Posts by thames

Oh Joy!

According to the tweets in the story, licensing is based on the underlying hardware, not on the number of virtual CPUs assigned to the VM. So if you need to add a Windows VM instance to run a specific program, then you have to be careful about what hardware the VM is run on if you don't want to get boned by licensing issues.

Run a trivial Windows program that needs only one core on a server with 64 cores, and you still either end up having to pay for 64 core Windows licensing or else risk being labelled "pirates". I can see customers jumping for joy over this one.

"Appropriate regulation" doesn't necessarily mean designing the protocols used. It can mean things like governments taking responsibility to ensure that companies meet certain minimum levels of security and accountability, just like they do with things like say automobiles or water heaters.

You can't prevent all mistakes from happening, and you can't even prevent all malicious or dishonest action. You can however ensure that the bad actors face the consequences and don't hide behind "terms of service agreements" and an army of lawyers.

If Facebook loses your cat pictures, well quite frankly I don't care because Facebook really doesn't matter. If however my thermostat and every thermostat in the country doesn't work unless it was connected to a server in bongo-bongo land (or California - same things really) and they shut down and now my house freezes while I stand in line behind 10 million other people waiting for a replacement, then I'm going to care a lot. People should be able to buy critical stuff and know that it is safe to use without having to analyse the technology behind it.

Looking at the data.

I had a look at the data, and here's the number in a nice summary table sorted by rank:

Windows 56.76%

iOS 16.50%

Android 15.08%

Macintosh 9.08%

Chrome OS 0.96%

Linux 0.72%

Windows Phone 0.44%

(not set) 0.29%

BlackBerry 0.14%

Nokia 0.01%

Samsung 0.01%

SymbianOS 0.00%

Xbox 0.00%

It's fascination that even on what we would assume to be a stodgy set of web sites as these, Windows is barely over half.

Here's some other ways of looking at the data:

Desktop versus mobile

Desktops 67.53%.

Mobile 32.18%.

By vendor

Microsoft 57.20%

Apple 25.58%

Linux kernel 16.76%.

Microsoft's influence has shrunk hugely, while for everyone else their increased penetration has been mainly via phones and tablets. It really shows that people who still think mainly in terms of the desktop are looking at a vastly shrunken part of the picture.

Alternatives

I've been using Claws Mail on Ubuntu for years now. Before that I used KMail, Thunderbird, and various others. I'm very happy with Claws and I much prefer it to Thunderbird because it's so much simpler and much, much, faster. I am using it strictly for POP/SMTD mail but it does IMAP as well (although I haven't tried that feature).

It has shed loads of plugins, so check those if you want things like PGP integration or spam filtering.

It's a fairly traditional three-window GUI interface, but I like that in a mail client. It's fast, simple, and lets me get through my mail quickly. There is no feature that I want that it doesn't have. It focuses on one thing - mail, and does it well. It doesn't change much from version to version, and quite frankly I like that as well. It uses the standard mbox mailbox format, so it is compatible with a lot of other standard mail handling tools.

Overall, I highly recommend it.

Just Tried It

I just download MS Visual Studio Code, and my overall impression of it is that it's a bit shit. It has a very limited feature set, so it can't really compete with something like Geany on features. I would put it as being closer to something like Gedit, but perhaps not quite as easy to use.

I tried editing a couple of existing files from a project that I've been working on. It seemed to know how to handle 'C' syntax OK, although I just had a brief play with it so there may be some problems there which would turn up with more extensive use.

Its attempt to work with Python though was a massive fail. It couldn't even do automatic indenting with a simple 'if' statement. It's definitely not up to snuff in that area. Given this experience with a very widely used language, I would take their syntax support of many other languages with a very large grain of salt. In other words, you would have to try it out in each case before assuming it will work.

There aren't really a lot of editing features. I opened up source code files to see if any more hidden features would appear, but no, it just doesn't have any. I saw no obvious sign of code-folding or any other of the sort of features you would expect in something like this, just very basic text editing with some syntax colourising and auto-completion, and some very shaky partial auto-indenting (e.g. see the Python example mentioned above).

