* Posts by Venerable and Fragrant Wind of Change

300 posts • joined 21 Oct 2019


Beware the three-finger-salute, or 'How I Got The Keys To The Kingdom'

Venerable and Fragrant Wind of Change


Hanging's too good for 'em?

Venerable and Fragrant Wind of Change

Re: Back in the day...

First Sun server I ever encountered wasn't anything to do with my work (which was on VAX), but was positioned adjacent to me under the bench on which our VT*** terminals sat.

It wasn't anything on the keyboard that struck. Just a power button that was right in my natural legroom.

How do you ascertain user acceptability if you keep killing off the users?

Venerable and Fragrant Wind of Change

Re: Shock Horror

May or may not be just me, but I got here late on account of my RSS reader got itself into a state where it just hung. I've only this morning found time to clean up the offending cache and restart so I have my feed.

Does an RSS feed overindulge in the silly season?

Fuming French monopoly watchdog is so incensed by Google's 'random' web ad rules, it's fining the US giant, er, <1% annual profit

Venerable and Fragrant Wind of Change

Re: Deceptive units.

I buy bog rolls by the sheet.

That is to say, I'll look carefully[1] at what I'm buying, and use the price-per-sheet as a criterion in deciding what to buy.

[1] The "carefully" is since I once found myself with slightly-narrower-than-standard stuff that wasn't quite adequate for my fat arse and left the hand rather exposed. Some considerations are more important than price per sheet or unverifiable ethical claims!

Venerable and Fragrant Wind of Change

Google are the Good Guys here

Google are in a constant arms-race with spammers. Being a bit 'unpredictable' is surely one of their best weapons against all kinds of abuse - from the simple "spam my results" (as kelkoo used to do to the point where I had to exclude them explicitly from all google searches) to those whose agendas include installing spyware[1], ransomware, etc.

Anything google publish to comply with this, we can be sure that those with the biggest budgets to read and use it (rapidly) to game the system will be the biggest abusers. But more to the point, if google are prevented by law from fighting spam, they'll rapidly become useless to ordinary users.

[1] Before replying "google is spyware", bear in mind that google isn't in the business of using a keylogger to collect passwords, or anything like that.

UK's Virgin Media celebrates the end of 2019 with a good, old fashioned TITSUP*

Venerable and Fragrant Wind of Change

Call that an outage?

31 hours[1]? Try 31 weeks and you're getting a bit closer to Virgin's ballpark.

I guess being in London gets it noticed and reported.

[1] As per the quote from Mitch Benn. Same argument applies if you treat Dec. 19th-23rd as the duration: never known Virgin to be half that quick.

The time PC Tools spared an aerospace techie the blushes

Venerable and Fragrant Wind of Change

Re: Not me personally...

You saw, and you didn't intervene?

What's that? Encryption's OK now? UK politicos Brexit from Whatsapp to Signal

Venerable and Fragrant Wind of Change

That doesn't answer the question. GPL companies can be bought, and a buyer can do things to make it distinctly unrewarding for a third-party to pick up development.

Signal getting bought out seems entirely plausible. A buyer hostile to its GPL heritage is less likely, but I wouldn't care to rule it out.

But yes, of course GPL is better than closed source. No argument there.

Venerable and Fragrant Wind of Change

By whom is it owned? And who might be likely to buy it (I'd guess an announcement like this adds value)?

I wouldn't see ownership per se as an issue.

Cheque out my mad metal frisbee skillz... oops. Lights out!

Venerable and Fragrant Wind of Change

Re: Cheques still relevant... at leastt for someone

Looks like I'll have to pay that by cheque until I can switch: indeed, I've just sought out an ancient cheque book (wasn't even sure I had one). But that's because of EDF's dysfunctional system.

Venerable and Fragrant Wind of Change

Re: Cheques still relevant... at leastt for someone

One million of that for Boris's party machine and he'd get the red carpet in the world's money-laundering capital.

British bloke accused of extorting victims for 'Dark Overlord' hacker crew finally gets his free trip* to America

Venerable and Fragrant Wind of Change

Re: The Dark Overlord Face

The UK has so many loopholes and ambiguities he'd be sure to be acquitted if he greased the right palms. And the right palms probably wouldn't even have to extend beyond his own lawyer, just so long as he found one capable of fixing things.

You leak our secrets? We'll leak your book sales, speech fees – into our coffers: Uncle Sam wins royalties fight against Edward Snowden

Venerable and Fragrant Wind of Change

As in Самизда́т?

