It's not like it's difficult to get an Android TV box. Amazon is overrun with a bunch of Chinese-made Android TV clones, with all of them happily running Kodi. After I cut my cord last year I bought three of them. Three different ones. I wanted to compare and see which one was better (in case anyone wonders, I liked the GooBang Doo one the best -- yes, that's a real name).
So, all that Sony has accomplished here is that millions of people are going to be making a mental note to skip Sony, and go with somebody else. If the Sony ones are carried on Amazon, I expect to see a bunch of one-star reviews popping up, complaining about Sony blacklisting Kodi. Should be interesting to see if Amazon decides to censor the reviews, and with what excuse -- after all, the reviews will be factually correct.
Great job, Sony. You haven't learned a thing from your Betamax days. Like with Betamax, Sony is ignoring what their customers want, because they think they know better. Their customers wanted to record football games and movies that run for 2-3 hours. So, Sony was convinced that Betamax recorders, with one hour tapes, will be good enough.
Similarly, Sony is now convinced that their customer do not, I repeat, do not want to run Kodi on their Android TV boxes, and that they, Sony, should helpfully make sure of that. Good luck with that.
Linked-In was definitely more useful in the past, before MS bought them. Did you know that Linked-In has discussion forums? They do, and I found them to be somewhat useful in the past. The first thing Microsoft did was bury the forums something like three or four clicks away from the home page. The first couple of times it took me several minutes to find their forums section, after Microsoft splashed their redesigned UI all over the site. The forums are now a ghost-town.
I used to be able to tag my contacts with labels. I had tags for my cow-orkers and headhunters. For some inexplicable reason Microsoft got rid of the contact labels.
In general, Linked-In obviously tries to suck down your address book and contacts, and grab whatever they can from you. And, they go about it in, pretty much, the expected fashion. Hey, you want to sign up with us? Great! What's your E-mail address? Oh, it's @gmail.com, great! Please enter your Gmail password here: [_______]. Ummm... no.
But you can skip all that, and then proceed and lock down your privacy controls. After that, Linked-In has very little value, but you can't really beat the price. I don't see much harm from giving my basic contact details and technical skills. My Linked-In page is mostly blank. Only years of experience, and my technical background. I don't even list any past employers. I still get occasional link requests from headhunters, gushing about how well I'm qualified for whatever job they're hunting for. I always accept their link request, and send a polite "not right now" note.
It only takes a few moments to do that, but I believe that this will be useful to me at some point. The way I see it, when it is time for me to search for my next job, I'll just flip a few settings, make a pro-forma change to my profile, and Linked-In should then spam all those headhunters on my behalf. I believe there's some value in this: turning the tables on the headhunters. Their obvious intent is always to grab my Linked-In contacts.
The default privacy settings allows your contacts to see all your other contacts. You can turn it off, so only you see all your contacts, and everyone else only sees your total number of contacts. So, the headhunters don't get anything from me, and the next time I'm job hunting it's an easy way to spam a bunch of headhunters.
Job hunting is a game of numbers. 99% of headhunters are a waste of oxygen. But that means that you simply need to spam a hundred of them, to get a good lead. Ok, sounds good to me. That's the only value Linked-In has, to me: making it easy to spam a lot of headhunters, when you need to do that.
After decades of being a cable and satellite TV subscriber -- most recently Dish -- I finally dumped Dish this summer, when their bill reached almost a hundred bucks a month, and I watched, at most, two or three channels every once in a while.
I would've happily paid $20-$30 a month for channels I occasionally watch. And although I could still afford the franklin every month, I really hate wasting money for nothing.
So now I effectively pay three bucks a month for a VPN, and can find acceptable substitutes from,...err, slightly shady parts of the Internet, any time I want. I even have pretty good luck watching my favorite sports team after a five year break when Dish dropped my regional sports network. I was already paying for my DSL, and although it's not as speedy as cable, it's...not cable. And I'm saving a grand a year.
Cable and satellite providers are in a death spiral. They keep raising rates, because of the shrinking customer base. Which only forces more customers to flee.
And let's not forget the unexpected results from the cutover to digital OTA TV. I believe that the cable companies really screwed the pooch by not realizing the impact of digital TV will have on their business. One thing I did was pick up a cheap HDTV antenna from Wally World, and 30 miles from the city it can pick up all but two local channels (that was mostly an academic purchase, out of curiosity, since there's not really much to watch anyway). Both of my neighbors also have an HD antenna stuck to their windows. Many of my acquaintances in the city also dropped cable, and simply attached an HD antenna, and get their local channels in crystal clear HD OTA, and resort to Kodi+VPN for the rest.
After all first-season episodes came out I binge-watched them all. I saw nothing that I recognized as the "Star Trek" that I knew. The main premise of the show, apparently, is that Discovery is powered by midichlorians. If you think I'm kidding, watch the whole thing yourself. Plus all the obvious pandering to the SJWs. Roddenberry knew how to address social issues of his day without being obvious, patronizing, or preaching; and with skill. Whoever wrote all that first-season crap doesn't know anything.
