1888 posts • joined 4 Mar 2013
Haida Gwaai, a bigish island in BC, never had deer. The Canadian govt helpfully brought them in. But they have no predators there so they’re literally like rats, overrunning the whole island. Deer will jump over a fence and nuke your garden or farm quick as you please.
Next the Canadian govt wanted to bring in (also not native to the island) cougars to control the deer.
Thankfully the local Indian tribe had by that time enough say-so to give that miserable idea the boot.
But if you like deer hunting (im not a hunter) there is no place in Canada with freeer rules than Haida Gwaii ;-)
Re: Never guessed...
actually this brings up a good point.
when you buy a Dell, say, it comes with Windows. FWIW to you, I realize. that OS is yours as long as that machine, sold to you by Dell, but without MS being directly involved, still works
if MS moves Windows to a subscription basis, then what would be the contractual effects to all parties if the Dell basically becomes an expensive paperweight if you stop your MS subscription?
would they be held liable for that? an easy solution would be for Dell to make a Linux distribution available to take over. not good for MS.
another might be legal verbiage by Dell warning that their shiny won’t work without a sub. not good for Dell.
Re: Interesting idea
no one outside of homeopathists takes their claims seriously.
yes, climate scientists DO gain employment from climate change concerns.
but someone who managed to scientically debunk climate change, using good old science - i.e. a sound theory with reproducible results - would immediately achieve scientific superstardom.
and it’s not like there aren’t tons of people willing to bankroll that line of research. Trump and the US coal industry come to mind.
Or... there’s always the remote possibility that you are wrong. What level, if any, of proof would it take for you to adapt your worldview to new facts coming to your attention?
Re: Interesting idea
Germany’s fail is that climate change is too much of a problem to allow the Greens much say in solving it. We agree on that much.
For the rest, your ranty ramble is fairly content-free. If climate change is happening, something accepted by almost all scientists in the field, costs will be immense over time. Think of the effects on agriculture and losses from coastal real estate flooding.
All for what? To resist changing the way we generate energy? Yes, it will change economies and yes there will be losers, but people will end up being employed in the new jobs, new companies will grow and life will go on pretty much as before. If youve been paying attention you realize a lot of hardnosed capitalist corporations ARE increasingly banking on climate change being a problem. Because, well, the math and science add up. If it’s happening then it’s just a physical phenomenon, not a political one.
But, yeah, just keep on putting your head in the sand cuz it doesn’t fit your world view.
Re: I did use Edge...
It also lacked quick access to a menu or a bookmark bar.
They might be there, somewhere, but I dislike Windows menu-lessness as much as its Ribbons. Firefox, Vivaldi, Chrome all recognize bookmark bars are key (and if you don’t agree, allow you to decide to hide them).
Changing the rendering engine ought to help MS render html standards. Won’t help with their lobotomized UI. The rancid ghost of Sinovsky lives on.
Re: police-requested guest registration
well then, if i was designing hotel POS systems, i’d
1. limit ID intake to strictly what’s _locally_ legally required.
2. upload to the relevant police db and delete
3. if 2 doesn’t exist, delete as soon as you reach end of locally legislated retention period.
fwiw, when I visit the US, it’s always just the CC# and car plate #. ditto within Canada. so that’s at least 2 countries not needing retention.
Might not be as big as Yahoo! but that info seems a lot more identity-theftable. CC# are easy: just get a new one, the rest is not.
Are passport and DOBs # globally mandated for storage? I know France had police-requested guest registration info for a while, maybe still does. But most of the time now CC# and license plate is all that’s needed. DOB? Why?
Security 101: if you don’t store it, it can’t be hacked.
See this, Google? Microsoft happy to take a half-billion in sweet, sweet US military money to 'increase lethality'
Re: "to give them greater visibility on the battlefield"
: the ability to see or be seen. : the quality or state of being known to the public. See the full definition for visibility in the English Language Learners Dictionary. visibility.
