Posts by thames

Re: Upgrade, but not right now?

@Notas Badoff: This is not a new policy, they did this with the 14.04 to 16.04 upgrade as well. Existing LTS users don't get upgraded until the first point release comes out (18.04.1). The point releases bundle up accumulated security and bug fixes so that new installations don't have to download them all again.

Normally by that time bug and security fixes related to a new release seeing first widespread use should be down to a trickle. This in turn means that LTS users will see fewer update notifications. If you are an LTS user, you probably care more about not having as many updates than you do about having to wait a few months before getting the next LTS. Non-LTS users on the other hand probably do want the latest stuff ASAP.

When the release does go out to existing LTS users, it won't go out to all of them at once, Instead it will be trickled out to smaller numbers of users at a time over the course of a week or so. Thus even after the LTS upgrade cycle begins, some of those users will be waiting for a while.

If you are an LTS user but really can't wait, then you can force an upgrade now if you know what you are doing (there is a package you need to install which automates the Debian command line process to make it easier).

Re: Garbage in, garbage out

The main value of Turkey to NATO these days is its position in the Middle East. American bases in Turkey are ideally situated to strike east into Iran or south into Iraq or Syria and Lebanon, and generally complement the US bases in Bahrain and Qatar.

The US bases in Turkey saw extensive use in the first and second Iraq wars, and in the war against ISIS in Iraq. Their key role in providing bases for aerial refuelling means that even aircraft based elsewhere depend upon them.

So long as the Middle East has oil, Turkey will be important to NATO.

Re: @Martin

On it's own it might be remotely plausible as a "security" action. In the wider context though, it fits in as American trade protectionism. Canadian steel and aluminum companies have also been labelled "national security risks" by the Americans. Bombardier is "bad" until they promise to assemble planes in the US, and then the trade complaint gets magically thrown out at the next hurdle.

I think that the head of Huawei said something along the lines of that getting blocked from the US market feels much more relaxing now that they know that they don't have to worry about keeping the Americans happy any more.

Re: Hypervisor?

@Charles 9 said: "Because Google's strongest platform, Android, runs on ARM, as does Apple's iOS the #2 mobile platform."

Google's response to that was PNaCl, which was supposed to be a portable form of NaCl based on LLVM intermediate code. That wasn't any more successful because LLVM intermediate code isn't really suited to that.

By that point everyone had decided that ASM.js was a much better solution from a technical and practical perspective so Google threw in their (P)NaCl cards.

Re: Of course it's not an important security issue

@Anonymous Coward said: "It's not on Windows."

Oh look, someone trolling anonymously. What a surprise.

Well guess what, it's not normally installed on Linux either, as you would know if you had actually read the story. It's a third party program that an administrator can install if he or she wants to, but very, very , few actually do.

The tariffs will apply to goods originating in China, otherwise there would be plenty of places in the world where they could be transshipped through and relabelled.

Plenty of US imports already arrive through Canadian ports, as many US ports are generally more expensive. Of course American port operators are crying this is unfair and want tariffs applied on port services.

Trump has opened a new eastern front in his trade wars before finishing the one he started with Canada and Mexico. Washington is now desperately trying to make trade peace with those two now that it turns out that China isn't going to surrender. Boeing's sales in China may turn out to be the Stalingrad in all this.

Re: Is it just me

@regbadgerer - I haven't tried it yet, but from what I understand it's all about making the billing more granular for highly variable loads. Instead of getting billed for provisioning a micro-service which may sit about not getting used much, you get billed on actual usage. You do have to structure your application to work effectively with that however.

Whether that makes financial sense is going to depend a lot on your individual use case. It isn't for everyone, but it may reduce costs for some people who have highly variable loads. If you run high loads on a fairly consistent basis, then it's probably not a good fit for you.

The main problem with it has I think been the tendency to create new terminology in an attempt to differentiate it from micro-services. The basic concept though is to make your application better fit something that can be billed on a more granular basis. It probably has a place, but as another option rather than the one and only way of doing things.

