Watching RPG's gettting rebranded MMO's in the 90's to stick drm server lock into them and charge a subscription was annoying,
On the paper, RPG and MMO try to cater to different taste. - RPG are still single player (think Witcher 3) - whereas MMO are the multiplayer online cousin thereof.
There is a difference, it's not simply rebranding. But for the rest (using this as an excuse to lock the players into subscription-based cash-milking scheme) I fully agree.
Nothing technically should prevent you from running your own server and having your own run with your group of friends instead of needing to rent out some "shard" in some publisher's data centre.
But except for Minecraft, very few modern-day popular game actually offer this option. And even if you try to run some 3rd party re-implementation of the server (as some players did with Ragnarok Online), there's a high chance that the publisher will try to C&D you into oblivion and force you to pay for their servers (see Blizzard)
the fact that the public fell all over themselves to pay money for software they didn't own or control incentivized the entire industry to code games in a way that the public never controls the game. Watching Team fortress 2 going from paid product to f2p microtransaction ridden game was pretty much the death knell for game ownership. Now that even fucking starcraft 2 is in on it.
Sad place where PC gaming and software ownership (aka windows 10 as a service we definitely are in an idiocracy) ended up due to the masses getting internet.
The things covered by this patent have been done for years by makers enthusiasts and has spun since then an entire cottage industry (with shops like Adafruits catering to the specific needs such as microcontroller small and light enough to be sewed in).
So:
- Apple hasn't managed to hinder the development of cloths with micro-controller sewed in.
- How the hell did Apple get a patent granted on this ? This has been publicly discussed in forums for ages. Unless they have filed a submarine patent a decade ago...
- Great, hordes of Apple Fanboy swooning at some "iShirt(tm)", exactly what the world lacked.
have nothing to do with the packaging format, but are a feature of the filesystem. Snapper, by Suse, does exactly that as lonf as a filesystem with snapshot is provided. (Zypper can ask snapper to mamakmake before/after snapshot during upgrade, and grub can even boot into older snapshots )
* no dependency hell
as long as a package format can store dependencies, any will do. it's problems whose solutions depend on packagers (storing that a piece of software depends on "libcurl.so.4(64bits)" instead of "curl-lib") and on a good dependencies solver (suse's libsolv is popular among several distro exactly for this reason)
* allows apps with different dependency versions to coexist {...} * for example powershell (yes, I do use it to interact with windows systems) depends on libcurl3, and conflicts with curl which uses libcurl4. So if I install powershell, curl gets uninstalled via apt. Snaps allow me to have both
this is an apt bug and packager's failure.
one if provided by file libcurl.so.3, the other by file libcurl.so.4 which can be provided by 2 different package named accordingly. (libcurl4 and libcurl3) and should co-exist.
* sandboxed execution environment. Snaps only have read/write access to a small portion of your disk. IF the app does something nasty, your entire system is not compromised. Think of this as the access rights that mobile apps request from you when you install them (camera access, storage access, etc)
and that's something that should be provided by the security layer (eg.: app armor) and\or containers (e.g.: lxc, docker), systemd has had the ability to start services in read only services auto magically for ages, no need a new packaging format that pulls a giant katamari of libraries.
so, in my opinion, snaps don't bring much new, and have big issues.
However, AMD and ARM processors are vulnerable to Spectre.
ARM: Not all ARM processors do speculative execution. Some cheaper/simpler/lower power/lower cost CPUs do execute things normally (in order, no speculative, etc.) And that's precisely the case of the Cortex-A53 used TFA's server board. No speculative execution, no way to spectre them. There's no way to exploit them if the exploited functionality doesn't exist. (BTW: that used to also be the case on some older Intel Atoms and Xeon Phi)
AMD: Spectre V1 i.e. "speculative execution working as it is supposed to work" (aka.: the behaviour that was already known to exist and was criticized from day 1 of the invention of speculative execution, but was dismissed back then because "what could you possibly learn by loading things into the cache ?". Cue in cache access timing a few decades later and suddenly it seems a bit more nefarious) is the only one that has been successfully demonstrated on AMD CPU. And even that one is still an application reading its own memory to which that it already has access to begin with. Nothing freaking and scary, just go learn to keep 3rd party executed code and critically important data separated (e.g.: don't run your password management plug-in in the same web browser process as the JavaScript in tabs that runs any shit you pull from the internet), because you're just one bug away from disaster, be it Spectre or not.
Most of the freaky ones (Meltdown) aren't affecting, because AMD engineers don't have a tendency to throw all security through the window just to scrape a few cycles in some benchmark. Others (like Spectre v2) haven't been successfully demonstrated in practice: AMD CPU *do* indirect branch prediction, but have much more complex predictors which are difficult to use reliably and any way the CPU speculates a lot less ahead so there isn't that much you can do here, the later being also true for the couple of other variants that also exist on recent AMDs.
TL;DR: there are orders of magnitude of difference between how Intel CPU are affected by Spectre and every body else in the CPU market.
1. qemu-user-mode is a thing and has been for probably the past decade (And specialized software like DOSBOX has had a great time on ARM gaming devices)
2. Why the hell do you need x86 virtualization on an ARM server for the cloud ?!?
It used to be something important back when most businesses ran Windows servers in-house, running proprietary binary x86 Win32 applications.
Nowadays the cloud is mostly Linux, and is running mostly interpreted languages (like Python, Javascript, etc.)
