Posts by doublelayer

Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

Yes, that's exactly what they think. Not that it would help them very much; if by some miracle they made the law agree with them, anyone with software that had different license levels would produce licensing libraries which had to be installed with the license for the new feature to work. I'm sure they'd find a reason why not paying for that license was justified as well.

Comparing this to the right to repair movement is silly. As a strong supporter of that, I want to indicate that my right to the stuff I bought does not mean, in my mind or those of many others, a right to that which I have not bought. The last thing I want to do is hand the hardware manufacturers another argument to use while locking me out of my hardware.

Re: Drat - I will need a new 'phone

Depending on what you do with it, you can get that with modern hardware. They have simple 4G phones which last a while on battery because you're not doing much with them. That is not guaranteed if you turn on the hotspot or insist on having them run apps, which most of them can do but not very well, but if you use them like an old feature phone, it will have battery life like one. If you can manage to use a smartphone like that, you'll generally get even better battery life since the batteries are so much larger. I've tested this with a phone that remains unused except to make calls on occasion, and the battery lasts more than a week easily, and five days with the hotspot function turned on all the way through.

Re: On the one hand

I don't use or care about Unity in any case. If they're truthful about the threat's severity and needing to call in the police, then it is never justified to make such a threat. I must admit that, having read this article and no other ones, I did start to wonder if they had some other reason to close the offices. The only thing that suggests otherwise to me is that they say they called in the police. Had they not, I would have expected that they expected some protests and made up a fake threat to either prevent them showing up on camera or pretend that those complaining were more dangerous. Please understand that I'm not saying this happened, and with the statements they've made, I think the chances are lower. However, I get a bit suspicious when a company does something stupid and then finds some other problem they won't give details about.

Re: On false equivalences

The distinction is not as important as you claim. Of course they contain some parts of Unity, because that's how a system like that has to work. They do not contain the part that developers were buying. I cannot get a game built on Unity and use that to make my own, nor is the Unity runtime included in one useful to me in any way other than running the game that included it.

My comparison would be to a compiler. If I buy a commercial compiler and make a binary from code I wrote, there will be some stuff from the compiler in the binary. It will have some of its own runtime functions. It will almost certainly have optimization routines that are now copied into my binary since that's probably why I bought one instead of using Clang. That is also the entire point of the compiler; if it didn't do that, it would be worthless. Unity without the runtime is also worthless.

The comparison between compilers and hammers isn't that ridiculous either. In both cases, they're tools that you use to make something else which function in one easily understood way. Unity exists to build programs that run with its runtime and nothing else. Since there is no other way to use it, then that is the expected method of using the tool. Hammers and Unity are more similar than you're claiming.

I've heard that argument before, and there might be something to it if you strip off the first four layers, but that shouldn't absolve anyone of anything. Many device makers don't release updates even when no kernel changes are needed. I'm talking about things as basic as the monthly security updates and they don't bother releasing them on time if at all. You can't usually blame any SoC company for that. The same is true of new OS versions, which when they do eventually arrive a year late (most devices excepted) will be using the same kernel you originally had, probably with a higher patch version but they're not jumping from one LTS kernel to the next even if it's out. Only then can you start to blame the SoC vendor, except the manufacturer is responsible for choosing that vendor and could have picked a chip where support would be longer or where they could do the work. Lineage OS and similar custom ROMs manage, with no contracts for proprietary information, no access to internal code, no debug devices, and no funding, to get modern Android versions to run on lots of old devices. Manufacturers which have all of the above can do it to, and when they fail to do so it's not because some SoC vendor just won't be nice and give them support, but because they don't feel like it. The same way that Google could push the latest Chrome OS image to every X86 Chromebook in existence, and with a little effort could have made ARM ones the same way, but won't do that so the manufacturers can keep selling new ones.

The problem with that is that most devices don't support it at all, and a number of others don't support it completely. Of course I would prefer to use that to extend the lives of devices, but the only way you can have a chance of that is to get lucky or buy a device that already supports it. From the devices page, you've got a good chance if it's a Fairphone or a Pixel, but otherwise you're going to have to rely on luck.