It wasn't long before my interest switched from the initial curiosity, to watching a flaming dumpster fire. In that respect, the show was actually watchable. But it was watchable mostly for the same reason I always look at gruesome highway wrecks, when going in the opposite direction. I can't wait to see the how awful season 2 will be.
"The Orville" is obviously a better Trek than "Discovery" could possibly be. Whichever clown is the executive producer of Discovery is not a Trekkie, doesn't know anything beyond having a cursory knowledge of awareness about what TOS was, and is only looking to generate revenue. McFarlane is a known Trekkie, and it shows. It shows to the extent that "The Orville" is not a rip-off, or a lame fan-fic; but a tribute, paying homeage to TOS. It manages to accurately capture and remake TOS, in every way including the overall, high level results: a few memorable episodes I would easily believe were penned by Roddenbery himself; a few forgettable turkeys, with the rest being watchable and interesting; but nothing special, and only die-hard nerds will ever care about them, years from now. Just like TOS was.
Discovery doesn't even come close. When the big reveal was unveiled, with pomp and fanfare (the one about Discovery being powered by midichlorians) the show became an instant dumpster fire, worth watching only for its dumpster fire factor.
Many of these non-compete agreements exist in states that have Right to Work laws. In a right to work state, how can non-compete agreements even be remotely legal!?
Because that's not what "Right To Work" means. "Right To Work" does not mean "non-compete clauses are illegal". "Right To Work" means that you cannot be fired for refusing to join a union. "Right To Work" makes it illegal to require someone to join a union as a condition of having a job. That's all it means, and nothing more.
Modern C++ looks nothing like C++ of the years past. C++ is a comparatively old language, it's been around for over 30 (!) years.
And for the longest time C++ was gathering dist, stagnating, and remaining basically unchanged. But an effort begun to update the language, and since 2011 in my estimation C++ is now at least three times as big, and as complex as it was before.
Folks who've been around the block for a while started getting someone shocked coming across C++ code that looked nothing like the C++ they knew. And people who attempt to start learning C++ from scratch were confronted with the entire, 100% complexity, of modern C++ right off the bat.
And that's, IMO, is where the current bad rap for C++ is coming from. It is a hard, complicated, language to learn. But it's been my experience that once I spent th effort to learn the nuts and the bolts of modern C++, I found it to be a very powerful, rich, capable language. I don't think I would've been able to write LibCXXW in 2003 C++. It would've taken me five or six times longer than it did. Modern C++ attempts, in made ways, to bring many of the benefits of other, VM-based languages like Java and Perl, and bolt them on top of a compiled framework.
Some time ago, on stackoverflow, I read a question from someone wondering why their C++ compiler was running out of memory compiling their code. I looked at it. The shown code attempted to implement Sieve Of Eratosthenes in the compiler itself. That is, the code was not trying to implement it itself, but make the C++ compiler do it, via templates, with the actual code resulting in a static array of prime numbers. And the question was why the poor compiler was running out of RAM...
Linux has been more successful in this respect. The open source community and approach to software development is undoubtedly part of the solution. The modular and pluggable architecture of Unix/Linux is also a big architectural improvement in this respect.
So, Microsoft is on the record admitting that Linux's "modular and pluggable" architecture is more sound than Windows' monolithic approach... Not to worry, my friends, the Windows folks won't be behind this 8-ball for long. The systemd folks are working very hard, on closing this gap.
I went back to C++, because even if it isn't a perfect language, at least it's a decent language with a honest, open, friendly community.
C++ is arguably the most complicated, the hardest to learn, general purpose programming language in use today. And, in the last seven years, with the last three major revisions, C++ has become, I would estimate, three or four times harder than it was before. If you were to start from ground zero, it would take you much longer than 2-3 years in order to be fully versed in all the arkane features of it. I would say that to become fully proficient in C++, when starting from absolutely nothing more than general knowledge of computer programming, will take at least 5-7 years, maybe even ten.
Because of that, experienced C++ developers tend to be older, and with many many years of experience under their belt. They've outgrown the phase of their lives where they think themselves to be #1 hot-shit masters of the universe. We're older now. We know better.
This is a picture perfect illustration of how Gnome has jumped the shark. I booted Gnome off my desktop after the Gnome 3 fiasco. I switched to XFCE. What a breath of fresh air.
Of course, I didn't realize at the time that XFCE is based on GTK, so some of Gnome's shit has been slowly seeping up into my clean, workable, usable XFCE desktop. I've got too much invested in it, but, so far the amount of crap is manageable and can be dealt with by a few tweaks. If worse comes to worse, I suppose, there's always KDE.
In my spare time, for self-education and as a hobby project, I've been hacking my own widget toolkit, and as sure as fuck I'm not going to be doing any bullshit like this. Of course, noone's going to lose any sleep over it, since nobody except me cares about it. But, hopefully, that'll change some day...