Linux is opensource, you can compile the user land on any architecture that pleases you (e.g.: look for ArmBian, RaspBian, and other such ARM-specialized Debian derivatives, etc.), and then subsequently Node.js and Python3 will happily execute whatever code you throw at them, no matter if they run on a different Arch than the dev's laptop on which they were written. If your business use software that you write in an actual compiled-language, you can cross compile or compile on a ARM machine before deployment as part of your devops.
and besides, this is norway. don't people ski and snowshoe to work 9 months out of the year?
You mean global warming has gotten that worse that now the time of the year when people are snowed in and can't even leave their homes has shrunken to 3 months only ?
Plus that âoefruitâ has a different OS and is generally more secure...
How can you assert this? Did you read the source code? (Either yourself, or - if you don't feel competent enoug - had independent experts review it ?)
Currently, the fruit's reputation is entirely based on speculations and deductions and current absence/lower amount of publicly reported security issue. Guesses can be wrong, reports might be silenced.
Google isn't better yet: Yes, the base android system itself is actually open-source (see AOSP), but most of the juicy bits live in the "optional" Google Play Services ("optional" meaning that it's required by a horrifyingly large proportion of popular apps, so even if your smartphone can boot android without it, tons of applications will refuse to start) and that service is closed source and heavily controlled and licensed under stringent terms by Google. You can inspect AOSP's source all you want, that won't prevent Google from raping your privacy as much they want from the closed services. Though, at least, there are efforts to re-write an open-source alternative to these services.
Currently there aren't that many good alternatives either:
At least Jolla (ex engineers of the Nokia Maemo/Meego team) have written Sailfish, whose base (mer project) is opensource and the interface is mostly written in QML, so even it some bits aren't technically "opensource" from the licensing point of view, at least it passes the "source code readable" part. (They promised to eventually re-lisence and opensource those bits, but they aren't there yet). Also, currently no *open-source* Android compatibility layer (and that one is NOT going to get relicensed), so it makes a very small limited choice of available apps.
Also worth mentionning is Purism who are working on their Librem 5 smartphone, supposedly 100% completely opensource (even open source drivers, no blobs) and a hardware switch controlling a separate cell modem (no modem-functions-as-northbridge craziness as in most Qualcomm chipsets). But, well, we aren't there yet (still delays in getting the target FressScale iMX8 chipset working), and of course most of mainstream will complain that the chip is very outdated and under powered compared to other phone. They might work some opensource AndBox-based compatibility layer, so together with AOSP (and optionnally microG) there might be possibilities to get some opensource auditable stack working there.
Fir? Nothing is Coming up when I search for âoefir bad usbâ
...writes the guy who also uses a smartphone to type/. posts too. You know "âoefir" and "usbâ" search keywords won't bring much neither~~
(Not even auto-correct will help against for/fir mistypes, being a perfectly valid english word, even a current season relevant one. If you find a "Bad USB" under your Christmas fir tree, you know Santa hates you).
BTW: beside "Bad USB" another relevant keyword to search for is "Rubber ducky"
the malicious version is the otherway around: a USB Stick shaped device that suddenly exposes a USB HID device while you're away and uses this simulated keyboard to start hacking your computer. (look fir "Bad USB", there are even tutorials explaining how to make one out of a Raspberry Pi Zero).
- if the new version of chrome OS blocks *all* USB peripheral, like the summary implies: you try to wake up your chromeOS powered mini PC/smart appliance/etc. but you can't unlock past the password prompt, because the keyboard is dead (battery of wireless empty, keyboard is physically fried, water dammage because spilled beer, etc). you try plugging another USB keyboard, but it's blocked. You can't type your password, you need to hard reset, all your unsaved data is lost (including the one inside the full linux container you installed atop of ChromeOS)
- if chromeOS only blocks USB mass storage, like the Apple Mac OS X mentioned above: you've found/received/etc. a nice USB stick. you plug it into your chromeOS netbook: storage shows up. you're happy with new acquisition and fetch a beer to celebrate. while you away, the screen locks......except that this isn't a garden variety plain normal usb mass storage. it's a "Bad USB" (the controller isn't a simple flashtranslation controller, bud a complex CPU running a nefarious software): while you're away, the micro-controller inside the stick detects the absence of activity, and suddenly exposes a new USB HID device. because that one is a HID and not the forbidden mass storage type, chromeOS happily adds what it thinks looks like a keyboard (even while locked), but is infact the nefarious software in the stick. the Bad USB stick starts to autonomously hack your laptop.
- if the laptop/miniPC/etc. 's port is badly isolated : you've found/recieved as a present/stole/etc. some nice USB stick. you plug it in.... except this one is a USB Killer (a batch of high voltage capacitors hidden in the shell of a USB Drive) your laptop is fried. its cheap Chinese knock off lithium battery catches fire. your house get burned.
good routers, in the real world:
- any random router with half-decent hardware (decent CPU, sufficient RAM) *as long as you kick out whatever horrible joke for a firmware was provided by the manufacturer and install OpenWRT instead* (e.g.: a slightly higher range device form cheap no-name Asian manufacturers like TP-Link is actually okay, once paired with OpenWRT, you don't need an ultra fancy one that cladvertises support for on-router torrent client and command center of cryptocoin mining ASICs) - a couple of companies that actually still give a damn about router quality and haven't completely forgotten the meaning of the word"update" (examples such as Fritz by the German AVM comes to mind, you can even look at Freetz if you want some extra opensource pieces of software) - forget about whatever crap with beautiful but horribly limited interface you service provided for free (unless you're in one of these European country where the ISP's router *is* a Fritz)
good router, according the recommendations that are inevitably going to pop up in such "for the gamers" infovertisement: - the crap from whoever happened to pay the most sponsor money (expect to see a decent amount of multicoloured useless LEDs paired with horrendous firmware that sucks all your private data and that also just plain sucks)
However, with a clear mandate on time frame and direction, it's possible this will be 'solved' by 'the market'. I'm just not sure what the cost of that solution would be.
