Posts by doublelayer

Re: I was gonna say...

"On what planet are you on where you are running a big DB on a laptop?"

Here's one case where you absolutely would: local training of a machine learning model. Normally, that kind of thing gets outsourced to some big servers running Linux, often in some cloud provider's DC, but the point of the discussion the article covered was to show off doing it locally, and people sometimes do. You know what they need if they're going to? A lot of training data and something in which to store it. Quite frequently, that's a database of some description, not just a really big directory.

The point was not about databases, though. That's just one example of something that takes more RAM. There are many such things, from running a virtual machine or two to working with some high resolution video, something Apple's been popular for for some time. That's the kind of work where buying a Pro makes sense, and the entry level Pro is likely to have some problems doing that well.

By routinely keeping open a ton of applications and lots of browser tabs, each with pages with lots of graphics, downloading stuff in the background, and wanting to be able to return to applications later without waiting. Don't get me wrong, memory waste has increased significantly, but when memory was at a premium, we kept things in it less. It was not common to keep programs running when you weren't planning to use them soon, and even if you did, they would be more aggressive about writing things back to disk and evicting them from RAM.

A simple example: I used an audio editor from the 1990s. It could run in a few megabytes of RAM, and most things were fine. If you ran a complex operation on it, though, you'd have to wait a while for it to complete whereupon it would let out a loud ding to alert you that you could stop looking at your email now. It did this, not just because the processor was slower, but because all the data you were editing was stored in huge temp files on your hard drive, which if you were unlucky wouldn't get deleted and you had to go find and clear them. Some operations would limit your ability to use the undo button or would make the undo process another long wait because they would require making another copy of the file and that would use up too much disk space. A modern audio editor uses a ton of memory, but this is because it keeps all that raw data in RAM, including the old data you discarded a while ago, for speed. If you're low on RAM, it trusts your OS to swap for it. This wasn't just audio editors. Anyone remember Office files of the form ~$ocument.tmp? They were hidden by default, but you could unhide them. That was the hack to use the disk as RAM so that the software itself would use less. We have abandoned those hacks and started telling the truth about how much data is being used.

Re: Never understood certs

In a plaintext connection, any listener can also modify without detection. Any data you send or that the site sends back can be replaced with any other data that is chosen. Your browser would not know that. This is one reason that an encrypted connection is better; even if it was an unverified self-signed certificate, only one server has a chance to mess with the data going to your machine. It's not just about cookies and passwords, though those are important as well.

Re: Another unpopular opinion...

It's not an unpopular opinion, it's just an opinion that's likely to be wrong. Of course, I can't know what is going on in the minds of these politicians, but I can almost guarantee that it isn't "Open Source = Commie". This is for one particular reason: they don't have a clue what open source means or involves and probably don't understand why people like us make such a big deal about it. In fact, there's a distinct possibility that they don't wonder that because they don't even know that we make a big deal about it.

They aren't fighting this because they think open source is dangerous, RISC-V is open source, thus we must fight RISC-V. In fact, they're perfectly fine with RISC-V. Their logic appears to be that China is dangerous, let's do something about China, China uses chips, RISC-V has something to do with chips, some Chinese companies have talked about and built products using RISC-V, so let's try to stop them using it and keep RISC-V for non-China only, because that must be possible, right? Many things could take the place of RISC-V in that sentence and make as much sense. The thing they want to limit is China, not open source in general or any particular part of it. Their reasoning for wanting to restrict China is certainly subject to dispute, but their methods for doing it are random in their effectiveness.

Politicians, and a large set of the general public, and even a significant minority of technical people, have a bad idea about how easy it is to do various things with technology. They see, for example, that there is proprietary software out there which people, even while trying hard to break into it, cannot turn to their will. They therefore think that, if it's possible for tractor firmware to resist someone who has access to the machine and a bunch of hardware, then surely it can't be that hard to have a chip instruction set that you don't let China have. It's a similar logic that's used when they say that it can't be too hard to have encryption that the intended recipient can use and police can use but criminals can't. Those assumptions are wrong, but it takes a lesson to explain why it's wrong and they don't spend that long on things before suggesting what everyone should be doing. It goes the other way as well, with some people assuming that open source means that anyone can do anything, for instance having utopian ideals about what RISC-V will mean for open source software, user freedoms, and software support rather than meaning that chips will be cheaper to make which might mean they're cheaper to buy. As analogies go, the first post that joked about gravity is closer to the politicians' thinking than the communism analogy.

