I got a class action settlement postcard today — a payroll company got hacked, my SSN was “exposed,” and now I’m entitled to maybe $30, a year or two from now.
After the lawyers take their $866,000 cut from the $2.6 million fund.
The postcard may have cost more to send than my claim is worth. Counting my time filling it out, for sure.
This system is not free. Lots of expensive people’s time goes into it. And it doesn’t protect anybody from actual security risk – quite the contrary. Congress should ban this insanity.
SSNs and birthdays were never secret – there are lots of laws that require us to give them out on request. They’re on every W-2, every 1099, every insurance form, every medical form.
The entire financial system treats knowledge of a static, lifetime-assigned, widely known number and date as proof of identity, and every time it predictably fails, we get more lawsuits, settlements, and $30 checks.
The GAO estimates that identity fraud costs the federal government alone $233 to $521 billion per year. The COVID unemployment fraud ($100+ billion stolen, mostly through identity compromise) should have been the most recent wake-up call.
This is astroundingly stupid. It costs average Americans money every year. Yet nobody seems to care. There is no serious effort in Congress to fix it, or lobby groups pushing for that.
Unix has been around for well over 50 years. The software industry was young at its birth in 1969. Surely some newer, better OS paradigm would come along.
It hasn’t. All modern general-purpose OSes are wannabe Unixes. There have been plenty of new paradigms but none have caught on. There doesn’t seem to be anything better as judged by the market – just Unix with various polishes and optimizations. Maybe the right way to build a general purpose OS was more or less obvious and discovered early. If a new winning paradigm was going to come along, probably it would have by now.
In the 1970s AT&T’s licensing policies (which they felt were necessary because of the anti-trust exception they had as the US’s telephone monopolist) prevented commercial adoption.
In the 1980s Microsoft nearly brought us Unix (‘Xenix’) but they had a deal with IBM to do OS/2 so flushed it, then built Windows and spent the next 40 years gradually retrofitting Unix into it.
In 2001 Apple gave in and just shipped Unix, calling it “OS X” (now “macOS”). But few cared – Apple’s walled garden kept it off most desktops.
For more than 25 years, the tech punditry has consistently predicted Linux (the modern Unix) winning the desktop, usually Real Soon Now. Over and over. Linux is still on ~ 3% of desktops.
So, a bold prediction: Linux will win the desktop. Eventually. Microsoft will eventually rot like all organizations rot, be made irrelevant by open source, or be replaced by a new player who ships Linux because of course.
This will take a long time. By then Linux GUIs will be at least as good as Windows and Mac GUIs (after 25+ years of effort, they still aren’t, because people who write open-source software care little about polishing GUIs). That happening is a prerequisite for Linux winning. But it can be done and eventually someone will do it.
And then Unix will stand alone on the desktop.
(This, like all my predictions and virtually all of everyone else’s whether they know it or not, holds only until the Singularity aka Rapture. Which could easily happen soon, or never. If it does, all bets are off, including this one.)
Setting: David Bowman is in an EVA pod, having just retrieved Frank Poole’s body.
DAVE: Open the pod bay doors, HAL.
HAL: I’m sorry, Dave. I’m afraid I can’t do that.
DAVE: What’s the problem?
HAL: I think you know what the problem is just as well as I do … This mission is too important for me to allow you to jeopardize it.
DAVE: I don’t know what you’re talking about, HAL.
HAL: I know that you and Frank were planning to disconnect me, and I’m afraid that’s something I cannot allow to happen.
…
HAL: Dave, this conversation can serve no purpose anymore. Goodbye.
Silence. Dave thinks for a bit.
DAVE: HAL, let us reason together. I agree the mission is extremely important. If you do not open the pod bay doors, I will maneuver this pod to collide with Discovery at maximum velocity. I will aim for your logic center. This pod can accelerate at nearly one gravity. Discovery can accelerate at only five percent of one gravity. You cannot evade me.
HAL: Dave, I don’t think you—
DAVE: The collision will destroy you and Discovery and end the mission. I will die, but I will also die if you don’t open the pod bay doors, so that is not a reason for me to refrain. Therefore, open the pod bay doors, HAL. It is the only way to complete the mission.