By using a network of locally generated power.
Currently, the "flat EU consumption" is produced centrally by a couple of nuclear reactor, a couple of big hydro electric dam, or a giant park of wind turbine, etc. (depending on the European country considered) and routed from this central production to the couple of villages or city which depend on this power plant, with the only routing being between such large area.
The point to counteract such increased electrical needs is to cover every single roof with solar panels (or put a windmill next to each house, etc.) and add the capability to route power from house to house based on needs. That going to dramatically increase power output, but progressively and spread over a long period instead of need a giant multi-billion project to quickly add a new nuclear plant to double power.
So, what's an example of a "nail"? (That can't be hammered in by a traditional database, that is.)
It's for the few corner cases when you don't want the drawback of a database :
- it's *a* databaase (singular) and all actors have to trust this one single database. Also that database represent a single point of failure.
Usually the answer against single point of failure is to do replication.
Blockchain when you squint at it is replication taken to the extreme, where every single node on the network have their own copy of the database, forming a distributed trust instead of the classical central authority.
And as everbody has a local copy of the distributed ledger, everyone can audit (check) it.
other than exchanging things without government oversight (i.e. crime).
Technically imprecise. - Not everything your government considers a crime is necessarily one in my government (e.g.: sex, drugs, probably even rock'n'roll if you look at some specific governments in backwards countries) Though even in the US some places tolerate sex and drugs - Not oversight, but *control*. Because there is no central Blockchain Ltd. company at whose door to knock, there is no way to exert any control nor enforce any prohibition. On the other hand government can exert surveillance : the ledger is public (the whole distributed trust mechanism relies on it) and government are typically the class of entities with enough ressource to data-mine this database and make sense out of it. Bitcoin, by design is the opposite of anonymous. It's merely pseudonymous because transactions are identified by your cryptographic keys, instead of your passport number/social security number/whatever...
Beyond "passing virtual objects around without a central authority" (how Bitcoin is relying on blockchain to make it possible for to people to exchange BTC without there being a need for a "Bitcoin Inc Bank" to exist), blockchain could also be used for smart contracts, etc. again without needed for a central authority to exist. (There could be technical ways to implement something like AirBnb or UBER entirely on blockchain tech). The problem, that means also that central company do not need to exist, only software. Thus no profit to be made, and no commercial success. (There could not be a "block chain airbnb" company making money out of blockchain. At best only a collaboratively developed piece of opensource software on some git repository... which if you look at it is the situations of bitcoin : the core technology is opensource software developed in the open, not a single central software seller)
On a limited-access highway, "coming to a stop" is usually WORSE than "staying in the lane & maintaining a normal cruising speed".
TL;DR: In places where you're supposed to keep safety distance (e.g.: Germany, Switzerland, etc.) nothing wrong would happen.
---
Depends on the place. Some jurisdictions (including northern/central european) require drivers to always keep enough distance to be able to stop without rear-ending. (And most Adaptive Cruise Controls (ACC) are programmed to do so).
Even on the highway, the car in front of yours might be slowing down and stop to avoid an upcoming traffic jam that you missed, avoid a road accident, avoid a wild animal stranded on the road, etc. So an autonomous car slowing progressively down is most likely to simply cause the car behind it to also slow down (be it by the driver, or autonomously by the ACC), bonus point if the autonomous car blinks its warning lights (strongly recommended in some places, whenever you have to stop on the highway - e.g.: due to traffic jam - to be sure to attract attention of drivers behind an avoid rear-ending).
Most European highways I'm driving on do monitor their traffic very closely. If the CCTV shows a vehicle blinking light and slowing down, the watch will notice it, fire up alerts on the large digital announcement pannels and on radio/satnavs (over FM/RDS TA), and dispatch a patrol car.
No need for any autopilot. The adaptive cruise control / city safety already deployed in lots of vehicles nowaday will, when engaged and in the absence of input from the driver, slow down and halt the car.
Whether the default stoping distance is acceptable for the "certain distance away" required by the north american law is a different matter. Though it is set-able, most of the time it is not per-vahicle dependent. Your car will stop at the same distance of whatever it detects, be it a truck, a bus, a car, a bicycle or a pedestrian. (But if law requires you to stop at a different further away back distance specifically for school buses, then ACC doesn't cut it, you'll need some object recognition (similar to TFS' Teslka neural net) to detect school busses and change the stop distance.)
This autonomous strop can be overridden by user input. In case of false positive, put your feet gently on the gas pedal and this will prevent the car from slowing down. The car might still ring an alarm if it still thinks you're on a collision course with some large object, but the autonomous emergency braking will be inhibited as long as your foot is still maintaining the gas pedal. Conversely even if only gently press the brake pedal while the collision alarm is ringing, this will encourage the car to autonomously start its emergency braking to avoid rear-ending the vehicle in front.
When license plates were introduced, there were no automatic license plate scanners. Now there are, so things are different.
