Posts by doublelayer

If you do that, then users now have to remember their username. Either they get to set it themselves, in which case they'll pick one reasonably unique one and use it everywhere, or they all get assigned one by the service that makes no sense and they don't bother to remember it. In the latter case, you will have to include mechanisms to recover usernames which are not supposed to be secret information in the first place. You might as well just issue the user a password you generate if you're willing to go to that extent. On the bright side, it makes password stuffing difficult.

Or, and this might be wrong but it's possible, the printer is too complicated?

I hate office printers and try to have as little to do with them as I can. This is especially true when the IT people have tried to set up something to make them easier to use, but it doesn't work. I've had the experience of trying to get a printer to recognize my credentials and print my document and it seems very unwilling to do so. I've had the experience of calling in my colleagues, also programmers, and none of us can. Maybe that's because the printer's broken, though it doesn't say so, but maybe we're all too stupid to understand the obvious method IT had in mind for how to turn this on. I start wondering whether I'm supposed to be pressing more buttons or if the server that's controlling print jobs is not working. Sometimes it eventually works. Sometimes it doesn't.

Most of the time, I'm using the office printer because I don't print much at all and I figure they can spare a sheet, so I don't build up the experience to know exactly what you have to do.

If you have a complex printer system, for example one with multiple printers you can send your print job to, some rule about where the printer you need to use will be which don't include some printers, and several steps when you physically get to a printer, and you write none of it down, don't act surprised when some infrequent users find this less than intuitive. Someone can get confused by that, and it's the configuration, not the printer, that caused the problem.

Re: cleaning alcohol

"What is it that makes a man(or woman) become a beancounter? and what sort of courses do they take there? something that removes all emotions and empathy leaving a heart unbrideled by a conscience"

You know some people think similar things about us? Both accountants and techs tend to focus on one area with a lot of complicated and important details which the other people don't understand or care about.

Me: "I don't know of many universities where you can take a purely theoretical curriculum"

Reply: "Oxbridge"

Well, I didn't go there, so let's see what they have. Taking into account the criteria written in my comment, let's take a look at Oxford's computer science course description:

This course in Computer Science aims to produce graduates thoroughly conversant with the principles of modern computing science, who are able to apply those principles in the design and construction of reliable systems. The course at Oxford concentrates on bridging theory and practice, including a wide variety of hardware and software technologies and their applications.

[...]

Practical skills must also be developed, and the majority of subjects within the course are linked with practical work which contributes marks towards the final examination.

[...]

In the second year, Computer Science students are required to take:

- the core courses in Algorithms & Data Structures, Compilers, Concurrent Programming and Models of Computation;

They have many optional courses that offer practical skills. You are not getting through this degree without learning some practical skills in programming.

Let's check Cambridge, just to be complete:

Practical work is undertaken and assessed in all years of the degree programme.

[...]

You take four papers, including three compulsory Computer Science papers - covering topics such as foundations of computer science (taught in OCaml), Java and object-oriented programming, operating systems, digital electronics, graphics, and interaction design - and the Mathematics paper from Part IA of Natural Sciences.

[...]

You take four papers, spanning core topics:

▪ theory – including logic and proof, computation theory

▪ systems – including computer architecture, computer networking

▪ programming – including compiler construction, programming in C/C++

▪ human aspects – including Human Interaction design, Artificial Intelligence

You also undertake a group project which reflects current industrial practice.

[...]

I don't agree, possibly because my experience about what computer science degrees, at least the first degrees before postgraduate, intend to teach. In my experience, they do teach a lot of practical programming skills. It's not a full set of skills needed to be a good programmer in industry, but it's enough skills to be good at learning what you need when you are in that position. That's not the only thing they teach; there's plenty of theory involved as well, but they do teach practical skills and people do take them to learn those. If they are going to do it that way, I think secure design is important enough that it should be part of the requirements, not a separate choice to be trained later. This might be related to what I describe in a comment below that I've rarely seen computer science split into programming and a more theoretical version, so I assume that most other departments work the same.