In terms of overall looks, the side bar takes up an excessive amount of screen space, so I would consider that to be poor UI design. I don't personally like the black-on-black default look as I find it to be too dark and depressing. I suppose that might reflect how the average Microsoft feels about life (and no doubt I would too if I worked there), but I would prefer something a bit less gloomy. That is a personal preference I will admit.

I tried it running on Ubuntu 14.04. There is no deb package or any sort of installer to add it to the menus or launcher. It's just a zip file (not even tar/gzip) that you unpack into a directory as a self-contained binary. To be honest, I'm not sure I would have installed it if it had a proper package, as God knows what it would do or might screw up. The menus integrated with the Ubuntu top bar, but I suspect that is more due to Ubuntu's success at intercepting menus rather than anything Microsoft might have done.

Overall, I see nothing to recommend it. If you just want a very basic editor, something like Gedit or the equivalent will be simpler while also being less intrusive. Even Gedit will give you syntax highlighting. If you want something with loads of text editing features and even better language syntax support, something like Geany beats MS Visual Studio Code hands down while still being very fast and small.

I give it a thumbs down. It's not overly bad, but it just doesn't have anything to recommend it over much better equivalents which can be found elsewhere, including free ones.

And?

SAP and OPC are full of security holes. Who would have guessed?

I can't offer advice about SAP, but on the PLC/RTU/meter side the biggest problem is the huge dog's breakfast of proprietary protocols, which OPC tries to paper over.

Someone (Tofino) does a firewall appliance for Modbus/TCP which can let you control which registers and commands you want to allow through. Stick it in your control panel next to the PLC, configure it, and you're done. Someone did an open source Modbus/TCP firewall which I think is based on the standard Linux packet filtering (I think Tofino just packages that up and adds a front end). That pretty much deals with the issue of accessing arbitrary memory addresses.

That is only for Modbus/TCP though, as it's an open protocol. You're pretty much screwed so far as the proprietary protocols are concerned, since the industrial control vendors have no clue about security, and third parties can't come and play in their proprietary protocol playpens since the proprietary aspect is there for vendor lock-in and no other reason.

Northern Hemisphere Ice Forecasts

Canada already does sea ice forecasts for Canadian waters, and releases them on the normal Environment Canada web site. It's required for routine navigation on the east and northern coasts, Hudson Bay, and the Great Lakes (the Pacific coast is warm and doesn't freeze).

If there is anything new being reported in this story, it's that apparently nobody is currently doing the same for the Antarctic, or at least perhaps not to the same extent. However, there will be plenty of existing scientific work from northern latitudes which can be applied to the Antarctic.

It's a commendable effort, but it's not ground breaking science, so I'm not sure what they mean by "to develop scientific methods for forecasting sea ice conditions". The scientific methods already exist, the problems will more likely revolve around applying the Chinese observations to the local conditions to produce useful ice forecasts.

Eh?

El Reg - "commentators took incomplete text and fretted that the TPP would still override Canadian law. In the end, the final text shows that it doesn't."

The reason the final text says it doesn't is because when the public pointed this out, the treaty was changed. There are expected to be many more such problems which will only be discovered later. This is the problem with negotiating these things in secret. The people who have the relevant expertise are not consulted, and so huge mistakes are made. The original clause as it was written would not have stood up to constitutional challenge in Canada, and the same is likely true for many other countries as well.

El Reg - 'But, desperate to find something wrong with it, it has been conflated to the fear that your personal data "may be put at risk."'

The federal government in Canada has neither the legal nor the constitutional authority to negotiate this, these powers largely reside in the provinces. If the provinces say "no", then that treaty provision is meaningless. The provinces were not consulted, and they therefore have no obligation to agree to anything.

El Reg - "The Canadian government is also being sued by energy company Lone Pine Resources because it banned fracking as a way to protect its water. "

The Canadian government did not ban fracking. Fracking is currently happening in Canada. However, again, that is a provincial matter. Some provinces allow it, and some don't. The federal government has zero say in the matter. Lone Pine is exactly the sort of example that undermines your argument. It's a Canadian company that re-incorporated in the US in Delaware - a state noted for its corrupt civil legal system - to attempt to win in trade "arbitration" what they couldn't win in a proper court. If your ideal of justice is "crony capitalism" as practised in Russia, Nigeria, and China, well then I guess this just your cup of tea. I would rather have democracy and honest and trustworthy courts.