Automatic plate number scanners aren't a requirement for surveillance, they only "lazy-fy" the work which would have historically needed to be done by actual human police officer doing the spotting and - later when that appeared - the CCTV footage reviewing.
Which also means that any criminal worth their salt has already a parade: counterfeit license plate (preferrabily, multiple of them, to swap them) in order to muddy their track.
Which also means that by automating the license plate reading :
- they slightly increase the possibility of automatically observing a "clash" (multiple vehicle popping up with the same number in different part of the country/continent, numbers that don't match the vehicle they are supposed to be registered to, and some number not being seen after some video check-point and another different number popping up on the exact same type of vehicle at the next point). Things which were already posiible, but much more work intensive.
- they dramatically increase the risk of tracking random people on the street and destroy their privacy (a computer database has way much more way to leak than a human reviewer), mostly those who don't exchange their plates (i.e. most of the non-criminal people). But yeah, nowadays "innocent until proven guilty" is only a vague notion.
If it effected 80% of the population, it would be a normal septum and the people without issues would have the deviated septum.
In this context, it's the original word meaning. It's not meant as in "their nasal septum is different from normal population", it simply means "their nasal septum isn't straight but is curved". It's indeed extremely frequent in the population. But whether it impacts health is an entire different problem.
A non straight wall in your nose doesn't automatically causes apnea, it merely increases the risk. There are no 80% of over population with apnea.
Also, there are the goddamn phones with their computer functions. I would like a wired controller and a wired keyboard to go with them.
which is supported by all systems running on the Linux kernel, be it Android (just plug a powered USB HUB with your keyboard and mouse into the OTG port of any smartphone/tablet - as long as it has the corresponding port, you get keyboard support and a mouse pointer) or the full blown GNU/Linux alternatives (I'm using keyboards on Jolla Sailfish OS).
it already works, try it (keyboards, be it USB or Bluetooth are extremely useful for chatting) some constructors even specifically target this use (Samsung's DEX is basicslly a dock with ready to use HMDI and USB-A ports for exactly that, coupled with software to run containers of your favorite distro - say Ubuntu - snd blow that on the monitor)
the only limitation is that not all Android *games* have special code to handle controllers (though sometime they support keyboards), so you'll need some middleware to remap input events into taps (or keypresses).
So by the same logic, a compiled executable of GPL code isn't covered by the GPL anymore ? See because a compiler is also translating, merely to machine code.
craptastic OSes, that always keep status icons on the top are the reason. Such status bars eats the first top couple of lines with something that you seldom need. (see Palm/HP's webOS for something that can even eat more screen estate).
Logical answer that any sane dev would do : let's make the status not constantly display (e.g.: Jolla's Sailfish OS, all native apps are 100% full screen, but you can still use the "peek" gesture to have a quick look at status, on the occasion you actually need it).
Apple's counter intuitive crappy solution : lets extend the display a bit around the speaker and selfie cam, thus we could still display status icon, while apps can get what would have been previous gen's full screen. Enter the notch with its own ton of crappy problems. (like weird unusual screen shape, devs trying to extend their apps into the notch and hack around it's weird shape, problem fitting all icons within the tiny notch when you have activated simultaneously every single last function, etc.)
The "extend" part is what is technically impossible to achieve.
This strategy has been successful in the past in killing competitor, by having microsoft releasing a proprorietary variation with their own incompatible microsoftian twists inside. (Think Microsoft's flavor of Java).
This is what enabled to flow into the "extinguish" part (Microsoft manages to become the "default go-to" provider for that either because "nobody got fired for buying Microsoft" (as a variation of the previous generation's IBM memes) or because they did package it for free with one of their offerings (mostly the OS). Then everybody, because they use that, get used to rely on Micosoft's specific incompatible implementation. Then the thing either don't work elsewhere in competitor's product, or the microsoft implementation is so craptastic that everybody decides to drop the technology anyway).
In the specific case of Linux distros "extend" is impossible due to how GPL family licenses work (and their the one covergin most of the component in a distro). Nearly all attempt at "extend"ing will end up with Microsoft needing to open their code and thus unable to keep the proprietary part of these extensions.
(And also further down the line, the extinguish phase is going to be extremely hard too, as pointed by others in this thread the targetted userbase by WSL is insanely tiny, so the quantity of users for whom it becomes the "default go-to" is insignificant. Also it's nearly impossible to bankrupt something that is free)
If you're a professional developer, and you prefer Windows, you're not a professional developer.
I would think about two categories :
- Game dev, either targeting Windows or XBox as main platforms, and not giving much fucks about server-side code, or about cross platform ports (with these handled by other devs in the crew, and thus definitely the kind that will need to run some linux tests once every blue moon and thus target for wsl)
- Legacy dev, stuck maintaining horrendous in-house custom apps that where designed before web apps were all the rage (I suspect that one day, the various VB, VB.Net etc will go the way of COBOL, skills that nobody with a sane mind would like to use but that are still in demand for business legacy reasons).
But that's not the kind of devs I'm having in my field of work.
Slashdot Mirror
Watching RPG's gettting rebranded MMO's in the 90's to stick drm server lock into them and charge a subscription was annoying,
On the paper, RPG and MMO try to cater to different taste.
- RPG are still single player (think Witcher 3)
- whereas MMO are the multiplayer online cousin thereof.
There is a difference, it's not simply rebranding.
But for the rest (using this as an excuse to lock the players into subscription-based cash-milking scheme) I fully agree.
