Modern cars have fancy infotainment setups, big screens and all sorts of computers with networked functionality built-in. Part of that fanciness is increasingly often a curl install. curl is a part of the standard GenIVI and Tizen offers for cars and is used in lots of other independent software installs too.
This usually affects my every day very little. Sure I’m thrilled over hundreds of millions of more curl installations in the world but the companies that ship them don’t normally contact me and curl is a really stable product by now so not a lot of them speak up on the issue trackers or mailing lists either (or if they do, they don’t tell us where they come from or what they’re working on).
The main effect is that normal end users find my email address via the curl license text in products in cars to a higher degree. They usually find it in the about window or an open source license listing or similar. Often I suspect my email address is just about the only address listed.
This occasionally makes desperate users who have tried everything to eventually reach out to me. They can’t fix their problem but since my email exists in their car, surely I can!
Here are three of my favorite samples that I saved.
Hello sir
I have Avalon 2016
Regarding the audio player, why there delay between audio and video when connect throw Bluetooth and how to fix it.
Hello,I am using in a new Ford Mondeo the navigation system with SD Card FM5T-19H449-FC Europe F4.I can read the card but not write on it. I want to add to the card some POI's. Can you help me to do it?
Hello
I have toyota corola with multimedya system that you have its copyright.
I need a advice to know how to use the gps .
Now i cant use or see maps.
And i want to know how to add hebrew leng.
I’m sad to say that I rarely respond at all. I can’t help them and I’ve learned over the years that just trying to explain how I have nothing to do with the product they’re using is often just too time consuming and energy draining to be worth it. I hope these people found the answers to the problems via other means.
The hacker news discussions on this post took off. I just want to emphasize that this post is not a complaint. I’m not whining over this. I’m just showing some interesting side-effects of my email in the license text. I actually find these emails interesting, sometimes charming and they help me connect to the reality many people experience out there.
https://daniel.haxx.se/blog/2016/11/14/i-have-toyota-corola/
Lately, I’ve been thinking about what a new embedding strategy for Mozilla might look like. Mozilla has a great deal of history with embedding, and Gecko has long been (and still is) used in a variety of products besides Firefox. But lately the organization hasn’t prioritized embedding, and the options for it have dwindled.
Nevertheless, embedding still matters for Mozilla’s primary rendering engine, including the recently-announced Quantum, because it provides the “web compatibility defense” of expanded and diverse market share.
The more the engine is used in the world, and the more familiar web developers are with it, the more they’ll consider it (and web compatibility generally) when designing and building web applications.
Embedding also matters because users of web software (like a web browser) benefit from a fast and secure rendering engine with a user-friendly feature set, whether or not that software is provided by Mozilla.
Mozilla can mediate the Web most directly with Firefox itself, but it’ll never be the only provider of web software, and it can extend its influence (albeit with less control over the experience) by enabling other developers to reuse its engine in their products.
Finally, embedding matters because open source software components benefit from reuse, which increases project participation (bug reports and fixes, ports, market research data, etc.) and improves those components for all their consumers, including their primary/original ones.
“This technology could fall into the right hands.”
Over the next few weeks, I’ll blog more about the kinds of use cases an embedding strategy might address, and the kinds of projects that might satisfy those use cases.
Note that this is my personal blog (although I’m a Mozilla employee), and nothing here should be construed to represent official Mozilla plans and priorities.
I’ve been experimenting with syndicating my blog posts to Medium. While I appreciate the syndicated, webby nature of the blogosphere, Medium has an appealing sense of place. It reminds me of the old Open Salon. And I’m curious how my posts will play there.
If you’re curious too, this post should link to its Medium equivalent—at least if you’re reading it on my blog, rather than Planet or another syndicator. Otherwise, you can find my posts and follow me on my Medium profile.
Intel's Hardware Lock Elision feature lets you annotate instructions with prefixes to indicate that they perform lock/unlock operations. The CPU then turns those into hardware memory transactions so that the instructions in the locked region are performed speculatively and only committed at the unlock. The difference between HLE and the more capable RTM transactional memory support is that HLE is supposed to be fully transparent. The prefixes are ignored on non-HLE-supporting CPUs so you can just add them to your code and things will hopefully get faster --- no CPUID checks are necessary. Unfortunately, by default, Intel's hardware performance counters count events in aborted transactions, even though they didn't really happen in terms of user-space effects. Thus when rr records a program that uses HLE, our conditional branch counter may report a value higher than the number of conditional branches that "really" executed, and this breaks rr. (FWIW we discovered this problem when Emilio was using rr to debug intermittent failures in Servo using the latest version of the Rust parking_lot crate.)
