* Posts by Vic

5860 publicly visible posts • joined 7 Dec 2007

Amazon's 'schizophrenic' open source selfishness scares off potential talent, say insiders

Vic

Re: Storm in a teacup.

Planting backdoors in many consumer devices (including routers) is supposedly tricky, too

Who on earth told you that?

Or are you trying to tell me that the test suite is something the secret services are not privy to?

Not at all.

But when you consider that each build happens 3 times - with the original compiler, then with the output of that, then with the output of *that* - it's actually very difficult to build in a backdoor that will go through all the tests without showing itself.

And then when the next drop comes about, those 3 builds are repeated - possibly with a different set of tests at the end. The *same* backdoor code would also have to cope with that eventuality without being discovered.

Once you've gone round this loop 10 or more times - as I have - the probability of some bad guy putting a backdoor into the code is *vanishingly* small. It would be much easier to drill through my roof and put a camera in the loft.

Vic.

Vic

Re: Storm in a teacup.

Did you check the binary on your RHEL / CentOS / Debian / Ubuntu install before you started using it to compile code?

Yes.

There's a fairly extensive test suite that's part of the build. Subverting that whilst leaving bad-guy stuff in the compiler would be tricky, to say the least...

Vic.

Vic

Re: Not a good citizen

> That's all that matters to the lawyers - not to developers

No - you're totally wrong.

The very point of Free Software is that it is Free. Users have the right to use it as they see fit, not as someone else tells them to use it.

That means that, if we espouse Free Software (as many of us do), we must champion the rights of users to exercise that Freedom - even if we disagree with what those users are doing.

To do otherwise is to redefine Freedom as "the freedom to do as I tell you to" - and that's only ever fun when you're not on the receiving end...

This is why the GPL very explicitly prevents you from adding field-of-use restrictions.

Vic.

Vic

Re: Not a good citizen

Amazon claim that since the software is never delivered - only used as a service - they don't need to distribute the source.

And they're right. They are not shipping the binary to you - it stays on their servers. Thus no distribution has occurred. The AGPL was created to address this situation - but we're probably not talking about AGPL-licenced code here.

This is legally correct, but not playing nicely

It *is* legally correct - and that's all that really matters. We cannot add the requirement to pass back improvements to GPL code - that would be an additional clause to the licence, and such modifications are *specifically* prohibited by the GPL (Section 6 in GPLv2, Section 10 in GPLv3).

So much as I like to see people improve the code base, the very licence many of us espouse prevents us from requiring such behaviour.

Vic.

Snowden speaks: NSA spies create 'databases of ruin' on innocent folks

Vic

Re: @Trevor_Pot

You do have the luxury of commenting from a country where, to date, the level of Islamic terrorist activity is very low.

So do you. We all do.

Vic.

If your telco or mobe provider hikes 'fixed' contract fees you can now ESCAPE - Ofcom

Vic

Re: This way to the exit

> They aren't going to give you the shiny new I-Thing you've got for free!

That depends on the wording of the contract.

If they phone is described as "free", then on termination of the contract - by exhaustion or by breach on either side - the phone belongs to you. But if it's you that's breached the contract, you owe a debt to make good.

If, however, the phone is on some sort of finance/HP agreement, then the above does not hold - it remains the property of the finance provider unless every payment is made. But this does get you certain rights under CCA74...

Vic.

MPAA spots a Google Glass guy in cinema, calls HOMELAND SECURITY

Vic

Re: If we really want to protect copyrights.....

> In fact such a mind wipe law would be doubly beneficial

It certainly would have been welcome after "The Counselor" the other day...

Vic.

Vic

Re: Going to be a painful future

> Americans know all the geography they need to know

You are having a fucking giraffe!

Vic.

Walking while texting can – OUCH! – end badly, say boffins

Vic
Joke

Re: Noticed this many years ago

> people cannot see me wearing a Hawaiian shirt in a built up area.

That's an offence, Mr. Kodogo...

Vic.

[ Younger viewers might like to search for "Winston Kodogo" for that reference... ]

Vic

Re: No shit, sherlock!

> anti-social phone using perambulator.

Omitting the hyphen between "using" and "perambulator" entirely changes the meaning of that phrase.

Thing is, I think you might be right on the money as written...

Vic.

