* Posts by DoContra

71 publicly visible posts • joined 2 Feb 2022

Page:

BOFH: The devil's in the contract details

DoContra

Re: Feels like oracle

So it did! From my reading of the fine documentation[1], PCI(e) Passthrough, USB passthrough for USB >=2, and disk emulation beyond IDE, SATA (which used to be locked way back then), and virtio is now part of the base FOSS package. For my particular VM use-case PXE is a rather firm requirement[2], but I will agree the FOSS Virtualbox covers what most(/ly) reasonable people would need/expect of a desktop virtualization solution.

Thanks for the heads-up!

[1]: Which contradicts Oracle's own Virtualbox microsite :)

[2]: Could mostly work-around that, but it'd involve copying ISOs around. (I use Full-fat VMs -- KVM/QEMU via libvirt with virt-manager as a front-end -- mainly for testing my PXE servers, at home and at work :))

DoContra
Angel

Re: Feels like oracle

First thing that came to mind was VMWare under the Broadcom umbrella, although to be fair Oracle's VirtualBox has had a massive red pill[1] for far, far longer than Oracle Java's[2] (and Oracle Java's red pill is COVID-adjacent).

[1]: The proprietary VirtualBox extensions (needed/beneficial for all but the most basic VM usage scenarios) under their bespoke PUEL (Personal User Evaluation License), free only for non-commercial use.

[2]: Oracle Java Red Pill (if it's the first time you've heard of this and rely on Java, go forth and install OpenJDK's JRE/JDK ASAP).

Broadcom makes VMware Workstation and Fusion free for everyone

DoContra

Re: Long Time VirtualBox User

Never really used VMWare, the biggest ticket feature when compared to VirtualBox is mature 3D virtualization[1] support on both Windows and GNU/Linux guests (AFAIK, VirtualBox only supports 3D Virtualization on Windows guests, QEMU/KVM only supports 3D virtualization on GNU/Linux guests and may not be quite stable yet).

[1]: As in "translate 3D commands from the guest into the single GPU on the host", not "give this entire GPU to the guest OS"

UK orders Chinese biz to sell majority stake in Scottish chipmaker

DoContra
Boffin

Re: FTDI, really, the USB Serial/TTL chip people

ASIC design house is not an asset to sniff at, even if fabless. Besides, FTDI chips are still the standard/default[1] choice in USB to serial/SPI/I2C/GPIO/weird in-house programmable protocol[2] you may need, and they're a valuable debug/development tool in electronics (to the point most SBCs -- a la Raspberry Pi -- include an USB to Serial chip straight on the PCB for console/log access).

In my experience, USB to serial FTDI chips (as long as they're the genuine article) had the best Windows compatibility by far (other than the Arduino thingamajigs that use alternative chips); dongles with other chips (esp. those with Prolific) depended on how many corners the dongle-maker cut (on Linux -- GNU or not -- I've never had any issues with any chip as long as the driver was available).

[1]: Despite doing some very dodgy stuff with their windows drivers (search elReg for more, and note that the fallout of these changes was felt mostly on customers who bought a product that used the counterfeit chip -- whether on purpose or because the OEM was scammed by their suppliers)

[2]: FTDI provides a closed-source SDK to wrangle control of their more feature-full chips which allows uses like implementing an USB to JTAG dongle.

Clock's ticking on PostgreSQL 12, but not everyone is ready to say goodbye

DoContra
Unhappy

Re: Upgrade barriers

It's somewhat sadder IMO. The project has a 1-command upgrade: install the new version side-by-side, run pg_upgradecluster {old version} {cluster} for each cluster in the local installation[1], bob's your uncle). However (at least on Debian/Ubuntu[2]), it won't be handled by the package manager if you used the default, ready-to-use cluster ("main") because it is automatically created on the new version and pg_upgradecluster refuses to overwrite a cluster on the newer version.

[1]: If using multiple clusters (groups of databases), you can upgrade at your leisure as long as you don't uninstall the old postgresql version

[2]: I run non-critical DBs (some downtime allowed) both using packaged from the official postgresql debian repo (at work for gitlab and other web apps that use postgresql as their backend, typically using the latest version) and the version from debian stable du jour (at home, for tt-rss). Always had that problem.

China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws

DoContra
Megaphone

Regardless of the veracity of the allegations...

...this will be used to either extortobtain some steep discounts from western providers ("nice sales you have here; would be a shame if your product were to be ZTEd into oblivion"), or to justify a pivot into 100% organic, home-grown, BPA free silicon (with popular support to understand/eat the pain/fallout of said transition). As someone in South America, can't really blame China for foraying into either of these options.

DoContra
Black Helicopters

Re: AMD, Apple, Snapdragon.........

....oh....I wonder how much Cisco kit there is in China.....

