You are demonstrating how retards talk. The word "effective" is pretty useless unless followed by "for" or something to this effect. Nothing is " effective " , period. Some things are effective for certain purposes.
If Google is sending the likes of you to defend the password managers of
all browsers, some not even developed by Google, I suspect Google is exploiting this vulnerability.
Slashdot is the original site to which the user supplied the password. And the user made the mistake of saving it in the browser. No decision on the part of Slashdot is now required. The user, independently of Slashdot , 2 days later, now goes to a COMPLETELY different site. Read:
To start, we'll need you to save some test credentials using the form below. On a later page, we'll demonstrate how a third-party script can retrieve these saved credentials. Note that the third party does not need to be present when the credenitals are saved, and that none are present on this page.
The new , third party, site is a malicious site. The developer of which is an attacker. Whom you are blaming in trying to unsuccessfully defend the vulnerable software. Which is the browser. Specifically the password manager part of the browser.
The
site developer "chose give your password to his site to an tracking company" , which was given to the site developer by the browser. The user did not give the password to the site developer via the browser. User gave the password to another site developer, but also made the mistake of storing it in the browser. So the browser went ahead and gave
the password to this "malicious" site developer.
It is extremely dishonest of you to mention " tracking company ". Any use can be made of the " stolen " password, not just tracking.
There are 2 authorizations here. You and GP are talking about different ones.
1. GP is talking about what the user is authorized by the service provider to see. E.g. in a group account there are multiple human "users", but only the administrator of the account is authorized by the service provider to see / do certain things.
2. You are talking about what the human user authorizes the service provider to do. In the more general case, it could be e.g. change the profile picture or see last 25 emails.
Ok, you have now told that you know the foobarbaz passphrase, but who are you?. It's authorization, because it can be shared. I can authorize someone to act on my behalf. But they don't become me.
Biometrics is like the username. It only tells who you are.
It only tells who somebody is. You can use somebody else's biometrics as easily or more easily than your own, depending on the situation.
A password is something you know, and authorizes the action, whether it is you or someone else.
Authorizing is a process. Password is a noun, a string, and a literal bunch of zeros and ones. Simple dimensional analysis proves that they are not the same. A whole process authorizes the action - which is a meeting of the minds, in some ways.
Authorization, in the meaning you are using , involves at least : 1. Service provider feeling a need to do something with your account (could be requested by you). 2. It correctly communicating to you that it needs to do this particular thing with your account and needs you to authorize it to do so. 3. You correctly understanding that this particular entry of password by you in the service provider's interface* is for authorizing it to perform that particular action on your account. 4. You entering the password. 5. Service provider checking this is your password.
* Service provider's interface could be anything, even an SMS sent by you to a correct destination, or a sound made by your throat that reaches somewhere the service provider can hear it.
competent to properly secure the password database (which is fairly easy),
If they are competent, then they must be unwilling to secure it. In 2018, this worked for my experimental chrome browser , latest from Google at the time : https://it.slashdot.org/story/...
Creative uses of Spectre (and Meltdown or something like it as an additional help) can make it even more "fairly easy" to steal the passwords.
But we do not venerate Darwin as the ulitmate word today
I agree fully. Did anyone tell you otherwise ? I even said "You may be dissatisfied with his explanation and prefer the computer simulation... ".
and a freshman biology student today would learn more today than Darwin every knew.
Replying to "ever knew " : I wouldn't count on that - but we will be unable to ever prove one way or the other. His knowledge of English writing alone puts him in top 0.01 % of biology freshmen of today's English speaking world. His knowledge of animal husbandry , large parts of which are not in freshman biology, puts Darwin in top 0.001% of today's biology freshmen. Admittedly he had no clue about how to spy on your "friends" using Facebook.
This is not even to say that more advanced aspects of biology that he "knew" are not available for today's biology freshman students to know. But "learn more today than Darwin ever* knew" gives an impression of one learning in a day more than another knowing in a lifetime. There is only one Rajnikant.
Even if you meant that a single freshman student that exists today knows more than Darwin ever knew, I guess I gave enough evidence to refute that conclusively.
Darwin did not offer any theory for the... altruism
Altruism is largely not the concept he addressed, but I was explicitly talking about ethics and morality , and https://www.gutenberg.org/file... read in the context of immediately preceding chapters.
But that is not the point. I still don't see any support for your statement
One of the most difficult challenge for the Theory of Evolution is the emergence of altruism. (Eye? easily explained
If eye is "easily explained", altruism in the form of ethics are morality discussed by Darwin is also easily explained. And an individual person may or may not prefer some explanation over another - so that in itself is no proof that eye is easier to explain than altruism, evolutionarily.
Instead of supporting that one, you are on your way to now maintaining that both altruism and eye were not explained by Darwin. Were you intentionally changing the topic ?
only cure their own evils. The US has not made Holocaust denial a punishable offence - it is somebody else's problem. The US has not made glorification of the Sati custom a punishable offence - they have other fish to fry. The US banned slavery, after practising it for centuries - this has been the demon in the US and they are exorcising it.
