178 comments

[ 3.2 ms ] story [ 225 ms ] thread
Off-topic: the font in this blog renders very poorly. I know the solution is to disable remote fonts in ublock origin, but that means that websites that use fonts to show icons will not work properly. Has anybody found a solution?
I can also see it. It must be a Firefox bug. Reduce zoom to whatever it takes to counter your DPI scaling.
Not sure what you mean with "renders very poorly", is it just the font that doesn't look good for you or seems like a bug?

This is how it looks for me on Firefox/Ubuntu: https://imgur.com/a/WFx2okh

Seems fine, although I'd probably choose a different font myself.

They probably use it mostly in Korean anyway so I don't think the English character rendering matters very much to them. After all they only have access to a national "intranet" which will probably also be in Korean.

Ps: yes a lot of assumptions here but it's North Korea :)

> Has anybody found a solution?

Frontend designers should stop using remote fonts, or fonts at all, for icons.

And all bad programmers should stop being bad programmers, easy.

Maybe if you don't have something useful to add to the conversation, you should refrain from adding anything at all.

Found the designer.
(comment deleted)
lol, I'm as far away as a designer as you can be, but thanks for the laugh :)
"The system is absolutely network-silent except when you actively do something that requires network access, like using the browser. It does not call the mothership, not for updates, not for telemetry, not to let Kim Jong Un know the status of your internal organs. Spoiler, he doesn’t give a fuck about your hentai porn. "

Take that, Microsoft!

I recall reading a different “review” a few years back and they found it calling back home.
The OS seems to be re-developed from scratch each version. Perhaps it has changed.
Sounds like they finally worked out all the bugs from their malware and it is that much harder to detect.
In a former job, I had to inspect network traffic on my mac. So I install Charles, open it up, and start looking around. I was astounded how much network activity is going on that I had no idea about.
Apple would never write software that scans your files and reports material your XOR USG does not like, without your knowledge.
There was a linux distro I checked out a few years ago that routed every connection through tor and also asked for permission for every app connecting to the internet and I was similarly astounded by the fact that pretty much everything is sending some sort of data and people knew nothing about
Yeah, even Linux is crazy-chatty these days. I miss sniffing packets on a home or small office network and being able to follow what was going on without any filters. Now even on a smallish network, all your "idle" devices are spitting out packets constantly, so with "nothing going on" WireShark scrolls so fast with 20+ different interwoven conversations that it's impossible to follow. And god forbid you have any browser tabs open, since so many chat constantly in the background now.

Everyone decided that "telemetry" isn't spying and is totally fine (it obviously fucking is and it absolutely is not, respectively). Plus stuff like Bonjour came along.

Which distro are you talking about?
Macs have always had incredible network use, even way back in the dialup days when I started working with them.

The software seems to be designed to assume a perfect, exceedingly fat network connection at all times, and that all processes can do what they want with it.

In all the years I've been using Macs, as far as I can tell, there is nothing in the OS that says, "Oh, the person is sending e-mail over a crappy cellular connection. Maybe now is not the best time to download a multi-gigabyte software update."

I don't know what the situation is like on the Windows side, but I've always assumed that Apple bungs gigabit ethernet into the houses and cubicles of all of its developers, and they never have to connect to things in the real world.

this needs clarification -- the Operating System under Mac OSX is designed during the Great-TCPIP-Expansion, and is NOT chatty, in fact things that were chatty were slapped down regularly. Since then, the MBAs at Apple Inc have built their "I Phoney" world, and certainly have added stupid chat. The details matter, for those that wish to move forward
Windows allows the user to mark a connection as limited/metered which supposedly reduces background usage of services like OneDrive and Windows Update. I'm not aware of the degree of impact and what is allowed despite the setting. There is a secondary mechanism to reduce background usage when enabling Battery Saver mode.
Windows updates (and other first and third party downloads) can be downloaded through the background intelligent transfer service (BITS) which uses idle bandwidth, and throttles the download when something else is using the pipe.
Then along came Windows 10 and its so-called Delivery Optimization Service (should rather be called Denial-of-Service service), which spams literally dozens of simultaneous TCP connections for downloading updates and thereby effectively monopolises your whole home's internet connection.

(Don't know if this has ever been fixed because I've since kept Delivery Optimization turned off and rely on BITS instead, which does indeed seem to work without causing any bandwidth shortage incidents).

This could be true, or it could recognize that it is running in a VM and change its behavior. This is a somewhat common trait of malware meant to throw off security researchers.
Why are VMs so bad at virtualizing?