I am 100% confident -- based on this kind of crap -- that it's only a matter of time, but Gnome is going to go down, until nobody cares about it, either. Slowly, but surely.
There was nothing comparable to that -- no bureaucracy that needed to employ a small army to act as a thought police, enforcing vaguely-defined thoughtcrime. There were just a few, content-neutral rules one had to follow, to post on Usenet. You were free to write anything you wanted, no matter how vulgar or obscene. Complete and unrestricted freedom of speech. You could not be silenced. When some snowflake or a SJW got triggered, too bad, so sad. They could do nothing about it. In its heyday, I had a blast of a time trolling the snowflakes and giving them daily aneurisms. I miss those days.
Of course, Usenet's still around, if one knows where to find it. And, come to think of it, I think I will. The riff-raff, the millenial snowflakes can have Faceboot, Twatter, and the rest of that junk. They should stay off Usenet. They wouldn't be able to handle it.
Speaking as an "old" programmer -- nearing the five-oh -- we aren't going anywhere. At least not the ones who know what they're doing. Some of us might take on more managerial roles, but we (and I can say this because I ain't the only graybeard around here, for sure) are kicking ass in senior roles, leading the bet-the-company-on type projects. Oh, we also browse stack overflow.com and enjoying the non-stop cluebie parade, as free entertainment.
Funny coincidence; last week I replaced the keyboard on my circa-2005 Thinkpad W520. The old keyboard was intact, but some of the keys, after over a decade of use, occasionally didn't register any more.
Got a new keyboard, forty bucks off Amazon. Looked up a Youtube video. Before starting I thought I'd have to take the whole thing apart, but I only needed to remove two screws, and two more screws from the trap door.. Everything stayed in place, the keyboard popped out. Plonked the new one in, put all the screws back in. Five minutes.
It's just as fast as it was more than ten years ago. It's a new laptop. Hope that it lasts me another decade.
I skimmed Google's write-up of their new offering, and was seriously considering looking into this. I bear no delusions of self-grandeur, or that anyone would have any reason to be interested in sorting through all the confirmation e-mails for the coffee I buy off Amazon; but I do have some key data tied up in the Googleverse, and the cost of an extra keyfob would not exactly break the bank. However, then I came to this:
Google services on the web
You will only be able to use the Chrome browser to access signed-in services like Gmail or Photos.
That breaks the deal for me, since I don't use Chrome, and it would not be convenient for me, for a few reasons. I can't really think of any valid technical reason why this results in any actual security, unless Chrome pins Google's CA; but the same thing can be done in any other browser too.
Ditto. And it seems like this is becoming an almost monthly tradition on Slashdot: flashy whine-a-thons about how the whole world has turned into some kind of an incarnation of Logan's run, and how we're all going to lose our jobs and starve to death, overnight, after we hit 40.The most recent one was just a few weeks ago.
I'll repeat what I wrote before: if you'd like to bitch and moan how you have no future in tech once a few gray hairs appear, go right ahead. I won't stop you, but leave me out of it. I'd also toss Wall Street into the mix as well. Like Silicon Valley, Wall Street loves both young skulls of mush, because they can be worked to death simply by dangling some faint promise of options and fringe benefits in front of their nose, or H1-Bs because they're cheap.
But there are plenty of jobs outside Silicon Valley, and outside Wall Street, where experience and knowledge is highly valued and prized. If you don't believe that I won't dissuade you. Feel free to toil away, in the meat grinder looking for a way out everywhere else except the one in front of you, choosing instead to complain about being a victim of this evil world. This will be just less competition for me.
P.S. I was moved to comment after only glancing at the first few sentences in the article -- it was painfully clear what it was all about, and I saw no need to read TFA any further. I didn't even see the Logan's Run reference in the TFA until after I wrote the above. Scout's honor. This just shows how laughably pathetic, and how much this defeatist attitude has permeated the nerd culture.
As a 48 year old, white, straight male I am constantly getting harassed by headhunters, and my current employer seems to be in a constant state of a nervous breakdown, afraid that I could leave for greener pastures at any time.
I understand that in some circles it is quite fashionable to be a victim, in order to seek sympathy and acceptance. I respectfully choose not to participate in the victim industry, or engage in victim mentality. Now, if you excuse me, I have to go back to hacking on this fine, beautiful weekend, in order to keep my skills up to date, and be employable...
I am not familiar with nscd, but I doubt it. Something that's a part of glibc is unlikely to have a dependency on an external library.
Looking at Fedora's packaging, the nscd package does not have a required on libidn. Furthermore, like a DNS server itself, a DNS cache has no reason to interpret DNS records in any way. It's just a cache. It receives DNS queries, forwards it, and caches the response. I can't imaging any need to interpret internationalized domain names in any way. Would an HTTP cache need to understand internationalized domain names? Of course not. HTTP, the protocol, itself, has no concept of internationalization. URLs are just... URLs. Just some opaque blob of characters. Is the same blob of characters already in a cache? Great. If not, make the request yourself, return it, cache the results.