Or in this day and age, free online publication. Perhaps with a suggested donation to his choice of charity.

Post Office faces potential criminal probe over Fujitsu IT system's accounting failures

Venerable and Fragrant Wind of Change

OK, own up

How many commentards have Fujitsu on your CVs, and what are you doing about it?

(OK, not really any more shameful than EDS, Accenture, Crapita or others, but more topical right now).

Huawei's P40 and P40 Pro handsets will not ship with Google Mobile Services, Richard Yu confirms

Venerable and Fragrant Wind of Change

Re: Maybe not such a bad thing

The positive scenario here is that that changes, and a third major platform emerges.

If Huawei is custodian and is successful, that puts it on a par with google and apple. Though I suspect they'd have an uphill struggle to get there.

Perhaps a really positive scenario would be for Huawei to sponsor an alternative, but to stand back from governance and make it a community effort. Perhaps also based in a jurisdiction less problematic than China or the US.

Amazon slams media for not saying nice things about AWS, denies it strip-mines open-source code for huge profits

Venerable and Fragrant Wind of Change

Re: El-astic

Is that a Mexican band?

I'll get me coat (and hat).

Venerable and Fragrant Wind of Change

A festival of pointlessness

Journo writes largely-pointless attack on Amazon. OK, not entirely pointless, it's journo's job to produce columns.

Amazon person writes similarly-pointless rebuff. See above.

Reg hack writes even more pointless attack on Amazon rebuff spot the pattern?

Commentard vanishes up his own pointlessness continued on page 94.

Hate speech row: Fine or jail anyone who calls people boffins, geeks or eggheads, psychology nerd demands

Venerable and Fragrant Wind of Change

Re: these terms are "divisive and humiliating,"

If you listen to the way "Patriarchy" is routinely used from the position of power and privilege of the BBC, it's attacking men in general. Including the majority of us who are not, nor ever have been, part of any ruling class.

It's a privileged media elite oppressing a downtrodden class on the grounds of a biological characteristic. Just like the classic N-word in a society (if any still exist) where white supremacism is a respectable attitude.

Venerable and Fragrant Wind of Change

Re: Utter boffin

Perhaps a bit too subtle? Those downvotes presumably didn't see what you did. I wonder how bespectacled they were?

Venerable and Fragrant Wind of Change
Thumb Up

Boffin at large

I've always pushed back against meaningless job titles. When pressed, my preferred reply has long been "dogsbody".

Venerable and Fragrant Wind of Change

Re: Context

Does the right you assert complement the misspelling of compliment? That atrocity features more than once in this page, including the post up to which you followed.

Venerable and Fragrant Wind of Change

Re: these terms are "divisive and humiliating,"


I think she's missed the point completely. Hate speech happens when you use a derogatory term to put down an 'other' group. Words like 'Remoaner' should need no explanation. Or 'Patriarchy' from the supremacist wing of the Feminist agenda.

On the other hand, perhaps there's another point in there re: the weaponisation of Offence. I was rather bemused by the plebgate nonsense, having described myself as a pleb for as long as I can remember. After all, it's factually indisputable.

Of course context matters. Any of these words should be just fine used in a context (such as academic discussion) where it's clear there is no prejudice or hatred, no divisive "us vs them".

Cool 'joke', bro, you could have killed someone: Epilepsy Foundation sics cops on sick flashing-light Twitter trolls

Venerable and Fragrant Wind of Change

Wrong target entirely

If you have a serious condition - like epilepsy that might be triggered by a blinking screen - you take measures to protect yourself. What happened to your accessibility settings? After 25 years of animated gifs, any platform/browser that doesn't give you the option to prevent crap that moves should be considered defective and ditched.

Doesn't excuse the alleged behaviour, but surely an organisation working for epileptics should focus more on educating them to protect themselves, and on persuading browser developers to make it easy for them.

FUSE for macOS: Why a popular open source library became closed source and commercially licensed

Venerable and Fragrant Wind of Change

Re: @AC - I understand where the dev is coming from but ....

Two answers to that.

One, it's nowhere near your claim of GPL code being derivative of BSD code and causing problems for the latter. Unless you're going to claim something about MySQL's heritage?

