Re: Why do you keep tip-toeing around the bush ?
If it can't be imported, it can't be used.
Except if it is already in use in much of the infrastructure, and someone wants it removed.
Posts by dafe
81 publicly visible posts • joined 25 Jan 2022
UK starts to ponder how Huawei ban would work
GNOME Project retires OpenGL rendering library Clutter
Sunday 20th February 2022 07:51 GMT
GLX is horrible. You need two drivers, one in the kernel and one in X, to get hardware acceleration, with doesn't work when the client is not on the same machine as the server.
But it is what everyone is using. (Almost everyone. In the embedded space they use hardware acceleration in the kernel framebuffer.)
XGL was a much better solution.
Things would be much simpler if the X server itself was written in OpenGL.
DirectFB3D used to be a thing as well. But the attempt to build X directly on the framebuffer has mutated into just a fallback driver.
Sunday 20th February 2022 07:35 GMT
Python2 is the fault of RedHat. Python 3000 was a rewrite that is much faster and much more efficient that was supposed to replace Python2 over ten years ago. But too much tooling was written and never ported, so there was pressure to keep Python2 around even after it had been discontinued, dropped, abandoned, support cut, and officially retired. And so there was no pressure for other projects to port either.
GTK2 is different. Originally written for the GIMP, GTK was adopted by GNOME as a free alternative to Qt, and extended. RedHat soon replaced it with GTK-MM and GTK3, pulling in more GNOME-specific (and circular) dependencies. Many projects chose GTK2 over GTK3 because it is faster, more lightweight, and doesn't pull in as much cruft. RedHat have since gutted GTK3 of features GNOME doesn't use, even though other projects do, forcing those projects to port to GTK2, Qt, or GNOME. (And GNOME is actively preventing ports to BSD or any other system that isn't Linux or Windows.)
Linux Snap package tool fixes make-me-root bugs
Sunday 20th February 2022 07:09 GMT
Re: Snap is a bad idea
Virtual machines are not what you think they are.
A sandbox is not (or not necessarily) a VM. A sandbox is a process that is forced to drop capabilities before it starts.
A process is already isolated: It is restricted by user privileges, and it has access to only its own virtual memory. (And so do all the libraries and plug-ins it loads.). It communicates through signals, files, sockets, and sometimes explicitly shared memory.
A sandbox restricts it further by preventing it from opening new files. Or only files contained in one directory subtree.
A virtual machine is a processor, an interpreter, that is not made of silicon wires, but exists only as software. An emulator that emulates a machine that exists only in emulation. Hence: virtual.
A container is run and managed by a shell process that sandboxes it, but it still uses the same machine code interpreted by the same non-virtual machine under the same scheduling by the same operating system. No VM involved.
Tax inspectors raid Huawei offices
Saturday 19th February 2022 19:33 GMT
So far, Huawei is only being investigated for tax fraud. That doesn't mean they actually committed tax fraud. India has a huge problem with tax dodgers in general, most of whom are Indian, so they may as well investigate the Chinese as well, why not.
Excluding Huawei from the 5G rollout does seem discriminatory to me.
Your idea of reciprocal business practices seems like a recipe for war. It seems fair and everything, but only if you ignore that not all macro-economies are equal. The West already doesn't allow investment in China, which is quite alright with China. Now imagine Jack Ma being forced to buy Amazon because if reciprocity.
Red Hat signals Intel's software-defined silicon will debut in Linux 5.18
Russian 'Minecraft bomb plot' teen jailed for five years
Monday 14th February 2022 15:39 GMT
Re: Checks calendar, nope, not 1st April
First off, Russia today is not the Soviet Union, which hasn't existed for 30 years.
Second of all, Minecraft is not illegal in Russia. Blowing up government buildings without a licence is. And intent matters in legal matters.
Third: Do those anti-Soviet games come with instructions for how to build pipe bombs? If so, awesome. And a bit scary.
This malware gang plants incriminating evidence on PCs, gets victims arrested
Geomagnetic storm takes out 40 of 49 brand new Starlink satellites
To err is human. To really tmux things up requires an engineer
Suspected Chinese spies break into cloud accounts of News Corp journalists
12-year-old revives Unity desktop, develops software repo client, builds gaming environment for Ubuntu...