My gut feeling is very little (given how hard 5 eyes hammered Huawei/ZTE/Zyxel in the telco equipment space), but I can't discuss "private" companies buying cheap-as-chips used/refurbished western networking equipment.

Microsoft says tougher punishments needed for state-sponsored cybercriminals

DoContra
Thumb Up

Re: This includes a company-wide adoption of secure-by-design

And if you start after you've written it, you need to own up and break compatibility with programs that require/"exploit" said unsafe designs, even if backwards compatibility is your main selling point.

Ubuntu turns 20: 'Oracular Oriole' shows this old bird's still got plenty of flight

DoContra
Happy

At that time, the Reg FOSS desk was reveling in the raw speed of a 512 kbps ADSL connection through an Alcatel Speed Touch modem.

My first Broadband (for the time) connection was a blazing 256kbps downlink with a successor to that line of modems (Alcatel SpeedTouch 330) in ~2003-2004; the telco in my neighbourhood had a relatively cheap as chips plan where you could browse at night (from 20:00 onwards) and throughout the weekend, or pay a surcharge when browsing outside that time. One of the first things I did was search how to make it work on GNU/Linux, which I managed to do and felt like an absolute hacker (IIRC, the only tricky/fiddly parts were getting GNU/Linux to load the device firmware, and getting the ISP ATM parameters; luckily my ISP had pretty standard parameters so that bit was a cinch).

DoContra
Linux

Re: Apt good, rpm so-so

IIRC, apt-rpm was originally developed by Conectiva Linux (Brazilian distro which was eventually bought by Red Hat and became their Brazilian offices).

Mandrake was the first GNU/Linux distro I installed in "my" (family) PC[1], and to this day I have extremely fond memories of it. It did come with one of the first apt-get equivalents for the RPM world (urpmi, still used by Mageia AFAIK), although by the time I was getting proper proficient at CLI I was jumping into (K)ubuntu. I still miss the Big List of Software in the installer, as the last step before installation...

[1]: As a dual boot with Windows XP in ~2002-2003; I gradually started using GNU/Linux more and more, until by Windows 7 I was only booting Windows for some games, and by the time Windows 8 rolled around I was 100% GNU/Linux on my home.

DoContra
Trollface

That would be never...

...as (officially) you need to step through 22.04 (Jammy Jellyfish) first :).

Joking aside, despite the extremely convoluted and messy development cycle (64-bit time_t migration on Debian's side running late, XZ kerfuffle, some last minute issues in LTS-to-LTS upgrades pushing that milestone back a month, some iffyness on the first stable Ubuntu 24.04 ISO when netbooting), the upgrading experience has been mostly smooth (had only one server where the upgrade misbehaved, and even then it wasn't too bad to finish the upgrade before rebooting).

That said, in my experience with *buntu, the only truly hairy upgrade was from 14.04 to 16.04 (AKA the systemd one), as you really needed to reboot/power-cycle your device the moment it finished or you were looking towards a dirty shutdown. Although I will admit the upgrade process on both Ubuntu and Debian leave a trail of unsupported packages that need manual intervention to remove which, on Ubuntu at least, should be handled better.

Busybox 1.37 is tiny but capable, the way we like Linux tools to be

DoContra
Boffin

Re: Static linked BB can save your arse

However the version supplied with Debian is dynamically linked (...)

Debian does provide a busybox-static package which does exactly what it says on the tin. Although by the time a system is that far gone, I personally go straight to PXE, my Ventoy pendrive (complete with SystemRescueCD and the latest WhateverBuntu LTS), and/or (for RPis and similar), an SD reader + systemd-nspawn + qemu-user-static-whateverArchitectureTheImageUses.

OS/2 expert channeled a higher power to dispel digital doom vortex

DoContra

Re: At 38, I am too young for this thread

I meant it as "too fast" (as in somewhat soon-ish, I still have nearly two months left). I will admit I mostly heard the phrase from the FSX era of AirForceProud95 :), usually in videos where he was playing ATC, meaning either "airplane is coming too fast" or that the pilot seemed to be operating in "I'm landing now, good luck everybody else!" mode.

DoContra
Trollface

Re: At 38, I am too young for this thread

Haven't really checked it out fully, but archive.org has a not-so easily findable dump of UserFriendly strips that appears to be complete (alternatively, WaybackMachine seems to have the entire site crawled).

Also, I'm 36 (coming in hot on 37) and very much old enough to have (correctly!) noob-level fiddled with autoexec.bat on DOS (and possibly config.sys, but I don't remember that). It was on a Pentium 3 PC with Windows ME[1], "famously" incompatible with DOS programs (about as incompatible as XP). There was a way/"hack" to mostly re-enable DOS, which I had done to try and play some DOS games that wouldn't run on ME, and I would fiddle with autoexec.bat (possibly config.sys) to load/unload TSRs at boot time/fiddle with the amount of free low mem.

