60 bucks for a good eye exam is totally worth it and reasonable given all the costs associated with running an optometry office. You're actually taking up the time of employees. We're talking the cost of one at-release AAA video game. A lot of teens these days have tatoos they spent ten times as much on.
(BTW WRT TFA, getting curved wraparound prescription lenses is even more expensive. Even so I'm surprised more people don't because why the heck would you want frames or the edge of a lens in the way of your peripheral vision while driving?)
The only source of potential pushback I'm aware on this is parents who don't want their kids waiting for the bus in the dark (that happens with the DST-all-year option) Which they may not realize until after they've lived with it. The standard-time-all-year option ends up with everyone driving hoe from work in the dark more days per year. Let the royal rumble commence.
We of course could effectively have the DST-all-year solution and stay on standard time if all businesses and government offices changed their hours. Good luck with that.
Never attribute to malice that which can be explained by stupidity.
It would surprise me if a junior engineer at some point during the development of each culpable feature set raised his hand and said "you know, this is a slippery slope we are heading down here that could lead to cross-process exploits."... and then was told to sit down, shut up, and get the layout for the ancillary peripheral bus controller validated under PSPICE and let the senior engineers worry about the big stuff... because after all we have to get new product out to the marketplace that makes corporate desktop fleets stop choking on whatever abomination of an application suite firms like PeopleSoft are making them run.
In general, the problem comes from really smart people designing chips to run spaghetti code very fast, instead of just optimizing code, because designing chips payed better, because the people who were paying coders just wanted it to work and were not capable of discerning good product from bad as long as the payroll went out on time and everyone got their cat pics posted.
One trend I can anecdotally justify my suspicions of... is that over time it has become necessary to scroll much further down in Slashdot threads to find the first comment that actually raises a point relevant to TFA.
One of the biggest issues that companies need to navigate pertains to source and peripheral device compatibility. USB Type-C headphone cables can either be active or passive -- or manifest as a dongle adapter. This inconsistency, paired with the fact that Audio Accessory Mode has yet to be universally supported, results in a barrage of compatibility issues.
So, in other words, a complete repeat of every Bluetooth or USB audio adventure ever. No lessons learned.
(2019 and my 10 year old Sony-Ericsson BT headset still doesn't work with Sony Playstations. But at least the Playstation Store keeps getting new updates, and according to the PS4 patch notes, it must by now have the most "improved system stability" ever.)
Post colonialism, immigration is what kept English dominant in the first place. You take people from other countries in, show them what a real civilization looks like, and some of them they take that, and English, back to their homelands. The kids of the ones that stay become inadvertent English teachers to whoever else arrives. Only the knee-jerk primitives among us fail to realize that you have to be culturally evangelical to avoid fading away... if you just shut yourself up in your hill fort people just forget about you and move on without you.
Unfortunately we are rapidly approaching the point at which we won't have a real civilization to show off.
I'd love to get that horse back in the barn, but considering the tech docs for these chipsets are not released to customers, we'd have to round up the pony as well. You can hope the chips behave like some similar design but you never know if there's one register in there wired up differently on a device made custom fr a manufacturer.
Also in this specific case they can hide behind the fact that the chipsets participate in RF and thus amateur firmware could cause illegal interference, so there's a mule out in the field as well (same problem with phone chipsets.)
(Proper way to go about this is have the TPM allow a customer key, not publish your corporate private key. Preferably you can have more than one key, and disable the vendor key if needed. Main problem is making it easy for low-level IT guys to check what the status of the keys are... very low-level IT guys. So preventing the TPM from using keys it was not booted with and providing a service/mechanism that validates the running key.)
It's for new wayfinding and location-based features. And they leveraged it for console use, though you rarely ever need console on these things.
Note the second CVE is not a "0-day". Aruba notified customers quite some time ago with workarounds (and a patch relaease, though only for their most-deployed chain.)
And they knew before then (they said they had to notify earlier than they wanted due to someone leaking.)
Yeah, used to. Now use mutt because pine's license did something wonky and wasn't going to arsed to build my own package. Still don't check my private email enough to know more than a few keys and at this point have forgotten every pine key except whatever muscle memory brings back and I have to then figure out what the heck I just told mutt to do. Fuck email. I only use it at work now, or when required for account verifications on the stupider websites. Nobody is worth talking to who isn't on IRC anyway.
Multicast is all but dead due to the on-demand culture... multicast really only works well if you have a bunch of people all watching the same thing at the same time. Or at the very least caching it at the same time. That doesn't really happen very much in real life.
Yeah I'm struggling to understand the advantage of integrating the storage into the panel. I suppose for some places it means noneed to find a place to put the battery bank. Maybe the total system round-trip efficiency gets a small bump... but... those seem like really minor accomplishments.
