That's a VERY good desktop - whoever specced it out was very thoughtful:-) Re Surface Book 2: ah, I've only seen one of those so far but it did look well designed. I always thought Windows 7 was OK and I'd say Windows 10 tipped things over to good (I know people hate the telemetry but that's not a personal worry for me). I'm impressed by WSL (I know it's slow for filesystem I/O and there's no official graphical support but again those aren't worries for me) and I know someone who was happy running it. In fact the whole better terminal/OpenSSH available from MS add/investigation into using clang/move to Chromium etc. just proves MS can execute. Busted sleep doesn't sound very Microsofty (I could understand that more with broken third party drivers but yours is essentially a first party laptop) but in these days of "rolling" OSes I guess speed bumps are to be expected. Oh and I also found Hyper-V was good so long as your guest OS had enlightened drivers (Windows/Linux/FreeBSD?)...
I also I admit that Apple will get "tablet money" out of me - I found the iPad to be top notch (again mine is old and dates from 2013 so could do with replacement) but I'm waiting for the "regular" ones to get USB-C. Their phones are less interesting to me 'cos normally I'm a cheapskate and the household seems to be keen on Android (stock only). I'm not so keen that phone physical dimensions keep getting bigger (curious given what happened to laptops) but that's the trend...
I think your "except two things" are nearly impossible for MS to fix though... Are you saying you would be happy with another key combo sending SIGINT in a terminal (for example) or you would only be happy with an Apple-key style situation across the OS? Or are you saying that when the time comes it's going to be a lump situation?:-)
I'm genuinely curious, what are you going switch to TR? Did "work" give you a desktop?
I know people who were MBP owners who went to a Windows Lenovo X1 (which had 16GB RAM, had a 512GB NVMe SSD, i7 of some description and cost less than £2K) in defiance of the new MBP keyboards. They're very happy with their choice and talk plenty about how Mac laptops now aren't what they were in the late 2000s/early 2010s - in the "old days" Apple used to ship things like remote controls in the box, AppleCare was affordable/convenient to use and what you got in your laptop was high-end even in comparison to "regular" laptops (although I've always been an Intel GPU chipset lover when it come to laptops myself).
I'm typing this on a 2012 MBP (with far lower specs than your 2013, still has a heavy DVD drive, came with a small SATA SSD etc) which has had broken keys for the past year and I badly need a new one. I live in hope that somehow Apple produce a physical machine I can't resist (I would like at least 3 USB-C ports AND a decent keyboard with a physical escape key!) but I guess an endgame is coming where they keep their current keyboard (touchbar and shallowness), remove the headphone jack, switch away from Intel CPUs and up the price (I can't afford to spend even £3K on a laptop). If it comes to that I'm unsure what I'll do... call it a day and buy a Chromebook?
The changes range from configuring things off for hardware that will never exist on that platform, forcing certain options to speed up things like boot times, additional new drivers that aren't (yet) upstream (in one case the driver added was actually rejected by the mainline kernel maintainers and was pulled out of the Ubuntu tree later), backports of tweaks that were made in later kernels that help that platform etc.
One downside is that this makes a bit more likely that people running on cloud platforms could see different problems to "bare metal" setups (and vice versa) thus splintering the test effort a bit and increasing Canonical's maintenance burden. Also porting a VM with optimized kernel means you have to remember to switch kernel package (but if you know what you're doing then injecting packages into an offline VM is easy). I guess the benefits outweigh the costs...
This isn't the first time that Canonical have produced a custom kernel for a cloud provider platform. Earlier in the year they came out with a custom Ubuntu kernel for the same for AWS so it sounds like strategy they're pursuing in general. Other than the reduced size I'd hope these improvements end up in the mainline kernel in the end (perhaps these changes already have and these are just backports?)...
Pieces of JavaScript infrastructure (such as npm) push their ecosystem towards Github so there's an inherent bias there (plus do believe that Vim script/VimL really is more popular than Perl for projects as your GitHut link suggests via Active Repos). Also just because a language is troublesome doesn't mean it can't be popular too. In all honesty I'd guess both what you've presented and what stackoverflow have presented are about as inaccurate as each other. Python's popular, JavaScript is popular, some people like them, some people hate them, some are indifferent.
