I preordered a OnePlus during the 1-hour, no 2-hour, no 8-hour sale where their systems collapsed under the load. I wasn't even sure if my preorder had been successful or not because I didn't get an acknowledgement until the day after. The whole thing was a clusterfuck of epic proportions. I was also told ETA 6 weeks but this dropped to 2 and suddenly the package was with me with no dispatch notification. So their IT and general customer interaction are seriously bad.
But the phone itself is excellent. It's easily comparable to a Galaxy Note and I have to remind myself it only cost half the price. I got a 64GB phone for £279. Build quality is excellent, the screen is bright and high DPI, the battery life is very good and it has a very good software experience thanks to Cyanogenmod. My biggest gripe is the charging cable (which looks very spiffy) is too short and the connector is upside down compared to other phones. Firefox also doesn't appear to be able to play hardware accelerated h264 properly for some reason which I assume is a fault in the software since no other app has the problem. Otherwise it's a great device.
That's marvellous if you are along the corridor of chargers. Not so marvellous for the vast number of people who aren't. Or who can't afford a Tesla.
It's not hard to envisage every gas station having chargers some day (or diners / supermarkets / convenience stores who want to attract business while vehicles charge). That day is still some way off.
I guess someone would have to tell us how to detect it, or something else equally helpful to actually PREVENT this threat. Warnings are pointless without a plan.
Just google for "free antivirus and sexy girl screensaver APK". Lots of Chinese warez sites have it. The app asks for a lot of permissions but only to see if there are viruses hiding in your text messages or contacts.
It's one thing to not default search to Google, but it would be another entirely to remove it from the list. As I don't run Mint, I'm assuming you mean the latter by "actively prevent". Even Mint can't use the standard Firefox branding or search plugin (perhaps it has an affiliate id in out), there are other ones which would work.
Let sites create their own keys and sign them (or not) by anyone they feel like. This could include CAs but equally it could include other sites they do business with to build a web of trust. And the browser should use SSL observatory to compare and cache these keys and present a simple checklist of what protection the site has against attack, its level of trust etc.
The existing model is broken by the fact that CAs are not always trustworthy, the certs they issue to most sites are worthless as tokens of trust and the whole mechanism is a tax on security. It needs all browser makers to knock heads and make CAs for security an optional thing. Yes some sites like banks or whatever might want to pay some CA to audit their security procedures for storing a cert. For most sites it's complete overkill.
This Kickstarter stuff isn't very well regulated...
A fool and their money are soon parted. I've yet to see a single kickstarter that would justify me giving a single penny to it. Most of them are glorified preorders - "give us money now and in a year or two we might deliver a product you can have for a small discount off its eventual retail price". No thanks.
Typescript is similar to Actionscript and compiles down to Javascript. You can do stuff like interfaces, classes, inheritance, compile time typechecking etc. My experience of Typescript is the language is okay but developing it is painful because the tools are awful, particularly for someone coming from a place like Java where IDEs will give instant feedback on errors, code completion, formatting etc. Even stuff like ordering of classes can break the JS even when the TS compiles perfectly.
I would agree with the sentiment that people who think JS (or HTML5) is some panacea for Flash are idiots. Flash was hated primarily because it was TOO popular - sites abused the fuck out of it and multi tabbed browsers sagged under the weight of so many running instances. If JS is abused the same way the performance would be just as bad.
JS is often considered the problem, not the solution to web development. This is why coffeescript, typescript et al exit. Plus a raft of JS libraries like jquery, backbone, underscore, phantom, handlebars etc. to hide the differences or provide basic niceties that JS lacks. Plus the likes of dart, emscripten, GWT and so on which bury JS completely and spit out compiled JS. Plus the recognition from browsers that JS performance sucks and the optimization paths they've implemented (e.g. asm.js). That said, we're almost in a place where 95% of the use cases for Flash are probably achievable in JS. Personally I wish browsers would adopt PNaCl or something similar so code can be compiled and run at near native speeds - skip JS as an intermediate format when it doesn't make sense and just let sites ship bitcode.
