Posts by bombastic bob

Re: Perhaps more to the story...

people who publicly shout with megaphones pointed at their former employer's office building (In My Bombastic Opinion) only want THE NEWS MEDIA to hear them

Re: Hoist on own petard

a qualified disagreement with the 'any law that uses subjective feelings', as much as I *HATE* the 'F' word "FEEL"... and here's why: If you "feel threatened", or are intimidated, or are constantly "creeped out" by someone's behavior, it can be considered a form of 'assault' [i.e. threats of harm and/or harassment].

The intent of such a law is to create a non-threatening society. And of course the details of whether any claims are valid belong to the jury and lawyers and judges involved in the cases, appellate courts, and so on. And IANAL.

So yeah I'm generally apalled by "FEELY" things, but in this case, there may be no other way to describe it as the legal statute. NOT having such a statute is probably WORSE.

(sad icon because it's a sick sad world sometimes)

Re: Hoist on own petard

I don't know why anybody would give you a thumbs down... because pretty much everything you say is correct. I guess 2 people didn't like truth or something.

I think of it this way: if employees at my workplace were in ANY way using company time and/or company resources to TRACK ME, even if it's public info, for WHATEVER motivation they have, it's not only CREEPY it's unnerving. it sounds like an opportunity to invite said stalkers to the local boxing gym, for a 1 on 1 "sparring match" with no timekeeper nor referee... [and watch their bravery leak out onto the floor in a large yellow puddle]

Re: I can only assume that the stalkage etc moved into legal/crime territory

"This might not be a popular view"

I hope you're WRONG about it NOT being a popular view... because it SHOULD be the *ONLY* view, that is, to NOT be a "feely ideological activist" at work, and abuse data from the workplace against other employees, especially when their implied intent was "CANCEL CULTURE" kinds of stuff.

Oh, and ALSO a big thumbs up for the entire post.

Re: I can only assume that the stalkage etc moved into legal/crime territory

it does sound like a reason to stalk the stalkers, which may be how they found out about their excuse for legitimately firing them.

Actually, depending on how the union works, it may be *beneficial*. The stereotype union wants too much money for too little work, is thuggish, goes on strike at the slightest provocation, yotta yotta. A good union acts like a human resources department combined with a labor force that produces quality work at a reasonable cost to the management company.

However I think any kind of white collar union is a bad idea. It's the wrong kind of thinking pattern for GOOD engineers. The best engineers are creative types who think non-linearly, often 'out of the box'. A unionized labor force, however, tends to behave 'collectively', not something that induces creativity nor 'out of the box' thinking. The two are mutually exclusive (in my view).

Re: Hoist on own petard

"internal culture of self-righteous virtue-display totalitarianism"

So *MANY* levels of "wrong" involved, I don't know where to begin [snarking].

I'm not surprised to see Google fire these people for doing what Google does to EVERYONE. Why? because "Google reserves the right" and its an EXCLUSIVE right, in their eyes, to spy on EVERYONE.

But employees need to keep in mind, the job is an exchange of money for valuable work. It's not a crusade, a mission, political activism, one feudal land warring against another, yotta yotta.

Still, the fact that they were UNION ORGANIZERS does give me some pause for thought...

Re: Nope, never saw this coming

not DIRECTLY compatible you mean.

that's sort of inherent in a system where you somehow map a /64 into a /32 without some kind of "reverse NAT" in there.

And don't forget the IPv6 to IPv4 compatibility addresses... 64:ff9b::/96

https://tools.ietf.org/html/rfc6052

Re: The internet will be privatised

those net blocks aren't issued by ISPs? Who issued them?

A while back this one ISP was issuing /28's for a DSL service [that I was testing at the time], instead of using PPPoE or some other means of "just having one IP address", esentially using one as a gateway, one as the actual IP address, a third for broadcast, and a fourth that was basically 'wasted'. It was an ineffective use of 4 assigned IP addresses in my opinion, but unfortunately necessary in THAT configuration.

Perhaps one of the simpler solutions here is to re-do the IP address assignments to eliminate the need for these kinds of /28 netblocks, and INSTEAD assign the addresses directly and use a different protocol to communicate the data. customer still has his fixed address(es), but fewer are actually being used, and become available for others.

