Posts by Adam 1

Re: @d3vy ... WTF?

> And the DOJ have had 3 years to get an Irish warrant, but continued this fight

What is their angle. I would get if it was some backwater country under a military junta every other week, or if it was an openly hostile Iran or North Korea or something, but Ireland? Just fax the form just to them and as long as there are reasonable standards met, the cd with the data will be in the post (metaphorically). You wouldn't tolerate the argument in reverse. That should tell you something.

Re: Why does anyone care about wifi security?

Do you care if someone prints to your printer? Or starts sniffing about to see what might be protected by some ancient long broken Windows authentication scheme? Some of us live on oppressive regimes like Australia and the UK that collect "metadata" from every website you visit because, you know, terrorists. The sort of people who would want to exploit this are no doubt going to be doing things I don't want to go through my connection. Do you really want your media centre indexing the folders of media that they might have on their public share? Didn't think so.

And on your other question, if had need to buy dirty sugar water and use their internet, my VPN is definitely ON with local traffic denied.

Re: hollow laughter

> Best Li battery - 234Wh/kg

> Petrol - almost 13,000 Wh/kg

That actually doesn't matter. Actually that's not true. It does matter, but it isn't the blocker issue for practical EVs. We get nowhere near 100% efficiency from an ICE even at the flywheel. Then we lose a whole bunch more through the transmission and drivetrain. Even HCCI is only 50% thermally efficient (don't get me wrong, that is brilliant) but those figures are starting with petrol, not crude, so it isn't true well to wheel figures which need to account for transport and refining. It is really hard to do apples Vs apples, certainly not using those two figures.

What currently hurts EVs for range is simply recharge time. If they can get the fast charges to the point where it takes 10 minutes and gives you another 300km, suddenly that plays nicely with fatigue management. I think that is definitely possible and not a ridiculous compromise in most use cases. Alternatively, if manufacturers can agree on a standard then we might even see swap and go battery packs (like we have for BBQ LPG cylinders). That will need machinery to disconnect, swap, then fit the new one. Whilst it'll never be as light as an ICE (all other things equal), having more flexibility over where the weight is put can really help with the dynamics to counter some of the weight penalty. The glass isn't always half empty.

Re: Paper profits only

Why can't they cash in their bitcoins? As far as I know the visa status et al ban (although didn't MasterCard break ranks?) only stops credit card payments. It wouldn't stop any other exchange for goods or cash.

Re: This won't be addressed

But a decade before these models the Rex would have been close to the most stolen vehicle on sale. It's a bit hard to judge on popularity amongst car theives because cars are broken into for different reasons (joy ride/use in a crime/rebirthing/theft of contents/stereo etc)

The first two are much harder now due to immobilisers. The third is harder because of datadot. The fifth is less of an issue in modern cars, especially those where the stock head unit supports Bluetooth and Android auto/Apple car play (there isn't much of a second hand back of the truck market for stock head units). Smash and grab is still an issue but frankly a secure rolling code isn't going to help you avoid that.

Re: So in theory

> You can't really trust TLS if you're not really sure if the hostname resolved to the right address.

Sure you can. The fake server cannot fake a signed public key (let's exclude Symantec et al giving out fake ones for the minute) so even if they send you fake content then you are going to get warnings about self signed certificates or mismatched URIs from your browser. They can definitely do a downgrade attack (eg POODLE) when intercepting your handshake. They can definitely block your service. But they cannot trick you*

*I guess another exception is the fruity browser that did a few too many goto fails and thereby passed over that check.

Re: unique mathematical hash

It is irrational to fear an accidental collision in even a broken hash like md5. A deliberate pre image attack is a possibility in other contexts like password storage but such attacks in the context of dedup are irrelevant because to take advantage of it would require you to predict something I haven't stored yet but will need to store.

Why irrational? Because even if we used every computer ever made and dedicated their processing time to try to randomly create documents for billions of years, the probability shows it still be unlikely to occur. It is far more likely to suffer corruption due to bits being induced by a solar flare during a write operation. Russian roulette is not a good analogy in this case. In that game your odds are much worse and there isn't a reward. The reward in dedup is a *lot* less write I/O than you would need to do a subsequent comparison.

Re: race to the bottom

Rethink that assumption in context of other people paying the electricity bill. If this takes off, the person paying the electricity isn't the one who decides whether a piece of JavaScript gets invoked on some site. Even in the case of traditional bitcoin mining you could have botnets stealing CPU/GPU cycles from hundreds of thousands of PCs/IoT tat. Website owners already believe (generally) that they are entitled to use bandwidth and screen real estate and sound for content they know I don't want (called ads for short). Many don't feel the smallest bit embarrassed about downloading multiple megabytes of JavaScript Frameworks. They believe the visitor owes this cost and inconvenience for the privilege of seeing their wares.