[1]: It's probably the least hardware-compatible Windows version ever, and among the worst for software compatibility, but

a) With supported hardware it worked just as badly as 98/98SE

b) User Experience wise, it was still better than Vista/8[2]

and I will die on both hills.

[2]: An absolute shame, as both Vista and 8 brought actual, good internal improvements that "we all" misattribute to Windows 7/10.

Fedora 41 beta arrives, neck-and-neck with Ubuntu – but with a different focus

DoContra

Ring ring, ring ring

ssh -X, ssh -Y, and Xpra work just as well on Wayland as they do on X11, thanks to the magic of XWayland currently being a required component of both GNOME's and KDE's Wayland sessions. Not to mention that there are Wayland versions of RDP/VNC clients. TeamViewer also has support for remoting into a Wayland session, and both KDE and Gnome have/are about to release off-by-default support for RDP-ing into a running Wayland KDE/Gnome session.

You're cheating, your solutions all use X or full desktop sharing!

You never specified I couldn't, the requirement was "run GUI apps remotely on a local Wayland session", and you very much can! 0:)

But they're gonna take that compatibility away because they're all against me and good ol' technologies! What then?

Can't comment on the second half, but yes, X11 compatibility is more likely than not going away in an unspecified time frame (there are -- pre-release? -- versions of at least one of GNOME/Mutter or GTK that can be built without X11/XWayland support). If/when that happens, there is waypipe. It's not the be-all end-all user experience (uncanny-valley invocation compared to ssh -X, noticeable more jank than Xpra -- still largely[1] within the same ballpark) and it requires installing it on the remote end (like Xpra), but it has similar performance to Xpra (both waypipe and Xpra are much kinder than ssh -X on bandwidth, almost on par with RDP/TeamViewer/etc).

PD: I get legitimate gripes with the current state of Wayland/Wayland app support (accessibility and Chromium-adjacent software not enabling their existing Wayland support by default being the more salient ones), I get "as it is I can't use this", I even "get" not liking change, but at least come at Wayland with actual, legitimate gripes. What I don't get (or at least, find extremely self-conceited) is "I refuse to adapt to anything new", and "I will stay with (blah), and the whole world shall keep maintaining it in production-ready until I get bored with it", for any value of (blah). Personally, the two big blockers I encounter in my own tech bubble are:

- Flickering XWayland windows on KDE when using Nvidia graphics cards (solved in Plasma 6.1 + Nvidia driver 555 series and up, but those are not yet available on Ubuntu)

- No support in AnyDesk for remoting into a Wayland session

The first one doesn't affect me (I don't own/regularly use a PC with Nvidia graphics), the second one only affects me in the PC my parents use, and even then I haven't had to AnyDesk into it in years now.

[1]: Unlike Xpra, it exposes you to this issue if running GTK4/Gnome applications from a KDE local endpoint (with the workaround being to install icon packs on the remote end).

How to spot a North Korean agent before they get comfy inside payroll

DoContra
Big Brother

FTF(ine)A:

Imposing a requirement to verify a laptop's serial number during onboarding is one way employers can catch a laptop farm user pretty quickly – those with physical access would be able to find that in a pinch.

This is rather trivial to do for the vast majority of notebooks (both on Windows and GNU/Linux) if the user has a modicum of IT competency. Asset number would be a better candidate depending on company policy (many BIOSes -- esp on Laptops and large OEMs -- have a write-once field for asset tag management; if the tag is set there it is just as easily readable).

WhatsApp's 'View Once' could be 'View Whenever' due to a flaw

DoContra
Big Brother

None of these features, in any of these apps, can survive a photo/video camera/screen recorder[1], and for the most part are advertised as such. However, "not even attempting to hide the message from a client we know for a fact can't/won't do the right thing" is very low-hanging fruit, esp. for a platform where all clients are developed in-house[2].

[1]: Cellphone apps will put up a fight against screen recorders when running on hardware/the same VM tho.

[2]: The only "third party apps" I know for Whatsapp straight-up load the web version (Ferdi/Ferdium/etc).

Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware

DoContra
Black Helicopters

This was the death kneel

of Firefox Send, with the added benefit (for malware slingers) that files in Firefox Send expired after ~1 month, erasing the evidence.

There is no honor among RAM thieves – but sometimes there is karma

DoContra

Re: 3.7 to 3.9 GB actual RAM helped XP a LOT!

Was a teenager at the time and my first PC with >= 4GB was running 64bit OSes already, but IIRC Windows XP Pro 32-bit has off-by-default PAE support (magic intel instructions available on every -- most? -- i686-and-up CPUs to address up to 64GB of RAM iff the OS/software has been coded for it[1]). Wouldn't have helped/made sense for 4GB of RAM as it incurs a performance penalty, but it was there.

