Closed source encryption is not encryption. Period.
Posts by cdegroot
134 publicly visible posts • joined 1 Dec 2014
Apple auto-opts everyone into having their photos analyzed by AI for landmarks
Fedora Asahi Remix 41 for Apple Macs is out
Double Debian update: 11.11 and 12.7 arrive at once
Re: Lack of Nvdia 390 and 470 support is a problem - but solutions abound
One of the unexpected benefits of me switching to NixOS is that even kernel patching is declarative.
My motherboard wants a version of the it87 driver that exposes more ports than the kernel bundled driver allows; I forgot the details but the solution was to have a custom built it87 driver and disable the kernel-supplied one.
Both driver build and kernel change are relatively simple to express in some Nix code, which I added to that machine's NixOS configuration, and since then - well over a year now, three NixOS releases and numerous kernel version bumps - that code just does the right thing. If a Nix upgrade comes.with a new kernel, it gets patched, the custom it87 driver gets built, and all I ever notice is spinning fans while the kernel compile happens.
It's magic, frankly. I've been using Linux since pretty much day one and this is the first time that something like this actually works.
EV sales hit speed bump as drivers unplug from the electric dream
I have both BEV and PHEV, and our PHEV has 95% electric use and zero range anxiety. The BEV is for fun but I'd never consider it as a first car. I think our driving patterns are fairly typical - lots of short trips within PHEV battery range and the occasional longer one where the ICE kicks in,so to me it smells like a good solution to drastically decrease burning dino juice.
I guess the biggest issue is that the hybrid stuff only works for larger cars. I'd like to see an Aygo PHEV.
Microsoft closes Windows 11 upgrade loophole in latest Insider build
Re: Time Gentlemen
Frankly, just installing Steam seems enough these days. The only game with a work around in my library is ffxiv where I just installed the custom launcher (the square enix one is shit anyway), imported it into my steam lib, now I can remote play that as well.
Assuming of course you have am AMD card. Nvidia still is intent on making Linux users' lives hard,but that goes for windows as well with their stupid geforce all.
Texas sues GM for selling driver data to analytics, insurance companies
Apple is coming to take 30% cut of new Patreon subs on iOS
13% is a reasonable auction fee. I mean,double digit percentage commissions have always been accepted for the service of marketing, etc.
The egregious bit is that this is after the deal. Users have found Patreon, have downloaded the app, and now just for running transactions, where everybody is already fuming at MC and Visa (bloody amateurs with their 4%), they take a third.
This company needs to be regulated into oblivion.
Software innovation just isn't what it used to be, and Moxie Marlinspike blames Agile
Nonsense.
What has happened is that we went from a handful of artisanal craftsmen, who had to make their own tools, to millions of tool users and it has led to the extreme success of "software eating the world".
Of course if you buy a DeWalt cordless set at Home Depot you gave a different relationship with that tool than if you carefully constructed a bow drill, having to take into account exactly the one purpose the drill is to be used for, learning about the material you need to drill into, the quality of the cutting materials at your disposal, etc. The DeWalt, you pop in a drill bit and plunge it into whatever and now you have your hole and move on.
Moxie then contradicts himself by noting that these artisans still exist and make useful contributions.
I'd say, move on, nothing to report here. We are an industry now. Film at 11.
Linux updates with an undo function? Some distros have that
Post-CrowdStrike, Microsoft to discourage use of kernel drivers by security tools
The whole point of malware detection is to get the detecting code out faster than the baddies can use new avenues of attack. That's why there is a clock ticking and thus that level of automation.
The question is of course why we're collectively at sea in leaky buckets. System design has constantly preferred speed and features over security, we're paying a price for that trade off.
The question is whether that price is (too) high. I'd focus though on, say, the constant effects of ransomware over this very press-friendly single event to decide that.
How to maintain code for a century: Just add Rust
Re: Easier?
Rust does not need mainstream acceptance. Heck, it should not even be necessary to write coreutils in such a low level language.
There's plenty of excellent languages where the stack takes all thinking of memory management away from you, and a low level language like Rust (or C) can be used to bootstrap such a language but that's where you should stop using it. Maybe in some performance critical plugins andproba ly there are some oddball use cases, probably in fintech, where this level of control is required.
That won't stop the unwashed masses from jumping on this bandwagon, like with C or C++, and use it everywhere, appropriate or not.
But let's not pretend that that is how things should be.
Rust should be a niche language used by a couple of specialists. The other 99.99% of coders should stick with high level languages, with a runyime with garbage collection and all that jazz.
