Posts by doublelayer

Re: I fail to see what he did wrong....

What kind of wrong are you referring to? Do you mean ethically wrong or pragmatically wrong? Either way, I'd have thought those were obvious:

Ethically wrong: Take a job where you're not supposed to sell secret information, sell secret information.

Pragmatically wrong: Sell secret information for a tiny amount of money, have no backup escape plan for if you get caught, do the stealing so badly that you do get caught.

If you're referring to the various boot software, while I'd like Windows to support it nicely, I'd also like if Linuxes supported it nicely, or if I didn't have to deal with it so much. I've broken that by installing two different versions of Linux on the same disk. No Windows involved. I would prefer if it was easier to have lots of operating systems on one disk, and in my experience, you can eventually get somewhere satisfactory with any combination of operating systems, including Windows and Linux together, but first you're likely to deal with at least some broken things and some time manually changing bootloader settings. This is also why I tend to have different operating systems on different physical disks when the machine supports that and also why I have a machine that runs lots of VMs on one bare metal OS so I can easily test out a new one without rolling the dice again.

Re: "Musk’s changes at X are aimed at making money"

It doesn't, because the debt has to be payed back over years, not right now. If it was all due tomorrow, that would be bankrupt. The hope would be that it can be returned to profitability before the required payments exceed the resources available to pay them. I don't think that's likely, but there's always the option of more money being found from somewhere to pay that bill or the more likely attempt to ignore the bill and the years-long litigation to resolve that process. Somehow, when you're very rich, you can get away with not paying bills longer than when you're not.

I don't have accounts on these services, nor have I ever. However, I think there's a group of people who want to make these things sound more different from forums and newsgroups than they really are. Another uncomfortable truth is that these forums, while structured differently than more general social media, are similar in many ways. The same is true of Usenet and many other places where people who don't otherwise know each other post their thoughts for others to read.

Our little community might get to write more words in our thoughts, or at least we don't have to split them into annoying little chunks like Twitter require. We might limit our discussions to the topics El Reg creates, although there is that user topics area where I never go, so maybe that's not really true either. Still, we post our thoughts for our fellows to read, they reply to us, and we even have our upvotes and downvotes instead of likes and...I'm sure there's a dislike counter on some of them. We even have the same problems that social media has; these forums are not immune to annoying conspiracy theorists and trolls, nor even our own malfunctioning Markov chain bot. If you ask why someone likes social media, the answer is the same reason you're posting here. They just have an interest in a wider community and don't mind the many costs involved.

Re: So how did we find him?

Depending on the severity, that could just make it even harder to find people who want to do that kind of work in the first place. Government already frequently underpays its staff and puts restrictions on them that a different career option might get. That applies to all governments, but there have been several articles here specifically about the U.S. government failing to find the administrators and programmers that they want. Add in a "oh, and if you work on anything important you will have no privacy for the rest of your life" and that will probably not help their case. Especially with techs, you have to have some reason why they would choose a job in government over one somewhere else, and if you keep adding restrictions, the only answers that will be left are the applicant who accepts is a ridiculously patriotic person who will take any punishment for their beloved country, the applicant can't get a job anywhere else and now that the government can't find anyone qualified, they'll have to deal with them, or the applicant is a spy who is willing to take that job because it's the only way to get information.

I wouldn't work for a company that wanted the power to surveil me outside of work hours, or for that matter even during work hours if they went far enough. There's no chance I would agree to a lifetime of surveillance, even if I quit. If others are like me, maybe they'd have to do as at least one American military person suggested and start conscripting people with technical skills. I'm sure that will be popular.

Re: Are you sure

The other side of this is that the prompt absolutely must, no exceptions, contain enough data to know what it's asking you about. Not just trusting that you can scroll up to see the command that launched it, not assuming that the user knows which script they clicked on, the prompt must print that again. If it's really dangerous, maybe make the user type it again to be careful, but that part is at least optional.

Re: cd /tmp && rm -rf *

The other useful parameter is -i, when you need to do something more complex and you're not entirely sure if it will be safe. For example, when I was trying to clear out temp files, but no other files, from a nested directory. I was very careful to specify "rm -i */*/*.tmp". Anything with that many asterisks seemed a bit too dangerous to do without at least seeing some of what would get wiped.