A lot of money is riding on a game release. They cost millions to produce and market and delaying could cost millions more. A game would have to be seriously broken to be delayed.
So it's unsurprising that Ubisoft pushed it out the way it was. If they announced a delay, they'd lose out on seasonal sales, their preorders would be decimated and it would affect their quarterly figures. So they pushed out something with some serious bugs and performance issues and used an embargo to prevent bad press until after all those preorders were fulfilled. I'm sure they'll get around to fixing the worst of the bugs, but people have been sold a lemon.
As consumers, there is a clear lesson to be learned here - do not preorder. Do not reward companies who use hype and lies to promote a game that may not live up to expectations. If a game is THAT AMAZING, then it'll still be so in a week or two after release when consensus is formed. And if it isn't... well that's €60+ you've saved for a better game.
I don't believe that to be true beyond what you might get from shifting from one food source to another - some temporary effects to your gut. And besides if she affected her health by not eating then it is in her interest to start again even if that means gradual reintroduction and abstinence again when circumstances allowed for it.
It seems like it would be pretty trivial for someone working at a store to disconnect it from the internet at will.
And it would be pretty trivial for the credit card company and police to notice thefts all occurring from this one shop and rain fire down on their asses.
Gah second para was supposed to say - if 'a' is_less_than c AND c is_less_than 'z' then ischar = 1' as an example of where EBCDIC would break horribly and it only gets worse with stuff like rot13, crypto etc.. Slashdot gobbled up the less thans and truncated that sentence.
ASCII digits aren't much harder to use for BCD than EBCDIC. In ASCII the digits would be 0011NNNN and in EBCDIC they're 1111NNNN as binary. Assuming you masked off the top 4 bits it would be the same code to do BCD with either.
Aside from digits, EBCDIC is infamous for it's bizarro alphabet layout which wasn't contiguous so code patterns like "if 'a'
I suspect the EBCDIC only existed because IBM being IBM couldn't countenance interoperability with other systems and therefore tried to ringfence and enforce its own format.
TL;DR: Install Perspectives if you want to use an unknown CA.
It's not a case of installing anything. It requires a whole new secure protocol that browsers support out of the box.
Broken by StartSSL, which provides personal use certificates without charge.
It's still a CA and it's demonstrative of the uselessness of a CA in the first place. The cert makes a scary box go away nothing more. Even if its free (in money) it's still an onerous task in time and effort to obtain a cert. And with my tinfoil hat on, why should I trust an operation in Israel to generate a trustworthy certificate for my site? It's not the first time a CA has been compromised and issued phony certs for MITM attacks.
I have my own problems with PGP's assumption of transitive trust. Just because you can vouch for someone's identity doesn't mean you can vouch for that person's ability to correctly vouch for others' identities.
True but it still has the potential to build more meaningful trust to a site than a CA can. e.g. Red Hat could sign Ubuntu's site and vice versa and they could sign various Linux user groups and so forth. Just like happens with PGP keys. It's more meaningful than some random CA and far harder compromise especially if browsers cache keys and signatories or look them up in SSL observatory.
I've not had any issues with it and my machine starts faster. It works. Most of the objections to it appear to boil down to personality and philosophical issues rather than whether it is technically sound, e.g. the way the devs interact with the kernel devs, or whether it's too close to the way services work in Windows.
Having read the myths page I largely believe it was the right thing to do. Linux is a living operating system and sometimes it has to be dragged kicking and screaming away from things that may have been acceptable in 1990 but not when going against other modern operating systems. Wayland is another ongoing example of that and I'm sure that once it becomes the default choice in some dists that we'll see people being extremely vocal about that too.
Britain is encouraging solar and wind but it's amazing the opposition that some people (nitwits mostly) have to these forms of generation. Parties like UKIP actively oppose renewable energy.
Presumably biomass would become more valuable if power stations created a demand for farmers to raise their prices. It's also not the only way it could be created. Anyway, wind is not the only renewable - there is hydro, solar, geothermal etc. The fluctuations probably become more predictable with scale and you might find a region the size of Europe is able to build interconnectors to meet supply with demand.