@Dan 55 said: "So what's stopping them moving to Vimeo or Dailymotion?"

Several of the channels that I follow were in the process of moving copies of their content to Vidme, and then Vidme shut down. That was a short time ago, so I'm not sure if they are gearing up to look for another destination. Most of the people running the channels that I watch seem to know one another, and the move to Vidme was started by one individual with the others following.

I don't follow many shooting channels, as my own interests are more along the lines of history. People doing channels related to history and (non-pop) culture have been hit just as hard or harder by recent Youtube policies as people running shooting channels.

Some of the problem I suspect is that Youtube was trying to decide which videos to ban or demonetise by using AI. I've heard things from various podcasts interviewing people who have worked on AI systems for that purpose for Youtube. However, the AI doesn't seem to work in any sort of reasonable, logical, or consistent manner and its randomness is driving the content creators mad.

"the majority appear to be straight white men"

That sounds to be pretty representative of software developers. Normally, a poll which is intended to discover what products software developers are using ought to be polling a representative sample of software developers, not a representative sample of for example trendy social media advertising consultants or PR flacks.

If there ought to be any concern about how representative the sample is, the concern ought to be with respect to how well the sort of person who answers Stackoverflow surveys is representative of the sort of experienced and knowledgeable software developers whose opinion on matters of what software is good or bad is worth listening to.

Re: Microsoft's idea of system administration...

Anonymous Coward said: "Do sane people run ubuntu as a server though?"

Funny how there's all these anonymous posts on this thread making various claims about other company's products.

Ubuntu is used very extensively in cloud applications. Microsoft isn't putting so much emphasis on supporting Ubuntu because they've run out of other things to do.

Canonical have always placed a lot of emphasis on server and cloud applications. That is why they have a number of deployment and management tools focused on that area. The desktop version of Ubuntu is just a loss-leader intended to get developers using Ubuntu, with the intention that those developers will also use Ubuntu as their choice of server. People who have connections inside Ubuntu have said a number of times that Canonical's server business has been profitable for some time now. They've recently dropped the phone OS project, and Unity has been scaled back as they currently focus on profitability, supposedly to clean up the balance sheet in order to go for a stock market listing.

Ubuntu is based on Debian, but has the advantage of offering commercial support contracts for those who want them. Debian themselves of course do not, and finding commercial support for it is not as straightforward.

@wolfetone: "So why are the UK buying F-35's then?"

The UK currently flies two main fighter types - the Typhoon and Tornado. The Typhoon is optimised for air defence, but also does bombing. The Tornado is optimised for dropping bombs but also does air defence. Generally air defence planes can do ground attack very well in this era of guided weapons and smart bombs, provided they are equipped with the appropriate sensors and electronics. The earliest versions of the Typhoon left out the ground attack kit as an economy measure (since the buyers already had Tornadoes who could do that job anyway), hence the common myth that the Tornado couldn't drop bombs. Later versions included the kit for both roles by default, as do current production. However, the Tornado is still often use for those jobs because, well, they've got them so they may as well used them and get their wear out of them.

The Typhoon is still a relatively new plane and will form the backbone of the UK's air force for many years to come, but the Tornado is at least a generation older and is getting long in the tooth and has to be replaced due to increasing age and obsolescence.

The UK is buying the F-35 as a replacement for the Tornado. The 'B' version is being bought to also operate from carriers so it can be dual purpose. So far the UK has committed to buying 48 in total. That order could conceivably be extended to 138, but that decision awaits future approval by parliament. It is possible that the larger order may include buying some cheaper 'A' versions instead as strictly land based Tornado replacements, but that is up to the government of the day to decide in future. The F-35 is built by the equivalent of a consortium, and the UK has the second largest share in it (I think around 15%). The UK has various parts which go into it, Italy and Turkey will have final assembly lines, etc. The US of course as the biggest customer has the lion's share of the workshare.

