* Posts by Charles 9

16605 publicly visible posts • joined 10 Jun 2009

NixOS and the changing face of Linux operating systems

Charles 9

Re: @Charles 9 - rm -rf /*

But that's you, and you're in the minority. I routinely deal with people who when told to look left, look right, and if told to turn around, spin 360 degrees. That's why I'm constantly reminded of Stimpy and the History Eraser button.

Charles 9

Re: @Charles 9 - rm -rf /*

Look, if you don't find a way to fix Stupid, you're gonna end up with Stupid taking the rest of us down with them.

Charles 9

Re: @Charles 9 - rm -rf /*

But everybody plays the fool sometimes.

Charles 9

Re: rm -rf /*

No matter how unintuitive you try to make a History Eraser button, someone will still find a way to do it, due to either being duped into doing it by a jerk, or by a Captain Peachfuzz who can stumble onto it in spite of hell or high water.

SiFive's latest top-end RISC-V CPU core supports proper virtualization in hardware

Charles 9

I'll believe that when I see it. The problem is apples versus pears: close but not similar enough to really compare, as we haven't seen a serious ARM-powered gaming rig as of yet. The closest thing we have is the Nintendo Switch, but it's more cell phone tech. The new Macs have come out, but there hasn't been anything resembling Marathon of the PowerMac era.

As for power consumption, I think these days most of the power in serious gaming rigs is taken up by the GPU, which can be CPU-agnostic.

Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure

Charles 9

Re: This should not be a free for all

But that's just the French, with about 70 million people tops. China has over 1.5 billion, about 20% of the entire human population within its own borders. Why else do transnationals fear losing access to them? It's like the old saying, "If you default on a million-dollar loan, you're in trouble. If you default on a hundred-million-dollar loan, they're in trouble." If they really wanted to, they possibly have enough clout (and a desire to go in-house, most emphasized by President Xi) to dictate terms.

Charles 9

Re: This should not be a free for all

No, what they REALLY really would've done is develop their own, opaque protocols and use their "Great Firewall" to force gatekeeping (and translation) with the West. Otherwise, you find that geographic borders borders are notoriously porous (ask North Korea, who has trouble safeguarding a short one).

Charles 9

Re: This should not be a free for all

"I'm talking about the national ISPs you and me use to connect to the Internet: Those are totally local and much likely to be leaned on (real world examples abound)."

But local ISPs usually don't do actual encryption and decryption; they just relay the data. You need to get to the endpoints, and the major endpoints aren't likely to be under the appropriate government's control.

"So one really can't say non-autocratic governments are a recent invention; The only thing one can say is they require an evolved, structured civilization. Each decline of civilization brings back the simpler, more primitive "might makes right"."

Which proves my point; non-autocratic governments tend to be the exceptions.

Charles 9

Re: This should not be a free for all

"You don't need to control the CAs for that, you just need to control the ISPs. What would be more efficient in controlling snail mail use? Controlling the issuing of stamps, or controlling the postal delivery?"

Most ISPs are outside sovereign control, and unlike the post, a lot of the Internet traffic these days is black-boxed, preventing casual inspections like back in the old days (things like the Chinese Cannon). CA control provides the means for them to get back inside the boxes.

"Definitely the ancient ones!"

And last I checked, practically all of them were autocratic. Hierarchical structures seem to be the most natural for us if history is any indication, good or ill.

Charles 9

Re: This should not be a free for all

"Certificate authorities simply don't compare, profit-wise."

But what if the motive isn't profit but control of information flow (knowledge is power)...something governments might be interested in? Then money isn't the objective (and not as much an object in any event). Think about TOR and how trustworthy most people feel it to be at this stage.

I know about Hanlon's razor, but I'm also familiar with the natural human condition, which tend to be selfish if not tribal. Large societies don't tend to last long-term without a firm amount of control, something which favors authoritarian and similar regimes, and what have been the longest-lasting regimes in human history?

Charles 9

Re: This should not be a free for all

Pretty hot. Ask Big Oil and Big Pharma how much cartel behavior and threats to take their business (and taxes) elsewhere pay...

Charles 9

Re: This should not be a free for all

That just means anarchy and a race to assert control. SOMEONE will inevitably cheat...

Charles 9

Re: This should not be a free for all

"Apples and oranges. Certificate Authorities are definitely not a public service of some specific nation, they are (and need to be) international, above individual countries."

Which means it'll never happen because each country necessarily has its own agenda. You basically need to have an enforceable global authority first. But odds are we'll get World War III instead.

