Posts by mihares 81 publicly visible posts • joined 7 May 2019
“but this one comes gratis from a big, well-known name and it has existing management tools.”
That big, well known name enjoys part of its well-known-ness to massive data slurping.
Which, that well known name, says is the reason for many of its gratis offerings.
So… what about that?
Governments, even if it has been very recently proven that is not necessary, are pushing for mass scanning user devices. Because they see that it’s easily done —think of how many mischiefs they’d catch if they were allowed to do so!
They don’t give a damn about privacy if busting it is in theirs and not in Facebook’s or Apple’s interest.
This mechanism will be rolled out in the EU to implement the famed copyright filter, which has been already mandated by the Union and it’s waiting for uptake in the various states.
Apple was sick and tired of denying (or obliging) to requests along the lines “give us access or we’ll tell everyone you defend child molesters”. And this is the result.
The “good thing” is that the machinery is based on a feature extractor that happens to be on the device owned by its adversary, so it’s just a matter of time I hope before some hack finds a way to break it or, probably, DoS it with a class of adversarial examples.
Nonetheless, this was an answer to a request that is done all over the western world by the governments and that is: easy, gratuitous snooping on everyone’s device.
Contrary to China, most of us can and do elect their representatives: watch what you vote the next time because this shit was asked to Apple by them.
~~~
It comes down to trusting Apple: yes, of course. But it was already that way since the iSoftware is very much proprietary and very closed. This is a different but related problem: there are less mobile OSes than car brands in the DDR so the choice now is, effectively, having your pictures scanned by Apple or being key logged by Google.
Or send them all to the deuce and have a dumb mobile phone, a tablet PC running GNU+Linux and a desktop workstation doing the same.
I was kind of hoping for this kind of comment, because now I can unload further. Thanks!
In software engineering (engineering and life at large, if you will), there’s such a thing as the correct tool for the job.
There are things C sucks at, even before security concerns. Arguably, there are many of them. From my old field of expertise: data understanding and data analysis prototyping is one of them. If you are trying to make sense of a signal to noise ratio of 1e-7, the last thing you want is care about what exactly you’re doing with your memory. Failing to recognise this leads to monstrosities like CERN’s Root —interpreted, JIT-compiled C++ dialect… and you thought C was bad?
When it comes to system programming (from embedded to kernels), C is the way to go. Because it lets you free, unfettered range in exactly the things that matter (not even C++, C).
This also means that you are totally free to shoot yourself in the face with it if you’re not careful. So you need to be careful —or at least think about what you are writing.
People trained to connect their brains, have a think and then write are expensive, though, and there is a damn good reason why large corporations (one that does not do OSes, one that shamelessly leeches them and the other that has an effective monopoly on ElReg’s BORK!BORK!BORK!) are attracted to things that require less thinking —> less expensive people to deliver the same amount of risk.
So my point stands: if you do the Kernel, you need to be able to C well. If you can’t handle the latter, you’re unfit for the former. It’s as simple as that.
Waiting for Torvalds’ death ray to discharge in Cook’s direction (still hoping for an uncensored, un-PC version) I will say that:
0) C is not difficult, it’s the opposite of that —that is what makes it a very good choice, possibly the best choice, for low level system programming. If you come around annoying the fsck out of people claiming that C is too difficult to do things securely (or: well) the solution is that neither you nor who trained you should touch it. Or the Kernel. Let alone opinate about them.
1) There are generally two ways to think about security: the first is the wrong one, in which you do stuff not thinking about it, then you pass it on to someone who just thinks about it and ruins your work’s performance and usability because hey, a safe box with the door welded shut is the best!
The second is to think about what you’re doing in the first place and design it so that it is decently secure without someone welding it shut for you —AFAIK, this is the Kernel approach. Which is constantly broken by pillocks at Google, btw.
2) Should Google contribute 100 engineers to the Kernel, I want 200 people checking their work for damn backdoors, since Google’s anus’ track record for improper, surreptitious access is really not clean.
The very existence of this difficulty should ring a few bells, shouldn’t it?
Anyway, I think a sensible way to go about the business is to define it internally as a set of behaviours and then ask people if they experienced those, without leaking the definition or what you’re after —to be on the safe side, have the questionnaire written in 5 different ways so you can catch yourself suggesting answers.
Something you don’t do is stating that bullying may be a problem, you’re investigating it and then ask if the respondent has experienced it. Because that’s just harvesting meaningless answers that confirm whatever you wanted to “prove”.
Of course we don’t know whether any of that happened, because the survey hasn’t been published yet. We just know the results. And that it was self reporting —which frankly stinks of the paragraph above. And stinks because of self reporting. Self reporting always stinks.
It might just be that the possibility of having a celebratory t-shirt for the most important piece of software that is Free and Open Source might be done on, say, a mac running some Adobe product, both of which stand for exactly the opposite of FOSS, is not lost on everybody.