The Typhoon/Eurofighter is also built by a consortium. The parts which go into the plane are built in various countries, but there are four final assembly lines, one each in the UK, Germany, Italy, and Spain. Each of the four takes turns in leading the sales effort to countries outside of the consortium and getting the largest share of the resulting benefits from it. It appears likely that the UK is the lead country for sales to Belgium. Going by attendance at recent meetings, early indications are that the UK is also the lead country for sales to Canada (who are also shopping for new planes).

Re: Network connectivity or not

I think it's about whether there was network connectivity at install time or whether the network connection came later. At the moment when you do an install they ask you if you want to download updates during the install or do it later.

I suspect they want to simplify the install procedure still further (it's already the simplest to install of any modern OS of any that I've tried) and are looking for what defaults to set and what to push off into an optional "advanced" menu.

At present they have an optional hardware configuration collection program which you can go through after installation to send information about your PC to them. I've used it a number of times, but I think it has too many questions and it inherently biases their data towards the sort of user who cares about what is in their PC. I think getting less and more basic information but getting it from a wider selection of users will give better results.

They've said they will publish this information in aggregated form on their web site. I'm in particular looking forward to seeing what proportion of people are using what sorts of CPUs and GPUs. I've been writing software recently which uses SIMD instructions, but it's very difficult to get a good idea of what SIMD level to target since the publicly available data sets are for games users, who are atypical so far as my software is concerned.

Re: Bad bargaining

I would rather see Creative Commons (and other similar licenses) photos at the top of results, with anything else located further down in a separate section. A lot of what amounts to spam from these companies appears in search results when you are looking for a clear photo (e.g. no watermark plastered across it) of something for non-commercial purposes (just to look at, for example). I want to see stock photos in my image search results about as much as I want to see "shopping comparison sites" in my text search results (i.e., not at all).

Oh, and as a note to journalists and blog writers, stop putting pointless stock photos at the top of your stories. It's a waste of bandwidth and it's a waste of my time and effort as it means the first thing I have to do is scroll down past an utterly pointless and irrelevant stock photo before I can start reading. If the photo is directly relevant to the story, by all means include it. A pointless picture of a model holding something irrelevant though provides no value to the reader.

If you want to really see the height of hypocrisy though, just have a look at almost all of the news stories condemning crypto currency miners for their alleged vast energy consumption. Almost all of those very same new stories will include very large format pointless stock photos which have no direct relevance to the story, but which consume vast amounts of energy in sending, transmitting, receiving, and displaying them. Pot meet kettle.

Re: Waylaid

I use the open source driver in Ubuntu with my AMD APU with Radeon graphics, and it is much preferable to the proprietary drivers in terms of stability. I've never had much luck with the proprietary drivers from either NVidia or AMD, as I have a very low tolerance for crashes.

On the other hand, I don't play games, so I can't say much about performance. The desktop is fast with no lags or visible graphics defects, and that is good enough for me. I would rather have the greater reliability of the open source drivers over the theoretical speed improvements of the proprietary ones. AMD's current proprietary drivers are based on the open source driver anyway, with just some features added.

As for Wayland, they're like nuclear fusion. They've been a year away from being "ready" for a great many years now. I'll believe it when I see it.

Re: Sensor fusion?

The F-35 is far from the only fighter to combine sensor data to present the data in an integrated fashion to the pilot. Even the cheapest western fighter on the market, the Saab Gripen, does that in its new version.

"Sensor Fusion" is just part of LM's branding and marketing, along with "5th Generation" (which the F-35 isn't, if you go by the original Pentagon definition of what a 5th generation fighter would be).

Re: binary pipelines

@RJG - He trotted out the exact same example a couple of years ago to attempt to show that Powershell was "superior", and I replied with a post showing him that the correct way to do it was with "stat". His reply to that was to waffle.