(earlier comment about IPv6:IPv4 gateway probably applies)

Re: The internet will be privatised

agreed. there is actually an IPv6/IPv4 gateway block that can be used to cover ALL IPv4 addresses with equivalent IPv6 ones. Why isn't THIS being used???

Sure, an IPv4-only system might have trouble routing back. For this you'd need a 'somewhat careful' NATing method, in effect the opposite of what IPv4 NAT already does, at whatever router is translating the IPv6 address space into an IPv4 one. It generally means "established connection" translations, to/from the IPv4 space, and it would really only work properly for services that aren't trying to connect out (but you would be able to connect TO them, and get responses back).

I expect this last part is the only real reason IPv4 needs to exist. but how ELSE could you map a bozillian possible IPv6 addresses down to a /32 address space?

So yeah, "said router" above would listen on the IPv6-mapped-to-IPv4 address. It would translate that incoming IPv6 packet into an IPv4 (assigning a private IPv4 to it) for the private network. The server on the private network would send traffic back, and the NAT on "said router" woudl translate it back to a public IPv6 to be transmitted the normal way. basically, "reverse NAT". And DNS for IPv6 could (in theory) be done the same way (as seen by the IPv4 side) for outbound connections, but you'd have to limit your "resolved" address space to 10/8 and 192.168/16 and so on, and expire the DNS records in a short enough time, and recycle the addresses 'as needed' to manage it.

[should be possible to "can" a solution to this with Linux or one of the BSDs, if it has not already been done]

did you test it with 'ping6' ?

IPv6 not that hard... seriously

most web browsers that I am aware of have some means of resolving IPv6 before IPv4, and you can generally tell them which one to use first. I actually ran into some problems with CLOUDFLARE because they weren't handling IPv6 properly, and not that long ago. It was affecting my ability to read El Reg articles.

Aside from that, IPv6 is generally NOT hard to use on the client end. However, the one thing people aren't fully aware of (apparently) is that every IPv6 address that can be used to access 'teh intarwebs' is public. So that means windows machines MUST be properly firewalled, and I'm not talking about the "Windows Firewall" when I say that [laughing about pathetic Windows Firewall being stifled while I write this].

Seriously, though, IPv6 not that hard to set up for routers, either, assuming you're running FreeBSD or Linux. I suppose a Windows server might have problems... (but WHY would you be exposing a Windows Server directly to 'teh intarwebs' anyway? And THEN, using it as a ROUTER?)

/me uses FreeBSD as a network gateway and router, firewall, 'server in general'

Re: XWindows

I still use that feature of X Windows, probably its BEST feature, to run X11 programs on headless (and even the SAME) computers.

If you do export DISPLAY=localhost:0.0 and enable TCP and 'xhost +localhost', you can THEN su to whatever user you want, and run X11 applications under a different user context.

SO I can be logged in as 2 or 3 or more users on the same X11 desktop, much more easily than "run as": under windows.

And then there's development on an something like an RPi. Use 'pluma' to edit your code directly on the RPi, and *NOT* have to struggle with a tiny touch screen or separate HDMI-capable display? I do that a LOT, especially with 'headless' RPis.

But I think that this is most useful for web browsers. If you configure Firefox (for a particular user) to automatically purge ALL history, cookies, data, etc. every time you close it, you NOW have a stealthy browser that has NO history that could even POSSIBLY be abused by ANYONE.

And you can run that browser in the security context of a user that doesn't matter. "Oh, that downloaded thingy just wiped out my home directory. Oh, well, so what. *yawn* [rebuild] no problem now"

So yeah, the SINGLE BEST FEATURE of X11 is its inherent remote client/server configuration.

(and Wayland cannot do that, nya nya-nya nya-nyaaaa nyaaaaa)

heh

20 years ago i was doing stuff with windows boxen. 15 years ago I decided that it was DEFINITELY worth doing a lateral to POSIX systems like FreeBSD and Linux, as it appeared that Windows was just simply going the WRONG direction in 2003 (and I know I was right).

Guess what I stuck with? yep!

