266 posts • joined 7 Sep 2016
USB is a godsend, but
We should take a lesson from people who deal with drug users: harm reduction not behavior elimination.
Most people will be exposed to malware on a stick, but unlikely to be exposed to chip-level attacks. And they are never, ever going to stop plugging things they find into their computer.
So, what actions does a user need to take -- a real user, not a Reg reader, mind-- to protect themselves from nasties on the stick when they plug it in? This kind of stuff is too much.
+1. In the classical period (1995-2005) being an enterprise DBA was pretty hard. You had to know your OS inside out, you had to understand how to do fast I/O and then you had to design the database, as in tune how tables should be laid out for maximal performance. Wasnae easy, cap'n.
These days, I'm not so sure (I'm out of the biz). Do Oracle admins still worry about tuning the SGA for example? Does anyone use raw block devices? Or is it all self-tuning and autonomous for all but the most esoteric setups?
I think I know the shop under discussion
Let's say - they had their data processing operations in Osterly and were known for a shop building in Knightsbridge that was bedecked in lights?
Frankly, it's a miracle that they were running anything at all. I remember a summer working in their credit department where the workers had the thrilling task of microfilming credit card applications. One page at a time. It was like the sheet feeder had never existed.
Re: But can I get F1 on my BT account
Good Lord. Michigan Terminal System. There's a system I haven't thought about in a long time. I remember as a puny undergrad having to use the hideous terminals Programming Simula/67 and Fortran. The horror.
Perhaps, he says paranoically, GNOME is more tightly bound to systemd than KDE, therefore mandating GNOME as the future binds us into systemd ever more tightly.
I support a name change. Frankly the only people who would find "NIPS" amusing are those with the minds of 12-year-olds, but --breaking news, not!-- there are a remarkably high number of such folks in attendance at conferences. Including this one. So why give the puerile crowd anything extra to exercise their little minds over?
There's nothing inherently wrong with a name like NIPS. But the record of this and other similar conferences makes it susceptible to a rule I may as well call This Is Why You Can't Have Nice Things.
Re: it was a joy to work in and ahead of it's time for creating structured code @Mage
Yes!! It's almost like you need a code that people can use for any purpose, with easy symbols and keywords, for beginners
A Beginners All-purpose Symbolic Instruction Code perhaps.
I'll see myself out :)
Interesting on the world-wide scale
Ignoring the very wealthy markets of North America, Chinese cities and Western Europe, this level of repairability could be huge. One of the things holding back smartphone adoption globally is that not only are they costly but they are a royal pain to fix.If you have a smartphone that your guy/gal in the market in Kigali or Bangladesh or the wildest corners of Romania can fix, you're on your way to global adoption.
It's what you might call the Toyota truck model (or, for older Reg readers, the 2CV effect, or perhaps the Land Rover Defender effect) - things that are fixable in market tend to get very widely adopted.
True, although I'd rather be pranked with a rotated screen by the tech support people in the basement than stabbed in the back by an accountant with a spreadsheet on the top floor.
Time and place for everything, but a good manager who makes it very clear where the boundaries are also leaves space for the humor to grow, which contributes to better productivity for all.
Re: Put a heater in the safe then ?
You were only supposed to blow the bloody doors off!
Re: Ye Goode Olde Days
Is that a good sigh or a bad one?
Took me a year of cursing at WP5.1 before I knew enough keystrokes to be useful in it (the little plastic Fn key template being as useful as a chocolate teapot). But once I got it, ye gods, what a productive tool. Much as I like Word these days I still miss the fullscreen blue mode. Word even had a blue mode itself for a few years but sadly they ripped it out in recent versions.
The best of times, the worst of times
I have a bit of nostalgia for the sheer variety of computing back then - 68K, 8080, even the weird-and-frankly-quite-broken stuff like the 80186 (IIRC Research Machines used to have a demo mode on their 80186 PCs that could play a little Bach fugue). And the tools, being forced to run in such compressed environments, were pretty clever (and cheap). TSRs like Sidekick. Zortech C for 29.99. The BBC Tube (I mean! Co-processors across an interconnect! For kids in schools!)