Not as silly as the orbiting solar array death ray stuff, or even the seemingly unending quest to revive H2 cars when batteries are just going to eat their lunch, but it strikes me as a dead end pursuit unless they have positively identified some solid niche markets.
I guess *maybe* the integrated manufacturing combined with less wiring for installers *might* come out ahead on the price tag?
I wish the whole "5 senses" thing from thousands of years ago would die already.
Yeah how many 6th senses does that make now?
Were I a film school student, I'd make a short featuring of a civilization of people dragging themselves around using walkers and clinging to handrails, with a "superhero" that had a 6th sense... he calls it "balance"... which allows him to do superhuman feats like walking.
Make it funny enough and maybe it would kill the 6th sense meme.
Moreover, compared to on-chip or at least on-board multiprocessing, the network is really, really slow. Seriously long-ass latency. So cloud scaling has more limits on the number of algorithms for which it is actually useful than even very simple highly parallel architectures.
Well, it has been said: "There are only two hard things in Computer Science: cache invalidation and naming things."
I actually find that the "master/slave" name pair is overused... in most circumstances there are much more precise terms. I've seen it used for dispatcher/worker relationships and for primary/backup relationships (which... you know usually it's the slaves doing the work) and for everything in-between.
I mean, we have tons of real-world systems for command and control each with their own vernacular... if CS people actually read a wider variety of literature maybe they'd have a more expansive vocabulary. I know it's been way too long since I cracked a book that wasn't a system manual.
so they distributed a binary instead that can take commands remotely.
This is a fundamental mistake most people make with cryptography... they do not realize that the negotiation of configuration options is not a safe operation that just points an underlying secure tool to the correct endpoints/protocols. It is part of the security.
Heck even the IPSec standard writers screwed this up a tiny bit (you can downgrade an IPSec session if you have MITM on the first couple packets of ISAKMP exchange and both sides have low-grade protocols in their offers). So nobody should expect a bunch of hotshot "app" developers to get it right.
Nowadays we have these 3rd-party VPN overlays that fire up all sorts of crazy crap to try to auto-configure themselves both for and from a resource-diverse, redundant cloud service... what could possibly go wrong?
Back in the initial years of the web, when only enlightened geeks were putting URLs online, they would take that act as a commitment (upon themselves) to keep that URL working. Which meant, even if some anal retentive urge compelled you to rearrange your website into a different directory structure, you preserved the old URLs as aliases so people could still use bookmarks they had made of them. See RFC1630:
Many protocols and systems for document search and retrieval are
currently in use, and many more protocols or refinements of existing
protocols are to be expected in a field whose expansion is explosive.
These systems are aiming to achieve global search and readership of
documents across differing computing platforms, and despite a
plethora of protocols and data formats.
...or in other words, URI/URL were originally designed to be a dewey decimal system for the web, not just an ephemeral way to make a browser see a page.
That lasted until about the time that the commercial sector set their hordes of wage slaves onto webpage maintenance and started holding committee meetings to redesign their sites twice a year.... which meant the intended purpose of the URI/URL was a very short lived endeavor.
URI/URL effectively died a decade or so ago when savage PHP coders and their armada of "content management systems" violated the usage guidance on them and then took years to rediscover the concept on their own (as "permalinks").
Though I'd say the initial first blow was the constant rearranging of static sites by companies that apparently had nothing better to do than pay people to move files around for no good reason.
Unfortunately for many of this this is not an option: the extra pollen due to AGW is just as bad for those of us with allergies... even after the 2-year course of weekly shots.
(And FWIW it may not be as toxic, but pollen accounts for some PM10 particulate matter, so it would be interesting to see this study enhanced to differentiate between pollen and more directly man-made pollution.)
Slashdot Mirror
It's news because they weren't doing that; they were literally cheating: forging fake documents, fake test scores, fake athletic achievements.
Well, when your accountant manages to find a loophole to avoid paying millions to the public trust, you have to spend it SOMEHOW.
60 bucks for a good eye exam is totally worth it and reasonable given all the costs associated with running an optometry office. You're actually taking up the time of employees. We're talking the cost of one at-release AAA video game. A lot of teens these days have tatoos they spent ten times as much on.
(BTW WRT TFA, getting curved wraparound prescription lenses is even more expensive. Even so I'm surprised more people don't because why the heck would you want frames or the edge of a lens in the way of your peripheral vision while driving?)
The only source of potential pushback I'm aware on this is parents who don't want their kids waiting for the bus in the dark (that happens with the DST-all-year option) Which they may not realize until after they've lived with it. The standard-time-all-year option ends up with everyone driving hoe from work in the dark more days per year. Let the royal rumble commence.