[1]: The quick n' dirty explanation is that it sort-of works like segmentation: you get an additional 4-bit memory addressing register; apps/OS can then address up to 64 GB of RAM in 4GB chunks. Programs not coded for PAE will run, but can only address/access 4GB of RAM.

Microsoft avoids formal antitrust EC probe over abusive licensing claims by settling case with CISPE

DoContra

Always has been. (To be fair, they were right).

TeamViewer says Russia broke into its corp IT network

DoContra

Re: Heart attack material

There are quite a few self-hosted TeamViewer "clones" (one such alternative, not yet used by me), although depending on your needs, you may need a beefy server/network connection (you're live-encoding video).

Samsung teases investment to get into the GPU game

DoContra

Re: Samsung will probably make the same mistake Intel and AMD made

I will admit that the three times I bought an Nvidia GPU (2007, 2012-ish, 2016-ish) quality of drivers (esp. on GNU/Linux) was my main concern. However, right now the big advantage Nvidia has for all non-home/non-mobile workloads is CUDA (not necessarily because it's better than OpenCL et al, but due to being first and therefore having lots more compatible software). On the home PC market, Nvidia (and AMD) have the advantage of having humongous piles of workarounds for specific games (which Intel should've also had from their iGPUs...), and AMD currently also have decent drivers. Still, Intel launching a GPU with essentially no driver support for DirectX < 12[1] was one of the decisions of all time. Props to Nvidia for having the best money-no-object hardware of the current generation (RTX 40X0), and likely the next one too.

IFF Samsung is throwing their hat on designing/building their own GPUs for the mobile market, driver support should be easier than on PC. The mobile GPU market is already much more heterogeneous than PC GPUs, and the chances of Google/Phone Manufacturers doing patch releases of their GFX stack to support badly coded games is much lower.

PD: From hearsay (and some personal experience, esp. near 2007), ATI/AMD drivers varied between almost tolerable (mostly on Windows, usually near or after the cards went EOL) to unmitigated disasters (esp. on GNU/Linux). It only got better around late 2010s, to where all my daily PCs sport integrated or external AMD GPUs and I couldn't be happier about them. (The only remaining issue I personally had -- also with Nvidia but not with Intel iGPUs -- was hangs after kexec, but it seems to be finally fixed).

[1]: Intel straight up use vkd3d/dxvk (as seen in Wine and Proton) for DirectX 9/10/11 support.

Experimental remix finally brings the former Unity 8 back to Ubuntu

DoContra
Linux

As someone who has mainly used KDE on GNU/Linux...

... Unity was (is?) dope, especially against Gnome 3.x/4x. The bit I liked/respected the most about it was how easy it was (well, would be/have been if I had sat down and tried to learn how) to navigate the entire desktop with keyboard shortcuts. Especially the discoverability of the keyboard shortcuts (I always got the sense the environment tried to push you into using them). And as much as we riff on convergent interfaces in this echo chamber, Unity was the second least offensive for PC users ( with the inverse podium led by KDE :) )

Modern gnome at least has text search when pressing the Meta (Windows) key; vanilla-ish (as seen in SystemRescueCD and Armbian) XFCE doesn't even show its menu when pressed. Not a big deal for me personally as I use Alt-F2 for the run command[1] and then mostly go straight for a terminal and/or Firefox, but still.

[1]: Which is embarrassingly better than Gnome 3's not-even-a-browse-button version (haven't checked on Gnome 4x yet).

Happy 20th birthday Gmail, you're mostly grown up – now fix the spam

DoContra
Devil

Re: Gmail is the worst thing that could happen to email

Gonna have to play a bit of devil's advocate here :)

Gmail is something similar to email, but different. Its "labels" system is non standard and IMAP clients do "more or less" work.

That it is, and as someone who is a born-again desktop e-mail client believeruser, it really messes them up and I have some resentment that google never seemingly bothered to make a specification for tags. They do add actual, useable, sensible features over IMAP folders tho (just because I don't use those features doesn't make them meaningless)

Also, their antispam rules are obscure and if you are "bad" in their eyes, like my domain is, there is NO WAY you can actually ask them what's wrong. You are just fucked.(snip to your other reply)Microsoft is not so bad, it has a procedure for requesting delisting that works.

My experience was the exact opposite as yours. I've had spam issues with my e-mail server twice (compromised accounts), and once I stopped the flood of e-mails (and requested delisting from the e-mail provider neutral denylists) I had normal service against every e-mail vendor within 6-24 hours ... except Microsoft (which is the provider of choice for an institution we have close ties to), which took a good week to stop black-holing our e-mails (which gmail didn't do), and either I couldn't find the form/procedure or Microsoft did nothing with it (last time was a good 6-7 years ago at least 0:)).

I will say, I still resent google for demanding either proper valid SSL/TLS certificates or no encryption when using the "check other e-mail accounts"[1] feature back in December 2011/2012, without any warning, a full 5 years before LetsEncrypt >:(, while I was on vacation, and with most of my workplace syncing their accounts with gmail.