When AI helps you code, who owns the finished product?
Global EV sales continue to increase, but Plug-in Hybrid momentum is growing
Re: Plugins are a fudge, changing the drivetrain is key
My hybrid seems to be able to run both oaraklek and serial but I've only ever seen it in the former.
I have both. The EV gives me constant range anxiety here in Canada but is great for the medium trips to famy etc. The PHEV with 60km battery range is used for the short and the long trips.
We fuel up maybe once every other month. I think that that is a step forward from keeping two gas guzzlers alive, so I really don't understand all the hate by the treehuggers. If everybody could switch to a PHEV gasoline usage and thus co2 emissions would plummet.
Did IBM make a $6.4B blunder by buying HashiCorp?
The reason,of course, that everybody is rolling their own rather then pay the somewhat silly fees for TF Cloud is that a) the fee structure is silly, and b) TF Cloud's functionality isn't all that hard to emulate (I once did a passable imitation in three days). Note, too, that one of the reason that this open source stuff is so popular with the admins is that the senior ones have all been bitten hard by the commercial stuff at some point. Not worth $6b IMO.
Re: It's only $6 billion
To be fair to IBM, they were a very early corporate Linux supporter. I still remember when the iconized "IBM loves Linux" started to appear everywhere, and the $1b pledge sounds like peanuts today but was enormous back then.
I have no clue why they did what they did to RedHat, but let's hope they don't make the same mistake twice and revert the BSL. It'd be good for everybody.
Devaluing content created by AI is lazy and ignores history
Re: I vote for "well and truly lost"
How do you think computers generate voices? Or modify them? It’s algorithms all the way down, from your simplest band pass filter to GPT4, with not much in between to separate them.
AI generates a ton of crap art and now and then something surprisingly good (usually something Dali-esque). Next step probably is to rig up a computer to to separate chaff from weed, then one to hang themanummer in a museum, and then a bunch to appreciate it all ;)
Starting over: Rebooting the OS stack for fun and profit
You _use_ a lot of RAM and disk, but do you _need_ it? I mean, I ran a graphical desktop GUI on *nix systems in the late '80s/early '90s. I'm 100% sure that a designed-from-scratch OS would be an order of magnitude smaller than the "cobble some random crap together and pray it works" style of OSes we use today.
Re: Other smalltalks/lisps
Pharo is mostly a fork/cleanup of Squeak, they share VM and other important bits. Either would work, and so would any Lisp dialect although SBCL has some advantages (you can use it as a systems programming language, emitting straight machine code, so you can stay much closer to the metal than with a lot of other Lisps and any Smalltalk).
The biggest trick will probably be designing the thing to indeed seamlessly map the right sorts of memory onto the right locatoins. It's an interesting idea. And I do think that the current OSes should go away, none of them are very good.
But also: don't embark on such a project before reading Worse is Better :-) It is exactly the reason we're stuck with crappy old operating systems and incomplete/weak programming languages.
Air Canada must pay damages after chatbot lies to grieving passenger about discount
Re: Can't wait until Air Canada replaces all of its C-suite high-priced suits with AI
Air Canada is one of these brain dead corporate corporations. I don’t think I’ve seen a single positive but of news on them in the last decade.
So replacing the C suite with AI would be a big step up in the quality of decision making.
A ship carrying 800 tonnes of Li-Ion batteries caught fire. What could possibly go wrong?
The battle between open source and 'sort of' open source is as old as software
Affero, anyone?
I’m kidding, of course. The Affero GOL just creates a level playing field but that doesn’t take in the levels of cash needed to pay back the VCs. Because that is really what’s at hand - market position gets bought with venture funding and, like the deal with the devil, they’ll come knocking at your door.
I don’t think any of the self-funded, organically grown open source businesses have the same issue, generally. They’re happy to exist on a level playing field and compete with engineers, not lawyers.
Red Hat bins Bugzilla for RHEL issue tracking, jumps on Jira
Why can't datacenter operators stop thinking about atomic power?
Mixin suspends deposits and withdrawals after $200m cryptocurrency heist
Getting to the bottom of BMW's pay-as-you-toast subscription failure
Re: don't forget - 2CV spark-plugs and *proper* BMWs
That other venerable boxer powered car, the 911, wants you to remove the engine before changing spark plugs, apparently.