We of course could effectively have the DST-all-year solution and stay on standard time if all businesses and government offices changed their hours. Good luck with that.
Never attribute to malice that which can be explained by stupidity.
It would surprise me if a junior engineer at some point during the development of each ... and then was told to
culpable feature set raised his hand and said "you know, this is a slippery slope we are
heading down here that could lead to cross-process exploits."
sit down, shut up, and get the layout for the ancillary peripheral bus controller validated
under PSPICE and let the senior engineers worry about the big stuff... because after
all we have to get new product out to the marketplace that makes corporate desktop
fleets stop choking on whatever abomination of an application suite firms like PeopleSoft
are making them run.
In general, the problem comes from really smart people designing chips to run spaghetti code
very fast, instead of just optimizing code, because designing chips payed better, because
the people who were paying coders just wanted it to work and were not capable of discerning
good product from bad as long as the payroll went out on time and everyone got their cat pics
posted.
One trend I can anecdotally justify my suspicions of... is that over time it has become necessary to scroll much further down in Slashdot threads to find the first comment that actually raises a point relevant to TFA.
Obligatory wish-i-had-mod-points reply.
Always good to know who should get credit for an idea, and whether there are alternative services. Thanks.
I loved this:
One of the biggest issues that companies need to navigate pertains to source and peripheral device compatibility. USB Type-C headphone cables can either be active or passive -- or manifest as a dongle adapter. This inconsistency, paired with the fact that Audio Accessory Mode has yet to be universally supported, results in a barrage of compatibility issues.
So, in other words, a complete repeat of every Bluetooth or USB audio adventure ever. No lessons learned.
(2019 and my 10 year old Sony-Ericsson BT headset still doesn't work with Sony Playstations. But at least the Playstation Store keeps getting new updates, and according to the PS4 patch notes, it must by now have the most "improved system stability" ever.)
Yeah, that seems like the most reasonable approach. You only get one per click (or kb enter outside a textbox)
Post colonialism, immigration is what kept English dominant in the first place. You take people from other countries in, show them what a real civilization looks like, and some of them they take that, and English, back to their homelands. The kids of the ones that stay become inadvertent English teachers to whoever else arrives. Only the knee-jerk primitives among us fail to realize that you have to be culturally evangelical to avoid fading away... if you just shut yourself up in your hill fort people just forget about you and move on without you.
Unfortunately we are rapidly approaching the point at which we won't have a real civilization to show off.
I'd love to get that horse back in the barn, but considering the tech docs for these chipsets are not released to customers, we'd have to round up the pony as well. You can hope the chips behave like some similar design but you never know if there's one register in there wired up differently on a device made custom fr a manufacturer.
Also in this specific case they can hide behind the fact that the chipsets participate in RF and thus amateur firmware could cause illegal interference, so there's a mule out in the field as well (same problem with phone chipsets.)
(Proper way to go about this is have the TPM allow a customer key, not publish your corporate private key. Preferably you can have more than one key, and disable the vendor key if needed. Main problem is making it easy for low-level IT guys to check what the status of the keys are... very low-level IT guys. So preventing the TPM from using keys it was not booted with and providing a service/mechanism that validates the running key.)
It's for new wayfinding and location-based features. And they leveraged it for console use, though you rarely ever need console on these things.
Note the second CVE is not a "0-day". Aruba notified customers quite some time ago with workarounds (and a patch relaease, though only for their most-deployed chain.)
And they knew before then (they said they had to notify earlier than they wanted due to someone leaking.)
Yeah, used to. Now use mutt because pine's license did something wonky and wasn't going to arsed to build my own package. Still don't check my private email enough to know more than a few keys and at this point have forgotten every pine key except whatever muscle memory brings back and I have to then figure out what the heck I just told mutt to do. Fuck email. I only use it at work now, or when required for account verifications on the stupider websites. Nobody is worth talking to who isn't on IRC anyway.
Multicast is all but dead due to the on-demand culture... multicast really only works well if you have a bunch of people all watching the same thing at the same time. Or at the very least caching it at the same time. That doesn't really happen very much in real life.
Yeah I'm struggling to understand the advantage of integrating the storage into the panel. I suppose for some places it means noneed to find a place to put the battery bank. Maybe the total system round-trip efficiency gets a small bump... but... those seem like really minor accomplishments.
Not as silly as the orbiting solar array death ray stuff, or even the seemingly unending quest to revive H2 cars when batteries are just going to eat their lunch, but it strikes me as a dead end pursuit unless they have positively identified some solid niche markets.