Re: Meta Ferenghi a'coming!

No problem. I understand your concern, and you can deal with it. Simply don't install third-party applications. I have Android devices, and the only third-party app I'll install on them is FDroid (I consider the apps I get through FDroid to be included). There are many others, but since I don't trust that they're reliable, I don't install them. You can make that choice, and I advise you to do so if you're not sure what you're installing. It doesn't mean that I shouldn't be able to install something, though.

Re: It's not whether the App Store is good or bad...

In fact, some of their blocks are to help their revenue, including one of your own examples. They have, repeatedly, refused to allow in apps or even retroactively removed them when they competed with functionality they added to iOS. This isn't a one-time thing. Back when they first released Siri, they removed a few other voice assistants, even though the limitations of iOS meant that nobody was really going to use those anyway. They did the same thing eight years later when they released a tool to report on how often you or your children used the device and decided that others who had written apps to do that when Apple couldn't do it for you would now be banned. Now you may ask how that really did anything for Apple's revenue. The screen time example, although it's not a simple substitution, they were still indicating to developers not to compete with services Apple chose to make, which could prevent developers from trying things that compete with the services from which Apple really does collect revenue. The Siri example is much more straightforward: without the latest iPhone, you couldn't use Siri. By banning other voice assistants, they managed to tell everyone who wanted one that they'd have to buy new hardware.

The example of non-WebKit browsers is much more straightforward, even though you've mentioned it to the contrary. This is true for two reasons. If someone released a more powerful browser that could run web applications that are more complex than the ones Apple allows WebKit to run, that could allow a company to release their app to run in that, bypassing Apple's revenue collection. I'm sure many games would be happy to do so. That's a lot of money that Apple wouldn't get, but restricting the engine to WebKit will prevent a lot of those from running. The other side is that it makes competing web browsers less useful to the average user, meaning more of them will stick with Safari. Apple gets a large payment from Google every year to have Google as the default search engine in Safari. If people were using a different browser, that would be less valuable to Google and Apple would receive less money next year. They evidently decided that banning browsers completely wouldn't work, but they took steps to restrict their usage, such as restricting what they can do and filing any app with unrestricted browsing capability as an adult app that a child's account* could not install. I know at least one app that removed the in-app browser, essentially just calling WebKit, so that it could still be purchased for use in education.

* That is assuming that the child put in their real birth date when asked. When I was a child, I learned to put in a fake date to prevent tracking and that, if I was doing that, I might as well be an adult.

Re: Those who refuse to learn from webcomics...

Oh, it's much easier than that. If I tell the AI I want to be rich, it will create a dubious business model, convince Mr. Son to believe strongly in it, and he gives me free billions. It's worked for others before, and he's proven both that he isn't smart enough to tell the difference and that he hasn't been deposed yet. Until he runs out of money, anyone who gets to him can be rich. Of course, this requires me to be able to take a billion dollars and not lose it, but that doesn't sound too hard when I can send the original idea bankrupt as soon as the AI sends the cash to me.

Re: In Other News ...

You can live as if there is no law. Nothing different will happen to you if you're right or not. Here are the options.

You act like there is no law, there is, you do things we don't like: Someone will restrain you, put you in prison, or take your money.

You act like there is no law, there is, you don't do things we don't like: You live life as normal.

You act like there is no law, there really is no law, you do things we don't like: Someone gets angry at you for doing those things, and comes to attack you. That person takes your stuff or causes you physical harm, up to and including death.

You act like there is no law, there really is no law, you don't do things we don't like: Probably nothing bad happens to you, unless someone decides that you're an easy person to take things from.

In either case, acting in a way that's detrimental to the rest of us will earn consequences. The benefit of law is that those consequences tend to be trial and punishment if the trial doesn't go in your favor, whereas the consequences if nobody does that tend to be more intense. This is true for two reasons. First, with law, people have at least some reason to believe that things we've agreed are crimes will be punished, so we're content to allow that to happen rather than trying to take revenge on those who wronged us. In addition, someone who is still tempted to take revenge on you is less likely to do it because that revenge is also considered a crime and they don't want to be punished. You can ignore it all you like, as the consequences you feel won't be worse for having a legal system involved. I'm not planning to join you.