How is providing a base level of encryption less private or less secure then sending something in plaintext simply because the other end hasn't paid a fee to a third party?
Exactly. The whole concept of a certifying authority is fundamentally broken. It's just a tax on security. If I'm a bank or merchant then it might be worth paying a CA a lot of money to come and verify I am who I say and how I store and control access to my cert. But the standard signature that most sites obtain is worse than fucking useless. At most it might verify my credit card or my fake id. It's just a tax and the net result plain text is the default.
Sites should be able to use unsigned keys for basic encryption. Sites should also be able to sign each other's keys and build a web of trust. Finally if they absolutely must they can get a CA to sign it. Just like with PGP. There are disadvantages to unsigned certs in that they don't stop man in the middle but browsers cache keys and participate in SSL observatory so that visitors to sites still have some measure of assurance that the key is being manipulated.
Browsers could also present the security of a web of trust in a reasonable way as a checklist or traffic light system. Encrypts traffic (green tick); Protects from casual eavesdropping (green tick); Protects against man in the middle attacks (red cross); Signed by someone you trust (red cross) etc.
The current system is just dumb and I'd hope that somebody, be it Mozilla, Google or whomever would roll out something better that does away with the need for a CA or forgo all encryption.
... then this should do it since it can't use TLS.
I don't see it makes a difference. For anyone doomed to use IE6 for eternity, it won't matter what Google does in its own browser because they're not using it, at least not for whatever crappy internal website still requires IE6.
Smarter people than you have been working on these problems for years already and have made significant progress.
Yes at doing basic navigation. There are far too many intractable problems remaining to think self drive is remotely useful on open roads. They will fail over to the driver or stop dead so often as to be annoying. I should also note your "smarter people" can't even do basic speech recognition on a phone with sufficient accuracy to make it work well. What makes you think a far more complex problem is somehow within their grasp?
The good thing about computers is that they can be programmed to fail gracefully
Which would be great if they only fail gracefully in a critical situation such as a potential collision. If they "fail gracefully" because they're confused by the plastic bag blowing across the street, or the lights being out, or by the large puddle ahead, or the cop telling them to proceed, or leaves / ice / snow obscuring a sensor, or by any car in front of my car which decides to fail gracefully then they'll suck.
It is not sufficient to fail to safe. Cars must make good progress too for the occupant and occupants of all the other cars behind. This is why all the puffery about how many miles Google cars have driven without accidents is only a fraction of the story. Yeah it's great they haven't killed anybody. It's a significant achievement. If such vehicles just stop for no reason at all (and they will) then they will suck and they will suck hard.
But it can still drive on other roads with good accuracy.
The lights are out at a junction. How does "good accuracy" help the car figure out when it's safe to proceed, or the order to proceed when there are buses, cars, trucks coming from all direction with an implied priority based on conditions and time people have waited?
Now a cop turns up to direct the traffic because of a fender bender. How does the car with "good accuracy" know to obey the cop's hand signals?
Now the repair crew turn up to fix the lights and put cones out so people turning have to do so from the adjacent lane. How does "good accuracy" cope with that?
Now a crazy person turns up and begins directing traffic. How does "good accuracy" tell the difference between the cop and the crazy person.
That's just a trivial demonstration of the problems a self drive vehicle would face. It's trivial to think of others - road flooding, narrow roads, diversions, vehicle break downs, animals running out, snow / leaves obstructing sensors etc. Of course in every case the simplest answer would be for the driver to override the car and manually drive it. But that naturally puts a dampener on some of the absurd expectations people have for these vehicles (e.g. that they can drive off and park themselves, self drive taxis, sleeping or drunk drivers etc.). And if the car gets confused too often or "fails to safe" for no reason then it will be infuriating.
It would be far more productive to concentrate on advanced driver assistance - cruise control, distance maintenance, lane tracking / marker detection, collision / hazard avoidance and parking assistance.