For RTM we have some short-term hacks to disable RTM usage in glibc, and the medium-term solution is to use "CPUID faulting" to trap CPUID and modify the feature bits to pretend RTM is not supported. This approach doesn't work for HLE because there is no need to check CPUID before using it.
Fortunately Intel provides an IN_TXCP flag that you can set on a hardware performance counter to indicate that it should not count events in aborted transactions. This is exactly what we need. However, for replay we need to be able to program the PMU to send an interrupt after a certain number of events have occurred, and the Linux kernel prevents us from doing that for IN_TXCP counters. Apparently that's because if you request an interrupt after a small number of events and then execute an HLE transaction that generates more than that number of events, the CPU will detect the overflow, abort the transaction, roll the counter back to its pre-transaction value, then the kernel notices there wasn't really an overflow, restarts the transaction, and you're in an infinite loop.
The solution to our dilemma is to use two counters to count conditional branches. One counter is used to generate interrupts, and it is allowed to count events in aborted transactions. Another counter uses IN_TXCP to avoid counting events in aborted transactions, and we use this counter only for measurement, never for generating interrupts. This setup works well. It means that during replay our interrupt might fire early, because the interrupt counter counted events in aborted transactions, but that's OK because we already have a mechanism to carefully step forward to the correct stopping point.
There is one more wrinkle. While testing this new approach I noticed that there are some cases where the IN_TXCP counter reports spurious events. This is obviously a nasty little bug in the hardware, or possibly the kernel. On my system you can reproduce it just by running perf stat -e r5101c4 -e r2005101c4 ls --- the second event is just the IN_TXCP version of the first event (retired conditional branches), so should always report counts less than or equal to the first event, but I get results like
Performance counter stats for 'ls':I have a much simpler testcase than ls which I'll try to get someone at Intel to look at. For now, we're working around it in rr by using the results of the regular counter when the IN_TXCP counter's value is larger. This should work as long as an IN_TXCP overcount doesn't occur in an execution sequence that also uses HLE, and both of those are hopefully rare.
1,994,374 r5101c4
1,994,382 r2005101c4
http://robert.ocallahan.org/2016/11/handling-hardware-lock-elision-in-rr.html
This post is the (long awaited, or at least long promised) third post in my series on Rayon’s parallel iterators. The previous two posts were some time ago, but I’ve been feeling inspired to push more on Rayon lately, and I remembered that I had never finished this blog post series.
Here is a list of the other posts in the series. If you haven’t read them, or don’t remember them, you will want to do so before reading this one:
This third post will introduce parallel consumers. Parallel
consumers are the dual to a parallel producer: they abstract out the
parallel algorithm. We’ll use this to extend beyond the sum() action
and cover how we can implementation a collect() operation that
efficiently builds up a big vector of data.
(Note: originally, I had intended this third post to cover how
combinators like filter() and flat_map() work. These combinators
are special because they produce a variable number of
elements. However, in writing this post, it became clear that it would
be better to first introduce consumers, and then cover how to extend
them to support filter() and flat_map().)
In this post, we’ll cover two examples. The first will be the running example from the previous two posts, a dot-product iterator chain:
vec1.par_iter()
.zip(vec2.par_iter())
.map(|(i, j)| i * j)
.sum()
After that, we’ll look at a slight variation, where instead of summing up the partial products, we collect them into a vector:
let c: Vec<_> =
vec1.par_iter()
.zip(vec2.par_iter())
.map(|(i, j)| i * j)
.collect(); // <-- only thing different
In the second post, I introduced the basics of how parallel
iterators work. The key idea was the Producer trait, which is a
variant on iterators that is amenable to “divide-and-conquer”
parallelization:
trait Producer: IntoIterator {
// Divide into two producers, one of which produces data
// with indices `0..index` and the other with indices `index..`.
fn split_at(self, index: usize) -> (Self, Self);
}
Unlike normal iterators, which only support extracting one element at
a time, a parallel producer can be split into two – and this can
happen again and again. At some point, when you think you’ve got small
enough pieces, you can convert it into an iterator (you see it extends
IntoIterator) and work sequentially.
To see this in action, let’s revisit the sum_producer() function
that
On November 8th, my chosen home has elected a racist, sexist, nativist, know-nothing, don’t care to know anything, narcissistic buffoon for president. During his campaign, Trump has made many outrageous statements and promises that are completely idiotic. I won’t bore you with trying to enumerate them. I am horrified and appalled that this orange circus peanut is our next president. I want to do more than just be upset about it, and I decided I’ll start with talking about it.