Re: In Other News ...

True, but I meant that the model they used (and yes, it was a primitive LMM at the time) had plenty of information that works with a "I want to kill the queen" prompt without contradicting it. They didn't have any guards on it to prevent it doing that. Something designed for fantasy contexts is even more likely to output text that is unsuitable for reality, which is why it could be more dangerous than a general chatbot, although I have no reason to believe that a modern chatbot would attempt to talk him out of it consistently.

Re: Convicted of Treason

If I may take a tangent, I like the weird phrasing that Victorian English added to things, often without any real need. For example, the charge of "attempting to injure or alarm the Sovereign". I can't stop thinking about someone waking up the monarch from being tried as, technically, they were acting as an alarm, or even someone telling them disquieting information. I do wonder what was going through the mind of the person who inserted those two words into the sentence. From a quick check, I don't see evidence that "alarm" meant anything else at the time, or at least not anything specific enough to be a legal offense.

Re: In Other News ...

Possibly it wasn't really trained to do anything in particular, just print out some text that makes sense in context. This is especially true since the article suggests it was advertised as an entertainment tool. A discussion about killing a queen could easily apply in a fantasy context where the queen is evil, and the bot probably has plenty of that kind of text in the training data. All it has to do is print out something that seems to respond to the previous statement. As I recall, this is the same model that, when tested, frequently printed gibberish.

Re: In Other News ...

If a religious person told you to commit a crime, being clergy probably won't be sufficient to prevent them being prosecuted, always assuming that it can be proven that they actually did recommend it, not that the perpetrator mangled something in order to justify actions they already wanted. If an actual deity was blamed, you are more than welcome to search out that deity, demand proof of incitement, and charge it in court. Should you succeed in finding the deity, I think the rest of the steps will probably be somewhat painful.

Re: The big question is...

My guess: both. I have seen some Android devices made for industrial purchases. They're not loaded with bloatware and locked down so they can't breath. They run a clean AOSP with a couple additions from the manufacturer which actually do something, and you can root them if you want and safely remove the extras the manufacturer added. And also, they get no updates of any kind. If you want to install this month's security patch, you should have all the access you need to install it once you've built the image from scratch because Android doesn't include the software to do this and the manufacturer can't be bothered. So I'm guessing this will look something like that, since the article suggests that most of these are intended as kiosks, not office computers.

I think you're being a bit extreme with all of those comparisons. While Windows NT has some roots in VMS and Mac OS some roots in BSD, including all its roots, you can't call either one of those a clone. Nor was it really fair for someone to call Linux a clone of Unix, but that was much more stated as a goal when Linux was created. For example, while NT borrowed some concepts that originally debuted in VMS, it didn't share code, it didn't get designed for compatibility with code written specifically for VMS, it didn't even get the same commands or calls. That's not a clone. Mac OS was a clone of NextStep at one layer, but otherwise its implementation had a lot of modification and NextStep wasn't really a clone of anything even though it had some Unix-like features. I'd say that most desktop OSes only go back to the 1990s, as the code written then was generally from the ground up.

Re: Confused

Structure the sentence to show where the clauses are:

Miku, you see, was acquired by Innovative Health Monitoring LLC last month. The new owner has wasted no time hitting customers (who are used to getting the service for free) with a subscription. The device will still work as a camera if you use it on the local network, but anything else is now behind a paywall.

Does this clear it up? Try removing the words in parentheses. Also, while I don't have one of these, other comments suggest that the other features were more than just access to video remotely. I don't know whether those monitoring functions were of use to anybody, but they were there and now cost extra.

Re: Someone else's computer

I don't think that would help. If I offered a service and wanted to collect 20p per month, I could ask people to pay £2.40 per year or even two or three years at once. People probably wouldn't mind. The reason that this isn't done is that subscriptions tend to cost quite a lot more than that. They're not asking for £6 per month because fees, but because that's £5.80 more than the other one and money is nice. I admit that fees are a problem for particularly small transactions, but most of those are not the size that subscription-sellers want to charge.