An ideal VM should be indistinguishable from a real machine.

For example a virtualized system running Android should generate fake IMU data, not sit at 0 linear acceleration all the time. And have a real-looking fake IMEI, not a string of 0s.

I talked to a security researcher about it a few years ago and as I understood it it's a cat and mouse game. They are trying to mimic real phones but the malware authors always find a new way to tell whether it's fake.
Hi, virt engineer here. Partly because it a very hard problem (in fact, theoretically impossible if you include timing attacks), but mainly because you don't need to emulate the hardware very accurately in order to get common operating systems to run. Getting them to run is all that we're paid to do, and that's a difficult enough job already.

One strange aspect of this is that only a narrow range of current OSes run under virtualization. Qemu is great for running, say, current versions of Linux or Windows, but absolutely terrible if you try to run Linux 1.0 or Windows 95 or Solaris/x86 or any uncommon OS. (I tried a few of these several years ago out of curiosity, and none of them would even boot.) The reason is that we don't emulate enough of the corner cases in CPUs and devices to run those operating systems. eg. The SATA device only emulates the commands issued by drivers of modern operating systems, not every single command and dark corner of the real hardware.

To be fair there are emulators that try much harder to be cycle accurate, especially the ones designed to run old games. The MisTER is the current king here, but that uses an expensive FPGA and can just about emulate a 486 PC.

How does software-based x86 emulation (ie OG Connectix Virtual PC) compare to current hardware-assisted virtualization? Were older methods more cycle accurate than what’s in use now?
You reminded me of my father showing up home one time (around 2005, I was 7-8) proudly showing a random CD. Then after few hours he called to show off a virtual Windows 98 PC running in a window on our Windows XP computer. I was fascinated, total awe for a few minutes. Virtual PC became the basis for my experimentation with Windows Server 2003 and newer + Windows clients (even multiple networked PCs ran nicely!), later Linux servers inside Virtualbox, and led to my career in software engineering.

Anyways to answer your question, Virtual PC and VirtualBox can fully run old as well as new software, and the performance hit is not that bad (I ran multiple virtualized Windows Servers when a PC had 1GB of RAM). However more modern virtualization methods can offer bare metal-like performance, which Virtual PC/Virtualbox will never be able to make.

Thank you for your answer but also thank you for making me feel like I’m an old man.

I was in my last year of high school around the time you mentioned when I was experimenting with running Windows NT with a copy of Virtual PC.

So step 1 is to emulate the world within which the emulated machine exists?
That's bullshit because Qemu it's an emulator too, so it will run Solaris and W95 perfectly.

I am not a virt engineer but I could run W95, OS2 and heck, even Mac OS 9 under Qemu, recently.

Seriously, if you are a virt engineer, drop your title down :).

Qemu has an ISA pc module, and you need to disable kvm just to be sure. Set the CPU to Pentium and everything will be fine.

You might want to experiment yourself before making bold assertions, because you are wrong. I've just tried these (with qemu-system-x86-6.0.0-7.fc35.x86_64):

Microsoft_Windows_NT_Server_Version_4.0_227-075-385_CD-KEY_419-1343253_1996.iso (1996, own copy)

Installer starts, locks up with screen corruption about 5 seconds in.

https://archive.org/details/windows-95_fixcpu_iso_windows_is... (1994-ish)

Cannot read the emulated CD-ROM.

https://archive.org/details/redhat-9.0_release (2003)

Installer boots, but fails at partitioning stage, the first time it accesses the disk.

https://archive.org/details/IBMOS2Warp4Collection (1996)

Cannot read the emulated CD-ROM.

Plan 9, 4th ed. (2003, own copy)

Gets quite far, up to the login, although with a lot of errors, but later hangs hard. (Out of all of them this looks closest to being possible to make work.)

I can also tell you that we're moving away from emulating i440fx entirely (to q35), and nothing prior to 2005 will work once that change has been made. In addition, changes to how virtio works means that guests before about 2010 that use virtio will have problems unless you take special steps.

What's your parameter for Qemu?

Could you provide link to discussion that i440fx going to be removed?

Nah, he is a "virt engineer", ofc he/she doesn't have a clue on Qemu without KVM ;).

JK. Old stuff it's difficult to emulate if you only know qemu from KVM and you didn't use Qemu since the Bellard days, or Bochs.

Meanwhile, I emulated w95, w98, Linux 2.2/2.4 based distros (my first Linux), OS/2 and so on just fine. Even BeOS.

