I can see the point but then if Mozilla is also going to do automatic updates, it should make plugin developers aware of exactly the update day/time well in advance.
I think there's probably a better solution though...
The difference between first to file and first to invent is that it's much easier to determine who was first to file.
I'm sorry, how?
For example:
company A invents a spoon. company A decides not to file, and as you say, prior art should work in company A's favour here. company B also invents a spoon, and files a patent.
So now we need to check for prior art. while this is happening, company A thinks "oh I should file a patent". company A has now filed AFTER company B.
Its just a mess. really. Whoever decided that the first to invent something should be able to stop anyone else from independently inventing the same or similar thing, is mad. Its a ridiculous idea. Why? well if 2 people happen to come up with the same invention but were on opposite sides of the world and had no contact nor shared any ideas...then the law says only 1 is valid, but why should they not both be valid? such an invention should not be patentable, since it was proven that a person with relevant skills would reasonably come up with it.
Why do I use only the case of "independent invention"? Well, if someone copied it, then its a copyright issue...not a patent issue. Patents are for inventions where someone invents a similar machine to yours WITHOUT copying your machine.
I'm oversimplifiying a lot...but you get the idea. I think the system has headed down the wrong track from day one.
And then there is the (small) logistic problem of building a spaceship that could get there. As in, infinite fuel and traveling without a reasonable timeframe for a human being.
This is not entirely correct.
Yes we (apparently) lack a way of getting there, or anywhere close for that matter.
The problem is that you suggested we need some sort of fuel (inferring a solid/liquid fuel like we use in spacecraft currently). The other problem is that of time.
If you solve the first problem, the second should become trivial. The "fuel" needs to be something that exists not just on earth. It must involve nullifying the effects of gravity.
I'm not sure if physics has reached a point where we can say whether or not this is even a possibility, but it has been suggested that Einstein thought it was possible.
(a) the feature(s) used by the plugin changes (which surely wouldn't be every 2 months) (b) the plugin depends on a specific version number - which is just stupid.
I'm wondering if the problem most people are facing is (b).
Don't knock my coward friend, I think he has a valid point. JavaScript and HTML is getting more and more like Flash for every minute, It wont be long until someone writes a botnet entirely in java script. It's OK laugh all you want, but I will have this post to point to when it happens a couple of years down the line.
See? I told you so!
hey wait, you cant put that last line in there - that bit has to go in the post you link to this from...
you're pretending apple is perfect...but I'm going to ignore that because its just silly. security via obscurity has its merits but its not the be-all-and-end-all.
No one recommends running a firewall on android. I'm a geek - and I certainly dont. What would it do, anyway? Pretty sure my phone doesn't have any open ports that I need to worry about.
The only android malware that has been noteworthy has been apps that masquerade as something else. They are easy to spot, but just in case people might be fooled, the anti-malware apps contain signature-based detection of exactly the BEHAVIOUR that you mentioned.
Its not perfect, but until now, it has been 100% successful.
The only personal info an app can steal is info you give it permission to steal. Contrast with iOS, where every app has access to all your data. Thank goodness there's an approval process.
Listen: I'm not normally a "Security over Freedom" kind of guy; but, just like I'm willing to put up with a well-regulated police force rather than have to sit up all night with a shotgun in my hands, I think that, at 350,000 iOS apps (and counting!) and no real viruses, Trojans, phishing scams, etc., not many people can make a reasonable argument that the iOS/App Store "curated collection" model isn't a good deal for 99% of users, or that the Walls of the Garden seriously affect about that same percentage of users. I can't drive my car 100MPH on city streets; but I'm willing to put up with that, because the stupid fucker driving while TEXTING on his cellphone can't (legally) do it, either.
Hmmm, just like the walled garden isn't as bad as some people make out, I dont think Android is nearly as bad as your analogy indicates.
The App Store does work for its target market. The problem is that its target market is not the entire world. To you, the pros outweigh the cons, but to me, its the other way around. We all value things differently.
Android is not as insecure as you think. You dont need to "sit up all night with a shotgun" - you just need to "employ a guard". ie. use anti-malware software. Yes it sucks that google dont do more, but its not the end of the world. People hear "anti-virus" and are reminded of the crap that exists on windows. Android is different - the anti-malware software doesn't hog resources or slow your phone down. It just scans any app immediately after you install it.
If you dont want to "employ a guard" then just "dont let any suspect people in the door". If the bad apps are not inside, they cant hurt your phone.
