90 posts • joined 2 Feb 2008
acrn should be arm-centric!
Given the early days of ARM as of Acorn RISC Machines.
the oldest bad practice in the book.
I <it>have seen</it>, in a book my son was lent by his school teacher, about a year ago, exactly this sort of code. Take variable from $_GET, build string by concatenation, pass to SQL. No input checking at all.
Someone - big name publisher - made money selling that book. Someone wants to make money selling the revised version, which I'd hope talks in detail about sanity checking and prepared statements.
Someone ought to be offering a permanent recall on the early version of the book and free-replacement including shipping to anyone with a copy, because it was plainly never fit for sale. Instead, copies are still being lent to school kids by teachers because the school budget can't afford to restock the library.
Ob disclaimer: I have no connection with anyone in the above certificate fiasco. And I expect that no one bothered fixing it because that would take time. WHY do CAs who ask for your private keys still get any custom?
...to the darkness bind them
I thought the whole thing about the one pin, was that assuming you don't want to be subject to the evil overlord, you needed to throw it into Mount Doom? (see icon for effectiveness >>>>)
Now all we need to do is work out how you that to the customer services bod....
Re: "effort wouldn't be better expended on something of more value to society."
Well argued and informative. Have an up-vote.
Now, we need similarly sane and coherent* arguments against HTML in email. Any takers?
* Not to be confused with the light-sources on top of sharks.
Re: feature request
I remember, back in the 90s, we all said "ignore the scare-mail chain-letters, you can't get a virus just from opening email."
Because it's plain text.
mutt is (this) man's best friend
Re: 1,000 Satellites?!?
The probability that one 'rapid disassembly' will have a reasonable chance of causing another has been calculated numerous times. I seem to remember that if you pick the right orbit then a bit of precession, etc. will effectively obliterate anything in a similar orbit. But it's a long time since I was last at a space debris conference, so I don't remember the details.
Just wondering... which band are they planning to render unusable for radio communications purposes?
Has anyone raised this with ITU / CEPT / Ofcom / FCC about this?
Re: Alien UFO's are Real - True / False...
Not a solid scrap of evidence to say that no god exists either. Of course there's lots and lots of circumstantial, hear-say and personal non-revelations, not to mention fingers-in-ears 'I can't hear you' arguments that get repeated often enough that they're assumed to be incontrovertible fact.
Which God don't you believe in? There are an awful lot of awful ones, and a lot of awful people who use their awful misconception that 'My friend says we're doing it for God so God must approve' as an excuse to do awful things. Politics-dressed-as-religion and hatred-dressed-as-religion and ambition-dressed-as-religion, etc. just tell us that religion is a powerful social force.
My own opinion is they tell us quite a lot about human nature (<sarcasm>deep down there's good in everyone, yeah, it shows</sarcasm>) and basically nothing about why the one who keeps the electrons spinning would decide to get born in a stigmatised way into a despised minority group with a well-proven history of rejecting him. Oh yeah, it was so that he could spend about 3 years as preaching to people who mostly didn't listen and then get tortured to death, that explains it.
Have a very happy Christmas everyone. Don't get so merry you get stupid.
it tuns with elevated privileges...
So.. we can't trust programs that run with elevated privs to check files such as (shock) network access, (horror) upload data, and (gasp) receive OTA updates. Based on this reasoning, and the current rash of Govt.s worldwide giving themselves super-dooper-snooper data-demanding capabilities, do all nations now need their own brand of AV?
Or is it finally the year of the VT100 desktop(TM) ?
Re: 98.2 percent of all statistics
I thought it was 97.4850006487
I thought the whole point of the block chain was that everyone can (has to) verify that block X went to wallet Y, and therefore the transaction is verifiable.
Surely there ought to be a mechanism to undo that? At least partially, even if there's no roll-back due to other transactions, shouldn't the receiving wallet(s) be marked as criminal and so blocked, etc, by all miners everywhere?
Re: ferc is a nice one.
I sincerely hope that excludes power station designs, floor plans etc.
Especially anything that might do that if mistreated -->
Re: What worries me
What worries me even more is that I've seen a big-roadside-screen add showing people how to get to their wonderful site.... just enter our URL into google's search box.
Complete with the http:// bit.
Re: Flying is the easy bit...
I thought it was throwing yourself at the ground and missing.
please can I have a patch for my phone? Tnx.
Dear Reg readers... is there ANY brand of <200quid phones that actually provides long term (> 2year) patch support?
Or, put another way, what are the chances of me ending up with a non-bricked, fully-functional phone if I try installing lineageOS on it?
#10 - 15
10. Ignorant and wicked are the doings of those coders who, in the case of the desktop or the desktop application include a dependency upon systemd.
11. This perverse dependency upon systemd is quite evidently one of the tares that were sown while the greybeards slept.
12. In former times the init process was relevant not after, but before user interaction, as tests of true geekdom.
13. The geeks are freed by devuan from all penalties; they are already dead to systemd, and have a right to be released from them.