Yeah, my R80 and R1100 were a pleasure to work on. Once you got all the RT fairing bits out of the way. It’s never really easy :)
Microsoft: China stole secret key that unlocked US govt email from crash debug dump
US Air Force wants $6B to build 2,000 AI-powered drones
30 years on, Debian is at the heart of the world's most successful Linux distros
Re: free (as in beer)
I switched to Linux for the same user level. Before, starting on a new Unix box always meant a couple of days of installing a lot of the GNU toolchain, as I wanted to use Emacs and assorted utilities that really wanted to compile with GCC.
Linux gave me all that for no trouble at all!
Google's next big idea for browser security looks like another freedom grab to some
I totally agree that there is no real need to be civil with Google. It has shown time and time again that it is willing to breach ethical boundaries to get its way and it’s long overdue to a split up.
However, as long as everybody votes with their feet and uses Gmail and Chrome and Android and their search engine, nothing will change.
I hope that at least everybody here uses Firefox, has their mail with Proton, searches on DDG (just naming some potential alternatives), and so on. Because market share speaks and so far, they can get away with murder because the market rewards them for it.
Linux has nearly half of the desktop OS Linux market
Re: Installfest
Its not just mint. My latest laptop just for giggles I tried Fedora and Debian, both installed without a glitch. The only thing not working is the fingerprint reader but I can live with that. I had to go to Guix to get something that doesn’t work out of the box, pretty much 100% due to their “Libre” kernel.
Three signs that Wayland is becoming the favored way to get a GUI on Linux
At least systemd worked…
Every time I try Wayland (as recently as this quarter, both Fedora and Debian KDE) things don’t work. For now, I’ve retreated into tiling-WM-land (StumpWM is very nice) and as it stands now, it’s gonna take a forcing action like, say, Firefox going Wayland-only before I consider it again.
How a dispute over IP addresses led to a challenge to internet governance
Re: The issue with V6 is... NAT
For SMBs, that’s plain wrong. Public addresses are handed out inside the prefix received from upstream. Change providers pretty much is seamless, just restart stuff and it’ll get a new address. Changing providers is also something that’s hardly ever done.
Side note: I do hope that everybody here commenting on how hard/bad/… IPv6 is has gone through at least the trouble to do Hurricane Electric’s free IPv6 course.
Quirky QWERTY killed a password in Paris
Swiss keyboards are worse
Many, many, maaany moons ago I returned from a break to my office at a client site to find an admin at my desk, swearing loudly about passwords lockouts/resets to his colleague at the other end of the phone. This was not a happy admin and these were the days that admins wielded Special Powers from their data center where the VAX cluster lived…
I asked what was wrong and he told me that something was up with my terminal - he kept getting locked out, all he wanted to do was to do a quick print test for the printer just outside my office but logging in proved impossible.
Telling him that I switched the keyboard mapping off Swiss (a strange mixture of Qwerz and Azerty so both French and German became accessible) to US so I could write code on the bloody thing did not calm him down but at least helped him resolve the issue quickly ;). As “luck” would have it, his username mapped fine but the hidden by password, of course, did not.
Mozilla so sorry for intrusive Firefox VPN popup ad
Re: And there is the rub
Yup. All they need to do is to hire a small development team that maintains Firefox and extends it and shows that there is a world beyond the Google walled garden but that is not enough, so money keeps being thrown at stupid nonsense while complaining that there’s not enough money. The whole upper echelon needs to be fired.
When it comes to Linux distros, one person's molehill is another's mountain
Re: Another Ubuntu —> Fedora switcher
Same here, I’m on Fedora 38 now. Too much is made of distributions and distribution features - tools nor desktop requirements have changed much since I first started using Linux (ok, the browser got added as a primary tool but that’s pretty much it) and I wish everybody would just stop tinkering and start focusing on stability. KDE seems to have the upper hand there in terms of “DWIM” desktops that you can change to your liking with a couple of clicks before you go on to stuff really matters.
The new stuff is in Nix and Guix, not in Ubuntu or Fedora or Arch or whatever. But it’s too new, still. And most of their immediate advantages can be had with asdf-vm and direnv if you’re a developer.
Thanks for fixing the computer lab. Now tell us why we shouldn’t expel you?
Actual black hat baddie
We had a PDP11/44 in uni and Oracle was on it. A course used a lab database crafted by a teaching assistant. One weekend I was bored and started reading some manuals, where I learned that Pracle installed with default passwords.
To cut it short, one “sys/change_on_install” later I was wondering how to best test whether it actually worked, and “drop database <lab db>” was the only thing that came to mind.
They figured out it was me, called me in, and I never forget the expression on the TA’s face when I apologized and added “but you have a backup, of course?”