But systemd itself using libidn2 to translate DNS lookups is an even bigger bug. It shows a complete lack of understanding of the fundamental function of a DNS resolver.
The systemd fan club's response is that underscores are not allowed in DNS, and that this is ultimately a libidn2 bug.
Both of these excuses are claptrap.
Underscores are not valid in hostnames. They are valid in DNS labels.
It is not the DNS resolver's job to translate internationalized domain names. It is the application's job to do so. The DNS resolver's job is to resolve the request. Full stop. Ten year old versions of bind will happily process, and pass on, internationalized domain name. This is because internationalized domain names gets transcoded into ASCII-compatible encoding and THAT's what in DNS.
The way that it should work is as follows: an application, such as a web browser, translates an international domain name into ASCII-encoded hostname, and then looks it up in DNS. It would be the application's responsibility to use libidn2, or some other equivalent, to do the translation.
The kernel places an unmappable guard page just below the process's maximum-alloted stack space. Normally a process gets allocated only as much stack space as it needs. When the process's stack usage grows, the kernel maps additional pages to grow the process's stack space, but will not grow it beyond the maximum alloted stack size. If the process enters an infinite recursion loop, it'll hit the end of the alloted stack space, and the unmappable guard page segfaults the process out of its misery.
The problem appears to be if the process's heap is right next to the stack, with only the guard page separating it from the stack, and a single function call creates a stack frame that exceeds the size of the guard page. This effectively places the stack pointer into the heap. The function call thinks it has allocated its usual, large stack frame, but the stack pointer is in the heap.
At this point, usual code execution will typically make further use of the stack, so it ends up crapping all over the heap.
That's not good, of course. But I would expect the process in question to attempt to access its alleged stack frame before much happens. At this point the process will try to access the guard page, and gets segfaulted. That, at least, is my understanding of the vulnerability.
The overall design involving a guard page to limit the size of the process's stack is a traditional OS design, which is why the general approach affects both Linux and BSDs, here.
For this to be remotely exploitable, the attacker has to arrange for a process to execute a function call that creates a large stack frame so that the stack pointer jumps over the guard page. I would expect common, battle-tested free software that powers the intertubes to be well designed and written by experienced greybeards who fully understand how an operating system works, and the fact that the stack is not an endless resource, that it is quite a limited resource actually; with the resulting code minimizing automatically-scoped object usage on the stack, which should eliminate the vulnerability completely.
I find Red Hat's write-up somewhat puzzling. They appeared to have taken the tack of addressing the exploit by increasing the size of the guard area to a megabyte, rather than a single page.
That seems to be somewhat inadequate to me, in the brave-new 64-bit world of ours. It seems to me that the permanent fix would be to map the stack into virtual address space that's a terabyte, or two, away from the heap and everything else. Seems to be a no-brainer solution to me, dunno why they didn't do it.
At the time they expected Hillary Clinton to cruise to a landslide victory over the Cheeto Jesus. People have such short memories, and forget that every poll -- and these highly regarded polls have such high reputation and accuracy that nobody ever doubted them -- were forecasting a huge Clinton victory for months. I don't recall a single poll that did not have Clinton on top in the last 3-4 months.
So, you see, there could not be, ANY DOUBT WHATSOEVER that it was going to be a purely legitimate victory, with no hint, whatsoever, of any shennanigans and illegalities. Recall all the kvetching when, at one of the debates, the moderator demanded Trump to pretty much concede his loss, in a few months' time, and promise to never question its legitimacy (and Trump refused).
You see: Hillary Clinton was the most highly qualified woman who ever walked the Earth, and the most highly qualified presidential candidate, evah! So, she was going to win, and she was going to win fair and square, without a smidgen of foul play involved. Anyone who would dare question the legitimacy of Clinton's impending victory and coronation was just a kook and one of thouse nuts from the Vast Right-Wing Conspiracy.
And this is why you never heard about "Russia! Russia! Russia!" until the day after the election. "Shattered" documents how the Clinton campaign, in a middle of their head-splitting hangover the day after the election, cooked up the Russky Boogeyman in order to explain their loss. The only thing that's different now is that they may not've actually pulled the Russky Boogeyman completely out of their arses, but they might've had some infinitessimally small smidgens that were based in fact.
Not an american but you guys should seriously consider getting rid of the electoral college.
The electoral college is working as designed. If one were to ignore the votes in New York City and Los Angeles -- not even the states of New York and California, but just the two most populous cities across the fruited plain -- Trump wins by half a million votes.
The electoral college is an ingenious solution to the problem of small clusters of populations imposing their will on an entire nation.
Slashdot Mirror
It's not like it's difficult to get an Android TV box. Amazon is overrun with a bunch of Chinese-made Android TV clones, with all of them happily running Kodi. After I cut my cord last year I bought three of them. Three different ones. I wanted to compare and see which one was better (in case anyone wonders, I liked the GooBang Doo one the best -- yes, that's a real name).