[1]: To this day they don't demand proper certs for SMTP, only for POP3

Chrome for Windows-Arm laptops officially lands in time for Snapdragon X Elite kit

DoContra
Angel

Surely the main driver/benefit for the native build is power efficiency? (And also low-hanging fruit for M$ marketdroids to exploit in device-tailored adshighly important and informative notifications).

My actual question is when GNU/Linux compatibility with this new crop of devices :)

Alphabet just banked $3B by stretching life of its servers

DoContra
Linux

Re: Choosing to extend the life of servers and networking kit is not always a simple choice...

The vendor is mostly google itself; they design the server hardware and pawn it off to an OEM for manufacturing. Server software is their own in-house (GNU?/)Linux distro with their own software. I wouldn't be surprised either way if their SAN/Storage and networking was COTS or their own design.

Facebook/Meta does something similar, and has even made a standard out of it.

Raspberry Pi on IPO plans: 'We want to be ready when the markets are ready'

DoContra
Alert

Here's hoping the IPO doesn´t ruin the community and support

For all the flak Raspberry Pi has gotten thanks to its relative hardware value and scalping/shortages during the pandemic, I always felt the value was always on the documentation and software support: actual documentation, properly updated, mostly compatible with the parent distro Official OS image, open source hardware/IO access libraries. Bit of a shame about the GPU situation but overall understandable/forgivable. They are by no means perfect (nothing is), and I understand the criticisms about focusing on embedded/industrial clients to the detriment of the thinker community and even the armbian project being pretty salty about no "upstream" Pi support, even if I find them largely overblown.

(Note: Never bought one nor similar products -- my interests starts and mostly ends on spinning-rust NAS oriented boards :) -- but used/fiddled with most full-fat Pi variants at work).

ICANN proposes creating .INTERNAL domain to do the same job as 192.168.x.x

DoContra
Black Helicopters

Re: Why is toplevel query to "zghjccbob3n0"?

My quick and dirty duckduckgo-ing netted me some references in example unbound configs, but not what the domain is. Didn't search the unbound repos (don't feel like logging into github, couldn't find the template config file in a quick peruse of the files), but an answer may be there

We put salt in our tea so you don't have to

DoContra
Coat

Mine's the mate

And the proper one, not from a soft-drink can, not made with teamate bags, no sugar/sweeteners, no other herbs.

(Although I do enjoy the occasional tea/mate cuppa, and my favorites so far have been Ceylon and Darjeeling).

Amazon already has a colossal ads business and will extend it to Prime Video in January

DoContra

Re: Question

That's a tricky question! On the one hand, it shouldn't be able to as all streaming services deliver DRMed content through WideVine[1], and by the time you're doing that. On the other hand, Spotify does the same and Spotify ad-blockers are very much a thing (although not as a straight request block a-la UBlock Origin, they seem to work by injecting JavaScript that skips the function/callback that plays ads and tricking the webapp into thinking that everything is A-OK).

[1]: DRM standard for the web; Firefox has the option to disable this content, as it works by running an obviously closed-source sort-of plugin. Youtube (non-paid content at least) doesn't bother with this, which is why it remains relatively easy to block ads/straight up download videos.

Microsoft's code name for 64-bit Windows was also a dig at rival Sun

DoContra
Headmaster

In fairnes to Microsoft... (!)

... no GNU/Linux distribution officially recommends such an upgrade path. The closest I've quickly googled is Debian (ElReg article describing such an adventure). Microsoft letting OEMs continue to sell x86 Windows past 7 on new machines (as opposed to getting the user to download and reinstall if they absolutely had to for whatever reason), on the other hand, was proper bad.

(Yes, you can significantly ease the pain of a reinstall in *NIX -- except macOS for the most part -- compared to Windows by doing a backup of /etc, /home, and most of /var; personally, by the time I've resigned myself to a reinstall I prefer to start minty fresh -- no pun/distro ad intended :) ).

Steam client drops support on macOS, but adds it on Linux

DoContra

And while this writer is not much of a gamer, we are told that a lot of games are still 32-bit and won't be updated. That was the main reason that Canonical backed down on dropping 32-bit support back in 2019.

Ostensibly the main driver (complaint) back then for keeping 32bit support was Wine, which needed 32-bit host libraries to run 32-bit programs (likely the vast majority of programs one would try and run under wine). Since then, Wine library loading has been completely reworked and you should "now" be able to use a single wine executable linked to your system's fully native 64-bit libraries and run 32-bit Windows binaries. However, 'tis true that Steam native Linux games are built against an Ubuntu LTS release which may or may not be 32-bit

Now, the last current browser for these old macOS releases is Firefox 115 ESR.