Indians and Germans don't get to gloat about the "failure" of the US to draft certain criminal offences in their Constitution. And vice versa.
Darwin
explained "ethics and morality" in his introductory book of evolution -
"the origin of species". Chapter 3 if I remember correctly. You may be dissatisfied with his explanation and prefer the computer simulation, but someone else could feel the same for the evolution of the eye.
Fundamentally, ethics and morality - the way they are in most human cultures, are no more or less " difficult " to explain than the eye.
That should be awesome!! Why don't you open a company where employee pay is a significant cost, employ only women, and kick the ass of all your competitors with your new-found advantage ?
He
didn't blindly obey the course he disagreed with , and merely circulated his views with the actual stakeholders to show why he disagreed? Did you even think this through ?
Anyway, I didn't see any evidence so far that the course told him not to
say stuff "like that". It is impossible to tell him before " like that "
is defined, and "like that" can be defined only after the memo was written. If you mean something specific instead of "like that", why don't you day the specific thing instead of " like that " ?
Ah, you must be saying "blah blah blah" and that is silly.
Two can play this game, which is a boring one. Come back only of you have a real proof of lack of workaround about one and a real workaround of another in ALL use cases. Not sure you even comprehend this, though.
So are you saying your original post to which I replied makes sense when this bad choice of words is replaced with a good choice of words ?
To discuss culture within Google, where else would he post except in an internal "mailing list" * ? Hopefully the "mailing list" is appropriately titled so that people looking for workarounds to bugs in Go compiler don't get spammed with it.
* PS : I see different words "mailing list", "forum", "board" in different places - maybe with increasing use of the webmail interface people have forgotten the difference.
Slashdot Mirror
Why spare those with superior IQ ? When machines are smarter than the 10 smartest humans combined , and then some ?
horribly destabilizing and violence-producing effects of massive numbers of idle, frustrated, unemployed
There will be no violence. Because the surveillance state is preceding the automation economy. It is not a coincidence.
Can submarines swim ?
Yes, you have completely misunderstood the vulnerability, and looked like a complete idiot so far to spare my feelings.
BTW I interact with the likes of you only because the world is a better place with someone taking on your lies.
You are demonstrating how retards talk. The word "effective" is pretty useless unless followed by "for" or something to this effect. Nothing is " effective " , period. Some things are effective for certain purposes.
So?
How much does Google pay for your soul ?
If Google is sending the likes of you to defend the password managers of
all browsers, some not even developed by Google, I suspect Google is exploiting this vulnerability.
You have no clue about the issue I cited.
Slashdot is the original site to which the user supplied the password. And the user made the mistake of saving it in the browser. No decision on the part of Slashdot is now required. The user, independently of Slashdot , 2 days later, now goes to a COMPLETELY different site. Read :
To start, we'll need you to save some test credentials using the form below. On a later page, we'll demonstrate how a third-party script can retrieve these saved credentials. Note that the third party does not need to be present when the credenitals are saved, and that none are present on this page.
The new , third party, site is a malicious site. The developer of which is an attacker. Whom you are blaming in trying to unsuccessfully defend the vulnerable software. Which is the browser. Specifically the password manager part of the browser.
The
site developer "chose give your password to his site to an tracking
company" , which was given to the site developer by the browser. The
user did not give the password to the site developer via the browser.
User gave the password to another site developer, but also made the
mistake of storing it in the browser. So the browser went ahead and gave
the password to this "malicious" site developer.
It is extremely dishonest of you to mention " tracking company ". Any
use can be made of the " stolen " password, not just tracking.
Site developer
Yup. Blaming the attacker completely absolves the maker of vulnerable software. What else can I expect from Google employees?
There are 2 authorizations here. You and GP are talking about different ones.
1. GP is talking about what the user is authorized by the service provider to see. E.g. in a group account there are multiple human "users", but only the administrator of the account is authorized by the service provider to see / do certain things.
2. You are talking about what the human user authorizes the service provider to do. In the more general case, it could be e.g. change the profile picture or see last 25 emails.
Ok, you have now told that you know the foobarbaz passphrase, but who are you?. It's authorization, because it can be shared. I can authorize someone to act on my behalf. But they don't become me.
None of it makes sense on the internet.
Biometrics is like the username. It only tells who you are.
It only tells who somebody is. You can use somebody else's biometrics as easily or more easily than your own, depending on the situation.
A password is something you know, and authorizes the action, whether it is you or someone else.
Authorizing is a process. Password is a noun, a string, and a literal bunch of zeros and ones. Simple dimensional analysis proves that they are not the same. A whole process authorizes the action - which is a meeting of the minds, in some ways.
Authorization, in the meaning you are using , involves at least :
1. Service provider feeling a need to do something with your account (could be requested by you).
2. It correctly communicating to you that it needs to do this particular thing with your account and needs you to authorize it to do so.
