* Posts by ChadF

14 publicly visible posts • joined 24 Aug 2019

Uncle Sam cracks down on faked reviews and bad influencers


Silly ideas

"Company-controlled review websites."

Well.. this one is unrealistic.

If you're selling products on your site, it's a reasonable expectation to provide customers with a review feature. For example, if I had a small business which sells a few of my products directly from my own site, I would have these options:

1 - Include a simple customer review feature for the benefit of the customers. This could be as simple as using an existing reviews/feedback plugin for whatever software I'm using to run the site.

2 - Pay some "independent" review service to handle reviews, potentially leaking personal customer information to that company and/or requiring the customers to sign up on some other random service (and agree to their arbitrary terms of service) just to leave a review.

3 - Not include reviews at all. And if I'm a nobody seller, I probably won't even be enough of a drop in the ocean for any free 3rd party review site to include my products. And certainly without any coupled options, such as "only show verified purchases".

So if #1 is outlawed, and #2 is a waste of my money for something that has no significant ROI incentive (other than being a "nice" thing to provide to customers). that only leaves #3, which just punishes the customers.

Now f you want to prohibit a company from using access to their own website from manipulate reviews, that's fine. This would be no different than prohibiting a search engine promoting their own products over competitors.

Can reflections in eyeglasses actually leak info from Zoom calls? Here's a study into it


You're Fired!

McFly! I was monitoring your screen activity during that video call!

White House to tech world: Promise you'll write secure code – or Feds won't use it


Open Source + In-house Development?

I wonder how this is suppose to work for all the open source being directly used by in-house government development, and not open source which is "included" by third party products. Are they suppose to spend millions (maybe billions, across all agencies) porting existing software to use proprietary alternatives plus any perpetual licensing costs? If they have to wait/pay for external open source proxy certifications, does that mean they won't be able to upgrade to a newer version in the event of a security vulnerability if forced to wait on a new certification (even if a fixed version has been available for weeks or months)?

The crime against humanity that is the modern OS desktop, and how to kill it


Amen, brother - Hallelujah!

If there where a double-like button, I'd push it for this one.

And it seems like everyone wants to be a lemming and jump off that cliff after someone comes along withe latest "modern" UI feature, trying to clone the look and feel of something else stupid.

For years I avoided using Firefox due to its dumbed down interface, compared to the original usable Netscape (and early Mozilla) browsers, in favor of other Mozilla based ones with a sane UI. Sometimes I would be forced to use Firefox due to too many web developers being unable to create a browser portable website if their life depended on it (in favor of using over complicated and "shiny" UI elements). Then one day I needed a separate browser session for a quick login and decided to use Internet Explorer (which I only ever used long enough to download another browser, or run Windows Update in the old days). And it looks almost identical to Firefox in its layout, and I realized why I dislike the Firefox UI so much..

And let's not forget some of the lasted devolved trends in UI toolkits.. like accessibility hostile scrollbars. I know! Let's make our scrollbars *reeeeally* narrow and hide them unless you hover over just the right 3 pixels. That is assuming you even know where to try with all these awful flat UIs (you know, like they had in the 70s and early 80s, which they now refer to as "modern", but really are more retro), which make it harder to know where the edges of anything is, and thus where a scrollbar *might* be. And once you've found those 3 pixels to unhide the scrollbar, since they are often translucent, over random content, it can be a pain to find where the handle to drag actual is. Then, once you've made it that far through the scrollbar gauntlet course, unless you have *perfect* dexterity, you often end up clicking on whatever it behind the scrollbar, triggering something you didn't want. So to put some truth to the article's title, one might literally be able to make a case to charge some of these UI developers with disability hate crimes, be it physically and/or visually impaired, as their systematic adoption is actively hostile to the less-abled being able to use them.

Software developer cracks Hyundai car security with Google search


Triple check everything

You know you're having a bad day if you brick your car due to making a mistake installing custom firmware.