Anyone who thinks self drive is coming to a vehicle near them soon is living in cloud cuckoo land.
Self drive cars might work on a closed track where the number of external factors are limited and can be controlled. e.g. an airport loop, or a theme park transfer. It might even work on some stretches of public road e.g. some motorways although it is more likely to be an advanced driver assist mode.
It sure as hell wouldn't work in urban settings, or for atypical conditions. It's trivial to think of scenarios that would boggle the mind of a computer and cause it to stop for no good reason, or get itself stuck, or do entirely the wrong thing. e.g. in following a traffic cop's directions. At the very least such vehicles would have to have a conscious, unimpaired driver at the wheel ready to take over at a moment's notice and chances are that self drive would suck so hard that most people leave it turned off or in some reduced mode such as hazard / collision detection, cruise control etc.
Slashdot Mirror
But the phone itself is excellent. It's easily comparable to a Galaxy Note and I have to remind myself it only cost half the price. I got a 64GB phone for £279. Build quality is excellent, the screen is bright and high DPI, the battery life is very good and it has a very good software experience thanks to Cyanogenmod. My biggest gripe is the charging cable (which looks very spiffy) is too short and the connector is upside down compared to other phones. Firefox also doesn't appear to be able to play hardware accelerated h264 properly for some reason which I assume is a fault in the software since no other app has the problem. Otherwise it's a great device.
It's not hard to envisage every gas station having chargers some day (or diners / supermarkets / convenience stores who want to attract business while vehicles charge). That day is still some way off.
I guess someone would have to tell us how to detect it, or something else equally helpful to actually PREVENT this threat. Warnings are pointless without a plan.
Just google for "free antivirus and sexy girl screensaver APK". Lots of Chinese warez sites have it. The app asks for a lot of permissions but only to see if there are viruses hiding in your text messages or contacts.
It's one thing to not default search to Google, but it would be another entirely to remove it from the list. As I don't run Mint, I'm assuming you mean the latter by "actively prevent". Even Mint can't use the standard Firefox branding or search plugin (perhaps it has an affiliate id in out), there are other ones which would work.
Maybe Foxconn had some spare iPad mini cases left over
The existing model is broken by the fact that CAs are not always trustworthy, the certs they issue to most sites are worthless as tokens of trust and the whole mechanism is a tax on security. It needs all browser makers to knock heads and make CAs for security an optional thing. Yes some sites like banks or whatever might want to pay some CA to audit their security procedures for storing a cert. For most sites it's complete overkill.
This Kickstarter stuff isn't very well regulated...
A fool and their money are soon parted. I've yet to see a single kickstarter that would justify me giving a single penny to it. Most of them are glorified preorders - "give us money now and in a year or two we might deliver a product you can have for a small discount off its eventual retail price". No thanks.
I would agree with the sentiment that people who think JS (or HTML5) is some panacea for Flash are idiots. Flash was hated primarily because it was TOO popular - sites abused the fuck out of it and multi tabbed browsers sagged under the weight of so many running instances. If JS is abused the same way the performance would be just as bad.
JS is often considered the problem, not the solution to web development. This is why coffeescript, typescript et al exit. Plus a raft of JS libraries like jquery, backbone, underscore, phantom, handlebars etc. to hide the differences or provide basic niceties that JS lacks. Plus the likes of dart, emscripten, GWT and so on which bury JS completely and spit out compiled JS. Plus the recognition from browsers that JS performance sucks and the optimization paths they've implemented (e.g. asm.js). That said, we're almost in a place where 95% of the use cases for Flash are probably achievable in JS. Personally I wish browsers would adopt PNaCl or something similar so code can be compiled and run at near native speeds - skip JS as an intermediate format when it doesn't make sense and just let sites ship bitcode.
That left / right split swipe in Android 4 felt wrong and looked pretty stupid especially for someone familiar with the behaviour on a smaller device.