30 years ago I was doing stuff with PCs, combining a process involving Lotus 123, Harvard graphics, Word Perfect, and a bunch of '.bat' files, minicomputer report scripts, downloading, and overall "process automation" to generate a multi-page weekly report on Monday AM that reflected the most up to date data and presented it in a manager friendly way. TOok about 2-3 hours to print so I started it at 6AM, showed up around 8 AM, made sure the paper didn't jam [or Id hav to re-run it], got it all copied and stapled by 9 AM, had it all delivered by 10 AM, and then said "Wow, my week is done. Now what do I do? I think I'll work on THIS today..." [and they let me - that report took a week to generate before I started, had less stuff in it, didn't look as nice, and was 4 days old data-wise when it was finally completed]

NOTE: because I don't like doing data entry or futzing around with presentation on paper, I came up with a way for the computer to DO ALL THAT WORK FOR ME because I'm LAZY and I _HATE_ _DRUDGERY_. Worked out pretty nicely for all parties involved.

Re: ITeC

turbo buttons and frequency output [hard coded] on an LED display. yeah, kinda pointless.

Early on games were written using a clock timer, and NOT the CPU speed, so you didn't need to turn OFF the 'turbo' mode.

Re: My reason for RealVNC 5.x

TigerVNC: A Spinoff of TightVNC with TLS, actually looking good!

and generally, TigerVNC has better support for X11, such as GLX support, something that Mate (and apparently gtk3 in general) needs. It's why I switched to it a couple o' years ago, yeah.

I haven't tried the TLS though. And yeah self-signed certs with openssl are built-in except Windows, but I'd just use Cygwin or a Linux or BSD box to generate them for W, so there ya go.

But even with TLS I'd rather firewall it. Mentioned already, the daily poundings on VNC's listening port range by automated crack-bots makes it NOT worth having attached to teh intarwebs'. SSH login attempts are bad enough [but fail2ban helps with that, yeah]

Re: VNC isn't secure!

I'd still do the tunnel. It's been my experience that things _like_ VNC aren't trustworthy enough on their own, and it would just be simpler if you always use them via SSH and NEVER expose their ports to 'teh intarwebs'. It's kinda like "safe surfing". No amount of anti-virus or similar things will stop the daily pounding on the expose ports, nor prevent a 0-day exploit. Use SSH and firewall it.

Re: KVM

VNC into a KVM seems to work ok for me and I've used it a LOT actually... but usually by setting up an ssh tunnel so I'm listening on a specific IP address [usually localhost] on whatever machine I want to access it from. To make that work you can have a headless (Linux or BSD) VM that makes an ssh connection onto another machine (let's say a server) and directs incoming "server:xxxx" to "vm:22" for ssh. Then, just do something like "ssh server xxxx" to access it. That's how I've been doing it, anyway.

THEN, for VNC access, you use something _like_ TigerVNC server to actually run the desktop, and set up VNC tunneling via the ssh connection [same basic idea] and VOILA! you open VNC and you now have the full desktop. (you can also do this on an RPi that's headless to access its desktop via VNC).

This works exceptionally well when you want to have KDE on your Mate machine, or if you want to do X11 debugging from a GUI [so you run the debugged program in a VNC session, which is a different X server and isnt going to lock up on you if you break in the middle of certain libX11 calls...].

Anyway, ssh + sshd tunneling magic works fine. A bit tricky at first, but there are many examples in duck-duck-go-land

Re: TightVNC development is active AFAIK

So it looks like if you are using it on linux, you will have to change to something else

oh, so THAT is what happened! [I don't use Win-10-nic and haven't VNC'd with a windows box in FOREVER... so that is probably why I had to switch to Tiger VNC for BSD and Linux - lack of current X11 support etc.]

windows-only. THAT is @#$%^ *DISAPPOINTING*.

Re: TightVNC development is active AFAIK

I've been using Tiger Vnc which is a fork of TighVNC... because for quite a while it seemed out of date and wouldn't handle certain GLX things that Mate and other systems needed support for. So I switched.

from the article:

600,000 public-facing machines offer VNC access

These people exposing "known port" VNC connections MUST understand it's a security risk already... what, does VNC protocol's pathetic password protection actually HELP? do ya think? yeah, should be obvious, right? I wonder how many OTHER firewall logs have shown a zillion daily attempts at banging on ports 5900-5999 looking for VNC...