Re: I remember when

It depends what you count as interesting. A lot of constructs are more concise in Python, and there are a bunch of libraries for basic graphics stuff which can be used if interesting requires a GUI of some sort. I don't think it's hard for a student who is interested to pick it up any more than BBC BASIC. I'm not sure how it compares for those who are not interested, but I'm also not sure whether making it easier will make the uninterested decide to try it anyway.

Re: I remember when

"I think administration for school computers is largely outsourced to the local authority"

Maybe, although that's probably dependent on the region.

"and they'll be just as familiar with Pis as Windows, if not more.": Er, why? The local government systems are almost certainly using Windows computers. Did your local authorities switch all their office machines to Linux recently, because mine definitely did not. Whether it's the authority IT or school-specific IT, the chances are that they have Windows machines for staff and few or no Linux devices. They can retrain for Linux, but they probably see that as a cost and don't see why they should. If we think they should, we'll have to be more helpful than this.

"What's the refresh period for school PCs, anyway ?": In my experience, when pieces are falling off them, you can get a new one, assuming there's nothing in the spares closet. Another reason why they'd have to justify buying another set of computers, or to be convinced that they can replace the existing set with Pis alone, which they will probably decide they can't.

Re: I remember when

On the other hand, any computer designed to get people interested has to compete against computers that already exist. You could give them one of the various microcontroller-based educational platforms, which are a bit closer to the original computer. For example, the BBC Micro:bit is like that: you have to write some code to do anything interesting, but it provides some built-in hardware and libraries to control it so it's not hard to light it up and make some beeps. I still think the Pi's more likely to succeed because computers are more versatile than they were. A child that has a Micro:bit can, if they write enough code, make it light up and make sounds, with some sensors as the only inputs. This isn't very useful, which also prevents it from staying interesting.

I think the Raspberry Pi knew this and therefore provided the hackable Minecraft platform. I've never used it myself, but I know some children have gotten their start with that. They can learn some coding techniques by modifying something they enjoy using, and it's preinstalled on the typical desktop image to make it easy to find. It may not be perfect, but it's something to attract early users that can teach them useful skills. I think that the more you limit the hardware to make learning the only option, the more a student will ignore the useless box and look at their phone, where local coding is difficult or impossible.

Re: I remember when

All of which is true, but someone was going to have to explain to the school why they should buy another computer, even a cheap one, when they already had these ones. Could the Pi replace the Windows machines for their other uses? Not at the time, it can now, but it will require admins that the other machines don't. They're still going to have Windows admins for staff equipment, so the extra admin for the rest of the machines is mostly small. I don't know how many people tried to explain that to schools, but I'm not surprised that with few people attempting to answer all their questions, few schools saw why they would benefit from getting Pis for everybody. Meanwhile, schools that intend to offer programming courses can also use the computers that already exist. It won't teach them Linux internals, but if they're intended to learn to write some code, that may not be high on the list of expected topics. Nobody was selling them on the benefits of these machines or providing solutions to the tricky bits, so they didn't adopt them, but we didn't notice because we were happy to keep buying them ourselves.

Re: I remember when

Two groups overshadowed it. One was the people making digital signage, who realized that the Pi's based around a GPU that was intended for TV boxes and thus that it is a pretty great way to build a cheap sign. That led to a large group of industrial users who figured out that, if you have a screen involved, connecting it to a Pi is probably pretty handy. The second group was us. The hobbyists who bought plenty of Pis, but did you buy them for education? I didn't, and most of the users I see online are using them for personal projects, not teaching. That doesn't mean people aren't using them for teaching, and I'm sure some are.

However, there's a reason they might not be. These two groups having had so much success might have blinded us to the fact that the Pi was kind of bad at some of the educational goals for a while. An original Pi running a GUI on a single 700 MHz core and 512 MB of RAM wasn't so great at teaching users to code because they were too busy trying to figure out which part of the system was responsible for it being so annoying compared to every other computer they saw. That's fixed now, but I do wonder how many people tried to use it that way, since the official OS images started in a desktop, so that must be the intended behavior. Of course, we hobbyists know where the limitations are, that those early models were great for CLI use (I still have one running here) and that you could use the GUI if you were careful about which software you ran. Those people who were new to Linux may not have understood why LibreOffice or Firefox, seemingly pretty normal software, were sluggish to an annoying extent. I hope that didn't put educational users off, but since most teachers are not familiar with Linux or programming in detail, I wouldn't be surprised that at least some were.

