* Posts by jarfil

33 publicly visible posts • joined 15 Aug 2013

GitHub merges 'useless garbage' says Linus Torvalds as new NTFS support added to Linux kernel 5.15

jarfil

Rebase = "move a bunch of commits to start at another base commit"

The name is fully descriptive if you think of it as a Christmas tree: change the base of the tree, re-base...

DoH! Mozilla assures UK minister that DNS-over-HTTPS won't be default in Firefox for Britons

jarfil

You can run DoH over a VPN... or just plain old DNS over a VPN for a similar effect.

In any case you need to trust someone, be it your ISP (*cough* don't *cough*), your VPN provider (hm, maybe), your DoH endpoint provider (hm), the website, and so on. If you want real privacy though, at some point you'll be better just using Tor, I2P or similar.

Allowlist, not whitelist. Blocklist, not blacklist. Goodbye, wtf. Microsoft scans Chromium code, lops off offensive words

jarfil

This is stupid

"Blacklist" comes from the phrase "a black list", a list of enemies and rivals to be executed, with the "black" meaning "death".

What's next, changing the color names themselves?

GIMP open source image editor forked to fix 'problematic' name

jarfil

Re: Eh?

Is that how itch.io got named?

Leaked EU doc plots €100bn fund to protect European firms against international tech giants

jarfil
Boffin

Nothing to see here

What do BREXITters still care about the EU? You won't have to pay for this fund (or see a penny from it), so there you go, have fun.

Upset fat iOS gobbles up so much storage? Too bad, so sad, says judge: Apple lawsuit axed

jarfil

Crappy SD != internal flash

"You can buy a 256GB flash drive for $50."

Try doing that, and suddenly your phone runs 10x slower. A decent A1 UHS 256GB SD card with good read/write/random performance will set you back at least $150, and it will still be slower than the internal flash.

jarfil

Re: It's marketing lies allowed to become reality.

You can use Linux to store 4TB of data to the bare drive without a filesystem... or you can partition it, create LVM groups, format it in BTRFS, enable compression and store 8TB of data on it. Is it a 8TB drive now?

Hua-no-wei! NSA, FBI, CIA bosses put Chinese mobe makers on blast

jarfil

Re: "We're deeply concerned about the risks of allowing any . . . entity that is beholden . . .

Typewriters and photocopiers have never stopped spies. Encrypted phones on the other hand, have proven to be a tougher nut to crack. Even these supply chain attacks aren't as easy as passing by and taking a photo.

jarfil

Re: China trash.

As an European, after being spied on by the Americans for decades, I say let's give the Chinese a chance!

(written from my Huawei)

Swedish ISP spanked for sexist 'distracted boyfriend' advert for developer jobs

jarfil

Is it "sexist", or "sexual"? I feel like some people don't want to see the difference.

No, that Sunspot Solar Observatory didn't see aliens. It's far more grim

jarfil

Re: Porbably not just down due to the FBI

Security conscious pedos don't need to let malware in, it's just media content after all... but then again, you probably won't catch someone who's security conscious, so you're probably right that if you catch them, then they probably got tons of malware too.

Microsoft: Like the Borg, we want to absorb all the world's biz computers

jarfil

Re: Testing

How are they being tested right now? You apply the patches to a single machine, and if it keeps working, then you apply them to some more.

I don't see why Microsoft wouldn't be able to do the same.

UK.gov finally adds Galileo and Copernicus to the Brexit divorce bill

jarfil

Re: TL;DR

You can hold all the referendums you want, the EU is extremely pleased that the old agreements hugely benefitting the UK are gone. You won't get back on the same terms no matter how many referendums.

Wondering what to do with that $2,300 burning a hole in your pocket?

jarfil

Re: So they tell us version 2 and 3 are already on the way?

It sounds like its main problems are with tracking a changing environment, like on the street or walking around the house, so if you just sit at your desk with a joystick and want to see your control panel, it might work well enough.

jarfil

> Creators' Edition

To be fair, creators/developers need to have access to beta hardware if you want to have a game/software catalog ready by the time the final version of the hardware gets released.

The price though... it's a bit steep.

jarfil

Re: "does this read more like an ad-icle"

This is a funny one. While "dehydrated pure/distilled water" is nothing, that's true... we also barely use pure water (distilled, without salts or minerals) for anything, the overwhelming majority osñf uses we have for water require some salt/mineral content, so "dehydrated water" (the salts/minerals) are actually something valuable.

IPv6: It's only NAT-ural that network nerds are dragging their feet...

jarfil

Re: "the world is clinging stubbornly to IPv4"

I think right now the only online services unavailable over IPv4 are P2P nodes of people on IPv4+IPv6 who didn't care to open ports on their routers. We might actually see P2P services driving IPv6 adoption!