(they should be using a VPN and ONLY listen on private addresses at the very least and NOT exposing those ports to 'teh intarwebs')

But then again, WINDOWS machines are INFAMOUS for "listen on *.*.*.*" so there you have it. Unless you explicitly put a firewall between 'teh intarwebs' and your windows boxen, you're insecure (apparently) by DESIGN.

Sure, putting ANY windows on a public IP is just STUPID these days. So, at least firewall it with a LINUX box, at the VERY least! [you could even use an RPi to do it if you add a 2nd network adaptor or make it a WiFi access point]

And when you need VNC access from 'teh intarwebs' you should use a VPN or ssh anyway. It's just common sense.

Re: Oh no

VNC viewer, maybe? It's been around for EVAR. And it's still supported, last i checked.

I use VNC servers on headless Linux boxen sometimes. Tiger VNC is probably the easiest to set up.

You should probably NOT expose VNC's port to the outside world as-is, though. Instead you should use a VPN or ssh tunnel to access it from teh intarwebs.

(but yeah that's not as convenient as using some monolithic 'google print' thing or remote PC service)

/me points out that, with a little configguring, you can easily set up an Xorg desktop to do these things. you can even run X11 applications remotely though performance across 'teh intarwebs' is a bit pathetic sometimes. Still POSSIBLE though, as I've done this before, mostly for the lulz. Through ssh tunnels, of course.

Re: "anomaly"

well, any animosity aside, a catastrophic fail in the test phase is part of the process. It's just that SpaceX can't do this without people seeing it and laughing a bit.

Who out there has NEVER let the blue smoke out of a component? I most recently had that happen to me when someone handed me a 12V power supply that REALLY turned out to be a 24V power supply, with the same connector, and I plugged it in without reading the @#$% label... blue smoke and arcs and OH CRAP and I repaired the board but the fried regulator managed to take the CPU with it...

(fortunately the CPU was TQFP, unfortunately had trouble soldering it with $CLIENT's tools, nearly had to bring it home to fix it, then managed to blob-and-wick some solder onto a questionable-looking CPU pin, then all good)

Re: Wordpress?

Use of Wordpress (and things like it) is STILL lame, In My Bombastic Opinion.

[A quarter of the human population does LOTS of things I'd never do. Like smoke. Just sayin'.]

Intel ADMITTING they use Wordpress - that's kinda funny!

Re: This is great news...

I somewhat recently got a Ryzen CPU (6 core) and motherboard to build a new workstation. All good so far, running FreeBSD 12-STABLE on it, "all ZFS" system. Hyperthread gives me 12 'cores' and makes compiles go very very fast.

Intel can't compete with that price-wise. Looks like they actually stopped trying!

Re: There really isn't a future for "native" UX on anything...

"Most UX specialists are abject morons who have abolute no concept of whizz-bang-shiny. I should know, my thesis was on User Interfaces..."

since you brought it up... the whole "User Experience" thing (vs a 'User Interface') is one of those "new agey" "feelie" phrases that cause me nausea every time I think about it, so I tend to ignore it to keep my lunch from explosively leaving out one end or the other...

Instead, I'll just say that it reminds me of a joke:

Q: How many people from Silly Valley does it take to change a light bulb?

A: It takes at least 3. One to change the bulb, and at least 2 to "share in the experience"

And I think my point has been made, now.

Re: Four out of five Microsofts recommend....

it does not detract, I think, from the idea that MS is basically issuing PROPAGANDA again... with respect to "the future" and their 'offerings' etc..

What, Silverlight was excluded? heh.

Perhaps less on the detail, and more on the concept. And it's ok to laugh at subtle jokes.

(it's my opinion that creative-minded people generally don't like 'inspector/detail' types and usually don't get along with them...)

Re: There really isn't a future for "native" UX on anything...

a 'qualified' agreement with your explanation, but not the topic in general.

I would say that there's ALWAYS a future for writing applications to target the native UI, especially if they're performance-related.

However, in the case of ".Not" UWP and all of that *CRAP*, it's not "the native UI" and should *NEVER* *BE*! Win32 *is* the Windows API, and it should REMAIN that way!

Otherwise, Micro-shaft will be SHOOTING THEMSELVES IN BOTH FEET if it ever is NOT.

Re: Deja vu all over again

ack.