I recently helped a charity with some mobile device management. Their phones consist of low-end Samsung and Motorola devices, nearly all with MediaTek SoCs. The hardware is fine, but the software support is not going to last for long. Not a single one supports Lineage OS. I don't think I can convince them to only buy Fairphone in the future by paying at least four times the price, but even if I could, it's not going to help with all the hardware they have now.

Re: ChromeBook - Peak VFM!

And what version of Chrome OS is it running? How many unaddressed CVEs are in that? If you didn't make up this story, I think you'll be surprised with the answers to that, since 2013 devices had a three-year software support life. Maybe now you'll see why we object to it: the hardware is fine, but they've artificially left you with security vulnerabilities even after they've fixed them for other people.

Re: "at the end of their usefulness"

Yes, it does still start at product launch, and the warehouse time is likely to be much worse than nine months. The reason is that most manufacturers, at least the last time I checked, were using "product launch" to mean "we made a prototype somewhere but haven't offered any for sale yet" and that retailers think that Chromebooks don't really go bad so they're often selling ones that are three years old (from actual product launch) as new. I still think that any death dates should be marked prominently on product packaging. Maybe then Google will make Chrome OS stop working when the hardware can't handle it.

Re: At Google, 10 > 13

I discussed this in a different topic. I think they were being sneaky with that "automatic". It suggests to people who haven't read about it that, after that time, updates are manual instead of automatic. What it actually means is "We'll automatically stop your computer getting any more updates, no matter how much you might want them and be willing to do something about it".

Re: At Google, 10 > 13

They're also doing some fun phrasing to get there. Technically, Ubuntu LTS versions offer five years of support. However, if you are running Ubuntu 20.04, you can upgrade it to 22.04 on basically everything, so you get unlimited support as long as your hardware has drivers and kernel support and you're willing to run a manual update every few years. Chrome OS doesn't have that. They're not aiming to provide much support, but to be fair to them, I didn't expect they'd do anything like this and I don't see a sneaky exception in their statement, so I have to acknowledge that they have made a substantial improvement.

Re: "... where the government can basically determine what you look at, what you're spending ..."

It's not always that easy. Of course, the obvious answer is that there is still cash and you can use it to buy many things, so they can't see that. Even with credit cards, they don't automatically see everything you've bought. They just see where you spent money. They can know how much money you gave to a store without having a list of products you bought there. Of course, they can go to the store and ask for records of the specific items and the store probably has that data, but it's not linked together in a database they can query on a whim.

A digital currency may end up working similarly, but the extra fluidity might mean that tracking subsequent transactions is easier. For example, if I pay £55.04 to Amazon for two items, they will hold onto that for a bit to make sure the funds are coming, then split out their fees and transfer the amounts to the sellers of the items I bought along with everyone else's payments. Without asking Amazon, it's hard to tell which items those were. With a digital currency, they might not need to hold the money for a while, meaning they wouldn't have any reason to amalgamate transactions into one payment, so the timing and value of the transaction to the seller would be more easily tracked. No guarantees that it would work that way, but it is certainly possible.

Re: @jmch

That kind of demonetization does allow a government to destroy some money, but at a high cost. The only way India got away with it is by having an authoritarian government willing to take unpopular steps because they had plans for not losing the next election such as shutting off the internet when people expressed anger about that or anything else. They also had a lot of people suffering in order to target the criminals they were trying to, and may have failed to hurt those criminals as much as they planned. While any government can do it, it's unlikely to use such a blunt tool because they're going to make a lot of people angry and may not even get what they wanted.

A theoretical digital currency could give them more targeted power, allowing them to cancel your money while leaving mine alone, or allowing them to target some of your money while leaving the rest of it. This power is dangerous. That's what the politicians quoted in the article were asking about (among other dangerous things), looking for assurance that the British digital currency wouldn't have them. I don't trust this high-level view of it to be clear on what powers exist or will exist, and so I'd recommend that we not have one unless a more rigorous review ensures those capabilities are absent.

No, they've existed for a long time and, while they can often be annoying, they don't impinge on your rights the way that data collection does. We don't get to decide something's evil just because we don't like it. If we get a physical newspaper and someone's paid for their text to appear somewhere on it, that doesn't give that advertiser any power over us, as we're perfectly able to ignore that box and read only the parts we care about. The same is true when advertising appears in other media.