Then I remember just how hard it was to get anything done. CONFIG.SYS not exactly right? Sorry. Don;t remember the exact PEEK and POKE? Sorry. Segment:offset addressing? Yuck. It's a miracle anything happened.
Re: Didn't ElReg just have a story about women-only coding camp?
If the point behind your anonymous comment is that the ACLU only ever take on cases that reflect some left-wing bias of theirs, I can assure you that they don't.
For example, right now they just filed suit in support of the NRA against the state of New York.(link). They came out in support of the white nationalists' right to protest in Charlottesville (link). Those are just two recent examples. If you want to go further back in time, they even defended Col. Oliver North in the Iran-Contra scandal. (link)
So, less of the cheap shots, eh?
Re: New depths
They were salesdroids^Wthe people who find the revenue to pay your wages.
Fixed ^ 3.
Cute, but not for long
I happen to think the defendant is a loon, but this sort of case was never going to fly. The Internet, notoriously, interprets censorship as damage and routes around it. Doesn't matter whether the 'censorship' is 'good' or 'bad'.
The really interesting cases will start when people start making these guns and hurting themselves or others. I predict an upswing in hand and facial injuries as the first experimenters discover that machining parts to close tolerances is, uh, quite important if you want that explosive projectile to go in the direction you want.
Re: Forget the geeky stuff, sort out the user experience.
Just think, someone on our planet has the job of pixelizing, uh, certain frames in such content.
Perhaps they use GIMP?
Re: "Can you turn it back on. Please?"
True, but @Mk4 didn't claim it was a hack job. For all we know, they could have documented it up the wazoo, pointed out it's criticality, and even gotten sign off from a Higher Being...but that's no guarantee that a busybody in another part of the org couldn't insist it be taken down.
Being real life, of course, this can go both ways:
A: "Ach, I'll just roll my own crypto". Busybody: "Hell no" - BB probably saved the day there.
A: "Ach, I'll just write some glue code" Busybody: "Hell no" - BB probably cost the company $$$ as now the swarms of IBM/SAP/$expensive consultants arrive to tear apart the business.
Re: Bridge rectifier?
Check out Derek Lowe's chem blog for more on this. Like: "Imagine 6 skunks wrapped in rubber innertubes and the whole thing is set ablaze. That might approach the metaphysical stench of this material"
Re: Plot twist? What plot twist?
In many parts of the world, Bangladesh included, the concept of make-it-work trumps adherence to "code", or saftey, or anything we take for granted in the developed world. See https://huqelberry.wordpress.com/2011/03/05/crazy-cables/ for an example (from Pakistan). You see it and you are simultaneously impressed and horrified!
Re: "It is time, therefore, for WireGuard to be properly integrated into Linux."
Hey, hands off my 3c509!
Re: Follow the money
An AC asked for a source on Singapore. I use that as one example. The key tenet is that the EU needs to have made an "adequacy decision" for a country, and Singapore isn't on that list, ergo, is not considered adequate by the EU.
Here's the official word from the EU: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en
And here's a link from a local Singapore law site: https://lawgazette.com.sg/feature/the-new-european-general-data-protection-regulation/
Follow the money
IIRC, India (and Singapore, and few others) is one of the countries that the EU considers to *not* have adequate data safeguards in place for any company subject to GDPR to use as a data processor. You can imagine, that this puts a dampener on all that yummy outsourcing.
See: https://www.pwc.in/consulting/cyber-security/blogs/how-can-indian-organisations-prepare-for-the-gdpr-regime.html for a brief explanation.
El Reg readers should be aware that if they are working for an EU company (data controller) that uses an external data processor (such as an Indian outsourcer), they need to tread extremely carefully. The GDPR has real teeth. You do not want to mess it up.
Re: Long live Windows production servers
Ah, PA-RISC. A lovely system. But this battle is lost. It's not so much what "makes commercial UNIX better" as what made, past tense, it better - and those advantages (deep talent pool, corporate backing, intensity of focus, knowledgeable customers, dedicated hardware) are no more.