Visibility | Definition of Visibility by Merriam-Webster
Toutes mes excuses, El Reg. Je suis confus.
Re: how clueless
and kickstarting interest by having real-life silicon, priced cheaply.
chicken/egg. not rocket science, is it, @john.jones?
wonder the performance/vm pricing tradeoff given this current benchmark?
and, how much is this going to increase ARM compatibility/interest in general across the commodity FOSS stuff like nginx, postgres, redis?
not good for Intel, in the long term. esp if it coincides with macOS moving to ARM as well.
pity the guys @ Intel in charge of 10nm. they must be getting tons of pressure internally.
Check your repos... Crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week)
Re: What's the Count So Far?
its not node.js specific. could happen with any github-sourced code. in many cases the main code doesn’t even need altering, the underlying package install scripts (never looked at) can do the dirty. and those are not infrequently run under sudo.
In Python land, for example, that’s setup.py. Npm has active script install hooks too
Ouch. Clever, and simple, hack. Social engineering FTW.
How about an optional mechanism where an established github dev can be shown to have vouched for a new maintainer? A la web of trust?
Tons of holes, yes, but better than scammers just freely trawling the owners of no-longer-maintained popular repos.
Re: UK contributions
Georgia, Moldavia, Chechnya, Ukraine, Estonia cyberattacks. Gay rights snafus. Dead Russian opposition politicians. bogus elections. MH 217. Magnetsky.
All funded by the EU.
Do go on, Herr Putain.
one thing I grant you, NATO-near-border is way too provocative, except for Baltics. But actually probably suits Vlad just right, more enemies abroad to sell.
don’t misunderstand me on this. letting in Eastern Europe was the right thing to do. 100% and if anything, Putin’s nastiness only reinforces that. For them, but also for the previous EU core.
i’m not even sure a 10 yr freedom of people movement moratorium would have been good. But it was a policy decision at the time and it did allow those 3 countries to build up their economies gradually, dialing down the motivation to seek better opportunities elsewhere in the EU once full liberalization was reached.
The EU is a great club, but, when reasonable, it needs to be more sensitive about national preferences and perception. Subsidiarity being key here.
Pressuring the Piss folk in Poland and Viktor Orban not to become lil Trumps against human rights? Good. Need more of that. Setting banana curvature? Bureaucracy gone amok and recruiting poster for big Borises. Getting Italy back in line on their budget, to avoid another Greek bailout? Much, much, needed because the risks outweigh national prerogatives.
As to Galileo, purely on military self-interest, the EU should have found a way to keep the most capable European army integrated. The rest of Brexit negotiations however? Well, they’ve got the leverage and very little incentive to cut a sweetheart deal encouraging future xxxexit movements. They got you by the balls.
Too bad the Borises and Ress-Moggs didn’t see that coming or just managed to pull wool over the eyes of the more clever Leave voters. Yes, they exist, and Remains need to gently convince that constituency to reconsider in light of all the hollow promises.
btw One brilliant thing the Federal government here did, late 90s, fought tooth and nail by the Quebec separatists, was to force future leave referendums to have a clear Leave or Stay question. They can’t just fudge something harmless sounding. Wasn’t the issue with the actual Brexit vote wording, but it sure was with previous Quebec referendums.
Re: It'll be like decimalisation all over again, but spelt decimation due to a shortage of letters.
>investment banking industry
think again. I suspect a large part of the UKs attractiveness as a financial center is being an EU member. No doubt, the really big cheese won’t be suffering with the little people. But i’d be surprised if a large proportion of British investment bankers didn’t get shafted out of this. Yes, yes, they may not be all sympathetic but they pay taxes and spend money.
EU bankers can head towards whichever city takes London’s place. Probably a net loss for the EU, but nowhere as dramatic.
>b. We stop the process, try to salvage our dignity and resume trying to democratically influence the EU more towards the UK’s point of view.