Where that begins to restrict us is when those ads can take actions such as running malware on our systems or when it is used to collect our data. That is something that previous advertisements cannot do and where they're beginning to take from the reader. Passive advertising is not the same, and we should focus on the parts that do us the most harm when we fight against it.

Re: Sure, it's possible, but why would you want it?

We already have that, it's called entering symptoms into Google and reading every page that turns up. The pain you experienced could be a cardiac problem or indigestion, but if you read far enough, something nonspecific with no scans to go on could be almost anything else. You let an LLM pick from those and you'll get diagnoses like broken ribs plus radiation poisoning. People who act on that will find their problems are worse than if they consulted a doctor who actually knows this stuff, even with the risk that they occasionally misdiagnose. An LLM tells you what is possible and isn't even great at limiting itself to that. That's not a good way to make medical decisions. Otherwise, any time you felt slightly unwell, whether it was eating something that disagreed with you or a bit of overexertion, you can assume you've caught almost every parasitic disease in existence.

Re: "neither will they leak all our most personal data to the cloud"

"The mothership could write an AI that watches for unauthorized sharing and helps you stay secure (while still collecting a fair amount of info that would be useful for its own needs.)"

That clause on the end is really quite off-putting. The AI and the company does not "need" any of my data. Its needs will be the desire to mine my data and sell a package of users to someone else. I use software that doesn't collect any of it for any needs unless that collection is explicitly to do something I asked it to do. At least, I do so whenever possible.

As far as I can tell, the author's recommending effectively the same dream that advertisers like to sell. You know the one: when they're busy ignoring the privacy implications, they explain that seeing ads about things you're really interested in would be helpful to you. To be entirely honest (not entirely hostile which is my first approach when it comes to advertisers), ads for things I'm actually interested in that provide the information I'm looking for would be much more useful than generic ones because adverts on their own are not evil. Advertisers just don't have any ability to actually provide those ads and appear to have little interest in trying any mechanism other than stealing more and more of my personal data. The article seems to suggest that using an LLM on every bit of my data would allow that software to make recommendations that would be useful to me, and in their mind, this would somehow be a free service provided by some creator of AI models for which I don't pay with my data or a large subscription charge.

That part isn't going to be true, but nor are any of the other parts. An LLM that's read all my communications and watched my actions is not going to be able to answer my questions, but a search engine can. The reason for that is that an LLM doesn't have recent information which many of my searches are trying to get, it makes things up when most of the time I need accuracy instead of overconfidence, and that what I want right now is often disconnected from the emails I've received today. We humans are pretty good at typing what we want into a search box. I don't think we'll get any benefit having a program try to guess on that query, no matter how authoritative sounding the produced essay is.

Re: Library Genesis ("LibGen"), Z-Library, Sci-Hub, and Bibliotik

"Bibliotik requires logging in, something I doubt OpenAI is capable of."

Oh, you do? I better go over there right now. They've got millions in cash just sitting around, so maybe they will pay me a great salary as someone who has managed to write a lot of bots that are capable of putting some text into boxes on a login form and keeping a session cookie. I didn't know I was so brilliant that OpenAI couldn't find anyone capable of doing so.

If they went as far as to make the books collection a specific sector of their dataset, not just gathering it in with their web crawl, then they're more than capable of creating an account anywhere they want to gather up training data. The multiple sites that don't require logging in could easily have been included with the crawl. So far, every one of the cited sites could easily be in the training data.

Re: It was only after the implementation began that they revealed that they couldn't.

The problem is that the client isn't very good at knowing their requirements. It's not just defining them properly or not, though that can also be a problem. I've experienced this a number of times when someone made a request to add something to code I manage. They aren't great at specifying what it is they need, but even when I ask them questions, they only supply some of the details I'm going to need before I can make this thing. The reaction to this varies. In some cases, I know enough about what they're doing that I can guess what they need to fill in the blanks and it comes out close enough to what they're thinking that modifications are slight and mostly cosmetic. In other cases, I'm told to do exactly what they said, whether I think it's a good idea or not, which often leads to the system being subpar for most of their needs, in some cases so misaligned that they don't bother using it or they use it in a very different way than it was originally proposed.