The reason that I think secure design is required is that it's not really a design methodology. It's not an option to be picked from a set of choices, but a mindset you gain from knowing what can happen and what you should do to minimize the risks. You can design securely along with any other structure you plan to use, and the concepts involved apply equally well whether you're writing a videogame or low-level industrial control software. In either case, it consists of basic lessons like knowing how to look for vulnerabilities, knowing what likely ones are, and learning how to either prevent them from existing or block someone from trying to use them. It's true that it's very easy for people to design without paying attention to these, and there are cases where this can be somewhat excused if I grit my teeth and admit it, but those exceptions are a very small section of software produced and the consequences of ignoring it in all the other areas can be extremely bad. We could fix this with more security courses, or with more attention to it in normal programming courses, and the latter might actually be more efficient, but I do think we should fix it in the education step as well as the corporate one.

I agree that specific product configurations shouldn't be in there, but should be in the IT security course, but there's a lot more to secure coding than the ways the language itself can have vulnerabilities. There is also secure design, which needs to be taught somewhere. Not just memory safety, but that you need to encrypt some data, hash other data, and be certain about the security of wherever you've stored it. They need to know how an attacker works so they can add the basic security precautions to their code. They need to know about information leakage so they can prevent having that vulnerability. Many of these things aren't about the tools they're using, but how they write their code.

I was taught all this stuff. Some of it was in security courses which were not mandatory, but at least some of it was included by professors who wanted to do this well. Still, those designing courses would do well to ensure it is there.

I can't really agree there. There are lots of certifications for safety-critical software, as there should be, but there's a difference between licensing people to build something, licensing their product, and licensing everyone who does anything at all similar to it. Licensing the product is what they should be aiming for, and a certification of the people building that product can be a way of making it more likely that the product itself will be acceptable during that process. Trying to require licensing standards for all of programming is likely to end with a bad certification test which is difficult to pass and nonetheless doesn't tell you much about the capabilities of the student.

This sounds like the "programmers aren't engineers" cliche all over again, a cliche I believe to be flawed. It assumes that all engineers are like civil engineers when this is obviously not the case. The engineers building your consumer electronics don't need to have any more certifications than the programmers writing the code running on those devices or software with a similar level of criticality. They may be held to standards about security for the programmers or not spewing too much radio interference for engineers, but that's checked on the product and, unless it's quite extreme, only when it causes a problem.

I don't mean by this that security shouldn't get more importance in this. I think having security courses is a good idea, if only because I work in security and if I can stop dealing with the basic things people get wrong, that would let me work on more complicated and useful things. We also need to somehow stop people from ignoring all the lessons that get taught in good courses, whether those are about security, maintainability, or efficiency. I just think that adding a certification to this process won't make that happen.

That's not the structure used by most universities. Usually, there is computer science, which teaches both theoretical and practical programming, and there is IT, which is separate. You don't often get to skip the practical parts when taking computer science, even if you do decide to become a theorist, and if you are pursuing that approach, you'll still find that most of your classmates intend to become programmers. Those are generally the two options. Sometimes, there is a split in computer science where some students take a mostly software approach and some others do a combination of electrical engineering and low-level software, but not always.

I don't know of many universities where you can take a purely theoretical curriculum, nor am I convinced that any of them should run such a program.

The legal agreements on that software are not at all ambiguous about you needing a legally purchased Apple computer to be allowed to run it. You may be able to break those agreements with sufficient effort, but it is not what you're supposed to do any more than I'm supposed to break the Windows license check system. So no, it is not free as in beer or in speech.

Try again. First, you know Apple reduced to 15% relatively recently to try to counter accusations of monopoly behavior, right? And you know that Google followed suit very quickly. From 2021:

Google is lowering commissions on all subscription-based businesses on the Google Play Store, the company announced today. Previously, the company had followed Apple’s move by reducing commissions from 30% to 15% on the first $1 million of developer earnings. Now, it will lower the fees specifically for app makers who generate revenue through recurring subscriptions. Instead of charging them 30% in the first year, which lowers to 15% in year two and beyond, Google says developers will only be charged 15% from day one.