As much as I am pretty relaxed about immigration myself, not everyone is. It bears remembering that, when Greece, Portugal, Spain joined the EU, in 1982, there was a 10 year moratorium on allowing full free immigration into/from those 3 countries.
In hindsight, it would have been more sensible for the EU to apply the same kind of transition period to Eastern European countries. Or indeed any new member with a sufficiently big GDP difference.
Didn’t happen. Brexit was a bait and switch but the EUs bureaucracy will need to reassess its our way or the highway attitude towards its _member_ states. The ratification referendums for the constitution being another clusterf***. Ditto the pointless insistence on metric system precedence. Or curly bananas.
Subsidiarity was a very useful UK-sourced principle, IMHO.
None of this really makes Brexit any less of a self goal 8-/
and so it continues. I really wish El Reg would let Tim Worstall re-explain his rainbows and unicorns once again in a guest article. Smart guy, but one wonders in this case.
Trump => 4 years (surely not 8?)
Brexit will keep on giving for a long time. Long past those who voted for it too.
I wonder if the - beneficial - aspects of the UKs traditional role in nuking some of the EU's more daft - usually French - proposals will be outweighed by its salutary inspiration on what NOT to do. Wonder what this spectacle will do for Le Pen's snake oil, for example.
Will it out-Greece Greece in that regard? I sincerely hope not, but this is certainly on track to be some massive foot machine-gunning.
and you know, I am A-OK with where the non-Pro iPad is at, a media consumption device. Bringing out the Pro model has dropped the base version prices a bit.
Where this article disturbs me is that my perception that Apple's thinking that iPhones and iPads are the future gettings-things-done devices is bleeding out onto their macOS devices. Their stewardship of the MacPro has been shameful, the Mini hadn't had an upgrade in ages until last month and the MBPs are really losing their Pro monicker in favor of thin and light. Prices are, Apple-high, as usual. too bad, I still rather like OSX.
If you believe that iPad Pros are "all the laptop you will ever need", then yeah, why not drop the ball on the rest?
We all know "it's not MS's fault that they have to look after so many devices". "Apple has it easy with their closed ecosystem".
But what of Linux? It gets to support a massive bunch of drivers and devices on _multiple architectures_.
Why can't MS uncouple things like the Intel driver, provide an apt-get type repo and let Windows download the drivers? They're not like regular application level software, you pretty much have a license to use it, by virtue of having the hardware. They're not sold separately. Then it's Intel's fault, not MS's. Why bake it all together, unless it works out better than on Linux?
Is that because the kernel-level separation is so much clearer in Linux? I seem to recall a number of kernel-level changes in Linux are motivated by hardware support: 4.19 has x, 4.20 has y. So Linux doesn't get out of jail by dumping it all into userland. What makes Windows such a unique sh*t sandwich?
Now, that's not claiming there are no driver issues in Linux land. But a significant % seems caused by hardware vendors not providing Linux drivers. Or specs. i.e. Windows-only. But those vendors DO have an interest in keeping Windows drivers tuned up.
Why not decentralize hardware support as much as possible?
Win10 telemetry had one job. And it failed.
I have a win 10 laptop that hasn't been updated in 2 years. I rarely use it, when I do it's as a db server, there is nothing confidential on it and the whole thing doesn't venture outside its LAN. The biggest safety risk is my gmail login is saved in Firefox's password manager, password protected. FF is patched regularly and carries NoScript.
I do play games on it, it's originally a gaming laptop (very good choice for workstations profiles, IMHO. they're beefy, gamers value quality and they love modularity).
I'd say I don't really want to touch it much and 1809 is doing very little to motivate to think otherwise. I may actually install 1809 later, once all they've whack-a-moled at it sufficiently, it might actually be safer than betting on MS next build to be any better.
For my limited expectations of it, sure, leave it as is. If it was confidential, then that'd be different, but my biggest take on Windows and confidential is that they're best kept on different computers.