Keep in mind that these are, in most cases, stories of people working at the same company I am who have asked for something and who can ask for code changes by sending an email, and it still ends up like this. Governments are in the worse situation of specifying their needs to some other company, not the developers directly. The developers won't be given the option to guess at any ambiguous parts of the system because it would make it harder to prove that the supplier had completed the contract, and it wouldn't help if they had that flexibility because those developers don't understand what local government really needs. Meanwhile, local governments generally don't have the resources to bring in the dev team and let them work alongside all the workers for enough time to gain an understanding of the needs because that would effectively cost as much as putting each of the engineers through training for every job they have. It's no surprise to me that they specify some database and set of forms they think they need and get exactly what they said, but find that what they said has gaps and isn't very flexible when their requirements change. Asking the supplier to write the spec is likely to mean that the supplier has some meetings with a few managers, writes down what they say, and writes a spec with those forms instead. The product will look different, but the quality will be similar.

Re: Pepperidge farm remembers

"RISC-V offers freedom from planned obsolescence."

Why do you think that? RISC-V processors will get faster like any others, and software designed to run on them will do as all software does and grow to fit the resources available. Devices with the first range of RISC-V processors will eventually be too slow to run the latest software, just as ones in other ISAs do. If it's about the ISA in general, they don't really go bad. This is evident from the fact that you can still run RISC OS on a modern ARM chip or DOS on a modern X86 one. The reason those systems don't run flawlessly are due to the many other pieces of hardware they don't support, not the CPUs refusing to support or run them. RISC-V will become obsolete in the same ways and about as fast as other ISAs, and if I had to point to a difference, the main one is the ease of adding proprietary extensions to it, which if it happens too much, means that RISC-V will become obsolete faster as people adopt extensions that weren't in the original system. I'm curious to hear your reasons, because I think this is one of those incorrect assumptions I was talking about.

Re: Pepperidge farm remembers

"If you want a RISC-powered laptop computer"

This, as I see it, is the problem. There are a lot of people with strong opinions about ISAs who appear to have ideological points for their preference which aren't really connected to any benefit. Preferring an ARM computer because of battery life makes some sense, but preferring it because it's RISC does not help. These opinions vary. Some people, for example, are incredibly excited about RISC-V and want it in everything, right now, even though they appear to have no idea why it would be helpful and in some cases are under the false belief that it will mean advantages for open source software which it will not bring. If you want a RISC laptop for its own sake, it might be worth considering why that helps you. If you don't have an answer, you may be wasting your time and resources on something you wouldn't benefit from if you succeeded.

Re: Still lots to do

"But really, given the price point, neither CPU nor GPU performance is the point here."

This doesn't mean the same thing to me that it appears to mean to you. If I said something like that, it means that the price is low, so a weak CPU is acceptable. You later admit that it's a premium price, and some searching indicates that this price is $1099 US, although the UK site seems to suggest that it's £711 at the moment (probably without VAT, it doesn't say and discounted from £1579 so the prices are all over the place). At prices like that, I have various options for more powerful machines, and something else will have to make the deciding factor. From your brief comments, battery life would seem like the best bet for that distinguishing factor.

"There's \WINDOWS\SYSTEM32 with the 64-bit binaries in it, and no way to tell if they're x86 or Arm binaries."

The GUI should contain something to help, but finding out which architecture a binary is is pretty easy if you're willing to run a script. The executables indicate their architecture in the PE header, and if you don't want to parse that yourself you can use a command like file (available on every OS though Windows will need a manual installation) which will do it for you and give you the answer. I would prefer that Microsoft add that to the GUI, although I expect that they'd point out that anyone who knows what that difference entails probably knows enough to do that check.

You forgot the next step: and then the image is frozen and that kernel, and that one only, is the one you need to run this laptop. Somewhere in a forum is a person who claims that mainline 6.23 will run and you only have to follow this twenty-step process involving two anonymous git repos and an existing functional image to swap it in. At the bottom past the steps is a link which goes to a forum post which explains that, if you do that, the screen unavoidably switches off every ten minutes and the USB ports only work at 2.0 speeds, but you can fix the former with a script which keeps the screen working by disabling power management.