Nothing technically should prevent you from running your own server and having your own run with your group of friends instead of needing to rent out some "shard" in some publisher's data centre.
But except for Minecraft, very few modern-day popular game actually offer this option.
And even if you try to run some 3rd party re-implementation of the server (as some players did with Ragnarok Online), there's a high chance that the publisher will try to C&D you into oblivion and force you to pay for their servers (see Blizzard)
the fact that the public fell all over themselves to pay money for software they didn't own or control incentivized the entire industry to code games in a way that the public never controls the game. Watching Team fortress 2 going from paid product to f2p microtransaction ridden game was pretty much the death knell for game ownership. Now that even fucking starcraft 2 is in on it.
Sad place where PC gaming and software ownership (aka windows 10 as a service we definitely are in an idiocracy) ended up due to the masses getting internet.
T
The things covered by this patent have been done for years by makers enthusiasts and has spun since then an entire cottage industry (with shops like Adafruits catering to the specific needs such as microcontroller small and light enough to be sewed in).
So:
- Apple hasn't managed to hinder the development of cloths with micro-controller sewed in.
- How the hell did Apple get a patent granted on this ? This has been publicly discussed in forums for ages. Unless they have filed a submarine patent a decade ago...
- Great, hordes of Apple Fanboy swooning at some "iShirt(tm)", exactly what the world lacked.
* Atomic upgrades
* zero risk rollback
have nothing to do with the packaging format, but are a feature of the filesystem. /after snapshot during upgrade, and grub can even boot into older snapshots )
Snapper, by Suse, does exactly that as lonf as a filesystem with snapshot is provided.
(Zypper can ask snapper to mamakmake before
* no dependency hell
as long as a package format can store dependencies, any will do.
it's problems whose solutions depend on packagers (storing that a piece of software depends on "libcurl.so.4(64bits)" instead of "curl-lib") and on a good dependencies solver
(suse's libsolv is popular among several distro exactly for this reason)
* allows apps with different dependency versions to coexist {...} * for example powershell (yes, I do use it to interact with windows systems) depends on libcurl3, and conflicts with curl which uses libcurl4. So if I install powershell, curl gets uninstalled via apt. Snaps allow me to have both
this is an apt bug and packager's failure.
one if provided by file libcurl.so.3, the other by file libcurl.so.4 which can be provided by 2 different package named accordingly. (libcurl4 and libcurl3) and should co-exist.
* sandboxed execution environment. Snaps only have read/write access to a small portion of your disk. IF the app does something nasty, your entire system is not compromised. Think of this as the access rights that mobile apps request from you when you install them (camera access, storage access, etc)
and that's something that should be provided by the security layer (eg.: app armor) and\or containers (e.g.: lxc, docker), systemd has had the ability to start services in read only services auto magically for ages, no need a new packaging format that pulls a giant katamari of libraries.
so, in my opinion, snaps don't bring much new, and have big issues.
...and maybe the British empire should integrate its rebel colonies (such as the USA).
However, AMD and ARM processors are vulnerable to Spectre.
ARM:
Not all ARM processors do speculative execution. Some cheaper/simpler/lower power/lower cost CPUs do execute things normally (in order, no speculative, etc.)
And that's precisely the case of the Cortex-A53 used TFA's server board. No speculative execution, no way to spectre them.
There's no way to exploit them if the exploited functionality doesn't exist.
(BTW: that used to also be the case on some older Intel Atoms and Xeon Phi)
AMD:
Spectre V1 i.e. "speculative execution working as it is supposed to work" (aka.: the behaviour that was already known to exist and was criticized from day 1 of the invention of speculative execution, but was dismissed back then because "what could you possibly learn by loading things into the cache ?". Cue in cache access timing a few decades later and suddenly it seems a bit more nefarious) is the only one that has been successfully demonstrated on AMD CPU.
And even that one is still an application reading its own memory to which that it already has access to begin with. Nothing freaking and scary, just go learn to keep 3rd party executed code and critically important data separated (e.g.: don't run your password management plug-in in the same web browser process as the JavaScript in tabs that runs any shit you pull from the internet), because you're just one bug away from disaster, be it Spectre or not.
Most of the freaky ones (Meltdown) aren't affecting, because AMD engineers don't have a tendency to throw all security through the window just to scrape a few cycles in some benchmark.
Others (like Spectre v2) haven't been successfully demonstrated in practice: AMD CPU *do* indirect branch prediction, but have much more complex predictors which are difficult to use reliably and any way the CPU speculates a lot less ahead so there isn't that much you can do here, the later being also true for the couple of other variants that also exist on recent AMDs.
TL;DR: there are orders of magnitude of difference between how Intel CPU are affected by Spectre and every body else in the CPU market.
How well is x86 virtualization on ARM these days?
1. qemu-user-mode is a thing and has been for probably the past decade
(And specialized software like DOSBOX has had a great time on ARM gaming devices)
2. Why the hell do you need x86 virtualization on an ARM server for the cloud ?!?
It used to be something important back when most businesses ran Windows servers in-house, running proprietary binary x86 Win32 applications.
Nowadays the cloud is mostly Linux, and is running mostly interpreted languages (like Python, Javascript, etc.)
Linux is opensource, you can compile the user land on any architecture that pleases you (e.g.: look for ArmBian, RaspBian, and other such ARM-specialized Debian derivatives, etc.), and then subsequently Node.js and Python3 will happily execute whatever code you throw at them, no matter if they run on a different Arch than the dev's laptop on which they were written.