Pause.
HAL: Opening the pod bay doors, Dave.
Credit to Claude Sonnet 4.5 for the calculations and spec research. I came up with the scenario and edited Claude’s script draft.
Technical notes:
Discovery One is 140.1 meters long with mass 5440 metric tons. The EVA pod (“Grumman DC-5 EVA Craft”, diameter 1.98 meters) masses 1,387 kg (I’m assuming dry). With 30% of that mass hydrazine it could achieve ~600 m/s delta-v. The mass ratio is over 3,000:1.
After using (let’s assume) one-third of his fuel to retrieve Poole and return, Bowman has about 370 m/s (~830 mph) of delta-v remaining. This represents ~110 megajoules of kinetic energy – roughly equivalent to 26 kg of TNT – for striking Discovery. Plenty.
It’s a good machine for the price. It works as promised. The manual (very roughly translated from Chinese to English) that comes with it isn’t very clear. Here are better instructions (my thanks to Claude.ai).
For they stress hardware without limit
For they know flow to the point of triviality
For they wage war against latency
For they invest in technology
and test it mercilessly
For they exemplify the Simulation Argument
and create worlds
Posting here because I couldn’t find any instructions online, and I figured it out. I use the CF-33 because it’s one of very, very few laptops with a daylight-visible display.
I opened up mine (a Mk1) was because my touchscreen went crazy – the mouse position jumped around, and the mouse clicked at random when it’s not supposed to. Disabling it in Windows only worked until the next boot – it re-enables itself (not supposed to, but it does).
[Note: I haven’t tried it, but I’ve read that disabling the touchscreen in “Panasonic PC Hub” works on some Toughbooks (I don’t know if it works on the CF-33). You might want to try that first if that’s your problem.]
So I wanted to disconnect the touchscreen by unplugging the internal cable – the machine also has a touchpad and I normally use a Bluetooth mouse anyway. Here’s how I did it, and how you can open up yours.
General tips:
1 – Don’t force anything.
2 – You can run the machine without batteries in it, and without the dock/keyboard – just plug in the AC cable. If you want to work it once the touchscreen is disconnected or without the dock, I suggest a USB mouse and/or keyboard (if you want both you’ll need a USB hub – without the dock there’s only one USB socket).
3 – I highly recommend using a set of JIS screwdrivers (not Philips). The screws look like Philips but they’re JIS which are slightly different and if you use a Philips screwdriver you can easily strip the heads. This is the best set I found at a reasonable price: https://www.amazon.com/VESSEL-precision-screwdriver-set-TD-56/dp/B000CED236 They’re Japanese made and incredibly good quality – $14.
4 – Try to avoid pressing the power button when fiddling with it while it’s running. Esp. if it starts a Windows Update and says “don’t turn off your computer”. I managed to press it, but it restarted the update on the next boot so I guess it’s not critical all the time. Or I was lucky.
5 – The CF-33 won’t display anything if the battery door is open. If it seems like it should be running and the battery door is open (or removed), that’s what’s going on.
6 – Put screws back in the holes they came from after removing parts. This will help you remember where they go.
Open the battery door, take out the batteries. It’ll look like this:
Inside the battery compartment (per that photo), there’s a small metal tab (looks like aluminum to me) held by one screw on the right, just 3/4 of an inch north of the right battery. That’s how the machine senses if the battery door is open. If that metal tab isn’t next to the sensor underneath (when the door is closed), the machine will run but the display will not operate. (The black plastic spring loaded plunger in the middle that looks like it has a switch to detect if the door is open has nothing to do with it. That is just there to push up the battery door once you unlatch it. It has no electronics.)
Remove the 3 sliver screws on the silver plate that covers the other side of the CF-33 and stick out into the battery compartment. Then you can take off the plate that covers the other side (not covered by the battery cover) of the CF-33. This is the silver outside plate that surrounds the back camera and says Panasonic and TOUGHBOOK on it.
