Posts by Max Pyat

Re: Long tail

Having just retired a 20 yr old Audi A6 with 200k miles, I think "at least 20yrs" is an optimistic lifespan.

A lot of cars encounter corrosion before/around then that is uneconomic to repair. Plastics get brittle over time due to VOC loss and UV and temperature and chemical exposure. Things that used to clip on/off just break off, seals stop sealing, etc

Electricals also can start to present issues. That's what finally killed my Audi, and a slightly younger SEAT I had in family a few years before. Plus some corrosion.

It's sort of like human lifespan. As the car gets older, in principle theres no reason for it not to just continue running year to year. But the older it gets the more likely any given problem or mishap is to be terminal, plus these issues tend to accumulate

Re: In other news

https://www.theguardian.com/business/article/2024/may/02/second-boeing-whistleblower-dies

Re: "A committee of UK legislators"

Exactly, and you might have bought the books with some of the money you made renting the child out to a chimney sweep

You've failed to understand the story

Please read it again more slowly

Re: “… reveals fragility of open source”

Moral hazard is a good term.

Part of the moral-hazard, in my view, is the use of open source by large commercial undertakings without adequate contribution back to the developers and community.

The commercial use of the tools vastly increases the motivation of malign actors to compromise the software, and therefore the appropriate defensive resources that should be applied. If the commercial users don't contribute to the securing of the tools, still via open-source development, they are in fact doing worse than free-riding, since they attract attacks to the entire community without the entire community getting appropriate additional benefit.

Re: wants to build artificial general intelligence with 350K Nvidia H100 GPUs

A great analogy

Re: Personally, I don't pay for ads.

I agree, but it's not such an uncommon model or novel model.

You pay lots of money for a cinema ticket, but then get a whole bunch of advertisements (including recruitment ads for army, navy and RAF last time I was there)

Same with newspapers and magazine. This only jumped out to me after I was complaining that the v expensive FT online offering still has embedded advertisements. Print has always been so!

You're missing the point

Re: Poor targeting

Or if those hires, had they not been hired, would have gone on to be serial killers or new "hitlers". Can the world survive another 6000 serial killers / hitlers every year?

(Aren't post hoc rationalisations great)

Re: Indeed

Someone just "discovered" reversion to the mean (and needs to look up what a "controlled experiment " actually is)

Re: For many of us, hybrids make more sense than BEVs

There's not much point in you posting when you clearly know about as much about the topic as Alex Jones.

A bit less emotion please and a bit more paying heed to engineering and physics.

Re: Nobody is legally responsible, oops

This is tripe,

You're just handwaving your way through a series of "arguments" until you seem to have validated your assumptions to your satisfaction.

Please inform yourself more widely on how liability works in other more developed industries that have dealt with more complex issues before returning to the topic.

Re: Nearly 600% reduction in staff and...

Not how percentages work...

Re: Licence

This was my first thought

Although I'm still unconvinced that Red Hat's actions don't violate the GPL.

Reads that way to me!

Re: GPL violation

Per the GPL, RedHat doesn't get to distribute the binaries in the first place unless source is provided to the recipient, and access to that source cannot encumber the recipient from onward distribution of that source (so long as that onward distribution is also GPL compliant).

If they aren't honouring the GPL, then they cannot ship the software. It's not about the recipient giving up rights, it's about the licensing restrictions imposed via the GPL by the authors/copyright holders

Sort of in the same vein, you find GNU/Linux (or more broadly free-unix) in more and more places.

Like I discovered that my kobo ebook readers are actually running Linux under the hood. A quick addition of koreader and now I can even ssh into my ebook reader.

Android is the same.

Home routers too (I installed openwrt on my most recent one, but the stock firmware was in any case a customised version of one of the linux-router projects)

Apple systems are based on BSD, etc.,

And lots of this stuff is just in there doing a job, and not being noticed.

Troll

Re: Trust the government / security services / police?

I'm presuming then that in your schema, everyone involved in the fighting of WW2 was/is a criminal?: Given that armed forces on all sides prosecuted attacks that killed civilians both directly and indirectly.

By your calculus, it would always be illegitimate for example to try and stop the Holocaust and death-camps if doing so involved attacking a single civilian (even if your enemies had no such reservations about targeting the civilian population on your side).

Your "analysis" of the Jean Charles de Menezes murder is pitiful. In particular how having spent two paragraphs on a spiel that even an entirely just cause can't "justify attacks on civilians", you then take a rather specious cause "fear of further bomb attacks" (fear!) and use it to justify the murder of a civilian by incompetent and negligent security officers (and the failure of that system to hold itself to account).

And no, security forces don't get to just say "we're human, we make mistakes". Anyone making that argument needs to be sacked (no hyperbole, they are not fit for the job). In a HV substation, if a technician throws a switch and kills a colleague, he can't say "I'm human, I made a mistake". Nor can his management. There has to be a full analysis of the entire system of controls that failed and allowed that to happen.

Only non-technicals/"civvies" will say stuff like "these things happen"/"he's only human"/etc.,etc.,

Re: Hmmm...

I'm sure they weren't just ordered to change jobs (of course that wouldn't work on its own, but Musk isn't that stupid)

They were probably also told to change their email sig, their profile updated in the corporate directory, and maybe given a new T-shirt with the job title on it.

Re: Bit ridiculous

That's fine, of course.