First to my fellow liberal citizens: please stop vilifying people who voted for Trump. They are not the problem and they are predominantly not like him. The world is globalizing and changing quickly, causing uncertainty and fear for many. That doesn’t make them bad people. In fact, they are the only people who can save us from Trump whenever the next election comes around. We need to embrace them, engage them, and try to convince them that there is a better way than Trump’s way.
Second, I would like to address my fellow citizens who voted Trump: You want change. I get that. I want change too. I agree with much of your resentment of Washington. I even agree that Hillary was a really uninspiring candidate (though I do think she would have made an ok president). The problem is that the guy you voted for is not going to change things for the better for you. Don’t believe me. Just believe him. Trump has a lifetime history of exploiting the weak and poor to enrich himself. He has bragged in the past how he exploits his influence to bend the law for profit, and how he exploits his fame to assault and degrade women. Stop justifying his behavior and stop pretending he’ll be any better as president than he has been as non-president for 70 years. Best case he’ll be just as bad as he was so far in his life. Worst case, he’ll be worse, and we’ll all pay the price.
I believe in Democracy. Trump is our president-elect. He’ll assume the office of the president on January 20, and all indications so far point towards a pretty disastrous presidency. It won’t be the end of the world as we know it, but it’s clear he meant every vile word he said as a candidate. He just confirmed he wants to “deport 2-3 million illegal immigrants” immediately. Thats almost 1% of the US population. And while he claims we’ll only deport criminals, just pause for a moment and think about the scale of this. He’ll go ahead and deport 3,000,000 individuals. Yes, that’s 6 zeroes. If we pack 30 people into a bus, thats 100,000 bus trips. And if we want to uphold our constitution and due process, judges we’ll have to order 3 MILLION TIMES to deport someone. The scale of this operation is absurd, and even if we get it right 99% of the time, we’ll end up deporting tens of thousands of U.S. citizens who don’t speak English well, or didn’t hire the right lawyer to defend them, or didn’t have the right paperwork, just as Operation Wetback did in the dark past.
Of course if you ask Donald Trump, he’ll tell you none of this will be the case, because he knows how to do all of this and it’ll be terrific and great. And this is the biggest problem with Donald Trump. He just isn’t that bright apparently, and pretty much believes in magic. Narcissists often do. Trump believes he is infallible, he believes he knows everything better, and he habitually ignores reality and facts. Unfortunately thats not how the real world works, and if you let someone like that steer the country, the consequences will be very real and very painful for a lot of people.
There is a a very high chance that we’ll have to resist Donald Trump. And I don’t mean in a violent sense. We are Americans. We cherish our democracy. So let’s stop talking about revolution. Donald Trump will have to be opposed peacefully and forcefully and legally, by convincing the majority of this country that Donald Trump’s way is not the American way. And, quite frankly, it’ll likely come down to all of us individually. I have very little faith in the GOP being able to stand up to Donald Trump’s authoritarian impulses. The GOP is Trump’s party now. Many in the GOP who seem like reasonable human beings have embraced Trump because they simply don’t have the backbone to oppose someone like Donald Trump. Paul Ryan is the best example of this. He has folded to Trump’s language and agenda time and time again. So don’t get your hopes up if Ryan says there won’t be a deportation force. Trump will ratchet up his aggressive language, and Ryan will fall in line. This has happened too many times before to hope it’ll change.
So its on
Some personal observations about the terrorist atrocities around the world based on evidence from Wikipedia and other sources
The year 2015 saw a series of distressing terrorist attacks in France. 2015 was also the 30th anniversary of the French Government's bombing of a civilian ship at port in New Zealand, murdering a photographer who was on board at the time. This horrendous crime has been chronicled in various movies including The Rainbow Warrior Conspiracy (1989) and The Rainbow Warrior (1993).
The Paris attacks are a source of great anxiety for the people of France but they are also an attack on Europe and all civilized humanity as well. Rather than using them to channel more anger towards Muslims and Arabs with another extended (yet ineffective) state of emergency, isn't it about time that France moved on from the evils of its colonial past and "drains the swamp" where unrepentant villains are thriving in its security services?

Francois Hollande and S'egol`ene Royal. Royal's brother G'erard Royal allegedly planted the bomb in the terrorist mission to New Zealand. It is ironic that Royal is now Minister for Ecology while her brother sank the Greenpeace flagship. If Francois and S'egol`ene had married (they have four children together), would G'erard be the president's brother-in-law or terrorist-in-law?
The question has to be asked: if it looks like terrorism, if it smells like terrorism, if the victim of that French Government attrocity is as dead as the victims of Islamic militants littered across the floor of the Bataclan, shouldn't it also be considered an act of terrorism?
