I mostly agree, though it generally feels safer to hand your CC details over to a reputable vendor like amazon than some anonymous author selling a book on the internet using who knows what means to store your personal information. And who knows if Joe Author is storing your payment details securely or not. Or whether it is just some author's nephew who knows how to install some web script on shared hosting.
Sure you can call the CC company and get the payment reversed, but it is more hassle than not having to do it.
1. As mentioned elsewhere, perhaps the time on the road is far greater than the average vehicle, thus the accident rate per mile actually being lower 2. The vehicles somehow stand out and represent a distraction to drivers who are curious and straining to get a look at the driverless vehicle 3. The autonomous vehicles behave safely but do not necessarily follow the typical patterns that other drivers expect thus indirectly causing the accidents (though not directly at fault).
Number 3 might be cause for concern and further research. Not sure what you do about 1 and 2.
Well, there are standards, and those standards are set out in the rules. If you look at http://static.nfl.com/static/c... you'll see that the ball has to be inflated to 12.5-13.5 psi, has to be from a specific manufacturer, and has to have specific dimensions.
There seems to be a lot of leeway as to how the ball is 'worn'. But both teams have the same leeway and the starting point is clearly defined.
So I don't think it's unreasonable. I think in any league there is some sort of an agreement as to what the standards are for equipment (whether that is equipment such as playing objects, field layout, or clothing). In baseball, for example, teams have choice as to how they build their stadiums, how high the walls are, etc etc. But the bases have to be in a specific layout. All teams are free to compete within these parameters.
That's actually an interesting article. One of the questions I've had throughout the process is why it was such a big deal considering that the opposing quarterback would have had the same advantage. This explains it - each team uses their own balls.
That being said, the cited rule change doesn't really have any impact on this situation and it seems a bit disingenuous to suggest that something underhanded was at play: "All the quarterbacks started communicating, and it was something everyone felt strongly about. It's been terrific as far as I'm concerned." "Jeff Fisher, the Tennessee Titans coach and co-chairman of the competition committee, said there wasn't any resistance to the rule, so it was easily passed."
Before the rule change, the home team would have supplied all the balls. After the rule change, the home team would have only supplied their own balls (which perhaps is why New England had an advantage - the other team would not have been using the same deflated balls).
All that being said, presumably the NFL will now check ball pressure a bit more during the game to ensure everything is copacetic.
Well, except that Penny Arcade isn't being sued. The poster is being sued. It is possible that the poster actually can be sued because if the poster was a member and had signed a contract saying that the information would not be shared, then the member violated the agreement.
Given that Slashdot presumably has no such agreement and you also have no such agreement, no lawsuit for you!
Not to say the whole thing isn't ridiculous. *I* certainly wouldn't want to be the lawyer who has to serve up a lawsuit over somebody outing the secret handshake and have to do it with a straight face.
November 2011: Somebody posts anonymously on PennyArcade about Phi Sigma Sigma rituals Late 2012: Phi Sigma Sigma discovers the post about rituals 2013: Nothing happened 2014: Nothing happened 2015: Phi Sigma Sigma attempts to file lawsuit
So now, we have somebody who made a post to an online forum almost four years ago, under an account that has exactly one post, and has not been active since November 2011, faced with a potential lawsuit. That's assuming that there is enough data to actually identify who the member is. And assuming that the user who posted is actually a former member and not somebody else who learned about the 'sacred secrets' some other way.
Considering it is a breach of contract suit, I'd be interested to see what the actual contract looks like.
We're not talking about logical extremes, we're talking about the set of reasonable values for typical broadband connections. Of course a one minute latency is going to suck (though it might still be tolerable if you had no other options and just wanted to watch a movie), but broadband connections are going to generally have a latency of at most 100ms.
Latency is generally not important at all for Netflix. For Skype or video chatting, maybe, but with Netflix, you can have 5 second ping and still have a good video watching experience.
Not defending jQuery, but I think the VanillaJS page over simplifies things and it's examples are not quite equal, and seem to tout themselves as far better, when in fact, there is a lot of complexity that something like jQuery hides.
Examples: 1. AJAX - sure, you can memorize the special incantation of r.onreadystatechange and remember that you have to check if readyState is 4 (4? wtf?) and status isn't 200. Except in the little excerpt there there is no error handling, and you basically end up with an unresponsive page with anything except the happy path. 2. Fadeout - sure, you can do the same thing in approximately the same number of characters, but the vanilla example is far more difficult to read and interpret. 3. Selector speed - sure, it might be a lot faster to do getElementById or getElementByTagName, but again, you sacrifice a lot of readability and without good tools it is really cumbersome to write.
If performance is an issue, perhaps a different, Javascript compiler is the solution. But to suggest that everybody should hand code everything in native JS instead of using the more convenient syntax that a library provides is ridiculous.
I'm trying to understand the use of the word 'moments'. It seems the article, which is clearly biased in favour of the security researcher, is trying to downplay the actual event. It is hard to really grasp exactly what happened here because the amount of time that the posting was live is not specifically mentioned. Generally, I would assume moments is about 10-15 seconds or less. However the following happened in those 'moments':
1. The issue was published
2. Somebody realized it was published in error (there is no indication of who)
3. Groupon somehow found out about this being posted
4. The article was removed
So you can give the benefit of the doubt and assume it was an accident. But as a security research you have to realize that making this sort of mistake can have serious repercussions. If Groupon somehow discovered it had been published, it isn't that unreasonable to assume that others had as well.
This. Toyota doesn't want to be responsible if some third party garage or vehicle owner hacks the braking software and causes a car not to stop at a stop light resulting in a multi-car pile up.
Change the brakes, struts, suspension, transmission etc etc - fine. Hack the software to make it perform some trick? No thanks.
Take the simple example of vehicles with in-dash displays. By law if you have a DVD player manufacturers are not allowed to have the video show unless the car is in park (or maybe the engine is off?). There are guides around to modify this behaviour so that you can watch the DVD while the car is driving.
Sounds harmless enough. Suppose this has an effect on the number of fatal injuries in that particular brand of car (hypothetically speaking).
Now all of a sudden, brand X has been damaged because the stats only show that drivers of brand X vehicle are more likely to die in a car accident. There is no way to pick apart those statistics to understand that it was due to a vehicle modification.
Once you get into more critical components the effect would likely be more pronounced.
You shouldn't really have to care about whether or not the cloud provider is going to go out of business or not. We're talking about backups (i.e. a *second* copy of your data). All that is really important is that it is easy enough to add another provider to the system in the event the first one does happen to go bad.
Thus the only thing you really have to protect against is the cloud provider going out of business without warning and your local copy of the data getting destroyed before you have a chance to make a new replica.
A while back our children discovered videos that are so called unboxing videos. It is unclear to me what the exact revenue source is, but there are videos that are nothing but a set of hands opening surprise eggs for an hour (not an exaggeration - we're talking about a literal hour long video of hands opening up a big pile of surprise eggs, and there are many like it). Now, is this disturbing? Yes, absolutely. What is even more disturbing is that the advertisement has become the content.
That being said, I think the fact that many of these videos have 1 million plus views indicates that parents are ok with their children watching this.
I think the moral of the story is that if you don't want your children watching ads, then don't let them watch youtube, or at least careful curate for them.
What are the stats/predictions these days as to how long a flash drive will last? If you had a quality flash drive you could stick it in the time capsule along with netbook or some other small sized player. It doesn't seem that unreasonable for our grid to still be on 120V in 100 years.
In the US it generally doesn't cost either party any money once you pay the flat monthly rate for the telephone line, which can be had for pretty cheap.
So it's a tradeoff, really - it is nice to be able to make calls across the country without thinking about the cost. On the other hand, it lowers the bar for telemarketers.
http://www.r-project.org/ also states that "R is a language and environment for statistical computing and graphics. It is a GNU project which is similar to the S language and environment which was developed at Bell Laboratories (formerly AT&T, now Lucent Technologies) by John Chambers and colleagues." So obviously the GNU project itself doesn't do a lot of actual development, though I would expect that they provide some administrative support in some form (perhaps in similar manner that the FSF does for many open source projects).
Slashdot Mirror
I mostly agree, though it generally feels safer to hand your CC details over to a reputable vendor like amazon than some anonymous author selling a book on the internet using who knows what means to store your personal information. And who knows if Joe Author is storing your payment details securely or not. Or whether it is just some author's nephew who knows how to install some web script on shared hosting.
Sure you can call the CC company and get the payment reversed, but it is more hassle than not having to do it.
Short term, perhaps not. Longer term, it could result in a drop in subscribers if people continue to find more on HBO now and less on Netflix.
It isn't just the $100. He would also be giving up his ability to look down on all us smartphone owning folk that have just thrown our money away.
The thieves sell the gift card on an auction site to people who will use the gift card to buy coffee.
Except the part where the sperm whales live.
A few possible explanations:
1. As mentioned elsewhere, perhaps the time on the road is far greater than the average vehicle, thus the accident rate per mile actually being lower
2. The vehicles somehow stand out and represent a distraction to drivers who are curious and straining to get a look at the driverless vehicle
3. The autonomous vehicles behave safely but do not necessarily follow the typical patterns that other drivers expect thus indirectly causing the accidents (though not directly at fault).
Number 3 might be cause for concern and further research. Not sure what you do about 1 and 2.
Well, there are standards, and those standards are set out in the rules. If you look at http://static.nfl.com/static/c... you'll see that the ball has to be inflated to 12.5-13.5 psi, has to be from a specific manufacturer, and has to have specific dimensions.
There seems to be a lot of leeway as to how the ball is 'worn'. But both teams have the same leeway and the starting point is clearly defined.
So I don't think it's unreasonable. I think in any league there is some sort of an agreement as to what the standards are for equipment (whether that is equipment such as playing objects, field layout, or clothing). In baseball, for example, teams have choice as to how they build their stadiums, how high the walls are, etc etc. But the bases have to be in a specific layout. All teams are free to compete within these parameters.
That's actually an interesting article. One of the questions I've had throughout the process is why it was such a big deal considering that the opposing quarterback would have had the same advantage. This explains it - each team uses their own balls.
That being said, the cited rule change doesn't really have any impact on this situation and it seems a bit disingenuous to suggest that something underhanded was at play: "All the quarterbacks started communicating, and it was something everyone felt strongly about. It's been terrific as far as I'm concerned." "Jeff Fisher, the Tennessee Titans coach and co-chairman of the competition committee, said there wasn't any resistance to the rule, so it was easily passed."
Before the rule change, the home team would have supplied all the balls. After the rule change, the home team would have only supplied their own balls (which perhaps is why New England had an advantage - the other team would not have been using the same deflated balls).
All that being said, presumably the NFL will now check ball pressure a bit more during the game to ensure everything is copacetic.
Well, except that Penny Arcade isn't being sued. The poster is being sued. It is possible that the poster actually can be sued because if the poster was a member and had signed a contract saying that the information would not be shared, then the member violated the agreement.
Given that Slashdot presumably has no such agreement and you also have no such agreement, no lawsuit for you!
Not to say the whole thing isn't ridiculous. *I* certainly wouldn't want to be the lawyer who has to serve up a lawsuit over somebody outing the secret handshake and have to do it with a straight face.
November 2011: Somebody posts anonymously on PennyArcade about Phi Sigma Sigma rituals
Late 2012: Phi Sigma Sigma discovers the post about rituals
2013: Nothing happened
2014: Nothing happened
2015: Phi Sigma Sigma attempts to file lawsuit
So now, we have somebody who made a post to an online forum almost four years ago, under an account that has exactly one post, and has not been active since November 2011, faced with a potential lawsuit. That's assuming that there is enough data to actually identify who the member is. And assuming that the user who posted is actually a former member and not somebody else who learned about the 'sacred secrets' some other way.
Considering it is a breach of contract suit, I'd be interested to see what the actual contract looks like.
We're not talking about logical extremes, we're talking about the set of reasonable values for typical broadband connections. Of course a one minute latency is going to suck (though it might still be tolerable if you had no other options and just wanted to watch a movie), but broadband connections are going to generally have a latency of at most 100ms.
Latency is generally not important at all for Netflix. For Skype or video chatting, maybe, but with Netflix, you can have 5 second ping and still have a good video watching experience.
Ummm... I suspect that Wordpress administration does not work or at least does not work well with Javascript disabled.
Not defending jQuery, but I think the VanillaJS page over simplifies things and it's examples are not quite equal, and seem to tout themselves as far better, when in fact, there is a lot of complexity that something like jQuery hides.
Examples:
1. AJAX - sure, you can memorize the special incantation of r.onreadystatechange and remember that you have to check if readyState is 4 (4? wtf?) and status isn't 200. Except in the little excerpt there there is no error handling, and you basically end up with an unresponsive page with anything except the happy path.
