Details
-
Skills[ java, ruby, python, bash, linux ]
-
LocationPoland
-
Github
Joined devRant on 9/5/2016
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
While per site access pricing is rather improbable (but not impossible!) at the moment, there are other scenarios that can affect users and companies. To name a few:
- Improved network speed for isp own services while competitors use the slower lane.
- Forcing other companies to pay for the faster lanes or face degraded user experience. Less severe variant of this is already live in form of services that don't count against your monthly cap (mostly mobile data).
- Heavily throttling of content that is deemed 'bad' by the isp.
- Forcing users to use less secure options by degrading encrypted connection performance.
If there is only a single ISP in your area switching providers might be hard. And the amount of cash required to start up a new isp is often prohibitive. -
@Michelle Yup. Unfortunately it is hard to clean up platic wear ;) I have polished quite a few keyboards myself and I can tell you that the rule is simple - the more you type the faster it happens. Some keyboards are more resistant but the low/mid laptop keyboards aren't particularly good in this regard.
-
@Michelle Those smooth spots aren't oil patches. They are just a manifestation of a simple wear and tear. The friction of your fingers rubbed the texture from the keys/touchpad making it smoother. This effect is even more prominent on painted keys as the paint layer is usualy weaker than the plastic base. If you use your keyboard a lot it will happen sooner or later. Fortunately, the only effect is the reduced aestethic value. You can think of it as a Secret Mark of the Programmers Brotherhood - when you see it, you know that you've me a real computer user ;)
-
As I've already said, the decision apple made might have been the best one but only from the technical point of view.
People are upset because when they complained that their iphones started to lag, apple responded with something like 'we don't cripple our older devices'. Basically, users felt that something was amiss but the company replied that they didn't do anything. Then someone proved that apple was in fact responsible for the lag.
If they had honestly explained the situation (forced throttling or unexpected crashes) and offered other solutions (replace battery) most people wouldn't complain. But they did not, trying to pass half-truths (at best) instead. That is the problem, not the forced throttling by itself.
Adding an option to turn the forced throttling on/off (that is giving choice) would be also nice but that is a different story. -
@FrodoSwaggins In my first point I was only referring to throttling caused by overheating as it has the biggest impact on performance (plus it was mentioned in earlier comments). It is a well known fact that throttling will happen when the temperature rises too high. You can even check the specific ranges by checking product documentation (for example Intel [1]).
I do agree that power management is much more complicated and a lot happens behind the scenes (yes acpi, I'm looking at you). However, user can usually choose a 'power setting' that he or she desires - be it gaming mode, eco mode or whatever mode. Can he control all aspects of power management? Nope. But at least he *knows* that there are different options and that he can choose to prioritize different aspects based on his needs.
[1] https://intel.com/content/www/... -
@FrodoSwaggins Most reasonably recent CPUs can operate at various clock rates and get throttled down when they overheat. That is a public knowledge. If you look inside system logs you can check when, why and what clock rate was set.
LiPoly batteries degrade with time and usage. That is also a public knowledge. If you look inside acpi reports you can check current capacity, current voltage, temp, etc.
What Apple did was not a public knowledge. It might have been a reasonable technical choice but it was not communicated clearly. We just heard rumors ('iphones get slower with each os release!') and the official version was 'we don't deliberately cripple our older devices'. Simple 'your battery health is failing, please replace it' (windows does that) would be enough. But you don't become the most profitable company by offering cheap and simple solutions. And now they finnaly got cought red-handed. -
Oh, the joys of using open source software and being able to fork it :)
Fun fact - I had a simillar issue (just a different protocol, stack, etc.) and I've also ended up forking the library. Maybe you can send the patches upstream? -
@Wack You should probably explain how did you fix that. It would be a shame if someone with the same problem reached devrant through google and assumed that users here don't post solutions once they find it ;)
-
Good luck! :)
-
I rarely use other shoppers but I do have a few ideas on how to improve them... It's such a shame that human beings are so resistant to improvement :(
-
They need a manual to replace toilet paper rolls? :)
-
@nickj I wonder how did she know... Did you rant about it? ;) Anyway a really nice idea and great execution.
Also happyBirthday! -
@kgbemployee According to the labels they contain updates with amended enactments and laws. Pretty boring stuff. Unless you are interested in polish politics after the democratic transition, that is ;)
-
Congrats and good luck :)
-
@nahson Who knows what lies hidden behind all those layers...
