Might be different for corporates but for individuals I don't see any reason to use anything more than the MS Security Essentials app. It's free, it provides good protection, gets new virus definition updates all the time, it doesn't hog the cpu or nag you. That's all one can hope for from antivirus software. It's a refreshing change from the days of MS DOS 6.0 where MS Antivirus was so broken that it was worse than useless.
For enterprises perhaps there is merit in some antivirus to be centrally controlled since they often do more than just detect viruses.
As a followup in case it wasn't plain and obvious to see, Nintendo posted a $575 million loss for last year. Some of that can be chalked up to market conditions & exchange rate. The majority however can be chalked up to what I said - consumer disinterest in a platform that coasted far too long on gimmicks and didn't provide adequate 3rd party support and degenerated into a cesspit of shovelware. And the 3DS isn't looking like its going to reverse the trend until such time as a new model comes out and some decent games to go with it.
All the user interface functionality & resources that wraps the above and turns it into a browser - navigation bar, bookmarks, download manager, print preview, extensions etc
And some browsers also include pack-in:
An updater
Portable runtime API
Dictionaries for spelling correction
MathML / SVG support
Video and audio codecs
Accessibility
WebGL
Development tools like DOM inspector
Crash reporting & feedback
Incognito / Privacy mode
Malware / trojan site checks
It doesn't seem unreasonable browsers require 30-50MB footprint to supply all this and I'm not sure why anyone be splitting hairs over the difference.
But people aren't buying those sub-$250 tablets. They're buying $500 iPads.
Well clearly they are or they wouldn't be on sale in dozens of form factors and price points from generic no-name chinese models, to Amazon Kindle / B&N Nook tablets and pushing upwards through $250 to Asus, Acer, Lenovo, Samsung tablets. One of the advantages of Android is that it doesn't dictate the price, features, form factor, quality, storage or anything else that a tablet running it has. That means tablets to suit all tastes and pockets and it is reflected in sales with some people buying a cheap tablet and others buying a more expensive tablet, either an iPad or one of the more prominent Android based models.
Indeed tablet sales for the last 3 months of 2011 were 57% iPad and 43% other, mostly Android. 57% is still a formidable amount but it's dropping substantially in much the same way as happened with phones. I expect the market share will continue to drop for Apple regardless of what comes out this year.
An SSL cert which is described as a "free low-assurance SSL certificate". In other words you're having to sign up and provide details to some CA for a cert which is essentially worthless so your visitors can enjoy encryption without some big scary warnings appearing. And the cert expires every year so better hope they continue to renew the cert.
The cert is essentially untrustworthy so so why not permit self signed certs? Better yet why not let people build signed webs of trust for themselves? I'm also sure that SDPY could offer a couple of security levels, e.g. level 1 might permit unsigned certs without complaining but a more secure level 2 might do some validation on them. The net result is still that a lot of http:/// sites could migrate to level 1 easily and instantly benefit from encryption.
You see, the way I read the spec and the way it's currently implemented, SPDY requires every single connection to be encrypted. It's not optional.
Great, except SSL is already a scam, requiring sites to pay for worthless certs that in many cases bestow absolutely zero trust on the site in question. I hope with SPDY it doesn't hugely matter if the cert is self signed or not as far as the browser is concerned.
"Psychics" claim all sorts of stuff which invariably is vague enough to be massaged to the facts, part of a shopping list of predictions which can be cherry picked, unfalsifiable, or was obtained by cheating. Or a combination of all those things. Strangely enough their amazing abilities desert them when they are tested in conditions which preclude cheating and require an unambiguous result. Even with a million dollars on the table.
Remote viewers included. It is trivial enough to test someone's ability to remote view or "astral project" by getting them to draw a picture of something or some object which they cannot see but which is unambiguously identifiable. Funnily enough this doesn't happen either.
All that has been demonstrated here is if that if you get together 6 credulous idiots in a room they will riff off each others delusions and concoct a story which is not disprovable. What is not so obvious is why this story got approved for Slashdot.
You'd have to use the decoy OS a lot. I'd say the decoy OS should be your defacto login so it gets a lot of activity. The hidden OS would be the one you use rarely since the less you use it, the less evidence you inadvertently leave around.