The thing everyone jumped on WoSign for was doing a customer a favour. Some significant Australian customer wasn't ready for SHA1 certificates being phased out and asked if WoSign could help them out. WoSign issued back-dated SHA1 certificates for the customer.
Yep - and I'm pretty sure we know who that customer was. There are still major institutions still using SHA1 certs internally - and if they get moved to newer ones by the end of the year then I'd be shocked. The reality is, this stinks of a scapegoat - the industry in question would face *MASSIVE* disruption for the everyday Australian because of the relatively quick move to higher level certs. A lot of these are still contained within embedded devices that cannot upgrade so easily.
Instead, let's execute the CA for political reasons. Don't pretend its anything else.
but their setup also violated a number of other best practices and security measures too (such as unpatched servers). However I'll note that on the political front folks were unhappy that the Startcom acquisition wasn't made public earlier. Outside that though there are a lot of different technical complaints.
CA's have been dropped in the past for non-political problems (see DigiNotar) so I don't think it's fair to attribute WoSign's woes to purely political motivations as you alleged.
It's a bit more elaborate because if you need a visa (citizens of some countries can get visa waivers) at application time you MIGHT be asked to give up all this extra information if they deem it necessary. It's not clear that every visa application will force the applicant to cough up all this information right away or only if you trigger some extra checks required tripwire (e.g. "name contains non-even number of letters, full information required"). Also note this presumably happens once per visa so if your visa lasts a year and you were pressured into having to do this you'll have done it once for that year even though you may fly many times...
It's hard to know for sure because the account that posted the parent comment seems to be new and it's unclear who the commenter is in real life but this seems to be a well written complaint about the outcome of WebAssembly. I did a quick search and it doesn't immediately look like a copy/paste of critique from elsewhere so it seems a shame to see this slip below the waves. Sadly, I suspect few will see it because this story has passed the "breaking news" point...
It sounds like Lars (owner/creator) is burned out by the ordeal but a handoff of GMANE might be possible. No matter what, I hope Lars is rewarded for all the effort he put into GMANE - it's a fantastic tool.
Does "works well" include handling group calls (or whatever Skype calls them)?
Yes but not in the Web version - currently only the Linux desktop version (with caveats). See https://support.skype.com/en/f... (Calling and call troubleshooting):
Does this fix the incoming group call issue I have on Skype for Linux today? Yes, the problem with receiving incoming group calls is fixed in Skype for Linux Alpha. Make sure the people you're calling or receiving calls from are using the latest version of Skype.
I thought this was already called mutation testing in Computer Science. At least in that you create variants of the original program with subtle changes so you can see which mutants are "killed" (aka detected) by your test cases. The more mutants you kill the better the test suite. It seems strange the paper doesn't reference that research at all...
The BSD Now show "ZFS in the trenches" talks about how different developers have different opinions on whether you must use ECC RAM with ZFS but all recommended ECC if possible (so that part is not in debate). Around the 56:30 mark of the episode, Josh Paetzel of FreeNAS explains that if the ZFS spacemaps were corrupted due to memory errors you could be in a worse situation compared to less sophisticated filesystems that have an fsck. This is because with a corrupt spacemap ZFS would refuse to let you access any data whereas the fsck would "just" (irreversibly) decopule or delete chunks of data in an attempt to allow access to the rest. It's not a great situation - inaccessible data versus data loss and/or corruption but it is a difference.
This was the site where someone debunked the "Windows just copied its TCP/IP stack from the BSDs" and now that source is gone thanks to a robots.txt wiping out the archive: https://web.archive.org/web/*/... .
Sounds like this won't be resolved until Apple releases its next Xcode update (or Command Line Tools for Xcode if you aren't using the IDE). Looking at previous release dates it seems that Apple releases new versions every three months and the previous version was released 21st of March 2016.
Debian is definitely a popular root but I'd dispute I'd argue that it isn't Fedora that's a major root, rather it's Red Hat/RHEL. Even then, there are large numbers of popular distros not derived from those sources. From the GNU/Linux Distribution Timeline:
Slackware has spawned lots of distros (including SUSE)
Enoch spawned the Gentoo line of distros (and Gentoo is the current base of ChromeOS).