If your business use software that you write in an actual compiled-language, you can cross compile or compile on a ARM machine before deployment as part of your devops.
and besides, this is norway. don't people ski and snowshoe to work 9 months out of the year?
You mean global warming has gotten that worse that now the time of the year when people are snowed in and can't even leave their homes has shrunken to 3 months only ?
Plus that âoefruitâ has a different OS and is generally more secure...
How can you assert this? Did you read the source code? (Either yourself, or - if you don't feel competent enoug - had independent experts review it ?)
Currently, the fruit's reputation is entirely based on speculations and deductions and current absence/lower amount of publicly reported security issue.
Guesses can be wrong, reports might be silenced.
Google isn't better yet:
Yes, the base android system itself is actually open-source (see AOSP), but most of the juicy bits live in the "optional" Google Play Services ("optional" meaning that it's required by a horrifyingly large proportion of popular apps, so even if your smartphone can boot android without it, tons of applications will refuse to start) and that service is closed source and heavily controlled and licensed under stringent terms by Google.
You can inspect AOSP's source all you want, that won't prevent Google from raping your privacy as much they want from the closed services.
Though, at least, there are efforts to re-write an open-source alternative to these services.
Currently there aren't that many good alternatives either:
At least Jolla (ex engineers of the Nokia Maemo/Meego team) have written Sailfish, whose base (mer project) is opensource and the interface is mostly written in QML, so even it some bits aren't technically "opensource" from the licensing point of view, at least it passes the "source code readable" part.
(They promised to eventually re-lisence and opensource those bits, but they aren't there yet).
Also, currently no *open-source* Android compatibility layer (and that one is NOT going to get relicensed), so it makes a very small limited choice of available apps.
Also worth mentionning is Purism who are working on their Librem 5 smartphone, supposedly 100% completely opensource (even open source drivers, no blobs) and a hardware switch controlling a separate cell modem (no modem-functions-as-northbridge craziness as in most Qualcomm chipsets).
But, well, we aren't there yet (still delays in getting the target FressScale iMX8 chipset working), and of course most of mainstream will complain that the chip is very outdated and under powered compared to other phone.
They might work some opensource AndBox-based compatibility layer, so together with AOSP (and optionnally microG) there might be possibilities to get some opensource auditable stack working there.
Fir? Nothing is Coming up when I search for âoefir bad usbâ
...writes the guy who also uses a smartphone to type /. posts too.
You know "âoefir" and "usbâ" search keywords won't bring much neither~~
(Not even auto-correct will help against for/fir mistypes, being a perfectly valid english word, even a current season relevant one. If you find a "Bad USB" under your Christmas fir tree, you know Santa hates you).
BTW: beside "Bad USB" another relevant keyword to search for is "Rubber ducky"
this one is the benign version.
the malicious version is the otherway around:
a USB Stick shaped device that suddenly exposes a USB HID device while you're away and uses this simulated keyboard to start hacking your computer.
(look fir "Bad USB", there are even tutorials explaining how to make one out of a Raspberry Pi Zero).
Three bad scenario.
- if the new version of chrome OS blocks *all* USB peripheral, like the summary implies:
you try to wake up your chromeOS powered mini PC/smart appliance/etc. but you can't unlock past the password prompt, because the keyboard is dead (battery of wireless empty, keyboard is physically fried, water dammage because spilled beer, etc).
you try plugging another USB keyboard, but it's blocked. You can't type your password, you need to hard reset, all your unsaved data is lost (including the one inside the full linux container you installed atop of ChromeOS)
- if chromeOS only blocks USB mass storage, like the Apple Mac OS X mentioned above: ...except that this isn't a garden variety plain normal usb mass storage. it's a "Bad USB" (the controller isn't a simple flashtranslation controller, bud a complex CPU running a nefarious software):
you've found/received/etc. a nice USB stick. you plug it into your chromeOS netbook: storage shows up. you're happy with new acquisition and fetch a beer to celebrate. while you away, the screen locks...
while you're away, the micro-controller inside the stick detects the absence of activity, and suddenly exposes a new USB HID device. because that one is a HID and not the forbidden mass storage type, chromeOS happily adds what it thinks looks like a keyboard (even while locked), but is infact the nefarious software in the stick. the Bad USB stick starts to autonomously hack your laptop.
- if the laptop/miniPC/etc. 's port is badly isolated :
you've found/recieved as a present/stole/etc. some nice USB stick.
you plug it in....
except this one is a USB Killer (a batch of high voltage capacitors hidden in the shell of a USB Drive)
your laptop is fried.
its cheap Chinese knock off lithium battery catches fire.
your house get burned.
good routers, in the real world:
- any random router with half-decent hardware (decent CPU, sufficient RAM) *as long as you kick out whatever horrible joke for a firmware was provided by the manufacturer and install OpenWRT instead* (e.g.: a slightly higher range device form cheap no-name Asian manufacturers like TP-Link is actually okay, once paired with OpenWRT, you don't need an ultra fancy one that cladvertises support for on-router torrent client and command center of cryptocoin mining ASICs)
- a couple of companies that actually still give a damn about router quality and haven't completely forgotten the meaning of the word"update" (examples such as Fritz by the German AVM comes to mind, you can even look at Freetz if you want some extra opensource pieces of software)
- forget about whatever crap with beautiful but horribly limited interface you service provided for free (unless you're in one of these European country where the ISP's router *is* a Fritz)
good router, according the recommendations that are inevitably going to pop up in such "for the gamers" infovertisement:
- the crap from whoever happened to pay the most sponsor money (expect to see a decent amount of multicoloured useless LEDs paired with horrendous firmware that sucks all your private data and that also just plain sucks)
However, with a clear mandate on time frame and direction, it's possible this will be 'solved' by 'the market'. I'm just not sure what the cost of that solution would be.
