Posts by Michael Wojcik

Re: Efficient interface

vi, at least Joy's original implementation, did not use curses, and in fact predates it. vi does use termcap (and later terminfo), but has its own output routines. Legend has it that Arnold took the curses code for optimizing cursor movement from vi.

Re: Some light relief

To be fair, Sidney Powell would have trouble providing evidence she can distinguish her ass from her elbow. But, yeah, someone on their crack team (or, more likely, the people pulling the strings) ought to have been able to provide some evidence if the whole thing weren't a fabrication from whole cloth.

Re: Cop doesn’t even make the top 10 list of most dangerous occupations.

Lumberjack is the most dangerous job in the US

No, it isn't. It's not close to President of the United States, for example.

Responding to GP: My best friend was a police officer for decades. He never shot anyone, and never wanted to. I've known a number of police officers in the US who aren't "trigger-happy".

There are many problems with policing in the US — militarization, expanded duties,¹ systemic racism, "revolving door" hiring of bad cops, routine abuse of QI by the courts and of discretion by prosecutors, and so on — but generalizing about what "all cops" are like certainly does not shed any illumination on those issues. Police officers are human. Some of them are better than most; some are vile; most are somewhere in the middle.

As for the "police are under siege by criminals" claim: 224 officers killed on duty in 2022; 1176 civilians killed by police that year. There's a bit of an asymmetry, and it's not on the side of the angels. Certainly I wouldn't want more police officers to die in the line of duty, but the self-protection argument is rather thin.

But, hey, people should definitely form their own opinions, preferably without citing, or probably knowing, any facts.

¹In most communities police have to deal with crime response, public safety, traffic safety, homelessness, incapacitation (particularly due to drugs and alcohol), domestic disputes, McNugget crises, and all sorts of other issues, many of which they are not properly suited or trained for, or provided with appropriate resources to resolve.

Eh? 911 centers are local, for some reasonable values of "local", and 911 operators most definitely do triage calls:

911/Emergency Communications Center: Trained 911 dispatchers code and determine the appropriate response, sometimes with the help of embedded behavioral health specialists, for immediate assessment and intervention. From there, dispatchers may route the call to community responders or other first responders for help.

There may be other local regulations in place — community response is not standardized across the US. But in the communities where I've lived, 911 dispatchers were not required to "pass them along", and they had discretion to determine whom to pass them to if the did.

They can both be at fault.

Re: Bug reporting programs

Affected versions are part of the information in the CVE submission. I don't know under whose authority it could be "required" to be correct, or who would enforce that, or what would happen in cases where that couldn't be determined.

The CVE program is voluntary. Historically, it has worked (to the extent that it has worked), in no small part because it is voluntary. In many organizations, even relatively large ones, CNAs handle CVE submissions in addition to full-time responsibilities elsewhere. While I am often in favor of using regulation to convert externalities into direct costs for offenders, regulating the CVE process seems likely to have severe revenge effects. It would have to be brought under legal compliance structures in any organization large enough to perceive it as a liability. Fewer issues would be reported, they'd go longer before being reported, there would be less information in the reports, and gaming CVEs (as in the examples in this article) would likely become more prevalent, not less.

Some CNAs have always been better than others. There are rogue CNAs who create bogus CVEs for packages not under their control, such as the infamous CVE-2020-19909. Some CNAs are pressured by corporate management or legal counsel to do a poor job of creating CVE submissions. Opinions differ among reasonable area experts on how much information should be included in a CVE. It's a complex area.

Re: Just bought both a washing machine and dishwasher

We recently purchased a number of appliances — refrigerator, range, (continuous-flow) hot water heaters,¹ water softener, garage-door opener — and it was some work finding ones that either weren't network-connected, or (in the case of the range) could be left unconnected without it complaining or disabling any functions we care about. Which, for the range, is "get hot when we manually operate the physical controls on the front", because we don't cook in absentia.

Fortunately we were able to find models that met our other requirements as well as this one.

For the washer and dryer, we moved the ones from the old house. It was just easier.

I do not look forward to someday having to replace the television set.

¹One for domestic hot water, one for radiant-floor heating.

Re: Confused

Rate-limiting connections to a scaled-out cloud-hosted service can be somewhat complicated, which may well be too complicated for whoever implemented the thing.

Re: If anyone should be taken down, it's Haier

If Haier don't want to pay AWS costs, don't use AWS.

Indeed.

Also, if a well-intentioned developer accidentally made a significant increase in their AWS costs, what will happen the first time a malicious one does this? "Oh, I don't like Haier. Here's a great way for a cheap bot army to cost them a whole bunch of cash."

Haier appear to have loaded this gun and pointed it at their own foot, then gotten all whiny when someone bumped into them and they pulled the trigger.

Re: If anyone should be taken down, it's Haier

If, for example, your Haier heatpump died in the middle of extreme weather, wouldn't you want to be notified if you weren't home?

Sure. But I certainly wouldn't want to depend on the vendor, AWS, some app, and a closed-source "ecosystem" where the vendor's law-dogs chase independent developers away to do it.

That's why if I'm away I have people coming by the house periodically to check on things. Or if I'm going to be gone for a long period of time, I winterize the house.

We did manage this sort of thing before the Internet of Stupid was rolled out by appliance manufacturers.

I don't think you understand how CLIP models work.

Re: concealment from image recognition when used with CCTV

You know we've had successful, generally-available attacks on image-recognition systems, including commercial facial-recognition systems, for years now, right? Yes, it's always an arms race, but governments don't seem to be racing to attempt to outlaw any of the documented approaches — and they'll have a hard time outlawing new ones.