The company says 99% of developers will qualify for a service fee of 15% or less, as Google is also further reducing fees for specific vertical apps in the Play Media Experience Program. These will be adjusted to as low as 10%, it says.

Source

Re: Windows is no longer a necessity...

By definition? Definition of what? Software, in order to be scientific, must run on Linux? I don't understand what you're trying to say, but I'm pretty sure whatever it is is wrong.

Re: applications that aren't easily replaceable on Linux or the MAC

However, emulation of X86 Windows is a bit easier on ARM Windows that has all the same calls as X86 Windows, rather than running through Wine which has some gaps. If the emulation continues to exist, a lot of things can be used if X86 dies. Of course, given the performance differences between current X86 and ARM chips, I wouldn't expect X86 to be dying any time soon.

Re: It isn't Microsoft not "allowing" users to run on bare metal

The same reason that people try to run Linux on them: they want to do some Mac OS stuff and some stuff in a different OS, and they don't see why they should need two computers to accomplish it. It works for my laptop which runs Linux, multiple versions thereof, and Windows and I can pick whichever I want at the time.

"They could buy radios from the chinese, but hey what makes you think they actually care ?"

The fact that using personal phones would a) not work, b) introduce several security problems, c) cause chaos for the commanding people and therefore d) slow their ability to invade the place they're trying to invade. They don't have to buy radios because they care about the soldiers. They need to buy radios because, if they don't have them, they can't run their war as well as they want to.

Our differences come down to one central point. You think they are using personal iPhones for battlefield communication as the only option, but I have not seen any evidence indicating this. Just because the Russian military have done some things badly doesn't mean they will do everything badly, and even if they did do everything badly, it doesn't mean they'd necessarily do it badly this way. Your suggestions also don't fit very well with the way they've used military equipment. So far, they have had a lot of equipment, but it hasn't been great because a lot of it is old. At one point, Russia built and stockpiled a lot of stuff, and I don't see many reasons why communications equipment wouldn't have been included. Radios don't get used up like drones do, so if they once had them, they probably still have most of them.

Do you have a source for the Russian military not having any communications equipment? It doesn't seem that plausible since they have a lot of equipment they've been burning through. Radios are not that expensive to make and don't get used up as quickly as weapons. Meanwhile, they keep blowing up infrastructure including electricity and communications systems, so if they were using their own phones, they'd frequently drop out. They can also buy radios from any number of Chinese manufacturers who make radio equipment all the time.

And, even if it were true, Russia could also get a lot of cheap Android phones for their military if they needed them. I'm not seeing facts here, but supposition and wishful thinking. It would be great if Apple could push a button and throw the Russian invasion into chaos, but they can't.

I'm not sure that bricking iPhones would have much effect on the war. Paying the fine will, but most iPhones are in the hands of consumers, not government leaders who have their own phone system, at least purportedly, and could easily switch them out at little cost. There's a good reason for them to refuse to pay the fine. There's not a great one for breaking phones that have already been sold.

Re: Bezos' parents invested nearly $250,000

I have lots of ideas that could be worth trillions if I can develop them well and everyone turns out to love them. Having those ideas does not necessarily mean it's a viable business. This example is one where it worked out, but you act like that was obvious before it started, something the numerous failed attempts would debunk quickly. The comment was not being jealous about their success. You can maybe argue that it was being jealous about access to seed funding, but it could have just pointed out that Amazon had a larger starting fund than most startups could get when it was one person.

Re: Housing

It is certainly an issue, although your example doesn't work very well:

"Imagine being a teen interested in electronics, but not even having space to store cereal away properly."