Re: a job-free future

I have not read those books, although they're now on my reading list, but if your summary is accurate, I don't think it's realistic or desirable:

"citizens, upon graduation, would decide if they wish to have a life defined by Basic (revenue, support, health care, etc.. I guess), or if they want to actually work for their subsistance and attain a career worth something."

The first problem is that I'm unconvinced that we would eliminate work to the extent that this becomes realistic. Of course, technology eliminates certain types of work with some frequency, but it doesn't do so all at once. Meanwhile, more jobs are created to run the technology and by the increased ability to do the things that were once done manually. We've automated a lot of things in the past few decades, and yet the unemployment rate is still pretty low in many of the countries where jobs like manufacturing were lost. Does this mean that we have no problem because everyone just gets a different job? No, because nothing says that those jobs are as good or that getting them was easy. There are lots of problems in a situation like this, but the expectation that there will be more people than jobs we can think of having someone do has been incorrect most of the times it has been predicted in the past. I'm not convinced that AI, even if it improves significantly, will be the technology that substantially reduces the need for labor.

The second problem is independent. Let's assume that I'm wrong and I can look back on this comment a couple decades from now and laugh about how stupid my prediction was. I still think the proposal to choose between a career and support is a really bad option. It leads to a lot of resentment between groups, and whenever that happens, someone will try to exploit that resentment for political power, with the likely outcome that one of the groups will be harmed. I'm imagining the resentment in the scenario you summarized to be caused by people who work thinking that those who don't are lazy and useless, while those who don't work think those who say that are judgemental and outdated. At least if the support was provided to both groups, those who worked wouldn't have an excuse to say that, if they weren't doing something useful to society, they'd have more. I don't think that minor change would be enough. This depends a lot on exactly what jobs were left after that. If we could get it where only the most creative ones were left, then we're probably pretty good because there are enough people who like doing that kind of work to take it on voluntarily. I imagine that at least some of the jobs that take a while to automate will be unpleasant ones, which makes this much harder to solve to everyone's satisfaction.

Re: Remember the 70's promise's

I think that's misstating what happened. We don't have that utopian dream not because people got in the way, but because the technology didn't do what the dream said it would. It doesn't matter if you have billions to spend on it, you still don't have robots to do many of the things you want done. Of course, with that much money, you can have a bunch of humans doing those things, but that's the point. We don't have the robots envisioned by futurists at the time, so perhaps it's unsurprising that our world still looks more like the 1970s than it does the picture of universal robot service. Robots in manufacturing is really not the same as robots doing every type of manual labor.

Re: a job-free future

Automating the part where you ask the AI to do something obvious is the easy part. That's not going to be the part of many jobs in the future. If the AI can do it and the employer is willing to have the AI do it, sending the information and request to the AI shouldn't require a person. There will be a lot of jobs where humans are still needed, which will include ones where AI can't do it. Unless we improve the quality of AI quickly, this may end up being most jobs, but even if we get much more reliable models, there will be jobs where it can't help. This won't make those jobs fun, but they will certainly exist.

I can answer a few of those questions.

"The fact that even though she worked for the NCA she sent messages to people about it that could be read later.": From what we know, she probably didn't. One of the people she told was stupid enough to send a message to someone else which could be read later. She ended up tipping off someone that was too stupid to hide that, but from the information available, she could have told the criminal about the surveillance in person or on some other safe communication method.

"The don't use postcodes comment. That's like saying to Amazon don't use postcodes. How are you supposed to deliver stuff?": It meant to not send postcodes through this app. Theoretically, you would send them some other way, or encrypt them separately (no, they're not smart enough), or some other alternative not mentioned. They were trying to limit the data sent through a compromised system without just dropping it for some reason.