Two, the issue I mentioned was one of ASF policy never to distribute code whose licence is in any way more restrictive than Apache's own. So we arrived at a point where Apache could bundle a generic SQL interface with drivers for open source (eg PostgreSQL), closed source (e.g. Oracle) and for third-party standards (e.g. ODBC), but a MySQL driver could only be distributed by a third-party. The effect of the FOSS exception was to permit the MySQL driver to be distributed under the Apache Licence, and thus by Apache itself, so lowering the barriers to adoption.

See here for the Debian angle on it (a few months later, the ASF accepted it under the FOSS exception too). And further down the thread, a more serious problem (also here - it didn't go away from non-Debian user-land just because Debian dealt with it) having nothing to do with licencing.

Venerable and Fragrant Wind of Change

Re: Licence

It worked so well for MySQL they got bought out for (from memory) two billion dollars. I'd be well-pleased if my startup had been half as successful.

Venerable and Fragrant Wind of Change

Re: @AC - I understand where the dev is coming from but ....

Some serious nonsense there.

Citations needed on subjects like adverse effects on BSD code.

Oh, and I think I can claim some authority on the subject. It was my work, and discussions over licensing it with folks at Apache, Debian and MySQL, that led to MySQL's FLOSS exception to the GPL (back when MySQL was still an independent company), which in turn eventually led to the Universal FOSS Exception (though I only just now found out about the latter).

Venerable and Fragrant Wind of Change

Re: Licence

Someone already mentioned MySQL, which is one of the most famous projects to take advantage of GPL copyleft. If you want to distribute it, either you contribute back your changes (participate in the open source community) or you buy a commercial licence.

And GPL has a track record that includes being enforced in courts. I'm not sure that applies to any of the attempts to write a licence that says "free for non-commercial use". Such clauses can beg questions like defining non-commercial use, and are sometimes associated with unrealistic expectations.

Wham, bam, thank you scram button: Now we have to go all MacGyver on the server room

Venerable and Fragrant Wind of Change

Isn't molly-guard the usual term for such protection, when this story appears in this column?

The trains have had "in emergency break glass" hammers for as long as I can remember, but they're well-protected against accidental access.

I think my personal nearest to this anecdote is leaning on the wall in an overcrowded conference room.

Venerable and Fragrant Wind of Change
Thumb Up

Re: Coathangers are handy.

Long and short of it, we had a $TELCO tech out 45 minutes after I hung up the phone.

Good for you.

Brits can only dream of that kind of response from Openreach. Let alone from Virgin's Kafka-inspired castle.

Cops storm Nginx's Moscow offices after a Russian biz claims it owns world's most widely used web server, not F5

Venerable and Fragrant Wind of Change

Yes, nginx was always free software. The company nginx was set up to support it on a similar business model to Redhat with Linux, or Covalent with Apache.

Indeed, you can see other commonality. Just as certain Silicon Valley bigcos have packaged and supported Apache, so Taobao has its own nginx-derivative tengine. Fully API-compatible but with some extra goodies the Taobao folks wanted. I expect there's two-way traffic between the two, though until nginx backports tengine's support for loadable modules, the latter has the edge as a developer platform.

Venerable and Fragrant Wind of Change

Re: Prior Art

I didn't say interchangeable, just that they have common roots. Though they are indeed sufficiently similar that pretty-much anything from Apache 1.3 just needs "changing the plug" to port to nginx.

In fact nginx is probably closer to Apache 1.3 than either of them is to Apache 2.x, but that's because of the different directions the servers have taken, with Apache 2 having added things like its more sophisticated filtering, database connection pooling, etc.

Yes, some of it is entirely different: nginx was way ahead of apache in adopting an event-driven core processing model (which may well have been Syseov's #1 motivation for a new server). But if you want to make an IP claim, you'd have to figure out what's new vs what's adopted from elsewhere. I was wondering whether Rambler has undertaken that not-inconsiderable task.

Venerable and Fragrant Wind of Change

Prior Art

There's a family tree of mainstream open-source webservers. There's a common grandparent (NCSA) and parent (Apache 1.x) to three modern children. Apache 2 (obviously), but also both lightppd and nginx have deep roots in earlier NCSA/Apache. They took common roots in different directions: Apache 2 focussed more on making itself a versatile applications platform, while lightppd and more successfully nginx concentrated on a high-performance core on the premise that applications would be separated out - for example in PHP.

Even today after so many years of divergence, common roots become abundantly clear from the respective APIs if you write modules for these servers.