So, all that Sony has accomplished here is that millions of people are going to be making a mental note to skip Sony, and go with somebody else. If the Sony ones are carried on Amazon, I expect to see a bunch of one-star reviews popping up, complaining about Sony blacklisting Kodi. Should be interesting to see if Amazon decides to censor the reviews, and with what excuse -- after all, the reviews will be factually correct.
Great job, Sony. You haven't learned a thing from your Betamax days. Like with Betamax, Sony is ignoring what their customers want, because they think they know better. Their customers wanted to record football games and movies that run for 2-3 hours. So, Sony was convinced that Betamax recorders, with one hour tapes, will be good enough.
Similarly, Sony is now convinced that their customer do not, I repeat, do not want to run Kodi on their Android TV boxes, and that they, Sony, should helpfully make sure of that. Good luck with that.
Linked-In was definitely more useful in the past, before MS bought them. Did you know that Linked-In has discussion forums? They do, and I found them to be somewhat useful in the past. The first thing Microsoft did was bury the forums something like three or four clicks away from the home page. The first couple of times it took me several minutes to find their forums section, after Microsoft splashed their redesigned UI all over the site. The forums are now a ghost-town.
I used to be able to tag my contacts with labels. I had tags for my cow-orkers and headhunters. For some inexplicable reason Microsoft got rid of the contact labels.
In general, Linked-In obviously tries to suck down your address book and contacts, and grab whatever they can from you. And, they go about it in, pretty much, the expected fashion. Hey, you want to sign up with us? Great! What's your E-mail address? Oh, it's @gmail.com, great! Please enter your Gmail password here: [_______]. Ummm... no.
But you can skip all that, and then proceed and lock down your privacy controls. After that, Linked-In has very little value, but you can't really beat the price. I don't see much harm from giving my basic contact details and technical skills. My Linked-In page is mostly blank. Only years of experience, and my technical background. I don't even list any past employers. I still get occasional link requests from headhunters, gushing about how well I'm qualified for whatever job they're hunting for. I always accept their link request, and send a polite "not right now" note.
It only takes a few moments to do that, but I believe that this will be useful to me at some point. The way I see it, when it is time for me to search for my next job, I'll just flip a few settings, make a pro-forma change to my profile, and Linked-In should then spam all those headhunters on my behalf. I believe there's some value in this: turning the tables on the headhunters. Their obvious intent is always to grab my Linked-In contacts.
The default privacy settings allows your contacts to see all your other contacts. You can turn it off, so only you see all your contacts, and everyone else only sees your total number of contacts. So, the headhunters don't get anything from me, and the next time I'm job hunting it's an easy way to spam a bunch of headhunters.
Job hunting is a game of numbers. 99% of headhunters are a waste of oxygen. But that means that you simply need to spam a hundred of them, to get a good lead. Ok, sounds good to me. That's the only value Linked-In has, to me: making it easy to spam a lot of headhunters, when you need to do that.
After decades of being a cable and satellite TV subscriber -- most recently Dish -- I finally dumped Dish this summer, when their bill reached almost a hundred bucks a month, and I watched, at most, two or three channels every once in a while.
I would've happily paid $20-$30 a month for channels I occasionally watch. And although I could still afford the franklin every month, I really hate wasting money for nothing.
So now I effectively pay three bucks a month for a VPN, and can find acceptable substitutes from, ...err, slightly shady parts of the Internet, any time I want. I even have pretty good luck watching my favorite sports team after a five year break when Dish dropped my regional sports network. I was already paying for my DSL, and although it's not as speedy as cable, it's ...not cable. And I'm saving a grand a year.
Cable and satellite providers are in a death spiral. They keep raising rates, because of the shrinking customer base. Which only forces more customers to flee.
And let's not forget the unexpected results from the cutover to digital OTA TV. I believe that the cable companies really screwed the pooch by not realizing the impact of digital TV will have on their business. One thing I did was pick up a cheap HDTV antenna from Wally World, and 30 miles from the city it can pick up all but two local channels (that was mostly an academic purchase, out of curiosity, since there's not really much to watch anyway). Both of my neighbors also have an HD antenna stuck to their windows. Many of my acquaintances in the city also dropped cable, and simply attached an HD antenna, and get their local channels in crystal clear HD OTA, and resort to Kodi+VPN for the rest.
So, the capsule summary here: a single drunk-tweet ended up costing Musk+Tesla a cool $40 million.
It's a good thing I don't use Twitter. I can't afford that kind of cash.
After all first-season episodes came out I binge-watched them all. I saw nothing that I recognized as the "Star Trek" that I knew. The main premise of the show, apparently, is that Discovery is powered by midichlorians. If you think I'm kidding, watch the whole thing yourself. Plus all the obvious pandering to the SJWs. Roddenberry knew how to address social issues of his day without being obvious, patronizing, or preaching; and with skill. Whoever wrote all that first-season crap doesn't know anything.