(In your hypothetical example — which I believe you meant satirically — are the children using image recognition? I confess I don't understand it.)

Re: Let the AI wars begin!

Maybe.

Adversarial attacks against non-CLIP image-recognition and computer-vision systems have been pretty successful. And Nightshade and similar attacks are on the training data, not on images presented to the classifier when it's in production, so "what the camera captures" is not the attack vector.

Re: Nightshade - poetic

Pfft. Francis Fukuyama got all the way to the end.

Re: Three things I miss from Lotus Notes...

this wouldn't be such a problem if switching between Mail and Calendar in Outlook wasn't such a bad experience

Oh god, yes, this. Just the fact that switching to Calendar changes the layout of the nav panel (at least if you're using the "Folders" view for mail), so switching back requires going to a different place than where the Inbox was a moment ago. That's just agonizingly terrible UX. Truly abominable.

Re: Fully Loaded Goats

I've always found Outlook to have enough foibles of its own when it comes to remote working and server access.

Agreed. I see 150-200 synchronization-issue messages from Outlook a year, and my email volume is quite reasonable — far less than what some of my co-workers have to deal with. Just the other day I had a case where Outlook worked itself into a complete tizzy over a meeting invitation, and was unable to process any of the invitation responses, for some reason it could not adequately explain.

Outlook mostly works, for me, and with extensive configuration bludgeoning it's not quite as much a yawning security hole as it is out of the box, nor as nasty a user experience. It's still not something I'd ever recommend.

I only used Notes lightly, for a few months, as part of an engagement with an outside firm. Didn't have any problems with it, but I barely got my feet wet. I did like the fact that when scrolling long messages it would put a fold mark in the margin to show which line had previously been the last in the window; that was a very smart piece of UX which I haven't seen implemented elsewhere.

Really. "Current ... crop"? Omitting error checking is not a new problem.

"hoi" means "the". It's just "for hoi polloi".

Re: Biggest problem.

And they may well have some notion that they can just throw money at the problem. Buy senior water rights from current holders, say, or pipe it in from elsewhere. Reclamation wanted to pipe water into California from British Columbia, after all; there's no shortage of daft schemes. When it comes to water and the West, there's always someone who will decide it's just a matter of money and can be solved later.

But, of course, later eventually becomes now.

Re: Qwant search engine

I'm an almost exclusive DDG user and, for many results, the relevance simply sucks and I've been growing tired of it for quite a while now

Mileage may vary, I suppose. I too use DDG almost exclusively, and it nearly always comes back with what I'm looking for. To be perfectly honest, I haven't noticed much "decline" over the past decade or so. Perhaps it's a question of what sort of things a user searches for.

Re: Why why oh why

It's adorable elsergiovolador thinks that a patentable idea is sufficient for someone to "start [their] own company". Or that someone capable of producing one would want to start their own firm. That's the sort of idea my friends and I believed in when we were, oh, ten years old, perhaps?

Re: Why why oh why

With that attitude, you'll never get your complimentary unicorn.

(I assume they have those in fairyland, which apparently is where you're writing from.)

Re: Excellent news, this

hiring some private investigators and a hitman

To, what, find out who currently controls a particular Bitcoin wallet? (Of course, if they take your money, report they've found the criminal mastermind behind this intricate plot,¹ and ask for more money to bring him to justice / have him whacked, how would you verify their claims anyway?)

Honestly, it's like every story about ransomware brings out the dumbest responses.

¹Yes, that's sarcasm. Though apparently it's too intricate for some.

Re: Excellent news, this

It's a bot. It doesn't care if no one pays ransoms. It'll keep running until all copies of it are shut down.

The "if no one pays ransoms, ransomware will go away" idea is impossibly naive, and this article shows why. Yet commentators immediately start spouting it again.

Re: Yeah but…

I was unable to party as though it were 1999, when it was

Well, tastes differ. My wife and I were asleep (somewhat fitfully, true, due to a local confluence of idiots and fireworks) at midnight on 1 January 2000, and I do not regret that at all.

A few times I've stayed up for New Year's Eve, only because friends invited me over for a suitably subdued gathering.

Regarding Y2K: those who actually know something about it — which definitely does not include Texas Village Idiot Cornyn — are well aware that there were plenty of important systems which needed remediation. Any number of them were discussed in forums such as RISKS. In late 1999, there was no way of knowing with any confidence how many remained unfixed, or what the consequences might be. Y2K was one of the industry's few shining moments. It's a pity, but not at all surprising, that many people continue to believe otherwise.

Re: So just crank up the power until it is harmful.

Not to mention the perhaps subtle fact that we (that is, humanity) have a whole bunch of non-space-based weapons, which we have been quite successful at using to kill one another. It's not clear why a Big Space Maser would make all that much difference.

Sure, you can target any spot in its orbital path without moving military hardware. You can do the same with an ICBM.

Orbital power delivery doesn't make a particularly great weapon. It's limited in where it can target. It's not flexible. It's expensive. It's fragile. Really, an orbital power system is more likely to be a target.

Re: thereby increase the value of the company

Ooh, the sportsball fans are triggered.

IRL, I wouldn't mock anyone for either enthusiasm. But I don't feel any urge to participate, either. I mean, I occasionally play video games, and I've occasionally played sports, and even watched the latter in a social situation; but I don't actually care about them at all. I'm sure my hobbies would seem equally dreary to many others. So it goes.