Truecrypt puts both operating systems inside separate partitions and for the hidden partition puts the OS inside a hidden volume. So in decoy mode the second partition can be set up with some decoy files and and OS resides in the the free space. If you write files to the second partition while in decoy mode you risk trashing the OS, but Truecrypt allows you to mount the partition in a special "outer" mode where you supply the decoy and hidden volume passwords which lets you read & write files and avoid damaging the hidden volume.
It's still quite possible as I mentioned that someone will find incriminating evidence in your isp logs etc that point to there being a hidden volume but I suppose the idea is the less you give them while still appearing to comply, the more plausible your denial is. If you were up to no good that could mean the difference between being caught / convicted and being set free.
Except the menu tree isn't visible. It's hidden by the window title and also by the active / inactive state of the window (e.g. if terminal is in the background it must be activated and then the user must mouse up to the top to discover what menus are). It's just bad design. As I said it might be forgiveable in a netbook where space, especially vertical space is at a premium but it should be configurable and defaulted to off at larger resolutions.
Because whoever is really is doing a terrible job. Inflicting global menus on every one, hiding the menu actions, hiding scroll bars are terrible usability decisions. One can see how they might reduce space consumption on a netbook where apps are likely to be maximized but they are absolutely terrible on larger displays.
And now they want to fuck around with menus in an even more radical way. I'd warrant that most people have NO IDEA what most menu items are called, and even if they did then it's still easier to mouse to it spatially through the nice hierarchical arrangement than to click on a hud with a mouse, typing a bit of it and then hoping you got the name right to show the option.
There is nothing wrong with redesigning UIs, but it seems Ubuntu are putting some seriously gratuitous stuff in there, defaulted on and alienating their user base in the process.
First, why not use the obvious countermeasure here. When you create an encrypted volume, you should enter 2 keys, not just one. One will unlock your drive, another will appear to unlock your drive, but in fact deletes the contents of the disk entirely.
Problem is that forensics officers take backups. They'd back up the drive first and boot from the backup so whether it destroys the data or not is irrelevant. And if you gave the officers the "self destruct" password that horked the backup then that is further evidence that you are up to no good.
What you need instead is a hidden volume. The idea is you have a normal OS and a hidden OS where your dirty secrets reside. You are prompted for a password at boot time and the password you enter determines which volume is booted into. Tools like Truecrypt support this already.
The problem is the very fact you are using an encryption tool which supports hidden volumes is likely to raise suspicions that you have a hidden volume even if they cannot prove one exists. At the very least you would have to ensure the decoy volume looks plausible, e.g. you use it frequently for your non incriminating activities, scatter around some sensitive looking but non incriminating documents, all to give the impression that is the one and only volume. The more plausible the decoy is, the more plausible your defence is after you hand over the key.
Even then they might catch you out. by building up a list of inconsistencies of activity shown by the computer's event log and other logs on the HDD vs what they can glean from other logs. e.g. if they might know you were on the internet at such and such a time, or downloaded a particular file, or your phone says it was USB synced at the time yet your OS has no knowledge of these events. Enough inconsistencies combined with evidence of using crypto that supports hidden volumes combined with other evidence they have might still be sufficient to find you guilty.
It's easy enough to produce a basic app store - a web browser pointing at some apks is an "app store". It might not do updates or other stuff but it fulfills the basic requirement of providing a list of apps that people can install. Android has APIs however that an app store could use for package management so the next step up is to use them. Most of the rival app stores are simply thin wrappers around the package management apis that present some list of apps, know which ones you already have installed and then present the appropriate update / install / uninstall options.
Where getjar is making money is probably by allowing all the telcos to produce their own branded store fronts hosted by the getjar infrastructure.
I use this great store that an unsolicited email told me about. It has all the pay apps for free on it and all I need to do is grant the phone root permissions! There are a few glitches with the store to sort out such as the occasional 3 hour calls made to premium lines in Burkina Faso but otherwise it's been working out great.
The ship capsized away from the damaged area. Secure the vessel. Weld a big patch over the damage (and optionally over the rock if it can't be removed), and over any other holes they've made during the rescue operation and then refloat the thing. It can be towed anywhere after that.