If he's still using that same crap example now, it isn't because he doesn't know there's a proper way to accomplish the same job. It's much more likely that he spent many hours coming up with the most convoluted way of doing something in bash and isn't willing to part with it. Either that, or it's the example on the talking points script (as opposed to a shell script) from his marketing department and he's been told to use it.

To repeat, he's already been told before that his example is bullshit and was shown how to do it correctly, and he read and replied to that, so he did read the post with the proper method. I would take pretty much everything else he's said on this subject with that in mind.

Oh, and I benchmarked his example and one using "stat", and the "proper" way is dramatically faster than his method as well.

I imagine that the reason that Microsoft is porting Powershell to Linux has nothing to do with any hopes that it will see widespread stand alone use. I suspect it has far more to do with supporting products that MS is porting to Linux such as MS SQL Server which may have some PS dependencies.

There was an "object shell" for Linux some years ago (well before Powershell existed) whose name I can't recall, but it died from lack of interest. It simply didn't solve any problems that people actually had.

Re: maybe it's time to re-consider server-side inefficiency

I don't think that re-writing your web application in C is going to help much. It's system calls which are slowed down, which in this context means mainly I/O intensive tasks. The big hits will likely be in the database and web server itself, both of which will already be written in C or C++. They are also often running on different servers from the application processes anyway. If it wasn't worth financially while writing your web application in C before all this happened, it won't be now.

You would probably be better off looking for ways to decrease the number of times you have to hit the database and to reduce the size and number of separate files in your web pages. In this type of optimisation having a language which allows for faster development would be an advantage.

With Python by the way, the really CPU intensive libraries tend to be written in C to begin with. If not, there are often 'C' versions available. One thing that Python does really well is interface with C libraries. If you do want to look for CPU optimisations in this area, then looking at libraries is a good place to start and lets you have the best of both worlds.

As for switching back to CGI applications, given how those work I wouldn't want to guess how they are affected by these CPU bugs without some actual testing. They have a lot of per-call system related start up overhead, which may get a lot worse with the new Intel fixes and completely overwhelm any actual processing they do internally. That overhead is of course why we moved away from them to begin with.

Re: Bandwidth?

The PLC will be located in an electrical enclosure, in most cases made of steel. RF isolation - in both directions - is a major function of the cabinet (physical protection, electrical safety, and limiting the spread of fire being the other main purposes).

Meanwhile there will be shed loads of RF hash put out by electric motors, solenoids valves, motor drives, and miscellaneous electronic gadgets. Picking anything meaningful up from a drone flying overhead is not likely.

The most plausible scenario will be the one that Stuxnet used. Just use bog standard Windows viruses and take over the PCs which inevitably get connected to PLCs either full time, or from time to time. It's rather curious how little mention Stuxnet got in the article, considering that it's the canonical example for control system hacking.

As for the S7-1200, that is the series that covers the low end of the PLC for Siemens. Typical applications for these don't get connected to any sort of network at all, let alone an air gapped one. I suspect it was chosen for the experiment simply on the basis of cost, as the larger more complex models of PLC can get rather expensive.

As for the supposed application, if you really want to know the topology of the network, just use standard off the shelf Windows viruses to infiltrate the business network and download the electrical drawings and PLC program backups from the drive shared used by the engineering and maintenance staff. Or just phone up someone and tell them you're a company quoting on upgrading one of their machines and ask them to email the materials to them. It's not like this custom built stuff is generally considered to be commercially valuable.

Re: Price-performance

I have an open-source software project that some users may be interested in running on POWER, but I've no practical way of testing it. It's a set of C libraries which can benefit from some serious CPU oomph, but I can't claim that it works on POWER.

* It runs on Linux, BSD, and WIndows.

* It compiles using GCC, Clang, and MS VC.

* It runs on x83 32 and 64 bit.

* It uses SIMD on x86-64 for a significant performance boost.

* I have an automated test pipeline set up for all of the above, with tens of thousands of tests.

