* Posts by JLV

2252 publicly visible posts • joined 4 Mar 2013

African IP address body exec half-apologizes for 'Whites are taking over' race-row email

JLV

Re: Shoe, meet foot

>unless you are a white man.

Surreal moment in Paris, years ago...

Two young men - one black, one Arab - arguing, not in a friendly way. Arab guy goes for the kill with a supreme putdown:

"Wanker! My grandfather would have owned your grandfather."

Not to say that many of us whites ain't racists. But the general consensus, even among whites, is getting more and more that being white and racist is a bit of a douchebag move. That's a very good thing but it'd be nice if that attitude trickled down to other ethnic groups as well.

Microsoft's Scott Guthrie wrote code live on stage for Azure devs

JLV

Over the years I have come to realize that simple clean code is way harder to write than what looks like more complex code.

"I would have written a shorter letter, but I did not have the time." - Blaise Pascal.

Why Oracle will win its Java copyright case – and why you'll be glad when it does

JLV

>unless you actively protect it you will lose it

That's specific to trademark law.

JLV

Much more eloquent than me, but exactly what I was trying to express.

Doesn't matter where you are on the BSD/GPL/proprietary continuum, strict API copyrights have a lot of potential to create a mess and little economic upsides.

JLV

Re: Uh, not sure if I follow:

Must be why patents have expiry dates. And even copyrights have those as well, though Disney has lobbied mightily to extend those ad infinitum. Why US drug companies are under pressure when carrying out minor reformulations of their meds to re-set the patent clocks to zero.

IP protection does have try to strike a balance between remunerating innovation and not granting undue monopolies, even to deserving creators. One could argue that the 17 years of current US patents is inappropriate to the speed of modern innovation, but one can hardly argue that the laws were always intended to be creators-only.

BTW, APIs have little to do with stolen DVDs and CDs - which I no way condone - so please use better straw men ;-)

JLV

Uh, not sure if I follow:

I disagree (without admittedly knowing much about the legal aspects) with the author, both about his opinion and about the Gottardammerung nature of allowing Google to get away with it. But I respect his posting an article detailing his opposition, fully knowing that supporting Oracle is not a popular position, even against cuddly cuttlefish Google.

These are some criteria to look at for fair use (easily found on the Net now):

Factor 1: The Purpose and Character of the Use

- Google is out to make $, not a charity or education.

Factor 4: The Effect of the Use on the Potential Market for or Value of the Work

- Google made a lot of $$$. Oracle may or may not have lost $$ - J2ME was hardly on the way to world domination beforehand and Sun was squarely to blame for that.

So, far, good for Oracle.

Factor 2: The Nature of the Copyrighted Work

- here's where we agree to disagree. An API is not like other bits of code and has a specific intent and nature. Making API copyright rigidly enforceable is likely to lead into even more legal shenanigans and limit competition. That's a naive, dev-only, viewpoint, but we don't see the level of weird IP infringement in too many industries, compared to ours. Think rounded corners, one-click purchases, etc...

I would hate to have APIs confirmed as an always-valid basis to sue. BTW, what was the original reason for Linux Samba, if not not to respond/appear somewhat like the imitated Windows networking services? Would that have been an API infringement?

Last, take note that Sun, and later Oracle, always were the first to preach that their darling language was an open standard.

Factor 3: The Amount or Substantiality of the Portion Used

We also disagree here. Oracle originally complained that Google had copied some implementation code. IIRC the quantity of copied code was rather trivial. Fine, let Google pay $$ (anywhere up to 100M$ or so) to atone for the code they copied.

Substantiality and amount is not high in the case of API (as opposed to implementation) copying.

IP protection was always intended to balance rewarding creators vs promoting the good for society as a whole. When ABS/airbags and all sorts of other innovations come out in cars, we don't expect them to be fought over as stupidly as our own industry has the habit of doing. When I look at a ferry unloading cars simultaneously from 2 decks, using 2 bridges, one for each deck, I don't think the shipbuilder got 17 years of exclusivity from that idea before competitors applied an "obvious solution" to an existing problem. Or that boy racer car rear fins were frequent ground for lawsuits, a la "rounded corners".

Also, it is easy to claim that Google only had to get a Java license, but it conveniently forgets that J2ME was the only Java implementation allowed on mobile devices at the time.

So, sorry if I am not as clever about the legalese as Andrew, but I have an instinctive distrust of the repercussions of making APIs strictly copyrightable a priori. Or, if you prefer, finding them generally not to be ground for a fair use defense.

In another industry, with saner IP behavior, I would leave wiser heads to decide. As it is, no sorry, I don't buy this.

TeamViewer: So sorry we blamed you after your PC was hacked

JLV
FAIL

not an user failure, an engineering failure, probably pushed by excessive user friendliness reqs

It's not quite like password reuse and massive website credential breaches are a new phenomenon.

If even our Overlord the Zuck uses a really dumb password, repeatedly, then a software vendor that operates in as sensitive a context as TV should have taken a long, hard, look at what could go wrong on the user end and plan accordingly.

Blaming the users isn't good PR and in this case user failure of this type should have been anticipated and planned for. Even at the cost of less easy to use processes - a hostile remote logon is just too nasty to risk allowing on anything but the most extreme and unlikely user security mistakes (like telling someone your login credentials outright and then confirming you accept their connection).

IMHO they pretty much deserve their Ashley Madison moment. And hopefully other vendors will learn from it.

Theranos CEO: $4.5bn to $0

JLV

Re: Please, oh please

Well, I'll keep an open mind, for now. Innocent until proven guilty and all that.

But if she was involved with, directed, or condoned, fraud in a medical testing (not just billing/stocklisting) context, then I would hope that she risks a lot of jail time. Rather than just having her professional prospects tarnished. And that's even if it was just to keep her company afloat pending resolution of technical glitches.

TeamViewer denies hack after PCs hijacked, PayPal accounts drained

JLV
Trollface

Movie reviews, circa 2021

"""

The Heist is a passable action movie, with Scarlett Johansson channeling Black Widow and Entrapment's buttock sequence very fetchingly.

Unfortunately, the movie is none too credible otherwise. Would multiple millionaires have their security systems connected to the internet? And it also beggars belief that TeamLock, the vendor of that alarm system would design a system hackable by default. And then go on public record stating it wasn't their fault even as multiple clients get burglarized.

So 2016.

"""

Meanwhile - back in 2016 - if you have to use TeamViewer or the like, is it not a standard feature with that type of software to specifically have to activate/enable every time it before someone can remote in? Like, talk to your correspondent over the phone, activate it and then he/she can get in? After which you deactivate it again. As opposed to installing it with an always on setting? Would seem like a no-brainer, both on the feature existing and on making use of it.

$10bn Oracle v Google copyright jury verdict: Google wins, Java APIs in Android are Fair Use

JLV
Happy

Pumped!

Hopefully this will set a precedent about APIs and their standing wrt to IP considerations.

Having APIs copyrighted is both ignoring what the very notion of APIs are intended for and a disastrous invitation for all sorts of sueballs by companies frivolously protecting their products from better implementations or solutions. We have enough ridiculous and unproductive patenting going on in our profession without adding API copyrighting to the mix in the name of IP protection.

To be fair to the original judge's ruling for Oracle against Google, there was a precedent from about 20 years ago. See http://www.groklaw.net/articlebasic.php?story=20120531173633275

Sanity prevails. Not that I am a huge fan of either Google or Oracle - I'd have backed whoever was fighting against API copyrights.

p.s. screw East Texas. Just because.

Microsoft won't back down from Windows 10 nagware 'trick'

JLV

Re: N.W.O.

>shed some preconceived notions

Not to mention that on Windows, it seems you have to shed preconceived notions of how to configure it from version to version.

As an example, why did they ever change the control panel's "Add/Remove Programs" to " Programs and Features"? Or whatever the heck they renamed it. Or the Charms-only approach to Win 8.x wifi configuration that is such a change from XP/7.

I am sure Linux grumblers will point out that various distributions change their configuration apps a fair bit. But a power user can usually fall back to command line configuration or at least use the command line to report system status. And, well, for better or worse, people who configure Linux are expected to be more flexible.

OSX's System Preferences are also quite stable from release to release - that's something MS could learn from because the majority of its user base is the equivalent of Windows consumer-side users.

Worth the effort? Depends on your needs, skills and expectations. But I will say that a Linux box, once configured, tends to be a lot easier to keep updated than Windows. Applications are generally transparently and centrally updated. You don't get a zillion startup programs all independently querying their respective vendors to see if a patch is available. Nor do you get the maybe/maybe not Windows patch reboot sing and dance. The home directory is not a confusing mix of user data + application stuff - you can copy it from machine to machine and be assured that things will work.

The OS is a lot better, I think it mostly depends on whether you have the programs you want to use on Linux. And a VM can help there as well.

JLV
WTF?

Re: so Desperation

Agree with you, but it doesn't make that much sense.

MS is a company with deep coffers and a serious likeability and hipness deficiency. It has a fair bit of strengths (at least to some people, if not our enlightened commentards).

Death-marching everyone to Win 10 achieves what, exactly? They still need to support Win 7 and 8.x until those 2 have reached end of support. Sure, there are some operating gains from supporting say 90% of users on Win10 and 10% on 7/8. As opposed to say 50/50. Your support staff can be on new technologies rather than legacy cruft. Easier troubleshooting? (we know telemetry isn't used to listen to what customers prefer).

But is it that much of a gain? At the cost of getting reviled day in, day out by a majority of IT influencers (argh, wish I could think of a better word here). And getting panned in general news coverage? Heck in 2 months, they can sell you what they're giving away for free now 8-/...

It's not like Win Phone is going anywhere that it still justifies the clever Win 8.x screw-desktop-users-to-promote-touch strategy. That horse has bolted.

What exactly is the point here? Is there so much value in the telemetry? I understand Google's hunger for your data - they've built a successful business on it. But MS isn't as ad-focused. And Win 10 usage telemetry is hardly going to be very useful to sell you toothpaste or cars, is it?

Why so much perseverance at what seems to be a self-defeating exercise that is steadily driving down public perception? What is the rational reason for it? Or is it just misplaced hubris and stubbornness?

WTF is for MS, not the OP's post.

Former Sun CEO Scott McNealy has data on 1/14th of humanity

JLV

And that's a big f*** you to you, Scotty!

“You have zero privacy anyway. Get over it."

- Scott McNealy

Pointless features add to browser bloat and insecurity

JLV

Re: Dubious

SVG is a markup spec, not a protocol. Canvas is an API to render graphics in a browser. Not sure what the protocol is doing here.

</pedant>

Compared to Flash bug counts to date, I'd say neither is doing too too badly.

I am all for finer grained controls about what runs in your browser. If you don't need/want SVG then it should be easy to turn it off. But don't think no one wants/has a valid reason for interactive web apps on the basis that you don't. Besides, it wouldn't be possible to turn the clock back to our "glorious 90s websites". Bit like comparing raw update speed of a VT100 data entry terminal system to a GUI-ified one. It's just not what 90% of users want.

JLV

Re: Dubious

Agree.

I really like the idea of figuring out what is actually being used. Hopefully with an eye to deprecating some of the stuff that isn't.

However, when you flag Canvas and SVG as no-gooders, that leaves open what the suggested replacement is. I have little nostalgia for mid-90s websites and even less for sites using Flash. For better or worse, browser-based approaches have become a primary delivery mechanism for software services. Not least because much of our software now expects to have connectivity and would not operate well in pure standalone mode.

Leaving aside considerations about the cloud being a good or bad thing, if you need a network aware app that also provides rich interactivity, that leaves you with a few options. Locally-installed software, apps a la iOS/Android. Or a browser-based app with JS and SVG/Canvas support.

Personally, for all its weaknesses, I find browser-delivered apps with a suitably hardened browser and a sparse NoScript JS whitelist rather less dangerous than installing a lot of programs or apps locally. I actually trust open source repositories for Linux/OSX utilities/programming tools a fair bit, but not much else. Not app stores. And certainly not stuff floating around on the web waiting to be downloaded and installed.

The less stuff I install locally, the happier I am.

i.e. OK to jettison the unused cruft, but suggest rather than just criticize for the more useful bits. Doesn't make this study wrong per se, but it's only part of the picture. And website bloat/slowness is an coding issue, mostly not the fault of the tools themselves (Flash excepted).

p.s. maybe the SVG spec itself requires winnowing. I recall MS self-serving justification for not having SVG support in IE (prior to IE9) being that the spec was bloated with stuff like file uploading facilities, best left to HTML. Maybe they were correct in that instance.

90 days of Android sales almost beat 9 months' worth for all flavours of Win 10

JLV

Re: Even the BBC thinks microsoft are assholes

Wow, that is incredibly underhanded, even by the standards of the Win 10 sneakware. Whoever authorized that should be terminated.

Quoting PC World:

"""Normally, closing the dialog box by clicking the red box in the upper righthand corner automatically opted out. Over the weekend, clicking that red box started opting users in to the upgrade

.

"""

I wonder when MS is going to wake to the fact that, following the Win 8 debacle, they need to be perceived as nice. Spyware telemetry, for all the supposed intent to better known one's users, is not helping.

And this is just too far off the charts to be acceptable. It's not an obscure, for-geeks-only, discourse about sneaking in Win 10 via security patches. Everyone has certain expectations about dialog boxes and will not take kindly to being fooled.

China caught astroturfing social networks

JLV

Re: $0.50 per post?

How about as an Amazon fake reviewer?

https://www.amazon.com/Ruby-Programming-Professional-Made-Easy-ebook/dp/B00T0VRLVG?ie=UTF8&ref_=cm_cr-mr-title#customerReviews

https://www.amazon.com/Android-Programming-Power-Beginners-Development-ebook/dp/B00QMK9MRO?ie=UTF8&ref_=asap_bc#customerReviews

JLV
Trollface

Re: Every big company does this.

>Actually the only online comments you can trust are nihilistic commentards.

Nope. They are just working for the competitors instead.

Airbus to build plane that's even uglier than the A380

JLV

"Un bel avion est un avion qui vole bien" - Marcel Dassault

Up until recently, I'd gone with Dassault's blurb that a beautiful plane makes for a good plane.

Aesthetic abominations like the F117 have destroyed that faith however. In real life that thing looks like a low-budget prop for a bad scifi movie. Mind you, it did get retired rather quickly so maybe there is some truth left to this saying.

JLV

Re: I'm torn between..

Might I also recommend the Museum of Flight and/or the factory tour @ Boeing when in Seattle?

(no great stress if one gets the wrong exit either)

Mads Torgersen and Dustin Campbell on the future of C#

JLV

Re: Null pointers

I would argue that if you are doing a technical code review in a technical capacity then you ought to familiarize yourself with pointer/reference semantics for the language at hand.

But I also think that you are 110% right about readability. For such a core feature, I find it encouraging that they are willing to flag it as something they want to do, yet will defer until they have the feature and syntax better figured out. Easier to add stuff to a language than to take it out and harder yet to correct bad syntactic choices later on.

JLV
Meh

Re: Functions returning multiple values.

It's a feature in Python. You don't have to use it and in fact few seem to.

Personally, while I find it convenient sometimes to return multiple values into a tuple, I agree that it is a code smell. So I usually create an object instance on the fly, assign my values onto it as attributes and then return a single value.

There is a fine line between a language/framework pragmatically promoting clean and robust code on one hand. And uselessly nannying assumed-to-be-competent programmers on the other. A crappy coder will find a way to be crappy in almost any language.

I would argue that work on making pointers/references more robust falls squarely on the side of generally useful language engineering.

While a certain language which requires declaring exception throws on each and every function's signature comes to mind for an example of the second outcome.

Multiple return values? Meh, probably not a very necessary complication in most cases, but easy enough to avoid.

What's holding up Canada's internet?

JLV

>so big and spread out

While I agree with your sentiment, this is another convenient Canadian big-business myth.

90% of Canadians live within 50 miles of the US border, mostly in big conurbations. Edmonton is another 2-3%. That's a probably fairly high concentration, at least compared to the US. I have no problem subsidizing (to an extent) rural services, but that should be done on the basis of open, competitive, contracts to provide services to remote areas.

Not on buddy deals to shaft 90% while investing as little as you can on the remaining 10%.

JLV
Thumb Down

Re: Socialist demands more socialism

Twat!

The term you are looking for is crony capitalism.

A free market isn't about highly paid CEOs. In an ideal free market system, the government has a generally hands off, but also adversarial when required, relationship with big businesses. That means that large incumbent businesses do not get to dictate market terms and stifle new competitors. And they certainly should not be allowed to use government power to frustrate either their customers or their competitors. That allows new entrants to provide new services, sometimes at the detriment of existing providers.

Totally on board with this excellent article that the CRTC is a poster child for regulatory capture!

One of the few areas where the CRTC can be aggressive is enforcing French language and Canadian content regulations. Something which I care very little about. But it can still be leveraged to incumbents' advantage, such as when the cable companies want Netflix regulated to produce more Canadian and French content. Conveniently driving up its costs.

Strangely enough, crony capitalism does rather well in nominally "socialist" countries. Having lived in France and Canada, they both have governments that are quite open to friendly regulations for big businesses.

When the US regulated "do not call" and forbade the printing of full credit card numbers on receipts, Canadian businesses managed to get extensive transition periods for our equivalent regulations, which are often more biz-friendly. The French also have a term for this, creating and protecting "national champions". That also plays well with the electorate - pretend to protect the national economy and independence - shaft the customers.

Never mind that the national champions often lag in innovation, service and costs. And that the general economy, domestic competitors and customers are often the first to suffer. France Telecom and Air Canada are typical rent seekers on top of regulators. Ditto when foreign ownership rules were used to keep a 4th mobile operator from creating a network in Canada. Thanks, CRTC.

The US, for all its governmental and regulatory dysfunction, does not have as much of a publicly trusted narrative of supporting big business. The lobbying, deals and back scratching happen and they happen a lot. But they are generally viewed as a bad deal by the public. Sometimes you see amazingly adversarial government activities - such as the break up of Ma Bell and the attempt at doing the same to Microsoft. There is also something to be said for this happening in courts, using open challenges, rather than just through backroom deals.

Point is: the interests of customers, citizens and competitors do not always line up with the interests of big incumbents. A suitably regulated free market is one where the government is able to step in and shake up businesses when they overplay their market domination. Not one where government power is used to further the interests of incumbents because its regulators have close relationships with industry.

So, lemme say that again: you are a twat! x3!

p.s. the picture is not universally bleak: I am moving from a $42 CAD /mo 20-30 mpbs to a $49 1gbps all-fibre ISP shortly. But that's because big cities can have competing networks. Something the CRTC probably had very little hand in.

p.p.s. one thing I disagree with Trevor on - the CRTC is already universally loathed here and rightly so. That just hasn't translated into a real shake up though.

Apple's iOS updates brick iPads

JLV
Trollface

get with the program, please!

>rectify the problem over the internet, rather than ensuring it's not happening to begin with

It seems Apple has been secretly drinking the Kool-Aid from El Reg's fail-fast, fail-often, DevOps articles.

And I used to think those 2 didn't get along.

Microsoft .NET Core update asks developers: How you doin'?

JLV

Re: Really?

+1 and agree with you, except...

>MS might change this technology in the future

Well, yes and this has been a problem with MS in the recent past. Lots of their tech gets spouted off as the next big thing and then they lose interest/switch to another thing. Silverlight being one of many examples.

For the rest, I'd be somewhat inclined to go along with you and give them the benefit of the doubt. But they have a tendency to clean-slate their tech at a rate most open source companies/projects would find totally incompatible with keeping credibility. Angular 2.x vs 1.x compatibility (nasty) is one thing, but MS is more like 3 doesn't work on 2 which doesn't work on 1. Across multiple product lines.

So, yes, if you are inclined to do so, keep an open mind about them, but let's not forget that their recent abandonware attitude is a real risk for those making long term bets. Hopefully they will wake up to that and be more careful about commitments, but in the meantime I'd be cautious.

Work begins on Russian rival to Android

JLV

Re: "Trusted"

>I wouldn't trust Russia Today at all.

+1 and agreed. Still, I'd recommend reading Chomsky's Manufacturing Consent at some point, if you need a bigger dose of cynicism.

Chomsky is not my favorite person, for many reasons. Not least that Manufacturing Consent happily let the USSR off the hook for far worse abuses.

But he did hit the nail on the head when he was comparing Western press coverage of the various 1980's death squad activities in Central America with the same press reporting on a slain priest in Poland, same period. One can agree with the need to resist Communism while regretting the lack of exposure that allowed egregious human right abuses to happen for far too long in Central America.

People prefer to hear coverage that confirms their biases and prejudices, so having a fully informative press is not as simple as "just" having a free and competitive press. That's just the most necessary ingredient.

On balance though? Yes, give me our imperfect press, politicians and economic systems any day over the modern cesspit of propaganda, lies, fear-mongering and corruption that seems to be growing each and every year since Putin took over. When's the last time a major opposition politician has been killed in any Western country? Would you expect your government to suffer for it if it did? Or would you expect the supine domestic press whitewash that followed Nemtsov's murder? Anna Politkovskaya's? Litvinenko's? The closest British equivalent that comes to mind is David Kelly's death and that's a stretch to compare. What would happen if one or two of those happened every year? Would you really expect your PM to remain in power?

Dissatisfaction with our own governments should not be a reason to pretend Putin is anything but what he is: a deeply amoral strongman who is setting Russia back by decades in terms of global and domestic behavior. And a population brainwashed into thinking he's the solution because there is no equivalent to our own, imperfect but critical, press.

Destroying ransomware business models is not your job, so just pay up

JLV

Re: The FBI Does NOT Recommend Paying Up

-1 for left-wing idiot (center-right myself, not a lefty). No need for political insults, is there? Was there anything political in the article?

2nd, you mistakenly conflate your expertise (which I accept at face value) in issues involving high-profile, high-value targets, such as DoD and banks with its applicability in this case.

The situation is very different. In one case, the organization presumably has high value, sensitive information. And, one would hope, actual restorable backups somewhere. Along with a staff and consultants to deal with the damage. The perps are doing this on a low volume basis, so they may as well extract as much from one victim as they can, no reputation to manage.

On the other side is Joe Shmoe, homeowner. No significant value data, outside of confidential info whose confidentiality is fried either way, whether you pay up or not. No staff. Possibly no backup. Data which is many case is just going to be photo/video in nature.

The perps' best interest could be to "appear honest" and actually restore the data, since they cast a wide net and hit many victims.

i.e. you are in the right in your sphere of work. But it does not automatically transfer to the modern ransomware phenomena which seems to scale best with automation, many victims and minimal subsequent manual exploitation by the initial perps (though I wouldn't be surprised at selling off the data to other crims for future exploitation). Time will tell.

This article is food for thought. I don't agree with it entirely and I think planning and backups are the better plan. But I agree even less with your glib over-generalizations and dismissive disdain of those who don't have your expertise.

JLV

Prisoners' Dilemma:

if no one paid, there would be no ransomware

if you pay you (may) get your data back

Kill Flash now? Chrome may be about to do just that

JLV

Re: Off-topic (almost)

>turn off 80% of HTML5 and break 99% of websites

Your mileage. Not mine. If you don't want to use it, that is entirely your choice. But your claims are somewhat overblown.

Yes, it kills some sites, but not that many. Most sites work fine in degraded mode without their JS.

It's not that difficult to grant a temporary "all js for this page". And maintaining the whitelist is not that hard either. The only thing that's really hard is some/all of the advanced settings stuff. I usually don't bother by that point and just Chrome it. FB, which I rarely use, only works with Chrome at this point.

As a bonus, google analytics and its kin never quite made it onto my whitelist.

i.e. you don't like NoScript and I respect that. It's not for you. However, don't give everyone the idea that it won't work for them either. IMHO, it's a significant contributor to web-facing security for those who can be bothered to use it.

JLV

Re: Google catches up to Apple, while Microsoft trails the pack

To be fair, 1+1 = 2

i.e. if you have a browser with a vuln quotient of x and then you add the y from Flash, you have x+y exposure instead of plain x. Note that in this equation, Flash's y is neither 0 nor negative. I would argue it is pretty high for its functionality compared to the Swiss Army knife of a modern browser.

Additionally, you can run NoScript quite effectively to harden your browser to random JS. And it's not like white-listing automatically makes NoScript happy - it's often that it whines, justifiably or not, for a white-listed site's JS doing something it thinks fishy.

In fact, as someone else mentioned a few days back, I tend to run FF w NoScript and fall back to Chrome when I can't be arsed to figure out what is irking NoScript on a site that I actually use.

Flash content is opaque in that regard and I would rather concentrate on just dealing with JS vulns, thank you very much.

Thank you, Chrome, anything that gets laggards like the BBC and CBC off Flash is most welcome. I haven't used Flash for years and I mostly don't miss it anywhere except for the 2 above. And that certainly includes YouTube which works fine without it.

p.s. one exception - Joel Spolsky's otherwise excellent FogBugz service has a estimates-vs-actual time feature that I would love to use, but is based on Flash for its reporting (hello, D3, please).

Docker lets security bug sniffer dogs off the leash at container images

JLV

Re: Security for Developers

You know, it'd be nice if you didn't think all devs were idiots. I respect smart sysadmins and I find I learn a lot from them. And, though I have occasionaly seen incompetent ones, I would find it foolish to generalize against the profession.

We kinda depend on each other, so no need for the nastyness.

Me think there is a world of benefits from this type of idea. If you are gluing systems together, whether via Docker, VMs or package installers, that means you have atomic units of code that are versioned and IDed in repos. If versions subsequently are shown to have bugs, then, yes it'd be nice to use computer brainpower to flag it. And I don't think it's that big of a hassle to bump up versions for a good cause (rather than maniacally chasing latest across the board for no clear reason).

Huge embarrassment over fisting site data breach

JLV

I don't want to be anal about it, but isn't this precisely the kinda site where you'd want to CYA? Security-wise.

Windows 10 build 14342: No more friendly Wi-Fi sharing

JLV
Trollface

Re: Without a doubt

>you were serious!

... or smart.

JLV

Re: Adblock on Edge

I use Pinboard. Very similar to old-timer Delicious. Normally I prefer to be off-cloud in most things, but bookmarks are an exception.

Very fast and reliable. A better vehicle than Evernote for small text annotations. One drawback is _adding_ bookmarks from tablet/phone. Been toying w idea of mass dumping exports from Chrome mobile (topin folder, easy to add to) via a Python script.

Not free, but I joined early enough that it was an $11 lifetime membership.

Noscript on FF and "open" Chrome FTW.

JLV

Re: symlink support for Linux subsystem

So, for argument's sake, let's say your app needs to know where jquery is. Let's say furthermore that you have downloaded jquery.2.1.4 and you keep in a directory or file named jquery.2.1.4. Yeah, yeah, I realize jquery may not be the best example, but it has numerous versions, bear with me.

One great use of symlink is to say: ln -s ./jquery.2.1.4 ./jquery. Your app nicely points to ./jquery, not caring which release it is. If you update ./jquery.2.1.4, then your app "knows" about it too.

Is this something easily achievable with mklink or whatever command Windows 10 uses? Does it cover both directories and files? I confess I never really figured out what the Win 7 command was for this, despite being well aware of the possibilities of Unix symlinks.

I knew linking existed in Windows 7, but it was not very heavily promoted, to say the least. I could never figure out whether it was that the Windows implementation was limited or whether the Windows user/admin culture just wasn't clued in onto the possibilities.

Needing an admin right to do so is no big deal, though annoying.

i.e. what does the actual command line look like? I can do this on the command line, right? i.e. aside from MS "using the wrong order for the command arguments" , as noted elsewhere, is MS's solution actually a capable stand-in for the bsd/linux ln? Regular cmd or Powershell?

This is actually more a question for Windows itself, not so much how well it plays with Linux subsystems.

ww2 airplane geek? ever wondered about mach 1 w props?

JLV
Boffin

ww2 airplane geek? ever wondered about mach 1 w props?

Rather nice article from BBC about Spitfires going near-supersonic.

http://www.bbc.com/future/story/20160505-the-spitfires-that-nearly-broke-the-sound-barrier

ps BBC Future? For _this_ article? (shakes head)

Official: Microsoft's 'Get Windows 10' nagware to vanish from PCs in July

JLV

Re: Win 8.1 is enough to make one pine for man pages (almost).

Good rec. Except its job is to run Linux VMs (lotsa ram on that bad boy) _and_ run Window-only client software against them. Plus the customer base is generally on Windows.

Honestly though, while I get the anger against both the telemetry and the nagware, I dislike Win 8 enough to be looking forward to 10. And whether in VM or not, the 8 UI is brain dead either way.

Don't feel too bad. I am off that crapheap 90% of the time. And is from someone who loved XP.

Now that win mobile is essentially a writeoff, Satnad needs to give someone the job of 7-izing Win 11 desktop with a skin and taking out its telemetry. That would do much to restore tempers IMHO. Next: unicorns seen frolicking with Saudi imams preaching women's lib.

JLV

Re: Beware

Really? 40GB? Not really doubting you, but I am surprised they haven't been class-actioned from folks on limited ISP download quotas.

Anyone else have similar numbers?

JLV
Meh

Win 8.1 is enough to make one pine for man pages (almost).

You know, I'll probably upgrade to Win 10 before then. Have to make an appointment to an MS store to do so, Win 10 Pro-from-Win 10 Home having its own weird behavior.

Why? Well, much as I preferred XP and Win 7, I loathe Win 8.1 on my laptop. Granted, I use it 10% of the time and only to run a set of tools that is Windows-only. But every time I run it I am flabbergasted by how useless Win 8.1 design is, even layered over with Classic Shell.

As a quick example, I still haven't found a way to pin/shortcut the wifi preferences dialog anywhere. It's Charms-on-the-side-every-time for you baby. I've also found cases where Win 8.0 configuration howtos, needed because the stuff is so counter-intuitive, do not apply to Win 8.1 because they mangled the UI once again (with scant improvement).

Enough to make one pine for man pages (almost). Seriously, say what you want for command line arcana, but once you've figured it out, it's easy to document and it's likely to remain relevant even when the OS gets upgraded. Maybe I need to get Powershell-savvy?

I hope, but have no great expectations, that Win 10 will be better than 8.1. I have better expectations about being able to turn off most of its telemetry. In any case, it's been a long time since I've entrusted any sensitive info on a Windows machine, aside from my email credentials. Used to be because of the malware potential, now it's gonna be because of their spyware.

Regardless of how I feel about XP and 7, in most situations I fear they will become progressively more obsolete at the driver and security level. It's either jump on board or ditch Windows altogether. I happen to need Windows professionally, even if it's only for a tiny fraction of what I do.

So, I'll take the big jump to 10, over 8.1 and I will do it for free rather than paying Redmond for their newer abominations.

YMMV.

Tim Cook signs SAP for iOS – SANA app pact

JLV

Re: Apple's dominance in Business continues

Totally what I am saying as well. But Apple will need to meet investors' expectations.

Watches and TVs have been lukewarm successes so far. An Apple Car would add a lot of revenue IF it sold well. Imagine the opportunity for bling factor (that's sarcasm btw)! But surely they would be careful to hedge that bet.

Barring another unexpected gadget from them, trying to grow enterprise income is a possible, even likely, target. Windows 10 not being universally loved opens an opportunity there as well. And they certainly have the resources to throw at it nowadays. I think the main issue is that becoming part of everyone's office day carries a massive stodginess and un-sexiness risk for their premium-priced branding. No more PC vs Mac ads featuring a goofy looking accountant/IT dweeb vs a hipster.

JLV

Re: Apple's dominance in Business continues

Which is odd, given that Apple really hasnt put in much effort to crack non-design businesses on the laptop/desktop end.

I wonder if they'll try at some point - there are a whole host of marketing and pricing risks to pursuing a "biz PC" strategy for Apple. But that last quarter of falling iPhone revenue is bound to make them look for growth alternatives. Might those iOS IBM SAP apps be a Trojan horse or sounding board, at little risk?

Revealed: How NASA saved the Kepler space telescope from suicide

JLV
Alien

Re: Just Like Home?.

>return the one that landed here.

Sorry Earthlings, you have him now, you get to keep him.

mwahahaha

Devs claim charger uses 'photosynthesis' power battery charger

JLV

Re: Please stop promoting scams; have some journalistic integrity!

Great link. For Shiftwear (puts an e-ink screen on sneakers), I feel like a quote from a commenter is deserved:

Here is a list of their ‘team’

Corey Herscu – Media Relations

Zack Young – Digital & Social Strategy

Madeleine Stoesser – Media Relations

Samantha Goldsilver – Campaigner

George Alexandru Zaharia – Co-Founder/Lead Software Engineer

David Coelho – Founder

over 1/2 are social media guru’s who probably wouldn’t know what a soldering iron was if it bit them.

They have no electrical engineer…. at all. They have a software engineer, but they need a f’n brilliant electrical engineer to make what they’re talking about.

But, as we all know, social media is the end-all and be-all, so it'll all work out dans le meilleur des mondes.

Where is Bong? I miss him. :(

JLV

Correct me if I've got the units wrong. But isn't full solar around 1KW/sq m? And plants run at 2% photosynthesis efficiency on top of that?

Hard to square with this kind of output from a flowerpot

F-35s failed 'scramble test' because of buggy software

JLV

Re: This is how the US is preserving its air superiority

Heh heh, you're only laughing if your country isn't buying that shit buzzard.

Fails in fighter-intent aircraft happen. See P37, Typhoon, F106/104/111... Some of those achieved brilliant service in other roles (Typhoon). But it still required the acquiring nation to do a Plan B and use another fighter design.

The F35 has that ugly stink of gangrene all over it. The diff is a) no one in charge is owning up to the mess and b) it doesn't look like it will be usable in _any_ role. Save perhaps as the VTOL version which caused the whole mess.

Miguel de Icaza on his journey from open source to Microsoft: 'It's a different company'

JLV
Thumb Up

Re: "the problem of Microsoft has transmogrified in multicolored ponys"

+1 for an intelligent and non-dogmatic analysis of Java's strengths and weaknesses. And this is coming from someone who generally gets a kick out of yanking Java devs' chains.

JLV

Re: open source people universally hate Miguel.

>different from the company it were in the 1990-ties, an open, enthusiastic group of youngsters that brought computing to literally every home on the planet - but TODAY it is an ugly world-wide monopoly,

That's funny.

Their actual monopoly case was in the (late) 90s. And it only came about because they did accumulate a whole long string of abusive behavior towards their competition throughout the 90s.

You may or may not like MS. But their monopoly days are behind them. And if there was truly a nice, open, MS, then it would have been in the 80s.

I am still not an MS fan, but I appreciate the direction they've been going a whole lot more since the Ballmer has left. There are many pointless exceptions, such as their religious zeal on Windows 10 telemetry and their carryover of Windows 8 design fails. But they do seem to be opening up a bit and they've lost whole swathes of their monopoly rents.

</pedant>

E-cigarettes help save lives, says Royal College of Physicians

JLV

What do you expect?

There's a whole industry of folks whose job it is to be outraged and nagging others for all sorts of real and imagined transgressions. They range from government nannies to the social justice warriors to deep greens. For example, the BBC was recently quoting someone negative on large-scale Sahara solar energybecause she felt it was just continuing our addiction to energy use - http://www.bbc.com/news/science-environment-34987467 - check out her specious argument re smokestacks.

Those people, who so like to criticize others, also deserve to be held accountable when they provide harmful advice.

Cigarettes have historically been a huge health disaster. And since the only way to avoid the health risks was to quit, it made sense to have had a very strong you need to quit message. The lack of efficacy of the various quitting procedures did not lessen the need for that message.

However, if e-cigarettes are indeed a largely positive health outcome (compared not to quitting but to the effect of quitting combined with the likelihood of being able to do it) then it makes no sense to stand in the way of their adoption by existing smokers. And anyone who does that, in a public-advice capacity, from a feeling of self-righteousness needs to be shamed and ridiculed.

The other core message, of not starting to smoke, even e-cigs, in the first place? I am good with keeping it.

I wish we had something like the RCP in Canada to bring us back to science-based actual outcomes rather than emotional responses. Vancouver is doing its nagging best to regulate e-cigs at this moment.