3. You correctly understanding that this particular entry of password by you in the service provider's interface* is for authorizing it to perform that particular action on your account.
4. You entering the password.
5. Service provider checking this is your password.
* Service provider's interface could be anything, even an SMS sent by you to a correct destination, or a sound made by your throat that reaches somewhere the service provider can hear it.
competent to properly secure the password database (which is fairly easy),
If they are competent, then they must be unwilling to secure it. In 2018, this worked for my experimental chrome browser , latest from Google at the time :
https://it.slashdot.org/story/...
Creative uses of Spectre (and Meltdown or something like it as an additional help) can make it even more "fairly easy" to steal the passwords.
Are there any free domain registrars ? With as little information about the phisher as potentially Let's Encrypt people do ?
Information helps when you want the phisher caught.
Who is giving any credit ? We are here to make fun of the French people for doing it.
s/refute that conclusively/create enough reasonable doubt/
But we do not venerate Darwin as the ulitmate word today
I agree fully. Did anyone tell you otherwise ? I even said "You may be dissatisfied with his explanation and prefer the computer simulation ... ".
and a freshman biology student today would learn more today than Darwin every knew.
Replying to "ever knew " :
I wouldn't count on that - but we will be unable to ever prove one way or the other. His knowledge of English writing alone puts him in top 0.01 % of biology freshmen of today's English speaking world. His knowledge of animal husbandry , large parts of which are not in freshman biology, puts Darwin in top 0.001% of today's biology freshmen. Admittedly he had no clue about how to spy on your "friends" using Facebook.
This is not even to say that more advanced aspects of biology that he "knew" are not available for today's biology freshman students to know. But "learn more today than Darwin ever* knew" gives an impression of one learning in a day more than another knowing in a lifetime. There is only one Rajnikant.
Even if you meant that a single freshman student that exists today knows more than Darwin ever knew, I guess I gave enough evidence to refute that conclusively.
Darwin did not offer any theory for the eye
I am not sure about the definition of "theory" you are using. Though https://www.gutenberg.org/file... .
Darwin did not offer any theory for the ... altruism
Altruism is largely not the concept he addressed, but I was explicitly talking about ethics and morality , and
https://www.gutenberg.org/file... read in the context of immediately preceding chapters.
But that is not the point. I still don't see any support for your statement
One of the most difficult challenge for the Theory of Evolution is the emergence of altruism. (Eye? easily explained
If eye is "easily explained", altruism in the form of ethics are morality discussed by Darwin is also easily explained. And an individual person may or may not prefer some explanation over another - so that in itself is no proof that eye is easier to explain than altruism, evolutionarily.
Instead of supporting that one, you are on your way to now maintaining that both altruism and eye were not explained by Darwin. Were you intentionally changing the topic ?
People
only cure their own evils. The US has not made Holocaust denial a
punishable offence - it is somebody else's problem. The US has not made
glorification of the Sati custom a punishable offence - they have other
fish to fry. The US banned slavery, after practising it for centuries -
this has been the demon in the US and they are exorcising it.
Indians and Germans don't get to gloat about the "failure" of the US to
draft certain criminal offences in their Constitution. And vice versa.
Darwin
explained "ethics and morality" in his introductory book of evolution -
"the origin of species". Chapter 3 if I remember correctly. You may be
dissatisfied with his explanation and prefer the computer simulation,
but someone else could feel the same for the evolution of the eye.
Fundamentally, ethics and morality - the way they are in most human
cultures, are no more or less " difficult " to explain than the eye.
How is that relevant ?
That should be awesome!! Why don't you open a company where employee pay is a significant cost, employ only women, and kick the ass of all your competitors with your new-found advantage ?
He
didn't blindly obey the course he disagreed with , and merely
circulated his views with the actual stakeholders to show why he
disagreed? Did you even think this through ?
Anyway, I didn't see any evidence so far that the course told him not to
say stuff "like that". It is impossible to tell him before " like that "
is defined, and "like that" can be defined only after the memo was
written. If you mean something specific instead of "like that", why
don't you day the specific thing instead of " like that " ?
Ah, you must be saying "blah blah blah" and that is silly.
Two can play this game, which is a boring one. Come back only of you have a real proof of lack of workaround about one and a real workaround of another in ALL use cases. Not sure you even comprehend this, though.
Where is this thing about a question coming from?
A lot of media stories and even /. comments.
Anyway, to discuss culture within Google, where else would he post except in an internal "mailing list" ?
Maybe nobody told him answering employer's question is likely at all to get him fired.
Anyway, to discuss culture within Google, where else would he post except in an internal "mailing list" ?
So are you saying your original post to which I replied makes sense when this bad choice of words is replaced with a good choice of words ?
To discuss culture within Google, where else would he post except in an internal "mailing list" * ? Hopefully the "mailing list" is appropriately titled so that people looking for workarounds to bugs in Go compiler don't get spammed with it.
* PS : I see different words "mailing list", "forum", "board" in different places - maybe with increasing use of the webmail interface people have forgotten the difference.