Ah, sure?

1) Don't use Qemu from the kvm binary.

2) Don't use VirtIO

3) Don't set the CPU higher than a Pentium for w95/w98/NT4, Pentium2 may be fine for w98SE.

   >qemu-system-i386  -M help 
   isapc                ISA-only PC

   >qemu-system-i386  --version
   QEMU emulator version 6.1.0
   Copyright (c) 2003-2021 Fabrice Bellard and the QEMU Project developers
This should work for NT4

   qemu-system-i386 -cdrom $CDROM -m 32 -vga cirrus -net nic,model=pcnet -net user -cpu pentium -hda $DISK
Also, if qemu enables kvm by default, set the machine acceleration method to TCG.

Bye, "virt engineer".

I installed NT 3.51 in Qemu not long ago. I can look up the Qemu settings I used if it's of interest.
Real hardware is finicky and complex. It would be very slow to virtualize every hardware device in a system to a level not distinguishable to software. If you do shoot for complete accuracy (e.g. projects like 86Box), you take at least a ~100x performance hit, and also lose out on useful features like dragging files into/out of the VM.
For anyone interested in this, read through the Dolphin emulator reports [0].

Specifically, look for examples of bugs they've fixed, and why they were triggered.

At this point, they're essentially all of the "X software depended on a quirk of Y feature, to do (whatever), because the developers chose to do it that way." For that one specific piece of software, and nowhere else.

And that's for a game console with highly standardized hardware and libraries. The general purpose computer has a bit larger mutation surface. :-)

Or, to crib from another sibling poster,

"You have a million places to make sure your virtualization looks like the actual artifact. Of those, 100 are used by everything, 1,000 are used by many things, and 10,000 are used by a few things. The remainder may be used by some piece of software out there, somewhere."

"You have a year to build a working product. Are you going to implement and equally test all million things?"

[0] https://dolphin-emu.org/blog/

The goal is usually cooperative virtualisation, not adversarial virtualisation. Most people don't need to hide that the environment is a VM, because the OS and applications by and large don't care about that.
> An ideal VM should be indistinguishable from a real machine.

Ideal for what purpose?

virtio is a good example of where that breaks down. For a lot of use cases, directly exposing an explicitly virtual device rather than emulating real hardware can be much more efficient and avoid bugs.

For example, it may help a virtualised system avoid some layers of caching or optimisation if they are redundant because they are nested inside a system already doing that.

Making your VM indistinguishable from real hardware is nice for some use cases, absolutely, but in many it isn't what you want.

> Ideal for what purpose?

To shove it at companies like Tencent who will ban you for trying to run WeChat in a virtual machine, and restore freedom to the user to run software how they want. WeChat also randomly scans for Wi-Fi networks, I'm guessing they sniff VMs with tricks like that.

It should also be a violation of disability law to force users to use a hardware mobile phone to run a particular piece of software. VMs open the doors to custom accessibility solutions.

They shouldn't even have the right to know what it's running on, they should just hand me bytecode of a suggested (but not required) client, and open a port on their server for service.

Also in general to shove it at any company with potential spyware. I always run unknown closed-source software in a VM and I should have the basic right to do that. But sometimes those companies try to detect VMs. If the VM engine is good enough they shouldn't be able to.

Sure, my point wasn't that there is no use case, just that there are use cases where it isn't necessary and—more than that—is counterproductive
VM detection and escape (breaking through the VM to access the host machine) is an active area of research and a very hard nut to crack. It's trench warfare!
> or it could recognize that it is running in a VM and change its behavior.

Agree. I would go even further to state this probably comes pre-installed on any computer using it but anyone allowed access is only as standard user with the root user locked (maybe as standard user you do get monitored?)

This is something that black-box testing can never really verify. Behavior could be altered by the VM, by detecting that it's not in NK, be triggered sometime later, after typing an entry from a list, and so on.

And it's not like Microsoft gives too much fuck about anyone's hentai porn.

Microsoft not, but one of their client maybe.
The NSA i pretty interested in nudes and hentai.
Ha, since MS is selling ads (e.g. [1], [2]), they really should (/s) profile your por^W media viewing habits, and sell ad space to por^W media providers.

"Hey, you enjoy hentai (based on hashes of videos you watched last month, yes, we know you watched cumulatively 15 hours of the stuff, and hours more searching for them on torrent sites), enjoy 15% off of premium subscription to hentaihub, this month only!"