But you don't necessarily get to tell other people how they are supposed to feel or react. If they object, then that's fine and I don't see why not to respect that.

Re: Sounds like M$'s Github Copilot all over again then?

In principle various open source licenses would cover this, e.g. that AI generated code based on GPL must also be GPL, and if you'd published under GPL it would be a "good thing" for GPL code to spread in that way...

However as Ken Hagan points out, wealthy entities will ignore that as much as they can, and will be almost impossible to hold to account. Layers of AI tech will further obfuscate what's actually happening.

Re: gotta be the crypto mining

I think their point was that Ireland was at least probably a better place for crypto mining than the UK.

Re: Cliffnotes

His is literally what every sucessful modern economy has done. US being an object lesson having wholesale stolen IP from UK and elsewhere during industrial revolution

The western economies built up in 20th century were often facilitated in this (Korea, Japan, Germany) by US as part of effort to form a bulwark against Communism, rather than having to "steal", but dynamic the same

Re: Idiocy

Revolute is one,

Im reasonably happy with them overall

Re: Legal opinion

Of course you can get the legal opinion, however that does not remove liability should a court look at the question later and form a different legal opinion

Re: Bully boy tactics

setting a default browser is a "standard practice" too.

However, once you reach a certain scale, there are competition law restrictions on what you can and can't do. This certainly has a market-abuse smell about it.

Re: At last some common sense -- but will politicians listen?

Except they aren't going it alone. They're working hard on building up links in Africa and elsewhere.

Meanwhile, outside countries just see the US imposing sanctions and punishing countries for essentially "getting above their station". From a third country point of view, US/UK looks a lot more threatening (and in fairness, a lot more unstable and unreliable: Iran Nuclear Deal anyone?) than China.

Re: How do they do it?

Did you read the document you linked?

It is almost impossible to apply and leaves you open to challenge due to subjectivities.

I've worked in large scale procurement and it's incredibly hard to use bad past performance to exclude vendors. In particular, the assessment is always, IME, based only on what you receive as part of the process so you've to be super careful and clever if youre going to exclude on past failures.

Three pragmatic approaches I've used:

1) BEFORE you tender: bring the supplier in for repeated bollockings on basis of their current poor performance. Make it incredibly uncomfortable to be your supplier. Verbally, and as clearly as you dare, leave them in no doubt that if you seem pissed off now it's nothing to what you'll be like if they wander back in to sell you more. Make the individual agents of company believe that you'll hold it against them personally in future; even if they turn up representing a different company in the future.

2) Again, BEFORE you tender, get the supplier black listed because of their performance or because an investigation is ongoing. Hard, and might not stick when you actually launch tender, but good if it works.

3) Most by the book, but hard: Set up the assessment criteria to heavily weight what the bad supplier is bad at. Hope that they don't manage to spoof their way through it

Fundamentally, it's hard to punish your current suppliers for their failures in next tender. But it's almost impossible to punish them for failures serving other customers (e.g. for DfE to punish Capita because they made a balls of MoD contracts). Some of it is regs, but it's also the asymmetry. They know directly the scenario, you (e.g. in DfE) have indirect hearsay, and beyond that end up relying on the submissions of your vendors (read the linked doc!)

When I've intimidated/deterred a supplier to f*** off, it's only ever temporary. When/if they turn up again in 4 years they will explain that they've been on a big quality/improvement drive and are now so much better. And you have to give them a fair shot

I think the risk assessment comment is almost the key one.

The scenario painted is of companies that find handy open source projects, and then build critical infrastructure on top of that: paying nothing and assuming the project will be there forever and will deliver the bugfixes and features the companies need.

This might well be the case, but if so the fault is entirely with the companies using the software: they need to assess and manage the risks. If you're buying from a commercial vendor, you put clauses into your contracts. If you're looking at an open source project, there are ways to do that too.

On the positive side: the article highlights just how little money it would take to bank-roll some of these projects.

Re: "Only problem was keeping all my devices in synch"

Yes, lots of options.

I have a git repository on my local network, and keep the encrypted keepass file in that.

Then when I'm at home with phone, I can run a one liner in termux to synchronise the phone's git repository with the local server. Ditto for laptop and desktop.

The restriction is that you really should only edit on one device, as there's no way (obviously) to merge changes made in parallel via the version control system given it's a binary file. But on flip side, I don't move file to uncontrolled cloud services.

Re: Should not have Netherlands VAT ...

Not quite, and in fairness, Seagate make it all rather clear:

"In addition, while it is correct that the customer is responsible despite the warranty, the customer will be entitled for a VAT relief. If they declare the replacement as outward processing relief at export. If the customer fails to do so, then yes, it is up to the customer to pay for the VAT, and this is a Brexit consequence: VAT is charged when products are crossing the border."

So all that's required is for the customer to prepare export documentation and file it appropriately with HMRC or Customs & Excise or whoever it is these days in order to secure a VAT relief that can be applied against the import of the replacement (or repaired) HDD when it comes into the UK later on. There's probably not much more than a couple of days administrative work required on this (between reading into the processes, documenting it, etc.,), plus whatever administrative checks are needed at the border to make sure that it's all legit.

And one should not forget the most important thing: these are proper UK regulations vital to taking back control. This should not be confused with awful EU red-tape that presumably was in the background of the old system where Hard Drives would shoot back and forth without any proper UK control on what was happening.