Which should be supported until a bit after Q1 2025

(On a personal note, I never thought I'd get to see the 32bit x86 mass extinction event this early. Mac is going through its 3rd to 5th such event -- 68k->PPC->x86(->amd64)->Arm, OS Classic -> OSX during the PPC days -- but it's a first for most x86 Windows/*Nix[1] users)

[1]: The only similar event(s) I can recall were on GNU/Linux before I had even heard of it: the switch from libc5 back to glibc, and on a smaller extent (with the same borkage capability), the switch from a.out to ELF.

HP printer software turns up uninvited on Windows systems

DoContra

Re: HP Smart is innocuous enough

Three steps forward and one step back: Thanks in no small part to Android and iOS, printers have finally "standardized" on using IPP for communications (even over USB!), which means no more drivers for newer printers. All of us with older printers (older than ~2015-2020) will still need drivers, but at least on Windows the story looks rosier than with CUPS also dropping anything that doesn't speak IPP (support is possible -- with locally running IPP servers -- but I don't have confidence on it happening widely).

Anecdata: In my workplace we have four HP networked laser printers (with DNS-SD/ZeroConf enabled) of different vintages (~2005 BW, ~2010 Color MFP, ~2012 Color, ~2017 BW; all but the 2010 have configurable IPP support). On GNU/Linux (cups/cups-browsed), the 2005, 2012, and 2017 printers are detected and configured immediately, the 2010 is detected but not configured (you need to add it manually to your system). On Windows, the 2010 and 2017 are detected (don't quite recall if the 2017 is configured automatically), the 2012 I haven't yet tested, the 2005 is not detected at all (must be configured with IP/Hostname).

Data-destroying defect found after OpenZFS 2.2.0 release

DoContra

Re: ZFS here we go again

Can't speak for OP, but in me own (worthless) opinion:

- There is no such thing as total safety in anything (other than the monotonic increase of entropy)

- Once I accept non-total safety, I'll prefer to partake on the in-tree FSes unless I know I need/want the features on offer

So far, ZFS hasn't given me any must-have features[0] to patronize it :) (checksumming[1] is near-universally good, but not worth it for me)

On a more serious note:

- btrfs (w/zstd compression) plus off-device backups on personal devices/daily drivers with SSDs

- ext4/xfs on HDDs or when I (feel I) need more reliability and can do without subvolumes/snapshots/other btrfs goodies

XFS likely has the better code quality for Linux-supported FSes (they literally made/maintain the testsuite), but e2fsck is pure magic.

[0]: In fairness, I never had a massive JBOD NAS-type device

[1]: Had a bad experience with checksumming on btrfs: After a period of general machine hangups/unclean shutdowns, I had a couple of corrupt files. btrfs very helpfully flagged this file corruption by very unhelpfully throwing errors on read() and printing the offending inode to dmesg.

USB Cart of Death: The wheeled scourge that drove Windows devs to despair

DoContra
Go

The main (technical[1]) performance flaw of Windows Vista was a shocking storage bug which, depending on your kit, might have never been solved.

As for the gfx subsystem, that should've been the case in 7 (or at least, I remember hitting "your system has recovered from a GPU crash" messages in 7), if not Vista, although it did change again on Windows 8. The good bits that Windows 8 brought to the table

On one hand yes, it's quite the shame that the (comparatively) revolutionary Windows versions are so universally panned (with the exceptions of 95 and XP[2]), and with good reason: Vista started taking security seriously and "ruggedized" updates, while 8 put some necessary finishing touches on the update front to finally make "upgrading your windows install" a viable, respectable path instead of a joke in bad taste[3], and began the saga of the new-style control-panel which, while awful in its time, in Windows 11 is almost ready for prime-time.

[1]: The main performance flaw was the social/human failure of the "Windows Vista Capable" labelling for computers that very much weren't

[2]: For readers of this fine news site XP may be Fisher-Price Windows 2000, but for home users 'twas the first taste of NT outside corporate kit

[3]: On a personal note, when I was a kid I bought a Windows 98 upgrade CD and successfully upgraded our family's PC from 95 to 98 (it worked! for about 6-12 months!)

Pro-Russia group exploits Roundcube zero-day in attacks on European government emails

DoContra
Thumb Up

Thank y'all for the heads up!

Roundcube lists (what I used to get version info) have been down since sometime between august and september, and my install was 3 versions behind ¬¬. (Insert rant about software projects that do not have/no longer maintain announcement mailing lists; good thing I revived my tt-rss instance!)

PIRG petitions Microsoft to extend the life of Windows 10

DoContra

Re: "All software reaches a point at which it's no longer supported"

Software does not rust

It does something worse: it rots (and leaves quite the stench). (The rest of the points very are valid tho).

Paying for WinRAR in all the wrong ways - Russia and China hitting ancient app

DoContra

Re: WinRAR? Why?