So it's unsurprising that Ubisoft pushed it out the way it was. If they announced a delay, they'd lose out on seasonal sales, their preorders would be decimated and it would affect their quarterly figures. So they pushed out something with some serious bugs and performance issues and used an embargo to prevent bad press until after all those preorders were fulfilled. I'm sure they'll get around to fixing the worst of the bugs, but people have been sold a lemon.
As consumers, there is a clear lesson to be learned here - do not preorder. Do not reward companies who use hype and lies to promote a game that may not live up to expectations. If a game is THAT AMAZING, then it'll still be so in a week or two after release when consensus is formed. And if it isn't... well that's €60+ you've saved for a better game.
I don't believe that to be true beyond what you might get from shifting from one food source to another - some temporary effects to your gut. And besides if she affected her health by not eating then it is in her interest to start again even if that means gradual reintroduction and abstinence again when circumstances allowed for it.
So the meat was cooked and consumed anyway? What's the point of that if she ends up affecting her own health?
It seems like it would be pretty trivial for someone working at a store to disconnect it from the internet at will.
And it would be pretty trivial for the credit card company and police to notice thefts all occurring from this one shop and rain fire down on their asses.
Gah second para was supposed to say - if 'a' is_less_than c AND c is_less_than 'z' then ischar = 1' as an example of where EBCDIC would break horribly and it only gets worse with stuff like rot13, crypto etc.. Slashdot gobbled up the less thans and truncated that sentence.
Aside from digits, EBCDIC is infamous for it's bizarro alphabet layout which wasn't contiguous so code patterns like "if 'a' I suspect the EBCDIC only existed because IBM being IBM couldn't countenance interoperability with other systems and therefore tried to ringfence and enforce its own format.
TL;DR: Install Perspectives if you want to use an unknown CA.
It's not a case of installing anything. It requires a whole new secure protocol that browsers support out of the box.
Broken by StartSSL, which provides personal use certificates without charge.
It's still a CA and it's demonstrative of the uselessness of a CA in the first place. The cert makes a scary box go away nothing more. Even if its free (in money) it's still an onerous task in time and effort to obtain a cert. And with my tinfoil hat on, why should I trust an operation in Israel to generate a trustworthy certificate for my site? It's not the first time a CA has been compromised and issued phony certs for MITM attacks.
I have my own problems with PGP's assumption of transitive trust. Just because you can vouch for someone's identity doesn't mean you can vouch for that person's ability to correctly vouch for others' identities.
True but it still has the potential to build more meaningful trust to a site than a CA can. e.g. Red Hat could sign Ubuntu's site and vice versa and they could sign various Linux user groups and so forth. Just like happens with PGP keys. It's more meaningful than some random CA and far harder compromise especially if browsers cache keys and signatories or look them up in SSL observatory.
People had a holy war in support EBCDIC?
Having read the myths page I largely believe it was the right thing to do. Linux is a living operating system and sometimes it has to be dragged kicking and screaming away from things that may have been acceptable in 1990 but not when going against other modern operating systems. Wayland is another ongoing example of that and I'm sure that once it becomes the default choice in some dists that we'll see people being extremely vocal about that too.
Britain is encouraging solar and wind but it's amazing the opposition that some people (nitwits mostly) have to these forms of generation. Parties like UKIP actively oppose renewable energy.
Presumably biomass would become more valuable if power stations created a demand for farmers to raise their prices. It's also not the only way it could be created. Anyway, wind is not the only renewable - there is hydro, solar, geothermal etc. The fluctuations probably become more predictable with scale and you might find a region the size of Europe is able to build interconnectors to meet supply with demand.
How is providing a base level of encryption less private or less secure then sending something in plaintext simply because the other end hasn't paid a fee to a third party?
Exactly. The whole concept of a certifying authority is fundamentally broken. It's just a tax on security. If I'm a bank or merchant then it might be worth paying a CA a lot of money to come and verify I am who I say and how I store and control access to my cert. But the standard signature that most sites obtain is worse than fucking useless. At most it might verify my credit card or my fake id. It's just a tax and the net result plain text is the default.
