Posts by NullNix

What? sysv init scripts, both as originally implemented on sysv and as now present on (non-systemd) Linux distros are an almost wholly undocumented nightmare of barely-commented shell scripts rife with poor interactions and no error handling whatsoever. Even BSD single-rc-file was better: at least you could have conditionals that crossed multiple services easily.

sysv init scripts are a total mess and clearly crocked together from whatever pieces lay to hand at the time. No design was involved, and they're as far removed from the clean design of the Unix philosophy as the Windows kernel was.

I might not like systemd a great deal, but that doesn't mean I'm willing to engage in obvious lies to attack it. There are good reasons to dislike systemd. This is not one.

Re: Tricky to do that with people.

This is counter to their own best interests. Old people are Tory voters: they don't want them to die! I'm willing to chalk this one up to a lack of capacity, stupidity and panic, followed by a pile of increasingly implausible lies as they try to make it seem that the UK govt never made any mistakes whatsoever throughout the whole course of the pandemic. (This is flatly unbelievable to anyone who's read any news at all in the last year, but it doesn't stop them trying.)

Re: As Pratchett himself wrote:...

Yeah. You know what was missing in this RFC? An assignment for X-Clacks-Overhead and/or "GNU Terry Pratchett". (But the existing assignments were hilarious, and reminded me of nothing more than the oh-so-carefully-chosen keybindings for the immortal gnxt text editor.)

It's a Californian Blue. Lovely plumage, look. Formerly owned by a mafia don's Organization, so look out, it might squawk out rather unfortunate, not to mention embarrassing, secrets...

Re: Not me

Also the families of everyone at school. Just because children are almost entirely asymptomatic doesn't mean they can't pass it on. Members of five families in my sister's daughter's class caught covid-19 in the same week: obviously this means they almost certainly caught it from their children.

With the release of glibc 2.33 (install with care, I found several bugs and the fixes haven't hit the release branch quite yet), it has now trickled down! This has of course instantly broken OpenSSH because it didn't have all the necessary syscalls in its seccomp filter list... (patch submitted).

In fact he just did, and I suspect he was planning to when he registered this company. Problem solved!

Re: Modern authentication is not a standard

So... all of a sudden your email (possibly automated) stops working unless you log into a browser and tweak the password your automated systems are using on a frequent basis?

This sounds *terribly* impractical.

Fortunately, it's not actually quite that bad: if it works like other oauth2 implementations, you can get new tokens via a fairly simple curl call, i.e. automatically. You don't need a full web browser, JavaScript or any of that crap (but then again since you can do this automatically I'm not sure what actual security it brings). It's just that every single client needs changing, and with some, like getmail, not even up to migrating away from Python 2, this might be a fairly long wait for the "long tail". And I bet a bunch of MS's own employees are using said long tail of clients... hence the stay of execution.

Re: A self-defeating approach?

It's commonplace. Most banks have *ancient* systems, and this is just one of many ways that shows.

If you want ridiculous, until last year the Coventry had a scheme where you had an eight-char password, uppercase alphanumerics only, changeable on request -- they posted you a form with eight boxes in it which you filled out and posted back, and then a few days later the password was changed. This was obviously grossly insecure so they pasted other security challenges over the top of it over time (and lately have replaced it entirely).

I bet this is because the password in question was an actual mainframe account password of some sort, changeable only from an operator console. It had that smell. (This year, they changed to allowing really long passwords, and better yet passwords with no stupid restrictions on what characters must be present, so I can just use the result of a yubikey's HMAC-SHA1 challenge-response as the password. Finally.)

Re: Wang Care

Not just American companies. None other than the great Jack Vance, perhaps one of the finest wordsmiths then alive, wrote a book titled _Servants of the Wankh_, silent h and all. Admittedly, he wanted the book's title to be different, but the Wankh *were* a pivotal species in the book and he definitely didn't see anything wrong with their name. Many years later he renamed them to the 'Wannek' after being told what 'wank' meant in Britain.

If Vance didn't know... it's safe to say that next to nobody in the US did other than immigrants from countries speaking British English variants, at least not a few decades back.

