Posts by Christian Berger

Re: what's fascinating is how the SystemD fanboys react

Well there's a deeper problem with SystemD in the eyes of the people who don't like it. It basically boils down to values like simplicity, and being able to choose what software they run on. Yes, previous init systems were not very simple either, but at least that was based on shell scripts. If people had learned about actual SysV init, they'd probably want that.

The Pro-SystemD arguments always seem to turn around "being modern", even though most of their ideas have already been implemented in Windows NT.

It seems like an example of that phase most learning programmers go through wanting to re-invent the world in a more complex way. More experienced programmers have learned to live with that feeling.

"What gets me - why the hell is the ticket system behind the same thing, making it inaccessible if it screws up?"

Why wouldn't you? That way you won't distracted by people whining that nothing works.

Re: Mixing IoT with cellular networks

You'll notice that you're not the target market for this technology. It's aimed at industrial operators. Security cameras would be impossible to run over those networks as you don't have the bandwidth to send a picture per day.

Re: It's an old idea

"Although I've got to say, this is an argument against pretty much any malware detection technology. If the author has tested their malware against your defensive product, they will surely have been able to find a way to circumvent it."

Yes, and this is why security experts (outside of malware detection firms) call such products snake oil. Now add to this, that those programs typically are rather complex, run with high privileges and try to unpack every obscure format you may not even have software to use them otherwise. Right now, for example, it's likely that you can take over computers with that RAR decoder bug that's been found recently... even if that computer doesn't have an unpacker that supports RAR.

Re: It shows that there is one feature missing

Yeah, but then I'd have used far more of the code, and those bugs would have been relevant.

TLS simply isn't a very good protocol security wise as it's to complex to be implemented sufficiently error free, and it has the outdated security model of CAs.

Re: " then other people criticise it, and instead of replying to the critique in a sensible way"

a) We live in a vendor dominiated economy. If no vendor offers open systems, you cannot buy them. Most high profile ARM devices are already locked down, and Microsoft has already made some steps in that direction, shutting down (still rather obscure) features like connected standby. Windows 8 on ARM even forced secure boot. https://www.heise.de/newsticker/meldung/Microsoft-erzwingt-auf-Windows-8-ARM-Geraeten-UEFI-Secure-Boot-1413109.html

Being able to turn off Secure Boot is now an optional feature:

https://www.heise.de/newsticker/meldung/Windows-10-Neue-Geraete-nur-mit-UEFI-Secure-Boot-und-TPM-2582371.html

b) I need to have the secret keys on the same system, since in the full concept of "Trusted Computing" no code should ever run that is not signed. Therefore every little 3 line program I write as a bash script would have to be signed. Since the whole hypothetical advantage of "Trusted Computing" relies on there being a complete chain of trust to be unbroken, I have to sign every command. Otherwise the whole tower of babel breaks down.

c) Yes, I know what malware can do at the boot level, but that's largely irrelevant as you can reach the same relevant goals even in unprivileged userspace. It doesn't matter if you have control over the kernel without the user knowing, as you can access all user files via its user privileges. It doesn't matter where you enter the system, once you are inside, you have typically reached your goal.

d) BTW nobody talks about "running pirated copies" of whatever. I don't see why you bring up that topic.

However, at least you had some arguments, and I applaud you for that.

Re: Why don't we ditch HTML+CSS+JS and just deliver websites as PNGs/JPEGs?

Well you could still delive the bare text as an addition and it still wouldn't be a large as our current mess. And obviously you'd transmit the window size and preference for font size to the server.

BTW most of the problems you mention already happen because of bad web design.

Re: I wonder how security would be...

Well, Samsung has 2 advantages with this:

a) They develop their own chips, so they have a head start when it comes to working with them. They can already write and test the firmware for early prototypes or even for simulations of those chips.

b) They market themselves as a premium company, so they would even have a bit more time for such things than the competition. Well tested Firmware would be a big advantage justifying the price premium.

It depends

"An "atomic" clock is maybe $2,000. I've not checked lately. Could be less. "

It depends on what you want. A rubidium clock is comparatively cheap, but they aren't quite as precise as caesium clocks. The later still costs 50k new and regularly requires changing the tube inside of it. That's to expensive to put in every cell-tower, but not a problem for a TV station which already pays 100k for a camera and another 100k for the lens.

"One GHz terrestrial system I know has an oven based "clock reference" only in the main mast and then the clients lock to a pilot carrier for stability, to save £100 per unit."

That's also standard for mobile phones, otherwise you couldn't get the carrier precise enough.

Frying all the satellites is unlikely, BTW, as half of them are on the "night" side of earth. The failures I've found so far were only temporary.

Well, you should always read documentation first

The documentation seems to be rather decent, and you should read it first, before asking your questions.

The reason is the same as with tier 1 call centres. Most people in IT have no f*cking clue what they are doing. They could get some clue by reading the documentation, and apparently they put lots of effort into the documentation.

So they provide a way to get your question answered, but you choose the most annoying way to do it they provide for only serious questions not answered by the documentation.

Re: "Because you can"

"Whine as you like about paper ballots being slow to count "

Actually in Germany we have paper ballots, they are counted by volunteers. Polling stations close at 18:00, and most polling places finish counting at about 18:30-19:00. In time for the 20:00 news there's already a "preliminary official end result".

Casual TV and movie watching

If you want to watch something, while you are doing something else, it's great to have a screen with many more pixels than the video has.

Re: There are fundamental technical reasons for it

Yeah, so you're saying that I should use G-Mail instead of my own mailserver?

And seriously, with UPnP all those crappy devices you don't want to have on the net are _already_ on the net, despite of NAT, they simply open port forwarding.

We have lots of problems already which stem from NAT and which aren't addressed by advances in IPv4. Look at mobile devices. People cannot even transfer a file from computer A to computer B because they are likely in 2 different NATs. That's why we even have data-slurping companies like Instagram or WhatsApp. Nobody would even think about using that if there was E2E communications, you'd just use the network like you use the telephone network.

"Smart" devices often have to go through a central computer so you can talk to them through the net. If that vendor decides to shut down that service, you can no longer use that feature.

IPv4 simply separates the net into 2 classes of users. Those with public IP addresses, and those without. Increasingly people, particularly in poorer countries, end up behind multiple layers of NAT.

Re: "the Internet would be using WINS naming exclusively, and that DNS would be totally gone"

"MS love to create "standards." If enough of them take off they continue to force people to stay on MS platforms. "Everyone will be using this in X years. You'd be a fool not to start coding for it" blah blah."

Well unfortunately that's something virtually all inexperienced programmers do. That's why we have FreeDesktop, PulseAudio or SystemD, or if you think it further, all those new half-baked features coming to new poppular language versions.

Programmers need to learn to restrict themselves to solve problems as simple as possible. Software architecture isn't about using every language feature or every new fancy methodology, it's about choosing the right tools for the job, to make the problem as simple as possible so it can be solved as simple and accurately as possible.

Nothing new

Mobile telephone number portability in Germany is still exchanged via X.something mail, not even standard Internet E-Mail.

And actually a mailing list is much saner than the fixed line number portability scheme in Germany which goes through intermediaries which charge lots of money for handling a comparatively small databases.