The Arch family started independently
The on-the-rise Alpine Linux was independently started
So by lineage alone I'd argue there are more than two major categories.
..so there's still the possibility to add a webcam that has a microphone using that (or hook up the keyboard/mouse with that and use a USB webcam) but you're going to need to power. Perhaps for such a setup a Chromebox would be better?
My experience of these changes is that you'll be forced to click through a warning in your browser even if you installed the certificate (or the root CA signing the certificate). The Microsoft page about no longer trusting SHA1 certs is confusing in this respect because it includes information about signing Windows binaries but it does say
Windows [...] will no longer trust any code that is signed with a SHA-1 code signing certificate and that contains a timestamp value greater than January 1, 2016
I think it could be possible for Chromebooks to be successful without having a significant home market share. If business with all their software online start finding them acceptable the fact they don't run all possible software locally could be seen as advantage (corporates are in a position to make things like Chrome's remote desktoping work). I could see Chromebooks working well for telesales or even places like libraries which are typical homes for existing thin clients...
You're absolutely right - it only lets you tell whether the pool has been initialised and GRND_NONBLOCK on tells you how much/dev/random could return if it were blocking and nothing about the total amount of entropy gathered.
Doesn't it let you essentially let you find out if you've had (since this boot?) up to 256 bits of entropy? You can ask it whether it has had an amount so long as it's less than 256 bits and you can force it to return failure if you ask for an amount it hasn't yet reached. It's not as generic as what you're asking ("tell me how much you've ever had") but it does still sound close to what you're asking for (albeit in a limited 256 bit form).
Slashdot Mirror
That's a VERY good desktop - whoever specced it out was very thoughtful :-) Re Surface Book 2: ah, I've only seen one of those so far but it did look well designed. I always thought Windows 7 was OK and I'd say Windows 10 tipped things over to good (I know people hate the telemetry but that's not a personal worry for me). I'm impressed by WSL (I know it's slow for filesystem I/O and there's no official graphical support but again those aren't worries for me) and I know someone who was happy running it. In fact the whole better terminal/OpenSSH available from MS add/investigation into using clang/move to Chromium etc. just proves MS can execute. Busted sleep doesn't sound very Microsofty (I could understand that more with broken third party drivers but yours is essentially a first party laptop) but in these days of "rolling" OSes I guess speed bumps are to be expected. Oh and I also found Hyper-V was good so long as your guest OS had enlightened drivers (Windows/Linux/FreeBSD?)...
I also I admit that Apple will get "tablet money" out of me - I found the iPad to be top notch (again mine is old and dates from 2013 so could do with replacement) but I'm waiting for the "regular" ones to get USB-C. Their phones are less interesting to me 'cos normally I'm a cheapskate and the household seems to be keen on Android (stock only). I'm not so keen that phone physical dimensions keep getting bigger (curious given what happened to laptops) but that's the trend...
I think your "except two things" are nearly impossible for MS to fix though... Are you saying you would be happy with another key combo sending SIGINT in a terminal (for example) or you would only be happy with an Apple-key style situation across the OS? Or are you saying that when the time comes it's going to be a lump situation? :-)
I'm genuinely curious, what are you going switch to TR? Did "work" give you a desktop?
I know people who were MBP owners who went to a Windows Lenovo X1 (which had 16GB RAM, had a 512GB NVMe SSD, i7 of some description and cost less than £2K) in defiance of the new MBP keyboards. They're very happy with their choice and talk plenty about how Mac laptops now aren't what they were in the late 2000s/early 2010s - in the "old days" Apple used to ship things like remote controls in the box, AppleCare was affordable/convenient to use and what you got in your laptop was high-end even in comparison to "regular" laptops (although I've always been an Intel GPU chipset lover when it come to laptops myself).
I'm typing this on a 2012 MBP (with far lower specs than your 2013, still has a heavy DVD drive, came with a small SATA SSD etc) which has had broken keys for the past year and I badly need a new one. I live in hope that somehow Apple produce a physical machine I can't resist (I would like at least 3 USB-C ports AND a decent keyboard with a physical escape key!) but I guess an endgame is coming where they keep their current keyboard (touchbar and shallowness), remove the headphone jack, switch away from Intel CPUs and up the price (I can't afford to spend even £3K on a laptop). If it comes to that I'm unsure what I'll do... call it a day and buy a Chromebook?