For those that pony up for the license (and I know one of those in South America!!!!!!), more power to them. For the rest of us, 7z is a standard format, supported by multiple programs (including WInRAR!), has as near as makes no difference the same compression ratio, and only misses out on integrity/parity checking for split archives[1]. Right now 7-Zip hasn't adapted to the new Windows 11 right-click menu, but NanaZip does.

PD: Good enough excuse to remember this gem

[1]: While it hasn't been my experience, I was led to believe that (with the right create-time options) split rar files can recover from a corrupted part.

Take Windows 11... please. Leaks confirm low numbers for Microsoft's latest OS

DoContra

Re: My experience so far

Haven't daily-driven windows for a loooong while, although I do have to support Windows users (and keep a couple Windows VMs around). I can see how many things in Windows 11 are deal-breakers to many people (esp. the hardware requirements), but for me Windows 11 is juuuust better enough to make it worthwhile over 10.

Otherwise though, Windows 11 is... a lot less shit than previous versions. I like that OpenSSH is on it. I like that Windows Terminal is... not terrible.

Yup! OpenSSH has been available (with the client installed by default!) in Windows 10 since sometime between 1804 and 1907 (can't quite remember the exact version). The terminal emulator is very usable and is available for Windows 10 from the Microsoft store. The new-style control panel is much better than in Windows 10 (to the point where calling it usable isn't that much of a stretch) and FWIW the GUI looks/feels a lot prettier to me. But the killer feature of Windows 11 (one shared by a colleague of mine who upgraded to Windows 10 ~2 years after 7 fell out of support) is tab support on Explorer.

( And both 10 and 11 have a just-good-enough NFS client :) )

DoContra

Re: There's nothing particularly wrong with it except for its hardware requirements.

There is a workaround, which I don't quite remember (easily found on your favourite search engine): Do the magic incantation to obtain a CMD window on the installer (Alt-F10?), run the magic command, and presto! The other, potentially easier way around it (and many more nonos) is to create your bootable media from a sufficiently official ISO using Rufus, which can (at your command) add that workaround and a couple more (TPM/Secure Boot bypass).

Apple antique aficionados can boot to the future with OpenCore Legacy Patcher

DoContra

Nice little bit of ambiguity in TFA

Apple hasn't stated when it plans to drop support for x86, and we don't expect it to.

What don't y'all expect apple to? Because mean ol' me read it as "we don't expect (Apple) to state the drop of support until it's nearly upon us", but it can be read in a much less cynicalnicer light to say "we don't expect (Apple) to drop support for x86"

Do SSD failures follow the bathtub curve? Ask Backblaze

DoContra

Re: these are consumer SSDs!

Backblaze has long proved that, at their scale and/or needs, enterprisey storage is not more reliable enough to be worth the price difference for them.

The home Wi-Fi upgrade we never asked for is coming. The one we need is not

DoContra

In this specific case, for cable that is going to live wall-side (or even tray-side), salespeople are not wrong. In my 3rd world, bureaucratic nightmare of importing, you can get brand-name (non-plenum rated) OG Cat-6 cable for ~20% on top of the cost of an equivalent brand (non-plenum rated) Cat-5e. Even the UV-resistant cables have little price difference between categories. I have done some cabling projects for workstations in my work in the mid 2010's and am already regretting not going for Cat-6a (rated for 10Gbps up to 100m/300ft) instead of Cat-6 (can do 10Gbps up to ~30m/100ft)...

Five Eyes nations detail dirty dozen most exploited vulnerabilities

DoContra

For proper telecoms gear (ie, speaks something other than Ethernet via copper/fibre optics) I can sort of understand that posture (offer not valid for telcos/encryption endpoints for customer-data traffic). Otherwise, why not cobbled together GNU/Linux install / router-oriented Linux distro? Other than the antivirus bit[1] (and mayyyyyyyyyybe the anti-spam solution[2]), you'll get either the same software as the proprietary turn-key solution (admittedly will all its gory details) or something super close enough.

And even I have to admit that there are companies that do the right thing (TM) regarding support for old kit. I run a fleet of old (circa 2012-2014) Mikrotik[3] Wi-Fi routers (493 series) which have regular software updates/upgrades without the need of a support contract[4] to this day, and ship with some pretty advanced features for the hardware they sell (VPN client/server -- even Wireguard in later versions! --, RIP/OSPF support, apcupsd -- local only IIRC, virtualization, etc.). I have to admit to my eternal shame to largely not upgrading these, but due to how these are deployed (and their uptime requirements), most everybody in my work is on the "known broken" camp (as opposed to my preferred "new shiny exiting borkage!" camp)

[1]: I've seen some nasty comments/reviews regarding clamav dotted around the internet, and IME it hasn't caught anything, mostly because [2].