Other than that I've only seen some servers on just IPv6, but only internal ones, there's always some IPv4 gateway in front of them for the public.

Some of you really don't want Windows 10's April 2018 update on your rigs

jarfil

Use Linux...

...if you don't like Windows 10.

Insisting on using Windows 7 is just silly.

No, seriously, why are you holding your phone like that?

jarfil

Re: Damn

I thought Brexit was dumb until now, but making fun of privacy concerns in such a stupid way just swayed me.

Go kiss your Big Brother's arse.

Science! Luminescent nanocrystals could lead to multi-PB optical discs

jarfil

Make it 80TB

A CD/DVD/BD disk has about 80cm2 of data area, but the data layer is barely 100-200nm thick.

Still, with 1PB/cm3 and a layer thickness of 10um, an 80TB disk should be possible.

Make it cheaper, and even just 1TB disks would be nice.

Gentoo GitHub repo hack made possible by these 3 rookie mistakes

jarfil

Good thing I try to pretty much ignore NIST, that way when they finally updated their password guidelines I was already compliant... and they still have a way to go to catch up ;)

jarfil

It won't stop bots, all it stops is passwords going through the clipboard.

Arguably, having any password touch the clipboard is not safe, and you should rather use a password manager that can integrate with your browser, but the alternative of having people come up with easy passwords to type is even worse.

jarfil

Re: Quite honestly

Security is about making it difficult for unauthorized people to gain access. This means any scheme that's too easy, will also be insecure. We've come to a point where we can use schemes that are much more difficult to an attacker than to a legitimate user, but they can only increase de difficulty by so much, so the requirement of complication is still unavoidable.

There is just no way to turn "1234" into a secure password.

jarfil

A very simple and secure variation scheme

1. Pick a random 256-bit string as your master password.

2. Memorize it and destroy any copies.

3. Learn how to do SHA256 in your head.

4. Now, for every website, hash that master password with SHA256 using the website as a salt.

5. Success!

Time to dump dual-stack networks and get on the IPv6 train – with LW4o6

jarfil

Re: Throw caution to the wind and it will fall upon someone else

Use ephemeral IPs with your IPv6, Windows does so by default and you can set it up in your other OSs too.

jarfil

IPv6 at home has two main benefits:

* Automatic IP assignment without DHCP servers.

* Ephemeral per-app IPs.

It's essentially security through obscurity, but it makes it difficult to scan your network when the IPs change from day to day.

Ad-blocker blocking websites face legal peril at hands of privacy bods

jarfil

Re: Bull

That is not correct.

Anti blockers work by checking whether the user has seen some ad or received some file, effectively retrieving the information stored in the user's cache about whether that file has been downloaded or not.

This is, they store and retrieve information on the user's computer without the user's prior consent.

Bomb hoax server hoster reportedly cuffed in France

jarfil

Re: Pushing it ? Why ?

> He hands over the keys to prove his innocence.

Because presumption of innocence is so last millenium, right?

Small change to Medium takes large axe to passwords

jarfil
Thumb Down

Removed security mechanism

On a system with a password, if anyone was to change that password in order to gain access, the next time I was going to use my password it wouldn't work, and I would be instantly alerted to a security breach.

With an e-mail token, someone could gain access to me e-mail, in whatever manner, and I might never notice.

I call it a pretty bad idea.

Doctor Who season eight scripts leak online

jarfil
Meh

And every series, like ever, is just a bunch of pictures, usually of people talking. There, no more series, movies or anything else for you either.

Meh.

jarfil

Doesn't matter

Ok, so... I WANT THOSE SCRIPTS. Won't read them until after the episodes have aired, but I WANT THEM.

As for anyone else, I don't see why would a non-fan want them, if they don't like Dr. Who in the first place. Spoiling the series? You can't, I won't believe anything you say anyway, so how would you do that.

So as I see it, fans won't read them, non-fans will only spoil themselves (which is irrelevant), and nothing is lost any way.

Microsoft asks pals to help KILL UK gov's Open Document Format dream

jarfil

Citizen access and future compatibility

If they are willing to offer a FREE version of MS Office to every citizen, AND guarantee 500+ years of backward compatibility, I say go for it.

Facebook keeps company with misery say boffins

jarfil

Re: @ Don Jefe - One man's survey is another man's flaw

I don't comment in order to get upvotes, but still... when I check for replies, I feel better if I see upvotes, than if I see downvtes, or even no upvotes. And that's just from people I don't know, not my "friends".

I guess people who actually "look for validation" through their friends' upvotes, would end up feeling pretty bad in no time.