It wasn't long before my interest switched from the initial curiosity, to watching a flaming dumpster fire. In that respect, the show was actually watchable. But it was watchable mostly for the same reason I always look at gruesome highway wrecks, when going in the opposite direction. I can't wait to see the how awful season 2 will be.
"The Orville" is obviously a better Trek than "Discovery" could possibly be. Whichever clown is the executive producer of Discovery is not a Trekkie, doesn't know anything beyond having a cursory knowledge of awareness about what TOS was, and is only looking to generate revenue. McFarlane is a known Trekkie, and it shows. It shows to the extent that "The Orville" is not a rip-off, or a lame fan-fic; but a tribute, paying homeage to TOS. It manages to accurately capture and remake TOS, in every way including the overall, high level results: a few memorable episodes I would easily believe were penned by Roddenbery himself; a few forgettable turkeys, with the rest being watchable and interesting; but nothing special, and only die-hard nerds will ever care about them, years from now. Just like TOS was.
Discovery doesn't even come close. When the big reveal was unveiled, with pomp and fanfare (the one about Discovery being powered by midichlorians) the show became an instant dumpster fire, worth watching only for its dumpster fire factor.
Many of these non-compete agreements exist in states that have Right to Work laws. In a right to work state, how can non-compete agreements even be remotely legal!?
Because that's not what "Right To Work" means. "Right To Work" does not mean "non-compete clauses are illegal". "Right To Work" means that you cannot be fired for refusing to join a union. "Right To Work" makes it illegal to require someone to join a union as a condition of having a job. That's all it means, and nothing more.
Modern C++ looks nothing like C++ of the years past. C++ is a comparatively old language, it's been around for over 30 (!) years.
And for the longest time C++ was gathering dist, stagnating, and remaining basically unchanged. But an effort begun to update the language, and since 2011 in my estimation C++ is now at least three times as big, and as complex as it was before.
Folks who've been around the block for a while started getting someone shocked coming across C++ code that looked nothing like the C++ they knew. And people who attempt to start learning C++ from scratch were confronted with the entire, 100% complexity, of modern C++ right off the bat.
And that's, IMO, is where the current bad rap for C++ is coming from. It is a hard, complicated, language to learn. But it's been my experience that once I spent th effort to learn the nuts and the bolts of modern C++, I found it to be a very powerful, rich, capable language. I don't think I would've been able to write LibCXXW in 2003 C++. It would've taken me five or six times longer than it did. Modern C++ attempts, in made ways, to bring many of the benefits of other, VM-based languages like Java and Perl, and bolt them on top of a compiled framework.
Some time ago, on stackoverflow, I read a question from someone wondering why their C++ compiler was running out of memory compiling their code. I looked at it. The shown code attempted to implement Sieve Of Eratosthenes in the compiler itself. That is, the code was not trying to implement it itself, but make the C++ compiler do it, via templates, with the actual code resulting in a static array of prime numbers. And the question was why the poor compiler was running out of RAM...
Try that, with Java.
The top achievement in the PacMan android app happens to be titled "Be Like Billy!".
Something tells me this app might be updated soon...
Linux has been more successful in this respect. The open source community and approach to software development is undoubtedly part of the solution. The modular and pluggable architecture of Unix/Linux is also a big architectural improvement in this respect.
So, Microsoft is on the record admitting that Linux's "modular and pluggable" architecture is more sound than Windows' monolithic approach... Not to worry, my friends, the Windows folks won't be behind this 8-ball for long. The systemd folks are working very hard, on closing this gap.
I went back to C++, because even if it isn't a perfect language, at least it's a decent language with a honest, open, friendly community.
C++ is arguably the most complicated, the hardest to learn, general purpose programming language in use today. And, in the last seven years, with the last three major revisions, C++ has become, I would estimate, three or four times harder than it was before. If you were to start from ground zero, it would take you much longer than 2-3 years in order to be fully versed in all the arkane features of it. I would say that to become fully proficient in C++, when starting from absolutely nothing more than general knowledge of computer programming, will take at least 5-7 years, maybe even ten.
Because of that, experienced C++ developers tend to be older, and with many many years of experience under their belt. They've outgrown the phase of their lives where they think themselves to be #1 hot-shit masters of the universe. We're older now. We know better.
This is a picture perfect illustration of how Gnome has jumped the shark. I booted Gnome off my desktop after the Gnome 3 fiasco. I switched to XFCE. What a breath of fresh air.
Of course, I didn't realize at the time that XFCE is based on GTK, so some of Gnome's shit has been slowly seeping up into my clean, workable, usable XFCE desktop. I've got too much invested in it, but, so far the amount of crap is manageable and can be dealt with by a few tweaks. If worse comes to worse, I suppose, there's always KDE.
In my spare time, for self-education and as a hobby project, I've been hacking my own widget toolkit, and as sure as fuck I'm not going to be doing any bullshit like this. Of course, noone's going to lose any sleep over it, since nobody except me cares about it. But, hopefully, that'll change some day...