To whit: All the Solaris talent left Sun/Oracle years ago. Judging from HPE's April 2018 roadmap I imagine HP-UX is supported by three people in a garage who weren't even born when the Superdome and Integrity lines came out. HPE is a shell of its former self and barely seems to know what it is any more. Both Oracle Solaris and HP-UX are running on fumes and all the innovation in their OSes is coming from other communities (eg OpenStack on HP-UX). Customers have their own business imperatives and Linux is good enough for 99% of what they do, plus the talent to run it gets cheaper every year, so "good enough" is fine. Hardware margins are brutal.
When I retire I fully intend to recreate the computing environment of the late 1990s and have a blast just playing around with all the heyday UNIX systems I can lay my hands on. The UNIX Wars were ridiculous at the time, but with nothing to look forward to but hearing aids and senility, I shall have a blast firing up IRIX and OSF/1 and HP-UX just for the hell of it. But not AIX. Please God no.
Re: Long live Windows production servers
Much as I feel your pain I think this is on A/V in general and Symantec in particular rather than Windows. A/V is just a horrible, self-perpetuating solution that gives me the willies architecturally, irrespective of what platform it's on or who provides it. "Oh so you want to hook into every I/O on my system as a privileged user and stay resident in protected memory all day? Well what could be wrong with that?"
As far as Linux vs. UNIX goes, yes, I would be the first to acknowledge that Real UNIX blew and continues to blow Linux out of the water in many respects (Solaris virtualization is still vastly superior to anything Linux has for example, and live patching on Linux is still immature). But I am reminded of the story of the US colonel meeting General Giap of the Viet Cong at the Paris peace talks to negotiate an end to the Vietnam war:
Col. Harry G. Summers Jr.: "You know, you never defeated us on the battlefield."
General Giap: "That may be so. But it is also irrelevant."
Re: Outlook, the last bastion of weird customization hackery
Oh, and I forgot the Outlook Today panel. You can have Winter or Summer. Irrespective of any other color scheme/theme/customization it has going on. What??
Outlook, the last bastion of weird customization hackery
Some of us folks spend our days in the Outlook desktop client. In that world, the customization options are just bizarre.
- For a start, it doesn't seem to respect the Windows theme (y'know, like every other Windows app does, lest MSFT come down on them like a ton of bricks).
- You can change your theme between Colorful, Gray, White and Black, but in reality, anything other than Colorful leads to weird artifacts on screen, like the word "To:" being black on black.
- There's a weird customization option that does nothing more than put a little watermark on your ribbon, eg a little swirl. Maybe 10-12 choices here. But for the love of god, why?
There are some days I really miss Pine.
Re: Not a good idea for me.
You need to add
to your code. Or, if you don't care for the full man-bun avocado-toast privacy-surrendering experience,
from hipster import mojo
Your memory matches mine. The DTMF ABCD tones were used as a way of doing extra control on the call, eg in the US military's old system (autovon) they could indicate the priority of a call.
Back in the 1980s I seem to recall BBC Basic instructions referring to ? as "pling" and ! as "bang". Made for some weird looks when I started shell scripting on UNIX.
Those who don't remember history are doomed to repeat it
1960s: Mainframe. Access the applications from anywhere! So long as there's a bigass 3270 terminal on your desk and you can live with JCL. Score: 10/10 for badass virtualization trickery (still not bested). 2/10 for user experience.
1970s: Mini. Visual terminals allow you to access the applications from anywhere! So long as your sysadmin can find the uniquely weird RJ connector that your VT220 keyboard needs, and you dream in amber screen. Score: 10/10 for the lovely bouncy rubbery keyboard, 11/10 for indestructible fault tolerance in VMS, 1/10 for SHOUTY /VERBOSE USER:INTERFACE
1980s: Unix. What's in your /usr/bin? So long as the application is ed. Well, it is the standard text editor. And there's always Kermit for those home workers. Score: 9/10 for elegance. 1/10 for lovably insane hacks to get it to hang together (termcap I'm looking at you). 11/10 for the beards.