However, we just had an election here in Canada. The new party in power did not take part in these negotiations, and indeed the previous government had very questionable legal or constitutional authority to finalise those matters which took place on the past few months while there was an election campaign under way. The new government has said they are under no obligation to accept the treaty as is and they are expressing no opinions on it until they've had a chance to have a good look at it. If the treaty had been negotiated openly, it would be on much firmer legal and constitutional ground.

I could go on to point out loads of other holes in the story, but the above provides a few good examples. Things are not all wonderful and clear, and the treaty could yet fall or countries could drop out, or it could be subject to major re-negotiation once people have had a chance to actually look at it.

The entire process was badly, and corruptly managed, with certain private parties with financial interests in the outcome being provided access and input, while others were denied the same. All the spin from the PR companies in the world are not going to change that one bit.

What people wanted, and didn't want

Well, being sort of like Windows XP was what a lot of people wanted. What most users are complaining about isn't the UI, it's the intrusive data collection and monitoring and reporting everything you do back to Microsoft, and ramming upgrades down your throat which they don't like. That bit isn't like XP.

They Weren't Really an Open-Source Company Though, Were They?

The headline should more properly be - "Software company takes code proprietary when sells self to another proprietary software company".

This shouldn't be too much of a surprise. Xamarin's business is based around selling proprietary mobile phone development software and services at eye-watering prices. They're not going to give away their new acquisition if they can also sell it at similarly eye-watering prices.

From what I can gather, RoboVM themselves were trying to follow a similar path as Xamarin, that is being an "open-core" company rather than being a true "open source" company like Red Hat. You give away some part of the product, but then sell proprietary add-ons. It's a variation on the "give away the razor, sell the blades" strategy. They didn't have much success with this because they didn't attract enough customers for their proprietary product line. I believe that Xamarin is going to dump RoboVM's proprietary add-ons and just use the compiler.

As for the formerly open-source compiler itself, I believe it just compiles Java to native code. They're hardly the first or only Java compiler to do this.

I suspect that RoboVM found that they were getting into a very crowded market and developers were demanding a lot more for their money when it came to proprietary development platforms (even with open-core) than RoboVM had the time or money to deliver. It's a much more mature market now than when Xamarin got into the game. Xamarin's business today seems to revolve more and more around "cloud", testing, and other services, and less on just an IDE and compiler. RoboVM's Java compiler will probably slot in as just another supported language in that proprietary service line up.

Most mobile developers however aren't interested in third party proprietary development systems. They'll just continue to use either the development system provided by the platform owner, or a free, open source system.

Ugh!

I just had a look at it. I picked a file at random - auth-passwd.c and looked at the Microsoft version versus the equivalent from the portable OpenSSH project. The Microsoft version is nearly twice as long (378 lines versus 216), with the addition of huge #ifdef hacks, converting back and forth between UTF8 and UTF16, and all sorts of other horrors.

If I look at the altered source in all the files as a whole, there are 363 #ifdef or #ifndef sections related to what has been hacked in for Windows support. Other platforms (e.g. Linux, Apple, AIX) manage with just a couple of special cases.

I'm not sure the OpenSSH developers would want that sort of thing hacked into their upstream source base. If it was me, I would certainly turn it down until the MS developers figure out how to separate that sort of stuff out in a minimally intrusive way.

I'm really hoping they can get this working, as getting the server daemon working would be really handy for me when doing automated testing of software in VMs. So far though, the stuff that Microsoft has been working on looks like it needs a lot of work to meet the quality standards of what I would expect to be required to be accepted into the mainline branch of a major open source project.

"Concerns"

"However, the US has a somewhat problematic relationship with Chinese companies – having banned Huawei from bidding for US government contracts because of concerns over spying."

Yes, I can see that the US government would be concerned if Chinese companies wouldn't help them to spy on people.