You have to try / catch in your finally block. It's very clumsy really but that's how to do it pre-Java 7. C# has a more elegant solution with its using keyword where disposable stuff automatically gets closed when it leaves the using block. Java 7 sort of has something analogous now by allowing a try with resources construct.
Best practice in Java is to immediately close streams when they are no longer used and the best way to do that is from a finally block. And the only way the finally block can see the variable is if it resides in the scope of the parent block or above. So it doesn't violate anything. The first response to this stackoverflow question demonstrates the typical way to do this. You will note that fis is set to null as I said and tested for null in the finally.
No it doesn't need 7 (assuming N = seven) nested blocks. You could put the variable declaration outside the block assigned to null and then test if the value is null inside the finally, if its not null then do what you have to do to release it. If the values were all the same type it would be trivial to write a loop to do this 7 times. Or write some kind helper method that you call 7 times to do the job. But if you really have 7 resources, then maybe it's time to think about decomposing the code into more manageable chunks.
If they're creaming it so much as you think, explain why the Wii platform is a wasteland of shovelware? Go and look at the types and quality of games that Activision, EA and Ubisoft are releasing for the Wii vs the PS3 / 360. The answer is 3rd parties are not "creaming it". If they were they would be releasing premium titles not shovelware, and the reason they are not is because the payoff isn't there. Maybe Nintendo makes money from premium titles but very few other parties so they aim a lot lower. And maybe Nintendo makes money from hardware but when hardware sales took a dump of 30% in 2011 and purportedly 55% in 2012 the money is drying up. Your beloved platform is in its death throes.
If the Wii U doesn't appear soon and sell well then Nintendo can look forward to being an also-ran in the next generation. Of course strictly speaking the Wii U will only allow Nintendo to catch up with the current generation. Perhaps they're hoping 3rd parties will look more favourably on their new console if it's more or less at parity with the 360 and PS3 allowing games to be ported more easily.
That's what the finally keyword is for. If you have to free resources, write a finally block. Granted it can still be a pain in the arse in Java especially with input or output streams where to free a resource you have to close() it, but close() throws its own exceptions so you need to nest try / catch blocks inside the finally block. Java 7 improves the syntax but that isn't much use for older code.
This code tests if i == j and breaks out of the unlabelled inner loop and goes to the labelled "outer" loop. Works a bit like a goto in this case. Otherwise flatten out your nesting, set and test boolean flags to drop out or if necessary decompose your function into several functions.
outer: for (int i = 0; i < 100; i++) { for (int j = 0; j < 100; j++) { if (i == j) { break outer; } // Some other code } }
The blackouts and other campaigns are are raising awareness of SOPA. Slashdot is used by nerds who already know about SOPA, and mostly already oppose it.
Yet other nerd sites like Wired, Reddit, Boing Boing etc. have chosen to taken part. And the fact remains it will be those sites (and Slashdot) which will be hit the hardest. The next time some AC decides to repeat something from the Church of Scientology's texts, or to reveal some device's crypto key, or just link to some random "illegal" site it will be Slashdot that gets taken down. It doesn't even need a full blackout. How hard would it be to change the Slashdot logo or put some banner up, or just changing the site style for day? Something to show solidarity. But not even that is done. It's a lame response.
It might demonstrate the future for Slashdot if the legislation passes. Only just yesterday someone posted the full text to some MLK speech which was supposedly under copyright. I don't know if it was or not, only that it could have been and SOPA could have been used to shut the site down until it was removed. Imagine the hassle for mods, editors of dealing with trolls deliberately cutting and pasting links or text from various copyright sources because now Slashdot has a legal responsibility to clean itself up.
Sites like Slashdot really should be in the front lines because its in their own self interest that this law does not pass in its current form.
For enterprises perhaps there is merit in some antivirus to be centrally controlled since they often do more than just detect viruses.
As a followup in case it wasn't plain and obvious to see, Nintendo posted a $575 million loss for last year. Some of that can be chalked up to market conditions & exchange rate. The majority however can be chalked up to what I said - consumer disinterest in a platform that coasted far too long on gimmicks and didn't provide adequate 3rd party support and degenerated into a cesspit of shovelware. And the 3DS isn't looking like its going to reverse the trend until such time as a new model comes out and some decent games to go with it.