I wouldn't want to belittle Syseov's own work and the value he added, but in the best traditions of open source (among other things) he was standing on the shoulders of giants. I wonder if Rambler has done (or even attempted) the groundwork to identify IP that can be attributed to Syseov rather than prior art?

The underlying issue - an employer's claim over an employee's work - is one that's been widely known and guarded against in Open Source since the 1990s. For example, the ASF requires legal consent on file from both contributors and their employers before contributors can be granted commit privileges.

Why is the printer spouting nonsense... and who on earth tried to wire this plug?

Venerable and Fragrant Wind of Change

Re: The user replied: "The same electrician who changed that plug rewired my house last week!"

I've a creeping suspicion that's who wired my house.

Turning the radio on or off in the office room causes my desktop 'puter to wake from suspend! And it's not even plugged into the same power outlet! That is, if a wired keyboard is plugged in.

Iran says it staved off cyber attack but doesn't blame US

Venerable and Fragrant Wind of Change

Grownups in the room?

If they had said [foo] did it, commentards would naturally question how they know and whether there was an Agenda underlying the pointing finger.

Can we infer any such thing from the absence of specific accusations?

Bad news: KeyWe Smart Lock is easily bypassed and can't be fixed

Venerable and Fragrant Wind of Change


For what it's worth ...

When I moved house in August, I was interested in installing a keyless lock. Not one I could operate from an app (I'm not that dumb), but one where I could key in a combination to open it from the outside. Keyless was because keys in the pockets are annoying, and it would be great to be able to dispense with them (and with phones too) when going out "light". I've lived with a combi lock on the door to the communal hall of an apartment building in the past, and that was good - though sadly my own front door still had a regular key.

But my bottom line was that the lock had to be British Standards compliant, and have the kitemark recognised by insurers. Turns out there's none available. So any combi lock could only have been secondary, which rather defeats the purpose.

When is an electrical engineer not an engineer? When Arizona's state regulators decide to play word games

Venerable and Fragrant Wind of Change

Re: Rename the terms?

He got stung over things he's been doing for years. At the time of the offence (erm, sorry, felony) he presumably had no idea it would be an issue.

Venerable and Fragrant Wind of Change

Re: AKA Libertarians

Once upon a time, I was on the academic staff in a University CompSci department.

Most of the staff were of a generation where we were educated in other subjects, at a time when compsci itself was far from mainstream. Technically speaking we were not qualified in our own subject, and could not tick those important boxes our students (just a decade younger) automatically could when they graduated.

Behuld – zee-a internet ouff tuilet tissuoe at Meecrusufft Sveden. Bork bork bork!

Venerable and Fragrant Wind of Change

Demarcation, Comrades!

Hey, isn't the bog supposed to be Dabbs's territory? Is this story a land-grab in Reg internal politics, or shouldn't Dabbsy have marked that lamppost so emphatically in the first place?

In tribute to Galaxy Note 7, BBC iPlayer support goes up in flames for some Samsung TVs

Venerable and Fragrant Wind of Change

Monopoly Abuse

I've said it before (e.g. here) and I'll say it again. This is the BBC's fault. They should be supplying contents, and leaving it to the market (and healthy competition) to develop and support viewers.

The iplayer is a blatant abuse of monopoly powers and the BBC's privileged funding model. How do they get away with it?

Two can play that game: China orders ban on US computers and software

Venerable and Fragrant Wind of Change

How many wrongs?

My parents used to teach me that two wrongs don't make a right. The fact that Trump's a total arse doesn't make it right for China to do similar.

Though it does make it at least somewhat understandable, and a lesser-of-evils argument could perhaps be made.

As for software, China has lots nowadays. Seriously. Home-grown, global open-source, and indeed home-grown open source. In the latter, we've seen a massive catchup in recent years, as the floodgates have opened on Chinese-origin open source projects going global. Assuming they don't go so mad as to deny themselves established, stable platforms like Linux and BSD - with a native Chinese layer on top 'cos ASCII does a poor job with their language[1].

And I expect all the US "usual suspects" can set up shop in China, too, to protect their market positions.

[1] I hope that comment doesn't apply to Unicode, and it would be nice to think that modern *X does i18n properly. Maybe the native layer for most things could in principle be as thin as a Chinese-language packaging and installer? But in real life we know much deeper layers proliferate.

Elon Musk gets thumbs up from jury for use of 'pedo guy' in cave diver defamation lawsuit

Venerable and Fragrant Wind of Change

Re: Surprised

I really didn't think he'd get away with that.