Amateurs find the 'HOLY GRAIL' supernova – right on our doorstep

Vic
Joke

Re: This event that's happening now happened a long time ago

At that point the star instantaneously - through spooky action at a distance - became fully exploded.

Are you trying to fit me up for somebody's star blowing up?

Sheesh...

Vic.

CERN boffins fire ANTI-HYDROGEN BEAM

Vic

Re: serious question - not to be confused with earlier comments/screeds

> The earth as you know it is comprised of antimatter.

You are so full of shit...

Keep it up,. We enjoy a good boxafrogs around here :-)

Vic.

Vic

Re: About amanfrommars...

> Just because I post to a website does not give me any credibility.

You will probably never understand just how right you are, there...

Vic.

Vultures circle to feast on carcass of free remote desktop service LogMeIn

Vic

Re: ssh -X ?

ssh -L is equally useful.

I have port 22 open on my perimeter. It accepts only key-based logins.

But with port-forwarding, I can readily get to services inside my network, with all the comms properly encrypted. This is how I do email on my phone - ConnectBot allows me to connect to my IMAP and SMTP services within my network over an insecure link.

Sure, it takes a little thought to set up in the first insrtance - but if businesses are really that worried about the loss of LogMeIn, I'm sure they can afford a few moments to address the problem...

Vic.

And the winner of the most reliable disk drive award is ...

Vic

Re: Misuse of Drives

> 1. You cool them properly

I always believed that, but there was an interesting data set from Google a few years back showing that, at least in the configuration they use, it was the hotter drives that kept going. The cooler ones failed earlier.

I have no idea if this is representative, nor do I have any explanation for it. But it made me think, anyway...

Vic.

Vic

Re: Misuse of Drives

> Using desktop drives in a 24/7 environment will kill them

Quite the opposite, actually. It is the start/stop that kills them. Keeping them spinning leads to better life expectancy.

Vic.

Vic

Re: Wot not Samsung Drives?

> I have never had a problem with Seagate or Hitachi drives.

Gawd, I have.

Seagate used to be fine, untikl they bought Maxtor. Then te Maxtor "quality issues" seemed to dominate the entire output...

I've not bought a Samsung drive since Seagate bought that business - I really, really hope they haven't done the same...

Vic.

4K-ing hell! Will your shiny new Ultra HD TV actually display HD telly?

Vic

Bah.

> it's about digital channels to one analogue one

That should, of course have read "it's about six digital channels to one analogue one"./

One day, I'll learn to type...

Vic.

Vic

Re: multicast is already here, but 4k is not the answer you were looking for

It operates on the (true) premise that the eye has 1/2 the spatial resolution in color discrimination than it does in the spatial resolution of luminance

The eye is far more complex than that...

In the fovea (the bit of the eye that copes with what you're looking at directly), the retina is stocked almost entirely with cones. These give full-colour vision (luma and chroma are not separated in the eye) at very high resolution. Unfortunately, cones are slow to react to changes in light, and not particularly sensitive anyway[1].

Outside of the fovea - which you might consider peripheral vision - the retina is primarily studded with rods. These are monochrome sensors, and are both faster and more sensitive than the cones. The resolution in the periphery is lower than in the fovea.

The illusion of full-colour vision is actually a goodly amount of video processing occurring in your CNS[2].

Vic.

[1] This is why, if you try to look directly at a dim start at night, it will disappear. Look slightly to one side, and you will see it again.

[2] This can be demonstrated by having someone bring a white card with a coloured dot on it into your view from the periphery. At first, the dot will appear grey or black, depending on how dark a colour it really is. As the card approaches the foveal vision, the colour will suddenly appear. It's quite dramatic. Then comes the really interesting bit - if you move the card back out of view along the same path as you brought it in on, it retains its colour. If you take it right out of view and bring it back in, it again retains its colour. It can take quite a few minutes to go back to the monochrome view.

Vic

Re: These are not the pixels you are looking for.

NTSC and PAL both work IIRC by emphasizing the luma quality over the chroma quality

No, not really.

Analogue TV puts the chroma oonto a separate sub-carrier, but that's more about history than technology - it needed to be backwards-compatible, so that if you lose the colour info, it reverts to monochrome.