14. The imperfect knowledge of the command-line, that is to say, the imperfect globbing, of the GUI-user brings with it, of necessity, great fear; and the smaller the knowledge of globbing, the greater is the fear.
15. This fear and horror is sufficient of itself alone (to say nothing of other things) to constitute the penalty of EMACS, since it is very near to the horror of despair.
100 MW of batteries
100 MWh, or 100 MW in/out for (people in the know) knows how long?
embrace... extend... bloat?
So instead of an out of band unreliable message that works on every mobile phone, those with no smart-phone are left in the cold, those with an ageing phone barely enough spare storage (after all the decent bloating of apps /OS) to run what they want get to give up some more precious MB, and everyone gets pushed into installing another piece of google spy/bloat-ware which needs to regularly contact home and report on us just-in-case....
Is this supposed to be an extension to the otp authenticator app? Google's version is already bigger than the free versions.
:-( The weaknesses are in the Wi-Fi standard itself.
:-( make sure all your devices are updated, and you should also update the firmware of your router.
:-( Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients.
:-( Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, (linux, android >=6 )...
Equifax's malvertising scare, Chromebook TPM RSA key panic, Cuban embassy sonic weapon heard at last – and more
Re: cuba noise sounds like cicadas or other noisy insects
My guess is it was just someone trying to play the violin on the wrong side of the bridge. Or slightly more seriously, a few really badly configured baby monitors or network-over-mains in the embassy electrics doing bad things to the the tube lighting. Someone should stick an oscilloscope on the live wire and start turning things off one by one.
could set off on the right hand side of the road
Been there, done that.
I comes from just having spent ages driving on the wrong side, and thinking "O great, I'm home now, and can relax."
Fortunately I was on my bicycle, so while I and the oncoming car were semi-shocked into a state of utter confusion about what on earth the other was doing on the wrong side of the road, it wasn't too hard for him to actually avoid me.
But you could also do *FX 200,3 or something like that which would, if I remember both disable escape but also clear RAM on a 'soft break' and so make sure no one knew how bad your code was.
Why do I remember this?? I haven't used a BEEB for thirty years!
Re: Are the complainers...
I've got an epson L210, inktank printer. It's about 3 years old now. Was really surprised a few months ago to notice the colour ink maybe needed refilling in the next month, after something like 6-7 reams.. (No, I don't print many colour photos). Another (hopefully) two-three years of printing cost me about £25, if I remember correctly. Sorry HP, I've voted with my feet.
Re: Because It's Not Google
Yes, but they don't want to become /so/ synonymous that the verb becomes leached of meaning. e,g. "Should I hoover that up with the dyson or the electrolux?",
"Did you google with yahoo or altavista back then?"
Re: Fuck a duck!
Five megabytes! You were spoilt.
I started on an 3kb Acorn atom with a bit-banging tape drive... Definitely B+W to start with. I think it ended up having 4 colours..
Some how I doubt it'll run for a week+ on 2AA batteries.
npm is security hole...
This is news?
I worked /that/ out as soon as my first venture into running a node package - from an apt repo - that looked interesting started downloading unsigned packages without asking me.
sudo apt-get purge gnome-exe-thumbnailer
Given the two (plus) nationwide issue, I propose that .bank be 100% required to also include the country code in any registration. That way some innocent doesn't accidentally end up at an organisation in Nigeria when they think they're going to the one just down the road.
Not that I'm suggesting she's innocent>>>>
I've just checked my nominally 50Mbit connection via our local cable TV company (rural Transylvania). According to http://beta.speedtest.net, I'm getting 60Mbit download and 30Mbit upload.
The Older ISP (wireless based) is just being taken over humungous cable company who are offering 300Mbit FTTH for about £3.50 / month. Not sure what the installation fee is. The other problem is that my main router only has only 100Mbit ports... It looks like the router upgrade is going to cost more than a year of internet.
Just in time for 2038
If this law's been around 2 decades, does that mean it's about time for for unix "end of time" compliance reporting to start up?
We must be getting into the era when hardware (IoT?) is going to last long enough that this is a problem.
That by the time it reached that sort of level someone's gone over the code and removed any storage bloat quite carefully.
On the other hand, maybe it's all running in Java and burning someone else's cash...
OK, I recant my bit about "most" impacts, as measured per hit. But I stand by my argument regarding plasma, since I'm pretty sure that's far more prevalent in higher velocity impacts, and so for real velocity you want to look at plasma-creating dust, not so much debris.
@Bill Gray "Low-earth orbital speed is 8 km/s, relative to the earth's center. Most satellites, and therefore I assume most dust, is in lower/medium-inclination orbits,"
Urm, to me (out of the field for a few decades, I admit) Dust=natural, debris=paint flakes, dropped zips, ASAT tests, and of course impact ejecta.