"They reportedly used an update to lift the entire contents of peoples phones. How did people not notice this when their burner PAYG phone ran out of credit rather quickly?": WiFi? In any case, it's unlikely they had that much data to steal. All the text messages I've sent in the past year isn't a lot of data, especially if you compress it first. It is certainly more if you include pictures, but I don't send many of those and it's possible that they started with just all the text and requested images later if they needed them.

"This supposed 48 hour delay and the ability to delete messages. It's a MITM attack. You can't delete data already intercepted.": The only answers I have for this one involve someone not getting it. One option is that she was telling her friends that their messages were visible about 48 hours after sending, so be careful with any long-term messages sent, and they misunderstood and though they could just delete before that happened. The other option is that she saw that messages were 48 hours old when they came through, so she thought they could delete them beforehand. Either way, someone was getting this all wrong.

"They also told me that their service works during power outages (the modem wouldn't have power!)"

In fairness, the modem is relatively easy to power from a battery, and some modems that you can buy already come with batteries in them for this exact situation. Compared to a system where, even if you powered the modem, it wouldn't work without mains power to some equipment near your house which you can't attach a battery to. This may not be the most important, but if you lose power frequently without losing the cables that provide data, then it could be a selling point. Of course, given the other lies they were telling, maybe that wasn't true.

"Trouble is many MNOs now offer 1 month rolling contracts, so can increase rates every month if they so desired…"

I prefer these, because with a contract like that, there is usually no exit fee. If they increase the price, nothing stops me from porting out that month to someone else. They know that, so they have to be a bit careful about randomly changing prices. Compared to a contract that can raise the price and still charge you a fee to get out, a lot of people might avoid leaving because they don't want to pay the fees, then get used to the price increases. In my experience, those that offer monthly contracts tend to be cheaper and more stable than those who lock you in for a long time unless the long-term contract specifically states that it will be one price and the operator may not change it until the contract expires.

Re: Percentage points surely?

This still sounds like what I said, and the most logical way to use percentages:

£50 bill + 10.5%*£50 + 3.9%*£50 = £57.20.

You can add percentages together to get a total percentage assuming that the base is the same, which in this case it is.

Re: Percentage points surely?

No, because percentage points are used when comparing one percentage to another percentage. This is using percent multipliers, the normal way. For example:

£50 bill, +3.9%, £51.95. That's how percentages work.

Re: I don't see how this would help in their goal even if they did it

It probably wouldn't. Most likely, ad fraud was their way of trying to find an excuse for having this feature. If they told the truth: "We want to add a feature which explicitly breaks anybody who isn't using Chrome, then get a lot of people to mindlessly activate it, then take the integrity information and leak it through Google Analytics or something for extra fingerprinting", people wouldn't want it. Sometimes, when they introduce new APIs that don't really need to be in the browser, they can think of a possible benefit that someone could get. For instance, when they decided that browsers should be able to talk to USB devices directly, they could show you how a game written in Javascript could automatically interact with USB gaming hardware or how you could upload code to a USB-connected dev board without learning how to use a serial console. With WEI, they couldn't actually think of any user benefit. They already know some ways to fight ad fraud, such as by looking at the source of the traffic which would get around your VM proposal, but they don't want to bother doing it because talking too much about fraud would just scare the people buying the ads.

Re: Whats wrong with crypto

"We are nearly at war over the ability to pay for oil in anything other than portraits of Ben Franklin."

No, we're not. People can and do buy it with their own currencies. It does happen that they often choose to denominate the prices in dollars so that, if Russia sells some to India, they don't have to deal with the question of what happens when the exchange rate changes or whose ruble exchange rate you use, but India doesn't have to turn their rupees into dollars before sending them to Russia as long as they've agreed on something else to use.

"Try buying your Chelsea mansion in Roubles right now,"

You can do that. You probably have to exchange them for pounds first, and you'll probably find that UK banks don't want rubles as much as they once did, but you can do it.

"or pricing your ARM IPO in GBP"

ARM chooses the currency they want to use. They could have chosen to do it in pounds and list it in the UK. The reason they didn't is because they chose not to, not because they couldn't or someone external to their ownership refused them permission.

Re: Whats wrong with crypto

No, the use of force isn't so relevant to the value of a currency. Its rarity and the usefulness of it in a market are much more relevant.

Costa Rica has no military. Really, they abolished it. They're very proud of that. Their ability to use force is pretty low. Meanwhile, North Korea has a huge army. It's armed with all sorts of weapons because they've made little else for the past fifty years, it's the fourth largest in the world by number of troops, unless you count paramilitary organizations, in which case it's the largest. They have nuclear weapons. If they want something to happen in the country, they're virtually guaranteed to get it.

If I offer you the option, which one do you want? Some Costa Rican colónes or North Korean won? There is a right answer.

Re: Whats wrong with crypto

"Also Beatles singles are not currency so your analogy is nonsensical and invalid."

No, the analogy works. We're debating two parts of Bitcoin. There is its usefulness as a currency, which I think most people here agree is low. However, that's not what we were talking about. We were talking about whether it has value and where that value comes from. A lot of things that aren't currencies have value, and we all agree on that. After all, I expect that your savings doesn't mostly take the form of cash in a box, but rather financial instruments which are worth money and may produce money. You can't buy anything with a bond or share, but those things have value which can be turned into cash. You can't buy stuff with a house either, and turning it into cash takes a long time and the specific amount of cash you'd get isn't easy to calculate. It also has value. Bitcoin also has that power, meaning it also has some value.

Re: Whats wrong with crypto

Pounds are useful in lots of places, but some of them find it more useful and some less. In the UK, nearly everyone accepts them. In some other countries, some people would accept them, and some would require that you exchange them first. There are many areas that get travelers from other countries that routinely accept international currencies, though the US dollar and euro are more likely to be accepted like this than the pound is. The point is that, though their usefulness depends on your location, they have value nonetheless and you can, with sufficient effort, exercise that value. Bitcoin is also inconvenient to use, so inconvenient that I don't have any, but it also has value. If you have some Bitcoin, you can give it to me and I can use it to buy stuff I want. I'll likely have to convert it into something else to do so, although that's not certain, but it will end up having value to me.

Re: Whats wrong with crypto

That depends. You can buy quite a few things online, and I'm not just talking about criminals' wares. For example, my domain registrar accepts Bitcoin. No, I haven't used it, and I don't know how painful it is, but they do accept it.

That's not really the right question though. For example, I can't buy many things with pounds because I'm not in the UK. If I go into a local store and present the clerk with pounds, they'll tell me to go away. If I go to the bank, though, I can rather quickly get cash the clerk will happily accept. Just because Bitcoin is inconvenient to purchase stuff with doesn't mean that it has no value. All that means is that it's a poor currency, which it absolutely is, but that's a far more limited statement.

Re: Stabby stab

The health effects of multiple gunshots is typically larger than of multiple stab wounds, though, so even if he didn't attempt to kill anyone else, the results could have been much worse if he had a firearm.

Re: No email rejection?

Or the bounce gets filtered somewhere. I was configuring a mailing list recently and sending messages to it from an external address. The first one didn't get through. I assumed this was because I had just configured the address thirty seconds back and maybe it hadn't propagated yet. I waited a few minutes and tried again, no message. I started wondering whether I had misconfigured the spam protection piece because I was sending from GMail, and that can sometimes be a problem. I went to check that config. After doing that, I sent a third message. It didn't go through.

A while later, I was using the keyboard to navigate between mail folders, which was fortunate for me, because as I moved past the spam mailbox, it checked with the server and showed me the three bounce messages the list had sent me, all of them telling me in clear terms that I had not switched the list to accept incoming mail from external servers. I had expected that any bounce message would have been sent through since other mail from that server was being accepted, and it caused me to waste plenty of time.

Re: Is there any coming back from this ?

Do you mean this specific incident, because if you do, you do realize that it was a company other than Okta that had the system from which the file was stolen. I'm sure your employer outsources some part of its business, and it would be great if they could make sure that every supplier had perfect security, but that doesn't make them the cause of any supplier's failure.

Re: Finally doing what I said they should do

My guess: ransomware where they tell the victim that they need to avoid telling anyone that they've paid a ransom. While I support making payment of ransoms illegal, I don't think it will eliminate companies that find some way of doing it. After all, companies manage to pay bribes without writing "cost center: general corruption, item: bribe" on their balance sheet. I've been hoping that, since executives seem to be legitimately frightened about the risk from ransomware, that it would mean more tested backups. Unfortunately, if it has, it hasn't been enough.