Sometimes, I wonder why we bother making and using all the ARM-powered Linux devices. Only a few are at all comparable to what Linux on X64 and X86 is like, and the best of them still tend to have a few problems. No, that hasn't stopped me having quite a few of them myself, but my primary machines still have Intel or AMD processors in them.

Re: Sneaky

I generally find that if sites don't like Firefox because they want something Chrome-like, then they are mostly fine with Firefox showing a Chrome user agent. This is usually when I stop using that site. The only exceptions that come to mind are things that use the hardware access APIs that Google decided should be in there, and I don't like them anyway (no, I don't think it's cool to program a development board through the browser when I can flash my own image over serial, thanks). There must be others, but fortunately I've not had to see them too much.

Re: Why would a Washing Machine require my Date of Birth ...

Or you do what my parents did and teach the children how to use the washing machine. Operation really isn't that hard. You would have to work hard to break it, and knowing the steps to properly use it (maybe three of them) means there's very little chance of error. If it manages to break, it is either mechanical failure or intentional, and the latter is very unlikely.

Re: please forgive my lack of knowledge...

That's why we have encryption on as many communication methods as possible. The smart devices probably aren't breaking your encryption, and many of them simply aren't powerful enough to be useful at doing it, but if they did, they could intercept your packets between your WiFi devices and the access point. However, if you're using an encrypted connection at a higher layer, for example HTTPS to communicate with a website or a communication platform with encryption, then just obtaining those packets from your WiFi will only leak a small amount of information. They might be able to tell that you're doing something with your medical provider's server, but not what specifically you or they are saying. Nothing prevents them from turning those devices into spies, but most likely, they'd need some much more powerful servers at the other end to do the heavy lifting because most IoT devices have some pretty weak processors in them. That's expensive and most users' communications are not valuable enough to go to that effort, especially because that's a few crimes wrapped up in one and most companies choose not to commit crimes that are that blatant, preferring a more oblivious crime that they can argue is so minor that nobody should care.

Re: Why would a Washing Machine require my Date of Birth ...

And also that most of the people who aren't old enough to sign a contract already understand that the sites aren't checking the birthday, so 29 August 1978 is a perfectly acceptable input whether that's your real birthday or not. For that matter, a lot of us who are old enough also know and do that because what do these people want our actual birthday for. I write it down somewhere in case someone requires it for authentication, which they shouldn't. So far, it hasn't proven necessary.

Re: Musk's Master Plan

I assumed the even split to be half assuming sarcasm, half assuming it was real, and not really anyone wanting to upvote that sentiment if it was real. Things are not that dire here. Unfortunately, there are other places that would function that way. Still, I think the votes indicate that the sarcasm was not clear enough, not that we have people who believe all that crap together (I don't want to speculate or think too much about how many people believe some component of it).

Re: They can both go away.

Independent of the rest of this discussion, I'd like to argue against a misuse of that law that seems incredibly common. Read that statement again. It says that it gets more likely for Nazism to be mentioned during a discussion. Nowhere in the text does it say that, when it is mentioned, it should not have been or the person who mentioned it is wrong. You could make the point about almost anything else that becomes more likely to be mentioned if we keep talking about some topic, because people will make connections to stuff they're familiar with. The person who first mentions Nazis may be wrong, but that is by no means guaranteed and wasn't even suggested by the original creator of the principle. I find it a bit weird when people start quoting the law as if it argues for the correctness of their point, as it does not in general or for you specifically.

Re: Why the confused headline and opening paragraph

Yes, they would be happy to do so, and most of them would be honest. However, it would also be quite possible for them to take a lot more money than you planned to give them, something that the system won't do on their behalf. Someone who wanted to make sure that they were paying the amount they expected to pay might be more comfortable using the computer themselves.

Take as a parallel voting where paper ballots are used. There are some locations that have machines such that someone who can either not read or write on the ballot due to a disability can have a machine do that with effectively a big scanner and I imagine an automated pencil but it's probably a lot more like a printer. I imagine that voters may feel more certain that that machine has marked their ballot as they instructed rather than if they got some other person and asked them to please mark my vote for candidate A even if you (the assistant) hate candidate A, even though the majority of people willing to help out would not do anything that dishonest.