Whyever not?

Under any sane legal system, it would never have come to trial. Libel should be reserved for cases where there's not merely something potentially-defamatory said, but an expectation that third-parties might take the remark seriously causing them to believe ill of the subject. Did anyone here take some dumb tweet in earnest and believe [sorry, I've forgotten his name] was a pedophile?

Noone's name has been defamed. We get to point and laugh at Musk and at the absurd legal processes, but they demonstrably deserve it. As for the guy who fed the lawyers so richly - well, he's demonstrated a level of idiocy comparable to those who handed their money to this guy.

WebAssembly gets nod from W3C and, most likely, an embrace from cryptojackers online

Venerable and Fragrant Wind of Change
Thumb Up

I was getting deja-vu at the browser sandbox. Yeah, looks like Java has come around again.

But then, back in the Java era, I was getting deja-vu from the promises of ADA, as reflected in Java's oft-touted aspirations. These things are cyclical.

Asteroid Bennu is flinging particles of dust and rock from its surface – and scientists can't work out why

Venerable and Fragrant Wind of Change

Re: Er ...

Shirley that's not Magrathea, it's the cheap knock-off!

My house emits space dust, too. It's hard work for the vacuum cleaner.

VCs find exciting new way to blow $1m: Wire it directly to hackers after getting spoofed

Venerable and Fragrant Wind of Change

Re: Considering it's $1m...

I expect they did, but that "we'll confirm that by email" figured regularly in 'phone conversations. Language barriers may have played a role, too.

Note - the report is silent on whether there was a MITM on the phone. If they were filtering email it would've presented opportunities to tamper with phone numbers and other contact details.

To think that PGP has only been with us since 1991!

123-Reg is at it again: Registrar charges chap for domains he didn’t order – and didn't want

Venerable and Fragrant Wind of Change

Re: a complete dog's breakfast

Does this comment assume all dogs should be poverty-stricken?

Very suspicious that the "innocent" mistakes always seem to end-up to the benefit of the mistaken.

There's a perfectly good reason for that. The customer seeing a mistake in his own favour is much less likely to take the trouble to complain about it.

Venerable and Fragrant Wind of Change

Re: Did these people actually READ their own statement?

That's so nonsensical as to smell of careless editorial snips somewhere between source and reader.

At least, that was my reaction as I read it.

Atlassian scrambles to fix zero-day security hole accidentally disclosed on Twitter

Venerable and Fragrant Wind of Change

Grab the private key?

For the benefit of readers who don't twitt ...

Who exactly can grab this private key, and how? Surely a private key that can be accessed by an unauthorised person is a big no-no, but orthogonal to an idiosyncratic DNS usage?

DNS is designed for performance over security, which is a major reason we don't rely on it for secure transactions and have SSL certs. When you describe a DNS entry as a vulnerability, it looks as if you're suggesting a misplaced reliance on something that's inherently insecure. Or in other words, propping up the edifice by painting over the cracks.

Former Oracle product manager says he was forced out for refusing to deceive customers. Now he's suing the biz

Venerable and Fragrant Wind of Change

Re: Selling vaporware ?

Marketroids promising the undeliverable is of course widespread throughout the industry. Doesn't make it right or honest.

It's one of the things that drives a vast wedge between techies and suits. I think it was one of the drivers for the rise of open source, as developers sought out a community where they could do decent and honest work and get respect for it.

Silicon Valley Scrooges sidestep debt to society through tax avoidance to the tune of $100bn

Venerable and Fragrant Wind of Change

Re: Ok but how much tax is fair?

Starbucks may be a particular case: for many years they were contrasted with UK-owned Costa paying their full whack of corporation tax here.

It may be instructive that Costa was recently sold to a US megacorp (Coca Cola). So in principle at least, they can now play all the same tricks as Starbucks. I don't know what happens in practice, but this is a particular case-in-point where being British-owned appears to have put Costa at a tax disadvantage compared to a major rival.

Venerable and Fragrant Wind of Change

Re: Ok but how much tax is fair?

Higher taxes on dividends would be one way.

Do we have any figures on how many shareholders pay tax on our dividends? I don't (I make extensive use of tax avoidance measures including a Pension, an ISA, and VCT and EIS breaks). Neither do the many foreign shareholders who are not UK taxpayers.

Corporation tax as it stands now is not fit for purpose. How to fix it (short of abolition) is above my pay grade.



Biting the hand that feeds IT © 1998–2021