remain there for some time, but the system is also used for wireless devices used by the staff. Those hospitals that lack it often still have wired internet, as they are some of the most computerized locations. I'll admit that I have less experience with factories, but I'd imagine that those for whom the term internet of things is a selling point are probably not strangers to internet-connected equipment on the factory floor.

Re: It has?

Nor do I. I think it might be best if, instead of thinking up new types of connectors that 1. don't have any faster data rates, 2. didn't get any smaller, 3. took far too long to realize that being flipped would be helpful, and focused on making what is already available better, we'd have better cables. The same applies to all types of fast-charging stuff. If, instead of trying to crank up the voltage or current, phone manufacturers tried to make their phones run at lower power levels and have batteries supporting it such that the typical high-power USB (5V 2.5A) would be fast, then it would be much easier for everybody.

Re: Pai is still damaging society

That is not how any of that works. Net neutrality means that the people running the communication systems can't send some traffic faster than they would ordinarily, and the reason for that is that the only way to do so involves taking something else and slowing it down. It is not that you can't buy faster speeds; you can. Get more powerful servers and high-speed data links and believe me, you'll see your speeds skyrocket. What the net neutrality people advocate is that you can't buy someone else having a worse time. For example, there is not an "expensive car lane" that allows those who have paid more for their cars to bypass traffic, even if they pay for it.

This is usually the reason that companies want to have the ability to change speeds; coms company C wants more money. Video streaming company V wants their competitors out of the way. If V pays C to make all of V's content faster, thus making it a better experience than competitors W, X, Y, and Z, then eventually people stop buying service from W, X, Y, and Z. The two possible options are for W, X, Y, and Z to fail, causing consumers pain because their options have been lost, or for W, X, Y, and Z also to pay C for faster connections. This makes the services of V-Z more expensive, as some of the money the people pay has to go to C for the we-won't-choose-to-kill-your-business tax, and it harms any other business that wants to stream video. In fact, it hurts any other business, period.

Re: Tricky indeed...

I disagree. Android is insecure in all sorts of ways, and google, as well as various others if they can get a chance, will collect a very large amount of your data. Apple doesn't collect as much, has more restrictions on third party collection, and has fewer security problems. Apple therefore makes a more secure product.

However, there are a lot of good reasons to dislike IOS. The fact that it's secure doesn't make the lack of choice, the lock-in to apple, the ridiculous expense of the hardware (although certain droid manufacturers are giving apple a run for your money there), or any other annoying elements better. There are trade-offs, but I see them as security versus all the useful features android has that apple doesn't. Security vs side-loading. Security vs removable storage/battery (some conditions apply). On and on.

Also, just because apple's phone is more secure than most android phones doesn't mean that apple is good. Apple could do more to protect their customers' security, and they could easily collect less. I would like to see both. For security changes, I have a very long list for android to do.

Re: Advertising from mobile 'phones

It is possible to remove this, but the setting is hidden so that most people don't try to find it. Also, it has an irritating habit of switching itself back about once a year. If you send relatively few messages from your phone compared to your computer, you're liable to send out a few before you notice that the thing is back.