And some browsers also include pack-in:
It doesn't seem unreasonable browsers require 30-50MB footprint to supply all this and I'm not sure why anyone be splitting hairs over the difference.
But people aren't buying those sub-$250 tablets. They're buying $500 iPads.
Well clearly they are or they wouldn't be on sale in dozens of form factors and price points from generic no-name chinese models, to Amazon Kindle / B&N Nook tablets and pushing upwards through $250 to Asus, Acer, Lenovo, Samsung tablets. One of the advantages of Android is that it doesn't dictate the price, features, form factor, quality, storage or anything else that a tablet running it has. That means tablets to suit all tastes and pockets and it is reflected in sales with some people buying a cheap tablet and others buying a more expensive tablet, either an iPad or one of the more prominent Android based models.
Indeed tablet sales for the last 3 months of 2011 were 57% iPad and 43% other, mostly Android. 57% is still a formidable amount but it's dropping substantially in much the same way as happened with phones. I expect the market share will continue to drop for Apple regardless of what comes out this year.
Perhaps not, but then again nobody is suing them either. This is more about moral rules than the law.
Zynga has no morals.
The cert is essentially untrustworthy so so why not permit self signed certs? Better yet why not let people build signed webs of trust for themselves? I'm also sure that SDPY could offer a couple of security levels, e.g. level 1 might permit unsigned certs without complaining but a more secure level 2 might do some validation on them. The net result is still that a lot of http:/// sites could migrate to level 1 easily and instantly benefit from encryption.
You see, the way I read the spec and the way it's currently implemented, SPDY requires every single connection to be encrypted. It's not optional.
Great, except SSL is already a scam, requiring sites to pay for worthless certs that in many cases bestow absolutely zero trust on the site in question. I hope with SPDY it doesn't hugely matter if the cert is self signed or not as far as the browser is concerned.
Remote viewers included. It is trivial enough to test someone's ability to remote view or "astral project" by getting them to draw a picture of something or some object which they cannot see but which is unambiguously identifiable. Funnily enough this doesn't happen either.
All that has been demonstrated here is if that if you get together 6 credulous idiots in a room they will riff off each others delusions and concoct a story which is not disprovable. What is not so obvious is why this story got approved for Slashdot.
You'd have to use the decoy OS a lot. I'd say the decoy OS should be your defacto login so it gets a lot of activity. The hidden OS would be the one you use rarely since the less you use it, the less evidence you inadvertently leave around.
It's still quite possible as I mentioned that someone will find incriminating evidence in your isp logs etc that point to there being a hidden volume but I suppose the idea is the less you give them while still appearing to comply, the more plausible your denial is. If you were up to no good that could mean the difference between being caught / convicted and being set free.
Except the menu tree isn't visible. It's hidden by the window title and also by the active / inactive state of the window (e.g. if terminal is in the background it must be activated and then the user must mouse up to the top to discover what menus are). It's just bad design. As I said it might be forgiveable in a netbook where space, especially vertical space is at a premium but it should be configurable and defaulted to off at larger resolutions.
And now they want to fuck around with menus in an even more radical way. I'd warrant that most people have NO IDEA what most menu items are called, and even if they did then it's still easier to mouse to it spatially through the nice hierarchical arrangement than to click on a hud with a mouse, typing a bit of it and then hoping you got the name right to show the option.
There is nothing wrong with redesigning UIs, but it seems Ubuntu are putting some seriously gratuitous stuff in there, defaulted on and alienating their user base in the process.
First, why not use the obvious countermeasure here. When you create an encrypted volume, you should enter 2 keys, not just one. One will unlock your drive, another will appear to unlock your drive, but in fact deletes the contents of the disk entirely.
Problem is that forensics officers take backups. They'd back up the drive first and boot from the backup so whether it destroys the data or not is irrelevant. And if you gave the officers the "self destruct" password that horked the backup then that is further evidence that you are up to no good.
What you need instead is a hidden volume. The idea is you have a normal OS and a hidden OS where your dirty secrets reside. You are prompted for a password at boot time and the password you enter determines which volume is booted into. Tools like Truecrypt support this already.