[1] https://www.xda-developers.com/microsoft-edge-buy-now-pay-la... , HN discussion: https://news.ycombinator.com/item?id=29288052

[2] https://answers.microsoft.com/en-us/windows/forum/windows_10...

(comment deleted)
(comment deleted)
Is it really necessary to run third-party javascript that "checks my browser" (collects information about me?) before letting me read the article?
Like most of the modern web, yes.
Was that not a proxy doing DDoS protection?
The usual method is to let Cloudflare collect that data passively, I like the honesty of letting the user see the DDoS protection in action better.

At least this website doesn't require a captcha when you're visiting through TOR, that's better than most websites behind DDoS protection.

(comment deleted)
Cloudflare runs DDoS protection against a surprisingly many sites now. Often you don't even see the "checking your browser" screen, it just happens passively.

While individual authors and publishers benefit substantially (caching, anti-DDoS, etc.), this is a huge net loss for the internet. It essentially entrenches Google and the rest of MAGMA as the forever winners of spidering the web. If you try to spin up your own crawler, you'll get hit by this bullshit. It's becoming impossible to bootstrap now.

Of course this version is now super-outdated. Are there any new versions available?
Red Star 4.0 (2017). Good luck finding it, I haven't.
So far, even though we know Red Star 4 exists and has for years now, it's very elusive with (AFAIK) no disc images yet found.

I think that there was a rumor that it was FreeBSD based instead of Linux based but don't quote me on that.

(comment deleted)
According to Wikipedia, a South Korean magazine got a copy, but they never uploaded the disc images.

However, they did takes a few screenshots. Red Star OS 4 is still MacOS-inspired but with a little more modern of a Mac look - think Mavericks (Red Star OS 3 inspiration) -> Yosemite (Red Star OS 4.0 inspiration). With a touch of Chrome OS and GNOME in there for good measure.

https://www.nkeconomy.com/news/articleView.html?idxno=3191

https://www.nkeconomy.com/news/articleView.html?idxno=3213

https://www.nkeconomy.com/news/articleView.html?idxno=3292

Did they take photos of their screen because it was running on a computer they didn't own or did they really have access to the ISOs (and for some reason didn't take screenshots)?
No idea. Could have been a visitor to North Korea who took photos on the tour (North Korea now does sort-of permit photos in certain areas to tourists).
If I remember rightly, 3.0 was sold in shops in North Korea? At least that's what the talk on it mentioned

Might just be a game of finding someone who goes to NK for teaching or the like to pick up a copy while there for archiving

Seems more privacy focused than Microsoft and Apple? So sad to even think that. Also, remember that China wouldn’t use Windows 10 due to how invasive the telemetry is unless Microsoft gave them a special version just for China.

I’m not saying that NK or China are privacy focused. It seems like even the spies don’t like to be spied on.

As far as I remember the Red Star kernel has a module which modifies all opened images and documents by appending a device fingerprint to the file. In fact it is a chain of fingerprints to trace where the file has been.

So not exactly 'privacy focused'.

[citation needed]. That would break a whole lot of things, and the kernel would be a silly place to implement it.
China also insisted on and got its own version of the trusted platform module, a chip that is present on all pcs that can run windows.

Rather than ridiculing what countries such as China or North Korea do in the name of national security, we tech people should pay strict attention as here are hints on how our own daily technology is being surveilled and controlled.

TPMs are also controlled in Russia IIRC.
A bit older but quite relevant and entertaining; "Florian Grunow, Niklaus Schiess: Lifting the Fog on Red Star OS", from the 2015 Chaos Computer Congress.

https://youtu.be/8LGDM9exlZw

> Spoiler, he doesn’t give a fuck about your hentai porn.

These operating systems do actually contain code that add a signature belonging to your install of the machine to pictures and video files, so be wary if spreading your hentai porn in Kim's country because it can be traced back to you.

That said, there's a lot of panic about fears of having it reach out across the internet and infect your entire network without any real basis. If you're comfortable with running Windows 11,you're already sharing more data than the DPRK could possibly want to extract from you, only the DPRK can't use that data and the Five Eyes most likely can.

The Glorious Leader liked his Macbook so he ordered his lackeys to build North Korea their own Macbooks with a shitty font and tracking submitted to their services instead it Apple's.

> add a signature belonging to your install of the machine to pictures and video files

But why?

> > add a signature belonging to your install of the machine to pictures and video files

> But why?

Any media negative about the regime can be traced back to its source so they can be suicided.

edit, more specific info from https://www.reuters.com/article/northkorea-computers-idUSKBN...:

>Red Star also addresses a more pressing concern: cracking down on the growing underground exchange of foreign movies, music and writing.

