- cjk2 parentI think you missed the point. I'm not ready for any large change. No one is. What I have done is get myself into a position where I can do what I want to do before there is a change and hold out as long as possible. It's a dampening effect, a parachute. I'll be in the same shit as everyone else, just later.
- I have a lot of experience, in the real world, which is somewhat less ideal than "just use Qt - it's a breeze".
How do you manage a 15 million LOC desktop app originating from the late 90s which contains chunks of win32 native, ATL, MFC, custom GDI+ wrappers all sorts?
Aye you fuck off and work somewhere else that's what you do. Which is why it's still written in win32 native, ATL, MFC, custom GDI+ wrappers.
They paid two companies to come in and rewrite it, first in Qt which was a complete failure. Then in Electron etc, which was also a failure.
- Yeah. I want IP67 and have to replace my battery every 2 years.
I don’t mind taking it to Apple for that. It’s less often than my car went back to the dealer for service. And my dealer wouldn’t give me a new car if they fuck up my old one in the process (Apple did this when they broke mine during a battery swap).
- Well I’ve pretty much pulled it out of everything and bought a house (no mortgage yay) but I rode NVidia, BAE Systems with a safe position held on an actively managed ETF.
I’ve got a huge pension lined up so I’m going to go on holiday a lot basically. I get a lump sum early payment of that soon so I can invest that somewhere more productive.
- The barista doesn’t want homeless people in the toilet because inevitably crack paraphernalia goes in there too.
Better to have shit on the street than crack paraphernalia in your business toilet.
As a data point, yesterday I was walking watching two guys smoking crack outside Costa in Covent Garden, London.
Alas it works to the lowest common denominator. A better solution would be government investment in mental health and housing but most of the world works on “fuck you I’ve got mine”
- Two reasons they went quiet:
1. At some point it generated something that cost the business money. Happened to us. Direct root-cause analysis lead to ChatGPT generated code not being aware of the correct way to handle a transaction. First this took out stuff due to leaving transactions open. Then after that was fixed by someone who didn't know what they were doing, it turned out that the scope of the transaction was wrong which caused invisible data loss when a rollback occurred.
2. The free trial ended and no one wanted to pay for it.
- > Better is subjective. It's maybe more capable. It's also easier to create confusing DACL structures that do not do what you think they do or leave surprising gaps in coverage.
There is nothing confusing about it at all. The problem tends to be poor understanding and poor default configuration in all these things. I mean the same can be said for the average linux user, who ambles on in and 777's everything.
We added network cards to everything at the same time networks finished moving from being isolated to being permanently globally interconnected. Machines that had a multi user capability (that didn't cost thousands) fared this transition better than those that did not.
I've run windows terminal services for about 20 years on and off. They did fine. Hell half our clients are still running citrix and terminal services.
It wouldn't matter if it's ~ or not. The software runs as you and so can access anything anywhere you have rights to. Which is why chroot, namespaces and pledge all exist, and windows really does not have equally secure equivalents to these technologies. To the extent it does, commercially available software does not seem to take any advantage of it.
Windows has full virtualization at service and process level if you want to have it. Device guard/credential guard and app-v for example. I agree with your last point that commercial software doesn't take any advantage of it, but neither does firefox which will quite happily shit on your ~/.profile...
Hey I rather like the idea of taking screenshots and dredging them for info. It'll immediately stop MSPs writing all their clients' passwords in a .txt file on their desktop (I've seen this several times)...
- > Sure it is. Features like Recall, which the article mentions, are insecure by design.
I'm going to be honest: I'm not bothered about Recall security. It'd be on a single user machine which contains my data anyway. There are many more tasty morsels out there if a keylogger gets on it. Like the contents of my Keepass DB or my online banking PIN, neither of which Recall would be party to but anything that runs as my user shouldn't be able to see. Plus I'd probably turn it off anyway. I mean I do appreciate people kicking them in the balls which is due.
I'm not sure how this is any more secure than "Unix side". But in any case the security holes in Windows are not problems with its filesystem (at least not now that FAT is no longer used).
As for ACLs, check NT kernel architecture, particularly object security descriptors. Particularly Windows 2000 onwards. Quite elegantly put together, but with layers of crap over them.
>Which in a properly configured Unix system is your user and root, and that's it. So don't run things you don't trust as your user or root. Which should be obvious common sense to anyone who uses a computer.
So I'll have to create another user account to run a web browser, my mail client, a software package manager or a compiler?
- Even as a well known "windows hater", this is hyperbole. It's not insecure by design really. In fact in principle it's a lot better than anything Unix side due to the ACL and security model. It did however exist before anyone gave a crap about security, was implemented in a vastly insecure language and runtime and grew to a huge size and surface area and that is hard to fix retrospectively.
I'll give Linux a stab here: half the stuff I can run can write to my ~/.profile if it wants to. Anything which can read ~ is a problem because there's where all my important shit is...
- Hey you're me 15 years ago. I stopped the sports and switched to sustained low damage exercise like cycling, hiking, swimming etc. While you can't undo the damage done if you have a very high level of fitness, you can reduce the effects of the further progression of time. Better be as fit as a 50 year old with some damage when you're 70 than as fit as a 70 year old with some damage.
End game is not pretty. My ex wife didn't do any fitness stuff at all and she's walking with a stick while I'm doing 30km hikes at 3000m...
- Not research, but I spent 5 years writing matching algorithms for data for financial companies which was entered from random crappy mainframes driven by the lowest bidding data entry workers. This tied together the financial relationships of millions of people. The dumber it was the measurably more accurate it was. Hell even some of it used soundex scoring and a naive z-test to work out the confidence that two names were matching.