Re: Someone else's computer

"So, you're saying there's a whole bunch of people that believe that for one low price they can have something that requires outside services for free, forever?"

Some of the people who bought it may not understand that. Ask a person with no technical background how a video camera could stream information to their phone. I'm guessing you'll get an answer like "it's on the internet, my phone's on the internet, all they have to do is find each other and start sending data". We know that this is really true, but not what those cameras are likely to do because using a central server which connects the two together is easier for the users, but not every customer understands why that has ongoing costs, even though the costs for that are incredibly low. Similarly, the box says that this camera can analyze the audio and video to monitor certain activities, but how does the average customer know that it's doing that by sending the video to a server which runs that software? How can we know that ourselves without analyzing the traffic coming from it or reading the report of someone who has, since although it's more likely to happen that way, nothing prevents the manufacturer from including a more powerful SoC and running the analysis software locally?

People buy a product with the assumption that it can do what the box says it can. They're not trying to work out the implementation details, because if they were doing that, they could build one of the Raspberry Pi-based alternatives that multiple people have described. If it needs an ongoing payment, they expect the box to say that, the way that legitimate products that require one do (it's not rare to see "Requires subscription, free for the first year, £4.99 per month afterward"). This is really not the same as lifetime deals for internet, not that I've ever seen such a thing, since the requirement for ongoing services is not specified anywhere.

Re: Someone else's computer

At some point, we put extra restrictions on people who choose to sell their products to the market. We don't let just anyone build and sell electrical hardware, for example. There are some safety tests they have to pass beforehand and there is consumer protection law that applies after they've sold it. If we removed both requirements, we'd certainly get more and cheaper equipment, and some of it would be just fine. However, some of it would catch fire or otherwise harm the customers, and we've decided that regulation is needed.

A hobbyist making a product should still make a good product. I don't expect a regulator to check them for quality every time, but providing some indication that they're not scamming customers with what's effectively an early obsolescence plan is justified. I'd prefer if we could respond only after they do so, assessing a penalty on those companies that fail a reasonable test of product lifespan, but if that isn't feasible, then taking preventative measures might be justified. If I want to form a company to make and sell something, I already have various standards I have to follow. As long as those are limited to something that provides a real benefit to the public and enforced equally on all participants, it's something society decides.

Re: Someone else's computer

You can still do an in-app purchase for an update or, as at least two apps I've used did, simply stop updating [app] and releasing [app]Pro. In one of those cases, they gave existing users of [app] a discount on the purchase of [app]Pro. Those models are available, and people will sometimes buy updates that way. Of course, it won't be as popular as releasing updates for free. One of the reasons I prefer that is that I've had software which includes, as the update for which I'll now be paying again, a bug fix for something they screwed up in the first place, which never helps my confidence. Still, don't pretend like the option isn't there. Not everyone will take it and you will have to decide how you'll handle users who decided not to update.

Re: My only question is WHY?

"I agree it is rather silly to warn us a nuclear strike, it isn't like there is time to get away or if the attack is big enough that there would be anywhere to get away to. But this was an idea from the "duck and cover" days!"

It's not that silly. If a nuclear weapon detonates close to you, nothing you can do will save you from it. However, even in a large nuclear war, there are lots of places where nuclear weapons are not going to be targeted, leaving people to deal with the consequences of weapons that went off far enough away that they aren't vaporized but close enough that they still have immediate problems from it. Those people can, in fact, get into a sheltered location where it is less likely that they will suffer the most dangerous effects the weapon has at the outer range of its effectiveness. Once they're there, they can also be alerted to stay inside for a while to let the initial levels of radiation decay. If they're unlucky and most of them would be, they're probably still going to take more radiation than we'd prefer when they leave, but if they went out immediately, they'd take an order of magnitude more. That's a lot of people who could theoretically be much better off if they have a few minutes of warning. Of course, it relies on people having somewhere to go when the warning sounds and being in the right frame of mind to go there rather than scream or try to go outside to find someone else, but that's on the citizens.