>Illegal media is usually passed from person-to-person in North Korea using USB sticks and microSD cards, making it hard for the government to track where they come from.

>Red Star tackles this by tagging, or watermarking, every document or media file on a computer or on any USB stick connected to it. That means that any file could be traced back to anyone who had previously opened or created the file.

The KGB used to require all typewriters to be registered, so they could identify the authors of anything they found objectionable.

Being able to track who produced an image that's doing the rounds spreading "propaganda" seems like it adds a lot of value (from an authoritarian point of view, at least).

printers do that too with yellow dots
The US still does this today via the MIC:

https://en.wikipedia.org/wiki/Machine_Identification_Code

That's why your color printer cannot print in B&W when you're out of color ink (or at least one reason).

> which certain color laser printers and copiers

Inkjet printers are far more likely to not let you print without color ink, because they need to add the color inks to produce a darker black. Laser printers are far more likely to let you print without color toner (and as such, I've never worked with a laser printer that requires non-empty color toner cartridges), because they don't need to add additional colors for black.

LOL yeah the US does the exact same thing.

I would pay to read a newspaper that (somewhat satirically) reported on the US the way we report on our adversaries. Complete with referring to police as "security forces", including wild speculations about the backstabbing behind-the-scenes of their top politics, etc.

The Washington Post does this occasionally.

https://www.washingtonpost.com/opinions/2020/05/29/how-weste...

https://www.washingtonpost.com/news/global-opinions/wp/2017/...

"'Culturally, Americans are a curious lot,' said Andrew Darcy Morthington, an United Kingdom-based commentator who once embarked on a two-year mission trip to teach rural American children and therefore qualifies as an expert on U.S. affairs."

Well, just try some russian or chinese newspapers.

I do it at times.

There surely is wild propaganda mixed in, but also some very clear analysis of a certain cituation. More so, if for example russia is reporting on US-China crisis. Or vice versa.

You have to take into account bias even then. Negative bias and propaganda can be just as strong. But yeah, I personally read German news or AL Jazeera or whatever.
The issue I take with this point is that:

  1) There's plenty of criticism of the West from within its many nations borders
  2) There's far more from outside its borders
  3) Criticism of crushingly oppressive dictatorships is strictly forbidden from within
With that context, Western criticism of oppressive dictatorships serves a vital purpose, and so does fair criticism of the West.
> Complete with referring to police as "security forces",

The western press goes in to far more detail about how oppressive, brutal and unaccountable American police are than any other country. There is pretty much an unending stream of criticism of the police.

> including wild speculations about the backstabbing behind-the-scenes of their top politics, etc.

If you have never seen such speculation about American politicians, I assume you have never looked at a newspaper.

Eh, it's not quite the same. There was some foreign paper that described the George Floyd protests as 'tensions continue to rise over the death of an ethnic minority in a agrarian province at the hands of state security forces' that made me chortle when I read it.
It’s not quite the same - it’s far more critical.
I disagree.
‘tensions continue to rise over the death of an ethnic minority in a agrarian province at the hands of state security forces’

Is absolutely nothing compared to the mountains of analysis of how racist and brutal the US police are, likening them to slave patrols, citing statistics about how often unarmed black people are killed, criticizing the Supreme Court for qualified immunity, explaining the overpolicing of trivial crimes in poor neighborhood and underpolicing of serious crimes that harm this same neighborhoods, the school to prison pipeline etc. etc.

You’d be forgiven for thinking we live in an open society with a free press where people are unafraid to criticize the government and police.

It's a cute, but direct attack on the Imperialism that underpins the issues, including the function of police domestically.

And the police here are racist, brutal, and mostly above legal consequences. The media here generally stops short of examining the power structures that makes that the case. It's more oh dearism than actionable information.

And have you seen China's media? The allow and even encourage complaints about local government, including in mass media. What you've stated about "an open society with a free press" not some high bar of freedom, but generally used as a pressure release valve for malcontent that does nothing to address why it's like that in the first place. They, like the US, love a good story that let's them "fight corruption" in a way that doesn't change why the corruption was allowed to fester in the first place.

> They allow and even encourage complaints about local government.

But not the communist party or it’s officials, eh?

You can’t seriously be claiming that China is a more open society which allows greater media analysis of it’s power structures.

I claimed nothing of the sort; I'm not sure how you jumped to that.