Digital TV, on the other hand, has always separated luma and chroma, and compressed them separately. This is because the human eye is *very* much more sensitive to luma noise than chroma noise, so you can dial down the chroma quality with little or no perceived image degradation. Try the same on the luma and it looks *terrible*..

I would be curious to know, for the record, just how much digital information one could've crammed in the frequency allocations provided for one analog PAL or NTSC channel

With the level of compression artefacts current punters generally deem acceptable[1], it's about digital channels to one analogue one. Which sounds great until you realise that they're not creating six times more content - they're just spreading it more thinly. When Dave is showing newer episodes of HIGNFY than BBC2, you know you're in trouble...

Has anyone conducted a scientifically-significant study to see if audiophiles really can tell the difference between a good analog audio setup and a good digital one.

Yes, many times. There is plenty of research in this area.

Sadly, many audiophiles simply will not trust the results of a double-bllind test; they firmly believe they can hear differences which are demonstrably not there.

Vic.

[1] I have no idea why people are so tolerant; most broadcast digital TV looks just *awful*. But people lap it up as long as it has a big enough frame size.

Vic

> I despair with the TV manufacturing industry. 4k should be 4x1080

It is...

The unit I was playing with at work the other week actually has 4 video feeds[1] - each one a 1080 feed. The 4 are quadranted to make the 4K display.

Vic.

[1] I believe this is fairly standard, but as I'm not really on the 4K project, I can't be sure...

Vic

Re: But first

> a "dumb" scheme - JPEG-2000 independently encoded frames

It has a major advantage for something like a cinema - bit errors do not propagate between frames. That's important unless you can guarantee zero errors - and you can't.

Cinemas aren't bandwidth-constrained, so this is the right choice for them. Broadcast TV is rather different, especially when you expect unicast IP delivery...

Vic.

Vic

Re: But first

> multicast, which is only really going to make a difference with live TV

Internally, all the broadcasters carry their traffic as multicasts.

It would be entirely possible for their output to go to customers as multicast - indeed, the company I now work for makes kit that does exactly that. Sadly, most punters cannot yet subscribe to multicast traffic, because most ISPs don't carry it.

My pet idea is for broadcasters to ship traffic as multicast on a sort of NVOD-basis, which is buffered in the STB, and a unicast stream alongside to transmit the data between the start of the programme and the first chuink of multicast received. This would give the appearance of a VOD system, but with gratly reduced bandwidth.

Never going to happen, though. Store all that valuable Intellectual Property on a hard disk? How very dare you[1]!

Vic.

[1] Yes, I know it happens already. But try talking to any of the copyright owners and watch the reaction...

Clink! Terrorist jailed for refusing to tell police his encryption password

Vic

Re: Not "complying" is the crime, not the results of complying.

In England and Wales a police inspector (or any higher rank constable) can authorise a search in some circumstances (for example to find evidence which is at risk of being destroyed if the search is delayed)

A magistrate is still required to authorise the warrant - but that authorisation may be retrospective.

I'm not sure what happens should the magistrate refuse to authorise said warrant - I'd have to look it up. I doubt it happens.

Vic.

Vic

Re: what if his password was

> Once you have been convicted you lose almost all civil protection until the term of your conviction is expired.

That rather depends on which jurisdiction you're in...

Vic.

Vic

Re: Not "complying" is the crime, not the results of complying.

A section 49 request, which may then lead to prosecution under section 53 has to authorised in the same way as a search warrant.

No, that's not true.

A search warrant has to be authorised by a magistrate.

A Section 49 notice may be issued by a number of people detailed in Schedule 2; each must have been granted permission to grant Section 49 notices by a member of the judiciary, but each individual notice does not require judicial oversight.

IMO, this is way, way too lax...

Vic.

Apple fanbois make it 'official', hook up with Internet of Fridges Things

Vic

Re: The piece of home equipment I would like to control using my fondleslab

> any means of having any sort of control at all would be a reasonable start.

My missus is Welsh.

A mute button would be *fabulous* ...

Vic.

'Toothless' environment protections in secretive global trade pact TPP leaked all over the web

Vic

Just one phrase springs to mind

... and that is, naturally, "fucking evil".

Vic.

Cyberspies blast Icefog into US targets' backdoors

Vic

Re: I get fed up of companies ...

> They should change the 'write once, run anywhere' to just 'write once'.