The problem is the very fact you are using an encryption tool which supports hidden volumes is likely to raise suspicions that you have a hidden volume even if they cannot prove one exists. At the very least you would have to ensure the decoy volume looks plausible, e.g. you use it frequently for your non incriminating activities, scatter around some sensitive looking but non incriminating documents, all to give the impression that is the one and only volume. The more plausible the decoy is, the more plausible your defence is after you hand over the key.
Even then they might catch you out. by building up a list of inconsistencies of activity shown by the computer's event log and other logs on the HDD vs what they can glean from other logs. e.g. if they might know you were on the internet at such and such a time, or downloaded a particular file, or your phone says it was USB synced at the time yet your OS has no knowledge of these events. Enough inconsistencies combined with evidence of using crypto that supports hidden volumes combined with other evidence they have might still be sufficient to find you guilty.
Where getjar is making money is probably by allowing all the telcos to produce their own branded store fronts hosted by the getjar infrastructure.
I use this great store that an unsolicited email told me about. It has all the pay apps for free on it and all I need to do is grant the phone root permissions! There are a few glitches with the store to sort out such as the occasional 3 hour calls made to premium lines in Burkina Faso but otherwise it's been working out great.
The ship capsized away from the damaged area. Secure the vessel. Weld a big patch over the damage (and optionally over the rock if it can't be removed), and over any other holes they've made during the rescue operation and then refloat the thing. It can be towed anywhere after that.
You have to try / catch in your finally block. It's very clumsy really but that's how to do it pre-Java 7. C# has a more elegant solution with its using keyword where disposable stuff automatically gets closed when it leaves the using block. Java 7 sort of has something analogous now by allowing a try with resources construct.
Best practice in Java is to immediately close streams when they are no longer used and the best way to do that is from a finally block. And the only way the finally block can see the variable is if it resides in the scope of the parent block or above. So it doesn't violate anything. The first response to this stackoverflow question demonstrates the typical way to do this. You will note that fis is set to null as I said and tested for null in the finally.
No it doesn't need 7 (assuming N = seven) nested blocks. You could put the variable declaration outside the block assigned to null and then test if the value is null inside the finally, if its not null then do what you have to do to release it. If the values were all the same type it would be trivial to write a loop to do this 7 times. Or write some kind helper method that you call 7 times to do the job. But if you really have 7 resources, then maybe it's time to think about decomposing the code into more manageable chunks.
If the Wii U doesn't appear soon and sell well then Nintendo can look forward to being an also-ran in the next generation. Of course strictly speaking the Wii U will only allow Nintendo to catch up with the current generation. Perhaps they're hoping 3rd parties will look more favourably on their new console if it's more or less at parity with the 360 and PS3 allowing games to be ported more easily.
That's what the finally keyword is for. If you have to free resources, write a finally block. Granted it can still be a pain in the arse in Java especially with input or output streams where to free a resource you have to close() it, but close() throws its own exceptions so you need to nest try / catch blocks inside the finally block. Java 7 improves the syntax but that isn't much use for older code.
Gah and replace the < entities with the less than sign
The blackouts and other campaigns are are raising awareness of SOPA. Slashdot is used by nerds who already know about SOPA, and mostly already oppose it.
Yet other nerd sites like Wired, Reddit, Boing Boing etc. have chosen to taken part. And the fact remains it will be those sites (and Slashdot) which will be hit the hardest. The next time some AC decides to repeat something from the Church of Scientology's texts, or to reveal some device's crypto key, or just link to some random "illegal" site it will be Slashdot that gets taken down. It doesn't even need a full blackout. How hard would it be to change the Slashdot logo or put some banner up, or just changing the site style for day? Something to show solidarity. But not even that is done. It's a lame response.
What would blacking out slashdot actually do?
It might demonstrate the future for Slashdot if the legislation passes. Only just yesterday someone posted the full text to some MLK speech which was supposedly under copyright. I don't know if it was or not, only that it could have been and SOPA could have been used to shut the site down until it was removed. Imagine the hassle for mods, editors of dealing with trolls deliberately cutting and pasting links or text from various copyright sources because now Slashdot has a legal responsibility to clean itself up.
Sites like Slashdot really should be in the front lines because its in their own self interest that this law does not pass in its current form.