Because of yes, you can do awesome image editing and art on Linux, so you really do _not_ need to go proprietary.
Nah, the power supply is not the issue: they tend to be big and bulky but on an aircraft carrier there’s plenty of space. And on some you already have a nuclear reactor on board —the worse that can happen is that you can’t charge fast enough and then your gun is rate limited. In general, as long as you don’t want to switch off a current of several thousands of amps, you’re fine.
Also heat build-up due to electrical resistance is not _such_ a big deal —it’s not as bad as keeping cool a superconductor, not make it quench and figure out a way to have a working sliding contact between the rails and the armature (*) across a thermal gradient of a couple of hundreds of degrees. Having to do that at room temperature with copper is already bad enough.
The problem is that you have to open the gun and change the rails every 1-20 shots, because they simply wear out (they will melt, develop holes, get smeared with whatever you’re using as the armature and not flatly or uniformly enough) and they don’t contact any more. And that’s no fun when you’re in a battle.
~~~
(*) the projectile is not used to close the circuit but there usually is another piece of metal behind it, for lower speed railguns. Once you start going above 3-4 km/s, you have to use a big fat spark between the rails which ionises whatever it’s in there and turns into plasma. Which as cool as it sounds, it will fsck up your rails even faster.
It’s from the early 1900 that people have been trying to exploit the Lorentz force to propel things into other things, very far away and very fast —one of those thing-thing combinations was: manned capsule and earth’s orbit.
The largest problem, by far and away, has been one and it’s not even the humongous capacitor bank, compulsator or gazillions of hamsters on wheels to generate the current pulse (Megaamps in nanoseconds), but the fact that you have to overhaul the gun every few shots or so, ranging from 0, i.e. congrats: it exploded in your face!, to a couple of dozens, depending on how much current you lob inside.
Until someone comes up with Unoptanium or some other invincible material, it’s hopeless —also for the Chinese: as stated, the difficult part is not shooting it once or twice, also from a boat, but shooting it enough times to successfully engage something slightly more manoeuvrable than Mount Everest.
So, of course, the French are still hoping…
0) If you leave user data alone, you don’t need to ask permission for slurping it. It’s as simple as that.
1) Audacity is released under GPL, which means that you can access the code and verify by yourself that, up to the last pre-Muse commit, they didn’t need to ask permission because of 0)
2) Because Muse have their balls tied up in the GPL, 1) dictates that if they did not disclose people would have called them out and it would have been even worse.
3) Business that slurp data do attract attention (and not of the loving kind, since a long time): the news of the GDPR should have permeated also under the heaviest rocks by now.
So The Muse Group saw what happened to the user base of Freenode and thought to themselves “yes, we want some of that, and we want it quick”.
The only thing that would deter users and devs more than this license violations and blatant data slurpage and tracking would be to physically smear a dog’s turd on said people screen upon downloading any guise of the application.
Have an happy fork everyone.
Yup. Except I do it with GNU+Linux —sometimes I shrink the original OS partition and keep it there until the warranty runs out (you never know).
A few years ago, though, they were discussing a norm (at least in the EU) for which you could walk up to someone selling you a computer and tell them to keep their pre installed OS and don’t charge the license price, walk away with just the hardware.
Did that happen? Wouldn’t it be awesome if it did?
I don’t play video games (at all, not only on a computer), so I’m not affected.
But the situation, at least as far as the underlying graphical subsystem is concerned, has massively improved on Linux: for AMD we have a nice nice driver in the Kernel and, as long as you don’t do too much crazy s**t with your setup, you’re also very fine with Nvidia.
So games can come to GNU+Linux as soon as they feel like, which will be as soon as the desktop user base will be large enough I guess.
Personally, I completely lost interest in Windows after 7 —having started with 3.1. The best of the bunch, IMHO, has been XP x64 edition, which actually was a Windows Server 2003 with XP written on it in crayon.
I have the feeling that, when MS Office will work decently on Wine (or whatever future Linux Subsystem for Windows), there will be very little point left in having a Windows OS anyway…
Back in the days when Windows 7 was a new thing and before I left the whole thing for GNU+Linux, I tried Chrome —all the cool kids had it and The Undisputable Truth was that Chrome was faster: heck, if you searched it with Google, it said it was faster so it must have been, right?
It wasn’t. It was shit. It also was the first time I appreciated the meaning of the term “bloatware”: it managed to eat up tens of GiB worth of memory and crash the system more than once.
So I switched to SeaMonkey and stuck to it until a couple of years back, when I just went with the flow of the GNU+Linux distro I was using and parked myself on Firefox. I might go back to SeaMonkey if this UI change dumbs things down too much. But I’m not touching Chromium based things with a barge pole.