[2]: spam-assassin (via amavisd-new which adds more checks/integrates antivirus in a single milter) has been working super, super well for me. Its biggest weakness (and I believe it's mainly because I haven't enabled integrations to paid antispam subscription services/my e-mail traffic is primarily in/for a non-english-speaking crowd) are phishing e-mails from compromised e-mail accounts of otherwise valid domains. (I "have setup" -- accepted the default debian config of -- amavisd to outright block e-mails with executable attachments -- PE/ELF executables, VBS scripts, etc).

[3]: I respect the hardware (esp. when I get to flash OpenWRT on it :) ), not quite the biggest fan of the software (UIs -- web and Winbox -- are kinda whack, console is fully-featured and very tractable if you're used to Cisco-esque environments -- it even has a half-decent autocomplete!).

[4]: You do need a valid license to use it, which for my practical purposes comes in flash with the hardware (and dies when the internal flash dies). The license comes in five levels with different access to features, but all Hardware I've paid attention to has either come with the 3rd level (bang-on middle, good enough for my needs), or the full monty. You can license just the software and then BYOServer, but I never had/felt the need to.

Creator of the Unix Sysadmin Song explains he just wanted to liven up a textbook

DoContra
Boffin

Where the OS assembler semantics on Intel were not the same as used on any other Intel OS (Intel's vs AT&T).

Just like in pretty much every FLOSS compiler suite, if not every x86 *NIX ever? (to be fair, you can at least finagle gcc/gnu binutils -- and I'd expect the corresponding llvm alternatives -- to meet you in the middle generate/decompile to Intel order, but inline assembler still requires AT&T order)

Some Windows users say these 32-bit apps have forgotten how to save

DoContra
Boffin

Re: I'd make a smart-assed comment but... (thanks snap!)

(snip)so it uses "xdg-portal" to save outside that area... (to me it doesn't make sense, it's jumping through a hoop to just be able to save wherever anyway.. so why have the restriction to begin with? Anyway...)(snip)

To reduce the attack surface Jonny RCE has on your system (can't write a file if the system tells you to pass out ;-), and going thru xdg-portal is user-visible at least); splitting hairs it may be and it probably won't stop an RCE commandeering your firefox to act as a proxy or cryptocurrency mining, but the cost isn't (usually) that big.

xdg-portal also plays an eye-of-the-beholder important role in "non-hardened" firefox installations: showing native file dialogs (that's why I have it enabled).

An unexpectedly fresh blast from the past, Freespire 9.5 has landed

DoContra

Re: Shame really

But when your goal is to get as close as possible to (modern) Windows, surely KDE/Plasma is already much closer to the goal than GNOME? (to the point where Plasma 6 is already trying hard to differentiate from Windows 11 -- specifically on the heading "Floating Pane").

You still need to deal with the start menu and possibly the window switcher (within your constraints, by searching for closer alternatives and bundling them by default), but in both cases you're already much closer to Windows than GNOME out of the box.

Ubuntu Advantage is being wired deeper into the distro

DoContra
Angel

Guilty as charged...

... but Ubuntu really needs to take a hard look at the updates/packages from universe they gatekeep and the updates/packages from universe they release for all (esp when the source code in the universe repository is a straight snapshot of Debian unstable from ~4-6 months before the Ubuntu release).

DoContra
Flame

I can understand forcing some/all customers/users to pony up for updates in packages on the universe repo after the 3rd year of an LTS, and for all packages after the 5th year (I even think it's fair!); I can sort of understand withholding updates (even security updates) during the first three years on EOL-ed or otherwise grossly unmaintained software (the python2[1] example from the article). But withholding updates for ImageMagick, which is an active project, with some important security exposure (via web apps), within the first year of the latest LTS, and with Debian already shipping the same/similar security updates in its current stable release, that's too far for me. I doubt I'll be proposing the switch on the servers/VMs I maintain anytime soon[2], but it's something I'll be keeping on the top of my head.

PD: FWIW, in my case ImageMagick (in 22.04) was pulled as a dependency for a package I (and my users) can (and from now on will) live without (pstoedit, converts PDF/PS to editable graphics formats like PNG, JPG, etc; installed as an optional dependency for texlive); I doubt my users will miss it (and ImageMagick), but the week is still good for many angry e-mails :)

[1]: Yes, I'm aware there are actively maintained forks of python2, but this package is still based on the official source and the release notes for 22.04 already stated python2 was unsupported.

[2]: Servers running Ubuntu on the bare-metal, with LXC containers (Debian for web, mail and public DNS servers, and in-house services -- DHCP, DNS, etc.; Ubuntu for compute tasks for the users in my org).

Arm China lays off staff amid chip war and licensing concerns

DoContra

While it would be unwise to not follow RISC-V development, China already has quite the momentum on MIPS (LoongSon)

PD: Just checked, and according to Wikipedia (and elreg!), the very latest chips from Loongson are a MIPS/RISC-V hybrid:

https://www.theregister.com/2021/11/02/china_loongson_mips/

Page: