I really miss the feature of CSR devices that allowed keyboard and mouse use before OS boot, and wish any modern Bluetooth receiver was capable of it. Is it a patent issue?
Probably just a "it's hard for little pay-off" issue.
To use a bluetooth keyboard from the stage of "Press F10 to Enter Setup" we need the firmware (whether BT host, mainboard, or something else) to have a full bluetooth stack, some way to manage pairing/unpairing devices, and a bunch of other stuff.
If we do this outside the BT host, we probably need changes to the operating systems at least to handle how we're going to hand-off the state of the bluetooth stack when the OS takes control. Unless we want to _separately_ manage pairing/unpairing in the firmware, we would probably want some way to expose that to the operating system to be able to push its paired devices down.
And then it's probably still not super useful unless we substantially lengthen the prompt time because the time for you to turn the keyboard on, coax it into connecting, and hit the button is gonna probably have the OS booted already.
If you want this today just don't use bluetooth. Get one of the devices that uses "2.4GHz" or uses "Bluetooth + 2.4GHz" and shove a dongle in there. The keyboard/mouse will appear as a normal USB-connected device and you can use them how you want.
> If we do this outside the BT host, we probably need changes to the operating systems at least to handle how we're going to hand-off the state of the bluetooth stack when the OS takes control.
During the CSR hid2hci era, the adapter would just remember the last N pairings, since a sufficiently smart adapter can technically just store the keys used by the host when it tries to pair, then "impersonate" the host during the HCI part.
I don't think the other comments in this thread are at all correct. This is not a hard problem to solve and these comments vastly overcomplicate it.
You need two things:
1) a processor which can present HID devices OR a Bluetooth adapter depending on the presence of
2) a driver which can inform the adapter when it should be in BT mode instead of the default HID and which can configure the firmware to auto-connect to which devices in HID mode.
The first is easy and effecively free. The USB stack is (usually) implemented in firmware which makes it trivial to present as different device classes.
My guess is the problem comes down to drivers. It is difficult and quite expensive to have a custom driver upstreamed to Windows Update. You can't do this without a custom driver or userland software. On the other hand, if you simply present as a generic BT adapter, windows has a generic driver that will (usually) always work and is always installed.
The benefit of this feature is miniscule and there probably is not enough demand to make it worthwhile for CSR to sell their soul to Microsoft to have their driver blessed.
In this day and age, almost nobody ships a custom driver for anything. You just use the generic drivers Windows already has for all standard device types.
In fact, quite recently there was a Show HN showing a "appears-as-USB-HID" Bluetooth adapter: https://news.ycombinator.com/item?id=42125863 . The only thing missing was the hid2hci part.
While I was posting in that thread I also noticed there are a gazillion attempts in github to do something like this, so complicated it is not.
These do essentially exist in dongle form, though you'd need some kind of driver support to get rid of the physical pairing button: https://handheldsci.com/kb/
Mostly it's a cost/ease thing. For the device to work correctly with no OS, the hardware inside has to be powerful enough to run all of the logic itself and it has to be coded up to do that.
If you wait until the OS is up, the device itself can offload a good amount of logic and processing to the device driver.
My bet would be that the main reason is that it's easier to find programmers who can write complex device drivers than it is to find ones who can write complex embedded firmware, and it's quicker/easier in general to write device drivers than firmware.
That and just 99% of people will never notice that it doesn't work outside of the OS, and of the rest, 99% will only be vaguely annoyed but not change brands over that.
While I’m all for physical controls, especially ones that self-adjust to reflect the state of the remote device at all times, I wonder if the author just doesn’t know you can finely adjust volume in iOS control center by force/long pressing and then dragging.
This is a great point! When I'm using AirPlay, that feature is really useful. I'm more often using Spotify Connect though, where I'm limited to either using the physical volume buttons on my phone, the small slider in the desktop app, or the slider that's many clicks in to the Spotify mobile app.
In reality though, this project is more about the fun of it than about it being a really pressing need.
It also works when using Spotify Connect on your iOS device. If you can use your volume buttons to control it you can also adjust it with the slider in the control centre.
That's really helpful to know. At this point though, I'm excited enough to build a volume knob that I'll probably still do it.
edit: After trying this out it a bit, it's definitely an improvement over the small sliders and a huge improvement over the stepped volume changes from the buttons, but I'm still left wishing I could make use of more than ~10% of the slider's full range.
spotify has so many user hostile practices that I am completely mystified why the majority of the population seems to prefer them in a world where youtube music exists.
The only competitor that I've given a fair shot is Apple Music. I'm not thrilled with either. Between those two, Spotify wins solely for Spotify Connect. I much prefer the way it works to AirPlay.
I haven't really tried YouTube Music, but I'll give it a go. I've been meaning to try out Tidal too but haven't yet.
Kidding aside, where exactly does it end? How do you consider when you’ve hit “too much” and how many pieces must be split out when you do? Should every product in the Office suite be offered only individually?
Indeed, a lot of people don't remember but back when spell checking was a new thing, there was genuine concern over whether bundling it with word processors was anticompetitive.
Or if Word and WordPerfect should be sold without spell checkers, and they'd need to interoperate with third party ones.
I find these kinds of rhetorical "where exactly does it end" comments really limp. Life is full of choices where there are grey areas. Lay out a bunch of desirable criteria - like not allowing a single entity to monopolise a market -then pick a starting point and iterate until you get a decent balance between the criteria. Sure it'll be a bit messy, but better than doing exactly nothing after throwing your hands up into the air and whinging about the fact that it's complicated.
I understand your frustration, but it's genuinely not that easy.
You're right that there are a lot of gray areas in the law, where the two sides are clear but there's a blurry line. One famous example being, should Pringles be taxed as potato chips or as other chips? Because they're not fried slices of potatoes, they're a fried and shaped mixture of dried potatoes, corn flour, and rice flour. People think of them as potato chips, but they're not really. But it's still relatively straightforward to just draw a line somewhere.
The problem with antitrust is that we don't really know how to define it at all. It's not just a single dimension like "is it a potato chip?" where there's just a single line. It's more like a blob with lots of dimensions where different reasonable completely just completely disagree on what the basic most important elements even are.
> Sure it'll be a bit messy, but better than doing exactly nothing
That's where you're wrong. Badly applied antitrust law can actually be much worse than doing nothing.
I'm not saying to give up. I'm just saying, it's not nearly as easy as you're making it sound. There are really smart people who research antitrust and try to come up with recommendations, and they have profound disagreements with each other. The problem is actually a lot harder than you seem to think it is.
This seems to cover many common pain points, but I’ve written my fair share of .NET serializers and for anything I build now I’d just use protocol buffers. Robust support, handles versioning pretty well, and works cross platform.
I’d like to know their reasons for making yet another serializer vs just using pb or thrift.
This is a good point. I don't think anyone wakes up wanting to make a new serializer. At this point, I was already pretty deep into making and releasing tools for my game projects so doing this didn't seem like such a stretch (although it actually ended up being one of the hardest things I've ever done).
A lot of small to mid-size games (which are the focus of the tools I provide) want to save data into JSON, whether it is to be mod-friendly or just somewhat human-friendly to the developer while working on the game. Not familiar with Thrift, but PB is obviously for binary data and has a focus on compactness and performance, which isn't the primary concern on my list of priorities for a serialization system. My primary concern for a serialization system is refactor-friendliness. I want to be able to rework type hierarchies without breaking existing save files, or get as close to that as possible.
I suppose you could say I'm only really introducing "half" of a serialization system: the heavy lifting is being split between the introspection generator (for writing metadata at compile time via source generation) and System.Text.Json (which handles a lot of the runtime logic for serializing/deserializing things).
I’m probably a little odd but I wipe my devices before international travel. All my travel documents are printed. If they want to steal a device, I’ll just replace it.
When I arrive safely I restore from backup and nothing is lost except an hour or so.
This is not nearly as odd as it may seem to some people. Many federal agencies and DOE national laboratories use a similar procedure to this by issuing you separate temporary devices while on international travel. That basically requires you to only bring the files that you need if you bring any of them at all.
How do you deal with banking apps, the type where you confirm a credit card transaction? They cannot be restored from backup, need to be setup fresh on every new phone…
Endpoint navigation is not optional for me. I suppose you could pre-login to only those apps, but still, there is nothing that interesting on my phone that I want to spend the energy to wipe, restore, and re-login to a hundred apps.
How is that a big deal? Half the time you'd have to install the local equivalent of those ride hailing services anyways - that is if regular local cabs aren't the preferred way to get around.
I use like 2-3 apps for getting around, depending on country. I don't know what you're doing with hundreds.
1password works just fine with OTP across all my devices.
Using an authentication method tied directly to and dependent on my phone seems extremely risky and short sighted. A phone can be lost, fall out your pocket into a toilet, etc and those are just accidents. They also basically have a max life time of five years. What happens when you buy a new phone?
Does that answer the question? If you have a password and key for 1Password, and keep both your passwords and authentications for accounts behind that password and key, doesn't that defeat multi-factor authentication? Because if the person has access to your account password within 1Password, then they also have access to your account authentication within 1Password.
Factor means something you have, something you know, or something you are. 2 are needed to access 1Password.
Storing everything in 1 app makes the app a single point of failure. Storing everything on 1 device makes the device a single point of failure. Single point of failure and single factor authentication are different.
KeePassXC is a TOTP authenticator and it saves to a file. You can put the file anywhere you like. You can, given the correct master password, open the file again on any device and generate TOTP codes.
i like this. i've wanted to do this. but what might be the "right answer" to an inquisitive border force who ask why you have device(s) that are factory fresh?
I’ve never actually been detained or questioned (but know people who have).
If I were I’d tell them the truth that I feel more vulnerable during the chaos of travel and don’t want any risk that a lost or stolen device could leak anything personal.
Would this satisfy them? No idea. Getting stopped at the border is legitimately a single small concern of many more likely scenarios.
for you or anyone reading this, let me enlighten you. when you are dealing with border police there are a few things that you will come to understand. in practice, these border police answer to absolutely no one. there is no oversight and there are no consequences for them treating you poorly -- in practice. for future commenters please read the following words: "IN PRACTICE." the idea that you would tell them that you feel vulnerable about such and such and they would be understanding about it literally makes me laugh. they couldnt care less about the way you feel or whether or not you are at risk for leaks, theft, humiliation or any other bad outcome. you are less than human to them. this is what its like when there is almost literally zero accountability. if they pull you aside, they have already decided that you are guilty. sometimes they might search you and let you go but they also will just decide that they dont like the look of you and that you arent going to get in. once they pull you aside they can search you, interrogate you, hold you, whatever they want. the idea of there being some human element to this interaction is completely laughable.
pretty much every country runs one of these stockyard style mini police states on their borders now. and everyone puts up with it because of "terrorists." meanwhile, literally millions of undocumented people have streamed over the southern border of the US in recent years and how many terror attacks has that resulted in? well ill be damned, zero! so it turns out when the border police tear up your stuff, treat you like human shit and cost you thousands of dollars in hotel and other reservations because they decided they just didnt like the look of you -- it was literally all for nothing! besides the sadistic pleasure that the border police take in hurting people of course. isnt life just so funny like that? hee hee!
most people dont know because the vast majority of people are never pulled aside. but if 80% of people had the experience of being pulled aside, the same one that people have now, even if they all made it through to their destination... the border police would essentially be abolished back to their pre-9/11 status. its gotten completely out of control.
canada is the worst offender when it comes to this. one time they pulled me aside and one by one i literally explained or swatted down every single one of the officers objections. they werent used to someone who was already familiar with how things work. she tries to pull out a paper and pen and ask me all of my destinations to prove that i couldn't afford the trip. and half way through my meticulous and articulate explanation of my plans and stops it became very obvious that i could afford the trip and the clip board kind of melted away off to the side and she chose something else to nit pick me on. ive had canadian border police literally bark at me, sneering, eyebrows slanted at 45 degrees like i was looking at a cartoon character. they really treat you like you arent even human.
edit: if you give a phone call to the canadian border police, i forget the acronym, the first thing you hear is an automated message that swearing and verbal abuse will not be tolerated. IE they have tons of people who make angry phone calls to them after being put through their sadistic border process. how can they not realize that if they dont want people to be mad, they should treat people like human beings. thats the thing, they way they treat you is completely unnecessary. its not like being rude will foil the terrorist.
The point of saying "I feel more vulnerable during the chaos of travel and don’t want any risk that a lost or stolen device could leak anything personal" is not to generate empathy in the border agent, it's to provide a plausible cover story that will cause minimal fuss. Whether or not they empathise with you is irrelevant.
I truly don't see why you're being downvoted. Much of this is often true and some of it is sometimes true, but none of it is absolutely unbelievable. Speaking specifically of the Canadian border police, from personal experience with being "taken aside", I can vouch for an absolutely arrogant, condescending, shitty attitude of treating you as if you were a suspicious piece of scum for no good reason or justification outside the random bullshit they make up in the spur of the moment when they can find nothing concrete.
It's not a difficult answer—I bring a burner phone with me when traveling internationally because I don't want to run any risk of a thief getting the keys to the kingdom. Sure, I could remote wipe if that happened, but it feels a lot safer to just not have a phone with real data on it at all.
You're not the first person they've detained who didn't want to bring their real phone with them for totally innocent reasons.
this has not happened to me yet, but as a non-US citizen with a green card, if USBP told me "give us the code or you're not admitted" the next time i try to enter US, i'm gonna give them the code
IANAL, but as a green card holder my lawyer told me they cannot deny you entry without an order from an immigration judge (likely if travel was not brief - more than 180 days, or they engaged in illegal activity after leaving the United States as defined in 8 U.S.C. 1101(a)(13)) - you only have to answer questions about your name and status, nothing more - though, obviously it will likely cause delays.
It's similar in Canada; permanent residents and citizens have the legal right to reentry and it can't be denied. But that right applies to you, not anything you are carrying. Play that game and you'll probably lose the device to border security.
Losing the device in such circumstances is definitively the best outcome. There is a shit ton of data that these devices have and the law is so complex that you probably committed a crime somewhere without you realizing it.