And (everyone) *PLEASE* *STOP* *CALLING* *THAT* *UI* *MODERN*!!!. ('that' is to 'modern' as '70s disco' is to 'music', or 'etch-a-sketch' is to 'art', etc. and don't even get me started on the 'FLUGLY'...).

I'm sticking with Win32 API for windows applications, and the (older) MFC framework, compatible with Windows 7, and NEVER tie my application into ".Not". NEVER CLR nor anything that requires it.

If Micro-shaft DEPRECATES Win32, it'll be at their OWN PERIL (with devs - if you do not believe me, check out the TIOBE index with respect to UWP and ".Not" and C# and VB.NET and other such things, as compared to C, Java, C++, and even Python!!!)

Re: Modest proposal time

I liked the Heinlein idea of pedal-planes inside atmosphere-filled moon caves, for tourist recreation...

(one of his short stories, I forget which one)

Re: Modest proposal time

it's 1, 2, 3, 4, 5, 6

(wait that's a combination that an idiot would use on his luggage!)

[it's also the combo on my briefcase]

Re: The Folly of the Free Market When you Really Want to Just Get Something Done

Perhaps NASA should have been willing to shell out more money initially, in order to attract more contract providers...

SOCIALISM isn't fixing this, by the way... (doing it THAT way would wheel spin us in "development" of "the next system" which would be a moving target and a cash pit at many times the current cost, as history would indicate)

However I think this will work out just fine. There are a few snags remaining, they didn't launch a ball of flame with dead astronauts coming back to earth, they've put caution and safety FIRST, and it delayed things. Well, so what. We're *SO* close to having this now, I'm sure it'll work.

And yeah, I'm in favor of UPPING the budget for NASA, not for the ISS so much, but because NASA dollars spent on rockets and R&D result in jobs, jobs, jobs. It's the *kind* of Keynsian economics that works, because you PAY PEOPLE TO WORK and GET SOMETHING IN RETURN. And technology always improves with these kind of government contracts, and it all pretty much 'trickles down' into the REST of industry, as history demonstrates.

It's all good. Apollo 1 was a disaster. And a couple of shuttles. But there was a 'stand down' each time, and some re-evaluation, and we fixed it, focused on safety, and moved forward. NASA is doing it right, I think, but more money approved for contracts would help.

Re: Or, simply...

I wouldn't go for an entire ban on software patents.

HOWEVER, raising the bar to require the following would greatly reform the trolling problem

a) SPECIFICITY - a specific patent for a specific use.

b) NON-TRIVIALITY - must be WAY more than an obvious/trivial implementation

c) no "algorithms" - NO patenting of a (pure) algorithm. Reserve THAT for copyrights. However, if the algorithm works together with OTHER patentable tech, it could be considered as part of "that tech".

d) no "cosmetic" or UI claims - the use of multi-button presses, square windows, colors, touch, or other such common UI elements/appearance in a software patent claim.

As I see it, a software patent that applies to a particular technology (let's say control software for a particular industrial process that requires the industrial hardware to work), when this has been targeted to the particular implementation, should be fine. [I am actually party to a provisional software patent that is like that].

however, a PURE software patent on an algorithm, a trivial patent that's too obvious, or an 'umbrella' patent that is not specific, should be DENIED categorically.

This way if you invent something, and software is part of the invention (but not ALL of it), you should be able to patent your software WORKING WITH your invention.

but if you come up with an algorithm to calculate something [i.e. pure software], or generically perform some kind of control [let's say GPIO bit flipping or networking, and the hardware isn't patentable] then it should be DENIED.

the latter is probably the most frequent source of patent trolling, non-specific generic algorithm type patents that should NEVER have been granted.

and ESPECIALLY no "cosmetic" or UI claims, unless it's specific to your hardware.

Re: Wait and see

I think your position is the best, aka "Wait and See"

Re: Upvote... but.

"Animal Welfare" - humans are one of the FEW animals that treat their prey in a 'humane' way, for the most part. Most predators just kill and eat them, sometimes BRUTALLY.

I think we should give ourselves some credit for doing as much as we do...

Now - if 'protein sequenced' meat tastes as good as grass-fed or corn-fed beef, and COSTS LESS, I'll buy it at the grocery store. Until then, maybe it has a use in long space flights...

Re: Mmm!

you made me think of: genetically modified worms that taste like beef

yum!