I guess *maybe* the integrated manufacturing combined with less wiring for installers *might* come out ahead on the price tag?
I wish the whole "5 senses" thing from thousands of years ago would die already.
Yeah how many 6th senses does that make now?
Were I a film school student, I'd make a short featuring of a civilization of people dragging themselves around using walkers and clinging to handrails, with a "superhero" that had a 6th sense... he calls it "balance"... which allows him to do superhuman feats like walking.
Make it funny enough and maybe it would kill the 6th sense meme.
Moreover, compared to on-chip or at least on-board multiprocessing, the network is really, really slow. Seriously long-ass latency. So cloud scaling has more limits on the number of algorithms for which it is actually useful than even very simple highly parallel architectures.
Well, it has been said: "There are only two hard things in Computer Science: cache invalidation and naming things."
I actually find that the "master/slave" name pair is overused... in most circumstances there are much more precise terms. I've seen it used for dispatcher/worker relationships and for primary/backup relationships (which... you know usually it's the slaves doing the work) and for everything in-between.
I mean, we have tons of real-world systems for command and control each with their own vernacular... if CS people actually read a wider variety of literature maybe they'd have a more expansive vocabulary. I know it's been way too long since I cracked a book that wasn't a system manual.
so they distributed a binary instead that can take commands remotely.
This is a fundamental mistake most people make with cryptography... they do not
realize that the negotiation of configuration options is not a safe operation that just
points an underlying secure tool to the correct endpoints/protocols. It is part of the
security.
Heck even the IPSec standard writers screwed this up a tiny bit (you can downgrade
an IPSec session if you have MITM on the first couple packets of ISAKMP exchange
and both sides have low-grade protocols in their offers). So nobody should expect
a bunch of hotshot "app" developers to get it right.
Every. Byte. Of. Every. Part. Of. The. Initial. Negotiation. Must. Be. Carefully. Validated.
Nowadays we have these 3rd-party VPN overlays that fire up all sorts of crazy crap
to try to auto-configure themselves both for and from a resource-diverse, redundant
cloud service... what could possibly go wrong?
Keep your VPNs simple, stupid.
I assume you are referring to the latter comment.
Back in the initial years of the web, when only enlightened geeks were putting URLs online, they would take that act as a commitment (upon themselves) to keep that URL working. Which meant, even if some anal retentive urge compelled you to rearrange your website into a different directory structure, you preserved the old URLs as aliases so people could still use bookmarks they had made of them. See RFC1630:
Many protocols and systems for document search and retrieval are
currently in use, and many more protocols or refinements of existing
protocols are to be expected in a field whose expansion is explosive.
These systems are aiming to achieve global search and readership of
documents across differing computing platforms, and despite a
plethora of protocols and data formats.
...or in other words, URI/URL were originally designed to be a dewey decimal system for the web, not just an ephemeral way to make a browser see a page.
That lasted until about the time that the commercial sector set their hordes of wage slaves onto webpage maintenance and started holding committee meetings to redesign their sites twice a year.... which meant the intended purpose of the URI/URL was a very short lived endeavor.
URI/URL effectively died a decade or so ago when savage PHP coders and their armada of "content
management systems" violated the usage guidance on them and then took years to rediscover the
concept on their own (as "permalinks").
Though I'd say the initial first blow was the constant rearranging of static sites by companies that
apparently had nothing better to do than pay people to move files around for no good reason.
On one side there are people thinking Google is the new Big Brother incarnate and is driven by leftist censorship
On the other side there are pople thinking Trump is lying, always
...and in the middle is the president we are apparently paying to sit in the oval office and google himself.
(Such off-mission activity would be grounds for termination in some workplaces)
Regional effect. Globally, not such a boon, given, you know, expanding deserts and whatnot.
He must think of himself as "woke"
Ah, you kids and your lingos. I should say something snobby like "I was woke before woke was a thing" but...
Not that the pollen is any worse than before.
Judging from how much windshield wiper fluid I have to use in the morning to get all the pollen off, I've observed that too.
Anyway, don't take my word for it, I provided a link to an overview article on the relevant research.
(And no, there's no difference between the AGW pollen and the previous baseline pollen, there's just more of it more frequently, of course...)
I don't live in the city. I have experienced the worsening pollen seasons first hand, and the connection is not non-obvious, if you use your brain.
Unfortunately for many of this this is not an option: the extra pollen due to AGW is just as bad for those of us with allergies... even after the 2-year course of weekly shots.
(And FWIW it may not be as toxic, but pollen accounts for some PM10 particulate matter, so it would be interesting to see this study enhanced to differentiate between pollen and more directly man-made pollution.)