I love the Linux desktop, but that doesn't mean I don't see its problems all too well


" and over half-a-dozen different major ways to install software such as the Debian Package Management System (DPKG), Red Hat Package Manager (RPM), Pacman, Zypper, and all too many others. "

There has also been CPIO, TAR, ZIP, RAR and others.. but nowadays it isn't uncommon for a single tool to be able to handle most archive formats, since they are just variants of the same conceptual thing. In the same way, package files are just variations of each other, so there is little technical reason why package manages can't read each other's formats, at which case it becomes more of just a user interface difference. Ideally, they could also use the same system database format(s), so you could use them interchangeable based on personal preference the same way someone uses the text editor of choice to edit the same files (but we're not quiet there yet).

Perhaps what's really needed is a non-profit organization who's goal is to help unite various distros with common APIs, without preference to any particular distro. If being a member of such an organization can provide additional developers (or direct funding), it might encourage them to be less fragmented, or eventually merge distros once the differences become trivial.

The sad state of Linux desktop diversity: 21 environments, just 2 designs


Common Unification Needed

In recent years, I thought about how all these different toolkits might be better off if they shared a lower-level API of common operations which [mostly] all of the toolkits do under the hood. This would allow better interoperability between applications written to use different UI libraries. So a Qt based app would work transparently in a Gtk based desktop, or vice-versa. They would all so copy/paste the same way, do drag-and-drop the same way, content handling/launching the save way. Then developers could deal with their UI style and top level interface and share the effort of maintaining the common API code. At first, such an effort would just standardize the common API/features, keeping each toolkit's underlying implementation and slowing transitioning parts to shared code.

The benefits of doing this (assuming it was possible):

- Better cross-compatibility between software using differing toolkits.

- Less code duplication (of function) across toolkits.

- Easier to create new toolkits without having to reinvent everything (or fork/depending on another toolkit). Thus, more chance of innovation,

Of course, this seems unlikely to ever happen. Maybe if a couple well-used projects were willing to convert, others might follow, but still a big IF.

Apple to bin apps that go three years without updates


Imagine you have a simple and 100% finished app that does what is needed perfectly, is used by hundreds of thousands of people and doesn't need any changes.. then Apple removes your app because it "hasn't had updates". This is a sign of the stupidity in the world of software where everyone assumes something is outdated/useless if it's not constantly being changed (often in the form of bloat).. or when M$ push a new version of a product with no real new features just so they can extort more money out of customers for the sake of keeping current (before they end support for the previous version).

Microsoft: Many workers are stuck on old computers and should probably upgrade


M$ to English Translation

In other words, Microsoft, a company with so much surplus money it can buy up other companies for literally billions of dollars, wants everyone else spend their limited funds on new, overly expensive hardware (due to part shortages), so that it can run their newest [unnecessary] OS, instead of switching to more streamlined alternatives, such as Linux.

Only 'natural persons' can be recognized as patent inventors, not AI systems, US judge rules


Property Rights

Can an AI [currently] own property? No. And something which can't own property obviously can't patent something, as it gives IP ownership to the patent holder. Now maybe one day, when AIs become sentient, that may change. But for now, they don't have the cognitive requirements.

Software piracy pushes companies to be more competitive, study claims


Natural Selection

It's just simple evolutionary principles in effect. Adapt to your [changing] environment or die. For software companies, innovating is a way to adapt, rather than just trying to keep a stranglehold on their existing IP and be lazy.

GitHub's Copilot may steer you into dangerous waters about 40% of the time – study


What did they think would happen?

When M$ tried running a learning AI against social media awhile back, didn't it start mimicking all the bigotry and hate it "learned"? Why would they think this would be any better, that it would somehow, magically, only learn from the good training data?

What happens when the maintainer of a JS library downloaded 26m times a week goes to prison for killing someone with a motorbike? Core-js just found out


Bus factor

I guess this is a whole new twist on the "bus factor" (https://en.wikipedia.org/wiki/Bus_factor) when a key part of a project is only one developer deep. Only now it also applies if you're the one doing the hitting and not just the victim.

Microsoft: Reckon our code is crap? Prove it and $30k could be yours


Drop in the bucket

Only $30k? Microsoft probably spends more than that on toilet paper in the executive restrooms, each month. And is certainly cheaper than paying multiple $100k on employees/services to do the same work (most of which will result in dead ends).