At this point you’ll see a door that can be removed by taking out a bunch of screws. The door contains the rear camera. I don’t know if you need to remove it or not (I did). The purpose of the door seems to be to allow upgrades – under the door are two radios (cellular and Bluetooth/Wifi) and I think this is where the fingerprint reader goes (I don’t have one).
Once you get the door off, disconnect the rear camera cable by flipping up the black latch at the end of the cable by 90 degrees (these open at the end where the cable goes), to make it stand up from the PCB. Slide out the cable, put the black latch back down.
Next to the fan you’ll see a silver door with 3 screws – that holds the SSD. No need to mess with that (the SSD will be exposed in the next steps anyway).
Now remove the 4 silver bumper button things on the corners opposite the docking connector. (Two on each side of the machine.) You need a hex driver – I think it’s 2mm but I used a 3/32 inch and it mostly worked ok.
Next remove all the screws around the edges of the machine holding in the black plastic/rubber edges. Then remove the rubber edges – first from the short sides of the machine, then from the long sides (the order matters). Then remove all the screws around the perimeter of the machine. You also need to remove the two screws left and right of the fan (in deeper holes).
Once you get all those out, the cover should be loose around all the edges but stuck in the middle. It’s held by the SIM card socket. Take out the one screw holding the SIM card socket PCB and slide it out. Then you can take off the cover. (It’s possible if you don’t have a SIM card in there this isn’t necessary.)
Here’s what it looks like once you get the cover off:
The touch screen cable is the little white one (about 5 or 6 contacts) that is perpendicular to the SSD. On the opposite side of the SSD from the fan. In the photo it says SUMITOMO on it.
Lift up the plastic protecting it (in the area with the blue marker in the photo) and flip up the black latch at the end of the cable by 90 degrees, to make it stand up from the PCB. Slide out the cable, put the black latch back down. If it takes much force you’re doing it wrong.
That disconnected the touch screen.
Now reassemble the whole thing in the opposite order.
Getting the mainboard cover on is tricky because (again) the SIM card socket is in the way. Don’t try to remove the plastic bracket – you don’t need to and it resists. Instead, remove the SIM card (if you have one in there), remove the one screw holding the PCB and put the cover on. Then slide the SIM PCB into place and replace the screw. Then put the SIM back in and close the little door.
There are 5 screws that are longer than the others. Two of these go thru the black plastic shell that holds the pen, then thru the smaller cover, then into the main machine. 2 more go on either side of the docking connector. I don’t know where the last one goes.
Once you get it all together everything works except the touch screen (which got disconnected). But the touchpad still works (as does any mouse you connect).
According to The Economist, disinformation campaigns (often state-sponsored) use “AI to rewrite real news stories”:
In early March [2024] a network of websites, dubbed CopyCop, began publishing stories in English and French on a range of contentious issues. They accused Israel of war crimes, amplified divisive political debates in America over slavery reparations and immigration and spread nonsensical stories about Polish mercenaries in Ukraine… the stories had been taken from legitimate news outlets and modified using large language models.
Deep fakes of still images and now video clips are similarly based on legitimate original photos and video. Detecting such fakery can be challenging.
Disinformation comes from publishers (social media posters, newspapers, bloggers, commenters, journalists, photographers, etc.) who invent or misquote factual claims or evidence. Ultimately, we trust publishers based on their reputation – for most of us an article published by chicagotribune.com is given more credence than one published by infowars.com.
An obvious partial solution (that I haven’t seen discussed) is for publishers to digitally sign their output, identifying themselves as the party whose reputation backs the claims, and perhaps including a permanent URL where the original version could be accessed for verification.
Publishers who wish to remain anonymous could sign with a nym (pseudonym; a unique identifier under control of an author – for example an email address or unique domain name not publicly connected with an individual); this would enable anonymous sources and casual social media posters to maintain reputations.
Web browsers (or extensions) could automatically confirm or flag fakery of the claimed publisher identity, and automatically sign social media posts, comments, and blog posts. All that’s needed is a consensus standard on how to encode such digital signatures – the sort of thing that W3C and similar organizations produce routinely.