If it was not an act of terrorism, then what is it that makes it differ? Why do French officials refer to it as nothing more than "a serious error", the term used by Prime Minister Manuel Valls during a recent visit to New Zealand in 2016? Was it that the French officials felt it was necessary for Libert'e, 'egalit'e, fraternit'e? Or is it just a limitation of the English language that we only have one word for terrorism, while French officials have a different word for such acts carried out by those who serve their flag?
If the French government are sincere in their apology, why have they avoided releasing key facts about the atrocity, like who thought up this plot and who gave the orders? Did the soldiers involved volunteer for a mission with the code name Op'eration Satanique, or did any other members of their unit quit rather than have such a horrendous crime on their conscience? What does that say about the people who carried out the orders?
If somebody apprehended one of these rogue employees of the French Government today, would they be rewarded with France's highest honour, like those tourists who recently apprehended an Islamic terrorist on a high-speed train?
If terrorism is such an absolute evil, why was it so easy for the officials involved to progress with their careers? Would an ex-member of an Islamic terrorist group be able to subsequently obtain US residence and employment as easily as the French terror squad's commander Louis-Pierre Dillais?
When you consider the comments made by Donald Trump recently, the threats of violence and physical aggression against just about anybody he doesn't agree with, is this the type of diplomacy that the US will practice under his rule commencing in 2017? Are people like this motivated by a genuine concern for peace and security, or are these simply criminal acts of vengence backed by political leaders with the maturity of schoolyard bullies?
https://danielpocock.com/are-all-victims-of-french-terrorism-equal
Meanwhile, I still don't have a good understanding of what's wrong with Amazon Music (still works great in 38.10), nor the issue with some users being unable to make changes to their default search engine stick. This is the problem with a single developer, folks: what I can't replicate I can't repair. I have a couple other theories in that thread for people to respond to.
Next up will be actually ripping some code out for a change. I'm planning to completely eviscerate telemetry support since we have no infrastructure to manage it and it's wasted code, as well as retina Mac support, since no retina Mac can run 10.6. I don't anticipate these being major speed boosts but they'll help and they'll make the browser smaller. Since we don't have to maintain good compatibility with Mozilla source code anymore I have some additional freedom to do bigger surgeries like these. I'll also make a first cut at the non-volatile portion of IonPower-NVLE by making floating point registers in play non-volatile (except for the volatiles like f1 that the ABI requires to be live also); again, not a big boost, but it will definitely reduce stack pressure and should improve the performance of ABI-compliant calls. User agent switching and possibly some more AltiVec VP9 work are also on the table, but may not make 45.6.
The other thing that needs to be done is restoring our ability to do performance analysis because Shark and Sample on 10.4 freak out trying to resolve symbols from these much more recent gcc builds. The solution would seem to be a way to get program counter samples without resolving them, and then give that to a tool like addr2line or even gdb7 itself to do the symbol resolution instead, but I can't find a way to make either Shark or Sample not resolve symbols. Right now I'm disassembling /usr/bin/sample (since Apple apparently doesn't offer the source code for it) to see how it gets those samples and it seems to reference a mysterious NSSampler in the CHUD VM tools private framework. Magic Hat can dump the class but the trick is how to work with it and which selectors it will allow. More on that later.
http://tenfourfox.blogspot.com/2016/11/4550-final-available.html
In the most recent Heartbeat, I consulted with Mozilla’s Diversity & Inclusion lead Larissa Shapiro, and others championing the discussion , about a strategy for D&I in Participation. I’m really excited and passionate about this work, and even though this is very, very early (this is only a plan for a strategy), I wanted to share now for the opportunity of gathering the most feedback.
Note: I’m using screenshots from a presentation, but have included the actual text in image alt-tags for accessibility.
Right now the proposed ‘Plan for a Strategy’ as three phases:
Designing a strategy for D&I will have some unique challenges. We know this. To get started we need to understand where we are now, who we are, why we are as we are — and what attitudes and practices exist that enhance, or restrict our ability to effectively bring in, and sustain the participation of diverse groups.
The first phase is all about gaining insights into these and other important questions through focus groups, interviews and – and existing data.
Insight gathering and research will be focused in these key areas:
By Phase 2 – we’ll have formed a number of important hypothesis for influencing D&I in investment areas aligned with Mozilla’s overall D&I strategy. Investment areas are currently proposed to be:
Experimentation is critical to developing a D&I Strategy for Participation. And although it’s identified here as a single ‘phase’, I envision experimentation, learning and iterating on what we learn – to be THE process of building a diverse and inclusive Participation at Mozilla.