You know, this actually brings something to mind. OK, we get MS is "thinking outside of the box", QA-wise. We also get that the Insiders, whatever their (few) merits, sucks at doing QA. Or being a meaningful force for user feedback. We get that bugs were filed throughout at 1809, but no one in MS bothered to really follow those through. There's a crisis brewing at MS and they don't know to make things right.
But... wasn't that the whole point of telemetry?????? Avoiding all the crap like 1809 because we are so instrumented that MS will KNOW something is wrong? With no need for insiders or followed-through bug reports.
Wasn't that what - most unwillingly - giving up our privacy was all about?
Did you hear? There's a critical security hole that lets web pages hijack computers. Of course it's Adobe Flash's fault
Oi, BBC, any plans to ditch it?
I mean its death's only 2 years away now.
And, before anyone asks, yes, I still see plenty of you-dont-have-Flash-installed s from them on my phone. I thought for a while that it would only happen at first page view, then reloading would show a regular video. As if they were doing just-in-time transcoding.
But now it just seems BBC often still wants Flash.
p.s. wouldn't want to forget Edge in this hall of lame, would we?
p.p.s. and, no, "redoing Flash from scratch" wouldn't do it. Too much flexibility in what can be run from internet sources, essentially an opaque closed source parallel JS, is just not a good idea. If you want video, embed it. If you want audio ditto. If you want animation, there's JS Canvas and SVG. Browsers and plugins are much more able to keep JS stuff locked down and even then it's a constant struggle.
Re: No and yes [Was: HTML-only calculator?]
Ansible is configuration management software. Not a full-on programming language.
In the context of config management, I’d take a declarative approach, as allowed by YAML, over programmatic configuration any day.
YMMV, but I’ve sweated out both Chef and Ansible and Ansible just maps way more closely and naturally to a BASH command you’d be typing in manually.
This is just about my perceived ease of writing, not things like scaling, speed or idempotence.
Re: Proppa language bruv
as far away from me as possible. xslt has the dubious distinction of making regexes seem limpid.
I am sure it’s useful, in some contexts. but it’s part of xml sad slide from, relative, simplicity into the swamps of xml schemas, SOAP and generally over-
There’s a reason a lot of this stuff is getting superseded by lighter solutions, at least on greenfield projects.
Linux kernel Spectre V2 defense fingered for massively slowing down unlucky apps on Intel Hyper-Thread CPUs
inquiring minds want to know
When are we due for Intel chips with the Spectres and Meltdowns vuln classes nuked again? Within reason, of course - nothing remains secure forever - but least without a whole slew of theoretical issues that hackers can play with.
It’s almost as if they didn’t want to jeopardize their current sales by having people put off buying.
If at first or second you don't succeed, you may be Microsoft: Hold off installing re-released Windows Oct Update
Re: Technical debt
Agreed, but that does have some nuances. There's a blog post somewhere titled "You're not Google" and it's about why solutions that work for Google may not work for you (the emphasis was on scaling-before-all not being a fit for everyone).
For FB (not a fan myself), moving fast, breaking and fixing may in fact be a good approach.
- you can re-deliver working software very easily. This is very true for websites, less so for PCs and quite a lot less for embedded. Steam games and smartphone apps are pretty good there too.
- the consequences to your users of an outage are trivial. For FB or a game, this holds true. For an online banking website it's not.
- you are largely read-only (Netflix)
- your users do not mind having to wait a while until things are fixed. This is not true for a computer's OS.
If you take steps to preserve data and privacy (let's not mention FB here) and if you can segment new code with A/B testing, then, yes, I'd argue this is not a bad approach. Netflix is on the extreme end as they deliberately break things to make them more resilient.
But most companies are NOT operating within those parameters. Stupidity happens when someone drinks the coolaid, takes an approach that works under certain circumstances and applies it willy-nilly.