You can actually see the lists of changes in the Ubuntu kernel git repos:
The changes range from configuring things off for hardware that will never exist on that platform, forcing certain options to speed up things like boot times, additional new drivers that aren't (yet) upstream (in one case the driver added was actually rejected by the mainline kernel maintainers and was pulled out of the Ubuntu tree later), backports of tweaks that were made in later kernels that help that platform etc.
One downside is that this makes a bit more likely that people running on cloud platforms could see different problems to "bare metal" setups (and vice versa) thus splintering the test effort a bit and increasing Canonical's maintenance burden. Also porting a VM with optimized kernel means you have to remember to switch kernel package (but if you know what you're doing then injecting packages into an offline VM is easy). I guess the benefits outweigh the costs...
This isn't the first time that Canonical have produced a custom kernel for a cloud provider platform. Earlier in the year they came out with a custom Ubuntu kernel for the same for AWS so it sounds like strategy they're pursuing in general. Other than the reduced size I'd hope these improvements end up in the mainline kernel in the end (perhaps these changes already have and these are just backports?)...
Pieces of JavaScript infrastructure (such as npm) push their ecosystem towards Github so there's an inherent bias there (plus do believe that Vim script/VimL really is more popular than Perl for projects as your GitHut link suggests via Active Repos). Also just because a language is troublesome doesn't mean it can't be popular too. In all honesty I'd guess both what you've presented and what stackoverflow have presented are about as inaccurate as each other. Python's popular, JavaScript is popular, some people like them, some people hate them, some are indifferent.
The thing everyone jumped on WoSign for was doing a customer a favour. Some significant Australian customer wasn't ready for SHA1 certificates being phased out and asked if WoSign could help them out. WoSign issued back-dated SHA1 certificates for the customer.
Yep - and I'm pretty sure we know who that customer was. There are still major institutions still using SHA1 certs internally - and if they get moved to newer ones by the end of the year then I'd be shocked. The reality is, this stinks of a scapegoat - the industry in question would face *MASSIVE* disruption for the everyday Australian because of the relatively quick move to higher level certs. A lot of these are still contained within embedded devices that cannot upgrade so easily.
Instead, let's execute the CA for political reasons. Don't pretend its anything else.
Looking through the list on Mozilla's list of WoSign Issues it looks like WoSign not just issued
but their setup also violated a number of other best practices and security measures too (such as unpatched servers). However I'll note that on the political front folks were unhappy that the Startcom acquisition wasn't made public earlier. Outside that though there are a lot of different technical complaints.
CA's have been dropped in the past for non-political problems (see DigiNotar) so I don't think it's fair to attribute WoSign's woes to purely political motivations as you alleged.
It's a bit more elaborate because if you need a visa (citizens of some countries can get visa waivers) at application time you MIGHT be asked to give up all this extra information if they deem it necessary. It's not clear that every visa application will force the applicant to cough up all this information right away or only if you trigger some extra checks required tripwire (e.g. "name contains non-even number of letters, full information required"). Also note this presumably happens once per visa so if your visa lasts a year and you were pressured into having to do this you'll have done it once for that year even though you may fly many times...
It's hard to know for sure because the account that posted the parent comment seems to be new and it's unclear who the commenter is in real life but this seems to be a well written complaint about the outcome of WebAssembly. I did a quick search and it doesn't immediately look like a copy/paste of critique from elsewhere so it seems a shame to see this slip below the waves. Sadly, I suspect few will see it because this story has passed the "breaking news" point...
Here's a blog post from Dan Luu on the topic of "Why's that company so big? I could do that in a weekend". Turns out there's a lot to do in a lot of places...
It sounds like Lars (owner/creator) is burned out by the ordeal but a handoff of GMANE might be possible. No matter what, I hope Lars is rewarded for all the effort he put into GMANE - it's a fantastic tool.
Does "works well" include handling group calls (or whatever Skype calls them)?
Yes but not in the Web version - currently only the Linux desktop version (with caveats). See https://support.skype.com/en/f... (Calling and call troubleshooting):
Does this fix the incoming group call issue I have on Skype for Linux today?