Electronics isn't too space-intensive as hobbies go. The person who doesn't have extra space will have to pack up their tools, which is a bit more annoying than keeping them ready for use, but they'll still be able to take them out, do some experimentation, and put them away. There are several hobbies that are much harder than electronics to fit into a couple drawers and a box which might have suited your argument better.

Re: You're asking me to quantify Mozilla's market strategy.

I am a trader. I choose which browser to run, paying indirectly by benefiting the organization that makes it. If I use Firefox, I benefit Mozilla by being part of their user base which they monetize in a few different ways. If I use Chrome, I'm benefiting Google by letting them control web standards. If I use Safari, I'm benefiting Apple by having bought one of their products because Safari doesn't run on anything else.

The browser makers are also traders. They provide me a service of value and compete with other browsers to offer useful features. Google provided automatic builtin translation with Google Translate. Firefox provides automatic builtin translation in fewer languages but it runs on my device and doesn't require me to send any data to Google. They are competing.

Re: zero cost

It has all of those things.

"a 'market' implies":

"a forum for trade,": The set of browsers and the set of browser users, and the users pick their browsers.

"a benefit passing between people,": Yes, I get a browser, Mozilla gets another user which contributes to their licensing fees from Google and someone they can advertise Mozilla VPN and other commercial products to, even if I have ignored them when they do.

"a benefit that can then be traded on in other contacts of kind/money.": They can trade the money they got from Google because their user count was X for other things, and I can benefit from my having a browser. I am not required to be able to trade my browser for it to be a market. If, for example, you buy a haircut, you cannot trade it to someone else but you have still received value.

"I could go next door and get a better deal": Yes. While you aren't paying in any case, you can get one that has more control over your data, or you could stick with the Google version that prevents you from doing so. Better deals are available. My opinion on the best one may differ from yours.

But whether you understand or agree with these distinctions or not, it's still a mostly irrelevant point. Whether it's a market or not, it's still something that can be divided based on how many users each thing has, and that's what we were talking about. I think you're incorrect about this not being a market, but even if I assume you are right, what difference does it make to anything?

Re: zero cost

Yes, it does make a market. A really small one, and one that won't last, but it is one. You provide value: the stuff you don't like but someone else does. They provide value: they take the stuff you don't want so you don't have to do the work of disposing of it. They would choose between the available discarded items and select which ones they want to take. In this case, it's a market you and everyone else doesn't care about, but that doesn't stop it being one. I'm not sure what the point is of arguing this academic point. If we had said "usage share" instead of "market share", would you have been happier?

Re: Let's go Brandon.

As someone who didn't downvote you, or upvote you, the title suggestion is a distinct possibility, as it's unrelated to the issue and people disagree with that sentiment too, but it's probably not the only reason. Another one is that there are some places that are truly disconnected from all grids, generate their own power, have no old copper phone cabling, etc. It is not most of these places. Most of them do have some infrastructure connected to a house, but good internet is not one of them.

There are some locations that are so disconnected from everything around them that it really doesn't make sense to provide a cable to them, but most of the people they're talking about live in small rural communities that don't have good service, where there are already cables for power and where a local hub could connect many people relatively cheaply if the work of installing that hub is done. The existence of completely off-grid houses doesn't make them the majority. Nor are those the priority for this program, as the program is intended to lower prices for areas where the poorest live. Chances are that if you're using a bunch of solar panels to power your off-grid house, you've probably got more ability to pay for your own Starlink connection than most of the people who don't have broadband.

Re: Memory

They don't have much choice for iPhones either. Each model only has one amount of RAM. The current models range from 4 GB (SE 2022) to 8 GB (iPhone 15 Pro/Max).

I think this is only the case when computers can actually do the things you're asking for. In short, the problem is a backend rather than a frontend one. People have been able to talk to their computers and ask natural language queries for some time, but it hasn't been very popular because they can only make it do a few things. People eventually run out of times when they want to ask about the weather, search for music, or have their emails read out to them.

