Forgot your password?
typodupeerror

Comment: Re:Idiots and their "BSP"s (Score 1) 141

by nyet (#47660763) Attached to: Study: Firmware Plagued By Poor Encryption and Backdoors

Absolutely. The situation is not sustainable.

Even worse, because every SOC is a haphazard pile of random and arbitrarily buggy peripherals, there is no deterministic way (at run time) to enumerate all of the peripherals, and thus which various driver variants (and even worse, binary blobs) are required to make them work.

So by definition, none of this can EVER go into the mainline. Every kernel fork is its own disconnected universe, dedicated to a single snapshot of a single SOC and its particular collection of peripherals.

But if you try to explain this to a PHB (or, say TI), you'll get nothing but blank stares. There is nobody home.

Comment: Idiots and their "BSP"s (Score 2) 141

by nyet (#47659679) Attached to: Study: Firmware Plagued By Poor Encryption and Backdoors

The reason embedded device kernels never get updated is because the source code for them is on some SOC vendor's way out there fork of some ancient kernel that nobody with a clue actively develops for anymore.

And the vendor (say, TI) had hired a bunch of clueless interns to write the "BSP"s (old acronym from the binary blob obsessed asshats at vxworks et al) for their SOCs and the cluster of shoddily designed peripherals crowbarred into the SOC.

And those interns wrote code so toxic and broken that no sane kernel developer would ever have accept any of their garbage into any mainline kernel tree.

So there are all these embedded devices out there with kernels from the 90s, and it would take time (and expertise) that none of the vendors have (including the SOC suppliers, like TI) to merge the changes into something even remotely contemporary.

All of this because the requirements for these embedded projects (dictated by clueless PHBs) is only "linux support" not "mainline kernel support", so SOC vendors (like TI) just don't have the incentive to develop SOC peripheral driver code suitable for mainline inclusion.

Comment: Re:Linux, a miracle (Score 4, Insightful) 739

by nyet (#47545441) Attached to: Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"

Because if you aren't incompetent, you won't get yelled at.

Unlike a corporate structure, where you don't get yelled if you play the game right.

If you are incompetent, please don't develop linux kernel code. Go work for a corporation.You'll find you're a better fit, and if you play your cards right, you won't get yelled at no matter how bad you are at your job.

Comment: Re:So SSL is nothing more than an honor system? (Score 1) 107

by nyet (#47425337) Attached to: India's National Informatics Centre Forged Google SSL Certificates

It's a shame that browsers have such freakouts over self signed certs, because there is really little difference between them and officially signed certs

Exactly. Especially since you can get a "real" cert from one of many, many, free cert signing services. What is the point?

Comment: Re:Tech isn't there yet (Score 1) 765

by nyet (#46995237) Attached to: A Look at Smart Gun Technology

I'm not Arker, and his analysis hides all kinds of issues, especially considering not every gun out there is a .22lr pistol.

Bottom line, Armatix doesn't want you carrying their firearms for self defense for a reason. Somehow I don't think cops would take kindly to you telling them they have to replace all of their carry weapons with .22lr

Comment: Re:Tech isn't there yet (Score 1) 765

by nyet (#46991629) Attached to: A Look at Smart Gun Technology

What about people killed with their own firearms, or stolen firearms? Sure there are a few hundred. Should their lives simply be disregarded?

Yes. If they are outliers, and the numbers of lives saved dwarfs the statistical relevance of your outliers.

"If we can save just one life" is not a good basis for sound public policy making when it disregards broader consequences.

You have a tendency to feel you are superior to most computers.

Working...