Maybe I am giving the first awful impression too much importance here: since then, browsers turned themselves into monstre-interpreters to run apocalyptically bad code instead of just displaying documents… but I won’t get over it: I’m not using anything Chromium based, ever. Even before beginning the privacy topic —which is why I wouldn’t use the stuff even if I could get over it.
Internet fruition is, in general, in a very sorry state…
So it seems that humanity will not become a space-dwelling species any time soon: with a couple of apocalyptically idiotic “satellite constellations” (*) underway —most notably yet another of Musk’s brain-dead-children— it’s going to be a few years before space is unreachable and millennia before it’s reachable again.
It’s the Space DoS and it’s not even clever or ingenious: it’s just junk pile-up.
(*) Which if by any stroke of luck they won’t self destruct in a massive chain reaction, they at least would make sky observation from the planet’s surface a lot more miserable —and as cool as space telescopes are, ground based ones are the bleeding edge ones.
“ nobody would purchase the Xbox with plans to use it like an open-ended platform.”
That’s sounds like a challenge… should I accept it? Or just search the internetZ for someone who already did it? Or both?
The difference between “locked down”, special purpose computers and general purpose ones is essentially the number of bugs you need to exploit to make them do what you want.
Although I concede that running a text editor on a jailbroken smart toilet is not the most practical thing…
Have these two researchers been living under a rock for the last many tears? Tell me if that sounds like news:
“Penetration without consent is not OK”.
Yes, bad joke, but the principle stands: the experiment might have been interesting also for the Kernel, but the big fishes should have been informed (also only Torvalds, probably, would have been enough).
Done like this is just a waste of everybody’s time, and banning trolls is usually good policy.
The only regret at this point is that probably we won’t have an uncensored commentary from Linus... given the dumbassery of the two, it would have been just gold.
Seems that ECC doesn’t completely defeat rowhammer attacks, if that’s what you mean.
https://www.vusec.net/projects/eccploit/
Although yes, it is annoying that ECC memory is quite expensive. After Xeon processors’ prices started being quoted in kidneys and liver lobes instead of currency, I moved to AMD for my own machine: I should be able to run ECC memory, but I must admit I was not willing to make the investment.
Anyhow, it’s still possible to run ECC modules without spending tens of thousands on a computer. But it’s difficult for under 3-4k, yes.
Well, another problem that could get fixed is the propensity of using browsers as interpreters (oh sorry, JIT compilers) for bad code written by strangers on the internet...
I know it’s unlikely, but I’ll still be hoping.
Or just use Lynx: you can still read and comment on El Reg with it, so it means that you don’t need more —if you really want pictures, curl them.
Now I’m curious: just why does that seem that way?
Is it that the name Nicolaj sounds more foreign that Todd to English-speaking ears?
Is it that you think that in central, eastern Europe and Russia Kremlin undercover officials recruit the youth in the streets to post with their real name and location in support of a fat hippie?
Or are you implying somehow that in the regions listed above there are less developed culture and feelings?
Or is it because it’s cold and smells funny there?
Or what?
Also: did you notice that the “3000+“ that would like to free(rms); rms = NULL; seem to come from the United States? What do we make of that?
“Curiously many from Central and Eastern Europe and Russia”
Oh I see. There’s a hierarchy then: don’t let others think you might say something “against women” comes before the whole not being a racialist thing.
I suppose that if I were from the US, my two enormous adenoids and me would be very offended, take it on to twatter and demand(!!1!) the removal of El Reg.
Being born in southern Europe and currently living in the central sort, I’ll just make fun of you a little bit, and then read on.
Peace.
When the PowerBooks G4 came out I was too little and no amount of small kid pocket money would have bought me one —yet they looked and went like starships (real ones, not the fireworks relatives that SpaceX makes these days).
This was sad then and actually still is: it would have started me off on Unix much earlier and, therefore, I’d probably be a better computer person now.
Anyway, with my first job’s money I decided to go back in time and got myself, well, a few PBs. One arrived from California and, along the way, something like a washing machine must have fallen onto it —which was actually not so bad, because it gave me the opportunity of going inside the thing to replace all broken bits: real depth of engineering, also compared with modern Macs.
The thing is: those machines are still very good computers for everything you’d like to do. Wrote my thesis and compiled the LaTeX on one. Run also a particle physics simulation on it and, although not on par with a fat Ryzen, still could handle.
The only nonfunctional bit was the Internet browsing, until I came across TenFourFox, which re-made it possible. Yes, the poor CPU would run at egg-cooking temperatures and streaming videos was asking it a bit much, but functional.
It’s such a shame that sites (not ElReg, which works also under Lynx!) are now bad, inefficient applications that you have to JIT-compile and that all this is too much for a one-man-dev-team.
I for one think he did an absolutely awesome job, and deserves a very large supply of these —>
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