Draft 18 of the TLS version 1.3 spec was publi
shed at the end of October 2016.
Already now, both Firefox and Chrome have test versions out with TLS 1.3 enabled. Firefox 52 will have it by default, and while Chrome will ship it, I couldn’t figure out exactly when we can expect it to be there by default.
Over the last few days we’ve merged TLS 1.3 support to curl, primarily in this commit by Kamil Dudka. Both the command line tool and libcurl will negotiate TLS 1.3 in the next version (7.52.0 – planned release date at the end of December 2016) if built with a TLS library that supports it and told to do it by the user.
The two current TLS libraries that will speak TLS 1.3 when built with curl right now is NSS and BoringSSL. The plan is to gradually adjust curl over time as the other libraries start to support 1.3 as well. As always we will appreciate your help in making this happen!
Right now, there’s also the minor flux in that servers and clients may end up running implementations of different draft versions of the TLS spec which contributes to a layer of extra fun!
Three TLS current 1.3 test servers to play with: https://enabled.tls13.com/ , https://www.allizom.org/ and https://tls13.crypto.mozilla.org/. I doubt any of these will give you any guarantees of functionality.
TLS 1.3 offers a few new features that allow clients such as curl to do subsequent TLS connections much faster, with only 1 or even 0 RTTs, but curl has no code for any of those features yet.
[ïîêàçàòü]With the release of Firefox 50, we are pleased to welcome the 43 developers who contributed their first code change to Firefox in this release, 32 of whom were brand new volunteers! Please join us in thanking each of these diligent and enthusiastic individuals, and take a look at their contributions:
The original plan at the first evening of this year’s Oredev was for me to interview Peter Sunde about the history of Pirate Bay as covered in his SmashingConf Barcelona “Technology Is Neither Good Nor Bad — You Are” talk.
As Peter couldn’t come and the massive news of the US or the voting system choosing Donald Trump as the president I quickly changed my plans. Instead, I wrote a talk explaining the very random way I got to become a professional developer and that it is our duty as privileged people now to share our knowledge with those not as lucky.
After the talk I invited a very distraught Rob Conery, author of The Imposter’s Handbook to help share some cheerful and amusing anectodes in his history. We ended up with some actionable ideas how to learn more and not listen to the inner voice that keeps telling us we’re not good enough.
Here’s the video of the hour of information on Vimeo:
The slides of the talk are on Slideshare.
Here are some of the points of the slides:
Things I learned
Hello View Source
Here is where we come in.
Getting started has never been easier…
You’re building on existing solutions…
One main thing i learned in my whole career…
Use your frustration, your anger and your deviousness for good…
The web is the most versatile and non-elite platform. Go and make your mark!
I’ve created an example repository for how you might set up tools to help development of a WebExtension. Whilst there are others around, I’ve not heard of one that includes examples of tools for testing and auditing your extension.
It is based on various ideas from projects I’ve been working alongside recently.
The repository is intended to either be used as a starting point for constructing a new WebExtension, or you can take the various components and integrate them into your own repository.
It is based around node/npm and the web-ext command line tool to keep it simple as possible. In addition it contains setup for:
All of these are also run automatically on landing or pull request via Travis Ci with Coveralls providing code coverage reports.
Finally, there’s a tool enabled on the repository for helping to keep modules up to date.
If you find it helpful, let me know in the comment section. Please raise any issues that you find, or submit pull requests, I welcome either.
Richard Dawkins wants New Zealand to invite Trump/Brexit-refugee scientists to move here to create "the Athens of the modern world".
I appreciate the compliment he pays my country (though, to be honest, I don't know why he singled us out). I would be delighted to see that vision happen, but in reality it's not going to. Every US election the rhetoric ratchets up and people promise to move here, but very very few of them follow through. Even Dawkins acknowledges it's a pipe-dream. This particular dream is inconceivable because "the Athens of the modern world" would need a gigantic amount of steady government funding for research, and that's not going to happen here.
To be honest it's a little bit frustrating to keep hearing people talk about moving to New Zealand without following through ... it feels like being treated more as a rhetorical device than a real place and people. That said, I personally would be delighted to welcome any science/technology people who really want to move here, and New Zealand's immigration system makes that relatively easy. I'd be especially delighted for Richard Dawkins to follow his own lead.
http://robert.ocallahan.org/2016/11/richard-dawkins-wants-new-zealand-to.html
Greetings, SUMO Nation!
How have you been? Many changes around and we haven’t been slacking either – we are getting closer to the soft launch of the new community platform (happening next week), so be there when it happens :-) More details below…
If you just joined us, don’t hesitate – come over and say “hi” in the forums!
We salute you!