2. Fadeout - sure, you can do the same thing in approximately the same number of characters, but the vanilla example is far more difficult to read and interpret.
3. Selector speed - sure, it might be a lot faster to do getElementById or getElementByTagName, but again, you sacrifice a lot of readability and without good tools it is really cumbersome to write.
If performance is an issue, perhaps a different, Javascript compiler is the solution. But to suggest that everybody should hand code everything in native JS instead of using the more convenient syntax that a library provides is ridiculous.
I'm trying to understand the use of the word 'moments'. It seems the article, which is clearly biased in favour of the security researcher, is trying to downplay the actual event. It is hard to really grasp exactly what happened here because the amount of time that the posting was live is not specifically mentioned. Generally, I would assume moments is about 10-15 seconds or less. However the following happened in those 'moments':
1. The issue was published
2. Somebody realized it was published in error (there is no indication of who)
3. Groupon somehow found out about this being posted
4. The article was removed
So you can give the benefit of the doubt and assume it was an accident. But as a security research you have to realize that making this sort of mistake can have serious repercussions. If Groupon somehow discovered it had been published, it isn't that unreasonable to assume that others had as well.
Well the policy does say that they will not pay out for "Bugs that have been disclosed publicly or to third parties (brokers) by you or others"
This. Toyota doesn't want to be responsible if some third party garage or vehicle owner hacks the braking software and causes a car not to stop at a stop light resulting in a multi-car pile up.
Change the brakes, struts, suspension, transmission etc etc - fine. Hack the software to make it perform some trick? No thanks.
Take the simple example of vehicles with in-dash displays. By law if you have a DVD player manufacturers are not allowed to have the video show unless the car is in park (or maybe the engine is off?). There are guides around to modify this behaviour so that you can watch the DVD while the car is driving.
Sounds harmless enough. Suppose this has an effect on the number of fatal injuries in that particular brand of car (hypothetically speaking).
Now all of a sudden, brand X has been damaged because the stats only show that drivers of brand X vehicle are more likely to die in a car accident. There is no way to pick apart those statistics to understand that it was due to a vehicle modification.
Once you get into more critical components the effect would likely be more pronounced.
http://www.devttys0.com/wp-con...
I don't know if that is the same issue or ont.
>> Seems odd that that wasn't included in TFS
What, did you expect the submitter to do something crazy like read every single sentence of the article? Who has time for that?
You shouldn't really have to care about whether or not the cloud provider is going to go out of business or not. We're talking about backups (i.e. a *second* copy of your data). All that is really important is that it is easy enough to add another provider to the system in the event the first one does happen to go bad.
Thus the only thing you really have to protect against is the cloud provider going out of business without warning and your local copy of the data getting destroyed before you have a chance to make a new replica.
A while back our children discovered videos that are so called unboxing videos. It is unclear to me what the exact revenue source is, but there are videos that are nothing but a set of hands opening surprise eggs for an hour (not an exaggeration - we're talking about a literal hour long video of hands opening up a big pile of surprise eggs, and there are many like it). Now, is this disturbing? Yes, absolutely. What is even more disturbing is that the advertisement has become the content.
That being said, I think the fact that many of these videos have 1 million plus views indicates that parents are ok with their children watching this.
I think the moral of the story is that if you don't want your children watching ads, then don't let them watch youtube, or at least careful curate for them.
I do not blame Youtube or Google for this though.
What are the stats/predictions these days as to how long a flash drive will last? If you had a quality flash drive you could stick it in the time capsule along with netbook or some other small sized player. It doesn't seem that unreasonable for our grid to still be on 120V in 100 years.
Well, to be fair, Google Cardboard came out in 2014 and the patent was filed in 2008.
It is probably the cost thing.
In the US it generally doesn't cost either party any money once you pay the flat monthly rate for the telephone line, which can be had for pretty cheap.
So it's a tradeoff, really - it is nice to be able to make calls across the country without thinking about the cost. On the other hand, it lowers the bar for telemarketers.
http://www.r-project.org/ also states that "R is a language and environment for statistical computing and graphics. It is a GNU project which is similar to the S language and environment which was developed at Bell Laboratories (formerly AT&T, now Lucent Technologies) by John Chambers and colleagues." So obviously the GNU project itself doesn't do a lot of actual development, though I would expect that they provide some administrative support in some form (perhaps in similar manner that the FSF does for many open source projects).