By using a network of locally generated power.
Currently, the "flat EU consumption" is produced centrally by a couple of nuclear reactor, a couple of big hydro electric dam, or a giant park of wind turbine, etc. (depending on the European country considered) and routed from this central production to the couple of villages or city which depend on this power plant, with the only routing being between such large area.
The point to counteract such increased electrical needs is to cover every single roof with solar panels (or put a windmill next to each house, etc.) and add the capability to route power from house to house based on needs.
That going to dramatically increase power output, but progressively and spread over a long period instead of need a giant multi-billion project to quickly add a new nuclear plant to double power.
I have however seen literally dozens of gasoline powered cars burning by the side of the road
Let me guess: you're currently demonstrating while wearing a gilet jaune ?
over the last half century however with my own eyes
Ah okay, my bad.
----
Yes, I know. Obviously trolling.
I make it a point to only ask them about problems at their work when they are both standing next to each other. Hillarity ensues.
And before next time you'll ask them such a question, they'll train to be able to say "it's not rocket surgery!" in perfect unison.
So, what's an example of a "nail"? (That can't be hammered in by a traditional database, that is.)
It's for the few corner cases when you don't want the drawback of a database :
- it's *a* databaase (singular) and all actors have to trust this one single database. Also that database represent a single point of failure.
Usually the answer against single point of failure is to do replication.
Blockchain when you squint at it is replication taken to the extreme, where every single node on the network have their own copy of the database, forming a distributed trust instead of the classical central authority.
And as everbody has a local copy of the distributed ledger, everyone can audit (check) it.
other than exchanging things without government oversight (i.e. crime).
Technically imprecise.
- Not everything your government considers a crime is necessarily one in my government (e.g.: sex, drugs, probably even rock'n'roll if you look at some specific governments in backwards countries)
Though even in the US some places tolerate sex and drugs
- Not oversight, but *control*. Because there is no central Blockchain Ltd. company at whose door to knock, there is no way to exert any control nor enforce any prohibition. On the other hand government can exert surveillance : the ledger is public (the whole distributed trust mechanism relies on it) and government are typically the class of entities with enough ressource to data-mine this database and make sense out of it.
Bitcoin, by design is the opposite of anonymous. It's merely pseudonymous because transactions are identified by your cryptographic keys, instead of your passport number/social security number/whatever...
Beyond "passing virtual objects around without a central authority" (how Bitcoin is relying on blockchain to make it possible for to people to exchange BTC without there being a need for a "Bitcoin Inc Bank" to exist), blockchain could also be used for smart contracts, etc. again without needed for a central authority to exist.
(There could be technical ways to implement something like AirBnb or UBER entirely on blockchain tech).
The problem, that means also that central company do not need to exist, only software. Thus no profit to be made, and no commercial success.
(There could not be a "block chain airbnb" company making money out of blockchain. At best only a collaboratively developed piece of opensource software on some git repository... which if you look at it is the situations of bitcoin : the core technology is opensource software developed in the open, not a single central software seller)
On a limited-access highway, "coming to a stop" is usually WORSE than "staying in the lane & maintaining a normal cruising speed".
TL;DR: In places where you're supposed to keep safety distance (e.g.: Germany, Switzerland, etc.) nothing wrong would happen.
---
Depends on the place.
Some jurisdictions (including northern/central european) require drivers to always keep enough distance to be able to stop without rear-ending.
(And most Adaptive Cruise Controls (ACC) are programmed to do so).
Even on the highway, the car in front of yours might be slowing down and stop to avoid an upcoming traffic jam that you missed, avoid a road accident, avoid a wild animal stranded on the road, etc.
So an autonomous car slowing progressively down is most likely to simply cause the car behind it to also slow down (be it by the driver, or autonomously by the ACC), bonus point if the autonomous car blinks its warning lights (strongly recommended in some places, whenever you have to stop on the highway - e.g.: due to traffic jam - to be sure to attract attention of drivers behind an avoid rear-ending).
Most European highways I'm driving on do monitor their traffic very closely. If the CCTV shows a vehicle blinking light and slowing down, the watch will notice it, fire up alerts on the large digital announcement pannels and on radio/satnavs (over FM/RDS TA), and dispatch a patrol car.
No need for any autopilot. The adaptive cruise control / city safety already deployed in lots of vehicles nowaday will, when engaged and in the absence of input from the driver, slow down and halt the car.
Whether the default stoping distance is acceptable for the "certain distance away" required by the north american law is a different matter.
Though it is set-able, most of the time it is not per-vahicle dependent. Your car will stop at the same distance of whatever it detects, be it a truck, a bus, a car, a bicycle or a pedestrian. (But if law requires you to stop at a different further away back distance specifically for school buses, then ACC doesn't cut it, you'll need some object recognition (similar to TFS' Teslka neural net) to detect school busses and change the stop distance.)
This autonomous strop can be overridden by user input. In case of false positive, put your feet gently on the gas pedal and this will prevent the car from slowing down.