-
@nahson 24.10: tor becomes self aware and starts calling itself 'god' (starting with modification of all T9 dictionaries) ;)
-
@Linux Thanks for running it/contributing in other way :)
-
@Linux Do you run a relay or contibute to tor project? This shirt looks like the contributors t-shirt [1] :)
[1] https://torproject.org/getinvolved/... -
@nickj Yup, looks like a Yellow Swallowtail ( https://en.m.wikipedia.org/wiki/... ).
-
Good luck :)
...also don't forget to throw away that cigarette when you are done with it. Fur catches fire easily and having no whiskers doesn't look good during interview ;) -
@linuxxx I believe you misunderstood me. I was only trying to clarify @shb743 idea. From purely technical point of view it might work. However (from architectural point of view), I believe that we are getting too close to what TLS offers while loosing many of its advantages for little gain.
-
@shb743 Reusable TLS connections are supported on most systems and they work just fine. Using or not using them is a simple matter of technical decision.
Keep in mind that you are computing hash first and only then encrypting/signing it. With pure encryption you are often using hardware backed algorithm that encrypts chunks of data (as it is being sent) and not the whole file at once.
That solution (minus signed hashes) already exists - you can often choose if you connect through http or https ;) However, as we have already pointed out, making SSL/TLS optional actually weakens its benefits.
@linuxxx The hash should be signed/encrypted using private key. So we are somewhat coming full circle and introducing key exchange/central key authority into equation ;) -
@shb743 If the content wasn't encrypted it would be enough to sign the hash.
When working with SSL/TLS you don't really need that many handshakes as you can reuse connection. Your solution for dynamic pages (generate segment, hash, sign/encrypt hash) might be actually slower than SSL/TLS as it requires more operations per segment. Even if SSL/TLS would be slightly slower, it still has many more features that are worth the additional time. -
@shb743 I'm afraid that it wouldn't. The handshake/key exchange is still there plus you still have to generate hashes for the whole content. IIRC the handshake is the slowest part of the ssl/tls connection while encryption is rather fast (and often hardware accelerated).
When working with dynamic pages you'd probably have to start splitting them into smaller chunks for hashing or make the user wait till server generates and hashes the whole page (read as: make them stare at a white screen for a few seconds, which is bad). -
It's UK layout (with inverted L-shaped enter key) that is also used in some European contries. In US layout we have rectangular enter and '| \' key is placed above the enter key.
UK: https://en.m.wikipedia.org/wiki/...
US: https://en.m.wikipedia.org/wiki/... -
@bittersweet Because if they sold ubuntu preinstalled they would have to support it. Some companies do it and make a selling point out of it but for others it is easier to install freedos and attach a note that some hardware parts are not supported due to os limitations (my Acer did that IIRC).
-
@Froot Using SSL is important but it's not enough. By signing I mean package signatures - that is a digital signature that confirms that specific package was prepared/built by its author/build server. Many linux distros use GPG to sign their packages. Even if package download location is compromised, your system should not be affected as it will simply refuse to use modified package. By no means must I trust any single package manager site (there may even be no site) - I must only trust the package author and build system that built the package. We can even go further and discuss the need of reproducible builds - this way you can check if the prebuilt package was really created from the source you can see.
As I've said - npm has its uses but I wouldn't call its use 'simple' in large projects. If you can sacrifice some security and stability (left-pad I'm looking at you ;D) for simplicity then be it. -
@Froot Nope, you use package manager to manage packages ;) Source of those packages can vary - they can be downloaded from the internet, from local mirror, provided directly as files, etc. Larger projects often employ build environments that are severely restricted and granting outbound internet access is not an option.
Depending on a single company providing free service? OK for a personal project, not so much for an enterprise. Company can be bought out by a competitor, go bankrupt, decide that some module is against their TOS, etc.
What I meant by 'compile and run' was downloading an arbitrary tarball from an internet location, compiling and then running it. While I'm OK with downloading brebuilt packages from a secure location, running something downloaded from location that is beyond my and my service provider (npm) control is a potential security risk.
Compiling my sources is responsibility of my build system, which may or may not include package manager. (...) -
@Froot npm (and its packaging model in general) has quite a few issues:
* it can download, compile and run any source/binary with user permissions
* by default it requires internet access to run
* no package signing
* run by private for profit company
* a few other minor issues that were already mentioned here (ie. hdd space usage)
While it is usable and some of its deficiencies can be hotfixed by the user, I'd say that it is better suited for smaller deployments than for a large, secure systems. For those bigger projects, it can be a pain to hotfix all of its problems. -
@stop That is WiFi card (you can see two wires comnecting it to WiFi antenna).
@nik123 It looks like a SSD sitting in M.2 connector. IIRC it doesn't have to use NVMe but it is a possible option.