Frequent build devops CAN be great on a website. It can also be great if it pumps new builds into a rigorous QA process, well-isolated from customers. I know I am dumb enough that getting something right takes me zillions of runs and builds - I'd have been fired in punchcard days - but then it usually stays working from that point on.
It sucks when it delivers failing code to your end users, destroys their data and keeps them from using the system.
Advice to MS: you are not FB*. Spend some $$$$$, hire some software quality supremos (maybe someone heading Linux/BSD builds), give them power, and fix your stupid practices that are making you a laughingstock, not just to the IT geeks but more and more to everyone else as well.
* holds true for your effin telemetry too.
Yeah, just shopped a new mini-ITX. The “mini” is stretching it these days: most of the units sold are for gamers. Priorities in cases: thermals, cosmetic LEDS, accommodation of large GPUs.
Ended up getting a used Xigmatek case, about 1 foot cube, for $40. Rest is new (Linux on Ryzen)
Gorgeous, very nice build quality, a joy to work with.
But small it’s not.
Microsoft menaced with GDPR mega-fines in Europe for 'large scale and covert' gathering of people's info via Office
Re: Zero Exhaust?
>why does M$ think it will take until April next year to make it generally available?
Easy. 5 months of desperate lobbying and Doublespeak ahoy explaining how _customers_ need slurping, they value our privacy and are always out to listen to customers.
Maybe that horse will sing by then.
Me I’m wondering who the lucky ones to benefit will be: Euro area only or Canadians too? (we already “benefit” from cookie warnings)
I don’t disagree about the particular legal criteria leading to his conviction.
I’m saying that when you have severe data breaches then individual should be liable for gross negligence or malfeasance.
In Equifax that might end up on whoever cut security budgets to the bone rather than the hapless sysadmins.
Cambridge would be whoever started slurping - who ordered it & who did it.
Assumption of innocence: unless it is proven either negligent or intentional, person walks away. Don’t want the job of sysadmin to become exposed to spiteful scapegoating either in case of honest errors.
Look at medical, public transport operators, etc... for guidelines.
But it’s high time we make individuals liable - large data breaches, not this particular lowlife, can result in thousands, if not millions, being exposed to fraud. How much crime will that facilitate? Not particularly fond of filling up prisons, but at some point it becomes worthwhile to dissuade certain types of crimes or negligence by harsh penalties.
Think of it this way: why are we cheering this bozo getting 6 months and accepting a truly trivial monetary penance from Equifax?
Great. Now, how about applying this newfound severity, with jail time proportional to the volumes, to the bosses involved in some of the bigger data breach.
Thinking Cambridge Analytica, Equifax...
Oh, and some of the direct “just following orders” worker bees doing the dirty work too.
Don’t even always need real - taxpayer costly - jail time. Suspended sentence and criminal record is a good start.
I was working as an account manager/do-everything-guy at the local branch of an up and coming software multinational. I was tech guy at core, but a dev, not a sysadmin.
A livid customer's IT manager contacted my boss about our app's database crashing on them. He had never liked us, we were chosen by the biz side over his objections, so his moment to gloat. Yes, his "DBA" had been backing up faithfully every day, but now they had lost a full day's work since this was a late afternoon crash. So he wanted our RDMS vendor to examine his database core dump. IMMEDIATELY and he had already notified his C-levels of the snafu.
Dragged in our local CTO - yes, we were that small, and we looked at the Gupta SQL database manual together.
- open at index
- Restore DB, page 35, yes.
- But, that's gonna lose them that full day. That's what they're bitching about.
- (5 minutes later) Wait, what's that Log Journal Replay thingy?
- OK, let's just call them and tell them to restore and then follow procedure at page 42 of manual to replay the day's transactions.
Never heard of Mr IT again, but the customer's business person told us he came off as a proper ass when it became obvious they had never attempted a recovery or even read up on how to do one. Remember how upper management was notified? It's amazing how some people are incompetent at even management games.