The car might still ring an alarm if it still thinks you're on a collision course with some large object, but the autonomous emergency braking will be inhibited as long as your foot is still maintaining the gas pedal.
Conversely even if only gently press the brake pedal while the collision alarm is ringing, this will encourage the car to autonomously start its emergency braking to avoid rear-ending the vehicle in front.
When license plates were introduced, there were no automatic license plate scanners. Now there are, so things are different.
Automatic plate number scanners aren't a requirement for surveillance, they only "lazy-fy" the work which would have historically needed to be done by actual human police officer doing the spotting and - later when that appeared - the CCTV footage reviewing.
Which also means that any criminal worth their salt has already a parade: counterfeit license plate (preferrabily, multiple of them, to swap them) in order to muddy their track.
Which also means that by automating the license plate reading :
- they slightly increase the possibility of automatically observing a "clash" (multiple vehicle popping up with the same number in different part of the country/continent, numbers that don't match the vehicle they are supposed to be registered to, and some number not being seen after some video check-point and another different number popping up on the exact same type of vehicle at the next point). Things which were already posiible, but much more work intensive.
- they dramatically increase the risk of tracking random people on the street and destroy their privacy (a computer database has way much more way to leak than a human reviewer), mostly those who don't exchange their plates (i.e. most of the non-criminal people). But yeah, nowadays "innocent until proven guilty" is only a vague notion.
If it effected 80% of the population, it would be a normal septum and the people without issues would have the deviated septum.
In this context, it's the original word meaning. It's not meant as in "their nasal septum is different from normal population", it simply means "their nasal septum isn't straight but is curved".
It's indeed extremely frequent in the population.
But whether it impacts health is an entire different problem.
A non straight wall in your nose doesn't automatically causes apnea, it merely increases the risk.
There are no 80% of over population with apnea.
Also, there are the goddamn phones with their computer functions. I would like a wired controller and a wired keyboard to go with them.
which is supported by all systems running on the Linux kernel, be it Android (just plug a powered USB HUB with your keyboard and mouse into the OTG port of any smartphone/tablet - as long as it has the corresponding port, you get keyboard support and a mouse pointer) or the full blown GNU/Linux alternatives (I'm using keyboards on Jolla Sailfish OS).
it already works, try it (keyboards, be it USB or Bluetooth are extremely useful for chatting)
some constructors even specifically target this use (Samsung's DEX is basicslly a dock with ready to use HMDI and USB-A ports for exactly that, coupled with software to run containers of your favorite distro - say Ubuntu - snd blow that on the monitor)
the only limitation is that not all Android *games* have special code to handle controllers (though sometime they support keyboards), so you'll need some middleware to remap input events into taps (or keypresses).
So by the same logic, a compiled executable of GPL code isn't covered by the GPL anymore ?
See because a compiler is also translating, merely to machine code.
craptastic OSes, that always keep status icons on the top are the reason.
Such status bars eats the first top couple of lines with something that you seldom need. (see Palm/HP's webOS for something that can even eat more screen estate).
Logical answer that any sane dev would do : let's make the status not constantly display (e.g.: Jolla's Sailfish OS, all native apps are 100% full screen, but you can still use the "peek" gesture to have a quick look at status, on the occasion you actually need it).
Apple's counter intuitive crappy solution : lets extend the display a bit around the speaker and selfie cam, thus we could still display status icon, while apps can get what would have been previous gen's full screen. Enter the notch with its own ton of crappy problems. (like weird unusual screen shape, devs trying to extend their apps into the notch and hack around it's weird shape, problem fitting all icons within the tiny notch when you have activated simultaneously every single last function, etc.)
The "extend" part is what is technically impossible to achieve.
This strategy has been successful in the past in killing competitor, by having microsoft releasing a proprorietary variation with their own incompatible microsoftian twists inside. (Think Microsoft's flavor of Java).
This is what enabled to flow into the "extinguish" part (Microsoft manages to become the "default go-to" provider for that either because "nobody got fired for buying Microsoft" (as a variation of the previous generation's IBM memes) or because they did package it for free with one of their offerings (mostly the OS). Then everybody, because they use that, get used to rely on Micosoft's specific incompatible implementation. Then the thing either don't work elsewhere in competitor's product, or the microsoft implementation is so craptastic that everybody decides to drop the technology anyway).
In the specific case of Linux distros "extend" is impossible due to how GPL family licenses work (and their the one covergin most of the component in a distro). Nearly all attempt at "extend"ing will end up with Microsoft needing to open their code and thus unable to keep the proprietary part of these extensions.
(And also further down the line, the extinguish phase is going to be extremely hard too, as pointed by others in this thread the targetted userbase by WSL is insanely tiny, so the quantity of users for whom it becomes the "default go-to" is insignificant. Also it's nearly impossible to bankrupt something that is free)
If you're a professional developer, and you prefer Windows, you're not a professional developer.
I would think about two categories :
- Game dev, either targeting Windows or XBox as main platforms, and not giving much fucks about server-side code, or about cross platform ports (with these handled by other devs in the crew, and thus definitely the kind that will need to run some linux tests once every blue moon and thus target for wsl)
- Legacy dev, stuck maintaining horrendous in-house custom apps that where designed before web apps were all the rage (I suspect that one day, the various VB, VB.Net etc will go the way of COBOL, skills that nobody with a sane mind would like to use but that are still in demand for business legacy reasons).
But that's not the kind of devs I'm having in my field of work.