1990s: Sun. The Network Is the Computer! NIS, autofs, NFS. The golden age imho. Graphical applications from anywhere. You'll prise my X-terminal out of my cold, dead hands. We'll give some points to Sun for the SunRay...and immediately take them away for NIS+.
2000s: Windows. Roaming profiles baby! The less said about this the better. Oh, and netbooks, cos who needs full Windows right? And dynamic on-demand installation of parts of Office, to reduce the bloat. Because what is more joy for an IT manager than a thousand desktops where Office is broken in subtly different ways?
2010s: Chromebooks. Access the applications from anywhere! So long as you don't need anything fat like Office, and are the 0.001% of the population that have a web app that runs well offline, and use files that sync cleanly when you do reconnect and find that Pam in Marketing was working on the same file you were while you were out getting hipster massages. Score: TBD.
I love new tech, but this is a haaaarrrrrd problem.
Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help
Close, but too early to say how close
(Long post, I apologize. TL;DR version is: hoping that Russians too careful, and Trump campaign too stupid, to collude, but former used the latter as useful idiots. Fear that it'll be worse.)
We should separate the acts of a hostile regime from those of a party election committee. Russia has a national agenda set by Putin. It is, loosely, to regain Russian prestige as a global superpower and not fade away into a giant country with a third-rate economy. To that end, their MO is to destabilize and delegitimize Western institutions like NATO and the EU. I really hope they fail, but I am not remotely surprised that they are trying - and while many attacks will be extremely subtle (the FSB are world-class experts at espionage, psyops etc) frankly it's on us if our systems, the quality of our public discourse and the critical thinking skills of our citizenry are so weak as to be fooled by some of their attempts.
The critical missing piece is whether elements in our polity knowingly assisted the Russians in their efforts. Hillary Clinton is such a divisive figure in US politics that she could have lost the election without needing any collusion between the Trump campaign and the Russians. You could go so far as to say that discovering Russian collusion with Trump would be a terrible outcome for the Democratic party because it would absolve them of the need to do serious introspection as to why they lost (as opposed to the easy, "we lost 'cos Trump was cheating with the Russians' help").
Now the Russians have long had experience of "useful idiots" and "fellow travelers" that they can use as force multipliers in operations. Normally I would say that the Trump campaign would fall into this camp. The Russians saw his momentum, realized Trump's appeal and his lack of talent, and realized what an opportunity they had. None of their success *required* them to explicitly collude with the Trump campaign.
But. A Big But. The Trump campaign was so full of grifters, eager-to-please in-laws, ambitious climbers and so on with absolutely zero experience in recognizing manipulation, psych games and so on that they could, and quite likely, *did* meet with various people linked to Russia. Probably not some FSB colonel with three gold stars (the Russians would never risk compromise) but people with some linkage back to the Motherland.
Don't blame the Arch team for any of this, in fact I give them credit - but inevitably there is a halo around the core distro (any core distro) that extends to anything that is considered "close" to it. So the very fact that AURs start at aur.archlinux.org and not aur.example.com gives AUR an (undeserved) halo of respectability. Yes I know it doesnt deserve it and the page says you try at your own risk. but the halo effect is incredibly strong. Its why people still click on phishing emails from Microsoft Support.
Re: Damn, daniel!
That might have been because Sophie was called Roger at the time, I'm not 100% sure but her bio might have clues. She's a CS legend for sure.
The most impressive thing was the level of intellectual engagement required to succeed with the material. I mean, look at the photo. Imagine it's 1982. Your first touch point with this new fangled tech is...Lisp? That's some serious brain engagement.
It's no sillier than say (h/t the ghost of Sun):
Solaris 2.0 << but really, SunOS 5 under the covers. Except that SunOS 5 was a totally different beast to SunOS 4.anything
Solaris 2.1, 2.2, 2.3, 2.4, 2.5, 2.6
Solaris 7 << what just happened there? A rip in the fabric of space-time?
Solaris 8, 9, <implosion>
Re: The all-important Second Edition
@Chewi, Are we still talking about Windows, or has the conversation moved on to spouses?