Dust, by the time it's dropped down the gravity well can be prograde or retrograde, at any inclination, and (back when I was studying this stuff) is/was considered a significant source.
Hmm... looked it up. Dust impacts on the space face of NASA's 69 month LDEF experiment consistent with the natural flux at an average impact velocity of 15km/s. So, 15km/s average, with a random inclination, and you're going 7.8km/s or there-abouts, in LEO circular orbit, faster for elliptical orbits, of course.
I'll leave the calculation about if we can or can't just average the max & min (15 +/- 7.8km/s) because of the "running into the rain effect" as an exercise to the student. I know it's spawned papers....
5-10km/s? Come /on/ people, I know that's an attainable lab speed, but admit it, it's really slow. "Most" orbital impacts are going to be 10-14km/s, and get some Perseid particles involved and it's 67 or something.
ICON: Mine's the one with the 20 year old space debris conference proceedings in it.>>>
Re: Poweredge T20?
I've just found my 2nd hand fujitsu celcius. But the patch is windows only, and it arrived from the
refurbisher running linux.
Why don't browsers show BOTH? (punycode first, with some note about the alphabets in use)
Anyone know where there's a full list of affected / patched devices?
Is this only on "top end" devices, or is this affecting 89.4356% of everything?
This started as "patch iOS" and now it looks like it's 'unless you're on patched iOS, turn off wifi'
Dear AC, I'm very interested in learning how to do a zoomable slippy map without JS. Could you post some pointers?
It's not just speed
smem output, exact same tabs open, both running noscript.
9626 me palemoon 0 170736 173311 188400
9696 me firefox___ 0 233544 239198 256420
this computer's short of RAM, too. What's that, FF, you want an extra 50Mbytes? WHY?
Because byte-count counts
Congratulations on the low byte-count bloat-free ascii logo. Now all they need to do to make me happy is reduce the memory footprint of the thing, which seems to have quadrupled in the past year or 2, with no real increase in usability, at least for my usage pattern.
Who do we need to write to to get have the old fast, small, efficient firefox we used to love, rather than this bloated RAM-hog which is currently taking up 10% of my total RAM just with el Reg open?
Shocking, you have ze physical access, you can interrupt ze boot process....
Just saying break=sidewayz or various real options or (my old favourite which used to work, but doesn't do so well these days was init=/bin/bash).
Just a few days ago I used this to add myself to /etc/passwd before letting the system reach multi-user mode.
I must admit it's a bit embarrassing for whoever wrote the comparisons in that bootscript, but this is really nothing to see, move along...
those cornery things...
Missing from the instructions:
If you happen to find that your new hyperexpensive wobbly desk is too wobbly, you may, assuming you never want to flat-pack-it again, apply copious quantities of GLUE to all joints. For additional stability, apply to the GLUE, the materials known as PINE or MDF (available at all good hardware stores for a small suplimentary fee). PINE and MDF may be conveniently cut to size with a 2.5kw Circular SAW, much to the enjoyment of neighbours.
We also supply strange cornery bits known as 'braces' that when attached to the legs and the desk-top in the correct manner (6.75 packets of araldite) provide additional bracing.
There. Fixed it for them:
Re: Firewalls to block the downloading of executables?
And what sort of tech are they based on? Air-filled or something exotic, etc. etc.?
In case anyone ever tries arguing with you that lower powered kettles are more efficient... Please apply the following simple bits of physics: convection, radiation, evaporation.
The longer the kettle spends getting from 30°C to 100°C, the more these sources of heat loss will come into effect, therefore low power kettles are better at heating the air, and less efficient in heating the water.
(The icon is for a nice efficient way of heating /lots/ of water.)
PS. Would someone like to test how hot a 25W fish tank heater (without a working thermostat) will actually get a typical fish tank? My guess is somewhere around 50°C, but I don't have a fish tank to test it these days.
It must be niche
it doesn't run on my old 286.
Re: Beastly, Just Beastly
The problem with your entire argument is that it's based on a false premise: that no one tried to write linux in C++.
It was tried, back in the time when I had a 386 PC and an entire distro fit on 2 floppies. Maybe it was before the time when "a C++ compiler has been able to generate equivalent code with "no overhead for the stuff you don't use" " But the result was a significantly bigger kernel which ran much slower.
Hey, this is El Reg!
playmobil or it didn't happen.
Re: Chrome sleek and fast, Firefox bloated and slow
Good for you, enjoy your bloat. Some of us are still using "made for XP" motherboards, maxed out at 2GB, and want to run other processes too. Firefox used to fit on almost /any/ hardware.
Re: Wet firecracker
This is a major bug if you're relying on SSL to provide end-to-end certification as a user. So I won't be connecting to my bank until it's fixed.
It doesn't mean we need to unpug any servers while we wait for the distro to catch up with upstream though. I for one am happy about that.