By bolting on an LLM, they can make the frontend more conversational and they've added one more command they can give: write something for me. However, none of the other functions of a computer will be available just because it sounds more like a person when you talk to it. I think it won't be popular for the same reason that existing voice assistants like Siri, Google Assistant, Alexa, and Cortana haven't proven massively popular. After a bit of novelty value, you realize that they can't actually do almost anything you want. I still use the one on my phone, but basically two commands "set a timer for x minutes" and "call y".

Re: While I'm very skeptical of the AI hype compared to the reality

I'm worried about the wear that might cause the flash. Lots of people have decided to use the SSD when there isn't enough RAM, and in addition to slowing things down, it also starts using something that can't take that much writing and is required for the phone to function. It isn't going to bother Apple if using their software means phones start dying of SSD failures a bit faster, since they don't happen enough now to be much of a warranty issue and, when they do happen, most customers will just buy another iPhone to replace it. It does bother me.

Re: Alibi

I considered it, but the sarcasm didn't make any more sense than the literal message did. Most ways the message could be reversed didn't make any more sense.

Re: Alibi

Is this supposed to be a joke? I'm really not getting it.

Imagine burglar goes on the usual sweep. Now they can take a selfie at someone's house, then use AI feature to remove themselves from the selfie.

Then when Police catches them, they can show them the picture "Look guv, I wasn't there!"

Look, you have a picture of the crime scene at the time of the crime, on my phone. I feel like there's something in your proposal that I'm missing. I'm going to need more explanation.

Re: platform identification

You can forge the user agent to say that you're running any browser you like or to exclude it entirely. The reason not to do that is that you're presumably trying to blend in with a crowd, and so you want to look like as many people as you can. If you say you're running Chrome on Windows, probably the largest user agent out there, other fingerprinting techniques can determine that you're lying about that. If you say it's Firefox on Android, but all the users are identified the same way, then it makes it harder to fingerprint you.

Re: Apple spokesperson speak to The Register

I think Apple will respond whenever there's a statement that's already been written for the situation. They can just send the same block to anybody who asks. When there's a specific question, that's when El Reg gets ignored.

Re: GUI Standards?

It's about what you can do after learning to use one tool. If everything is different, you know how to do the one task that tool is for. If things are standard, then you can probably figure out how to use other ones. So, for example, if you need to use a new piece of software for a bit, you already know the basics of how to open it, how to close it, where the settings are, what stuff you can click on and what stuff you can't, and you skip right to figuring out what you need to do inside it. If you might have to relearn the concepts, it's a lot more frustrating. For example, if you're used to ctrl+c copying and ctrl+v pasting and you also have options in the edit menu for those functions, but your new program has no keyboard shortcuts and the buttons are revealed by clicking a toolbar button with an unfamiliar icon, you spend more time learning that.

People who frequently have to pick up new applications will find this annoying. I imagine you've experienced it at least a couple times yourself. The worse situation is for those who don't do this frequently. How many people have you met who resist any change. An update might move one button and they panic? That's often because they've experienced something which completely changes their workflow and they need to spend a while re-learning things for no reason. There are times when that is necessary, but generally, if people already know some paradigm and yours doesn't offer a specific benefit that you can concisely explain and prove correct, it's best to stick with the working one. This is a lesson that many companies, especially Microsoft, would do well to follow. I wonder whether people would stick less to old Windows versions, even as they go out of support, if the next one looked familiar.

Re: Efficient interface

That claim requires some evidence. I'm sure you can use vi quite efficiently, but is it automatically the case that it's more efficient than an experienced user in a different editor? I think that depends a lot on what the user is trying to edit with it.

I know the basics of using vi for systems that have nothing else, but I came along when text editors could do more things and so I've never taken the time to use vi instinctively rather than deliberately. It's perhaps unsurprising that I find it to be slower to use than editors I've spent lots of time in. However, I also think that may be true if people find certain features to be useful. A typical GUI editor tends to have more builtin features than vi does, partially because there are other programs that can be used to get the same effect on the CLI. The more of those the user finds useful, the faster the editor with them included will be to them.