Yes, the problem with receiving incoming group calls is fixed in Skype for Linux Alpha. Make sure the people you're calling or receiving calls from are using the latest version of Skype.
I thought this was already called mutation testing in Computer Science. At least in that you create variants of the original program with subtle changes so you can see which mutants are "killed" (aka detected) by your test cases. The more mutants you kill the better the test suite. It seems strange the paper doesn't reference that research at all...
The BSD Now show "ZFS in the trenches" talks about how different developers have different opinions on whether you must use ECC RAM with ZFS but all recommended ECC if possible (so that part is not in debate). Around the 56:30 mark of the episode, Josh Paetzel of FreeNAS explains that if the ZFS spacemaps were corrupted due to memory errors you could be in a worse situation compared to less sophisticated filesystems that have an fsck. This is because with a corrupt spacemap ZFS would refuse to let you access any data whereas the fsck would "just" (irreversibly) decopule or delete chunks of data in an attempt to allow access to the rest. It's not a great situation - inaccessible data versus data loss and/or corruption but it is a difference.
This was the site where someone debunked the "Windows just copied its TCP/IP stack from the BSDs" and now that source is gone thanks to a robots.txt wiping out the archive: https://web.archive.org/web/*/... .
Sounds like this won't be resolved until Apple releases its next Xcode update (or Command Line Tools for Xcode if you aren't using the IDE). Looking at previous release dates it seems that Apple releases new versions every three months and the previous version was released 21st of March 2016.
So by lineage alone I'd argue there are more than two major categories.
..so there's still the possibility to add a webcam that has a microphone using that (or hook up the keyboard/mouse with that and use a USB webcam) but you're going to need to power. Perhaps for such a setup a Chromebox would be better?
My experience of these changes is that you'll be forced to click through a warning in your browser even if you installed the certificate (or the root CA signing the certificate). The Microsoft page about no longer trusting SHA1 certs is confusing in this respect because it includes information about signing Windows binaries but it does say
Windows [...] will no longer trust any code that is signed with a SHA-1 code signing certificate and that contains a timestamp value greater than January 1, 2016
That document also says it only applies to certs that are in the Microsoft Root Certificate Program so ones you've manually installed might not be affected.
This is slightly different to the Mozilla's SHA-1 deprecation information:
After January 1, 2017, we plan to show the “Untrusted Connection” error whenever a SHA-1 certificate is encountered in Firefox.
Perhaps this isn't the override you were thinking of but it doesn't sound like a total block.
The Red Hat Bugzilla link you want is Audit events in /var/log/messages.
(dnf-makecache.timer is basically a "systemd-style" cron job for periodically updating your DNF cache)
I think it could be possible for Chromebooks to be successful without having a significant home market share. If business with all their software online start finding them acceptable the fact they don't run all possible software locally could be seen as advantage (corporates are in a position to make things like Chrome's remote desktoping work). I could see Chromebooks working well for telesales or even places like libraries which are typical homes for existing thin clients...
I've just spent the past few minutes trying to (re)find this story. Is it the KeyKOS recovery speed story from 1990?
The Chrony comparison page compares ntpd, Chrony and OpenNTPd. Another yet to be finished alternative is ntimed (which seems to currently be around 6000 LoC). On some Linux's if you don't care about accuracy or trying to weed out false time you can always use an client such as systemd-timedated.
The Linux Foundation has already given funding to a few open source projects it considers "core" (which includes the original NTP project) and has been trying to assess which other core products are most at risk. From looking at the members page, at least two of the companies you mentioned (Google, Facebook) are part of the Linux Foundation so the giving back has at least started...
You're absolutely right - it only lets you tell whether the pool has been initialised and GRND_NONBLOCK on tells you how much /dev/random could return if it were blocking and nothing about the total amount of entropy gathered.
Doesn't it let you essentially let you find out if you've had (since this boot?) up to 256 bits of entropy? You can ask it whether it has had an amount so long as it's less than 256 bits and you can force it to return failure if you ask for an amount it hasn't yet reached. It's not as generic as what you're asking ("tell me how much you've ever had") but it does still sound close to what you're asking for (albeit in a limited 256 bit form).