I'm simply pointing out that the ability for media to complain about the local actions of security forces, .gov policy decisions, and the occasional high ranking official who serves as a focal point for malcontent does not make for a free and open society, using an example that we can both agree is neither free nor open.

> media to complain about the local actions of security forces, .gov policy decisions, and the occasional high ranking official who serves as a focal point for malcontent does not make for a free and open society, using an example that we can both agree is neither free nor open

Yes. I assert that this describes China, but not the US.

Are you claiming it also describes the US?

Which powerful individual or institutions do you think are protected from criticism?

> I would pay to read a newspaper that (somewhat satirically) reported on the US the way we report on our adversaries

If you really want this, just start reading foreign news.

I read quite a bit of news, but unfortunately only speak english.

It is not quite the same - newspapers put out in english by foreign adversaries are usually targeting foreign audiences, so they are not written in quite the same fashion as how American outlets describe regimes in other countries.

The closest I've found is SCMP English in Beijing, which (at least for print) is apparently different (and more slanted) than the English version found in the US.

"Regime" and "oligarchs" are my big annoyances. If you used words and phrases like these for domestic stories consistently, they'd lose all of their propaganda value.

Hell, "propaganda" is the archetypal example. All communications with the primary purpose of advocacy were referred to as propaganda until the propaganda industry came up with the term "Public Relations."

It's a bit like the Anglo-Saxon/Latin split in English, where the Anglo-Saxon word means the cheap, commonplace version of whatever the Norman word is. English for the last century or so has had a sort of "communist register" that you're required to use about things that are officially disapproved of.

Nowadays they're trying to enforce social media and messengers to require your phone number (most of them do this already anyway), and to get SIM-card you need your ID document. This way they can track down who posted a link to "Putin's palace", for example. And thanks to enforced data localization they may not even need help from social platform itself - they pwn hard drives.

The difference between this and Apple's data collection, for example, is that Apple cannot use this information to imprison or kill you. At least until they deploy automatic scanner for cp in your photos.

How could a specific typewriter be tracked from a typed document?
The letter 'blanks' which hit the ribbon in a typewriter are imperfect, as all physical objects, so having a sample and a registered owner can be used tell that this document was written on this particular typewriter because e.g. all their letters 'F' have a tiny scratch in just the right place.

It's similar to e.g. identifying specific guns by the markings left by imperfections of the barrel, you'd also take sample shots which can then be matched to the specific gun.

He's talking about old mechanical style typewriters. Due to mechanical tolerances of the time, the letter shape and the alignment of the type bar would be slightly imperfect, and unique to that typewriter, acting as a fingerprint.

It's the reason why ransom notes from old movies are made of letters cut out from different magazines and newspapers. No handwriting, and no typewriter.

Did you know that US Secret service has samples of ink from various ball point pens? (https://www.12news.com/article/news/nation-world/look-inside...)

So looking at a document, you'd not be able to know what typewriter it was written from, no.

However, looking at a document, you may be able to tell the make and model of the typewriter, due to different typefaces and known mechanical differences across the make/model. That, coupled with a location or list of suspects, would allow you to examine specific typewriters. You may be able to determine a letter was written from a -given- typewriter, as machining differences in the keys, and differences in wear and tear over time can lead to minute differences in how the ink adheres. If you also have a letter written by a specific suspect, the variation in typing (how hard they hit the keys, common typing mistakes, etc) can lead to greater certainty of the author.

So looking at a document, you'd not be able to know what typewriter it was written from, no.

Actually, yes. Typewriters, especially well-used ones develop their own quirks. The "e" is a little higher or lower. The "o" gets a little filled with ink. It's mechanical, so parts wear, things get a bit off, and with enough use, each typewriter develops its own fingerprint.

It's been a thing in mystery novels at least back to the 1920's.

How reliable is this compared to bite marks?
Actually, no. If you were to hand someone a typed document, you would not know "Ah-hah. I can tell by the e that is precisely 3 nanometers above the line, and the slight smudging of the ink on the qs, that this was written by Joe Schmoe's typewriter, which I have "registered", but which I otherwise do not have access to". You say it yourself; typewriters "develop" quirks, in addition to any they start with, meaning that even if you had collected samples of every typewriter at the time of sale, and had a way to compare a document against all of them (despite this being pre-computer, given the prevalence of typewriters), you would not be able to find a match.

What -you- are describing, is "Was this particular document written on this particular typewriter", which is possible by comparing it against a document you know to have been written by that typewriter, and which I detail in my answer which you didn't fully read ("That (...) would allow you to examine specific typewriters. You may be able to determine a letter was written from a -given- typewriter").