The biz guy was pretty happy, they only lost 15 minutes or so of data. First time I got an inkling of what an LDF was for ;-)
I found a security hole in Steam that gave me every game's license keys and all I got was this... oh nice: $20,000
Re: Tsk tsk tsk
Not to mention that games, or at least a significant subset of them, sit in a massive blind spot for open source, by nature.
Many of our favorite games involve the element of surprise and discovery. How will you be surprised, as a player, if the underlying economic model depends solely on the, otherwise very successful, notion of user-contributors? It can work, very well, for game engines. But not for game content where users need to be dissociated from creators.
Fail, edris90, fail.
>ReactOS purports to seamlessly run Windows apps and drivers in an open-source environment.
Wondering what the asinine decision to support API copyrighting in the Oracle vs Google Android case could mean for this type of endeavor in the future? This is why the Supremes need to nuke that from orbit asap.
Hey, Binky, why is how I want to spend my money any of your business again? Do you see me tut-tutting at your driveway because my 25K$-when-new, 10 year old, Civic is thriftier than what you drive?
My point was that we are not comparing 800$ BestBuy laptops here. For this, my work computer, I need lots of RAM and beefy storage (Retina level displays are a waste tho). The equivalents in non-Apple land, by the big PC manufacturers, are not cheap. So, I'm talking paying 30% premium for a tool I'll be using for the next 6-7 years at least. I've also used, in the past, HPs, Toshibas, Acer laptops. They all kinda sucked, IIRC and I was glad to see the end of them after 3-4 years.
>get a Linux support shop to set up Linux
More diktat-ing of what's best for me, Herr Kommissar? I know Linux perfectly well, once it is on a pre-installed system. I just don't want to deal with system configuration from scratch on laptops with somewhat exotic components like say fingerprint sensors and (hopefully decent) trackpads. And, now, according to your wisdom, I need to take a brand new laptop and get Linux on it by a shop. How does that do for the warranty period again? Think Dell will be happy troubleshooting a Linux-ed system if they didn't install it? And the shop will work for free? Some of the Ubuntu-certified laptops are not, in fact, being sold with Linux on it in Canada. Just Windows.
How much is my time worth till I think $900 is not that great a saving, in this particular case?
It's not like I really really like Apple, the company. My beef is that a new laptop from them is not like my 2011 MBP. It's not serviceable and they gouge you on RAM and SSD capacities. I returned a 2016 upgrade after 2 weeks, didn't like the keyboard or the stupid Touchbar. And, yes, I also resent their focus on looks and weight for what's intended as a light workstation.
Show me a laptop with a similar build quality to my old MBP, metal enclosure, Linux pre-installed/supported, and easily replaceable components and I'm willing to consider the, relatively light, changes to my workflow from using open source software on Linux rather than on Apple's consumer-level BSD.
And that's what I was asking about here, not your opinion on how I spend my $, thank you very much.
In the recent macOS penguinista article there were many suggestions for Linux based alternatives. I ran past the usual suspects and was not that impressed. A highly kitted out Dell or Lenovo is cheaper than a MBP but not by a huge amount ($2700 vs $3600 is not that great if it puts me in charge of driver configuration and installation after wiping Windows - I frankly dislike that chore, sorry. Been there,
done failed that).
And lots of them seem to have the same spiffy, sleek, sexy look as macs. And likely the same soldered & glued innards as this article. Leaving me pretty much where I would be with a mac, albeit on Linux. But Linux retro-installed on Windows hardware, most likely.
But one person recommended Librems by Purism. I could care less about some of their ideological aims, such as banishing non Libre components, to be honest. But they apparently have fully swappable RAM and SSD layouts - std Phillips screwdriver and you can go to town.
Now, that gets me all hot and bothered. And a custom Linux distro, which could be very good - stable drivers+hardware. Or bad, as in a rebranding exercise that gets you further from std distros without adding value.
Anyone used them in anger? Happy?