I've seen it termed "write once, debug everywhere" ...

Vic.

THOUSANDS of UK.gov Win XP PCs to face April hacker storm... including boxes at TAXMAN, NHS

Vic

Re: Run Kryten Smug-Mode

> Security and other patches will only be provided as standard for ten years though

It's GPL. All those patches will be available to all third parties for free.

If you want them at zero cost, you might have to turn the handle yourself. But someone else will be doing all the hard work for you.

Vic.

Vic

Re: Run Kryten Smug-Mode

> Do Red Hat still support RHEL from 13 years ago

EL5 and El6 will be supported 13 years from rollout.

EL3 and EL4 are only 10 years from Red Hat, but there are many third-party support operations who can sell you that extended support if you want it.

Disclosure: Until very recently, I was one of those third-party suppliers.

Vic.

ZyXEL router attack: HUNDREDS of Brit biz bods knocked offline

Vic

Re: This is why

> We need to change the law to create an offence of "ideologically supporting terrorism"

How many times are you planning on posting this drivel?

Vic.

Microsoft to RIP THE SHEETS off Windows 9 aka 'Threshold' in April

Vic

Re: It's part of a bigger picture

> The odometer on the tank reads in Kms, which must be documented, but we measure the fuel in gallons

You want to try General Aviation.

We buy fuel in litres, but measure it in pounds...

Vic.

Vic

Re: There's an interesting aspect to the comments so far

MS could easily get away with releasing a 'new' Windows9 product by simply changing the GUI shell for W8, which would basically be money for old rope

... And quite remarkably popular.

They *must* know this by now...

Vic.

Vic

Re: it all begins to sound

> What is the solution though?

Give the user *options*.

Each user can select "Classic", "Aero", or TIFKAM. Problem solved.

Vic.

Is your IT department too tough on users?

Vic

Re: @Interceptor

> For "satisfy" read "meet their business requirements in the most cost effective way".

And for that, you need to define both "business requirements" and "most cost effective way".

Quite often, such definitions will not encompass what $user is demanding I do *right this minute*, hence my request for written authorisation.

Vic.

Vic

Re: @Interceptor

> They are your customers who you should be doing everything to satisfy

Whilst this is true, we need to be very careful about what we mean by "satisfy".

It doesn *not* mean "let them do any thing their pretty little head thinks of doing". There are times when users really do need saving from themselves - many of them don't know as much as they think they do, and their immediate desire has completely ignored the fact that what they want to do is mind-bendingly dangerous...

My usual response is along the lines of "I'll need written authorisation for that". If I'm particularly annoyed, I'll often follow up with "I will be forwarding that to your boss along with my assessment of why it is a hazardous operation". This usually at least gets them to think a little bit about the risks involved...

Vic.

Staffs Police face data protection probe over 'drink drivers named' Twitter campaign

Vic

Re: If you drink alcohol you should not drive

> I do agree that people who drink and drive are low life

I wonder how many of *us* have driven whilst over the limit.

I have a very strict policy - if I've had even a sip of something alcoholic, I don't drive. The two simply do not mix.

But what about the day after? How many of us work out if we're adequately sober by the afternoon after a bit of a session? THe Police made a big fuss a few years ago about us not being able to calculate our current level[1]...

Vic.

[1] Although they believe they can, and do so. And the CAA tell me how to...

Vic

Re: stronger penalties

need stronger penalties - i think we'd have far less abuse of driving privilege if we followed some of our European neighbours e.. France

I disagree. I've spent quite a bit of time in France over the years, and the incidence of drink-driving I've seen over there is higher than I've seen over here.

What we need is better *detection*. It doesn't matter if you're going to face a multi-year ban if there's not a chance you'll get caught.

But even a moderate fine of a few hundred quid is quite a disincentive if you know you're *certain* to get caught...

Vic.

Vic

Re: @Connor

> I'd call that 'guilty but got away with it due to legal mumbo jumbo'

It doesn't matter what you call it - the law calls it "not guilty".

It's important to ensure guilt is proven, or else there will be very many more miscarriages of justice than there have been...

Vic.

I've seen the future of car radio - and DAB isn't in it

Vic

Re: In 2014?! A new service "offering" 48Khz?!?!?

> there's supposed to be a threshold for "average" human hearing at around the 48Khz neighborhood.