Learned me some lessons, there.
How Arm aims to squeeze device makers for cash rather than pocket pennies for cores
Epson zaps lasers into oblivion, in the name of the environment
Re: Can't help feeling it's more a bottom line thing than a green thing...
True. If you don't account for the fact that ink cartridges empty themselves on cleaning cycles, which then don't work, so you have to toss them for fresh ones. All wheelie you're trying to print a boarding pass, say, the night before leaving on a holiday flight (I've stood in the security line once with a phone that was about to die, never again, I've gone back to printing boarding passes, theater tickets, and whatnot).
I'm now on my second laser since giving up in disgust on costly inkjets at home, and they work (the first lasted ten years before a drum replacement was needed, at what point we decided to upgrade to a wireless model instead). I run toner cartridges completely empty whether I print stuff daily or once a month (more the latter) and while they are indeed more expensive, having the printer always at the ready is a huge benefit and I waste much less.
Stress-free printing is also worth something :-)
How to get Linux onto a non-approved laptop
Dual boot? Nope
Unpacked my Dell XPS 15 last year, booted it on Windows to verify nothing was dead on arrival, checked BIOS for funny settings, popped in Linux USB stick and told the installer to use the whole drive.
There's nothing, these days, that requires Windows. My games run all fine, and even when I had to test MS Teams for work, it was a straightforward install.
Dual boot ain't worth it anymore.
C: Everyone's favourite programming language isn't a programming language
Nothing new...
Even worse is the realization that hardware has bent to the whims of almighty C.
(don't get me wrong - I love C, it was my first "proper" programming language, learnt it when it was indeed still a) simple to parse, b) a high level assembly language, but I think it's time to exit stage left and leave some space for the newcomers)
We take Asahi Linux alpha for a spin on an M1 Mac Mini
Nothing new...
There's not blocking and actively ignoring all sorts of standards, reinventing wheels, and so on, that all end up having closed hardware that is not really friendly to anything but their own stuff. Practically, they block alternative systems.
I haven't been able to get Linux to run completely fine on anything later than a 2011 Macbook Pro, so I'm happily typing this on a Dell XPS :)
Open source, closed wallets, big profits – nobody wins the OSS rock, paper, scissors game
OSS with license clauses like "only usable by small companies" will never qualify as OSS, and for good reasons, I think.
What I've been doing is slap either the extremely strict AGPLv3 on things (so you're at least always forced to contribute back) or - a pretty good way to scare off company lawyers - just drop stuff in the public domain. The latter is too nebulous for legal types to recommend and smart companies will avoid it.
Theoretically, that forces organizations that do not want to play ball to contact the author, and then things like dual licensing can happen.
There is a reason, I think, that the GPL forces sharing and has some idea of how authors can make money and that's why the big companies all love the "permissive" licenses like Apache, MIT and BSD. And there's a reason that the FSF, for all its flaws, sticks with "Free Software" and does not like "Open Source". OSS makes it just too easy to be a bad player.
Also: Google lobbying the White House is a surefire way to get to a bad outcome in all of this.
Heart attack victim 'saved' by defibrillator delivery drone*
Cloud darling Hashicorp's IPO raises $1.22bn amid modest gains from a $80 start
Bearish
We're 100% cloud native, and have zero need for pretty much most Hashicorp stuff because AWS, Azure, GCP all have that (and the number of companies that really need multi-cloud is small, much smaller than their total addressable market size dreams tell them).
Hashicorp was great when you needed something "cloudy" to run on prem, stuff like Vagrant was great fun (until Docker crashed that party) in development, Vault/Nomad/Consul are not something you should run if you can help it, leaving Terraform, which is indeed less awful and more useful than, say, CloudFormation. But it's hardly going to be the last word of "infra as code" (it is more "infra as HCL templates", for starters). Pulumi, AWS' CDK, and similar efforts (including Nix/Guix) are already pointing the way forward and all that Hashicorp can do is hope to hang on (Terraform is the only thing we use and more out of a "nobody got fired for choosing it" PoV than because we really like it).
Still, congrats to them on the IPO.
MySQL a 'pretty poor database' says departing Oracle engineer
I worked on some pretty large stuff with MySQL and when we joked that it was clear that it was written by a drunken Finnish student over the course of a weekend we were only half joking.
Currently back with PostgreSQL after a couple of decades of not having it and it is totally boring. We use RDS so that makes it even more boring.
“yawn” is good when it is managing your precious data :)