Re: She doesn't test her software and there's data corruption

Back when I was working for excessively boring bottom-of-the-barrel no-name City firms... well, one of them decided to make a superhero graphic novel. Because *obviously* wrestling with databases is *just like* causing massive property damage in the streets of Manhattan.

Somewhere, some poor sod had to draw multiple frames of a character in a superhero costume... sitting at a keyboard doing electronic stock trading. HEROIC!

Re: Alternativly

Dave is the guy who has to deal with the integration problems this sort of throw-it-over-the-wall no-external-contributions code implies. It's a hell of a lot more work than it would otherwise be (and I can say this as someone who's been on both sides of that fence, both throwing code over the wall in a project my then bosses didn't allow me to open, and trying to integrate another such project with a larger system, which was much like trying to get blood out of a stone only less pleasant).

This isn't dogmatism, it's common sense.

Re: Then there's running an X session remotely.....

Apparently 'waypipe' is supposed to be able to do this. I mean yes it works by throwing bitmaps around, but in practice so does most X work now. (Except Emacs, which is probably a major reason to keep XWayland around. XWayland doesn't work with everything, but Emacs doesn't use the modern stuff like systrays etc that XWayland doesn't like, so you should be OK.)

But then what was the thing being "made redundant by chipmakers"? As far as I can tell the only possible answer to this is "nothing": segment overrides still exist and still work just as well as they did last year. This change is not being implemented because of changes from "chipmakers" (Intel? AMD? the RISC-V Foundation? At this point it could be anyone).

The article is more than half nonsense.

Re: Two questions

Some versions of Android at least log when apps ask for location, and how finegrained it is. I have not (yet!) observed the NHS app making any such queries, and the source doesn't do any that I can see.

Re: That's downright cheap!

I didn't say you couldn't get mechanical keyboards: I said they weren't going to be cheap. This is not a bad thing, as you still save money in the end because the thing'll take many times longer to wear out than a cheap keyboard would. It's Vimes's "Boots" theory of socio-economic unfairness applied to keyboards.

(Ergonomic *everything* is much more expensive. It doesn't matter: my trusty Maltron might cost a lot but I bought it in the early 2000s, have used it to the exclusion of everything else, and it still works. The keyswitches wore out once and were replaced: doing the replacement cost about £70, and was worth every penny. It *is* important that you have a method in place to avoid the possibility of ever spilling anything on the keyboard!)

Re: So?

> 27,000 lines of code isn't really that much, its a substantial chunk but it should break down into components that can be individually reviewed and tested.

Yes, and doing that was Paragon's job, not the reviewer's. It's not like it's hard to split a huge ugly pile of work into neat commits. Picking an example totally at random because it's one I'm familiar with: it's not quite as big perhaps, but I did that for 10,000-odd lines of work just last month, originally in perhaps 250 completely unreviewable use-git-as-a-backup-system commits with commit log messages reading things like "fix the fix" and "giant pile of unsplit work" (https://sourceware.org/pipermail/binutils/2020-June/112012.html). It took perhaps two days to split up six months or so of work.

If you can't be bothered to do even that much to make your code easier to follow, I don't think it says much about your likely long-term commitment to the contribution or about your consideration for the maintainer you're dumping this stuff on.

Re: Get Root?

Not that I can see, which makes this whole thing a panic over nothing. Yes, if you run malicious code as root it *can* persist itself. This is nothing new. Don't run malicious code as root. (And keep your machine as safe as possible from holes that allow unprivileged users or network daemons to escalate to root.)

(Secure Boot only saves the boot process and firmware, anyway -- it won't save you from things that persist in network card firmware, disk controller firmware etc. Like, oh, the NSA uses, and since they do I'm sure the Russians can deploy that real soon now as well. Again, just don't run it as root and you're safe.)

Re: Alternatives?

Yeah. I will admit I don't understand people who say they do a lot of typing and then insist on buying a cheap keyboard. If you do a lot of typing the keyboard is critical equipment, and it's critical stuff that your hands hit a lot. That means it's also health-critical. Why would you *not* spend a reasonable sum on something like that? Why aim for the cheapest thing you possibly can? I am mystified.

Also... if you buy a keyboard with good switches -- which means expense, I'm sorry -- you can expect it to not fail for decades. The Cherry keyswitches I'm using in the keyboard here did need replacement, but that was after *twenty years of continuous use*, and the thing about a keyboard that costs a lot is that if the vendor is still going after that long they'll probably be happy to replace the switches for you for less than the cost of a replacement keyboard.

Cheaper keyboards wear out much faster, and are nastier to type on as well.

Re: "Another bemoaned the hammering of yet another nail in the coffin of Blighty's ISP past"

So, how does "ten addresses" compare to "infinite addresses and you can run your own mailserver, in fact you have to, here's one we configured for you: all the configurability you could possibly want"

Really worth moaning about (not that any of that good stuff survived the Vodaphony takeover).

Re: Just a guess, TTL timing?

Similar example on the C64, which came directly down to driving the DRAM out of spec. This one wasn't diagnosed until a few years ago, and was of course first shown as a demoscene scroller with appropriate freshly-composed music.

Re: When people talk about the abuse of petty authority I ask

Oh come on she wasn't selected on that basis. She was selected on the basis of being pro-Brexit, just like everyone else in Cabinet. She just happens to combine that with being so right-wing that she makes Rees-Mogg look like Neil Kinnock, so short-tempered that she makes our recently-ex Speaker look like the kindest person who ever was, and "as thick as mince" (and that was from one of her *supporters*, off the record).

However, she didn't manage the biggest own-goal of this Cabinet so far, infecting half of it with SARS-CoV-2. That was probably Nadine Dorries' doing -- and that's another sign of a terrible low-competence cabinet: why the hell is she a health minister, even a lowly one? her only interest in public health historically has been to use every possible opportunity to try to ban abortion, even though doing so is *massively* unpopular in the UK outside Northern Ireland and would get any government that tried to do it turned out on its ear. Answer: she's pro-Brexit and they long ago run out of *competent* pro-Brexiteers, given that in order to be an enthusiastic Brexiteer you more or less have to be incapable of foresight or know nothing whatsoever about international trade while imagining that you know a lot.

Unfortunately Brexit is now an irrelevant sideshow and the Tory party is getting a sudden rude reminder of what sorts of threats the protective function of government is actually meant to protect us from, and it's not metric measurements.

Re: Read the PDFs

A horrific disease happened to it. Panic if you can't stay indoors and away from anyone (who cannot also do that themselves) is *rational* when faced with something that spreads more easily than flu and hospitalizes a high proportion of those it infects -- and even if you survive that, the experience is reportedly horrible. Going on a ventilator is not an easy thing: it takes months to recover and often causes permanent damage. COVID-19 may well also cause permanent damage to the heart, liver, and kidneys. Being extremely worried seems sensible to me.

Incurable diseases with consequences like this are beyond the memory of almost everyone now living in the western world. Of *course* people are panicking.

Re: Assume the Conclusion

Well, he's right-ish. 5G towers don't *just* have 5G on them: some of them will also contain the 4G for the area too. Burn them down and you will (if you pick the wrong/right tower) lose mobile coverage completely. The emergency services *do* rely on that, as do people making 999 calls. *National* security, perhaps not, but local safety? Sure.

Re: If you store your project code on an online repository...

If you store your source code in an online repository, don't have an up to date local backup, *and are using git*, I don't know *what* you're doing, because all your local copies must be shallow clones -- are you *that* short of disk space?

It takes real effort to avoid having a local backup with git (which is why github is more or less dispensable to many of us oldtimers who prefer email: git gives you all the code hosting stuff in every local repo :) )

Re: It's all very fascinating

You always have at least two keys (in different places), and register both of them with everything. If you don't, you will sooner or later be regretting it: USB devices don't last forever even if you don't carry them on your keyring. Any site that doesn't allow registration of multiple tokens against a single user identity is arguably broken: don't use it for 2FA unless it provides some sort of fallback (and even then, the fallback serves as a lower-security way in, reducing the security benefits of the key).

(Currently, I have four, but that's more because I lost one and then found it long after, and my then-backup didn't have NFC and I found I needed NFC on at least two of them, than because having that many keys is actually sane.)

Re: A Roger Zelazny reference - Ancient Ore Crusher - bravo!!

Uh... _Comes Now the Power_ was written in 1966. It's a very long way from being out of copyright.