People assume that if something made it into the App Store, it must be safe. That has been shown to be not correct on a number of occasions. Apple make mistakes too.
At the end of the day its no big deal either way - just be careful what you put on your phone. simple as that.
That's quicker than I thought it would be - but in any case, 5 days is a whole lot more time than 5 seconds, and is plenty long enough for someone to walk away from your app because you didn't implement a feature quick enough. not a deal-breaker for major software houses with their large testing departments but for indie developers (like me), its critical.
wait, you're comparing apple with custom rom makers now?
I love android but this is not an apples to apples comparison, pun intended.
How much support does Google give you for your phone software updates? How much support does the manufacturer of your phone give?
I'd say Apple supports their hardware AND software a lot better than either of the above.
Its great that Android is open source, but you cant compare the efforts of ROM makers with an actual manufacturer. If Apple released their source code, do you not think the jailbreak community would have something equally as good?
Lets not make this story into something it isn't.
What we do have with Android is greater freedom which brings greater responsibility. "Look before you leap" definitely applies when flashing custom ROMs on your phone AND when installing apps on your phone.
I use Lookout Mobile security on my phone (no I dont work for them) since I'm a bit paranoid, and it doesn't slow down the phone.
It would even be trivial to have some form of automatic malware scanning when you submit an app, such that it will flag the attention of someone at google if there is any suspicion.
I really dont want to see long approval processes like the Apple store. Its great being able to respond to customer feedback immediately. Building up a developer-user relationship is one of the best things about the Android market, and IMO should be taken much further than it currently is.
Users must explicitly download and install it (unless the manufacturer bundles it - which they shouldn't).
Maybe adobe should be the one responsible for their software, so that Apple doesn't feel like they have to be. Its about time they (adobe) cleaned this crap up.
I'm not familiar with the laws there, but I'd hazard a guess that if the feds rock up on your doorstep with a warrant, either they'll get your data or you'll be going to jail.
So maybe there is a difference in that they may get the data without a warrant from google, but if so, that is where the issue is.
But in the end the difference seems fairly trivial.
In reality, if you're so concerned, then the cloud is not for you. The world goes on.
I live in Australia, where despite AUD now surpassing USD, things still cost more here because manufacturers like to add some random amount to the price before they are released here.
I think you can pick up a mac mini under $1000 here but the gist of my comment still applies - it sucks.
That and the approval process (I assume there would be some delay every single time I release an update to an app)...
Consider it a (working) proof-of-concept for now, and once the charging stations start popping up everywhere, expect a lot of development in this area.
Although if they start using technology to track location and speed, expect it to die very quickly.
Wave was misguided. It had really cool tech and it did have potential...
but where they failed was they couldn't even tell people HOW to use or even WHY they'd want to.
I thought of things I could use it for, but when telling others about how it worked, not only could I not explain it well (who could?), no one really saw the point of it.
Sensitive or no, Google has no right to snoop on your data.
Yes, you're right, Google has no right, and Google doesn't snoop on your data...
Google will just hand it over to any Federal agency, pretty much on a whim, because said agency heard a rumor that your farts smell like a terrorists, and they will snoop on your data. Spank you very much Patriot act.
And all this talk of encryption is laughable for the same reason(like THEY don't have the keys to the commercial encryption "castle"?), unless you are willing to go well above and beyond any semi-standard keylength (like 4096+) to at least offer some level of difficulty.
You make a good point, but what makes you think it would be any different if your data was on your own personal hard drive. The federal agency would just rock up on your doorstep and you'll be handing over the data personally, or going to jail if you dont.
Slashdot Mirror
I can see the point but then if Mozilla is also going to do automatic updates, it should make plugin developers aware of exactly the update day/time well in advance.
I think there's probably a better solution though...
The difference between first to file and first to invent is that it's much easier to determine who was first to file.
I'm sorry, how?
For example:
company A invents a spoon. company A decides not to file, and as you say, prior art should work in company A's favour here. company B also invents a spoon, and files a patent.
So now we need to check for prior art. while this is happening, company A thinks "oh I should file a patent". company A has now filed AFTER company B.
Its just a mess. really. Whoever decided that the first to invent something should be able to stop anyone else from independently inventing the same or similar thing, is mad. Its a ridiculous idea. Why? well if 2 people happen to come up with the same invention but were on opposite sides of the world and had no contact nor shared any ideas...then the law says only 1 is valid, but why should they not both be valid? such an invention should not be patentable, since it was proven that a person with relevant skills would reasonably come up with it.