Some Actual Numbers

Firefox has some very good web developer tools. Here's a brief summary of what happens when the article web page is loaded: All sizes are in uncompressed form with an empty cache.

Totals:

194 requests

2,974.75 KB

22.43s

Of that:

HTML: 16 requests, 312.91 KB, 22.41 sec

CSS: 2 requests, 72.37 KB, 0.35s

JS: 44 requests, 1,564.87 KB, 14.48s

Images: 124 requests, 1,024.60 KB, 20.45s

Flash (I don't have Flash installed): 4 requests, 0 KB, 2.75s

Other: 4 requests, 0 KB, 0.01s

Of the HTML, here are the top domains in terms of size along with transfer time:

Twitter 50.16KB 0.117s

Facebook 62.54 KB 0.343s

theregister 67.34 KB 0.208s

For the Javascript, 181.13 KB of that came from theregister.co.uk

For the images, the slowest were from the following domains:

cs.meltdsp.com 0.34KB 5.110s

pixel.eversttech.net 0KB 5.100s

cm.dpclk.com 0KB 10.096s

A lot of the images seem to be very small tracking pixels. The same is true for the Javascript, much of it is very tiny (likely cookies). I currently have 50 cookies set just from loading the web page and logging into the forum. Only a couple of those belong to El Reg. Making visible page images smaller or active page Javascript more efficient isn't going to change anything that matters here because they're not the slow or large parts.

Here's the thing that nobody seems to want to admit. Loading a web page from The Register isn't the slow part. That is very fast. It's also not very big. The problem is the ad networks. There are multiple ad bids, ads, tracking cookies and pixels, and other crap being loaded, often taking a very long time to do so (e.g 5 to 10 seconds each in several cases).

Fiddling with The Register's web page isn't going to do anything significant. For Christ's sake, Twitter and Facebook load as much HTML to do their tracking buttons as El Reg does to display the actual article! And there's roughly 3 dozen other parties all loading their crap, very slowly, into the page.

Fiddling with the size of the images won't help either. Many of them seem to be used as tracking elements by the ad networks, and even very tiny ones take forever to load if they come from an ad network rather than The Register.

The real problem is that ads are served from third party networks, and those ad networks don't care if The Register is slow, it's not their site after all. Instead, they spaff loads of crap into the page, very, very slowly.

The real solution isn't going to be fiddling with the margins. It's going to require restructuring the ad business in order to put the content publishers in control so they can optimise the entire process, just like they do in physical print publishing. I'm not sure how to do that, but I don't see any other way.

May they get their wish

"Microsoft, the VW family sedan of IT, wants to be tech's new Rolls-Royce"

You mean they want to go bankrupt, be bailed out by the government, and then have the original product line flogged off to another company? Yes, that sounds like an appropriate fate for Microsoft.

But Microsoft as VW, let me see, what has VW been in the news for lately? Ah, yes, caught cheating their customers and selling products whose performance didn't match up with what was claimed for them. OK, yes, I can certainly see the analogy there.

As an aside, I saw a new model Rolls Royce in front of my grocery store a while ago. I was not impressed. It was definitely not up to the standard of the older ones.

Why would you do this?

"So if you buy a bike and give the store your email address"

Why would you give the store your normal e-mail address? If you're going to give them an e-mail address at all for some reason, why wouldn't you set up a special account that's only used for sign ups?

"Then, as you surf the web with your Google account cookie in hand"

Why would you log into your Google account all day if you're not actually using it at that moment? I use a separate browser for checking web mail than I use for normal browsing. That way I can leave the e-mail account open as long as I want while still closing the general use web browser whenever I want without having to check what I have open in various tabs.

Oh, and when you're just browsing and reading, turn cookies off. Turn them on to log into a forum to comment, post your comment, and then log out, turn cookies back off and erase all the cookies immediately. This is easy to do with Firefox.

Trusting random strangers on the web with access to your cookies is like trusting random people on the street with access to the contents of your pockets. On the street you can put a bit of money in one pocket to pay for small purchases while keeping the rest stuffed well down in another. On the web you can do your general web browsing with one browser and view your e-mail accounts in another. Just use some common sense with this sort of stuff.