Remote code execution vulnerability in Samba due to macOS interop module
Execs keep flinging money at us instead of understanding security, moan infosec pros
Google's DeepMind says its AI coding bot is 'competitive' with humans
Thursday 3rd February 2022 16:10 GMT
I'm thinking it is solving the wrong problem
It can generate Python code from English, and that is nothing short of impressive. It is trained by test cases, which is how software development is ideally but rarely done.
What it does not do is devise a domain specific language to describe the problem in. Nor does it look for the most elegant existing tools to solve a problem. Instead, it makes the same mistake most novice programmers make: It creates a monolithic block of code that does everything in one process in the one language it knows. Not reusable, not maintainable, not provable, and not necessarily correct.
And that seems to be by design. AlphaCode is artificially hacking together one file by increments. It is incapable of solving the more general case, then applying the solution to the specific case. Any tool it writes can't be reused or repurposed.
Trio of Rust Core Team members take their leave
Wednesday 2nd February 2022 16:41 GMT
Re: Fashions
Edsgar Dijkstra of 'Goto Considered Harmful" fame (and more importantly less famous for Dijkstra complexity, the Dijkstra algorithm, and his proof that recursions can be compiled into loops) said that it is almost impossible to teach someone how to write good code who had previously been exposed to BASIC.
Maybe that's why?
Internet Society condemns UK's Online Safety Bill for demonising encryption using 'think of the children' tactic
Friday 28th January 2022 16:56 GMT
Re: Think of the poor NSA/GCHQ
You are confused about AI and BMI.
I wouldn't mind being able to connect to the internet with my mind. I would mind if that connection wasn't encrypted.
AI is just a different way of programming. Instead of writing a function that maps the input to the output, use a function that finds a heuristic from example input-output pairs.
BMIs may require AIs to work, but they are not the same thing or in the same category.
And neither endanger human rights, they may even help protect them. People might use technology for nefarious purposes, like drunk driving, but they would get drunk even without technology.
Apple Mac sales break records amid ex-86-odus to Arm-compatible M1 silicon
Imagination GPU cleared for RISC-V CPU compatibility, licensed to chip designers
Thursday 27th January 2022 22:19 GMT
Re: I'm curious
Those doing the R&D are being paid by the companies they work for.
It's the companies that need to recoup the costs, and in companies, the cost of R&D is part of the product costs.
It used to be that when you bought an electric device, you also got the schematics for it. This is no longer the case, but obviously opening the source to paying customers was not a problem back then either.
Quite a bit of the R in R&D is done at universities, or subsidised by governments in other ways. Arguably that should be available to the public anyway.
A very valuable part of doing R&D is building the expertise associated with the resulting product. If you encounter a problem, or want to build on a product, who better to ask than those who developed it? And that consulting is also time that is paid for by B2B customers. Sharing the schematics only makes that easier.
Alert: Let's Encrypt to revoke about 2 million HTTPS certificates in two days
Thursday 27th January 2022 21:44 GMT
Let's cert pin
I didn't know that OIDs are used for anything other than SNMP.
Why isn't certificate pinning the default? Why can't I use my old self-signed certificate to sign my new self-signed certificate? There is no technical reason, it is just not part of X.500. Is it because CAs are an important backdoor that certificate pinning would close?
Or is trust on first use (which most people do all the time with SSH) perceived as the bigger threat? That doesn't explain why Apple's app store doesn't allow it for user apps though.
Toaster-friendly alternative web protocol Gemini attracts criticism for becoming exclusive clique
Thursday 27th January 2022 21:04 GMT
Re: simple websites
What I like about Gemini as a protocol is that the headers do not contain more data than the actual content.
The header overhead is the problem that SPDY, now HTTP/2, was supposed to solve by compressing the headers into binary representations (not completely unlike MQTT aliases) and reusing those between multiplexed channels, thus introducing several new classes of potential bugs while reducing debuggability.
HTML in all its gory is still usable with Gemini. The proposed replacement hypertext markup is simple, but also inflexible. I'd rather use CommonMark instead. I very much like the idea that presentation is up to the user. In case the author wants control over fonts and colours, then DVI and PDF are better formats anyway – unlike HTML, they distinguish between the spacing between words and sentences.
Biting the hand that feeds IT