Yikes, I don't know about border detentions. The right to representation attaches (generally) at the start of criminal proceedings, pursuant to the 6th Amend. Is a border detention a criminal proceeding? Probably it's just some sort of administrative function and so your rights are certainly much slimmer at this point.
Good choice. The only circumstances where it’s not a big risk to withhold your PIN is when you are a citizen entering your home country. Even then they can turn it into a pretty nasty time for you (as seen by the guy in the article, where they threaten to just keep his stuff).
Depends how much you want to visit the country in question. I will be bummed if I am blocked from visiting EU (I am US citizen) but any other country is kinda irrelevant. If Japan put me on no travel list, I would not care one bit.
There is inconvenience of being deported but frankly risk of giving access to all clouds account to random official is just too high.
There is also risk of them putting you in jail but I am not sure if unblocking phone really mitigate it.
All the deportations I’ve heard of where the person arrived by air, they were jailed until they could be put on a flight back. They only say “you can’t come in, now go away” if you’re crossing a border by land - and plenty of countries are going to refuse to let you walk away even then.
"So that I have the maximum amount of space available for downloading tons of beheading videos over the hotel Wi-Fi when I get to my room in New York."
More seriously, I would say that the wiped phone has a minimal amount of data in it, which has the advantage that if it is has to be searched, the search time will be minimized.
A good solution while it remains legal and backups remain unreachable authorities.
Are they unreachable? How sure are you? Aren’t you just raising suspicion and acting like a criminal by walking around with wiped devices at International borders? Seems suspicious.
How is it suspicious? Buying a burner phone is one of the most common pieces of advice you'll see for traveling internationally [0]. This wiping strategy is just one small step from that, especially if OP doesn't have a current-year flagship smartphone.
For most people border patrol is not the biggest threat they face when traveling internationally, and OP's steps are very reasonable ones to take against all manner of non-state-sanctioned thefts.
> Generally seen by whom? Do you have a citation for this claim?
By border security. Citation is having worked with ITAR materials in the past, and thus having been required by law to carry clean devices. I had a letter saying my blank phone and laptop were normal. (Only had to use it once, because I was only asked to unlock once.)
> hard time imagining how one would go about telling the difference unless it's a current year flagship smartphone
Any expensive device that doesn't appear to have been purchased for that trip that has zero communications, contacts or other items border security might be curious about will raise eyebrows.
Side note: I still recommend wiping devices and restoring on the other side. But that's quite different from this being best practice. Buying a burner phone is, though that's less and less feasible as we integrate smartphones into our lives.
I thought it was obvious that this is what I was referring to. It’s interesting that people don’t see how traveling with wiped devices sends red flags.
I wipe and restore.
But I have been questioned twice about whether I plan to sell the devices (they didn’t believe me in either case) and one rather unkind border professional I am pretty sure took me in for further questioning because of the blank phone.
READ COMMITTED is great for applications that need a coherent snapshot of the database but not necessarily the absolutely most recent data, which in my experience is actually most apps.
It allows readers to see valid data (relationships are correct), while not blocking writers. It can be the difference between constant deadlocks and super-high throughput without lock contention.
svchost.exe is literally what the name implies. It's a generic service host. You pass it a dll and an entrypoint (via command line arguments and registry keys) and it runs it.
You should look at which thing it's actually running to see what's using all your CPU.
I went to help desk cuz I was being lazy, but Help desk was unfortunately kind of useless. They just wanted to reimage my machine and I haven’t had the time to go that route yet. I’m always busy. I did a bit of investigating with ProcMon recently but I really need to spend more time on it. As always, it comes down to time with these things.
These articles were great by the way! I’ve never gotten significantly down and dirty in svchost, so these were a treat to read. I much appreciate the effort in your response. Have a pleasant day!
Obviously not? Where are you living where even if fiber is available in your city, it’s not just a small section you’d need to deliberately account for in your selection of housing?
Minneapolis has a private fiber ISP, my brother is in Madison and they too have private fiber available widely. I was under the impression there had been a lot of fiber deployment in cities in the past five years.
US Internet (private fiber ISP in the Twin Cities) is an anomaly, not the norm. Minneapolis is incredibly lucky to have a local, private ISP that offers fiber to the home at up to 10 gigabit/s. The only other ISPs in the US that I know offer similar services are either municipal ISPs, co-ops, or Google Fiber.
Cincinnati, Ohio has Altafiber (formerly Cincinnati Bell) that offers 2gbps down 1gbps up for $80/mo. I have it and it’s amazing.
Cincinnati Bell was early to roll out DSL too. Went to college here in the late 90s and had a mind blowing 768kbps. I could watch RealVideo at 640x480!
The Midwest absolutely has seen a lot of fiber going in the ground with federal money the past couple years and Metronet has expanded pretty aggressively.