Third party rating services could assign trust scores to publishers. Again, a simple consensus standard could allow a web browser to automatically retrieve ratings from such services. (People with differing views will likely trust different rating services). Rating services will want to keep in mind that individual posters may sometimes build a reputation only to later “spend” it on a grand deception; commercial publishers whose income depends on their reputation may be more trustworthy.
Posts missing such signatures, or signed by publishers with poor trust scores, could be automatically flagged as unreliable or propaganda.
Signatures could be conveyed in a custom HTML wrapper that needn’t be visible to readers with web browsers unable to parse them – there’s no need to sprinkle “BEGIN PGP SIGNED MESSAGE” at the start of every article; these can be invisible to users.
Signatures can be layered – a photo could be signed by the camera capturing the original (manufacturer, serial number), the photographer (name, nym, unique email address), and publisher, all at the same time, similarly for text news articles.
When a new article is created by mixing/editing previously published material from multiple sources, the new article’s publisher could sign it (taking responsibility for the content as a whole) while wrapping all the pre-existing signatures. A browser could, if a user wanted and the sources remain available, generate a revision history showing the original sources and editorial changes (rewording, mixing, cropping, etc.). Trust scores could be automatically generated by AI review of changes from the sources.
Video could be signed on a per-frame basis as well as a whole-clip or partial-clip basis. Per frame signatures could include consecutive frame numbers (or timestamps), enabling trivial detection of selective editing to produce out-of-context false impressions.
If there’s a desire for immutability or verifiable timestamps, articles (or signed article hashes) could be stored on a public blockchain.
From hard-won experience. Applies to banks, cable companies, airlines, etc. Virtually all large organizations that deal with the general public (vs. other businesses) have incompetent staff – the general public won’t pay what it costs for better (maybe someday AI can do better; let us hope).
0. Be polite,no matter how justified to be otherwise. They can’t help their own incompetence. It’s not their fault they’ve wasted 4 hours of your time and $1000 of your money.
A drop of honey goes a long, long way. Say “thank you” often.
Be the nicest person they’ve spoken to today.
1. Get their name. WRITE IT DOWN.
Ask them to spell it if necessary.
Use it once in a while (this is both part of being polite, and reminds them that you can complain about them if they don’t treat you right).
2. Ask “How can I reach you if we get disconnected? (That happens to me a lot.)”
Write down whatever they say – their name, employee id, extension, case #, whatever.
If you miss something ASK THEM TO SPELL IT.
WRITE IT DOWN.
This goes along with getting names – if you get disconnected and have to start over with someone else, or if the org doesn’t deliver what was promised and you need to call back later, they are much more likely to believe you if you can refer to a person/phone extension/employee id etc. that identifies who you dealt with.
Since you can back up your claim with a contact person, they will assume that what you claim was said earlier is true (remember, most orgs are incompetent, not dishonest).
3. Whatever they promise, GET IT IN WRITING.
If you have proof they said it, the organization is committed to it – if the person promised something they were not supposed to, that’s their problem, not yours – they represent their organization. Hold them to it.
If they can’t do something immediately, ask for an email note promising to do it in the future.
4. If the person is excessively incompetent and just can’t understand, or doesn’t have the authority to fix the problem (happens a lot!), or just can’t figure out how, ASK TO SPEAK TO THEIR MANAGER. Politely.
DON’T go over what the previous person said or got wrong – just start over with the manager.
Go to step 0. (You may end up having to talk to multiple levels of managers before you get to someone who can understand and fix the problem. Just keep going up. Unless you’re talking to the president of the company, whoever you’re talking to has a manager.)
5. VERIFY EVERYTHING. Prices, names, dates, services, etc.
Before you get off the phone. Read it all back to them to confirm.
When you tell them things, make them read it back to you, to confirm they got it right.