Charles 9

And if it turns out there is NO better way because it eventually boils down to the First Contact Problem, which last I checked is intractable?

China plans to swipe a bunch of data soon so quantum computers can decrypt it later

Charles 9

Sounds to me like we're running into a problem of the physics level, much like how much further one can compress a substance once it has already become a liquid or solid.

Charles 9

But doesn't encryption encrypt the structure as well, making it look like a bunch of gibberish?

Charles 9

Re: Decryption Chaff

It is you who misunderstand the point. That is EXACTLY what I'm getting at. In a proper one-time pad, a ciphertext of "******" (literally) could decode to ANY six-character combination, including words. All it takes is the appropriate key for each one.

So in your above example, ciphertext when run through key1 will result in plaintext1 while the same text run through key2 will result in plaintext2. That's all that it takes, and it's one of the key strengths of one-time pads: there is absolutely no way to predict the plaintext from the ciphertext.

Charles 9

Re: Quantum computing and decryption

That's just what we know, though. Don't rule out black projects.

Charles 9

Re: "When you've tried all possibilities"

It's a defining feature of one-time pads. Given the right key, you can literally get anything out within the size limit.

Smart things are so dumb because they take after their makers. Let's fix that

Charles 9

Re: Won't work. :-(

How can they be mandated when the market forces are against regulation? They have the clout to influence the government, after all. Thus the bit about "tombstone" regulation, where it takes death and outrage to force the issue because that's about the only thing that can out-influence the market. And even then that's not always enough (like guns in America, which has found itself a counter-outrage to keep itself going--finding a reason to hate the only thing that can fix the problem).

The rocky road to better Linux software installation: Containers, containers, containers

Charles 9

Re: The origin of Snaps

Well. you can't have it both ways. Jumping the gun may prove problematic, too, as newer versions have a disturbing tendency to break things that depends on older, now-deprecated behavior. Given the choice, I say let the developer (who at least knows what versions of what they're using) say when.

Charles 9

It definitely Not the Intended Purpose, but it's also The Best Option Available. Microsoft at the time hadn't thought of the idea of installable programs just for one given user.

Charles 9

Seems clear enough to me. I've always read it as, "Not Invented Here. I Don't Give A Damn About It." They insist on control, they don't trust outsiders, or some other reason.

Charles 9

The reason for Appdata/Local is that there's no Windows-standard way for a user to install his/her own programs in a user-specific way. I generally create a Programs subdir off my user directory, but it's not a universal convention. Appdata/Local is the closest analogue to a directory that exists for every user and is specific to each user.

Sweden asks EU to ban Bitcoin mining because while hydroelectric power is cheap, they need it for other stuff

Charles 9

Re: Tariffs based on end use won't work.

True, but total usage can be a useful metric. Average usage can be calculated, and overage above a certain range can be pinged for being greedy. If one's willing to freeze to mine Bitcoin, that's on them.

Charles 9

It's also a world where the truly rich and powerful will just do whatever they want to do and use their clout to make the law and/or the public look the other way. Seems to be endemic to human nature, which is why nothing really gets done long-term...

Charles 9

Re: How?

Perhaps put them up for a popular referendum and see what happens...

Charles 9

Re: Let's make crypocurrency healthy

So how do you propose we solve the "us" problem, short of evolving a better human?

Charles 9

Re: How?

Then perhaps a law to restrict such negotiations. Stop the sweetheart deals. Level the playing field, force everyone in the same category to pay the same way. If they can't survive on their own merits, then perhaps someone else can do better. If it comes down to the point it's a sweetheart deal or starvation, then a serious re-evaluation of priorities may be in order.

Charles 9

Re: Quite

Most of the electricity in question is hydroelectric, which doesn't require heat. Most of the rest is nuclear, which benefits from economies of scale, which means the plant will be some distance away from most homes. It's hard to transmit heat efficiently over distance.

As for CO2 and heat, have you ever tried the soda bottle experiment? Two soda bottles, one with air, one with CO2 (say from a carbonator), both under a heat lamp or the sun, see which one is hotter after an hour.

Charles 9

Re: Not Happening

Ever thought they would've done that already if they could...or that that is the desired effect, moving the miners away from cheap leccy meant for the local and less need for cooling?

Charles 9

How about this?

Measure how much power the average household needs there in winter, charge reasonably up to that point, then start raising the rates progressively as you go over: a little at first, then more and more...

Charles 9

Re: What's next?