This is identical to ballistics; finding a fired bullet does not tell you the specific gun that fired it (but may tell you the model/make; certainly, it will tell you the type of ammunition it takes). But if you have a bullet of known provenance (i.e., one you fired from a suspect's gun), you can tell if the markings left on the bullets match.

Or you could just require a sample page of printed text submitted for every typewriter. Which is exactly what KGB did.
(comment deleted)
> If you're comfortable with running Windows 11,you're already sharing more data than...

Do you know of any good writeups on the details of Windows 11 data sharing?

How about MS stealing executables and running them on their own servers on the default config of win10?

If you had a build of your own application with hardcoded keys in the binary, there is a high chance MS has it now.

https://news.ycombinator.com/item?id=21180019

That's absolutely appalling.

I used to exempt Microsoft as the "one good MAGMA" under Nadella's leadership, but they're clearly stepping back into evil territory:

- stealing your Windows files and secrets

- capturing our industry with Github (the development ecosystem is accreting here)

- Github Co-pilot training on GPL

- Microsoft pay website injection in Edge

- heinous Xbox DRM

- LinkedIn is still scummy and full of anti-patterns

> - Github Co-pilot training on GPL

Why is training Github on GPL bad, but training a language model on public domain books and texts not?

Edit: Thank you for explaining the problem.

Because code derived from GPL code is also GPL. Co-pilot (sometimes) intelligently copies and pastes GPL code.
> Because code derived from GPL code is also GPL.

I’m not happy with the Co-Pilot situation either but for the sake of correctness it should it should be pointed out that your point hasn’t actually been tested in court with regards to machine learning. In fact some lawyers have suggested the GPL might not cover that particular scenario.

No one should want to test this - it's terrifying for companies and developers alike.
I think it’s better we do know because that should lead to refinements in licences (eg a GPLv4 that explicitly allows humans to write original works conceptually based off content read but not derived from code from; while explicitly disallowing code use for machine learning except where the published work is also licensed GPL).
It's funny too because GitHub definitely knows the license for every single code sample in their database -- they could easily incorporate this
Is CoPilot and its models open source like the GPL software it trains on are?

There's a difference between public domain and GPL. You can do whatever you want with public domain works and nobody can say otherwise. That's not the case with GPL.

> If you're comfortable with running Windows 11,you're already sharing more data than the DPRK could possibly want to extract from you

Citation needed. Sure, Windows collects a lot of telemetry, but Microsoft takes great pains to ensure these data are privacy-protecting. On the other hand, if you assume an OS from an authoritarian regime is collecting info, it would seem that by definition, they want to know exactly who you are.

I'll even give Apple and Google the benefit of the doubt that they're similarly (to Microsoft) concerned about protecting PII.

this always looked surprisingly well polished to me.
Why is it surprising that the top 1% programmers of an entire country (many of them probably with western education) can produce quality software when put under deadly threat?
I don't think that any programmers in the DPRK will have access to western education.

People who do are many, many tiers up.

The assumes that’s how they are motivated. We also know quality suffers with a gun to your head.

They are far more likely to produce quality work by patriotism or material rewards.

I don't think they had a gun to their head literally, or that the threat was voiced - but IMHO not many of them would defy the order and definitely would not try to make the project slow down or fail, due to the implied threat of "disappearance".

> They are far more likely to produce quality work by patriotism or material rewards.

Is that really what you feel as a programmer that has to take free and open software and make it closed and spying while pretending it was your country that made the entire OS and apps and it's not just a rebrand?

I can agree with the material rewards. DPRK can probably make the best offers - maybe they're not paying in USD but most probably still enough to have a house/skyscraper apartment, servants, personal chef and driver, etc.

I have done far far worse in the name of God and Country.
Look the government of NK sucks, but I think your model of the world is wrong if you think they are being forced to build this operating system under deadly threat. I doubt they had to take this job, it is probably a pretty prestigious one in NK society.
Plus plenty of people in other countries do the same work as their hobby. I doubt North Koreans needed any coercion to build it.
The top 1% won't work on that.

The top 1% either work on surveillance (domestic and foreign), rocket control, hacking etc. to strengthen the state or for outside companies (I remember a German story about somebody regularly printing out android API docs for their team in North Korea) to bring money.