Sites should be able to use unsigned keys for basic encryption. Sites should also be able to sign each other's keys and build a web of trust. Finally if they absolutely must they can get a CA to sign it. Just like with PGP. There are disadvantages to unsigned certs in that they don't stop man in the middle but browsers cache keys and participate in SSL observatory so that visitors to sites still have some measure of assurance that the key is being manipulated.
Browsers could also present the security of a web of trust in a reasonable way as a checklist or traffic light system. Encrypts traffic (green tick); Protects from casual eavesdropping (green tick); Protects against man in the middle attacks (red cross); Signed by someone you trust (red cross) etc.
The current system is just dumb and I'd hope that somebody, be it Mozilla, Google or whomever would roll out something better that does away with the need for a CA or forgo all encryption.
... then this should do it since it can't use TLS.
I don't see it makes a difference. For anyone doomed to use IE6 for eternity, it won't matter what Google does in its own browser because they're not using it, at least not for whatever crappy internal website still requires IE6.
Smarter people than you have been working on these problems for years already and have made significant progress.
Yes at doing basic navigation. There are far too many intractable problems remaining to think self drive is remotely useful on open roads. They will fail over to the driver or stop dead so often as to be annoying. I should also note your "smarter people" can't even do basic speech recognition on a phone with sufficient accuracy to make it work well. What makes you think a far more complex problem is somehow within their grasp?
The good thing about computers is that they can be programmed to fail gracefully
Which would be great if they only fail gracefully in a critical situation such as a potential collision. If they "fail gracefully" because they're confused by the plastic bag blowing across the street, or the lights being out, or by the large puddle ahead, or the cop telling them to proceed, or leaves / ice / snow obscuring a sensor, or by any car in front of my car which decides to fail gracefully then they'll suck.
It is not sufficient to fail to safe. Cars must make good progress too for the occupant and occupants of all the other cars behind. This is why all the puffery about how many miles Google cars have driven without accidents is only a fraction of the story. Yeah it's great they haven't killed anybody. It's a significant achievement. If such vehicles just stop for no reason at all (and they will) then they will suck and they will suck hard.
But it can still drive on other roads with good accuracy.
The lights are out at a junction. How does "good accuracy" help the car figure out when it's safe to proceed, or the order to proceed when there are buses, cars, trucks coming from all direction with an implied priority based on conditions and time people have waited?
Now a cop turns up to direct the traffic because of a fender bender. How does the car with "good accuracy" know to obey the cop's hand signals?
Now the repair crew turn up to fix the lights and put cones out so people turning have to do so from the adjacent lane. How does "good accuracy" cope with that?
Now a crazy person turns up and begins directing traffic. How does "good accuracy" tell the difference between the cop and the crazy person.
That's just a trivial demonstration of the problems a self drive vehicle would face. It's trivial to think of others - road flooding, narrow roads, diversions, vehicle break downs, animals running out, snow / leaves obstructing sensors etc. Of course in every case the simplest answer would be for the driver to override the car and manually drive it. But that naturally puts a dampener on some of the absurd expectations people have for these vehicles (e.g. that they can drive off and park themselves, self drive taxis, sleeping or drunk drivers etc.). And if the car gets confused too often or "fails to safe" for no reason then it will be infuriating.
It would be far more productive to concentrate on advanced driver assistance - cruise control, distance maintenance, lane tracking / marker detection, collision / hazard avoidance and parking assistance.
Self drive cars might work on a closed track where the number of external factors are limited and can be controlled. e.g. an airport loop, or a theme park transfer. It might even work on some stretches of public road e.g. some motorways although it is more likely to be an advanced driver assist mode.
It sure as hell wouldn't work in urban settings, or for atypical conditions. It's trivial to think of scenarios that would boggle the mind of a computer and cause it to stop for no good reason, or get itself stuck, or do entirely the wrong thing. e.g. in following a traffic cop's directions. At the very least such vehicles would have to have a conscious, unimpaired driver at the wheel ready to take over at a moment's notice and chances are that self drive would suck so hard that most people leave it turned off or in some reduced mode such as hazard / collision detection, cruise control etc.