The concept of low hanging fruit. Some food for thought:

https://www.salon.com/2021/11/26/is-science-stagnating-the-great-stagnation-debate-explained/

Kremlin names the internet giants it will kidnap the Russian staff of if they don't play ball in future

Charles 9

Re: Won't work if the companies are evil enough

It's what you call a war of attrition. Tends to get pretty ugly because it becomes a case of who cracks first. Do the Russians decide it's no longer worth it, or does the firm run out of sacrificial lambs?

Charles 9

"This! If doing business in a country becomes too onerous for whatever reason, then you up sticks and leave. In some cases, that might mean hardships in the affected country and cause change. In others, it will mean local companies will fill the void."

But the risk and reward calculations can change. Note the same thing is less likely to happen with a place like China, which carries a significant portion of the global human population on its own. Some things can just be too tempting, especially when coupled with a potential threat of competition leveraging what you may leave behind to eat YOU for lunch...

Charles 9

Re: a state run by mafia

Sliding scale of debate. They're only at the Intimidation stage. Coercion will follow.

Don't jump the gun if you're not sure the other side will welcome World War III or not.

Charles 9

Re: Oh noes..

Wielded against a masochist with no family to threaten?

How a malicious Android app could covertly turn the DSP in your MediaTek-powered phone into an eavesdropping bug

Charles 9

Re: Irony

They'll just turn off the associated frequencies, then. Older-generation phones (read 3G or earlier) will stop being usable soon. And it's easy to think even feature phones on 4G chips are likely pwned (I mean, I see Facebook on 4G feature phones these days, think of that).

Charles 9

Re: Eavesdropping bug

"I consider all smartphones electronic devices--including those beyond my control--eavesdropping bugs"

There, FTFTFY.

Charles 9

Re: Why even bother?

Depending on the app, triggering a microphone permission prompt may not be desired. Now, if one can use privilege escalation to get microphone permission without triggering the prompt, that's another thing.

Apple's Pegasus lawsuit a 'declaration of war' against offensive software developers, says Kaspersky director

Charles 9

Re: There is a big difference...

"Companies who sell physical goods are liable for the safety of their products and where there is sufficient danger to the public they recall defective products why should software companies be except?"

Haven't you seen? The worst of the worst know it's cheaper to just lobby the government to look the other way and NOT implement rules and regulations that would end up costing them. Look at the constant problem with water quality (exemplified by the Flint fiasco). Software companies know the technique, too, and have the advantage of having goods that don't necessarily have to be anchored to any one country; play sovereignties against one another.

Charles 9

Re: Backdoor smashed in

Especially if multiple disparate pieces of code can be put together just so with just the right kinds of inputs. It's hard enough to find a subtle fault in a single piece of code, but to find a well-designed one spread out over multiple areas...?

Charles 9

Re: patching holes

"All right then, let's have software and hardware that are designed by computers."

Fatal flaw in this, of course, is that computers are made by humans, too, meaning computers can be fallible.

Charles 9
Big Brother

Re: The next generation will attempt to port the kernel to Javascript...

Problem with your idea is that governments can exert a lot of pressure. Overwhelming pressure, even. From angles that may not have a viable alternative (like radio chips--governments regulate airwaves, after all).

At some point, your exercise will just put everyone in DTA mode, which just leads to anarchy.

Rust dust-up as entire moderation team resigns. Why? They won't really say

Charles 9

Re: Rust Alternatives and Roots

I think the point some of the commenters are making is that C was designed to not have memory safety, as it was designed to work at the metal level where raw performance was critical. Basically, a unicycle versus a bicycle with training wheels. At some point, you have to insist on people who what they're doing, and if they're not available, throw up your hands and realize You Just Can't Get There From Here.

Alleged Brit SIM-swapper will kill himself if extradited to US for trial, London court told

Charles 9

Re: Internet Police

Then suppose it's not a crime to throw a rock in France, and he's still in France? Does that mean no crime is committed because he never set foot in Germany, particularly if France refuses to extradite? This is the crux of the argument at this point.

Crypto for cryptographers! Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees

Charles 9

Re: Ah......what about the children?

But what do you do when many of the parties involved have an incentive to NOT understand it, or even to intentionally misinterpret it?

Charles 9

Re: how about "Cryptography means Cryptography"?

Plus some communication media are character-limited, so there's a need to convey a lot in a little...

The ideal sat-nav is one that stops the car, winds down the window, and asks directions

Charles 9

Here's an honest question. Is there a place where asking for directions isn't possible because no one knows directions in their brains and navigate instead by muscle memory?

Charles 9

Re: My experience

Pedant mode unnecessary. I simply referred to it to explain that AA in America is something unrelated to automobiles whereas AAA (the American Automobile Association) is much more germane.