* I'm working on setting up low cost test systems for ARM and expect to be able to claim that as a tested and supported platform.

But what are my options for POWER, other than splashing out on some eye wateringly expensive hardware despite having no paying customers lined up for it? Not good it would appear.

There's a bit of a chicken and egg problem here. I've written some open source software which can really make use of POWER's supposed advantages, and no doubt other people are in the same boat. However I can't call it a supported platform. Users can either take on the testing and any required porting themselves, or they can just use x86 - where my x86 specific SIMD optimisations may overcome any nominal performance advantages of POWER anyway.

I don't know what IBM can do to address this, but it's one of the disadvantages they are labouring under. SPARC is in the same boat. RISC V is going to have to address this question as well, if they want to break out into the general market rather than just embedded niches.

Re: not gonna happen

The BRICS countries created their own alternative to SWIFT a few years ago. That has made them immune to US influence over international payments systems when dealing amongst themselves or with other participating countries.

I suspect if the US were to want to shut down the "ru" domain, they would go after the higher level DNS servers via financial "sanctions". Running a DNS server at the scale we are talking about takes money. Target the money and it doesn't matter what the engineering staff happen to think, they can try running a DNS system in the dark with no electricity and no Internet connectivity if they wish.

Really, if anything at all is surprising, it's that this wasn't done years ago.

Royal Navy ships are normally named after previous RN ships. This lets them carry over the battle honours from the previous ships of that name. "Battle honours" is a list of battles which ships of that name have taken part in.

Certain names are reserved for certain classes of ships. QE and PoW were previously used for battleships, and so are now used for aircraft carriers. Destroyers and frigates have a separate list of names which also get reused (towns, rivers, etc.).

The previous QE was the lead ship of a new class of WWI battleships that was probably as big a step forward from previous ones in terms of size of gun, fire power, armour, and speed as the Dreadnought had been from pre-Dreadnoughts. I suspect that the current use of the name is at least on part supposed to symbolise a similar degree of advance in capabilities which the current ship brings to the RN.

The previous PoW was similarly the lead ship a new class of battleships which came into service at the beginning of WWII, and also a great technical advance forward for the RN at to time. Although it wasn't as obvious an advance in capability due to arms limitation treaties, it brought modern ships to a navy whose capital ships were largely made up of survivors of WWI. In that sense the new PoW could be said to symbolise the regeneration of the RN as a global force.

There are no doubt multiple reasons for why those names were picked, but they weren't simply picked out of a hat and they do have precedent as the names of important historical ships.

@hammarbtyp: "The questions is why?"

The reason is that the Achilles heel of Windows when it comes to portability is that the only reason people buy Windows is to run proprietary x86 applications. Microsoft can port Windows, MS Office, MS SQL Server, Dot Net, and various other bits of software that they own to ARM, but each customer will always a handful of third party applications that haven't been ported and that they don't want to do without. Being able to run those poorly is better than not being able to run them at all.

It's a chicken and egg problem Third party developers won't support Windows on ARM until there's a market for it, but customers won't create a market for it until there's enough third party software to run on it.

There's work in porting software, since you have to fix the application bugs which have been there all along but haven't surfaced on x86 but will show up on ARM. Then you have to worry about performance tuning on a different architecture. Plus you have to set up the development, testing, and QA servers to support the new architecture and add it to your release pipeline. And you have to do all this while waiting for years for a significant market to materialise.

Linux distros have supported multiple architectures for years because they have the source code for the applications they distribute and can simply recompile them in most cases. Since portability has been a core feature of most "unix" style operating systems from the early days, most of these applications have had the porting bugs wrung out of them years ago. Debian has official support for AMD64, i386, ARM, MIPS, PPC, and S390x (IBM mainframe). They have unofficial support for others as well, including SPARC.

Microsoft is starting without any of these advantages. Their Itanic port died some years ago and the few third party software developers who bought into that will be shy of repeating that experience until they see a real market running Windows.