Why do I use only the case of "independent invention"? Well, if someone copied it, then its a copyright issue...not a patent issue. Patents are for inventions where someone invents a similar machine to yours WITHOUT copying your machine.
I'm oversimplifiying a lot...but you get the idea. I think the system has headed down the wrong track from day one.
Let me also add that without any known way of getting there (and no solution in sight), I dont see the point of these studies.
And then there is the (small) logistic problem of building a spaceship that could get there. As in, infinite fuel and traveling without a reasonable timeframe for a human being.
This is not entirely correct.
Yes we (apparently) lack a way of getting there, or anywhere close for that matter.
The problem is that you suggested we need some sort of fuel (inferring a solid/liquid fuel like we use in spacecraft currently). The other problem is that of time.
If you solve the first problem, the second should become trivial. The "fuel" needs to be something that exists not just on earth. It must involve nullifying the effects of gravity.
I'm not sure if physics has reached a point where we can say whether or not this is even a possibility, but it has been suggested that Einstein thought it was possible.
surely this is only if:
(a) the feature(s) used by the plugin changes (which surely wouldn't be every 2 months)
(b) the plugin depends on a specific version number - which is just stupid.
I'm wondering if the problem most people are facing is (b).
Don't knock my coward friend, I think he has a valid point. JavaScript and HTML is getting more and more like Flash for every minute, It wont be long until someone writes a botnet entirely in java script. It's OK laugh all you want, but I will have this post to point to when it happens a couple of years down the line.
See? I told you so!
hey wait, you cant put that last line in there - that bit has to go in the post you link to this from...
Maybe to you, but I think that Slashdot should have a '-1 tired old meme' that would work like 'funny' (i.e. no karma affect).
I agree with the "-1 tired old" but it should be applied to people who make comments like yours.
Its slashdot. If you're tired of it...well...remember to close the door on your way out...
you're pretending apple is perfect...but I'm going to ignore that because its just silly. security via obscurity has its merits but its not the be-all-and-end-all.
No one recommends running a firewall on android. I'm a geek - and I certainly dont. What would it do, anyway? Pretty sure my phone doesn't have any open ports that I need to worry about.
The only android malware that has been noteworthy has been apps that masquerade as something else. They are easy to spot, but just in case people might be fooled, the anti-malware apps contain signature-based detection of exactly the BEHAVIOUR that you mentioned.
Its not perfect, but until now, it has been 100% successful.
The only personal info an app can steal is info you give it permission to steal. Contrast with iOS, where every app has access to all your data. Thank goodness there's an approval process.
http://www.funkyspacemonkey.com/spyphone-ni
I think you'll find that neither solution is perfect. Its a trade-off between security and freedom, you know, much like we face in the OFFLINE world.
no one seems to be concerned with the Windows 8 part of the story.
Are Microsoft so directionless these days that they would consider a move that makes the ENTIRE windows stack basically irrelevant?
If people start coding for HTML5, suddenly windows is out of the picture, because the apps would run just as well on linux or mac.
I thought the whole reason for Windows' existence was windows-specific software. If we remove that, what does windows have going for it?
Sshhhh.... reinventing the wheel is what we in IT get paid for, half the time!
Half?
yes. We actually re-invent the wheel 100% of the time, but we only get paid for half.
Exactly. In Windows, you'd simply be told to reboot frequently enough so the password bug doesn't get triggered :)
Nah, windows already reboots frequently enough. Its now a "feature".
Listen: I'm not normally a "Security over Freedom" kind of guy; but, just like I'm willing to put up with a well-regulated police force rather than have to sit up all night with a shotgun in my hands, I think that, at 350,000 iOS apps (and counting!) and no real viruses, Trojans, phishing scams, etc., not many people can make a reasonable argument that the iOS/App Store "curated collection" model isn't a good deal for 99% of users, or that the Walls of the Garden seriously affect about that same percentage of users. I can't drive my car 100MPH on city streets; but I'm willing to put up with that, because the stupid fucker driving while TEXTING on his cellphone can't (legally) do it, either.
Hmmm, just like the walled garden isn't as bad as some people make out, I dont think Android is nearly as bad as your analogy indicates.
The App Store does work for its target market. The problem is that its target market is not the entire world. To you, the pros outweigh the cons, but to me, its the other way around. We all value things differently.