I am 100% confident -- based on this kind of crap -- that it's only a matter of time, but Gnome is going to go down, until nobody cares about it, either. Slowly, but surely.
There was nothing comparable to that -- no bureaucracy that needed to employ a small army to act as a thought police, enforcing vaguely-defined thoughtcrime. There were just a few, content-neutral rules one had to follow, to post on Usenet. You were free to write anything you wanted, no matter how vulgar or obscene. Complete and unrestricted freedom of speech. You could not be silenced. When some snowflake or a SJW got triggered, too bad, so sad. They could do nothing about it. In its heyday, I had a blast of a time trolling the snowflakes and giving them daily aneurisms. I miss those days.
Of course, Usenet's still around, if one knows where to find it. And, come to think of it, I think I will. The riff-raff, the millenial snowflakes can have Faceboot, Twatter, and the rest of that junk. They should stay off Usenet. They wouldn't be able to handle it.
Speaking as an "old" programmer -- nearing the five-oh -- we aren't going anywhere. At least not the ones who know what they're doing. Some of us might take on more managerial roles, but we (and I can say this because I ain't the only graybeard around here, for sure) are kicking ass in senior roles, leading the bet-the-company-on type projects. Oh, we also browse stack overflow.com and enjoying the non-stop cluebie parade, as free entertainment.
Funny coincidence; last week I replaced the keyboard on my circa-2005 Thinkpad W520. The old keyboard was intact, but some of the keys, after over a decade of use, occasionally didn't register any more.
Got a new keyboard, forty bucks off Amazon. Looked up a Youtube video. Before starting I thought I'd have to take the whole thing apart, but I only needed to remove two screws, and two more screws from the trap door.. Everything stayed in place, the keyboard popped out. Plonked the new one in, put all the screws back in. Five minutes.
It's just as fast as it was more than ten years ago. It's a new laptop. Hope that it lasts me another decade.
I skimmed Google's write-up of their new offering, and was seriously considering looking into this. I bear no delusions of self-grandeur, or that anyone would have any reason to be interested in sorting through all the confirmation e-mails for the coffee I buy off Amazon; but I do have some key data tied up in the Googleverse, and the cost of an extra keyfob would not exactly break the bank. However, then I came to this:
Google services on the web
You will only be able to use the Chrome browser to access signed-in services like Gmail or Photos.
That breaks the deal for me, since I don't use Chrome, and it would not be convenient for me, for a few reasons. I can't really think of any valid technical reason why this results in any actual security, unless Chrome pins Google's CA; but the same thing can be done in any other browser too.
The company has finally figured out how to use a random number generator, from TFA:
Ditto. And it seems like this is becoming an almost monthly tradition on Slashdot: flashy whine-a-thons about how the whole world has turned into some kind of an incarnation of Logan's run, and how we're all going to lose our jobs and starve to death, overnight, after we hit 40.The most recent one was just a few weeks ago.
I'll repeat what I wrote before: if you'd like to bitch and moan how you have no future in tech once a few gray hairs appear, go right ahead. I won't stop you, but leave me out of it. I'd also toss Wall Street into the mix as well. Like Silicon Valley, Wall Street loves both young skulls of mush, because they can be worked to death simply by dangling some faint promise of options and fringe benefits in front of their nose, or H1-Bs because they're cheap.
But there are plenty of jobs outside Silicon Valley, and outside Wall Street, where experience and knowledge is highly valued and prized. If you don't believe that I won't dissuade you. Feel free to toil away, in the meat grinder looking for a way out everywhere else except the one in front of you, choosing instead to complain about being a victim of this evil world. This will be just less competition for me.
P.S. I was moved to comment after only glancing at the first few sentences in the article -- it was painfully clear what it was all about, and I saw no need to read TFA any further. I didn't even see the Logan's Run reference in the TFA until after I wrote the above. Scout's honor. This just shows how laughably pathetic, and how much this defeatist attitude has permeated the nerd culture.
As a 48 year old, white, straight male I am constantly getting harassed by headhunters, and my current employer seems to be in a constant state of a nervous breakdown, afraid that I could leave for greener pastures at any time.
I understand that in some circles it is quite fashionable to be a victim, in order to seek sympathy and acceptance. I respectfully choose not to participate in the victim industry, or engage in victim mentality. Now, if you excuse me, I have to go back to hacking on this fine, beautiful weekend, in order to keep my skills up to date, and be employable...
I am not familiar with nscd, but I doubt it. Something that's a part of glibc is unlikely to have a dependency on an external library.
Looking at Fedora's packaging, the nscd package does not have a required on libidn. Furthermore, like a DNS server itself, a DNS cache has no reason to interpret DNS records in any way. It's just a cache. It receives DNS queries, forwards it, and caches the response. I can't imaging any need to interpret internationalized domain names in any way. Would an HTTP cache need to understand internationalized domain names? Of course not. HTTP, the protocol, itself, has no concept of internationalization. URLs are just ... URLs. Just some opaque blob of characters. Is the same blob of characters already in a cache? Great. If not, make the request yourself, return it, cache the results.