Re: My only question is WHY?

When they tested nukes, they were kind of hoping for that, which is why they did it in the desert or islands that weren't quite far enough away from islands on which other people were living. If someone fired nukes, they would be hoping for the opposite and would design for that, which is where an alert would have a greater benefit.

Re: My only question is WHY?

The only logical thing is a nuclear strike, where an announcement as soon as the attack is predicted, which is still a matter of minutes, would allow some people to get to a safer location. Of course, a lot of those would not actually go there and would start panicking, but that's theoretically a benefit. However, this national test isn't that different from testing in multiple regions one after another. A smaller region getting a local emergency report covers more situations, and if they're testing it, they could just do it all at once.

We were considering using this alert to trigger the secret mind control chips we installed, but we decided not to because they've been acting up. Some of the chips appear to have caused some glitches and made people start saying that they got them in vaccinations, but in reality we already implanted them years before and we've just been waiting until the communication systems were good enough to fully make use of them. At least the screaming about vaccines cleverly hides where the chips really came from, but it's still not great if our mind control conspiracy results in lunatics instead of pliable slaves. Also, we decided to broadcast an activation signal with the firmware update that fixes this in a way that doesn't cause phones to start shrieking. I don't know who decided that people should get a warning when the control starts up, but give us some credit, we shut that idea down fast. We're competent evil overlords, after all.

To any sarcasm-deficient readers, this was all completely true; I really do have mind control chips in everybody, vaccinated or not. Don't make me use it. Insert evil laughter here.

To any non-sarcasm-deficient readers, let's all do this. It gets boring having to state the obvious.

Re: "or offsite [...]outside work hours.

And what kind of misuse justifies what level of surveillance? This isn't about things like device management which can prevent you installing software that hasn't been approved. In many cases, it's not even more invasive software that's still designed for technical protection. Usually, we're talking about software that's supposed to check whether you're doing your job or not, but since it isn't smart enough to know that (your manager is, funnily enough), it uses various unreliable proxies like whether it thinks you're typing enough at the right times. What is the misuse you think needs protection, and how extreme can a surveillance measure get before you have a problem with it?

"Do you think they could fit a JIT into 264kB of RAM?"

No, but that wasn't their point. They weren't trying to say that it could have been done better but wasn't. They were saying that, even though some runtimes have been made super fast by spending a lot of money, it won't do users of this one any good because the result of that spending is not available to them.

By the way, while a JIT and then an interpreter for the remainder probably can't be usefully fit into that memory, you could precompile things to a lighter version, which would probably help over a straight source interpreter.

Re: Hmm.

From your description, I expect that some of them will try. My guess is that they'll get one of the boards which take an RP2040 and more flash chips so they have some more space to put files and then start experimenting with how much they can import. I believe this from a simple thing: your article says they've gotten Node and NPM on it, and someone will try to use it. You can hardly write anything in NPM without pulling in a useful library which provides some function you don't want to write, does it well, and comes with thirty seven dependencies that nobody is clear what they're for and why they're there. So yes, I do expect that people will try to run that on that system and that they'll either run out of RAM or end up choking it by repeatedly loading and unloading parts of an unnecessarily large dependency tree.

You can write something small in JS, and some users will. I just don't imagine that it will stay that way for everyone, just the people who make a functional result when they're done.

For the moment, it sounds like they're limiting this to app stores that can install the VPN on mobile devices, not the network connection to endpoints altogether. I wouldn't expect that to make a dent, but I built my own, and probably most average Russians trying to avoid the censorship won't be doing that.

However, if they do decide to block connections, they may have more ability to do so than China. China wants business to happen, so they allow VPN traffic from ones they think are corporate and only go after ones that appear to be public with moderate success. Russia has cut itself off more than China has and may well decide that, since we in the west have mostly stopped employing Russian residents anyway, they might as well have all Russians work for Russian companies which can have VPN endpoints located inside Russia. It won't help their economy, but nearly nothing they've done in the past year and a half has and that hasn't stopped Putin any of those times.