Much, much lower than that.

TV flyback frequency is 15.6KHz, and most adults can't hear that. The cutoff frequency - even for young ears - is a little over 20KHz, which is why CDs sample at 44.1KHz - it gives a response up to 22.05KHz.

Vic.

Top Microsoft bod: ARM servers right now smell like Intel's (doomed) Itanic

Vic

Re: @DainB

> Price difference will be measured in dollars if it all

On a 50c part?

Yes, I fear you might be right...

Vic.

Thought sales were in the toilet before? Behold the agony: 2013 was a PC market BLOODBATH

Vic

Re: @Michael Habel

> to express disbelief such people exist.

Excepting people with disabilities preventing them from doing the job, such people do not exist - they just think they do.

Anyone *could* build their own PC with little or no hand-holding. But many people choose not to try.

Vic.

Woman whipped gun from vagina in SPACE ALIEN spat, reports Officer Zook

Vic

Re: Fanny Like a Hippo's Yawn

> Like waving a sausage in a cave?

I always liked the line "I was waving a match inside the Albert Hall" :-)

Vic.

[ From Nodding Donkey Blues, in case you're interested...

Take off, nuke 'em from orbit: Kill patent trolls NOW, says FTC bigwig

Vic

Re: Patent values

> I'd make patents non-transferable

If that were the case, the eponymous "small inventor[1]" would be unable to patent his invention, since he'd have to fund any legal action when someone infringed. Most small inventors can't afford the protracted legal process in any country, let alone the US. So patents get infringed because the owner cannot afford to defend them, and thus the patent is rendered worthless.

Patents will be transferrable, and rightly so IMO. What needs to happen is that the legal system needs to put in place real penalties for idiotic lawsuits - such as the directors of the company becoming personally liable for costs should the troll company become bankrupt. But I'm not holding my breath...

Vic.

[1] Disclosure: with sveral patents in my name, I guess I qualify as a "small inventor".

Vic

Re: Nice thought, logical ideology, BUT...

> I'd have thought being liable for the sum you're seeking from the defendant

Liability on loss seems like a good idea (although I'd have made a losing plaintiff liable for the defendant's costs), but it won't actually work.

These patent trolls spawn off multiple shell companies, and it is those shells that do the litigation. They have assets of three odd buttons and two beans, yet can still afford some hot-shot legal team. So if they ever do lose, there are no assets to recover; the shell simply vapourises in a puff of insolvancy.

AIUI, to fix this problem would require changes to America's bankruptcy laws, and that's not going to happen in Delaware...

Vic.

Anatomy of a 22-year-old X Window bug: Get root with newly uncovered flaw

Vic

Re: Dangerous Arguments

Unless you're saying there's a way to insert the malformed BDF AND force the font refresh without any prior privilege escalation or user takeover?

Yes, there is.

G/L has long supported user-specific fonts - you just make a directory in your home area, stick your fonts in there, and run the appropriate font cache command. This is all part of making the OS "friendlier"...

Logging out and back in again usually restarts the X server. And there is the exploit.

This is serious, but probably not nearly as bad as certain people will make it out. Aside from the difficulty in getting an appropriately-crafted BDF font onto the victim machine (since most will just cause a font server crash, rather than actual execution of anything), the most valuable machines invariably run headless, so they won't be running a font server at all.

Nevrtheless, I'm glad to see upstream fixes already pushed out in the repositories I use.

Vic.

Vic

Re: Because free software is SOOOOOO secure, many eyes and all that.

I will attribute any thought that Linux is developed by unpaid armchair amateurs rather than professionals to staggering ignorance and not to malicious trolling.

You would probably be wrong there, though...

Vic.

Vic

Re: Desktop...

> I still run X applications on the embedded device

Yes, but it is the X Server[1] that is vulnerable, since that is what loads the fonts. The X client applications are unaffected by this.

Vic.

[1] The terms "server" and "cllient" are frequently misunderstood when it comes to dealing with X; the server is the thing that provides services, and is therefore the windowey bit you're sat in front of. The client is the application program that might well be running on a different continent from you...

Vic

Re: ALl of that could be avoided with proper sub-functions (smiles for the 'goto')

> sub functions are longer and use stack.

Not when the compiler inlines them...

Vic.