Re: The ONLY things going for it were
The irony was, that without all that stuff (I'm talking RH4, maybe kernel 1.2.13?) Linux was the thing at the other end of your modem supplying the Internet. Those GeoCities pages had to live somewhere after all.
That and the freeBSD box that ran cdrom.com for years....
Re: The ONLY things going for it were
Am I mis-remembering, or was NT 3.51 quite a bit more stable than NT4 until SP3 came out? I was running 3.51 in a research lab and that baby was a tank. Then again, it was probably running on better hardware (Compaq from the days when Compaq was expensive and worth every penny.)
Atari accuses El Reg of professional trolling and making stuff up. Welp, here's the interview tape for you to decide...
Re: Oh how the might have fallen...
It was pointless us Beeb owners trolling the Spectrum people. They would type a witty response on their prophylactic keys, but forget it every time the RAM pack plugged into the back fell out.
Love PDF, not so in love with Acrobat
PDF is the defacto document standard because it just works for the mass population. Sure, there are the 1% who have more specialized needs, but getting the level of fidelity that PDF provides for the effort (or lack of) that 'print to PDF' provides makes it a lock.
So, props to Adobe, Warnock and the author for a fun and informative article.
Now we must turn our attention to Acrobat. Oh, Adobe, you break my heart every time I open your Reader. What did you do with Reader DC? The weird-ass offering of McAfee with every download that makes you look like a skeevy mp3 ripper from a warez site. The kindergarten UI. The tool bar that is un-hideable, eating up a 2-inch wide chunk of my screen for no purpose whatsoever. Whyyyy?
Re: C and C-style C++
Certainly software standards are low compared to "real" engineering disciplines like civil engineering. So yes, people do need to know what they are doing and pay attention.
But the days of being able to keep the entire state of the machine in your head as you program, which was something that you could do back in the day, have long since gone. It's not you, a 68k, 16 registers and a bit o' RAM. It's two, or four sockets each with a variable number of cores, maybe with hyperthreading, maybe with memory access crossing a QPI, god knows how many registers, maybe the whole thing is virtualized, the clock can go slow, fast, stop for days and then wake up, I mean the complexity is astounding. I don't believe that any systems programmer can place their hand on their heart and predict zero % chance of a stray memory access or timing bug in that environment.
vi vs. emacs was never fought with such poisonous disdain though.
- vi vs Emacs: Stallman dresses up as Saint INGU-Cius of the Church of Emacs.
- systemd vs the rest: People want to burn Poettering at the stake.
Re: Romania: RON and LEU
"because as a stupid tourist you totally deserve to overpay."
Small wonder that Romania is not top of my list of countries to visit :)
Re: Age means nothing
Oh god, don't tell me there are still people out there running NetBEUI.
The comments prove the article
The absence of a spectrum is the real problem here. If everything is a crisis then nothing is a crisis. To compare the data collection that Canonical do to the collection that Microsoft do, is actually to make it easier for those at the more grabby end of the spectrum to justify what they do.
If you object to what Canonical do, opt-out, or uninstall Ubuntu. But don't go from zero to pitchfork. You should be reserving the pitchforks for the truly bad actors like Facebook.
Re: How noisy are the cooling fans?
STOP. DO NOT PASS GO.
El Reg, we need to know more about this programming group. There's a great story in there, I'm sure.
Re: Concerning Trademarks
Since this is an IT rag, I'll take a swag. Pyrex and UNIX are two situations where case matters a lot. If the label says PYREX, it's the pre-Corning/World Kitchen stuff - borosilicate glass. If it says Pyrex or pyrex (etc), it's the newer soda lime glass.
If you like to attend yard sales, a pro tip is to seek out older neighborhoods where people are clearing out Grandma's kitchen. Sometimes you can find good PYREX from the 1970s available for a song.
I lean back in my office chair and look lovingly at the 6 foot thick 'slim manuals' that details the Nortel DMS-10 Instruction Set. From the days when the manuals arrived on a shipping pallet all their own.