Android is not as insecure as you think. You dont need to "sit up all night with a shotgun" - you just need to "employ a guard". ie. use anti-malware software. Yes it sucks that google dont do more, but its not the end of the world. People hear "anti-virus" and are reminded of the crap that exists on windows. Android is different - the anti-malware software doesn't hog resources or slow your phone down. It just scans any app immediately after you install it.
If you dont want to "employ a guard" then just "dont let any suspect people in the door". If the bad apps are not inside, they cant hurt your phone.
People assume that if something made it into the App Store, it must be safe. That has been shown to be not correct on a number of occasions. Apple make mistakes too.
At the end of the day its no big deal either way - just be careful what you put on your phone. simple as that.
That's quicker than I thought it would be - but in any case, 5 days is a whole lot more time than 5 seconds, and is plenty long enough for someone to walk away from your app because you didn't implement a feature quick enough. not a deal-breaker for major software houses with their large testing departments but for indie developers (like me), its critical.
Of the ROM-installing community, what percentage is NOT using CM 7.0.3?
anyone with a samsung galaxy s/s2 phone for a start.
More like "Those who don't know how a locking mechanism works shouldn't be the ones installing locks."
wait, you're comparing apple with custom rom makers now?
I love android but this is not an apples to apples comparison, pun intended.
How much support does Google give you for your phone software updates?
How much support does the manufacturer of your phone give?
I'd say Apple supports their hardware AND software a lot better than either of the above.
Its great that Android is open source, but you cant compare the efforts of ROM makers with an actual manufacturer. If Apple released their source code, do you not think the jailbreak community would have something equally as good?
Lets not make this story into something it isn't.
What we do have with Android is greater freedom which brings greater responsibility. "Look before you leap" definitely applies when flashing custom ROMs on your phone AND when installing apps on your phone.
I use Lookout Mobile security on my phone (no I dont work for them) since I'm a bit paranoid, and it doesn't slow down the phone.
but I thought they needed a warrant before Google would hand anything over. If this is not the case then I understand people's concerns.
It would even be trivial to have some form of automatic malware scanning when you submit an app, such that it will flag the attention of someone at google if there is any suspicion.
I really dont want to see long approval processes like the Apple store. Its great being able to respond to customer feedback immediately. Building up a developer-user relationship is one of the best things about the Android market, and IMO should be taken much further than it currently is.
For argument's sake - its not in android either.
Users must explicitly download and install it (unless the manufacturer bundles it - which they shouldn't).
Maybe adobe should be the one responsible for their software, so that Apple doesn't feel like they have to be. Its about time they (adobe) cleaned this crap up.
I'm not familiar with the laws there, but I'd hazard a guess that if the feds rock up on your doorstep with a warrant, either they'll get your data or you'll be going to jail.
So maybe there is a difference in that they may get the data without a warrant from google, but if so, that is where the issue is.
But in the end the difference seems fairly trivial.
In reality, if you're so concerned, then the cloud is not for you. The world goes on.
.and was a solution looking for a problem ...
Nothing wrong with this - that just means it was a marketing failure.
I live in Australia, where despite AUD now surpassing USD, things still cost more here because manufacturers like to add some random amount to the price before they are released here.
I think you can pick up a mac mini under $1000 here but the gist of my comment still applies - it sucks.
That and the approval process (I assume there would be some delay every single time I release an update to an app)...
Consider it a (working) proof-of-concept for now, and once the charging stations start popping up everywhere, expect a lot of development in this area.
Although if they start using technology to track location and speed, expect it to die very quickly.
Wave was misguided. It had really cool tech and it did have potential...
but where they failed was they couldn't even tell people HOW to use or even WHY they'd want to.
I thought of things I could use it for, but when telling others about how it worked, not only could I not explain it well (who could?), no one really saw the point of it.
FAIL is an understatement.
Sensitive or no, Google has no right to snoop on your data.
Yes, you're right, Google has no right, and Google doesn't snoop on your data...
Google will just hand it over to any Federal agency, pretty much on a whim, because said agency heard a rumor that your farts smell like a terrorists, and they will snoop on your data. Spank you very much Patriot act.
And all this talk of encryption is laughable for the same reason(like THEY don't have the keys to the commercial encryption "castle"?), unless you are willing to go well above and beyond any semi-standard keylength (like 4096+) to at least offer some level of difficulty.
You make a good point, but what makes you think it would be any different if your data was on your own personal hard drive. The federal agency would just rock up on your doorstep and you'll be handing over the data personally, or going to jail if you dont.
Is there really a difference?