It is certainly a bug in libidn2.
But systemd itself using libidn2 to translate DNS lookups is an even bigger bug. It shows a complete lack of understanding of the fundamental function of a DNS resolver.
The systemd fan club's response is that underscores are not allowed in DNS, and that this is ultimately a libidn2 bug.
Both of these excuses are claptrap.
Underscores are not valid in hostnames. They are valid in DNS labels.
It is not the DNS resolver's job to translate internationalized domain names. It is the application's job to do so. The DNS resolver's job is to resolve the request. Full stop. Ten year old versions of bind will happily process, and pass on, internationalized domain name. This is because internationalized domain names gets transcoded into ASCII-compatible encoding and THAT's what in DNS.
The way that it should work is as follows: an application, such as a web browser, translates an international domain name into ASCII-encoded hostname, and then looks it up in DNS. It would be the application's responsibility to use libidn2, or some other equivalent, to do the translation.
A typical systemd fail.
Sifting through the CVE and the write-up:
The kernel places an unmappable guard page just below the process's maximum-alloted stack space. Normally a process gets allocated only as much stack space as it needs. When the process's stack usage grows, the kernel maps additional pages to grow the process's stack space, but will not grow it beyond the maximum alloted stack size. If the process enters an infinite recursion loop, it'll hit the end of the alloted stack space, and the unmappable guard page segfaults the process out of its misery.
The problem appears to be if the process's heap is right next to the stack, with only the guard page separating it from the stack, and a single function call creates a stack frame that exceeds the size of the guard page. This effectively places the stack pointer into the heap. The function call thinks it has allocated its usual, large stack frame, but the stack pointer is in the heap.
At this point, usual code execution will typically make further use of the stack, so it ends up crapping all over the heap.
That's not good, of course. But I would expect the process in question to attempt to access its alleged stack frame before much happens. At this point the process will try to access the guard page, and gets segfaulted. That, at least, is my understanding of the vulnerability.
The overall design involving a guard page to limit the size of the process's stack is a traditional OS design, which is why the general approach affects both Linux and BSDs, here.
For this to be remotely exploitable, the attacker has to arrange for a process to execute a function call that creates a large stack frame so that the stack pointer jumps over the guard page. I would expect common, battle-tested free software that powers the intertubes to be well designed and written by experienced greybeards who fully understand how an operating system works, and the fact that the stack is not an endless resource, that it is quite a limited resource actually; with the resulting code minimizing automatically-scoped object usage on the stack, which should eliminate the vulnerability completely.
I find Red Hat's write-up somewhat puzzling. They appeared to have taken the tack of addressing the exploit by increasing the size of the guard area to a megabyte, rather than a single page.
That seems to be somewhat inadequate to me, in the brave-new 64-bit world of ours. It seems to me that the permanent fix would be to map the stack into virtual address space that's a terabyte, or two, away from the heap and everything else. Seems to be a no-brainer solution to me, dunno why they didn't do it.
The answer to your question is laughably simple.
At the time they expected Hillary Clinton to cruise to a landslide victory over the Cheeto Jesus. People have such short memories, and forget that every poll -- and these highly regarded polls have such high reputation and accuracy that nobody ever doubted them -- were forecasting a huge Clinton victory for months. I don't recall a single poll that did not have Clinton on top in the last 3-4 months.
So, you see, there could not be, ANY DOUBT WHATSOEVER that it was going to be a purely legitimate victory, with no hint, whatsoever, of any shennanigans and illegalities. Recall all the kvetching when, at one of the debates, the moderator demanded Trump to pretty much concede his loss, in a few months' time, and promise to never question its legitimacy (and Trump refused).
You see: Hillary Clinton was the most highly qualified woman who ever walked the Earth, and the most highly qualified presidential candidate, evah! So, she was going to win, and she was going to win fair and square, without a smidgen of foul play involved. Anyone who would dare question the legitimacy of Clinton's impending victory and coronation was just a kook and one of thouse nuts from the Vast Right-Wing Conspiracy.
And this is why you never heard about "Russia! Russia! Russia!" until the day after the election. "Shattered" documents how the Clinton campaign, in a middle of their head-splitting hangover the day after the election, cooked up the Russky Boogeyman in order to explain their loss. The only thing that's different now is that they may not've actually pulled the Russky Boogeyman completely out of their arses, but they might've had some infinitessimally small smidgens that were based in fact.
Looks to me like there's a lot of geniuses around here... Wait, I'm here too...
The electoral college is working as designed. If one were to ignore the votes in New York City and Los Angeles -- not even the states of New York and California, but just the two most populous cities across the fruited plain -- Trump wins by half a million votes.
The electoral college is an ingenious solution to the problem of small clusters of populations imposing their will on an entire nation.