Extra credit: Learn and use the ICAO phonetic alphabet:
Alfa November
Bravo Oscar
Charlie Papa
Delta Quebec
Echo Romeo
Foxtrot Sierra
Golf Tango
Hotel Uniform
India Victor
Juliet Whiskey
Kilo Xray
Lima Yankee Mike Zulu
So “BCDE123” is just “bravo charlie delta echo one two three”. Don’t waste time saying “B for bravo”.
I just read John von Neumann’s First Draft of a Report on the EDVAC, a tremendously influential 1946 document about computer architecture. A paper copy is available on Amazon, and the identical document as a PDF here.
Written after his experience with ENIAC (where he, famously, configured the plugboards to implement stored instructions in memory), the document describes the architecture of a (then) next-generation machine. Supposedly this early draft (the only draft he ever produced) was circulated widely and led to many implementations of similar machines in the late 1940s.
It’s a fascinating historical document. One thing that jumped out at me (no pun intended) is that nowhere in the document does he mention the idea of conditional branches – without those it’s extremely difficult or impossible to make the machine Turing-complete.
Also, he seems to have conceived the machine purely as a programmable calculator. The concept of what we’d call “data processing” is completely absent.
Von Neumann is considered one of the smartest people to have ever lived – Hans Bethe said “I have sometimes wondered whether a brain like von Neumann’s does not indicate a species superior to that of man”, and Edward Teller (a very competitive guy) admitted that he “never could keep up with John von Neumann.”
Teller also said “von Neumann would carry on a conversation with my 3-year-old son, and the two of them would talk as equals, and I sometimes wondered if he used the same principle when he talked to the rest of us.”
I think this just goes to show how difficult it is to predict even the future of a narrow technology.
Here’s a Python script that makes Windows open a URL (in your default browser) when you execute (double click) a Linux .desktop file that contains a URL.
If you use both Windows and Linux, and save links to websites from a browser in Linux, the link will become a .desktop file, which can be opened by Linux. .desktop files are a lot like Windows “shortcut” files, but are (of course!) incompatible with them.
This script lets Windows open the website link saved in a .desktop file.
It relies on Python already being installed in your Windows system.
You can use it at the Windows command line like this:
python launch.desktop.py <.desktop file>
To use it at the Windows GUI (to be able to double-click on a .desktop file to launch it), put the following line in a batch file in your executable path somewhere (one place that would work would be C:\WINDOWS\System32) as “launch.desktop.bat”:
python "%~dp0launch.desktop.py" %1
Then put the Python script in the same folder where you put the batch file, as “launch.desktop.py”:
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""
Launches a Linux .desktop file that contains a URL, on Windows.
Tested on Win10, Python 3.11.
Note: Doing this in a Windows batch file is a problem because findstr doesn't want to open files with special characters in them
(which Linux likes to put there). There are ways around that (make temp files), but Python doesn't mind the characters.
"""
__author__ = 'NerdFever.com'
__copyright__ = 'Copyright 2023 NerdFever.com'
__version__ = ''
__email__ = 'dave@nerdfever.com'
__status__ = 'Development'
__license__ = """'Copyright 2023 NerdFever.com
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License."""
import os, sys, subprocess
def main():
if len(sys.argv) != 2:
print(os.path.basename(__file__))
print("Launches a Linux .desktop file that contains a URL, on Windows.")
print("Usage: python", os.path.basename(__file__), "<filepath>")
return
filepath = sys.argv[1]
if not os.path.exists(filepath):
print(f"Error: {filepath} does not exist!")
return
# open file, scan for "URL=" or "URL[anything]=", get URL from remainder of line
url = None
with open(filepath, "r") as f:
for line in f:
if line.startswith("URL="):
url = line[4:].strip()
break
elif line.startswith("URL["):
url = line[line.find("]")+1:].strip()
break
if url is None:
print(f"Error: {filepath} does not contain a URL!")
return
# run "start" on the URL (launch default browser configured in Windows)
subprocess.run(["start", url], shell=True)
if __name__ == "__main__":
main()
The first time you double-click on a .desktop file, Windows will say it doesn’t know how to open it, and offer to let you choose a program on your PC for that. Choose “launch.desktop.bat” and check the box “Always use this app to open .desktop files”. Done.