I knew a South Korean prof who chose to live in North Korea (as a philanthropic act) and teach at their top university (His research was in Embedded Electronics). Conversations with him completely changed my mind on North Korea, because prior to that my only context was through American/Canadian mainstream media (read: propaganda). I still think its a dictatorial regime that needs to be abolished and the North Korean people deserve democracy, but the day to day life of an average North Korean residing in a large city is not very different than any of us here.
This.

If anyone thinks North America isn't actively involved in propaganda as well, they are delusional.

The amount of "anti-china" comments i come across on the internet is shocking, and I can tell the posters have never left the US, let alone been to the country of their targeted "hate". Where do these strong views come from if they haven't been there, and probably have minimal contact with people who have?

Probably comes from the fact that you can't meet North Koreans because the ones who try to leave get shot.
You can meet North Koreans. US media generally doesn't have any interest in meeting them because they don't always answer questions about North Korea in the required way. US media prefers its North Koreans either silent or pitched to them by the wholly funded thinktanks of defense contractors.
One should separate anti-China with anti-CCP. The majority of comments are not the former, but the latter, and for good reason, as the CCP itself works in opposition to the Chinese people much of the time.
Just let any NK and China freely come and speak out then I believe you and him. Silly.
"but the day to day life of an average North Korean residing in a large city is not very different than any of us here."

Sure thing, I had to sneak out into the woods as well, to set my black pirated satellite internet connection up.

"Internet access is not generally available in North Korea. Only some high-level officials are allowed to access the global internet.[47] In most universities, a small number of strictly monitored computers are provided.

https://en.wikipedia.org/wiki/Censorship_in_North_Korea#Inte..."

When people say Hacker News doesn't have an intense bias I'll just link this comment.
The comment where a single person said that they heard that the elites of North Korea have fairly normal daily lives?

Are you saying that HN is biased because they haven't deleted the comment and tried to have the poster arrested for supporting terrorism?

I can link to your comment too where you imply that the bad news about North Korea is just defense contractor propaganda. Thanks!
Imagine being a North Korea simp like this.
Everything that has the eyes of the leaders of an oppressive regime has to look good and well polished.
https://youtu.be/8LGDM9exlZw - Florian Grunow and Niklaus Schiess, Lifting the Fog on Red Star OS - A deep dive into the surveillance features of North Korea's operating system

The bit more detailed view, I'd say

(comment deleted)
Florian Grunow and Niklaus Schiess, Lifting the Fog on Red Star OS - A deep dive into the surveillance features of North Korea's operating system [1]

[1] - https://youtu.be/8LGDM9exlZw

The bit more detailed view, I'd say

Florian Grunow and Niklaus Schiess, Lifting the Fog on Red Star OS - A deep dive into the surveillance features of North Korea's operating system [1]

[1] - https://media.ccc.de/v/32c3-7174-lifting_the_fog_on_red_star... (it's also available on YT which for some reason I couldn't link in this comment - perhaps some anti-spam measurment?)

The bit more detailed view, I'd say

You have two other top-level comments with the same YouTube URL.
That's a solid looking file manager. Finder for Linux!?
Image caption says “KFinder”.
Purely based on the screenshots, I'd say that as UI design, theming and 'chrome' go, I'll take this over my current macOS (Big Sur) any day...
You could just roll back to Snow Leopard
you mention it by name, the best macOS version ever (IMHO.)
Can someone please see the "view source" of this page and tell me if what I'm seeing is malware? I'm seeing a LOT of scary-looking UNIX code (PID, root, IPs etc.)there that doesn't appear on the site, is my computer now compromised?
They're hidden behind expand elements: View the original iptables rules
Nothing to worry about, this is actually on the site. However the output is collapsed by default because it's very long. CTRL+F "View the original iptables rules" and click it, you will see what you saw in the source.
THANKS! I was literally about to format my entire computer and hard-reset my router. I freaked out badly. I really shouldn't be snorting DMT all day like this while browsing. You saved me.
> However the output is collapsed by default because it's very long.

Top poster did not read the article :)

What is UnBangUI?
It's actually UnBangUl (은방울, lit. silver bell) with a lowercase L and a quick search shows that it is a musical score software, possibly a fork of MuseScore.
anyone know how get that miller column KFinder app outside of installing RedStar? Don't actually think anything exists like that for Linux (minus Elementary File Manager)
This looks fantastic! I would migrate a ~hundred PCs to this if it had relevant drivers/fixes and no communist backdoors.

Honestly, I thought it's just a crappy rebrand of some old unpolished version of a major Linux distro, sort of "chinese" in the worst sense of the word. Apparently I was wrong and I'm astonished.