Re: To be honest

By a Tesla then what!? Oh man don't leave us hanging like that.

Re: Mandatory Discworld quote

I both see and fail to see what you both did and did not do there or somewhere not there.

Re: How is SQL Injection Still a Thing?

The problem with stored procedures is that they are vendor specific where as plain 'ol SQL is largely cross RDBMS compatible.

Sure you can use an ORM wrapper but these come with their own challenges.

In agree though that if we had a clean slate to redesign SQL, there is no way we would interleave the instruction and data elements or allow inline constant expressions that drive people to try and build up the command with string concatenation.

Re: Gravity pulls things down.

> but locally, yes, it pulls things down.

Noʇ poʍu ɥǝɹǝ ᴉʇ poǝsu,ʇ

> Where's the popcorn icon?

Or falafel and hummus would be great too.

Re: Death knell for disk?

Nah. What interest would a consumer tat company have in a product that needs replacing soon after the warranty period expires?

elegant solution

You've got to hand it to the LaserWriter manufacturer. They introduced a

feature into their password hint that achieves the holy grail of both really helping legitimate users to recall their password and allowing the user to provably tell if the prompt is legitimate or fake.

Re: Not sure why they outed PureVPN

One interesting angle is that China has been putting their foot on VPN provider's throats of recent. I wonder aloud whether one of the licensing conditions required to operate has directly or indirectly exposed their users.

Stop! These puns are too much. I wannabe ill. Goodbye!

Re: Mycroft Holmes would be so proud...

It is UTC+8, not like it could be Perth or Indonesia or Malaysia or Philippines or some other country working on night shift to make it look like China.

Re: Clearly essential...

No this wasn't a dig at across the ditch.

"On 14 July 2017, Ludlam resigned from the Senate after it was brought to his attention by barrister John Cameron that he held dual Australian and New Zealand citizenship, rendering him ineligible to hold elected office in the Federal Parliament under section 44 of the Australian Constitution"

-everyone's favourite reference website

This was his contribution to the stupid waste of taxpayer money* meta data retention bill. I hold different political opinions to him on many issues, but on this issue he was bang on and unlike many others on both sides of the isle, he actually had a grasp of the issue at stake.

*According to my metadata log at some large ISP, I am visiting the IP address of my VPN provider and nowhere else.

It looks like you are trying to interchange two words of totally different meaning but similar spelling.

Would you like kelp?

Re: Aukward moment

African or European?

was that a dare?

No no. Not the logo, that looks perfectly fine if you want to refresh your branding. I mean the mountain of dribble. Visual metaphors for collaboration? Open platform? Place for collaborating? Or are we playing buzzword bingo?

Re: The horse is but a distant memory...

Um. I'm making a joke, a humorous misunderstanding given the two possible meanings of the phrase "Closure will surely follow [the improvements that Oracle are making to Java]". In the intended understanding, the term closure is to express a change in open state of the stable door, from the saying "to close the door after the horse has bolted". In simple terms, too little, too late. The second, unintended meaning is the language feature of closures as present in many languages from lisp to c# but notably missing in Java. The comment about real closures is because many people confuse lambdas with closures. For some use cases they can substitute but not all.

I am not sure why you bring up JavaScript.

Re: Trained Pigeons

> Build moats round all the prisons

You guys really need to stop sending your politicians such mixed message! I thought you emphatically told them NO MOATS a few years back.

Re: if only

Sorry but that argument is pretty flaky and would equally apply to Wikipedia / Reddit / El Reg commentards.

It solves a different problem to documentation, which tends to focus on classes, constructor overloads, methods and properties. SO does a reasonably good job at pointing back to the official documentation where applicable.

Two examples from recent experience. I was trying to figure out how to write

if (old!=null XOR new!=null)

Obviously for bitwise xor there is ^ but there is nothing for a condition. SO reminded me that XOR is the same thing as !=

In another example, I had two Hashsets and wanted to know if there were any differences between their contents. The top answer would have worked but it was frankly going to be inefficient. Sure enough the first comment below the answer states that it works but it is going to be O(n^2) whereas the other answer (which was slightly less voted would be O(n). Sure enough, the second answer pointed out the method name and a link to the documentation for it.

The other thing that SO does much better than the documentation is explain why something was/wasn't done, like why can't youb in c# yield return inside an anonymous method? Is there a fundamental ambiguity around what you are trying to do or is it just not high enough on the backlog because people want other features? The documentation just tells you you can't do that. Maybe that's all some people care for, but I need to know reasons. For the curious, the answer is too much effort and not enough demand especially now local functions can do this.